[....] Starting enhanced syslogd: rsyslogd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[ 106.484780][ T31] audit: type=1800 audit(1565025384.545:25): pid=12084 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[ 106.522238][ T31] audit: type=1800 audit(1565025384.565:26): pid=12084 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[ 106.542502][ T31] audit: type=1800 audit(1565025384.575:27): pid=12084 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.15.198' (ECDSA) to the list of known hosts.
2019/08/05 17:16:40 fuzzer started
2019/08/05 17:16:46 dialing manager at 10.128.0.26:46627
2019/08/05 17:16:46 syscalls: 2367
2019/08/05 17:16:46 code coverage: enabled
2019/08/05 17:16:46 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2019/08/05 17:16:46 extra coverage: enabled
2019/08/05 17:16:46 setuid sandbox: enabled
2019/08/05 17:16:46 namespace sandbox: enabled
2019/08/05 17:16:46 Android sandbox: /sys/fs/selinux/policy does not exist
2019/08/05 17:16:46 fault injection: enabled
2019/08/05 17:16:46 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/08/05 17:16:46 net packet injection: enabled
2019/08/05 17:16:46 net device setup: enabled
17:19:58 executing program 0:
syzkaller login: [ 320.413827][ C0] ==================================================================
[ 320.422061][ C0] BUG: KMSAN: uninit-value in kmem_cache_alloc_node+0x5d0/0xe70
[ 320.429822][ C0] CPU: 0 PID: 12237 Comm: syz-fuzzer Not tainted 5.3.0-rc3+ #16
[ 320.437458][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 320.447792][ C0] Call Trace:
[ 320.451099][ C0]
[ 320.454075][ C0] dump_stack+0x191/0x1f0
[ 320.458447][ C0] kmsan_report+0x162/0x2d0
[ 320.463004][ C0] __msan_warning+0x75/0xe0
[ 320.467730][ C0] kmem_cache_alloc_node+0x5d0/0xe70
[ 320.473129][ C0] ? __alloc_skb+0x215/0xa10
[ 320.477774][ C0] __alloc_skb+0x215/0xa10
[ 320.482244][ C0] aoecmd_cfg+0x205/0xa80
[ 320.486619][ C0] discover_timer+0x86/0xa0
[ 320.491147][ C0] call_timer_fn+0x232/0x530
[ 320.495758][ C0] ? skbfree+0x4a0/0x4a0
[ 320.500029][ C0] __run_timers+0xcdc/0x11a0
[ 320.504668][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 320.510785][ C0] ? skbfree+0x4a0/0x4a0
[ 320.515087][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 320.521129][ C0] run_timer_softirq+0x2d/0x50
[ 320.525937][ C0] ? timers_dead_cpu+0x9d0/0x9d0
[ 320.530992][ C0] __do_softirq+0x4a1/0x83a
[ 320.535658][ C0] irq_exit+0x230/0x280
[ 320.539867][ C0] exiting_irq+0xe/0x10
[ 320.544078][ C0] smp_apic_timer_interrupt+0x48/0x70
[ 320.549496][ C0] apic_timer_interrupt+0x2e/0x40
[ 320.554541][ C0]
[ 320.557514][ C0] RIP: 0010:kmsan_get_shadow_origin_ptr+0x0/0x3a0
[ 320.563956][ C0] Code: 35 c9 d7 fe 7d 65 48 8b 15 4d f5 07 7e 48 c7 c7 fe 3a 26 8f 31 c0 e8 4c 82 73 ff 0f 0b 0f 1f 00 66 2e 0f 1f 84 00 00 00 00 00 <55> 48 89 e5 41 57 41 56 41 55 41 54 53 50 49 89 f7 49 89 fe 48 81
[ 320.583594][ C0] RSP: 0018:ffff8880accfecf8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[ 320.592040][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 320.600055][ C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff8880accfef80
[ 320.608059][ C0] RBP: ffff8880accfed00 R08: ffffea000000000f R09: ffff88812fffb000
[ 320.616065][ C0] R10: 0000000000000004 R11: 00000000a4376ade R12: 0000000000000000
[ 320.624066][ C0] R13: 000000000000002c R14: 0000000000000000 R15: 0000000000000000
[ 320.632117][ C0] ? __msan_metadata_ptr_for_load_4+0x10/0x20
