INIT: Entering runlevel: 2
[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.10.11' (ECDSA) to the list of known hosts.
2018/04/15 13:28:53 fuzzer started
2018/04/15 13:28:53 dialing manager at 10.128.0.26:36243
2018/04/15 13:28:59 kcov=true, comps=false
2018/04/15 13:29:02 executing program 0:

2018/04/15 13:29:02 executing program 1:

2018/04/15 13:29:02 executing program 7:

2018/04/15 13:29:02 executing program 4:

2018/04/15 13:29:02 executing program 2:

2018/04/15 13:29:02 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu\x00', 0x200002, 0x0)
fchdir(r0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
rmdir(&(0x7f00000000c0)='./file0\x00')

2018/04/15 13:29:02 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f00000001c0)={@remote={0xfe, 0x80, [], 0xbb}}, 0x14)
syz_emit_ethernet(0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd604c91480014730000000000000000000000000000000000fe8000000000000000000000000000bb00000000", @ANYRES32=0x41424344, @ANYBLOB="a800a007c0c48000"], &(0x7f00000000c0))

2018/04/15 13:29:02 executing program 6:
sched_rr_get_interval(0x0, &(0x7f00000000c0))

syzkaller login: [   43.857384] ip (3749) used greatest stack depth: 54688 bytes left
[   44.297095] ip (3787) used greatest stack depth: 54672 bytes left
[   45.191214] ip (3878) used greatest stack depth: 54200 bytes left
[   45.743094] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.749616] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.794971] device bridge_slave_0 entered promiscuous mode
[   45.815249] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.821783] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.841548] device bridge_slave_0 entered promiscuous mode
[   45.896408] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.902914] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.917950] device bridge_slave_0 entered promiscuous mode
[   45.935226] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.941719] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.982421] device bridge_slave_0 entered promiscuous mode
[   46.006262] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.012777] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.045999] device bridge_slave_1 entered promiscuous mode
[   46.069313] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.075847] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.104098] device bridge_slave_1 entered promiscuous mode
[   46.114607] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.121162] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.139958] device bridge_slave_0 entered promiscuous mode
[   46.147125] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.154294] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.170283] device bridge_slave_0 entered promiscuous mode
[   46.179858] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.186355] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.209950] device bridge_slave_0 entered promiscuous mode
[   46.224098] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.230576] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.242882] device bridge_slave_1 entered promiscuous mode
[   46.252584] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   46.261688] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.268201] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.278981] device bridge_slave_1 entered promiscuous mode
[   46.288323] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   46.295816] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.302288] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.342082] device bridge_slave_1 entered promiscuous mode
[   46.366957] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.373473] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.393666] device bridge_slave_0 entered promiscuous mode
[   46.411404] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.417917] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.428481] device bridge_slave_1 entered promiscuous mode
[   46.441341] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   46.450969] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   46.467499] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   46.475241] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   46.482448] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.488925] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.505936] device bridge_slave_1 entered promiscuous mode
[   46.525311] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.531815] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.573162] device bridge_slave_1 entered promiscuous mode
[   46.603674] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   46.646470] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   46.687666] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   46.696637] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   46.709627] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   46.756572] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   46.818079] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   46.837199] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   46.929909] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   46.971324] ip (4004) used greatest stack depth: 53656 bytes left
[   46.986973] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   47.509135] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   47.563366] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   47.622661] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   47.735585] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   47.752680] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   47.763113] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   47.773193] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   47.812797] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   47.882162] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   47.891177] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   47.977584] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   47.996871] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   48.030673] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   48.038985] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   48.082635] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   48.286093] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   48.762351] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   48.815453] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   48.871406] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   48.886406] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   48.942697] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   48.978690] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   49.021966] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   49.032347] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   49.072142] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   