[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   30.136959] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   33.533632] random: sshd: uninitialized urandom read (32 bytes read)
[   33.985525] random: sshd: uninitialized urandom read (32 bytes read)
[   35.137418] random: sshd: uninitialized urandom read (32 bytes read)
[   35.348788] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.24' (ECDSA) to the list of known hosts.
[   40.839575] random: sshd: uninitialized urandom read (32 bytes read)
[   40.956872] IPVS: ftp: loaded support on port[0] = 21
[   41.042369] ip (4470) used greatest stack depth: 54520 bytes left
[   41.112004] ip (4479) used greatest stack depth: 54344 bytes left
[   41.126836] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.133265] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.140936] device bridge_slave_0 entered promiscuous mode
[   41.161358] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.167781] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.175160] device bridge_slave_1 entered promiscuous mode
[   41.195654] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   41.217007] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   41.275693] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   41.299256] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   41.392850] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   41.400490] team0: Port device team_slave_0 added
[   41.420100] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   41.427730] team0: Port device team_slave_1 added
[   41.448514] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   41.471423] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   41.494205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   41.516963] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
RTNETLINK answers: Operation not supported
RTNETLINK answers: No buffer space available
RTNETLINK answers: Operation not supported
[   41.693409] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.699865] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.706637] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.713152] bridge0: port 1(bridge_slave_0) entered forwarding state
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
[   42.354230] 8021q: adding VLAN 0 to HW filter on device bond0
[   42.418116] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   42.482823] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   42.489162] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   42.496658] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   42.556908] 8021q: adding VLAN 0 to HW filter on device team0
executing program
[   42.912863] ==================================================================
[   42.920259] BUG: KMSAN: uninit-value in ip_tunnel_xmit+0x5e9/0x37c0
[   42.926654] CPU: 0 PID: 4462 Comm: syz-executor409 Not tainted 4.17.0-rc5+ #98
[   42.933987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   42.943322] Call Trace:
[   42.945889]  dump_stack+0x185/0x1d0
[   42.949494]  ? ip_tunnel_xmit+0x5e9/0x37c0
[   42.953722]  kmsan_report+0x149/0x260
[   42.957503]  __msan_warning_32+0x6e/0xc0
[   42.961551]  ip_tunnel_xmit+0x5e9/0x37c0
[   42.965588]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   42.970931]  ? skb_push+0x16b/0x260
[   42.974536]  ? __msan_metadata_ptr_for_store_2+0x13/0x20
[   42.979965]  ? gre_build_header+0x5ab/0xaa0
[   42.984267]  ipgre_xmit+0xdb7/0xe90
[   42.987879]  ? ipgre_close+0x230/0x230
[   42.991753]  dev_hard_start_xmit+0x5f1/0xc70
[   42.996142]  __dev_queue_xmit+0x27ee/0x3520
[   43.000459]  ? sock_alloc_send_pskb+0x13b/0x1190
[   43.005191]  ? sock_alloc_send_pskb+0xfee/0x1190
[   43.009938]  dev_queue_xmit+0x4b/0x60
[   43.013718]  ? __netdev_pick_tx+0xb60/0xb60
[   43.018037]  packet_sendmsg+0x7cc3/0x8ac0
[   43.022179]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   43.027608]  ? pagevec_lru_move_fn+0x490/0x4e0
[   43.032170]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[   43.037605]  ? __walk_page_range+0x9f0/0x23d0
