INIT: Entering runlevel: 2

[info] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added 'ci-android-49-kasan-gce-8,10.128.0.21' (ECDSA) to the list of known hosts.
2017/10/25 04:45:00 parsed 1 programs
2017/10/25 04:45:00 executed programs: 0
2017/10/25 04:45:05 executed programs: 214
2017/10/25 04:45:10 executed programs: 415
syzkaller login: [   55.159194] ==================================================================
[   55.160334] BUG: KASAN: use-after-free in disk_unblock_events+0x51/0x60 at addr ffff8801c79fda60
[   55.161498] Read of size 8 by task blkid/6860
[   55.162117] CPU: 1 PID: 6860 Comm: blkid Not tainted 4.9.58-g27155df #71
[   55.163026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   55.164246]  ffff8801cfcf7760 ffffffff81d91149 ffff8801da002000 ffff8801c79fd500
[   55.165376]  ffff8801c79fdd00 ffffed0038f3fb4c ffff8801c79fda60 ffff8801cfcf7788
[   55.166505]  ffffffff8153c01c ffffed0038f3fb4c ffff8801da002000 0000000000000000
[   55.167639] Call Trace:
[   55.167993]  [<ffffffff81d91149>] dump_stack+0xc1/0x128
[   55.168715]  [<ffffffff8153c01c>] kasan_object_err+0x1c/0x70
[   55.169490]  [<ffffffff8153c2dc>] kasan_report.part.1+0x21c/0x500
[   55.170309]  [<ffffffff81d3c6e1>] ? disk_unblock_events+0x51/0x60
[   55.171129]  [<ffffffff8243fcc0>] ? dev_attr_show+0xc0/0xc0
[   55.171882]  [<ffffffff8153c679>] __asan_report_load8_noabort+0x29/0x30
[   55.172768]  [<ffffffff81d3c6e1>] disk_unblock_events+0x51/0x60
[   55.173565]  [<ffffffff8162bd55>] __blkdev_get+0x4b5/0xd50
[   55.174329]  [<ffffffff81bd8100>] ? avc_has_perm+0xb0/0x4f0
[   55.175118]  [<ffffffff8162b8a0>] ? __blkdev_put+0x7e0/0x7e0
[   55.175931]  [<ffffffff8162d87b>] blkdev_get+0x33b/0x960
[   55.176650]  [<ffffffff8162d540>] ? bd_link_disk_holder+0x6c0/0x6c0
[   55.177510]  [<ffffffff8162a427>] ? bd_acquire+0x27/0x250
[   55.178258]  [<ffffffff8162a488>] ? bd_acquire+0x88/0x250
[   55.179020]  [<ffffffff838a981c>] ? _raw_spin_unlock+0x2c/0x50
[   55.182857]  [<ffffffff8162e0a5>] blkdev_open+0x1a5/0x250
[   55.188359]  [<ffffffff81564f17>] do_dentry_open+0x607/0xc60
[   55.194119]  [<ffffffff8162df00>] ? blkdev_get_by_dev+0x60/0x60
[   55.200139]  [<ffffffff815689c5>] vfs_open+0x105/0x220
[   55.205379]  [<ffffffff8158e2a1>] ? may_open+0x231/0x2e0
[   55.210792]  [<ffffffff8159ee1c>] path_openat+0x5ac/0x2910
[   55.216380]  [<ffffffff8159e870>] ? path_lookupat+0x3f0/0x3f0
[   55.222228]  [<ffffffff81435747>] ? filemap_map_pages+0x607/0xd70
[   55.228424]  [<ffffffff8123b950>] ? debug_check_no_locks_freed+0x2c0/0x2c0
[   55.235401]  [<ffffffff81435140>] ? find_lock_entry+0x3e0/0x3e0
[   55.241425]  [<ffffffff814671c9>] ? lru_cache_add+0xd9/0x1e0
[   55.247189]  [<ffffffff814cefa1>] ? handle_mm_fault+0x1ba1/0x2530
[   55.253384]  [<ffffffff815a4977>] do_filp_open+0x197/0x290
