[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[   26.392427] audit: type=1800 audit(1553301488.702:21): pid=5523 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="startpar" name="bootlogs" dev="sda1" ino=2419 res=0
[   26.416921] audit: type=1800 audit(1553301488.706:22): pid=5523 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="startpar" name="motd" dev="sda1" ino=2447 res=0
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   46.380852] IPVS: ftp: loaded support on port[0] = 21
Warning: Permanently added '10.128.15.203' (ECDSA) to the list of known hosts.
2019/03/23 00:38:41 parsed 1 programs
2019/03/23 00:38:41 executed programs: 0
[   59.306770] IPVS: ftp: loaded support on port[0] = 21
[   59.342148] IPVS: ftp: loaded support on port[0] = 21
[   59.381748] IPVS: ftp: loaded support on port[0] = 21
[   59.430717] IPVS: ftp: loaded support on port[0] = 21
[   59.496396] IPVS: ftp: loaded support on port[0] = 21
[   59.567042] IPVS: ftp: loaded support on port[0] = 21
[   60.022220] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.029942] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.038009] device bridge_slave_0 entered promiscuous mode
[   60.147814] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.154938] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.161985] device bridge_slave_1 entered promiscuous mode
[   60.240839] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   60.266427] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.282735] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.289817] device bridge_slave_0 entered promiscuous mode
[   60.304467] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   60.312549] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.326647] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.335699] device bridge_slave_0 entered promiscuous mode
[   60.366107] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.372615] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.380147] device bridge_slave_1 entered promiscuous mode
[   60.440688] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.448517] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.455693] device bridge_slave_1 entered promiscuous mode
[   60.470984] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.480044] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.487578] device bridge_slave_0 entered promiscuous mode
[   60.510567] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   60.522297] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   60.533172] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.542436] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.550352] device bridge_slave_1 entered promiscuous mode
[   60.557043] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   60.575860] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.589900] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.597880] device bridge_slave_0 entered promiscuous mode
[   60.606438] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   60.619818] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   60.637694] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   60.649010] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   60.692133] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.699532] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.706999] device bridge_slave_0 entered promiscuous mode
[   60.715238] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   60.731169] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.740448] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.752161] device bridge_slave_1 entered promiscuous mode
[   60.771318] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.781017] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.788446] device bridge_slave_1 entered promiscuous mode
[   60.821832] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   60.846071] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   60.854308] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   60.873225] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   60.885924] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   60.898063] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   60.920660] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   60.933857] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   60.950516] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   60.971219] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   60.988296] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   61.000253] team0: Port device team_slave_0 added
