[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 82.673627][ T30] audit: type=1800 audit(1574098376.728:25): pid=11660 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 82.696664][ T30] audit: type=1800 audit(1574098376.748:26): pid=11660 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 82.733661][ T30] audit: type=1800 audit(1574098376.768:27): pid=11660 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.126' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program syzkaller login: [ 93.993882][T11814] device nr0 entered promiscuous mode [ 94.017070][T11814] ===================================================== [ 94.024118][T11814] BUG: KMSAN: uninit-value in __netif_receive_skb_core+0x3547/0x51a0 [ 94.032202][T11814] CPU: 0 PID: 11814 Comm: syz-executor049 Not tainted 5.4.0-rc5+ #0 executing program executing program [ 94.040192][T11814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 94.050268][T11814] Call Trace: [ 94.053579][T11814] dump_stack+0x191/0x1f0 [ 94.057933][T11814] kmsan_report+0x128/0x220 [ 94.062459][T11814] __msan_warning+0x73/0xe0 [ 94.066986][T11814] __netif_receive_skb_core+0x3547/0x51a0 [ 94.072738][T11814] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 94.078674][T11814] ? kmsan_get_metadata+0x39/0x350 [ 94.083835][T11814] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 executing program executing program [ 94.089750][T11814] netif_receive_skb_internal+0x3cc/0xc20 [ 94.095485][T11814] ? kmsan_get_metadata+0x39/0x350 [ 94.100635][T11814] netif_receive_skb+0x1da/0x3a0 [ 94.105600][T11814] tun_get_user+0x6c44/0x6f70 [ 94.110325][T11814] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 94.116229][T11814] tun_chr_write_iter+0x1f2/0x360 [ 94.121281][T11814] ? tun_chr_read_iter+0x460/0x460 [ 94.126423][T11814] __vfs_write+0xa2c/0xcb0 [ 94.130899][T11814] vfs_write+0x481/0x920 [ 94.135181][T11814] ksys_write+0x265/0x430 [ 94.139549][T11814] __se_sys_write+0x92/0xb0 executing program executing program [ 94.144100][T11814] __x64_sys_write+0x4a/0x70 [ 94.148701][T11814] do_syscall_64+0xb6/0x160 [ 94.153217][T11814] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 94.159114][T11814] RIP: 0033:0x441319 [ 94.163015][T11814] Code: e8 ac e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 94.182629][T11814] RSP: 002b:00007fff4ff7eaa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 executing program executing program [ 94.191056][T11814] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441319 [ 94.199037][T11814] RDX: 000000000000b107 RSI: 00000000200000c0 RDI: 0000000000000003 [ 94.207019][T11814] RBP: 00000000006cb018 R08: 00000000004002c8 R09: 00000000004002c8 [ 94.214997][T11814] R10: 00000000004002c8 R11: 0000000000000246 R12: 0000000000402090 [ 94.222976][T11814] R13: 0000000000402120 R14: 0000000000000000 R15: 0000000000000000 [ 94.230968][T11814] [ 94.233295][T11814] Uninit was stored to memory at: [ 94.238333][T11814] kmsan_internal_chain_origin+0xbd/0x180 executing program executing program executing program [ 94.244068][T11814] __msan_chain_origin+0x6b/0xd0 [ 94.249021][T11814] skb_vlan_untag+0x6bc/0xd20 [ 94.253725][T11814] __netif_receive_skb_core+0x833/0x51a0 [ 94.259403][T11814] netif_receive_skb_internal+0x3cc/0xc20 [ 94.265145][T11814] netif_receive_skb+0x1da/0x3a0 [ 94.270109][T11814] tun_get_user+0x6c44/0x6f70 [ 94.274793][T11814] tun_chr_write_iter+0x1f2/0x360 [ 94.279929][T11814] __vfs_write+0xa2c/0xcb0 [ 94.284350][T11814] vfs_write+0x481/0x920 [ 94.288695][T11814] ksys_write+0x265/0x430 executing program executing program executing program [ 