[   35.328208] audit: type=1800 audit(1551545022.341:27): pid=7380 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[   35.349298] audit: type=1800 audit(1551545022.341:28): pid=7380 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   36.008709] audit: type=1800 audit(1551545023.081:29): pid=7380 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   36.031304] audit: type=1800 audit(1551545023.081:30): pid=7380 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.175' (ECDSA) to the list of known hosts.
2019/03/02 16:43:55 parsed 1 programs
2019/03/02 16:43:57 executed programs: 0
syzkaller login: [   50.855493] IPVS: ftp: loaded support on port[0] = 21
[   50.866986] IPVS: ftp: loaded support on port[0] = 21
[   50.879008] IPVS: ftp: loaded support on port[0] = 21
[   50.940798] IPVS: ftp: loaded support on port[0] = 21
[   50.955151] IPVS: ftp: loaded support on port[0] = 21
[   50.960702] IPVS: ftp: loaded support on port[0] = 21
[   51.126997] chnl_net:caif_netlink_parms(): no params data found
[   51.151763] chnl_net:caif_netlink_parms(): no params data found
[   51.256587] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.263415] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.270407] device bridge_slave_0 entered promiscuous mode
[   51.295652] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.302008] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.309179] device bridge_slave_1 entered promiscuous mode
[   51.335674] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.342028] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.350173] device bridge_slave_0 entered promiscuous mode
[   51.358721] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.365620] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.372465] device bridge_slave_1 entered promiscuous mode
[   51.420769] chnl_net:caif_netlink_parms(): no params data found
[   51.434429] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   51.452591] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   51.465301] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   51.485429] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   51.516823] chnl_net:caif_netlink_parms(): no params data found
[   51.534644] team0: Port device team_slave_0 added
[   51.555055] chnl_net:caif_netlink_parms(): no params data found
[   51.570168] team0: Port device team_slave_1 added
[   51.585128] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.591769] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.598873] device bridge_slave_0 entered promiscuous mode
[   51.606524] team0: Port device team_slave_0 added
[   51.611680] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.618066] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.625203] device bridge_slave_1 entered promiscuous mode
[   51.668629] team0: Port device team_slave_1 added
[   51.693152] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   51.764300] device hsr_slave_0 entered promiscuous mode
[   51.813124] device hsr_slave_1 entered promiscuous mode
[   51.884242] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   51.892322] chnl_net:caif_netlink_parms(): no params data found
[   51.914123] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.920565] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.929690] device bridge_slave_0 entered promiscuous mode
[   51.948258] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.955153] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.961873] device bridge_slave_0 entered promiscuous mode
[   52.034208] device hsr_slave_0 entered promiscuous mode
[   52.083155] device hsr_slave_1 entered promiscuous mode
[   52.123139] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.129509] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.137051] device bridge_slave_1 entered promiscuous mode
[   52.151309] team0: Port device team_slave_0 added
[   52.160402] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.167099] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.176876] device bridge_slave_1 entered promiscuous mode
[   52.195095] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   52.207615] team0: Port device team_slave_1 added
[   52.222219] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   52.247628] team0: Port device team_slave_0 added
[   52.267333] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   52.287285] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.293836] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.300829] device bridge_slave_0 entered promiscuous mode
[   52.308898] team0: Port device team_slave_1 added
[   52.345239] device hsr_slave_0 entered promiscuous mode
[   52.392900] device hsr_slave_1 entered promiscuous mode
[   52.434699] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   52.442603] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.451935] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.458904] device bridge_slave_1 entered promiscuous mode
[   52.515687] device hsr_slave_0 entered promiscuous mode
[   52.563122] device hsr_slave_1 entered promiscuous mode
[   52.651919] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   52.682287] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   52.708331] team0: Port device team_slave_0 added
[   52.726657] team0: Port device team_slave_0 added
[   52.733948] team0: Port device team_slave_1 added
[   52.749970] team0: Port device team_slave_1 added
[   52.825406] device hsr_slave_0 entered promiscuous mode
[   52.863435] device hsr_slave_1 entered promiscuous mode
[   53.017649] device hsr_slave_0 entered promiscuous mode
[   53.073077] device hsr_slave_1 entered promiscuous mode
[   53.123445] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.129872] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.136697] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.143049] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.176352] 8021q: adding VLAN 0 to HW filter on device bond0
