INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.55' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 43.457100] ================================================================== [ 43.464539] BUG: KMSAN: uninit-value in do_error_trap+0x39b/0x600 [ 43.470755] CPU: 0 PID: 4519 Comm: syz-executor002 Not tainted 4.16.0+ #87 [ 43.477742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 43.487076] Call Trace: [ 43.489649] dump_stack+0x185/0x1d0 [ 43.493263] ? do_error_trap+0x39b/0x600 [ 43.497304] kmsan_report+0x142/0x240 [ 43.501098] __msan_warning_32+0x6c/0xb0 [ 43.505142] do_error_trap+0x39b/0x600 [ 43.509014] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 43.514366] ? rb_next+0x214/0x2d0 [ 43.517905] do_invalid_op+0x46/0x50 [ 43.521597] invalid_op+0x1b/0x40 [ 43.525040] RIP: 0010:tcp_mark_head_lost+0xeec/0xf70 [ 43.530128] RSP: 0018:ffff88019d97f568 EFLAGS: 00010293 [ 43.535468] RAX: ffffffff88529a6c RBX: 0000000000000000 RCX: ffff8801d5fe5880 [ 43.542717] RDX: 0000000000000000 RSI: aaaaaaaaaaaab000 RDI: ffffea0000000000 [ 43.549966] RBP: ffff88019d97f640 R08: 0000000000000000 R09: 0000000000000002 [ 43.557214] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000003 [ 43.564461] R13: ffff880198988ed8 R14: 0000000000000000 R15: 0000000000000004 [ 43.571722] ? tcp_mark_head_lost+0xeec/0xf70 [ 43.576207] ? tcp_mark_head_lost+0xeec/0xf70 [ 43.580684] tcp_fastretrans_alert+0x4324/0x6f20 [ 43.585420] ? tcp_rack_update_reo_wnd+0x3b9/0x4a0 [ 43.590330] tcp_ack+0x6235/0x8800 [ 43.593879] ? tcp_ack+0x40c1/0x8800 [ 43.597576] tcp_rcv_state_process+0xba4/0x65f0 [ 43.602236] ? kmsan_set_origin_inline+0x6b/0x120 [ 43.607065] tcp_v4_do_rcv+0xb26/0xd90 [ 43.610932] ? inet_sk_rx_dst_set+0x2c0/0x2c0 [ 43.615403] __release_sock+0x2d6/0x680 [ 43.619359] release_sock+0x97/0x2a0 [ 43.623057] inet_shutdown+0x5c3/0x640 [ 43.627018] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 43.632373] ? inet_recvmsg+0x5f0/0x5f0 [ 43.636326] SYSC_shutdown+0x2a3/0x400 [ 43.640194] SyS_shutdown+0x44/0x60 [ 43.643819] do_syscall_64+0x309/0x430 [ 43.647685] ? SYSC_getsockopt+0x570/0x570 [ 43.651913] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 43.657086] RIP: 0033:0x440039 [ 43.660253] RSP: 002b:00007ffd37aa1258 EFLAGS: 00000217 ORIG_RAX: 0000000000000030 [ 43.667939] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440039 [ 43.675296] RDX: 0000000000440039 RSI: 0000000000000001 RDI: 0000000000000003 [ 43.682543] RBP: 00000000006ca018 R08: 0000000000000010 R09: 0000000000000010 [ 43.689791] R10: 0000000000000009 R11: 0000000000000217 R12: 0000000000401960 [ 43.697058] R13: 00000000004019f0 R14: 0000000000000000 R15: 0000000000000000 [ 43.704310] [ 43.705915] Local variable description: ----oc.i.i@__alloc_pages_nodemask [ 43.712831] Variable was created at: [ 43.716525] __alloc_pages_nodemask+0x10f/0x5dc0 [ 43.721257] alloc_pages_vma+0xcc8/0x1800 [ 43.725375] ================================================================== [ 43.732709] Disabling lock debugging due to kernel taint [ 43.738137] Kernel panic - not syncing: panic_on_warn set ... [ 43.738137] [ 43.745479] CPU: 0 PID: 4519 Comm: syz-executor002 Tainted: G B 4.16.0+ #87 [ 43.753769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 43.763099] Call Trace: [ 43.765681] dump_stack+0x185/0x1d0 [ 43.769292] panic+0x39d/0x940 [ 43.772472] ? do_error_trap+0x39b/0x600 [ 43.776513] kmsan_report+0x238/0x240 [ 43.780294] __msan_warning_32+0x6c/0xb0 [ 43.784333] do_error_trap+0x39b/0x600 [ 43.788202] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 43.793559] ? rb_next+0x214/0x2d0 [ 43.797081] do_invalid_op+0x46/0x50 [ 43.800775] invalid_op+0x1b/0x40 [ 43.804222] RIP: 0010:tcp_mark_head_lost+0xeec/0xf70 [ 43.809300] RSP: 0018:ffff88019d97f568 EFLAGS: 00010293 [ 43.814648] RAX: ffffffff88529a6c RBX: 0000000000000000 RCX: ffff8801d5fe5880 [ 43.821907] RDX: 0000000000000000 RSI: aaaaaaaaaaaab000 RDI: ffffea0000000000 [ 43.829156] RBP: ffff88019d97f640 R08: 0000000000000000 R09: 0000000000000002 [ 43.836404] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000003 [ 43.843652] R13: ffff880198988ed8 R14: 0000000000000000 R15: 0000000000000004 [ 43.850922] ? tcp_mark_head_lost+0xeec/0xf70 [ 43.855412] ? tcp_mark_head_lost+0xeec/0xf70 [ 43.859888] tcp_fastretrans_alert+0x4324/0x6f20 [ 43.864630] ? tcp_rack_update_reo_wnd+0x3b9/0x4a0 [ 43.869541] tcp_ack+0x6235/0x8800 [ 43.873077] ? tcp_ack+0x40c1/0x8800 [ 43.876773] tcp_rcv_state_process+0xba4/0x65f0 [ 43.881425] ? kmsan_set_origin_inline+0x6b/0x120 [ 43.886251] tcp_v4_do_rcv+0xb26/0xd90 [ 43.890119] ? inet_sk_rx_dst_set+0x2c0/0x2c0 [ 43.894592] __release_sock+0x2d6/0x680 [ 43.898560] release_sock+0x97/0x2a0 [ 43.902252] inet_shutdown+0x5c3/0x640 [ 43.906119] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 43.911472] ? inet_recvmsg+0x5f0/0x5f0 [ 43.915608] SYSC_shutdown+0x2a3/0x400 [ 43.919476] SyS_shutdown+0x44/0x60 [ 43.923093] do_syscall_64+0x309/0x430 [ 43.926963] ? SYSC_getsockopt+0x570/0x570 [ 43.931205] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 43.936387] RIP: 0033:0x440039 [ 43.939568] RSP: 002b:00007ffd37aa1258 EFLAGS: 00000217 ORIG_RAX: 0000000000000030 [ 43.947255] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440039 [ 43.954517] RDX: 0000000000440039 RSI: 0000000000000001 RDI: 0000000000000003 [ 43.961766] RBP: 00000000006ca018 R08: 0000000000000010 R09: 0000000000000010 [ 43.969031] R10: 0000000000000009 R11: 0000000000000217 R12: 0000000000401960 [ 43.976303] R13: 00000000004019f0 R14: 0000000000000000 R15: 0000000000000000 [ 43.984041] Dumping ftrace buffer: [ 43.987566] (ftrace buffer empty) [ 43.991263] Kernel Offset: disabled [ 43.994874] Rebooting in 86400 seconds..