INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.49' (ECDSA) to the list of known hosts. 2018/05/01 17:23:31 parsed 1 programs 2018/05/01 17:23:31 executed programs: 0 syzkaller login: [ 39.840406] IPVS: ftp: loaded support on port[0] = 21 [ 39.895104] IPVS: ftp: loaded support on port[0] = 21 [ 39.973358] IPVS: ftp: loaded support on port[0] = 21 [ 40.067477] IPVS: ftp: loaded support on port[0] = 21 [ 40.225078] IPVS: ftp: loaded support on port[0] = 21 [ 40.302220] IPVS: ftp: loaded support on port[0] = 21 [ 40.423235] IPVS: ftp: loaded support on port[0] = 21 [ 40.514651] IPVS: ftp: loaded support on port[0] = 21 2018/05/01 17:23:36 executed programs: 237 2018/05/01 17:23:41 executed programs: 475 2018/05/01 17:23:46 executed programs: 715 2018/05/01 17:23:51 executed programs: 951 2018/05/01 17:23:56 executed programs: 1191 2018/05/01 17:24:01 executed programs: 1425 [ 70.502264] ================================================================== [ 70.509686] BUG: KMSAN: uninit-value in __list_del_entry_valid+0x38a/0x440 [ 70.516724] CPU: 1 PID: 4576 Comm: syz-executor3 Not tainted 4.16.0+ #87 [ 70.523540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 70.532875] Call Trace: [ 70.535460] dump_stack+0x185/0x1d0 [ 70.539078] ? __list_del_entry_valid+0x38a/0x440 [ 70.543906] kmsan_report+0x142/0x240 [ 70.547695] __msan_warning_32+0x6c/0xb0 [ 70.551744] __list_del_entry_valid+0x38a/0x440 [ 70.556401] dequeue_task_fair+0xac0/0x2ea0 [ 70.560715] ? enqueue_task_fair+0x43a0/0x43a0 [ 70.565285] deactivate_task+0x50d/0x780 [ 70.569342] __schedule+0x164/0x730 [ 70.572956] ? schedule+0x1cc/0x2f0 [ 70.576571] schedule+0x1cc/0x2f0 [ 70.580009] do_nanosleep+0x2c3/0x9b0 [ 70.583799] SYSC_nanosleep+0x420/0x6a0 [ 70.587767] ? hrtimer_init_sleeper+0xc0/0xc0 [ 70.592512] SyS_nanosleep+0x46/0x70 [ 70.596211] do_syscall_64+0x309/0x430 [ 70.600102] ? hrtimer_nanosleep+0x560/0x560 [ 70.604501] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 70.609678] RIP: 0033:0x481080 [ 70.612848] RSP: 002b:0000000000a3ea98 EFLAGS: 00000246 ORIG_RAX: 0000000000000023 [ 70.620549] RAX: ffffffffffffffda RBX: 00000000000000b2 RCX: 0000000000481080 [ 70.627817] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000a3eaa0 [ 70.635069] RBP: 0000000000011338 R08: 0000000000000001 R09: 00000000018e2940 [ 70.642326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 70.649581] R13: 0000000000000004 R14: 0000000000000218 R15: 0000000000011312 [ 70.656840] [ 70.658463] Uninit was stored to memory at: [ 70.662859] kmsan_internal_chain_origin+0x12b/0x210 [ 70.667945] __msan_chain_origin+0x69/0xc0 [ 70.672165] pick_next_task_fair+0x1e89/0x1f70 [ 70.676734] pick_next_task+0x1b4/0x410 [ 70.680701] __schedule+0x211/0x730 [ 70.684316] _cond_resched+0x5e/0xd0 [ 70.688019] dput+0x93/0xce0 [ 70.691020] __fput+0x933/0xa10 [ 70.694292] ____fput+0x37/0x40 [ 70.697556] task_work_run+0x243/0x2c0 [ 70.701428] do_exit+0x10e1/0x38d0 [ 70.704959] do_group_exit+0x1a0/0x360 [ 70.708835] SYSC_exit_group+0x21/0x30 [ 70.712708] SyS_exit_group+0x25/0x30 [ 70.716494] do_syscall_64+0x309/0x430 [ 70.720372] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 70.725538] Uninit was stored to memory at: [ 70.730757] kmsan_internal_chain_origin+0x12b/0x210 [ 70.735847] __msan_chain_origin+0x69/0xc0 [ 70.740064] enqueue_task_fair+0x2962/0x43a0 [ 70.744459] try_to_wake_up+0x13cc/0x20a0 [ 70.748604] wake_up_process+0x34/0x40 [ 70.752474] hrtimer_wakeup+0xac/0x100 [ 70.756371] __hrtimer_run_queues+0xc03/0x15d0 [ 70.760939] hrtimer_interrupt+0x426/0xaf0 [ 70.765158] local_apic_timer_interrupt+0x66/0x230 [ 70.770076] smp_apic_timer_interrupt+0x5a/0x90 [ 70.774725] Local variable description: ----t.i@SYSC_nanosleep [ 70.780670] Variable was created at: [ 70.784370] SYSC_nanosleep+0x5f/0x6a0 [ 70.788242] SyS_nanosleep+0x46/0x70 [ 70.791936] ================================================================== [ 70.799273] Disabling lock debugging due to kernel taint [ 70.804703] Kernel panic - not syncing: panic_on_warn set ... [ 70.804703] [ 70.812056] CPU: 1 PID: 4576 Comm: syz-executor3 Tainted: G B 4.16.0+ #87 [ 70.820194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 70.829536] Call Trace: [ 70.832114] dump_stack+0x185/0x1d0 [ 70.835734] panic+0x39d/0x940 [ 70.838927] ? __list_del_entry_valid+0x38a/0x440 [ 70.843754] kmsan_report+0x238/0x240 [ 70.847540] __msan_warning_32+0x6c/0xb0 [ 70.851588] __list_del_entry_valid+0x38a/0x440 [ 70.856240] dequeue_task_fair+0xac0/0x2ea0 [ 70.860552] ? enqueue_task_fair+0x43a0/0x43a0 [ 70.865118] deactivate_task+0x50d/0x780 [ 70.869164] __schedule+0x164/0x730 [ 70.872775] ? schedule+0x1cc/0x2f0 [ 70.876389] schedule+0x1cc/0x2f0 [ 70.879825] do_nanosleep+0x2c3/0x9b0 [ 70.883614] SYSC_nanosleep+0x420/0x6a0 [ 70.887573] ? hrtimer_init_sleeper+0xc0/0xc0 [ 70.892058] SyS_nanosleep+0x46/0x70 [ 70.895780] do_syscall_64+0x309/0x430 [ 70.899658] ? hrtimer_nanosleep+0x560/0x560 [ 70.904081] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 70.909262] RIP: 0033:0x481080 [ 70.912432] RSP: 002b:0000000000a3ea98 EFLAGS: 00000246 ORIG_RAX: 0000000000000023 [ 70.920132] RAX: ffffffffffffffda RBX: 00000000000000b2 RCX: 0000000000481080 [ 70.927384] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000a3eaa0 [ 70.934641] RBP: 0000000000011338 R08: 0000000000000001 R09: 00000000018e2940 [ 70.941892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 70.949144] R13: 0000000000000004 R14: 0000000000000218 R15: 0000000000011312 [ 72.104574] Shutting down cpus with NMI [ 72.120534] Dumping ftrace buffer: [ 72.124064] (ftrace buffer empty) [ 72.127754] Kernel Offset: disabled [ 72.131361] Rebooting in 86400 seconds..