[....] Starting enhanced syslogd: rsyslogd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[ 84.968538][ T30] audit: type=1800 audit(1568245528.012:25): pid=12559 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[ 84.991899][ T30] audit: type=1800 audit(1568245528.042:26): pid=12559 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[ 85.032460][ T30] audit: type=1800 audit(1568245528.062:27): pid=12559 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.10.0' (ECDSA) to the list of known hosts.
2019/09/11 23:45:40 fuzzer started
2019/09/11 23:45:44 dialing manager at 10.128.0.26:44845
2019/09/11 23:45:44 syscalls: 2376
2019/09/11 23:45:44 code coverage: enabled
2019/09/11 23:45:44 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2019/09/11 23:45:44 extra coverage: enabled
2019/09/11 23:45:44 setuid sandbox: enabled
2019/09/11 23:45:44 namespace sandbox: enabled
2019/09/11 23:45:44 Android sandbox: /sys/fs/selinux/policy does not exist
2019/09/11 23:45:44 fault injection: enabled
2019/09/11 23:45:44 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/09/11 23:45:44 net packet injection: enabled
2019/09/11 23:45:44 net device setup: enabled
syzkaller login: [ 258.972936][ C0] ==================================================================
[ 258.981068][ C0] BUG: KMSAN: uninit-value in kmem_cache_alloc_node+0x5d0/0xe70
[ 258.988703][ C0] CPU: 0 PID: 12711 Comm: syz-fuzzer Not tainted 5.3.0-rc7+ #0
[ 258.996226][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 259.006286][ C0] Call Trace:
[ 259.009563][ C0]
[ 259.012514][ C0] dump_stack+0x191/0x1f0
[ 259.016840][ C0] kmsan_report+0x162/0x2d0
[ 259.021339][ C0] __msan_warning+0x75/0xe0
[ 259.025844][ C0] kmem_cache_alloc_node+0x5d0/0xe70
[ 259.031192][ C0] ? __alloc_skb+0x215/0xa10
[ 259.035785][ C0] __alloc_skb+0x215/0xa10
[ 259.040208][ C0] aoecmd_cfg+0x205/0xa80
[ 259.044550][ C0] discover_timer+0x86/0xa0
[ 259.049395][ C0] call_timer_fn+0x232/0x530
[ 259.053986][ C0] ? skbfree+0x4a0/0x4a0
[ 259.058376][ C0] __run_timers+0xcdc/0x11a0
[ 259.062982][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 259.069045][ C0] ? skbfree+0x4a0/0x4a0
[ 259.073286][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 259.079256][ C0] run_timer_softirq+0x2d/0x50
[ 259.084366][ C0] ? timers_dead_cpu+0x9d0/0x9d0
[ 259.089533][ C0] __do_softirq+0x4a1/0x83a
[ 259.094054][ C0] irq_exit+0x230/0x280
[ 259.098204][ C0] exiting_irq+0xe/0x10
[ 259.102434][ C0] smp_apic_timer_interrupt+0x48/0x70
[ 259.107811][ C0] apic_timer_interrupt+0x2e/0x40
[ 259.112821][ C0]
[ 259.115754][ C0] RIP: 0010:virt_to_page_or_null+0xb4/0x100
[ 259.121646][ C0] Code: 02 75 0c 31 c0 c3 31 c0 c3 31 c0 c3 31 c0 c3 41 f6 c0 08 75 15 48 c1 ea 15 83 e2 3f 49 8b 4c 31 08 48 0f a3 11 72 03 31 c0 c3 <48> b9 ff ff ff 7f ff ff ff ff 48 39 cf 76 09 48 8b 0d 36 66 5e 0d
[ 259.141239][ C0] RSP: 0018:ffff8880ae89ecb8 EFLAGS: 00000202 ORIG_RAX: ffffffffffffff13
[ 259.149640][ C0] RAX: ffff88812e89ef7c RBX: ffffffff902c1000 RCX: ffff88812fffb2a0
[ 259.157601][ C0] RDX: 00000000ae89ef7c RSI: 00000000000002a0 RDI: ffff8880ae89ef7c
[ 259.165563][ C0] RBP: ffff8880ae89ecf0 R08: ffffea000000000f R09: ffff88812fffb000
[ 259.173542][ C0] R10: 0000000000000004 R11: 00000000173784e1 R12: 0000000000000000
[ 259.181588][ C0] R13: ffff8880ae89ef7c R14: ffff8880ae89ef7c R15: 0000000000000004
[ 259.189576][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 259.195550][ C0] __msan_metadata_ptr_for_store_4+0x13/0x20