[ 320.638221][ C0] sha256_generic_block_fn+0x2a6/0x8870
[ 320.643947][ C0] crypto_sha256_update+0x3f6/0x480
[ 320.649229][ C0] ? sha1_base_init+0x180/0x180
[ 320.654317][ C0] crypto_shash_update+0x4eb/0x550
[ 320.659506][ C0] ? integrity_kernel_read+0x221/0x280
[ 320.665037][ C0] ima_calc_file_hash+0x170a/0x3240
[ 320.670285][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 320.676320][ C0] ? kmsan_set_origin+0x26d/0x340
[ 320.681391][ C0] ? kmsan_internal_unpoison_shadow+0x2f/0x40
[ 320.687514][ C0] ? up_read+0x40/0x2b0
[ 320.691714][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 320.697772][ C0] ? __msan_metadata_ptr_for_load_1+0x10/0x20
[ 320.703897][ C0] ? kmsan_set_origin+0x26d/0x340
[ 320.708995][ C0] ima_collect_measurement+0x4a5/0x9e0
[ 320.714557][ C0] process_measurement+0x1a7d/0x2ba0
[ 320.719953][ C0] ? refcount_dec_and_test_checked+0x14c/0x210
[ 320.726256][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 320.732281][ C0] ? apparmor_task_getsecid+0x172/0x190
[ 320.737986][ C0] ? apparmor_task_alloc+0x210/0x210
[ 320.743321][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 320.749345][ C0] ima_file_check+0x131/0x170
[ 320.754080][ C0] path_openat+0x4b09/0x6bb0
[ 320.758769][ C0] ? expand_files+0xa4/0xf00
[ 320.763404][ C0] ? kmsan_get_metadata_or_null+0x208/0x290
[ 320.769342][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 320.775373][ C0] do_filp_open+0x2b8/0x710
[ 320.779965][ C0] do_sys_open+0x642/0xa30
[ 320.784440][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 320.790500][ C0] __se_sys_openat+0xcb/0xe0
[ 320.795158][ C0] __x64_sys_openat+0x56/0x70
[ 320.799882][ C0] do_syscall_64+0xbc/0xf0
[ 320.804393][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 320.811463][ C0] RIP: 0033:0x47fd2a
[ 320.815396][ C0] Code: e8 bb 40 fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 4c 8b 54 24 28 4c 8b 44 24 30 4c 8b 4c 24 38 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 40 ff ff ff ff 48 c7 44 24 48
[ 320.835033][ C0] RSP: 002b:000000c4201657f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000101
[ 320.843479][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047fd2a
[ 320.851479][ C0] RDX: 0000000000080002 RSI: 000000c42d5a6380 RDI: ffffffffffffff9c
[ 320.859567][ C0] RBP: 000000c420165878 R08: 0000000000000000 R09: 0000000000000000
[ 320.867590][ C0] R10: 00000000000001a4 R11: 0000000000000216 R12: 0000000000000000
[ 320.875591][ C0] R13: 00000000000000f5 R14: 0000000000000075 R15: 0000000000000004
[ 320.883639][ C0]
[ 320.886069][ C0] Uninit was stored to memory at:
[ 320.891108][ C0] kmsan_internal_chain_origin+0xcc/0x150
[ 320.896862][ C0] __msan_chain_origin+0x6b/0xe0
[ 320.901818][ C0] ___slab_alloc+0x1dbc/0x1fb0
[ 320.906605][ C0] kmem_cache_alloc_node+0x769/0xe70
[ 320.912015][ C0] __alloc_skb+0x215/0xa10
[ 320.916455][ C0] aoecmd_cfg+0x205/0xa80
[ 320.920824][ C0] discover_timer+0x86/0xa0
[ 320.925382][ C0] call_timer_fn+0x232/0x530
[ 320.929999][ C0] __run_timers+0xcdc/0x11a0
[ 320.934617][ C0] run_timer_softirq+0x2d/0x50
[ 320.939415][ C0] __do_softirq+0x4a1/0x83a
[ 320.943945][ C0] irq_exit+0x230/0x280
[ 320.948136][ C0] exiting_irq+0xe/0x10
[ 320.952321][ C0] smp_apic_timer_interrupt+0x48/0x70
[ 320.957729][ C0] apic_timer_interrupt+0x2e/0x40
[ 320.962787][ C0] kmsan_get_shadow_origin_ptr+0x0/0x3a0
[ 320.968446][ C0] sha256_generic_block_fn+0x2a6/0x8870
