[info] Using makefile-style concurrent boot in runlevel 2. [ 25.068531] audit: type=1800 audit(1544661260.672:21): pid=5805 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="bootlogs" dev="sda1" ino=2419 res=0 [ 25.094687] audit: type=1800 audit(1544661260.672:22): pid=5805 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="motd" dev="sda1" ino=2447 res=0 [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.156' (ECDSA) to the list of known hosts. 2018/12/13 00:35:50 parsed 1 programs 2018/12/13 00:35:52 executed programs: 0 syzkaller login: [ 116.656116] IPVS: ftp: loaded support on port[0] = 21 [ 116.690494] IPVS: ftp: loaded support on port[0] = 21 [ 116.694658] IPVS: ftp: loaded support on port[0] = 21 [ 116.713405] IPVS: ftp: loaded support on port[0] = 21 [ 116.760897] IPVS: ftp: loaded support on port[0] = 21 [ 116.765120] IPVS: ftp: loaded support on port[0] = 21 [ 117.494761] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.501830] bridge0: port 1(bridge_slave_0) entered disabled state [ 117.509162] device bridge_slave_0 entered promiscuous mode [ 117.516114] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.524122] bridge0: port 1(bridge_slave_0) entered disabled state [ 117.531707] device bridge_slave_0 entered promiscuous mode [ 117.539732] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.546091] bridge0: port 1(bridge_slave_0) entered disabled state [ 117.553325] device bridge_slave_0 entered promiscuous mode [ 117.566281] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.574332] bridge0: port 1(bridge_slave_0) entered disabled state [ 117.581845] device bridge_slave_0 entered promiscuous mode [ 117.594269] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.600767] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.607907] device bridge_slave_1 entered promiscuous mode [ 117.622054] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.630595] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.637742] device bridge_slave_1 entered promiscuous mode [ 117.644299] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.651584] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.659223] device bridge_slave_1 entered promiscuous mode [ 117.665763] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.673174] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.680384] device bridge_slave_1 entered promiscuous mode [ 117.689834] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 117.698178] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 117.706323] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.715173] bridge0: port 1(bridge_slave_0) entered disabled state [ 117.722933] device bridge_slave_0 entered promiscuous mode [ 117.733200] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 117.742620] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 117.751902] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 117.761585] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.767922] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.775380] device bridge_slave_1 entered promiscuous mode [ 117.783090] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 117.792795] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.799878] bridge0: port 1(bridge_slave_0) entered disabled state [ 117.807073] device bridge_slave_0 entered promiscuous mode [ 117.814133] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 117.830402] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 117.842692] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 117.856008] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.862741] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.874884] device bridge_slave_1 entered promiscuous mode [ 117.923499] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 117.941718] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 117.995013] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 118.007622] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 118.022745] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 118.049333] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 118.058993] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 118.069677] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 118.083358] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 118.133558] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 118.154581] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 118.215038] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 118.267852] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 118.275791] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 118.290132] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 118.310942] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 118.324962] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 118.342969] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 118.360312] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 118.371255] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 