[ 100.692075] audit: type=1800 audit(1555276769.733:26): pid=10225 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 100.736250] audit: type=1800 audit(1555276769.763:27): pid=10225 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [ 102.061723] sshd (10293) used greatest stack depth: 54128 bytes left [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 102.728549] startpar (10225) used greatest stack depth: 53616 bytes left Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.1.20' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 112.334895] ================================================================== [ 112.342294] BUG: KMSAN: uninit-value in capi_write+0x791/0xa90 [ 112.348252] CPU: 1 PID: 10376 Comm: syz-executor039 Not tainted 5.1.0-rc4+ #1 [ 112.355528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 112.364888] Call Trace: [ 112.367472] dump_stack+0x173/0x1d0 [ 112.371100] kmsan_report+0x131/0x2a0 [ 112.374908] __msan_warning+0x7a/0xf0 [ 112.378702] capi_write+0x791/0xa90 [ 112.382334] ? capi_read+0x720/0x720 [ 112.386040] do_iter_write+0x813/0xdc0 [ 112.389918] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 112.395400] do_writev+0x3f8/0x900 [ 112.399041] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 112.404660] ? prepare_exit_to_usermode+0x114/0x420 [ 112.409670] ? kmsan_get_shadow_origin_ptr+0x73/0x480 [ 112.414848] ? syscall_return_slowpath+0x50/0x650 [ 112.419691] __se_sys_writev+0x9b/0xb0 [ 112.423574] __x64_sys_writev+0x4a/0x70 [ 112.427559] do_syscall_64+0xbc/0xf0 [ 112.431267] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 112.436449] RIP: 0033:0x4401b9 [ 112.439627] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 112.458544] RSP: 002b:00007ffdfec63a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 112.466251] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004401b9 [ 112.473508] RDX: 0000000000000001 RSI: 0000000020000180 RDI: 0000000000000003 [ 112.480760] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8 [ 112.488013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401a40 [ 112.495270] R13: 0000000000401ad0 R14: 0000000000000000 R15: 0000000000000000 [ 112.502541] [ 112.504147] Uninit was created at: [ 112.507674] kmsan_internal_poison_shadow+0x92/0x150 [ 112.512770] kmsan_kmalloc+0xa9/0x130 [ 112.516555] kmsan_slab_alloc+0xe/0x10 [ 112.520440] __kmalloc_node_track_caller+0xead/0x1000 [ 112.525624] __alloc_skb+0x309/0xa20 [ 112.529324] capi_write+0x12f/0xa90 [ 112.532936] do_iter_write+0x813/0xdc0 [ 112.536809] do_writev+0x3f8/0x900 [ 112.540348] __se_sys_writev+0x9b/0xb0 [ 112.544226] __x64_sys_writev+0x4a/0x70 [ 112.548186] do_syscall_64+0xbc/0xf0 [ 112.551895] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 112.557078] ================================================================== [ 112.564419] Disabling lock debugging due to kernel taint [ 112.569853] Kernel panic - not syncing: panic_on_warn set ... [ 112.575735] CPU: 1 PID: 10376 Comm: syz-executor039 Tainted: G B 5.1.0-rc4+ #1 [ 112.584380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 112.593720] Call Trace: [ 112.596302] dump_stack+0x173/0x1d0 [ 112.599923] panic+0x3d1/0xb01 [ 112.603141] kmsan_report+0x29a/0x2a0 [ 112.606944] __msan_warning+0x7a/0xf0 [ 112.610739] capi_write+0x791/0xa90 [ 112.614370] ? capi_read+0x720/0x720 [ 112.618071] do_iter_write+0x813/0xdc0 [ 112.621957] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 112.627450] do_writev+0x3f8/0x900 [ 112.631012] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 112.636460] ? prepare_exit_to_usermode+0x114/0x420 [ 112.641472] ? kmsan_get_shadow_origin_ptr+0x73/0x480 [ 112.646654] ? syscall_return_slowpath+0x50/0x650 [ 112.651494] __se_sys_writev+0x9b/0xb0 [ 112.655379] __x64_sys_writev+0x4a/0x70 [ 112.659342] do_syscall_64+0xbc/0xf0 [ 112.663047] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 112.668260] RIP: 0033:0x4401b9 [ 112.671446] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 112.690370] RSP: 002b:00007ffdfec63a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 112.698082] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004401b9 [ 112.705340] RDX: 0000000000000001 RSI: 0000000020000180 RDI: 0000000000000003 [ 112.712614] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8 [ 112.719871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401a40 [ 112.727148] R13: 0000000000401ad0 R14: 0000000000000000 R15: 0000000000000000 [ 112.735077] Kernel Offset: disabled [ 112.738708] Rebooting in 86400 seconds..