[....] Starting enhanced syslogd: rsyslogd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[ 96.650838] audit: type=1800 audit(1553590075.696:25): pid=10546 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[ 96.670073] audit: type=1800 audit(1553590075.696:26): pid=10546 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[ 96.689559] audit: type=1800 audit(1553590075.726:27): pid=10546 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.0.82' (ECDSA) to the list of known hosts.
2019/03/26 08:48:11 parsed 1 programs
2019/03/26 08:48:19 executed programs: 0
syzkaller login: [ 120.216070] IPVS: ftp: loaded support on port[0] = 21
[ 120.308547] chnl_net:caif_netlink_parms(): no params data found
[ 120.354758] bridge0: port 1(bridge_slave_0) entered blocking state
[ 120.361272] bridge0: port 1(bridge_slave_0) entered disabled state
[ 120.369406] device bridge_slave_0 entered promiscuous mode
[ 120.377291] bridge0: port 2(bridge_slave_1) entered blocking state
[ 120.383929] bridge0: port 2(bridge_slave_1) entered disabled state
[ 120.391525] device bridge_slave_1 entered promiscuous mode
[ 120.415057] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 120.425336] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 120.448642] team0: Port device team_slave_0 added
[ 120.456043] team0: Port device team_slave_1 added
[ 120.525524] device hsr_slave_0 entered promiscuous mode
[ 120.562811] device hsr_slave_1 entered promiscuous mode
[ 120.625500] bridge0: port 2(bridge_slave_1) entered blocking state
[ 120.632251] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 120.639253] bridge0: port 1(bridge_slave_0) entered blocking state
[ 120.645949] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 120.697509] 8021q: adding VLAN 0 to HW filter on device bond0
[ 120.711246] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 120.721048] bridge0: port 1(bridge_slave_0) entered disabled state
[ 120.729531] bridge0: port 2(bridge_slave_1) entered disabled state
[ 120.737636] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 120.752669] 8021q: adding VLAN 0 to HW filter on device team0
[ 120.774965] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 120.784088] bridge0: port 1(bridge_slave_0) entered blocking state
[ 120.790541] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 120.798231] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 120.806278] bridge0: port 2(bridge_slave_1) entered blocking state
[ 120.812827] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 120.831243] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 120.855050] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 120.863294] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 120.871325] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 120.879544] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 120.891417] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 120.920031] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 120.998708] ==================================================================
[ 121.006140] BUG: KMSAN: uninit-value in gre_parse_header+0x1396/0x1690
[ 121.012837] CPU: 1 PID: 10716 Comm: syz-executor.0 Not tainted 5.0.0+ #17
[ 121.019803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 121.029169] Call Trace:
[ 121.031749]
[ 121.033943] dump_stack+0x173/0x1d0
[ 121.037614] kmsan_report+0x131/0x2a0
[ 121.041436] __msan_warning+0x7a/0xf0
[ 121.045259] gre_parse_header+0x1396/0x1690
[ 121.049710] gre_rcv+0x1db/0x1720
[ 121.053204] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 121.058594] ? raw_local_deliver+0xfc/0x1960
[ 121.063003] ? __msan_metadata_ptr_for_load_2+0x10/0x20
[ 121.068377] ? erspan_xmit+0x38f0/0x38f0
[ 121.072435] gre_rcv+0x2dd/0x3c0
[ 121.075795] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 121.080982] ? gre_parse_header+0x1690/0x1690
[ 121.085475] ip_protocol_deliver_rcu+0x584/0xbb0
[ 121.090246] ip_local_deliver+0x624/0x7b0
[ 121.094421] ? ip_local_deliver+0x7b0/0x7b0
[ 121.098765] ? ip_protocol_deliver_rcu+0xbb0/0xbb0
[ 121.103702] ip_rcv+0x6bd/0x740
[ 121.106996] ? ip_rcv_core+0x11d0/0x11d0
[ 121.111054] process_backlog+0x756/0x10e0