[   43.042089]  ? lru_cache_add_active_or_unevictable+0x497/0x5f0
[   43.048045]  ? kmsan_set_origin_inline+0x6b/0x120
[   43.052871]  ? __msan_poison_alloca+0x15c/0x1d0
[   43.057525]  ? compat_packet_setsockopt+0x360/0x360
[   43.062518]  __sys_sendto+0x6c0/0x7e0
[   43.066302]  __x64_sys_sendto+0x1a1/0x210
[   43.070430]  do_syscall_64+0x154/0x220
[   43.074305]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   43.079473] RIP: 0033:0x441179
[   43.082645] RSP: 002b:00007fff411d80b8 EFLAGS: 00000212 ORIG_RAX: 000000000000002c
[   43.090329] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441179
[   43.097576] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[   43.104822] RBP: 00000000006cc018 R08: 0000000020000080 R09: 000000000000001c
[   43.112071] R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000402080
[   43.119317] R13: 0000000000402110 R14: 0000000000000000 R15: 0000000000000000
[   43.126657] 
[   43.128266] Uninit was created at:
[   43.131788]  kmsan_internal_poison_shadow+0xb8/0x1b0
[   43.136867]  kmsan_kmalloc+0x94/0x100
[   43.140652]  kmsan_slab_alloc+0x10/0x20
[   43.144601]  __kmalloc_node_track_caller+0xb32/0x11b0
[   43.149765]  __alloc_skb+0x2cf/0x9f0
[   43.153457]  alloc_skb_with_frags+0x1e6/0xb80
[   43.157930]  sock_alloc_send_pskb+0xb56/0x1190
[   43.162496]  packet_sendmsg+0x648d/0x8ac0
[   43.166707]  __sys_sendto+0x6c0/0x7e0
[   43.170491]  __x64_sys_sendto+0x1a1/0x210
[   43.174628]  do_syscall_64+0x154/0x220
[   43.178498]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   43.183657] ==================================================================
[   43.191002] Disabling lock debugging due to kernel taint
[   43.196434] Kernel panic - not syncing: panic_on_warn set ...
[   43.196434] 
[   43.203783] CPU: 0 PID: 4462 Comm: syz-executor409 Tainted: G    B             4.17.0-rc5+ #98
[   43.212511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   43.221844] Call Trace:
[   43.224416]  dump_stack+0x185/0x1d0
[   43.228027]  panic+0x39d/0x940
[   43.231207]  ? ip_tunnel_xmit+0x5e9/0x37c0
[   43.235426]  kmsan_report+0x260/0x260
[   43.239206]  __msan_warning_32+0x6e/0xc0
[   43.243244]  ip_tunnel_xmit+0x5e9/0x37c0
[   43.247280]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   43.252622]  ? skb_push+0x16b/0x260
[   43.256319]  ? __msan_metadata_ptr_for_store_2+0x13/0x20
[   43.261749]  ? gre_build_header+0x5ab/0xaa0
[   43.266062]  ipgre_xmit+0xdb7/0xe90
[   43.269671]  ? ipgre_close+0x230/0x230
[   43.273544]  dev_hard_start_xmit+0x5f1/0xc70
[   43.277935]  __dev_queue_xmit+0x27ee/0x3520
[   43.282235]  ? sock_alloc_send_pskb+0x13b/0x1190
[   43.286967]  ? sock_alloc_send_pskb+0xfee/0x1190
[   43.291705]  dev_queue_xmit+0x4b/0x60
[   43.295483]  ? __netdev_pick_tx+0xb60/0xb60
[   43.299784]  packet_sendmsg+0x7cc3/0x8ac0
[   43.303913]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   43.309342]  ? pagevec_lru_move_fn+0x490/0x4e0
[   43.313904]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[   43.319335]  ? __walk_page_range+0x9f0/0x23d0
[   43.323810]  ? lru_cache_add_active_or_unevictable+0x497/0x5f0
[   43.329762]  ? kmsan_set_origin_inline+0x6b/0x120
[   43.334593]  ? __msan_poison_alloca+0x15c/0x1d0
[   43.339248]  ? compat_packet_setsockopt+0x360/0x360
[   43.344242]  __sys_sendto+0x6c0/0x7e0
[   43.348111]  __x64_sys_sendto+0x1a1/0x210
[   43.352240]  do_syscall_64+0x154/0x220
[   43.356108]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   43.361273] RIP: 0033:0x441179
[   43.364456] RSP: 002b:00007fff411d80b8 EFLAGS: 00000212 ORIG_RAX: 000000000000002c
[   43.372143] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441179
[   43.379394] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[   43.386642] RBP: 00000000006cc018 R08: 0000000020000080 R09: 000000000000001c
[   43.393888] R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000402080
[   43.401137] R13: 0000000000402110 R14: 0000000000000000 R15: 0000000000000000
[   43.408856] Dumping ftrace buffer:
[   43.412378]    (ftrace buffer empty)
[   43.416064] Kernel Offset: disabled
[   43.419670] Rebooting in 86400 seconds..