[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   82.382655][   T32] audit: type=1800 audit(1569927839.437:25): pid=11785 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   82.406060][   T32] audit: type=1800 audit(1569927839.457:26): pid=11785 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   82.441481][   T32] audit: type=1800 audit(1569927839.477:27): pid=11785 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.15.195' (ECDSA) to the list of known hosts.
2019/10/01 11:04:13 fuzzer started
2019/10/01 11:04:17 dialing manager at 10.128.0.26:42183
2019/10/01 11:04:17 syscalls: 2385
2019/10/01 11:04:17 code coverage: enabled
2019/10/01 11:04:17 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2019/10/01 11:04:17 extra coverage: enabled
2019/10/01 11:04:17 setuid sandbox: enabled
2019/10/01 11:04:17 namespace sandbox: enabled
2019/10/01 11:04:17 Android sandbox: /sys/fs/selinux/policy does not exist
2019/10/01 11:04:17 fault injection: enabled
2019/10/01 11:04:17 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/10/01 11:04:17 net packet injection: enabled
2019/10/01 11:04:17 net device setup: enabled
syzkaller login: [  116.600917][T11939] =====================================================
[  116.607950][T11939] BUG: KMSAN: uninit-value in kfree_skb+0x473/0x4c0
[  116.614728][T11939] CPU: 1 PID: 11939 Comm: syz-fuzzer Not tainted 5.3.0-rc7+ #0
[  116.622275][T11939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  116.632309][T11939] Call Trace:
[  116.635590][T11939]  dump_stack+0x191/0x1f0
[  116.639920][T11939]  kmsan_report+0x13a/0x2b0
[  116.644402][T11939]  __msan_warning+0x73/0xe0
[  116.648896][T11939]  kmem_cache_free+0x3df/0x2b70
[  116.653723][T11939]  ? kmsan_internal_set_origin+0x6a/0xb0
[  116.659405][T11939]  ? kfree_skb+0x473/0x4c0
[  116.663829][T11939]  ? kmsan_internal_unpoison_shadow+0x42/0x80
[  116.669945][T11939]  kfree_skb+0x473/0x4c0
[  116.674172][T11939]  ? packet_rcv_spkt+0x719/0x840
[  116.679109][T11939]  packet_rcv_spkt+0x719/0x840
[  116.683878][T11939]  ? packet_rcv+0x2190/0x2190
[  116.688554][T11939]  dev_queue_xmit_nit+0x1125/0x1200
[  116.693770][T11939]  dev_hard_start_xmit+0x21e/0xab0
[  116.698871][T11939]  ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[  116.704750][T11939]  sch_direct_xmit+0x56c/0x18c0
[  116.709592][T11939]  __dev_queue_xmit+0x1e53/0x4270
[  116.714699][T11939]  dev_queue_xmit+0x4b/0x60
[  116.719194][T11939]  ip_finish_output2+0x20c6/0x25d0
[  116.724285][T11939]  ? __msan_metadata_ptr_for_load_2+0x10/0x20
[  116.730341][T11939]  ? nf_ct_deliver_cached_events+0x4d5/0x6e0
[  116.736316][T11939]  __ip_finish_output+0xaf8/0xda0
[  116.741330][T11939]  ip_finish_output+0x2db/0x420
[  116.746165][T11939]  ip_output+0x541/0x610
[  116.750392][T11939]  ? ip_mc_finish_output+0x6d0/0x6d0