[   53.199005] 8021q: adding VLAN 0 to HW filter on device bond0
[   53.226230] 8021q: adding VLAN 0 to HW filter on device bond0
[   53.240174] 8021q: adding VLAN 0 to HW filter on device bond0
[   53.250723] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   53.259042] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   53.267465] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.274831] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.282800] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   53.291026] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   53.298341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   53.310291] 8021q: adding VLAN 0 to HW filter on device team0
[   53.325871] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   53.336851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   53.350420] 8021q: adding VLAN 0 to HW filter on device team0
[   53.362119] 8021q: adding VLAN 0 to HW filter on device team0
[   53.369683] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   53.377830] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   53.385700] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.392032] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.403768] 8021q: adding VLAN 0 to HW filter on device team0
[   53.415833] 8021q: adding VLAN 0 to HW filter on device bond0
[   53.434623] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   53.441651] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   53.448917] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   53.457005] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   53.465169] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.471523] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.478512] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   53.486600] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   53.494244] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.500570] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.507463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   53.515244] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   53.522815] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.529155] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.536015] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   53.543657] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   53.551124] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.557489] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.564227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   53.572037] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   53.579148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   53.604855] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   53.612610] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   53.620872] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   53.632436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   53.640350] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   53.648114] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   53.655763] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   53.663810] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   53.671169] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   53.678784] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   53.686549] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   53.698696] 8021q: adding VLAN 0 to HW filter on device team0
[   53.716523] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   53.723801] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   53.731430] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   53.740133] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.746536] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.754049] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   53.760944] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   53.767953] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   53.775801] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   53.783846] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   53.791303] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.797662] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.804803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   53.812366] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   53.820247] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   53.828046] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   53.835786] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.842108] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.849151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   53.856921] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   53.864571] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.870891] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.879876] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   53.887012] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   53.894461] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   53.903546] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   53.925174] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   53.933487] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   53.941100] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   53.949098] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.955475] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.962418] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   53.970199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   53.978008] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   53.985873] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   54.005896] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   54.014420] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   54.022108] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   54.031775] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   