[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[ 95.338452] audit: type=1800 audit(1553646539.386:25): pid=10532 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[ 95.357587] audit: type=1800 audit(1553646539.396:26): pid=10532 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[ 95.377122] audit: type=1800 audit(1553646539.406:27): pid=10532 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.0.128' (ECDSA) to the list of known hosts.
2019/03/27 00:29:15 parsed 1 programs
2019/03/27 00:29:22 executed programs: 0
syzkaller login: [ 119.076587] IPVS: ftp: loaded support on port[0] = 21
[ 119.169518] chnl_net:caif_netlink_parms(): no params data found
[ 119.215205] bridge0: port 1(bridge_slave_0) entered blocking state
[ 119.221683] bridge0: port 1(bridge_slave_0) entered disabled state
[ 119.229721] device bridge_slave_0 entered promiscuous mode
[ 119.237619] bridge0: port 2(bridge_slave_1) entered blocking state
[ 119.244334] bridge0: port 2(bridge_slave_1) entered disabled state
[ 119.252113] device bridge_slave_1 entered promiscuous mode
[ 119.275411] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 119.285794] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 119.309448] team0: Port device team_slave_0 added
[ 119.316917] team0: Port device team_slave_1 added
[ 119.395214] device hsr_slave_0 entered promiscuous mode
[ 119.462717] device hsr_slave_1 entered promiscuous mode
[ 119.515357] bridge0: port 2(bridge_slave_1) entered blocking state
[ 119.522088] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 119.529099] bridge0: port 1(bridge_slave_0) entered blocking state
[ 119.535809] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 119.587858] 8021q: adding VLAN 0 to HW filter on device bond0
[ 119.602877] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 119.611399] bridge0: port 1(bridge_slave_0) entered disabled state
[ 119.620012] bridge0: port 2(bridge_slave_1) entered disabled state
[ 119.628272] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 119.643780] 8021q: adding VLAN 0 to HW filter on device team0
[ 119.665037] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 119.673440] bridge0: port 1(bridge_slave_0) entered blocking state
[ 119.679913] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 119.687738] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 119.695746] bridge0: port 2(bridge_slave_1) entered blocking state
[ 119.702350] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 119.724328] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 119.733453] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 119.742813] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 119.759494] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 119.776197] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 119.786200] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 119.816314] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 119.899078] ==================================================================
[ 119.906521] BUG: KMSAN: uninit-value in gre_parse_header+0x1396/0x1690
[ 119.913217] CPU: 1 PID: 10702 Comm: syz-executor.0 Not tainted 5.0.0+ #17
[ 119.920157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 119.929566] Call Trace:
[ 119.932148]
[ 119.934302] dump_stack+0x173/0x1d0
[ 119.937946] kmsan_report+0x131/0x2a0
[ 119.941759] __msan_warning+0x7a/0xf0
[ 119.945570] gre_parse_header+0x1396/0x1690
[ 119.949931] gre_rcv+0x1db/0x1720
[ 119.953385] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 119.958748] ? raw_local_deliver+0xfc/0x1960
[ 119.963221] ? __msan_metadata_ptr_for_load_2+0x10/0x20
[ 119.968621] ? erspan_xmit+0x38f0/0x38f0
[ 119.972706] gre_rcv+0x2dd/0x3c0
[ 119.976075] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 119.981265] ? gre_parse_header+0x1690/0x1690
[ 119.985758] ip_protocol_deliver_rcu+0x584/0xbb0
[ 119.990528] ip_local_deliver+0x624/0x7b0
[ 119.994689] ? ip_local_deliver+0x7b0/0x7b0
[ 119.999029] ? ip_protocol_deliver_rcu+0xbb0/0xbb0
[ 120.003960] ip_rcv+0x6bd/0x740
[ 120.007248] ? ip_rcv_core+0x11d0/0x11d0
[ 120.011311] process_backlog+0x756/0x10e0