[  116.755667][T11939]  ? ip_finish_output+0x420/0x420
[  116.760675][T11939]  __ip_queue_xmit+0x1caf/0x21f0
[  116.765609][T11939]  ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[  116.771483][T11939]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  116.777527][T11939]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  116.783603][T11939]  ip_queue_xmit+0xcc/0xf0
[  116.788035][T11939]  ? tcp_v4_inbound_md5_hash+0xd10/0xd10
[  116.793739][T11939]  __tcp_transmit_skb+0x409e/0x5c60
[  116.798941][T11939]  __tcp_send_ack+0x701/0x840
[  116.803609][T11939]  tcp_send_ack+0x68/0x90
[  116.807922][T11939]  tcp_cleanup_rbuf+0x764/0x800
[  116.812753][T11939]  tcp_recvmsg+0x334d/0x4ff0
[  116.817357][T11939]  ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[  116.823234][T11939]  ? tcp_mmap+0x150/0x150
[  116.827540][T11939]  ? tcp_mmap+0x150/0x150
[  116.831854][T11939]  inet_recvmsg+0x237/0x7d0
[  116.836603][T11939]  ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[  116.842476][T11939]  ? inet_sendpage+0x2c0/0x2c0
[  116.847389][T11939]  ? inet_sendpage+0x2c0/0x2c0
[  116.852140][T11939]  sock_read_iter+0x5be/0x660
[  116.856803][T11939]  ? kernel_sock_ip_overhead+0x340/0x340
[  116.862715][T11939]  __vfs_read+0xa67/0xc90
[  116.867834][T11939]  vfs_read+0x359/0x6f0
[  116.871983][T11939]  ksys_read+0x265/0x430
[  116.876213][T11939]  __se_sys_read+0x92/0xb0
[  116.880613][T11939]  __x64_sys_read+0x4a/0x70
[  116.885138][T11939]  do_syscall_64+0xbc/0xf0
[  116.889537][T11939]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  116.895406][T11939] RIP: 0033:0x47fd44
[  116.899309][T11939] Code: ff ff cc cc cc cc e8 9b 40 fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 45 31 d2 45 31 c0 45 31 c9 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30
[  116.921086][T11939] RSP: 002b:000000c4203a3710 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  116.929760][T11939] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047fd44
[  116.937808][T11939] RDX: 0000000000001000 RSI: 000000c420040000 RDI: 0000000000000003
[  116.945795][T11939] RBP: 000000c4203a3760 R08: 0000000000000000 R09: 0000000000000000
[  116.956645][T11939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  116.964615][T11939] R13: 0000000000000004 R14: 0000000000000020 R15: ffffffffffffffff
[  116.972685][T11939] 
[  116.975525][T11939] Uninit was stored to memory at:
[  116.981674][T11939]  kmsan_internal_chain_origin+0xd2/0x170
[  116.988462][T11939]  __msan_chain_origin+0x6b/0xe0
[  116.993389][T11939]  ___slab_alloc+0x1dbc/0x1fb0
[  117.007909][T11939]  kmem_cache_alloc+0xade/0xd10
[  117.017649][T11939]  skb_clone+0x326/0x5d0
[  117.021916][T11939]  dev_queue_xmit_nit+0x539/0x1200
[  117.027038][T11939]  dev_hard_start_xmit+0x21e/0xab0
