INIT: Entering runlevel: 2
[�[36minfo�[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.10.15' (ECDSA) to the list of known hosts.
2018/04/06 07:09:35 parsed 1 programs
2018/04/06 07:09:35 executed programs: 0
syzkaller login: [ 60.487647] IPVS: ftp: loaded support on port[0] = 21
[ 60.494632] IPVS: ftp: loaded support on port[0] = 21
[ 60.504866] IPVS: ftp: loaded support on port[0] = 21
[ 60.516672] IPVS: ftp: loaded support on port[0] = 21
[ 60.531976] IPVS: ftp: loaded support on port[0] = 21
[ 60.536388] IPVS: ftp: loaded support on port[0] = 21
[ 60.566147] IPVS: ftp: loaded support on port[0] = 21
[ 60.585226] IPVS: ftp: loaded support on port[0] = 21
[ 61.499839] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 61.510405] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 61.522175] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 61.602247] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 61.622781] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 61.633211] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 61.698577] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 61.714438] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 63.715122] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[ 63.721416] 8021q: adding VLAN 0 to HW filter on device bond0
[ 63.794193] ==================================================================
[ 63.801747] BUG: KASAN: alloca-out-of-bounds in tick_sched_handle+0x16d/0x180
[ 63.809022] Read of size 8 at addr ffff8801b2fe7190 by task ip/5577
[ 63.815408]
[ 63.817024] CPU: 0 PID: 5577 Comm: ip Not tainted 4.16.0+ #2
[ 63.822799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 63.832133] Call Trace:
[ 63.834694]
[ 63.836838] dump_stack+0x1b9/0x29f
[ 63.840452] ? arch_local_irq_restore+0x52/0x52
[ 63.845103] ? printk+0x9e/0xba
[ 63.848367] ? show_regs_print_info+0x18/0x18
[ 63.852850] ? kasan_check_write+0x14/0x20
[ 63.857073] print_address_description+0x6c/0x20b
[ 63.861902] ? tick_sched_handle+0x16d/0x180
[ 63.866293] kasan_report.cold.7+0xac/0x2f5
[ 63.870601] __asan_report_load8_noabort+0x14/0x20
[ 63.875515] tick_sched_handle+0x16d/0x180
[ 63.879736] tick_sched_timer+0x42/0x130
[ 63.883783] __hrtimer_run_queues+0x3e3/0x10a0
[ 63.888363] ? tick_sched_do_timer+0x100/0x100
[ 63.892935] ? hrtimer_start_range_ns+0xd10/0xd10
[ 63.897767] ? pvclock_read_flags+0x160/0x160
[ 63.902248] ? __local_bh_enable+0xef/0x130
[ 63.906556] ? kvm_clock_read+0x25/0x30
[ 63.910512] ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 63.915511] ? ktime_get_update_offsets_now+0x3a6/0x570
[ 63.920860] ? do_timer+0x50/0x50
[ 63.924295] ? rcu_nmi_exit+0xd7/0x2b0
[ 63.928167] ? do_raw_spin_lock+0xc1/0x200
[ 63.932388] hrtimer_interrupt+0x286/0x650
[ 63.936614] smp_apic_timer_interrupt+0x15d/0x710
[ 63.941438] ? smp_call_function_single_interrupt+0x650/0x650
[ 63.947307] ? _raw_spin_lock+0x32/0x40
[ 63.951268] ? _raw_spin_unlock+0x22/0x30
[ 63.955399] ? handle_edge_irq+0x330/0x870
[ 63.959618] ? task_prio+0x50/0x50
[ 63.963146] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 63.967985] apic_timer_interrupt+0xf/0x20
[ 63.972196]
[ 63.974421] RIP: 0010:kasan_unpoison_shadow+0x0/0x50
[ 63.979504] RSP: 0018:ffff8801b2fe71b0 EFLAGS: 00000202 ORIG_RAX: ffffffffffffff13
[ 63.987209] RAX: ffff8801a9c92540 RBX: 0000000000000000 RCX: 0000000000000000
[ 63.994459] RDX: 0000000000000000 RSI: 0000000000000068 RDI: ffff8801b2fe7160
[ 64.001710] RBP: ffff8801b2fe71b8 R08: ffff8801a9c92540 R09: 0000000000000000
[ 64.008962] R10: ffffed00365fcd20 R11: 0000000000000003 R12: ffff8801b2fe75d0
[ 64.016216] R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000
[ 64.023482] ? __asan_allocas_unpoison+0x16/0x20
[ 64.028219] rtnl_newlink+0x1094/0x1a40
[ 64.032188] ? rtnl_link_unregister+0x370/0x370
[ 64.036841] ? kasan_check_read+0x11/0x20
[ 64.040970] ? rcu_is_watching+0x85/0x140
[ 64.045102] ? __lock_acquire+0x7f5/0x5130
[ 64.049324] ? graph_lock+0x170/0x170
[ 64.053134] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 64.058653] ? rtnl_get_link+0x164/0x350
