[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   63.441953][   T26] audit: type=1800 audit(1558245141.346:25): pid=8861 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   63.482369][   T26] audit: type=1800 audit(1558245141.346:26): pid=8861 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   63.523223][   T26] audit: type=1800 audit(1558245141.346:27): pid=8861 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.1.40' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   74.132238][ T9013] ==================================================================
[   74.140369][ T9013] BUG: KASAN: slab-out-of-bounds in __lock_acquire+0x3ba2/0x5490
[   74.148092][ T9013] Read of size 8 at addr ffff88809c306440 by task syz-executor084/9013
[   74.156307][ T9013] 
[   74.158624][ T9013] CPU: 1 PID: 9013 Comm: syz-executor084 Not tainted 5.1.0-next-20190517 #17
[   74.167361][ T9013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   74.177399][ T9013] Call Trace:
[   74.180677][ T9013]  dump_stack+0x172/0x1f0
[   74.185001][ T9013]  ? __lock_acquire+0x3ba2/0x5490
[   74.190009][ T9013]  print_address_description.cold+0x7c/0x20d
[   74.195999][ T9013]  ? __lock_acquire+0x3ba2/0x5490
[   74.201019][ T9013]  ? __lock_acquire+0x3ba2/0x5490
[   74.206036][ T9013]  __kasan_report.cold+0x1b/0x40
[   74.210968][ T9013]  ? __lock_acquire+0x3ba2/0x5490
[   74.215985][ T9013]  kasan_report+0x12/0x20
[   74.220303][ T9013]  __asan_report_load8_noabort+0x14/0x20
[   74.225924][ T9013]  __lock_acquire+0x3ba2/0x5490
[   74.230758][ T9013]  ? sock_diag_rcv+0x2b/0x40
[   74.235336][ T9013]  ? netlink_unicast+0x531/0x710
[   74.240258][ T9013]  ? netlink_sendmsg+0x8a5/0xd60
[   74.245184][ T9013]  ? sock_sendmsg+0xd7/0x130
[   74.249757][ T9013]  ? ___sys_sendmsg+0x803/0x920
[   74.254593][ T9013]  ? __sys_sendmsg+0x105/0x1d0
[   74.259360][ T9013]  ? __x64_sys_sendmsg+0x78/0xb0
[   74.264286][ T9013]  ? do_syscall_64+0xfd/0x680
[   74.268954][ T9013]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   74.275009][ T9013]  ? mark_held_locks+0xf0/0xf0
[   74.279759][ T9013]  ? mark_held_locks+0xf0/0xf0
[   74.284509][ T9013]  ? fs_reclaim_acquire.part.0+0x30/0x30
[   74.290123][ T9013]  ? find_held_lock+0x35/0x130
[   74.294874][ T9013]  ? fs_reclaim_acquire.part.0+0x30/0x30
[   74.300499][ T9013]  lock_acquire+0x16f/0x3f0
[   74.304996][ T9013]  ? rhashtable_walk_enter+0xf9/0x390
[   74.310359][ T9013]  _raw_spin_lock+0x2f/0x40
[   74.314851][ T9013]  ? rhashtable_walk_enter+0xf9/0x390
[   74.320227][ T9013]  rhashtable_walk_enter+0xf9/0x390
[   74.325417][ T9013]  __tipc_dump_start+0x1fa/0x3c0
[   74.330339][ T9013]  tipc_dump_start+0x70/0x90
[   74.334915][ T9013]  __netlink_dump_start+0x4f8/0x7d0
[   74.340106][ T9013]  ? __tipc_dump_start+0x3c0/0x3c0
[   74.345207][ T9013]  tipc_sock_diag_handler_dump+0x1d9/0x270
[   74.351090][ T9013]  ? __tipc_diag_gen_cookie+0x90/0x90
[   74.356446][ T9013]  ? sock_diag_rcv+0x1c/0x40
[   74.361015][ T9013]  ? __tipc_dump_start+0x3c0/0x3c0
[   74.366107][ T9013]  ? tipc_unregister_sysctl+0x20/0x20
[   74.371459][ T9013]  ? tipc_ioctl+0x2e0/0x2e0
[   74.375945][ T9013]  sock_diag_rcv_msg+0x319/0x410
[   74.380863][ T9013]  netlink_rcv_skb+0x177/0x450
[   74.385610][ T9013]  ? sock_diag_bind+0x80/0x80
[   74.390270][ T9013]  ? netlink_ack+0xb50/0xb50
[   74.394844][ T9013]  ? kasan_check_read+0x11/0x20
[   74.399687][ T9013]  ? netlink_deliver_tap+0x254/0xbf0
[   74.404963][ T9013]  sock_diag_rcv+0x2b/0x40
[   74.409367][ T9013]  netlink_unicast+0x531/0x710
