[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   38.708530] audit: type=1800 audit(1545691684.477:25): pid=7785 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   38.741381] audit: type=1800 audit(1545691684.477:26): pid=7785 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   38.771449] audit: type=1800 audit(1545691684.477:27): pid=7785 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   44.305597] sshd (7922) used greatest stack depth: 15736 bytes left
Warning: Permanently added '10.128.0.15' (ECDSA) to the list of known hosts.
2018/12/24 22:50:21 parsed 1 programs
2018/12/24 22:50:23 executed programs: 0
[  177.553238] IPVS: ftp: loaded support on port[0] = 21
[  177.554527] IPVS: ftp: loaded support on port[0] = 21
[  177.571283] IPVS: ftp: loaded support on port[0] = 21
[  177.580456] IPVS: ftp: loaded support on port[0] = 21
[  177.641591] IPVS: ftp: loaded support on port[0] = 21
[  177.666530] IPVS: ftp: loaded support on port[0] = 21
[  178.413067] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.428538] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.436716] device bridge_slave_0 entered promiscuous mode
[  178.446328] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.452701] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.460794] device bridge_slave_0 entered promiscuous mode
[  178.509848] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.525548] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.533052] device bridge_slave_1 entered promiscuous mode
[  178.579641] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.588345] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.596005] device bridge_slave_1 entered promiscuous mode
[  178.620063] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  178.648216] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.654583] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.666051] device bridge_slave_0 entered promiscuous mode
[  178.674991] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  178.686593] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.692966] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.709646] device bridge_slave_0 entered promiscuous mode
[  178.729576] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  178.744928] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.753185] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.760983] device bridge_slave_0 entered promiscuous mode
[  178.784098] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.790796] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.798495] device bridge_slave_1 entered promiscuous mode
[  178.804867] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.815045] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.822863] device bridge_slave_1 entered promiscuous mode
[  178.831536] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  178.842243] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.849457] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.857279] device bridge_slave_0 entered promiscuous mode
[  178.866082] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  178.873092] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.882312] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.891642] device bridge_slave_1 entered promiscuous mode
[  178.928285] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  178.940914] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  178.952372] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  178.971348] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.988239] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.995949] device bridge_slave_1 entered promiscuous mode
[  179.003156] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  179.013187] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  179.044635] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  179.071683] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  179.087451] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  179.134559] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  179.170371] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  179.181603] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  179.196958] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  179.207435] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  179.235822] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  179.281498] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  179.293519] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  179.304790] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  179.338589] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  179.352112] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  179.367146] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  179.397436] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  179.414296] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  179.422044] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  179.432992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  179.456076] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  179.467455] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  179.482044] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  179.514670] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  179.557843] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  179.567676] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  179.580407] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  179.589617] team0: Port device team_slave_0 added
[  179.613923] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  179.630355] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  179.640147] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  179.689194] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  179.704193] team0: Port device team_slave_1 added
[  179.719775] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  179.728139] team0: Port device team_slave_0 added
[  179.765919] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  179.817639] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  179.832578] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  179.857328] team0: Port device team_slave_0 added
