[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[  114.388819][   T30] audit: type=1800 audit(1565931654.431:25): pid=12568 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[  114.422312][   T30] audit: type=1800 audit(1565931654.461:26): pid=12568 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[  114.442601][   T30] audit: type=1800 audit(1565931654.471:27): pid=12568 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.108' (ECDSA) to the list of known hosts.
2019/08/16 05:01:08 fuzzer started
2019/08/16 05:01:14 dialing manager at 10.128.0.26:38533
2019/08/16 05:01:14 syscalls: 2376
2019/08/16 05:01:14 code coverage: enabled
2019/08/16 05:01:14 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2019/08/16 05:01:14 extra coverage: enabled
2019/08/16 05:01:14 setuid sandbox: enabled
2019/08/16 05:01:14 namespace sandbox: enabled
2019/08/16 05:01:14 Android sandbox: /sys/fs/selinux/policy does not exist
2019/08/16 05:01:14 fault injection: enabled
2019/08/16 05:01:14 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/08/16 05:01:14 net packet injection: enabled
2019/08/16 05:01:14 net device setup: enabled
syzkaller login: [  269.000820][T12722] ==================================================================
[  269.009076][T12722] BUG: KMSAN: uninit-value in kmem_cache_free+0x3df/0x2b70
[  269.016383][T12722] CPU: 0 PID: 12722 Comm: syz-fuzzer Not tainted 5.3.0-rc3+ #17
[  269.024130][T12722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  269.034358][T12722] Call Trace:
[  269.037669][T12722]  dump_stack+0x191/0x1f0
[  269.042183][T12722]  kmsan_report+0x162/0x2d0
[  269.046696][T12722]  __msan_warning+0x75/0xe0
[  269.051194][T12722]  kmem_cache_free+0x3df/0x2b70
[  269.056045][T12722]  ? kfree_skb+0x473/0x4c0
[  269.060460][T12722]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  269.066598][T12722]  kfree_skb+0x473/0x4c0
[  269.070842][T12722]  ? packet_rcv_spkt+0x719/0x840
[  269.075771][T12722]  packet_rcv_spkt+0x719/0x840
[  269.080535][T12722]  ? packet_rcv+0x2190/0x2190
[  269.085250][T12722]  dev_queue_xmit_nit+0x1125/0x1200
[  269.090465][T12722]  dev_hard_start_xmit+0x21e/0xab0
[  269.095617][T12722]  ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[  269.101634][T12722]  sch_direct_xmit+0x56c/0x18c0
[  269.106845][T12722]  ? kmsan_set_origin+0x26d/0x340
[  269.111888][T12722]  __dev_queue_xmit+0x1e53/0x4270
[  269.116953][T12722]  dev_queue_xmit+0x4b/0x60
[  269.121485][T12722]  ip_finish_output2+0x20c6/0x25d0
[  269.126598][T12722]  ? __msan_metadata_ptr_for_load_2+0x10/0x20
[  269.132658][T12722]  ? nf_ct_deliver_cached_events+0x4d5/0x6e0
[  269.138679][T12722]  __ip_finish_output+0xaf8/0xda0
[  269.143719][T12722]  ip_finish_output+0x2db/0x420
[  269.148587][T12722]  ip_output+0x541/0x610
[  269.152836][T12722]  ? ip_mc_finish_output+0x6d0/0x6d0
[  269.158228][T12722]  ? ip_finish_output+0x420/0x420
[  269.163240][T12722]  __ip_queue_xmit+0x1caf/0x21f0
[  269.168167][T12722]  ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[  269.174137][T12722]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  269.180193][T12722]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  269.186288][T12722]  ip_queue_xmit+0xcc/0xf0
[  269.190704][T12722]  ? tcp_v4_inbound_md5_hash+0xd10/0xd10
[  269.196339][T12722]  __tcp_transmit_skb+0x409e/0x5c60
[  269.201586][T12722]  __tcp_send_ack+0x701/0x840
[  269.206268][T12722]  tcp_send_ack+0x68/0x90
[  269.210586][T12722]  tcp_cleanup_rbuf+0x764/0x800
[  269.215455][T12722]  tcp_recvmsg+0x334d/0x4ff0
[  269.220088][T12722]  ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[  269.226057][T12722]  ? tcp_mmap+0x150/0x150
[  269.230404][T12722]  ? tcp_mmap+0x150/0x150
[  269.234720][T12722]  inet_recvmsg+0x237/0x7d0
[  269.239215][T12722]  ? inet_sendpage+0x2c0/0x2c0
[  269.243983][T12722]  ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[  269.249959][T12722]  ? inet_sendpage+0x2c0/0x2c0
[  269.254715][T12722]  ? inet_sendpage+0x2c0/0x2c0
[  269.259482][T12722]  sock_read_iter+0x5be/0x660
