INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.51' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 43.502489] ================================================================== [ 43.509894] BUG: KMSAN: uninit-value in pointer+0x11e5/0x1410 [ 43.515766] CPU: 0 PID: 4507 Comm: syz-executor529 Not tainted 4.16.0+ #87 [ 43.522775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 43.532106] Call Trace: [ 43.534690] dump_stack+0x185/0x1d0 [ 43.538307] ? pointer+0x11e5/0x1410 [ 43.542013] kmsan_report+0x142/0x240 [ 43.545796] __msan_warning_32+0x6c/0xb0 [ 43.549841] ? futex_wait_queue_me+0x401/0x710 [ 43.554402] pointer+0x11e5/0x1410 [ 43.557925] ? futex_wait_queue_me+0x476/0x710 [ 43.562486] vsnprintf+0xa2d/0x33c0 [ 43.566103] seq_printf+0x29f/0x420 [ 43.569721] ? futex_wait_queue_me+0x476/0x710 [ 43.574283] ? futex_wait_queue_me+0x476/0x710 [ 43.578844] ? futex_wait_queue_me+0x476/0x710 [ 43.583406] proc_pid_stack+0x326/0x470 [ 43.587359] proc_single_show+0x1af/0x300 [ 43.591483] ? proc_pid_wchan+0x250/0x250 [ 43.595609] ? proc_single_open+0x90/0x90 [ 43.599732] traverse+0x3c4/0xe60 [ 43.603165] ? __msan_poison_alloca+0x15c/0x1d0 [ 43.607815] seq_read+0x3dc/0x2260 [ 43.611335] ? security_file_permission+0x473/0x4b0 [ 43.616336] do_iter_read+0x880/0xd70 [ 43.620116] ? seq_open+0x360/0x360 [ 43.623731] vfs_readv+0x1ec/0x260 [ 43.627256] default_file_splice_read+0xa9a/0x1120 [ 43.632169] ? security_file_permission+0x473/0x4b0 [ 43.637167] ? rw_verify_area+0x35e/0x580 [ 43.641293] ? SYSC_tee+0x13d0/0x13d0 [ 43.645084] splice_direct_to_actor+0x4c6/0x1040 [ 43.649820] ? do_splice_direct+0x540/0x540 [ 43.654119] ? security_file_permission+0x28f/0x4b0 [ 43.659134] ? rw_verify_area+0x35e/0x580 [ 43.663264] do_splice_direct+0x335/0x540 [ 43.667410] do_sendfile+0x1067/0x1e40 [ 43.671286] SYSC_sendfile64+0x1b3/0x300 [ 43.675331] SyS_sendfile64+0x64/0x90 [ 43.679112] do_syscall_64+0x309/0x430 [ 43.682978] ? SYSC_sendfile+0x320/0x320 [ 43.687031] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 43.692208] RIP: 0033:0x4455b9 [ 43.695373] RSP: 002b:00007f5488473d18 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 43.703064] RAX: ffffffffffffffda RBX: 00000000006dac24 RCX: 00000000004455b9 [ 43.710316] RDX: 0000000020000040 RSI: 0000000000000004 RDI: 0000000000000003 [ 43.717575] RBP: 0000000000000000 R08: 65732f636f72702f R09: 65732f636f72702f [ 43.724825] R10: 0000000000000022 R11: 0000000000000246 R12: 00007f5488473d20 [ 43.732074] R13: 00000000006dac20 R14: 007072612f74656e R15: 0000000000000003 [ 43.739324] [ 43.740926] Uninit was stored to memory at: [ 43.745234] kmsan_internal_chain_origin+0x12b/0x210 [ 43.750318] __msan_chain_origin+0x69/0xc0 [ 43.754531] __save_stack_trace+0x829/0xb00 [ 43.758830] save_stack_trace_tsk+0x258/0x2f0 [ 43.763308] proc_pid_stack+0x26a/0x470 [ 43.767266] proc_single_show+0x1af/0x300 [ 43.771400] traverse+0x3c4/0xe60 [ 43.774827] seq_read+0x3dc/0x2260 [ 43.778344] do_iter_read+0x880/0xd70 [ 43.782120] vfs_readv+0x1ec/0x260 [ 43.785639] default_file_splice_read+0xa9a/0x1120 [ 43.790553] splice_direct_to_actor+0x4c6/0x1040 [ 43.795287] do_splice_direct+0x335/0x540 [ 43.799418] do_sendfile+0x1067/0x1e40 [ 43.803284] SYSC_sendfile64+0x1b3/0x300 [ 43.807329] SyS_sendfile64+0x64/0x90 [ 43.811107] do_syscall_64+0x309/0x430 [ 43.814975] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 43.820138] Uninit was stored to memory at: [ 43.824441] kmsan_internal_chain_origin+0x12b/0x210 [ 43.829524] __msan_chain_origin+0x69/0xc0 [ 43.833738] update_stack_state+0x959/0xa40 [ 