[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   18.608487] audit: type=1800 audit(1553324751.483:29): pid=4933 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   40.850966] ld (5097) used greatest stack depth: 15016 bytes left
[   40.979600] IPVS: ftp: loaded support on port[0] = 21
[   43.903476] can: request_module (can-proto-0) failed.
[   43.912510] can: request_module (can-proto-0) failed.
Warning: Permanently added '10.128.15.200' (ECDSA) to the list of known hosts.
2019/03/23 07:06:24 parsed 1 programs
2019/03/23 07:06:24 executed programs: 0
[   51.995215] IPVS: ftp: loaded support on port[0] = 21
[   52.066526] IPVS: ftp: loaded support on port[0] = 21
[   52.108705] IPVS: ftp: loaded support on port[0] = 21
[   52.161176] IPVS: ftp: loaded support on port[0] = 21
[   52.213198] IPVS: ftp: loaded support on port[0] = 21
[   52.273087] IPVS: ftp: loaded support on port[0] = 21
[   52.859570] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.873877] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.881767] device bridge_slave_0 entered promiscuous mode
[   52.959943] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.968125] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.976192] device bridge_slave_1 entered promiscuous mode
[   52.995480] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.004760] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.016574] device bridge_slave_0 entered promiscuous mode
[   53.034714] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.045184] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.052551] device bridge_slave_0 entered promiscuous mode
[   53.066931] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   53.077123] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.084687] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.092378] device bridge_slave_1 entered promiscuous mode
[   53.117594] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.132888] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.139999] device bridge_slave_1 entered promiscuous mode
[   53.164362] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   53.181862] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   53.198371] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   53.220219] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   53.227369] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.246064] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.255440] device bridge_slave_0 entered promiscuous mode
[   53.269689] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   53.287397] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.298575] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.311048] device bridge_slave_0 entered promiscuous mode
[   53.318579] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.325641] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.333393] device bridge_slave_0 entered promiscuous mode
[   53.347713] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.357545] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.366543] device bridge_slave_1 entered promiscuous mode
[   53.387038] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.394834] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.403140] device bridge_slave_1 entered promiscuous mode
[   53.418069] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.431553] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.439248] device bridge_slave_1 entered promiscuous mode
[   53.446749] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   53.459456] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   53.469085] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   53.481476] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   53.491247] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   53.499460] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   53.521580] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   53.529839] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   53.549283] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   53.563874] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   53.577930] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   53.603392] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   53.615918] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   53.630156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   53.643184] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   53.658045] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   53.675754] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   53.693716] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   53.709822] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   53.720188] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   