[  179.864374] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  179.872847] team0: Port device team_slave_1 added
[  179.892947] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  179.918469] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  179.934315] team0: Port device team_slave_0 added
[  179.941144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  179.949794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  179.968138] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  179.992132] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  180.010006] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  180.020594] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  180.029328] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  180.037215] team0: Port device team_slave_1 added
[  180.046967] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  180.054436] team0: Port device team_slave_1 added
[  180.064129] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  180.086175] team0: Port device team_slave_0 added
[  180.093865] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  180.103004] team0: Port device team_slave_0 added
[  180.110655] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  180.126141] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  180.138495] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  180.147133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  180.168311] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  180.189069] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  180.198814] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  180.206343] team0: Port device team_slave_1 added
[  180.214534] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  180.227013] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  180.234434] team0: Port device team_slave_1 added
[  180.245178] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  180.261878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  180.280667] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  180.290053] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  180.301521] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  180.309315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  180.319684] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  180.333418] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  180.342182] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  180.350050] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  180.357931] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  180.365723] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  180.380534] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  180.400898] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  180.414510] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  180.426299] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  180.433872] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  180.445717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  180.453503] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  180.461383] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  180.473105] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  180.482804] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  180.504305] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  180.519283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  180.531533] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  180.546059] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  180.553949] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  180.562085] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  180.570059] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  180.582484] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  180.598386] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  180.607276] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  180.623698] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  180.632968] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  180.650286] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  180.671657] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  180.697389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  180.705074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  180.721743] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  180.738530] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  180.751741] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  180.765802] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  180.774594] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  180.782827] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  181.148862] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.155424] bridge0: port 2(bridge_slave_1) entered forwarding state
[  181.162434] bridge0: port 1(bridge_slave_0) entered blocking state
[  181.168844] bridge0: port 1(bridge_slave_0) entered forwarding state
[  181.177424] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  181.251898] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.258311] bridge0: port 2(bridge_slave_1) entered forwarding state
[  181.265002] bridge0: port 1(bridge_slave_0) entered blocking state
[  181.271427] bridge0: port 1(bridge_slave_0) entered forwarding state
[  181.280803] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  181.371443] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.377855] bridge0: port 2(bridge_slave_1) entered forwarding state
[  181.384516] bridge0: port 1(bridge_slave_0) entered blocking state
[  181.390982] bridge0: port 1(bridge_slave_0) entered forwarding state
[  181.400005] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  181.505318] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.511737] bridge0: port 2(bridge_slave_1) entered forwarding state
[  181.518628] bridge0: port 1(bridge_slave_0) entered blocking state
[  181.525003] bridge0: port 1(bridge_slave_0) entered forwarding state
