[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 93.570167] audit: type=1800 audit(1546157594.618:25): pid=11270 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 93.589378] audit: type=1800 audit(1546157594.628:26): pid=11270 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 93.608838] audit: type=1800 audit(1546157594.648:27): pid=11270 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.15.239' (ECDSA) to the list of known hosts. 2018/12/30 08:13:29 fuzzer started 2018/12/30 08:13:34 dialing manager at 10.128.0.26:41469 2018/12/30 08:13:34 syscalls: 1 2018/12/30 08:13:34 code coverage: enabled 2018/12/30 08:13:34 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/12/30 08:13:34 setuid sandbox: enabled 2018/12/30 08:13:34 namespace sandbox: enabled 2018/12/30 08:13:34 Android sandbox: /sys/fs/selinux/policy does not exist 2018/12/30 08:13:34 fault injection: enabled 2018/12/30 08:13:34 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/12/30 08:13:34 net packet injection: enabled 2018/12/30 08:13:34 net device setup: enabled 08:13:37 executing program 0: mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x1b, &(0x7f00000074c0), &(0x7f0000000040)=0x201) syzkaller login: [ 116.851307] IPVS: ftp: loaded support on port[0] = 21 [ 117.003479] chnl_net:caif_netlink_parms(): no params data found [ 117.077286] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.083891] bridge0: port 1(bridge_slave_0) entered disabled state [ 117.092410] device bridge_slave_0 entered promiscuous mode [ 117.102246] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.108744] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.117214] device bridge_slave_1 entered promiscuous mode [ 117.152250] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 117.163499] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 117.193569] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 117.202345] team0: Port device team_slave_0 added [ 117.209086] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 117.217755] team0: Port device team_slave_1 added [ 117.224266] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 117.233254] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 117.416960] device hsr_slave_0 entered promiscuous mode [ 117.582814] device hsr_slave_1 entered promiscuous mode [ 117.743500] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 117.751082] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 117.781154] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.787820] bridge0: port 2(bridge_slave_1) entered forwarding state [ 117.795018] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.801607] bridge0: port 1(bridge_slave_0) entered forwarding state [ 117.891940] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 117.898074] 8021q: adding VLAN 0 to HW filter on device bond0 [ 117.912923] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 117.927692] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 117.938686] bridge0: port 1(bridge_slave_0) entered disabled state [ 117.948456] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.959438] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 117.979095] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 117.985301] 8021q: adding VLAN 0 to HW filter on device team0 [ 118.000490] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 118.008484] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 118.017154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 118.025396] bridge0: port 1(bridge_slave_0) entered blocking state [ 118.031937] bridge0: port 1(bridge_slave_0) entered forwarding state [ 118.050141] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 118.058542] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 118.067202] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 118.075471] bridge0: port 2(bridge_slave_1) entered blocking state [ 118.082003] bridge0: port 2(bridge_slave_1) entered forwarding state [ 118.099324] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 118.111277] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 118.124320] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 118.137218] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 118.145400] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 118.154878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 118.164259] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 118.173878] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 118.182761] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 118.191882] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 118.202706] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 118.213448] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 118.220615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 118.229223] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 118.244035] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 118.254363] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 118.266900] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 118.273038] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 118.281712] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 118.290026] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 118.316426] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 118.335353] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 118.381802] ================================================================== [ 118.389217] BUG: KMSAN: uninit-value in