[   74.414123][ T9013]  ? netlink_attachskb+0x770/0x770
[   74.419220][ T9013]  ? _copy_from_iter_full+0x25d/0x8c0
[   74.424591][ T9013]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[   74.430294][ T9013]  ? __check_object_size+0x3d/0x42f
[   74.435475][ T9013]  netlink_sendmsg+0x8a5/0xd60
[   74.440222][ T9013]  ? netlink_unicast+0x710/0x710
[   74.445143][ T9013]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[   74.450665][ T9013]  ? apparmor_socket_sendmsg+0x2a/0x30
[   74.456104][ T9013]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   74.462342][ T9013]  ? security_socket_sendmsg+0x8d/0xc0
[   74.467788][ T9013]  ? netlink_unicast+0x710/0x710
[   74.472705][ T9013]  sock_sendmsg+0xd7/0x130
[   74.477119][ T9013]  ___sys_sendmsg+0x803/0x920
[   74.481782][ T9013]  ? copy_msghdr_from_user+0x430/0x430
[   74.487235][ T9013]  ? prep_transhuge_page+0xa0/0xa0
[   74.492342][ T9013]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   74.498569][ T9013]  ? __handle_mm_fault+0x7cb/0x3eb0
[   74.503773][ T9013]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   74.509997][ T9013]  ? __fget_light+0x1a9/0x230
[   74.514657][ T9013]  ? __fdget+0x1b/0x20
[   74.518708][ T9013]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   74.524937][ T9013]  __sys_sendmsg+0x105/0x1d0
[   74.529602][ T9013]  ? __ia32_sys_shutdown+0x80/0x80
[   74.534703][ T9013]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   74.540149][ T9013]  ? do_syscall_64+0x26/0x680
[   74.544820][ T9013]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   74.550893][ T9013]  ? do_syscall_64+0x26/0x680
[   74.555568][ T9013]  __x64_sys_sendmsg+0x78/0xb0
[   74.560320][ T9013]  do_syscall_64+0xfd/0x680
[   74.564811][ T9013]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   74.570685][ T9013] RIP: 0033:0x4401f9
[   74.574591][ T9013] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   74.594180][ T9013] RSP: 002b:00007ffdf8a96448 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   74.602579][ T9013] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004401f9
[   74.610539][ T9013] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[   74.618510][ T9013] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8
[   74.626495][ T9013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401a80
[   74.634451][ T9013] R13: 0000000000401b10 R14: 0000000000000000 R15: 0000000000000000
[   74.642417][ T9013] 
[   74.644726][ T9013] Allocated by task 1:
[   74.648773][ T9013]  save_stack+0x23/0x90
[   74.652926][ T9013]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[   74.658534][ T9013]  kasan_slab_alloc+0xf/0x20
[   74.663104][ T9013]  kmem_cache_alloc+0x11a/0x6f0
[   74.667941][ T9013]  __kernfs_new_node+0xf0/0x6c0
[   74.672799][ T9013]  kernfs_new_node+0x96/0x120
[   74.677507][ T9013]  __kernfs_create_file+0x51/0x340
[   74.682607][ T9013]  sysfs_add_file_mode_ns+0x222/0x560
[   74.687989][ T9013]  sysfs_create_file_ns+0x13d/0x1d0
[   74.693180][ T9013]  driver_create_file+0x45/0x70
[   74.698022][ T9013]  bus_add_driver+0x449/0x5c0
[   74.702683][ T9013]  driver_register+0x1c9/0x330
[   74.707426][ T9013]  usb_register_driver+0x1f9/0x410
[   74.712513][ T9013]  uvc_init+0x25/0x62
[   74.716475][ T9013]  do_one_initcall+0x107/0x7ba
[   74.721218][ T9013]  kernel_init_freeable+0x4d4/0x5c3
[   74.726396][ T9013]  kernel_init+0x12/0x1c5
[   74.730708][ T9013]  ret_from_fork+0x24/0x30
[   74.735100][ T9013] 
[   74.737404][ T9013] Freed by task 0:
[   74.741094][ T9013] (stack is not available)
[   74.745481][ T9013] 
