[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 102.091875][ T31] audit: type=1800 audit(1562928030.133:25): pid=11890 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 102.116494][ T31] audit: type=1800 audit(1562928030.163:26): pid=11890 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 102.166041][ T31] audit: type=1800 audit(1562928030.193:27): pid=11890 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.149' (ECDSA) to the list of known hosts. syzkaller login: [ 113.123957][T12042] IPVS: ftp: loaded support on port[0] = 21 [ 113.220071][T12042] chnl_net:caif_netlink_parms(): no params data found [ 113.262905][T12042] bridge0: port 1(bridge_slave_0) entered blocking state [ 113.270194][T12042] bridge0: port 1(bridge_slave_0) entered disabled state [ 113.278778][T12042] device bridge_slave_0 entered promiscuous mode [ 113.288530][T12042] bridge0: port 2(bridge_slave_1) entered blocking state [ 113.295850][T12042] bridge0: port 2(bridge_slave_1) entered disabled state [ 113.304600][T12042] device bridge_slave_1 entered promiscuous mode [ 113.331131][T12042] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 113.342529][T12042] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 113.368165][T12042] team0: Port device team_slave_0 added [ 113.376916][T12042] team0: Port device team_slave_1 added [ 113.435818][T12042] device hsr_slave_0 entered promiscuous mode [ 113.492811][T12042] device hsr_slave_1 entered promiscuous mode [ 113.548178][T12042] bridge0: port 2(bridge_slave_1) entered blocking state [ 113.555422][T12042] bridge0: port 2(bridge_slave_1) entered forwarding state [ 113.563410][T12042] bridge0: port 1(bridge_slave_0) entered blocking state [ 113.570644][T12042] bridge0: port 1(bridge_slave_0) entered forwarding state [ 113.639700][T12042] 8021q: adding VLAN 0 to HW filter on device bond0 [ 113.660727][ T3881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 113.673908][ T3881] bridge0: port 1(bridge_slave_0) entered disabled state [ 113.683784][ T3881] bridge0: port 2(bridge_slave_1) entered disabled state [ 113.695202][ T3881] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 113.714209][T12042] 8021q: adding VLAN 0 to HW filter on device team0 [ 113.728320][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 113.737431][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 113.744780][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 113.762189][ T3881] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 113.771252][ T3881] bridge0: port 2(bridge_slave_1) entered blocking state [ 113.778635][ T3881] bridge0: port 2(bridge_slave_1) entered forwarding state [ 113.813738][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 113.824990][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 113.845241][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 113.856453][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 113.865486][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 113.880213][T12042] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready executing program [ 113.913983][T12042] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 113.970207][T12042] raw_sendmsg: syz-executor634 forgot to set AF_INET. Fix it! [ 113.979451][ C1] ================================================================== [ 113.987569][ C1] BUG: KMSAN: uninit-value in gre_parse_header+0x1395/0x1690 [ 113.994958][ C1] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 5.2.0+ #14 [ 114.002080][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 114.012154][ C1] Call Trace: [ 114.015487][ C1] dump_stack+0x191/0x1f0 [ 114.020308][ C1] kmsan_report+0x162/0x2d0 [ 114.025044][ C1] __msan_warning+0x75/0xe0 [ 114.029621][ C1] gre_parse_header+0x1395/0x1690 [ 114.035233][ C1] gre_rcv+0x1cb/0x1900 [ 114.039424][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 114.045707][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 114.051803][ C1] ? raw_local_deliver+0xdd/0x1930 [ 114.056957][ C1] ? erspan_xmit+0x35c0/0x35c0 [ 114.061775][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 114.068394][ C1] ? erspan_xmit+0x35c0/0x35c0 [ 114.073192][ C1] gre_rcv+0x2dd/0x3c0 [ 114.077809][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 114.083759][ C1] ? gre_parse_header+0x1690/0x1690 [ 114.088986][ C1] ip_protocol_deliver_rcu+0x722/0xbc0 [ 114.094831][ C1] ip_local_deliver+0x62a/0x7c0 [ 114.099917][ C1] ? ip_local_deliver+0x7c0/0x7c0 [ 114.105404][ C1] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 114.111065][ C1] ip_rcv+0x6c5/0x740 [ 114.115105][ C1] ? ip_rcv_core+0x11d0/0x11d0 [ 114.119901][ C1] process_backlog+0xef5/0x1410 [ 114.124812][ C1] ? ip_local_deliver_finish+0x350/0x350 [ 114.130497][ C1] ? rps_trigger_softirq+0x2e0/0x2e0 [ 114.135834][ C1] net_rx_action+0x738/0x1940 [ 114.140584][ C1] ? net_tx_action+0xb70/0xb70 [ 114.145466][ C1] __do_softirq+0x4ad/0x858 [ 114.150645][ C1] ? ksoftirqd_should_run+0x30/0x30 [ 114.155910][ C1] run_ksoftirqd+0x25/0x40 [ 114.160345][ C1] smpboot_thread_fn+0x4be/0x9d0 [ 114.165333][ C1] kthread+0x4b5/0x4f0 [ 114.169442][ C1] ? cpu_report_death+0x190/0x190 [ 114.174504][ C1] ? kthread_blkcg+0xf0/0xf0 [ 114.179148][ C1] ret_from_fork+0x35/0x40 [ 114.183592][ C1] [ 114.185921][ C1] Uninit was stored to memory at: [ 114.190988][ C1] kmsan_internal_chain_origin+0xcc/0x150 [ 114.196812][ C1] kmsan_memcpy_memmove_metadata+0x9f9/0xe00 [ 114.202803][ C1] kmsan_memcpy_metadata+0xb/0x10 [ 114.207844][ C1] __msan_memcpy+0x56/0x70 [ 114.212276][ C1] pskb_expand_head+0x38a/0x19f0 [ 114.217335][ C1] ip_tunnel_xmit+0x2971/0x3320 [ 114.222210][ C1] erspan_xmit+0x1ef8/0x35c0 [ 114.226833][ C1] dev_hard_start_xmit+0x51a/0xab0 [ 114.231957][ C1] sch_direct_xmit+0x56c/0x18c0 [ 114.236821][ C1] __dev_queue_xmit+0x1e53/0x4270 [ 114.241883][ C1] dev_queue_xmit+0x4b/0x60 [ 114.246488][ C1] neigh_resolve_output+0xab7/0xb50 [ 114.251715][ C1] ip_finish_output2+0x1a8e/0x25d0 [ 114.256848][ C1] ip_finish_output+0xd2a/0xfd0 [ 114.261798][ C1] ip_output+0x541/0x610 [ 114.266052][ C1] ip_push_pending_frames+0x243/0x460 [ 114.271853][ C1] raw_sendmsg+0x2df8/0x46d0 [ 114.276458][ C1] inet_sendmsg+0x48e/0x750 [ 114.280987][ C1] ___sys_sendmsg+0xe92/0x13c0 [ 114.285763][ C1] __se_sys_sendmsg+0x305/0x460 [ 114.290637][ C1] __x64_sys_sendmsg+0x4a/0x70 [ 114.295413][ C1] do_syscall_64+0xbc/0xf0 [ 114.299840][ C1] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 114.305724][ C1] [ 114.308056][ C1] Uninit was created at: [ 114.312409][ C1] kmsan_internal_poison_shadow+0x53/0xa0 [ 114.318140][ C1] kmsan_slab_alloc+0xaa/0x120 [ 114.322923][ C1] __kmalloc_node_track_caller+0xc8f/0xf10 [ 114.328764][ C1] __alloc_skb+0x306/0xa10 [ 114.333198][ C1] __ip_append_data+0x3901/0x52c0 [ 114.338240][ C1] ip_append_data+0x324/0x480 [ 114.342946][ C1] raw_sendmsg+0x2d02/0x46d0 [ 114.347550][ C1] inet_sendmsg+0x48e/0x750 [ 114.352071][ C1] ___sys_sendmsg+0xe92/0x13c0 [ 114.356845][ C1] __se_sys_sendmsg+0x305/0x460 [ 114.361714][ C1] __x64_sys_sendmsg+0x4a/0x70 [ 114.366490][ C1] do_syscall_64+0xbc/0xf0 [ 114.370928][ C1] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 114.376827][ C1] ================================================================== [ 114.384983][ C1] Disabling lock debugging due to kernel taint [ 114.391245][ C1] Kernel panic - not syncing: panic_on_warn set ... [ 114.398040][ C1] CPU: 1 PID: 16 Comm: ksoftirqd/1 Tainted: G B 5.2.0+ #14 [ 114.406702][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 114.417050][ C1] Call Trace: [ 114.420397][ C1] dump_stack+0x191/0x1f0 [ 114.424781][ C1] panic+0x3c9/0xc1e [ 114.428771][ C1] kmsan_report+0x2ca/0x2d0 [ 114.433373][ C1] __msan_warning+0x75/0xe0 [ 114.437912][ C1] gre_parse_header+0x1395/0x1690 [ 114.443123][ C1] gre_rcv+0x1cb/0x1900 [ 114.447311][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 114.453266][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 114.459892][ C1] ? raw_local_deliver+0xdd/0x1930 [ 114.465056][ C1] ? erspan_xmit+0x35c0/0x35c0 [ 114.469859][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 114.475816][ C1] ? erspan_xmit+0x35c0/0x35c0 [ 114.480609][ C1] gre_rcv+0x2dd/0x3c0 [ 114.484732][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 114.490654][ C1] ? gre_parse_header+0x1690/0x1690 [ 114.495883][ C1] ip_protocol_deliver_rcu+0x722/0xbc0 [ 114.501388][ C1] ip_local_deliver+0x62a/0x7c0 [ 114.506289][ C1] ? ip_local_deliver+0x7c0/0x7c0 [ 114.511341][ C1] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 114.517000][ C1] ip_rcv+0x6c5/0x740 [ 114.521020][ C1] ? ip_rcv_core+0x11d0/0x11d0 [ 114.525815][ C1] process_backlog+0xef5/0x1410 [ 114.530718][ C1] ? ip_local_deliver_finish+0x350/0x350 [ 114.536401][ C1] ? rps_trigger_softirq+0x2e0/0x2e0 [ 114.541714][ C1] net_rx_action+0x738/0x1940 [ 114.546447][ C1] ? net_tx_action+0xb70/0xb70 [ 114.551231][ C1] __do_softirq+0x4ad/0x858 [ 114.555772][ C1] ? ksoftirqd_should_run+0x30/0x30 [ 114.560986][ C1] run_ksoftirqd+0x25/0x40 [ 114.565522][ C1] smpboot_thread_fn+0x4be/0x9d0 [ 114.570798][ C1] kthread+0x4b5/0x4f0 [ 114.574896][ C1] ? cpu_report_death+0x190/0x190 [ 114.580469][ C1] ? kthread_blkcg+0xf0/0xf0 [ 114.585090][ C1] ret_from_fork+0x35/0x40 [ 114.590617][ C1] Kernel Offset: disabled [ 114.594956][ C1] Rebooting in 86400 seconds..