INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.8' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 31.287154] ================================================================== [ 31.294559] BUG: KMSAN: uninit-value in __crc32c_le+0xb64/0xcd0 [ 31.300598] CPU: 0 PID: 3578 Comm: syzkaller625961 Not tainted 4.16.0+ #81 [ 31.307603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 31.316943] Call Trace: [ 31.319526] dump_stack+0x185/0x1d0 [ 31.323133] ? __crc32c_le+0xb64/0xcd0 [ 31.326994] kmsan_report+0x142/0x240 [ 31.330774] __msan_warning_32+0x6c/0xb0 [ 31.334809] __crc32c_le+0xb64/0xcd0 [ 31.338502] chksum_update+0xb6/0x120 [ 31.342278] shash_update_unaligned+0x262/0x3c0 [ 31.346920] ? shash_update_unaligned+0xc3/0x3c0 [ 31.351658] ? chksum_init+0xe0/0xe0 [ 31.355362] shash_ahash_finup+0x3de/0xa30 [ 31.359594] shash_ahash_digest+0x5c6/0x600 [ 31.363903] shash_async_digest+0x11c/0x1b0 [ 31.368221] crypto_ahash_op+0x89a/0xc10 [ 31.372272] ? __kmalloc+0x23c/0x350 [ 31.375960] ? shash_async_finup+0x1b0/0x1b0 [ 31.380347] ? shash_async_finup+0x1b0/0x1b0 [ 31.384734] crypto_ahash_digest+0xe4/0x160 [ 31.389045] hash_sendpage+0xb40/0xe10 [ 31.392916] ? hash_recvmsg+0xd50/0xd50 [ 31.396868] sock_sendpage+0x1de/0x2c0 [ 31.400747] pipe_to_sendpage+0x31b/0x430 [ 31.404880] ? sock_fasync+0x2b0/0x2b0 [ 31.408749] ? propagate_umount+0x3a30/0x3a30 [ 31.413222] __splice_from_pipe+0x49a/0xf30 [ 31.417524] ? generic_splice_sendpage+0x2a0/0x2a0 [ 31.422429] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 31.427770] generic_splice_sendpage+0x1c6/0x2a0 [ 31.432505] ? iter_file_splice_write+0x1710/0x1710 [ 31.437498] ? iter_file_splice_write+0x1710/0x1710 [ 31.442492] direct_splice_actor+0x19b/0x200 [ 31.446879] splice_direct_to_actor+0x764/0x1040 [ 31.451610] ? do_splice_direct+0x540/0x540 [ 31.455909] ? security_file_permission+0x28f/0x4b0 [ 31.460904] ? rw_verify_area+0x35e/0x580 [ 31.465043] do_splice_direct+0x335/0x540 [ 31.469173] do_sendfile+0x1067/0x1e40 [ 31.473053] SYSC_sendfile64+0x1b3/0x300 [ 31.477097] SyS_sendfile64+0x64/0x90 [ 31.480876] do_syscall_64+0x309/0x430 [ 31.484742] ? SYSC_sendfile+0x320/0x320 [ 31.488786] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 31.493952] RIP: 0033:0x440c19 [ 31.497119] RSP: 002b:00000000007dff78 EFLAGS: 00000217 ORIG_RAX: 0000000000000028 [ 31.504804] RAX: ffffffffffffffda RBX: 00007ffc28b43850 RCX: 0000000000440c19 [ 31.512051] RDX: 0000000020816ff8 RSI: 0000000000000005 RDI: 0000000000000004 [ 31.519299] RBP: 0000000000000000 R08: 0000000120080522 R09: 0000000120080522 [ 31.526544] R10: 0000000000000001 R11: 0000000000000217 R12: 00000000004023b0 [ 31.533790] R13: 0000000000402440 R14: 0000000000000000 R15: 0000000000000000 [ 31.541046] [ 31.542649] Uninit was stored to memory at: [ 31.546951] kmsan_internal_chain_origin+0x12b/0x210 [ 31.552038] kmsan_memcpy_origins+0x11d/0x170 [ 31.556516] __msan_memcpy+0x19f/0x1f0 [ 31.560379] shash_update_unaligned+0x1e5/0x3c0 [ 31.565029] shash_ahash_finup+0x3de/0xa30 [ 31.569247] shash_ahash_digest+0x5c6/0x600 [ 31.573544] shash_async_digest+0x11c/0x1b0 [ 31.577845] crypto_ahash_op+0x89a/0xc10 [ 31.581882] crypto_ahash_digest+0xe4/0x160 [ 31.586180] hash_sendpage+0xb40/0xe10 [ 31.590051] sock_sendpage+0x1de/0x2c0 [ 31.593915] pipe_to_sendpage+0x31b/0x430 [ 31.598047] __splice_from_pipe+0x49a/0xf30 [ 31.602350] generic_splice_sendpage+0x1c6/0x2a0 [ 31.607083] direct_splice_actor+0x19b/0x200 [ 31.611469] splice_direct_to_actor+0x764/0x1040 [ 31.616201] do_splice_direct+0x335/0x540 [ 31.620323] do_sendfile+0x1067/0x1e40 [ 31.624186] SYSC_sendfile64+0x1b3/0x300 [ 31.628220] SyS_sendfile64+0x64/0x90 [ 31.632005] do_syscall_64+0x309/0x430 [ 31.635876] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 31.641039] Uninit was created at: [ 31.644558] kmsan_alloc_meta_for_pages+0x161/0x3a0 [ 31.649555] kmsan_alloc_page+0x82/0xe0 [ 31.653507] __alloc_pages_nodemask+0xf5b/0x5dc0 [ 31.658260] alloc_pages_vma+0xcc8/0x1800 [ 31.662385] shmem_alloc_and_acct_page+0x6d5/0x1000 [ 31.667380] shmem_getpage_gfp+0x35db/0x5770 [ 31.671764] shmem_fallocate+0xde2/0x1610 [ 31.675890] vfs_fallocate+0x9dc/0xde0 [ 31.679752] SYSC_fallocate+0x119/0x1d0 [ 31.683703] SyS_fallocate+0x64/0x90 [ 31.687394] do_syscall_64+0x309/0x430 [ 31.691259] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 31.696426] ================================================================== [ 31.703756] Disabling lock debugging due to kernel taint [ 31.709182] Kernel panic - not syncing: panic_on_warn set ... [ 31.709182] [ 31.716522] CPU: 0 PID: 3578 Comm: syzkaller625961 Tainted: G B 4.16.0+ #81 [ 31.724810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 31.734141] Call Trace: [ 31.736711] dump_stack+0x185/0x1d0 [ 31.740322] panic+0x39d/0x940 [ 31.743500] ? __crc32c_le+0xb64/0xcd0 [ 31.747373] kmsan_report+0x238/0x240 [ 31.751149] __msan_warning_32+0x6c/0xb0 [ 31.755186] __crc32c_le+0xb64/0xcd0 [ 31.758891] chksum_update+0xb6/0x120 [ 31.762692] shash_update_unaligned+0x262/0x3c0 [ 31.767342] ? shash_update_unaligned+0xc3/0x3c0 [ 31.772077] ? chksum_init+0xe0/0xe0 [ 31.775773] shash_ahash_finup+0x3de/0xa30 [ 31.779993] shash_ahash_digest+0x5c6/0x600 [ 31.784296] shash_async_digest+0x11c/0x1b0 [ 31.788594] crypto_ahash_op+0x89a/0xc10 [ 31.792632] ? __kmalloc+0x23c/0x350 [ 31.796320] ? shash_async_finup+0x1b0/0x1b0 [ 31.800702] ? shash_async_finup+0x1b0/0x1b0 [ 31.805088] crypto_ahash_digest+0xe4/0x160 [ 31.809393] hash_sendpage+0xb40/0xe10 [ 31.813266] ? hash_recvmsg+0xd50/0xd50 [ 31.817243] sock_sendpage+0x1de/0x2c0 [ 31.821112] pipe_to_sendpage+0x31b/0x430 [ 31.825240] ? sock_fasync+0x2b0/0x2b0 [ 31.829107] ? propagate_umount+0x3a30/0x3a30 [ 31.833578] __splice_from_pipe+0x49a/0xf30 [ 31.837875] ? generic_splice_sendpage+0x2a0/0x2a0 [ 31.842781] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 31.848122] generic_splice_sendpage+0x1c6/0x2a0 [ 31.852856] ? iter_file_splice_write+0x1710/0x1710 [ 31.857853] ? iter_file_splice_write+0x1710/0x1710 [ 31.862848] direct_splice_actor+0x19b/0x200 [ 31.867238] splice_direct_to_actor+0x764/0x1040 [ 31.871967] ? do_splice_direct+0x540/0x540 [ 31.876264] ? security_file_permission+0x28f/0x4b0 [ 31.881258] ? rw_verify_area+0x35e/0x580 [ 31.885383] do_splice_direct+0x335/0x540 [ 31.889509] do_sendfile+0x1067/0x1e40 [ 31.893392] SYSC_sendfile64+0x1b3/0x300 [ 31.897436] SyS_sendfile64+0x64/0x90 [ 31.901220] do_syscall_64+0x309/0x430 [ 31.905088] ? SYSC_sendfile+0x320/0x320 [ 31.909128] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 31.914292] RIP: 0033:0x440c19 [ 31.917455] RSP: 002b:00000000007dff78 EFLAGS: 00000217 ORIG_RAX: 0000000000000028 [ 31.925138] RAX: ffffffffffffffda RBX: 00007ffc28b43850 RCX: 0000000000440c19 [ 31.932385] RDX: 0000000020816ff8 RSI: 0000000000000005 RDI: 0000000000000004 [ 31.939628] RBP: 0000000000000000 R08: 0000000120080522 R09: 0000000120080522 [ 31.946872] R10: 0000000000000001 R11: 0000000000000217 R12: 00000000004023b0 [ 31.954116] R13: 0000000000402440 R14: 0000000000000000 R15: 0000000000000000 [ 31.961798] Dumping ftrace buffer: [ 31.965316] (ftrace buffer empty) [ 31.968999] Kernel Offset: disabled [ 31.972603] Rebooting in 86400 seconds..