[   55.258972]  [<ffffffff815a47e0>] ? may_open_dev+0xe0/0xe0
[   55.264563]  [<ffffffff838a981c>] ? _raw_spin_unlock+0x2c/0x50
[   55.270498]  [<ffffffff815d00e7>] ? __alloc_fd+0x1d7/0x510
[   55.276083]  [<ffffffff815694a2>] do_sys_open+0x352/0x4c0
[   55.281583]  [<ffffffff81569150>] ? filp_open+0x70/0x70
[   55.286924]  [<ffffffff810dfe90>] ? mm_fault_error+0x2c0/0x2c0
[   55.292860]  [<ffffffff8156963d>] SyS_open+0x2d/0x40
[   55.297931]  [<ffffffff838aa0c5>] entry_SYSCALL_64_fastpath+0x23/0xc6
[   55.304474] Object at ffff8801c79fd500, in cache kmalloc-2048 size: 2048
[   55.311276] Allocated:
[   55.313737] PID = 6836
[   55.316201]  save_stack_trace+0x16/0x20
[   55.320138]  save_stack+0x43/0xd0
[   55.323557]  kasan_kmalloc+0xad/0xe0
[   55.327234]  kmem_cache_alloc_trace+0xfb/0x2a0
[   55.331783]  alloc_disk_node+0x54/0x3b0
[   55.335719]  alloc_disk+0x18/0x20
[   55.339138]  loop_add+0x324/0x770
[   55.342555]  loop_probe+0x155/0x180
[   55.346146]  kobj_lookup+0x2ac/0x410
[   55.349824]  get_gendisk+0x37/0x2d0
[   55.353413]  blkdev_get+0x110/0x960
[   55.357002]  blkdev_open+0x1a5/0x250
[   55.360678]  do_dentry_open+0x607/0xc60
[   55.364615]  vfs_open+0x105/0x220
[   55.368031]  path_openat+0x5ac/0x2910
[   55.371794]  do_filp_open+0x197/0x290
[   55.375559]  do_sys_open+0x352/0x4c0
[   55.379235]  SyS_open+0x2d/0x40
[   55.382487]  entry_SYSCALL_64_fastpath+0x23/0xc6
[   55.387204] Freed:
[   55.389318] PID = 6860
[   55.391779]  save_stack_trace+0x16/0x20
[   55.395716]  save_stack+0x43/0xd0
[   55.399132]  kasan_slab_free+0x73/0xc0
[   55.402981]  kfree+0xf0/0x2f0
[   55.406051]  disk_release+0x259/0x330
[   55.409827]  device_release+0x7c/0x210
[   55.413682]  kobject_release+0xed/0x1a0
[   55.417620]  kobject_put+0x63/0xc0
[   55.421125]  put_disk+0x23/0x30
[   55.424369]  __blkdev_get+0x415/0xd50
[   55.428133]  blkdev_get+0x33b/0x960
[   55.431726]  blkdev_open+0x1a5/0x250
[   55.435405]  do_dentry_open+0x607/0xc60
[   55.439353]  vfs_open+0x105/0x220
[   55.442774]  path_openat+0x5ac/0x2910
[   55.446540]  do_filp_open+0x197/0x290
[   55.450304]  do_sys_open+0x352/0x4c0
[   55.453983]  SyS_open+0x2d/0x40
[   55.457226]  entry_SYSCALL_64_fastpath+0x23/0xc6
[   55.461943] Memory state around the buggy address:
[   55.466838]  ffff8801c79fd900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   55.474160]  ffff8801c79fd980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   55.481482] >ffff8801c79fda00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   55.488805]                                                        ^
[   55.495261]  ffff8801c79fda80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   55.502582]  ffff8801c79fdb00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   55.509904] ==================================================================