INIT: Entering runlevel: 2
[�[36minfo�[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.0.45' (ECDSA) to the list of known hosts.
2018/04/12 10:42:37 parsed 1 programs
2018/04/12 10:42:37 executed programs: 0
syzkaller login: [ 25.997819] IPVS: ftp: loaded support on port[0] = 21
[ 26.001948] IPVS: ftp: loaded support on port[0] = 21
[ 26.010602] IPVS: ftp: loaded support on port[0] = 21
[ 26.034143] IPVS: ftp: loaded support on port[0] = 21
[ 26.045611] IPVS: ftp: loaded support on port[0] = 21
[ 26.050558] IPVS: ftp: loaded support on port[0] = 21
[ 26.061556] IPVS: ftp: loaded support on port[0] = 21
[ 26.063113] IPVS: ftp: loaded support on port[0] = 21
[ 27.656744] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 27.739532] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 27.760586] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 27.778600] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 27.793008] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 27.812105] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 27.834750] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 28.008504] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 29.413187] ==================================================================
[ 29.420746] BUG: KASAN: alloca-out-of-bounds in tick_sched_handle+0x16d/0x180
[ 29.428027] Read of size 8 at addr ffff8801b75bf170 by task ip/5382
[ 29.434429]
[ 29.436065] CPU: 1 PID: 5382 Comm: ip Not tainted 4.16.0+ #17
[ 29.441942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 29.451283] Call Trace:
[ 29.453848]
[ 29.456001] dump_stack+0x1b9/0x294
[ 29.459634] ? dump_stack_print_info.cold.2+0x52/0x52
[ 29.464823] ? printk+0x9e/0xba
[ 29.468089] ? kmsg_dump_rewind_nolock+0xe4/0xe4
[ 29.472831] ? kasan_check_write+0x14/0x20
[ 29.477050] print_address_description+0x6c/0x20b
[ 29.481876] ? tick_sched_handle+0x16d/0x180
[ 29.486267] kasan_report.cold.7+0xac/0x2f5
[ 29.490572] __asan_report_load8_noabort+0x14/0x20
[ 29.495482] tick_sched_handle+0x16d/0x180
[ 29.499698] tick_sched_timer+0x42/0x130
[ 29.503744] __hrtimer_run_queues+0x3e3/0x10a0
[ 29.508309] ? tick_sched_do_timer+0x100/0x100
[ 29.512873] ? hrtimer_start_range_ns+0xd10/0xd10
[ 29.517705] ? pvclock_read_flags+0x160/0x160
[ 29.522181] ? kvm_clock_read+0x25/0x30
[ 29.526140] ? kvm_clock_read+0x25/0x30
[ 29.530102] ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 29.535099] ? ktime_get_update_offsets_now+0x3a6/0x570
[ 29.540445] ? do_timer+0x50/0x50
[ 29.543882] ? do_raw_spin_lock+0xc1/0x200
[ 29.548103] hrtimer_interrupt+0x286/0x650
[ 29.552327] smp_apic_timer_interrupt+0x15d/0x710
[ 29.557154] ? smp_call_function_single_interrupt+0x650/0x650
[ 29.563025] ? _raw_spin_lock+0x32/0x40
[ 29.566984] ? _raw_spin_unlock+0x22/0x30
[ 29.571119] ? handle_edge_irq+0x330/0x870
[ 29.575339] ? task_prio+0x50/0x50
[ 29.578866] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 29.583709] apic_timer_interrupt+0xf/0x20
[ 29.587921]
[ 29.590142] RIP: 0010:kasan_unpoison_shadow+0x2d/0x50
[ 29.595306] RSP: 0018:ffff8801b75bf198 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13
[ 29.603008] RAX: 1ffff10036eb7e39 RBX: ffffed0036eb7e39 RCX: 0000000000000000
[ 29.610348] RDX: ffffed0036eb7e39 RSI: 0000000000000000 RDI: ffffed0036eb7e2c
[ 29.617596] RBP: ffff8801b75bf1a8 R08: ffff8801d40d8240 R09: 0000000000000000
[ 29.624846] R10: ffffed0036eb7d20 R11: 0000000000000003 R12: 0000000000000068
[ 29.632104] R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000
[ 29.639370] __asan_allocas_unpoison+0x16/0x20
[ 29.643938] rtnl_newlink+0x1094/0x1a40
[ 29.647903] ? rtnl_link_unregister+0x370/0x370
[ 29.652554] ? kasan_check_read+0x11/0x20
[ 29.656684] ? rcu_is_watching+0x85/0x140
[ 29.660816] ? __lock_acquire+0x7f5/0x5130
[ 29.665033] ? graph_lock+0x170/0x170
[ 29.668840] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 29.674359] ? rtnl_get_link+0x164/0x350
[ 29.678399] ? rtnl_dump_all+0x5e0/0x5e0
