[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   82.408769][   T30] audit: type=1800 audit(1570389782.453:25): pid=11745 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   82.432044][   T30] audit: type=1800 audit(1570389782.483:26): pid=11745 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   82.467688][   T30] audit: type=1800 audit(1570389782.503:27): pid=11745 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.38' (ECDSA) to the list of known hosts.
2019/10/06 19:23:14 fuzzer started
2019/10/06 19:23:19 dialing manager at 10.128.0.26:41347
2019/10/06 19:23:19 syscalls: 2412
2019/10/06 19:23:19 code coverage: enabled
2019/10/06 19:23:19 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2019/10/06 19:23:19 extra coverage: enabled
2019/10/06 19:23:19 setuid sandbox: enabled
2019/10/06 19:23:19 namespace sandbox: enabled
2019/10/06 19:23:19 Android sandbox: /sys/fs/selinux/policy does not exist
2019/10/06 19:23:19 fault injection: enabled
2019/10/06 19:23:19 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/10/06 19:23:19 net packet injection: enabled
2019/10/06 19:23:19 net device setup: enabled
2019/10/06 19:23:19 concurrency sanitizer: /proc/kcsaninfo does not exist
syzkaller login: [  104.346343][T11897] =====================================================
[  104.353356][T11897] BUG: KMSAN: uninit-value in kfree_skb+0x473/0x4c0
[  104.359963][T11897] CPU: 1 PID: 11897 Comm: syz-fuzzer Not tainted 5.3.0-rc7+ #0
[  104.368280][T11897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  104.378510][T11897] Call Trace:
[  104.381805][T11897]  dump_stack+0x191/0x1f0
[  104.386120][T11897]  kmsan_report+0x13a/0x2b0
[  104.390616][T11897]  __msan_warning+0x73/0xe0
[  104.395656][T11897]  kmem_cache_free+0x3df/0x2b70
[  104.400509][T11897]  ? kmsan_internal_set_origin+0x6a/0xb0
[  104.406138][T11897]  ? kfree_skb+0x473/0x4c0
[  104.410534][T11897]  ? kmsan_internal_unpoison_shadow+0x42/0x80
[  104.416600][T11897]  kfree_skb+0x473/0x4c0
[  104.420834][T11897]  ? packet_rcv_spkt+0x719/0x840
[  104.425763][T11897]  packet_rcv_spkt+0x719/0x840
[  104.430615][T11897]  ? packet_rcv+0x2190/0x2190
[  104.435282][T11897]  dev_queue_xmit_nit+0x1125/0x1200
[  104.440471][T11897]  dev_hard_start_xmit+0x21e/0xab0
[  104.445579][T11897]  ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[  104.451463][T11897]  sch_direct_xmit+0x56c/0x18c0
[  104.456322][T11897]  __dev_queue_xmit+0x1e53/0x4270
[  104.461374][T11897]  dev_queue_xmit+0x4b/0x60
[  104.466136][T11897]  ip_finish_output2+0x20c6/0x25d0
[  104.471420][T11897]  ? __msan_metadata_ptr_for_load_2+0x10/0x20
[  104.477533][T11897]  ? nf_ct_deliver_cached_events+0x4d5/0x6e0
[  104.483549][T11897]  __ip_finish_output+0xaf8/0xda0
[  104.488639][T11897]  ip_finish_output+0x2db/0x420