[ 64.062698] ? rtnl_dump_all+0x5e0/0x5e0
[ 64.066742] ? rcu_is_watching+0x85/0x140
[ 64.070877] ? rcu_bh_force_quiescent_state+0x20/0x20
[ 64.076051] ? __netlink_ns_capable+0x100/0x130
[ 64.080715] ? rtnl_link_unregister+0x370/0x370
[ 64.085368] rtnetlink_rcv_msg+0x466/0xc10
[ 64.089589] ? rtnetlink_put_metrics+0x690/0x690
[ 64.094349] netlink_rcv_skb+0x172/0x440
[ 64.098395] ? rtnetlink_put_metrics+0x690/0x690
[ 64.103135] ? netlink_ack+0xbc0/0xbc0
[ 64.107008] ? rcu_bh_force_quiescent_state+0x20/0x20
[ 64.112184] ? netlink_skb_destructor+0x210/0x210
[ 64.117018] rtnetlink_rcv+0x1c/0x20
[ 64.120716] netlink_unicast+0x58b/0x740
[ 64.124765] ? netlink_attachskb+0x970/0x970
[ 64.129154] ? import_iovec+0x24b/0x420
[ 64.133114] ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 64.138115] ? security_netlink_send+0x8f/0xc0
[ 64.142681] netlink_sendmsg+0x9d8/0xf80
[ 64.146732] ? netlink_unicast+0x740/0x740
[ 64.150950] ? security_socket_sendmsg+0x9b/0xd0
[ 64.155691] ? netlink_unicast+0x740/0x740
[ 64.159914] sock_sendmsg+0xd5/0x120
[ 64.163611] ___sys_sendmsg+0x805/0x940
[ 64.167574] ? copy_msghdr_from_user+0x560/0x560
[ 64.172313] ? vm_insert_mixed_mkwrite+0x40/0x40
[ 64.177050] ? graph_lock+0x170/0x170
[ 64.180838] ? graph_lock+0x170/0x170
[ 64.184623] ? find_held_lock+0x36/0x1c0
[ 64.188669] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 64.194191] ? __fget_light+0x2ef/0x430
[ 64.198768] ? fget_raw+0x20/0x20
[ 64.202213] ? find_held_lock+0x36/0x1c0
[ 64.206265] ? lock_downgrade+0x8e0/0x8e0
[ 64.210393] ? handle_mm_fault+0x8c0/0xc70
[ 64.214616] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 64.220139] ? sockfd_lookup_light+0xc5/0x160
[ 64.224617] __sys_sendmsg+0x115/0x270
[ 64.228491] ? SyS_shutdown+0x30/0x30
[ 64.232282] ? __do_page_fault+0x441/0xe40
[ 64.236509] ? syscall_slow_exit_work+0x4f0/0x4f0
[ 64.241338] SyS_sendmsg+0x29/0x30
[ 64.244865] ? __sys_sendmsg+0x270/0x270
[ 64.248908] do_syscall_64+0x29e/0x9d0
[ 64.252777] ? vmalloc_sync_all+0x30/0x30
[ 64.256908] ? syscall_slow_exit_work+0x4f0/0x4f0
[ 64.261734] ? syscall_return_slowpath+0x5c0/0x5c0
[ 64.266648] ? syscall_return_slowpath+0x30f/0x5c0
[ 64.271563] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 64.277081] ? retint_user+0x18/0x18
[ 64.280780] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 64.285611] entry_SYSCALL_64_after_hwframe+0x42/0xb7
[ 64.290782] RIP: 0033:0x7f78e82ae320
[ 64.294475] RSP: 002b:00007ffddfbb9818 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 64.302167] RAX: ffffffffffffffda RBX: 00007ffddfbbd910 RCX: 00007f78e82ae320
[ 64.309418] RDX: 0000000000000000 RSI: 00007ffddfbb9850 RDI: 0000000000000003
[ 64.316691] RBP: 00007ffddfbb9850 R08: 0000000000000000 R09: 0000000000000000
[ 64.323945] R10: 0000000000000000 R11: 0000000000000246 R12: 000000005ac71d35
[ 64.331198] R13: 0000000000000000 R14: 00000000006395c0 R15: 00007ffddfbbe0e8
[ 64.338457]
[ 64.340065] The buggy address belongs to the page:
[ 64.344986] page:ffffea0006cbf9c0 count:0 mapcount:0 mapping:0000000000000000 index:0x0
[ 64.353112] flags: 0x2fffc0000000000()
[ 64.356983] raw: 02fffc0000000000 0000000000000000 0000000000000000 00000000ffffffff
[ 64.364851] raw: 0000000000000000 ffffea0006cb0101 0000000000000000 0000000000000000
[ 64.372709] page dumped because: kasan: bad access detected
[ 64.378568]
[ 64.380350] Memory state around the buggy address:
[ 64.385258] ffff8801b2fe7080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 64.392599] ffff8801b2fe7100: 00 00 00 00 00 00 00 00 00 00 00 00 ca ca ca ca
[ 64.399942] >ffff8801b2fe7180: 00 cb cb cb cb cb cb cb 00 00 00 00 00 00 00 00
[ 64.407279] ^
[ 64.411148] ffff8801b2fe7200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1
[ 64.418488] ffff8801b2fe7280: f1 f1 00 f2 f2 f2 f2 f2 f2 f2 00 00 f2 f2 f2 f2
[ 64.425825] ==================================================================
[ 64.433162] Disabling lock debugging due to kernel taint
[ 64.438588] Kernel panic - not syncing: panic_on_warn set ...
