[[0;32m  OK  [0m] Started Getty on tty2.
[[0;32m  OK  [0m] Started Getty on tty1.
[[0;32m  OK  [0m] Started Serial Getty on ttyS0.
[[0;32m  OK  [0m] Started getty on tty2-tty6 if dbus and logind are not available.
[[0;32m  OK  [0m] Started OpenBSD Secure Shell server.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.1.115' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
executing program
syzkaller login: [   73.721837][ T8497] ------------[ cut here ]------------
[   73.729385][ T8497] Trying to vfree() nonexistent vm area (ffffc90002bc9000)
[   73.736687][ T8497] WARNING: CPU: 0 PID: 8497 at mm/vmalloc.c:2567 __vunmap+0x150/0xb70
executing program
[   73.781772][ T8497] Modules linked in:
[   73.786008][ T8497] CPU: 1 PID: 8497 Comm: syz-executor174 Not tainted 5.14.0-rc4-syzkaller #0
[   73.795304][ T8497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   73.806591][ T8497] RIP: 0010:__vunmap+0x150/0xb70
[   73.813535][ T8497] Code: 85 78 ff ff ff e8 20 b0 c4 ff 48 c7 c7 c0 7c a9 8b e8 44 ed 7b 07 e8 0f b0 c4 ff 4c 89 e6 48 c7 c7 e0 bb 96 89 e8 c1 05 37 07 <0f> 0b 48 83 c4 38 5b 5d 41 5c 41 5d 41 5e 41 5f e9 eb af c4 ff e8
[   73.833595][ T8497] RSP: 0018:ffffc900023b72d8 EFLAGS: 00010286
[   73.840031][ T8497] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[   73.848342][ T8497] RDX: ffff888028c00000 RSI: ffffffff815d7935 RDI: fffff52000476e4d
[   73.856815][ T8497] RBP: dffffc0000000000 R08: 0000000000000000 R09: 0000000000000000
[   73.866584][ T8497] R10: ffffffff815d176e R11: 0000000000000000 R12: ffffc90002bc9000
[   73.875674][ T8497] R13: ffff8880253d20c0 R14: ffffc90002bc9000 R15: ffffe8ffffc338a8
[   73.884219][ T8497] FS:  00007fcdcc063700(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
[   73.893855][ T8497] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   73.901131][ T8497] CR2: 00007fcdcc084718 CR3: 00000000159f1000 CR4: 00000000001506f0
[   73.909622][ T8497] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   73.917660][ T8497] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   73.926263][ T8497] Call Trace:
[   73.929895][ T8497]  __vfree+0x3c/0xd0
[   73.933867][ T8497]  vfree+0x5a/0x90
[   73.937731][ T8497]  ipcomp_free_scratches+0xc4/0x160
[   73.943426][ T8497]  ipcomp_init_state+0x77c/0xa40
[   73.948419][ T8497]  ? lock_downgrade+0x6e0/0x6e0
[   73.953434][ T8497]  ipcomp6_init_state+0xc2/0x700
[   73.958439][ T8497]  __xfrm_init_state+0x995/0x15c0
[   73.963584][ T8497]  xfrm_add_sa+0x1ef1/0x35f0
[   73.968232][ T8497]  ? xfrm_send_acquire+0xbb0/0xbb0
[   73.973484][ T8497]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   73.979851][ T8497]  ? security_capable+0x8f/0xc0
[   73.984746][ T8497]  ? __nla_parse+0x3d/0x50
[   73.989278][ T8497]  ? xfrm_send_acquire+0xbb0/0xbb0
[   73.994459][ T8497]  xfrm_user_rcv_msg+0x42c/0x8b0
[   73.999595][ T8497]  ? xfrm_do_migrate+0x7f0/0x7f0
[   74.004599][ T8497]  ? mark_held_locks+0x9f/0xe0
[   74.009539][ T8497]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   74.015610][ T8497]  ? finish_task_switch.isra.0+0x232/0xa50
[   74.021590][ T8497]  ? rwlock_bug.part.0+0x90/0x90
[   74.026625][ T8497]  ? do_raw_spin_unlock+0x171/0x230
[   74.032215][ T8497]  netlink_rcv_skb+0x153/0x420
[   74.037141][ T8497]  ? xfrm_do_migrate+0x7f0/0x7f0
[   74.042416][ T8497]  ? netlink_ack+0xa60/0xa60
[   74.047132][ T8497]  ? _copy_from_iter+0x12b/0x1320
[   74.052355][ T8497]  xfrm_netlink_rcv+0x6b/0x90
[   74.057107][ T8497]  netlink_unicast+0x533/0x7d0
[   74.062053][ T8497]  ? netlink_attachskb+0x890/0x890
[   74.067256][ T8497]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   74.073648][ T8497]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   74.080117][ T8497]  ? __phys_addr_symbol+0x2c/0x70