49.080371] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   49.130901] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   49.196495] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   49.205984] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.220778] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   49.253507] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   49.267913] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   49.275550] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   49.288344] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.297139] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   49.332552] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   49.340700] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   49.348415] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   49.356282] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.386324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   49.418561] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   49.425815] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.443833] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   49.477207] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   49.484949] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   49.498934] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.518376] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   49.536603] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.558827] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   49.578198] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   49.592719] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   49.599814] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.612927] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   49.620951] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.629778] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   49.640663] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   49.648230] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   49.655535] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.677406] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   49.699434] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.720266] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   49.736110] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   49.744021] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   49.751240] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.761760] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   49.795186] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   49.805825] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.814564] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   49.848282] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   49.859268] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   49.879897] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.915814] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   49.954656] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.983746] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   50.016717] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   50.037133] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   50.055590] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   50.267249] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   50.274473] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   50.285758] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   51.797384] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.803865] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.810720] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.817353] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.851021] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   51.864355] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   51.892833] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.899333] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.906251] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.912725] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.979962] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   52.013997] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.020511] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.027393] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.033865] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.085983] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   52.112215] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.118719] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.125583] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.132133] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.215888] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   52.222897] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.229374] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.236282] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.242861] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.262514] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   52.278498] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.284997] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.291873] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.298357] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.312265] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   52.321625] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.328141] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.335002] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.341526] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.407959] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   52.802667] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.809164] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.816082] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.822557] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.859781] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   52.896689] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   52.910253] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   52.947712] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   52.983186] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   53.017109] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   53.046673] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   53.067158] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   54.320183] ==================================================================
[   54.327608] BUG: KMSAN: uninit-value in get_page_from_freelist+0x5e50/0xb600
[   54.334805] CPU: 0 PID: 4571 Comm: syz-executor7 Not tainted 4.16.0+ #83
[   54.341642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   54.351001] Call Trace:
[   54.353599]  dump_stack+0x185/0x1d0
[   54.357229]  ? get_page_from_freelist+0x5e50/0xb600
[   54.362249]  kmsan_report+0x142/0x240
[   54.366058]  __msan_warning_32+0x6c/0xb0
[   54.370125]  get_page_from_freelist+0x5e50/0xb600
