Warning: Permanently added '10.128.0.125' (ECDSA) to the list of known hosts. 2020/07/18 06:04:26 fuzzer started 2020/07/18 06:04:26 dialing manager at 10.128.0.26:41463 2020/07/18 06:04:27 syscalls: 2944 2020/07/18 06:04:27 code coverage: enabled 2020/07/18 06:04:27 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2020/07/18 06:04:27 extra coverage: enabled 2020/07/18 06:04:27 setuid sandbox: enabled 2020/07/18 06:04:27 namespace sandbox: enabled 2020/07/18 06:04:27 Android sandbox: /sys/fs/selinux/policy does not exist 2020/07/18 06:04:27 fault injection: enabled 2020/07/18 06:04:27 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/07/18 06:04:27 net packet injection: enabled 2020/07/18 06:04:27 net device setup: enabled 2020/07/18 06:04:27 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/07/18 06:04:27 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/07/18 06:04:27 USB emulation: /dev/raw-gadget does not exist 06:08:27 executing program 0: r0 = socket(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0xa00000000000000, 0x80, &(0x7f0000000040)=@broute={'broute\x00', 0x20, 0x1, 0x948, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000480], 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000068000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b00000000000000000062726964676530000000000000000000626f6e645f736c6176655f3000000000736974300000000000000000000000007465716c3000000000000000000000000000000000000000000000000180c20000000000000000000000b8080000b8080000e8080000616d6f6e670000000000000000000000000000000000000000000400000000001804000000000000000000000c00000000000000000000000000000000000000000000000000000000000000000000010000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004037118bc35d303796000000000000000000000000000000000000000000000000000000000000000000000000000000000000938d5e0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300020000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000892f9284b45f00000000000000000000000000000000a600000000000000000000000000f9ffffff0000000000000002000000000000000000000000e8ffffffffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000080000000000000000000000000000000000defffffffffffff7000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c5000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000070cc490d0510d30ce90b91aedadb0c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dd00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ed2c14bc1d077b4817d693d02c00000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000037ff1cf2f8e52e0743000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d65992000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000cbcb951a4f0f3300ebb39c00000000000000000000000000000000000000000000000000000000000000000000000000e70000000000053cbf7eee533b17000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fff8000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000002600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ee720000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018000000000000000000000000000000000000000000000000000000000000000000703c50a7bccb7b070000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003800e04771f4c2d1000000000000000000000000000000000000000000000000000000000000008000726564697265637400"/2376]}, 0x9c0) syzkaller login: [ 385.198994][ T8442] IPVS: ftp: loaded support on port[0] = 21 [ 385.452163][ T8442] chnl_net:caif_netlink_parms(): no params data found [ 385.677558][ T8442] bridge0: port 1(bridge_slave_0) entered blocking state [ 385.685520][ T8442] bridge0: port 1(bridge_slave_0) entered disabled state [ 385.694866][ T8442] device bridge_slave_0 entered promiscuous mode [ 385.708728][ T8442] bridge0: port 2(bridge_slave_1) entered blocking state [ 385.716431][ T8442] bridge0: port 2(bridge_slave_1) entered disabled state [ 385.725651][ T8442] device bridge_slave_1 entered promiscuous mode [ 385.774668][ T8442] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 385.790294][ T8442] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 385.840323][ T8442] team0: Port device team_slave_0 added [ 385.852804][ T8442] team0: Port device team_slave_1 added [ 385.906166][ T8442] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 385.913363][ T8442] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 385.940502][ T8442] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 385.955142][ T8442] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 385.962276][ T8442] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 385.989299][ T8442] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 386.129327][ T8442] device hsr_slave_0 entered promiscuous mode [ 386.203833][ T8442] device hsr_slave_1 entered promiscuous mode [ 386.814603][ T8442] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 386.859596][ T8442] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 386.900018][ T8442] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 387.029052][ T8442] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 387.309125][ T8442] 8021q: adding VLAN 0 to HW filter on device bond0 [ 387.348004][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 387.357165][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 387.389295][ T8442] 8021q: adding VLAN 0 to HW filter on device team0 [ 387.417463][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 387.427386][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 387.436948][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 387.444219][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 387.495754][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 387.505596][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 387.515514][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 387.524900][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 387.532173][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 387.541033][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 387.551892][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 387.562562][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 387.573175][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 387.583358][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 387.593916][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 387.613517][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 387.623149][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 387.632773][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 387.656734][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 387.666593][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 387.693489][ T8442] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 387.742321][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 387.749995][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 387.775592][ T8442] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 387.826435][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 387.837076][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 387.886723][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 