[   61.061116] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   61.069352] team0: Port device team_slave_1 added
[   61.078412] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   61.109501] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   61.127183] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   61.146019] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   61.170186] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   61.189190] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   61.230552] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   61.239441] team0: Port device team_slave_0 added
[   61.253453] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   61.277412] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   61.284695] team0: Port device team_slave_0 added
[   61.292444] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   61.303506] team0: Port device team_slave_0 added
[   61.314278] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   61.322052] team0: Port device team_slave_1 added
[   61.333671] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   61.343093] team0: Port device team_slave_1 added
[   61.349517] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   61.363787] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   61.373040] team0: Port device team_slave_1 added
[   61.383743] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   61.413325] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   61.431907] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   61.455128] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   61.487681] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   61.497879] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   61.510170] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   61.525644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   61.549449] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   61.557342] team0: Port device team_slave_0 added
[   61.570253] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   61.584937] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   61.599230] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   61.615521] team0: Port device team_slave_0 added
[   61.621269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   61.635198] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   61.645647] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   61.657491] team0: Port device team_slave_1 added
[   61.689163] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   61.701431] team0: Port device team_slave_1 added
[   61.721865] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   61.755373] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   61.762968] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   61.786128] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   61.840072] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   61.849747] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   61.878778] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   61.897158] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   62.010479] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.016919] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.023921] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.030336] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.055077] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.061465] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.068145] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.074537] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.164060] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.170499] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.177178] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.183591] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.251238] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.257662] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.264335] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.275326] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.448148] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.454577] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.461220] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.467623] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.488445] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.494880] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.501517] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.507915] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.052147] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.155767] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.195089] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.219923] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   