INIT: Entering runlevel: 2
[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.51' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   39.357640] ==================================================================
[   39.365064] BUG: KMSAN: uninit-value in do_error_trap+0x39b/0x600
[   39.371287] CPU: 0 PID: 4553 Comm: syz-executor266 Not tainted 4.16.0+ #87
[   39.378278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   39.387617] Call Trace:
[   39.390200]  dump_stack+0x185/0x1d0
[   39.393819]  ? do_error_trap+0x39b/0x600
[   39.397867]  kmsan_report+0x142/0x240
[   39.401656]  __msan_warning_32+0x6c/0xb0
[   39.405701]  do_error_trap+0x39b/0x600
[   39.409576]  ? rb_next+0xa3/0x2d0
[   39.413017]  ? tcp_sacktag_walk+0x29b8/0x2a20
[   39.417499]  do_invalid_op+0x46/0x50
[   39.421201]  invalid_op+0x1b/0x40
[   39.424646] RIP: 0010:tcp_sacktag_write_queue+0x453b/0x4610
[   39.430335] RSP: 0018:ffff88019a35f1a0 EFLAGS: 00010293
[   39.435679] RAX: ffffffff88519d4b RBX: 0000000000000000 RCX: ffff8801ca588000
[   39.442936] RDX: 0000000000000000 RSI: aaaaaaaaaaaab000 RDI: ffffea0000000000
[   39.450191] RBP: ffff88019a35f358 R08: 0000000000000000 R09: 000077ff80000000
[   39.457444] R10: 0000000000000001 R11: ffff88019a350000 R12: 0000000000000009
[   39.464700] R13: 0000000000000000 R14: 0000000000000000 R15: 000000000000000a
[   39.471964]  ? tcp_sacktag_write_queue+0x453b/0x4610
[   39.477062]  ? entry_SYSCALL_64_after_hwframe+0x5f/0xa2
[   39.482414]  tcp_ack+0x20e8/0x8800
[   39.485942]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   39.491385]  tcp_rcv_established+0xfc1/0x2bb0
[   39.495863]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[   39.501214]  tcp_v4_do_rcv+0x6cd/0xd90
[   39.505089]  ? inet_sk_rx_dst_set+0x2c0/0x2c0
[   39.509570]  __release_sock+0x2d6/0x680
[   39.513545]  release_sock+0x97/0x2a0
[   39.517246]  tcp_sendmsg+0xd6/0x100
[   39.520859]  ? tcp_sendmsg_locked+0x6cf0/0x6cf0
[   39.525511]  inet_sendmsg+0x48d/0x740
[   39.529300]  ? security_socket_sendmsg+0x9e/0x210
[   39.534125]  ? inet_getname+0x500/0x500
[   39.538082]  sock_write_iter+0x3b9/0x470
[   39.542133]  ? sock_read_iter+0x480/0x480
[   39.546267]  do_iter_readv_writev+0x84d/0xa00
[   39.550752]  ? sock_read_iter+0x480/0x480
[   39.554886]  do_iter_write+0x30d/0xd40
[   39.558763]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[   39.564203]  do_writev+0x3c9/0x830
[   39.567730]  ? syscall_return_slowpath+0xe9/0x700
[   39.572560]  ? sock_common_recvmsg+0x270/0x270
[   39.577131]  ? SYSC_setsockopt+0x533/0x570
[   39.581355]  SYSC_writev+0x9b/0xb0
[   39.584878]  SyS_writev+0x56/0x80
[   39.588314]  do_syscall_64+0x309/0x430
[   39.592188]  ? SYSC_readv+0xb0/0xb0
[   39.595799]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   39.600970] RIP: 0033:0x440419
[   39.604142] RSP: 002b:00007ffd837374b8 EFLAGS: 00000217 ORIG_RAX: 0000000000000014
[   39.611839] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440419
[   39.619097] RDX: 0000000000000001 RSI: 00000000200006c0 RDI: 0000000000000003
[   39.626351] RBP: 00000000006cb018 R08: 0000000000000010 R09: 0000000000000010
[   39.633607] R10: 0000000000000182 R11: 0000000000000217 R12: 0000000000401d40
[   39.640864] R13: 0000000000401dd0 R14: 0000000000000000 R15: 0000000000000000
[   39.648127] 
[   39.649743] Local variable description: ----flags.i.i.i.i.i.i@__kmalloc
[   39.656472] Variable was created at:
[   39.660183]  __kmalloc+0x3c/0x350
[   39.663619]  tcp_get_metrics+0x1869/0x2c70
[   39.667835] ==================================================================
[   39.675176] Disabling lock debugging due to kernel taint
[   39.680608] Kernel panic - not syncing: panic_on_warn set ...
