[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[ 82.964971][ T32] audit: type=1800 audit(1574297326.017:25): pid=11523 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[ 82.988125][ T32] audit: type=1800 audit(1574297326.037:26): pid=11523 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[ 83.024452][ T32] audit: type=1800 audit(1574297326.067:27): pid=11523 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.0.115' (ECDSA) to the list of known hosts.
2019/11/21 00:49:00 fuzzer started
2019/11/21 00:49:05 dialing manager at 10.128.0.26:34925
2019/11/21 00:49:06 syscalls: 2397
2019/11/21 00:49:06 code coverage: enabled
2019/11/21 00:49:06 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2019/11/21 00:49:06 extra coverage: enabled
2019/11/21 00:49:06 setuid sandbox: enabled
2019/11/21 00:49:06 namespace sandbox: enabled
2019/11/21 00:49:06 Android sandbox: /sys/fs/selinux/policy does not exist
2019/11/21 00:49:06 fault injection: enabled
2019/11/21 00:49:06 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/11/21 00:49:06 net packet injection: enabled
2019/11/21 00:49:06 net device setup: enabled
2019/11/21 00:49:06 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2019/11/21 00:49:06 devlink PCI setup: PCI device 0000:00:10.0 is not available
syzkaller login: [ 281.628225][ C1] =====================================================
[ 281.635489][ C1] BUG: KMSAN: use-after-free in kmem_cache_free+0x3df/0x2b70
[ 281.642846][ C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.4.0-rc5-syzkaller #0
[ 281.651491][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 281.661541][ C1] Call Trace:
[ 281.664805][ C1]
[ 281.667658][ C1] dump_stack+0x191/0x1f0
[ 281.671973][ C1] kmsan_report+0x128/0x220
[ 281.676457][ C1] __msan_warning+0x73/0xe0
[ 281.681005][ C1] kmem_cache_free+0x3df/0x2b70
[ 281.685846][ C1] ? kmsan_internal_set_origin+0x6a/0xb0
[ 281.691470][ C1] ? kfree_skb+0x473/0x4c0
[ 281.695887][ C1] ? kmsan_internal_unpoison_shadow+0x42/0x80
[ 281.701959][ C1] kfree_skb+0x473/0x4c0
[ 281.706190][ C1] ? packet_rcv_spkt+0x68d/0x7c0
[ 281.711121][ C1] packet_rcv_spkt+0x68d/0x7c0
[ 281.715899][ C1] ? packet_rcv+0x2110/0x2110
[ 281.720578][ C1] __netif_receive_skb_core+0x3aed/0x51a0
[ 281.726297][ C1] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0
[ 281.732175][ C1] netif_receive_skb_internal+0x3cc/0xc20
[ 281.737885][ C1] napi_gro_receive+0x67f/0xbb0
[ 281.742727][ C1] receive_buf+0x653b/0x8810
[ 281.747489][ C1] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0
[ 281.753361][ C1] virtnet_poll+0x666/0x1a10
[ 281.757941][ C1] ? refill_work+0x470/0x470
[ 281.762510][ C1] net_rx_action+0x7a6/0x1aa0
[ 281.767188][ C1] ? net_tx_action+0xc40/0xc40
[ 281.771932][ C1] __do_softirq+0x4a1/0x83a
[ 281.776509][ C1] irq_exit+0x230/0x280
[ 281.780653][ C1] do_IRQ+0x123/0x360
[ 281.784702][ C1] ? kmsan_unpoison_pt_regs+0x28/0x30
[ 281.790053][ C1] common_interrupt+0x2e/0x2e
[ 281.794702][ C1]
[ 281.797626][ C1] RIP: 0010:default_idle+0x53/0x90
[ 281.803326][ C1] Code: 03 e9 ed f2 44 8b 35 54 58 d1 01 48 c7 c7 88 f5 23 90 e8 90 6a b4 f3 83 38 00 75 31 45 85 f6 7e 07 0f 00 2d f7 c1 4e 00 fb f4 <65> 8b 35 de 15 b0 71 c7 03 00 00 00 00 c7 43 08 00 00 00 00 bf ff