64.359065] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   64.375963] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   64.393727] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   64.410254] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.470472] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.517107] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.528027] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   64.550698] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   64.576404] 8021q: adding VLAN 0 to HW filter on device team0
[   64.598149] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   64.670463] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   64.718016] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   64.734408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   64.742584] 8021q: adding VLAN 0 to HW filter on device team0
[   64.766062] 8021q: adding VLAN 0 to HW filter on device team0
[   64.855887] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   64.888784] 8021q: adding VLAN 0 to HW filter on device team0
[   64.912674] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   65.064886] 8021q: adding VLAN 0 to HW filter on device team0
[   65.125055] 8021q: adding VLAN 0 to HW filter on device team0
[   65.567506] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[   65.776375] ==================================================================
[   65.783806] BUG: KASAN: use-after-free in __list_add_valid+0xc6/0xd0
[   65.790330] Read of size 8 at addr ffff8801da611250 by task syz-executor4/7356
[   65.797684] 
[   65.799317] CPU: 0 PID: 7356 Comm: syz-executor4 Not tainted 4.12.0-rc5+ #1
[   65.801703] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[   65.816717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   65.826067] Call Trace:
[   65.828649]  dump_stack+0x145/0x1f1
[   65.832283]  ? arch_local_irq_restore+0x44/0x44
[   65.836945]  ? printk+0x8f/0xab
[   65.840224]  ? load_image_and_restore+0xf6/0xf6
[   65.844888]  ? __list_add_valid+0xc6/0xd0
[   65.849060]  print_address_description+0xd4/0x230
[   65.853890]  ? __list_add_valid+0xc6/0xd0
[   65.858042]  kasan_report+0x24d/0x340
[   65.861831]  __asan_report_load8_noabort+0x14/0x20
[   65.866745]  __list_add_valid+0xc6/0xd0
[   65.870717]  padata_do_parallel+0x3bd/0x7a0
[   65.875038]  ? padata_alloc_pd+0xc90/0xc90
[   65.879268]  ? mark_held_locks+0xaf/0x100
[   65.883409]  ? rcu_pm_notify+0xc0/0xc0
[   65.887289]  ? __local_bh_enable_ip+0x9c/0x170
[   65.891882]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   65.896889]  ? pcrypt_do_parallel+0x1a5/0x3f0
[   65.901377]  pcrypt_do_parallel+0x1fb/0x3f0
[   65.905705]  ? pcrypt_create+0x670/0x670
[   65.909762]  ? rcu_read_lock_sched_held+0x108/0x120
[   65.914776]  pcrypt_aead_encrypt+0x351/0x450
[   65.919182]  tls_push_record+0x902/0x12d0
[   65.923352]  tls_sw_push_pending_record+0xe/0x10
[   65.928110]  tls_push_pending_closed_record+0x64/0x120
[   65.933385]  ? lock_sock_nested+0xc5/0x100
[   65.937615]  tls_sk_proto_close+0x5ce/0xa70
[   65.941935]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   65.947129]  ? depot_save_stack+0x3b6/0x490
[   65.951456]  ? tls_write_space+0x280/0x280
[   65.955708]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   65.960896]  ? fcntl_setlk+0x1250/0x1250
[   65.964948]  ? ipv6_sock_ac_drop+0x6e0/0x6e0
[   65.969354]  inet_release+0xd9/0x1c0
[   65.973070]  inet6_release+0x46/0x60
[   65.976783]  sock_release+0x83/0x1b0
[   65.980500]  sock_close+0xd/0x20
[   65.983854]  __fput+0x307/0x900
[   65.987119]  ? tls_sw_sendmsg+0x962/0x12d0
[   65.991342]  ? inet_sendmsg+0x10e/0x5d0
[   65.995312]  ? file_free_rcu+0x80/0x80
[   65.999185]  ? .slowpath+0x15/0x15
[   66.002719]  ? reacquire_held_locks+0x1fd/0x3d0
[   66.007386]  ? reacquire_held_locks+0x1fd/0x3d0
[   66.012067]  ? find_held_lock+0x35/0x1d0
[   66.016304]  ____fput+0x9/0x10
[   66.019507]  task_work_run+0x140/0x220