[   54.374978]  ? __kernel_text_address+0x34/0xe0
[   54.379565]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[   54.385022]  ? __save_stack_trace+0x893/0xa80
[   54.389535]  ? __list_add_valid+0xb8/0x450
[   54.393787]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[   54.399256]  ? __list_add_valid+0xb8/0x450
[   54.403499]  ? kmsan_set_origin_inline+0x6b/0x120
[   54.408351]  __alloc_pages_nodemask+0x789/0x5dc0
[   54.413115]  ? __msan_poison_alloca+0x15c/0x1d0
[   54.417785]  ? __mmdrop+0x825/0x840
[   54.421417]  ? kmem_cache_free+0xec/0x2bc0
[   54.425654]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[   54.431019]  ? kmem_cache_free+0x89e/0x2bc0
[   54.435350]  ? __mmdrop+0x825/0x840
[   54.438984]  ? apic_timer_interrupt+0xa/0x20
[   54.443409]  alloc_pages_current+0x6b5/0x970
[   54.447824]  __get_free_pages+0x2d/0xc0
[   54.451798]  unmap_page_range+0x26d2/0x3be0
[   54.456146]  unmap_single_vma+0x45b/0x5f0
[   54.460301]  unmap_vmas+0x1f4/0x360
[   54.463937]  exit_mmap+0x3da/0x950
[   54.467481]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   54.472846]  ? __mmput+0x3f/0x610
[   54.476300]  __mmput+0x16c/0x610
[   54.479667]  mmput+0xab/0xf0
[   54.482693]  flush_old_exec+0x1adb/0x2170
[   54.486848]  load_elf_binary+0x134d/0x8f90
[   54.491092]  ? kmsan_set_origin_inline+0x6b/0x120
[   54.495937]  ? __msan_poison_alloca+0x15c/0x1d0
[   54.500608]  ? kmsan_set_origin_inline+0x6b/0x120
[   54.505458]  ? __msan_poison_alloca+0x15c/0x1d0
[   54.510129]  ? search_binary_handler+0x2ef/0xac0
[   54.514886]  ? load_script+0x5c/0xcd0
[   54.518688]  ? search_binary_handler+0x2ef/0xac0
[   54.523446]  ? load_script+0x61/0xcd0
[   54.527247]  ? load_elf_binary+0x4ba1/0x8f90
[   54.531657]  ? __msan_metadata_ptr_for_load_1+0x10/0x20
[   54.537026]  ? load_script+0xcd0/0xcd0
[   54.540924]  search_binary_handler+0x2ef/0xac0
[   54.545521]  do_execveat_common+0x1f4d/0x2ce0
[   54.550039]  SYSC_execve+0xe2/0x110
[   54.553679]  SyS_execve+0x56/0x80
[   54.557138]  do_syscall_64+0x309/0x430
[   54.561039]  ? set_binfmt+0x1b0/0x1b0
[   54.564846]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   54.570037] RIP: 0033:0x453ca7
[   54.573310] RSP: 002b:0000000000a3fac8 EFLAGS: 00000207 ORIG_RAX: 000000000000003b
[   54.581028] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000453ca7
[   54.588311] RDX: 00007ffe92e3f3c8 RSI: 0000000000a3fb00 RDI: 00000000004c73c8
[   54.595587] RBP: 0000000000a3fc80 R08: 0000000000000000 R09: 000000000000002e
[   54.602862] R10: 0000000000000008 R11: 0000000000000207 R12: 0000000000a3fe90
[   54.610140] R13: 0000000000a3fe28 R14: 0000000000000000 R15: 0000000000000000
[   54.617419] 
[   54.619049] Uninit was stored to memory at:
[   54.623374]  kmsan_internal_chain_origin+0x12b/0x210
[   54.628479]  __msan_chain_origin+0x69/0xc0
[   54.632717]  free_unref_page_commit+0x4fb/0x530
[   54.637392]  free_pages+0x290/0x320
[   54.641022]  tlb_finish_mmu+0x3f7/0x5c0
[   54.645003]  exit_mmap+0x498/0x950
[   54.648553]  __mmput+0x16c/0x610
[   54.651920]  mmput+0xab/0xf0
[   54.654942]  exit_mm+0x6ed/0x7a0
[   54.658304]  do_exit+0xc01/0x38d0
[   54.661755]  do_group_exit+0x1a0/0x360
[   54.665640]  SYSC_exit_group+0x21/0x30
[   54.669529]  SyS_exit_group+0x25/0x30
[   54.673333]  do_syscall_64+0x309/0x430
[   54.677222]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   54.682405] Local variable description: ----tlb@exit_mmap
[   54.687932] Variable was created at:
[   54.691654]  exit_mmap+0x48/0x950
[   54.695112]  __mmput+0x16c/0x610
[   54.698468] ==================================================================
[   54.705822] Disabling lock debugging due to kernel taint
[   54.711268] Kernel panic - not syncing: panic_on_warn set ...
[   54.711268] 
[   54.718643] CPU: 0 PID: 4571 Comm: syz-executor7 Tainted: G    B            4.16.0+ #83
[   54.726781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   54.736138] Call Trace:
[   54.738736]  dump_stack+0x185/0x1d0
[   54.742364]  panic+0x39d/0x940
[   54.745579]  ? get_page_from_freelist+0x5e50/0xb600
[   54.750600]  kmsan_report+0x238/0x240
[   54.754412]  __msan_warning_32+0x6c/0xb0
[   54.758480]  get_page_from_freelist+0x5e50/0xb600
[   54.763331]  ? __kernel_text_address+0x34/0xe0
[   54.767919]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[   54.773375]  ? __save_stack_trace+0x893/0xa80
[   54.777886]  ? __list_add_valid+0xb8/0x450
[   54.782137]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[   54.787601]  ? __list_add_valid+0xb8/0x450
[   54.791848]  ? kmsan_set_origin_inline+0x6b/0x120
[   54.796706]  __alloc_pages_nodemask+0x789/0x5dc0
[   54.801465]  ? __msan_poison_alloca+0x15c/0x1d0
[   54.806136]  ? __mmdrop+0x825/0x840
[   54.809767]  ? kmem_cache_free+0xec/0x2bc0
[   54.814008]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[   54.819385]  ? kmem_cache_free+0x89e/0x2bc0
[   54.823711]  ? __mmdrop+0x825/0x840
[   54.827351]  ? apic_timer_interrupt+0xa/0x20
[   54.831777]  alloc_pages_current+0x6b5/0x970
[   54.836200]  __get_free_pages+0x2d/0xc0
[   54.840179]  unmap_page_range+0x26d2/0x3be0
[   54.844525]  unmap_single_vma+0x45b/0x5f0
[   54.848766]  unmap_vmas+0x1f4/0x360
[   54.852402]  exit_mmap+0x3da/0x950
[   54.855950]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   54.861318]  ? __mmput+0x3f/0x610
[   54.864775]  __mmput+0x16c/0x610
[   54.868146]  mmput+0xab/0xf0
[   54.871177]  flush_old_exec+0x1adb/0x2170
[   54.875339]  load_elf_binary+0x134d/0x8f90
[   54.879591]  ? kmsan_set_origin_inline+0x6b/0x120
[   54.884438]  ? __msan_poison_alloca+0x15c/0x1d0
[   54.889110]  ? kmsan_set_origin_inline+0x6b/0x120
[   54.893955]  ? __msan_poison_alloca+0x15c/0x1d0
[   54.898627]  ? search_binary_handler+0x2ef/0xac0
[   54.903386]  ? load_script+0x5c/0xcd0
[   54.907192]  ? search_binary_handler+0x2ef/0xac0
[   54.911951]  ? load_script+0x61/0xcd0
[   54.915758]  ? load_elf_binary+0x4ba1/0x8f90
[   54.920169]  ? __msan_metadata_ptr_for_load_1+0x10/0x20
[   54.925543]  ? load_script+0xcd0/0xcd0
[   54.929434]  search_binary_handler+0x2ef/0xac0
[   54.934038]  do_execveat_common+0x1f4d/0x2ce0
[   54.938557]  SYSC_execve+0xe2/0x110
[   54.942195]  SyS_execve+0x56/0x80
[   54.945650]  do_syscall_64+0x309/0x430
[   54.949545]  ? set_binfmt+0x1b0/0x1b0
[   54.953352]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   54.958537] RIP: 0033:0x453ca7
[   54.961722] RSP: 002b:0000000000a3fac8 EFLAGS: 00000207 ORIG_RAX: 000000000000003b
[   54.969427] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000453ca7
[   54.976695] RDX: 00007ffe92e3f3c8 RSI: 0000000000a3fb00 RDI: 00000000004c73c8
[   54.983963] RBP: 0000000000a3fc80 R08: 0000000000000000 R09: 000000000000002e
[   54.991233] R10: 0000000000000008 R11: 0000000000000207 R12: 0000000000a3fe90
[   54.998503] R13: 0000000000a3fe28 R14: 0000000000000000 R15: 0000000000000000
[   55.006278] Dumping ftrace buffer:
[   55.009803]    (ftrace buffer empty)
[   55.013492] Kernel Offset: disabled
[   55.017096] Rebooting in 86400 seconds..