Warning: Permanently added '10.128.0.11' (ECDSA) to the list of known hosts.
2018/01/18 21:08:56 parsed 1 programs
2018/01/18 21:08:56 executed programs: 0
[   98.885798] IPVS: Creating netns size=2536 id=1
[   98.895552] audit: type=1400 audit(1516309736.751:5): avc:  denied  { sys_admin } for  pid=3381 comm="syz-executor0" capability=21  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
[   98.972044] audit: type=1400 audit(1516309736.831:6): avc:  denied  { sys_chroot } for  pid=3386 comm="syz-executor0" capability=18  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
[   99.084096] audit: type=1400 audit(1516309736.941:7): avc:  denied  { dac_override } for  pid=3386 comm="syz-executor0" capability=1  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
2018/01/18 21:09:01 executed programs: 58
2018/01/18 21:09:06 executed programs: 116

INIT: Id "6" respawning too fast: disabled for 5 minutes

INIT: Id "5" respawning too fast: disabled for 5 minutes

INIT: Id "4" respawning too fast: disabled for 5 minutes

INIT: Id "1" respawning too fast: disabled for 5 minutes

INIT: Id "2" respawning too fast: disabled for 5 minutes

INIT: Id "3" respawning too fast: disabled for 5 minutes
2018/01/18 21:09:11 executed programs: 176
2018/01/18 21:09:16 executed programs: 235
2018/01/18 21:09:21 executed programs: 290
2018/01/18 21:09:26 executed programs: 349
2018/01/18 21:09:32 executed programs: 405
2018/01/18 21:09:37 executed programs: 465
[  143.407155] ==================================================================
[  143.414674] BUG: KASAN: use-after-free in link_path_walk+0x104f/0x1220
[  143.421333] Read of size 4 at addr ffff8801d9c2e000 by task syz-executor0/5041
[  143.428675] 
[  143.430286] CPU: 0 PID: 5041 Comm: syz-executor0 Not tainted 4.9.77-g8788313 #16
[  143.437796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  143.447132]  ffff8801d54ef970 ffffffff81d941c9 ffffea0007670b80 ffff8801d9c2e000
[  143.455273]  0000000000000000 ffff8801d9c2e000 ffff8801d54efd30 ffff8801d54ef9a8
[  143.463239]  ffffffff8153db93 ffff8801d9c2e000 0000000000000004 0000000000000000
[  143.471206] Call Trace:
[  143.473773]  [<ffffffff81d941c9>] dump_stack+0xc1/0x128
[  143.479110]  [<ffffffff8153db93>] print_address_description+0x73/0x280
[  143.485748]  [<ffffffff8153e0b5>] kasan_report+0x275/0x360
[  143.491344]  [<ffffffff815a006f>] ? link_path_walk+0x104f/0x1220
[  143.497460]  [<ffffffff8153e1f4>] __asan_report_load4_noabort+0x14/0x20
[  143.504183]  [<ffffffff815a006f>] link_path_walk+0x104f/0x1220
[  143.510123]  [<ffffffff8159f020>] ? walk_component+0xfc0/0xfc0
[  143.516064]  [<ffffffff8123b56b>] ? trace_hardirqs_on_caller+0x38b/0x590
[  143.522869]  [<ffffffff812371e4>] ? lockdep_init_map+0xe4/0x5c0
[  143.528893]  [<ffffffff815a03fa>] path_lookupat+0x6a/0x3f0
[  143.534484]  [<ffffffff815a2140>] path_openat+0x19c0/0x2910
[  143.540163]  [<ffffffff8153cbe3>] ? save_stack+0x43/0xd0
[  143.545581]  [<ffffffff8153d482>] ? kasan_slab_alloc+0x12/0x20
[  143.551519]  [<ffffffff815a3eeb>] ? getname_flags+0xcb/0x580
[  143.557295]  [<ffffffff8156af4d>] ? do_sys_open+0x21d/0x4c0
[  143.562977]  [<ffffffff8156b260>] ? SyS_openat+0x30/0x40