[   66.023388]  ? task_work_cancel+0x340/0x340
[   66.027697]  ? lock_downgrade+0x990/0x990
[   66.031829]  ? lock_release+0xa70/0xa70
[   66.035801]  get_signal+0x12d4/0x16c0
[   66.039600]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   66.044610]  ? release_sock+0x1ab/0x270
[   66.048576]  ? trace_hardirqs_on+0xd/0x10
[   66.052725]  ? __local_bh_enable_ip+0x9c/0x170
[   66.057303]  ? _raw_spin_unlock_bh+0x30/0x40
[   66.061708]  ? release_sock+0x1ab/0x270
[   66.065673]  ? __release_sock+0x340/0x340
[   66.069823]  ? ptrace_notify+0x110/0x110
[   66.073897]  ? alloc_sg+0xde0/0xde0
[   66.077537]  do_signal+0x90/0x1e90
[   66.081073]  ? kick_process+0x110/0x170
[   66.085041]  ? task_work_add+0x129/0x260
[   66.089089]  ? setup_sigcontext+0x7d0/0x7d0
[   66.093405]  ? find_ge_pid+0x40/0x40
[   66.097115]  ? fput+0x9a/0x120
[   66.100394]  ? SYSC_sendto+0x396/0x5e0
[   66.104276]  ? SYSC_connect+0x530/0x530
[   66.108246]  ? lock_downgrade+0x990/0x990
[   66.112397]  ? exit_to_usermode_loop+0x85/0x2a0
[   66.117067]  exit_to_usermode_loop+0x1c7/0x2a0
[   66.121638]  ? trace_event_raw_event_sys_exit+0x1e0/0x1e0
[   66.127180]  syscall_return_slowpath+0x344/0x3f0
[   66.131954]  ? prepare_exit_to_usermode+0x1f0/0x1f0
[   66.136986]  ? entry_SYSCALL_64_fastpath+0x95/0xc2
[   66.141908]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   66.146912]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   66.151667]  entry_SYSCALL_64_fastpath+0xc0/0xc2
[   66.156411] RIP: 0033:0x4576b9
[   66.159582] RSP: 002b:00007f57c7026c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   66.167280] RAX: 0000000000000001 RBX: 0000000000000006 RCX: 00000000004576b9
[   66.174546] RDX: 0000000000000001 RSI: 00000000200003c0 RDI: 0000000000000006
[   66.182001] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[   66.189261] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f57c70276d4
[   66.196532] R13: 00000000004c411b R14: 00000000004d69b0 R15: 00000000ffffffff
[   66.203813] 
[   66.205433] Allocated by task 7356:
[   66.209054]  save_stack_trace+0x16/0x20
[   66.213013]  save_stack+0x43/0xd0
[   66.216458]  kasan_kmalloc+0xad/0xe0
[   66.220243]  __kmalloc+0x156/0x790
[   66.223765]  tls_push_record+0x6b7/0x12d0
[   66.227905]  tls_sw_sendmsg+0xb45/0x12d0
[   66.231957]  inet_sendmsg+0x10e/0x5d0
[   66.235748]  sock_sendmsg+0xb5/0xf0
[   66.239364]  SYSC_sendto+0x30e/0x5e0
[   66.243083]  SyS_sendto+0x9/0x10
[   66.246439]  entry_SYSCALL_64_fastpath+0x23/0xc2
[   66.251187] 
[   66.252807] Freed by task 7356:
[   66.256071]  save_stack_trace+0x16/0x20
[   66.260034]  save_stack+0x43/0xd0
[   66.263501]  kasan_slab_free+0x71/0xc0
[   66.267556]  kfree+0xcc/0x270
[   66.272179]  tls_push_record+0x9ad/0x12d0
[   66.276407]  tls_sw_sendmsg+0xb45/0x12d0
[   66.281930]  inet_sendmsg+0x10e/0x5d0
[   66.285744]  sock_sendmsg+0xb5/0xf0
[   66.289356]  SYSC_sendto+0x30e/0x5e0
[   66.293059]  SyS_sendto+0x9/0x10
[   66.296419]  entry_SYSCALL_64_fastpath+0x23/0xc2
[   66.301158] 
[   66.302774] The buggy address belongs to the object at ffff8801da611200
[   66.302774]  which belongs to the cache kmalloc-1024 of size 1024
[   66.315594] The buggy address is located 80 bytes inside of
[   66.315594]  1024-byte region [ffff8801da611200, ffff8801da611600)
[   66.327469] The buggy address belongs to the page:
[   66.332395] page:ffffea0007698400 count:1 mapcount:0 mapping:ffff8801da610000 index:0x0 compound_mapcount: 0
[   66.342371] flags: 0x2fffc0000008100(slab|head)
[   66.347025] raw: 02fffc0000008100 ffff8801da610000 0000000000000000 0000000100000007
[   66.354896] raw: ffffea0007640720 ffffea00075f6020 ffff8801da400ac0 0000000000000000
[   66.362771] page dumped because: kasan: bad access detected
[   66.368475] 
[   66.370086] Memory state around the buggy address:
[   66.375003]  ffff8801da611100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   66.382360]  ffff8801da611180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   66.389725] >ffff8801da611200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   66.397080]                                                  ^
[   66.403044]  ffff8801da611280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   66.410394]  ffff8801da611300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   66.417736] ==================================================================
[   66.425092] Disabling lock debugging due to kernel taint
[   66.430607] Kernel panic - not syncing: panic_on_warn set ...
