[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[ 81.065723][ T31] audit: type=1800 audit(1569198169.139:25): pid=11459 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[ 81.088969][ T31] audit: type=1800 audit(1569198169.159:26): pid=11459 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[ 81.133572][ T31] audit: type=1800 audit(1569198169.189:27): pid=11459 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.0.178' (ECDSA) to the list of known hosts.
syzkaller login: [ 94.694309][T11611] IPVS: ftp: loaded support on port[0] = 21
[ 94.765001][T11611] chnl_net:caif_netlink_parms(): no params data found
[ 94.799956][T11611] bridge0: port 1(bridge_slave_0) entered blocking state
[ 94.807199][T11611] bridge0: port 1(bridge_slave_0) entered disabled state
[ 94.815753][T11611] device bridge_slave_0 entered promiscuous mode
[ 94.824628][T11611] bridge0: port 2(bridge_slave_1) entered blocking state
[ 94.832009][T11611] bridge0: port 2(bridge_slave_1) entered disabled state
[ 94.840543][T11611] device bridge_slave_1 entered promiscuous mode
[ 94.862046][T11611] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 94.873761][T11611] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 94.896159][T11611] team0: Port device team_slave_0 added
[ 94.904411][T11611] team0: Port device team_slave_1 added
[ 94.966041][T11611] device hsr_slave_0 entered promiscuous mode
[ 95.013439][T11611] device hsr_slave_1 entered promiscuous mode
[ 95.064370][T11611] bridge0: port 2(bridge_slave_1) entered blocking state
[ 95.071800][T11611] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 95.079676][T11611] bridge0: port 1(bridge_slave_0) entered blocking state
[ 95.086867][T11611] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 95.132285][T11611] 8021q: adding VLAN 0 to HW filter on device bond0
[ 95.149294][ T3371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 95.159329][ T3371] bridge0: port 1(bridge_slave_0) entered disabled state
[ 95.169110][ T3371] bridge0: port 2(bridge_slave_1) entered disabled state
[ 95.178051][ T3371] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 95.193583][T11611] 8021q: adding VLAN 0 to HW filter on device team0
[ 95.214800][ T30] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 95.224494][ T30] bridge0: port 1(bridge_slave_0) entered blocking state
[ 95.232167][ T30] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 95.240433][ T30] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 95.250947][ T30] bridge0: port 2(bridge_slave_1) entered blocking state
[ 95.258163][ T30] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 95.284470][ T30] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 95.295516][ T30] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 95.304773][ T30] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 95.319554][ T30] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
executing program
