[....] Starting enhanced syslogd: rsyslogd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[ 92.333639] audit: type=1800 audit(1546172636.381:25): pid=10862 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[ 92.352841] audit: type=1800 audit(1546172636.381:26): pid=10862 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[ 92.372259] audit: type=1800 audit(1546172636.401:27): pid=10862 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.0.76' (ECDSA) to the list of known hosts.
2018/12/30 12:24:09 fuzzer started
2018/12/30 12:24:14 dialing manager at 10.128.0.26:38305
2018/12/30 12:24:14 syscalls: 1
2018/12/30 12:24:14 code coverage: enabled
2018/12/30 12:24:14 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2018/12/30 12:24:14 setuid sandbox: enabled
2018/12/30 12:24:14 namespace sandbox: enabled
2018/12/30 12:24:14 Android sandbox: /sys/fs/selinux/policy does not exist
2018/12/30 12:24:14 fault injection: enabled
2018/12/30 12:24:14 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2018/12/30 12:24:14 net packet injection: enabled
2018/12/30 12:24:14 net device setup: enabled
12:24:17 executing program 0:
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000180)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x10, 0x0, @in6={0xa, 0x0, 0x0, @remote}}}, 0x90)
syzkaller login: [ 114.471692] IPVS: ftp: loaded support on port[0] = 21
[ 114.630248] chnl_net:caif_netlink_parms(): no params data found
[ 114.698879] bridge0: port 1(bridge_slave_0) entered blocking state
[ 114.705577] bridge0: port 1(bridge_slave_0) entered disabled state
[ 114.713970] device bridge_slave_0 entered promiscuous mode
[ 114.723638] bridge0: port 2(bridge_slave_1) entered blocking state
[ 114.730147] bridge0: port 2(bridge_slave_1) entered disabled state
[ 114.738462] device bridge_slave_1 entered promiscuous mode
[ 114.772888] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 114.784116] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 114.815890] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 114.824713] team0: Port device team_slave_0 added
[ 114.831190] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 114.839865] team0: Port device team_slave_1 added
[ 114.846629] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[ 114.855598] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[ 115.007035] device hsr_slave_0 entered promiscuous mode
[ 115.262777] device hsr_slave_1 entered promiscuous mode
[ 115.523530] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[ 115.531079] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[ 115.562492] bridge0: port 2(bridge_slave_1) entered blocking state
[ 115.569123] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 115.576300] bridge0: port 1(bridge_slave_0) entered blocking state
[ 115.582893] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 115.626682] bridge0: port 1(bridge_slave_0) entered disabled state
[ 115.635217] bridge0: port 2(bridge_slave_1) entered disabled state
[ 115.700081] 8021q: adding VLAN 0 to HW filter on device bond0
[ 115.714806] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 115.728249] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 115.735170] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 115.743211] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 115.761268] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[ 115.767995] 8021q: adding VLAN 0 to HW filter on device team0
[ 115.781179] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[ 115.789592] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 115.798483] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 115.806923] bridge0: port 1(bridge_slave_0) entered blocking state
[ 115.813507] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 115.831865] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[ 115.840224] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 115.848869] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 115.857344] bridge0: port 2(bridge_slave_1) entered blocking state
[ 115.863883] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 115.880612] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[ 115.893594] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[ 115.906403] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[ 115.914359] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 115.923848] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 115.933430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 115.942536] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 115.958165] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[ 115.970536] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
