INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.32' (ECDSA) to the list of known hosts. executing program executing program syzkaller login: [ 44.270525] Not allocated shadow for addr ffff8801c3000000 (page ffffea000a920000) [ 44.272235] Not allocated shadow for addr ffff8801c3000000 (page ffffea000a920000) [ 44.278297] ------------[ cut here ]------------ [ 44.286000] ------------[ cut here ]------------ [ 44.290715] kernel BUG at mm/kmsan/kmsan.c:1326! [ 44.295447] kernel BUG at mm/kmsan/kmsan.c:1326! [ 44.300189] invalid opcode: 0000 [#1] SMP PTI [ 44.309385] Dumping ftrace buffer: [ 44.312902] (ftrace buffer empty) [ 44.316597] Modules linked in: [ 44.319783] CPU: 0 PID: 4525 Comm: syz-executor123 Not tainted 4.16.0+ #87 [ 44.326778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.336130] RIP: 0010:kmsan_get_shadow_address+0x1ce/0x1f0 [ 44.341736] RSP: 0018:ffff8801c5bdf978 EFLAGS: 00010002 [ 44.347083] RAX: 0000000000000046 RBX: 0000000000000700 RCX: 0000000000000000 [ 44.354337] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff88021fc30418 [ 44.361594] RBP: ffff8801c5bdf990 R08: 0000000000000000 R09: 0000000000000001 [ 44.368855] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801c3000000 [ 44.376110] R13: 000000000000b000 R14: 0000000000000001 R15: 0000000000001000 [ 44.383370] FS: 00007f778bae1700(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000 [ 44.391583] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 44.397453] CR2: 0000000020000000 CR3: 00000001a67e8000 CR4: 00000000001406f0 [ 44.404737] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 44.412003] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 44.419265] Call Trace: [ 44.421847] kmsan_internal_unpoison_shadow+0x5c/0xe0 [ 44.427027] kmsan_unpoison_shadow+0x66/0xb0 [ 44.431425] get_user_pages_fast+0x47b/0x760 [ 44.435825] iov_iter_get_pages+0x465/0x1810 [ 44.440232] SYSC_vmsplice+0xa66/0x1960 [ 44.444205] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 44.449140] SyS_vmsplice+0x64/0x90 [ 44.452763] do_syscall_64+0x309/0x430 [ 44.456653] ? direct_splice_actor+0x200/0x200 [ 44.461232] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 44.466429] RIP: 0033:0x4454f9 [ 44.469605] RSP: 002b:00007f778bae0db8 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 44.477300] RAX: ffffffffffffffda RBX: 00000000006dac24 RCX: 00000000004454f9 [ 44.484560] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000006 [ 44.491817] RBP: 00000000006dac20 R08: 0000000000000000 R09: 0000000000000000 [ 44.499085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 44.506344] R13: 00007ffc68aa536f R14: 00007f778bae19c0 R15: 0000000000000002 [ 44.513608] Code: 75 29 48 c7 c7 fd 92 7d 8a 31 c0 e8 4d 68 86 ff 80 3c 25 e8 03 2c 8b 00 75 11 48 c7 c7 2d 93 7d 8a 31 c0 4c 89 fe e8 32 68 86 ff <0f> 0b eb fe 48 3d ff ff ff 1f 0f 87 a2 fe ff ff 48 8b 1c 25 10 [ 44.532792] RIP: kmsan_get_shadow_address+0x1ce/0x1f0 RSP: ffff8801c5bdf978 [ 44.539888] ---[ end trace 50af01b4d1c66f34 ]--- [ 44.539897] invalid opcode: 0000 [#2] SMP PTI [ 44.539906] Dumping ftrace buffer: [ 44.544639] Kernel panic - not syncing: Fatal exception [ 44.549126] (ftrace buffer empty) [ 44.561679] Modules linked in: [ 44.564869] CPU: 1 PID: 4526 Comm: syz-executor123 Tainted: G D 4.16.0+ #87 [ 44.573172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.582528] RIP: 0010:kmsan_get_shadow_address+0x1ce/0x1f0 [ 44.588139] RSP: 0018:ffff8801c75df978 EFLAGS: 00010002 [ 44.593497] RAX: 0000000000000046 RBX: 0000000000000700 RCX: 0000000000000000 [ 44.600763] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff88021fd30418 [ 44.608027] RBP: ffff8801c75df990 R08: 0000000000000000 R09: 0000000000000001 [ 44.615300] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801c3000000 [ 44.622559] R13: 000000000000b000 R14: 0000000000000001 R15: 0000000000001000 [ 44.629825] FS: 00007f778bac0700(0000) GS:ffff88021fd00000(0000) knlGS:0000000000000000 [ 44.638047] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 44.643935] CR2: 00007f778ba9ee78 CR3: 00000001a67e8000 CR4: 00000000001406e0 [ 44.651201] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 44.658478] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 44.665742] Call Trace: [ 44.668331] kmsan_internal_unpoison_shadow+0x5c/0xe0 [ 44.673514] kmsan_unpoison_shadow+0x66/0xb0 [ 44.677913] get_user_pages_fast+0x47b/0x760 [ 44.682316] iov_iter_get_pages+0x465/0x1810 [ 44.686727] SYSC_vmsplice+0xa66/0x1960 [ 44.690694] ? balance_callback+0x48/0x250 [ 44.694933] SyS_vmsplice+0x64/0x90 [ 44.698551] do_syscall_64+0x309/0x430 [ 44.702432] ? direct_splice_actor+0x200/0x200 [ 44.707014] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 44.712198] RIP: 0033:0x4454f9 [ 44.715388] RSP: 002b:00007f778babfdb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 44.723087] RAX: ffffffffffffffda RBX: 00000000006dac3c RCX: 00000000004454f9 [ 44.730350] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000008 [ 44.737614] RBP: 00000000006dac38 R08: 0000000000000000 R09: 0000000000000000 [ 44.744892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 44.752171] R13: 00007ffc68aa536f R14: 00007f778bac09c0 R15: 0000000000000002 [ 44.759451] Code: 75 29 48 c7 c7 fd 92 7d 8a 31 c0 e8 4d 68 86 ff 80 3c 25 e8 03 2c 8b 00 75 11 48 c7 c7 2d 93 7d 8a 31 c0 4c 89 fe e8 32 68 86 ff <0f> 0b eb fe 48 3d ff ff ff 1f 0f 87 a2 fe ff ff 48 8b 1c 25 10 [ 44.778609] RIP: kmsan_get_shadow_address+0x1ce/0x1f0 RSP: ffff8801c75df978 [ 44.785698] ---[ end trace 50af01b4d1c66f35 ]--- [ 45.721137] Shutting down cpus with NMI [ 45.737426] Dumping ftrace buffer: [ 45.740970] (ftrace buffer empty) [ 45.744663] Kernel Offset: disabled [ 45.748283] Rebooting in 86400 seconds..