[....] Starting enhanced syslogd: rsyslogd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[ 115.921327][ T30] audit: type=1800 audit(1565759669.968:25): pid=12501 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[ 115.946376][ T30] audit: type=1800 audit(1565759669.998:26): pid=12501 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[ 115.982204][ T30] audit: type=1800 audit(1565759670.028:27): pid=12501 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.0.112' (ECDSA) to the list of known hosts.
2019/08/14 05:14:45 fuzzer started
2019/08/14 05:14:52 dialing manager at 10.128.0.26:42669
2019/08/14 05:14:52 syscalls: 2374
2019/08/14 05:14:52 code coverage: enabled
2019/08/14 05:14:52 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2019/08/14 05:14:52 extra coverage: enabled
2019/08/14 05:14:52 setuid sandbox: enabled
2019/08/14 05:14:52 namespace sandbox: enabled
2019/08/14 05:14:52 Android sandbox: /sys/fs/selinux/policy does not exist
2019/08/14 05:14:52 fault injection: enabled
2019/08/14 05:14:52 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/08/14 05:14:52 net packet injection: enabled
2019/08/14 05:14:52 net device setup: enabled
syzkaller login: [ 320.424084][ C0] ==================================================================
[ 320.432274][ C0] BUG: KMSAN: uninit-value in kmem_cache_alloc_node+0x5d0/0xe70
[ 320.439927][ C0] CPU: 0 PID: 12655 Comm: syz-fuzzer Not tainted 5.3.0-rc3+ #17
[ 320.447563][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 320.457620][ C0] Call Trace:
[ 320.460909][ C0]
[ 320.463808][ C0] dump_stack+0x191/0x1f0
[ 320.468175][ C0] kmsan_report+0x162/0x2d0
[ 320.472706][ C0] __msan_warning+0x75/0xe0
[ 320.477234][ C0] kmem_cache_alloc_node+0x5d0/0xe70
[ 320.482561][ C0] ? __alloc_skb+0x215/0xa10
[ 320.487200][ C0] __alloc_skb+0x215/0xa10
[ 320.491675][ C0] aoecmd_cfg+0x205/0xa80
[ 320.496064][ C0] discover_timer+0x86/0xa0
[ 320.500599][ C0] call_timer_fn+0x232/0x530
[ 320.505209][ C0] ? skbfree+0x4a0/0x4a0
[ 320.509463][ C0] __run_timers+0xcdc/0x11a0
[ 320.514041][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 320.520091][ C0] ? skbfree+0x4a0/0x4a0
[ 320.524332][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 320.530291][ C0] run_timer_softirq+0x2d/0x50
[ 320.535032][ C0] ? timers_dead_cpu+0x9d0/0x9d0
[ 320.539960][ C0] __do_softirq+0x4a1/0x83a
[ 320.544462][ C0] do_softirq_own_stack+0x49/0x80
[ 320.549460][ C0]
[ 320.552388][ C0] __local_bh_enable_ip+0x184/0x1d0
[ 320.557799][ C0] local_bh_enable+0x36/0x40
[ 320.562375][ C0] ip_finish_output2+0x20dc/0x25d0
[ 320.567469][ C0] ? __msan_metadata_ptr_for_load_2+0x10/0x20
[ 320.573517][ C0] ? nf_ct_deliver_cached_events+0x4d5/0x6e0
[ 320.579503][ C0] __ip_finish_output+0xaf8/0xda0