[ 259.202065][ C0] sha256_generic_block_fn+0x324/0x8870
[ 259.207662][ C0] crypto_sha256_update+0x3f6/0x480
[ 259.212873][ C0] ? sha1_base_init+0x180/0x180
[ 259.217740][ C0] crypto_shash_update+0x4eb/0x550
[ 259.222856][ C0] ? integrity_kernel_read+0x221/0x280
[ 259.228327][ C0] ima_calc_file_hash+0x170a/0x3240
[ 259.233514][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 259.239485][ C0] ? kmsan_set_origin+0x26d/0x340
[ 259.244500][ C0] ? kmsan_internal_unpoison_shadow+0x2f/0x40
[ 259.250558][ C0] ? up_read+0x40/0x2b0
[ 259.254704][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 259.260694][ C0] ? __msan_metadata_ptr_for_load_1+0x10/0x20
[ 259.266769][ C0] ? kmsan_set_origin+0x26d/0x340
[ 259.271785][ C0] ima_collect_measurement+0x4a5/0x9e0
[ 259.277957][ C0] process_measurement+0x1a7d/0x2ba0
[ 259.284229][ C0] ? refcount_dec_and_test_checked+0x14c/0x210
[ 259.290389][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 259.296589][ C0] ? apparmor_task_getsecid+0x172/0x190
[ 259.302571][ C0] ? apparmor_task_alloc+0x210/0x210
[ 259.308009][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 259.314004][ C0] ima_file_check+0x131/0x170
[ 259.318680][ C0] path_openat+0x4b09/0x6bb0
[ 259.323277][ C0] ? expand_files+0xa4/0xf00
[ 259.328017][ C0] ? kmsan_get_metadata_or_null+0x208/0x290
[ 259.333913][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 259.339928][ C0] do_filp_open+0x2b8/0x710
[ 259.344731][ C0] do_sys_open+0x642/0xa30
[ 259.349157][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 259.355138][ C0] __se_sys_openat+0xcb/0xe0
[ 259.359725][ C0] __x64_sys_openat+0x56/0x70
[ 259.364408][ C0] do_syscall_64+0xbc/0xf0
[ 259.368853][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 259.374734][ C0] RIP: 0033:0x47fdba
[ 259.378614][ C0] Code: e8 2b 40 fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 4c 8b 54 24 28 4c 8b 44 24 30 4c 8b 4c 24 38 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 40 ff ff ff ff 48 c7 44 24 48
[ 259.398379][ C0] RSP: 002b:000000c4203b97f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000101
[ 259.407072][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047fdba
[ 259.415045][ C0] RDX: 0000000000080002 RSI: 000000c42fbcc180 RDI: ffffffffffffff9c
[ 259.423024][ C0] RBP: 000000c4203b9878 R08: 0000000000000000 R09: 0000000000000000
[ 259.431121][ C0] R10: 00000000000001a4 R11: 0000000000000216 R12: 0000000000000000
[ 259.439083][ C0] R13: 00000000000000f1 R14: 0000000000000011 R15: 0000000000000001
[ 259.447056][ C0]
[ 259.449365][ C0] Uninit was stored to memory at:
[ 259.454384][ C0] kmsan_internal_chain_origin+0xcc/0x150
[ 259.460088][ C0] __msan_chain_origin+0x6b/0xe0
[ 259.465017][ C0] ___slab_alloc+0x1dbc/0x1fb0
[ 259.469774][ C0] kmem_cache_alloc_node+0x769/0xe70
[ 259.475059][ C0] __alloc_skb+0x215/0xa10
[ 259.479466][ C0] aoecmd_cfg+0x205/0xa80
[ 259.483790][ C0] discover_timer+0x86/0xa0
[ 259.488293][ C0] call_timer_fn+0x232/0x530
[ 259.492983][ C0] __run_timers+0xcdc/0x11a0
[ 259.497671][ C0] run_timer_softirq+0x2d/0x50
[ 259.502425][ C0] __do_softirq+0x4a1/0x83a
[ 259.507015][ C0] irq_exit+0x230/0x280
[ 259.511156][ C0] exiting_irq+0xe/0x10
[ 259.515299][ C0] smp_apic_timer_interrupt+0x48/0x70
[ 259.520658][ C0] apic_timer_interrupt+0x2e/0x40
[ 259.525691][ C0] virt_to_page_or_null+0xb4/0x100
[ 259.530804][ C0] __msan_metadata_ptr_for_store_4+0x13/0x20