[  181.549620] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  181.564318] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.570787] bridge0: port 2(bridge_slave_1) entered forwarding state
[  181.577522] bridge0: port 1(bridge_slave_0) entered blocking state
[  181.583907] bridge0: port 1(bridge_slave_0) entered forwarding state
[  181.593279] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  181.690852] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.697284] bridge0: port 2(bridge_slave_1) entered forwarding state
[  181.703937] bridge0: port 1(bridge_slave_0) entered blocking state
[  181.710435] bridge0: port 1(bridge_slave_0) entered forwarding state
[  181.720796] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  182.178462] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  182.194023] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  182.202231] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  182.210785] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  182.218441] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  182.226022] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  184.046634] 8021q: adding VLAN 0 to HW filter on device bond0
[  184.060035] 8021q: adding VLAN 0 to HW filter on device bond0
[  184.323301] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  184.334491] 8021q: adding VLAN 0 to HW filter on device bond0
[  184.351326] 8021q: adding VLAN 0 to HW filter on device bond0
[  184.363998] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  184.380099] 8021q: adding VLAN 0 to HW filter on device bond0
[  184.549673] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  184.556641] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  184.564135] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  184.621191] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  184.644069] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  184.656993] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  184.665279] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  184.698773] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  184.710823] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  184.743883] 8021q: adding VLAN 0 to HW filter on device bond0
[  184.864458] 8021q: adding VLAN 0 to HW filter on device team0
[  184.884692] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  184.905097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  184.916014] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  184.933765] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  184.948266] 8021q: adding VLAN 0 to HW filter on device team0
[  184.956278] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  184.964902] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  184.973356] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  184.989167] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  184.999785] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  185.122918] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  185.152356] 8021q: adding VLAN 0 to HW filter on device team0
[  185.233258] 8021q: adding VLAN 0 to HW filter on device team0
[  185.250639] 8021q: adding VLAN 0 to HW filter on device team0
[  185.399677] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  185.415109] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  185.423323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  185.609562] 8021q: adding VLAN 0 to HW filter on device team0
2018/12/24 22:50:32 executed programs: 6
2018/12/24 22:50:37 executed programs: 77
2018/12/24 22:50:42 executed programs: 149
2018/12/24 22:50:47 executed programs: 219
2018/12/24 22:50:52 executed programs: 289
2018/12/24 22:50:57 executed programs: 362
[  213.353206] ==================================================================
[  213.360790] BUG: KASAN: use-after-free in ax25_fillin_cb+0x6d5/0x810
[  213.367297] Read of size 4 at addr ffff8881ccecc438 by task syz-executor5/11370
[  213.374772] 
[  213.376400] CPU: 1 PID: 11370 Comm: syz-executor5 Not tainted 4.20.0 #387
[  213.383346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  213.392700] Call Trace:
[  213.395297]  dump_stack+0x1d3/0x2c6
[  213.398928]  ? dump_stack_print_info.cold.1+0x20/0x20
[  213.404105]  ? printk+0xa7/0xcf
[  213.407383]  ? kmsg_dump_rewind_nolock+0xe4/0xe4
[  213.412133]  print_address_description.cold.8+0x9/0x1ff
[  213.417494]  kasan_report.cold.9+0x242/0x309
[  213.421911]  ? ax25_fillin_cb+0x6d5/0x810
[  213.426091]  __asan_report_load4_noabort+0x14/0x20
[  213.431024]  ax25_fillin_cb+0x6d5/0x810
[  213.434984]  ? dev_get_by_name+0x117/0x1c0
[  213.439219]  ax25_setsockopt+0x92a/0xa20
[  213.443300]  ? ax25_fillin_cb+0x810/0x810
[  213.447454]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  213.452997]  ? security_socket_setsockopt+0x94/0xc0
[  213.458018]  __sys_setsockopt+0x1ba/0x3c0
[  213.462156]  ? kernel_accept+0x310/0x310
[  213.466209]  ? lockdep_hardirqs_on+0x421/0x5c0
[  213.470787]  ? trace_hardirqs_on+0xbd/0x310
[  213.475096]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  213.480447]  ? __bpf_trace_preemptirq_template+0x30/0x30
[  213.485883]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  213.491423]  __x64_sys_setsockopt+0xbe/0x150
[  213.495849]  do_syscall_64+0x1b9/0x820
[  213.499735]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  213.505096]  ? syscall_return_slowpath+0x5e0/0x5e0
[  213.510025]  ? trace_hardirqs_on_caller+0x310/0x310
[  213.515186]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  213.520206]  ? recalc_sigpending_tsk+0x180/0x180
[  213.524954]  ? __switch_to_asm+0x40/0x70
[  213.529009]  ? __switch_to_asm+0x34/0x70
[  213.533087]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  213.537928]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  213.543101] RIP: 0033:0x457759
[  213.546302] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  213.565202] RSP: 002b:00007f540c347c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  213.572898] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000457759
[  213.580162] RDX: 0000000000000019 RSI: 0000000000000101 RDI: 0000000000000005
[  213.587428] RBP: 000000000073bfa0 R08: 0000000000000010 R09: 0000000000000000