[   74.747788][ T9013] The buggy address belongs to the object at ffff88809c306380
[   74.747788][ T9013]  which belongs to the cache kernfs_node_cache of size 160
[   74.762344][ T9013] The buggy address is located 32 bytes to the right of
[   74.762344][ T9013]  160-byte region [ffff88809c306380, ffff88809c306420)
[   74.776032][ T9013] The buggy address belongs to the page:
[   74.781672][ T9013] page:ffffea000270c180 refcount:1 mapcount:0 mapping:ffff88821bc48500 index:0xffff88809c306fee
[   74.792066][ T9013] flags: 0x1fffc0000000200(slab)
[   74.796985][ T9013] raw: 01fffc0000000200 ffffea000270c0c8 ffffea000270c208 ffff88821bc48500
[   74.805572][ T9013] raw: ffff88809c306fee ffff88809c306000 0000000100000012 0000000000000000
[   74.814165][ T9013] page dumped because: kasan: bad access detected
[   74.820562][ T9013] 
[   74.822873][ T9013] Memory state around the buggy address:
[   74.828483][ T9013]  ffff88809c306300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   74.836529][ T9013]  ffff88809c306380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   74.844579][ T9013] >ffff88809c306400: 00 00 00 00 fc fc fc fc fc fc fc fc 00 00 00 00
[   74.852620][ T9013]                                            ^
[   74.858752][ T9013]  ffff88809c306480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   74.866800][ T9013]  ffff88809c306500: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   74.874856][ T9013] ==================================================================
[   74.882929][ T9013] Disabling lock debugging due to kernel taint
[   74.889068][ T9013] Kernel panic - not syncing: panic_on_warn set ...
[   74.895661][ T9013] CPU: 1 PID: 9013 Comm: syz-executor084 Tainted: G    B             5.1.0-next-20190517 #17
[   74.905788][ T9013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   74.915828][ T9013] Call Trace:
[   74.919120][ T9013]  dump_stack+0x172/0x1f0
[   74.923441][ T9013]  panic+0x2cb/0x744
[   74.927320][ T9013]  ? __warn_printk+0xf3/0xf3
[   74.933073][ T9013]  ? lock_downgrade+0x880/0x880
[   74.937931][ T9013]  ? __lock_acquire+0x3ba2/0x5490
[   74.942946][ T9013]  ? trace_hardirqs_off+0x62/0x220
[   74.948052][ T9013]  ? trace_hardirqs_off+0x59/0x220
[   74.953275][ T9013]  ? __lock_acquire+0x3ba2/0x5490
[   74.958288][ T9013]  end_report+0x47/0x4f
[   74.962428][ T9013]  ? __lock_acquire+0x3ba2/0x5490
[   74.967451][ T9013]  __kasan_report.cold+0xe/0x40
[   74.972287][ T9013]  ? __lock_acquire+0x3ba2/0x5490
[   74.977289][ T9013]  kasan_report+0x12/0x20
[   74.981599][ T9013]  __asan_report_load8_noabort+0x14/0x20
[   74.987208][ T9013]  __lock_acquire+0x3ba2/0x5490
[   74.992048][ T9013]  ? sock_diag_rcv+0x2b/0x40
[   74.996662][ T9013]  ? netlink_unicast+0x531/0x710
[   75.001580][ T9013]  ? netlink_sendmsg+0x8a5/0xd60
[   75.006496][ T9013]  ? sock_sendmsg+0xd7/0x130
[   75.011065][ T9013]  ? ___sys_sendmsg+0x803/0x920
[   75.015900][ T9013]  ? __sys_sendmsg+0x105/0x1d0
[   75.020641][ T9013]  ? __x64_sys_sendmsg+0x78/0xb0
[   75.025559][ T9013]  ? do_syscall_64+0xfd/0x680
[   75.030214][ T9013]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   75.036261][ T9013]  ? mark_held_locks+0xf0/0xf0
[   75.041094][ T9013]  ? mark_held_locks+0xf0/0xf0
[   75.045840][ T9013]  ? fs_reclaim_acquire.part.0+0x30/0x30
[   75.051444][ T9013]  ? find_held_lock+0x35/0x130
[   75.056181][ T9013]  ? fs_reclaim_acquire.part.0+0x30/0x30
[   75.061796][ T9013]  lock_acquire+0x16f/0x3f0
[   75.066279][ T9013]  ? rhashtable_walk_enter+0xf9/0x390
[   75.071628][ T9013]  _raw_spin_lock+0x2f/0x40
