[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 89.389254] audit: type=1800 audit(1545836979.436:25): pid=10808 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 89.408430] audit: type=1800 audit(1545836979.436:26): pid=10808 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 89.427887] audit: type=1800 audit(1545836979.456:27): pid=10808 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.15.216' (ECDSA) to the list of known hosts. 2018/12/26 15:09:54 parsed 1 programs 2018/12/26 15:10:00 executed programs: 0 syzkaller login: [ 110.650366] IPVS: ftp: loaded support on port[0] = 21 [ 111.100804] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.107332] bridge0: port 1(bridge_slave_0) entered disabled state [ 111.115221] device bridge_slave_0 entered promiscuous mode [ 111.145478] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.152042] bridge0: port 2(bridge_slave_1) entered disabled state [ 111.159384] device bridge_slave_1 entered promiscuous mode [ 111.188155] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 111.216656] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 111.300642] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 111.332394] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 111.465619] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 111.473618] team0: Port device team_slave_0 added [ 111.502426] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 111.510448] team0: Port device team_slave_1 added [ 111.539777] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 111.571842] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 111.604008] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 111.637552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 111.920875] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.927398] bridge0: port 2(bridge_slave_1) entered forwarding state [ 111.934537] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.941021] bridge0: port 1(bridge_slave_0) entered forwarding state [ 112.965022] 8021q: adding VLAN 0 to HW filter on device bond0 [ 113.062355] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 113.162015] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 113.168472] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 113.176503] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 113.277941] 8021q: adding VLAN 0 to HW filter on device team0 [ 113.952203] ================================================================== [ 113.959610] BUG: KMSAN: uninit-value in vti6_tnl_xmit+0x4cb/0x2390 [ 113.965945] CPU: 0 PID: 11242 Comm: syz-executor0 Not tainted 4.20.0-rc7+ #14 [ 113.973205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 113.982545] Call Trace: [ 113.985133] dump_stack+0x173/0x1d0 [ 113.988764] kmsan_report+0x12e/0x2a0 [ 113.992562] __msan_warning+0x82/0xf0 [ 113.996361] vti6_tnl_xmit+0x4cb/0x2390 [ 114.000332] ? validate_xmit_xfrm+0x83/0x13d0 [ 114.004842] ? vti6_dev_uninit+0x660/0x660 [ 114.009068] dev_hard_start_xmit+0x607/0xc40 [ 114.013538] __dev_queue_xmit+0x2e42/0x3bc0 [ 114.017884] dev_queue_xmit+0x4b/0x60 [ 114.021673] ? __netdev_pick_tx+0x1270/0x1270 [ 114.026167] packet_sendmsg+0x8306/0x8f30 [ 114.030328] ? kmsan_internal_chain_origin+0x134/0x230 [ 114.035595] ? __msan_memcpy+0x5b/0x70 [ 114.039470] ? __vfs_write+0x888/0xb70 [ 114.043349] ? __x64_sys_write+0x4a/0x70 [ 114.047406] ? do_syscall_64+0xbc/0xf0 [ 114.051296] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 114.056655] ? vmalloc_to_page+0x56e/0x6a0 [ 114.060894] ? kmsan_get_shadow_origin_ptr+0x108/0x3e0 [ 114.066168] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 114.071572] ? compat_packet_setsockopt+0x360/0x360 [ 114.076609] sock_write_iter+0x3f4/0x4d0 [ 114.080707] ? sock_read_iter+0x4e0/0x4e0 [ 114.084873] __vfs_write+0x888/0xb70 [ 