[....] Starting enhanced syslogd: rsyslogd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[ 77.957944][ T30] audit: type=1800 audit(1570162890.009:25): pid=11156 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[ 77.981190][ T30] audit: type=1800 audit(1570162890.029:26): pid=11156 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[ 78.016117][ T30] audit: type=1800 audit(1570162890.059:27): pid=11156 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.10.5' (ECDSA) to the list of known hosts.
2019/10/04 04:21:45 fuzzer started
2019/10/04 04:21:50 dialing manager at 10.128.0.26:46029
2019/10/04 04:21:50 syscalls: 2412
2019/10/04 04:21:50 code coverage: enabled
2019/10/04 04:21:50 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2019/10/04 04:21:50 extra coverage: enabled
2019/10/04 04:21:50 setuid sandbox: enabled
2019/10/04 04:21:50 namespace sandbox: enabled
2019/10/04 04:21:50 Android sandbox: /sys/fs/selinux/policy does not exist
2019/10/04 04:21:50 fault injection: enabled
2019/10/04 04:21:50 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/10/04 04:21:50 net packet injection: enabled
2019/10/04 04:21:50 net device setup: enabled
syzkaller login: [ 320.423039][ C0] =====================================================
[ 320.430148][ C0] BUG: KMSAN: uninit-value in __alloc_skb+0x215/0xa10
[ 320.436930][ C0] CPU: 0 PID: 11311 Comm: syz-fuzzer Not tainted 5.3.0-rc7+ #0
[ 320.444567][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 320.454698][ C0] Call Trace:
[ 320.457968][ C0]
[ 320.460904][ C0] dump_stack+0x191/0x1f0
[ 320.465372][ C0] kmsan_report+0x13a/0x2b0
[ 320.470073][ C0] __msan_warning+0x73/0xe0
[ 320.474684][ C0] kmem_cache_alloc_node+0x5d0/0xe70
[ 320.479988][ C0] ? __alloc_skb+0x215/0xa10
[ 320.484685][ C0] __alloc_skb+0x215/0xa10
[ 320.489208][ C0] aoecmd_cfg+0x205/0xa80
[ 320.493551][ C0] discover_timer+0x86/0xa0
[ 320.498206][ C0] call_timer_fn+0x232/0x530
[ 320.502819][ C0] ? skbfree+0x4a0/0x4a0
[ 320.507412][ C0] __run_timers+0xcdc/0x11a0
[ 320.512869][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 320.518937][ C0] ? skbfree+0x4a0/0x4a0
[ 320.523186][ C0] ? timers_dead_cpu+0x9d0/0x9d0
[ 320.528128][ C0] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[ 320.534131][ C0] run_timer_softirq+0x2d/0x50
[ 320.538915][ C0] ? timers_dead_cpu+0x9d0/0x9d0
[ 320.543918][ C0] __do_softirq+0x4a1/0x83a
[ 320.548443][ C0] irq_exit+0x230/0x280
[ 320.552605][ C0] exiting_irq+0xe/0x10
[ 320.556743][ C0] smp_apic_timer_interrupt+0x48/0x70
[ 320.562122][ C0] apic_timer_interrupt+0x2e/0x40
[ 320.567137][ C0]
[ 320.570058][ C0] RIP: 0010:kmsan_get_shadow_origin_ptr+0x13c/0x4c0
[ 320.576624][ C0] Code: 60 00 e1 ff ff 4d 8d a4 05 00 00 00 5f e9 28 ff ff ff 48 b8 00 00 00 00 80 77 00 00 4c 89 f1 48 81 e9 00 00 00 80 48 89 4d d0 <0f> 83 20 03 00 00 4c 01 f0 48 39 c8 77 59 8a 0d 91 3b c3 0d 48 89
[ 320.596230][ C0] RSP: 0018:ffff8880b883ecc0 EFLAGS: 00000283 ORIG_RAX: ffffffffffffff13
[ 320.604653][ C0] RAX: 0000778000000000 RBX: 000000000000001c RCX: ffff88813883ef4c
[ 320.612641][ C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff8880b883ef4c
[ 320.620596][ C0] RBP: ffff8880b883ecf0 R08: 0000000000000002 R09: ffff8880b883ecb8
[ 320.628563][ C0] R10: 0000000000000004 R11: 00000000d817bc92 R12: ffffffff902c0000
[ 320.636546][ C0] R13: ffff8880b883ef4c R14: ffff8880b883ef4c R15: 0000000000000004