[ 64.438588]
[ 64.445933] CPU: 0 PID: 5577 Comm: ip Tainted: G B 4.16.0+ #2
[ 64.453012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 64.462343] Call Trace:
[ 64.464901]
[ 64.467034] dump_stack+0x1b9/0x29f
[ 64.470643] ? arch_local_irq_restore+0x52/0x52
[ 64.475294] ? lock_downgrade+0x8e0/0x8e0
[ 64.479423] ? vprintk_default+0x28/0x30
[ 64.483465] ? tick_sched_handle+0x120/0x180
[ 64.487855] panic+0x22f/0x4de
[ 64.491028] ? add_taint.cold.5+0x16/0x16
[ 64.495156] ? add_taint.cold.5+0x5/0x16
[ 64.499195] ? do_raw_spin_unlock+0x9e/0x2e0
[ 64.503585] ? tick_sched_handle+0x16d/0x180
[ 64.507977] kasan_end_report+0x47/0x4f
[ 64.511930] kasan_report.cold.7+0xc9/0x2f5
[ 64.516233] __asan_report_load8_noabort+0x14/0x20
[ 64.521145] tick_sched_handle+0x16d/0x180
[ 64.525363] tick_sched_timer+0x42/0x130
[ 64.529408] __hrtimer_run_queues+0x3e3/0x10a0
[ 64.533974] ? tick_sched_do_timer+0x100/0x100
[ 64.538538] ? hrtimer_start_range_ns+0xd10/0xd10
[ 64.543365] ? pvclock_read_flags+0x160/0x160
[ 64.548644] ? __local_bh_enable+0xef/0x130
[ 64.552949] ? kvm_clock_read+0x25/0x30
[ 64.556904] ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 64.561904] ? ktime_get_update_offsets_now+0x3a6/0x570
[ 64.567258] ? do_timer+0x50/0x50
[ 64.570691] ? rcu_nmi_exit+0xd7/0x2b0
[ 64.574829] ? do_raw_spin_lock+0xc1/0x200
[ 64.579132] hrtimer_interrupt+0x286/0x650
[ 64.583350] smp_apic_timer_interrupt+0x15d/0x710
[ 64.588174] ? smp_call_function_single_interrupt+0x650/0x650
[ 64.594037] ? _raw_spin_lock+0x32/0x40
[ 64.597995] ? _raw_spin_unlock+0x22/0x30
[ 64.602126] ? handle_edge_irq+0x330/0x870
[ 64.606344] ? task_prio+0x50/0x50
[ 64.609871] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 64.614695] apic_timer_interrupt+0xf/0x20
[ 64.618905]
[ 64.621127] RIP: 0010:kasan_unpoison_shadow+0x0/0x50
[ 64.626207] RSP: 0018:ffff8801b2fe71b0 EFLAGS: 00000202 ORIG_RAX: ffffffffffffff13
[ 64.633905] RAX: ffff8801a9c92540 RBX: 0000000000000000 RCX: 0000000000000000
[ 64.641171] RDX: 0000000000000000 RSI: 0000000000000068 RDI: ffff8801b2fe7160
[ 64.648419] RBP: ffff8801b2fe71b8 R08: ffff8801a9c92540 R09: 0000000000000000
[ 64.655667] R10: ffffed00365fcd20 R11: 0000000000000003 R12: ffff8801b2fe75d0
[ 64.662915] R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000
[ 64.670174] ? __asan_allocas_unpoison+0x16/0x20
[ 64.674921] rtnl_newlink+0x1094/0x1a40
[ 64.678881] ? rtnl_link_unregister+0x370/0x370
[ 64.683528] ? kasan_check_read+0x11/0x20
[ 64.687657] ? rcu_is_watching+0x85/0x140
[ 64.691789] ? __lock_acquire+0x7f5/0x5130
[ 64.696016] ? graph_lock+0x170/0x170
[ 64.699816] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 64.705338] ? rtnl_get_link+0x164/0x350
[ 64.709380] ? rtnl_dump_all+0x5e0/0x5e0
[ 64.713422] ? rcu_is_watching+0x85/0x140
[ 64.717552] ? rcu_bh_force_quiescent_state+0x20/0x20
[ 64.722725] ? __netlink_ns_capable+0x100/0x130