[ 120.015471] ? ip_local_deliver_finish+0x320/0x320
[ 120.020405] ? rps_trigger_softirq+0x2e0/0x2e0
[ 120.024987] net_rx_action+0x78b/0x1a60
[ 120.028991] ? net_tx_action+0xca0/0xca0
[ 120.033054] __do_softirq+0x53f/0x93a
[ 120.036871] do_softirq_own_stack+0x49/0x80
[ 120.041214]
[ 120.043464] __local_bh_enable_ip+0x16f/0x1a0
[ 120.047964] local_bh_enable+0x36/0x40
[ 120.051886] ip_finish_output2+0x1627/0x1820
[ 120.056336] ip_finish_output+0xd2b/0xfd0
[ 120.060527] ip_mc_output+0x117a/0x1700
[ 120.064537] ? ip_mc_finish_output+0x3b0/0x3b0
[ 120.069122] ? ip_build_and_send_pkt+0xe80/0xe80
[ 120.073874] raw_sendmsg+0x4182/0x4610
[ 120.077804] ? aa_sk_perm+0x605/0x950
[ 120.081637] ? raw_getfrag+0x590/0x590
[ 120.085529] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 120.090761] ? compat_raw_ioctl+0x100/0x100
[ 120.095118] inet_sendmsg+0x54a/0x720
[ 120.098951] ? inet_getname+0x490/0x490
[ 120.102939] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 120.108149] ? inet_getname+0x490/0x490
[ 120.112141] __sys_sendto+0x8c4/0xac0
[ 120.115988] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 120.121183] ? __msan_metadata_ptr_for_store_4+0x13/0x20
[ 120.126634] ? prepare_exit_to_usermode+0x114/0x420
[ 120.131651] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 120.136837] ? syscall_return_slowpath+0x50/0x650
[ 120.141687] __se_sys_sendto+0x107/0x130
[ 120.145766] __x64_sys_sendto+0x6e/0x90
[ 120.149760] do_syscall_64+0xbc/0xf0
[ 120.153508] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 120.158715] RIP: 0033:0x458209
[ 120.161916] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 120.180817] RSP: 002b:00007fec055afc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 120.188543] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000458209
[ 120.195823] RDX: 0000000000000370 RSI: 00000000200000c0 RDI: 0000000000000003
[ 120.203096] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 120.210364] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fec055b06d4
[ 120.217659] R13: 00000000004c58b8 R14: 00000000004d9838 R15: 00000000ffffffff
[ 120.224956]
[ 120.226586] Uninit was stored to memory at:
[ 120.230911] kmsan_internal_chain_origin+0x134/0x230
[ 120.236026] kmsan_memcpy_memmove_metadata+0xb5b/0xfe0
[ 120.241312] kmsan_memcpy_metadata+0xb/0x10
[ 120.245630] __msan_memcpy+0x58/0x70
[ 120.249338] pskb_expand_head+0x34c/0x18f0
[ 120.253568] ip_tunnel_xmit+0x3290/0x3ca0
[ 120.257739] erspan_xmit+0x27c7/0x38f0
[ 120.261639] dev_hard_start_xmit+0x604/0xc40
[ 120.266047] sch_direct_xmit+0x58a/0x880
[ 120.270106] __qdisc_run+0x1cb7/0x34d0
[ 120.274013] __dev_queue_xmit+0x215c/0x3b80
[ 120.278331] dev_queue_xmit+0x4b/0x60
[ 120.282130] neigh_resolve_output+0xab7/0xb40
[ 120.286638] ip_finish_output2+0x1611/0x1820
[ 120.291041] ip_finish_output+0xd2b/0xfd0
[ 120.295197] ip_mc_output+0x117a/0x1700
[ 120.299182] raw_sendmsg+0x4182/0x4610
[ 120.303066] inet_sendmsg+0x54a/0x720
[ 120.306870] __sys_sendto+0x8c4/0xac0
[ 120.310669] __se_sys_sendto+0x107/0x130
[ 120.314729] __x64_sys_sendto+0x6e/0x90
[ 120.318731] do_syscall_64+0xbc/0xf0
[ 120.322442] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 120.327615]
[ 120.329236] Uninit was created at:
[ 120.332773] kmsan_internal_poison_shadow+0x92/0x150
[ 120.337996] kmsan_kmalloc+0xa6/0x130
[ 120.341793] kmsan_slab_alloc+0xe/0x10
[ 120.345692] __kmalloc_node_track_caller+0xe9e/0xff0
[ 120.350798] __alloc_skb+0x309/0xa20
[ 120.354511] alloc_skb_with_frags+0x186/0xa60
[ 120.359012] sock_alloc_send_pskb+0xafd/0x10a0
[ 120.363600] sock_alloc_send_skb+0xca/0xe0
[ 120.367834] raw_sendmsg+0x25f5/0x4610
[ 120.371718] inet_sendmsg+0x54a/0x720
[ 120.375535] __sys_sendto+0x8c4/0xac0
[ 120.379333] __se_sys_sendto+0x107/0x130
[ 120.384683] __x64_sys_sendto+0x6e/0x90
[ 120.388662] do_syscall_64+0xbc/0xf0
[ 120.392404] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 120.397794] ==================================================================
[ 120.405139] Disabling lock debugging due to kernel taint
[ 120.410578] Kernel panic - not syncing: panic_on_warn set ...
