[ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started getty on tty2-tty6 if dbus and logind are not available. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.122' (ECDSA) to the list of known hosts. executing program executing program syzkaller login: [ 139.950810][ T8471] ===================================================== [ 139.957890][ T8471] BUG: KMSAN: kernel-infoleak in kmsan_copy_to_user+0x81/0x90 [ 139.965328][ T8471] CPU: 0 PID: 8471 Comm: syz-executor446 Not tainted 5.8.0-rc5-syzkaller #0 [ 139.974008][ T8471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 139.984072][ T8471] Call Trace: [ 139.987347][ T8471] dump_stack+0x21c/0x280 [ 139.991665][ T8471] kmsan_report+0xf7/0x1e0 [ 139.996079][ T8471] kmsan_internal_check_memory+0x19d/0x3d0 [ 140.001908][ T8471] kmsan_copy_to_user+0x81/0x90 [ 140.006766][ T8471] _copy_to_user+0x18e/0x260 [ 140.011373][ T8471] vcs_read+0x1c6f/0x2920 [ 140.015738][ T8471] ? vcs_lseek+0x6b0/0x6b0 [ 140.020145][ T8471] vfs_read+0x577/0x14d0 [ 140.024393][ T8471] ? __msan_poison_alloca+0xf0/0x120 [ 140.029658][ T8471] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 140.035457][ T8471] ? kmsan_get_metadata+0x116/0x180 [ 140.040660][ T8471] ksys_read+0x275/0x500 [ 140.044992][ T8471] __se_sys_read+0x92/0xb0 [ 140.049407][ T8471] __x64_sys_read+0x4a/0x70 [ 140.053905][ T8471] do_syscall_64+0xad/0x160 [ 140.058405][ T8471] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 140.064274][ T8471] RIP: 0033:0x4453c9 [ 140.068141][ T8471] Code: Bad RIP value. [ 140.072185][ T8471] RSP: 002b:00007fffa3c8af98 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 140.080593][ T8471] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004453c9 [ 140.088560][ T8471] RDX: 0000000000002020 RSI: 0000000020000100 RDI: 0000000000000003 [ 140.096524][ T8471] RBP: 0000000000022239 R08: 00000000004002e0 R09: 00000000004002e0 [ 140.104472][ T8471] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000402590 [ 140.112439][ T8471] R13: 0000000000402620 R14: 0000000000000000 R15: 0000000000000000 [ 140.120396][ T8471] [ 140.122702][ T8471] Uninit was stored to memory at: [ 140.127709][ T8471] kmsan_internal_chain_origin+0xad/0x130 [ 140.133429][ T8471] kmsan_memcpy_memmove_metadata+0x272/0x2e0 [ 140.139407][ T8471] kmsan_memcpy_metadata+0xb/0x10 [ 140.144433][ T8471] __msan_memcpy+0x43/0x50 [ 140.148849][ T8471] vc_uniscr_copy_line+0x545/0x800 [ 140.153946][ T8471] vcs_read+0x107d/0x2920 [ 140.158255][ T8471] vfs_read+0x577/0x14d0 [ 140.162478][ T8471] ksys_read+0x275/0x500 [ 140.166699][ T8471] __se_sys_read+0x92/0xb0 [ 140.171095][ T8471] __x64_sys_read+0x4a/0x70 [ 140.175607][ T8471] do_syscall_64+0xad/0x160 [ 140.180112][ T8471] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 140.185974][ T8471] [ 140.188276][ T8471] Uninit was created at: [ 140.192517][ T8471] kmsan_save_stack_with_flags+0x3c/0x90 [ 140.198127][ T8471] kmsan_alloc_page+0xc5/0x1a0 [ 140.202889][ T8471] __alloc_pages_nodemask+0xdf0/0x1030 [ 140.208329][ T8471] alloc_pages_current+0x685/0xb50 [ 140.213424][ T8471] __vmalloc_node_range+0x989/0x1400 [ 140.218697][ T8471] vmalloc+0xe0/0xf0 [ 140.222586][ T8471] vc_do_resize+0x73e/0x38f0 [ 140.227169][ T8471] vc_resize+0xc3/0xe0 [ 140.231219][ T8471] fbcon_modechanged+0xdc1/0x1320 [ 140.236242][ T8471] fbcon_update_vcs+0x86/0xa0 [ 140.240899][ T8471] fb_set_var+0x1420/0x1850 [ 140.245393][ T8471] do_fb_ioctl+0xc00/0x1150 [ 140.249888][ T8471] fb_ioctl+0x1e4/0x210 [ 140.254040][ T8471] __se_sys_ioctl+0x319/0x4d0 [ 140.258716][ T8471] __x64_sys_ioctl+0x4a/0x70 [ 140.263316][ T8471] do_syscall_64+0xad/0x160 [ 140.267825][ T8471] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 140.273710][ T8471] [ 140.276075][ T8471] Bytes 0-319 of 640 are uninitialized [ 140.281535][ T8471] Memory access of size 640 starts at ffff8880bbb25000 [ 140.288380][ T8471] Data copied to user address 0000000020000100 [ 140.294526][ T8471] ===================================================== [ 140.301449][ T8471] Disabling lock debugging due to kernel taint [ 140.307613][ T8471] Kernel panic - not syncing: panic_on_warn set ... [ 140.314211][ T8471] CPU: 0 PID: 8471 Comm: syz-executor446 Tainted: G B 5.8.0-rc5-syzkaller #0 [ 140.324258][ T8471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 140.334294][ T8471] Call Trace: [ 140.337594][ T8471] dump_stack+0x21c/0x280 [ 140.341938][ T8471] panic+0x4d7/0xef7 [ 140.345855][ T8471] ? add_taint+0x17c/0x210 [ 140.350283][ T8471] kmsan_report+0x1df/0x1e0 [ 140.354796][ T8471] kmsan_internal_check_memory+0x19d/0x3d0 [ 140.360626][ T8471] kmsan_copy_to_user+0x81/0x90 [ 140.365486][ T8471] _copy_to_user+0x18e/0x260 [ 140.370095][ T8471] vcs_read+0x1c6f/0x2920 [ 140.374461][ T8471] ? vcs_lseek+0x6b0/0x6b0 [ 140.378881][ T8471] vfs_read+0x577/0x14d0 [ 140.383140][ T8471] ? __msan_poison_alloca+0xf0/0x120 [ 140.388431][ T8471] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 140.394246][ T8471] ? kmsan_get_metadata+0x116/0x180 [ 140.399455][ T8471] ksys_read+0x275/0x500 [ 140.403723][ T8471] __se_sys_read+0x92/0xb0 [ 140.408147][ T8471] __x64_sys_read+0x4a/0x70 [ 140.412661][ T8471] do_syscall_64+0xad/0x160 [ 140.417177][ T8471] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 140.423070][ T8471] RIP: 0033:0x4453c9 [ 140.426962][ T8471] Code: Bad RIP value. [ 140.431027][ T8471] RSP: 002b:00007fffa3c8af98 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 140.439444][ T8471] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004453c9 [ 140.447416][ T8471] RDX: 0000000000002020 RSI: 0000000020000100 RDI: 0000000000000003 [ 140.455380][ T8471] RBP: 0000000000022239 R08: 00000000004002e0 R09: 00000000004002e0 [ 140.463333][ T8471] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000402590 [ 140.471334][ T8471] R13: 0000000000402620 R14: 0000000000000000 R15: 0000000000000000 [ 140.480716][ T8471] Kernel Offset: disabled [ 140.485036][ T8471] Rebooting in 86400 seconds..