114.088612] vfs_write+0x46a/0x8c0 [ 114.092206] __se_sys_write+0x17a/0x370 [ 114.096201] __x64_sys_write+0x4a/0x70 [ 114.100079] do_syscall_64+0xbc/0xf0 [ 114.103784] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 114.108976] RIP: 0033:0x457759 [ 114.112154] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 114.131077] RSP: 002b:00007fffe4a81328 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 114.138788] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457759 [ 114.146044] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 114.153315] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 114.160565] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000018f6914 [ 114.167833] R13: 00000000004c32c0 R14: 00000000004db0d0 R15: 00000000ffffffff [ 114.175099] [ 114.176720] Uninit was created at: [ 114.180246] kmsan_internal_poison_shadow+0x92/0x150 [ 114.185328] kmsan_kmalloc+0xa6/0x130 [ 114.189111] kmsan_slab_alloc+0xe/0x10 [ 114.192982] __kmalloc_node_track_caller+0xe38/0x1060 [ 114.198156] __alloc_skb+0x309/0xa20 [ 114.201870] alloc_skb_with_frags+0x1c7/0xaf0 [ 114.206365] sock_alloc_send_pskb+0xafd/0x10e0 [ 114.210953] packet_sendmsg+0x661a/0x8f30 [ 114.215099] sock_write_iter+0x3f4/0x4d0 [ 114.219146] __vfs_write+0x888/0xb70 [ 114.222858] vfs_write+0x46a/0x8c0 [ 114.226396] __se_sys_write+0x17a/0x370 [ 114.230353] __x64_sys_write+0x4a/0x70 [ 114.234226] do_syscall_64+0xbc/0xf0 [ 114.237926] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 114.243101] ================================================================== [ 114.250460] Disabling lock debugging due to kernel taint [ 114.255909] Kernel panic - not syncing: panic_on_warn set ... [ 114.261791] CPU: 0 PID: 11242 Comm: syz-executor0 Tainted: G B 4.20.0-rc7+ #14 [ 114.270447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 114.279784] Call Trace: [ 114.282375] dump_stack+0x173/0x1d0 [ 114.286025] panic+0x3ce/0x961 [ 114.289238] kmsan_report+0x293/0x2a0 [ 114.293033] __msan_warning+0x82/0xf0 [ 114.296824] vti6_tnl_xmit+0x4cb/0x2390 [ 114.300793] ? validate_xmit_xfrm+0x83/0x13d0 [ 114.305305] ? vti6_dev_uninit+0x660/0x660 [ 114.309553] dev_hard_start_xmit+0x607/0xc40 [ 114.313998] __dev_queue_xmit+0x2e42/0x3bc0 [ 114.318361] dev_queue_xmit+0x4b/0x60 [ 114.322167] ? __netdev_pick_tx+0x1270/0x1270 [ 114.326661] packet_sendmsg+0x8306/0x8f30 [ 114.330796] ? kmsan_internal_chain_origin+0x134/0x230 [ 114.336060] ? __msan_memcpy+0x5b/0x70 [ 114.339937] ? __vfs_write+0x888/0xb70 [ 114.343826] ? __x64_sys_write+0x4a/0x70 [ 114.347873] ? do_syscall_64+0xbc/0xf0 [ 114.351760] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 114.357122] ? vmalloc_to_page+0x56e/0x6a0 [ 114.361358] ? kmsan_get_shadow_origin_ptr+0x108/0x3e0 [ 114.366628] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 114.372030] ? compat_packet_setsockopt+0x360/0x360 [ 114.377031] sock_write_iter+0x3f4/0x4d0 [ 114.381098] ? sock_read_iter+0x4e0/0x4e0 [ 114.385246] __vfs_write+0x888/0xb70 [ 114.389002] vfs_write+0x46a/0x8c0 [ 114.392546] __se_sys_write+0x17a/0x370 [ 114.396538] __x64_sys_write+0x4a/0x70 [ 114.400432] do_syscall_64+0xbc/0xf0 [ 114.404139] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 114.409317] RIP: 0033:0x457759 [ 114.412511] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 114.431416] RSP: 002b:00007fffe4a81328 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 114.439111] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457759 [ 114.446389] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 114.453659] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 114.460927] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000018f6914 [ 114.468208] R13: 00000000004c32c0 R14: 00000000004db0d0 R15: 00000000ffffffff [ 114.476444] Kernel Offset: disabled [ 114.480078] Rebooting in 86400 seconds..