[ 95.328033][ T30] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 95.340461][T11611] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 95.368859][T11611] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 95.420088][T11611] raw_sendmsg: syz-executor895 forgot to set AF_INET. Fix it!
[ 95.429474][ C1] ==================================================================
[ 95.437768][ C1] BUG: KMSAN: uninit-value in gre_parse_header+0x1395/0x1690
[ 95.445129][ C1] CPU: 1 PID: 11611 Comm: syz-executor895 Not tainted 5.3.0-rc7+ #0
[ 95.453100][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 95.463167][ C1] Call Trace:
[ 95.466562][ C1]
[ 95.469409][ C1] dump_stack+0x191/0x1f0
[ 95.473729][ C1] kmsan_report+0x162/0x2d0
[ 95.478231][ C1] __msan_warning+0x75/0xe0
[ 95.482726][ C1] gre_parse_header+0x1395/0x1690
[ 95.487755][ C1] gre_rcv+0x1cb/0x1900
[ 95.491890][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x4c0
[ 95.497801][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 95.503867][ C1] ? raw_local_deliver+0xdd/0x1930
[ 95.508965][ C1] ? erspan_xmit+0x35c0/0x35c0
[ 95.514164][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x4c0
[ 95.520043][ C1] ? erspan_xmit+0x35c0/0x35c0
[ 95.524811][ C1] gre_rcv+0x2dd/0x3c0
[ 95.528975][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x4c0
[ 95.534881][ C1] ? gre_parse_header+0x1690/0x1690
[ 95.540072][ C1] ip_protocol_deliver_rcu+0x722/0xbc0
[ 95.545671][ C1] ip_local_deliver+0x62a/0x7c0
[ 95.550519][ C1] ? ip_local_deliver+0x7c0/0x7c0
[ 95.555633][ C1] ? ip_protocol_deliver_rcu+0xbc0/0xbc0
[ 95.561248][ C1] ip_rcv+0x6c5/0x740
[ 95.566375][ C1] ? ip_rcv_core+0x11d0/0x11d0
[ 95.571153][ C1] process_backlog+0xef5/0x1410
[ 95.576101][ C1] ? ip_local_deliver_finish+0x350/0x350
[ 95.581720][ C1] ? rps_trigger_softirq+0x2e0/0x2e0
[ 95.586993][ C1] net_rx_action+0x74b/0x1950
[ 95.591660][ C1] ? net_tx_action+0xba0/0xba0
[ 95.596799][ C1] __do_softirq+0x4a1/0x83a
[ 95.601294][ C1] do_softirq_own_stack+0x49/0x80
[ 95.606306][ C1]
[ 95.609231][ C1] __local_bh_enable_ip+0x184/0x1d0
[ 95.614419][ C1] local_bh_enable+0x36/0x40
[ 95.618989][ C1] ip_finish_output2+0x20dc/0x25d0
[ 95.624094][ C1] ? __msan_metadata_ptr_for_load_4+0x10/0x20
[ 95.630153][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x4c0
[ 95.636046][ C1] __ip_finish_output+0xaf8/0xda0
[ 95.641060][ C1] ip_finish_output+0x2db/0x420
[ 95.645960][ C1] ip_output+0x541/0x610
[ 95.650200][ C1] ? ip_mc_finish_output+0x6d0/0x6d0
[ 95.655564][ C1] ? ip_finish_output+0x420/0x420
[ 95.660832][ C1] ip_push_pending_frames+0x243/0x460
[ 95.666286][ C1] raw_sendmsg+0x2df8/0x46d0
[ 95.670898][ C1] ? __msan_metadata_ptr_for_load_2+0x10/0x20
[ 95.676958][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x4c0
[ 95.682867][ C1] ? udp_cmsg_send+0x5d0/0x5d0
[ 95.687620][ C1] ? compat_raw_ioctl+0x100/0x100
[ 95.692721][ C1] inet_sendmsg+0x2d8/0x2e0
[ 95.698270][ C1] ? inet_send_prepare+0x600/0x600
[ 95.703424][ C1] ___sys_sendmsg+0x12c4/0x1590
[ 95.708324][ C1] ? sock_setsockopt+0x4213/0x4ee0
[ 95.713453][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x4c0
[ 95.719339][ C1] ? __msan_metadata_ptr_for_load_4+0x10/0x20
