[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   82.489250][   T32] audit: type=1800 audit(1572567768.535:25): pid=11848 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   82.512604][   T32] audit: type=1800 audit(1572567768.565:26): pid=11848 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   82.549017][   T32] audit: type=1800 audit(1572567768.585:27): pid=11848 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.147' (ECDSA) to the list of known hosts.
2019/11/01 00:23:02 fuzzer started
2019/11/01 00:23:06 dialing manager at 10.128.0.26:40999
2019/11/01 00:23:07 syscalls: 2431
2019/11/01 00:23:07 code coverage: enabled
2019/11/01 00:23:07 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2019/11/01 00:23:07 extra coverage: enabled
2019/11/01 00:23:07 setuid sandbox: enabled
2019/11/01 00:23:07 namespace sandbox: enabled
2019/11/01 00:23:07 Android sandbox: /sys/fs/selinux/policy does not exist
2019/11/01 00:23:07 fault injection: enabled
2019/11/01 00:23:07 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/11/01 00:23:07 net packet injection: enabled
2019/11/01 00:23:07 net device setup: enabled
2019/11/01 00:23:07 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
syzkaller login: [  197.555343][    C0] =====================================================
[  197.562360][    C0] BUG: KMSAN: use-after-free in kmem_cache_alloc_node+0x5a9/0xe60
[  197.570150][    C0] CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 5.4.0-rc5+ #0
[  197.577405][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  197.587448][    C0] Call Trace:
[  197.590731][    C0]  dump_stack+0x191/0x1f0
[  197.595052][    C0]  kmsan_report+0x128/0x220
[  197.599547][    C0]  __msan_warning+0x73/0xe0
[  197.604033][    C0]  kmem_cache_alloc_node+0x5a9/0xe60
[  197.609298][    C0]  ? kmsan_get_shadow_origin_ptr+0x91/0x4b0
[  197.615164][    C0]  ? __alloc_skb+0x215/0xa10
[  197.619740][    C0]  __alloc_skb+0x215/0xa10
[  197.624145][    C0]  aoecmd_cfg+0x205/0xa80
[  197.628461][    C0]  discover_timer+0x86/0xa0
[  197.632943][    C0]  call_timer_fn+0x232/0x530
[  197.637512][    C0]  ? skbfree+0x4a0/0x4a0
[  197.641736][    C0]  __run_timers+0xd60/0x1270
[  197.646305][    C0]  ? skbfree+0x4a0/0x4a0
[  197.650534][    C0]  ? kmsan_get_shadow_origin_ptr+0x91/0x4b0
[  197.656402][    C0]  run_timer_softirq+0x2d/0x50
[  197.661139][    C0]  ? timers_dead_cpu+0x9d0/0x9d0
[  197.666057][    C0]  __do_softirq+0x4a1/0x83a
[  197.670545][    C0]  ? ksoftirqd_should_run+0x30/0x30
[  197.675719][    C0]  ? takeover_tasklets+0x900/0x900
[  197.680807][    C0]  run_ksoftirqd+0x25/0x40
[  197.685198][    C0]  smpboot_thread_fn+0x4a3/0x990
[  197.690117][    C0]  kthread+0x4b5/0x4f0
[  197.694378][    C0]  ? cpu_report_death+0x190/0x190
[  197.699383][    C0]  ? kthread_blkcg+0xf0/0xf0
[  197.703950][    C0]  ret_from_fork+0x35/0x40
[  197.708343][    C0] 
[  197.710646][    C0] Uninit was stored to memory at:
[  197.715647][    C0]  kmsan_internal_chain_origin+0xbd/0x180
[  197.721345][    C0]  __msan_chain_origin+0x6b/0xd0
[  197.726256][    C0]  ___slab_alloc+0x1dbc/0x1fb0
[  197.731002][    C0]  kmem_cache_alloc_node+0xaf4/0xe60
[  197.736263][    C0]  __alloc_skb+0x215/0xa10
[  197.740656][    C0]  aoecmd_cfg+0x205/0xa80
[  197.744961][    C0]  discover_timer+0x86/0xa0
[  197.749459][    C0]  call_timer_fn+0x232/0x530
[  197.754035][    C0]  __run_timers+0xd60/0x1270
[  197.758610][    C0]  run_timer_softirq+0x2d/0x50
[  197.763350][    C0]  __do_softirq+0x4a1/0x83a
[  197.767830][    C0]  run_ksoftirqd+0x25/0x40