43.838046] unwind_next_frame+0x618/0xe50 [ 43.842271] __save_stack_trace+0x734/0xb00 [ 43.846568] save_stack_trace_tsk+0x258/0x2f0 [ 43.851049] proc_pid_stack+0x26a/0x470 [ 43.855001] proc_single_show+0x1af/0x300 [ 43.859133] traverse+0x3c4/0xe60 [ 43.862563] seq_read+0x3dc/0x2260 [ 43.866082] do_iter_read+0x880/0xd70 [ 43.869859] vfs_readv+0x1ec/0x260 [ 43.873376] default_file_splice_read+0xa9a/0x1120 [ 43.878282] splice_direct_to_actor+0x4c6/0x1040 [ 43.883029] do_splice_direct+0x335/0x540 [ 43.887161] do_sendfile+0x1067/0x1e40 [ 43.891030] SYSC_sendfile64+0x1b3/0x300 [ 43.895080] SyS_sendfile64+0x64/0x90 [ 43.898864] do_syscall_64+0x309/0x430 [ 43.902730] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 43.907900] Local variable description: ----flags.i.i.i@rcu_all_qs [ 43.914189] Variable was created at: [ 43.917882] rcu_all_qs+0x32/0x1f0 [ 43.921411] _cond_resched+0x3c/0xd0 [ 43.925100] ================================================================== [ 43.932432] Disabling lock debugging due to kernel taint [ 43.937859] Kernel panic - not syncing: panic_on_warn set ... [ 43.937859] [ 43.945216] CPU: 0 PID: 4507 Comm: syz-executor529 Tainted: G B 4.16.0+ #87 [ 43.953508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 43.962853] Call Trace: [ 43.965441] dump_stack+0x185/0x1d0 [ 43.969062] panic+0x39d/0x940 [ 43.972252] ? pointer+0x11e5/0x1410 [ 43.975949] kmsan_report+0x238/0x240 [ 43.979730] __msan_warning_32+0x6c/0xb0 [ 43.983775] ? futex_wait_queue_me+0x401/0x710 [ 43.988337] pointer+0x11e5/0x1410 [ 43.991859] ? futex_wait_queue_me+0x476/0x710 [ 43.996423] vsnprintf+0xa2d/0x33c0 [ 44.000044] seq_printf+0x29f/0x420 [ 44.003668] ? futex_wait_queue_me+0x476/0x710 [ 44.008233] ? futex_wait_queue_me+0x476/0x710 [ 44.012794] ? futex_wait_queue_me+0x476/0x710 [ 44.017356] proc_pid_stack+0x326/0x470 [ 44.021331] proc_single_show+0x1af/0x300 [ 44.025463] ? proc_pid_wchan+0x250/0x250 [ 44.029590] ? proc_single_open+0x90/0x90 [ 44.033728] traverse+0x3c4/0xe60 [ 44.037172] ? __msan_poison_alloca+0x15c/0x1d0 [ 44.041821] seq_read+0x3dc/0x2260 [ 44.045344] ? security_file_permission+0x473/0x4b0 [ 44.050342] do_iter_read+0x880/0xd70 [ 44.054125] ? seq_open+0x360/0x360 [ 44.057732] vfs_readv+0x1ec/0x260 [ 44.061267] default_file_splice_read+0xa9a/0x1120 [ 44.066190] ? security_file_permission+0x473/0x4b0 [ 44.071187] ? rw_verify_area+0x35e/0x580 [ 44.075325] ? SYSC_tee+0x13d0/0x13d0 [ 44.079117] splice_direct_to_actor+0x4c6/0x1040 [ 44.083851] ? do_splice_direct+0x540/0x540 [ 44.088156] ? security_file_permission+0x28f/0x4b0 [ 44.093166] ? rw_verify_area+0x35e/0x580 [ 44.097296] do_splice_direct+0x335/0x540 [ 44.101436] do_sendfile+0x1067/0x1e40 [ 44.105332] SYSC_sendfile64+0x1b3/0x300 [ 44.109375] SyS_sendfile64+0x64/0x90 [ 44.113165] do_syscall_64+0x309/0x430 [ 44.117040] ? SYSC_sendfile+0x320/0x320 [ 44.121104] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 44.126271] RIP: 0033:0x4455b9 [ 44.129442] RSP: 002b:00007f5488473d18 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 44.137130] RAX: ffffffffffffffda RBX: 00000000006dac24 RCX: 00000000004455b9 [ 44.144378] RDX: 0000000020000040 RSI: 0000000000000004 RDI: 0000000000000003 [ 44.151628] RBP: 0000000000000000 R08: 65732f636f72702f R09: 65732f636f72702f [ 44.158877] R10: 0000000000000022 R11: 0000000000000246 R12: 00007f5488473d20 [ 44.166127] R13: 00000000006dac20 R14: 007072612f74656e R15: 0000000000000003 [ 44.173896] Dumping ftrace buffer: [ 44.177421] (ftrace buffer empty) [ 44.181115] Kernel Offset: disabled [ 44.184720] Rebooting in 86400 seconds..