[   75.076218][ T9013]  ? rhashtable_walk_enter+0xf9/0x390
[   75.081571][ T9013]  rhashtable_walk_enter+0xf9/0x390
[   75.086748][ T9013]  __tipc_dump_start+0x1fa/0x3c0
[   75.091678][ T9013]  tipc_dump_start+0x70/0x90
[   75.096317][ T9013]  __netlink_dump_start+0x4f8/0x7d0
[   75.101504][ T9013]  ? __tipc_dump_start+0x3c0/0x3c0
[   75.106602][ T9013]  tipc_sock_diag_handler_dump+0x1d9/0x270
[   75.112393][ T9013]  ? __tipc_diag_gen_cookie+0x90/0x90
[   75.117746][ T9013]  ? sock_diag_rcv+0x1c/0x40
[   75.122317][ T9013]  ? __tipc_dump_start+0x3c0/0x3c0
[   75.127403][ T9013]  ? tipc_unregister_sysctl+0x20/0x20
[   75.132804][ T9013]  ? tipc_ioctl+0x2e0/0x2e0
[   75.137295][ T9013]  sock_diag_rcv_msg+0x319/0x410
[   75.142213][ T9013]  netlink_rcv_skb+0x177/0x450
[   75.146949][ T9013]  ? sock_diag_bind+0x80/0x80
[   75.151599][ T9013]  ? netlink_ack+0xb50/0xb50
[   75.156165][ T9013]  ? kasan_check_read+0x11/0x20
[   75.160991][ T9013]  ? netlink_deliver_tap+0x254/0xbf0
[   75.166256][ T9013]  sock_diag_rcv+0x2b/0x40
[   75.170762][ T9013]  netlink_unicast+0x531/0x710
[   75.175504][ T9013]  ? netlink_attachskb+0x770/0x770
[   75.180598][ T9013]  ? _copy_from_iter_full+0x25d/0x8c0
[   75.185948][ T9013]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[   75.191654][ T9013]  ? __check_object_size+0x3d/0x42f
[   75.196834][ T9013]  netlink_sendmsg+0x8a5/0xd60
[   75.201578][ T9013]  ? netlink_unicast+0x710/0x710
[   75.206495][ T9013]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[   75.212030][ T9013]  ? apparmor_socket_sendmsg+0x2a/0x30
[   75.217481][ T9013]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   75.223758][ T9013]  ? security_socket_sendmsg+0x8d/0xc0
[   75.229204][ T9013]  ? netlink_unicast+0x710/0x710
[   75.234119][ T9013]  sock_sendmsg+0xd7/0x130
[   75.238523][ T9013]  ___sys_sendmsg+0x803/0x920
[   75.243182][ T9013]  ? copy_msghdr_from_user+0x430/0x430
[   75.248627][ T9013]  ? prep_transhuge_page+0xa0/0xa0
[   75.253722][ T9013]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   75.259944][ T9013]  ? __handle_mm_fault+0x7cb/0x3eb0
[   75.265123][ T9013]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   75.271347][ T9013]  ? __fget_light+0x1a9/0x230
[   75.276000][ T9013]  ? __fdget+0x1b/0x20
[   75.280048][ T9013]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   75.286265][ T9013]  __sys_sendmsg+0x105/0x1d0
[   75.290849][ T9013]  ? __ia32_sys_shutdown+0x80/0x80
[   75.295951][ T9013]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   75.301505][ T9013]  ? do_syscall_64+0x26/0x680
[   75.306166][ T9013]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   75.312210][ T9013]  ? do_syscall_64+0x26/0x680
[   75.316865][ T9013]  __x64_sys_sendmsg+0x78/0xb0
[   75.321609][ T9013]  do_syscall_64+0xfd/0x680
[   75.326090][ T9013]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   75.331960][ T9013] RIP: 0033:0x4401f9
[   75.335833][ T9013] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   75.355434][ T9013] RSP: 002b:00007ffdf8a96448 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   75.363897][ T9013] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004401f9
[   75.371852][ T9013] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[   75.379803][ T9013] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8
[   75.387848][ T9013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401a80
[   75.395815][ T9013] R13: 0000000000401b10 R14: 0000000000000000 R15: 0000000000000000
[   75.404738][ T9013] Kernel Offset: disabled
[   75.409064][ T9013] Rebooting in 86400 seconds..