[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 77.277903][ T30] audit: type=1800 audit(1566347054.337:25): pid=11956 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 77.300636][ T30] audit: type=1800 audit(1566347054.357:26): pid=11956 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 77.347484][ T30] audit: type=1800 audit(1566347054.387:27): pid=11956 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.15.208' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 87.630009][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 87.678613][T12106] ================================================================== [ 87.686790][T12106] BUG: KMSAN: uninit-value in gf128mul_4k_lle+0x1fb/0x2b0 [ 87.693890][T12106] CPU: 0 PID: 12106 Comm: syz-executor958 Not tainted 5.3.0-rc3+ #17 [ 87.701927][T12106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 87.711962][T12106] Call Trace: [ 87.715384][T12106] dump_stack+0x191/0x1f0 [ 87.719720][T12106] kmsan_report+0x162/0x2d0 [ 87.724212][T12106] __msan_warning+0x75/0xe0 [ 87.728700][T12106] gf128mul_4k_lle+0x1fb/0x2b0 [ 87.733452][T12106] ghash_update+0x9db/0x1130 [ 87.738036][T12106] ? ghash_init+0x50/0x50 [ 87.742350][T12106] crypto_shash_update+0x4eb/0x550 [ 87.747534][T12106] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0 [ 87.753496][T12106] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 87.759630][T12106] ? crypto_hash_walk_first+0x5ce/0x8a0 [ 87.765173][T12106] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0 [ 87.771143][T12106] shash_async_update+0x11f/0x1e0 [ 87.776158][T12106] ? shash_async_init+0x1e0/0x1e0 [ 87.781176][T12106] gcm_hash+0x15d8/0x2400 [ 87.785539][T12106] crypto_gcm_encrypt+0x710/0x9e0 [ 87.790550][T12106] ? crypto_gcm_setauthsize+0xc0/0xc0 [ 87.795906][T12106] crypto_aead_encrypt+0xf2/0x180 [ 87.800920][T12106] tls_push_record+0x341e/0x4e50 [ 87.805863][T12106] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0 [ 87.811926][T12106] bpf_exec_tx_verdict+0x1454/0x1c80 [ 87.817201][T12106] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 87.823251][T12106] ? get_user_pages_fast+0x69b/0x6e0 [ 87.828519][T12106] ? kmsan_set_origin+0x26d/0x340 [ 87.833562][T12106] tls_sw_sendmsg+0x158d/0x2710 [ 87.838418][T12106] ? udpv6_rcv+0x70/0x70 [ 87.842643][T12106] ? tls_tx_records+0xb40/0xb40 [ 87.847477][T12106] inet6_sendmsg+0x2d8/0x2e0 [ 87.852050][T12106] ? inet6_ioctl+0x340/0x340 [ 87.856619][T12106] __sys_sendto+0x8fc/0xc70 [ 87.861112][T12106] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0 [ 87.867176][T12106] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 87.873225][T12106] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 87.879013][T12106] __se_sys_sendto+0x107/0x130 [ 87.883761][T12106] __x64_sys_sendto+0x6e/0x90 [ 87.888517][T12106] do_syscall_64+0xbc/0xf0 [ 87.892916][T12106] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 87.898801][T12106] RIP: 0033:0x440369 [ 87.902683][T12106] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 87.922271][T12106] RSP: 002b:00007ffea7acc828 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 87.931044][T12106] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440369 [ 87.938999][T12106] RDX: ffffffffffffffc1 RSI: 00000000200005c0 RDI: 0000000000000003 [ 87.946954][T12106] RBP: 00000000006ca018 R08: 0000000000000000 R09: 1201000000003618 [ 87.954905][T12106] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000401bf0 [ 87.962858][T12106] R13: 0000000000401c80 R14: 0000000000000000 R15: 0000000000000000 [ 87.970852][T12106] [ 87.973161][T12106] Uninit was stored to memory at: [ 87.978190][T12106] kmsan_internal_chain_origin+0xcc/0x150 [ 87.983980][T12106] __msan_chain_origin+0x6b/0xe0 [ 87.988904][T12106] ghash_update+0xa83/0x1130 [ 87.993477][T12106] crypto_shash_update+0x4eb/0x550 [ 87.998571][T12106] shash_async_update+0x11f/0x1e0 [ 88.003575][T12106] gcm_hash+0x15d8/0x2400 [ 88.007883][T12106] crypto_gcm_encrypt+0x710/0x9e0 [ 88.012887][T12106] crypto_aead_encrypt+0xf2/0x180 [ 88.017895][T12106] tls_push_record+0x341e/0x4e50 [ 88.022815][T12106] bpf_exec_tx_verdict+0x1454/0x1c80 [ 88.028081][T12106] tls_sw_sendmsg+0x158d/0x2710 [ 88.032916][T12106] inet6_sendmsg+0x2d8/0x2e0 [ 88.037489][T12106] __sys_sendto+0x8fc/0xc70 [ 88.041973][T12106] __se_sys_sendto+0x107/0x130 [ 88.046714][T12106] __x64_sys_sendto+0x6e/0x90 [ 88.051377][T12106] do_syscall_64+0xbc/0xf0 [ 88.055779][T12106] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 88.061652][T12106] [ 88.063973][T12106] Uninit was stored to memory at: [ 88.068979][T12106] kmsan_internal_chain_origin+0xcc/0x150 [ 88.074678][T12106] __msan_chain_origin+0x6b/0xe0 [ 88.079597][T12106] __crypto_xor+0x1e8/0x1470 [ 88.084170][T12106] crypto_ctr_crypt+0x613/0xaf0 [ 88.089000][T12106] crypto_skcipher_encrypt+0xd2/0x150 [ 88.094350][T12106] crypto_gcm_encrypt+0x4a5/0x9e0 [ 88.099351][T12106] crypto_aead_encrypt+0xf2/0x180 [ 88.104442][T12106] tls_push_record+0x341e/0x4e50 [ 88.109359][T12106] bpf_exec_tx_verdict+0x1454/0x1c80 [ 88.114626][T12106] tls_sw_sendmsg+0x158d/0x2710 [ 88.119459][T12106] inet6_sendmsg+0x2d8/0x2e0 [ 88.124115][T12106] __sys_sendto+0x8fc/0xc70 [ 88.128832][T12106] __se_sys_sendto+0x107/0x130 [ 88.133622][T12106] __x64_sys_sendto+0x6e/0x90 [ 88.138281][T12106] do_syscall_64+0xbc/0xf0 [ 88.142683][T12106] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 88.148550][T12106] [ 88.150861][T12106] Uninit was created at: [ 88.155084][T12106] kmsan_save_stack_with_flags+0x37/0x70 [ 88.160699][T12106] kmsan_internal_alloc_meta_for_pages+0x123/0x510 [ 88.167183][T12106] kmsan_alloc_page+0x7a/0xf0 [ 88.171841][T12106] __alloc_pages_nodemask+0x142d/0x5fa0 [ 88.177368][T12106] alloc_pages_current+0x68d/0x9a0 [ 88.182463][T12106] skb_page_frag_refill+0x2b0/0x580 [ 88.187640][T12106] sk_page_frag_refill+0xa4/0x330 [ 88.192735][T12106] tcp_sendmsg_locked+0x2311/0x6880 [ 88.197912][T12106] tcp_sendmsg+0xb2/0x100 [ 88.202296][T12106] inet6_sendmsg+0x178/0x2e0 [ 88.206865][T12106] __sys_sendto+0x8fc/0xc70 [ 88.211346][T12106] __se_sys_sendto+0x107/0x130 [ 88.216098][T12106] __x64_sys_sendto+0x6e/0x90 [ 88.220796][T12106] do_syscall_64+0xbc/0xf0 [ 88.225199][T12106] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 88.231067][T12106] ================================================================== [ 88.239107][T12106] Disabling lock debugging due to kernel taint [ 88.245239][T12106] Kernel panic - not syncing: panic_on_warn set ... [ 88.251808][T12106] CPU: 0 PID: 12106 Comm: syz-executor958 Tainted: G B 5.3.0-rc3+ #17 [ 88.261252][T12106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 88.271288][T12106] Call Trace: [ 88.274562][T12106] dump_stack+0x191/0x1f0 [ 88.278879][T12106] panic+0x3c9/0xc1e [ 88.282770][T12106] kmsan_report+0x2ca/0x2d0 [ 88.287256][T12106] __msan_warning+0x75/0xe0 [ 88.291746][T12106] gf128mul_4k_lle+0x1fb/0x2b0 [ 88.296500][T12106] ghash_update+0x9db/0x1130 [ 88.301079][T12106] ? ghash_init+0x50/0x50 [ 88.305393][T12106] crypto_shash_update+0x4eb/0x550 [ 88.310486][T12106] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0 [ 88.316450][T12106] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 88.322590][T12106] ? crypto_hash_walk_first+0x5ce/0x8a0 [ 88.328121][T12106] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0 [ 88.334154][T12106] shash_async_update+0x11f/0x1e0 [ 88.339184][T12106] ? shash_async_init+0x1e0/0x1e0 [ 88.344191][T12106] gcm_hash+0x15d8/0x2400 [ 88.348521][T12106] crypto_gcm_encrypt+0x710/0x9e0 [ 88.353532][T12106] ? crypto_gcm_setauthsize+0xc0/0xc0 [ 88.358888][T12106] crypto_aead_encrypt+0xf2/0x180 [ 88.363990][T12106] tls_push_record+0x341e/0x4e50 [ 88.368931][T12106] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0 [ 88.374894][T12106] bpf_exec_tx_verdict+0x1454/0x1c80 [ 88.380162][T12106] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 88.386218][T12106] ? get_user_pages_fast+0x69b/0x6e0 [ 88.391510][T12106] ? kmsan_set_origin+0x26d/0x340 [ 88.396552][T12106] tls_sw_sendmsg+0x158d/0x2710 [ 88.401423][T12106] ? udpv6_rcv+0x70/0x70 [ 88.405649][T12106] ? tls_tx_records+0xb40/0xb40 [ 88.410481][T12106] inet6_sendmsg+0x2d8/0x2e0 [ 88.415057][T12106] ? inet6_ioctl+0x340/0x340 [ 88.419627][T12106] __sys_sendto+0x8fc/0xc70 [ 88.424125][T12106] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0 [ 88.430085][T12106] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 88.436128][T12106] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 88.441830][T12106] __se_sys_sendto+0x107/0x130 [ 88.446577][T12106] __x64_sys_sendto+0x6e/0x90 [ 88.451252][T12106] do_syscall_64+0xbc/0xf0 [ 88.455651][T12106] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 88.461522][T12106] RIP: 0033:0x440369 [ 88.465399][T12106] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 88.485249][T12106] RSP: 002b:00007ffea7acc828 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 88.493640][T12106] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440369 [ 88.501635][T12106] RDX: ffffffffffffffc1 RSI: 00000000200005c0 RDI: 0000000000000003 [ 88.509600][T12106] RBP: 00000000006ca018 R08: 0000000000000000 R09: 1201000000003618 [ 88.517594][T12106] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000401bf0 [ 88.525551][T12106] R13: 0000000000401c80 R14: 0000000000000000 R15: 0000000000000000 [ 88.534888][T12106] Kernel Offset: disabled [ 88.539215][T12106] Rebooting in 86400 seconds..