[ 94.388121] audit: type=1800 audit(1554272096.430:25): pid=10334 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[ 94.407358] audit: type=1800 audit(1554272096.440:26): pid=10334 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[ 94.427061] audit: type=1800 audit(1554272096.450:27): pid=10334 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[ 95.713627] sshd (10398) used greatest stack depth: 54128 bytes left
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.0.234' (ECDSA) to the list of known hosts.
syzkaller login: [ 104.940029] IPVS: ftp: loaded support on port[0] = 21
[ 105.023708] chnl_net:caif_netlink_parms(): no params data found
[ 105.069420] bridge0: port 1(bridge_slave_0) entered blocking state
[ 105.077456] bridge0: port 1(bridge_slave_0) entered disabled state
[ 105.085599] device bridge_slave_0 entered promiscuous mode
[ 105.094014] bridge0: port 2(bridge_slave_1) entered blocking state
[ 105.100484] bridge0: port 2(bridge_slave_1) entered disabled state
[ 105.108608] device bridge_slave_1 entered promiscuous mode
[ 105.135237] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 105.145675] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 105.168490] team0: Port device team_slave_0 added
[ 105.175797] team0: Port device team_slave_1 added
[ 105.255019] device hsr_slave_0 entered promiscuous mode
[ 105.322552] device hsr_slave_1 entered promiscuous mode
[ 105.394656] bridge0: port 2(bridge_slave_1) entered blocking state
[ 105.401200] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 105.408465] bridge0: port 1(bridge_slave_0) entered blocking state
[ 105.415000] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 105.466707] 8021q: adding VLAN 0 to HW filter on device bond0
[ 105.480550] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 105.489708] bridge0: port 1(bridge_slave_0) entered disabled state
[ 105.498180] bridge0: port 2(bridge_slave_1) entered disabled state
[ 105.506355] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 105.520801] 8021q: adding VLAN 0 to HW filter on device team0
[ 105.533355] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 105.541262] bridge0: port 1(bridge_slave_0) entered blocking state
[ 105.547859] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 105.565893] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 105.574167] bridge0: port 2(bridge_slave_1) entered blocking state
[ 105.580618] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 105.600635] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 105.625222] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 105.633366] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 105.641534] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 105.650000] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 105.663004] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
executing program
[ 105.690595] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 105.710384] raw_sendmsg: syz-executor949 forgot to set AF_INET. Fix it!
[ 105.717938] ==================================================================
[ 105.725360] BUG: KMSAN: uninit-value in gre_parse_header+0x1396/0x1690
[ 105.732039] CPU: 1 PID: 10485 Comm: syz-executor949 Not tainted 5.1.0-rc2+ #21
[ 105.739427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 105.748772] Call Trace:
[ 105.751356]
[ 105.753514] dump_stack+0x173/0x1d0
[ 105.757145] kmsan_report+0x131/0x2a0
[ 105.760944] __msan_warning+0x7a/0xf0
[ 105.764746] gre_parse_header+0x1396/0x1690
[ 105.769112] gre_rcv+0x1c3/0x1800
[ 105.772568] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 105.777930] ? raw_local_deliver+0xfc/0x1960
[ 105.782363] ? erspan_xmit+0x3640/0x3640
[ 105.786431] ? erspan_xmit+0x3640/0x3640
[ 105.790480] gre_rcv+0x2dd/0x3c0
[ 105.793861] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 105.799043] ? gre_parse_header+0x1690/0x1690
[ 105.803542] ip_protocol_deliver_rcu+0x584/0xbb0
[ 105.808309] ip_local_deliver+0x624/0x7b0
[ 105.812484] ? ip_local_deliver+0x7b0/0x7b0
[ 105.816865] ? ip_protocol_deliver_rcu+0xbb0/0xbb0
[ 105.821798] ip_rcv+0x6bd/0x740
[ 105.825084] ? ip_rcv_core+0x11d0/0x11d0
[ 105.829145] process_backlog+0x756/0x10e0
[ 105.833300] ? ip_local_deliver_finish+0x320/0x320
[ 105.839128] ? rps_trigger_softirq+0x2e0/0x2e0