[ 320.584524][ C0] ip_finish_output+0x2db/0x420
[ 320.589366][ C0] ip_output+0x541/0x610
[ 320.593605][ C0] ? ip_mc_finish_output+0x6d0/0x6d0
[ 320.598871][ C0] ? ip_finish_output+0x420/0x420
[ 320.603872][ C0] __ip_queue_xmit+0x1caf/0x21f0
[ 320.608792][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 320.614757][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 320.620819][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 320.626890][ C0] ip_queue_xmit+0xcc/0xf0
[ 320.631293][ C0] ? tcp_v4_inbound_md5_hash+0xd10/0xd10
[ 320.636905][ C0] __tcp_transmit_skb+0x409e/0x5c60
[ 320.642151][ C0] __tcp_send_ack+0x701/0x840
[ 320.646825][ C0] tcp_send_ack+0x68/0x90
[ 320.651146][ C0] tcp_cleanup_rbuf+0x764/0x800
[ 320.655987][ C0] tcp_recvmsg+0x334d/0x4ff0
[ 320.660611][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 320.666575][ C0] ? tcp_mmap+0x150/0x150
[ 320.670880][ C0] ? tcp_mmap+0x150/0x150
[ 320.675201][ C0] inet_recvmsg+0x237/0x7d0
[ 320.679692][ C0] ? inet_sendpage+0x2c0/0x2c0
[ 320.684440][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 320.690415][ C0] ? inet_sendpage+0x2c0/0x2c0
[ 320.695182][ C0] ? inet_sendpage+0x2c0/0x2c0
[ 320.699927][ C0] sock_read_iter+0x5be/0x660
[ 320.704619][ C0] ? kernel_sock_ip_overhead+0x340/0x340
[ 320.710243][ C0] __vfs_read+0xa67/0xc90
[ 320.714581][ C0] vfs_read+0x359/0x6f0
[ 320.718732][ C0] ksys_read+0x265/0x430
[ 320.722983][ C0] __se_sys_read+0x92/0xb0
[ 320.727391][ C0] __x64_sys_read+0x4a/0x70
[ 320.731886][ C0] do_syscall_64+0xbc/0xf0
[ 320.736289][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 320.742158][ C0] RIP: 0033:0x47fcb4
[ 320.746036][ C0] Code: ff ff cc cc cc cc e8 2b 41 fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 45 31 d2 45 31 c0 45 31 c9 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30
[ 320.765638][ C0] RSP: 002b:000000c4203b7760 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 320.774029][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047fcb4
[ 320.781981][ C0] RDX: 0000000000001000 RSI: 000000c4203dc000 RDI: 0000000000000003
[ 320.789933][ C0] RBP: 000000c4203b77b0 R08: 0000000000000000 R09: 0000000000000000
[ 320.797881][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000010
[ 320.805844][ C0] R13: 0000000000000010 R14: 0000000000000002 R15: ffffffffffffffff
[ 320.813809][ C0]
[ 320.816113][ C0] Uninit was stored to memory at:
[ 320.821149][ C0] kmsan_internal_chain_origin+0xcc/0x150
[ 320.826850][ C0] __msan_chain_origin+0x6b/0xe0
[ 320.831766][ C0] ___slab_alloc+0x1dbc/0x1fb0
[ 320.836507][ C0] kmem_cache_alloc_node+0x769/0xe70
[ 320.841773][ C0] __alloc_skb+0x215/0xa10
[ 320.846166][ C0] aoecmd_cfg+0x205/0xa80
[ 320.850473][ C0] discover_timer+0x86/0xa0
[ 320.854953][ C0] call_timer_fn+0x232/0x530