[   74.085230][ T8497]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[   74.091083][ T8497]  ? __check_object_size+0x16e/0x3f0
[   74.096390][ T8497]  netlink_sendmsg+0x86d/0xdb0
[   74.101256][ T8497]  ? netlink_unicast+0x7d0/0x7d0
[   74.106329][ T8497]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   74.112742][ T8497]  ? netlink_unicast+0x7d0/0x7d0
[   74.117700][ T8497]  sock_sendmsg+0xcf/0x120
[   74.123250][ T8497]  ____sys_sendmsg+0x6e8/0x810
[   74.128037][ T8497]  ? kernel_sendmsg+0x50/0x50
[   74.133706][ T8497]  ? do_recvmmsg+0x6d0/0x6d0
[   74.138498][ T8497]  ? lock_chain_count+0x20/0x20
[   74.144376][ T8497]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   74.150904][ T8497]  ___sys_sendmsg+0xf3/0x170
[   74.155496][ T8497]  ? sendmsg_copy_msghdr+0x160/0x160
[   74.162271][ T8497]  ? __fget_files+0x21b/0x3e0
[   74.167067][ T8497]  ? lock_downgrade+0x6e0/0x6e0
[   74.173055][ T8497]  ? __fget_files+0x23d/0x3e0
[   74.177857][ T8497]  ? __fget_light+0xea/0x280
[   74.183459][ T8497]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   74.190329][ T8497]  __sys_sendmsg+0xe5/0x1b0
[   74.194858][ T8497]  ? __sys_sendmsg_sock+0x30/0x30
[   74.201053][ T8497]  ? syscall_enter_from_user_mode+0x21/0x70
[   74.207155][ T8497]  do_syscall_64+0x35/0xb0
[   74.212509][ T8497]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   74.218420][ T8497] RIP: 0033:0x445b99
[   74.223216][ T8497] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   74.243536][ T8497] RSP: 002b:00007fcdcc063318 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   74.252700][ T8497] RAX: ffffffffffffffda RBX: 00000000004ca428 RCX: 0000000000445b99
[   74.261336][ T8497] RDX: 0000000000000000 RSI: 0000000020000800 RDI: 0000000000000004
[   74.270289][ T8497] RBP: 00000000004ca420 R08: 0000000000000000 R09: 0000000000000000
[   74.278599][ T8497] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004ca42c
[   74.287857][ T8497] R13: 00007ffec83642cf R14: 00007fcdcc063400 R15: 0000000000022000
[   74.296593][ T8497] Kernel panic - not syncing: panic_on_warn set ...
[   74.303173][ T8497] CPU: 0 PID: 8497 Comm: syz-executor174 Not tainted 5.14.0-rc4-syzkaller #0
[   74.311935][ T8497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   74.321990][ T8497] Call Trace:
[   74.325285][ T8497]  dump_stack_lvl+0xcd/0x134
[   74.329876][ T8497]  panic+0x306/0x73d
[   74.333776][ T8497]  ? __warn_printk+0xf3/0xf3
[   74.338375][ T8497]  ? __warn.cold+0x1a/0x44
[   74.342779][ T8497]  ? __vunmap+0x150/0xb70
[   74.347200][ T8497]  __warn.cold+0x35/0x44
[   74.351437][ T8497]  ? wake_up_klogd.part.0+0x8e/0xd0
[   74.356650][ T8497]  ? __vunmap+0x150/0xb70
[   74.360972][ T8497]  report_bug+0x1bd/0x210
[   74.365329][ T8497]  handle_bug+0x3c/0x60
[   74.369490][ T8497]  exc_invalid_op+0x14/0x40
[   74.374014][ T8497]  asm_exc_invalid_op+0x12/0x20
[   74.378858][ T8497] RIP: 0010:__vunmap+0x150/0xb70
[   74.383786][ T8497] Code: 85 78 ff ff ff e8 20 b0 c4 ff 48 c7 c7 c0 7c a9 8b e8 44 ed 7b 07 e8 0f b0 c4 ff 4c 89 e6 48 c7 c7 e0 bb 96 89 e8 c1 05 37 07 <0f> 0b 48 83 c4 38 5b 5d 41 5c 41 5d 41 5e 41 5f e9 eb af c4 ff e8
[   74.403393][ T8497] RSP: 0018:ffffc900023b72d8 EFLAGS: 00010286
[   74.409472][ T8497] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[   74.417456][ T8497] RDX: ffff888028c00000 RSI: ffffffff815d7935 RDI: fffff52000476e4d
[   74.425430][ T8497] RBP: dffffc0000000000 R08: 0000000000000000 R09: 0000000000000000
[   74.433685][ T8497] R10: ffffffff815d176e R11: 0000000000000000 R12: ffffc90002bc9000
[   74.441663][ T8497] R13: ffff8880253d20c0 R14: ffffc90002bc9000 R15: ffffe8ffffc338a8
[   74.449638][ T8497]  ? wake_up_klogd.part.0+0x8e/0xd0
[   74.454845][ T8497]  ? vprintk+0x95/0x260
[   74.458993][ T8497]  ? __vunmap+0x150/0xb70