[ 29.682443] ? rcu_is_watching+0x85/0x140
[ 29.686573] ? rcu_bh_force_quiescent_state+0x20/0x20
[ 29.691745] ? __netlink_ns_capable+0x100/0x130
[ 29.696396] ? rtnl_link_unregister+0x370/0x370
[ 29.701045] rtnetlink_rcv_msg+0x466/0xc10
[ 29.705264] ? rtnetlink_put_metrics+0x690/0x690
[ 29.710010] netlink_rcv_skb+0x172/0x440
[ 29.714055] ? rtnetlink_put_metrics+0x690/0x690
[ 29.718794] ? netlink_ack+0xbc0/0xbc0
[ 29.722661] ? rcu_bh_force_quiescent_state+0x20/0x20
[ 29.727832] ? netlink_skb_destructor+0x210/0x210
[ 29.733019] rtnetlink_rcv+0x1c/0x20
[ 29.736715] netlink_unicast+0x58b/0x740
[ 29.740761] ? netlink_attachskb+0x970/0x970
[ 29.745239] ? import_iovec+0x24b/0x420
[ 29.749195] ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 29.754192] ? security_netlink_send+0x88/0xb0
[ 29.758762] netlink_sendmsg+0x9f0/0xfa0
[ 29.762895] ? netlink_unicast+0x740/0x740
[ 29.767114] ? security_socket_sendmsg+0x94/0xc0
[ 29.771850] ? netlink_unicast+0x740/0x740
[ 29.776066] sock_sendmsg+0xd5/0x120
[ 29.779764] ___sys_sendmsg+0x805/0x940
[ 29.783726] ? copy_msghdr_from_user+0x560/0x560
[ 29.788463] ? vm_insert_mixed_mkwrite+0x40/0x40
[ 29.793199] ? graph_lock+0x170/0x170
[ 29.796984] ? graph_lock+0x170/0x170
[ 29.800766] ? find_held_lock+0x36/0x1c0
[ 29.804808] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 29.810326] ? __fget_light+0x2ef/0x430
[ 29.814280] ? fget_raw+0x20/0x20
[ 29.817712] ? find_held_lock+0x36/0x1c0
[ 29.821762] ? lock_downgrade+0x8e0/0x8e0
[ 29.825887] ? handle_mm_fault+0x8c0/0xc70
[ 29.830107] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 29.835627] ? sockfd_lookup_light+0xc5/0x160
[ 29.840103] __sys_sendmsg+0x115/0x270
[ 29.843976] ? SyS_shutdown+0x30/0x30
[ 29.847760] ? __do_page_fault+0x441/0xe40
[ 29.851986] ? syscall_slow_exit_work+0x4f0/0x4f0
[ 29.856812] SyS_sendmsg+0x29/0x30
[ 29.860333] ? __sys_sendmsg+0x270/0x270
[ 29.864375] do_syscall_64+0x29e/0x9d0
[ 29.868244] ? vmalloc_sync_all+0x30/0x30
[ 29.872374] ? syscall_slow_exit_work+0x4f0/0x4f0
[ 29.877196] ? syscall_return_slowpath+0x5c0/0x5c0
[ 29.882106] ? syscall_return_slowpath+0x30f/0x5c0
[ 29.887026] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 29.892542] ? retint_user+0x18/0x18
[ 29.896256] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 29.901081] entry_SYSCALL_64_after_hwframe+0x42/0xb7
[ 29.906250] RIP: 0033:0x7f5d136e1320
[ 29.909939] RSP: 002b:00007fffa6a4dd28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 29.917628] RAX: ffffffffffffffda RBX: 00007fffa6a51e20 RCX: 00007f5d136e1320
[ 29.924876] RDX: 0000000000000000 RSI: 00007fffa6a4dd60 RDI: 0000000000000003
[ 29.932124] RBP: 00007fffa6a4dd60 R08: 0000000000000000 R09: 0000000000000000
[ 29.939373] R10: 0000000000000000 R11: 0000000000000246 R12: 000000005acf3822
[ 29.946623] R13: 0000000000000000 R14: 00000000006395c0 R15: 00007fffa6a525f8
[ 29.953880]
[ 29.955485] The buggy address belongs to the page:
[ 29.960392] page:ffffea0006dd6fc0 count:0 mapcount:0 mapping:0000000000000000 index:0x0
[ 29.968512] flags: 0x2fffc0000000000()
[ 29.972381] raw: 02fffc0000000000 0000000000000000 0000000000000000 00000000ffffffff
[ 29.980244] raw: 0000000000000000 ffffea0006dd0101 0000000000000000 0000000000000000
[ 29.988099] page dumped because: kasan: bad access detected
[ 29.993872]
[ 29.995477] Memory state around the buggy address:
[ 30.000557] ffff8801b75bf000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 30.007893] ffff8801b75bf080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 30.015231] >ffff8801b75bf100: 00 00 00 00 00 00 00 00 00 00 00 00 ca ca ca ca
[ 30.022564] ^
[ 30.029555] ffff8801b75bf180: 00 cb cb cb cb cb cb cb 00 00 00 00 00 00 00 00
[ 30.036892] ffff8801b75bf200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1
[ 30.044227] ==================================================================
[ 30.051560] Disabling lock debugging due to kernel taint
[ 30.056983] Kernel panic - not syncing: panic_on_warn set ...