[  104.493514][T11897]  ip_output+0x541/0x610
[  104.497751][T11897]  ? ip_mc_finish_output+0x6d0/0x6d0
[  104.503072][T11897]  ? ip_finish_output+0x420/0x420
[  104.508097][T11897]  __ip_queue_xmit+0x1caf/0x21f0
[  104.513029][T11897]  ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[  104.518932][T11897]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  104.524985][T11897]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  104.531084][T11897]  ip_queue_xmit+0xcc/0xf0
[  104.535491][T11897]  ? tcp_v4_inbound_md5_hash+0xd10/0xd10
[  104.541131][T11897]  __tcp_transmit_skb+0x409e/0x5c60
[  104.546331][T11897]  __tcp_send_ack+0x701/0x840
[  104.550993][T11897]  tcp_send_ack+0x68/0x90
[  104.555318][T11897]  tcp_cleanup_rbuf+0x764/0x800
[  104.560237][T11897]  tcp_recvmsg+0x334d/0x4ff0
[  104.564847][T11897]  ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[  104.570716][T11897]  ? tcp_mmap+0x150/0x150
[  104.575026][T11897]  ? tcp_mmap+0x150/0x150
[  104.579342][T11897]  inet_recvmsg+0x237/0x7d0
[  104.583840][T11897]  ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[  104.589731][T11897]  ? inet_sendpage+0x2c0/0x2c0
[  104.594486][T11897]  ? inet_sendpage+0x2c0/0x2c0
[  104.599241][T11897]  sock_read_iter+0x5be/0x660
[  104.603906][T11897]  ? kernel_sock_ip_overhead+0x340/0x340
[  104.609514][T11897]  __vfs_read+0xa67/0xc90
[  104.613833][T11897]  vfs_read+0x359/0x6f0
[  104.617973][T11897]  ksys_read+0x265/0x430
[  104.622201][T11897]  __se_sys_read+0x92/0xb0
[  104.626602][T11897]  __x64_sys_read+0x4a/0x70
[  104.631718][T11897]  do_syscall_64+0xbc/0xf0
[  104.636469][T11897]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  104.642363][T11897] RIP: 0033:0x47fd44
[  104.646267][T11897] Code: ff ff cc cc cc cc e8 9b 40 fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 45 31 d2 45 31 c0 45 31 c9 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30
[  104.665943][T11897] RSP: 002b:000000c420033760 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  104.674908][T11897] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047fd44
[  104.682985][T11897] RDX: 0000000000001000 RSI: 000000c420122000 RDI: 0000000000000003
[  104.690937][T11897] RBP: 000000c4200337b0 R08: 0000000000000000 R09: 0000000000000000
[  104.699321][T11897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000020
[  104.707273][T11897] R13: 0000000000000020 R14: 0000000000000020 R15: ffffffffffffffff
[  104.715363][T11897] 
[  104.717681][T11897] Uninit was stored to memory at:
[  104.722706][T11897]  kmsan_internal_chain_origin+0xd2/0x170
[  104.728418][T11897]  __msan_chain_origin+0x6b/0xe0
[  104.733334][T11897]  ___slab_alloc+0x1dbc/0x1fb0
[  104.738076][T11897]  kmem_cache_alloc+0xade/0xd10
[  104.742905][T11897]  skb_clone+0x326/0x5d0