[  213.594683] R10: 0000000020000140 R11: 0000000000000246 R12: 00007f540c3486d4
[  213.601943] R13: 00000000004cb2d8 R14: 00000000004d8910 R15: 00000000ffffffff
[  213.609207] 
[  213.610848] Allocated by task 11344:
[  213.614562]  save_stack+0x43/0xd0
[  213.618022]  kasan_kmalloc+0xc7/0xe0
[  213.621736]  kmem_cache_alloc_trace+0x152/0x750
[  213.626417]  ax25_dev_device_up+0x47/0x4d0
[  213.630634]  ax25_device_event+0x208/0x2e0
[  213.634855]  notifier_call_chain+0x17e/0x380
[  213.639261]  raw_notifier_call_chain+0x2d/0x40
[  213.643845]  call_netdevice_notifiers_info+0x3f/0x90
[  213.648943]  __dev_notify_flags+0x17a/0x480
[  213.653279]  dev_change_flags+0xfd/0x150
[  213.657369]  dev_ifsioc+0x7d6/0xa80
[  213.660983]  dev_ioctl+0x1b5/0xcc0
[  213.664509]  sock_do_ioctl+0x1f6/0x420
[  213.668429]  sock_ioctl+0x313/0x690
[  213.672054]  do_vfs_ioctl+0x1de/0x1790
[  213.675928]  ksys_ioctl+0xa9/0xd0
[  213.679364]  __x64_sys_ioctl+0x73/0xb0
[  213.683241]  do_syscall_64+0x1b9/0x820
[  213.687113]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  213.692302] 
[  213.693925] Freed by task 11339:
[  213.697278]  save_stack+0x43/0xd0
[  213.700736]  __kasan_slab_free+0x102/0x150
[  213.704977]  kasan_slab_free+0xe/0x10
[  213.708765]  kfree+0xcf/0x230
[  213.711854]  ax25_dev_device_down+0x164/0x2f0
[  213.716336]  ax25_device_event+0x1f6/0x2e0
[  213.720558]  notifier_call_chain+0x17e/0x380
[  213.724962]  raw_notifier_call_chain+0x2d/0x40
[  213.729531]  call_netdevice_notifiers_info+0x3f/0x90
[  213.734616]  __dev_notify_flags+0x29b/0x480
[  213.738927]  dev_change_flags+0xfd/0x150
[  213.742988]  dev_ifsioc+0x7d6/0xa80
[  213.746597]  dev_ioctl+0x1b5/0xcc0
[  213.750149]  sock_do_ioctl+0x1f6/0x420
[  213.754036]  sock_ioctl+0x313/0x690
[  213.757661]  do_vfs_ioctl+0x1de/0x1790
[  213.761548]  ksys_ioctl+0xa9/0xd0
[  213.765008]  __x64_sys_ioctl+0x73/0xb0
[  213.768899]  do_syscall_64+0x1b9/0x820
[  213.772777]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  213.777962] 
[  213.779608] The buggy address belongs to the object at ffff8881ccecc400
[  213.779608]  which belongs to the cache kmalloc-192 of size 192
[  213.792284] The buggy address is located 56 bytes inside of
[  213.792284]  192-byte region [ffff8881ccecc400, ffff8881ccecc4c0)
[  213.804051] The buggy address belongs to the page:
[  213.808966] page:ffffea000733b300 count:1 mapcount:0 mapping:ffff8881da800040 index:0x0
[  213.817105] flags: 0x2fffc0000000200(slab)
[  213.821359] raw: 02fffc0000000200 ffffea000733b1c8 ffffea000734aac8 ffff8881da800040
[  213.829252] raw: 0000000000000000 ffff8881ccecc000 0000000100000010 0000000000000000
[  213.837118] page dumped because: kasan: bad access detected
[  213.842806] 
[  213.844436] Memory state around the buggy address:
[  213.849359]  ffff8881ccecc300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  213.856719]  ffff8881ccecc380: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  213.864069] >ffff8881ccecc400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  213.871424]                                         ^
[  213.876601]  ffff8881ccecc480: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  213.883946]  ffff8881ccecc500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  213.891302] ==================================================================
[  213.898655] Disabling lock debugging due to kernel taint
[  213.910407] Kernel panic - not syncing: panic_on_warn set ...
[  213.914921] kobject: 'loop2' (00000000ee76bc60): kobject_uevent_env
[  213.916354] CPU: 1 PID: 11370 Comm: syz-executor5 Tainted: G    B             4.20.0 #387
[  213.916363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  213.916368] Call Trace:
[  213.916386]  dump_stack+0x1d3/0x2c6
[  213.916404]  ? dump_stack_print_info.cold.1+0x20/0x20
[  213.916425]  panic+0x2ad/0x55c
[  213.916439]  ? add_taint.cold.5+0x16/0x16
[  213.916456]  ? preempt_schedule+0x4d/0x60
[  213.916470]  ? ___preempt_schedule+0x16/0x18
[  213.916486]  ? trace_hardirqs_on+0xb4/0x310
[  213.916503]  kasan_end_report+0x47/0x4f
[  213.916532]  kasan_report.cold.9+0x76/0x309
[  213.916544]  ? ax25_fillin_cb+0x6d5/0x810
[  213.916560]  __asan_report_load4_noabort+0x14/0x20
[  213.916573]  ax25_fillin_cb+0x6d5/0x810
[  213.916585]  ? dev_get_by_name+0x117/0x1c0
[  213.916599]  ax25_setsockopt+0x92a/0xa20
[  213.916629]  ? ax25_fillin_cb+0x810/0x810
[  213.916647]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  213.916661]  ? security_socket_setsockopt+0x94/0xc0
[  213.916677]  __sys_setsockopt+0x1ba/0x3c0
[  213.916692]  ? kernel_accept+0x310/0x310
[  213.916708]  ? lockdep_hardirqs_on+0x421/0x5c0
[  213.916723]  ? trace_hardirqs_on+0xbd/0x310
[  213.916736]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  213.916763]  ? __bpf_trace_preemptirq_template+0x30/0x30
[  213.916777]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  213.916794]  __x64_sys_setsockopt+0xbe/0x150
[  213.916810]  do_syscall_64+0x1b9/0x820
[  213.916822]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  213.916837]  ? syscall_return_slowpath+0x5e0/0x5e0
[  213.916853]  ? trace_hardirqs_on_caller+0x310/0x310
[  213.916867]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  213.916882]  ? recalc_sigpending_tsk+0x180/0x180
[  213.916893]  ? __switch_to_asm+0x40/0x70
[  213.916904]  ? __switch_to_asm+0x34/0x70
[  213.916920]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  213.916937]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  213.916946] RIP: 0033:0x457759
[  213.916960] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  213.916967] RSP: 002b:00007f540c347c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  213.916980] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000457759
[  213.916987] RDX: 0000000000000019 RSI: 0000000000000101 RDI: 0000000000000005
[  213.916995] RBP: 000000000073bfa0 R08: 0000000000000010 R09: 0000000000000000
[  213.917004] R10: 0000000020000140 R11: 0000000000000246 R12: 00007f540c3486d4
[  213.917012] R13: 00000000004cb2d8 R14: 00000000004d8910 R15: 00000000ffffffff
[  213.917983] Kernel Offset: disabled
[  214.172066] Rebooting in 86400 seconds..