[ 281.823431][ C1] RSP: 0018:ffff8881280dfe10 EFLAGS: 00000246 ORIG_RAX: ffffffffffffffda
[ 281.831838][ C1] RAX: ffff888217c38588 RBX: ffff8881280b09a8 RCX: ccccccccccccd000
[ 281.839786][ C1] RDX: ffff888207e31588 RSI: ffffea000a76d180 RDI: 000000001023f588
[ 281.847755][ C1] RBP: ffff8881280dfe20 R08: ffff88812fd30fc0 R09: ffff8881280b8002
[ 281.856777][ C1] R10: 00000041acaea180 R11: ffffffff8e529d00 R12: 0000000000000001
[ 281.864814][ C1] R13: 0000000000000000 R14: 0000000000000000 R15: ffff8881280b09a8
[ 281.872948][ C1] ? __cpuidle_text_start+0x8/0x8
[ 281.877956][ C1] ? __cpuidle_text_start+0x8/0x8
[ 281.882976][ C1] arch_cpu_idle+0x25/0x30
[ 281.887461][ C1] do_idle+0x1d5/0x780
[ 281.891614][ C1] cpu_startup_entry+0x45/0x50
[ 281.896357][ C1] ? setup_APIC_timer+0x210/0x210
[ 281.901451][ C1] start_secondary+0x389/0x480
[ 281.906202][ C1] secondary_startup_64+0xa4/0xb0
[ 281.911207][ C1]
[ 281.914123][ C1] Uninit was stored to memory at:
[ 281.919129][ C1] kmsan_internal_chain_origin+0xbd/0x180
[ 281.924873][ C1] __msan_chain_origin+0x6b/0xd0
[ 281.929814][ C1] ___slab_alloc+0x1dbc/0x1fb0
[ 281.935686][ C1] kmem_cache_alloc+0xadf/0xd20
[ 281.940521][ C1] skb_clone+0x326/0x5d0
[ 281.944748][ C1] packet_rcv_spkt+0x23f/0x7c0
[ 281.949496][ C1] __netif_receive_skb_core+0x3aed/0x51a0
[ 281.955193][ C1] netif_receive_skb_internal+0x3cc/0xc20
[ 281.960894][ C1] napi_gro_receive+0x67f/0xbb0
[ 281.965739][ C1] receive_buf+0x653b/0x8810
[ 281.970308][ C1] virtnet_poll+0x666/0x1a10
[ 281.975048][ C1] net_rx_action+0x7a6/0x1aa0
[ 281.979702][ C1] __do_softirq+0x4a1/0x83a
[ 281.984198][ C1] irq_exit+0x230/0x280
[ 281.988340][ C1] do_IRQ+0x123/0x360
[ 281.992312][ C1] ret_from_intr+0x0/0x33
[ 281.996642][ C1] default_idle+0x53/0x90
[ 282.000960][ C1] arch_cpu_idle+0x25/0x30
[ 282.005446][ C1] do_idle+0x1d5/0x780
[ 282.009507][ C1] cpu_startup_entry+0x45/0x50
[ 282.014263][ C1] start_secondary+0x389/0x480
[ 282.019025][ C1] secondary_startup_64+0xa4/0xb0
[ 282.024027][ C1]
[ 282.026336][ C1] Uninit was created at:
[ 282.030560][ C1] kmsan_internal_poison_shadow+0x60/0x120
[ 282.036344][ C1] kmsan_slab_free+0x8d/0xf0
[ 282.040924][ C1] kmem_cache_free_bulk+0x3ad9/0x3f10
[ 282.046272][ C1] __kfree_skb_flush+0xb0/0x100
[ 282.051110][ C1] net_rx_action+0x1a5e/0x1aa0
[ 282.055854][ C1] __do_softirq+0x4a1/0x83a
[ 282.060346][ C1] irq_exit+0x230/0x280
[ 282.064479][ C1] do_IRQ+0x123/0x360
[ 282.068437][ C1] ret_from_intr+0x0/0x33
[ 282.072754][ C1] default_idle+0x53/0x90
[ 282.077079][ C1] arch_cpu_idle+0x25/0x30
[ 282.081471][ C1] do_idle+0x1d5/0x780
[ 282.085520][ C1] cpu_startup_entry+0x45/0x50
[ 282.090263][ C1] rest_init+0x1be/0x1f0
[ 282.094483][ C1] arch_call_rest_init+0x13/0x15
[ 282.099398][ C1] start_kernel+0x987/0xb57
[ 282.103979][ C1] x86_64_start_reservations+0x18/0x2e
[ 282.109607][ C1] x86_64_start_kernel+0x81/0x84
[ 282.114523][ C1] secondary_startup_64+0xa4/0xb0
[ 282.119764][ C1] =====================================================
[ 282.126695][ C1] Disabling lock debugging due to kernel taint
[ 282.132829][ C1] Kernel panic - not syncing: panic_on_warn set ...