[ 121.115234] ? pfifo_fast_enqueue+0x760/0x760
[ 121.119754] ? ip_local_deliver_finish+0x320/0x320
[ 121.124771] ? rps_trigger_softirq+0x2e0/0x2e0
[ 121.129344] net_rx_action+0x78b/0x1a60
[ 121.133331] ? net_tx_action+0xca0/0xca0
[ 121.137593] __do_softirq+0x53f/0x93a
[ 121.141409] do_softirq_own_stack+0x49/0x80
[ 121.145722]
[ 121.147976] __local_bh_enable_ip+0x16f/0x1a0
[ 121.152531] local_bh_enable+0x36/0x40
[ 121.156430] ip_finish_output2+0x1627/0x1820
[ 121.160870] ip_finish_output+0xd2b/0xfd0
[ 121.165044] ip_mc_output+0x117a/0x1700
[ 121.169027] ? ip_mc_finish_output+0x3b0/0x3b0
[ 121.173615] ? ip_build_and_send_pkt+0xe80/0xe80
[ 121.178377] raw_sendmsg+0x4182/0x4610
[ 121.182321] ? aa_sk_perm+0x605/0x950
[ 121.186134] ? raw_getfrag+0x590/0x590
[ 121.190020] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 121.195216] ? compat_raw_ioctl+0x100/0x100
[ 121.199651] inet_sendmsg+0x54a/0x720
[ 121.203593] ? inet_getname+0x490/0x490
[ 121.207590] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 121.212792] ? inet_getname+0x490/0x490
[ 121.216763] __sys_sendto+0x8c4/0xac0
[ 121.220583] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 121.225772] ? __msan_metadata_ptr_for_store_4+0x13/0x20
[ 121.231231] ? prepare_exit_to_usermode+0x114/0x420
[ 121.236250] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 121.241445] ? syscall_return_slowpath+0x50/0x650
[ 121.246303] __se_sys_sendto+0x107/0x130
[ 121.250390] __x64_sys_sendto+0x6e/0x90
[ 121.254371] do_syscall_64+0xbc/0xf0
[ 121.258105] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 121.263297] RIP: 0033:0x458209
[ 121.266493] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 121.285559] RSP: 002b:00007ffe43280368 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 121.293266] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000458209
[ 121.300543] RDX: 0000000000000370 RSI: 00000000200000c0 RDI: 0000000000000003
[ 121.307801] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000300
[ 121.315059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000f6a914
[ 121.322329] R13: 00000000004c58b8 R14: 00000000004d9838 R15: 00000000ffffffff
[ 121.329625]
[ 121.331237] Uninit was stored to memory at:
[ 121.335552] kmsan_internal_chain_origin+0x134/0x230
[ 121.340651] kmsan_memcpy_memmove_metadata+0xb5b/0xfe0
[ 121.345937] kmsan_memcpy_metadata+0xb/0x10
[ 121.350258] __msan_memcpy+0x58/0x70
[ 121.353977] pskb_expand_head+0x34c/0x18f0
[ 121.358203] ip_tunnel_xmit+0x3290/0x3ca0
[ 121.362346] erspan_xmit+0x27c7/0x38f0
[ 121.366226] dev_hard_start_xmit+0x604/0xc40
[ 121.370628] sch_direct_xmit+0x58a/0x880
[ 121.374676] __qdisc_run+0x1cb7/0x34d0
[ 121.378550] __dev_queue_xmit+0x215c/0x3b80
[ 121.382882] dev_queue_xmit+0x4b/0x60
[ 121.386681] neigh_resolve_output+0xab7/0xb40
[ 121.391183] ip_finish_output2+0x1611/0x1820
[ 121.395622] ip_finish_output+0xd2b/0xfd0
[ 121.399759] ip_mc_output+0x117a/0x1700
[ 121.403724] raw_sendmsg+0x4182/0x4610
[ 121.407603] inet_sendmsg+0x54a/0x720
[ 121.412543] __sys_sendto+0x8c4/0xac0
[ 121.416333] __se_sys_sendto+0x107/0x130
[ 121.420384] __x64_sys_sendto+0x6e/0x90
[ 121.424347] do_syscall_64+0xbc/0xf0
[ 121.428054] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 121.433247]
[ 121.434862] Uninit was created at:
[ 121.438545] kmsan_internal_poison_shadow+0x92/0x150
[ 121.443639] kmsan_kmalloc+0xa6/0x130
[ 121.447527] kmsan_slab_alloc+0xe/0x10
[ 121.451423] __kmalloc_node_track_caller+0xe9e/0xff0
[ 121.456532] __alloc_skb+0x309/0xa20
[ 121.461216] alloc_skb_with_frags+0x186/0xa60
[ 121.466233] sock_alloc_send_pskb+0xafd/0x10a0
[ 121.470874] sock_alloc_send_skb+0xca/0xe0
[ 121.475206] raw_sendmsg+0x25f5/0x4610
[ 121.479124] inet_sendmsg+0x54a/0x720
[ 121.482933] __sys_sendto+0x8c4/0xac0
[ 121.486748] __se_sys_sendto+0x107/0x130
[ 121.490802] __x64_sys_sendto+0x6e/0x90
[ 121.494770] do_syscall_64+0xbc/0xf0
[ 121.499085] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 121.504267] ==================================================================
[ 121.511617] Disabling lock debugging due to kernel taint
[ 121.517068] Kernel panic - not syncing: panic_on_warn set ...
