[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 101.308335][ T30] audit: type=1800 audit(1565484290.352:25): pid=11690 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 101.332769][ T30] audit: type=1800 audit(1565484290.382:26): pid=11690 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 101.379630][ T30] audit: type=1800 audit(1565484290.402:27): pid=11690 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.15.199' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 112.048972][T11841] ================================================================== [ 112.057073][T11841] BUG: KMSAN: uninit-value in rtm_dump_nexthop+0x973/0x1670 [ 112.064387][T11841] CPU: 1 PID: 11841 Comm: syz-executor189 Not tainted 5.3.0-rc3+ #17 [ 112.072439][T11841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 112.082481][T11841] Call Trace: [ 112.085773][T11841] dump_stack+0x191/0x1f0 [ 112.090103][T11841] kmsan_report+0x162/0x2d0 [ 112.094601][T11841] __msan_warning+0x75/0xe0 [ 112.099099][T11841] rtm_dump_nexthop+0x973/0x1670 [ 112.104030][T11841] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0 [ 112.110026][T11841] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0 [ 112.115994][T11841] ? rtm_get_nexthop+0x620/0x620 [ 112.120918][T11841] ? rtm_get_nexthop+0x620/0x620 [ 112.125857][T11841] netlink_dump+0xab5/0x1b00 [ 112.130434][T11841] ? kmsan_set_origin+0x26d/0x340 [ 112.135466][T11841] __netlink_dump_start+0xa3a/0xb30 [ 112.140675][T11841] rtnetlink_rcv_msg+0x14e0/0x1580 [ 112.145785][T11841] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 112.151836][T11841] ? rtm_get_nexthop+0x620/0x620 [ 112.156768][T11841] ? rtm_get_nexthop+0x620/0x620 [ 112.161698][T11841] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0 [ 112.167667][T11841] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 112.173731][T11841] ? rhashtable_jhash2+0x3a9/0x4d0 [ 112.178839][T11841] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0 [ 112.184813][T11841] ? kmsan_set_origin+0x26d/0x340 [ 112.189826][T11841] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0 [ 112.195798][T11841] netlink_rcv_skb+0x431/0x620 [ 112.200567][T11841] ? rtnetlink_bind+0x120/0x120 [ 112.205425][T11841] rtnetlink_rcv+0x50/0x60 [ 112.209833][T11841] netlink_unicast+0xf6c/0x1050 [ 112.214694][T11841] netlink_sendmsg+0x110f/0x1330 [ 112.219640][T11841] ? netlink_getsockopt+0x1430/0x1430 [ 112.224997][T11841] ___sys_sendmsg+0x14ff/0x1590 [ 112.229854][T11841] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0 [ 112.235816][T11841] ? __fget_light+0x19f/0x710 [ 112.240478][T11841] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 112.246528][T11841] ? __fget_light+0x1b8/0x710 [ 112.251191][T11841] ? kmsan_get_metadata_or_null+0x208/0x290 [ 112.257091][T11841] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0 [ 112.263063][T11841] __se_sys_sendmsg+0x305/0x460 [ 112.267923][T11841] __x64_sys_sendmsg+0x4a/0x70 [ 112.272678][T11841] do_syscall_64+0xbc/0xf0 [ 112.277082][T11841] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 112.282955][T11841] RIP: 0033:0x4401b9 [ 112.286835][T11841] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 112.306424][T11841] RSP: 002b:00007ffe5d72b9b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 112.314823][T11841] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004401b9 [ 112.322782][T11841] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 112.330742][T11841] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8 [ 112.338973][T11841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401a40 [ 112.346948][T11841] R13: 0000000000401ad0 R14: 0000000000000000 R15: 0000000000000000 [ 112.354931][T11841] [ 112.357258][T11841] Uninit was created at: [ 112.361489][T11841] kmsan_internal_poison_shadow+0x53/0xa0 [ 112.367217][T11841] kmsan_slab_alloc+0xaa/0x120 [ 112.372077][T11841] __kmalloc_node_track_caller+0xb55/0x1320 [ 112.377954][T11841] __alloc_skb+0x306/0xa10 [ 112.382369][T11841] netlink_sendmsg+0x783/0x1330 [ 112.387201][T11841] ___sys_sendmsg+0x14ff/0x1590 [ 112.392032][T11841] __se_sys_sendmsg+0x305/0x460 [ 112.396861][T11841] __x64_sys_sendmsg+0x4a/0x70 [ 112.401627][T11841] do_syscall_64+0xbc/0xf0 [ 112.406045][T11841] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 112.411915][T11841] ================================================================== [ 112.419958][T11841] Disabling lock debugging due to kernel taint [ 112.426089][T11841] Kernel panic - not syncing: panic_on_warn set ... [ 112.432665][T11841] CPU: 1 PID: 11841 Comm: syz-executor189 Tainted: G B 5.3.0-rc3+ #17 [ 112.442094][T11841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 112.452133][T11841] Call Trace: [ 112.455420][T11841] dump_stack+0x191/0x1f0 [ 112.461089][T11841] panic+0x3c9/0xc1e [ 112.465025][T11841] kmsan_report+0x2ca/0x2d0 [ 112.469550][T11841] __msan_warning+0x75/0xe0 [ 112.474194][T11841] rtm_dump_nexthop+0x973/0x1670 [ 112.479122][T11841] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0 [ 112.485469][T11841] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0 [ 112.491544][T11841] ? rtm_get_nexthop+0x620/0x620 [ 112.497091][T11841] ? rtm_get_nexthop+0x620/0x620 [ 112.502031][T11841] netlink_dump+0xab5/0x1b00 [ 112.507028][T11841] ? kmsan_set_origin+0x26d/0x340 [ 112.512075][T11841] __netlink_dump_start+0xa3a/0xb30 [ 112.517283][T11841] rtnetlink_rcv_msg+0x14e0/0x1580 [ 112.522395][T11841] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 112.528538][T11841] ? rtm_get_nexthop+0x620/0x620 [ 112.533469][T11841] ? rtm_get_nexthop+0x620/0x620 [ 112.538406][T11841] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0 [ 112.544378][T11841] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 112.550434][T11841] ? rhashtable_jhash2+0x3a9/0x4d0 [ 112.555544][T11841] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0 [ 112.561545][T11841] ? kmsan_set_origin+0x26d/0x340 [ 112.566587][T11841] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0 [ 112.572583][T11841] netlink_rcv_skb+0x431/0x620 [ 112.577345][T11841] ? rtnetlink_bind+0x120/0x120 [ 112.582212][T11841] rtnetlink_rcv+0x50/0x60 [ 112.586622][T11841] netlink_unicast+0xf6c/0x1050 [ 112.591487][T11841] netlink_sendmsg+0x110f/0x1330 [ 112.596435][T11841] ? netlink_getsockopt+0x1430/0x1430 [ 112.602957][T11841] ___sys_sendmsg+0x14ff/0x1590 [ 112.607822][T11841] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0 [ 112.613785][T11841] ? __fget_light+0x19f/0x710 [ 112.618450][T11841] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 112.624503][T11841] ? __fget_light+0x1b8/0x710 [ 112.629166][T11841] ? kmsan_get_metadata_or_null+0x208/0x290 [ 112.635050][T11841] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0 [ 112.641023][T11841] __se_sys_sendmsg+0x305/0x460 [ 112.645884][T11841] __x64_sys_sendmsg+0x4a/0x70 [ 112.650641][T11841] do_syscall_64+0xbc/0xf0 [ 112.655050][T11841] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 112.660923][T11841] RIP: 0033:0x4401b9 [ 112.664816][T11841] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 112.684404][T11841] RSP: 002b:00007ffe5d72b9b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 112.692805][T11841] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004401b9 [ 112.700761][T11841] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 112.708718][T11841] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8 [ 112.716675][T11841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401a40 [ 112.724651][T11841] R13: 0000000000401ad0 R14: 0000000000000000 R15: 0000000000000000 [ 112.733772][T11841] Kernel Offset: disabled [ 112.738103][T11841] Rebooting in 86400 seconds..