INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.45' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 46.736191] ================================================================== [ 46.743579] BUG: KMSAN: uninit-value in __probe_kernel_read+0x224/0x280 [ 46.750312] CPU: 0 PID: 4491 Comm: syz-executor546 Not tainted 4.16.0+ #87 [ 46.757296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 46.766631] Call Trace: [ 46.769206] dump_stack+0x185/0x1d0 [ 46.772813] ? __probe_kernel_read+0x224/0x280 [ 46.777371] kmsan_report+0x142/0x240 [ 46.781150] __msan_warning_32+0x6c/0xb0 [ 46.785187] __probe_kernel_read+0x224/0x280 [ 46.789569] ? kmsan_copy_to_user+0x141/0x160 [ 46.794040] ? kmsan_copy_to_user+0x141/0x160 [ 46.798511] is_valid_bugaddr+0xb6/0x1a0 [ 46.802545] ? report_bug+0x4b/0x880 [ 46.806232] ? kmsan_copy_to_user+0x141/0x160 [ 46.810710] report_bug+0x6f/0x880 [ 46.814227] ? __msan_poison_alloca+0x15c/0x1d0 [ 46.818872] ? do_invalid_op+0x46/0x50 [ 46.822733] ? kmsan_copy_to_user+0x141/0x160 [ 46.827875] ? do_error_trap+0xac/0x600 [ 46.831831] ? do_invalid_op+0x46/0x50 [ 46.835693] ? kmsan_copy_to_user+0x141/0x160 [ 46.840162] do_error_trap+0x1aa/0x600 [ 46.844024] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 46.849361] ? kfree+0x736/0x29e0 [ 46.852789] ? _cond_resched+0x3c/0xd0 [ 46.856658] ? rcu_all_qs+0x32/0x1f0 [ 46.860347] ? _cond_resched+0x3c/0xd0 [ 46.864211] do_invalid_op+0x46/0x50 [ 46.867899] invalid_op+0x1b/0x40 [ 46.871328] RIP: 0010:kmsan_copy_to_user+0x141/0x160 [ 46.876401] RSP: 0018:ffff8801b7bafaa0 EFLAGS: 00010202 [ 46.881738] RAX: ffff8801cedabb00 RBX: ffff8801b7bafb20 RCX: 0000000000000004 [ 46.888986] RDX: 00007ffffffff000 RSI: ffff8801b7bafb20 RDI: ffffffffffffffff [ 46.896231] RBP: ffff8801b7bafae8 R08: 0000000000000000 R09: 000077ff80000000 [ 46.903473] R10: 0000000000000002 R11: 0000000000000000 R12: 0000000000000004 [ 46.910717] R13: ffffffffffffffff R14: 0000000000000000 R15: ffff8801cedac418 [ 46.917981] ucma_destroy_id+0x732/0x7c0 [ 46.922019] ucma_write+0x576/0x5e0 [ 46.925621] ? show_ibdev+0xf0/0xf0 [ 46.929226] __vfs_write+0x1a3/0x9f0 [ 46.932918] vfs_write+0x463/0x8d0 [ 46.936437] SYSC_write+0x172/0x360 [ 46.940041] SyS_write+0x55/0x80 [ 46.943383] do_syscall_64+0x309/0x430 [ 46.947247] ? SYSC_read+0x360/0x360 [ 46.950939] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 46.956102] RIP: 0033:0x4455b9 [ 46.959276] RSP: 002b:00007f2ee691bda8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 46.966958] RAX: ffffffffffffffda RBX: 00000000006dac24 RCX: 00000000004455b9 [ 46.974208] RDX: 000000000000001c RSI: 0000000020000180 RDI: 0000000000000003 [ 46.981458] RBP: 00000000006dac20 R08: 0000000000000000 R09: 0000000000000000 [ 46.988703] R10: 0000000000000000 R11: 0000000000000246 R12: 006d635f616d6472 [ 46.995955] R13: 2f646e6162696e69 R14: 666e692f7665642f R15: 0000000000000001 [ 47.003202] [ 47.004808] Local variable description: ----seq.i@path_openat [ 47.010660] Variable was created at: [ 47.014347] path_openat+0xa4/0x6610 [ 