INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.9' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 30.435769] ================================================================== [ 30.443175] BUG: KMSAN: uninit-value in netif_skb_features+0xd1b/0xdc0 [ 30.449830] CPU: 1 PID: 3582 Comm: syzkaller435149 Not tainted 4.16.0+ #82 [ 30.456836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 30.466180] Call Trace: [ 30.468761] dump_stack+0x185/0x1d0 [ 30.472396] ? netif_skb_features+0xd1b/0xdc0 [ 30.476875] kmsan_report+0x142/0x240 [ 30.480674] __msan_warning_32+0x6c/0xb0 [ 30.484821] netif_skb_features+0xd1b/0xdc0 [ 30.489178] validate_xmit_skb+0x89/0x1320 [ 30.494045] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 30.499693] ? netdev_pick_tx+0x33b/0x500 [ 30.503861] __dev_queue_xmit+0x1cb2/0x2b60 [ 30.508196] dev_queue_xmit+0x4b/0x60 [ 30.511993] ? __netdev_pick_tx+0xb60/0xb60 [ 30.516335] packet_sendmsg+0x7c57/0x8a10 [ 30.520663] ? __msan_poison_alloca+0x15c/0x1d0 [ 30.525329] ? kmsan_set_origin_inline+0x6b/0x120 [ 30.530170] ? release_pages+0x1657/0x1670 [ 30.534409] ? free_unref_page_list+0x78/0x8b0 [ 30.538998] ? compat_packet_setsockopt+0x360/0x360 [ 30.544017] sock_write_iter+0x3b9/0x470 [ 30.548078] ? sock_read_iter+0x480/0x480 [ 30.552224] do_iter_readv_writev+0x7bb/0x970 [ 30.556721] ? sock_read_iter+0x480/0x480 [ 30.560858] do_iter_write+0x30d/0xd40 [ 30.565096] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 30.570546] do_writev+0x3c9/0x830 [ 30.574093] SYSC_writev+0x9b/0xb0 [ 30.577615] SyS_writev+0x56/0x80 [ 30.581054] do_syscall_64+0x309/0x430 [ 30.584937] ? SYSC_readv+0xb0/0xb0 [ 30.588579] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 30.593777] RIP: 0033:0x43ffa9 [ 30.596949] RSP: 002b:00007fff2cff3948 EFLAGS: 00000217 ORIG_RAX: 0000000000000014 [ 30.604639] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043ffa9 [ 30.611897] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000003 [ 30.619157] RBP: 00000000006cb018 R08: 0000000000000000 R09: 0000000000000000 [ 30.626416] R10: 0000000000000000 R11: 0000000000000217 R12: 00000000004018d0 [ 30.633698] R13: 0000000000401960 R14: 0000000000000000 R15: 0000000000000000 [ 30.640973] [ 30.642602] Uninit was created at: [ 30.646160] kmsan_internal_poison_shadow+0xb8/0x1b0 [ 30.651360] kmsan_kmalloc+0x94/0x100 [ 30.655186] kmsan_slab_alloc+0x11/0x20 [ 30.659180] __kmalloc_node_track_caller+0xaed/0x11c0 [ 30.664390] __alloc_skb+0x2cf/0x9f0 [ 30.668143] alloc_skb_with_frags+0x1d4/0xb20 [ 30.672647] sock_alloc_send_pskb+0xb56/0x1190 [ 30.677313] packet_sendmsg+0x6444/0x8a10 [ 30.681470] sock_write_iter+0x3b9/0x470 [ 30.685538] do_iter_readv_writev+0x7bb/0x970 [ 30.690040] do_iter_write+0x30d/0xd40 [ 30.693941] do_writev+0x3c9/0x830 [ 30.697485] SYSC_writev+0x9b/0xb0 [ 30.701027] SyS_writev+0x56/0x80 [ 30.704486] do_syscall_64+0x309/0x430 [ 30.708383] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 30.713577] ================================================================== [ 30.720942] Disabling lock debugging due to kernel taint [ 30.726391] Kernel panic - not syncing: panic_on_warn set ... [ 30.726391] [ 30.733753] CPU: 1 PID: 3582 Comm: syzkaller435149 Tainted: G B 4.16.0+ #82 [ 30.742067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 30.751436] Call Trace: [ 30.754134] dump_stack+0x185/0x1d0 [ 30.757771] panic+0x39d/0x940 [ 30.761070] ? netif_skb_features+0xd1b/0xdc0 [ 30.765594] kmsan_report+0x238/0x240 [ 30.769398] __msan_warning_32+0x6c/0xb0 [ 30.773468] netif_skb_features+0xd1b/0xdc0 [ 30.777796] validate_xmit_skb+0x89/0x1320 [ 30.782034] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 30.787397] ? netdev_pick_tx+0x33b/0x500 [ 30.791548] __dev_queue_xmit+0x1cb2/0x2b60 [ 30.795915] dev_queue_xmit+0x4b/0x60 [ 30.799721] ? __netdev_pick_tx+0xb60/0xb60 [ 30.804035] packet_sendmsg+0x7c57/0x8a10 [ 30.808183] ? __msan_poison_alloca+0x15c/0x1d0 [ 30.812866] ? kmsan_set_origin_inline+0x6b/0x120 [ 30.817728] ? release_pages+0x1657/0x1670 [ 30.821975] ? free_unref_page_list+0x78/0x8b0 [ 30.826570] ? compat_packet_setsockopt+0x360/0x360 [ 30.831614] sock_write_iter+0x3b9/0x470 [ 30.835680] ? sock_read_iter+0x480/0x480 [ 30.839843] do_iter_readv_writev+0x7bb/0x970 [ 30.844345] ? sock_read_iter+0x480/0x480 [ 30.848591] do_iter_write+0x30d/0xd40 [ 30.852488] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 30.857932] do_writev+0x3c9/0x830 [ 30.861487] SYSC_writev+0x9b/0xb0 [ 30.865037] SyS_writev+0x56/0x80 [ 30.868507] do_syscall_64+0x309/0x430 [ 30.872392] ? SYSC_readv+0xb0/0xb0 [ 30.876015] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 30.881200] RIP: 0033:0x43ffa9 [ 30.884390] RSP: 002b:00007fff2cff3948 EFLAGS: 00000217 ORIG_RAX: 0000000000000014 [ 30.892092] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043ffa9 [ 30.899352] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000003 [ 30.906630] RBP: 00000000006cb018 R08: 0000000000000000 R09: 0000000000000000 [ 30.913896] R10: 0000000000000000 R11: 0000000000000217 R12: 00000000004018d0 [ 30.921154] R13: 0000000000401960 R14: 0000000000000000 R15: 0000000000000000 [ 30.928940] Dumping ftrace buffer: [ 30.932471] (ftrace buffer empty) [ 30.936177] Kernel Offset: disabled [ 30.939797] Rebooting in 86400 seconds..