[ 320.644554][ C0] __msan_metadata_ptr_for_store_4+0x13/0x20
[ 320.650763][ C0] sha256_generic_block_fn+0x1b9/0x8870
[ 320.656336][ C0] crypto_sha256_update+0x3f6/0x480
[ 320.661555][ C0] ? sha1_base_init+0x180/0x180
[ 320.666474][ C0] crypto_shash_update+0x4eb/0x550
[ 320.671589][ C0] ? kmsan_internal_set_origin+0x6a/0xb0
[ 320.677268][ C0] ? integrity_kernel_read+0x221/0x280
[ 320.682718][ C0] ima_calc_file_hash+0x170a/0x3240
[ 320.688871][ C0] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[ 320.694816][ C0] ? ext4_xattr_ibody_get+0x19f/0x12a0
[ 320.700302][ C0] ? kmsan_internal_unpoison_shadow+0x42/0x80
[ 320.706369][ C0] ? up_read+0x40/0x2b0
[ 320.710665][ C0] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[ 320.716563][ C0] ? __msan_metadata_ptr_for_load_1+0x10/0x20
[ 320.722628][ C0] ? kmsan_internal_set_origin+0x6a/0xb0
[ 320.728525][ C0] ? kmsan_internal_set_origin+0x6a/0xb0
[ 320.734160][ C0] ima_collect_measurement+0x4a5/0x9e0
[ 320.739636][ C0] process_measurement+0x1a7d/0x2ba0
[ 320.745002][ C0] ? refcount_dec_and_test_checked+0x14c/0x210
[ 320.751178][ C0] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[ 320.757074][ C0] ? apparmor_task_alloc+0x210/0x210
[ 320.762355][ C0] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[ 320.768242][ C0] ima_file_check+0x131/0x170
[ 320.772964][ C0] path_openat+0x4b09/0x6bb0
[ 320.777554][ C0] ? kmsan_internal_set_origin+0x6a/0xb0
[ 320.783171][ C0] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[ 320.789056][ C0] do_filp_open+0x2b8/0x710
[ 320.793697][ C0] do_sys_open+0x642/0xa30
[ 320.798095][ C0] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[ 320.803987][ C0] __se_sys_openat+0xcb/0xe0
[ 320.808836][ C0] __x64_sys_openat+0x56/0x70
[ 320.814023][ C0] do_syscall_64+0xbc/0xf0
[ 320.818440][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 320.824345][ C0] RIP: 0033:0x47fdba
[ 320.828228][ C0] Code: e8 2b 40 fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 4c 8b 54 24 28 4c 8b 44 24 30 4c 8b 4c 24 38 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 40 ff ff ff ff 48 c7 44 24 48
[ 320.847818][ C0] RSP: 002b:000000c4203a17f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000101
[ 320.856212][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047fdba
[ 320.864175][ C0] RDX: 0000000000080002 RSI: 000000c42b38e2a0 RDI: ffffffffffffff9c
[ 320.872136][ C0] RBP: 000000c4203a1878 R08: 0000000000000000 R09: 0000000000000000
[ 320.883301][ C0] R10: 00000000000001a4 R11: 0000000000000216 R12: 0000000000000000
[ 320.891299][ C0] R13: 00000000000000f5 R14: 0000000000000075 R15: 0000000000000004
[ 320.899868][ C0]
[ 320.902175][ C0] Uninit was stored to memory at:
[ 320.907719][ C0] kmsan_internal_chain_origin+0xd2/0x170
[ 320.914052][ C0] __msan_chain_origin+0x6b/0xe0
[ 320.919078][ C0] ___slab_alloc+0x1dbc/0x1fb0
[ 320.924355][ C0] kmem_cache_alloc_node+0x769/0xe70
[ 320.929980][ C0] __alloc_skb+0x215/0xa10
[ 320.934425][ C0] aoecmd_cfg+0x205/0xa80
[ 320.938752][ C0] discover_timer+0x86/0xa0
[ 320.943384][ C0] call_timer_fn+0x232/0x530
[ 320.947972][ C0] __run_timers+0xcdc/0x11a0
[ 320.952540][ C0] run_timer_softirq+0x2d/0x50
[ 320.957298][ C0] __do_softirq+0x4a1/0x83a
[ 320.961793][ C0] irq_exit+0x230/0x280
[ 320.965929][ C0] exiting_irq+0xe/0x10
[ 320.970063][ C0] smp_apic_timer_interrupt+0x48/0x70
[ 320.975425][ C0] apic_timer_interrupt+0x2e/0x40
[ 320.980440][ C0] kmsan_get_shadow_origin_ptr+0x13c/0x4c0
