INIT: Entering runlevel: 2
[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added 'ci-upstream-kasan-gce-386-0,10.128.15.230' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   43.615515] refcount_t: underflow; use-after-free.
[   43.616407] ------------[ cut here ]------------
[   43.617204] WARNING: CPU: 0 PID: 2987 at lib/refcount.c:186 refcount_sub_and_test+0x167/0x1b0
[   43.618414] Kernel panic - not syncing: panic_on_warn set ...
[   43.618414] 
[   43.619387] CPU: 0 PID: 2987 Comm: syzkaller493453 Not tainted 4.14.0-rc2+ #12
[   43.620357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   43.621580] Call Trace:
[   43.621941]  dump_stack+0x194/0x257
[   43.622437]  ? arch_local_irq_restore+0x53/0x53
[   43.623073]  panic+0x1e4/0x417
[   43.623508]  ? __warn+0x1d9/0x1d9
[   43.623979]  ? show_regs_print_info+0x65/0x65
[   43.624595]  ? refcount_sub_and_test+0x167/0x1b0
[   43.625229]  __warn+0x1c4/0x1d9
[   43.625686]  ? refcount_sub_and_test+0x167/0x1b0
[   43.626323]  report_bug+0x211/0x2d0
[   43.626821]  fixup_bug+0x40/0x90
[   43.627282]  do_trap+0x260/0x390
[   43.627746]  do_error_trap+0x120/0x390
[   43.628275]  ? do_trap+0x390/0x390
[   43.628771]  ? refcount_sub_and_test+0x167/0x1b0
[   43.629404]  ? vprintk_emit+0x3ea/0x590
[   43.629950]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   43.630603]  do_invalid_op+0x1b/0x20
[   43.631106]  invalid_op+0x18/0x20
[   43.631573] RIP: 0010:refcount_sub_and_test+0x167/0x1b0
[   43.632283] RSP: 0018:ffff8801c09ee370 EFLAGS: 00010282
[   43.633001] RAX: 0000000000000026 RBX: 0000000000000001 RCX: 0000000000000000
[   43.633957] RDX: 0000000000000026 RSI: 1ffff1003813dc2e RDI: ffffed003813dc62
[   43.634911] RBP: ffff8801c09ee400 R08: ffff8801c09eda60 R09: 0000000000000000
[   43.635867] R10: 0000000000000000 R11: 0000000000000000 R12: 1ffff1003813dc6f
[   43.643108] R13: 00000000ffffff01 R14: 0000000000000100 R15: ffff8801ce197364
[   43.650370]  ? refcount_inc+0x50/0x50
[   43.654144]  ? __sctp_outq_teardown+0xc7d/0x15a0
[   43.658871]  ? sctp_association_free+0x2d0/0x930
[   43.663598]  ? sctp_do_sm+0x28e7/0x6dd0
[   43.667546]  ? sctp_primitive_SHUTDOWN+0xa0/0xd0
[   43.672269]  ? sctp_close+0x3c6/0x980
[   43.676037]  ? inet_release+0xed/0x1c0
[   43.679901]  sctp_wfree+0x183/0x620
[   43.683498]  ? __sctp_write_space+0x910/0x910
[   43.687965]  skb_release_head_state+0x124/0x200
[   43.692605]  skb_release_all+0x15/0x60
[   43.696465]  consume_skb+0x153/0x490
[   43.700148]  ? sctp_chunk_put+0x99/0x420
[   43.704178]  ? alloc_skb_with_frags+0x710/0x710
[   43.708815]  ? sctp_chunk_hold+0x20/0x20
[   43.712848]  ? refcount_sub_and_test+0x115/0x1b0
[   43.717577]  ? refcount_inc+0x50/0x50
[   43.721348]  ? mark_held_locks+0xb2/0x100
[   43.725468]  ? sctp_datamsg_put+0x456/0x560
[   43.729767]  sctp_chunk_put+0x29c/0x420
[   43.733714]  ? sctp_chunk_hold+0x20/0x20
[   43.737748]  ? sctp_transport_dst_confirm+0x50/0x50
[   43.742749]  sctp_chunk_free+0x53/0x60
