[?25l[?1c7[ ok 8[?25h[?0c. [ 55.186129] audit: type=1800 audit(1539514098.241:25): pid=5974 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 55.205254] audit: type=1800 audit(1539514098.241:26): pid=5974 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 55.224828] audit: type=1800 audit(1539514098.271:27): pid=5974 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.74' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 66.775505] ================================================================== [ 66.782921] BUG: KMSAN: kernel-infoleak in _copy_to_iter+0x471/0x2640 [ 66.789501] CPU: 0 PID: 6126 Comm: syz-executor340 Not tainted 4.19.0-rc7+ #69 [ 66.796846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 66.806190] Call Trace: [ 66.808778] dump_stack+0x306/0x460 [ 66.812402] ? _copy_to_iter+0x471/0x2640 [ 66.816564] kmsan_report+0x1a2/0x2e0 [ 66.820365] kmsan_internal_check_memory+0x374/0x460 [ 66.825498] kmsan_copy_to_user+0x89/0xe0 [ 66.829648] _copy_to_iter+0x471/0x2640 [ 66.833658] skb_copy_datagram_iter+0x4c3/0x1040 [ 66.838410] ? tipc_sk_anc_data_recv+0x79/0x820 [ 66.843078] ? tipc_recvmsg+0xbf9/0x1c20 [ 66.847153] tipc_recvmsg+0xd12/0x1c20 [ 66.851059] ? tipc_send_packet+0x1a0/0x1a0 [ 66.855379] sock_read_iter+0x45a/0x4e0 [ 66.859368] ? kernel_sock_ip_overhead+0x340/0x340 [ 66.864290] __vfs_read+0x874/0xb00 [ 66.867933] vfs_read+0x36f/0x6a0 [ 66.871394] __se_sys_read+0x183/0x370 [ 66.875289] __x64_sys_read+0x4a/0x70 [ 66.879086] do_syscall_64+0xbe/0x100 [ 66.882888] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 66.888102] RIP: 0033:0x445629 [ 66.891288] Code: e8 6c b6 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b 12 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 66.910196] RSP: 002b:00007fb1d321cdb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 66.917898] RAX: ffffffffffffffda RBX: 00000000006dac28 RCX: 0000000000445629 [ 66.925157] RDX: 00000000000000f7 RSI: 00000000200000c0 RDI: 0000000000000003 [ 66.932416] RBP: 00000000006dac20 R08: 0000000000000000 R09: 0000000000000000 [ 66.939701] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dac2c [ 66.946962] R13: 00007fff668b970f R14: 00007fb1d321d9c0 R15: 00000000006dad2c [ 66.954236] [ 66.955846] Uninit was stored to memory at: [ 66.960160] kmsan_internal_chain_origin+0x136/0x240 [ 66.965272] kmsan_memcpy_origins+0x13d/0x1b0 [ 66.969763] __msan_memcpy+0xcf/0x150 [ 66.973558] tipc_group_create_event+0x672/0xb90 [ 66.978303] tipc_group_proto_rcv+0x26a5/0x38f0 [ 66.982962] tipc_sk_filter_rcv+0x2948/0x3a40 [ 66.987454] tipc_sk_rcv+0xcbe/0x2b10 [ 66.991243] tipc_node_xmit+0x2f1/0xa00 [ 66.995209] tipc_node_distr_xmit+0x40d/0x680 [ 66.999696] tipc_sk_rcv+0x1e52/0x2b10 [ 67.003576] tipc_conn_send_work+0x82e/0xe20 [ 67.007981] process_one_work+0x19c4/0x24f0 [ 67.012297] worker_thread+0x206d/0x2b30 [ 67.016346] kthread+0x59c/0x5d0 [ 67.019705] ret_from_fork+0x35/0x40 [ 67.023404] [ 67.025043] Local variable description: ----evt.sroa.11@tipc_group_create_event [ 67.032471] Variable was created at: [ 67.036179] tipc_group_create_event+0xbf/0xb90 [ 67.040838] tipc_group_proto_rcv+0x26a5/0x38f0 [ 67.045497] [ 67.047132] Bytes 32-47 of 48 are uninitialized [ 67.051787] Memory access of size 48 starts at ffff8801beafd0bc [ 67.057826] ================================================================== [ 67.065184] Disabling lock debugging due to kernel taint [ 67.070620] Kernel panic - not syncing: panic_on_warn set ... [ 67.070620] [ 67.077982] CPU: 0 PID: 6126 Comm: syz-executor340 Tainted: G B 4.19.0-rc7+ #69 [ 67.086720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.096061] Call Trace: [ 67.098646] dump_stack+0x306/0x460 [ 67.102302] panic+0x54c/0xafa [ 67.105524] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 67.110971] kmsan_report+0x2d3/0x2e0 [ 67.114777] kmsan_internal_check_memory+0x374/0x460 [ 67.119895] kmsan_copy_to_user+0x89/0xe0 [ 67.124043] _copy_to_iter+0x471/0x2640 [ 67.128047] skb_copy_datagram_iter+0x4c3/0x1040 [ 67.132801] ? tipc_sk_anc_data_recv+0x79/0x820 [ 67.137499] ? tipc_recvmsg+0xbf9/0x1c20 [ 67.141597] tipc_recvmsg+0xd12/0x1c20 [ 67.145540] ? tipc_send_packet+0x1a0/0x1a0 [ 67.149872] sock_read_iter+0x45a/0x4e0 [ 67.153863] ? kernel_sock_ip_overhead+0x340/0x340 [ 67.158784] __vfs_read+0x874/0xb00 [ 67.162439] vfs_read+0x36f/0x6a0 [ 67.165904] __se_sys_read+0x183/0x370 [ 67.169977] __x64_sys_read+0x4a/0x70 [ 67.173778] do_syscall_64+0xbe/0x100 [ 67.177579] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 67.182775] RIP: 0033:0x445629 [ 67.185972] Code: e8 6c b6 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b 12 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 67.204871] RSP: 002b:00007fb1d321cdb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 67.212574] RAX: ffffffffffffffda RBX: 00000000006dac28 RCX: 0000000000445629 [ 67.219834] RDX: 00000000000000f7 RSI: 00000000200000c0 RDI: 0000000000000003 [ 67.227092] RBP: 00000000006dac20 R08: 0000000000000000 R09: 0000000000000000 [ 67.234364] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dac2c [ 67.241636] R13: 00007fff668b970f R14: 00007fb1d321d9c0 R15: 00000000006dad2c [ 67.249824] Kernel Offset: disabled [ 67.253466] Rebooting in 86400 seconds..