[   39.680608] 
[   39.687960] CPU: 0 PID: 4553 Comm: syz-executor266 Tainted: G    B            4.16.0+ #87
[   39.696258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   39.705596] Call Trace:
[   39.708180]  dump_stack+0x185/0x1d0
[   39.711794]  panic+0x39d/0x940
[   39.714983]  ? do_error_trap+0x39b/0x600
[   39.719027]  kmsan_report+0x238/0x240
[   39.722810]  __msan_warning_32+0x6c/0xb0
[   39.726858]  do_error_trap+0x39b/0x600
[   39.730731]  ? rb_next+0xa3/0x2d0
[   39.734169]  ? tcp_sacktag_walk+0x29b8/0x2a20
[   39.738655]  do_invalid_op+0x46/0x50
[   39.742354]  invalid_op+0x1b/0x40
[   39.745794] RIP: 0010:tcp_sacktag_write_queue+0x453b/0x4610
[   39.751487] RSP: 0018:ffff88019a35f1a0 EFLAGS: 00010293
[   39.756834] RAX: ffffffff88519d4b RBX: 0000000000000000 RCX: ffff8801ca588000
[   39.764095] RDX: 0000000000000000 RSI: aaaaaaaaaaaab000 RDI: ffffea0000000000
[   39.771360] RBP: ffff88019a35f358 R08: 0000000000000000 R09: 000077ff80000000
[   39.778614] R10: 0000000000000001 R11: ffff88019a350000 R12: 0000000000000009
[   39.785871] R13: 0000000000000000 R14: 0000000000000000 R15: 000000000000000a
[   39.793135]  ? tcp_sacktag_write_queue+0x453b/0x4610
[   39.798231]  ? entry_SYSCALL_64_after_hwframe+0x5f/0xa2
[   39.803582]  tcp_ack+0x20e8/0x8800
[   39.807116]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   39.812570]  tcp_rcv_established+0xfc1/0x2bb0
[   39.817058]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[   39.822409]  tcp_v4_do_rcv+0x6cd/0xd90
[   39.826288]  ? inet_sk_rx_dst_set+0x2c0/0x2c0
[   39.830766]  __release_sock+0x2d6/0x680
[   39.834729]  release_sock+0x97/0x2a0
[   39.838429]  tcp_sendmsg+0xd6/0x100
[   39.842047]  ? tcp_sendmsg_locked+0x6cf0/0x6cf0
[   39.846702]  inet_sendmsg+0x48d/0x740
[   39.850492]  ? security_socket_sendmsg+0x9e/0x210
[   39.855321]  ? inet_getname+0x500/0x500
[   39.859279]  sock_write_iter+0x3b9/0x470
[   39.863328]  ? sock_read_iter+0x480/0x480
[   39.867459]  do_iter_readv_writev+0x84d/0xa00
[   39.871940]  ? sock_read_iter+0x480/0x480
[   39.876078]  do_iter_write+0x30d/0xd40
[   39.879962]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[   39.885399]  do_writev+0x3c9/0x830
[   39.888929]  ? syscall_return_slowpath+0xe9/0x700
[   39.893760]  ? sock_common_recvmsg+0x270/0x270
[   39.898326]  ? SYSC_setsockopt+0x533/0x570
[   39.902550]  SYSC_writev+0x9b/0xb0
[   39.906078]  SyS_writev+0x56/0x80
[   39.909516]  do_syscall_64+0x309/0x430
[   39.913387]  ? SYSC_readv+0xb0/0xb0
[   39.916998]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   39.922167] RIP: 0033:0x440419
[   39.925338] RSP: 002b:00007ffd837374b8 EFLAGS: 00000217 ORIG_RAX: 0000000000000014
[   39.933029] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440419
[   39.940281] RDX: 0000000000000001 RSI: 00000000200006c0 RDI: 0000000000000003
[   39.947535] RBP: 00000000006cb018 R08: 0000000000000010 R09: 0000000000000010
[   39.954791] R10: 0000000000000182 R11: 0000000000000217 R12: 0000000000401d40
[   39.962046] R13: 0000000000401dd0 R14: 0000000000000000 R15: 0000000000000000
[   39.969855] Dumping ftrace buffer:
[   39.973392]    (ftrace buffer empty)
[   39.977081] Kernel Offset: disabled
[   39.980690] Rebooting in 86400 seconds..