INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.44' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 30.594371] ================================================================== [ 30.601771] BUG: KMSAN: uninit-value in rawv6_sendmsg+0x4bee/0x4cc0 [ 30.608160] CPU: 0 PID: 3582 Comm: syzkaller205678 Not tainted 4.16.0+ #82 [ 30.615145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 30.624472] Call Trace: [ 30.627047] dump_stack+0x185/0x1d0 [ 30.630660] ? rawv6_sendmsg+0x4bee/0x4cc0 [ 30.634868] kmsan_report+0x142/0x240 [ 30.638647] __msan_warning_32+0x6c/0xb0 [ 30.642686] rawv6_sendmsg+0x4bee/0x4cc0 [ 30.646724] ? kmsan_internal_unpoison_shadow+0x83/0xe0 [ 30.652074] ? rw_copy_check_uvector+0x5af/0x6c0 [ 30.656816] ? kmsan_set_origin_inline+0x6b/0x120 [ 30.661648] ? compat_rawv6_ioctl+0x30/0x30 [ 30.665947] inet_sendmsg+0x48d/0x740 [ 30.669732] ? security_socket_sendmsg+0x9e/0x210 [ 30.674554] ? inet_getname+0x500/0x500 [ 30.678689] sock_write_iter+0x3b9/0x470 [ 30.682732] ? sock_read_iter+0x480/0x480 [ 30.686858] __vfs_write+0x719/0x910 [ 30.690560] vfs_write+0x463/0x8d0 [ 30.694081] SYSC_write+0x172/0x360 [ 30.697689] SyS_write+0x55/0x80 [ 30.701041] do_syscall_64+0x309/0x430 [ 30.704914] ? SYSC_read+0x360/0x360 [ 30.708609] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 30.713773] RIP: 0033:0x43ff69 [ 30.716936] RSP: 002b:00007ffcf7284f28 EFLAGS: 00000203 ORIG_RAX: 0000000000000001 [ 30.724628] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043ff69 [ 30.731872] RDX: 000000000000002e RSI: 00000000200001c0 RDI: 0000000000000003 [ 30.739125] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8 [ 30.746369] R10: 00000000004002c8 R11: 0000000000000203 R12: 0000000000401890 [ 30.753625] R13: 0000000000401920 R14: 0000000000000000 R15: 0000000000000000 [ 30.760871] [ 30.762472] Uninit was stored to memory at: [ 30.766774] kmsan_internal_chain_origin+0x12b/0x210 [ 30.771853] kmsan_memcpy_origins+0x11d/0x170 [ 30.776326] __msan_memcpy+0x19f/0x1f0 [ 30.780187] skb_copy_bits+0x63a/0xdb0 [ 30.784054] rawv6_sendmsg+0x427e/0x4cc0 [ 30.788103] inet_sendmsg+0x48d/0x740 [ 30.791880] sock_write_iter+0x3b9/0x470 [ 30.795916] __vfs_write+0x719/0x910 [ 30.799603] vfs_write+0x463/0x8d0 [ 30.803119] SYSC_write+0x172/0x360 [ 30.806718] SyS_write+0x55/0x80 [ 30.810061] do_syscall_64+0x309/0x430 [ 30.813926] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 30.819084] Uninit was created at: [ 30.822601] kmsan_alloc_meta_for_pages+0x161/0x3a0 [ 30.827589] kmsan_alloc_page+0x82/0xe0 [ 30.831542] __alloc_pages_nodemask+0xf5b/0x5dc0 [ 30.836272] alloc_pages_current+0x6b5/0x970 [ 30.840659] skb_page_frag_refill+0x3ba/0x5e0 [ 30.845128] sk_page_frag_refill+0xa4/0x340 [ 30.849427] __ip6_append_data+0x1a20/0x4bb0 [ 30.853811] ip6_append_data+0x40e/0x6b0 [ 30.857845] rawv6_sendmsg+0x2787/0x4cc0 [ 30.861878] inet_sendmsg+0x48d/0x740 [ 30.865654] sock_write_iter+0x3b9/0x470 [ 30.869690] __vfs_write+0x719/0x910 [ 30.873377] vfs_write+0x463/0x8d0 [ 30.876890] SYSC_write+0x172/0x360 [ 30.880491] SyS_write+0x55/0x80 [ 30.883832] do_syscall_64+0x309/0x430 [ 30.887694] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 30.892854] ================================================================== [ 30.900185] Disabling lock debugging due to kernel taint [ 30.905606] Kernel panic - not syncing: panic_on_warn set ... [ 30.905606] [ 30.912945] CPU: 0 PID: 3582 Comm: syzkaller205678 Tainted: G B 4.16.0+ #82 [ 30.921229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 30.930554] Call Trace: [ 30.933122] dump_stack+0x185/0x1d0 [ 30.936725] panic+0x39d/0x940 [ 30.939902] ? rawv6_sendmsg+0x4bee/0x4cc0 [ 30.944112] kmsan_report+0x238/0x240 [ 30.947893] __msan_warning_32+0x6c/0xb0 [ 30.951932] rawv6_sendmsg+0x4bee/0x4cc0 [ 30.955972] ? kmsan_internal_unpoison_shadow+0x83/0xe0 [ 30.961315] ? rw_copy_check_uvector+0x5af/0x6c0 [ 30.966058] ? kmsan_set_origin_inline+0x6b/0x120 [ 30.970883] ? compat_rawv6_ioctl+0x30/0x30 [ 30.975183] inet_sendmsg+0x48d/0x740 [ 30.978959] ? security_socket_sendmsg+0x9e/0x210 [ 30.983777] ? inet_getname+0x500/0x500 [ 30.987738] sock_write_iter+0x3b9/0x470 [ 30.991778] ? sock_read_iter+0x480/0x480 [ 30.995916] __vfs_write+0x719/0x910 [ 30.999609] vfs_write+0x463/0x8d0 [ 31.003130] SYSC_write+0x172/0x360 [ 31.006733] SyS_write+0x55/0x80 [ 31.010079] do_syscall_64+0x309/0x430 [ 31.013946] ? SYSC_read+0x360/0x360 [ 31.017642] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 31.022807] RIP: 0033:0x43ff69 [ 31.025970] RSP: 002b:00007ffcf7284f28 EFLAGS: 00000203 ORIG_RAX: 0000000000000001 [ 31.033657] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043ff69 [ 31.040900] RDX: 000000000000002e RSI: 00000000200001c0 RDI: 0000000000000003 [ 31.048144] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8 [ 31.055390] R10: 00000000004002c8 R11: 0000000000000203 R12: 0000000000401890 [ 31.062636] R13: 0000000000401920 R14: 0000000000000000 R15: 0000000000000000 [ 31.070352] Dumping ftrace buffer: [ 31.073869] (ftrace buffer empty) [ 31.077549] Kernel Offset: disabled [ 31.081146] Rebooting in 86400 seconds..