INIT: Entering runlevel: 2
[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.23' (ECDSA) to the list of known hosts.
syzkaller login: [   24.009501] IPVS: ftp: loaded support on port[0] = 21
net.ipv6.conf.syz_tun.accept_dad = 0
net.ipv6.conf.syz_tun.router_solicitations = 0
[   24.034541] IPVS: ftp: loaded support on port[0] = 21
net.ipv6.conf.syz_tun.accept_dad = 0
net.ipv6.conf.syz_tun.router_solicitations = 0
[   24.069364] IPVS: ftp: loaded support on port[0] = 21
net.ipv6.conf.syz_tun.accept_dad = 0
net.ipv6.conf.syz_tun.router_solicitations = 0
[   24.109577] IPVS: ftp: loaded support on port[0] = 21
net.ipv6.conf.syz_tun.accept_dad = 0
[   24.156440] IPVS: ftp: loaded support on port[0] = 21
net.ipv6.conf.syz_tun.accept_dad = 0
net.ipv6.conf.syz_tun.router_solicitations = 0
[   24.211278] IPVS: ftp: loaded support on port[0] = 21
net.ipv6.conf.syz_tun.router_solicitations = 0
net.ipv6.conf.syz_tun.accept_dad = 0
[   24.296377] IPVS: ftp: loaded support on port[0] = 21
net.ipv6.conf.syz_tun.router_solicitations = 0
net.ipv6.conf.syz_tun.accept_dad = 0
[   24.393707] IPVS: ftp: loaded support on port[0] = 21
net.ipv6.conf.syz_tun.router_solicitations = 0
RTNETLINK answers: File exists
net.ipv6.conf.syz_tun.accept_dad = 0
net.ipv6.conf.syz_tun.router_solicitations = 0
RTNETLINK answers: File exists
RTNETLINK answers: File exists
RTNETLINK answers: File exists
RTNETLINK answers: File exists
RTNETLINK answers: File exists
RTNETLINK answers: Operation not supported
RTNETLINK answers: File exists
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: File exists
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
[   25.259355] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   25.272419] ip (4765) used greatest stack depth: 16240 bytes left
[   25.297953] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
RTNETLINK answers: No buffer space available
RTNETLINK answers: Operation not supported
[   25.326914] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: No buffer space available
RTNETLINK answers: No buffer space available
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
[   25.503668] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   25.524500] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
RTNETLINK answers: Operation not supported
RTNETLINK answers: No buffer space available
RTNETLINK answers: No buffer space available
[   25.610254] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   25.622544] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: No buffer space available
RTNETLINK answers: Operation not supported
RTNETLINK answers: No buffer space available
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
[   25.824546] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
RTNETLINK answers: Operation not supported
RTNETLINK answers: No buffer space available
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Invalid argument
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Operation not supported
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Operation not supported
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Operation not supported
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
[   27.411542] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   27.417711] 8021q: adding VLAN 0 to HW filter on device bond0
[   27.440951] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   27.447134] 8021q: adding VLAN 0 to HW filter on device bond0
[   27.503535] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   27.509709] 8021q: adding VLAN 0 to HW filter on device bond0
[   27.537252] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   27.543439] 8021q: adding VLAN 0 to HW filter on device bond0
[   27.594062] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   27.600246] 8021q: adding VLAN 0 to HW filter on device bond0
[   27.662589] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   27.670586] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   27.718645] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   27.778274] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   27.784393] 8021q: adding VLAN 0 to HW filter on device bond0
[   27.794527] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   27.807357] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   27.813458] 8021q: adding VLAN 0 to HW filter on device bond0
[   27.830190] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
executing program
[   27.882705] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   27.891007] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   27.903874] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   27.918577] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   27.924827] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
executing program
executing program
[   27.926601] dst_release: dst:000000001200f1da refcnt:-1
[   27.931886] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   27.961977] dst_release: dst:00000000254e2894 refcnt:-1
executing program
executing program
executing program
executing program
executing program
[   27.982709] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   27.988994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   27.996694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   27.996821] dst_release: dst:000000003be5f251 refcnt:-1
executing program
executing program
executing program
executing program
[   28.052512] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   28.071550] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   28.076649] dst_release: dst:000000006ac247ae refcnt:-1
[   28.077888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   28.091592] dst_release: dst:0000000089f8ff45 refcnt:-1
executing program
executing program
executing program
executing program
[   28.099491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   28.117324] dst_release: dst:00000000ff1d78a7 refcnt:-1
[   28.124549] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   28.135595] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   28.141866] 8021q: adding VLAN 0 to HW filter on device bond0
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   28.149166] dst_release: dst:0000000077e2031b refcnt:-1