[ 121.522949] CPU: 1 PID: 10716 Comm: syz-executor.0 Tainted: G B 5.0.0+ #17
[ 121.531264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 121.540864] Call Trace:
[ 121.543450]
[ 121.545643] dump_stack+0x173/0x1d0
[ 121.549291] panic+0x3d1/0xb01
[ 121.552534] kmsan_report+0x29a/0x2a0
[ 121.556385] __msan_warning+0x7a/0xf0
[ 121.560184] gre_parse_header+0x1396/0x1690
[ 121.564549] gre_rcv+0x1db/0x1720
[ 121.568102] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 121.574346] ? raw_local_deliver+0xfc/0x1960
[ 121.578780] ? __msan_metadata_ptr_for_load_2+0x10/0x20
[ 121.584180] ? erspan_xmit+0x38f0/0x38f0
[ 121.588251] gre_rcv+0x2dd/0x3c0
[ 121.591643] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 121.596855] ? gre_parse_header+0x1690/0x1690
[ 121.601352] ip_protocol_deliver_rcu+0x584/0xbb0
[ 121.606123] ip_local_deliver+0x624/0x7b0
[ 121.610281] ? ip_local_deliver+0x7b0/0x7b0
[ 121.614614] ? ip_protocol_deliver_rcu+0xbb0/0xbb0
[ 121.619542] ip_rcv+0x6bd/0x740
[ 121.622829] ? ip_rcv_core+0x11d0/0x11d0
[ 121.626893] process_backlog+0x756/0x10e0
[ 121.631155] ? pfifo_fast_enqueue+0x760/0x760
[ 121.635662] ? ip_local_deliver_finish+0x320/0x320
[ 121.640620] ? rps_trigger_softirq+0x2e0/0x2e0
[ 121.645221] net_rx_action+0x78b/0x1a60
[ 121.649245] ? net_tx_action+0xca0/0xca0
[ 121.653340] __do_softirq+0x53f/0x93a
[ 121.657171] do_softirq_own_stack+0x49/0x80
[ 121.661486]
[ 121.663751] __local_bh_enable_ip+0x16f/0x1a0
[ 121.668271] local_bh_enable+0x36/0x40
[ 121.672273] ip_finish_output2+0x1627/0x1820
[ 121.676697] ip_finish_output+0xd2b/0xfd0
[ 121.680875] ip_mc_output+0x117a/0x1700
[ 121.684887] ? ip_mc_finish_output+0x3b0/0x3b0
[ 121.689498] ? ip_build_and_send_pkt+0xe80/0xe80
[ 121.694252] raw_sendmsg+0x4182/0x4610
[ 121.698188] ? aa_sk_perm+0x605/0x950
[ 121.702010] ? raw_getfrag+0x590/0x590
[ 121.705907] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 121.711097] ? compat_raw_ioctl+0x100/0x100
[ 121.715416] inet_sendmsg+0x54a/0x720
[ 121.719218] ? inet_getname+0x490/0x490
[ 121.723189] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 121.728381] ? inet_getname+0x490/0x490
[ 121.732351] __sys_sendto+0x8c4/0xac0
[ 121.736265] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 121.745976] ? __msan_metadata_ptr_for_store_4+0x13/0x20
[ 121.753831] ? prepare_exit_to_usermode+0x114/0x420
[ 121.758851] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 121.764072] ? syscall_return_slowpath+0x50/0x650
[ 121.769291] __se_sys_sendto+0x107/0x130
[ 121.773384] __x64_sys_sendto+0x6e/0x90
[ 121.777373] do_syscall_64+0xbc/0xf0
[ 121.781094] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 121.786296] RIP: 0033:0x458209
[ 121.789516] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 121.808433] RSP: 002b:00007ffe43280368 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 121.816163] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000458209
[ 121.823422] RDX: 0000000000000370 RSI: 00000000200000c0 RDI: 0000000000000003
[ 121.830694] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000300
[ 121.837979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000f6a914
[ 121.845238] R13: 00000000004c58b8 R14: 00000000004d9838 R15: 00000000ffffffff
[ 121.853231] Kernel Offset: disabled
[ 121.856869] Rebooting in 86400 seconds..