[ 120.416465] CPU: 1 PID: 10702 Comm: syz-executor.0 Tainted: G B 5.0.0+ #17
[ 120.424787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 120.434146] Call Trace:
[ 120.436731]
[ 120.438915] dump_stack+0x173/0x1d0
[ 120.442552] panic+0x3d1/0xb01
[ 120.445793] kmsan_report+0x29a/0x2a0
[ 120.449604] __msan_warning+0x7a/0xf0
[ 120.453413] gre_parse_header+0x1396/0x1690
[ 120.457789] gre_rcv+0x1db/0x1720
[ 120.461335] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 120.466702] ? raw_local_deliver+0xfc/0x1960
[ 120.471132] ? __msan_metadata_ptr_for_load_2+0x10/0x20
[ 120.476515] ? erspan_xmit+0x38f0/0x38f0
[ 120.480596] gre_rcv+0x2dd/0x3c0
[ 120.483999] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 120.489220] ? gre_parse_header+0x1690/0x1690
[ 120.493725] ip_protocol_deliver_rcu+0x584/0xbb0
[ 120.498588] ip_local_deliver+0x624/0x7b0
[ 120.502788] ? ip_local_deliver+0x7b0/0x7b0
[ 120.507108] ? ip_protocol_deliver_rcu+0xbb0/0xbb0
[ 120.512045] ip_rcv+0x6bd/0x740
[ 120.515341] ? ip_rcv_core+0x11d0/0x11d0
[ 120.519424] process_backlog+0x756/0x10e0
[ 120.523614] ? ip_local_deliver_finish+0x320/0x320
[ 120.528586] ? rps_trigger_softirq+0x2e0/0x2e0
[ 120.533171] net_rx_action+0x78b/0x1a60
[ 120.537167] ? net_tx_action+0xca0/0xca0
[ 120.541229] __do_softirq+0x53f/0x93a
[ 120.545048] do_softirq_own_stack+0x49/0x80
[ 120.549373]
[ 120.551612] __local_bh_enable_ip+0x16f/0x1a0
[ 120.556132] local_bh_enable+0x36/0x40
[ 120.560142] ip_finish_output2+0x1627/0x1820
[ 120.564567] ip_finish_output+0xd2b/0xfd0
[ 120.568742] ip_mc_output+0x117a/0x1700
[ 120.572748] ? ip_mc_finish_output+0x3b0/0x3b0
[ 120.577355] ? ip_build_and_send_pkt+0xe80/0xe80
[ 120.582109] raw_sendmsg+0x4182/0x4610
[ 120.586056] ? aa_sk_perm+0x605/0x950
[ 120.589897] ? raw_getfrag+0x590/0x590
[ 120.593819] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 120.599019] ? compat_raw_ioctl+0x100/0x100
[ 120.603346] inet_sendmsg+0x54a/0x720
[ 120.607171] ? inet_getname+0x490/0x490
[ 120.611159] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 120.616353] ? inet_getname+0x490/0x490
[ 120.620330] __sys_sendto+0x8c4/0xac0
[ 120.624151] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 120.629365] ? __msan_metadata_ptr_for_store_4+0x13/0x20
[ 120.634847] ? prepare_exit_to_usermode+0x114/0x420
[ 120.639873] ? kmsan_get_shadow_origin_ptr+0x73/0x490
[ 120.645065] ? syscall_return_slowpath+0x50/0x650
[ 120.649918] __se_sys_sendto+0x107/0x130
[ 120.653992] __x64_sys_sendto+0x6e/0x90
[ 120.657967] do_syscall_64+0xbc/0xf0
[ 120.661697] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 120.666901] RIP: 0033:0x458209
[ 120.670109] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 120.689007] RSP: 002b:00007fec055afc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 120.696737] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000458209
[ 120.704025] RDX: 0000000000000370 RSI: 00000000200000c0 RDI: 0000000000000003
[ 120.711306] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 120.718587] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fec055b06d4
[ 120.726034] R13: 00000000004c58b8 R14: 00000000004d9838 R15: 00000000ffffffff
[ 120.734243] Kernel Offset: disabled
[ 120.737880] Rebooting in 86400 seconds..