INIT: Entering runlevel: 2
[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added 'ci-upstream-kasan-gce-2,10.128.0.30' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
syzkaller login: [   59.040162] dev_remove_pack: ffff8801c9ec0c00 not found
executing program
[   59.085329] ==================================================================
[   59.092742] BUG: KASAN: use-after-free in __netif_receive_skb_core+0x2fa3/0x3230
[   59.100245] Read of size 2 at addr ffff8801c9e655c0 by task syzkaller414559/8569
[   59.107742] 
[   59.109342] CPU: 1 PID: 8569 Comm: syzkaller414559 Not tainted 4.13.0-rc7+ #64
[   59.116668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   59.125992] Call Trace:
[   59.128543]  <IRQ>
[   59.130665]  dump_stack+0x194/0x257
[   59.134267]  ? arch_local_irq_restore+0x53/0x53
[   59.138903]  ? show_regs_print_info+0x65/0x65
[   59.143374]  ? compat_packet_setsockopt+0x140/0x140
[   59.148360]  ? __netif_receive_skb_core+0x2fa3/0x3230
[   59.153525]  print_address_description+0x73/0x250
[   59.158341]  ? __netif_receive_skb_core+0x2fa3/0x3230
[   59.163545]  kasan_report+0x24e/0x340
[   59.167320]  __asan_report_load2_noabort+0x14/0x20
[   59.172268]  __netif_receive_skb_core+0x2fa3/0x3230
[   59.177266]  ? nf_ingress+0x980/0x980
[   59.181034]  ? find_held_lock+0x35/0x1d0
[   59.185073]  ? lock_downgrade+0x990/0x990
[   59.189192]  ? __lock_acquire+0x6ef/0x3dc0
[   59.193394]  ? find_held_lock+0x35/0x1d0
[   59.197428]  ? print_usage_bug+0x480/0x480
[   59.201628]  ? is_bpf_text_address+0x7b/0x120
[   59.206094]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   59.211251]  ? __free_insn_slot+0x5c0/0x5c0
[   59.215550]  ? update_stack_state+0x700/0x700
[   59.220038]  ? find_held_lock+0x35/0x1d0
[   59.224072]  ? netif_receive_skb_internal+0x23e/0x1a50
[   59.229316]  ? lock_downgrade+0x990/0x990
[   59.233447]  ? pvclock_read_flags+0x160/0x160
[   59.237907]  ? mark_held_locks+0xaf/0x100
[   59.242025]  ? lock_acquire+0x1d5/0x580
[   59.245967]  ? lock_acquire+0x1d5/0x580
[   59.249914]  ? netif_receive_skb_internal+0xf1/0x1a50
[   59.255078]  ? ktime_get_with_offset+0x2c1/0x420
[   59.259807]  ? lock_release+0xa40/0xa40
[   59.263745]  ? do_gettimeofday+0x190/0x190
[   59.267944]  ? check_noncircular+0x20/0x20
[   59.272170]  ? netif_receive_skb_internal+0xf1/0x1a50
[   59.277333]  __netif_receive_skb+0x2c/0x1b0
[   59.281620]  ? __netif_receive_skb+0x2c/0x1b0
[   59.286082]  ? netif_receive_skb_internal+0xf1/0x1a50
[   59.291239]  netif_receive_skb_internal+0x16a/0x1a50
[   59.296311]  ? find_held_lock+0x35/0x1d0
[   59.300339]  ? dev_queue_xmit_accel+0x30/0x30
[   59.304801]  ? dev_gro_receive+0xc3e/0x19b0
[   59.309094]  ? lock_downgrade+0x990/0x990
[   59.313220]  ? lock_release+0xa40/0xa40
[   59.317175]  ? memset+0x31/0x40