[ 95.725399][ C1] ? __fget_light+0x1b8/0x710
[ 95.730080][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x4c0
[ 95.736063][ C1] __se_sys_sendmsg+0x305/0x460
[ 95.740916][ C1] __x64_sys_sendmsg+0x4a/0x70
[ 95.745669][ C1] do_syscall_64+0xbc/0xf0
[ 95.750071][ C1] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 95.755957][ C1] RIP: 0033:0x441a59
[ 95.759862][ C1] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[ 95.781642][ C1] RSP: 002b:00007ffd1f300938 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 95.790050][ C1] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000441a59
[ 95.798016][ C1] RDX: 0000000000000000 RSI: 0000000020003d00 RDI: 0000000000000004
[ 95.806023][ C1] RBP: 00007ffd1f300950 R08: 0000000001bbbbbb R09: 0000000001bbbbbb
[ 95.814005][ C1] R10: 0000000000000044 R11: 0000000000000246 R12: 0000000000000000
[ 95.822135][ C1] R13: 0000000000402ff0 R14: 0000000000000000 R15: 0000000000000000
[ 95.830118][ C1]
[ 95.832442][ C1] Uninit was stored to memory at:
[ 95.837460][ C1] kmsan_internal_chain_origin+0xcc/0x150
[ 95.843198][ C1] kmsan_memcpy_memmove_metadata+0x25b/0x2d0
[ 95.849219][ C1] kmsan_memcpy_metadata+0xb/0x10
[ 95.854243][ C1] __msan_memcpy+0x56/0x70
[ 95.858642][ C1] pskb_expand_head+0x38a/0x19f0
[ 95.863562][ C1] ip_tunnel_xmit+0x2971/0x3320
[ 95.868417][ C1] erspan_xmit+0x1ef8/0x35c0
[ 95.873177][ C1] dev_hard_start_xmit+0x51a/0xab0
[ 95.878273][ C1] sch_direct_xmit+0x56c/0x18c0
[ 95.883106][ C1] __dev_queue_xmit+0x1e53/0x4270
[ 95.888126][ C1] dev_queue_xmit+0x4b/0x60
[ 95.892618][ C1] neigh_resolve_output+0xab7/0xb50
[ 95.897810][ C1] ip_finish_output2+0x1a8e/0x25d0
[ 95.902926][ C1] __ip_finish_output+0xaf8/0xda0
[ 95.907946][ C1] ip_finish_output+0x2db/0x420
[ 95.912845][ C1] ip_output+0x541/0x610
[ 95.917084][ C1] ip_push_pending_frames+0x243/0x460
[ 95.922449][ C1] raw_sendmsg+0x2df8/0x46d0
[ 95.927092][ C1] inet_sendmsg+0x2d8/0x2e0
[ 95.931603][ C1] ___sys_sendmsg+0x12c4/0x1590
[ 95.936448][ C1] __se_sys_sendmsg+0x305/0x460
[ 95.941308][ C1] __x64_sys_sendmsg+0x4a/0x70
[ 95.946069][ C1] do_syscall_64+0xbc/0xf0
[ 95.950473][ C1] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 95.956613][ C1]
[ 95.958934][ C1] Uninit was created at:
[ 95.963165][ C1] kmsan_internal_poison_shadow+0x58/0xb0
[ 95.968865][ C1] kmsan_slab_alloc+0xaa/0x120
[ 95.973706][ C1] __kmalloc_node_track_caller+0xb55/0x1320
[ 95.979581][ C1] __alloc_skb+0x306/0xa10
[ 95.983997][ C1] __ip_append_data+0x3901/0x52f0
[ 95.989015][ C1] ip_append_data+0x324/0x480
[ 95.993687][ C1] raw_sendmsg+0x2d02/0x46d0
[ 95.998270][ C1] inet_sendmsg+0x2d8/0x2e0
[ 96.002758][ C1] ___sys_sendmsg+0x12c4/0x1590
[ 96.007608][ C1] __se_sys_sendmsg+0x305/0x460
[ 96.012436][ C1] __x64_sys_sendmsg+0x4a/0x70
[ 96.017268][ C1] do_syscall_64+0xbc/0xf0
[ 96.022358][ C1] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 96.028226][ C1] ==================================================================
[ 96.036363][ C1] Disabling lock debugging due to kernel taint
[ 96.042501][ C1] Kernel panic - not syncing: panic_on_warn set ...
