INIT: Id "5" respawning too fast: disabled for 5 minutes

INIT: Id "4" respawning too fast: disabled for 5 minutes

INIT: Id "6" respawning too fast: disabled for 5 minutes

INIT: Id "1" respawning too fast: disabled for 5 minutes

INIT: Id "3" respawning too fast: disabled for 5 minutes
Warning: Permanently added '10.128.0.126' (ECDSA) to the list of known hosts.
2018/09/21 18:01:53 parsed 1 programs
2018/09/21 18:01:55 executed programs: 0
2018/09/21 18:02:01 executed programs: 7
2018/09/21 18:02:06 executed programs: 64
2018/09/21 18:02:11 executed programs: 111
2018/09/21 18:02:16 executed programs: 163
2018/09/21 18:02:21 executed programs: 225
2018/09/21 18:02:26 executed programs: 281
2018/09/21 18:02:31 executed programs: 336
2018/09/21 18:02:36 executed programs: 393
2018/09/21 18:02:41 executed programs: 451
2018/09/21 18:02:46 executed programs: 500
2018/09/21 18:02:51 executed programs: 556
2018/09/21 18:02:56 executed programs: 609
2018/09/21 18:03:01 executed programs: 659
2018/09/21 18:03:06 executed programs: 720
[  219.358609] ==================================================================
[  219.366009] BUG: KASAN: use-after-free in tcp_write_xmit+0x3b22/0x4680
[  219.372650] Read of size 2 at addr ffff8800b09f4f30 by task syz-executor2/7414
[  219.379983] 
[  219.381598] CPU: 0 PID: 7414 Comm: syz-executor2 Not tainted 4.4.157+ #37
[  219.388501]  0000000000000000 5c88fb259a280f53 ffff8800b9257838 ffffffff81a559fd
[  219.396526]  ffffea0002c27d00 ffff8800b09f4f30 0000000000000000 ffff8800b09f4f30
[  219.404521]  dffffc0000000000 ffff8800b9257870 ffffffff8146c697 ffff8800b09f4f30
[  219.412572] Call Trace:
[  219.415617]  [<ffffffff81a559fd>] dump_stack+0xc1/0x124
[  219.420964]  [<ffffffff8146c697>] print_address_description+0x6c/0x217
[  219.427653]  [<ffffffff8146c9b7>] kasan_report.cold.6+0x175/0x2f7
[  219.433880]  [<ffffffff823b4242>] ? tcp_write_xmit+0x3b22/0x4680
[  219.440012]  [<ffffffff81461884>] __asan_report_load2_noabort+0x14/0x20
[  219.446747]  [<ffffffff823b4242>] tcp_write_xmit+0x3b22/0x4680
[  219.452707]  [<ffffffff8122f337>] ? debug_lockdep_rcu_enabled+0x77/0x90
[  219.459446]  [<ffffffff811f3297>] ? mark_held_locks+0xc7/0x130
[  219.465396]  [<ffffffff823b5504>] __tcp_push_pending_frames+0xa4/0x2a0
[  219.472042]  [<ffffffff823bc4a6>] tcp_send_fin+0x176/0xab0
[  219.477656]  [<ffffffff8236d195>] ? tcp_set_state+0x165/0x3f0
[  219.483524]  [<ffffffff8237bd17>] tcp_close+0xc97/0xf60
[  219.488868]  [<ffffffff824411b3>] ? ip_mc_drop_socket+0x1d3/0x230
[  219.495082]  [<ffffffff8242438f>] inet_release+0xff/0x1d0
[  219.500611]  [<ffffffff821566c9>] __sock_release+0xd9/0x260
[  219.506312]  [<ffffffff82156850>] ? __sock_release+0x260/0x260
[  219.512261]  [<ffffffff82156869>] sock_close+0x19/0x20
[  219.517514]  [<ffffffff81478bc5>] __fput+0x235/0x6f0
[  219.522614]  [<ffffffff81479105>] ____fput+0x15/0x20
[  219.527700]  [<ffffffff8112a85f>] task_work_run+0x10f/0x190
[  219.533409]  [<ffffffff810fe372>] get_signal+0x1182/0x14a0
[  219.539016]  [<ffffffff82168f76>] ? release_sock+0x3b6/0x500
[  219.544810]  [<ffffffff81ab2c9b>] ? check_preemption_disabled+0x3b/0x170
[  219.551644]  [<ffffffff8100bc65>] do_signal+0x95/0x1840
[  219.556988]  [<ffffffff81158230>] ? kick_process+0x120/0x1c0