53.741404] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   53.752393] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   53.759603] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   53.769947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   53.779045] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   53.793361] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   53.815860] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   53.825905] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   53.873529] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   53.895033] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   53.939615] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   53.951872] team0: Port device team_slave_0 added
[   53.958196] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   53.969591] team0: Port device team_slave_0 added
[   53.977946] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   53.986178] team0: Port device team_slave_0 added
[   54.008689] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   54.021097] team0: Port device team_slave_1 added
[   54.027043] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   54.038734] team0: Port device team_slave_1 added
[   54.049873] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   54.066947] team0: Port device team_slave_1 added
[   54.102228] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   54.124553] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   54.132389] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   54.142537] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   54.149946] team0: Port device team_slave_0 added
[   54.179482] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   54.190855] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   54.206854] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   54.222085] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   54.229313] team0: Port device team_slave_1 added
[   54.237680] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   54.245992] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   54.254117] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   54.265262] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   54.272789] team0: Port device team_slave_0 added
[   54.279417] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   54.289598] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   54.307930] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   54.320663] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   54.328437] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   54.336919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   54.349432] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   54.358515] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   54.368711] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   54.378591] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   54.390270] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   54.397475] team0: Port device team_slave_0 added
[   54.404381] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   54.412451] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   54.420850] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   54.428652] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   54.436998] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   54.444633] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   54.454231] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   54.466931] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   54.476423] team0: Port device team_slave_1 added
[   54.486120] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   54.497761] team0: Port device team_slave_1 added
[   54.509260] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   54.526251] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   54.535527] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   54.553650] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   54.565383] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   54.580404] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   54.589595] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   54.599358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   54.613889] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   54.628335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   54.640820] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   54.652127] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   54.664926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   54.682402] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   54.694173] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   