94.293029][T11814] __se_sys_write+0x92/0xb0 [ 94.297536][T11814] __x64_sys_write+0x4a/0x70 [ 94.302140][T11814] do_syscall_64+0xb6/0x160 [ 94.306674][T11814] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 94.312556][T11814] [ 94.314885][T11814] Uninit was created at: [ 94.319152][T11814] kmsan_internal_poison_shadow+0x60/0x120 [ 94.324988][T11814] kmsan_slab_alloc+0xaa/0x120 [ 94.329761][T11814] __kmalloc_node_track_caller+0xd7b/0x1390 [ 94.335678][T11814] __alloc_skb+0x306/0xa10 [ 94.340100][T11814] alloc_skb_with_frags+0x18c/0xa80 executing program executing program [ 94.345305][T11814] sock_alloc_send_pskb+0xafd/0x10a0 [ 94.350602][T11814] tun_get_user+0x1132/0x6f70 [ 94.355300][T11814] tun_chr_write_iter+0x1f2/0x360 [ 94.360339][T11814] __vfs_write+0xa2c/0xcb0 [ 94.364778][T11814] vfs_write+0x481/0x920 [ 94.369059][T11814] ksys_write+0x265/0x430 [ 94.373427][T11814] __se_sys_write+0x92/0xb0 [ 94.377933][T11814] __x64_sys_write+0x4a/0x70 [ 94.382530][T11814] do_syscall_64+0xb6/0x160 [ 94.387041][T11814] entry_SYSCALL_64_after_hwframe+0x63/0xe7 executing program executing program executing program [ 94.392931][T11814] ===================================================== [ 94.400018][T11814] Disabling lock debugging due to kernel taint [ 94.406325][T11814] Kernel panic - not syncing: panic_on_warn set ... [ 94.412949][T11814] CPU: 0 PID: 11814 Comm: syz-executor049 Tainted: G B 5.4.0-rc5+ #0 [ 94.422461][T11814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 94.432554][T11814] Call Trace: [ 94.435871][T11814] dump_stack+0x191/0x1f0 [ 94.440220][T11814] panic+0x3c9/0xc1e executing program executing program executing program [ 94.444158][T11814] kmsan_report+0x215/0x220 [ 94.448682][T11814] __msan_warning+0x73/0xe0 [ 94.453235][T11814] __netif_receive_skb_core+0x3547/0x51a0 [ 94.459333][T11814] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 94.465251][T11814] ? kmsan_get_metadata+0x39/0x350 [ 94.470480][T11814] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 94.476479][T11814] netif_receive_skb_internal+0x3cc/0xc20 [ 94.482218][T11814] ? kmsan_get_metadata+0x39/0x350 [ 94.487371][T11814] netif_receive_skb+0x1da/0x3a0 executing program executing program executing program [ 94.492328][T11814] tun_get_user+0x6c44/0x6f70 [ 94.497054][T11814] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 94.502964][T11814] tun_chr_write_iter+0x1f2/0x360 [ 94.508011][T11814] ? tun_chr_read_iter+0x460/0x460 [ 94.513132][T11814] __vfs_write+0xa2c/0xcb0 [ 94.517580][T11814] vfs_write+0x481/0x920 [ 94.521847][T11814] ksys_write+0x265/0x430 [ 94.526370][T11814] __se_sys_write+0x92/0xb0 [ 94.530885][T11814] __x64_sys_write+0x4a/0x70 [ 94.535488][T11814] do_syscall_64+0xb6/0x160 [ 94.540014][T11814] entry_SYSCALL_64_after_hwframe+0x63/0xe7 executing program executing program executing program [ 94.545929][T11814] RIP: 0033:0x441319 [ 94.549835][T11814] Code: e8 ac e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 94.569442][T11814] RSP: 002b:00007fff4ff7eaa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 94.577878][T11814] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441319 [ 94.585865][T11814] RDX: 000000000000b107 RSI: 00000000200000c0 RDI: 0000000000000003 executing program [ 94.593857][T11814] RBP: 00000000006cb018 R08: 00000000004002c8 R09: 00000000004002c8 [ 94.601849][T11814] R10: 00000000004002c8 R11: 0000000000000246 R12: 0000000000402090 [ 94.609827][T11814] R13: 0000000000402120 R14: 0000000000000000 R15: 0000000000000000 [ 94.619304][T11814] Kernel Offset: disabled [ 94.623646][T11814] Rebooting in 86400 seconds..