[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   56.761478] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   58.691740] random: sshd: uninitialized urandom read (32 bytes read)
[   59.257985] random: sshd: uninitialized urandom read (32 bytes read)
[   61.201249] random: sshd: uninitialized urandom read (32 bytes read)
[   61.586523] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.116' (ECDSA) to the list of known hosts.
[   67.323329] random: sshd: uninitialized urandom read (32 bytes read)
[   67.509926] IPVS: ftp: loaded support on port[0] = 21
[   67.585472] ip (4715) used greatest stack depth: 53752 bytes left
[   67.879658] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.886245] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.895054] device bridge_slave_0 entered promiscuous mode
[   67.934967] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.941399] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.949947] device bridge_slave_1 entered promiscuous mode
[   67.988381] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   68.027056] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   68.145751] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   68.188504] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   68.376088] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   68.383611] team0: Port device team_slave_0 added
[   68.421441] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   68.429286] team0: Port device team_slave_1 added
[   68.469368] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   68.511596] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   68.553782] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   68.596323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
RTNETLINK answers: Operation not supported
[   68.993318] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.999796] bridge0: port 2(bridge_slave_1) entered forwarding state
[   69.006858] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.013320] bridge0: port 1(bridge_slave_0) entered forwarding state
[   69.022720] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
RTNETLINK answers: No buffer space available
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
[   69.716913] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
[   70.087632] ip (4855) used greatest stack depth: 53432 bytes left
[   70.496934] 8021q: adding VLAN 0 to HW filter on device bond0
[   70.640917] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   70.786107] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   70.792363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   70.802566] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   70.941523] 8021q: adding VLAN 0 to HW filter on device team0
executing program
[   71.767274] ==================================================================
[   71.774701] BUG: KMSAN: uninit-value in gre_rcv+0x11d0/0x1920
[   71.780582] CPU: 0 PID: 4713 Comm: syz-executor382 Not tainted 4.19.0-rc4+ #58
[   71.787930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   71.797271] Call Trace:
[   71.799845]  <IRQ>
[   71.801988]  dump_stack+0x2f6/0x430
[   71.805625]  kmsan_report+0x183/0x2b0
[   71.809443]  __msan_warning+0x70/0xc0
[   71.813247]  gre_rcv+0x11d0/0x1920
[   71.816780]  ? raw_local_deliver+0x9c/0x1840
[   71.821182]  ? ip_local_deliver_finish+0x294/0xfa0
[   71.826127]  ? erspan_xmit+0x3380/0x3380
[   71.830198]  gre_rcv+0x2d5/0x3b0
[   71.833567]  ? gre_parse_header+0x13f0/0x13f0
[   71.838088]  ip_local_deliver_finish+0x90e/0xfa0
[   71.842873]  ip_local_deliver+0x438/0x4d0
[   71.847020]  ? ip_local_deliver+0x4d0/0x4d0
[   71.851361]  ? ip_call_ra_chain+0x7c0/0x7c0
[   71.855697]  ip_rcv+0x65f/0x6d0
[   71.858976]  ? ip_rcv_core+0x1200/0x1200
[   71.863039]  process_backlog+0xd89/0x11a0
[   71.867212]  ? ip_local_deliver_finish+0xfa0/0xfa0
[   71.872158]  ? rps_trigger_softirq+0x2e0/0x2e0
[   71.876732]  net_rx_action+0x935/0x1c00
[   71.880730]  ? net_tx_action+0xe80/0xe80
[   71.884798]  __do_softirq+0x614/0xa72
[   71.888615]  do_softirq_own_stack+0x49/0x80
[   71.892937]  </IRQ>
[   71.895177]  __local_bh_enable_ip+0x119/0x150
[   71.899686]  local_bh_enable+0x36/0x40
[   71.903576]  ip_finish_output2+0x13cd/0x14f0
[   71.907998]  ip_do_fragment+0x37b8/0x3fd0
[   71.912141]  ? ip_fragment+0x3f0/0x3f0
[   71.916061]  ip_fragment+0x249/0x3f0
[   71.919796]  ip_finish_output+0xfbb/0x10a0