[   59.320424]  ? dev_gro_receive+0x1be/0x19b0
[   59.324723]  ? __alloc_pages_nodemask+0xd40/0xd40
[   59.329550]  ? net_rx_action+0x1910/0x1910
[   59.333752]  ? __lock_is_held+0xb6/0x140
[   59.337787]  ? skb_gro_reset_offset+0x17b/0x300
[   59.342430]  napi_gro_receive+0x3d0/0x500
[   59.346546]  ? dev_gro_receive+0x19b0/0x19b0
[   59.350921]  ? eth_type_trans+0x2a3/0x650
[   59.355034]  ? eth_gro_receive+0x810/0x810
[   59.359248]  receive_buf+0xaef/0x5690
[   59.363015]  ? __lock_is_held+0xb6/0x140
[   59.367057]  ? virtnet_set_rx_mode+0x9f0/0x9f0
[   59.371614]  ? sched_init_domains+0xb0/0x120
[   59.375991]  ? check_noncircular+0x20/0x20
[   59.380196]  ? update_curr+0x30c/0x800
[   59.384050]  ? nohz_balance_exit_idle.part.86+0x70/0x70
[   59.389381]  ? print_usage_bug+0x480/0x480
[   59.393582]  ? account_entity_enqueue+0x27d/0x4e0
[   59.398407]  ? __enqueue_entity+0x134/0x230
[   59.402693]  ? __update_load_avg_se.isra.23+0x39c/0x590
[   59.408043]  ? enqueue_task_fair+0x2541/0x7a10
[   59.412607]  ? dequeue_task_fair+0x5c10/0x5c10
[   59.417165]  ? __lock_acquire+0x6ef/0x3dc0
[   59.421367]  ? print_usage_bug+0x480/0x480
[   59.425579]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   59.430742]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   59.435910]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   59.441069]  ? find_held_lock+0x35/0x1d0
[   59.445096]  ? print_usage_bug+0x480/0x480
[   59.449560]  ? select_task_rq_fair+0xeba/0x2ac0
[   59.454205]  ? print_usage_bug+0x480/0x480
[   59.458406]  ? lock_release+0xa40/0xa40
[   59.462346]  ? _find_next_bit+0xee/0x120
[   59.466379]  ? check_noncircular+0x20/0x20
[   59.470581]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   59.475738]  ? select_task_rq_fair+0xed9/0x2ac0
[   59.480375]  ? print_usage_bug+0x480/0x480
[   59.484587]  ? find_held_lock+0x35/0x1d0
[   59.488614]  ? print_usage_bug+0x480/0x480
[   59.492815]  ? print_usage_bug+0x480/0x480
[   59.497015]  ? __lock_acquire+0x6ef/0x3dc0
[   59.501217]  ? lock_downgrade+0x990/0x990
[   59.505333]  ? lock_release+0xa40/0xa40
[   59.509289]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   59.514455]  ? cpuacct_charge+0x2fd/0x5b0
[   59.518570]  ? cpuusage_read+0x10/0x10
[   59.522426]  ? check_noncircular+0x20/0x20
[   59.526637]  ? hrtimer_forward+0x2d0/0x2d0
[   59.530839]  ? vring_use_dma_api+0x7f/0xa0
[   59.535041]  ? vring_unmap_one+0x49/0x3d0
[   59.539155]  ? detach_buf+0x463/0x6a0
[   59.542920]  ? print_usage_bug+0x480/0x480
[   59.547143]  ? virtqueue_get_buf_ctx+0x3b1/0x8b0
[   59.551865]  ? cleanup_timers_list+0x330/0x330
[   59.556417]  ? detach_buf+0x6a0/0x6a0
[   59.560191]  ? check_noncircular+0x20/0x20
[   59.564401]  virtnet_poll+0x50b/0xab0
[   59.568178]  ? receive_buf+0x5690/0x5690
[   59.572210]  ? mark_held_locks+0xaf/0x100
