INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.2' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 30.199052] ================================================================== [ 30.206465] BUG: KMSAN: uninit-value in __flow_hash_from_keys+0x10d8/0x1150 [ 30.213548] CPU: 0 PID: 3582 Comm: syzkaller883433 Not tainted 4.16.0+ #84 [ 30.220676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 30.230014] Call Trace: [ 30.232602] dump_stack+0x185/0x1d0 [ 30.236224] ? __flow_hash_from_keys+0x10d8/0x1150 [ 30.241139] kmsan_report+0x142/0x240 [ 30.244924] __msan_warning_32+0x6c/0xb0 [ 30.248966] __flow_hash_from_keys+0x10d8/0x1150 [ 30.253714] __skb_get_hash_symmetric+0x14d/0x230 [ 30.258538] packet_rcv_fanout+0x38f/0x8d0 [ 30.262756] ? packet_direct_xmit+0xbf0/0xbf0 [ 30.267229] dev_queue_xmit_nit+0x111a/0x11e0 [ 30.271708] dev_hard_start_xmit+0x27c/0xc70 [ 30.276115] __dev_queue_xmit+0x22d9/0x2b60 [ 30.280424] dev_queue_xmit+0x4b/0x60 [ 30.284225] neigh_resolve_output+0xac6/0xb60 [ 30.288703] ? neigh_event_ns+0x360/0x360 [ 30.292850] ip_finish_output2+0x1238/0x1380 [ 30.297242] ip_finish_output+0xcb0/0xff0 [ 30.301370] ip_output+0x502/0x5c0 [ 30.304891] ? ip_mc_finish_output+0x3b0/0x3b0 [ 30.309453] ? ip_finish_output+0xff0/0xff0 [ 30.313754] ip_send_skb+0x5f3/0x820 [ 30.317446] ? __ip_local_out+0x5b0/0x5b0 [ 30.321575] ip_push_pending_frames+0x105/0x170 [ 30.326224] raw_sendmsg+0x2960/0x3ed0 [ 30.330097] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 30.335534] ? compat_raw_ioctl+0x100/0x100 [ 30.339841] inet_sendmsg+0x48d/0x740 [ 30.343624] ? security_socket_sendmsg+0x9e/0x210 [ 30.348449] ? inet_getname+0x500/0x500 [ 30.352408] SYSC_sendto+0x6c3/0x7e0 [ 30.356119] SyS_sendto+0x8a/0xb0 [ 30.359567] do_syscall_64+0x309/0x430 [ 30.363436] ? SYSC_getpeername+0x560/0x560 [ 30.367752] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 30.372931] RIP: 0033:0x43fe89 [ 30.376106] RSP: 002b:00007ffcc8156418 EFLAGS: 00000207 ORIG_RAX: 000000000000002c [ 30.383802] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fe89 [ 30.391068] RDX: 0000000000000003 RSI: 00000000200001c0 RDI: 0000000000000004 [ 30.398323] RBP: 00000000006ca018 R08: 0000000020cf9000 R09: 0000000000000010 [ 30.405573] R10: 0000000000000000 R11: 0000000000000207 R12: 00000000004017b0 [ 30.412826] R13: 0000000000401840 R14: 0000000000000000 R15: 0000000000000000 [ 30.420085] [ 30.421696] Uninit was stored to memory at: [ 30.426004] kmsan_internal_chain_origin+0x12b/0x210 [ 30.431095] __msan_chain_origin+0x69/0xc0 [ 30.435311] __skb_flow_dissect+0x4cbd/0x6580 [ 30.439786] __skb_get_hash_symmetric+0x10b/0x230 [ 30.444613] packet_rcv_fanout+0x38f/0x8d0 [ 30.448835] dev_queue_xmit_nit+0x111a/0x11e0 [ 30.453319] dev_hard_start_xmit+0x27c/0xc70 [ 30.457711] __dev_queue_xmit+0x22d9/0x2b60 [ 30.462021] dev_queue_xmit+0x4b/0x60 [ 30.465815] neigh_resolve_output+0xac6/0xb60 [ 30.470296] ip_finish_output2+0x1238/0x1380 [ 30.474685] ip_finish_output+0xcb0/0xff0 [ 30.478815] ip_output+0x502/0x5c0 [ 30.482339] ip_send_skb+0x5f3/0x820 [ 30.486038] ip_push_pending_frames+0x105/0x170 [ 30.490694] raw_sendmsg+0x2960/0x3ed0 [ 30.494561] inet_sendmsg+0x48d/0x740 [ 30.498346] SYSC_sendto+0x6c3/0x7e0 [ 30.502045] SyS_sendto+0x8a/0xb0 [ 30.505480] do_syscall_64+0x309/0x430 [ 30.509348] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 30.514511] Uninit was stored to memory at: [ 30.518817] kmsan_internal_chain_origin+0x12b/0x210 [ 30.523903] kmsan_memcpy_origins+0x11d/0x170 [ 30.528387] __msan_memcpy+0x19f/0x1f0 [ 30.532266] skb_copy_bits+0x63a/0xdb0 [ 30.536140] __skb_flow_dissect+0x48ea/0x6580 [ 30.540616] __skb_get_hash_symmetric+0x10b/0x230 [ 30.545438] packet_rcv_fanout+0x38f/0x8d0 [ 30.549654] dev_queue_xmit_nit+0x111a/0x11e0 [ 