[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 64.657782] audit: type=1800 audit(1541257780.706:25): pid=6425 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 64.677415] audit: type=1800 audit(1541257780.706:26): pid=6425 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 64.697009] audit: type=1800 audit(1541257780.726:27): pid=6425 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.23' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program syzkaller login: [ 283.454773] ================================================================== [ 283.462226] BUG: KMSAN: uninit-value in _copy_to_user+0x214/0x230 [ 283.468500] CPU: 0 PID: 6584 Comm: syz-executor275 Not tainted 4.19.0+ #77 [ 283.475530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 283.484882] Call Trace: [ 283.487477] dump_stack+0x32d/0x480 [ 283.491101] ? _copy_to_user+0x214/0x230 [ 283.495195] kmsan_report+0x1a2/0x2e0 [ 283.499045] __msan_warning+0x74/0xd0 [ 283.502873] _copy_to_user+0x214/0x230 [ 283.506798] __vb2_perform_fileio+0x5d8/0x23c0 [ 283.511429] vb2_read+0xf7/0x110 [ 283.514907] vb2_fop_read+0x475/0x640 [ 283.518752] ? vb2_fop_write+0x640/0x640 [ 283.522861] v4l2_read+0x274/0x4a0 [ 283.526429] ? INIT_INT+0x40/0x40 [ 283.529912] __vfs_read+0x1e2/0xb10 [ 283.533584] ? rw_verify_area+0x35e/0x580 [ 283.537782] vfs_read+0x380/0x6b0 [ 283.541288] __se_sys_read+0x17a/0x370 [ 283.545230] __x64_sys_read+0x4a/0x70 [ 283.549076] do_syscall_64+0xcf/0x110 [ 283.552918] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 283.558136] RIP: 0033:0x444b49 [ 283.561375] Code: e8 ac e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b ce fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 283.580317] RSP: 002b:00007ffe5d72b728 EFLAGS: 00000213 ORIG_RAX: 0000000000000000 [ 283.588058] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000444b49 [ 283.595359] RDX: 0000000000000059 RSI: 0000000020000000 RDI: 0000000000000003 [ 283.602658] RBP: 0000000000000000 R08: 0000000001bed880 R09: 00000000004002e0 [ 283.609943] R10: 000000000000000f R11: 0000000000000213 R12: 0000000000401e00 [ 283.617249] R13: 0000000000401e90 R14: 0000000000000000 R15: 0000000000000000 [ 283.624563] [ 283.626203] Uninit was created at: [ 283.629763] kmsan_internal_poison_shadow+0xc8/0x1e0 [ 283.634915] kmsan_kmalloc+0x98/0x110 [ 283.638754] kmsan_slab_alloc+0xe/0x10 [ 283.642669] __kmalloc_node_track_caller+0xf62/0x14e0 [ 283.647952] __alloc_skb+0x42b/0xeb0 [ 283.651701] sk_stream_alloc_skb+0x236/0xe60 [ 283.656143] tcp_sendmsg_locked+0x2638/0x6c30 [ 283.660668] tcp_sendmsg+0xb2/0x100 [ 283.664316] inet_sendmsg+0x4e9/0x800 [ 283.668133] sock_write_iter+0x404/0x4e0 [ 283.672267] __vfs_write+0x882/0xb80 [ 283.675999] vfs_write+0x4a3/0x8f0 [ 283.679564] __se_sys_write+0x17a/0x370 [ 283.683569] __x64_sys_write+0x4a/0x70 [ 283.687478] do_syscall_64+0xcf/0x110 [ 283.691313] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 283.696539] ================================================================== [ 283.703903] Disabling lock debugging due to kernel taint [ 283.709364] Kernel panic - not syncing: panic_on_warn set ... [ 283.709364] [ 283.716760] CPU: 0 PID: 6584 Comm: syz-executor275 Tainted: G B 4.19.0+ #77 [ 283.725185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 283.734556] Call Trace: [ 283.737171] dump_stack+0x32d/0x480 [ 283.740854] panic+0x57e/0xb28 [ 283.744129] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 283.749624] kmsan_report+0x2d3/0x2e0 [ 283.753480] __msan_warning+0x74/0xd0 [ 283.757327] _copy_to_user+0x214/0x230 [ 283.761263] __vb2_perform_fileio+0x5d8/0x23c0 [ 283.765918] vb2_read+0xf7/0x110 [ 283.769326] vb2_fop_read+0x475/0x640 [ 283.773169] ? vb2_fop_write+0x640/0x640 [ 283.777245] v4l2_read+0x274/0x4a0 [ 283.780822] ? INIT_INT+0x40/0x40 [ 283.784301] __vfs_read+0x1e2/0xb10 [ 283.787974] ? rw_verify_area+0x35e/0x580 [ 283.792177] vfs_read+0x380/0x6b0 [ 283.795683] __se_sys_read+0x17a/0x370 [ 283.799628] __x64_sys_read+0x4a/0x70 [ 283.803476] do_syscall_64+0xcf/0x110 [ 283.807329] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 283.812560] RIP: 0033:0x444b49 [ 283.815771] Code: e8 ac e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b ce fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 283.834692] RSP: 002b:00007ffe5d72b728 EFLAGS: 00000213 ORIG_RAX: 0000000000000000 [ 283.842439] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000444b49 [ 283.849737] RDX: 0000000000000059 RSI: 0000000020000000 RDI: 0000000000000003 [ 283.857128] RBP: 0000000000000000 R08: 0000000001bed880 R09: 00000000004002e0 [ 283.864394] R10: 000000000000000f R11: 0000000000000213 R12: 0000000000401e00 [ 283.871661] R13: 0000000000401e90 R14: 0000000000000000 R15: 0000000000000000 [ 283.879891] Kernel Offset: disabled [ 283.883543] Rebooting in 86400 seconds..