[....] Starting enhanced syslogd: rsyslogd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[ 79.038427][ T32] audit: type=1800 audit(1570568699.083:25): pid=11718 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[ 79.061327][ T32] audit: type=1800 audit(1570568699.103:26): pid=11718 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[ 79.106302][ T32] audit: type=1800 audit(1570568699.133:27): pid=11718 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.1.8' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
executing program
syzkaller login: [ 88.392708][ T684] Bluetooth: Error in BCSP hdr checksum
[ 88.442533][ T1124] Bluetooth: Error in BCSP hdr checksum
[ 88.462696][ T684] Bluetooth: Error in BCSP hdr checksum
[ 88.468575][ T605] Bluetooth: Error in BCSP hdr checksum
[ 88.475318][ T1124] Bluetooth: Error in BCSP hdr checksum
[ 88.475373][ T1282] Bluetooth: Error in BCSP hdr checksum
[ 88.652507][ T1282] Bluetooth: Error in BCSP hdr checksum
[ 88.702715][ T1282] Bluetooth: Error in BCSP hdr checksum
[ 88.722976][ T1124] Bluetooth: Error in BCSP hdr checksum
[ 88.728698][ T1124] Bluetooth: Error in BCSP hdr checksum
[ 88.734755][ T1579] Bluetooth: Error in BCSP hdr checksum
[ 88.734812][ T684] Bluetooth: Error in BCSP hdr checksum
[ 88.912657][ T684] Bluetooth: Error in BCSP hdr checksum
[ 90.172132][ T2898] Bluetooth: hci0: command 0x1003 tx timeout
[ 90.178384][T11891] Bluetooth: hci0: sending frame failed (-49)
[ 90.252144][ T31] Bluetooth: hci1: command 0x1003 tx timeout
[ 90.252159][ T2898] Bluetooth: hci5: command 0x1003 tx timeout
[ 90.252322][T11891] Bluetooth: hci5: sending frame failed (-49)
[ 90.270750][T11891] Bluetooth: hci1: sending frame failed (-49)
[ 90.277116][ T2898] Bluetooth: hci4: command 0x1003 tx timeout
[ 90.283360][T11892] Bluetooth: hci4: sending frame failed (-49)
[ 90.283380][ T2898] Bluetooth: hci3: command 0x1003 tx timeout
[ 90.289757][T11891] Bluetooth: hci3: sending frame failed (-49)
[ 90.302273][ T2898] Bluetooth: hci2: command 0x1003 tx timeout
[ 90.308503][T11891] Bluetooth: hci2: sending frame failed (-49)
[ 92.252080][ T2898] Bluetooth: hci0: command 0x1001 tx timeout
[ 92.258401][T11891] Bluetooth: hci0: sending frame failed (-49)
[ 92.332132][ T31] Bluetooth: hci4: command 0x1001 tx timeout
[ 92.332149][ T2898] Bluetooth: hci2: command 0x1001 tx timeout
[ 92.332215][ T2898] Bluetooth: hci3: command 0x1001 tx timeout
[ 92.338446][T11891] Bluetooth: hci2: sending frame failed (-49)
[ 92.345105][ T2898] Bluetooth: hci1: command 0x1001 tx timeout
[ 92.350563][T11892] Bluetooth: hci4: sending frame failed (-49)
[ 92.358017][T11890] Bluetooth: hci3: sending frame failed (-49)
[ 92.362780][T11891] Bluetooth: hci1: sending frame failed (-49)
[ 92.368975][ T2898] Bluetooth: hci5: command 0x1001 tx timeout
[ 92.387256][T11891] Bluetooth: hci5: sending frame failed (-49)
[ 94.339916][ T31] Bluetooth: hci0: command 0x1009 tx timeout
[ 94.412276][ T31] Bluetooth: hci5: command 0x1009 tx timeout
[ 94.412293][ T2898] Bluetooth: hci3: command 0x1009 tx timeout
[ 94.424700][ T31] Bluetooth: hci1: command 0x1009 tx timeout
[ 94.430746][ T31] Bluetooth: hci4: command 0x1009 tx timeout
[ 94.436889][ T31] Bluetooth: hci2: command 0x1009 tx timeout
executing program
executing program
executing program
[ 98.350400][ T684] Bluetooth: Error in BCSP hdr checksum
[ 98.356754][ T5280] =====================================================
[ 98.363741][ T5280] BUG: KMSAN: use-after-free in copyout+0x16b/0x1f0
[ 98.370339][ T5280] CPU: 1 PID: 5280 Comm: udevd Not tainted 5.3.0-rc7+ #0