[  269.264184][T12722]  ? kernel_sock_ip_overhead+0x340/0x340
[  269.269805][T12722]  __vfs_read+0xa67/0xc90
[  269.274156][T12722]  vfs_read+0x359/0x6f0
[  269.278319][T12722]  ksys_read+0x265/0x430
[  269.282592][T12722]  __se_sys_read+0x92/0xb0
[  269.287010][T12722]  __x64_sys_read+0x4a/0x70
[  269.291594][T12722]  do_syscall_64+0xbc/0xf0
[  269.296006][T12722]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  269.301904][T12722] RIP: 0033:0x47fcb4
[  269.305790][T12722] Code: ff ff cc cc cc cc e8 2b 41 fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 45 31 d2 45 31 c0 45 31 c9 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30
[  269.325507][T12722] RSP: 002b:000000c420393760 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  269.334088][T12722] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047fcb4
[  269.342076][T12722] RDX: 0000000000001000 RSI: 000000c420370000 RDI: 0000000000000003
[  269.350062][T12722] RBP: 000000c4203937b0 R08: 0000000000000000 R09: 0000000000000000
[  269.358040][T12722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000010
[  269.365999][T12722] R13: 0000000000000010 R14: 0000000000000004 R15: ffffffffffffffff
[  269.373972][T12722] 
[  269.376284][T12722] Uninit was stored to memory at:
[  269.381297][T12722]  kmsan_internal_chain_origin+0xcc/0x150
[  269.387005][T12722]  __msan_chain_origin+0x6b/0xe0
[  269.391924][T12722]  ___slab_alloc+0x1dbc/0x1fb0
[  269.396671][T12722]  kmem_cache_alloc+0xade/0xd10
[  269.401598][T12722]  skb_clone+0x326/0x5d0
[  269.405824][T12722]  dev_queue_xmit_nit+0x539/0x1200
[  269.410944][T12722]  dev_hard_start_xmit+0x21e/0xab0
[  269.416066][T12722]  sch_direct_xmit+0x56c/0x18c0
[  269.422177][T12722]  __dev_queue_xmit+0x1e53/0x4270
[  269.427299][T12722]  dev_queue_xmit+0x4b/0x60
[  269.431790][T12722]  ip_finish_output2+0x20c6/0x25d0
[  269.436881][T12722]  __ip_finish_output+0xaf8/0xda0
[  269.441888][T12722]  ip_finish_output+0x2db/0x420
[  269.447937][T12722]  ip_output+0x541/0x610
[  269.452249][T12722]  __ip_queue_xmit+0x1caf/0x21f0
[  269.457380][T12722]  ip_queue_xmit+0xcc/0xf0
[  269.472367][T12722]  __tcp_transmit_skb+0x409e/0x5c60
[  269.477582][T12722]  __tcp_send_ack+0x701/0x840
[  269.482272][T12722]  tcp_send_ack+0x68/0x90
[  269.486616][T12722]  tcp_cleanup_rbuf+0x764/0x800
[  269.491665][T12722]  tcp_recvmsg+0x334d/0x4ff0
[  269.496255][T12722]  inet_recvmsg+0x237/0x7d0
[  269.500770][T12722]  sock_read_iter+0x5be/0x660
[  269.505436][T12722]  __vfs_read+0xa67/0xc90
[  269.509748][T12722]  vfs_read+0x359/0x6f0
[  269.513889][T12722]  ksys_read+0x265/0x430
[  269.518202][T12722]  __se_sys_read+0x92/0xb0
[  269.522601][T12722]  __x64_sys_read+0x4a/0x70
[  269.527110][T12722]  do_syscall_64+0xbc/0xf0
[  269.531533][T12722]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  269.537406][T12722] 
[  269.539725][T12722] Uninit was created at:
[  269.543972][T12722]  kmsan_internal_poison_shadow+0x53/0xa0
[  269.549677][T12722]  kmsan_slab_free+0x8d/0x100
[  269.554338][T12722]  kmem_cache_free_bulk+0x3ad9/0x3f50
[  269.559702][T12722]  __kfree_skb_flush+0xb0/0x100
[  269.564538][T12722]  net_rx_action+0x1908/0x1950
[  269.569395][T12722]  __do_softirq+0x4a1/0x83a
[  269.573890][T12722]  irq_exit+0x230/0x280
[  269.578032][T12722]  do_IRQ+0x20d/0x3a0
[  269.581997][T12722]  ret_from_intr+0x0/0x33
[  269.586311][T12722]  default_idle+0x53/0x90
[  269.590624][T12722]  arch_cpu_idle+0x25/0x30
[  269.595110][T12722]  do_idle+0x1d7/0x790
[  269.599161][T12722]  cpu_startup_entry+0x45/0x50
[  269.603908][T12722]  rest_init+0x1be/0x1f0
[  269.608153][T12722]  arch_call_rest_init+0x13/0x15
[  269.613185][T12722]  start_kernel+0x991/0xb61
[  269.617852][T12722]  x86_64_start_reservations+0x18/0x2e
[  269.623303][T12722]  x86_64_start_kernel+0x81/0x84
[  269.628340][T12722]  secondary_startup_64+0xa4/0xb0
[  269.633353][T12722] ==================================================================
[  269.641424][T12722] Disabling lock debugging due to kernel taint
[  269.647637][T12722] Kernel panic - not syncing: panic_on_warn set ...