47.018034] do_filp_open+0x261/0x640 [ 47.021803] ================================================================== [ 47.029132] Disabling lock debugging due to kernel taint [ 47.034552] Kernel panic - not syncing: panic_on_warn set ... [ 47.034552] [ 47.041890] CPU: 0 PID: 4491 Comm: syz-executor546 Tainted: G B 4.16.0+ #87 [ 47.050174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 47.059499] Call Trace: [ 47.062063] dump_stack+0x185/0x1d0 [ 47.065675] panic+0x39d/0x940 [ 47.068855] ? __probe_kernel_read+0x224/0x280 [ 47.073416] kmsan_report+0x238/0x240 [ 47.077195] __msan_warning_32+0x6c/0xb0 [ 47.081231] __probe_kernel_read+0x224/0x280 [ 47.085615] ? kmsan_copy_to_user+0x141/0x160 [ 47.090085] ? kmsan_copy_to_user+0x141/0x160 [ 47.094563] is_valid_bugaddr+0xb6/0x1a0 [ 47.098598] ? report_bug+0x4b/0x880 [ 47.102294] ? kmsan_copy_to_user+0x141/0x160 [ 47.106765] report_bug+0x6f/0x880 [ 47.110281] ? __msan_poison_alloca+0x15c/0x1d0 [ 47.114925] ? do_invalid_op+0x46/0x50 [ 47.118786] ? kmsan_copy_to_user+0x141/0x160 [ 47.123259] ? do_error_trap+0xac/0x600 [ 47.127207] ? do_invalid_op+0x46/0x50 [ 47.131069] ? kmsan_copy_to_user+0x141/0x160 [ 47.135540] do_error_trap+0x1aa/0x600 [ 47.139402] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 47.144742] ? kfree+0x736/0x29e0 [ 47.148170] ? _cond_resched+0x3c/0xd0 [ 47.152038] ? rcu_all_qs+0x32/0x1f0 [ 47.155727] ? _cond_resched+0x3c/0xd0 [ 47.159590] do_invalid_op+0x46/0x50 [ 47.163281] invalid_op+0x1b/0x40 [ 47.166711] RIP: 0010:kmsan_copy_to_user+0x141/0x160 [ 47.171786] RSP: 0018:ffff8801b7bafaa0 EFLAGS: 00010202 [ 47.177124] RAX: ffff8801cedabb00 RBX: ffff8801b7bafb20 RCX: 0000000000000004 [ 47.184370] RDX: 00007ffffffff000 RSI: ffff8801b7bafb20 RDI: ffffffffffffffff [ 47.191613] RBP: ffff8801b7bafae8 R08: 0000000000000000 R09: 000077ff80000000 [ 47.198856] R10: 0000000000000002 R11: 0000000000000000 R12: 0000000000000004 [ 47.206104] R13: ffffffffffffffff R14: 0000000000000000 R15: ffff8801cedac418 [ 47.213365] ucma_destroy_id+0x732/0x7c0 [ 47.217406] ucma_write+0x576/0x5e0 [ 47.221016] ? show_ibdev+0xf0/0xf0 [ 47.224626] __vfs_write+0x1a3/0x9f0 [ 47.228323] vfs_write+0x463/0x8d0 [ 47.231847] SYSC_write+0x172/0x360 [ 47.235453] SyS_write+0x55/0x80 [ 47.238795] do_syscall_64+0x309/0x430 [ 47.242656] ? SYSC_read+0x360/0x360 [ 47.246350] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 47.251512] RIP: 0033:0x4455b9 [ 47.254674] RSP: 002b:00007f2ee691bda8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 47.262365] RAX: ffffffffffffffda RBX: 00000000006dac24 RCX: 00000000004455b9 [ 47.269610] RDX: 000000000000001c RSI: 0000000020000180 RDI: 0000000000000003 [ 47.276860] RBP: 00000000006dac20 R08: 0000000000000000 R09: 0000000000000000 [ 47.284114] R10: 0000000000000000 R11: 0000000000000246 R12: 006d635f616d6472 [ 47.291360] R13: 2f646e6162696e69 R14: 666e692f7665642f R15: 0000000000000001 [ 47.299138] Dumping ftrace buffer: [ 47.302658] (ftrace buffer empty) [ 47.306342] Kernel Offset: disabled [ 47.309943] Rebooting in 86400 seconds..