[ 259.536916][ C0] sha256_generic_block_fn+0x324/0x8870
[ 259.542707][ C0] crypto_sha256_update+0x3f6/0x480
[ 259.547894][ C0] crypto_shash_update+0x4eb/0x550
[ 259.552991][ C0] ima_calc_file_hash+0x170a/0x3240
[ 259.558194][ C0] ima_collect_measurement+0x4a5/0x9e0
[ 259.563649][ C0] process_measurement+0x1a7d/0x2ba0
[ 259.568934][ C0] ima_file_check+0x131/0x170
[ 259.573611][ C0] path_openat+0x4b09/0x6bb0
[ 259.578198][ C0] do_filp_open+0x2b8/0x710
[ 259.582701][ C0] do_sys_open+0x642/0xa30
[ 259.587115][ C0] __se_sys_openat+0xcb/0xe0
[ 259.591709][ C0] __x64_sys_openat+0x56/0x70
[ 259.596403][ C0] do_syscall_64+0xbc/0xf0
[ 259.600927][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 259.606814][ C0]
[ 259.609125][ C0] Uninit was created at:
[ 259.613362][ C0] kmsan_internal_poison_shadow+0x58/0xb0
[ 259.619070][ C0] kmsan_slab_free+0x8d/0x100
[ 259.623767][ C0] kmem_cache_free_bulk+0x3ad9/0x3f50
[ 259.629147][ C0] napi_consume_skb+0x593/0x5d0
[ 259.634119][ C0] free_old_xmit_skbs+0x1a1/0x450
[ 259.639133][ C0] virtnet_poll_tx+0x24c/0x4c0
[ 259.643967][ C0] net_rx_action+0x74b/0x1950
[ 259.648632][ C0] __do_softirq+0x4a1/0x83a
[ 259.653125][ C0] irq_exit+0x230/0x280
[ 259.657268][ C0] do_IRQ+0x20d/0x3a0
[ 259.661246][ C0] ret_from_intr+0x0/0x33
[ 259.665567][ C0] __x86_indirect_thunk_r11+0x10/0x20
[ 259.670952][ C0] stack_trace_save+0x11c/0x1b0
[ 259.675807][ C0] kmsan_internal_chain_origin+0xcc/0x150
[ 259.681544][ C0] kmsan_memcpy_memmove_metadata+0x819/0xa80
[ 259.687558][ C0] kmsan_memcpy_metadata+0xb/0x10
[ 259.692700][ C0] __msan_memcpy+0x56/0x70
[ 259.697108][ C0] sock_read_iter+0x116/0x660
[ 259.701790][ C0] __vfs_read+0xa67/0xc90
[ 259.706110][ C0] vfs_read+0x359/0x6f0
[ 259.710698][ C0] ksys_read+0x265/0x430
[ 259.714946][ C0] __se_sys_read+0x92/0xb0
[ 259.719486][ C0] __x64_sys_read+0x4a/0x70
[ 259.723985][ C0] do_syscall_64+0xbc/0xf0
[ 259.728404][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 259.734308][ C0] ==================================================================
[ 259.742374][ C0] Disabling lock debugging due to kernel taint
[ 259.748635][ C0] Kernel panic - not syncing: panic_on_warn set ...
[ 259.755438][ C0] CPU: 0 PID: 12711 Comm: syz-fuzzer Tainted: G B 5.3.0-rc7+ #0
[ 259.764467][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 259.774527][ C0] Call Trace:
[ 259.777832][ C0]
[ 259.780682][ C0] dump_stack+0x191/0x1f0
[ 259.785023][ C0] panic+0x3c9/0xc1e
[ 259.788922][ C0] kmsan_report+0x2ca/0x2d0
[ 259.793585][ C0] __msan_warning+0x75/0xe0
[ 259.798095][ C0] kmem_cache_alloc_node+0x5d0/0xe70
[ 259.803462][ C0] ? __alloc_skb+0x215/0xa10
[ 259.808086][ C0] __alloc_skb+0x215/0xa10
[ 259.812505][ C0] aoecmd_cfg+0x205/0xa80
[ 259.816990][ C0] discover_timer+0x86/0xa0
[ 259.821487][ C0] call_timer_fn+0x232/0x530
[ 259.826096][ C0] ? skbfree+0x4a0/0x4a0
[ 259.830606][ C0] __run_timers+0xcdc/0x11a0
[ 259.835337][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 259.841403][ C0] ? skbfree+0x4a0/0x4a0
[ 259.845717][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 259.851880][ C0] run_timer_softirq+0x2d/0x50
[ 259.856671][ C0] ? timers_dead_cpu+0x9d0/0x9d0
[ 259.861702][ C0] __do_softirq+0x4a1/0x83a
[ 259.866474][ C0] irq_exit+0x230/0x280
[ 259.870758][ C0] exiting_irq+0xe/0x10
[ 259.875092][ C0] smp_apic_timer_interrupt+0x48/0x70
[ 259.880461][ C0] apic_timer_interrupt+0x2e/0x40
[ 259.885467][ C0]
[ 259.888396][ C0] RIP: 0010:virt_to_page_or_null+0xb4/0x100