387.896667][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 387.917588][ T8442] device veth0_vlan entered promiscuous mode [ 387.928402][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 387.938242][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 387.975144][ T8442] device veth1_vlan entered promiscuous mode [ 388.036574][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 388.045984][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 388.055442][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 388.065354][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 388.085170][ T8442] device veth0_macvtap entered promiscuous mode [ 388.101504][ T8442] device veth1_macvtap entered promiscuous mode [ 388.149967][ T8442] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 388.157997][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 388.170988][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 388.180350][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 388.190268][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 388.213303][ T8442] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 388.234396][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 388.244472][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 388.408684][ T8650] ebt_among: src integrity fail: 306 06:08:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="5000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000700000000001000b3"]) [ 388.549818][ T8652] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. 06:08:30 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x77, &(0x7f0000000100)={0x0, 0x0, 0x6}, 0x8) 06:08:31 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x10, 0x80002, 0x0) sendmsg(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="240000001a0007041dfffd946f610500020000e8fe02080100010800080004000400ff7e", 0x24}], 0x1}, 0x0) 06:08:31 executing program 0: r0 = socket$inet(0x2, 0x3, 0x19) connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x12) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x23, &(0x7f0000000000)={{{@in=@multicast2, @in=@multicast1}}, {{@in6}, 0x0, @in6=@loopback}}, 0xe8) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f00000002c0)=ANY=[@ANYBLOB="e0000002ac1414aa0000000002"], 0x18) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='net/mcfilter\x00') preadv(r1, &(0x7f0000000780)=[{&(0x7f00000013c0)=""/4096, 0x1000}], 0x1, 0x2) 06:08:31 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='net/igmp6\x00') bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'wp384\x00'}, 0x58) r2 = accept4$alg(r0, 0x0, 0x0, 0x0) sendfile(r2, r1, 0x0, 0x400) [ 389.287749][ T8674] ===================================================== [ 389.294739][ T8674] BUG: KMSAN: uninit-value in wp512_process_buffer+0x49f9/0x4c90 [ 389.302473][ T8674] CPU: 0 PID: 8674 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 389.311145][ T8674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 389.321212][ T8674] Call Trace: [ 389.324522][ T8674] dump_stack+0x1df/0x240 [ 389.328880][ T8674] kmsan_report+0xf7/0x1e0 [ 389.333315][ T8674] __msan_warning+0x58/0xa0 [ 389.337846][ T8674] wp512_process_buffer+0x49f9/0x4c90 [ 389.343269][ T8674] ? kmsan_task_context_state+0x47/0x90 [ 389.348859][ T8674] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 389.354941][ T8674] ? update_stack_state+0xa18/0xb40 [ 389.360161][ T8674] ? kmsan_task_context_state+0x47/0x90 [ 389.365725][ T8674] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 389.371808][ T8674] ? update_stack_state+0xa18/0xb40 [ 389.377036][ T8674] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 389.383118][ T8674] ? __module_address+0x68/0x600 [ 389.388090][ T8674] ? is_module_text_address+0x4d/0x2a0 [ 389.393578][ T8674] ? __kernel_text_address+0x171/0x2d0 [ 389.399057][ T8674] ? unwind_get_return_address+0x8c/0x130 [ 389.404800][ T8674] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 389.410883][ T8674] ? arch_stack_walk+0x2a2/0x3e0 [ 389.415836][ T8674] ? stack_trace_save+0x1a0/0x1a0 [ 389.420899][ T8674] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 389.426981][ T8674] ? stack_trace_save+0x123/0x1a0 [ 389.432036][ T8674] ? kmsan_internal_chain_origin+0xfa/0x130 [ 389.437945][ T8674] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 389.444024][ T8674] ? kmsan_internal_chain_origin+0xad/0x130 [ 389.449926][ T8674] ? __msan_chain_origin+0x50/0x90 [ 389.455054][ T8674] ? wp512_update+0x74a/0xbe0 [ 389.459736][ T8674] ? crypto_shash_update+0x4e9/0x550 [ 389.465031][ T8674] ? shash_finup_unaligned+0xab/0x160 [ 389.470409][ T8674] ? crypto_shash_finup+0x2b4/0x6b0 [ 389.475613][ T8674] ? shash_digest_unaligned+0x22b/0x260 [ 389.481167][ T8674] ? shash_ahash_digest+0x788/0x8a0 [ 389.486391][ T8674] ? shash_async_digest+0xbb/0x110 [ 389.491528][ T8674] ? crypto_ahash_op+0x1c6/0x6c0 [ 389.496488][ T8674] ? crypto_ahash_digest+0xdc/0x150 [ 389.501700][ T8674] ? hash_sendpage+0x9cc/0xdf0 [ 389.506478][ T8674] ? sock_sendpage+0x1e1/0x2c0 [ 389.511259][ T8674] ? pipe_to_sendpage+0x38c/0x4c0 [ 389.516304][ T8674] ? __splice_from_pipe+0x565/0xf00 [ 389.521521][ T8674] ? generic_splice_sendpage+0x1d5/0x2d0 [ 389.527171][ T8674] ? direct_splice_actor+0x1fd/0x580 [ 389.532484][ T8674] ? splice_direct_to_actor+0x6b2/0xf50 [ 389.538076][ T8674] ? do_splice_direct+0x342/0x580 [ 389.543192][ T8674] ? do_sendfile+0x101b/0x1d40 [ 389.547972][ T8674] ? __se_sys_sendfile64+0x2bb/0x360 [ 389.553271][ T8674] ? __x64_sys_sendfile64+0x56/0x70 [ 389.558485][ T8674] ? do_syscall_64+0xb0/0x150 [ 389.563175][ T8674] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 389.569250][ T8674] ? __msan_get_context_state+0x9/0x20 [ 389.574721][ T8674] ? widen_string+0xba/0x830 [ 389.579324][ T8674] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 389.585529][ T8674] ? kmsan_task_context_state+0x47/0x90 [ 389.591091][ T8674] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 389.597169][ T8674] ? update_stack_state+0xa18/0xb40 [ 389.602390][ T8674] ? kmsan_task_context_state+0x47/0x90 [ 389.607955][ T8674] ? kmsan_get_metadata+0x11d/0x180 [ 389.614135][ T8674] wp512_update+0x5ca/0xbe0 [ 389.618689][ T8674] ? wp512_init+0x110/0x110 [ 389.623208][ T8674] crypto_shash_update+0x4e9/0x550 [ 389.628336][ T8674] ? __kernel_text_address+0x171/0x2d0 [ 389.633844][ T8674] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 389.639923][ T8674] ? arch_stack_walk+0x2a2/0x3e0 [ 389.644880][ T8674] ? stack_trace_save+0x1a0/0x1a0 [ 389.649939][ T8674] shash_finup_unaligned+0xab/0x160 [ 389.655157][ T8674] ? crypto_shash_finup+0x6b0/0x6b0 [ 389.660372][ T8674] crypto_shash_finup+0x2b4/0x6b0 [ 389.665426][ T8674] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 389.671595][ T8674] ? wp512_init+0xc7/0x110 [ 389.676058][ T8674] shash_digest_unaligned+0x22b/0x260 [ 389.681448][ T8674] ? crypto_shash_digest+0x3d0/0x3d0 [ 389.686744][ T8674] shash_ahash_digest+0x788/0x8a0 [ 389.691801][ T8674] shash_async_digest+0xbb/0x110 [ 389.696759][ T8674] crypto_ahash_op+0x1c6/0x6c0 [ 389.701539][ T8674] ? __kmalloc+0x115/0x460 [ 389.705969][ T8674] ? kmsan_get_metadata+0x11d/0x180 [ 389.711176][ T8674] ? kmsan_get_metadata+0x11d/0x180 [ 389.716383][ T8674] ? shash_async_finup+0x110/0x110 [ 389.721504][ T8674] ? shash_async_finup+0x110/0x110 [ 389.726637][ T8674] crypto_ahash_digest+0xdc/0x150 [ 389.731681][ T8674] hash_sendpage+0x9cc/0xdf0 [ 389.736297][ T8674] ? hash_recvmsg+0xd30/0xd30 [ 389.740988][ T8674] sock_sendpage+0x1e1/0x2c0 [ 389.746217][ T8674] pipe_to_sendpage+0x38c/0x4c0 [ 389.751080][ T8674] ? sock_fasync+0x250/0x250 [ 389.755704][ T8674] __splice_from_pipe+0x565/0xf00 [ 389.760758][ T8674] ? generic_splice_sendpage+0x2d0/0x2d0 [ 389.766431][ T8674] generic_splice_sendpage+0x1d5/0x2d0 [ 389.771914][ T8674] ? iter_file_splice_write+0x1800/0x1800 [ 389.777657][ T8674] direct_splice_actor+0x1fd/0x580 [ 389.782815][ T8674] ? kmsan_get_metadata+0x4f/0x180 [ 389.787948][ T8674] splice_direct_to_actor+0x6b2/0xf50 [ 389.793327][ T8674] ? do_splice_direct+0x580/0x580 [ 389.798400][ T8674] do_splice_direct+0x342/0x580 [ 389.803310][ T8674] do_sendfile+0x101b/0x1d40 [ 389.807952][ T8674] __se_sys_sendfile64+0x2bb/0x360 [ 389.813073][ T8674] ? kmsan_get_metadata+0x4f/0x180 [ 389.818224][ T8674] __x64_sys_sendfile64+0x56/0x70 [ 389.823266][ T8674] do_syscall_64+0xb0/0x150 [ 389.827793][ T8674] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 389.833694][ T8674] RIP: 0033:0x45c1d9 [ 389.837583][ T8674] Code: Bad RIP value. [ 389.841656][ T8674] RSP: 002b:00007f10b427fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 389.850074][ T8674] RAX: ffffffffffffffda RBX: 0000000000025a00 RCX: 000000000045c1d9 [ 389.858055][ T8674] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005 [ 389.866030][ T8674] RBP: 000000000078bf48 R08: 0000000000000000 R09: 0000000000000000 [ 389.874004][ T8674] R10: 0000000000000400 R11: 0000000000000246 R12: 000000000078bf0c [ 389.881980][ T8674] R13: 0000000000c9fb6f R14: 00007f10b42809c0 R15: 000000000078bf0c [ 389.889970][ T8674] [ 389.892298][ T8674] Uninit was stored to memory at: [ 389.897337][ T8674] kmsan_internal_chain_origin+0xad/0x130 [ 389.903062][ T8674] __msan_chain_origin+0x50/0x90 [ 389.908007][ T8674] wp512_update+0x74a/0xbe0 [ 389.912546][ T8674] crypto_shash_update+0x4e9/0x550 [ 389.917659][ T8674] shash_finup_unaligned+0xab/0x160 [ 389.922865][ T8674] crypto_shash_finup+0x2b4/0x6b0 [ 389.927894][ T8674] shash_digest_unaligned+0x22b/0x260 [ 389.933269][ T8674] shash_ahash_digest+0x788/0x8a0 [ 389.938297][ T8674] shash_async_digest+0xbb/0x110 [ 389.943239][ T8674] crypto_ahash_op+0x1c6/0x6c0 [ 389.948013][ T8674] crypto_ahash_digest+0xdc/0x150 [ 389.953044][ T8674] hash_sendpage+0x9cc/0xdf0 [ 389.957647][ T8674] sock_sendpage+0x1e1/0x2c0 [ 389.962253][ T8674] pipe_to_sendpage+0x38c/0x4c0 [ 389.967981][ T8674] __splice_from_pipe+0x565/0xf00 [ 389.973011][ T8674] generic_splice_sendpage+0x1d5/0x2d0 [ 389.978483][ T8674] direct_splice_actor+0x1fd/0x580 [ 389.983624][ T8674] splice_direct_to_actor+0x6b2/0xf50 [ 389.989005][ T8674] do_splice_direct+0x342/0x580 [ 389.993867][ T8674] do_sendfile+0x101b/0x1d40 [ 389.998466][ T8674] __se_sys_sendfile64+0x2bb/0x360 [ 390.003583][ T8674] __x64_sys_sendfile64+0x56/0x70 [ 390.008632][ T8674] do_syscall_64+0xb0/0x150 [ 390.013144][ T8674] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 390.019027][ T8674] [ 390.021355][ T8674] Uninit was created at: [ 390.025623][ T8674] kmsan_save_stack_with_flags+0x3c/0x90 [ 390.031259][ T8674] kmsan_alloc_page+0xb9/0x180 [ 390.036025][ T8674] __alloc_pages_nodemask+0x56a2/0x5dc0 [ 390.041573][ T8674] alloc_pages_current+0x672/0x990 [ 390.046690][ T8674] push_pipe+0x605/0xb70 [ 390.050937][ T8674] iov_iter_get_pages_alloc+0x18a9/0x21c0 [ 390.056663][ T8674] do_splice_to+0x4fc/0x14f0 [ 390.061256][ T8674] splice_direct_to_actor+0x45c/0xf50 [ 390.066638][ T8674] do_splice_direct+0x342/0x580 [ 390.071489][ T8674] do_sendfile+0x101b/0x1d40 [ 390.076081][ T8674] __se_sys_sendfile64+0x2bb/0x360 [ 390.081194][ T8674] __x64_sys_sendfile64+0x56/0x70 [ 390.086220][ T8674] do_syscall_64+0xb0/0x150 [ 390.090728][ T8674] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 390.096617][ T8674] ===================================================== [ 390.103540][ T8674] Disabling lock debugging due to kernel taint [ 390.109696][ T8674] Kernel panic - not syncing: panic_on_warn set ... [ 390.116302][ T8674] CPU: 0 PID: 8674 Comm: syz-executor.0 Tainted: G B 5.8.0-rc5-syzkaller #0 [ 390.126268][ T8674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 390.136403][ T8674] Call Trace: [ 390.139708][ T8674] dump_stack+0x1df/0x240 [ 390.144057][ T8674] panic+0x3d5/0xc3e [ 390.147997][ T8674] kmsan_report+0x1df/0x1e0 [ 390.152514][ T8674] __msan_warning+0x58/0xa0 [ 390.157031][ T8674] wp512_process_buffer+0x49f9/0x4c90 [ 390.162457][ T8674] ? kmsan_task_context_state+0x47/0x90 [ 390.168011][ T8674] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 390.174078][ T8674] ? update_stack_state+0xa18/0xb40 [ 390.179333][ T8674] ? kmsan_task_context_state+0x47/0x90 [ 390.184889][ T8674] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 390.190956][ T8674] ? update_stack_state+0xa18/0xb40 [ 390.196168][ T8674] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 390.202239][ T8674] ? __module_address+0x68/0x600 [ 390.207198][ T8674] ? is_module_text_address+0x4d/0x2a0 [ 390.212675][ T8674] ? __kernel_text_address+0x171/0x2d0 [ 390.218146][ T8674] ? unwind_get_return_address+0x8c/0x130 [ 390.223896][ T8674] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 390.229965][ T8674] ? arch_stack_walk+0x2a2/0x3e0 [ 390.234908][ T8674] ? stack_trace_save+0x1a0/0x1a0 [ 390.239958][ T8674] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 390.246031][ T8674] ? stack_trace_save+0x123/0x1a0 [ 390.251072][ T8674] ? kmsan_internal_chain_origin+0xfa/0x130 [ 390.256972][ T8674] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 390.263043][ T8674] ? kmsan_internal_chain_origin+0xad/0x130 [ 390.268937][ T8674] ? __msan_chain_origin+0x50/0x90 [ 390.274055][ T8674] ? wp512_update+0x74a/0xbe0 [ 390.278731][ T8674] ? crypto_shash_update+0x4e9/0x550 [ 390.284032][ T8674] ? shash_finup_unaligned+0xab/0x160 [ 390.289403][ T8674] ? crypto_shash_finup+0x2b4/0x6b0 [ 390.294602][ T8674] ? shash_digest_unaligned+0x22b/0x260 [ 390.300154][ T8674] ? shash_ahash_digest+0x788/0x8a0 [ 390.305353][ T8674] ? shash_async_digest+0xbb/0x110 [ 390.310490][ T8674] ? crypto_ahash_op+0x1c6/0x6c0 [ 390.315430][ T8674] ? crypto_ahash_digest+0xdc/0x150 [ 390.320633][ T8674] ? hash_sendpage+0x9cc/0xdf0 [ 390.325402][ T8674] ? sock_sendpage+0x1e1/0x2c0 [ 390.330166][ T8674] ? pipe_to_sendpage+0x38c/0x4c0 [ 390.335201][ T8674] ? __splice_from_pipe+0x565/0xf00 [ 390.340402][ T8674] ? generic_splice_sendpage+0x1d5/0x2d0 [ 390.346038][ T8674] ? direct_splice_actor+0x1fd/0x580 [ 390.351326][ T8674] ? splice_direct_to_actor+0x6b2/0xf50 [ 390.356875][ T8674] ? do_splice_direct+0x342/0x580 [ 390.361901][ T8674] ? do_sendfile+0x101b/0x1d40 [ 390.366682][ T8674] ? __se_sys_sendfile64+0x2bb/0x360 [ 390.371971][ T8674] ? __x64_sys_sendfile64+0x56/0x70 [ 390.377174][ T8674] ? do_syscall_64+0xb0/0x150 [ 390.381857][ T8674] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 