[ 282.139411][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G B 5.4.0-rc5-syzkaller #0
[ 282.148664][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 282.158696][ C1] Call Trace:
[ 282.161958][ C1]
[ 282.164796][ C1] dump_stack+0x191/0x1f0
[ 282.169124][ C1] panic+0x3c9/0xc1e
[ 282.173039][ C1] kmsan_report+0x215/0x220
[ 282.177629][ C1] __msan_warning+0x73/0xe0
[ 282.182140][ C1] kmem_cache_free+0x3df/0x2b70
[ 282.186985][ C1] ? kmsan_internal_set_origin+0x6a/0xb0
[ 282.192596][ C1] ? kfree_skb+0x473/0x4c0
[ 282.196994][ C1] ? kmsan_internal_unpoison_shadow+0x42/0x80
[ 282.203075][ C1] kfree_skb+0x473/0x4c0
[ 282.207301][ C1] ? packet_rcv_spkt+0x68d/0x7c0
[ 282.212220][ C1] packet_rcv_spkt+0x68d/0x7c0
[ 282.216968][ C1] ? packet_rcv+0x2110/0x2110
[ 282.221627][ C1] __netif_receive_skb_core+0x3aed/0x51a0
[ 282.227348][ C1] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0
[ 282.233400][ C1] netif_receive_skb_internal+0x3cc/0xc20
[ 282.239316][ C1] napi_gro_receive+0x67f/0xbb0
[ 282.244282][ C1] receive_buf+0x653b/0x8810
[ 282.249166][ C1] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0
[ 282.255082][ C1] virtnet_poll+0x666/0x1a10
[ 282.259680][ C1] ? refill_work+0x470/0x470
[ 282.264274][ C1] net_rx_action+0x7a6/0x1aa0
[ 282.268963][ C1] ? net_tx_action+0xc40/0xc40
[ 282.274032][ C1] __do_softirq+0x4a1/0x83a
[ 282.278531][ C1] irq_exit+0x230/0x280
[ 282.282979][ C1] do_IRQ+0x123/0x360
[ 282.287078][ C1] ? kmsan_unpoison_pt_regs+0x28/0x30
[ 282.292442][ C1] common_interrupt+0x2e/0x2e
[ 282.297110][ C1]
[ 282.300051][ C1] RIP: 0010:default_idle+0x53/0x90
[ 282.305143][ C1] Code: 03 e9 ed f2 44 8b 35 54 58 d1 01 48 c7 c7 88 f5 23 90 e8 90 6a b4 f3 83 38 00 75 31 45 85 f6 7e 07 0f 00 2d f7 c1 4e 00 fb f4 <65> 8b 35 de 15 b0 71 c7 03 00 00 00 00 c7 43 08 00 00 00 00 bf ff
[ 282.324821][ C1] RSP: 0018:ffff8881280dfe10 EFLAGS: 00000246 ORIG_RAX: ffffffffffffffda
[ 282.333212][ C1] RAX: ffff888217c38588 RBX: ffff8881280b09a8 RCX: ccccccccccccd000
[ 282.341341][ C1] RDX: ffff888207e31588 RSI: ffffea000a76d180 RDI: 000000001023f588
[ 282.349338][ C1] RBP: ffff8881280dfe20 R08: ffff88812fd30fc0 R09: ffff8881280b8002
[ 282.357291][ C1] R10: 00000041acaea180 R11: ffffffff8e529d00 R12: 0000000000000001
[ 282.365243][ C1] R13: 0000000000000000 R14: 0000000000000000 R15: ffff8881280b09a8
[ 282.373221][ C1] ? __cpuidle_text_start+0x8/0x8
[ 282.378240][ C1] ? __cpuidle_text_start+0x8/0x8
[ 282.383256][ C1] arch_cpu_idle+0x25/0x30
[ 282.387677][ C1] do_idle+0x1d5/0x780
[ 282.391737][ C1] cpu_startup_entry+0x45/0x50
[ 282.396486][ C1] ? setup_APIC_timer+0x210/0x210
[ 282.401510][ C1] start_secondary+0x389/0x480
[ 282.406266][ C1] secondary_startup_64+0xa4/0xb0
[ 282.412785][ C1] Kernel Offset: disabled
[ 282.417112][ C1] Rebooting in 86400 seconds..