118.415260] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 118.435632] team0: Port device team_slave_0 added [ 118.447733] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 118.462542] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 118.477765] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 118.490283] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 118.497544] team0: Port device team_slave_0 added [ 118.514494] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 118.528945] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 118.536198] team0: Port device team_slave_1 added [ 118.547186] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 118.569059] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 118.576116] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 118.585246] team0: Port device team_slave_0 added [ 118.597793] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 118.612688] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 118.621414] team0: Port device team_slave_1 added [ 118.642556] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 118.656957] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 118.671054] team0: Port device team_slave_1 added [ 118.677619] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 118.691975] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 118.707896] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 118.716630] team0: Port device team_slave_0 added [ 118.763219] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 118.774795] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 118.790928] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 118.807990] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 118.815491] team0: Port device team_slave_1 added [ 118.835168] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 118.845850] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 118.854897] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 118.869613] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 118.876969] team0: Port device team_slave_0 added [ 118.885719] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 118.894881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 118.911581] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 118.922027] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 118.937355] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 118.946368] team0: Port device team_slave_0 added [ 118.952589] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 118.966101] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 118.975186] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 118.983473] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 118.991520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 119.000025] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 119.011716] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 119.019718] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 119.029057] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 119.043383] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 119.060770] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 119.068081] team0: Port device team_slave_1 added [ 119.083494] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 119.095290] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 119.109680] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 119.116849] team0: Port device team_slave_1 added [ 119.125098] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 119.144586] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 119.159019] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 119.170724] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 119.195058] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 119.207642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 119.219518] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 119.241874] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 119.261221] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 119.274762] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 119.289102] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 119.296812] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 119.308176] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 119.318317] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 119.334074] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 119.346558] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 119.364399] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 119.378096] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 119.394472] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 119.415857] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 119.429572] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 119.438143] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 119.453994] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 119.464110] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 119.510842] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 