[  104.748008][T11897]  dev_queue_xmit_nit+0x539/0x1200
[  104.753099][T11897]  dev_hard_start_xmit+0x21e/0xab0
[  104.758190][T11897]  sch_direct_xmit+0x56c/0x18c0
[  104.763017][T11897]  __dev_queue_xmit+0x1e53/0x4270
[  104.768027][T11897]  dev_queue_xmit+0x4b/0x60
[  104.772523][T11897]  ip_finish_output2+0x20c6/0x25d0
[  104.777643][T11897]  __ip_finish_output+0xaf8/0xda0
[  104.782643][T11897]  ip_finish_output+0x2db/0x420
[  104.787645][T11897]  ip_output+0x541/0x610
[  104.791868][T11897]  __ip_queue_xmit+0x1caf/0x21f0
[  104.796786][T11897]  ip_queue_xmit+0xcc/0xf0
[  104.801178][T11897]  __tcp_transmit_skb+0x409e/0x5c60
[  104.806784][T11897]  __tcp_send_ack+0x701/0x840
[  104.811539][T11897]  tcp_send_ack+0x68/0x90
[  104.815850][T11897]  tcp_cleanup_rbuf+0x764/0x800
[  104.820863][T11897]  tcp_recvmsg+0x334d/0x4ff0
[  104.825521][T11897]  inet_recvmsg+0x237/0x7d0
[  104.830000][T11897]  sock_read_iter+0x5be/0x660
[  104.834679][T11897]  __vfs_read+0xa67/0xc90
[  104.838987][T11897]  vfs_read+0x359/0x6f0
[  104.843164][T11897]  ksys_read+0x265/0x430
[  104.847410][T11897]  __se_sys_read+0x92/0xb0
[  104.851812][T11897]  __x64_sys_read+0x4a/0x70
[  104.856295][T11897]  do_syscall_64+0xbc/0xf0
[  104.860692][T11897]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  104.866563][T11897] 
[  104.868874][T11897] Uninit was created at:
[  104.873368][T11897]  kmsan_internal_poison_shadow+0x53/0x100
[  104.879178][T11897]  kmsan_slab_free+0x8d/0x100
[  104.883842][T11897]  kmem_cache_free_bulk+0x3ad9/0x3f50
[  104.889200][T11897]  __kfree_skb_flush+0xb0/0x100
[  104.896644][T11897]  net_rx_action+0x1908/0x1950
[  104.901403][T11897]  __do_softirq+0x4a1/0x83a
[  104.906005][T11897]  irq_exit+0x230/0x280
[  104.910145][T11897]  do_IRQ+0x20d/0x3a0
[  104.914114][T11897]  ret_from_intr+0x0/0x33
[  104.918452][T11897]  __sanitizer_cov_trace_pc+0x4/0x50
[  104.923766][T11897]  tcp_rcv_established+0x29d/0x31f0
[  104.928949][T11897]  tcp_v4_do_rcv+0x684/0xd70
[  104.933529][T11897]  __release_sock+0x448/0x640
[  104.938205][T11897]  release_sock+0x99/0x2a0
[  104.942604][T11897]  tcp_recvmsg+0x335f/0x4ff0
[  104.947174][T11897]  inet_recvmsg+0x237/0x7d0
[  104.951654][T11897]  sock_read_iter+0x5be/0x660
[  104.956310][T11897]  __vfs_read+0xa67/0xc90
[  104.960616][T11897]  vfs_read+0x359/0x6f0
[  104.964747][T11897]  ksys_read+0x265/0x430
[  104.968981][T11897]  __se_sys_read+0x92/0xb0
[  104.973372][T11897]  __x64_sys_read+0x4a/0x70
[  104.977853][T11897]  do_syscall_64+0xbc/0xf0
[  104.982248][T11897]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  104.988110][T11897] =====================================================
[  104.995391][T11897] Disabling lock debugging due to kernel taint
[  105.001517][T11897] Kernel panic - not syncing: panic_on_warn set ...
