[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   13.756768] random: crng init done
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.57' (ECDSA) to the list of known hosts.
syzkaller login: [   48.446251] audit: type=1400 audit(1561754605.373:5): avc:  denied  { associate } for  pid=2079 comm="syz-executor230" name="syz4" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   60.915325] ==================================================================
[   60.922770] BUG: KASAN: use-after-free in xfrm6_tunnel_destroy+0x4f6/0x570
[   60.929784] Read of size 8 at addr ffff8801c49142b8 by task kworker/0:1/23
[   60.936786] 
[   60.938404] CPU: 0 PID: 23 Comm: kworker/0:1 Not tainted 4.9.184+ #5
[   60.944896] Workqueue: events xfrm_state_gc_task
[   60.949812]  ffff8801d9c3fa60 ffffffff81b580a1 0000000000000000 ffffea0007124400
[   60.957871]  ffff8801c49142b8 0000000000000008 ffffffff8277d776 ffff8801d9c3fa98
[   60.965888]  ffffffff8150ac88 0000000000000000 ffff8801c49142b8 ffff8801c49142b8
[   60.973996] Call Trace:
[   60.976599]  [<00000000b2086b5d>] dump_stack+0xc1/0x120
[   60.981995]  [<00000000f93b3e00>] ? xfrm6_tunnel_destroy+0x4f6/0x570
[   60.988493]  [<00000000f9339362>] print_address_description+0x6f/0x23a
[   60.995147]  [<00000000f93b3e00>] ? xfrm6_tunnel_destroy+0x4f6/0x570
[   61.001624]  [<0000000016ecc5b6>] kasan_report.cold+0x8c/0x2ba
[   61.007576]  [<00000000fe17f3d5>] __asan_report_load8_noabort+0x14/0x20
[   61.014324]  [<00000000f93b3e00>] xfrm6_tunnel_destroy+0x4f6/0x570
[   61.020623]  [<00000000ef02e282>] ? xfrm6_tunnel_destroy+0x34/0x570
[   61.027030]  [<00000000b2d58190>] ? kfree+0x1b8/0x310
[   61.032206]  [<00000000ff942899>] xfrm_state_gc_task+0x3b9/0x520
[   61.038347]  [<00000000979849b7>] ? xfrm_state_unregister_afinfo+0x170/0x170
[   61.045528]  [<00000000bd83a7de>] process_one_work+0x88b/0x1600
[   61.051573]  [<000000009bc5d433>] ? process_one_work+0x7ce/0x1600
[   61.057814]  [<000000003fb28fb1>] ? pwq_dec_nr_in_flight+0x2e0/0x2e0
[   61.064304]  [<00000000943ce93e>] ? _raw_spin_unlock_irq+0x28/0x60
[   61.070610]  [<0000000040d687fc>] worker_thread+0x7fb/0x11d0
[   61.076403]  [<00000000ff5ba41d>] ? process_one_work+0x1600/0x1600
[   61.082713]  [<00000000a10c0951>] kthread+0x278/0x310
[   61.087884]  [<00000000c62ca806>] ? kthread_park+0xa0/0xa0
[   61.093524]  [<000000009370c471>] ? debug_lockdep_rcu_enabled+0x71/0xa0
[   61.100266]  [<00000000f7a2590f>] ? _raw_spin_unlock_irq+0x39/0x60
[   61.106592]  [<00000000ae4f2f33>] ? finish_task_switch+0x1e5/0x660
[   61.112908]  [<000000007490b1e3>] ? finish_task_switch+0x1b7/0x660
[   61.119204]  [<00000000c0bc18fe>] ? __switch_to_asm+0x41/0x70
[   61.125067]  [<000000006d8c51fe>] ? __switch_to_asm+0x35/0x70
[   61.130936]  [<00000000c0bc18fe>] ? __switch_to_asm+0x41/0x70
[   61.136809]  [<00000000c62ca806>] ? kthread_park+0xa0/0xa0
[   61.142414]  [<00000000c62ca806>] ? kthread_park+0xa0/0xa0
[   61.148026]  [<000000006c93a755>] ret_from_fork+0x5c/0x70
[   61.153544] 
[   61.155158] Allocated by task 2079:
[   61.158785]  save_stack_trace+0x16/0x20
[   61.162736]  kasan_kmalloc.part.0+0x62/0xf0
[   61.167035]  kasan_kmalloc+0xb7/0xd0
[   61.170724]  __kmalloc+0x133/0x320
[   61.174266]  ops_init+0xf1/0x3a0
[   61.177613]  setup_net+0x1c8/0x500
[   61.181130]  copy_net_ns+0x191/0x340
[   61.184826]  create_new_namespaces+0x37c/0x7a0
[   61.189398]  unshare_nsproxy_namespaces+0xab/0x1e0
[   61.194306]  SyS_unshare+0x305/0x6f0
[   61.197998]  do_syscall_64+0x1ad/0x5c0
[   61.201885]  entry_SYSCALL_64_after_swapgs+0x5d/0xdb
[   61.207053] 
[   61.208655] Freed by task 5:
[   61.211661]  save_stack_trace+0x16/0x20
[   61.215630]  kasan_slab_free+0xb0/0x190
[   61.219591]  kfree+0xfc/0x310
[   61.222677]  ops_free_list.part.0+0x1ff/0x330
[   61.227148]  cleanup_net+0x474/0x8a0
[   61.230837]  process_one_work+0x88b/0x1600
[   61.235046]  worker_thread+0x5df/0x11d0
[   61.239000]  kthread+0x278/0x310
[   61.242366]  ret_from_fork+0x5c/0x70
[   61.246082] 
[   61.247699] The buggy address belongs to the object at ffff8801c4914200
[   61.247699]  which belongs to the cache kmalloc-8192 of size 8192
[   61.260524] The buggy address is located 184 bytes inside of
[   61.260524]  8192-byte region [ffff8801c4914200, ffff8801c4916200)
[   61.272555] The buggy address belongs to the page:
[   61.277474] page:ffffea0007124400 count:1 mapcount:0 mapping:          (null) index:0x0 compound_mapcount: 0
[   61.287699] flags: 0x4000000000010200(slab|head)
[   61.292493] page dumped because: kasan: bad access detected
[   61.298181] 
[   61.299785] Memory state around the buggy address:
[   61.304693]  ffff8801c4914180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   61.312044]  ffff8801c4914200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   61.319382] >ffff8801c4914280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   61.326719]                                         ^
[   61.331902]  ffff8801c4914300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   61.339243]  ffff8801c4914380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   61.346578] ==================================================================
[   61.353912] Disabling lock debugging due to kernel taint
[   61.359394] Kernel panic - not syncing: panic_on_warn set ...