119.517894] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 119.538860] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 119.792995] bridge0: port 2(bridge_slave_1) entered blocking state [ 119.799510] bridge0: port 2(bridge_slave_1) entered forwarding state [ 119.806401] bridge0: port 1(bridge_slave_0) entered blocking state [ 119.812861] bridge0: port 1(bridge_slave_0) entered forwarding state [ 119.821978] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 119.876043] bridge0: port 2(bridge_slave_1) entered blocking state [ 119.882427] bridge0: port 2(bridge_slave_1) entered forwarding state [ 119.889176] bridge0: port 1(bridge_slave_0) entered blocking state [ 119.895559] bridge0: port 1(bridge_slave_0) entered forwarding state [ 119.905021] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 119.985688] bridge0: port 2(bridge_slave_1) entered blocking state [ 119.992091] bridge0: port 2(bridge_slave_1) entered forwarding state [ 119.998774] bridge0: port 1(bridge_slave_0) entered blocking state [ 120.005131] bridge0: port 1(bridge_slave_0) entered forwarding state [ 120.032123] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 120.132656] bridge0: port 2(bridge_slave_1) entered blocking state [ 120.139067] bridge0: port 2(bridge_slave_1) entered forwarding state [ 120.145705] bridge0: port 1(bridge_slave_0) entered blocking state [ 120.152120] bridge0: port 1(bridge_slave_0) entered forwarding state [ 120.166607] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 120.250667] bridge0: port 2(bridge_slave_1) entered blocking state [ 120.257039] bridge0: port 2(bridge_slave_1) entered forwarding state [ 120.263808] bridge0: port 1(bridge_slave_0) entered blocking state [ 120.270186] bridge0: port 1(bridge_slave_0) entered forwarding state [ 120.284808] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 120.296704] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 120.305017] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 120.325615] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 120.337723] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 120.344987] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 120.355045] bridge0: port 2(bridge_slave_1) entered blocking state [ 120.361457] bridge0: port 2(bridge_slave_1) entered forwarding state [ 120.368088] bridge0: port 1(bridge_slave_0) entered blocking state [ 120.374487] bridge0: port 1(bridge_slave_0) entered forwarding state [ 120.381938] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 121.332512] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 122.451189] 8021q: adding VLAN 0 to HW filter on device bond0 [ 122.532163] 8021q: adding VLAN 0 to HW filter on device bond0 [ 122.669600] 8021q: adding VLAN 0 to HW filter on device bond0 [ 122.685352] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 122.761940] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 122.836939] 8021q: adding VLAN 0 to HW filter on device bond0 [ 122.853286] 8021q: adding VLAN 0 to HW filter on device bond0 [ 122.904357] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 122.912680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 122.921558] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 122.937724] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 122.961392] 8021q: adding VLAN 0 to HW filter on device bond0 [ 123.001922] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 123.012516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 123.028829] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 123.114074] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 123.132229] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 123.153818] 8021q: adding VLAN 0 to HW filter on device team0 [ 123.219205] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 123.225343] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 123.232212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 123.243187] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 123.261048] 8021q: adding VLAN 0 to HW filter on device team0 [ 123.329897] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 123.336267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 123.349558] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 123.386893] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 123.398646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 123.405597] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 123.487897] 8021q: adding VLAN 0 to HW filter on device team0 [ 123.502633] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 123.514129] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 123.522371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 123.588885] 8021q: adding VLAN 0 to HW filter on device team0 [ 123.660069] 8021q: adding VLAN 0 to HW filter on device team0 [ 123.740734] 8021q: adding VLAN 0 to HW filter on device team0 2018/12/13 00:36:00 executed programs: 6 2018/12/13 00:36:05 executed programs: 289 2018/12/13 00:36:10 executed programs: 596 