[  105.008099][T11897] CPU: 1 PID: 11897 Comm: syz-fuzzer Tainted: G    B             5.3.0-rc7+ #0
[  105.017012][T11897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  105.027055][T11897] Call Trace:
[  105.030347][T11897]  dump_stack+0x191/0x1f0
[  105.034670][T11897]  panic+0x3c9/0xc1e
[  105.038562][T11897]  kmsan_report+0x2a2/0x2b0
[  105.043064][T11897]  __msan_warning+0x73/0xe0
[  105.047664][T11897]  kmem_cache_free+0x3df/0x2b70
[  105.052530][T11897]  ? kmsan_internal_set_origin+0x6a/0xb0
[  105.058151][T11897]  ? kfree_skb+0x473/0x4c0
[  105.062568][T11897]  ? kmsan_internal_unpoison_shadow+0x42/0x80
[  105.068628][T11897]  kfree_skb+0x473/0x4c0
[  105.072857][T11897]  ? packet_rcv_spkt+0x719/0x840
[  105.077777][T11897]  packet_rcv_spkt+0x719/0x840
[  105.082700][T11897]  ? packet_rcv+0x2190/0x2190
[  105.087355][T11897]  dev_queue_xmit_nit+0x1125/0x1200
[  105.092553][T11897]  dev_hard_start_xmit+0x21e/0xab0
[  105.097666][T11897]  ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[  105.103543][T11897]  sch_direct_xmit+0x56c/0x18c0
[  105.108384][T11897]  __dev_queue_xmit+0x1e53/0x4270
[  105.113403][T11897]  dev_queue_xmit+0x4b/0x60
[  105.118017][T11897]  ip_finish_output2+0x20c6/0x25d0
[  105.123125][T11897]  ? __msan_metadata_ptr_for_load_2+0x10/0x20
[  105.129271][T11897]  ? nf_ct_deliver_cached_events+0x4d5/0x6e0
[  105.135258][T11897]  __ip_finish_output+0xaf8/0xda0
[  105.140318][T11897]  ip_finish_output+0x2db/0x420
[  105.145164][T11897]  ip_output+0x541/0x610
[  105.149443][T11897]  ? ip_mc_finish_output+0x6d0/0x6d0
[  105.154727][T11897]  ? ip_finish_output+0x420/0x420
[  105.159741][T11897]  __ip_queue_xmit+0x1caf/0x21f0
[  105.164676][T11897]  ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[  105.170562][T11897]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  105.177582][T11897]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  105.183655][T11897]  ip_queue_xmit+0xcc/0xf0
[  105.188056][T11897]  ? tcp_v4_inbound_md5_hash+0xd10/0xd10
[  105.193681][T11897]  __tcp_transmit_skb+0x409e/0x5c60
[  105.198889][T11897]  __tcp_send_ack+0x701/0x840
[  105.203649][T11897]  tcp_send_ack+0x68/0x90
[  105.207969][T11897]  tcp_cleanup_rbuf+0x764/0x800
[  105.212808][T11897]  tcp_recvmsg+0x334d/0x4ff0
[  105.217405][T11897]  ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[  105.223278][T11897]  ? tcp_mmap+0x150/0x150
[  105.227586][T11897]  ? tcp_mmap+0x150/0x150
[  105.231906][T11897]  inet_recvmsg+0x237/0x7d0
[  105.236437][T11897]  ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[  105.242355][T11897]  ? inet_sendpage+0x2c0/0x2c0
[  105.247115][T11897]  ? inet_sendpage+0x2c0/0x2c0
[  105.251869][T11897]  sock_read_iter+0x5be/0x660
[  105.256535][T11897]  ? kernel_sock_ip_overhead+0x340/0x340
[  105.262146][T11897]  __vfs_read+0xa67/0xc90
[  105.266491][T11897]  vfs_read+0x359/0x6f0
[  105.270633][T11897]  ksys_read+0x265/0x430
[  105.274861][T11897]  __se_sys_read+0x92/0xb0
[  105.279291][T11897]  __x64_sys_read+0x4a/0x70
[  105.283789][T11897]  do_syscall_64+0xbc/0xf0
[  105.288308][T11897]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  105.294236][T11897] RIP: 0033:0x47fd44
[  105.298115][T11897] Code: ff ff cc cc cc cc e8 9b 40 fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 45 31 d2 45 31 c0 45 31 c9 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30
[  105.317700][T11897] RSP: 002b:000000c420033760 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  105.326089][T11897] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047fd44
[  105.334038][T11897] RDX: 0000000000001000 RSI: 000000c420122000 RDI: 0000000000000003
[  105.342107][T11897] RBP: 000000c4200337b0 R08: 0000000000000000 R09: 0000000000000000
[  105.350063][T11897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000020
[  105.358023][T11897] R13: 0000000000000020 R14: 0000000000000020 R15: ffffffffffffffff
[  105.367443][T11897] Kernel Offset: disabled
[  105.371788][T11897] Rebooting in 86400 seconds..