[   74.463316][ T8497]  __vfree+0x3c/0xd0
[   74.467202][ T8497]  vfree+0x5a/0x90
[   74.470929][ T8497]  ipcomp_free_scratches+0xc4/0x160
[   74.476231][ T8497]  ipcomp_init_state+0x77c/0xa40
[   74.481189][ T8497]  ? lock_downgrade+0x6e0/0x6e0
[   74.486034][ T8497]  ipcomp6_init_state+0xc2/0x700
[   74.491138][ T8497]  __xfrm_init_state+0x995/0x15c0
[   74.496165][ T8497]  xfrm_add_sa+0x1ef1/0x35f0
[   74.500857][ T8497]  ? xfrm_send_acquire+0xbb0/0xbb0
[   74.506040][ T8497]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   74.512272][ T8497]  ? security_capable+0x8f/0xc0
[   74.517113][ T8497]  ? __nla_parse+0x3d/0x50
[   74.521533][ T8497]  ? xfrm_send_acquire+0xbb0/0xbb0
[   74.526657][ T8497]  xfrm_user_rcv_msg+0x42c/0x8b0
[   74.531614][ T8497]  ? xfrm_do_migrate+0x7f0/0x7f0
[   74.536555][ T8497]  ? mark_held_locks+0x9f/0xe0
[   74.541324][ T8497]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   74.547295][ T8497]  ? finish_task_switch.isra.0+0x232/0xa50
[   74.553118][ T8497]  ? rwlock_bug.part.0+0x90/0x90
[   74.558062][ T8497]  ? do_raw_spin_unlock+0x171/0x230
[   74.563254][ T8497]  netlink_rcv_skb+0x153/0x420
[   74.568012][ T8497]  ? xfrm_do_migrate+0x7f0/0x7f0
[   74.572949][ T8497]  ? netlink_ack+0xa60/0xa60
[   74.577571][ T8497]  ? _copy_from_iter+0x12b/0x1320
[   74.582591][ T8497]  xfrm_netlink_rcv+0x6b/0x90
[   74.587268][ T8497]  netlink_unicast+0x533/0x7d0
[   74.592030][ T8497]  ? netlink_attachskb+0x890/0x890
[   74.597128][ T8497]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   74.603358][ T8497]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   74.609681][ T8497]  ? __phys_addr_symbol+0x2c/0x70
[   74.614710][ T8497]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[   74.620426][ T8497]  ? __check_object_size+0x16e/0x3f0
[   74.625704][ T8497]  netlink_sendmsg+0x86d/0xdb0
[   74.630476][ T8497]  ? netlink_unicast+0x7d0/0x7d0
[   74.635407][ T8497]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   74.641638][ T8497]  ? netlink_unicast+0x7d0/0x7d0
[   74.646578][ T8497]  sock_sendmsg+0xcf/0x120
[   74.650984][ T8497]  ____sys_sendmsg+0x6e8/0x810
[   74.655738][ T8497]  ? kernel_sendmsg+0x50/0x50
[   74.660405][ T8497]  ? do_recvmmsg+0x6d0/0x6d0
[   74.664989][ T8497]  ? lock_chain_count+0x20/0x20
[   74.669856][ T8497]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   74.675854][ T8497]  ___sys_sendmsg+0xf3/0x170
[   74.680434][ T8497]  ? sendmsg_copy_msghdr+0x160/0x160
[   74.685708][ T8497]  ? __fget_files+0x21b/0x3e0
[   74.690375][ T8497]  ? lock_downgrade+0x6e0/0x6e0
[   74.695222][ T8497]  ? __fget_files+0x23d/0x3e0
[   74.699914][ T8497]  ? __fget_light+0xea/0x280
[   74.704515][ T8497]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   74.710769][ T8497]  __sys_sendmsg+0xe5/0x1b0
[   74.715267][ T8497]  ? __sys_sendmsg_sock+0x30/0x30
[   74.720332][ T8497]  ? syscall_enter_from_user_mode+0x21/0x70
[   74.726221][ T8497]  do_syscall_64+0x35/0xb0
[   74.730627][ T8497]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   74.736509][ T8497] RIP: 0033:0x445b99
[   74.740397][ T8497] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   74.760022][ T8497] RSP: 002b:00007fcdcc063318 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   74.768430][ T8497] RAX: ffffffffffffffda RBX: 00000000004ca428 RCX: 0000000000445b99
[   74.776403][ T8497] RDX: 0000000000000000 RSI: 0000000020000800 RDI: 0000000000000004
[   74.784378][ T8497] RBP: 00000000004ca420 R08: 0000000000000000 R09: 0000000000000000
[   74.792336][ T8497] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004ca42c
[   74.800306][ T8497] R13: 00007ffec83642cf R14: 00007fcdcc063400 R15: 0000000000022000
[   74.808490][ T8497] Kernel Offset: disabled
[   74.812890][ T8497] Rebooting in 86400 seconds..