send_hsr_supervision_frame+0x1056/0x1510 [ 118.396767] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.20.0-rc7+ #16 [ 118.403357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 118.412748] Call Trace: [ 118.415344] [ 118.417513] dump_stack+0x173/0x1d0 [ 118.421174] kmsan_report+0x12e/0x2a0 [ 118.425021] __msan_warning+0x82/0xf0 [ 118.428862] send_hsr_supervision_frame+0x1056/0x1510 [ 118.434126] hsr_announce+0x14c/0x3a0 [ 118.437966] call_timer_fn+0x285/0x600 [ 118.441877] ? hsr_dev_finalize+0xb90/0xb90 [ 118.446250] __run_timers+0xdb4/0x11d0 [ 118.450157] ? hsr_dev_finalize+0xb90/0xb90 [ 118.454522] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 118.459985] ? irqtime_account_irq+0xcf/0x2e0 [ 118.464506] ? timers_dead_cpu+0xa50/0xa50 [ 118.468789] run_timer_softirq+0x2e/0x50 [ 118.472875] __do_softirq+0x53f/0x93a [ 118.476719] irq_exit+0x214/0x250 [ 118.480191] exiting_irq+0xe/0x10 [ 118.483660] smp_apic_timer_interrupt+0x48/0x70 [ 118.488350] apic_timer_interrupt+0x2e/0x40 [ 118.492676] [ 118.494932] RIP: 0010:default_idle+0x27e/0x4e0 [ 118.499528] Code: 04 24 00 00 00 00 8b 45 c0 41 89 44 24 08 8b 45 c4 41 89 84 24 90 0c 00 00 48 c7 c7 d8 22 cb 8b 8b 75 bc e8 84 3b b0 f6 fb f4 <65> 8b 04 25 20 a1 02 00 89 45 b8 8b 1c 25 20 32 04 8c 48 c7 c7 20 [ 118.518465] RSP: 0018:ffffffff8bc0fd58 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 118.526193] RAX: ffff888112443220 RBX: 0000000000000000 RCX: ffff888112443220 [ 118.533476] RDX: ffff888112043220 RSI: 0000160000000000 RDI: ccccccccccccd000 [ 118.540758] RBP: ffffffff8bc0fda0 R08: 0000000000000002 R09: ffffffff8bc0fd08 [ 118.548036] R10: 0000000000000000 R11: ffffffff8acbf5c0 R12: ffffffff8bc36ac8 [ 118.555333] R13: 0000000000000000 R14: ffffffff8bc36140 R15: ffffffff8bc36ac8 [ 118.562640] ? __cpuidle_text_start+0x8/0x8 [ 118.566999] ? default_idle+0x6e/0x4e0 [ 118.570905] ? __cpuidle_text_start+0x8/0x8 [ 118.575244] ? __cpuidle_text_start+0x8/0x8 [ 118.579591] arch_cpu_idle+0x26/0x30 [ 118.583324] do_idle+0x22d/0x800 [ 118.586726] cpu_startup_entry+0x45/0x50 [ 118.590809] rest_init+0x1c1/0x1f0 [ 118.594380] arch_call_rest_init+0x13/0x15 [ 118.598636] start_kernel+0x9d7/0xbb1 [ 118.602467] x86_64_start_reservations+0x19/0x2f [ 118.607249] x86_64_start_kernel+0x84/0x87 [ 118.611503] secondary_startup_64+0xa4/0xb0 [ 118.615849] [ 118.617480] Uninit was created at: [ 118.621040] kmsan_save_stack_with_flags+0x7a/0x130 [ 118.626099] kmsan_internal_alloc_meta_for_pages+0x113/0x580 [ 118.631909] kmsan_alloc_page+0x7e/0x100 [ 118.635987] __alloc_pages_nodemask+0x1587/0x5f20 [ 118.640841] page_frag_alloc+0x3c1/0x980 [ 118.644914] __netdev_alloc_skb+0x1f1/0xa50 [ 118.649250] send_hsr_supervision_frame+0x168/0x1510 [ 118.654365] hsr_announce+0x14c/0x3a0 [ 118.658185] call_timer_fn+0x285/0x600 [ 118.662098] __run_timers+0xdb4/0x11d0 [ 118.665999] run_timer_softirq+0x2e/0x50 [ 118.670095] __do_softirq+0x53f/0x93a [ 118.673896] ================================================================== [ 118.681255] Disabling lock debugging due to kernel taint [ 118.686709] Kernel panic - not syncing: panic_on_warn set ... [ 118.692608] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G B 4.20.0-rc7+ #16 [ 118.700581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 118.709944] Call Trace: [ 118.712537] [ 118.714717] dump_stack+0x173/0x1d0 [ 118.718374] panic+0x3ce/0x961 [ 118.721629] kmsan_report+0x293/0x2a0 [ 118.725460] __msan_warning+0x82/0xf0 [ 118.729310] send_hsr_supervision_frame+0x1056/0x1510 [ 118.734558] hsr_announce+0x14c/0x3a0 [ 118.738394] call_timer_fn+0x285/0x600 [ 118.742299] ? hsr_dev_finalize+0xb90/0xb90 [ 118.746651] __run_timers+0xdb4/0x11d0 [ 118.750555] ? hsr_dev_finalize+0xb90/0xb90 [ 118.754917] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 118.760382] ? irqtime_account_irq+0xcf/0x2e0 [ 118.764910] ? timers_dead_cpu+0xa50/0xa50 [ 118.769170] run_timer_softirq+0x2e/0x50 [ 118.773252] __do_softirq+0x53f/0x93a [ 118.777108] irq_exit+0x214/0x250 [ 118.780581] exiting_irq+0xe/0x10 [ 118.784061] smp_apic_timer_interrupt+0x48/0x70 [ 118.788763] apic_timer_interrupt+0x2e/0x40 [ 118.793100] [ 118.795355] RIP: 0010:default_idle+0x27e/0x4e0 [ 118.799947] Code: 04 24 00 00 00 00 8b 45 c0 41 89 44 24 08 8b 45 c4 41 89 84 24 90 0c 00 00 48 c7 c7 d8 22 cb 8b 8b 75 bc e8 84 3b b0 f6 fb f4 <65> 8b 04 25 20 a1 02 00 89 45 b8 8b 1c 25 20 32 04 8c 48 c7 c7 20 [ 118.818859] RSP: 0018:ffffffff8bc0fd58 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 118.826580] RAX: ffff888112443220 RBX: 0000000000000000 RCX: ffff888112443220 [ 118.833864] RDX: ffff888112043220 RSI: 0000160000000000 RDI: ccccccccccccd000 [ 118.841146] RBP: ffffffff8bc0fda0 R08: 0000000000000002 R09: ffffffff8bc0fd08 [ 118.848429] R10: 0000000000000000 R11: ffffffff8acbf5c0 R12: ffffffff8bc36ac8 [ 118.855710] R13: 0000000000000000 R14: ffffffff8bc36140 R15: ffffffff8bc36ac8 [ 118.863009] ? __cpuidle_text_start+0x8/0x8 [ 118.867367] ? default_idle+0x6e/0x4e0 [ 118.871273] ? __cpuidle_text_start+0x8/0x8 [ 118.875609] ? __cpuidle_text_start+0x8/0x8 [ 118.879951] arch_cpu_idle+0x26/0x30 [ 118.883681] do_idle+0x22d/0x800 [ 118.887098] cpu_startup_entry+0x45/0x50 [ 118.891182] rest_init+0x1c1/0x1f0 [ 118.894761] arch_call_rest_init+0x13/0x15 [ 118.899016] start_kernel+0x9d7/0xbb1 [ 118.902863] x86_64_start_reservations+0x19/0x2f [ 118.907637] x86_64_start_kernel+0x84/0x87 [ 118.911892] secondary_startup_64+0xa4/0xb0 [ 118.917237] Kernel Offset: disabled [ 118.920893] Rebooting in 86400 seconds..