2018/12/13 00:36:15 executed programs: 882 2018/12/13 00:36:20 executed programs: 1181 2018/12/13 00:36:25 executed programs: 1466 2018/12/13 00:36:30 executed programs: 1736 2018/12/13 00:36:35 executed programs: 1987 2018/12/13 00:36:40 executed programs: 2233 2018/12/13 00:36:45 executed programs: 2485 2018/12/13 00:36:50 executed programs: 2737 2018/12/13 00:36:55 executed programs: 2992 2018/12/13 00:37:00 executed programs: 3258 2018/12/13 00:37:05 executed programs: 3498 2018/12/13 00:37:10 executed programs: 3753 2018/12/13 00:37:15 executed programs: 3994 2018/12/13 00:37:20 executed programs: 4233 2018/12/13 00:37:25 executed programs: 4473 2018/12/13 00:37:30 executed programs: 4717 2018/12/13 00:37:35 executed programs: 4956 2018/12/13 00:37:40 executed programs: 5171 2018/12/13 00:37:45 executed programs: 5394 2018/12/13 00:37:50 executed programs: 5632 2018/12/13 00:37:55 executed programs: 5920 2018/12/13 00:38:01 executed programs: 6164 2018/12/13 00:38:06 executed programs: 6393 2018/12/13 00:38:11 executed programs: 6606 2018/12/13 00:38:16 executed programs: 6820 2018/12/13 00:38:21 executed programs: 7047 2018/12/13 00:38:26 executed programs: 7311 2018/12/13 00:38:31 executed programs: 7547 2018/12/13 00:38:36 executed programs: 7761 2018/12/13 00:38:41 executed programs: 7964 2018/12/13 00:38:46 executed programs: 8158 2018/12/13 00:38:51 executed programs: 8375 2018/12/13 00:38:56 executed programs: 8635 2018/12/13 00:39:01 executed programs: 8849 2018/12/13 00:39:06 executed programs: 9055 2018/12/13 00:39:11 executed programs: 9253 [ 320.823035] ================================================================== [ 320.830643] BUG: KASAN: use-after-free in trailing_symlink+0x8ba/0x970 [ 320.837306] Read of size 1 at addr ffff8881c40480c0 by task syz-executor4/14726 [ 320.844726] [ 320.846345] CPU: 0 PID: 14726 Comm: syz-executor4 Not tainted 4.20.0-rc6+ #371 [ 320.853674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 320.863002] Call Trace: [ 320.865650] dump_stack+0x244/0x39d [ 320.869263] ? dump_stack_print_info.cold.1+0x20/0x20 [ 320.874458] ? printk+0xa7/0xcf [ 320.877727] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 320.882483] ? write_comp_data+0xd/0x70 [ 320.886450] print_address_description.cold.7+0x9/0x1ff [ 320.891804] kasan_report.cold.8+0x242/0x309 [ 320.896197] ? trailing_symlink+0x8ba/0x970 [ 320.900530] __asan_report_load1_noabort+0x14/0x20 [ 320.905448] trailing_symlink+0x8ba/0x970 [ 320.909577] path_lookupat.isra.43+0x22e/0xc00 [ 320.914137] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 320.919305] ? path_parentat.isra.41+0x160/0x160 [ 320.924099] ? usercopy_warn+0x110/0x110 [ 320.928206] ? check_preemption_disabled+0x48/0x280 [ 320.933206] filename_lookup+0x26a/0x520 [ 320.937244] ? filename_parentat.isra.56+0x570/0x570 [ 320.942323] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 320.947857] ? kmem_cache_alloc+0x33a/0x730 [ 320.952167] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 320.957678] ? getname_flags+0x26e/0x590 [ 320.961731] user_path_at_empty+0x40/0x50 [ 320.965872] do_mount+0x177/0x31f0 [ 320.969419] ? lock_downgrade+0x900/0x900 [ 320.973565] ? copy_mount_string+0x40/0x40 [ 320.977812] ? usercopy_warn+0x110/0x110 [ 320.981875] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 320.987389] ? _copy_from_user+0xdf/0x150 [ 320.991519] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 320.997042] ? copy_mount_options+0x315/0x430 [ 321.001514] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 321.007028] ksys_mount+0x12d/0x140 [ 321.010664] __x64_sys_mount+0xbe/0x150 [ 321.014627] do_syscall_64+0x1b9/0x820 [ 321.018511] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 321.023855] ? syscall_return_slowpath+0x5e0/0x5e0 [ 321.028759] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 321.033611] ? trace_hardirqs_on_caller+0x310/0x310 [ 321.038611] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 321.043605] ? prepare_exit_to_usermode+0x291/0x3b0 [ 321.048613] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 321.053465] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 321.058630] RIP: 0033:0x457679 [ 321.061794] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 321.080672] RSP: 002b:00007f44124f7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 321.088378] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000457679 [ 321.095655] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 321.102898] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 321.110141] R10: 0000000000200000 R11: 0000000000000246 R12: 00007f44124f86d4 [ 321.117397] R13: 00000000004c2e25 R14: 00000000004d5200 R15: 00000000ffffffff [ 321.124660] [ 321.126274] Allocated by task 14731: [ 321.129977] save_stack+0x43/0xd0 [ 321.133417] kasan_kmalloc+0xc7/0xe0 [ 321.137134] __kmalloc_track_caller+0x157/0x760 [ 321.141793] kstrdup+0x39/0x70 [ 321.145018] bpf_symlink+0x26/0x140 [ 321.148626] vfs_symlink+0x37a/0x5d0 [ 321.152315] do_symlinkat+0x242/0x2d0 [ 321.156084] __x64_sys_symlink+0x59/0x80 [ 