[   28.157056] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   28.164493] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   28.174729] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   28.182234] dst_release: dst:000000001e0a152b refcnt:-1
executing program
executing program
executing program
executing program
executing program
executing program
[   28.211140] dst_release: dst:00000000368515e2 refcnt:-1
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   28.240810] dst_release: dst:000000002c454f75 refcnt:-1
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   28.292934] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   28.299359] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   28.313385] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   28.347247] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   28.353663] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   28.361880] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   28.374742] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   28.513577] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   28.519948] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   28.536358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   31.677625] ==================================================================
[   31.685254] BUG: KASAN: use-after-free in dst_release+0x27/0xa0
[   31.691308] Write of size 4 at addr ffff8801d36bfd40 by task syzkaller975814/6886
[   31.698911] 
[   31.700518] CPU: 1 PID: 6886 Comm: syzkaller975814 Not tainted 4.16.0+ #376
[   31.707590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   31.716920] Call Trace:
[   31.719495]  dump_stack+0x1a7/0x27d
[   31.723100]  ? arch_local_irq_restore+0x53/0x53
[   31.727748]  ? show_regs_print_info+0x18/0x18
[   31.732225]  ? kasan_check_write+0x14/0x20
[   31.736434]  ? dst_release+0x27/0xa0
[   31.740121]  print_address_description+0x73/0x250
[   31.744943]  ? dst_release+0x27/0xa0
[   31.748633]  kasan_report+0x23c/0x360
[   31.752421]  check_memory_region+0x137/0x190
[   31.756812]  kasan_check_write+0x14/0x20
[   31.760855]  dst_release+0x27/0xa0
[   31.764382]  sock_setsockopt+0x431/0x1b20
[   31.768508]  ? sock_enable_timestamp+0xb0/0xb0
[   31.773089]  ? pptp_connect+0xda0/0x1170
[   31.777130]  ? pptp_rcv_core+0xcb0/0xcb0
[   31.781170]  ? kasan_check_read+0x11/0x20
[   31.785295]  ? __fget_light+0x2bc/0x400
[   31.789250]  ? fget_raw+0x20/0x20
[   31.792692]  ? security_socket_connect+0x89/0xb0
[   31.797440]  ? SYSC_connect+0x2e0/0x4a0
[   31.801408]  ? SYSC_bind+0x290/0x410
[   31.805196]  ? SYSC_bind+0x410/0x410
[   31.808890]  ? __fdget+0x18/0x20
[   31.812239]  ? security_socket_setsockopt+0x89/0xb0
[   31.817240]  SyS_setsockopt+0x2ff/0x360
[   31.821201]  ? SyS_recv+0x40/0x40
[   31.824633]  ? mm_fault_error+0x2c0/0x2c0
[   31.828761]  ? move_addr_to_kernel+0x60/0x60
[   31.833155]  ? do_syscall_64+0xb7/0x940
[   31.837114]  ? SyS_recv+0x40/0x40
[   31.840551]  do_syscall_64+0x281/0x940
[   31.844411]  ? vmalloc_sync_all+0x30/0x30
[   31.848537]  ? trace_event_raw_event_sys_exit+0x260/0x260
[   31.854057]  ? syscall_return_slowpath+0x550/0x550
[   31.858963]  ? syscall_return_slowpath+0x2ac/0x550
[   31.863870]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[   31.869213]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   31.874041]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   31.879207] RIP: 0033:0x4427a9
[   31.882380] RSP: 002b:00007ffc618f81a8 EFLAGS: 00000217 ORIG_RAX: 0000000000000036
[   31.890077] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004427a9
[   31.897331] RDX: 0000000000000019 RSI: 0000000000000001 RDI: 0000000000000003
[   31.904585] RBP: 0000000000000000 R08: 0000000000000010 R09: 0000000000000000
[   31.911836] R10: 00000000200010c0 R11: 0000000000000217 R12: 0000000000007b9b
[   31.919089] R13: 00000000006cf448 R14: 0000000000000000 R15: 0000000000000000
[   31.926359] 
[   31.927970] Allocated by task 6886:
[   31.931579]  save_stack+0x43/0xd0
[   31.935017]  kasan_kmalloc+0xad/0xe0
[   31.938714]  kasan_slab_alloc+0x12/0x20
[   31.942674]  kmem_cache_alloc+0x12e/0x760
[   31.946798]  dst_alloc+0x11f/0x1a0
[   31.950322]  rt_dst_alloc+0xe9/0x540
[   31.954017]  ip_route_output_key_hash_rcu+0xa49/0x2c60
[   31.959283]  ip_route_output_key_hash+0x20b/0x370
[   31.964114]  ip_route_output_flow+0x26/0xa0
[   31.968414]  pptp_connect+0xa84/0x1170
[   31.972277]  SYSC_connect+0x213/0x4a0
[   31.976051]  SyS_connect+0x24/0x30
[   31.979568]  do_syscall_64+0x281/0x940
[   31.983433]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   31.988871] 
[   31.990473] Freed by task 4424:
[   31.993728]  save_stack+0x43/0xd0
[   31.997162]  __kasan_slab_free+0x11a/0x170
[   32.001377]  kasan_slab_free+0xe/0x10
[   32.005157]  kmem_cache_free+0x83/0x2a0
[   32.009114]  dst_destroy+0x266/0x380
[   32.012806]  dst_destroy_rcu+0x16/0x20
[   32.016675]  rcu_process_callbacks+0xd6c/0x17b0
[   32.021321]  __do_softirq+0x2d7/0xb85
[   32.025094] 
[   32.026705] The buggy address belongs to the object at ffff8801d36bfd00
[   32.026705]  which belongs to the cache ip_dst_cache of size 168
[   32.039427] The buggy address is located 64 bytes inside of
[   32.039427]  168-byte region [ffff8801d36bfd00, ffff8801d36bfda8)
[   32.051194] The buggy address belongs to the page:
[   32.056100] page:ffffea00074dafc0 count:1 mapcount:0 mapping:ffff8801d36bf000 index:0x0
[   32.064222] flags: 0x2fffc0000000100(slab)
[   32.068433] raw: 02fffc0000000100 ffff8801d36bf000 0000000000000000 0000000100000010
[   32.076302] raw: ffffea00074014e0 ffffea000730a9a0 ffff8801d4f29980 0000000000000000
[   32.084164] page dumped because: kasan: bad access detected
[   32.089849] 
[   32.091457] Memory state around the buggy address:
[   32.096373]  ffff8801d36bfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.103739]  ffff8801d36bfc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.111080] >ffff8801d36bfd00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   32.118413]                                            ^
executing program
[   32.123837]  ffff8801d36bfd80: fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc
[   32.131166]  ffff8801d36bfe00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   32.138496] ==================================================================
[   32.145823] Disabling lock debugging due to kernel taint
[   32.151708] Kernel panic - not syncing: panic_on_warn set ...