[   43.746608]  __sctp_outq_teardown+0xc7d/0x15a0
[   43.751160]  ? inet6_release+0x50/0x70
[   43.755026]  ? sctp_inq_set_th_handler+0x1b0/0x1b0
[   43.759927]  ? unwind_next_frame.part.6+0x1ae/0xc70
[   43.764915]  ? unwind_next_frame.part.6+0x1ae/0xc70
[   43.769901]  ? unwind_dump+0x4c0/0x4c0
[   43.773760]  ? unwind_dump+0x4c0/0x4c0
[   43.777618]  ? copy_trace+0x1d0/0x1d0
[   43.781394]  ? check_noncircular+0x20/0x20
[   43.785599]  ? check_noncircular+0x20/0x20
[   43.789802]  ? unwind_get_return_address+0x61/0xa0
[   43.794703]  ? __save_stack_trace+0x61/0xd0
[   43.798997]  ? check_noncircular+0x20/0x20
[   43.803206]  ? print_usage_bug+0x480/0x480
[   43.807416]  ? find_held_lock+0x39/0x1d0
[   43.811458]  ? lock_downgrade+0x990/0x990
[   43.815582]  ? sk_dst_check+0x560/0x560
[   43.819528]  ? rcu_read_lock_sched_held+0x108/0x120
[   43.824515]  ? lock_release+0xd70/0xd70
[   43.828467]  sctp_outq_free+0x15/0x20
[   43.832237]  sctp_association_free+0x2d0/0x930
[   43.836791]  ? sctp_asconf_queue_teardown+0x700/0x700
[   43.841950]  ? sock_def_wakeup+0x222/0x350
[   43.846156]  ? sk_dst_check+0x560/0x560
[   43.850100]  ? sctp_association_put+0x74/0x2f0
[   43.854649]  ? sctp_association_hold+0x20/0x20
[   43.859199]  ? unwind_dump+0x4c0/0x4c0
[   43.863065]  sctp_do_sm+0x28e7/0x6dd0
[   43.866847]  ? sctp_do_8_2_transport_strike.isra.16+0x8a0/0x8a0
[   43.872878]  ? print_usage_bug+0x480/0x480
[   43.877080]  ? __lock_acquire+0x20fd/0x4620
[   43.881371]  ? print_usage_bug+0x480/0x480
[   43.885578]  ? find_held_lock+0x39/0x1d0
[   43.889620]  ? lock_downgrade+0x990/0x990
[   43.893744]  ? skb_dequeue+0x22/0x180
[   43.897524]  ? do_raw_spin_trylock+0x190/0x190
[   43.902080]  ? mark_held_locks+0xb2/0x100
[   43.906211]  ? trace_hardirqs_on+0xd/0x10
[   43.910338]  sctp_primitive_SHUTDOWN+0xa0/0xd0
[   43.914892]  sctp_close+0x3c6/0x980
[   43.918497]  ? sctp_apply_peer_addr_params+0xf30/0xf30
[   43.923740]  ? unwind_get_return_address+0x61/0xa0
[   43.928642]  ? check_noncircular+0x20/0x20
[   43.932851]  ? depot_save_stack+0x3b5/0x490
[   43.937150]  ? ipv6_sock_ac_close+0x2e8/0x3e0
[   43.941620]  ? ipv6_sock_mc_close+0x148/0x1a0
[   43.946085]  ? ip_mc_drop_socket+0x1ce/0x230
[   43.950461]  ? __fsnotify_parent+0xb4/0x3a0
[   43.954754]  inet_release+0xed/0x1c0
[   43.958453]  inet6_release+0x50/0x70
[   43.962137]  sock_release+0x8d/0x1e0
[   43.965819]  ? sock_release+0x1e0/0x1e0
[   43.969761]  sock_close+0x16/0x20
[   43.973189]  __fput+0x333/0x7f0
[   43.976446]  ? fput+0x140/0x140
[   43.979699]  ? _raw_spin_unlock_irq+0x27/0x70
[   43.984170]  ____fput+0x15/0x20
[   43.987421]  task_work_run+0x199/0x270
[   43.991280]  ? task_work_cancel+0x210/0x210
[   43.995570]  ? _raw_spin_unlock+0x22/0x30
[   43.999690]  ? switch_task_namespaces+0x87/0xc0
[   44.004334]  do_exit+0x9d2/0x1af0
[   44.007757]  ? find_held_lock+0x39/0x1d0
[   44.011789]  ? mm_update_next_owner+0x930/0x930
[   44.016431]  ? lock_downgrade+0x990/0x990
