[ OK ] Started OpenBSD Secure Shell server. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.10.57' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 129.124658][ T32] audit: type=1400 audit(1595221277.002:8): avc: denied { execmem } for pid=8499 comm="syz-executor522" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 129.135570][ T8499] ===================================================== [ 129.152222][ T8499] BUG: KMSAN: uninit-value in sha1_transform+0x5371/0x5a90 [ 129.159418][ T8499] CPU: 0 PID: 8499 Comm: syz-executor522 Not tainted 5.8.0-rc5-syzkaller #0 [ 129.168077][ T8499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 129.178123][ T8499] Call Trace: [ 129.181415][ T8499] dump_stack+0x1df/0x240 [ 129.185749][ T8499] kmsan_report+0xf7/0x1e0 [ 129.190252][ T8499] __msan_warning+0x58/0xa0 [ 129.194756][ T8499] sha1_transform+0x5371/0x5a90 [ 129.199640][ T8499] crypto_sha1_update+0x4bb/0x5e0 [ 129.204672][ T8499] ? kmsan_get_metadata+0x11d/0x180 [ 129.209872][ T8499] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 129.215673][ T8499] ? rmd320_transform+0x6dc0/0x6dc0 [ 129.220866][ T8499] crypto_shash_update+0x4e9/0x550 [ 129.225974][ T8499] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 129.232127][ T8499] ? hash_walk_new_entry+0x6c7/0x770 [ 129.237429][ T8499] ? crypto_hash_walk_first+0x1fd/0x360 [ 129.242973][ T8499] ? kmsan_get_metadata+0x4f/0x180 [ 129.248080][ T8499] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 129.253886][ T8499] shash_async_update+0x113/0x1d0 [ 129.258910][ T8499] ? shash_async_init+0x1e0/0x1e0 [ 129.263931][ T8499] hash_sendpage+0x8ef/0xdf0 [ 129.268532][ T8499] ? hash_recvmsg+0xd30/0xd30 [ 129.273208][ T8499] sock_sendpage+0x1e1/0x2c0 [ 129.277803][ T8499] pipe_to_sendpage+0x38c/0x4c0 [ 129.282655][ T8499] ? sock_fasync+0x250/0x250 [ 129.287252][ T8499] __splice_from_pipe+0x565/0xf00 [ 129.292280][ T8499] ? generic_splice_sendpage+0x2d0/0x2d0 [ 129.297932][ T8499] generic_splice_sendpage+0x1d5/0x2d0 [ 129.303400][ T8499] ? iter_file_splice_write+0x1800/0x1800 [ 129.309112][ T8499] direct_splice_actor+0x1fd/0x580 [ 129.314211][ T8499] ? kmsan_get_metadata+0x4f/0x180 [ 129.319299][ T8499] splice_direct_to_actor+0x6b2/0xf50 [ 129.324645][ T8499] ? do_splice_direct+0x580/0x580 [ 129.329653][ T8499] do_splice_direct+0x342/0x580 [ 129.334519][ T8499] do_sendfile+0x101b/0x1d40 [ 129.339134][ T8499] __se_sys_sendfile64+0x2bb/0x360 [ 129.344217][ T8499] ? kmsan_set_origin_checked+0x95/0xf0 [ 129.349736][ T8499] ? kmsan_get_metadata+0x11d/0x180 [ 129.354920][ T8499] ? __se_sys_sendfile64+0x360/0x360 [ 129.360234][ T8499] __ia32_sys_sendfile64+0x56/0x70 [ 129.365469][ T8499] __do_fast_syscall_32+0x2aa/0x400 [ 129.370648][ T8499] do_fast_syscall_32+0x6b/0xd0 [ 129.375478][ T8499] do_SYSENTER_32+0x73/0x90 [ 129.379962][ T8499] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 129.386270][ T8499] RIP: 0023:0xf7fea549 [ 129.390306][ T8499] Code: Bad RIP value. [ 129.394346][ T8499] RSP: 002b:00000000ffbdd31c EFLAGS: 00000292 ORIG_RAX: 00000000000000ef [ 129.402729][ T8499] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000003 [ 129.410715][ T8499] RDX: 0000000000000000 RSI: 0000000001f80000 RDI: 0000000000000004 [ 129.418673][ T8499] RBP: 0000000020000040 R08: 0000000000000000 R09: 0000000000000000 [ 129.426757][ T8499] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 129.434701][ T8499] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 