INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.30' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 45.739220] ================================================================== [ 45.746615] BUG: KMSAN: uninit-value in sha256_generic_block_fn+0xb05f/0xb460 [ 45.753865] CPU: 0 PID: 3581 Comm: syzkaller797887 Not tainted 4.16.0+ #83 [ 45.760848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 45.770174] Call Trace: [ 45.772743] dump_stack+0x185/0x1d0 [ 45.776358] ? sha256_generic_block_fn+0xb05f/0xb460 [ 45.781437] kmsan_report+0x142/0x240 [ 45.785217] __msan_warning_32+0x6c/0xb0 [ 45.789256] sha256_generic_block_fn+0xb05f/0xb460 [ 45.794176] ? kmsan_internal_chain_origin+0x12b/0x210 [ 45.799426] ? kmsan_memcpy_origins+0x11d/0x170 [ 45.804070] ? __msan_memcpy+0x19f/0x1f0 [ 45.808104] ? crypto_sha256_finup+0x1d2/0x7e0 [ 45.812656] ? shash_ahash_finup+0x468/0xa30 [ 45.817046] ? shash_ahash_digest+0x5c6/0x600 [ 45.821514] ? shash_async_digest+0x11c/0x1b0 [ 45.825982] ? crypto_ahash_op+0x89a/0xc10 [ 45.830214] ? crypto_ahash_digest+0xe4/0x160 [ 45.834695] ? hash_sendpage+0xb40/0xe10 [ 45.838733] ? sock_sendpage+0x1de/0x2c0 [ 45.842771] ? pipe_to_sendpage+0x31b/0x430 [ 45.847152] ? __splice_from_pipe+0x49a/0xf30 [ 45.851620] ? generic_splice_sendpage+0x1c6/0x2a0 [ 45.856522] ? direct_splice_actor+0x19b/0x200 [ 45.861077] ? splice_direct_to_actor+0x764/0x1040 [ 45.865979] ? do_splice_direct+0x335/0x540 [ 45.870280] ? do_sendfile+0x1067/0x1e40 [ 45.874317] ? SYSC_sendfile64+0x1b3/0x300 [ 45.878530] ? SyS_sendfile64+0x64/0x90 [ 45.882478] ? do_syscall_64+0x309/0x430 [ 45.886513] ? entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 45.891858] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 45.897284] ? __save_stack_trace+0x893/0xa80 [ 45.901755] ? kmsan_memcpy_origins+0x11d/0x170 [ 45.906401] crypto_sha256_finup+0x35e/0x7e0 [ 45.910785] ? sha256_generic_block_fn+0xb460/0xb460 [ 45.915860] shash_ahash_finup+0x468/0xa30 [ 45.920068] shash_ahash_digest+0x5c6/0x600 [ 45.924366] shash_async_digest+0x11c/0x1b0 [ 45.928665] crypto_ahash_op+0x89a/0xc10 [ 45.932700] ? __kmalloc+0x23c/0x350 [ 45.936396] ? shash_async_finup+0x1b0/0x1b0 [ 45.940776] ? shash_async_finup+0x1b0/0x1b0 [ 45.945158] crypto_ahash_digest+0xe4/0x160 [ 45.949461] hash_sendpage+0xb40/0xe10 [ 45.953330] ? hash_recvmsg+0xd50/0xd50 [ 45.957281] sock_sendpage+0x1de/0x2c0 [ 45.961144] pipe_to_sendpage+0x31b/0x430 [ 45.965264] ? sock_fasync+0x2b0/0x2b0 [ 45.969129] ? propagate_umount+0x3a30/0x3a30 [ 45.973599] __splice_from_pipe+0x49a/0xf30 [ 45.977898] ? generic_splice_sendpage+0x2a0/0x2a0 [ 45.982807] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 45.988804] generic_splice_sendpage+0x1c6/0x2a0 [ 45.993537] ? iter_file_splice_write+0x1710/0x1710 [ 45.998527] ? iter_file_splice_write+0x1710/0x1710 [ 46.003518] direct_splice_actor+0x19b/0x200 [ 46.007908] splice_direct_to_actor+0x764/0x1040 [ 46.012641] ? do_splice_direct+0x540/0x540 [ 46.016936] ? security_file_permission+0x28f/0x4b0 [ 46.021932] ? rw_verify_area+0x35e/0x580 [ 46.026059] do_splice_direct+0x335/0x540 [ 46.030186] do_sendfile+0x1067/0x1e40 [ 