[  197.772221][    C0]  smpboot_thread_fn+0x4a3/0x990
[  197.777133][    C0]  kthread+0x4b5/0x4f0
[  197.781175][    C0]  ret_from_fork+0x35/0x40
[  197.785560][    C0] 
[  197.787861][    C0] Uninit was created at:
[  197.792134][    C0]  kmsan_internal_poison_shadow+0x60/0x120
[  197.797942][    C0]  kmsan_slab_free+0x8d/0xf0
[  197.802516][    C0]  kmem_cache_free_bulk+0x3ad9/0x3f10
[  197.807870][    C0]  __kfree_skb_flush+0xb0/0x100
[  197.812698][    C0]  net_rx_action+0x1a5e/0x1aa0
[  197.817451][    C0]  __do_softirq+0x4a1/0x83a
[  197.821927][    C0]  irq_exit+0x230/0x280
[  197.826065][    C0]  do_IRQ+0x123/0x360
[  197.830024][    C0]  ret_from_intr+0x0/0x33
[  197.834338][    C0]  task_kmsan_context_state+0x1/0x90
[  197.839598][    C0]  ip_finish_output2+0x2c/0x25d0
[  197.844610][    C0]  __ip_finish_output+0xaf8/0xda0
[  197.849611][    C0]  ip_finish_output+0x2db/0x420
[  197.854438][    C0]  ip_output+0x541/0x610
[  197.858657][    C0]  __ip_queue_xmit+0x1caf/0x21f0
[  197.863579][    C0]  ip_queue_xmit+0xcc/0xf0
[  197.867979][    C0]  __tcp_transmit_skb+0x40e3/0x5d90
[  197.873152][    C0]  __tcp_send_ack+0x701/0x840
[  197.877802][    C0]  tcp_send_ack+0x68/0x90
[  197.882106][    C0]  tcp_cleanup_rbuf+0x764/0x800
[  197.886930][    C0]  tcp_recvmsg+0x334d/0x4ff0
[  197.891498][    C0]  inet_recvmsg+0x237/0x7d0
[  197.895977][    C0]  sock_read_iter+0x5be/0x660
[  197.900631][    C0]  __vfs_read+0xa67/0xc90
[  197.904942][    C0]  vfs_read+0x359/0x6f0
[  197.909071][    C0]  ksys_read+0x265/0x430
[  197.913286][    C0]  __se_sys_read+0x92/0xb0
[  197.917677][    C0]  __x64_sys_read+0x4a/0x70
[  197.922155][    C0]  do_syscall_64+0xb6/0x160
[  197.926635][    C0]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  197.932496][    C0] =====================================================
[  197.939401][    C0] Disabling lock debugging due to kernel taint
[  197.945538][    C0] Kernel panic - not syncing: panic_on_warn set ...
[  197.952113][    C0] CPU: 0 PID: 9 Comm: ksoftirqd/0 Tainted: G    B             5.4.0-rc5+ #0
[  197.960763][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  197.970810][    C0] Call Trace:
[  197.974098][    C0]  dump_stack+0x191/0x1f0
[  197.978409][    C0]  panic+0x3c9/0xc1e
[  197.982296][    C0]  kmsan_report+0x215/0x220
[  197.986779][    C0]  __msan_warning+0x73/0xe0
[  197.991375][    C0]  kmem_cache_alloc_node+0x5a9/0xe60
[  197.996638][    C0]  ? kmsan_get_shadow_origin_ptr+0x91/0x4b0
[  198.002505][    C0]  ? __alloc_skb+0x215/0xa10
[  198.007085][    C0]  __alloc_skb+0x215/0xa10
[  198.011487][    C0]  aoecmd_cfg+0x205/0xa80
[  198.015809][    C0]  discover_timer+0x86/0xa0
[  198.020296][    C0]  call_timer_fn+0x232/0x530
[  198.024865][    C0]  ? skbfree+0x4a0/0x4a0
[  198.029102][    C0]  __run_timers+0xd60/0x1270
[  198.033673][    C0]  ? skbfree+0x4a0/0x4a0
[  198.037906][    C0]  ? kmsan_get_shadow_origin_ptr+0x91/0x4b0
[  198.043784][    C0]  run_timer_softirq+0x2d/0x50
[  198.048522][    C0]  ? timers_dead_cpu+0x9d0/0x9d0
[  198.053439][    C0]  __do_softirq+0x4a1/0x83a
[  198.057933][    C0]  ? ksoftirqd_should_run+0x30/0x30
[  198.063120][    C0]  ? takeover_tasklets+0x900/0x900
[  198.068206][    C0]  run_ksoftirqd+0x25/0x40
[  198.072602][    C0]  smpboot_thread_fn+0x4a3/0x990
[  198.077551][    C0]  kthread+0x4b5/0x4f0
[  198.081614][    C0]  ? cpu_report_death+0x190/0x190
[  198.086628][    C0]  ? kthread_blkcg+0xf0/0xf0
[  198.091200][    C0]  ret_from_fork+0x35/0x40
[  198.097051][    C0] Kernel Offset: disabled
[  198.101380][    C0] Rebooting in 86400 seconds..