[  219.562764]  [<ffffffff8112a5de>] ? task_work_add+0x8e/0x110
[  219.568539]  [<ffffffff8100bbd0>] ? setup_sigcontext+0x780/0x780
[  219.574681]  [<ffffffff81479130>] ? fput+0x20/0x150
[  219.579682]  [<ffffffff8215eb33>] ? SyS_connect+0x203/0x310
[  219.585419]  [<ffffffff8215e930>] ? SyS_accept+0x30/0x30
[  219.590861]  [<ffffffff8128a741>] ? compat_SyS_futex+0x1e1/0x2f0
[  219.596982]  [<ffffffff8128a560>] ? compat_SyS_get_robust_list+0x310/0x310
[  219.603975]  [<ffffffff81003e84>] ? exit_to_usermode_loop+0xe4/0x160
[  219.610441]  [<ffffffff81003eba>] exit_to_usermode_loop+0x11a/0x160
[  219.616829]  [<ffffffff810062f8>] do_fast_syscall_32+0x618/0x8b0
[  219.622951]  [<ffffffff826926d0>] sysenter_flags_fixed+0xd/0x1a
[  219.628982] 
[  219.630586] Allocated by task 7405:
[  219.634192]  [<ffffffff8102dd46>] save_stack_trace+0x26/0x50
[  219.640087]  [<ffffffff81460902>] kasan_kmalloc.part.1+0x62/0xf0
[  219.646344]  [<ffffffff81460b7f>] kasan_kmalloc+0xaf/0xc0
[  219.652022]  [<ffffffff81461142>] kasan_slab_alloc+0x12/0x20
[  219.657929]  [<ffffffff8145c9ac>] kmem_cache_alloc+0xdc/0x2c0
[  219.663917]  [<ffffffff8217a4c6>] __alloc_skb+0xe6/0x5b0
[  219.669469]  [<ffffffff82376343>] sk_stream_alloc_skb+0xa3/0x5d0
[  219.675727]  [<ffffffff82378fd1>] tcp_sendmsg+0xf81/0x2b30
[  219.681514]  [<ffffffff82426413>] inet_sendmsg+0x203/0x4d0
[  219.687244]  [<ffffffff8215b17b>] sock_sendmsg+0xbb/0x110
[  219.692888]  [<ffffffff8215f380>] SyS_sendto+0x220/0x370
[  219.698434]  [<ffffffff81005ffe>] do_fast_syscall_32+0x31e/0x8b0
[  219.704678]  [<ffffffff826926d0>] sysenter_flags_fixed+0xd/0x1a
[  219.710841] 
[  219.712452] Freed by task 7414:
[  219.715708]  [<ffffffff8102dd46>] save_stack_trace+0x26/0x50
[  219.721616]  [<ffffffff814611fc>] kasan_slab_free+0xac/0x190
[  219.727535]  [<ffffffff8145e01e>] kmem_cache_free+0xbe/0x340
[  219.733442]  [<ffffffff8217298f>] kfree_skbmem+0xcf/0x100
[  219.739074]  [<ffffffff8217fd2d>] __kfree_skb+0x1d/0x20
[  219.744552]  [<ffffffff823b62c9>] tcp_connect+0xae9/0x3110
[  219.750290]  [<ffffffff823c41d1>] tcp_v4_connect+0xf31/0x1890
[  219.756271]  [<ffffffff82425329>] __inet_stream_connect+0x2a9/0xc30
[  219.762777]  [<ffffffff82425d05>] inet_stream_connect+0x55/0xa0
[  219.768934]  [<ffffffff8215eae8>] SyS_connect+0x1b8/0x310
[  219.774567]  [<ffffffff81005ffe>] do_fast_syscall_32+0x31e/0x8b0
[  219.780819]  [<ffffffff826926d0>] sysenter_flags_fixed+0xd/0x1a
[  219.786999] 
[  219.788605] The buggy address belongs to the object at ffff8800b09f4f00
[  219.788605]  which belongs to the cache skbuff_fclone_cache of size 456
[  219.801934] The buggy address is located 48 bytes inside of
[  219.801934]  456-byte region [ffff8800b09f4f00, ffff8800b09f50c8)
[  219.813695] The buggy address belongs to the page:
[  219.819511] kasan: CONFIG_KASAN_INLINE enabled
[  219.823930] kasan: GPF could be caused by NULL-ptr deref or user memory accessgeneral protection fault: 0000 [#1] PREEMPT SMP KASAN
[  219.836912] Modules linked in:
[  219.840249] CPU: 1 PID: 2147 Comm: syz-executor1 Not tainted 4.4.157+ #37
[  219.847174] task: ffff8801d2d2af80 task.stack: ffff8801d2c98000
[  219.853230] RIP: 0010:[<ffffffff81a72648>]  [<ffffffff81a72648>] timerqueue_add+0xb8/0x2b0
