[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   89.896530][   T32] audit: type=1800 audit(1572987188.945:25): pid=13035 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   89.919400][   T32] audit: type=1800 audit(1572987188.965:26): pid=13035 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   89.954773][   T32] audit: type=1800 audit(1572987188.995:27): pid=13035 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.214' (ECDSA) to the list of known hosts.
2019/11/05 20:53:23 fuzzer started
2019/11/05 20:53:28 dialing manager at 10.128.0.26:39159
2019/11/05 20:53:28 syscalls: 2397
2019/11/05 20:53:28 code coverage: enabled
2019/11/05 20:53:28 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2019/11/05 20:53:28 extra coverage: enabled
2019/11/05 20:53:28 setuid sandbox: enabled
2019/11/05 20:53:28 namespace sandbox: enabled
2019/11/05 20:53:28 Android sandbox: /sys/fs/selinux/policy does not exist
2019/11/05 20:53:28 fault injection: enabled
2019/11/05 20:53:28 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/11/05 20:53:28 net packet injection: enabled
2019/11/05 20:53:28 net device setup: enabled
2019/11/05 20:53:28 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2019/11/05 20:53:28 devlink PCI setup: PCI device 0000:00:10.0 is not available
syzkaller login: [  295.616729][    C1] =====================================================
[  295.623747][    C1] BUG: KMSAN: use-after-free in kmem_cache_free+0x3df/0x2b70
[  295.632082][    C1] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 5.4.0-rc5+ #0
[  295.639453][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  295.649514][    C1] Call Trace:
[  295.652841][    C1]  dump_stack+0x191/0x1f0
[  295.657186][    C1]  kmsan_report+0x128/0x220
[  295.661705][    C1]  __msan_warning+0x73/0xe0
[  295.666216][    C1]  kmem_cache_free+0x3df/0x2b70
[  295.671068][    C1]  ? kmsan_internal_set_origin+0x6a/0xb0
[  295.676703][    C1]  ? kfree_skb+0x473/0x4c0
[  295.681129][    C1]  ? kmsan_internal_unpoison_shadow+0x42/0x80
[  295.687309][    C1]  kfree_skb+0x473/0x4c0
[  295.691556][    C1]  ? packet_rcv_spkt+0x68d/0x7c0
[  295.696500][    C1]  packet_rcv_spkt+0x68d/0x7c0
[  295.701274][    C1]  ? packet_rcv+0x2110/0x2110
[  295.705957][    C1]  __netif_receive_skb_core+0x3aed/0x51a0
[  295.711709][    C1]  ? kmsan_get_shadow_origin_ptr+0x91/0x4b0
[  295.717619][    C1]  netif_receive_skb_internal+0x3cc/0xc20
[  295.723368][    C1]  napi_gro_receive+0x67f/0xbb0
[  295.728251][    C1]  receive_buf+0x653b/0x8810
[  295.732892][    C1]  ? kmsan_get_shadow_origin_ptr+0x91/0x4b0
[  295.738796][    C1]  virtnet_poll+0x666/0x1a10
[  295.743416][    C1]  ? refill_work+0x470/0x470
[  295.748032][    C1]  net_rx_action+0x7a6/0x1aa0
[  295.752731][    C1]  ? net_tx_action+0xc40/0xc40
[  295.757511][    C1]  __do_softirq+0x4a1/0x83a
[  295.762041][    C1]  ? ksoftirqd_should_run+0x30/0x30
[  295.767251][    C1]  ? takeover_tasklets+0x900/0x900
[  295.772370][    C1]  run_ksoftirqd+0x25/0x40
[  295.776797][    C1]  smpboot_thread_fn+0x4a3/0x990
[  295.781778][    C1]  kthread+0x4b5/0x4f0
[  295.785857][    C1]  ? cpu_report_death+0x190/0x190
[  295.790902][    C1]  ? kthread_blkcg+0xf0/0xf0
[  295.795506][    C1]  ret_from_fork+0x35/0x40
[  295.799930][    C1] 
[  295.802257][    C1] Uninit was stored to memory at:
[  295.807295][    C1]  kmsan_internal_chain_origin+0xbd/0x180
[  295.813024][    C1]  __msan_chain_origin+0x6b/0xd0
[  295.817975][    C1]  ___slab_alloc+0x1dbc/0x1fb0
[  295.822745][    C1]  kmem_cache_alloc+0xadf/0xd20
[  295.827602][    C1]  skb_clone+0x326/0x5d0
[  295.831851][    C1]  packet_rcv_spkt+0x23f/0x7c0