[   59.576323]  ? net_rx_action+0x49b/0x1910
[   59.580440]  net_rx_action+0x792/0x1910
[   59.584391]  ? do_raw_spin_trylock+0x190/0x190
[   59.588949]  ? napi_complete_done+0x6c0/0x6c0
[   59.593410]  ? trace_hardirqs_on_caller+0x19e/0x5c0
[   59.598391]  ? trace_hardirqs_on+0xd/0x10
[   59.602519]  ? __note_gp_changes+0x8d0/0x8d0
[   59.606898]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   59.612057]  ? __lock_is_held+0xb6/0x140
[   59.616111]  ? rcu_read_lock_sched_held+0x108/0x120
[   59.621098]  ? __raise_softirq_irqoff+0x21c/0x2c0
[   59.625907]  ? raise_softirq+0x490/0x490
[   59.629944]  ? print_usage_bug+0x480/0x480
[   59.634150]  ? note_gp_changes+0x650/0x650
[   59.638351]  ? timerqueue_add+0x1e9/0x280
[   59.642500]  ? trace_hardirqs_off+0xd/0x10
[   59.646702]  ? __napi_schedule+0x25e/0x370
[   59.650905]  ? netdev_info+0x170/0x170
[   59.654762]  ? check_noncircular+0x20/0x20
[   59.658964]  ? __lock_is_held+0xb6/0x140
[   59.662997]  ? check_noncircular+0x20/0x20
[   59.667197]  ? rcu_read_lock_sched_held+0x108/0x120
[   59.672186]  ? __handle_irq_event_percpu+0x308/0x9d0
[   59.677258]  ? __lock_is_held+0xb6/0x140
[   59.681306]  __do_softirq+0x2f5/0xba3
[   59.685077]  ? handle_edge_irq+0x2b4/0x7c0
[   59.689294]  ? __softirqentry_text_start+0x8/0x8
[   59.694017]  ? do_raw_spin_trylock+0x190/0x190
[   59.698564]  ? handle_irq_event_percpu+0x141/0x1b0
[   59.703456]  ? native_apic_msr_write+0x30/0x80
[   59.708001]  ? __handle_irq_event_percpu+0x9d0/0x9d0
[   59.713068]  ? lapic_next_event+0x5a/0x90
[   59.717187]  ? _raw_spin_lock+0x32/0x40
[   59.721133]  ? _raw_spin_unlock+0x22/0x30
[   59.725244]  ? handle_edge_irq+0x2b4/0x7c0
[   59.729453]  irq_exit+0x1cc/0x200
[   59.732871]  do_IRQ+0xf6/0x190
[   59.736036]  common_interrupt+0x93/0x93
[   59.739978] RIP: 0010:page_add_file_rmap+0x95/0xa90
[   59.744955] RSP: 0000:ffff8801c9e37330 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff1e
[   59.752629] RAX: ffffed00393c6e68 RBX: dffffc0000000000 RCX: 0000000000000000
[   59.759876] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffea00073d6f40
[   59.767123] RBP: ffff8801c9e37588 R08: 0000000000000001 R09: 1ffff100393c6e41
[   59.774356] R10: ffff8801c9e37140 R11: 0000000000000003 R12: 0000000000000000
[   59.781602] R13: 0000000000000000 R14: ffffea00073d6f40 R15: ffff8801c9e37560
[   59.788853]  </IRQ>
[   59.791076]  ? page_add_new_anon_rmap+0x750/0x750
[   59.795886]  ? check_noncircular+0x20/0x20
[   59.800085]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   59.805263]  ? lock_acquire+0x1d5/0x580
[   59.809201]  ? radix_tree_next_chunk+0x5e8/0xdf0
[   59.813926]  ? lock_acquire+0x1d5/0x580
[   59.817866]  ? alloc_set_pte+0x115b/0x18b0
[   59.822071]  ? lock_release+0xa40/0xa40
[   59.826013]  ? idr_preload+0x20/0x20
[   59.829690]  ? lock_downgrade+0x990/0x990