[   66.430607] 
[   66.437960] CPU: 0 PID: 7356 Comm: syz-executor4 Tainted: G    B           4.12.0-rc5+ #1
[   66.446262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   66.455604] Call Trace:
[   66.458187]  dump_stack+0x145/0x1f1
[   66.461814]  ? arch_local_irq_restore+0x44/0x44
[   66.466477]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   66.471227]  ? __this_cpu_preempt_check+0x20/0x20
[   66.476061]  panic+0x1b6/0x358
[   66.479242]  ? percpu_up_read_preempt_enable.constprop.37+0xb9/0xb9
[   66.485670]  ? __list_add_valid+0xc6/0xd0
[   66.489807]  kasan_end_report+0x50/0x50
[   66.493775]  kasan_report+0x136/0x340
[   66.497563]  __asan_report_load8_noabort+0x14/0x20
[   66.502495]  __list_add_valid+0xc6/0xd0
[   66.506456]  padata_do_parallel+0x3bd/0x7a0
[   66.510766]  ? padata_alloc_pd+0xc90/0xc90
[   66.514986]  ? mark_held_locks+0xaf/0x100
[   66.519117]  ? rcu_pm_notify+0xc0/0xc0
[   66.523007]  ? __local_bh_enable_ip+0x9c/0x170
[   66.527589]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   66.532590]  ? pcrypt_do_parallel+0x1a5/0x3f0
[   66.537086]  pcrypt_do_parallel+0x1fb/0x3f0
[   66.541399]  ? pcrypt_create+0x670/0x670
[   66.545445]  ? rcu_read_lock_sched_held+0x108/0x120
[   66.550453]  pcrypt_aead_encrypt+0x351/0x450
[   66.554874]  tls_push_record+0x902/0x12d0
[   66.559033]  tls_sw_push_pending_record+0xe/0x10
[   66.563773]  tls_push_pending_closed_record+0x64/0x120
[   66.569081]  ? lock_sock_nested+0xc5/0x100
[   66.573327]  tls_sk_proto_close+0x5ce/0xa70
[   66.577653]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   66.582833]  ? depot_save_stack+0x3b6/0x490
[   66.587145]  ? tls_write_space+0x280/0x280
[   66.591368]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   66.596549]  ? fcntl_setlk+0x1250/0x1250
[   66.600598]  ? ipv6_sock_ac_drop+0x6e0/0x6e0
[   66.604994]  inet_release+0xd9/0x1c0
[   66.608701]  inet6_release+0x46/0x60
[   66.612407]  sock_release+0x83/0x1b0
[   66.616114]  sock_close+0xd/0x20
[   66.619468]  __fput+0x307/0x900
[   66.622734]  ? tls_sw_sendmsg+0x962/0x12d0
[   66.626971]  ? inet_sendmsg+0x10e/0x5d0
[   66.630934]  ? file_free_rcu+0x80/0x80
[   66.634805]  ? .slowpath+0x15/0x15
[   66.638328]  ? reacquire_held_locks+0x1fd/0x3d0
[   66.642983]  ? reacquire_held_locks+0x1fd/0x3d0
[   66.647655]  ? find_held_lock+0x35/0x1d0
[   66.651709]  ____fput+0x9/0x10
[   66.654888]  task_work_run+0x140/0x220
[   66.658763]  ? task_work_cancel+0x340/0x340
[   66.663073]  ? lock_downgrade+0x990/0x990
[   66.667220]  ? lock_release+0xa70/0xa70
[   66.671181]  get_signal+0x12d4/0x16c0
[   66.674978]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   66.680017]  ? release_sock+0x1ab/0x270
[   66.683977]  ? trace_hardirqs_on+0xd/0x10
[   66.688129]  ? __local_bh_enable_ip+0x9c/0x170
[   66.692713]  ? _raw_spin_unlock_bh+0x30/0x40
[   66.697113]  ? release_sock+0x1ab/0x270
[   66.701069]  ? __release_sock+0x340/0x340
[   66.705218]  ? ptrace_notify+0x110/0x110
[   66.709275]  ? alloc_sg+0xde0/0xde0
[   66.712896]  do_signal+0x90/0x1e90
[   66.716427]  ? kick_process+0x110/0x170
[   66.720400]  ? task_work_add+0x129/0x260
[   66.724759]  ? setup_sigcontext+0x7d0/0x7d0
[   66.729066]  ? find_ge_pid+0x40/0x40
[   66.732784]  ? fput+0x9a/0x120
[   66.735967]  ? SYSC_sendto+0x396/0x5e0
[   66.739846]  ? SYSC_connect+0x530/0x530
[   66.743900]  ? lock_downgrade+0x990/0x990
[   66.748053]  ? exit_to_usermode_loop+0x85/0x2a0
[   66.752728]  exit_to_usermode_loop+0x1c7/0x2a0
[   66.757325]  ? trace_event_raw_event_sys_exit+0x1e0/0x1e0
[   66.762955]  syscall_return_slowpath+0x344/0x3f0
[   66.767724]  ? prepare_exit_to_usermode+0x1f0/0x1f0
[   66.772743]  ? entry_SYSCALL_64_fastpath+0x95/0xc2
[   66.777660]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   66.782666]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   66.787422]  entry_SYSCALL_64_fastpath+0xc0/0xc2
[   66.792160] RIP: 0033:0x4576b9
[   66.795333] RSP: 002b:00007f57c7026c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   66.803032] RAX: 0000000000000001 RBX: 0000000000000006 RCX: 00000000004576b9
[   66.810479] RDX: 0000000000000001 RSI: 00000000200003c0 RDI: 0000000000000006
[   66.817909] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[   66.825170] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f57c70276d4
[   66.832523] R13: 00000000004c411b R14: 00000000004d69b0 R15: 00000000ffffffff
[   66.840635] Kernel Offset: disabled
[   66.844255] Rebooting in 86400 seconds..