[ 105.843705] net_rx_action+0x78b/0x1a60
[ 105.847708] ? net_tx_action+0xca0/0xca0
[ 105.851780] __do_softirq+0x53f/0x93a
[ 105.855607] do_softirq_own_stack+0x49/0x80
[ 105.859912]
[ 105.862147] __local_bh_enable_ip+0x1a3/0x1f0
[ 105.866651] local_bh_enable+0x36/0x40
[ 105.870528] ip_finish_output2+0x1721/0x1930
[ 105.874951] ip_finish_output+0xd2b/0xfd0
[ 105.879105] ip_output+0x53f/0x610
[ 105.882651] ? ip_mc_finish_output+0x3b0/0x3b0
[ 105.887226] ? ip_finish_output+0xfd0/0xfd0
[ 105.891536] ip_push_pending_frames+0x243/0x460
[ 105.896234] raw_sendmsg+0x2e31/0x4650
[ 105.900169] ? aa_sock_msg_perm+0x16e/0x320
[ 105.904491] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 105.909679] ? compat_raw_ioctl+0x100/0x100
[ 105.913995] inet_sendmsg+0x54a/0x720
[ 105.917793] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 105.922980] ___sys_sendmsg+0xdb3/0x1220
[ 105.927042] ? inet_getname+0x490/0x490
[ 105.932346] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 105.937527] ? __fget_light+0x60/0x750
[ 105.941410] ? __msan_metadata_ptr_for_load_4+0x10/0x20
[ 105.946768] ? __fget_light+0x1fe/0x750
[ 105.950753] __sys_sendmmsg+0x580/0xad0
[ 105.954754] ? __msan_metadata_ptr_for_store_4+0x13/0x20
[ 105.960197] ? prepare_exit_to_usermode+0x114/0x420
[ 105.965208] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 105.970390] ? syscall_return_slowpath+0x50/0x650
[ 105.975245] __se_sys_sendmmsg+0xbd/0xe0
[ 105.979310] __x64_sys_sendmmsg+0x56/0x70
[ 105.983454] do_syscall_64+0xbc/0xf0
[ 105.987188] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 105.992379] RIP: 0033:0x441999
[ 105.995577] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 bb 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[ 106.014475] RSP: 002b:00007ffd647de1c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 106.022192] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000441999
[ 106.034510] RDX: 0000000000000001 RSI: 00000000200006c0 RDI: 0000000000000004
[ 106.041789] RBP: 00000000004a9030 R08: 0000000001bbbbbb R09: 0000000001bbbbbb
[ 106.049068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402ee0
[ 106.056330] R13: 0000000000402f70 R14: 0000000000000000 R15: 0000000000000000
[ 106.063608]
[ 106.065220] Uninit was stored to memory at:
[ 106.069551] kmsan_internal_chain_origin+0x134/0x230
[ 106.074660] kmsan_memcpy_memmove_metadata+0xb5b/0xfe0
[ 106.079926] kmsan_memcpy_metadata+0xb/0x10
[ 106.084239] __msan_memcpy+0x58/0x70
[ 106.087943] pskb_expand_head+0x3aa/0x1a30
[ 106.092183] ip_tunnel_xmit+0x2c4e/0x3310
[ 106.096332] erspan_xmit+0x1f5e/0x3640
[ 106.100209] dev_hard_start_xmit+0x604/0xc40
[ 106.104611] sch_direct_xmit+0x58a/0x880
[ 106.108658] __qdisc_run+0x1cd7/0x34b0
[ 106.112545] __dev_queue_xmit+0x1e51/0x3ce0
[ 106.116872] dev_queue_xmit+0x4b/0x60
[ 106.120661] neigh_resolve_output+0xab7/0xb40
[ 106.125144] ip_finish_output2+0x1709/0x1930
[ 106.129537] ip_finish_output+0xd2b/0xfd0
[ 106.133676] ip_output+0x53f/0x610
[ 106.137202] ip_push_pending_frames+0x243/0x460
[ 106.141863] raw_sendmsg+0x2e31/0x4650
[ 106.145738] inet_sendmsg+0x54a/0x720
[ 106.149539] ___sys_sendmsg+0xdb3/0x1220
[ 106.153691] __sys_sendmmsg+0x580/0xad0
[ 106.157651] __se_sys_sendmmsg+0xbd/0xe0
[ 106.161711] __x64_sys_sendmmsg+0x56/0x70
[ 106.165867] do_syscall_64+0xbc/0xf0
[ 106.169593] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 106.174767]
[ 106.176399] Uninit was created at:
[ 106.179928] kmsan_internal_poison_shadow+0x92/0x150
[ 106.185022] kmsan_kmalloc+0xa9/0x130
[ 106.188807] kmsan_slab_alloc+0xe/0x10
[ 106.192683] __kmalloc_node_track_caller+0xead/0x1000
[ 106.197865] __alloc_skb+0x309/0xa20
[ 106.201567] __ip_append_data+0x3671/0x5000
[ 106.205881] ip_append_data+0x324/0x480
[ 106.209906] raw_sendmsg+0x2d2a/0x4650
[ 106.213787] inet_sendmsg+0x54a/0x720
[ 106.217576] ___sys_sendmsg+0xdb3/0x1220
[ 106.221629] __sys_sendmmsg+0x580/0xad0
[ 106.225607] __se_sys_sendmmsg+0xbd/0xe0
[ 106.229654] __x64_sys_sendmmsg+0x56/0x70
[ 106.233793] do_syscall_64+0xbc/0xf0
[ 106.237493] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 106.242665] ==================================================================
[ 106.250006] Disabling lock debugging due to kernel taint
[ 106.255439] Kernel panic - not syncing: panic_on_warn set ...