[ 115.977707] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 115.986143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 115.995273] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 116.004985] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 116.013702] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 116.030386] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
[ 116.041723] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 116.053830] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[ 116.059890] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 116.083171] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 116.091507] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 116.102491] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[ 116.131171] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 116.172248] ==================================================================
[ 116.179662] BUG: KMSAN: uninit-value in send_hsr_supervision_frame+0x1056/0x1510
[ 116.187210] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.20.0-rc7+ #16
[ 116.193792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 116.203165] Call Trace:
[ 116.205754]
[ 116.207923] dump_stack+0x173/0x1d0
[ 116.211576] kmsan_report+0x12e/0x2a0
[ 116.215406] __msan_warning+0x82/0xf0
[ 116.219227] send_hsr_supervision_frame+0x1056/0x1510
[ 116.224468] hsr_announce+0x14c/0x3a0
[ 116.228300] call_timer_fn+0x285/0x600
[ 116.232225] ? hsr_dev_finalize+0xb90/0xb90
[ 116.236573] __run_timers+0xdb4/0x11d0
[ 116.240485] ? hsr_dev_finalize+0xb90/0xb90
[ 116.244863] ? __msan_metadata_ptr_for_store_8+0x13/0x20
[ 116.250333] ? irqtime_account_irq+0xcf/0x2e0
[ 116.254848] ? timers_dead_cpu+0xa50/0xa50
[ 116.259096] run_timer_softirq+0x2e/0x50
[ 116.263174] __do_softirq+0x53f/0x93a
[ 116.267011] irq_exit+0x214/0x250
[ 116.270734] exiting_irq+0xe/0x10
[ 116.274206] smp_apic_timer_interrupt+0x48/0x70
[ 116.278891] apic_timer_interrupt+0x2e/0x40
[ 116.283218]
[ 116.285470] RIP: 0010:default_idle+0x27e/0x4e0
[ 116.290060] Code: 04 24 00 00 00 00 8b 45 c0 41 89 44 24 08 8b 45 c4 41 89 84 24 90 0c 00 00 48 c7 c7 d8 22 cb 8b 8b 75 bc e8 84 3b b0 f6 fb f4 <65> 8b 04 25 20 a1 02 00 89 45 b8 8b 1c 25 20 32 04 8c 48 c7 c7 20
[ 116.308974] RSP: 0018:ffffffff8bc0fd58 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[ 116.316697] RAX: ffff888112443220 RBX: 0000000000000000 RCX: ffff888112443220
[ 116.323976] RDX: ffff888112043220 RSI: 0000160000000000 RDI: ccccccccccccd000
[ 116.331255] RBP: ffffffff8bc0fda0 R08: 0000000000000002 R09: ffffffff8bc0fd08
[ 116.338536] R10: 0000000000000000 R11: ffffffff8acbf5c0 R12: ffffffff8bc36ac8
[ 116.345838] R13: 0000000000000000 R14: ffffffff8bc36140 R15: ffffffff8bc36ac8
[ 116.353138] ? __cpuidle_text_start+0x8/0x8
[ 116.357495] ? default_idle+0x6e/0x4e0
[ 116.361397] ? __cpuidle_text_start+0x8/0x8
[ 116.365736] ? __cpuidle_text_start+0x8/0x8
[ 116.370093] arch_cpu_idle+0x26/0x30
[ 116.373837] do_idle+0x22d/0x800
[ 116.377238] cpu_startup_entry+0x45/0x50
[ 116.381324] rest_init+0x1c1/0x1f0
[ 116.384891] arch_call_rest_init+0x13/0x15
[ 116.389336] start_kernel+0x9d7/0xbb1
[ 116.393209] x86_64_start_reservations+0x19/0x2f
[ 116.397990] x86_64_start_kernel+0x84/0x87
[ 116.402419] secondary_startup_64+0xa4/0xb0
[ 116.406776]
[ 116.408401] Uninit was created at:
[ 116.411970] kmsan_save_stack_with_flags+0x7a/0x130
[ 116.417003] kmsan_internal_alloc_meta_for_pages+0x113/0x580
[ 116.422807] kmsan_alloc_page+0x7e/0x100
[ 116.426891] __alloc_pages_nodemask+0x1587/0x5f20
[ 116.431750] page_frag_alloc+0x3c1/0x980
[ 116.435829] __netdev_alloc_skb+0x1f1/0xa50
[ 116.440163] send_hsr_supervision_frame+0x168/0x1510
[ 116.445279] hsr_announce+0x14c/0x3a0
[ 116.449104] call_timer_fn+0x285/0x600
[ 116.453005] __run_timers+0xdb4/0x11d0
[ 116.456906] run_timer_softirq+0x2e/0x50
[ 116.460982] __do_softirq+0x53f/0x93a
[ 116.464795] ==================================================================
[ 116.472151] Disabling lock debugging due to kernel taint
[ 116.477607] Kernel panic - not syncing: panic_on_warn set ...
