INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.33' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 32.614683] ================================================================== [ 32.622058] BUG: KMSAN: uninit-value in do_error_trap+0x39b/0x600 [ 32.628265] CPU: 1 PID: 3568 Comm: syzkaller958196 Not tainted 4.16.0+ #82 [ 32.635249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 32.644579] Call Trace: [ 32.647143] dump_stack+0x185/0x1d0 [ 32.650744] ? do_error_trap+0x39b/0x600 [ 32.654779] kmsan_report+0x142/0x240 [ 32.658555] __msan_warning_32+0x6c/0xb0 [ 32.662591] do_error_trap+0x39b/0x600 [ 32.666453] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 32.671794] ? consume_skb+0x2d2/0x380 [ 32.675661] do_invalid_op+0x46/0x50 [ 32.679351] invalid_op+0x1b/0x40 [ 32.682781] RIP: 0010:kmsan_copy_to_user+0x141/0x160 [ 32.687853] RSP: 0018:ffff8801aebff968 EFLAGS: 00010202 [ 32.693188] RAX: ffff8801df02d880 RBX: ffff8801aebffb00 RCX: 0000000000000010 [ 32.700435] RDX: 00007ffffffff000 RSI: ffff8801aebffb00 RDI: 65732f636f72702f [ 32.707678] RBP: ffff8801aebff9b0 R08: 0000000001080020 R09: ffff8801ae3efa24 [ 32.714927] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000010 [ 32.722171] R13: 65732f636f72702f R14: 0000000000000000 R15: 00000000b3800071 [ 32.729426] move_addr_to_user+0x32e/0x530 [ 32.733641] ___sys_recvmsg+0x4e2/0x810 [ 32.737592] ? __msan_poison_alloca+0x15c/0x1d0 [ 32.742235] ? _cond_resched+0x3c/0xd0 [ 32.746099] ? rcu_all_qs+0x32/0x1f0 [ 32.749787] ? _cond_resched+0x3c/0xd0 [ 32.753650] ? __sys_recvmmsg+0x908/0xdb0 [ 32.757772] ? rcu_all_qs+0x32/0x1f0 [ 32.761462] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 32.766888] __sys_recvmmsg+0x54e/0xdb0 [ 32.770846] SYSC_recvmmsg+0x29b/0x3e0 [ 32.774710] SyS_recvmmsg+0x76/0xa0 [ 32.778311] do_syscall_64+0x309/0x430 [ 32.782174] ? __sys_recvmmsg+0xdb0/0xdb0 [ 32.786298] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 32.791460] RIP: 0033:0x43ff69 [ 32.794624] RSP: 002b:00007ffc8d781ec8 EFLAGS: 00000286 ORIG_RAX: 000000000000012b [ 32.802304] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043ff69 [ 32.809555] RDX: 0000000000000050 RSI: 0000000020000140 RDI: 0000000000000003 [ 32.816800] RBP: 00000000006ca018 R08: 00000000200001c0 R09: 0000000000000010 [ 32.824052] R10: 0000000000000002 R11: 0000000000000286 R12: 0000000000401890 [ 32.831303] R13: 0000000000401920 R14: 0000000000000000 R15: 0000000000000000 [ 32.838548] [ 32.840149] Local variable description: ----wait.i@lock_sock_nested [ 32.846521] Variable was created at: [ 32.850210] lock_sock_nested+0x3f/0x2a0 [ 32.854246] raw_sendmsg+0x27bc/0x3ed0 [ 32.858101] ================================================================== [ 32.865429] Disabling lock debugging due to kernel taint [ 32.870848] Kernel panic - not syncing: panic_on_warn set ... [ 32.870848] [ 32.878186] CPU: 1 PID: 3568 Comm: syzkaller958196 Tainted: G B 4.16.0+ #82 [ 32.886471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 32.895798] Call Trace: [ 32.898366] dump_stack+0x185/0x1d0 [ 32.901971] panic+0x39d/0x940 [ 32.905147] ? do_error_trap+0x39b/0x600 [ 32.909181] kmsan_report+0x238/0x240 [ 32.912956] __msan_warning_32+0x6c/0xb0 [ 32.916993] do_error_trap+0x39b/0x600 [ 32.920854] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 32.926193] ? consume_skb+0x2d2/0x380 [ 32.930058] do_invalid_op+0x46/0x50 [ 32.933750] invalid_op+0x1b/0x40 [ 32.937178] RIP: 0010:kmsan_copy_to_user+0x141/0x160 [ 32.942252] RSP: 0018:ffff8801aebff968 EFLAGS: 00010202 [ 32.947589] RAX: ffff8801df02d880 RBX: ffff8801aebffb00 RCX: 0000000000000010 [ 32.954836] RDX: 00007ffffffff000 RSI: ffff8801aebffb00 RDI: 65732f636f72702f [ 32.962080] RBP: ffff8801aebff9b0 R08: 0000000001080020 R09: ffff8801ae3efa24 [ 32.969326] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000010 [ 32.976569] R13: 65732f636f72702f R14: 0000000000000000 R15: 00000000b3800071 [ 32.983825] move_addr_to_user+0x32e/0x530 [ 32.988050] ___sys_recvmsg+0x4e2/0x810 [ 32.992185] ? __msan_poison_alloca+0x15c/0x1d0 [ 32.996829] ? _cond_resched+0x3c/0xd0 [ 33.000694] ? rcu_all_qs+0x32/0x1f0 [ 33.004382] ? _cond_resched+0x3c/0xd0 [ 33.008244] ? __sys_recvmmsg+0x908/0xdb0 [ 33.012368] ? rcu_all_qs+0x32/0x1f0 [ 33.016062] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 33.021501] __sys_recvmmsg+0x54e/0xdb0 [ 33.025457] SYSC_recvmmsg+0x29b/0x3e0 [ 33.029321] SyS_recvmmsg+0x76/0xa0 [ 33.032921] do_syscall_64+0x309/0x430 [ 33.036784] ? __sys_recvmmsg+0xdb0/0xdb0 [ 33.040909] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 33.046069] RIP: 0033:0x43ff69 [ 33.049234] RSP: 002b:00007ffc8d781ec8 EFLAGS: 00000286 ORIG_RAX: 000000000000012b [ 33.056917] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043ff69 [ 33.064160] RDX: 0000000000000050 RSI: 0000000020000140 RDI: 0000000000000003 [ 33.071402] RBP: 00000000006ca018 R08: 00000000200001c0 R09: 0000000000000010 [ 33.078645] R10: 0000000000000002 R11: 0000000000000286 R12: 0000000000401890 [ 33.085886] R13: 0000000000401920 R14: 0000000000000000 R15: 0000000000000000 [ 33.093614] Dumping ftrace buffer: [ 33.097128] (ftrace buffer empty) [ 33.100808] Kernel Offset: disabled [ 33.104405] Rebooting in 86400 seconds..