[  269.654221][T12722] CPU: 0 PID: 12722 Comm: syz-fuzzer Tainted: G    B             5.3.0-rc3+ #17
[  269.663219][T12722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  269.673281][T12722] Call Trace:
[  269.676599][T12722]  dump_stack+0x191/0x1f0
[  269.681023][T12722]  panic+0x3c9/0xc1e
[  269.684973][T12722]  kmsan_report+0x2ca/0x2d0
[  269.689477][T12722]  __msan_warning+0x75/0xe0
[  269.694073][T12722]  kmem_cache_free+0x3df/0x2b70
[  269.698929][T12722]  ? kfree_skb+0x473/0x4c0
[  269.703355][T12722]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  269.709444][T12722]  kfree_skb+0x473/0x4c0
[  269.713768][T12722]  ? packet_rcv_spkt+0x719/0x840
[  269.718707][T12722]  packet_rcv_spkt+0x719/0x840
[  269.723473][T12722]  ? packet_rcv+0x2190/0x2190
[  269.728142][T12722]  dev_queue_xmit_nit+0x1125/0x1200
[  269.733367][T12722]  dev_hard_start_xmit+0x21e/0xab0
[  269.738480][T12722]  ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[  269.744453][T12722]  sch_direct_xmit+0x56c/0x18c0
[  269.749292][T12722]  ? kmsan_set_origin+0x26d/0x340
[  269.754329][T12722]  __dev_queue_xmit+0x1e53/0x4270
[  269.759411][T12722]  dev_queue_xmit+0x4b/0x60
[  269.763914][T12722]  ip_finish_output2+0x20c6/0x25d0
[  269.769031][T12722]  ? __msan_metadata_ptr_for_load_2+0x10/0x20
[  269.775107][T12722]  ? nf_ct_deliver_cached_events+0x4d5/0x6e0
[  269.781114][T12722]  __ip_finish_output+0xaf8/0xda0
[  269.786153][T12722]  ip_finish_output+0x2db/0x420
[  269.791014][T12722]  ip_output+0x541/0x610
[  269.795261][T12722]  ? ip_mc_finish_output+0x6d0/0x6d0
[  269.800646][T12722]  ? ip_finish_output+0x420/0x420
[  269.805675][T12722]  __ip_queue_xmit+0x1caf/0x21f0
[  269.810630][T12722]  ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[  269.816610][T12722]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  269.822695][T12722]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  269.828779][T12722]  ip_queue_xmit+0xcc/0xf0
[  269.833194][T12722]  ? tcp_v4_inbound_md5_hash+0xd10/0xd10
[  269.838817][T12722]  __tcp_transmit_skb+0x409e/0x5c60
[  269.844050][T12722]  __tcp_send_ack+0x701/0x840
[  269.848728][T12722]  tcp_send_ack+0x68/0x90
[  269.853051][T12722]  tcp_cleanup_rbuf+0x764/0x800
[  269.857904][T12722]  tcp_recvmsg+0x334d/0x4ff0
[  269.862549][T12722]  ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[  269.868541][T12722]  ? tcp_mmap+0x150/0x150
[  269.872882][T12722]  ? tcp_mmap+0x150/0x150
[  269.877202][T12722]  inet_recvmsg+0x237/0x7d0
[  269.881700][T12722]  ? inet_sendpage+0x2c0/0x2c0
[  269.886454][T12722]  ? kmsan_get_shadow_origin_ptr+0x28c/0x3a0
[  269.892431][T12722]  ? inet_sendpage+0x2c0/0x2c0
[  269.897179][T12722]  ? inet_sendpage+0x2c0/0x2c0
[  269.901935][T12722]  sock_read_iter+0x5be/0x660
[  269.906628][T12722]  ? kernel_sock_ip_overhead+0x340/0x340
[  269.912247][T12722]  __vfs_read+0xa67/0xc90
[  269.916610][T12722]  vfs_read+0x359/0x6f0
[  269.920772][T12722]  ksys_read+0x265/0x430
[  269.925034][T12722]  __se_sys_read+0x92/0xb0
[  269.929468][T12722]  __x64_sys_read+0x4a/0x70
[  269.933966][T12722]  do_syscall_64+0xbc/0xf0
[  269.938407][T12722]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  269.944291][T12722] RIP: 0033:0x47fcb4
[  269.948321][T12722] Code: ff ff cc cc cc cc e8 2b 41 fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 45 31 d2 45 31 c0 45 31 c9 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30
[  269.967923][T12722] RSP: 002b:000000c420393760 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  269.976416][T12722] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047fcb4
[  269.984386][T12722] RDX: 0000000000001000 RSI: 000000c420370000 RDI: 0000000000000003
[  269.992346][T12722] RBP: 000000c4203937b0 R08: 0000000000000000 R09: 0000000000000000
[  270.000312][T12722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000010
[  270.008284][T12722] R13: 0000000000000010 R14: 0000000000000004 R15: ffffffffffffffff
[  270.017742][T12722] Kernel Offset: disabled
[  270.022086][T12722] Rebooting in 86400 seconds..