54.039668] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   54.047458] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   54.055173] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   54.062528] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   54.070485] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   54.078147] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   54.086148] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   54.119849] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.129031] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   54.139181] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   54.147483] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   54.155198] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   54.162972] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   54.170424] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   54.178507] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   54.186286] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   54.194112] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   54.201572] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   54.209301] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   54.216708] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   54.224438] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   54.231739] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   54.239563] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   54.247530] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   54.255112] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   54.262358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   54.269832] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   54.281123] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.288105] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   54.299767] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   54.311225] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   54.319299] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   54.329846] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   54.337779] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   54.345531] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   54.363878] 8021q: adding VLAN 0 to HW filter on device team0
[   54.384097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   54.391041] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   54.398936] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   54.407094] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   54.416031] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.422419] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.434108] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.442454] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   54.452148] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.462186] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   54.470575] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   54.478600] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.484980] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.560553] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   54.594028] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   54.610873] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.627463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   54.635631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   54.645145] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   54.661100] hrtimer: interrupt took 42706 ns
[   54.686049] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   54.713482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   54.728490] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   54.742548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   54.806925] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   54.826450] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   54.837057] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   54.857351] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.881436] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   54.890309] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   54.920052] 8021q: adding VLAN 0 to HW filter on device batadv0
2019/03/02 16:44:02 executed programs: 30
[   56.742936] ==================================================================
[   56.750439] BUG: KASAN: use-after-free in ccid_hc_tx_delete+0xde/0x100
[   56.757111] Read of size 8 at addr ffff8880a7fac940 by task syz-executor.2/7810
[   56.757116] 
[   56.757128] CPU: 0 PID: 7810 Comm: syz-executor.2 Not tainted 5.0.0-rc8+ #1
[   56.757135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   56.757139] Call Trace:
[   56.757144]  <IRQ>
[   56.757160]  dump_stack+0x172/0x1f0
[   56.757171]  ? ccid_hc_tx_delete+0xde/0x100
[   56.757211]  print_address_description.cold+0x7c/0x20d
[   56.757225]  ? ccid_hc_tx_delete+0xde/0x100
[   56.757234]  ? ccid_hc_tx_delete+0xde/0x100
[   56.757245]  kasan_report.cold+0x1b/0x40
[   56.757256]  ? ccid_hc_tx_delete+0xde/0x100
[   56.757282]  __asan_report_load8_noabort+0x14/0x20
[   56.791172]  ccid_hc_tx_delete+0xde/0x100
[   56.791188]  dccp_sk_destruct+0x3f/0x90
[   56.791199]  ? dccp_init_sock+0x3f0/0x3f0
[   56.791215]  __sk_destruct+0x55/0x6d0
[   56.838748]  ? sock_no_getname+0x10/0x10
[   56.842828]  rcu_process_callbacks+0x928/0x1390
[   56.847531]  ? rcu_check_gp_start_stall+0x240/0x240
[   56.847543]  ? __lock_is_held+0xb6/0x140
[   56.847563]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[   56.862091]  __do_softirq+0x266/0x95a
[   56.865896]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   56.871431]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   56.876975]  irq_exit+0x180/0x1d0
[   56.880436]  smp_apic_timer_interrupt+0x14a/0x570
[   56.885277]  apic_timer_interrupt+0xf/0x20
[   56.889506]  </IRQ>
[   56.891748] RIP: 0010:lock_is_held_type+0x17e/0x210