[   32.151708] 
[   32.159174] CPU: 1 PID: 6886 Comm: syzkaller975814 Tainted: G    B            4.16.0+ #376
[   32.167561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   32.176899] Call Trace:
[   32.179466]  dump_stack+0x1a7/0x27d
[   32.183079]  ? arch_local_irq_restore+0x53/0x53
[   32.187751]  ? kasan_end_report+0x32/0x50
[   32.191878]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   32.196606]  ? vsnprintf+0x1ed/0x1900
[   32.200382]  ? dst_alloc+0x1a0/0x1a0
[   32.204075]  panic+0x1f8/0x42c
[   32.207252]  ? refcount_error_report+0x214/0x214
[   32.211994]  ? do_raw_spin_unlock+0x9e/0x310
[   32.216387]  ? do_raw_spin_unlock+0x9e/0x310
[   32.220781]  ? dst_release+0x27/0xa0
[   32.224482]  kasan_end_report+0x50/0x50
[   32.228434]  kasan_report+0x149/0x360
[   32.232212]  check_memory_region+0x137/0x190
[   32.236593]  kasan_check_write+0x14/0x20
[   32.240635]  dst_release+0x27/0xa0
[   32.244159]  sock_setsockopt+0x431/0x1b20
[   32.248279]  ? sock_enable_timestamp+0xb0/0xb0
[   32.252832]  ? pptp_connect+0xda0/0x1170
[   32.256867]  ? pptp_rcv_core+0xcb0/0xcb0
[   32.260902]  ? kasan_check_read+0x11/0x20
[   32.265028]  ? __fget_light+0x2bc/0x400
[   32.268977]  ? fget_raw+0x20/0x20
[   32.272404]  ? security_socket_connect+0x89/0xb0
[   32.277144]  ? SYSC_connect+0x2e0/0x4a0
[   32.281110]  ? SYSC_bind+0x290/0x410
[   32.284799]  ? SYSC_bind+0x410/0x410
[   32.288500]  ? __fdget+0x18/0x20
[   32.291850]  ? security_socket_setsockopt+0x89/0xb0
[   32.296845]  SyS_setsockopt+0x2ff/0x360
[   32.300801]  ? SyS_recv+0x40/0x40
[   32.304233]  ? mm_fault_error+0x2c0/0x2c0
[   32.308360]  ? move_addr_to_kernel+0x60/0x60
[   32.312759]  ? do_syscall_64+0xb7/0x940
[   32.316721]  ? SyS_recv+0x40/0x40
[   32.320151]  do_syscall_64+0x281/0x940
[   32.324456]  ? vmalloc_sync_all+0x30/0x30
[   32.328578]  ? trace_event_raw_event_sys_exit+0x260/0x260
[   32.334090]  ? syscall_return_slowpath+0x550/0x550
[   32.338993]  ? syscall_return_slowpath+0x2ac/0x550
[   32.343903]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[   32.349240]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   32.354236]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   32.359408] RIP: 0033:0x4427a9
[   32.362572] RSP: 002b:00007ffc618f81a8 EFLAGS: 00000217 ORIG_RAX: 0000000000000036
[   32.370254] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004427a9
[   32.377499] RDX: 0000000000000019 RSI: 0000000000000001 RDI: 0000000000000003
[   32.384752] RBP: 0000000000000000 R08: 0000000000000010 R09: 0000000000000000
[   32.392000] R10: 00000000200010c0 R11: 0000000000000217 R12: 0000000000007b9b
[   32.399258] R13: 00000000006cf448 R14: 0000000000000000 R15: 0000000000000000
[   32.406922] Dumping ftrace buffer:
[   32.410436]    (ftrace buffer empty)
[   32.414116] Kernel Offset: disabled
[   32.417728] Rebooting in 86400 seconds..