[   62.960816] audit: type=1800 audit(1541089516.991:27): pid=6233 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   65.161193] kauditd_printk_skb: 1 callbacks suppressed
[   65.161230] audit: type=1800 audit(1541089519.201:29): pid=6233 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   65.186438] audit: type=1800 audit(1541089519.221:30): pid=6233 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.10.9' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   75.318333] PANIC: double fault, error_code: 0x0
[   75.323190] CPU: 1 PID: 6385 Comm: syz-executor196 Not tainted 4.19.0+ #77
[   75.330204] ==================================================================
[   75.337568] BUG: KMSAN: uninit-value in irq_work_claim+0x153/0x390
[   75.343901] CPU: 1 PID: 6385 Comm: syz-executor196 Not tainted 4.19.0+ #77
[   75.350910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   75.360271] Call Trace:
[   75.362847]  <#DF>
[   75.364999]  dump_stack+0x32d/0x480
[   75.368629]  ? irq_work_claim+0x153/0x390
[   75.372826]  kmsan_report+0x1a2/0x2e0
[   75.376653]  kmsan_internal_check_memory+0x34c/0x430
[   75.381772]  kmsan_check_memory+0xb/0x10
[   75.385834]  irq_work_claim+0x153/0x390
[   75.389836]  irq_work_queue+0x44/0x280
[   75.393743]  vprintk_emit+0x693/0x790
[   75.397564]  vprintk_default+0x90/0xa0
[   75.401453]  vprintk_func+0x26b/0x2a0
[   75.405261]  printk+0x1a3/0x1f0
[   75.408575]  dump_stack_print_info+0x2c4/0x3c0
[   75.413164]  show_regs_print_info+0x37/0x40
[   75.417485]  show_regs+0x38/0x170
[   75.420952]  df_debug+0x86/0xb0
[   75.424230]  do_double_fault+0x362/0x480
[   75.428299]  double_fault+0x1e/0x30
[   75.431928] RIP: 0010:kmsan_get_origin_address+0xa/0x370
[   75.437389] Code: eb fe 0f 0b 66 90 66 2e 0f 1f 84 00 00 00 00 00 eb fe 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 41 57 41 56 41 55 <41> 54 53 48 83 ec 10 48 89 75 c8 48 89 fb 49 bc 00 00 00 00 00 78
[   75.456289] RSP: 0018:fffffe000003d000 EFLAGS: 00010086
[   75.461653] RAX: 00000000000001a8 RBX: 0000000000000000 RCX: 0000000000000001
[   75.468918] RDX: 0000000000000001 RSI: 0000000000000088 RDI: fffffe000003d150
[   75.476185] RBP: fffffe000003d018 R08: 0000000000000000 R09: 0000000000000000
[   75.483446] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000088
[   75.490719] R13: fffffe000003d1c0 R14: fffffe000003d1a8 R15: fffffe000003d1a8
[   75.498029]  </#DF>
[   75.500276]  <ENTRY_TRAMPOLINE>
[   75.503561]  kmsan_memmove_origins+0xbd/0x1d0
[   75.508062]  ? kmsan_memmove_shadow+0xad/0xe0
[   75.512581]  __msan_memmove+0x6c/0x80
[   75.516382]  fixup_bad_iret+0x9b/0x130
[   75.520273]  error_entry+0xad/0xc0
[   75.523802] RIP: 0000:          (null)
[   75.527712] Code: Bad RIP value.
[   75.531069] RSP: 0000:0000000000000000 EFLAGS: 00000000 ORIG_RAX: 0000000000000000
[   75.538783] RAX: 0000000000000000 RBX: ffffffff8ae00e58 RCX: 0000000000000000
[   75.546064] RDX: 0000000000000000 RSI: 0000006e0000005b RDI: 0000000000000000
[   75.553325] RBP: 0000000000000000 R08: 00000000004009ae R09: 0000000044000004
[   75.560585] R10: 00000000004012e0 R11: 0000000000000000 R12: 00000000004009ae
[   75.567854] R13: 0000000044000004 R14: 00000000004012e0 R15: 0000000000000000
[   75.575123]  ? general_protection+0x8/0x30
[   75.579370]  ? general_protection+0x8/0x30
[   75.583628]  </ENTRY_TRAMPOLINE>
[   75.586978] 
[   75.588597] Local variable description: ----__ai_ptr@irq_work_claim
[   75.594997] Variable was created at:
[   75.598722]  irq_work_claim+0x4b/0x390
[   75.602602]  irq_work_queue+0x44/0x280
[   75.606476] 
[   75.608100] Byte 7 of 8 is uninitialized
[   75.612166] Memory access of size 8 starts at fffffe0000045a38
[   75.618119] ==================================================================
[   75.625464] Disabling lock debugging due to kernel taint
[   75.630915] Kernel panic - not syncing: panic_on_warn set ...