[ 320.859519][ C0] __run_timers+0xcdc/0x11a0
[ 320.864087][ C0] run_timer_softirq+0x2d/0x50
[ 320.868829][ C0] __do_softirq+0x4a1/0x83a
[ 320.873309][ C0] do_softirq_own_stack+0x49/0x80
[ 320.878310][ C0] __local_bh_enable_ip+0x184/0x1d0
[ 320.883488][ C0] local_bh_enable+0x36/0x40
[ 320.888053][ C0] ip_finish_output2+0x20dc/0x25d0
[ 320.893143][ C0] __ip_finish_output+0xaf8/0xda0
[ 320.898164][ C0] ip_finish_output+0x2db/0x420
[ 320.902992][ C0] ip_output+0x541/0x610
[ 320.907212][ C0] __ip_queue_xmit+0x1caf/0x21f0
[ 320.912128][ C0] ip_queue_xmit+0xcc/0xf0
[ 320.916525][ C0] __tcp_transmit_skb+0x409e/0x5c60
[ 320.921701][ C0] __tcp_send_ack+0x701/0x840
[ 320.926364][ C0] tcp_send_ack+0x68/0x90
[ 320.930669][ C0] tcp_cleanup_rbuf+0x764/0x800
[ 320.935494][ C0] tcp_recvmsg+0x334d/0x4ff0
[ 320.940062][ C0] inet_recvmsg+0x237/0x7d0
[ 320.944543][ C0] sock_read_iter+0x5be/0x660
[ 320.949199][ C0] __vfs_read+0xa67/0xc90
[ 320.953506][ C0] vfs_read+0x359/0x6f0
[ 320.957661][ C0] ksys_read+0x265/0x430
[ 320.961888][ C0] __se_sys_read+0x92/0xb0
[ 320.966284][ C0] __x64_sys_read+0x4a/0x70
[ 320.970765][ C0] do_syscall_64+0xbc/0xf0
[ 320.975157][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 320.981021][ C0]
[ 320.983325][ C0] Uninit was created at:
[ 320.987550][ C0] kmsan_internal_poison_shadow+0x53/0xa0
[ 320.993262][ C0] kmsan_slab_free+0x8d/0x100
[ 320.997920][ C0] kmem_cache_free_bulk+0x3ad9/0x3f50
[ 321.003272][ C0] __kfree_skb_flush+0xb0/0x100
[ 321.008105][ C0] net_rx_action+0x1908/0x1950
[ 321.012850][ C0] __do_softirq+0x4a1/0x83a
[ 321.017327][ C0] irq_exit+0x230/0x280
[ 321.021460][ C0] do_IRQ+0x20d/0x3a0
[ 321.025418][ C0] ret_from_intr+0x0/0x33
[ 321.029722][ C0] metadata_is_contiguous+0xd/0x9f0
[ 321.034895][ C0] kmsan_get_shadow_origin_ptr+0x6e/0x3a0
[ 321.040602][ C0] __msan_metadata_ptr_for_load_4+0x10/0x20
[ 321.046474][ C0] unwind_next_frame+0x4d/0xf70
[ 321.051312][ C0] arch_stack_walk+0x33a/0x3e0
[ 321.056052][ C0] stack_trace_save+0x11c/0x1b0
[ 321.060880][ C0] kmsan_internal_chain_origin+0xcc/0x150
[ 321.066574][ C0] kmsan_memcpy_memmove_metadata+0x819/0xa80
[ 321.072531][ C0] kmsan_memcpy_metadata+0xb/0x10
[ 321.077534][ C0] __msan_memcpy+0x56/0x70
[ 321.081931][ C0] sock_read_iter+0x47c/0x660
[ 321.086603][ C0] __vfs_read+0xa67/0xc90
[ 321.090909][ C0] vfs_read+0x359/0x6f0
[ 321.095043][ C0] ksys_read+0x265/0x430
[ 321.099261][ C0] __se_sys_read+0x92/0xb0
[ 321.103657][ C0] __x64_sys_read+0x4a/0x70
[ 321.108142][ C0] do_syscall_64+0xbc/0xf0
[ 321.112537][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 321.118399][ C0] ==================================================================
[ 321.126431][ C0] Disabling lock debugging due to kernel taint
[ 321.132556][ C0] Kernel panic - not syncing: panic_on_warn set ...