129.442653][ T8499] [ 129.444953][ T8499] Uninit was created at: [ 129.449169][ T8499] kmsan_save_stack_with_flags+0x3c/0x90 [ 129.454773][ T8499] kmsan_alloc_page+0xb9/0x180 [ 129.459637][ T8499] __alloc_pages_nodemask+0x56a2/0x5dc0 [ 129.465155][ T8499] alloc_pages_current+0x672/0x990 [ 129.470249][ T8499] push_pipe+0x605/0xb70 [ 129.474476][ T8499] iov_iter_get_pages_alloc+0x18a9/0x21c0 [ 129.480219][ T8499] do_splice_to+0x4fc/0x14f0 [ 129.484799][ T8499] splice_direct_to_actor+0x45c/0xf50 [ 129.490165][ T8499] do_splice_direct+0x342/0x580 [ 129.494989][ T8499] do_sendfile+0x101b/0x1d40 [ 129.499548][ T8499] __se_sys_sendfile64+0x2bb/0x360 [ 129.504630][ T8499] __ia32_sys_sendfile64+0x56/0x70 [ 129.509717][ T8499] __do_fast_syscall_32+0x2aa/0x400 [ 129.514888][ T8499] do_fast_syscall_32+0x6b/0xd0 [ 129.519711][ T8499] do_SYSENTER_32+0x73/0x90 [ 129.524186][ T8499] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 129.530478][ T8499] ===================================================== [ 129.537432][ T8499] Disabling lock debugging due to kernel taint [ 129.543564][ T8499] Kernel panic - not syncing: panic_on_warn set ... [ 129.550164][ T8499] CPU: 0 PID: 8499 Comm: syz-executor522 Tainted: G B 5.8.0-rc5-syzkaller #0 [ 129.560194][ T8499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 129.570222][ T8499] Call Trace: [ 129.573491][ T8499] dump_stack+0x1df/0x240 [ 129.577797][ T8499] panic+0x3d5/0xc3e [ 129.581697][ T8499] kmsan_report+0x1df/0x1e0 [ 129.586182][ T8499] __msan_warning+0x58/0xa0 [ 129.590659][ T8499] sha1_transform+0x5371/0x5a90 [ 129.595503][ T8499] crypto_sha1_update+0x4bb/0x5e0 [ 129.600505][ T8499] ? kmsan_get_metadata+0x11d/0x180 [ 129.605692][ T8499] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 129.611483][ T8499] ? rmd320_transform+0x6dc0/0x6dc0 [ 129.616655][ T8499] crypto_shash_update+0x4e9/0x550 [ 129.621741][ T8499] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 129.627870][ T8499] ? hash_walk_new_entry+0x6c7/0x770 [ 129.633133][ T8499] ? crypto_hash_walk_first+0x1fd/0x360 [ 129.638650][ T8499] ? kmsan_get_metadata+0x4f/0x180 [ 129.643734][ T8499] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 129.649513][ T8499] shash_async_update+0x113/0x1d0 [ 129.654520][ T8499] ? shash_async_init+0x1e0/0x1e0 [ 129.659516][ T8499] hash_sendpage+0x8ef/0xdf0 [ 129.664087][ T8499] ? hash_recvmsg+0xd30/0xd30 [ 129.668739][ T8499] sock_sendpage+0x1e1/0x2c0 [ 129.673310][ T8499] pipe_to_sendpage+0x38c/0x4c0 [ 129.678133][ T8499] ? sock_fasync+0x250/0x250 [ 129.682704][ T8499] __splice_from_pipe+0x565/0xf00 [ 129.687700][ T8499] ? generic_splice_sendpage+0x2d0/0x2d0 [ 129.693312][ T8499] generic_splice_sendpage+0x1d5/0x2d0 [ 129.698751][ T8499] ? iter_file_splice_write+0x1800/0x1800 [ 129.704441][ T8499] direct_splice_actor+0x1fd/0x580 [ 129.709527][ T8499] ? kmsan_get_metadata+0x4f/0x180 [ 129.714614][ T8499] splice_direct_to_actor+0x6b2/0xf50 [ 129.719955][ T8499] ? do_splice_direct+0x580/0x580 [ 129.724962][ T8499] do_splice_direct+0x342/0x580 [ 129.729791][ T8499] do_sendfile+0x101b/0x1d40 [ 129.734367][ T8499] __se_sys_sendfile64+0x2bb/0x360 [ 129.739450][ T8499] ? kmsan_set_origin_checked+0x95/0xf0 [ 129.744970][ T8499] ? kmsan_get_metadata+0x11d/0x180 [ 129.750138][ T8499] ? __se_sys_sendfile64+0x360/0x360 [ 129.755395][ T8499] __ia32_sys_sendfile64+0x56/0x70 [ 129.760480][ T8499] __do_fast_syscall_32+0x2aa/0x400 [ 129.765655][ T8499] do_fast_syscall_32+0x6b/0xd0 [ 129.770480][ T8499] do_SYSENTER_32+0x73/0x90 [ 129.774957][ T8499] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 129.781254][ T8499] RIP: 0023:0xf7fea549 [ 129.785291][ T8499] Code: Bad RIP value. [ 129.789328][ T8499] RSP: 002b:00000000ffbdd31c EFLAGS: 00000292 ORIG_RAX: 00000000000000ef [ 129.797714][ T8499] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000003 [ 129.805658][ T8499] RDX: 0000000000000000 RSI: 0000000001f80000 RDI: 0000000000000004 [ 129.813601][ T8499] RBP: 0000000020000040 R08: 0000000000000000 R09: 0000000000000000 [ 129.821545][ T8499] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 129.829499][ T8499] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 129.838095][ T8499] ------------[ cut here ]------------ [ 129.843528][ T8499] kernel BUG at mm/kmsan/kmsan.h:87! [ 129.848792][ T8499] invalid opcode: 0000 [#1] SMP [ 129.853613][ T8499] CPU: 0 PID: 8499 Comm: syz-executor522 Tainted: G B 5.8.0-rc5-syzkaller #0 [ 129.863636][ T8499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 129.873671][ T8499] RIP: 0010:kmsan_internal_check_memory+0x3c0/0x3d0 [ 129.880229][ T8499] Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 0b 48 c7 c7 ea 03 ca b5 31 c0 e8 81 fe 44 ff 0f 0b 0f 0b 0f 0b 0f 0b e8 32 3f 8c 0c 0f 0b <0f> 0b 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 83 ff [ 129.899806][ T8499] RSP: 0018:ffffb25400dd6ce8 EFLAGS: 00010046 [ 129.905842][ T8499] RAX: 0000000000000002 RBX: 00000000078b00b5 RCX: 00000000078b00b5 [ 129.913879][ T8499] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffb25400dd6dc4 [ 129.921822][ T8499] RBP: ffffb25400dd6d90 R08: 0000000000000000 R09: ffff9570efc28210 [ 129.929765][ T8499] R10: 0000000000000000 R11: ffffffffaca02730 R12: 0000000000000000 [ 129.937709][ T8499] R13: 0000000000000001 R14: 0000000000000002 R15: 0000000000000001 [ 129.945654][ T8499] FS: 0000000000000000(0000) GS:ffff9570efc00000(0063) knlGS:0000000008a95840 [ 129.954559][ T8499] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 129.961113][ T8499] CR2: 0000000020000040 CR3: 00000000bbac2000 CR4: 00000000001406f0 [ 129.969061][ T8499] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 129.977004][ T8499] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 129.984954][ T8499] Call Trace: [ 129.988229][ T8499] kmsan_check_memory+0xd/0x10 [ 129.992966][ T8499] iowrite8+0x99/0x2e0 [ 129.997009][ T8499] pvpanic_panic_notify+0x99/0xc0 [ 130.002004][ T8499] ? pvpanic_mmio_remove+0x60/0x60 [ 130.007088][ T8499] atomic_notifier_call_chain+0x130/0x250 [ 130.012782][ T8499] panic+0x468/0xc3e [ 130.016660][ T8499] kmsan_report+0x1df/0x1e0 [ 130.021137][ T8499] __msan_warning+0x58/0xa0 [ 130.025612][ T8499] sha1_transform+0x5371/0x5a90 [ 130.030455][ T8499] crypto_sha1_update+0x4bb/0x5e0 [ 130.035455][ T8499] ? kmsan_get_metadata+0x11d/0x180 [ 130.040624][ T8499] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 130.046403][ T8499] ? rmd320_transform+0x6dc0/0x6dc0 [ 130.051571][ T8499] crypto_shash_update+0x4e9/0x550 [ 130.056653][ T8499] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 130.062778][ T8499] ? hash_walk_new_entry+0x6c7/0x770 [ 130.068044][ T8499] ? crypto_hash_walk_first+0x1fd/0x360 [ 130.073559][ T8499] ? kmsan_get_metadata+0x4f/0x180 [ 130.078641][ T8499] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 130.084418][ T8499] shash_async_update+0x113/0x1d0 [ 130.089415][ T8499] ? shash_async_init+0x1e0/0x1e0 [ 130.094412][ T8499] hash_sendpage+0x8ef/0xdf0 [ 130.098978][ T8499] ? hash_recvmsg+0xd30/0xd30 [ 130.103627][ T8499] sock_sendpage+0x1e1/0x2c0 [ 130.108195][ T8499] pipe_to_sendpage+0x38c/0x4c0 [ 130.113016][ T8499] ? sock_fasync+0x250/0x250 [ 130.117581][ T8499] __splice_from_pipe+0x565/0xf00 [ 130.122579][ T8499] ? generic_splice_sendpage+0x2d0/0x2d0 [ 130.128192][ T8499] generic_splice_sendpage+0x1d5/0x2d0 [ 130.133625][ T8499] ? iter_file_splice_write+0x1800/0x1800 [ 130.139319][ T8499] direct_splice_actor+0x1fd/0x580 [ 130.144407][ T8499] ? kmsan_get_metadata+0x4f/0x180 [ 130.149492][ T8499] splice_direct_to_actor+0x6b2/0xf50 [ 130.154857][ T8499] ? do_splice_direct+0x580/0x580 [ 130.159863][ T8499] do_splice_direct+0x342/0x580 [ 130.164694][ T8499] do_sendfile+0x101b/0x1d40 [ 130.169268][ T8499] __se_sys_sendfile64+0x2bb/0x360 [ 130.174353][ T8499] ? kmsan_set_origin_checked+0x95/0xf0 [ 130.179879][ T8499] ? kmsan_get_metadata+0x11d/0x180 [ 130.185047][ T8499] ? __se_sys_sendfile64+0x360/0x360 [ 130.190301][ T8499] __ia32_sys_sendfile64+0x56/0x70 [ 130.195389][ T8499] __do_fast_syscall_32+0x2aa/0x400 [ 130.200565][ T8499] do_fast_syscall_32+0x6b/0xd0 [ 130.205388][ T8499] do_SYSENTER_32+0x73/0x90 [ 130.209867][ T8499] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 130.216162][ T8499] RIP: 0023:0xf7fea549 [ 130.220195][ T8499] Code: Bad RIP value. [ 130.224233][ T8499] RSP: 002b:00000000ffbdd31c EFLAGS: 00000292 ORIG_RAX: 00000000000000ef [ 130.232612][ T8499] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000003 [ 130.240554][ T8499] RDX: 0000000000000000 RSI: 0000000001f80000 RDI: 0000000000000004 [ 130.248498][ T8499] RBP: 0000000020000040 R08: 0000000000000000 R09: 0000000000000000 [ 130.256454][ T8499] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 130.264395][ T8499] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 130.272345][ T8499] Modules linked in: [ 130.276214][ T8499] ---[ end trace 4d2d65eb0157aa3e ]--- [ 130.281646][ T8499] RIP: 0010:kmsan_internal_check_memory+0x3c0/0x3d0 [ 130.288218][ T8499] Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 0b 48 c7 c7 ea 03 ca b5 31 c0 e8 81 fe 44 ff 0f 0b 0f 0b 0f 0b 0f 0b e8 32 3f 8c 0c 0f 0b <0f> 0b 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 83 ff [ 130.307838][ T8499] RSP: 0018:ffffb25400dd6ce8 EFLAGS: 00010046 [ 130.313893][ T8499] RAX: 0000000000000002 RBX: 00000000078b00b5 RCX: 00000000078b00b5 [ 130.321848][ T8499] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffb25400dd6dc4 [ 130.329792][ T8499] RBP: ffffb25400dd6d90 R08: 0000000000000000 R09: ffff9570efc28210 [ 130.337778][ T8499] R10: 0000000000000000 R11: ffffffffaca02730 R12: 0000000000000000 [ 130.345721][ T8499] R13: 0000000000000001 R14: 0000000000000002 R15: 0000000000000001 [ 130.353668][ T8499] FS: 0000000000000000(0000) GS:ffff9570efc00000(0063) knlGS:0000000008a95840 [ 130.362620][ T8499] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 130.369185][ T8499] CR2: 0000000020000040 CR3: 00000000bbac2000 CR4: 00000000001406f0 [ 130.377143][ T8499] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 130.385089][ T8499] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 130.393037][ T8499] Kernel panic - not syncing: Fatal exception [ 130.399707][ T8499] Kernel Offset: 0x26600000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 130.411313][ T8499] Rebooting in 86400 seconds..