[ 30.056983]
[ 30.065030] CPU: 1 PID: 5382 Comm: ip Tainted: G B 4.16.0+ #17
[ 30.072194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 30.081521] Call Trace:
[ 30.084078]
[ 30.086213] dump_stack+0x1b9/0x294
[ 30.089822] ? dump_stack_print_info.cold.2+0x52/0x52
[ 30.094991] ? lock_downgrade+0x8e0/0x8e0
[ 30.099119] ? vprintk_default+0x28/0x30
[ 30.103160] ? tick_sched_handle+0xb0/0x180
[ 30.107461] panic+0x22f/0x4de
[ 30.110630] ? add_taint.cold.5+0x16/0x16
[ 30.114759] ? add_taint.cold.5+0x5/0x16
[ 30.118799] ? do_raw_spin_unlock+0x9e/0x2e0
[ 30.123192] ? tick_sched_handle+0x16d/0x180
[ 30.127582] kasan_end_report+0x47/0x4f
[ 30.131537] kasan_report.cold.7+0xc9/0x2f5
[ 30.135840] __asan_report_load8_noabort+0x14/0x20
[ 30.140747] tick_sched_handle+0x16d/0x180
[ 30.144958] tick_sched_timer+0x42/0x130
[ 30.148999] __hrtimer_run_queues+0x3e3/0x10a0
[ 30.153561] ? tick_sched_do_timer+0x100/0x100
[ 30.158124] ? hrtimer_start_range_ns+0xd10/0xd10
[ 30.162950] ? pvclock_read_flags+0x160/0x160
[ 30.167424] ? kvm_clock_read+0x25/0x30
[ 30.171380] ? kvm_clock_read+0x25/0x30
[ 30.175336] ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 30.180331] ? ktime_get_update_offsets_now+0x3a6/0x570
[ 30.185675] ? do_timer+0x50/0x50
[ 30.189108] ? do_raw_spin_lock+0xc1/0x200
[ 30.193411] hrtimer_interrupt+0x286/0x650
[ 30.197629] smp_apic_timer_interrupt+0x15d/0x710
[ 30.202449] ? smp_call_function_single_interrupt+0x650/0x650
[ 30.208314] ? _raw_spin_lock+0x32/0x40
[ 30.212266] ? _raw_spin_unlock+0x22/0x30
[ 30.216390] ? handle_edge_irq+0x330/0x870
[ 30.220605] ? task_prio+0x50/0x50
[ 30.224124] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 30.228950] apic_timer_interrupt+0xf/0x20
[ 30.233156]
[ 30.235372] RIP: 0010:kasan_unpoison_shadow+0x2d/0x50
[ 30.240537] RSP: 0018:ffff8801b75bf198 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13
[ 30.248222] RAX: 1ffff10036eb7e39 RBX: ffffed0036eb7e39 RCX: 0000000000000000
[ 30.255467] RDX: ffffed0036eb7e39 RSI: 0000000000000000 RDI: ffffed0036eb7e2c
[ 30.262715] RBP: ffff8801b75bf1a8 R08: ffff8801d40d8240 R09: 0000000000000000
[ 30.269962] R10: ffffed0036eb7d20 R11: 0000000000000003 R12: 0000000000000068
[ 30.277209] R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000
[ 30.284465] __asan_allocas_unpoison+0x16/0x20
[ 30.289028] rtnl_newlink+0x1094/0x1a40
[ 30.292987] ? rtnl_link_unregister+0x370/0x370
[ 30.297635] ? kasan_check_read+0x11/0x20
[ 30.301763] ? rcu_is_watching+0x85/0x140
[ 30.305889] ? __lock_acquire+0x7f5/0x5130
[ 30.310100] ? graph_lock+0x170/0x170
[ 30.313893] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 30.319408] ? rtnl_get_link+0x164/0x350
[ 30.323458] ? rtnl_dump_all+0x5e0/0x5e0
[ 30.327500] ? rcu_is_watching+0x85/0x140
[ 30.331626] ? rcu_bh_force_quiescent_state+0x20/0x20
[ 30.336798] ? __netlink_ns_capable+0x100/0x130