[ 259.894273][ C0] Code: 02 75 0c 31 c0 c3 31 c0 c3 31 c0 c3 31 c0 c3 41 f6 c0 08 75 15 48 c1 ea 15 83 e2 3f 49 8b 4c 31 08 48 0f a3 11 72 03 31 c0 c3 <48> b9 ff ff ff 7f ff ff ff ff 48 39 cf 76 09 48 8b 0d 36 66 5e 0d
[ 259.914150][ C0] RSP: 0018:ffff8880ae89ecb8 EFLAGS: 00000202 ORIG_RAX: ffffffffffffff13
[ 259.922556][ C0] RAX: ffff88812e89ef7c RBX: ffffffff902c1000 RCX: ffff88812fffb2a0
[ 259.931471][ C0] RDX: 00000000ae89ef7c RSI: 00000000000002a0 RDI: ffff8880ae89ef7c
[ 259.940374][ C0] RBP: ffff8880ae89ecf0 R08: ffffea000000000f R09: ffff88812fffb000
[ 259.948324][ C0] R10: 0000000000000004 R11: 00000000173784e1 R12: 0000000000000000
[ 259.956274][ C0] R13: ffff8880ae89ef7c R14: ffff8880ae89ef7c R15: 0000000000000004
[ 259.964247][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 259.970290][ C0] __msan_metadata_ptr_for_store_4+0x13/0x20
[ 259.976252][ C0] sha256_generic_block_fn+0x324/0x8870
[ 259.981823][ C0] crypto_sha256_update+0x3f6/0x480
[ 259.987012][ C0] ? sha1_base_init+0x180/0x180
[ 259.991851][ C0] crypto_shash_update+0x4eb/0x550
[ 259.996947][ C0] ? integrity_kernel_read+0x221/0x280
[ 260.002396][ C0] ima_calc_file_hash+0x170a/0x3240
[ 260.007585][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 260.013551][ C0] ? kmsan_set_origin+0x26d/0x340
[ 260.018557][ C0] ? kmsan_internal_unpoison_shadow+0x2f/0x40
[ 260.024607][ C0] ? up_read+0x40/0x2b0
[ 260.028738][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 260.034704][ C0] ? __msan_metadata_ptr_for_load_1+0x10/0x20
[ 260.040755][ C0] ? kmsan_set_origin+0x26d/0x340
[ 260.045764][ C0] ima_collect_measurement+0x4a5/0x9e0
[ 260.051239][ C0] process_measurement+0x1a7d/0x2ba0
[ 260.056542][ C0] ? refcount_dec_and_test_checked+0x14c/0x210
[ 260.062674][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 260.068630][ C0] ? apparmor_task_getsecid+0x172/0x190
[ 260.074156][ C0] ? apparmor_task_alloc+0x210/0x210
[ 260.079419][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 260.085378][ C0] ima_file_check+0x131/0x170
[ 260.090038][ C0] path_openat+0x4b09/0x6bb0
[ 260.094625][ C0] ? expand_files+0xa4/0xf00
[ 260.099212][ C0] ? kmsan_get_metadata_or_null+0x208/0x290
[ 260.105086][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 260.111491][ C0] do_filp_open+0x2b8/0x710
[ 260.116085][ C0] do_sys_open+0x642/0xa30
[ 260.120486][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 260.126471][ C0] __se_sys_openat+0xcb/0xe0
[ 260.131042][ C0] __x64_sys_openat+0x56/0x70
[ 260.135699][ C0] do_syscall_64+0xbc/0xf0
[ 260.140102][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 260.145972][ C0] RIP: 0033:0x47fdba
[ 260.149849][ C0] Code: e8 2b 40 fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 4c 8b 54 24 28 4c 8b 44 24 30 4c 8b 4c 24 38 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 40 ff ff ff ff 48 c7 44 24 48
[ 260.171250][ C0] RSP: 002b:000000c4203b97f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000101
[ 260.179645][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047fdba
[ 260.187597][ C0] RDX: 0000000000080002 RSI: 000000c42fbcc180 RDI: ffffffffffffff9c
[ 260.195556][ C0] RBP: 000000c4203b9878 R08: 0000000000000000 R09: 0000000000000000
[ 260.203514][ C0] R10: 00000000000001a4 R11: 0000000000000216 R12: 0000000000000000
[ 260.211467][ C0] R13: 00000000000000f1 R14: 0000000000000011 R15: 0000000000000001
[ 260.220867][ C0] Kernel Offset: disabled
[ 260.225191][ C0] Rebooting in 86400 seconds..