[  117.032157][T11939]  sch_direct_xmit+0x56c/0x18c0
[  117.037605][T11939]  __dev_queue_xmit+0x1e53/0x4270
[  117.042651][T11939]  dev_queue_xmit+0x4b/0x60
[  117.048369][T11939]  ip_finish_output2+0x20c6/0x25d0
[  117.054699][T11939]  __ip_finish_output+0xaf8/0xda0
[  117.059832][T11939]  ip_finish_output+0x2db/0x420
[  117.065474][T11939]  ip_output+0x541/0x610
[  117.069924][T11939]  __ip_queue_xmit+0x1caf/0x21f0
[  117.074983][T11939]  ip_queue_xmit+0xcc/0xf0
[  117.079415][T11939]  __tcp_transmit_skb+0x409e/0x5c60
[  117.084605][T11939]  __tcp_send_ack+0x701/0x840
[  117.089284][T11939]  tcp_send_ack+0x68/0x90
[  117.093651][T11939]  tcp_cleanup_rbuf+0x764/0x800
[  117.098533][T11939]  tcp_recvmsg+0x334d/0x4ff0
[  117.103274][T11939]  inet_recvmsg+0x237/0x7d0
[  117.107804][T11939]  sock_read_iter+0x5be/0x660
[  117.112497][T11939]  __vfs_read+0xa67/0xc90
[  117.116826][T11939]  vfs_read+0x359/0x6f0
[  117.121034][T11939]  ksys_read+0x265/0x430
[  117.125300][T11939]  __se_sys_read+0x92/0xb0
[  117.129730][T11939]  __x64_sys_read+0x4a/0x70
[  117.134261][T11939]  do_syscall_64+0xbc/0xf0
[  117.138869][T11939]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  117.144762][T11939] 
[  117.147132][T11939] Uninit was created at:
[  117.151488][T11939]  kmsan_internal_poison_shadow+0x53/0x100
[  117.157384][T11939]  kmsan_slab_free+0x8d/0x100
[  117.162107][T11939]  kmem_cache_free_bulk+0x3ad9/0x3f50
[  117.167513][T11939]  __kfree_skb_flush+0xb0/0x100
[  117.172398][T11939]  net_rx_action+0x1908/0x1950
[  117.177160][T11939]  __do_softirq+0x4a1/0x83a
[  117.181762][T11939]  irq_exit+0x230/0x280
[  117.185908][T11939]  do_IRQ+0x20d/0x3a0
[  117.189884][T11939]  ret_from_intr+0x0/0x33
[  117.194203][T11939]  kmsan_slab_free+0xac/0x100
[  117.198890][T11939]  kmem_cache_free+0x2d1/0x2b70
[  117.203958][T11939]  kfree_skb_partial+0x99/0xd0
[  117.208852][T11939]  tcp_rcv_established+0x2dda/0x31f0
[  117.214254][T11939]  tcp_v4_do_rcv+0x684/0xd70
[  117.218881][T11939]  __release_sock+0x448/0x640
[  117.223559][T11939]  release_sock+0x99/0x2a0
[  117.228067][T11939]  tcp_recvmsg+0x335f/0x4ff0
[  117.235973][T11939]  inet_recvmsg+0x237/0x7d0
[  117.240473][T11939]  sock_read_iter+0x5be/0x660
[  117.245163][T11939]  __vfs_read+0xa67/0xc90
[  117.249477][T11939]  vfs_read+0x359/0x6f0
[  117.253705][T11939]  ksys_read+0x265/0x430
[  117.257934][T11939]  __se_sys_read+0x92/0xb0
[  117.262335][T11939]  __x64_sys_read+0x4a/0x70
[  117.266826][T11939]  do_syscall_64+0xbc/0xf0
[  117.271418][T11939]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  117.277289][T11939] =====================================================
[  117.284308][T11939] Disabling lock debugging due to kernel taint
[  117.290454][T11939] Kernel panic - not syncing: panic_on_warn set ...