[ 321.139126][ C0] CPU: 0 PID: 12655 Comm: syz-fuzzer Tainted: G B 5.3.0-rc3+ #17
[ 321.148119][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 321.158173][ C0] Call Trace:
[ 321.161438][ C0]
[ 321.164276][ C0] dump_stack+0x191/0x1f0
[ 321.168610][ C0] panic+0x3c9/0xc1e
[ 321.172520][ C0] kmsan_report+0x2ca/0x2d0
[ 321.177029][ C0] __msan_warning+0x75/0xe0
[ 321.181524][ C0] kmem_cache_alloc_node+0x5d0/0xe70
[ 321.186795][ C0] ? __alloc_skb+0x215/0xa10
[ 321.191387][ C0] __alloc_skb+0x215/0xa10
[ 321.195816][ C0] aoecmd_cfg+0x205/0xa80
[ 321.200149][ C0] discover_timer+0x86/0xa0
[ 321.204643][ C0] call_timer_fn+0x232/0x530
[ 321.209222][ C0] ? skbfree+0x4a0/0x4a0
[ 321.213460][ C0] __run_timers+0xcdc/0x11a0
[ 321.218048][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 321.224100][ C0] ? skbfree+0x4a0/0x4a0
[ 321.228343][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 321.234322][ C0] run_timer_softirq+0x2d/0x50
[ 321.239068][ C0] ? timers_dead_cpu+0x9d0/0x9d0
[ 321.243987][ C0] __do_softirq+0x4a1/0x83a
[ 321.248485][ C0] do_softirq_own_stack+0x49/0x80
[ 321.253483][ C0]
[ 321.256423][ C0] __local_bh_enable_ip+0x184/0x1d0
[ 321.261614][ C0] local_bh_enable+0x36/0x40
[ 321.266198][ C0] ip_finish_output2+0x20dc/0x25d0
[ 321.277730][ C0] ? __msan_metadata_ptr_for_load_2+0x10/0x20
[ 321.283792][ C0] ? nf_ct_deliver_cached_events+0x4d5/0x6e0
[ 321.289778][ C0] __ip_finish_output+0xaf8/0xda0
[ 321.294803][ C0] ip_finish_output+0x2db/0x420
[ 321.299663][ C0] ip_output+0x541/0x610
[ 321.303903][ C0] ? ip_mc_finish_output+0x6d0/0x6d0
[ 321.309175][ C0] ? ip_finish_output+0x420/0x420
[ 321.314196][ C0] __ip_queue_xmit+0x1caf/0x21f0
[ 321.319146][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 321.325116][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 321.331174][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 321.337257][ C0] ip_queue_xmit+0xcc/0xf0
[ 321.341664][ C0] ? tcp_v4_inbound_md5_hash+0xd10/0xd10
[ 321.347309][ C0] __tcp_transmit_skb+0x409e/0x5c60
[ 321.352538][ C0] __tcp_send_ack+0x701/0x840
[ 321.357210][ C0] tcp_send_ack+0x68/0x90
[ 321.361525][ C0] tcp_cleanup_rbuf+0x764/0x800
[ 321.366369][ C0] tcp_recvmsg+0x334d/0x4ff0
[ 321.370994][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 321.376961][ C0] ? tcp_mmap+0x150/0x150
[ 321.381269][ C0] ? tcp_mmap+0x150/0x150
[ 321.385578][ C0] inet_recvmsg+0x237/0x7d0
[ 321.390069][ C0] ? inet_sendpage+0x2c0/0x2c0
[ 321.394823][ C0] ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[ 321.400790][ C0] ? inet_sendpage+0x2c0/0x2c0
[ 321.405531][ C0] ? inet_sendpage+0x2c0/0x2c0
[ 321.410280][ C0] sock_read_iter+0x5be/0x660
[ 321.414958][ C0] ? kernel_sock_ip_overhead+0x340/0x340
[ 321.420572][ C0] __vfs_read+0xa67/0xc90
[ 321.424914][ C0] vfs_read+0x359/0x6f0
[ 321.429068][ C0] ksys_read+0x265/0x430
[ 321.433309][ C0] __se_sys_read+0x92/0xb0
[ 321.437719][ C0] __x64_sys_read+0x4a/0x70
[ 321.442209][ C0] do_syscall_64+0xbc/0xf0
[ 321.446616][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 321.453168][ C0] RIP: 0033:0x47fcb4
[ 321.457045][ C0] Code: ff ff cc cc cc cc e8 2b 41 fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 45 31 d2 45 31 c0 45 31 c9 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30
[ 321.476630][ C0] RSP: 002b:000000c4203b7760 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 321.485025][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047fcb4
[ 321.492984][ C0] RDX: 0000000000001000 RSI: 000000c4203dc000 RDI: 0000000000000003
[ 321.500951][ C0] RBP: 000000c4203b77b0 R08: 0000000000000000 R09: 0000000000000000
[ 321.508921][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000010
[ 321.516871][ C0] R13: 0000000000000010 R14: 0000000000000002 R15: ffffffffffffffff
[ 321.525941][ C0] Kernel Offset: disabled
[ 321.530277][ C0] Rebooting in 86400 seconds..