[  143.568397]  [<ffffffff838b2b6e>] ? entry_SYSCALL_64_fastpath+0x29/0xe8
[  143.575116]  [<ffffffff815a0780>] ? path_lookupat+0x3f0/0x3f0
[  143.580969]  [<ffffffff81234a71>] ? __lock_is_held+0xa1/0xf0
[  143.586735]  [<ffffffff815a6887>] do_filp_open+0x197/0x290
[  143.592327]  [<ffffffff815a66f0>] ? may_open_dev+0xe0/0xe0
[  143.597918]  [<ffffffff838b229c>] ? _raw_spin_unlock+0x2c/0x50
[  143.603860]  [<ffffffff815d2207>] ? __alloc_fd+0x1d7/0x510
[  143.609463]  [<ffffffff8156b082>] do_sys_open+0x352/0x4c0
[  143.614970]  [<ffffffff8156ad30>] ? filp_open+0x70/0x70
[  143.620302]  [<ffffffff8123b56b>] ? trace_hardirqs_on_caller+0x38b/0x590
[  143.627111]  [<ffffffff8156b260>] SyS_openat+0x30/0x40
[  143.632362]  [<ffffffff838b2b6e>] entry_SYSCALL_64_fastpath+0x29/0xe8
[  143.638916] 
[  143.640515] Allocated by task 5040:
[  143.644113]  save_stack_trace+0x16/0x20
[  143.648057]  save_stack+0x43/0xd0
[  143.651481]  kasan_kmalloc+0xad/0xe0
[  143.655164]  kasan_slab_alloc+0x12/0x20
[  143.659106]  kmem_cache_alloc+0xba/0x290
[  143.663223]  __d_alloc+0x2e/0x8f0
[  143.666645]  d_make_root+0x3f/0x80
[  143.670156]  ramfs_fill_super+0x35f/0x4a0
[  143.674271]  mount_nodev+0x59/0x100
[  143.677866]  ramfs_mount+0x2c/0x40
[  143.681378]  mount_fs+0x27f/0x350
[  143.684800]  vfs_kern_mount.part.21+0xd0/0x3e0
[  143.689351]  do_mount+0x3e1/0x28b0
[  143.692860]  SyS_mount+0xab/0x120
[  143.696286]  entry_SYSCALL_64_fastpath+0x29/0xe8
[  143.701008] 
[  143.702603] Freed by task 5040:
[  143.705849]  save_stack_trace+0x16/0x20
[  143.709791]  save_stack+0x43/0xd0
[  143.713210]  kasan_slab_free+0x72/0xc0
[  143.717067]  kmem_cache_free+0xc7/0x300
[  143.721011]  dentry_free+0xd5/0x150
[  143.724605]  __dentry_kill+0x343/0x480
[  143.728460]  dput.part.23+0x680/0x7b0
[  143.732230]  do_one_tree+0x43/0x50
[  143.735741]  shrink_dcache_for_umount+0x67/0x160
[  143.740477]  generic_shutdown_super+0x6d/0x340
[  143.745033]  kill_litter_super+0x72/0x90
[  143.749073]  ramfs_kill_sb+0x3f/0x50
[  143.752759]  deactivate_locked_super+0x88/0xd0
[  143.757308]  deactivate_super+0x91/0xd0
[  143.761264]  cleanup_mnt+0xb2/0x160
[  143.764860]  __cleanup_mnt+0x16/0x20
[  143.768543]  task_work_run+0x115/0x190
[  143.772399]  exit_to_usermode_loop+0xfc/0x120
[  143.776862]  syscall_return_slowpath+0x1a0/0x1e0
[  143.781589]  entry_SYSCALL_64_fastpath+0xe6/0xe8
[  143.786311] 
[  143.787910] The buggy address belongs to the object at ffff8801d9c2e000
[  143.787910]  which belongs to the cache dentry of size 288
[  143.800112] The buggy address is located 0 bytes inside of
[  143.800112]  288-byte region [ffff8801d9c2e000, ffff8801d9c2e120)
[  143.811785] The buggy address belongs to the page:
[  143.816700] page:ffffea0007670b80 count:1 mapcount:0 mapping:          (null) index:0x0 compound_mapcount: 0
[  143.826870] flags: 0x8000000000004080(slab|head)
[  143.831591] page dumped because: kasan: bad access detected
[  143.837267] 
[  143.838871] Memory state around the buggy address:
[  143.843781]  ffff8801d9c2df00: fc fc fc fc 00 00 00 00 00 00 00 00 00 00 00 00