30.554138] dev_hard_start_xmit+0x27c/0xc70 [ 30.558525] __dev_queue_xmit+0x22d9/0x2b60 [ 30.562832] dev_queue_xmit+0x4b/0x60 [ 30.566614] neigh_resolve_output+0xac6/0xb60 [ 30.571094] ip_finish_output2+0x1238/0x1380 [ 30.575480] ip_finish_output+0xcb0/0xff0 [ 30.579604] ip_output+0x502/0x5c0 [ 30.583123] ip_send_skb+0x5f3/0x820 [ 30.586817] ip_push_pending_frames+0x105/0x170 [ 30.591472] raw_sendmsg+0x2960/0x3ed0 [ 30.595345] inet_sendmsg+0x48d/0x740 [ 30.599126] SYSC_sendto+0x6c3/0x7e0 [ 30.602834] SyS_sendto+0x8a/0xb0 [ 30.606276] do_syscall_64+0x309/0x430 [ 30.610143] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 30.615305] Uninit was created at: [ 30.618836] kmsan_alloc_meta_for_pages+0x161/0x3a0 [ 30.623834] kmsan_alloc_page+0x82/0xe0 [ 30.627789] __alloc_pages_nodemask+0xf5b/0x5dc0 [ 30.632524] alloc_pages_current+0x6b5/0x970 [ 30.636912] skb_page_frag_refill+0x3ba/0x5e0 [ 30.641385] sk_page_frag_refill+0xa4/0x340 [ 30.645686] __ip_append_data+0x107e/0x3d10 [ 30.649986] ip_append_data+0x2fb/0x440 [ 30.653945] raw_sendmsg+0x287b/0x3ed0 [ 30.657812] inet_sendmsg+0x48d/0x740 [ 30.661598] SYSC_sendto+0x6c3/0x7e0 [ 30.665291] SyS_sendto+0x8a/0xb0 [ 30.668724] do_syscall_64+0x309/0x430 [ 30.672595] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 30.677762] ================================================================== [ 30.685099] Disabling lock debugging due to kernel taint [ 30.690530] Kernel panic - not syncing: panic_on_warn set ... [ 30.690530] [ 30.697886] CPU: 0 PID: 3582 Comm: syzkaller883433 Tainted: G B 4.16.0+ #84 [ 30.706179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 30.715521] Call Trace: [ 30.718103] dump_stack+0x185/0x1d0 [ 30.721717] panic+0x39d/0x940 [ 30.724903] ? __flow_hash_from_keys+0x10d8/0x1150 [ 30.729816] kmsan_report+0x238/0x240 [ 30.733611] __msan_warning_32+0x6c/0xb0 [ 30.737659] __flow_hash_from_keys+0x10d8/0x1150 [ 30.742488] __skb_get_hash_symmetric+0x14d/0x230 [ 30.747315] packet_rcv_fanout+0x38f/0x8d0 [ 30.751535] ? packet_direct_xmit+0xbf0/0xbf0 [ 30.756015] dev_queue_xmit_nit+0x111a/0x11e0 [ 30.760507] dev_hard_start_xmit+0x27c/0xc70 [ 30.764913] __dev_queue_xmit+0x22d9/0x2b60 [ 30.769220] dev_queue_xmit+0x4b/0x60 [ 30.773005] neigh_resolve_output+0xac6/0xb60 [ 30.777512] ? neigh_event_ns+0x360/0x360 [ 30.781649] ip_finish_output2+0x1238/0x1380 [ 30.786054] ip_finish_output+0xcb0/0xff0 [ 30.790204] ip_output+0x502/0x5c0 [ 30.793726] ? ip_mc_finish_output+0x3b0/0x3b0 [ 30.798290] ? ip_finish_output+0xff0/0xff0 [ 30.802597] ip_send_skb+0x5f3/0x820 [ 30.806300] ? __ip_local_out+0x5b0/0x5b0 [ 30.810430] ip_push_pending_frames+0x105/0x170 [ 30.815085] raw_sendmsg+0x2960/0x3ed0 [ 30.818962] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 30.824399] ? compat_raw_ioctl+0x100/0x100 [ 30.828717] inet_sendmsg+0x48d/0x740 [ 30.832498] ? security_socket_sendmsg+0x9e/0x210 [ 30.837320] ? inet_getname+0x500/0x500 [ 30.841273] SYSC_sendto+0x6c3/0x7e0 [ 30.844976] SyS_sendto+0x8a/0xb0 [ 30.848426] do_syscall_64+0x309/0x430 [ 30.852315] ? SYSC_getpeername+0x560/0x560 [ 30.856621] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 30.861787] RIP: 0033:0x43fe89 [ 30.864954] RSP: 002b:00007ffcc8156418 EFLAGS: 00000207 ORIG_RAX: 000000000000002c [ 30.872648] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fe89 [ 30.879897] RDX: 0000000000000003 RSI: 00000000200001c0 RDI: 0000000000000004 [ 30.887145] RBP: 00000000006ca018 R08: 0000000020cf9000 R09: 0000000000000010 [ 30.894395] R10: 0000000000000000 R11: 0000000000000207 R12: 00000000004017b0 [ 30.901644] R13: 0000000000401840 R14: 0000000000000000 R15: 0000000000000000 [ 30.909438] Dumping ftrace buffer: [ 30.912966] (ftrace buffer empty) [ 30.916652] Kernel Offset: disabled [ 30.920268] Rebooting in 86400 seconds..