321.160133] do_syscall_64+0x1b9/0x820 [ 321.164006] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 321.169179] [ 321.170819] Freed by task 14732: [ 321.174169] save_stack+0x43/0xd0 [ 321.177593] __kasan_slab_free+0x102/0x150 [ 321.181820] kasan_slab_free+0xe/0x10 [ 321.185593] kfree+0xcf/0x230 [ 321.188688] bpf_evict_inode+0x11f/0x150 [ 321.192719] evict+0x4b9/0x980 [ 321.196024] iput+0x679/0xa90 [ 321.199132] do_unlinkat+0x733/0xa30 [ 321.202818] __x64_sys_unlink+0x42/0x50 [ 321.206763] do_syscall_64+0x1b9/0x820 [ 321.210622] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 321.215777] [ 321.217378] The buggy address belongs to the object at ffff8881c40480c0 [ 321.217378] which belongs to the cache kmalloc-32 of size 32 [ 321.229835] The buggy address is located 0 bytes inside of [ 321.229835] 32-byte region [ffff8881c40480c0, ffff8881c40480e0) [ 321.241421] The buggy address belongs to the page: [ 321.246320] page:ffffea0007101200 count:1 mapcount:0 mapping:ffff8881da8001c0 index:0xffff8881c4048fc1 [ 321.255735] flags: 0x2fffc0000000200(slab) [ 321.259945] raw: 02fffc0000000200 ffffea000766a408 ffffea0007336408 ffff8881da8001c0 [ 321.267815] raw: ffff8881c4048fc1 ffff8881c4048000 000000010000003f 0000000000000000 [ 321.275668] page dumped because: kasan: bad access detected [ 321.281361] [ 321.282963] Memory state around the buggy address: [ 321.287883] ffff8881c4047f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 321.295236] ffff8881c4048000: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc [ 321.302571] >ffff8881c4048080: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc [ 321.309901] ^ [ 321.315321] ffff8881c4048100: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc 2018/12/13 00:39:16 executed programs: 9437 [ 321.322679] ffff8881c4048180: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc [ 321.330042] ================================================================== [ 321.337386] Disabling lock debugging due to kernel taint [ 321.343463] Kernel panic - not syncing: panic_on_warn set ... [ 321.349341] CPU: 0 PID: 14726 Comm: syz-executor4 Tainted: G B 4.20.0-rc6+ #371 [ 321.358060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 321.367388] Call Trace: [ 321.369957] dump_stack+0x244/0x39d [ 321.373563] ? dump_stack_print_info.cold.1+0x20/0x20 [ 321.378756] panic+0x2ad/0x55c [ 321.381927] ? add_taint.cold.5+0x16/0x16 [ 321.386090] ? preempt_schedule+0x4d/0x60 [ 321.390219] ? ___preempt_schedule+0x16/0x18 [ 321.394600] ? trace_hardirqs_on+0xb4/0x310 [ 321.398911] kasan_end_report+0x47/0x4f [ 321.402892] kasan_report.cold.8+0x76/0x309 [ 321.407188] ? trailing_symlink+0x8ba/0x970 [ 321.411488] __asan_report_load1_noabort+0x14/0x20 [ 321.416410] trailing_symlink+0x8ba/0x970 [ 321.420535] path_lookupat.isra.43+0x22e/0xc00 [ 321.425115] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 321.430282] ? path_parentat.isra.41+0x160/0x160 [ 321.435012] ? usercopy_warn+0x110/0x110 [ 321.439067] ? check_preemption_disabled+0x48/0x280 [ 321.444058] filename_lookup+0x26a/0x520 [ 321.448107] ? filename_parentat.isra.56+0x570/0x570 [ 321.453185] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 321.458698] ? kmem_cache_alloc+0x33a/0x730 [ 321.462993] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 321.468507] ? getname_flags+0x26e/0x590 [ 321.472549] user_path_at_empty+0x40/0x50 [ 321.476670] do_mount+0x177/0x31f0 [ 321.480182] ? lock_downgrade+0x900/0x900 [ 321.484324] ? copy_mount_string+0x40/0x40 [ 321.488531] ? usercopy_warn+0x110/0x110 [ 321.492602] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 321.498140] ? _copy_from_user+0xdf/0x150 [ 321.502278] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 321.507816] ? copy_mount_options+0x315/0x430 [ 321.512303] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 321.517818] ksys_mount+0x12d/0x140 [ 321.521420] __x64_sys_mount+0xbe/0x150 [ 321.525369] do_syscall_64+0x1b9/0x820 [ 321.529244] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 321.534594] ? syscall_return_slowpath+0x5e0/0x5e0 [ 321.539524] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 321.544379] ? trace_hardirqs_on_caller+0x310/0x310 [ 321.549401] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 321.554391] ? prepare_exit_to_usermode+0x291/0x3b0 [ 321.559381] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 321.564198] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 321.569359] RIP: 0033:0x457679 [ 321.572557] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 321.591432] RSP: 002b:00007f44124f7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 321.599133] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000457679 [ 321.606393] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 321.613635] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 321.620880] R10: 0000000000200000 R11: 0000000000000246 R12: 00007f44124f86d4 [ 321.628137] R13: 00000000004c2e25 R14: 00000000004d5200 R15: 00000000ffffffff [ 321.636372] Kernel Offset: disabled [ 321.639994] Rebooting in 86400 seconds..