[  143.851107]  ffff8801d9c2df80: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  143.858442] >ffff8801d9c2e000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  143.865785]                    ^
[  143.869128]  ffff8801d9c2e080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  143.876462]  ffff8801d9c2e100: fb fb fb fb fc fc fc fc fc fc fc fc 00 00 00 00
[  143.883792] ==================================================================
[  143.891118] Disabling lock debugging due to kernel taint
[  143.896831] Kernel panic - not syncing: panic_on_warn set ...
[  143.896831] 
[  143.904171] CPU: 0 PID: 5041 Comm: syz-executor0 Tainted: G    B           4.9.77-g8788313 #16
[  143.912889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  143.922214]  ffff8801d54ef8c8 ffffffff81d941c9 ffffffff841970ff ffff8801d54ef9a0
[  143.930183]  0000000000000000 ffff8801d9c2e000 ffff8801d54efd30 ffff8801d54ef990
[  143.938151]  ffffffff8142f3c1 0000000041b58ab3 ffffffff8418ab70 ffffffff8142f205
[  143.946117] Call Trace:
[  143.948678]  [<ffffffff81d941c9>] dump_stack+0xc1/0x128
[  143.954010]  [<ffffffff8142f3c1>] panic+0x1bc/0x3a8
[  143.958997]  [<ffffffff8142f205>] ? percpu_up_read_preempt_enable.constprop.53+0xd7/0xd7
[  143.967197]  [<ffffffff838a38a5>] ? preempt_schedule+0x25/0x30
[  143.973140]  [<ffffffff81003066>] ? ___preempt_schedule+0x16/0x18
[  143.979345]  [<ffffffff8153db00>] kasan_end_report+0x50/0x50
[  143.985114]  [<ffffffff8153dfa7>] kasan_report+0x167/0x360
[  143.990709]  [<ffffffff815a006f>] ? link_path_walk+0x104f/0x1220
[  143.996825]  [<ffffffff8153e1f4>] __asan_report_load4_noabort+0x14/0x20
[  144.003556]  [<ffffffff815a006f>] link_path_walk+0x104f/0x1220
[  144.009503]  [<ffffffff8159f020>] ? walk_component+0xfc0/0xfc0
[  144.015449]  [<ffffffff8123b56b>] ? trace_hardirqs_on_caller+0x38b/0x590
[  144.022259]  [<ffffffff812371e4>] ? lockdep_init_map+0xe4/0x5c0
[  144.028287]  [<ffffffff815a03fa>] path_lookupat+0x6a/0x3f0
[  144.033879]  [<ffffffff815a2140>] path_openat+0x19c0/0x2910
[  144.039558]  [<ffffffff8153cbe3>] ? save_stack+0x43/0xd0
[  144.044977]  [<ffffffff8153d482>] ? kasan_slab_alloc+0x12/0x20
[  144.050936]  [<ffffffff815a3eeb>] ? getname_flags+0xcb/0x580
[  144.056707]  [<ffffffff8156af4d>] ? do_sys_open+0x21d/0x4c0
[  144.062385]  [<ffffffff8156b260>] ? SyS_openat+0x30/0x40
[  144.067807]  [<ffffffff838b2b6e>] ? entry_SYSCALL_64_fastpath+0x29/0xe8
[  144.074527]  [<ffffffff815a0780>] ? path_lookupat+0x3f0/0x3f0
[  144.080392]  [<ffffffff81234a71>] ? __lock_is_held+0xa1/0xf0
[  144.086174]  [<ffffffff815a6887>] do_filp_open+0x197/0x290
[  144.091769]  [<ffffffff815a66f0>] ? may_open_dev+0xe0/0xe0
[  144.097362]  [<ffffffff838b229c>] ? _raw_spin_unlock+0x2c/0x50
[  144.103306]  [<ffffffff815d2207>] ? __alloc_fd+0x1d7/0x510
[  144.108901]  [<ffffffff8156b082>] do_sys_open+0x352/0x4c0
[  144.114406]  [<ffffffff8156ad30>] ? filp_open+0x70/0x70
[  144.119738]  [<ffffffff8123b56b>] ? trace_hardirqs_on_caller+0x38b/0x590
[  144.130117]  [<ffffffff8156b260>] SyS_openat+0x30/0x40
[  144.135368]  [<ffffffff838b2b6e>] entry_SYSCALL_64_fastpath+0x29/0xe8
[  144.142279] Dumping ftrace buffer:
[  144.145788]    (ftrace buffer empty)
[  144.149468] Kernel Offset: disabled
[  144.153064] Rebooting in 86400 seconds..