54.708417] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   54.719091] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   54.732389] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   54.745283] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   54.756420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   54.769669] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   54.785123] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   54.797167] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   54.818135] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   54.834024] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   54.850965] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   55.096603] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.103169] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.110213] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.116572] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.125394] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   55.138622] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.145028] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.151712] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.158120] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.168006] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   55.177371] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.183801] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.190504] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.196983] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.205412] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   55.238741] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.245178] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.251863] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.258228] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.270658] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   55.431066] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.437449] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.444124] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.450515] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.460724] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   55.472866] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.479231] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.485904] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.492395] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.500630] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   55.593352] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   55.601544] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   55.624942] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   55.633181] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   55.640356] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   55.647329] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   57.184744] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.235936] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.263102] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.281809] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.369472] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   57.427400] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.436539] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   57.449703] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.460698] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   57.471052] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   57.542872] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   57.549070] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   57.557031] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   57.621059] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   57.635859] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   57.662699] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   57.668886] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   57.675970] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   57.699415] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   57.715366] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   57.727943] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   57.739170] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   57.753563] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   57.762571] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   57.793471] 8021q: adding VLAN 0 to HW filter on device team0
[   57.851783] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   57.858098] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   57.867243] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   57.878500] 8021q: adding VLAN 0 to HW filter on device team0
