[ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.66' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 104.130964][ T32] audit: type=1400 audit(1587516688.796:8): avc: denied { execmem } for pid=8830 comm="syz-executor078" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 104.141833][ T8830] ===================================================== [ 104.158585][ T8830] BUG: KMSAN: uninit-value in __crc32c_le_base+0xbdd/0xd10 [ 104.165766][ T8830] CPU: 0 PID: 8830 Comm: syz-executor078 Not tainted 5.6.0-rc7-syzkaller #0 [ 104.174412][ T8830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 104.184453][ T8830] Call Trace: [ 104.187734][ T8830] dump_stack+0x1c9/0x220 [ 104.192100][ T8830] kmsan_report+0xf7/0x1e0 [ 104.196532][ T8830] __msan_warning+0x58/0xa0 [ 104.201027][ T8830] __crc32c_le_base+0xbdd/0xd10 [ 104.205905][ T8830] chksum_update+0xb2/0x110 [ 104.210401][ T8830] ? chksum_init+0xd0/0xd0 [ 104.214811][ T8830] crypto_shash_update+0x4e9/0x550 [ 104.219908][ T8830] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 104.226076][ T8830] ? crypto_hash_walk_first+0x1fd/0x360 [ 104.231606][ T8830] ? kmsan_get_metadata+0x4f/0x180 [ 104.236720][ T8830] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 104.242532][ T8830] shash_async_update+0x113/0x1d0 [ 104.247599][ T8830] ? shash_async_init+0x1e0/0x1e0 [ 104.252631][ T8830] hash_sendpage+0x8ef/0xdf0 [ 104.257250][ T8830] ? hash_recvmsg+0xd30/0xd30 [ 104.261915][ T8830] sock_sendpage+0x1e1/0x2c0 [ 104.266514][ T8830] pipe_to_sendpage+0x38c/0x4c0 [ 104.271361][ T8830] ? sock_fasync+0x250/0x250 [ 104.275971][ T8830] __splice_from_pipe+0x539/0xed0 [ 104.280994][ T8830] ? generic_splice_sendpage+0x2d0/0x2d0 [ 104.286647][ T8830] generic_splice_sendpage+0x1d5/0x2d0 [ 104.292112][ T8830] ? iter_file_splice_write+0x17b0/0x17b0 [ 104.297820][ T8830] direct_splice_actor+0x19e/0x200 [ 104.302937][ T8830] splice_direct_to_actor+0x8a9/0x11e0 [ 104.308389][ T8830] ? do_splice_direct+0x580/0x580 [ 104.313483][ T8830] do_splice_direct+0x342/0x580 [ 104.318358][ T8830] do_sendfile+0xff5/0x1d10 [ 104.322904][ T8830] __se_compat_sys_sendfile+0x301/0x3c0 [ 104.328438][ T8830] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 104.334497][ T8830] ? prepare_exit_to_usermode+0x1ca/0x520 [ 104.340207][ T8830] ? kmsan_get_metadata+0x4f/0x180 [ 104.345323][ T8830] __ia32_compat_sys_sendfile+0x11a/0x160 [ 104.351047][ T8830] ? __ia32_sys_sendfile64+0x400/0x400 [ 104.356504][ T8830] do_fast_syscall_32+0x3c7/0x6e0 [ 104.361577][ T8830] entry_SYSENTER_compat+0x68/0x77 [ 104.366676][ T8830] RIP: 0023:0xf7f34d99 [ 104.370730][ T8830] Code: 90 e8 0b 00 00 00 f3 90 0f ae e8 eb f9 8d 74 26 00 89 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 104.390352][ T8830] RSP: 002b:00000000ffe3de3c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb [ 104.398756][ T8830] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000003 [ 104.406752][ T8830] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000004 [ 104.414726][ T8830] RBP: 0000000020000480 R08: 0000000000000000 R09: 0000000000000000 [ 104.422693][ T8830] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 104.430663][ T8830] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 104.438643][ T8830] [ 104.440956][ T8830] Uninit was stored to memory at: [ 104.445971][ T8830] kmsan_internal_chain_origin+0xad/0x130 [ 104.451677][ T8830] kmsan_memcpy_memmove_metadata+0x272/0x2e0 [ 104.457653][ T8830] kmsan_memcpy_metadata+0xb/0x10 [ 104.462678][ T8830] kmsan_copy_to_user+0x50/0x90 [ 104.467535][ T8830] _copy_to_user+0x15a/0x1f0 [ 104.472114][ T8830] __do_proc_dointvec+0xed3/0x1a70 [ 104.477390][ T8830] proc_dointvec+0x139/0x160 [ 104.481962][ T8830] proc_do_sync_ports+0x26a/0x500 [ 104.486975][ T8830] proc_sys_call_handler+0xa92/0xd00 [ 104.492242][ T8830] proc_sys_read+0xc6/0xe0 [ 104.496663][ T8830] do_iter_read+0x8df/0xe10 [ 104.501188][ T8830] vfs_readv+0x1ee/0x280 [ 104.505435][ T8830] default_file_splice_read+0xb1d/0x11d0 [ 104.511065][ T8830] splice_direct_to_actor+0x5d8/0x11e0 [ 104.516516][ T8830] do_splice_direct+0x342/0x580 [ 104.521356][ T8830] do_sendfile+0xff5/0x1d10 [ 104.525909][ T8830] __se_compat_sys_sendfile+0x301/0x3c0 [ 104.531464][ T8830] __ia32_compat_sys_sendfile+0x11a/0x160 [ 104.537176][ T8830] do_fast_syscall_32+0x3c7/0x6e0 [ 104.542185][ T8830] entry_SYSENTER_compat+0x68/0x77 [ 104.547271][ T8830] [ 104.549586][ T8830] Local variable ----tmp.i@__do_proc_dointvec created at: [ 104.556688][ T8830] __do_proc_dointvec+0xd1b/0x1a70 [ 104.561809][ T8830] __do_proc_dointvec+0xd1b/0x1a70 [ 104.566894][ T8830] ===================================================== [ 104.573806][ T8830] Disabling lock debugging due to kernel taint [ 104.579935][ T8830] Kernel panic - not syncing: panic_on_warn set ... [ 104.586509][ T8830] CPU: 0 PID: 8830 Comm: syz-executor078 Tainted: G B 5.6.0-rc7-syzkaller #0 [ 104.596550][ T8830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 104.606607][ T8830] Call Trace: [ 104.609891][ T8830] dump_stack+0x1c9/0x220 [ 104.614224][ T8830] panic+0x3d5/0xc3e [ 104.618154][ T8830] kmsan_report+0x1df/0x1e0 [ 104.622671][ T8830] __msan_warning+0x58/0xa0 [ 104.627183][ T8830] __crc32c_le_base+0xbdd/0xd10 [ 104.632081][ T8830] chksum_update+0xb2/0x110 [ 104.636611][ T8830] ? chksum_init+0xd0/0xd0 [ 104.641030][ T8830] crypto_shash_update+0x4e9/0x550 [ 104.646163][ T8830] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 104.652328][ T8830] ? crypto_hash_walk_first+0x1fd/0x360 [ 104.657870][ T8830] ? kmsan_get_metadata+0x4f/0x180 [ 104.662974][ T8830] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 104.668770][ T8830] shash_async_update+0x113/0x1d0 [ 104.673791][ T8830] ? shash_async_init+0x1e0/0x1e0 [ 104.678797][ T8830] hash_sendpage+0x8ef/0xdf0 [ 104.683409][ T8830] ? hash_recvmsg+0xd30/0xd30 [ 104.688130][ T8830] sock_sendpage+0x1e1/0x2c0 [ 104.692750][ T8830] pipe_to_sendpage+0x38c/0x4c0 [ 104.697595][ T8830] ? sock_fasync+0x250/0x250 [ 104.702198][ T8830] __splice_from_pipe+0x539/0xed0 [ 104.707216][ T8830] ? generic_splice_sendpage+0x2d0/0x2d0 [ 104.712871][ T8830] generic_splice_sendpage+0x1d5/0x2d0 [ 104.718335][ T8830] ? iter_file_splice_write+0x17b0/0x17b0 [ 104.724055][ T8830] direct_splice_actor+0x19e/0x200 [ 104.729171][ T8830] splice_direct_to_actor+0x8a9/0x11e0 [ 104.734615][ T8830] ? do_splice_direct+0x580/0x580 [ 104.739668][ T8830] do_splice_direct+0x342/0x580 [ 104.744546][ T8830] do_sendfile+0xff5/0x1d10 [ 104.749095][ T8830] __se_compat_sys_sendfile+0x301/0x3c0 [ 104.754639][ T8830] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 104.760691][ T8830] ? prepare_exit_to_usermode+0x1ca/0x520 [ 104.766396][ T8830] ? kmsan_get_metadata+0x4f/0x180 [ 104.771507][ T8830] __ia32_compat_sys_sendfile+0x11a/0x160 [ 104.777231][ T8830] ? __ia32_sys_sendfile64+0x400/0x400 [ 104.782689][ T8830] do_fast_syscall_32+0x3c7/0x6e0 [ 104.787744][ T8830] entry_SYSENTER_compat+0x68/0x77 [ 104.792840][ T8830] RIP: 0023:0xf7f34d99 [ 104.796898][ T8830] Code: 90 e8 0b 00 00 00 f3 90 0f ae e8 eb f9 8d 74 26 00 89 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 104.816492][ T8830] RSP: 002b:00000000ffe3de3c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb [ 104.824888][ T8830] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000003 [ 104.832843][ T8830] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000004 [ 104.840806][ T8830] RBP: 0000000020000480 R08: 0000000000000000 R09: 0000000000000000 [ 104.848794][ T8830] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 104.856775][ T8830] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 104.865800][ T8830] Kernel Offset: 0xaa00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 104.877359][ T8830] Rebooting in 86400 seconds..