[   75.630915] 
[   75.638303] CPU: 1 PID: 6385 Comm: syz-executor196 Tainted: G    B             4.19.0+ #77
[   75.646691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   75.656048] Call Trace:
[   75.658637]  <#DF>
[   75.660804]  dump_stack+0x32d/0x480
[   75.664474]  panic+0x57e/0xb28
[   75.667720]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   75.673171]  kmsan_report+0x2d3/0x2e0
[   75.676976]  kmsan_internal_check_memory+0x34c/0x430
[   75.682093]  kmsan_check_memory+0xb/0x10
[   75.686154]  irq_work_claim+0x153/0x390
[   75.690140]  irq_work_queue+0x44/0x280
[   75.694034]  vprintk_emit+0x693/0x790
[   75.697877]  vprintk_default+0x90/0xa0
[   75.701792]  vprintk_func+0x26b/0x2a0
[   75.705608]  printk+0x1a3/0x1f0
[   75.708916]  dump_stack_print_info+0x2c4/0x3c0
[   75.713516]  show_regs_print_info+0x37/0x40
[   75.717837]  show_regs+0x38/0x170
[   75.721291]  df_debug+0x86/0xb0
[   75.724571]  do_double_fault+0x362/0x480
[   75.728637]  double_fault+0x1e/0x30
[   75.732261] RIP: 0010:kmsan_get_origin_address+0xa/0x370
[   75.737702] Code: eb fe 0f 0b 66 90 66 2e 0f 1f 84 00 00 00 00 00 eb fe 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 41 57 41 56 41 55 <41> 54 53 48 83 ec 10 48 89 75 c8 48 89 fb 49 bc 00 00 00 00 00 78
[   75.756600] RSP: 0018:fffffe000003d000 EFLAGS: 00010086
[   75.761956] RAX: 00000000000001a8 RBX: 0000000000000000 RCX: 0000000000000001
[   75.769218] RDX: 0000000000000001 RSI: 0000000000000088 RDI: fffffe000003d150
[   75.776481] RBP: fffffe000003d018 R08: 0000000000000000 R09: 0000000000000000
[   75.783746] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000088
[   75.791013] R13: fffffe000003d1c0 R14: fffffe000003d1a8 R15: fffffe000003d1a8
[   75.798314]  </#DF>
[   75.800557]  <ENTRY_TRAMPOLINE>
[   75.803852]  kmsan_memmove_origins+0xbd/0x1d0
[   75.808347]  ? kmsan_memmove_shadow+0xad/0xe0
[   75.812841]  __msan_memmove+0x6c/0x80
[   75.816640]  fixup_bad_iret+0x9b/0x130
[   75.820533]  error_entry+0xad/0xc0
[   75.824065] RIP: 0000:          (null)
[   75.827984] Code: Bad RIP value.
[   75.831360] RSP: 0000:0000000000000000 EFLAGS: 00000000 ORIG_RAX: 0000000000000000
[   75.839092] RAX: 0000000000000000 RBX: ffffffff8ae00e58 RCX: 0000000000000000
[   75.846387] RDX: 0000000000000000 RSI: 0000006e0000005b RDI: 0000000000000000
[   75.853676] RBP: 0000000000000000 R08: 00000000004009ae R09: 0000000044000004
[   75.860961] R10: 00000000004012e0 R11: 0000000000000000 R12: 00000000004009ae
[   75.868222] R13: 0000000044000004 R14: 00000000004012e0 R15: 0000000000000000
[   75.875494]  ? general_protection+0x8/0x30
[   75.879737]  ? general_protection+0x8/0x30
[   75.883974]  </ENTRY_TRAMPOLINE>
[   75.888265] Kernel Offset: disabled
[   75.891905] Rebooting in 86400 seconds..