[ OK ] Started OpenBSD Secure Shell server. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.138' (ECDSA) to the list of known hosts. 2020/07/22 03:29:51 fuzzer started 2020/07/22 03:29:52 dialing manager at 10.128.0.26:37513 2020/07/22 03:29:52 syscalls: 2969 2020/07/22 03:29:52 code coverage: enabled 2020/07/22 03:29:52 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2020/07/22 03:29:52 extra coverage: enabled 2020/07/22 03:29:52 setuid sandbox: enabled 2020/07/22 03:29:52 namespace sandbox: enabled 2020/07/22 03:29:52 Android sandbox: /sys/fs/selinux/policy does not exist 2020/07/22 03:29:52 fault injection: enabled 2020/07/22 03:29:52 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/07/22 03:29:52 net packet injection: enabled 2020/07/22 03:29:52 net device setup: enabled 2020/07/22 03:29:52 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/07/22 03:29:52 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/07/22 03:29:52 USB emulation: /dev/raw-gadget does not exist 03:33:07 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf2827f0000431ca711fcd0cdfa146ec56175037958e271f60d25b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc3d5d78c07f34e4d5b318e2ec0efd49897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a2d7cbdb9cd38bdb2caa0a777c8c9bddf3f66ea048b8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2239cb132b8667c21476619f28d9961b63e1a9cf6c2a660a17e3c184b751c51160fbcbbf35b1e7be6148ba532e6c346dfebd31a08b32808b80200000000000000334d83239dd27080e71113610e10d858e8327ef01fb6c86adac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0182babc18cae2ed4b4390af9a9ceafd07ed00b0000002cab154ad029a119ca3c97278087001460f7cf5ef5ecdd65ede8d799018fc043a6560fc12c26694dc05f3ee22feea1834ddbda7f4226a1f280b75d279afeabe0839c50851ffded7714dc486acf373a8268f99d0bd888a06070de197afe04811865d22fc9b20313c1a3f0cfca02cf3fad3ec124d0f0843b804a4051e282b89c7f6f6647c5faf864b1c7f43748e5a54367bfbca875a3523edaece4c8e95d548fcf3d3e00ee8080c307acfb54fb01d2981499651bc2a3df822179fd3c27655c2557d2f58f1c2b3b0b96d65ea161ac967d123d18925d2bf499010092e64850ada201d7d3c9d2e1a21d9f4fe61bbfef6030959a53f5010ab906a9c23f0845e5b2d2ed565b67c9d30677d8faf793c5ca6563edecbfaccbf11ee8b5f7c2d592ef89cd42f6fec52ececfc1d60bb49b5565a6d8396307ab0a3fb6920da10d8675739cf54e02b90fed8e988a8907847b80a1d05c231cb3b59ce44c9c5043f2a412cb1459a1111a04853f62882d2a79150c3889993f029654a4b93b9c10eb6441b7665d4587ffcb638ae934aa152c6b858c50a9743a80b96033deb108c8b3457e55fff1f285c8f5b928a8e26b6312d733cd70aa642ea8fce7d044c35d5c03eaca1c0676eeb62f1f00001dd67460cd276f4f83ae5ff78f008647d88a033bae6b800ccad650568164fcf02007e84387c63a0085ab55bc0f343580f1c8059a716e70734e46285ad94171c2c3b56b507d8a6eafada7eaff41f63634b8b2436cb2fb807987d1093807383dab84ab28461085d67ac5940e3f3bfe39bb5e4b27360c"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2b, 0xfffffffffffffe7f, &(0x7f0000000500)="b9ff0300600d698cb89e14f008001fffffff1d004000636c77fbac14140de934a0a662079f4b4d2f87e5feca6aab845013f2325f1a39010108038da1924425181aa5", 0x0, 0x100, 0x60000000, 0x0, 0xfffffffffffffe09}, 0x28) syzkaller login: [ 278.612380][ T8500] IPVS: ftp: loaded support on port[0] = 21 [ 278.823399][ T8500] chnl_net:caif_netlink_parms(): no params data found [ 279.043977][ T8500] bridge0: port 1(bridge_slave_0) entered blocking state [ 279.051972][ T8500] bridge0: port 1(bridge_slave_0) entered disabled state [ 279.061371][ T8500] device bridge_slave_0 entered promiscuous mode [ 279.088576][ T8500] bridge0: port 2(bridge_slave_1) entered blocking state [ 279.096355][ T8500] bridge0: port 2(bridge_slave_1) entered disabled state [ 279.105625][ T8500] device bridge_slave_1 entered promiscuous mode [ 279.158503][ T8500] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 279.174563][ T8500] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 279.222295][ T8500] team0: Port device team_slave_0 added [ 279.233420][ T8500] team0: Port device team_slave_1 added [ 279.280007][ T8500] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 279.287197][ T8500] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 279.314092][ T8500] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 279.327333][ T8500] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 279.334370][ T8500] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 279.361102][ T8500] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 279.482550][ T8500] device hsr_slave_0 entered promiscuous mode [ 279.637187][ T8500] device hsr_slave_1 entered promiscuous mode [ 280.141494][ T8500] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 280.193463][ T8500] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 280.452940][ T8500] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 280.713001][ T8500] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 281.044122][ T8500] 8021q: adding VLAN 0 to HW filter on device bond0 [ 281.068935][ T2324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 281.078606][ T2324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 281.096024][ T8500] 8021q: adding VLAN 0 to HW filter on device team0 [ 281.121807][ T2324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 281.131660][ T2324] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 281.141253][ T2324] bridge0: port 1(bridge_slave_0) entered blocking state [ 281.148507][ T2324] bridge0: port 1(bridge_slave_0) entered forwarding state [ 281.157816][ T2324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 281.167823][ T2324] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 281.177290][ T2324] bridge0: port 2(bridge_slave_1) entered blocking state [ 281.184716][ T2324] bridge0: port 2(bridge_slave_1) entered forwarding state [ 281.210174][ T2324] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 281.222517][ T2324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 281.233543][ T2324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 281.257688][ T3079] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 281.267895][ T3079] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 281.302605][ T8500] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 281.316640][ T8500] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 281.330226][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 281.339966][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 281.350276][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 281.360849][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 281.370953][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 281.381166][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 281.390829][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 281.402570][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 281.443394][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 281.451719][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 281.474687][ T8500] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 281.516194][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 281.526546][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 281.564941][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 281.575558][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 281.588726][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 281.598887][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 281.616543][ T8500] device veth0_vlan entered promiscuous mode [ 281.643594][ T8500] device veth1_vlan entered promiscuous mode [ 281.691954][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 281.701645][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 281.711004][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 281.720782][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 281.740710][ T8500] device veth0_macvtap entered promiscuous mode [ 281.758433][ T8500] device veth1_macvtap entered promiscuous mode [ 281.791972][ T8500] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 281.804151][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 281.813824][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 281.823104][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 281.833151][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 281.850847][ T8500] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 281.877456][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 281.887342][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 03:33:10 executing program 0: r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x81}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ppoll(&(0x7f0000000340)=[{r0}], 0x1, &(0x7f0000000380)={0x77359400}, 0x0, 0x0) 03:33:11 executing program 0: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS3\x00', 0x0, 0x0) ioctl$TCSETX(r0, 0x5433, 0x0) 03:33:11 executing program 0: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS3\x00', 0x0, 0x0) ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000040)) 03:33:12 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/ip6_flowlabel\x00') r1 = socket$nl_route(0x10, 0x3, 0x0) sendfile(r1, r0, 0x0, 0x3ff) [ 283.388996][ T8723] ===================================================== [ 283.395979][ T8723] BUG: KMSAN: uninit-value in netlink_rcv_skb+0x359/0x650 [ 283.403092][ T8723] CPU: 1 PID: 8723 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 283.411673][ T8723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 283.421724][ T8723] Call Trace: [ 283.425026][ T8723] dump_stack+0x1df/0x240 [ 283.429362][ T8723] kmsan_report+0xf7/0x1e0 [ 283.433781][ T8723] __msan_warning+0x58/0xa0 [ 283.438293][ T8723] netlink_rcv_skb+0x359/0x650 [ 283.443065][ T8723] ? rtnetlink_bind+0x120/0x120 [ 283.447920][ T8723] rtnetlink_rcv+0x50/0x60 [ 283.452339][ T8723] netlink_unicast+0xf9e/0x1100 [ 283.457201][ T8723] ? rtnetlink_net_exit+0x90/0x90 [ 283.462232][ T8723] netlink_sendmsg+0x1246/0x14d0 [ 283.467185][ T8723] ? netlink_getsockopt+0x1440/0x1440 [ 283.472557][ T8723] kernel_sendmsg+0x433/0x440 [ 283.477243][ T8723] sock_no_sendpage+0x235/0x300 [ 283.482110][ T8723] ? sock_no_mmap+0x30/0x30 [ 283.486614][ T8723] sock_sendpage+0x1e1/0x2c0 [ 283.491214][ T8723] pipe_to_sendpage+0x38c/0x4c0 [ 283.496070][ T8723] ? sock_fasync+0x250/0x250 [ 283.500678][ T8723] __splice_from_pipe+0x565/0xf00 [ 283.505709][ T8723] ? generic_splice_sendpage+0x2d0/0x2d0 [ 283.511358][ T8723] generic_splice_sendpage+0x1d5/0x2d0 [ 283.516825][ T8723] ? iter_file_splice_write+0x1800/0x1800 [ 283.522544][ T8723] direct_splice_actor+0x1fd/0x580 [ 283.527660][ T8723] ? kmsan_get_metadata+0x4f/0x180 [ 283.532777][ T8723] splice_direct_to_actor+0x6b2/0xf50 [ 283.538156][ T8723] ? do_splice_direct+0x580/0x580 [ 283.543203][ T8723] do_splice_direct+0x342/0x580 [ 283.548067][ T8723] do_sendfile+0x101b/0x1d40 [ 283.552681][ T8723] __se_sys_sendfile64+0x2bb/0x360 [ 283.557797][ T8723] ? kmsan_get_metadata+0x4f/0x180 [ 283.562912][ T8723] __x64_sys_sendfile64+0x56/0x70 [ 283.567936][ T8723] do_syscall_64+0xb0/0x150 [ 283.572461][ T8723] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 283.578344][ T8723] RIP: 0033:0x45c1f9 [ 283.582225][ T8723] Code: Bad RIP value. [ 283.586286][ T8723] RSP: 002b:00007f8a25aa9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 283.594698][ T8723] RAX: ffffffffffffffda RBX: 00000000000260c0 RCX: 000000000045c1f9 [ 283.602668][ T8723] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 283.610637][ T8723] RBP: 000000000078bf48 R08: 0000000000000000 R09: 0000000000000000 [ 283.618605][ T8723] R10: 00000000000003ff R11: 0000000000000246 R12: 000000000078bf0c [ 283.626584][ T8723] R13: 0000000000c9fb6f R14: 00007f8a25aaa9c0 R15: 000000000078bf0c [ 283.634656][ T8723] [ 283.636983][ T8723] Uninit was stored to memory at: [ 283.642017][ T8723] kmsan_internal_chain_origin+0xad/0x130 [ 283.647750][ T8723] kmsan_memcpy_memmove_metadata+0x272/0x2e0 [ 283.653736][ T8723] kmsan_memcpy_metadata+0xb/0x10 [ 283.658855][ T8723] __msan_memcpy+0x43/0x50 [ 283.663273][ T8723] _copy_from_iter_full+0xbfe/0x13b0 [ 283.668565][ T8723] netlink_sendmsg+0xfaa/0x14d0 [ 283.673409][ T8723] kernel_sendmsg+0x433/0x440 [ 283.678085][ T8723] sock_no_sendpage+0x235/0x300 [ 283.682932][ T8723] sock_sendpage+0x1e1/0x2c0 [ 283.687524][ T8723] pipe_to_sendpage+0x38c/0x4c0 [ 283.692369][ T8723] __splice_from_pipe+0x565/0xf00 [ 283.697393][ T8723] generic_splice_sendpage+0x1d5/0x2d0 [ 283.702846][ T8723] direct_splice_actor+0x1fd/0x580 [ 283.707951][ T8723] splice_direct_to_actor+0x6b2/0xf50 [ 283.713316][ T8723] do_splice_direct+0x342/0x580 [ 283.718161][ T8723] do_sendfile+0x101b/0x1d40 [ 283.722751][ T8723] __se_sys_sendfile64+0x2bb/0x360 [ 283.727857][ T8723] __x64_sys_sendfile64+0x56/0x70 [ 283.732876][ T8723] do_syscall_64+0xb0/0x150 [ 283.737386][ T8723] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 283.743264][ T8723] [ 283.745584][ T8723] Uninit was created at: [ 283.749824][ T8723] kmsan_save_stack_with_flags+0x3c/0x90 [ 283.755454][ T8723] kmsan_alloc_page+0xb9/0x180 [ 283.760213][ T8723] __alloc_pages_nodemask+0x56a2/0x5dc0 [ 283.765753][ T8723] alloc_pages_current+0x672/0x990 [ 283.770857][ T8723] push_pipe+0x605/0xb70 [ 283.775092][ T8723] iov_iter_get_pages_alloc+0x18a9/0x21c0 [ 283.780807][ T8723] do_splice_to+0x4fc/0x14f0 [ 283.785390][ T8723] splice_direct_to_actor+0x45c/0xf50 [ 283.790760][ T8723] do_splice_direct+0x342/0x580 [ 283.795603][ T8723] do_sendfile+0x101b/0x1d40 [ 283.800183][ T8723] __se_sys_sendfile64+0x2bb/0x360 [ 283.805285][ T8723] __x64_sys_sendfile64+0x56/0x70 [ 283.810302][ T8723] do_syscall_64+0xb0/0x150 [ 283.814803][ T8723] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 283.820677][ T8723] ===================================================== [ 283.827593][ T8723] Disabling lock debugging due to kernel taint [ 283.833738][ T8723] Kernel panic - not syncing: panic_on_warn set ... [ 283.840322][ T8723] CPU: 1 PID: 8723 Comm: syz-executor.0 Tainted: G B 5.8.0-rc5-syzkaller #0 [ 283.850284][ T8723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 283.860333][ T8723] Call Trace: [ 283.863626][ T8723] dump_stack+0x1df/0x240 [ 283.867960][ T8723] panic+0x3d5/0xc3e [ 283.871874][ T8723] kmsan_report+0x1df/0x1e0 [ 283.876375][ T8723] __msan_warning+0x58/0xa0 [ 283.880877][ T8723] netlink_rcv_skb+0x359/0x650 [ 283.885640][ T8723] ? rtnetlink_bind+0x120/0x120 [ 283.890511][ T8723] rtnetlink_rcv+0x50/0x60 [ 283.894927][ T8723] netlink_unicast+0xf9e/0x1100 [ 283.899774][ T8723] ? rtnetlink_net_exit+0x90/0x90 [ 283.904816][ T8723] netlink_sendmsg+0x1246/0x14d0 [ 283.909774][ T8723] ? netlink_getsockopt+0x1440/0x1440 [ 283.915138][ T8723] kernel_sendmsg+0x433/0x440 [ 283.919822][ T8723] sock_no_sendpage+0x235/0x300 [ 283.924682][ T8723] ? sock_no_mmap+0x30/0x30 [ 283.929185][ T8723] sock_sendpage+0x1e1/0x2c0 [ 283.933783][ T8723] pipe_to_sendpage+0x38c/0x4c0 [ 283.938630][ T8723] ? sock_fasync+0x250/0x250 [ 283.943233][ T8723] __splice_from_pipe+0x565/0xf00 [ 283.948260][ T8723] ? generic_splice_sendpage+0x2d0/0x2d0 [ 283.953907][ T8723] generic_splice_sendpage+0x1d5/0x2d0 [ 283.959376][ T8723] ? iter_file_splice_write+0x1800/0x1800 [ 283.965091][ T8723] direct_splice_actor+0x1fd/0x580 [ 283.970207][ T8723] ? kmsan_get_metadata+0x4f/0x180 [ 283.975322][ T8723] splice_direct_to_actor+0x6b2/0xf50 [ 283.980693][ T8723] ? do_splice_direct+0x580/0x580 [ 283.985740][ T8723] do_splice_direct+0x342/0x580 [ 283.990609][ T8723] do_sendfile+0x101b/0x1d40 [ 283.995217][ T8723] __se_sys_sendfile64+0x2bb/0x360 [ 284.000326][ T8723] ? kmsan_get_metadata+0x4f/0x180 [ 284.005438][ T8723] __x64_sys_sendfile64+0x56/0x70 [ 284.010478][ T8723] do_syscall_64+0xb0/0x150 [ 284.014991][ T8723] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 284.020876][ T8723] RIP: 0033:0x45c1f9 [ 284.024759][ T8723] Code: Bad RIP value. [ 284.028819][ T8723] RSP: 002b:00007f8a25aa9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 284.037231][ T8723] RAX: ffffffffffffffda RBX: 00000000000260c0 RCX: 000000000045c1f9 [ 284.045205][ T8723] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 284.053171][ T8723] RBP: 000000000078bf48 R08: 0000000000000000 R09: 0000000000000000 [ 284.061138][ T8723] R10: 00000000000003ff R11: 0000000000000246 R12: 000000000078bf0c [ 284.069104][ T8723] R13: 0000000000c9fb6f R14: 00007f8a25aaa9c0 R15: 000000000078bf0c [ 284.078377][ T8723] Kernel Offset: 0x22000000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 284.089985][ T8723] Rebooting in 86400 seconds..