[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   31.809856] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   35.886700] random: sshd: uninitialized urandom read (32 bytes read)
[   36.303797] random: sshd: uninitialized urandom read (32 bytes read)
[   37.498430] random: sshd: uninitialized urandom read (32 bytes read)
[   37.751715] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.39' (ECDSA) to the list of known hosts.
[   43.350456] random: sshd: uninitialized urandom read (32 bytes read)
[   43.468235] IPVS: ftp: loaded support on port[0] = 21
[   43.651089] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.657576] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.665133] device bridge_slave_0 entered promiscuous mode
[   43.688192] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.694717] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.702227] device bridge_slave_1 entered promiscuous mode
[   43.725547] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   43.748011] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   43.793855] ip (4579) used greatest stack depth: 54312 bytes left
[   43.811581] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   43.836283] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   43.930538] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   43.937866] team0: Port device team_slave_0 added
[   43.959712] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   43.967156] team0: Port device team_slave_1 added
[   43.989557] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   44.013964] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   44.038349] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   44.062606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
RTNETLINK answers: Operation not supported
RTNETLINK answers: No buffer space available
RTNETLINK answers: Operation not supported
[   44.255875] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.262313] bridge0: port 2(bridge_slave_1) entered forwarding state
[   44.269133] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.275563] bridge0: port 1(bridge_slave_0) entered forwarding state
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
[   44.970110] 8021q: adding VLAN 0 to HW filter on device bond0
[   45.039558] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   45.106822] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   45.113297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   45.121931] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   45.186993] 8021q: adding VLAN 0 to HW filter on device team0
executing program
[   45.573484] ==================================================================
[   45.580892] BUG: KMSAN: uninit-value in ip_tunnel_xmit+0x5dc/0x37b0
[   45.587283] CPU: 0 PID: 4550 Comm: syz-executor041 Not tainted 4.17.0-rc5+ #102
[   45.594722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   45.604057] Call Trace:
[   45.606643]  dump_stack+0x185/0x1d0
[   45.610251]  ? ip_tunnel_xmit+0x5dc/0x37b0
[   45.614470]  kmsan_report+0x149/0x260
[   45.618250]  __msan_warning_32+0x6e/0xc0
[   45.622301]  ip_tunnel_xmit+0x5dc/0x37b0
[   45.626337]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   45.631684]  ? skb_push+0x16b/0x260
[   45.635296]  ? __msan_metadata_ptr_for_store_2+0x13/0x20
[   45.640740]  ? gre_build_header+0x5ab/0xaa0
[   45.645049]  ipgre_xmit+0xe16/0xef0
[   45.648655]  ? ipgre_close+0x230/0x230
[   45.652525]  dev_hard_start_xmit+0x5f1/0xc70
[   45.656919]  __dev_queue_xmit+0x2311/0x3510
[   45.661221]  ? sock_alloc_send_pskb+0x13b/0x1190
[   45.665957]  ? sock_alloc_send_pskb+0xfee/0x1190
[   45.670695]  dev_queue_xmit+0x4b/0x60
[   45.674474]  ? __netdev_pick_tx+0xb50/0xb50
[   45.678780]  packet_sendmsg+0x7d62/0x8ab0
[   45.682911]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   45.688345]  ? pagevec_lru_move_fn+0x490/0x4e0
[   45.692909]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[   45.698341]  ? pgtable_trans_huge_deposit+0x439/0x5d0
[   45.703512]  ? kmsan_set_origin_inline+0x6b/0x120
[   45.708350]  ? kmsan_internal_unpoison_shadow+0x83/0xe0
[   45.713703]  ? compat_packet_setsockopt+0x360/0x360
[   45.718701]  __sys_sendto+0x6c0/0x7e0
[   45.722580]  __x64_sys_sendto+0x1a1/0x210
[   45.726719]  do_syscall_64+0x152/0x230
[   45.730597]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   45.735769] RIP: 0033:0x441179
[   45.739043] RSP: 002b:00007fff3a7e9f08 EFLAGS: 00000216 ORIG_RAX: 000000000000002c
[   45.746749] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441179
[   45.754004] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003
[   45.761365] RBP: 00000000006cc018 R08: 0000000020000040 R09: 000000000000001c
[   45.768621] R10: 0000000000000000 R11: 0000000000000216 R12: 0000000000402080
[   45.775882] R13: 0000000000402110 R14: 0000000000000000 R15: 0000000000000000
[   45.783149] 
[   45.784769] Uninit was created at:
[   45.788298]  kmsan_internal_poison_shadow+0xb8/0x1b0
[   45.793384]  kmsan_kmalloc+0x94/0x100
[   45.797164]  kmsan_slab_alloc+0x10/0x20
[   45.801132]  __kmalloc_node_track_caller+0xb32/0x11b0
[   45.806317]  __alloc_skb+0x2cb/0x9e0
[   45.810017]  alloc_skb_with_frags+0x1e6/0xb80
[   45.814518]  sock_alloc_send_pskb+0xb56/0x1190
[   45.819087]  packet_sendmsg+0x6584/0x8ab0
[   45.823239]  __sys_sendto+0x6c0/0x7e0
[   45.827036]  __x64_sys_sendto+0x1a1/0x210
[   45.831172]  do_syscall_64+0x152/0x230
[   45.835044]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   45.840217] ==================================================================
[   45.847570] Disabling lock debugging due to kernel taint
[   45.852999] Kernel panic - not syncing: panic_on_warn set ...
