Warning: Permanently added '10.128.0.53' (ECDSA) to the list of known hosts.
syzkaller login: [  620.993556][   T26] kauditd_printk_skb: 3 callbacks suppressed
[  620.993568][   T26] audit: type=1400 audit(1564176500.516:36): avc:  denied  { map } for  pid=10451 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
2019/07/26 21:28:21 parsed 1 programs
[  621.944109][   T26] audit: type=1400 audit(1564176501.466:37): avc:  denied  { map } for  pid=10451 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=32 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1
2019/07/26 21:28:22 executed programs: 0
[  623.466801][T10466] IPVS: ftp: loaded support on port[0] = 21
[  623.516552][T10466] chnl_net:caif_netlink_parms(): no params data found
[  623.542197][T10466] bridge0: port 1(bridge_slave_0) entered blocking state
[  623.549448][T10466] bridge0: port 1(bridge_slave_0) entered disabled state
[  623.557013][T10466] device bridge_slave_0 entered promiscuous mode
[  623.564386][T10466] bridge0: port 2(bridge_slave_1) entered blocking state
[  623.571583][T10466] bridge0: port 2(bridge_slave_1) entered disabled state
[  623.579166][T10466] device bridge_slave_1 entered promiscuous mode
[  623.593119][T10466] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  623.603747][T10466] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  623.620327][T10466] team0: Port device team_slave_0 added
[  623.626875][T10466] team0: Port device team_slave_1 added
[  623.700115][T10466] device hsr_slave_0 entered promiscuous mode
[  623.748609][T10466] device hsr_slave_1 entered promiscuous mode
[  623.814155][T10466] bridge0: port 2(bridge_slave_1) entered blocking state
[  623.821274][T10466] bridge0: port 2(bridge_slave_1) entered forwarding state
[  623.828631][T10466] bridge0: port 1(bridge_slave_0) entered blocking state
[  623.835668][T10466] bridge0: port 1(bridge_slave_0) entered forwarding state
[  623.861787][T10466] 8021q: adding VLAN 0 to HW filter on device bond0
[  623.872956][T10468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  623.891748][T10468] bridge0: port 1(bridge_slave_0) entered disabled state
[  623.899574][T10468] bridge0: port 2(bridge_slave_1) entered disabled state
[  623.907186][T10468] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  623.918390][T10466] 8021q: adding VLAN 0 to HW filter on device team0
[  623.929194][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  623.937565][    T5] bridge0: port 1(bridge_slave_0) entered blocking state
[  623.944674][    T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[  623.952262][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  623.961319][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[  623.968565][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[  623.982445][T10470] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  623.991191][T10470] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  624.000857][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  624.013966][T10466] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  624.024663][T10466] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  624.036710][T10470] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  624.045568][T10470] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  624.053849][T10470] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  624.067927][T10466] 8021q: adding VLAN 0 to HW filter on device batadv0
[  624.100026][   T26] audit: type=1400 audit(1564176503.626:38): avc:  denied  { associate } for  pid=10466 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1
2019/07/26 21:28:28 executed programs: 19
[  631.718579][    C0] ------------[ cut here ]------------
[  631.724371][    C0] refcount_t: increment on 0; use-after-free.
[  631.730878][    C0] WARNING: CPU: 0 PID: 0 at lib/refcount.c:156 refcount_inc_checked+0x61/0x70
[  631.739745][    C0] Kernel panic - not syncing: panic_on_warn set ...
[  631.746384][    C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.3.0-rc1+ #77
[  631.753604][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  631.763647][    C0] Call Trace:
[  631.766930][    C0]  <IRQ>
[  631.769795][    C0]  dump_stack+0x172/0x1f0
[  631.774123][    C0]  ? refcount_inc_not_zero_checked+0x1b0/0x200
[  631.780400][    C0]  panic+0x2dc/0x755
[  631.784290][    C0]  ? add_taint.cold+0x16/0x16
[  631.788959][    C0]  ? __kasan_check_write+0x14/0x20
[  631.794064][    C0]  ? __warn.cold+0x5/0x4c
[  631.798402][    C0]  ? __warn+0xe7/0x1e0
[  631.802466][    C0]  ? refcount_inc_checked+0x61/0x70