[   44.020547]  ? lock_downgrade+0x990/0x990
[   44.024668]  ? release_sock+0x74/0x2a0
[   44.028535]  ? do_raw_spin_trylock+0x190/0x190
[   44.033086]  ? trace_hardirqs_on+0xd/0x10
[   44.037201]  ? __local_bh_enable_ip+0x9d/0x160
[   44.041753]  ? check_noncircular+0x20/0x20
[   44.045958]  ? release_sock+0x1d4/0x2a0
[   44.049902]  ? trace_hardirqs_on+0xd/0x10
[   44.054026]  ? __local_bh_enable_ip+0x9d/0x160
[   44.058582]  ? _raw_spin_unlock_bh+0x30/0x40
[   44.062957]  ? release_sock+0x1d4/0x2a0
[   44.066898]  ? sctp_shutdown+0x2d0/0x2d0
[   44.070932]  ? __release_sock+0x360/0x360
[   44.075055]  ? find_held_lock+0x39/0x1d0
[   44.079098]  ? lock_downgrade+0x990/0x990
[   44.083216]  ? recalc_sigpending_tsk+0x117/0x150
[   44.087943]  ? recalc_sigpending+0x103/0x160
[   44.092321]  ? recalc_sigpending_tsk+0x150/0x150
[   44.097044]  ? get_signal+0x2b2/0x16d0
[   44.100913]  do_group_exit+0x149/0x400
[   44.104770]  ? __lock_is_held+0xbc/0x140
[   44.108800]  ? SyS_exit+0x30/0x30
[   44.112225]  ? _raw_spin_unlock_irq+0x27/0x70
[   44.116690]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   44.121680]  get_signal+0x73f/0x16d0
[   44.125371]  ? ptrace_notify+0x130/0x130
[   44.129415]  ? inet_sendmsg+0x11f/0x5e0
[   44.133357]  ? inet_sendmsg+0x126/0x5e0
[   44.137301]  ? __might_sleep+0x95/0x190
[   44.141244]  ? inet_recvmsg+0x5f0/0x5f0
[   44.145193]  ? selinux_socket_sendmsg+0x36/0x40
[   44.149918]  ? security_socket_sendmsg+0x89/0xb0
[   44.154648]  do_signal+0x94/0x1ee0
[   44.158155]  ? sock_sendmsg+0x4f/0x110
[   44.162011]  ? fput+0xd2/0x140
[   44.165173]  ? SYSC_sendto+0x413/0x5a0
[   44.169037]  ? setup_sigcontext+0x7d0/0x7d0
[   44.173338]  ? lock_downgrade+0x990/0x990
[   44.177475]  ? exit_to_usermode_loop+0x8c/0x310
[   44.182120]  exit_to_usermode_loop+0x214/0x310
[   44.186670]  ? vmacache_update+0xfe/0x130
[   44.190790]  ? trace_event_raw_event_sys_exit+0x260/0x260
[   44.196298]  ? SyS_sendto+0x40/0x50
[   44.199899]  do_fast_syscall_32+0x83e/0xf05
[   44.204198]  ? do_int80_syscall_32+0x940/0x940
[   44.208755]  ? lockdep_sys_exit+0x47/0xf0
[   44.212873]  ? syscall_return_slowpath+0x2b3/0x510
[   44.217770]  ? finish_task_switch+0x1aa/0x740
[   44.222240]  ? retint_user+0x18/0x20
[   44.225930]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   44.230760]  entry_SYSENTER_compat+0x51/0x60
[   44.235139] RIP: 0023:0xf7f5cc79
[   44.238471] RSP: 002b:00000000f6f561ec EFLAGS: 00000292 ORIG_RAX: 0000000000000171
[   44.246153] RAX: 0000000000000006 RBX: 0000000000000003 RCX: 0000000020aa7000
[   44.253389] RDX: 0000000000000006 RSI: 0000000000008000 RDI: 0000000020aa7000
[   44.260626] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[   44.267864] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   44.275100] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   44.282864] Dumping ftrace buffer:
[   44.286424]    (ftrace buffer empty)
[   44.290105] Kernel Offset: disabled
[   44.293711] Rebooting in 86400 seconds..