[   45.852999] 
[   45.860355] CPU: 0 PID: 4550 Comm: syz-executor041 Tainted: G    B             4.17.0-rc5+ #102
[   45.869166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   45.878500] Call Trace:
[   45.881074]  dump_stack+0x185/0x1d0
[   45.884699]  panic+0x39d/0x940
[   45.887888]  ? ip_tunnel_xmit+0x5dc/0x37b0
[   45.892112]  kmsan_report+0x260/0x260
[   45.895891]  __msan_warning_32+0x6e/0xc0
[   45.899959]  ip_tunnel_xmit+0x5dc/0x37b0
[   45.904017]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   45.909381]  ? skb_push+0x16b/0x260
[   45.912993]  ? __msan_metadata_ptr_for_store_2+0x13/0x20
[   45.918433]  ? gre_build_header+0x5ab/0xaa0
[   45.922744]  ipgre_xmit+0xe16/0xef0
[   45.926376]  ? ipgre_close+0x230/0x230
[   45.930265]  dev_hard_start_xmit+0x5f1/0xc70
[   45.934667]  __dev_queue_xmit+0x2311/0x3510
[   45.938969]  ? sock_alloc_send_pskb+0x13b/0x1190
[   45.943704]  ? sock_alloc_send_pskb+0xfee/0x1190
[   45.948449]  dev_queue_xmit+0x4b/0x60
[   45.952241]  ? __netdev_pick_tx+0xb50/0xb50
[   45.956549]  packet_sendmsg+0x7d62/0x8ab0
[   45.960686]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   45.966125]  ? pagevec_lru_move_fn+0x490/0x4e0
[   45.970702]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[   45.976142]  ? pgtable_trans_huge_deposit+0x439/0x5d0
[   45.982357]  ? kmsan_set_origin_inline+0x6b/0x120
[   45.987193]  ? kmsan_internal_unpoison_shadow+0x83/0xe0
[   45.992540]  ? compat_packet_setsockopt+0x360/0x360
[   45.997537]  __sys_sendto+0x6c0/0x7e0
[   46.001321]  __x64_sys_sendto+0x1a1/0x210
[   46.005482]  do_syscall_64+0x152/0x230
[   46.009359]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   46.014540] RIP: 0033:0x441179
[   46.017715] RSP: 002b:00007fff3a7e9f08 EFLAGS: 00000216 ORIG_RAX: 000000000000002c
[   46.025417] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441179
[   46.032683] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003
[   46.039945] RBP: 00000000006cc018 R08: 0000000020000040 R09: 000000000000001c
[   46.047202] R10: 0000000000000000 R11: 0000000000000216 R12: 0000000000402080
[   46.054541] R13: 0000000000402110 R14: 0000000000000000 R15: 0000000000000000
[   46.062352] Dumping ftrace buffer:
[   46.065882]    (ftrace buffer empty)
[   46.069570] Kernel Offset: disabled
[   46.073189] Rebooting in 86400 seconds..