[  219.861787] RSP: 0018:ffff8801d2c9fa68  EFLAGS: 00010006
[  219.867239] RAX: ffffed003a593fa8 RBX: ffff8801d2c9fd28 RCX: ffffed003a5a5708
[  219.874512] RDX: 00001083e1e5ccc3 RSI: ffffffff81a7262c RDI: 0000841f0f2e6618
[  219.881793] RBP: ffff8801d2c9faa8 R08: ffff8801d2d2b848 R09: 0000000000000001
[  219.889088] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  219.896362] R13: 0000841f0f2e6600 R14: 00000032e592c4bd R15: ffffffff8140a835
[  219.903642] FS:  0000000000000000(0000) GS:ffff8801db700000(0063) knlGS:000000000a0cf900
[  219.911880] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  219.917761] CR2: 00000000f771affc CR3: 00000001d3bf6000 CR4: 00000000001606b0
[  219.925037] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  219.932324] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  219.939599] Stack:
[  219.941769]  ffff8801d2c9fd40 ffff8801db719390 ffffed003a593fa8 ffff8801db719380
[  219.949845]  ffff8801d2c9fd28 ffff8801db7192c0 0000000000000001 0000000000000000
[  219.957922]  ffff8801d2c9fae0 ffffffff81252cef 0000000000000863 ffff8801db719380
[  219.966007] Call Trace:
[  219.968612]  [<ffffffff81252cef>] enqueue_hrtimer+0x15f/0x440
[  219.974513]  [<ffffffff81255263>] hrtimer_start_range_ns+0x573/0x1410
[  219.981098]  [<ffffffff81254cf0>] ? __hrtimer_run_queues+0xfc0/0xfc0
[  219.987606]  [<ffffffff8269042a>] ? _raw_spin_unlock_irqrestore+0x5a/0x70
[  219.994537]  [<ffffffff811f368b>] ? trace_hardirqs_on_caller+0x38b/0x590
[  220.001382]  [<ffffffff82690415>] ? _raw_spin_unlock_irqrestore+0x45/0x70
[  220.008314]  [<ffffffff8268eab6>] do_nanosleep+0x196/0x4f0
[  220.013944]  [<ffffffff8268e920>] ? schedule_timeout_uninterruptible+0x90/0x90
[  220.021308]  [<ffffffff81460c31>] ? memset+0x31/0x40
[  220.026427]  [<ffffffff81257d50>] hrtimer_nanosleep+0x210/0x550
[  220.032491]  [<ffffffff81257b40>] ? hrtimer_run_queues+0x1c0/0x1c0
[  220.038817]  [<ffffffff81253000>] ? clock_was_set_work+0x30/0x30
[  220.044969]  [<ffffffff8268eab6>] ? do_nanosleep+0x196/0x4f0
[  220.050775]  [<ffffffff8125e14e>] ? SyS_clock_gettime+0x11e/0x1e0
[  220.057011]  [<ffffffff812a4aa9>] compat_SyS_nanosleep+0x289/0x390
[  220.063345]  [<ffffffff812a4820>] ? compat_convert_timespec+0x170/0x170
[  220.070103]  [<ffffffff812a6e65>] ? compat_SyS_clock_gettime+0x115/0x1a0
[  220.076951]  [<ffffffff812a6d50>] ? compat_SyS_clock_settime+0x190/0x190
[  220.083801]  [<ffffffff81005dbb>] ? do_fast_syscall_32+0xdb/0x8b0
[  220.090044]  [<ffffffff812a4820>] ? compat_convert_timespec+0x170/0x170
[  220.096821]  [<ffffffff81005ffe>] do_fast_syscall_32+0x31e/0x8b0
[  220.102969]  [<ffffffff826926d0>] sysenter_flags_fixed+0xd/0x1a
[  220.109024] Code: 00 00 4d 8b 2f 4d 85 ed 74 3d e8 54 27 88 ff 48 8b 45 d0 80 38 00 0f 85 96 01 00 00 49 8d 7d 18 4c 8b 73 18 48 89 fa 48 c1 ea 03 <42> 80 3c 22 00 0f 85 8a 01 00 00 4d 3b 75 18 7c a3 e8 22 27 88 
[  220.137192] RIP  [<ffffffff81a72648>] timerqueue_add+0xb8/0x2b0
[  220.143395]  RSP <ffff8801d2c9fa68>
[  220.147016] ---[ end trace 04040c2bc9f108e1 ]---
[  220.151778] Kernel panic - not syncing: Fatal exception
[  221.291830] Shutting down cpus with NMI
[  221.296542] Kernel Offset: disabled
[  221.300155] Rebooting in 86400 seconds..