[ 64.727376] ? rtnl_link_unregister+0x370/0x370
[ 64.732028] rtnetlink_rcv_msg+0x466/0xc10
[ 64.736249] ? rtnetlink_put_metrics+0x690/0x690
[ 64.740992] netlink_rcv_skb+0x172/0x440
[ 64.745039] ? rtnetlink_put_metrics+0x690/0x690
[ 64.749775] ? netlink_ack+0xbc0/0xbc0
[ 64.753640] ? rcu_bh_force_quiescent_state+0x20/0x20
[ 64.758809] ? netlink_skb_destructor+0x210/0x210
[ 64.763637] rtnetlink_rcv+0x1c/0x20
[ 64.767332] netlink_unicast+0x58b/0x740
[ 64.771377] ? netlink_attachskb+0x970/0x970
[ 64.775766] ? import_iovec+0x24b/0x420
[ 64.779731] ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 64.784731] ? security_netlink_send+0x8f/0xc0
[ 64.789292] netlink_sendmsg+0x9d8/0xf80
[ 64.793335] ? netlink_unicast+0x740/0x740
[ 64.797549] ? security_socket_sendmsg+0x9b/0xd0
[ 64.802297] ? netlink_unicast+0x740/0x740
[ 64.806515] sock_sendmsg+0xd5/0x120
[ 64.810212] ___sys_sendmsg+0x805/0x940
[ 64.814169] ? copy_msghdr_from_user+0x560/0x560
[ 64.818909] ? vm_insert_mixed_mkwrite+0x40/0x40
[ 64.823645] ? graph_lock+0x170/0x170
[ 64.827428] ? graph_lock+0x170/0x170
[ 64.831211] ? find_held_lock+0x36/0x1c0
[ 64.835254] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 64.840772] ? __fget_light+0x2ef/0x430
[ 64.844725] ? fget_raw+0x20/0x20
[ 64.848160] ? find_held_lock+0x36/0x1c0
[ 64.852208] ? lock_downgrade+0x8e0/0x8e0
[ 64.856333] ? handle_mm_fault+0x8c0/0xc70
[ 64.860551] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 64.866067] ? sockfd_lookup_light+0xc5/0x160
[ 64.870541] __sys_sendmsg+0x115/0x270
[ 64.874410] ? SyS_shutdown+0x30/0x30
[ 64.878192] ? __do_page_fault+0x441/0xe40
[ 64.882413] ? syscall_slow_exit_work+0x4f0/0x4f0
[ 64.887236] SyS_sendmsg+0x29/0x30
[ 64.890754] ? __sys_sendmsg+0x270/0x270
[ 64.894798] do_syscall_64+0x29e/0x9d0
[ 64.898671] ? vmalloc_sync_all+0x30/0x30
[ 64.902800] ? syscall_slow_exit_work+0x4f0/0x4f0
[ 64.907628] ? syscall_return_slowpath+0x5c0/0x5c0
[ 64.912540] ? syscall_return_slowpath+0x30f/0x5c0
[ 64.917451] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 64.922973] ? retint_user+0x18/0x18
[ 64.926672] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 64.932972] entry_SYSCALL_64_after_hwframe+0x42/0xb7
[ 64.938140] RIP: 0033:0x7f78e82ae320
[ 64.941830] RSP: 002b:00007ffddfbb9818 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 64.949515] RAX: ffffffffffffffda RBX: 00007ffddfbbd910 RCX: 00007f78e82ae320
[ 64.956760] RDX: 0000000000000000 RSI: 00007ffddfbb9850 RDI: 0000000000000003
[ 64.964010] RBP: 00007ffddfbb9850 R08: 0000000000000000 R09: 0000000000000000
[ 64.971258] R10: 0000000000000000 R11: 0000000000000246 R12: 000000005ac71d35
[ 64.978504] R13: 0000000000000000 R14: 00000000006395c0 R15: 00007ffddfbbe0e8
[ 64.986211] Dumping ftrace buffer:
[ 64.989723] (ftrace buffer empty)
[ 64.993405] Kernel Offset: disabled
[ 64.997005] Rebooting in 86400 seconds..