[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 107.413146][ T32] audit: type=1800 audit(1582149645.481:25): pid=11324 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 107.437010][ T32] audit: type=1800 audit(1582149645.501:26): pid=11324 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 107.476221][ T32] audit: type=1800 audit(1582149645.521:27): pid=11324 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.34' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 121.620935][T11474] ===================================================== [ 121.628147][T11474] BUG: KMSAN: kernel-infoleak in kmsan_copy_to_user+0x81/0x90 [ 121.636050][T11474] CPU: 1 PID: 11474 Comm: syz-executor301 Not tainted 5.6.0-rc2-syzkaller #0 [ 121.644922][T11474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 121.655061][T11474] Call Trace: [ 121.658527][T11474] dump_stack+0x1c9/0x220 [ 121.662858][T11474] kmsan_report+0xf7/0x1e0 [ 121.667276][T11474] kmsan_internal_check_memory+0x238/0x3d0 [ 121.673078][T11474] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 121.679239][T11474] kmsan_copy_to_user+0x81/0x90 [ 121.684246][T11474] _copy_to_user+0x15a/0x1f0 [ 121.688965][T11474] video_usercopy+0x248c/0x2b50 [ 121.693925][T11474] ? __msan_metadata_ptr_for_load_2+0x10/0x20 [ 121.700064][T11474] ? do_vfs_ioctl+0x10cc/0x30c0 [ 121.704912][T11474] video_ioctl2+0x9f/0xb0 [ 121.709339][T11474] ? video_usercopy+0x2b50/0x2b50 [ 121.714487][T11474] v4l2_ioctl+0x23f/0x270 [ 121.718819][T11474] ? v4l2_poll+0x400/0x400 [ 121.723392][T11474] __se_sys_ioctl+0x2e9/0x410 [ 121.728198][T11474] __x64_sys_ioctl+0x4a/0x70 [ 121.732978][T11474] do_syscall_64+0xb8/0x160 [ 121.737606][T11474] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 121.743717][T11474] RIP: 0033:0x440289 [ 121.747651][T11474] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 121.767375][T11474] RSP: 002b:00007ffe00ee4fc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 121.775786][T11474] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440289 [ 121.783761][T11474] RDX: 00000000200000c0 RSI: 00000000c050560f RDI: 0000000000000003 [ 121.792024][T11474] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8 [ 121.799991][T11474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401b10 [ 121.808143][T11474] R13: 0000000000401ba0 R14: 0000000000000000 R15: 0000000000000000 [ 121.816453][T11474] [ 121.818771][T11474] Local variable ----vb32.i@video_usercopy created at: [ 121.825869][T11474] video_usercopy+0x20bf/0x2b50 [ 121.830711][T11474] video_usercopy+0x20bf/0x2b50 [ 121.835630][T11474] [ 121.837949][T11474] Bytes 52-55 of 80 are uninitialized [ 121.843374][T11474] Memory access of size 80 starts at ffffa88f81563ce0 [ 121.850242][T11474] Data copied to user address 00000000200000c0 [ 121.856381][T11474] ===================================================== [ 121.863455][T11474] Disabling lock debugging due to kernel taint [ 121.869603][T11474] Kernel panic - not syncing: panic_on_warn set ... [ 121.876193][T11474] CPU: 1 PID: 11474 Comm: syz-executor301 Tainted: G B 5.6.0-rc2-syzkaller #0 [ 121.886536][T11474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 121.896844][T11474] Call Trace: [ 121.900184][T11474] dump_stack+0x1c9/0x220 [ 121.904515][T11474] panic+0x3d5/0xc3e [ 121.908417][T11474] kmsan_report+0x1df/0x1e0 [ 121.913049][T11474] kmsan_internal_check_memory+0x238/0x3d0 [ 121.918857][T11474] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 121.925016][T11474] kmsan_copy_to_user+0x81/0x90 [ 121.930092][T11474] _copy_to_user+0x15a/0x1f0 [ 121.934774][T11474] video_usercopy+0x248c/0x2b50 [ 121.939835][T11474] ? __msan_metadata_ptr_for_load_2+0x10/0x20 [ 121.946017][T11474] ? do_vfs_ioctl+0x10cc/0x30c0 [ 121.950867][T11474] video_ioctl2+0x9f/0xb0 [ 121.955204][T11474] ? video_usercopy+0x2b50/0x2b50 [ 121.960220][T11474] v4l2_ioctl+0x23f/0x270 [ 121.964572][T11474] ? v4l2_poll+0x400/0x400 [ 121.968983][T11474] __se_sys_ioctl+0x2e9/0x410 [ 121.973669][T11474] __x64_sys_ioctl+0x4a/0x70 [ 121.978258][T11474] do_syscall_64+0xb8/0x160 [ 121.982758][T11474] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 121.988645][T11474] RIP: 0033:0x440289 [ 121.992532][T11474] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 122.012502][T11474] RSP: 002b:00007ffe00ee4fc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 122.021038][T11474] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440289 [ 122.029015][T11474] RDX: 00000000200000c0 RSI: 00000000c050560f RDI: 0000000000000003 [ 122.036985][T11474] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8 [ 122.045194][T11474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401b10 [ 122.053161][T11474] R13: 0000000000401ba0 R14: 0000000000000000 R15: 0000000000000000 [ 122.062929][T11474] Kernel Offset: 0x23000000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 122.074867][T11474] Rebooting in 86400 seconds..