[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   74.346713][   T32] audit: type=1800 audit(1570540951.390:25): pid=11105 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   74.369712][   T32] audit: type=1800 audit(1570540951.420:26): pid=11105 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   74.412745][   T32] audit: type=1800 audit(1570540951.440:27): pid=11105 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.1.12' (ECDSA) to the list of known hosts.
2019/10/08 13:22:47 fuzzer started
2019/10/08 13:22:52 dialing manager at 10.128.0.26:39515
2019/10/08 13:22:52 syscalls: 2412
2019/10/08 13:22:52 code coverage: enabled
2019/10/08 13:22:52 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2019/10/08 13:22:52 extra coverage: enabled
2019/10/08 13:22:52 setuid sandbox: enabled
2019/10/08 13:22:52 namespace sandbox: enabled
2019/10/08 13:22:52 Android sandbox: /sys/fs/selinux/policy does not exist
2019/10/08 13:22:52 fault injection: enabled
2019/10/08 13:22:52 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/10/08 13:22:52 net packet injection: enabled
2019/10/08 13:22:52 net device setup: enabled
2019/10/08 13:22:52 concurrency sanitizer: /proc/kcsaninfo does not exist
syzkaller login: [  103.992731][    C1] =====================================================
[  103.999727][    C1] BUG: KMSAN: use-after-free in kfree_skb+0x473/0x4c0
[  104.006493][    C1] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 5.3.0-rc7+ #0
[  104.013864][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  104.024051][    C1] Call Trace:
[  104.027334][    C1]  dump_stack+0x191/0x1f0
[  104.031650][    C1]  kmsan_report+0x17d/0x2f0
[  104.036373][    C1]  __msan_warning+0x73/0xe0
[  104.040860][    C1]  kmem_cache_free+0x3df/0x2b70
[  104.045688][    C1]  ? kmsan_internal_set_origin+0x6a/0xb0
[  104.051296][    C1]  ? kfree_skb+0x473/0x4c0
[  104.055694][    C1]  ? kmsan_internal_unpoison_shadow+0x42/0x80
[  104.061749][    C1]  kfree_skb+0x473/0x4c0
[  104.065971][    C1]  ? packet_rcv_spkt+0x719/0x840
[  104.070886][    C1]  packet_rcv_spkt+0x719/0x840
[  104.075638][    C1]  ? packet_rcv+0x2190/0x2190
[  104.080295][    C1]  __netif_receive_skb_core+0x3aed/0x51a0
[  104.086009][    C1]  ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[  104.091886][    C1]  netif_receive_skb_internal+0x3cc/0xc20
[  104.097590][    C1]  napi_gro_receive+0x682/0xb90
[  104.102425][    C1]  receive_buf+0x653b/0x8810
[  104.107029][    C1]  ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[  104.112919][    C1]  virtnet_poll+0x666/0x19d0
[  104.117646][    C1]  ? refill_work+0x460/0x460
[  104.122269][    C1]  net_rx_action+0x74b/0x1950
[  104.126943][    C1]  ? net_tx_action+0xba0/0xba0
[  104.131697][    C1]  __do_softirq+0x4a1/0x83a
[  104.136192][    C1]  ? ksoftirqd_should_run+0x30/0x30
[  104.141370][    C1]  ? takeover_tasklets+0x900/0x900
[  104.146456][    C1]  run_ksoftirqd+0x25/0x40
[  104.150906][    C1]  smpboot_thread_fn+0x4a3/0x990
[  104.155833][    C1]  kthread+0x4b5/0x4f0
[  104.159882][    C1]  ? cpu_report_death+0x190/0x190
[  104.164884][    C1]  ? kthread_blkcg+0xf0/0xf0
[  104.169452][    C1]  ret_from_fork+0x35/0x40
[  104.173847][    C1] 
[  104.176149][    C1] Uninit was stored to memory at:
[  104.181163][    C1]  kmsan_internal_chain_origin+0xde/0x190
[  104.186857][    C1]  __msan_chain_origin+0x6b/0xe0
[  104.192913][    C1]  ___slab_alloc+0x1dbc/0x1fb0
[  104.197654][    C1]  kmem_cache_alloc+0xade/0xd10
[  104.202479][    C1]  skb_clone+0x326/0x5d0
[  104.206697][    C1]  packet_rcv_spkt+0x245/0x840