[  117.297036][T11939] CPU: 1 PID: 11939 Comm: syz-fuzzer Tainted: G    B             5.3.0-rc7+ #0
[  117.305957][T11939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  117.316022][T11939] Call Trace:
[  117.319356][T11939]  dump_stack+0x191/0x1f0
[  117.323714][T11939]  panic+0x3c9/0xc1e
[  117.327717][T11939]  kmsan_report+0x2a2/0x2b0
[  117.332215][T11939]  __msan_warning+0x73/0xe0
[  117.336750][T11939]  kmem_cache_free+0x3df/0x2b70
[  117.341640][T11939]  ? kmsan_internal_set_origin+0x6a/0xb0
[  117.347294][T11939]  ? kfree_skb+0x473/0x4c0
[  117.351837][T11939]  ? kmsan_internal_unpoison_shadow+0x42/0x80
[  117.357947][T11939]  kfree_skb+0x473/0x4c0
[  117.362199][T11939]  ? packet_rcv_spkt+0x719/0x840
[  117.367137][T11939]  packet_rcv_spkt+0x719/0x840
[  117.371988][T11939]  ? packet_rcv+0x2190/0x2190
[  117.376654][T11939]  dev_queue_xmit_nit+0x1125/0x1200
[  117.381862][T11939]  dev_hard_start_xmit+0x21e/0xab0
[  117.387005][T11939]  ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[  117.393120][T11939]  sch_direct_xmit+0x56c/0x18c0
[  117.398009][T11939]  __dev_queue_xmit+0x1e53/0x4270
[  117.403161][T11939]  dev_queue_xmit+0x4b/0x60
[  117.407980][T11939]  ip_finish_output2+0x20c6/0x25d0
[  117.413101][T11939]  ? __msan_metadata_ptr_for_load_2+0x10/0x20
[  117.419380][T11939]  ? nf_ct_deliver_cached_events+0x4d5/0x6e0
[  117.425411][T11939]  __ip_finish_output+0xaf8/0xda0
[  117.430456][T11939]  ip_finish_output+0x2db/0x420
[  117.435313][T11939]  ip_output+0x541/0x610
[  117.439613][T11939]  ? ip_mc_finish_output+0x6d0/0x6d0
[  117.444986][T11939]  ? ip_finish_output+0x420/0x420
[  117.450033][T11939]  __ip_queue_xmit+0x1caf/0x21f0
[  117.455515][T11939]  ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[  117.461487][T11939]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  117.467562][T11939]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  117.473671][T11939]  ip_queue_xmit+0xcc/0xf0
[  117.478137][T11939]  ? tcp_v4_inbound_md5_hash+0xd10/0xd10
[  117.483784][T11939]  __tcp_transmit_skb+0x409e/0x5c60
[  117.489345][T11939]  __tcp_send_ack+0x701/0x840
[  117.494407][T11939]  tcp_send_ack+0x68/0x90
[  117.498758][T11939]  tcp_cleanup_rbuf+0x764/0x800
[  117.503633][T11939]  tcp_recvmsg+0x334d/0x4ff0
[  117.508882][T11939]  ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[  117.514816][T11939]  ? tcp_mmap+0x150/0x150
[  117.519149][T11939]  ? tcp_mmap+0x150/0x150
[  117.523486][T11939]  inet_recvmsg+0x237/0x7d0
[  117.527992][T11939]  ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[  117.533875][T11939]  ? inet_sendpage+0x2c0/0x2c0
[  117.538627][T11939]  ? inet_sendpage+0x2c0/0x2c0
[  117.543470][T11939]  sock_read_iter+0x5be/0x660
[  117.548149][T11939]  ? kernel_sock_ip_overhead+0x340/0x340
[  117.553859][T11939]  __vfs_read+0xa67/0xc90
[  117.558286][T11939]  vfs_read+0x359/0x6f0
[  117.562451][T11939]  ksys_read+0x265/0x430
[  117.566876][T11939]  __se_sys_read+0x92/0xb0
[  117.571287][T11939]  __x64_sys_read+0x4a/0x70
[  117.575825][T11939]  do_syscall_64+0xbc/0xf0
[  117.580293][T11939]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  117.587427][T11939] RIP: 0033:0x47fd44
[  117.591324][T11939] Code: ff ff cc cc cc cc e8 9b 40 fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 45 31 d2 45 31 c0 45 31 c9 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30
[  117.612183][T11939] RSP: 002b:000000c4203a3710 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  117.620687][T11939] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047fd44
[  117.628746][T11939] RDX: 0000000000001000 RSI: 000000c420040000 RDI: 0000000000000003
[  117.636706][T11939] RBP: 000000c4203a3760 R08: 0000000000000000 R09: 0000000000000000
[  117.644669][T11939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  117.652633][T11939] R13: 0000000000000004 R14: 0000000000000020 R15: ffffffffffffffff
[  117.662424][T11939] Kernel Offset: disabled
[  117.666758][T11939] Rebooting in 86400 seconds..