[   57.889196] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   57.902954] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   57.914380] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   57.964561] 8021q: adding VLAN 0 to HW filter on device team0
[   57.983010] 8021q: adding VLAN 0 to HW filter on device team0
[   58.034375] 8021q: adding VLAN 0 to HW filter on device team0
[   58.100557] 8021q: adding VLAN 0 to HW filter on device team0
2019/03/23 07:06:32 executed programs: 6
2019/03/23 07:06:37 executed programs: 90
2019/03/23 07:06:42 executed programs: 182
2019/03/23 07:06:47 executed programs: 262
2019/03/23 07:06:52 executed programs: 360
2019/03/23 07:06:57 executed programs: 451
2019/03/23 07:07:02 executed programs: 535
2019/03/23 07:07:07 executed programs: 620
2019/03/23 07:07:12 executed programs: 703
2019/03/23 07:07:17 executed programs: 798
2019/03/23 07:07:22 executed programs: 881
2019/03/23 07:07:27 executed programs: 957
2019/03/23 07:07:32 executed programs: 1032
2019/03/23 07:07:37 executed programs: 1115
2019/03/23 07:07:42 executed programs: 1206
2019/03/23 07:07:47 executed programs: 1288
2019/03/23 07:07:52 executed programs: 1369
2019/03/23 07:07:58 executed programs: 1464
2019/03/23 07:08:03 executed programs: 1548
2019/03/23 07:08:08 executed programs: 1635
2019/03/23 07:08:13 executed programs: 1721
2019/03/23 07:08:18 executed programs: 1821
2019/03/23 07:08:23 executed programs: 1921
2019/03/23 07:08:28 executed programs: 2013
2019/03/23 07:08:33 executed programs: 2100
2019/03/23 07:08:38 executed programs: 2198
2019/03/23 07:08:43 executed programs: 2283
2019/03/23 07:08:49 executed programs: 2362
2019/03/23 07:08:54 executed programs: 2441
2019/03/23 07:08:59 executed programs: 2536
2019/03/23 07:09:04 executed programs: 2620
2019/03/23 07:09:09 executed programs: 2704
2019/03/23 07:09:14 executed programs: 2795
2019/03/23 07:09:19 executed programs: 2881
2019/03/23 07:09:24 executed programs: 2966
2019/03/23 07:09:29 executed programs: 3050
2019/03/23 07:09:34 executed programs: 3140
2019/03/23 07:09:39 executed programs: 3217
2019/03/23 07:09:44 executed programs: 3296
2019/03/23 07:09:49 executed programs: 3386
2019/03/23 07:09:55 executed programs: 3480
2019/03/23 07:10:00 executed programs: 3562
2019/03/23 07:10:05 executed programs: 3645
2019/03/23 07:10:10 executed programs: 3739
2019/03/23 07:10:15 executed programs: 3830
2019/03/23 07:10:20 executed programs: 3923
2019/03/23 07:10:25 executed programs: 3997
2019/03/23 07:10:30 executed programs: 4095
2019/03/23 07:10:35 executed programs: 4189
2019/03/23 07:10:40 executed programs: 4275
2019/03/23 07:10:46 executed programs: 4364
2019/03/23 07:10:51 executed programs: 4454
2019/03/23 07:10:56 executed programs: 4552
2019/03/23 07:11:01 executed programs: 4635
2019/03/23 07:11:06 executed programs: 4725
2019/03/23 07:11:11 executed programs: 4808
2019/03/23 07:11:16 executed programs: 4893
2019/03/23 07:11:21 executed programs: 4980
2019/03/23 07:11:26 executed programs: 5063
2019/03/23 07:11:31 executed programs: 5158
2019/03/23 07:11:36 executed programs: 5241
2019/03/23 07:11:41 executed programs: 5333
2019/03/23 07:11:47 executed programs: 5422
2019/03/23 07:11:52 executed programs: 5505
2019/03/23 07:11:57 executed programs: 5600
2019/03/23 07:12:02 executed programs: 5687
2019/03/23 07:12:07 executed programs: 5771
2019/03/23 07:12:12 executed programs: 5855
2019/03/23 07:12:17 executed programs: 5951
2019/03/23 07:12:22 executed programs: 6040
2019/03/23 07:12:27 executed programs: 6129
2019/03/23 07:12:32 executed programs: 6215
2019/03/23 07:12:37 executed programs: 6299
2019/03/23 07:12:42 executed programs: 6386
2019/03/23 07:12:47 executed programs: 6476
2019/03/23 07:12:52 executed programs: 6567
2019/03/23 07:12:57 executed programs: 6650
[  448.045793] ==================================================================
[  448.053414] BUG: KASAN: use-after-free in fuse_dev_do_read.isra.24+0x166f/0x1be0
[  448.060937] Read of size 8 at addr ffff8801cec98430 by task syz-executor0/9001
[  448.068286] 
[  448.069901] CPU: 1 PID: 9001 Comm: syz-executor0 Not tainted 4.16.0-rc6+ #1
[  448.076990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  448.086330] Call Trace:
[  448.089107]  dump_stack+0x153/0x201
[  448.092926]  ? arch_local_irq_restore+0x43/0x43
[  448.097579]  ? printk+0x9a/0xc0
[  448.100844]  ? show_regs_print_info+0xb/0xb
[  448.105265]  print_address_description.cold.7+0x9/0x1c9
[  448.110739]  kasan_report.cold.8+0x242/0x2fe
[  448.115255]  ? fuse_dev_do_read.isra.24+0x166f/0x1be0
[  448.120476]  __asan_report_load8_noabort+0x14/0x20
[  448.125393]  fuse_dev_do_read.isra.24+0x166f/0x1be0
[  448.130397]  ? debug_check_no_locks_freed+0x310/0x310