[   71.924047]  ip_output+0x50f/0x5d0
[   71.927587]  ? ip_mc_finish_output+0x430/0x430
[   71.932177]  ? ip_finish_output+0x10a0/0x10a0
[   71.936685]  ip_send_skb+0x178/0x350
[   71.940414]  udp_send_skb+0x10b9/0x18d0
[   71.944406]  udp_sendmsg+0xac6/0x3cd0
[   71.948212]  ? __local_bh_enable_ip+0x37/0x150
[   71.952802]  ? _raw_spin_unlock_bh+0x4b/0x60
[   71.957226]  ? ip_copy_metadata+0x16f0/0x16f0
[   71.961732]  ? kmsan_set_origin_inline+0x6b/0x120
[   71.966589]  ? __msan_poison_alloca+0x17c/0x200
[   71.971279]  ? xfrm_lookup_with_ifid+0x186f/0x3e60
[   71.976213]  ? kmsan_set_origin_inline+0x6b/0x120
[   71.981068]  udpv6_sendmsg+0x12e2/0x4cf0
[   71.985133]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   71.990510]  ? aa_label_sk_perm+0x725/0x850
[   71.994861]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   72.000232]  ? kmsan_set_origin_inline+0x6b/0x120
[   72.005086]  ? udpv6_queue_rcv_skb+0x1dd0/0x1dd0
[   72.009839]  inet_sendmsg+0x4c5/0x7d0
[   72.013647]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   72.019043]  ? inet_getname+0x490/0x490
[   72.023012]  __sys_sendto+0x868/0xa30
[   72.026829]  ? prepare_exit_to_usermode+0x46/0x410
[   72.031766]  ? syscall_return_slowpath+0xf3/0x790
[   72.036632]  __se_sys_sendto+0x107/0x130
[   72.040730]  __x64_sys_sendto+0x6e/0x90
[   72.044708]  do_syscall_64+0xb8/0x100
[   72.048532]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[   72.053718] RIP: 0033:0x441319
[   72.056904] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db 0a fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   72.075837] RSP: 002b:00007fff698f4638 EFLAGS: 00000286 ORIG_RAX: 000000000000002c
[   72.083568] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000441319
[   72.090832] RDX: 000000000000000e RSI: 0000000020000100 RDI: 0000000000000003
[   72.098102] RBP: 00000000006cc018 R08: 0000000020000180 R09: 000000000000001c
[   72.105375] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000402280
[   72.112657] R13: 0000000000402310 R14: 0000000000000000 R15: 0000000000000000
[   72.119929] 
[   72.121588] Uninit was stored to memory at:
[   72.125929]  kmsan_internal_chain_origin+0x128/0x210
[   72.131026]  kmsan_memcpy_origins+0x13d/0x1b0
[   72.135529]  __msan_memcpy+0xc3/0x130
[   72.139327]  pskb_expand_head+0x49f/0x1e10
[   72.143569]  ip_tunnel_xmit+0x3217/0x3870
[   72.147714]  erspan_xmit+0x1af6/0x3380
[   72.151594]  dev_hard_start_xmit+0x68b/0xd50
[   72.156017]  sch_direct_xmit+0x52b/0x860
[   72.160084]  __qdisc_run+0x1ab7/0x3490
[   72.163964]  __dev_queue_xmit+0x1bc3/0x3c60
[   72.168277]  dev_queue_xmit+0x4b/0x60
[   72.172081]  neigh_resolve_output+0xaa2/0xb40
[   72.176580]  ip_finish_output2+0x13b7/0x14f0
[   72.180999]  ip_do_fragment+0x37b8/0x3fd0
[   72.185142]  ip_fragment+0x249/0x3f0
[   72.188856]  ip_finish_output+0xfbb/0x10a0
[   72.193100]  ip_output+0x50f/0x5d0
[   72.196640]  ip_send_skb+0x178/0x350
[   72.200365]  udp_send_skb+0x10b9/0x18d0
[   72.204333]  udp_sendmsg+0xac6/0x3cd0
[   72.208125]  udpv6_sendmsg+0x12e2/0x4cf0
[   72.212176]  inet_sendmsg+0x4c5/0x7d0
[   72.215991]  __sys_sendto+0x868/0xa30
[   72.219782]  __se_sys_sendto+0x107/0x130
[   72.223839]  __x64_sys_sendto+0x6e/0x90
[   72.227808]  do_syscall_64+0xb8/0x100
[   72.231610]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[   72.236797] 
[   72.238417] Uninit was created at:
[   72.241971]  kmsan_internal_poison_shadow+0xb8/0x1b0
[   72.247066]  kmsan_kmalloc+0x98/0x100
[   72.250858]  kmsan_slab_alloc+0x10/0x20
[   72.254866]  __kmalloc_node_track_caller+0xb55/0x1380
[   72.260064]  __alloc_skb+0x40d/0xe50
[   72.263770]  alloc_skb_with_frags+0x1d0/0xac0
[   72.268255]  sock_alloc_send_pskb+0xe28/0x1420
[   72.272834]  sock_alloc_send_skb+0xca/0xe0
[   72.277062]  __ip_append_data+0x2d54/0x4460
[   72.281390]  ip_append_data+0x2fb/0x440
[   72.285359]  udp_sendmsg+0x6f9/0x3cd0
[   72.289155]  udpv6_sendmsg+0x12e2/0x4cf0
[   72.293220]  inet_sendmsg+0x4c5/0x7d0
[   72.297015]  __sys_sendto+0x868/0xa30
[   72.300807]  __se_sys_sendto+0x107/0x130
[   72.304862]  __x64_sys_sendto+0x6e/0x90
[   72.308831]  do_syscall_64+0xb8/0x100
[   72.312650]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[   72.317858] ==================================================================
[   72.325201] Disabling lock debugging due to kernel taint
[   72.330663] Kernel panic - not syncing: panic_on_warn set ...