[  104.211437][    C1]  __netif_receive_skb_core+0x3aed/0x51a0
[  104.217134][    C1]  netif_receive_skb_internal+0x3cc/0xc20
[  104.222833][    C1]  napi_gro_receive+0x682/0xb90
[  104.227674][    C1]  receive_buf+0x653b/0x8810
[  104.232248][    C1]  virtnet_poll+0x666/0x19d0
[  104.236838][    C1]  net_rx_action+0x74b/0x1950
[  104.241494][    C1]  __do_softirq+0x4a1/0x83a
[  104.245976][    C1]  run_ksoftirqd+0x25/0x40
[  104.250385][    C1]  smpboot_thread_fn+0x4a3/0x990
[  104.255303][    C1]  kthread+0x4b5/0x4f0
[  104.259365][    C1]  ret_from_fork+0x35/0x40
[  104.263752][    C1] 
[  104.266058][    C1] Uninit was created at:
[  104.270282][    C1]  kmsan_internal_poison_shadow+0x60/0x120
[  104.276085][    C1]  kmsan_slab_free+0x8d/0x100
[  104.280743][    C1]  kmem_cache_free_bulk+0x3ad9/0x3f50
[  104.286093][    C1]  __kfree_skb_flush+0xb0/0x100
[  104.290924][    C1]  net_rx_action+0x1908/0x1950
[  104.295669][    C1]  __do_softirq+0x4a1/0x83a
[  104.300150][    C1]  irq_exit+0x230/0x280
[  104.304283][    C1]  do_IRQ+0x20d/0x3a0
[  104.308242][    C1]  ret_from_intr+0x0/0x33
[  104.312550][    C1]  default_idle+0x53/0x90
[  104.316867][    C1]  arch_cpu_idle+0x25/0x30
[  104.321324][    C1]  do_idle+0x1d7/0x790
[  104.325395][    C1]  cpu_startup_entry+0x45/0x50
[  104.330146][    C1]  start_secondary+0x370/0x470
[  104.334895][    C1]  secondary_startup_64+0xa4/0xb0
[  104.339894][    C1] =====================================================
[  104.347061][    C1] Disabling lock debugging due to kernel taint
[  104.353187][    C1] Kernel panic - not syncing: panic_on_warn set ...
[  104.359751][    C1] CPU: 1 PID: 16 Comm: ksoftirqd/1 Tainted: G    B             5.3.0-rc7+ #0
[  104.368488][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  104.378527][    C1] Call Trace:
[  104.381803][    C1]  dump_stack+0x191/0x1f0
[  104.386125][    C1]  panic+0x3c9/0xc1e
[  104.390024][    C1]  kmsan_report+0x2e5/0x2f0
[  104.394522][    C1]  __msan_warning+0x73/0xe0
[  104.399006][    C1]  kmem_cache_free+0x3df/0x2b70
[  104.403834][    C1]  ? kmsan_internal_set_origin+0x6a/0xb0
[  104.409443][    C1]  ? kfree_skb+0x473/0x4c0
[  104.413838][    C1]  ? kmsan_internal_unpoison_shadow+0x42/0x80
[  104.419895][    C1]  kfree_skb+0x473/0x4c0
[  104.424119][    C1]  ? packet_rcv_spkt+0x719/0x840
[  104.429036][    C1]  packet_rcv_spkt+0x719/0x840
[  104.433786][    C1]  ? packet_rcv+0x2190/0x2190
[  104.438446][    C1]  __netif_receive_skb_core+0x3aed/0x51a0
[  104.444160][    C1]  ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[  104.450031][    C1]  netif_receive_skb_internal+0x3cc/0xc20
[  104.455751][    C1]  napi_gro_receive+0x682/0xb90
[  104.460585][    C1]  receive_buf+0x653b/0x8810
[  104.465186][    C1]  ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[  104.471185][    C1]  virtnet_poll+0x666/0x19d0
[  104.475779][    C1]  ? refill_work+0x460/0x460
[  104.480365][    C1]  net_rx_action+0x74b/0x1950
[  104.485035][    C1]  ? net_tx_action+0xba0/0xba0
[  104.489788][    C1]  __do_softirq+0x4a1/0x83a
[  104.494345][    C1]  ? ksoftirqd_should_run+0x30/0x30
[  104.499683][    C1]  ? takeover_tasklets+0x900/0x900
[  104.504783][    C1]  run_ksoftirqd+0x25/0x40
[  104.509383][    C1]  smpboot_thread_fn+0x4a3/0x990
[  104.514317][    C1]  kthread+0x4b5/0x4f0
[  104.518369][    C1]  ? cpu_report_death+0x190/0x190
[  104.523374][    C1]  ? kthread_blkcg+0xf0/0xf0
[  104.527944][    C1]  ret_from_fork+0x35/0x40
[  104.533710][    C1] Kernel Offset: disabled
[  104.538036][    C1] Rebooting in 86400 seconds..