[   59.833814]  alloc_set_pte+0x89a/0x18b0
[   59.837759]  ? do_swap_page+0x2470/0x2470
[   59.841873]  ? unlock_page+0x19f/0x270
[   59.845731]  ? __lock_is_held+0xb6/0x140
[   59.849767]  filemap_map_pages+0x1080/0x15d0
[   59.854180]  ? find_get_entries_tag+0xeb0/0xeb0
[   59.858832]  ? save_stack+0xa3/0xd0
[   59.862428]  ? save_stack_trace+0x16/0x20
[   59.866540]  ? save_stack+0x43/0xd0
[   59.870130]  ? kasan_kmalloc+0xad/0xe0
[   59.873980]  ? kasan_slab_alloc+0x12/0x20
[   59.878109]  ? kmem_cache_alloc+0x127/0x750
[   59.882399]  ? mmap_region+0x7ee/0x15a0
[   59.886334]  ? do_mmap+0x69b/0xd40
[   59.889837]  ? vm_mmap_pgoff+0x1de/0x280
[   59.893868]  ? __lock_acquire+0x6ef/0x3dc0
[   59.898067]  ? __lock_acquire+0x6ef/0x3dc0
[   59.902271]  ? percpu_counter_add_batch+0xce/0x130
[   59.907181]  ? check_noncircular+0x20/0x20
[   59.911391]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   59.916548]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   59.921705]  ? perf_event_fork+0x30/0x30
[   59.925746]  ? __lock_is_held+0xb6/0x140
[   59.929776]  ? vma_wants_writenotify+0x51/0x3b0
[   59.934418]  ? check_noncircular+0x20/0x20
[   59.938618]  ? vma_wants_writenotify+0x3b0/0x3b0
[   59.943344]  ? vma_link+0xe9/0x170
[   59.946856]  ? mmap_region+0x52e/0x15a0
[   59.950809]  ? find_held_lock+0x35/0x1d0
[   59.954841]  ? check_noncircular+0x20/0x20
[   59.959039]  ? vm_mmap_pgoff+0x1ed/0x280
[   59.963073]  __handle_mm_fault+0x1e36/0x3860
[   59.967448]  ? check_noncircular+0x20/0x20
[   59.971652]  ? __pmd_alloc+0x4e0/0x4e0
[   59.975508]  ? userfaultfd_unmap_prep+0x540/0x540
[   59.980327]  ? find_held_lock+0x35/0x1d0
[   59.984362]  ? handle_mm_fault+0x23e/0x860
[   59.988571]  ? lock_downgrade+0x990/0x990
[   59.992709]  handle_mm_fault+0x3bb/0x860
[   59.996735]  ? down_read_trylock+0xdb/0x170
[   60.001024]  ? __handle_mm_fault+0x3860/0x3860
[   60.005570]  ? vmacache_find+0x61/0x270
[   60.009513]  ? find_vma+0x30/0x150
[   60.013021]  __do_page_fault+0x4f6/0xb60
[   60.017064]  do_page_fault+0x54/0x70
[   60.020748]  page_fault+0x28/0x30
[   60.024166] RIP: 0033:0x4ae990
[   60.027319] RSP: 002b:00007f33bf5e5dd0 EFLAGS: 00010287
[   60.032647] RAX: 0000000000000000 RBX: 00000000004ccdf0 RCX: 00000000004462b9
[   60.039880] RDX: 0000000000000003 RSI: 0000000000fff000 RDI: 0000000020000000
[   60.047117] RBP: 0000000000000000 R08: ffffffffffffffff R09: 0000000000000000
[   60.054351] R10: 0000000000000032 R11: 0000000000000212 R12: 0000000000000000
[   60.061585] R13: 00007ffd44ce312f R14: 00007f33bf5e69c0 R15: 0000000000000000
[   60.068841] 
[   60.070434] Allocated by task 8513:
[   60.074034]  save_stack_trace+0x16/0x20
[   60.077974]  save_stack+0x43/0xd0
[   60.081409]  kasan_kmalloc+0xad/0xe0
[   60.085088]  kmem_cache_alloc_trace+0x12f/0x740