[ 320.986237][ C0] __msan_metadata_ptr_for_store_4+0x13/0x20
[ 320.992198][ C0] sha256_generic_block_fn+0x1b9/0x8870
[ 320.997736][ C0] crypto_sha256_update+0x3f6/0x480
[ 321.003051][ C0] crypto_shash_update+0x4eb/0x550
[ 321.008164][ C0] ima_calc_file_hash+0x170a/0x3240
[ 321.013350][ C0] ima_collect_measurement+0x4a5/0x9e0
[ 321.018787][ C0] process_measurement+0x1a7d/0x2ba0
[ 321.024049][ C0] ima_file_check+0x131/0x170
[ 321.028704][ C0] path_openat+0x4b09/0x6bb0
[ 321.033271][ C0] do_filp_open+0x2b8/0x710
[ 321.037753][ C0] do_sys_open+0x642/0xa30
[ 321.042148][ C0] __se_sys_openat+0xcb/0xe0
[ 321.046713][ C0] __x64_sys_openat+0x56/0x70
[ 321.051377][ C0] do_syscall_64+0xbc/0xf0
[ 321.055775][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 321.061638][ C0]
[ 321.063941][ C0] Uninit was created at:
[ 321.068166][ C0] kmsan_internal_poison_shadow+0x53/0x100
[ 321.073950][ C0] kmsan_slab_free+0x8d/0x100
[ 321.078637][ C0] kmem_cache_free_bulk+0x3ad9/0x3f50
[ 321.084015][ C0] napi_consume_skb+0x593/0x5d0
[ 321.088954][ C0] free_old_xmit_skbs+0x1a1/0x450
[ 321.093964][ C0] virtnet_poll_tx+0x24c/0x4c0
[ 321.099707][ C0] net_rx_action+0x74b/0x1950
[ 321.104366][ C0] __do_softirq+0x4a1/0x83a
[ 321.108850][ C0] irq_exit+0x230/0x280
[ 321.112982][ C0] do_IRQ+0x20d/0x3a0
[ 321.116954][ C0] ret_from_intr+0x0/0x33
[ 321.121260][ C0] default_idle+0x53/0x90
[ 321.125608][ C0] arch_cpu_idle+0x25/0x30
[ 321.130056][ C0] do_idle+0x1d7/0x790
[ 321.134205][ C0] cpu_startup_entry+0x45/0x50
[ 321.138957][ C0] rest_init+0x1be/0x1f0
[ 321.143742][ C0] arch_call_rest_init+0x13/0x15
[ 321.148681][ C0] start_kernel+0x991/0xb61
[ 321.153175][ C0] x86_64_start_reservations+0x18/0x2e
[ 321.158630][ C0] x86_64_start_kernel+0x81/0x84
[ 321.163569][ C0] secondary_startup_64+0xa4/0xb0
[ 321.168564][ C0] =====================================================
[ 321.175563][ C0] Disabling lock debugging due to kernel taint
[ 321.181775][ C0] Kernel panic - not syncing: panic_on_warn set ...
[ 321.188356][ C0] CPU: 0 PID: 11311 Comm: syz-fuzzer Tainted: G B 5.3.0-rc7+ #0
[ 321.197275][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 321.207416][ C0] Call Trace:
[ 321.211155][ C0]
[ 321.214327][ C0] dump_stack+0x191/0x1f0
[ 321.218777][ C0] panic+0x3c9/0xc1e
[ 321.222688][ C0] kmsan_report+0x2a2/0x2b0
[ 321.227410][ C0] __msan_warning+0x73/0xe0
[ 321.231925][ C0] kmem_cache_alloc_node+0x5d0/0xe70
[ 321.237221][ C0] ? __alloc_skb+0x215/0xa10
[ 321.241806][ C0] __alloc_skb+0x215/0xa10
[ 321.246221][ C0] aoecmd_cfg+0x205/0xa80
[ 321.250539][ C0] discover_timer+0x86/0xa0
[ 321.255202][ C0] call_timer_fn+0x232/0x530
[ 321.259781][ C0] ? skbfree+0x4a0/0x4a0
[ 321.264042][ C0] __run_timers+0xcdc/0x11a0
[ 321.268611][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 321.274663][ C0] ? skbfree+0x4a0/0x4a0
[ 321.278898][ C0] ? timers_dead_cpu+0x9d0/0x9d0
[ 321.283814][ C0] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[ 321.289712][ C0] run_timer_softirq+0x2d/0x50
[ 321.294462][ C0] ? timers_dead_cpu+0x9d0/0x9d0
[ 321.299392][ C0] __do_softirq+0x4a1/0x83a
[ 321.303883][ C0] irq_exit+0x230/0x280
[ 321.308024][ C0] exiting_irq+0xe/0x10
[ 321.313052][ C0] smp_apic_timer_interrupt+0x48/0x70
[ 321.318521][ C0] apic_timer_interrupt+0x2e/0x40
[ 321.324115][ C0]
[ 321.327064][ C0] RIP: 0010:kmsan_get_shadow_origin_ptr+0x13c/0x4c0