[   56.891761] Code: 00 00 00 fc ff df 41 c7 85 7c 08 00 00 00 00 00 00 48 c1 e8 03 80 3c 10 00 75 63 48 83 3d 29 fc 3b 07 00 74 30 48 89 df 57 9d <0f> 1f 44 00 00 48 83 c4 08 44 89 e0 5b 41 5c 41 5d 5d c3 48 83 c4
[   56.891768] RSP: 0018:ffff88809459fe60 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13
[   56.923368] RAX: 1ffffffff112505e RBX: 0000000000000282 RCX: ffff88809fd02ec0
[   56.930636] RDX: dffffc0000000000 RSI: ffffffff889a4240 RDI: 0000000000000282
[   56.937912] RBP: ffff88809459fe80 R08: ffff88809fd02640 R09: ffffed1015d05bd0
[   56.945182] R10: ffffed1015d05bcf R11: ffff8880ae82de7b R12: 0000000000000001
[   56.952447] R13: ffff88809fd02640 R14: ffff8880a0f2e900 R15: ffff88809fd02640
[   56.959747]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[   56.965212]  rcu_read_lock_held+0xa3/0xd0
[   56.969363]  __task_pid_nr_ns+0x4aa/0x530
[   56.973514]  __x64_sys_setpgid+0x379/0x7e0
[   56.973528]  ? trace_hardirqs_on+0x67/0x230
[   56.973547]  do_syscall_64+0x103/0x610
[   56.973563]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   56.973574] RIP: 0033:0x485517
[   56.973588] Code: 44 00 00 b8 6b 00 00 00 0f 05 c3 0f 1f 84 00 00 00 00 00 b8 6c 00 00 00 0f 05 c3 0f 1f 84 00 00 00 00 00 b8 6d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d e1 f8 ff c3 66 2e 0f 1f 84 00 00 00 00
[   56.973596] RSP: 002b:00007fff9787fbc8 EFLAGS: 00000246 ORIG_RAX: 000000000000006d
[   56.973609] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000485517
[   56.973620] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   57.020972] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000001bfb940
[   57.020981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   57.020989] R13: 0000000000000001 R14: 0000000000000007 R15: 0000000000000002
[   57.021016] 
[   57.059005] Allocated by task 7783:
[   57.062641]  save_stack+0x45/0xd0
[   57.066107]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[   57.071047]  kasan_slab_alloc+0xf/0x20
[   57.074962]  kmem_cache_alloc+0x11a/0x6f0
[   57.079121]  ccid_new+0x256/0x3f0
[   57.082579]  dccp_hdlr_ccid+0x27/0x150
[   57.086470]  __dccp_feat_activate+0x17a/0x270
[   57.090974]  dccp_feat_activate_values+0x33a/0x766
[   57.095938]  dccp_rcv_state_process+0x116f/0x1931
[   57.100835]  dccp_v6_do_rcv+0x269/0xbf0
[   57.104839]  __release_sock+0x12e/0x3a0
[   57.108827]  release_sock+0x59/0x1c0
[   57.112548]  __inet_stream_connect+0x59f/0xea0
[   57.117137]  inet_stream_connect+0x58/0xa0
[   57.121377]  __sys_connect+0x266/0x330
[   57.125271]  __x64_sys_connect+0x73/0xb0
[   57.129342]  do_syscall_64+0x103/0x610
[   57.133240]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   57.138425] 
[   57.140066] Freed by task 7806:
[   57.143367]  save_stack+0x45/0xd0
[   57.146825]  __kasan_slab_free+0x102/0x150
[   57.151096]  kasan_slab_free+0xe/0x10
[   57.154956]  kmem_cache_free+0x86/0x260
[   57.158947]  ccid_hc_tx_delete+0xc1/0x100
[   57.163108]  dccp_hdlr_ccid+0x7d/0x150
[   57.167008]  __dccp_feat_activate+0x17a/0x270
[   57.171529]  dccp_feat_activate_values+0x33a/0x766
[   57.176478]  dccp_create_openreq_child+0x40c/0x570
[   57.181410]  dccp_v6_request_recv_sock+0x214/0x1da0
[   57.186429]  dccp_check_req+0x35c/0x6f0
[   57.190421]  dccp_v6_rcv+0x6d7/0x191e
[   57.194238]  ip6_protocol_deliver_rcu+0x303/0x16c0
[   57.199171]  ip6_input_finish+0x84/0x170
[   57.203234]  ip6_input+0xe4/0x3f0
[   57.206689]  ip6_rcv_finish+0x1e7/0x320
[   57.210688]  ipv6_rcv+0x10e/0x420
[   57.210700]  __netif_receive_skb_one_core+0x115/0x1a0
[   57.210710]  __netif_receive_skb+0x2c/0x1c0
[   57.210719]  process_backlog+0x206/0x750
[   57.210739]  net_rx_action+0x4fa/0x1070
[   57.210752]  __do_softirq+0x266/0x95a
[   57.210755] 
[   57.210770] The buggy address belongs to the object at ffff8880a7fac940
[   57.210770]  which belongs to the cache ccid2_hc_tx_sock of size 1240
[   57.250265] The buggy address is located 0 bytes inside of
[   57.250265]  1240-byte region [ffff8880a7fac940, ffff8880a7face18)
[   57.262062] The buggy address belongs to the page:
[   57.262074] page:ffffea00029feb00 count:1 mapcount:0 mapping:ffff8882165af000 index:0x0 compound_mapcount: 0
[   57.262086] flags: 0x1fffc0000010200(slab|head)
[   57.262101] raw: 01fffc0000010200 ffffea000281d808 ffffea00024a4f08 ffff8882165af000
[   57.262114] raw: 0000000000000000 ffff8880a7fac3c0 0000000100000005 0000000000000000
[   57.262130] page dumped because: kasan: bad access detected
[   57.262133] 
[   57.262136] Memory state around the buggy address:
[   57.262145]  ffff8880a7fac800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   57.262154]  ffff8880a7fac880: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[   57.262161] >ffff8880a7fac900: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
[   57.262166]                                            ^
[   57.262178]  ffff8880a7fac980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   57.344527]  ffff8880a7faca00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   57.351880] ==================================================================
[   57.359229] Disabling lock debugging due to kernel taint
[   57.364688] Kernel panic - not syncing: panic_on_warn set ...
[   57.370569] CPU: 0 PID: 7810 Comm: syz-executor.2 Tainted: G    B             5.0.0-rc8+ #1
[   57.379043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   57.388389] Call Trace:
[   57.390967]  <IRQ>
[   57.393136]  dump_stack+0x172/0x1f0
[   57.396772]  panic+0x2cb/0x65c
[   57.399974]  ? __warn_printk+0xf3/0xf3
[   57.403873]  ? retint_kernel+0x2d/0x2d
[   57.407770]  ? trace_hardirqs_on+0x5e/0x230
[   57.412094]  ? ccid_hc_tx_delete+0xde/0x100
[   57.416438]  end_report+0x47/0x4f
[   57.419902]  ? ccid_hc_tx_delete+0xde/0x100
[   57.424219]  kasan_report.cold+0xe/0x40
[   57.428198]  ? ccid_hc_tx_delete+0xde/0x100
[   57.428410] kobject: 'loop3' (00000000ae2d3b50): kobject_uevent_env
[   57.432514]  __asan_report_load8_noabort+0x14/0x20
[   57.432535]  ccid_hc_tx_d