[ 116.483523] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G B 4.20.0-rc7+ #16
[ 116.491509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 116.500870] Call Trace:
[ 116.503492]
[ 116.505693] dump_stack+0x173/0x1d0
[ 116.509366] panic+0x3ce/0x961
[ 116.512653] kmsan_report+0x293/0x2a0
[ 116.516487] __msan_warning+0x82/0xf0
[ 116.520324] send_hsr_supervision_frame+0x1056/0x1510
[ 116.525592] hsr_announce+0x14c/0x3a0
[ 116.529430] call_timer_fn+0x285/0x600
[ 116.533341] ? hsr_dev_finalize+0xb90/0xb90
[ 116.537694] __run_timers+0xdb4/0x11d0
[ 116.541608] ? hsr_dev_finalize+0xb90/0xb90
[ 116.545972] ? __msan_metadata_ptr_for_store_8+0x13/0x20
[ 116.551436] ? irqtime_account_irq+0xcf/0x2e0
[ 116.555952] ? timers_dead_cpu+0xa50/0xa50
[ 116.560209] run_timer_softirq+0x2e/0x50
[ 116.564323] __do_softirq+0x53f/0x93a
[ 116.568168] irq_exit+0x214/0x250
[ 116.571638] exiting_irq+0xe/0x10
[ 116.575109] smp_apic_timer_interrupt+0x48/0x70
[ 116.579796] apic_timer_interrupt+0x2e/0x40
[ 116.584120]
[ 116.586385] RIP: 0010:default_idle+0x27e/0x4e0
[ 116.590976] Code: 04 24 00 00 00 00 8b 45 c0 41 89 44 24 08 8b 45 c4 41 89 84 24 90 0c 00 00 48 c7 c7 d8 22 cb 8b 8b 75 bc e8 84 3b b0 f6 fb f4 <65> 8b 04 25 20 a1 02 00 89 45 b8 8b 1c 25 20 32 04 8c 48 c7 c7 20
[ 116.609888] RSP: 0018:ffffffff8bc0fd58 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[ 116.617631] RAX: ffff888112443220 RBX: 0000000000000000 RCX: ffff888112443220
[ 116.624920] RDX: ffff888112043220 RSI: 0000160000000000 RDI: ccccccccccccd000
[ 116.632199] RBP: ffffffff8bc0fda0 R08: 0000000000000002 R09: ffffffff8bc0fd08
[ 116.639480] R10: 0000000000000000 R11: ffffffff8acbf5c0 R12: ffffffff8bc36ac8
[ 116.646762] R13: 0000000000000000 R14: ffffffff8bc36140 R15: ffffffff8bc36ac8
[ 116.654061] ? __cpuidle_text_start+0x8/0x8
[ 116.658418] ? default_idle+0x6e/0x4e0
[ 116.662335] ? __cpuidle_text_start+0x8/0x8
[ 116.666671] ? __cpuidle_text_start+0x8/0x8
[ 116.671044] arch_cpu_idle+0x26/0x30
[ 116.674769] do_idle+0x22d/0x800
[ 116.678166] cpu_startup_entry+0x45/0x50
[ 116.682251] rest_init+0x1c1/0x1f0
[ 116.685814] arch_call_rest_init+0x13/0x15
[ 116.690065] start_kernel+0x9d7/0xbb1
[ 116.693901] x86_64_start_reservations+0x19/0x2f
[ 116.698671] x86_64_start_kernel+0x84/0x87
[ 116.702920] secondary_startup_64+0xa4/0xb0
[ 116.708226] Kernel Offset: disabled
[ 116.711857] Rebooting in 86400 seconds..