390.387925][ T8674] ? __msan_get_context_state+0x9/0x20 [ 390.393389][ T8674] ? widen_string+0xba/0x830 [ 390.397986][ T8674] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 390.404153][ T8674] ? kmsan_task_context_state+0x47/0x90 [ 390.409713][ T8674] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 390.415781][ T8674] ? update_stack_state+0xa18/0xb40 [ 390.420996][ T8674] ? kmsan_task_context_state+0x47/0x90 [ 390.426544][ T8674] ? kmsan_get_metadata+0x11d/0x180 [ 390.431761][ T8674] wp512_update+0x5ca/0xbe0 [ 390.436302][ T8674] ? wp512_init+0x110/0x110 [ 390.440813][ T8674] crypto_shash_update+0x4e9/0x550 [ 390.445950][ T8674] ? __kernel_text_address+0x171/0x2d0 [ 390.451432][ T8674] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 390.457504][ T8674] ? arch_stack_walk+0x2a2/0x3e0 [ 390.462448][ T8674] ? stack_trace_save+0x1a0/0x1a0 [ 390.467487][ T8674] shash_finup_unaligned+0xab/0x160 [ 390.472695][ T8674] ? crypto_shash_finup+0x6b0/0x6b0 [ 390.477896][ T8674] crypto_shash_finup+0x2b4/0x6b0 [ 390.482949][ T8674] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 390.489029][ T8674] ? wp512_init+0xc7/0x110 [ 390.493451][ T8674] shash_digest_unaligned+0x22b/0x260 [ 390.498836][ T8674] ? crypto_shash_digest+0x3d0/0x3d0 [ 390.504127][ T8674] shash_ahash_digest+0x788/0x8a0 [ 390.509182][ T8674] shash_async_digest+0xbb/0x110 [ 390.514130][ T8674] crypto_ahash_op+0x1c6/0x6c0 [ 390.518929][ T8674] ? __kmalloc+0x115/0x460 [ 390.523366][ T8674] ? kmsan_get_metadata+0x11d/0x180 [ 390.528568][ T8674] ? kmsan_get_metadata+0x11d/0x180 [ 390.533768][ T8674] ? shash_async_finup+0x110/0x110 [ 390.538892][ T8674] ? shash_async_finup+0x110/0x110 [ 390.544023][ T8674] crypto_ahash_digest+0xdc/0x150 [ 390.549066][ T8674] hash_sendpage+0x9cc/0xdf0 [ 390.553689][ T8674] ? hash_recvmsg+0xd30/0xd30 [ 390.558379][ T8674] sock_sendpage+0x1e1/0x2c0 [ 390.562995][ T8674] pipe_to_sendpage+0x38c/0x4c0 [ 390.567851][ T8674] ? sock_fasync+0x250/0x250 [ 390.572468][ T8674] __splice_from_pipe+0x565/0xf00 [ 390.577527][ T8674] ? generic_splice_sendpage+0x2d0/0x2d0 [ 390.583197][ T8674] generic_splice_sendpage+0x1d5/0x2d0 [ 390.588684][ T8674] ? iter_file_splice_write+0x1800/0x1800 [ 390.594414][ T8674] direct_splice_actor+0x1fd/0x580 [ 390.599556][ T8674] ? kmsan_get_metadata+0x4f/0x180 [ 390.604683][ T8674] splice_direct_to_actor+0x6b2/0xf50 [ 390.610061][ T8674] ? do_splice_direct+0x580/0x580 [ 390.615141][ T8674] do_splice_direct+0x342/0x580 [ 390.620027][ T8674] do_sendfile+0x101b/0x1d40 [ 390.624668][ T8674] __se_sys_sendfile64+0x2bb/0x360 [ 390.629794][ T8674] ? kmsan_get_metadata+0x4f/0x180 [ 390.634930][ T8674] __x64_sys_sendfile64+0x56/0x70 [ 390.639970][ T8674] do_syscall_64+0xb0/0x150 [ 390.644510][ T8674] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 390.650400][ T8674] RIP: 0033:0x45c1d9 [ 390.654289][ T8674] Code: Bad RIP value. [ 390.658356][ T8674] RSP: 002b:00007f10b427fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 390.666771][ T8674] RAX: ffffffffffffffda RBX: 0000000000025a00 RCX: 000000000045c1d9 [ 390.674745][ T8674] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005 [ 390.682718][ T8674] RBP: 000000000078bf48 R08: 0000000000000000 R09: 0000000000000000 [ 390.690691][ T8674] R10: 0000000000000400 R11: 0000000000000246 R12: 000000000078bf0c [ 390.698676][ T8674] R13: 0000000000c9fb6f R14: 00007f10b42809c0 R15: 000000000078bf0c [ 390.707695][ T8674] Kernel Offset: 0x3e00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 390.719240][ T8674] Rebooting in 86400 seconds..