[ 321.333982][ C0] Code: 60 00 e1 ff ff 4d 8d a4 05 00 00 00 5f e9 28 ff ff ff 48 b8 00 00 00 00 80 77 00 00 4c 89 f1 48 81 e9 00 00 00 80 48 89 4d d0 <0f> 83 20 03 00 00 4c 01 f0 48 39 c8 77 59 8a 0d 91 3b c3 0d 48 89
[ 321.354795][ C0] RSP: 0018:ffff8880b883ecc0 EFLAGS: 00000283 ORIG_RAX: ffffffffffffff13
[ 321.363299][ C0] RAX: 0000778000000000 RBX: 000000000000001c RCX: ffff88813883ef4c
[ 321.371268][ C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff8880b883ef4c
[ 321.379307][ C0] RBP: ffff8880b883ecf0 R08: 0000000000000002 R09: ffff8880b883ecb8
[ 321.387286][ C0] R10: 0000000000000004 R11: 00000000d817bc92 R12: ffffffff902c0000
[ 321.395256][ C0] R13: ffff8880b883ef4c R14: ffff8880b883ef4c R15: 0000000000000004
[ 321.403244][ C0] __msan_metadata_ptr_for_store_4+0x13/0x20
[ 321.409226][ C0] sha256_generic_block_fn+0x1b9/0x8870
[ 321.414809][ C0] crypto_sha256_update+0x3f6/0x480
[ 321.420112][ C0] ? sha1_base_init+0x180/0x180
[ 321.424988][ C0] crypto_shash_update+0x4eb/0x550
[ 321.430230][ C0] ? kmsan_internal_set_origin+0x6a/0xb0
[ 321.436000][ C0] ? integrity_kernel_read+0x221/0x280
[ 321.441567][ C0] ima_calc_file_hash+0x170a/0x3240
[ 321.446753][ C0] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[ 321.452652][ C0] ? ext4_xattr_ibody_get+0x19f/0x12a0
[ 321.458095][ C0] ? kmsan_internal_unpoison_shadow+0x42/0x80
[ 321.464164][ C0] ? up_read+0x40/0x2b0
[ 321.468303][ C0] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[ 321.474186][ C0] ? __msan_metadata_ptr_for_load_1+0x10/0x20
[ 321.480240][ C0] ? kmsan_internal_set_origin+0x6a/0xb0
[ 321.486546][ C0] ? kmsan_internal_set_origin+0x6a/0xb0
[ 321.492174][ C0] ima_collect_measurement+0x4a5/0x9e0
[ 321.497652][ C0] process_measurement+0x1a7d/0x2ba0
[ 321.502935][ C0] ? refcount_dec_and_test_checked+0x14c/0x210
[ 321.509090][ C0] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[ 321.515161][ C0] ? apparmor_task_alloc+0x210/0x210
[ 321.520627][ C0] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[ 321.526722][ C0] ima_file_check+0x131/0x170
[ 321.531458][ C0] path_openat+0x4b09/0x6bb0
[ 321.536235][ C0] ? kmsan_internal_set_origin+0x6a/0xb0
[ 321.542045][ C0] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[ 321.548688][ C0] do_filp_open+0x2b8/0x710
[ 321.553289][ C0] do_sys_open+0x642/0xa30
[ 321.557690][ C0] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[ 321.563688][ C0] __se_sys_openat+0xcb/0xe0
[ 321.568295][ C0] __x64_sys_openat+0x56/0x70
[ 321.572979][ C0] do_syscall_64+0xbc/0xf0
[ 321.577409][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 321.583354][ C0] RIP: 0033:0x47fdba
[ 321.587422][ C0] Code: e8 2b 40 fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 4c 8b 54 24 28 4c 8b 44 24 30 4c 8b 4c 24 38 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 40 ff ff ff ff 48 c7 44 24 48
[ 321.607034][ C0] RSP: 002b:000000c4203a17f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000101
[ 321.615437][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047fdba
[ 321.623417][ C0] RDX: 0000000000080002 RSI: 000000c42b38e2a0 RDI: ffffffffffffff9c
[ 321.631435][ C0] RBP: 000000c4203a1878 R08: 0000000000000000 R09: 0000000000000000
[ 321.640048][ C0] R10: 00000000000001a4 R11: 0000000000000216 R12: 0000000000000000
[ 321.648070][ C0] R13: 00000000000000f5 R14: 0000000000000075 R15: 0000000000000004
[ 321.657568][ C0] Kernel Offset: disabled
[ 321.661942][ C0] Rebooting in 86400 seconds..