[ 98.377352][ T5280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 98.387390][ T5280] Call Trace:
[ 98.390677][ T5280] dump_stack+0x191/0x1f0
[ 98.395005][ T5280] kmsan_report+0x17d/0x2f0
[ 98.399505][ T5280] kmsan_internal_check_memory+0x3bb/0x4c0
[ 98.405299][ T5280] ? __msan_metadata_ptr_for_load_4+0x10/0x20
[ 98.411361][ T5280] kmsan_copy_to_user+0xa9/0xb0
[ 98.416395][ T5280] copyout+0x16b/0x1f0
[ 98.420460][ T5280] _copy_to_iter+0x366/0x26e0
[ 98.425164][ T5280] simple_copy_to_iter+0x92/0xb0
[ 98.430094][ T5280] __skb_datagram_iter+0x257/0xf00
[ 98.435203][ T5280] ? skb_copy_datagram_iter+0x2b0/0x2b0
[ 98.440748][ T5280] skb_copy_datagram_iter+0x29c/0x2b0
[ 98.446117][ T5280] netlink_recvmsg+0x68c/0x18e0
[ 98.450971][ T5280] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[ 98.456852][ T5280] sock_recvmsg+0x3b3/0x3c0
[ 98.461341][ T5280] ? netlink_sendmsg+0x1330/0x1330
[ 98.466445][ T5280] ___sys_recvmsg+0x461/0x11e0
[ 98.471213][ T5280] ? unix_dgram_sendmsg+0x3900/0x3900
[ 98.476580][ T5280] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[ 98.482460][ T5280] ? __msan_metadata_ptr_for_load_4+0x10/0x20
[ 98.488514][ T5280] ? __fget_light+0x1b8/0x710
[ 98.493185][ T5280] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[ 98.499085][ T5280] __se_sys_recvmsg+0x2fa/0x450
[ 98.503941][ T5280] __x64_sys_recvmsg+0x4a/0x70
[ 98.508694][ T5280] do_syscall_64+0xbc/0xf0
[ 98.513105][ T5280] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 98.518980][ T5280] RIP: 0033:0x7fe836bf4210
[ 98.523381][ T5280] Code: 31 d2 48 29 c2 64 89 11 48 83 c8 ff eb ea 90 90 90 90 90 90 90 90 90 90 90 90 83 3d e5 d3 2a 00 00 75 10 b8 2f 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 6e bb 00 00 48 89 04 24
[ 98.543059][ T5280] RSP: 002b:00007ffd65c95c28 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[ 98.551453][ T5280] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fe836bf4210
[ 98.559413][ T5280] RDX: 0000000000000000 RSI: 00007ffd65c95c90 RDI: 0000000000000004
[ 98.567369][ T5280] RBP: 0000000001021f80 R08: 0000000000000000 R09: 0000000000000000
[ 98.575326][ T5280] R10: 0000000000000040 R11: 0000000000000246 R12: 00007ffd65c95cf0
[ 98.583283][ T5280] R13: 0000000000000000 R14: 000000000100d2d0 R15: 000000000100d250
[ 98.591264][ T5280]
[ 98.593581][ T5280] Uninit was created at:
[ 98.597816][ T5280] kmsan_internal_poison_shadow+0x60/0x120
[ 98.603608][ T5280] kmsan_slab_free+0x8d/0x100
[ 98.608278][ T5280] kfree+0x4c1/0x2db0
[ 98.612251][ T5280] skb_release_data+0x7de/0x9d0
[ 98.617093][ T5280] kfree_skb+0x322/0x4c0
[ 98.621329][ T5280] bcsp_close+0x127/0x1e0
[ 98.625651][ T5280] hci_uart_tty_close+0x385/0x410
[ 98.630668][ T5280] tty_ldisc_release+0x5dd/0xdb0
[ 98.635602][ T5280] tty_release_struct+0x4f/0x1d0
[ 98.640531][ T5280] tty_release+0x1be2/0x1e80
[ 98.645116][ T5280] __fput+0x4c9/0xba0
[ 98.649093][ T5280] ____fput+0x37/0x40
[ 98.653073][ T5280] task_work_run+0x22e/0x2a0
[ 98.657672][ T5280] do_exit+0xf29/0x3aa0
[ 98.661819][ T5280] do_group_exit+0x18a/0x320
[ 98.666404][ T5280] __do_sys_exit_group+0x21/0x30
[ 98.671344][ T5280] __se_sys_exit_group+0x14/0x20
[ 98.677229][ T5280] __x64_sys_exit_group+0x1d/0x20
[ 98.682594][ T5280] do_syscall_64+0xbc/0xf0
[ 98.687005][ T5280] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 98.692881][ T5280]
[ 98.695201][ T5280] Bytes 8-137 of 138 are uninitialized
[ 98.700647][ T5280] Memory access of size 138 starts at ffff88810ab4e000
[ 98.707476][ T5280] =====================================================
[ 98.714482][ T5280] Disabling lock debugging due to kernel taint
[ 98.720624][ T5280] Kernel panic - not syncing: panic_on_warn set ...