46.034052] SYSC_sendfile64+0x1b3/0x300 [ 46.038088] SyS_sendfile64+0x64/0x90 [ 46.041864] do_syscall_64+0x309/0x430 [ 46.045736] ? SYSC_sendfile+0x320/0x320 [ 46.049774] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 46.054935] RIP: 0033:0x440c19 [ 46.058097] RSP: 002b:00000000007dff78 EFLAGS: 00000217 ORIG_RAX: 0000000000000028 [ 46.065778] RAX: ffffffffffffffda RBX: 00007ffd8f2f7820 RCX: 0000000000440c19 [ 46.073019] RDX: 0000000020e64ff8 RSI: 0000000000000005 RDI: 0000000000000004 [ 46.080264] RBP: 0000000000000000 R08: 0000000120080522 R09: 0000000120080522 [ 46.087505] R10: 0000000000000008 R11: 0000000000000217 R12: 00000000004023b0 [ 46.094749] R13: 0000000000402440 R14: 0000000000000000 R15: 0000000000000000 [ 46.101993] [ 46.103591] Uninit was stored to memory at: [ 46.107890] kmsan_internal_chain_origin+0x12b/0x210 [ 46.112964] kmsan_memcpy_origins+0x11d/0x170 [ 46.122043] __msan_memcpy+0x19f/0x1f0 [ 46.125906] crypto_sha256_finup+0x1d2/0x7e0 [ 46.130287] shash_ahash_finup+0x468/0xa30 [ 46.134493] shash_ahash_digest+0x5c6/0x600 [ 46.138785] shash_async_digest+0x11c/0x1b0 [ 46.143079] crypto_ahash_op+0x89a/0xc10 [ 46.147200] crypto_ahash_digest+0xe4/0x160 [ 46.151491] hash_sendpage+0xb40/0xe10 [ 46.155352] sock_sendpage+0x1de/0x2c0 [ 46.159212] pipe_to_sendpage+0x31b/0x430 [ 46.163332] __splice_from_pipe+0x49a/0xf30 [ 46.167632] generic_splice_sendpage+0x1c6/0x2a0 [ 46.172363] direct_splice_actor+0x19b/0x200 [ 46.176743] splice_direct_to_actor+0x764/0x1040 [ 46.181471] do_splice_direct+0x335/0x540 [ 46.185592] do_sendfile+0x1067/0x1e40 [ 46.189453] SYSC_sendfile64+0x1b3/0x300 [ 46.193484] SyS_sendfile64+0x64/0x90 [ 46.197255] do_syscall_64+0x309/0x430 [ 46.201116] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 46.206273] Uninit was created at: [ 46.209785] kmsan_alloc_meta_for_pages+0x161/0x3a0 [ 46.214771] kmsan_alloc_page+0x82/0xe0 [ 46.218718] __alloc_pages_nodemask+0xf5b/0x5dc0 [ 46.223445] alloc_pages_vma+0xcc8/0x1800 [ 46.227575] shmem_alloc_and_acct_page+0x6d5/0x1000 [ 46.232566] shmem_getpage_gfp+0x35db/0x5770 [ 46.236946] shmem_fallocate+0xde2/0x1610 [ 46.241065] vfs_fallocate+0x9dc/0xde0 [ 46.244923] SYSC_fallocate+0x119/0x1d0 [ 46.248876] SyS_fallocate+0x64/0x90 [ 46.252560] do_syscall_64+0x309/0x430 [ 46.256419] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 46.261579] ================================================================== [ 46.268915] Disabling lock debugging due to kernel taint [ 46.274338] Kernel panic - not syncing: panic_on_warn set ... [ 46.274338] [ 46.281678] CPU: 0 PID: 3581 Comm: syzkaller797887 Tainted: G B 4.16.0+ #83 [ 46.289968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 46.299296] Call Trace: [ 46.301863] dump_stack+0x185/0x1d0 [ 46.305465] panic+0x39d/0x940 [ 46.308643] ? sha256_generic_block_fn+0xb05f/0xb460 [ 46.313719] kmsan_report+0x238/0x240 [ 46.317495] __msan_warning_32+0x6c/0xb0 [ 46.321529] sha256_generic_block_fn+0xb05f/0xb460 [ 46.326431] ? kmsan_internal_chain_origin+0x12b/0x210 [ 46.331678] ? kmsan_memcpy_origins+0x11d/0x170 [ 46.336318] ? __msan_memcpy+0x19f/0x1f0 [ 46.340355] ? crypto_sha256_finup+0x1d2/0x7e0 [ 