[ 96.049087][ C1] CPU: 1 PID: 11611 Comm: syz-executor895 Tainted: G B 5.3.0-rc7+ #0
[ 96.058458][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 96.068513][ C1] Call Trace:
[ 96.071793][ C1]
[ 96.074639][ C1] dump_stack+0x191/0x1f0
[ 96.078958][ C1] panic+0x3c9/0xc1e
[ 96.083015][ C1] kmsan_report+0x2ca/0x2d0
[ 96.087525][ C1] __msan_warning+0x75/0xe0
[ 96.092030][ C1] gre_parse_header+0x1395/0x1690
[ 96.097364][ C1] gre_rcv+0x1cb/0x1900
[ 96.101507][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x4c0
[ 96.107487][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 96.113539][ C1] ? raw_local_deliver+0xdd/0x1930
[ 96.118732][ C1] ? erspan_xmit+0x35c0/0x35c0
[ 96.123498][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x4c0
[ 96.129427][ C1] ? erspan_xmit+0x35c0/0x35c0
[ 96.134205][ C1] gre_rcv+0x2dd/0x3c0
[ 96.138278][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x4c0
[ 96.144601][ C1] ? gre_parse_header+0x1690/0x1690
[ 96.149785][ C1] ip_protocol_deliver_rcu+0x722/0xbc0
[ 96.155236][ C1] ip_local_deliver+0x62a/0x7c0
[ 96.160174][ C1] ? ip_local_deliver+0x7c0/0x7c0
[ 96.165183][ C1] ? ip_protocol_deliver_rcu+0xbc0/0xbc0
[ 96.170798][ C1] ip_rcv+0x6c5/0x740
[ 96.174769][ C1] ? ip_rcv_core+0x11d0/0x11d0
[ 96.179521][ C1] process_backlog+0xef5/0x1410
[ 96.184360][ C1] ? ip_local_deliver_finish+0x350/0x350
[ 96.189979][ C1] ? rps_trigger_softirq+0x2e0/0x2e0
[ 96.195274][ C1] net_rx_action+0x74b/0x1950
[ 96.199962][ C1] ? net_tx_action+0xba0/0xba0
[ 96.204752][ C1] __do_softirq+0x4a1/0x83a
[ 96.209268][ C1] do_softirq_own_stack+0x49/0x80
[ 96.214287][ C1]
[ 96.217242][ C1] __local_bh_enable_ip+0x184/0x1d0
[ 96.222445][ C1] local_bh_enable+0x36/0x40
[ 96.227029][ C1] ip_finish_output2+0x20dc/0x25d0
[ 96.232231][ C1] ? __msan_metadata_ptr_for_load_4+0x10/0x20
[ 96.238307][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x4c0
[ 96.244199][ C1] __ip_finish_output+0xaf8/0xda0
[ 96.249217][ C1] ip_finish_output+0x2db/0x420
[ 96.254059][ C1] ip_output+0x541/0x610
[ 96.258297][ C1] ? ip_mc_finish_output+0x6d0/0x6d0
[ 96.263563][ C1] ? ip_finish_output+0x420/0x420
[ 96.268572][ C1] ip_push_pending_frames+0x243/0x460
[ 96.273932][ C1] raw_sendmsg+0x2df8/0x46d0
[ 96.278527][ C1] ? __msan_metadata_ptr_for_load_2+0x10/0x20
[ 96.284599][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x4c0
[ 96.290479][ C1] ? udp_cmsg_send+0x5d0/0x5d0
[ 96.295225][ C1] ? compat_raw_ioctl+0x100/0x100
[ 96.300234][ C1] inet_sendmsg+0x2d8/0x2e0
[ 96.304728][ C1] ? inet_send_prepare+0x600/0x600
[ 96.309822][ C1] ___sys_sendmsg+0x12c4/0x1590
[ 96.314673][ C1] ? sock_setsockopt+0x4213/0x4ee0
[ 96.319823][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x4c0
[ 96.325723][ C1] ? __msan_metadata_ptr_for_load_4+0x10/0x20
[ 96.331773][ C1] ? __fget_light+0x1b8/0x710
[ 96.336445][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x4c0
[ 96.342338][ C1] __se_sys_sendmsg+0x305/0x460
[ 96.347215][ C1] __x64_sys_sendmsg+0x4a/0x70
[ 96.351979][ C1] do_syscall_64+0xbc/0xf0
[ 96.356403][ C1] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 96.362276][ C1] RIP: 0033:0x441a59
[ 96.366155][ C1] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[ 96.385745][ C1] RSP: 002b:00007ffd1f300938 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 96.394226][ C1] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000441a59
[ 96.402179][ C1] RDX: 0000000000000000 RSI: 0000000020003d00 RDI: 0000000000000004
[ 96.410671][ C1] RBP: 00007ffd1f300950 R08: 0000000001bbbbbb R09: 0000000001bbbbbb
[ 96.418643][ C1] R10: 0000000000000044 R11: 0000000000000246 R12: 0000000000000000
[ 96.426616][ C1] R13: 0000000000402ff0 R14: 0000000000000000 R15: 0000000000000000
[ 96.436310][ C1] Kernel Offset: disabled
[ 96.440644][ C1] Rebooting in 86400 seconds..