[   72.330663] 
[   72.338045] CPU: 0 PID: 4713 Comm: syz-executor382 Tainted: G    B             4.19.0-rc4+ #58
[   72.346781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   72.356133] Call Trace:
[   72.358738]  <IRQ>
[   72.360886]  dump_stack+0x2f6/0x430
[   72.364519]  panic+0x54c/0xaf7
[   72.367750]  kmsan_report+0x2a8/0x2b0
[   72.371553]  __msan_warning+0x70/0xc0
[   72.375372]  gre_rcv+0x11d0/0x1920
[   72.378907]  ? raw_local_deliver+0x9c/0x1840
[   72.383324]  ? ip_local_deliver_finish+0x294/0xfa0
[   72.388282]  ? erspan_xmit+0x3380/0x3380
[   72.392362]  gre_rcv+0x2d5/0x3b0
[   72.395753]  ? gre_parse_header+0x13f0/0x13f0
[   72.400248]  ip_local_deliver_finish+0x90e/0xfa0
[   72.405012]  ip_local_deliver+0x438/0x4d0
[   72.409189]  ? ip_local_deliver+0x4d0/0x4d0
[   72.413530]  ? ip_call_ra_chain+0x7c0/0x7c0
[   72.417849]  ip_rcv+0x65f/0x6d0
[   72.421127]  ? ip_rcv_core+0x1200/0x1200
[   72.425210]  process_backlog+0xd89/0x11a0
[   72.429360]  ? ip_local_deliver_finish+0xfa0/0xfa0
[   72.434300]  ? rps_trigger_softirq+0x2e0/0x2e0
[   72.438883]  net_rx_action+0x935/0x1c00
[   72.442890]  ? net_tx_action+0xe80/0xe80
[   72.446954]  __do_softirq+0x614/0xa72
[   72.450816]  do_softirq_own_stack+0x49/0x80
[   72.455137]  </IRQ>
[   72.457370]  __local_bh_enable_ip+0x119/0x150
[   72.461867]  local_bh_enable+0x36/0x40
[   72.465749]  ip_finish_output2+0x13cd/0x14f0
[   72.470169]  ip_do_fragment+0x37b8/0x3fd0
[   72.474320]  ? ip_fragment+0x3f0/0x3f0
[   72.478243]  ip_fragment+0x249/0x3f0
[   72.481962]  ip_finish_output+0xfbb/0x10a0
[   72.486217]  ip_output+0x50f/0x5d0
[   72.489778]  ? ip_mc_finish_output+0x430/0x430
[   72.494369]  ? ip_finish_output+0x10a0/0x10a0
[   72.498857]  ip_send_skb+0x178/0x350
[   72.502576]  udp_send_skb+0x10b9/0x18d0
[   72.506567]  udp_sendmsg+0xac6/0x3cd0
[   72.510370]  ? __local_bh_enable_ip+0x37/0x150
[   72.514941]  ? _raw_spin_unlock_bh+0x4b/0x60
[   72.519346]  ? ip_copy_metadata+0x16f0/0x16f0
[   72.523837]  ? kmsan_set_origin_inline+0x6b/0x120
[   72.528696]  ? __msan_poison_alloca+0x17c/0x200
[   72.533392]  ? xfrm_lookup_with_ifid+0x186f/0x3e60
[   72.538329]  ? kmsan_set_origin_inline+0x6b/0x120
[   72.543197]  udpv6_sendmsg+0x12e2/0x4cf0
[   72.547257]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   72.552614]  ? aa_label_sk_perm+0x725/0x850
[   72.556976]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   72.562349]  ? kmsan_set_origin_inline+0x6b/0x120
[   72.567202]  ? udpv6_queue_rcv_skb+0x1dd0/0x1dd0
[   72.571951]  inet_sendmsg+0x4c5/0x7d0
[   72.575745]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   72.581107]  ? inet_getname+0x490/0x490
[   72.585078]  __sys_sendto+0x868/0xa30
[   72.588878]  ? prepare_exit_to_usermode+0x46/0x410
[   72.593803]  ? syscall_return_slowpath+0xf3/0x790
[   72.598687]  __se_sys_sendto+0x107/0x130
[   72.602784]  __x64_sys_sendto+0x6e/0x90
[   72.606762]  do_syscall_64+0xb8/0x100
[   72.610559]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[   72.615738] RIP: 0033:0x441319
[   72.618925] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db 0a fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   72.637820] RSP: 002b:00007fff698f4638 EFLAGS: 00000286 ORIG_RAX: 000000000000002c
[   72.645549] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000441319
[   72.652811] RDX: 000000000000000e RSI: 0000000020000100 RDI: 0000000000000003
[   72.660083] RBP: 00000000006cc018 R08: 0000000020000180 R09: 000000000000001c
[   72.667360] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000402280
[   72.674623] R13: 0000000000402310 R14: 0000000000000000 R15: 0000000000000000
[   72.682224] Kernel Offset: disabled
[   72.685857] Rebooting in 86400 seconds..