[ 320.974021][ C0] crypto_sha256_update+0x3f6/0x480
[ 320.979265][ C0] crypto_shash_update+0x4eb/0x550
[ 320.984414][ C0] ima_calc_file_hash+0x170a/0x3240
[ 320.989646][ C0] ima_collect_measurement+0x4a5/0x9e0
[ 320.995124][ C0] process_measurement+0x1a7d/0x2ba0
[ 321.000432][ C0] ima_file_check+0x131/0x170
[ 321.005130][ C0] path_openat+0x4b09/0x6bb0
[ 321.009739][ C0] do_filp_open+0x2b8/0x710
[ 321.014271][ C0] do_sys_open+0x642/0xa30
[ 321.018839][ C0] __se_sys_openat+0xcb/0xe0
[ 321.023464][ C0] __x64_sys_openat+0x56/0x70
[ 321.028260][ C0] do_syscall_64+0xbc/0xf0
[ 321.032715][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 321.038619][ C0]
[ 321.040960][ C0] Uninit was created at:
[ 321.045241][ C0] kmsan_internal_poison_shadow+0x53/0xa0
[ 321.050993][ C0] kmsan_slab_free+0x8d/0x100
[ 321.055701][ C0] kmem_cache_free_bulk+0x3ad9/0x3f50
[ 321.061109][ C0] __kfree_skb_flush+0xb0/0x100
[ 321.066044][ C0] net_rx_action+0x1908/0x1950
[ 321.070853][ C0] __do_softirq+0x4a1/0x83a
[ 321.075389][ C0] irq_exit+0x230/0x280
[ 321.079588][ C0] do_IRQ+0x20d/0x3a0
[ 321.083609][ C0] ret_from_intr+0x0/0x33
[ 321.087956][ C0] virt_to_page_or_null+0x49/0x100
[ 321.093090][ C0] __msan_metadata_ptr_for_store_8+0x13/0x20
[ 321.099088][ C0] skb_push+0x9e/0x250
[ 321.103210][ C0] __tcp_transmit_skb+0x950/0x5c60
[ 321.108348][ C0] __tcp_send_ack+0x701/0x840
[ 321.113070][ C0] tcp_send_ack+0x68/0x90
[ 321.117434][ C0] tcp_cleanup_rbuf+0x764/0x800
[ 321.122399][ C0] tcp_recvmsg+0x334d/0x4ff0
[ 321.127066][ C0] inet_recvmsg+0x237/0x7d0
[ 321.131590][ C0] sock_read_iter+0x5be/0x660
[ 321.136290][ C0] __vfs_read+0xa67/0xc90
[ 321.140648][ C0] vfs_read+0x359/0x6f0
[ 321.144821][ C0] ksys_read+0x265/0x430
[ 321.149116][ C0] __se_sys_read+0x92/0xb0
[ 321.153545][ C0] __x64_sys_read+0x4a/0x70
[ 321.158056][ C0] do_syscall_64+0xbc/0xf0
[ 321.162493][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 321.168392][ C0] ==================================================================
[ 321.176567][ C0] Disabling lock debugging due to kernel taint
[ 321.182930][ C0] Kernel panic - not syncing: panic_on_warn set ...
[ 321.189568][ C0] CPU: 0 PID: 12237 Comm: syz-fuzzer Tainted: G B 5.3.0-rc3+ #16
[ 321.198607][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 321.208704][ C0] Call Trace:
[ 321.212043][ C0]
[ 321.214944][ C0] dump_stack+0x191/0x1f0
[ 321.219331][ C0] panic+0x3c9/0xc1e
[ 321.223310][ C0] kmsan_report+0x2ca/0x2d0
[ 321.227863][ C0] __msan_warning+0x75/0xe0
[ 321.232407][ C0] kmem_cache_alloc_node+0x5d0/0xe70
[ 321.237738][ C0] ? __alloc_skb+0x215/0xa10
[ 321.242395][ C0] __alloc_skb+0x215/0xa10
[ 321.246877][ C0] aoecmd_cfg+0x205/0xa80
[ 321.251270][ C0] discover_timer+0x86/0xa0
[ 321.255813][ C0] call_timer_fn+0x232/0x530
[ 321.260459][ C0] ? skbfree+0x4a0/0x4a0
[ 321.264753][ C0] __run_timers+0xcdc/0x11a0
[ 321.269378][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 321.275488][ C0] ? skbfree+0x4a0/0x4a0
[ 321.279916][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 321.286042][ C0] run_timer_softirq+0x2d/0x50
[ 321.290886][ C0] ? timers_dead_cpu+0x9d0/0x9d0
[ 321.295881][ C0] __do_softirq+0x4a1/0x83a
[ 321.300493][ C0] irq_exit+0x230/0x280
[ 321.304706][ C0] exiting_irq+0xe/0x10
[ 321.308904][ C0] smp_apic_timer_interrupt+0x48/0x70
[ 321.314319][ C0] apic_timer_interrupt+0x2e/0x40
[ 321.319361][ C0]
[ 321.322369][ C0] RIP: 0010:kmsan_get_shadow_origin_ptr+0x0/0x3a0
