[ OK ] Started OpenBSD Secure Shell server. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.233' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 113.229947][ T8476] ===================================================== [ 113.236927][ T8476] BUG: KMSAN: uninit-value in sm3_generic_block_fn+0x1221/0x1580 [ 113.244619][ T8476] CPU: 1 PID: 8476 Comm: syz-executor508 Not tainted 5.8.0-rc5-syzkaller #0 [ 113.253262][ T8476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 113.263299][ T8476] Call Trace: [ 113.266587][ T8476] dump_stack+0x1df/0x240 [ 113.270895][ T8476] kmsan_report+0xf7/0x1e0 [ 113.275289][ T8476] __msan_warning+0x58/0xa0 [ 113.279770][ T8476] sm3_generic_block_fn+0x1221/0x1580 [ 113.285117][ T8476] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 113.291160][ T8476] ? kmsan_get_metadata+0x4f/0x180 [ 113.296246][ T8476] ? kmsan_task_context_state+0x47/0x90 [ 113.301890][ T8476] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 113.307933][ T8476] ? update_stack_state+0xa18/0xb40 [ 113.313107][ T8476] ? kmsan_task_context_state+0x47/0x90 [ 113.318634][ T8476] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 113.324690][ T8476] ? __module_address+0x68/0x600 [ 113.329633][ T8476] ? is_module_text_address+0x4d/0x2a0 [ 113.335089][ T8476] ? __kernel_text_address+0x171/0x2d0 [ 113.340524][ T8476] ? unwind_get_return_address+0x8c/0x130 [ 113.346223][ T8476] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 113.352263][ T8476] ? arch_stack_walk+0x2a2/0x3e0 [ 113.357196][ T8476] ? kmsan_get_metadata+0x11d/0x180 [ 113.362371][ T8476] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 113.368153][ T8476] crypto_sm3_finup+0x456/0x4d0 [ 113.372993][ T8476] ? sm3_generic_block_fn+0x1580/0x1580 [ 113.378512][ T8476] crypto_shash_finup+0x2b4/0x6b0 [ 113.383514][ T8476] ? hash_sendpage+0x48c/0xdf0 [ 113.388376][ T8476] ? sock_sendpage+0x1e1/0x2c0 [ 113.393124][ T8476] ? kmsan_get_metadata+0x11d/0x180 [ 113.398402][ T8476] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 113.404438][ T8476] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 113.410571][ T8476] ? sm3_base_init+0x158/0x210 [ 113.415323][ T8476] shash_digest_unaligned+0x22b/0x260 [ 113.420678][ T8476] ? crypto_shash_digest+0x3d0/0x3d0 [ 113.425946][ T8476] shash_ahash_digest+0x788/0x8a0 [ 113.431060][ T8476] shash_async_digest+0xbb/0x110 [ 113.435981][ T8476] crypto_ahash_op+0x1c6/0x6c0 [ 113.440722][ T8476] ? __kmalloc+0x115/0x460 [ 113.445114][ T8476] ? kmsan_get_metadata+0x11d/0x180 [ 113.450285][ T8476] ? kmsan_get_metadata+0x11d/0x180 [ 113.455456][ T8476] ? shash_async_finup+0x110/0x110 [ 113.460543][ T8476] ? shash_async_finup+0x110/0x110 [ 113.465635][ T8476] crypto_ahash_digest+0xdc/0x150 [ 113.470637][ T8476] hash_sendpage+0x9cc/0xdf0 [ 113.475206][ T8476] ? hash_recvmsg+0xd30/0xd30 [ 113.479866][ T8476] sock_sendpage+0x1e1/0x2c0 [ 113.484453][ T8476] pipe_to_sendpage+0x38c/0x4c0 [ 113.489280][ T8476] ? sock_fasync+0x250/0x250 [ 113.493860][ T8476] __splice_from_pipe+0x565/0xf00 [ 113.498877][ T8476] ? generic_splice_sendpage+0x2d0/0x2d0 [ 113.504497][ T8476] generic_splice_sendpage+0x1d5/0x2d0 [ 113.509940][ T8476] ? iter_file_splice_write+0x1800/0x1800 [ 113.515637][ T8476] direct_splice_actor+0x1fd/0x580 [ 113.520727][ T8476] ? kmsan_get_metadata+0x4f/0x180 [ 113.525819][ T8476] splice_direct_to_actor+0x6b2/0xf50 [ 113.531164][ T8476] ? do_splice_direct+0x580/0x580 [ 113.536174][ T8476] do_splice_direct+0x342/0x580 [ 113.541019][ T8476] do_sendfile+0x101b/0x1d40 [ 113.545594][ T8476] __se_sys_sendfile64+0x2bb/0x360 [ 113.550678][ T8476] ? kmsan_get_metadata+0x4f/0x180 [ 113.555766][ T8476] __x64_sys_sendfile64+0x56/0x70 [ 113.560766][ T8476] do_syscall_64+0xb0/0x150 [ 113.565248][ T8476] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 113.571146][ T8476] RIP: 0033:0x4403c9 [ 113.575010][ T8476] Code: Bad RIP value. [ 113.579050][ T8476] RSP: 002b:00007fffe23fa8c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 113.587433][ T8476] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004403c9 [ 113.595379][ T8476] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005 [ 113.603360][ T8476] RBP: 00000000006ca018 R08: 65732f636f72702f R09: 65732f636f72702f [ 113.611305][ T8476] R10: 0000000000000a3d R11: 0000000000000246 R12: 0000000000401c30 [ 113.619252][ T8476] R13: 0000000000401cc0 R14: 0000000000000000 R15: 0000000000000000 [ 113.627202][ T8476] [ 113.629504][ T8476] Uninit was created at: [ 113.633829][ T8476] kmsan_save_stack_with_flags+0x3c/0x90 [ 113.639438][ T8476] kmsan_alloc_page+0xb9/0x180 [ 113.644179][ T8476] __alloc_pages_nodemask+0x56a2/0x5dc0 [ 113.649700][ T8476] alloc_pages_current+0x672/0x990 [ 113.654928][ T8476] push_pipe+0x605/0xb70 [ 113.659147][ T8476] iov_iter_get_pages_alloc+0x18a9/0x21c0 [ 113.664848][ T8476] do_splice_to+0x4fc/0x14f0 [ 113.669413][ T8476] splice_direct_to_actor+0x45c/0xf50 [ 113.674758][ T8476] do_splice_direct+0x342/0x580 [ 113.679649][ T8476] do_sendfile+0x101b/0x1d40 [ 113.684212][ T8476] __se_sys_sendfile64+0x2bb/0x360 [ 113.689297][ T8476] __x64_sys_sendfile64+0x56/0x70 [ 113.694300][ T8476] do_syscall_64+0xb0/0x150 [ 113.698777][ T8476] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 113.704636][ T8476] ===================================================== [ 113.711537][ T8476] Disabling lock debugging due to kernel taint [ 113.717663][ T8476] Kernel panic - not syncing: panic_on_warn set ... [ 113.724313][ T8476] CPU: 1 PID: 8476 Comm: syz-executor508 Tainted: G B 5.8.0-rc5-syzkaller #0 [ 113.734342][ T8476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 113.744386][ T8476] Call Trace: [ 113.747656][ T8476] dump_stack+0x1df/0x240 [ 113.751968][ T8476] panic+0x3d5/0xc3e [ 113.755887][ T8476] kmsan_report+0x1df/0x1e0 [ 113.760386][ T8476] __msan_warning+0x58/0xa0 [ 113.764903][ T8476] sm3_generic_block_fn+0x1221/0x1580 [ 113.770252][ T8476] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 113.776292][ T8476] ? kmsan_get_metadata+0x4f/0x180 [ 113.781379][ T8476] ? kmsan_task_context_state+0x47/0x90 [ 113.786899][ T8476] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 113.792939][ T8476] ? update_stack_state+0xa18/0xb40 [ 113.798132][ T8476] ? kmsan_task_context_state+0x47/0x90 [ 113.803660][ T8476] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 113.809702][ T8476] ? __module_address+0x68/0x600 [ 113.814707][ T8476] ? is_module_text_address+0x4d/0x2a0 [ 113.820145][ T8476] ? __kernel_text_address+0x171/0x2d0 [ 113.825606][ T8476] ? unwind_get_return_address+0x8c/0x130 [ 113.831518][ T8476] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 113.837563][ T8476] ? arch_stack_walk+0x2a2/0x3e0 [ 113.842477][ T8476] ? kmsan_get_metadata+0x11d/0x180 [ 113.847652][ T8476] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 113.853442][ T8476] crypto_sm3_finup+0x456/0x4d0 [ 113.858278][ T8476] ? sm3_generic_block_fn+0x1580/0x1580 [ 113.863802][ T8476] crypto_shash_finup+0x2b4/0x6b0 [ 113.868807][ T8476] ? hash_sendpage+0x48c/0xdf0 [ 113.873766][ T8476] ? sock_sendpage+0x1e1/0x2c0 [ 113.878615][ T8476] ? kmsan_get_metadata+0x11d/0x180 [ 113.883795][ T8476] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 113.889583][ T8476] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 113.895715][ T8476] ? sm3_base_init+0x158/0x210 [ 113.900481][ T8476] shash_digest_unaligned+0x22b/0x260 [ 113.905840][ T8476] ? crypto_shash_digest+0x3d0/0x3d0 [ 113.911101][ T8476] shash_ahash_digest+0x788/0x8a0 [ 113.916120][ T8476] shash_async_digest+0xbb/0x110 [ 113.921035][ T8476] crypto_ahash_op+0x1c6/0x6c0 [ 113.925773][ T8476] ? __kmalloc+0x115/0x460 [ 113.930170][ T8476] ? kmsan_get_metadata+0x11d/0x180 [ 113.935464][ T8476] ? kmsan_get_metadata+0x11d/0x180 [ 113.940635][ T8476] ? shash_async_finup+0x110/0x110 [ 113.945727][ T8476] ? shash_async_finup+0x110/0x110 [ 113.950813][ T8476] crypto_ahash_digest+0xdc/0x150 [ 113.955829][ T8476] hash_sendpage+0x9cc/0xdf0 [ 113.960400][ T8476] ? hash_recvmsg+0xd30/0xd30 [ 113.965067][ T8476] sock_sendpage+0x1e1/0x2c0 [ 113.969654][ T8476] pipe_to_sendpage+0x38c/0x4c0 [ 113.974499][ T8476] ? sock_fasync+0x250/0x250 [ 113.979073][ T8476] __splice_from_pipe+0x565/0xf00 [ 113.984075][ T8476] ? generic_splice_sendpage+0x2d0/0x2d0 [ 113.989706][ T8476] generic_splice_sendpage+0x1d5/0x2d0 [ 113.995158][ T8476] ? iter_file_splice_write+0x1800/0x1800 [ 114.000866][ T8476] direct_splice_actor+0x1fd/0x580 [ 114.005974][ T8476] ? kmsan_get_metadata+0x4f/0x180 [ 114.011068][ T8476] splice_direct_to_actor+0x6b2/0xf50 [ 114.016430][ T8476] ? do_splice_direct+0x580/0x580 [ 114.021440][ T8476] do_splice_direct+0x342/0x580 [ 114.026275][ T8476] do_sendfile+0x101b/0x1d40 [ 114.030889][ T8476] __se_sys_sendfile64+0x2bb/0x360 [ 114.035978][ T8476] ? kmsan_get_metadata+0x4f/0x180 [ 114.041066][ T8476] __x64_sys_sendfile64+0x56/0x70 [ 114.046079][ T8476] do_syscall_64+0xb0/0x150 [ 114.050584][ T8476] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 114.056462][ T8476] RIP: 0033:0x4403c9 [ 114.060331][ T8476] Code: Bad RIP value. [ 114.064379][ T8476] RSP: 002b:00007fffe23fa8c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 114.072770][ T8476] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004403c9 [ 114.080719][ T8476] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005 [ 114.088669][ T8476] RBP: 00000000006ca018 R08: 65732f636f72702f R09: 65732f636f72702f [ 114.096618][ T8476] R10: 0000000000000a3d R11: 0000000000000246 R12: 0000000000401c30 [ 114.104567][ T8476] R13: 0000000000401cc0 R14: 0000000000000000 R15: 0000000000000000 [ 114.113789][ T8476] Kernel Offset: 0xd600000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 114.125337][ T8476] Rebooting in 86400 seconds..