[  295.836626][    C1]  __netif_receive_skb_core+0x3aed/0x51a0
[  295.842355][    C1]  netif_receive_skb_internal+0x3cc/0xc20
[  295.848089][    C1]  napi_gro_receive+0x67f/0xbb0
[  295.852959][    C1]  receive_buf+0x653b/0x8810
[  295.857568][    C1]  virtnet_poll+0x666/0x1a10
[  295.862171][    C1]  net_rx_action+0x7a6/0x1aa0
[  295.866863][    C1]  __do_softirq+0x4a1/0x83a
[  295.871381][    C1]  run_ksoftirqd+0x25/0x40
[  295.875807][    C1]  smpboot_thread_fn+0x4a3/0x990
[  295.880761][    C1]  kthread+0x4b5/0x4f0
[  295.884847][    C1]  ret_from_fork+0x35/0x40
[  295.889257][    C1] 
[  295.891582][    C1] Uninit was created at:
[  295.895843][    C1]  kmsan_internal_poison_shadow+0x60/0x120
[  295.901663][    C1]  kmsan_slab_free+0x8d/0xf0
[  295.906262][    C1]  kmem_cache_free_bulk+0x3ad9/0x3f10
[  295.911641][    C1]  napi_consume_skb+0x593/0x5d0
[  295.916505][    C1]  free_old_xmit_skbs+0x1a1/0x450
[  295.921540][    C1]  virtnet_poll_tx+0x24c/0x4c0
[  295.926315][    C1]  net_rx_action+0x7a6/0x1aa0
[  295.931000][    C1]  __do_softirq+0x4a1/0x83a
[  295.935507][    C1]  irq_exit+0x230/0x280
[  295.939689][    C1]  do_IRQ+0x123/0x360
[  295.943705][    C1]  ret_from_intr+0x0/0x33
[  295.948050][    C1]  default_idle+0x53/0x90
[  295.952380][    C1]  arch_cpu_idle+0x25/0x30
[  295.956785][    C1]  do_idle+0x1d5/0x780
[  295.960899][    C1]  cpu_startup_entry+0x45/0x50
[  295.965648][    C1]  start_secondary+0x389/0x480
[  295.970387][    C1]  secondary_startup_64+0xa4/0xb0
[  295.975386][    C1] =====================================================
[  295.982290][    C1] Disabling lock debugging due to kernel taint
[  295.988416][    C1] Kernel panic - not syncing: panic_on_warn set ...
[  295.994993][    C1] CPU: 1 PID: 16 Comm: ksoftirqd/1 Tainted: G    B             5.4.0-rc5+ #0
[  296.003732][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  296.013773][    C1] Call Trace:
[  296.017047][    C1]  dump_stack+0x191/0x1f0
[  296.021360][    C1]  panic+0x3c9/0xc1e
[  296.025249][    C1]  kmsan_report+0x215/0x220
[  296.029734][    C1]  __msan_warning+0x73/0xe0
[  296.034216][    C1]  kmem_cache_free+0x3df/0x2b70
[  296.039044][    C1]  ? kmsan_internal_set_origin+0x6a/0xb0
[  296.044650][    C1]  ? kfree_skb+0x473/0x4c0
[  296.049044][    C1]  ? kmsan_internal_unpoison_shadow+0x42/0x80
[  296.055097][    C1]  kfree_skb+0x473/0x4c0
[  296.059317][    C1]  ? packet_rcv_spkt+0x68d/0x7c0
[  296.064233][    C1]  packet_rcv_spkt+0x68d/0x7c0
[  296.068978][    C1]  ? packet_rcv+0x2110/0x2110
[  296.073646][    C1]  __netif_receive_skb_core+0x3aed/0x51a0
[  296.079356][    C1]  ? kmsan_get_shadow_origin_ptr+0x91/0x4b0
[  296.085226][    C1]  netif_receive_skb_internal+0x3cc/0xc20
[  296.090930][    C1]  napi_gro_receive+0x67f/0xbb0
[  296.095769][    C1]  receive_buf+0x653b/0x8810
[  296.100354][    C1]  ? kmsan_get_shadow_origin_ptr+0x91/0x4b0
[  296.106236][    C1]  virtnet_poll+0x666/0x1a10
[  296.110838][    C1]  ? refill_work+0x470/0x470
[  296.115420][    C1]  net_rx_action+0x7a6/0x1aa0
[  296.120083][    C1]  ? net_tx_action+0xc40/0xc40
[  296.124843][    C1]  __do_softirq+0x4a1/0x83a
[  296.129329][    C1]  ? ksoftirqd_should_run+0x30/0x30
[  296.134508][    C1]  ? takeover_tasklets+0x900/0x900
[  296.139607][    C1]  run_ksoftirqd+0x25/0x40
[  296.143999][    C1]  smpboot_thread_fn+0x4a3/0x990
[  296.148918][    C1]  kthread+0x4b5/0x4f0
[  296.152985][    C1]  ? cpu_report_death+0x190/0x190
[  296.157991][    C1]  ? kthread_blkcg+0xf0/0xf0
[  296.162557][    C1]  ret_from_fork+0x35/0x40
[  296.168180][    C1] Kernel Offset: disabled
[  296.172502][    C1] Rebooting in 86400 seconds..