46.344907] ? shash_ahash_finup+0x468/0xa30 [ 46.349293] ? shash_ahash_digest+0x5c6/0x600 [ 46.353759] ? shash_async_digest+0x11c/0x1b0 [ 46.358228] ? crypto_ahash_op+0x89a/0xc10 [ 46.362435] ? crypto_ahash_digest+0xe4/0x160 [ 46.366900] ? hash_sendpage+0xb40/0xe10 [ 46.370932] ? sock_sendpage+0x1de/0x2c0 [ 46.374966] ? pipe_to_sendpage+0x31b/0x430 [ 46.379260] ? __splice_from_pipe+0x49a/0xf30 [ 46.383729] ? generic_splice_sendpage+0x1c6/0x2a0 [ 46.388631] ? direct_splice_actor+0x19b/0x200 [ 46.393187] ? splice_direct_to_actor+0x764/0x1040 [ 46.398096] ? do_splice_direct+0x335/0x540 [ 46.402391] ? do_sendfile+0x1067/0x1e40 [ 46.406424] ? SYSC_sendfile64+0x1b3/0x300 [ 46.410631] ? SyS_sendfile64+0x64/0x90 [ 46.414577] ? do_syscall_64+0x309/0x430 [ 46.418609] ? entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 46.423950] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 46.429375] ? __save_stack_trace+0x893/0xa80 [ 46.433842] ? kmsan_memcpy_origins+0x11d/0x170 [ 46.438485] crypto_sha256_finup+0x35e/0x7e0 [ 46.442872] ? sha256_generic_block_fn+0xb460/0xb460 [ 46.447945] shash_ahash_finup+0x468/0xa30 [ 46.452164] shash_ahash_digest+0x5c6/0x600 [ 46.456467] shash_async_digest+0x11c/0x1b0 [ 46.460771] crypto_ahash_op+0x89a/0xc10 [ 46.464808] ? __kmalloc+0x23c/0x350 [ 46.468495] ? shash_async_finup+0x1b0/0x1b0 [ 46.472874] ? shash_async_finup+0x1b0/0x1b0 [ 46.477258] crypto_ahash_digest+0xe4/0x160 [ 46.481556] hash_sendpage+0xb40/0xe10 [ 46.485429] ? hash_recvmsg+0xd50/0xd50 [ 46.489384] sock_sendpage+0x1de/0x2c0 [ 46.493250] pipe_to_sendpage+0x31b/0x430 [ 46.497370] ? sock_fasync+0x2b0/0x2b0 [ 46.501232] ? propagate_umount+0x3a30/0x3a30 [ 46.505700] __splice_from_pipe+0x49a/0xf30 [ 46.509993] ? generic_splice_sendpage+0x2a0/0x2a0 [ 46.514894] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 46.520231] generic_splice_sendpage+0x1c6/0x2a0 [ 46.524963] ? iter_file_splice_write+0x1710/0x1710 [ 46.529953] ? iter_file_splice_write+0x1710/0x1710 [ 46.534942] direct_splice_actor+0x19b/0x200 [ 46.539342] splice_direct_to_actor+0x764/0x1040 [ 46.544068] ? do_splice_direct+0x540/0x540 [ 46.548368] ? security_file_permission+0x28f/0x4b0 [ 46.553359] ? rw_verify_area+0x35e/0x580 [ 46.557484] do_splice_direct+0x335/0x540 [ 46.561605] do_sendfile+0x1067/0x1e40 [ 46.565472] SYSC_sendfile64+0x1b3/0x300 [ 46.569511] SyS_sendfile64+0x64/0x90 [ 46.573284] do_syscall_64+0x309/0x430 [ 46.577153] ? SYSC_sendfile+0x320/0x320 [ 46.581191] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 46.586354] RIP: 0033:0x440c19 [ 46.589515] RSP: 002b:00000000007dff78 EFLAGS: 00000217 ORIG_RAX: 0000000000000028 [ 46.597196] RAX: ffffffffffffffda RBX: 00007ffd8f2f7820 RCX: 0000000000440c19 [ 46.604440] RDX: 0000000020e64ff8 RSI: 0000000000000005 RDI: 0000000000000004 [ 46.611682] RBP: 0000000000000000 R08: 0000000120080522 R09: 0000000120080522 [ 46.618930] R10: 0000000000000008 R11: 0000000000000217 R12: 00000000004023b0 [ 46.626173] R13: 0000000000402440 R14: 0000000000000000 R15: 0000000000000000 [ 46.633907] Dumping ftrace buffer: [ 46.637425] (ftrace buffer empty) [ 46.641104] Kernel Offset: disabled [ 46.644703] Rebooting in 86400 seconds..