[ 30.341444] ? rtnl_link_unregister+0x370/0x370
[ 30.346100] rtnetlink_rcv_msg+0x466/0xc10
[ 30.350315] ? rtnetlink_put_metrics+0x690/0x690
[ 30.355055] netlink_rcv_skb+0x172/0x440
[ 30.359095] ? rtnetlink_put_metrics+0x690/0x690
[ 30.363829] ? netlink_ack+0xbc0/0xbc0
[ 30.367693] ? rcu_bh_force_quiescent_state+0x20/0x20
[ 30.372862] ? netlink_skb_destructor+0x210/0x210
[ 30.377685] rtnetlink_rcv+0x1c/0x20
[ 30.381375] netlink_unicast+0x58b/0x740
[ 30.385419] ? netlink_attachskb+0x970/0x970
[ 30.389805] ? import_iovec+0x24b/0x420
[ 30.393759] ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 30.398756] ? security_netlink_send+0x88/0xb0
[ 30.403491] netlink_sendmsg+0x9f0/0xfa0
[ 30.407533] ? netlink_unicast+0x740/0x740
[ 30.411747] ? security_socket_sendmsg+0x94/0xc0
[ 30.416481] ? netlink_unicast+0x740/0x740
[ 30.420696] sock_sendmsg+0xd5/0x120
[ 30.424387] ___sys_sendmsg+0x805/0x940
[ 30.428343] ? copy_msghdr_from_user+0x560/0x560
[ 30.433078] ? vm_insert_mixed_mkwrite+0x40/0x40
[ 30.437810] ? graph_lock+0x170/0x170
[ 30.441591] ? graph_lock+0x170/0x170
[ 30.445369] ? find_held_lock+0x36/0x1c0
[ 30.449413] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 30.454931] ? __fget_light+0x2ef/0x430
[ 30.458887] ? fget_raw+0x20/0x20
[ 30.462321] ? find_held_lock+0x36/0x1c0
[ 30.466362] ? lock_downgrade+0x8e0/0x8e0
[ 30.470488] ? handle_mm_fault+0x8c0/0xc70
[ 30.474711] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 30.480227] ? sockfd_lookup_light+0xc5/0x160
[ 30.484699] __sys_sendmsg+0x115/0x270
[ 30.488566] ? SyS_shutdown+0x30/0x30
[ 30.492349] ? __do_page_fault+0x441/0xe40
[ 30.496569] ? syscall_slow_exit_work+0x4f0/0x4f0
[ 30.501395] SyS_sendmsg+0x29/0x30
[ 30.504919] ? __sys_sendmsg+0x270/0x270
[ 30.508961] do_syscall_64+0x29e/0x9d0
[ 30.512828] ? vmalloc_sync_all+0x30/0x30
[ 30.516955] ? syscall_slow_exit_work+0x4f0/0x4f0
[ 30.521776] ? syscall_return_slowpath+0x5c0/0x5c0
[ 30.526683] ? syscall_return_slowpath+0x30f/0x5c0
[ 30.531594] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 30.537111] ? retint_user+0x18/0x18
[ 30.540808] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 30.545631] entry_SYSCALL_64_after_hwframe+0x42/0xb7
[ 30.550799] RIP: 0033:0x7f5d136e1320
[ 30.554489] RSP: 002b:00007fffa6a4dd28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 30.562173] RAX: ffffffffffffffda RBX: 00007fffa6a51e20 RCX: 00007f5d136e1320
[ 30.569420] RDX: 0000000000000000 RSI: 00007fffa6a4dd60 RDI: 0000000000000003
[ 30.576669] RBP: 00007fffa6a4dd60 R08: 0000000000000000 R09: 0000000000000000
[ 30.583917] R10: 0000000000000000 R11: 0000000000000246 R12: 000000005acf3822
[ 30.591164] R13: 0000000000000000 R14: 00000000006395c0 R15: 00007fffa6a525f8
[ 30.598849] Dumping ftrace buffer:
[ 30.602365] (ftrace buffer empty)
[ 30.606048] Kernel Offset: disabled
[ 30.609646] Rebooting in 86400 seconds..