[ 98.727219][ T5280] CPU: 1 PID: 5280 Comm: udevd Tainted: G B 5.3.0-rc7+ #0
[ 98.735619][ T5280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 98.745663][ T5280] Call Trace:
[ 98.748961][ T5280] dump_stack+0x191/0x1f0
[ 98.753295][ T5280] panic+0x3c9/0xc1e
[ 98.757223][ T5280] kmsan_report+0x2e5/0x2f0
[ 98.761732][ T5280] kmsan_internal_check_memory+0x3bb/0x4c0
[ 98.767540][ T5280] ? __msan_metadata_ptr_for_load_4+0x10/0x20
[ 98.773616][ T5280] kmsan_copy_to_user+0xa9/0xb0
[ 98.778467][ T5280] copyout+0x16b/0x1f0
[ 98.782543][ T5280] _copy_to_iter+0x366/0x26e0
[ 98.787251][ T5280] simple_copy_to_iter+0x92/0xb0
[ 98.792197][ T5280] __skb_datagram_iter+0x257/0xf00
[ 98.797309][ T5280] ? skb_copy_datagram_iter+0x2b0/0x2b0
[ 98.802883][ T5280] skb_copy_datagram_iter+0x29c/0x2b0
[ 98.808266][ T5280] netlink_recvmsg+0x68c/0x18e0
[ 98.813145][ T5280] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[ 98.819037][ T5280] sock_recvmsg+0x3b3/0x3c0
[ 98.823548][ T5280] ? netlink_sendmsg+0x1330/0x1330
[ 98.828666][ T5280] ___sys_recvmsg+0x461/0x11e0
[ 98.833445][ T5280] ? unix_dgram_sendmsg+0x3900/0x3900
[ 98.838834][ T5280] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[ 98.844729][ T5280] ? __msan_metadata_ptr_for_load_4+0x10/0x20
[ 98.850792][ T5280] ? __fget_light+0x1b8/0x710
[ 98.855474][ T5280] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0
[ 98.861381][ T5280] __se_sys_recvmsg+0x2fa/0x450
[ 98.866246][ T5280] __x64_sys_recvmsg+0x4a/0x70
[ 98.871006][ T5280] do_syscall_64+0xbc/0xf0
[ 98.875428][ T5280] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 98.881310][ T5280] RIP: 0033:0x7fe836bf4210
[ 98.885821][ T5280] Code: 31 d2 48 29 c2 64 89 11 48 83 c8 ff eb ea 90 90 90 90 90 90 90 90 90 90 90 90 83 3d e5 d3 2a 00 00 75 10 b8 2f 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 6e bb 00 00 48 89 04 24
[ 98.905431][ T5280] RSP: 002b:00007ffd65c95c28 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[ 98.913869][ T5280] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fe836bf4210
[ 98.921842][ T5280] RDX: 0000000000000000 RSI: 00007ffd65c95c90 RDI: 0000000000000004
[ 98.929815][ T5280] RBP: 0000000001021f80 R08: 0000000000000000 R09: 0000000000000000
[ 98.938040][ T5280] R10: 0000000000000040 R11: 0000000000000246 R12: 00007ffd65c95cf0
[ 98.946004][ T5280] R13: 0000000000000000 R14: 000000000100d2d0 R15: 000000000100d250
[ 100.266273][ T5280] Shutting down cpus with NMI
[ 100.285764][ T5280] Kernel Offset: disabled
[ 100.290162][ T5280] Rebooting in 86400 seconds..