[ 321.330343][ C0] Code: 35 c9 d7 fe 7d 65 48 8b 15 4d f5 07 7e 48 c7 c7 fe 3a 26 8f 31 c0 e8 4c 82 73 ff 0f 0b 0f 1f 00 66 2e 0f 1f 84 00 00 00 00 00 <55> 48 89 e5 41 57 41 56 41 55 41 54 53 50 49 89 f7 49 89 fe 48 81
[ 321.350082][ C0] RSP: 0018:ffff8880accfecf8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[ 321.358528][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 321.366535][ C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff8880accfef80
[ 321.374539][ C0] RBP: ffff8880accfed00 R08: ffffea000000000f R09: ffff88812fffb000
[ 321.382575][ C0] R10: 0000000000000004 R11: 00000000a4376ade R12: 0000000000000000
[ 321.390623][ C0] R13: 000000000000002c R14: 0000000000000000 R15: 0000000000000000
[ 321.398774][ C0] ? __msan_metadata_ptr_for_load_4+0x10/0x20
[ 321.404918][ C0] sha256_generic_block_fn+0x2a6/0x8870
[ 321.410691][ C0] crypto_sha256_update+0x3f6/0x480
[ 321.415978][ C0] ? sha1_base_init+0x180/0x180
[ 321.420885][ C0] crypto_shash_update+0x4eb/0x550
[ 321.426082][ C0] ? integrity_kernel_read+0x221/0x280
[ 321.431605][ C0] ima_calc_file_hash+0x170a/0x3240
[ 321.437357][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 321.443378][ C0] ? kmsan_set_origin+0x26d/0x340
[ 321.448423][ C0] ? kmsan_internal_unpoison_shadow+0x2f/0x40
[ 321.454543][ C0] ? up_read+0x40/0x2b0
[ 321.458738][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 321.464789][ C0] ? __msan_metadata_ptr_for_load_1+0x10/0x20
[ 321.470907][ C0] ? kmsan_set_origin+0x26d/0x340
[ 321.475990][ C0] ima_collect_measurement+0x4a5/0x9e0
[ 321.481526][ C0] process_measurement+0x1a7d/0x2ba0
[ 321.486900][ C0] ? refcount_dec_and_test_checked+0x14c/0x210
[ 321.493091][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 321.499092][ C0] ? apparmor_task_getsecid+0x172/0x190
[ 321.504681][ C0] ? apparmor_task_alloc+0x210/0x210
[ 321.510008][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 321.516749][ C0] ima_file_check+0x131/0x170
[ 321.521496][ C0] path_openat+0x4b09/0x6bb0
[ 321.526183][ C0] ? expand_files+0xa4/0xf00
[ 321.530807][ C0] ? kmsan_get_metadata_or_null+0x208/0x290
[ 321.536742][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 321.542856][ C0] do_filp_open+0x2b8/0x710
[ 321.547448][ C0] do_sys_open+0x642/0xa30
[ 321.551898][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 321.558034][ C0] __se_sys_openat+0xcb/0xe0
[ 321.562706][ C0] __x64_sys_openat+0x56/0x70
[ 321.567429][ C0] do_syscall_64+0xbc/0xf0
[ 321.571881][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 321.577807][ C0] RIP: 0033:0x47fd2a
[ 321.581738][ C0] Code: e8 bb 40 fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 4c 8b 54 24 28 4c 8b 44 24 30 4c 8b 4c 24 38 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 40 ff ff ff ff 48 c7 44 24 48
[ 321.601368][ C0] RSP: 002b:000000c4201657f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000101
[ 321.609815][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047fd2a
[ 321.617820][ C0] RDX: 0000000000080002 RSI: 000000c42d5a6380 RDI: ffffffffffffff9c
[ 321.625819][ C0] RBP: 000000c420165878 R08: 0000000000000000 R09: 0000000000000000
[ 321.634026][ C0] R10: 00000000000001a4 R11: 0000000000000216 R12: 0000000000000000
[ 321.645508][ C0] R13: 00000000000000f5 R14: 0000000000000075 R15: 0000000000000004
[ 321.654532][ C0] Kernel Offset: disabled
[ 321.658899][ C0] Rebooting in 86400 seconds..