[ 106.261329] CPU: 1 PID: 10485 Comm: syz-executor949 Tainted: G B 5.1.0-rc2+ #21
[ 106.270070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 106.279417] Call Trace:
[ 106.281995]
[ 106.284140] dump_stack+0x173/0x1d0
[ 106.287766] panic+0x3d1/0xb01
[ 106.290979] kmsan_report+0x29a/0x2a0
[ 106.294786] __msan_warning+0x7a/0xf0
[ 106.298585] gre_parse_header+0x1396/0x1690
[ 106.302929] gre_rcv+0x1c3/0x1800
[ 106.306378] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 106.311752] ? raw_local_deliver+0xfc/0x1960
[ 106.316179] ? erspan_xmit+0x3640/0x3640
[ 106.320237] ? erspan_xmit+0x3640/0x3640
[ 106.324293] gre_rcv+0x2dd/0x3c0
[ 106.327651] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 106.332847] ? gre_parse_header+0x1690/0x1690
[ 106.337349] ip_protocol_deliver_rcu+0x584/0xbb0
[ 106.342116] ip_local_deliver+0x624/0x7b0
[ 106.346272] ? ip_local_deliver+0x7b0/0x7b0
[ 106.350584] ? ip_protocol_deliver_rcu+0xbb0/0xbb0
[ 106.355507] ip_rcv+0x6bd/0x740
[ 106.358805] ? ip_rcv_core+0x11d0/0x11d0
[ 106.362864] process_backlog+0x756/0x10e0
[ 106.367017] ? ip_local_deliver_finish+0x320/0x320
[ 106.371962] ? rps_trigger_softirq+0x2e0/0x2e0
[ 106.376550] net_rx_action+0x78b/0x1a60
[ 106.380538] ? net_tx_action+0xca0/0xca0
[ 106.384598] __do_softirq+0x53f/0x93a
[ 106.388406] do_softirq_own_stack+0x49/0x80
[ 106.392727]
[ 106.394974] __local_bh_enable_ip+0x1a3/0x1f0
[ 106.399466] local_bh_enable+0x36/0x40
[ 106.403344] ip_finish_output2+0x1721/0x1930
[ 106.407764] ip_finish_output+0xd2b/0xfd0
[ 106.411946] ip_output+0x53f/0x610
[ 106.415502] ? ip_mc_finish_output+0x3b0/0x3b0
[ 106.420081] ? ip_finish_output+0xfd0/0xfd0
[ 106.424394] ip_push_pending_frames+0x243/0x460
[ 106.429094] raw_sendmsg+0x2e31/0x4650
[ 106.433036] ? aa_sock_msg_perm+0x16e/0x320
[ 106.437361] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 106.442549] ? compat_raw_ioctl+0x100/0x100
[ 106.446866] inet_sendmsg+0x54a/0x720
[ 106.450663] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 106.455850] ___sys_sendmsg+0xdb3/0x1220
[ 106.459908] ? inet_getname+0x490/0x490
[ 106.463883] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 106.469068] ? __fget_light+0x60/0x750
[ 106.472957] ? __msan_metadata_ptr_for_load_4+0x10/0x20
[ 106.478311] ? __fget_light+0x1fe/0x750
[ 106.482300] __sys_sendmmsg+0x580/0xad0
[ 106.486299] ? __msan_metadata_ptr_for_store_4+0x13/0x20
[ 106.491757] ? prepare_exit_to_usermode+0x114/0x420
[ 106.496777] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 106.501960] ? syscall_return_slowpath+0x50/0x650
[ 106.506806] __se_sys_sendmmsg+0xbd/0xe0
[ 106.510865] __x64_sys_sendmmsg+0x56/0x70
[ 106.515007] do_syscall_64+0xbc/0xf0
[ 106.518715] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 106.523897] RIP: 0033:0x441999
[ 106.527082] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 bb 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[ 106.546070] RSP: 002b:00007ffd647de1c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 106.553798] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000441999
[ 106.561066] RDX: 0000000000000001 RSI: 00000000200006c0 RDI: 0000000000000004
[ 106.568334] RBP: 00000000004a9030 R08: 0000000001bbbbbb R09: 0000000001bbbbbb
[ 106.575598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402ee0
[ 106.582874] R13: 0000000000402f70 R14: 0000000000000000 R15: 0000000000000000
[ 106.590870] Kernel Offset: disabled
[ 106.594503] Rebooting in 86400 seconds..