[   61.359394] 
[   61.366771] CPU: 0 PID: 23 Comm: kworker/0:1 Tainted: G    B           4.9.184+ #5
[   61.374600] Workqueue: events xfrm_state_gc_task
[   61.381570]  ffff8801d9c3f9a0 ffffffff81b580a1 ffff8801d9c3fa00 ffffffff82e3f38f
[   61.389645]  00000000ffffffff 0000000000000000 ffffffff8277d776 ffff8801d9c3fa80
[   61.397738]  ffffffff813fd67a 0000000041b58ab3 ffffffff82e313da ffffffff813fd4a1
[   61.405832] Call Trace:
[   61.408423]  [<00000000b2086b5d>] dump_stack+0xc1/0x120
[   61.413799]  [<00000000f93b3e00>] ? xfrm6_tunnel_destroy+0x4f6/0x570
[   61.420291]  [<00000000aa5e64a9>] panic+0x1d9/0x3bd
[   61.425302]  [<000000002b977a50>] ? add_taint.cold+0x16/0x16
[   61.431079]  [<00000000f93b3e00>] ? xfrm6_tunnel_destroy+0x4f6/0x570
[   61.437557]  [<000000004ae93621>] kasan_end_report+0x47/0x4f
[   61.443336]  [<00000000fdd605e2>] kasan_report.cold+0xa9/0x2ba
[   61.449289]  [<00000000fe17f3d5>] __asan_report_load8_noabort+0x14/0x20
[   61.456024]  [<00000000f93b3e00>] xfrm6_tunnel_destroy+0x4f6/0x570
[   61.462367]  [<00000000ef02e282>] ? xfrm6_tunnel_destroy+0x34/0x570
[   61.468777]  [<00000000b2d58190>] ? kfree+0x1b8/0x310
[   61.473973]  [<00000000ff942899>] xfrm_state_gc_task+0x3b9/0x520
[   61.480113]  [<00000000979849b7>] ? xfrm_state_unregister_afinfo+0x170/0x170
[   61.487288]  [<00000000bd83a7de>] process_one_work+0x88b/0x1600
[   61.493335]  [<000000009bc5d433>] ? process_one_work+0x7ce/0x1600
[   61.499546]  [<000000003fb28fb1>] ? pwq_dec_nr_in_flight+0x2e0/0x2e0
[   61.506017]  [<00000000943ce93e>] ? _raw_spin_unlock_irq+0x28/0x60
[   61.512314]  [<0000000040d687fc>] worker_thread+0x7fb/0x11d0
[   61.518093]  [<00000000ff5ba41d>] ? process_one_work+0x1600/0x1600
[   61.524391]  [<00000000a10c0951>] kthread+0x278/0x310
[   61.529561]  [<00000000c62ca806>] ? kthread_park+0xa0/0xa0
[   61.535169]  [<000000009370c471>] ? debug_lockdep_rcu_enabled+0x71/0xa0
[   61.541906]  [<00000000f7a2590f>] ? _raw_spin_unlock_irq+0x39/0x60
[   61.548206]  [<00000000ae4f2f33>] ? finish_task_switch+0x1e5/0x660
[   61.554516]  [<000000007490b1e3>] ? finish_task_switch+0x1b7/0x660
[   61.560820]  [<00000000c0bc18fe>] ? __switch_to_asm+0x41/0x70
[   61.566691]  [<000000006d8c51fe>] ? __switch_to_asm+0x35/0x70
[   61.572557]  [<00000000c0bc18fe>] ? __switch_to_asm+0x41/0x70
[   61.578466]  [<00000000c62ca806>] ? kthread_park+0xa0/0xa0
[   61.584074]  [<00000000c62ca806>] ? kthread_park+0xa0/0xa0
[   61.589699]  [<000000006c93a755>] ret_from_fork+0x5c/0x70
[   61.595735] Kernel Offset: disabled
[   61.599353] Rebooting in 86400 seconds..