[  448.135574]  ? end_requests+0x470/0x470
[  448.139529]  ? print_usage_bug+0xc0/0xc0
[  448.143576]  ? prepare_to_wait+0x4f0/0x4f0
[  448.147932]  ? print_usage_bug+0xc0/0xc0
[  448.152139]  ? __unqueue_futex+0x270/0x270
[  448.156376]  ? add_lock_to_list.isra.29+0x4b0/0x4b0
[  448.161703]  ? wake_up_q+0x9c/0xe0
[  448.165236]  ? futex_wake+0x245/0x8a0
[  448.169025]  ? find_held_lock+0x36/0x1c0
[  448.173085]  ? aa_file_perm+0x319/0xda0
[  448.177065]  ? lock_downgrade+0x900/0x900
[  448.181241]  ? rcu_read_lock_bh_held+0xc0/0xc0
[  448.185813]  ? debug_smp_processor_id+0x17/0x20
[  448.190557]  ? rcu_is_watching+0x69/0x180
[  448.194700]  ? __lock_is_held+0xb5/0x140
[  448.198859]  ? rcu_dynticks_eqs_exit+0x70/0x70
[  448.203436]  ? aa_file_perm+0x336/0xda0
[  448.207393]  ? rcu_read_lock_bh_held+0xc0/0xc0
[  448.211958]  ? aa_path_link+0x610/0x610
[  448.215913]  ? rcu_dynticks_eqs_exit+0x70/0x70
[  448.220485]  ? memset+0x31/0x40
[  448.223752]  fuse_dev_read+0x185/0x240
[  448.227665]  ? fuse_dev_splice_read+0x7a0/0x7a0
[  448.232375]  ? find_held_lock+0x36/0x1c0
[  448.236439]  __vfs_read+0x54a/0xd20
[  448.240161]  ? debug_lockdep_rcu_enabled+0x77/0x90
[  448.245069]  ? vfs_copy_file_range+0xb60/0xb60
[  448.249737]  ? fsnotify_first_mark+0x280/0x280
[  448.254360]  ? rw_verify_area+0xb8/0x2b0
[  448.258411]  ? __fdget_raw+0x10/0x10
[  448.262151]  vfs_read+0xf5/0x300
[  448.265509]  SyS_read+0xf5/0x250
[  448.268860]  ? kernel_write+0x130/0x130
[  448.272823]  ? do_fast_syscall_32+0x151/0x1016
[  448.277396]  do_fast_syscall_32+0x3d5/0x1016
[  448.281797]  ? _raw_spin_unlock_irq+0x27/0x80
[  448.286317]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  448.291337]  ? do_int80_syscall_32+0x9f0/0x9f0
[  448.296277]  ? _raw_spin_unlock_irq+0x60/0x80
[  448.300761]  ? finish_task_switch+0x1f4/0x890
[  448.305411]  ? syscall_return_slowpath+0x215/0x4e0
[  448.310337]  ? prepare_exit_to_usermode+0x300/0x300
[  448.315348]  ? sysret32_from_system_call+0x5/0x3c
[  448.320187]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  448.325080]  entry_SYSENTER_compat+0x70/0x7f
[  448.329492] RIP: 0023:0xf7f8fcb9
[  448.332846] RSP: 002b:00000000f7f8b0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000003
[  448.340546] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020001000
[  448.347796] RDX: 00000000ffffff20 RSI: 0000000000000000 RDI: 0000000000000000
[  448.355047] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  448.362301] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  448.369595] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  448.376890] 
[  448.378514] Allocated by task 9010:
[  448.382133]  save_stack+0x43/0xd0
[  448.385681]  kasan_kmalloc+0xc7/0xe0
[  448.389408]  kasan_slab_alloc+0x12/0x20
[  448.393373]  kmem_cache_alloc+0x12e/0x790
[  448.397518]  __fuse_request_alloc+0x23/0xc0
[  448.401827]  __fuse_get_req+0x186/0x8d0
[  448.405790]  fuse_simple_request+0x20/0x610
[  448.410101]  fuse_do_setattr+0x820/0x1f60
[  448.414262]  fuse_setattr+0x1a6/0x470
[  448.418074]  notify_change+0x779/0xda0
[  448.421942]  utimes_common.isra.1+0x3f8/0x7f0
[  448.426420]  do_utimes+0x199/0x250
[  448.430053]  compat_SyS_utimes+0x1f8/0x2e0
[  448.434563]  do_fast_syscall_32+0x3d5/0x1016
[  448.438956]  entry_SYSENTER_compat+0x70/0x7f
[  448.443357] 
[  448.444974] Freed by task 9010:
[  448.448305]  save_stack+0x43/0xd0
[  448.451740]  __kasan_slab_free+0x102/0x150
[  448.455957]  kasan_slab_free+0xe/0x10
[  448.459750]  kmem_cache_free+0x83/0x2d0
[  448.463719]  fuse_request_free+0x77/0x90
[  448.467762]  fuse_put_request+0x22a/0x2d0
[  448.471901]  fuse_simple_request+0x38a/0x610
[  448.476394]  fuse_do_setattr+0x820/0x1f60
[  448.480525]  fuse_setattr+0x1a6/0x470
[  448.484304]  notify_change+0x779/0xda0
[  448.488342]  utimes_common.isra.1+0x3f8/0x7f0
[  448.492918]  do_utimes+0x199/0x250
[  448.496443]  compat_SyS_utimes+0x1f8/0x2e0
[  448.500769]  do_fast_syscall_32+0x3d5/0x1016
[  448.505172]  entry_SYSENTER_compat+0x70/0x7f
[  448.509660] 
[  448.511273] The buggy address belongs to the object at ffff8801cec98400
[  448.511273]  which belongs to the cache fuse_request of size 448
[  448.524116] The buggy address is located 48 bytes inside of
[  448.524116]  448-byte region [ffff8801cec98400, ffff8801cec985c0)
[  448.535897] The buggy address belongs to the page:
[  448.540853] page:ffffea00073b2600 count:1 mapcount:0 mapping:ffff8801cec98000 index:0x0
[  448.549166] flags: 0x2fffc0000000100(slab)
[  448.553534] raw: 02fffc0000000100 ffff8801cec98000 0000000000000000 0000000100000008
[  448.561407] raw: ffffea0007656660 ffffea00076359e0 ffff8801d4de8680 0000000000000000
[  448.569270] page dumped because: kasan: bad access detected
[  448.574960] 
[  448.576564] Memory state around the buggy address:
[  448.581477]  ffff8801cec98300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  448.588871]  ffff8801cec98380: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  448.596217] >ffff8801cec98400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  448.603596]                                      ^
[  448.608507]  ffff8801cec98480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  448.615843]  ffff8801cec98500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  448.623284] ==================================================================
[  448.630625] Disabling lock debugging due to kernel taint
[  448.637182] Kernel panic - not syncing: panic_on_warn set ...
[  448.637182] 
[  448.644538] CPU: 1 PID: 9001 Comm: syz-executor0 Tainted: G    B            4.16.0-rc6+ #1
[  448.663660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  448.672993] Call Trace:
[  448.675560]  dump_stack+0x153/0x201
[  448.679164]  ? arch_local_irq_restore+0x43/0x43
[  448.683951]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  448.688773]  panic+0x1b2/0x369
[  448.691947]  ? add_taint.cold.5+0x11/0x11
[  448.696078]  ? ___preempt_schedule+0x16/0x18
[  448.700572]  kasan_end_report+0x47/0x4f
[  448.704626]  kasan_report.cold.8+0x76/0x2fe
[  448.708938]  ? fuse_dev_do_read.isra.24+0x166f/0x1be0
[  448.714296]  __asan_report_load8_noabort+0x14/0x20
[  448.719204]  fuse_dev_do_read.isra.24+0x166f/0x1be0
[  448.724292]  ? debug_check_no_locks_freed+0x310/0x310
[  448.729476]  ? end_requests+0x470/0x470
[  448.733433]  ? print_usage_bug+0xc0/0xc0
[  448.737473]  ? prepare_to_wait+0x4f0/0x4f0
[  448.739304] kobject: '0:50' (000000006b9af6dc): kobject_add_internal: parent: 'bdi', set: 'devices'
[  448.741769]  ? print_usage_bug+0xc0/0xc0
[  448.741775]  ? __unqueue_futex+0x270/0x270
[  448.741778]  ? add_lock_to_list.isra.29+0x4b0/0x4b0
[  448.741781]  ? wake_up_q+0x9c/0xe0
[  448.741785]  ? futex_wake+0x245/0x8a0
[  448.741789]  ? find_held_lock+0x36/0x1c0
[  448.741796]  ? aa_file_perm+0x319/0xda0
[  448.741802]  ? lock_downgrade+0x900/0x900
[  448.751471] kobject: '0:51' (00000000d4fad73e): kobject_add_internal: parent: 'bdi', set: 'devices'
[  448.755074]  ? rcu_read_lock_bh_held+0xc0/0xc0
[  448.755083]  ? debug_smp_processor_id+0x17/0x20
[  448.759745] kobject: '0:52' (00000000ebc21a4b): kobject_add_internal: parent: 'bdi', set: 'devices'
[  448.764484]  ? rcu_is_watching+0x69/0x180
[  448.764489]  ? __lock_is_held+0xb5/0x140
[  448.764492]  ? rcu_dynticks_eqs_exit+0x70/0x70
[  448.764500]  ? aa_file_perm+0x336/0xda0
[  448.764503]  ? rcu_read_lock_bh_held+0xc0/0xc0
[  448.764507]  ? aa_path_link+0x610/0x610
[  448.764509]  ? rcu_dynticks_eqs_exit+0x70/0x70
[  448.764515]  ? memset+0x31/0x40
[  448.764523]  fuse_dev_read+0x185/0x240
[  448.768485] kobject: '0:51' (00000000d4fad73e): kobject_uevent_env
[  448.772059]  ? fuse_dev_splice_read+0x7a0/0x7a0
[  448.772069]  ? find_held_lock+0x36/0x1c0
[  448.772078]  __vfs_read+0x54a/0xd20
[  448.772082]  ? debug_lockdep_rcu_enabled+0x77/0x90
[  448.772086]  ? vfs_copy_file_range+0xb60/0xb60
[  448.772094]  ? fsnotify_first_mark+0x280/0x280
[  448.776555] kobject: '0:52' (00000000ebc21a4b): kobject_uevent_env
[  448.780276]  ? rw_verify_area+0xb8/0x2b0
[  448.780282]  ? __fdget_raw+0x10/0x10
[  448.780289]  vfs_read+0xf5/0x300
[  448.780296]  SyS_read+0xf5/0x250
[  448.780300]  ? kernel_write+0x130/0x130
[  448.780309]  ? do_fast_syscall_32+0x151/0x1016
[  448.784552] kobject: '0:51' (00000000d4fad73e): fill_kobj_path: path = '/devices/virtual/bdi/0:51'
[  448.793682]  do_fast_syscall_32+0x3d5/0x1016
[  448.793689]  ? _raw_spin_unlock_irq+0x27/0x80
[  448.793694]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  448.793697]  ? do_int80_syscall_32+0x9f0/0x9f0
[  448.793699]  ? _raw_spin_unlock_irq+0x60/0x80
[  448.793704]  ? finish_task_switch+0x1f4/0x890
[  448.793708]  ? syscall_return_slowpath+0x215/0x4e0
[  448.793711]  ? prepare_exit_to_usermode+0x300/0x300
[  448.793714]  ? sysret32_from_system_call+0x5/0x3c
[  448.793718]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  448.793731]  entry_SYSENTER_compat+0x70/0x7f
[  448.798790] kobject: '0:50' (000000006b9af6dc): kobject_uevent_env
[  448.802955] RIP: 0023:0xf7f8fcb9
[  448.802957] RSP: 002b:00000000f7f8b0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000003
[  448.802961] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020001000
[  448.802962] RDX: 00000000ffffff20 RSI: 0000000000000000 RDI: 0000000000000000
[  448.802964] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  448.802965] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  448.802967] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  448.812943] Kernel Offset: disabled
[  449.030098] Rebooting in 86400 seconds..