[  631.807647][    C0]  __warn.cold+0x20/0x4c
[  631.811882][    C0]  ? vprintk_emit+0x1ea/0x700
[  631.816552][    C0]  ? refcount_inc_checked+0x61/0x70
[  631.821773][    C0]  report_bug+0x263/0x2b0
[  631.826136][    C0]  do_error_trap+0x11b/0x200
[  631.830780][    C0]  do_invalid_op+0x37/0x50
[  631.835189][    C0]  ? refcount_inc_checked+0x61/0x70
[  631.840370][    C0]  invalid_op+0x23/0x30
[  631.844767][    C0] RIP: 0010:refcount_inc_checked+0x61/0x70
[  631.850555][    C0] Code: 1d 18 8e 64 06 31 ff 89 de e8 db aa 35 fe 84 db 75 dd e8 92 a9 35 fe 48 c7 c7 00 03 c6 87 c6 05 f8 8d 64 06 01 e8 77 0c 07 fe <0f> 0b eb c1 90 90 90 90 90 90 90 90 90 90 90 55 48 89 e5 41 57 41
[  631.870142][    C0] RSP: 0018:ffff8880ae809bf0 EFLAGS: 00010282
[  631.876195][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  631.884158][    C0] RDX: 0000000000000100 RSI: ffffffff815c5bd6 RDI: ffffed1015d01370
[  631.892158][    C0] RBP: ffff8880ae809c00 R08: ffffffff88c7a1c0 R09: fffffbfff11b4285
[  631.900115][    C0] R10: fffffbfff11b4284 R11: ffffffff88da1423 R12: ffff88809ab9aac0
[  631.908085][    C0] R13: ffff88809ab9aaa8 R14: ffff88809ab9a248 R15: ffff88809ab9a220
[  631.916054][    C0]  ? vprintk_func+0x86/0x189
[  631.920636][    C0]  nr_insert_socket+0x2d/0xe0
[  631.925319][    C0]  nr_rx_frame+0x1605/0x1e73
[  631.929934][    C0]  nr_loopback_timer+0x7b/0x170
[  631.934792][    C0]  call_timer_fn+0x1ac/0x780
[  631.939373][    C0]  ? nr_process_rx_frame+0x1540/0x1540
[  631.944811][    C0]  ? msleep_interruptible+0x150/0x150
[  631.950173][    C0]  ? trace_hardirqs_on+0x67/0x240
[  631.955198][    C0]  ? __kasan_check_read+0x11/0x20
[  631.960209][    C0]  ? nr_process_rx_frame+0x1540/0x1540
[  631.965685][    C0]  ? nr_process_rx_frame+0x1540/0x1540
[  631.971143][    C0]  run_timer_softirq+0x697/0x17a0
[  631.976152][    C0]  ? add_timer+0x930/0x930
[  631.980548][    C0]  ? kvm_clock_read+0x18/0x30
[  631.985235][    C0]  ? kvm_sched_clock_read+0x9/0x20
[  631.990445][    C0]  ? sched_clock+0x2e/0x50
[  631.994850][    C0]  ? sched_clock_cpu+0x1b/0x1b0
[  631.999689][    C0]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  632.005916][    C0]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  632.012157][    C0]  __do_softirq+0x262/0x98c
[  632.016643][    C0]  ? sched_clock_cpu+0x1b/0x1b0
[  632.021475][    C0]  irq_exit+0x19b/0x1e0
[  632.025625][    C0]  smp_apic_timer_interrupt+0x1a3/0x610
[  632.031218][    C0]  apic_timer_interrupt+0xf/0x20
[  632.036140][    C0]  </IRQ>
[  632.039062][    C0] RIP: 0010:native_safe_halt+0xe/0x10
[  632.044432][    C0] Code: 48 e9 6e fa eb 8a 90 90 90 90 90 90 e9 07 00 00 00 0f 00 2d d4 50 4a 00 f4 c3 66 90 e9 07 00 00 00 0f 00 2d c4 50 4a 00 fb f4 <c3> 90 55 48 89 e5 41 57 41 56 41 55 41 54 53 e8 5e a1 22 fa e8 a9
[  632.064015][    C0] RSP: 0018:ffffffff88c07ce8 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13
[  632.072409][    C0] RAX: 1ffffffff11a5e35 RBX: ffffffff88c7a1c0 RCX: 1ffffffff134b2b6
[  632.080366][    C0] RDX: dffffc0000000000 RSI: ffffffff8178256e RDI: ffffffff873dcbfc
[  632.088344][    C0] RBP: ffffffff88c07d18 R08: ffffffff88c7a1c0 R09: fffffbfff118f439
[  632.096307][    C0] R10: fffffbfff118f438 R11: ffffffff88c7a1c7 R12: dffffc0000000000
[  632.104293][    C0] R13: ffffffff89a563b8 R14: 0000000000000000 R15: 0000000000000000
[  632.112275][    C0]  ? trace_hardirqs_on+0x5e/0x240
[  632.117288][    C0]  ? default_idle+0x1c/0x360
[  632.121875][    C0]  ? default_idle+0x4e/0x360
[  632.126452][    C0]  arch_cpu_idle+0xa/0x10
[  632.130776][    C0]  default_idle_call+0x84/0xb0
[  632.135536][    C0]  do_idle+0x413/0x760
[  632.139590][    C0]  ? arch_cpu_idle_exit+0x80/0x80
[  632.144615][    C0]  ? trace_hardirqs_on+0x67/0x240
[  632.149623][    C0]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  632.155847][    C0]  ? debug_smp_processor_id+0x3c/0x214
[  632.161307][    C0]  cpu_startup_entry+0x1b/0x20
[  632.166054][    C0]  rest_init+0x245/0x37b
[  632.170274][    C0]  arch_call_rest_init+0xe/0x1b
[  632.175118][    C0]  start_kernel+0x912/0x951
[  632.179602][    C0]  ? mem_encrypt_init+0xb/0xb
[  632.184273][    C0]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  632.190509][    C0]  ? x86_family+0x41/0x50
[  632.194824][    C0]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  632.201049][    C0]  x86_64_start_reservations+0x29/0x2b
[  632.206508][    C0]  x86_64_start_kernel+0x77/0x7b
[  632.211442][    C0]  secondary_startup_64+0xa4/0xb0
[  632.217630][    C0] Kernel Offset: disabled
[  632.222041][    C0] Rebooting in 86400 seconds..