INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.18' (ECDSA) to the list of known hosts. executing program executing program syzkaller login: [ 38.024625] ================================================================== [ 38.032038] BUG: KMSAN: uninit-value in inet_csk_bind_conflict+0x5f9/0x990 [ 38.039048] CPU: 1 PID: 3589 Comm: syzkaller008242 Not tainted 4.16.0+ #82 [ 38.046039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 38.055375] Call Trace: [ 38.057955] dump_stack+0x185/0x1d0 [ 38.061561] ? inet_csk_bind_conflict+0x5f9/0x990 [ 38.066383] kmsan_report+0x142/0x240 [ 38.070161] __msan_warning_32+0x6c/0xb0 [ 38.074198] inet_csk_bind_conflict+0x5f9/0x990 [ 38.078851] inet_csk_get_port+0x1d28/0x1e40 [ 38.083238] ? __msan_poison_alloca+0x15c/0x1d0 [ 38.087983] ? local_bh_enable+0x36/0x40 [ 38.092035] ? __local_bh_enable_ip+0x3b/0x140 [ 38.096602] ? local_bh_enable+0x36/0x40 [ 38.100641] ? inet_get_local_port_range+0x2d0/0x2d0 [ 38.105719] inet6_bind+0x121c/0x1820 [ 38.109505] ? ipv6_mod_enabled+0x60/0x60 [ 38.113634] SYSC_bind+0x3f2/0x4b0 [ 38.117153] SyS_bind+0x54/0x80 [ 38.120450] do_syscall_64+0x309/0x430 [ 38.124319] ? SYSC_socketpair+0x14a0/0x14a0 [ 38.128715] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 38.133879] RIP: 0033:0x4416e9 [ 38.137047] RSP: 002b:00007ffce6d15c88 EFLAGS: 00000217 ORIG_RAX: 0000000000000031 [ 38.144730] RAX: ffffffffffffffda RBX: 0100000000000000 RCX: 00000000004416e9 [ 38.151985] RDX: 000000000000001c RSI: 0000000020402000 RDI: 0000000000000004 [ 38.159238] RBP: 0000000000000000 R08: 00000000e6d15e08 R09: 00000000e6d15e08 [ 38.166489] R10: 0000000000000004 R11: 0000000000000217 R12: 0000000000009478 [ 38.173742] R13: 00000000006cd448 R14: 0000000000000000 R15: 0000000000000000 [ 38.180989] [ 38.182593] Uninit was stored to memory at: [ 38.186895] kmsan_internal_chain_origin+0x12b/0x210 [ 38.191977] __msan_chain_origin+0x69/0xc0 [ 38.196199] tcp_time_wait+0xf17/0xf50 [ 38.200067] tcp_rcv_state_process+0xebe/0x6490 [ 38.204712] tcp_v6_do_rcv+0x11dd/0x1d90 [ 38.208749] __release_sock+0x2d6/0x680 [ 38.212694] release_sock+0x97/0x2a0 [ 38.216381] tcp_close+0x277/0x18f0 [ 38.219984] inet_release+0x240/0x2a0 [ 38.223762] inet6_release+0xaf/0x100 [ 38.227548] sock_close+0xe0/0x300 [ 38.231074] __fput+0x49e/0xa10 [ 38.234325] ____fput+0x37/0x40 [ 38.237588] task_work_run+0x243/0x2c0 [ 38.241455] do_exit+0x10e1/0x38d0 [ 38.244970] do_group_exit+0x1a0/0x360 [ 38.248833] SYSC_exit_group+0x21/0x30 [ 38.252698] SyS_exit_group+0x25/0x30 [ 38.256473] do_syscall_64+0x309/0x430 [ 38.260338] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 38.265493] Uninit was stored to memory at: [ 38.269875] kmsan_internal_chain_origin+0x12b/0x210 [ 38.274949] __msan_chain_origin+0x69/0xc0 [ 38.279156] inet_twsk_alloc+0xaef/0xc00 [ 38.283190] tcp_time_wait+0xd9/0xf50 [ 38.286964] tcp_rcv_state_process+0xebe/0x6490 [ 38.291610] tcp_v6_do_rcv+0x11dd/0x1d90 [ 38.295644] __release_sock+0x2d6/0x680 [ 38.299587] release_sock+0x97/0x2a0 [ 38.303273] tcp_close+0x277/0x18f0 [ 38.306872] inet_release+0x240/0x2a0 [ 38.310666] inet6_release+0xaf/0x100 [ 38.314445] sock_close+0xe0/0x300 [ 38.317957] __fput+0x49e/0xa10 [ 38.321205] ____fput+0x37/0x40 [ 38.324459] task_work_run+0x243/0x2c0 [ 38.328320] do_exit+0x10e1/0x38d0 [ 38.331831] do_group_exit+0x1a0/0x360 [ 38.335688] SYSC_exit_group+0x21/0x30 [ 38.339546] SyS_exit_group+0x25/0x30 [ 38.343318] do_syscall_64+0x309/0x430 [ 38.347180] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 38.352336] Uninit was created at: [ 38.355849] kmsan_internal_poison_shadow+0xb8/0x1b0 [ 38.360923] kmsan_kmalloc+0x94/0x100 [ 38.364702] kmem_cache_alloc+0xaab/0xb90 [ 38.368822] inet_twsk_alloc+0x13b/0xc00 [ 38.372856] tcp_time_wait+0xd9/0xf50 [ 38.376628] tcp_rcv_state_process+0xebe/0x6490 [ 38.381269] tcp_v6_do_rcv+0x11dd/0x1d90 [ 38.385304] __release_sock+0x2d6/0x680 [ 38.389247] release_sock+0x97/0x2a0 [ 38.392933] tcp_close+0x277/0x18f0 [ 38.396534] inet_release+0x240/0x2a0 [ 38.400309] inet6_release+0xaf/0x100 [ 38.404082] sock_close+0xe0/0x300 [ 38.407592] __fput+0x49e/0xa10 [ 38.410842] ____fput+0x37/0x40 [ 38.414098] task_work_run+0x243/0x2c0 [ 38.417956] do_exit+0x10e1/0x38d0 [ 38.421466] do_group_exit+0x1a0/0x360 [ 38.425327] SYSC_exit_group+0x21/0x30 [ 38.429184] SyS_exit_group+0x25/0x30 [ 38.432955] do_syscall_64+0x309/0x430 [ 38.436814] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 38.441970] ================================================================== [ 38.449297] Disabling lock debugging due to kernel taint [ 38.454713] Kernel panic - not syncing: panic_on_warn set ... [ 38.454713] [ 38.462053] CPU: 1 PID: 3589 Comm: syzkaller008242 Tainted: G B 4.16.0+ #82 [ 38.470336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 38.479659] Call Trace: [ 38.482224] dump_stack+0x185/0x1d0 [ 38.485824] panic+0x39d/0x940 [ 38.489001] ? inet_csk_bind_conflict+0x5f9/0x990 [ 38.493815] kmsan_report+0x238/0x240 [ 38.497590] __msan_warning_32+0x6c/0xb0 [ 38.501622] inet_csk_bind_conflict+0x5f9/0x990 [ 38.506266] inet_csk_get_port+0x1d28/0x1e40 [ 38.510646] ? __msan_poison_alloca+0x15c/0x1d0 [ 38.515287] ? local_bh_enable+0x36/0x40 [ 38.519323] ? __local_bh_enable_ip+0x3b/0x140 [ 38.523875] ? local_bh_enable+0x36/0x40 [ 38.527910] ? inet_get_local_port_range+0x2d0/0x2d0 [ 38.532986] inet6_bind+0x121c/0x1820 [ 38.536764] ? ipv6_mod_enabled+0x60/0x60 [ 38.540885] SYSC_bind+0x3f2/0x4b0 [ 38.544410] SyS_bind+0x54/0x80 [ 38.547675] do_syscall_64+0x309/0x430 [ 38.551543] ? SYSC_socketpair+0x14a0/0x14a0 [ 38.555926] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 38.561087] RIP: 0033:0x4416e9 [ 38.564248] RSP: 002b:00007ffce6d15c88 EFLAGS: 00000217 ORIG_RAX: 0000000000000031 [ 38.571929] RAX: ffffffffffffffda RBX: 0100000000000000 RCX: 00000000004416e9 [ 38.579170] RDX: 000000000000001c RSI: 0000000020402000 RDI: 0000000000000004 [ 38.586408] RBP: 0000000000000000 R08: 00000000e6d15e08 R09: 00000000e6d15e08 [ 38.593648] R10: 0000000000000004 R11: 0000000000000217 R12: 0000000000009478 [ 38.600890] R13: 00000000006cd448 R14: 0000000000000000 R15: 0000000000000000 [ 38.608509] Dumping ftrace buffer: [ 38.612024] (ftrace buffer empty) [ 38.615704] Kernel Offset: disabled [ 38.619301] Rebooting in 86400 seconds..