INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.46' (ECDSA) to the list of known hosts. 2018/04/25 19:38:56 parsed 1 programs 2018/04/25 19:38:56 executed programs: 0 syzkaller login: [ 89.467897] IPVS: ftp: loaded support on port[0] = 21 [ 89.523577] IPVS: ftp: loaded support on port[0] = 21 [ 89.587445] IPVS: ftp: loaded support on port[0] = 21 [ 89.685602] IPVS: ftp: loaded support on port[0] = 21 [ 89.819839] IPVS: ftp: loaded support on port[0] = 21 [ 90.058950] IPVS: ftp: loaded support on port[0] = 21 [ 90.267544] IPVS: ftp: loaded support on port[0] = 21 [ 90.460935] IPVS: ftp: loaded support on port[0] = 21 2018/04/25 19:39:01 executed programs: 104 [ 98.865640] ================================================================== [ 98.873315] BUG: KMSAN: uninit-value in get_page_from_freelist+0x5e50/0xb600 [ 98.880715] CPU: 0 PID: 4551 Comm: syz-executor4 Not tainted 4.16.0+ #87 [ 98.887564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 98.896940] Call Trace: [ 98.899574] dump_stack+0x185/0x1d0 [ 98.903239] ? get_page_from_freelist+0x5e50/0xb600 [ 98.908286] kmsan_report+0x142/0x240 [ 98.912129] __msan_warning_32+0x6c/0xb0 [ 98.916222] get_page_from_freelist+0x5e50/0xb600 [ 98.921105] ? __save_stack_trace+0x90d/0xb00 [ 98.925649] ? kmsan_internal_poison_shadow+0x14e/0x1b0 [ 98.931062] ? kmsan_kmalloc+0x94/0x100 [ 98.935069] ? __kmalloc_node+0xdec/0x1190 [ 98.939333] ? do_arpt_get_ctl+0x7da/0xe60 [ 98.943595] ? nf_getsockopt+0x47b/0x4e0 [ 98.947714] ? ip_getsockopt+0x284/0x3c0 [ 98.951827] ? SYSC_getsockopt+0x49b/0x570 [ 98.956087] ? do_syscall_64+0x309/0x430 [ 98.960178] ? entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 98.965575] ? kmsan_set_origin_inline+0x6b/0x120 [ 98.970468] ? __msan_poison_alloca+0x15c/0x1d0 [ 98.975174] ? __next_zones_zonelist+0x15f/0x290 [ 98.979959] __alloc_pages_nodemask+0x789/0x5dc0 [ 98.984742] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 98.990219] ? __insert_vmap_area+0x454/0x7c0 [ 98.994774] ? kmsan_set_origin_inline+0x6b/0x120 [ 98.999645] ? __msan_poison_alloca+0x15c/0x1d0 [ 99.004362] ? kmsan_set_origin+0x9e/0x160 [ 99.008629] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 99.014101] ? __get_vm_area_node+0x600/0x810 [ 99.018618] alloc_pages_current+0x6b5/0x970 [ 99.023049] __vmalloc_node_range+0x80f/0x1140 [ 99.027661] vzalloc+0xb2/0xc0 [ 99.030893] ? alloc_counters+0x99/0x920 [ 99.035097] alloc_counters+0x99/0x920 [ 99.039014] ? strcmp+0x83/0x160 [ 99.042408] do_arpt_get_ctl+0x7da/0xe60 [ 99.046492] ? compat_do_arpt_set_ctl+0x2b40/0x2b40 [ 99.051522] nf_getsockopt+0x47b/0x4e0 [ 99.055426] ip_getsockopt+0x284/0x3c0 [ 99.059330] ? compat_ip_setsockopt+0x380/0x380 [ 99.064012] tcp_getsockopt+0x1c1/0x1f0 [ 99.068008] ? tcp_get_timestamping_opt_stats+0x1070/0x1070 [ 99.073735] sock_common_getsockopt+0x13a/0x170 [ 99.078425] ? sock_recv_errqueue+0x990/0x990 [ 99.082939] SYSC_getsockopt+0x49b/0x570 [ 99.087018] SyS_getsockopt+0x76/0xa0 [ 99.090832] do_syscall_64+0x309/0x430 [ 99.094735] ? SYSC_setsockopt+0x570/0x570 [ 99.098982] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 99.104171] RIP: 0033:0x457e7a [ 99.107358] RSP: 002b:0000000000a3eab8 EFLAGS: 00000212 ORIG_RAX: 0000000000000037 [ 99.115068] RAX: ffffffffffffffda RBX: 0000000000000019 RCX: 0000000000457e7a [ 99.122337] RDX: 0000000000000061 RSI: 0000000000000000 RDI: 0000000000000003 [ 99.129608] RBP: 0000000000a3eae0 R08: 0000000000a3eadc R09: 0000000000000001 [ 99.136885] R10: 0000000000a3f160 R11: 0000000000000212 R12: 0000000000000003 [ 99.144159] R13: 0000000000000000 R14: 00000000006fe900 R15: 0000000000001380 [ 99.151426] [ 99.153051] Uninit was stored to memory at: [ 99.157377] kmsan_internal_chain_origin+0x12b/0x210 [ 99.162481] __msan_chain_origin+0x69/0xc0 [ 99.166717] free_unref_page_commit+0x4fb/0x530 [ 99.171386] free_pages+0x290/0x320 [ 99.175012] tlb_finish_mmu+0x3f7/0x5c0 [ 99.178984] exit_mmap+0x498/0x950 [ 99.182507] __mmput+0x16c/0x610 [ 99.185850] mmput+0xab/0xf0 [ 99.188847] exit_mm+0x6ed/0x7a0 [ 99.192189] do_exit+0xc01/0x38d0 [ 99.195629] do_group_exit+0x1a0/0x360 [ 99.199493] SYSC_exit_group+0x21/0x30 [ 99.203759] SyS_exit_group+0x25/0x30 [ 99.207539] do_syscall_64+0x309/0x430 [ 99.211405] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 99.216567] Local variable description: ----tlb@exit_mmap [ 99.222072] Variable was created at: [ 99.225867] exit_mmap+0x48/0x950 [ 99.229294] __mmput+0x16c/0x610 [ 99.232631] ================================================================== [ 99.239960] Disabling lock debugging due to kernel taint [ 99.245385] Kernel panic - not syncing: panic_on_warn set ... [ 99.245385] [ 99.252726] CPU: 0 PID: 4551 Comm: syz-executor4 Tainted: G B 4.16.0+ #87 [ 99.260853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 99.270184] Call Trace: [ 99.272757] dump_stack+0x185/0x1d0 [ 99.276365] panic+0x39d/0x940 [ 99.279559] ? get_page_from_freelist+0x5e50/0xb600 [ 99.284554] kmsan_report+0x238/0x240 [ 99.288334] __msan_warning_32+0x6c/0xb0 [ 99.292376] get_page_from_freelist+0x5e50/0xb600 [ 99.297200] ? __save_stack_trace+0x90d/0xb00 [ 99.301679] ? kmsan_internal_poison_shadow+0x14e/0x1b0 [ 99.307022] ? kmsan_kmalloc+0x94/0x100 [ 99.310986] ? __kmalloc_node+0xdec/0x1190 [ 99.315200] ? do_arpt_get_ctl+0x7da/0xe60 [ 99.319412] ? nf_getsockopt+0x47b/0x4e0 [ 99.323450] ? ip_getsockopt+0x284/0x3c0 [ 99.327489] ? SYSC_getsockopt+0x49b/0x570 [ 99.331708] ? do_syscall_64+0x309/0x430 [ 99.335748] ? entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 99.341093] ? kmsan_set_origin_inline+0x6b/0x120 [ 99.345918] ? __msan_poison_alloca+0x15c/0x1d0 [ 99.350568] ? __next_zones_zonelist+0x15f/0x290 [ 99.355302] __alloc_pages_nodemask+0x789/0x5dc0 [ 99.360049] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 99.365486] ? __insert_vmap_area+0x454/0x7c0 [ 99.369961] ? kmsan_set_origin_inline+0x6b/0x120 [ 99.374780] ? __msan_poison_alloca+0x15c/0x1d0 [ 99.379427] ? kmsan_set_origin+0x9e/0x160 [ 99.383645] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 99.389080] ? __get_vm_area_node+0x600/0x810 [ 99.393556] alloc_pages_current+0x6b5/0x970 [ 99.397944] __vmalloc_node_range+0x80f/0x1140 [ 99.402509] vzalloc+0xb2/0xc0 [ 99.405682] ? alloc_counters+0x99/0x920 [ 99.409719] alloc_counters+0x99/0x920 [ 99.413587] ? strcmp+0x83/0x160 [ 99.416934] do_arpt_get_ctl+0x7da/0xe60 [ 99.420978] ? compat_do_arpt_set_ctl+0x2b40/0x2b40 [ 99.425969] nf_getsockopt+0x47b/0x4e0 [ 99.429849] ip_getsockopt+0x284/0x3c0 [ 99.433717] ? compat_ip_setsockopt+0x380/0x380 [ 99.438364] tcp_getsockopt+0x1c1/0x1f0 [ 99.442319] ? tcp_get_timestamping_opt_stats+0x1070/0x1070 [ 99.448007] sock_common_getsockopt+0x13a/0x170 [ 99.452662] ? sock_recv_errqueue+0x990/0x990 [ 99.457135] SYSC_getsockopt+0x49b/0x570 [ 99.461177] SyS_getsockopt+0x76/0xa0 [ 99.464956] do_syscall_64+0x309/0x430 [ 99.468821] ? SYSC_setsockopt+0x570/0x570 [ 99.473043] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 99.478240] RIP: 0033:0x457e7a [ 99.481407] RSP: 002b:0000000000a3eab8 EFLAGS: 00000212 ORIG_RAX: 0000000000000037 [ 99.489092] RAX: ffffffffffffffda RBX: 0000000000000019 RCX: 0000000000457e7a [ 99.496352] RDX: 0000000000000061 RSI: 0000000000000000 RDI: 0000000000000003 [ 99.503616] RBP: 0000000000a3eae0 R08: 0000000000a3eadc R09: 0000000000000001 [ 99.510871] R10: 0000000000a3f160 R11: 0000000000000212 R12: 0000000000000003 [ 99.518120] R13: 0000000000000000 R14: 00000000006fe900 R15: 0000000000001380 [ 99.525966] Dumping ftrace buffer: [ 99.529485] (ftrace buffer empty) [ 99.533168] Kernel Offset: disabled [ 99.536777] Rebooting in 86400 seconds..