[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   60.326673][   T26] audit: type=1800 audit(1558053228.058:25): pid=8911 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   60.366831][   T26] audit: type=1800 audit(1558053228.068:26): pid=8911 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   60.421652][   T26] audit: type=1800 audit(1558053228.078:27): pid=8911 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.199' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   80.400419][ T9065] ==================================================================
[   80.408647][ T9065] BUG: KASAN: slab-out-of-bounds in __lock_acquire+0x3ba2/0x5490
[   80.416351][ T9065] Read of size 8 at addr ffff88821640d0c0 by task syz-executor701/9065
[   80.424576][ T9065] 
[   80.426893][ T9065] CPU: 0 PID: 9065 Comm: syz-executor701 Not tainted 5.1.0+ #17
[   80.434594][ T9065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   80.444812][ T9065] Call Trace:
[   80.448163][ T9065]  dump_stack+0x172/0x1f0
[   80.452488][ T9065]  ? __lock_acquire+0x3ba2/0x5490
[   80.457505][ T9065]  print_address_description.cold+0x7c/0x20d
[   80.463478][ T9065]  ? __lock_acquire+0x3ba2/0x5490
[   80.468533][ T9065]  ? __lock_acquire+0x3ba2/0x5490
[   80.473587][ T9065]  __kasan_report.cold+0x1b/0x40
[   80.478675][ T9065]  ? __lock_acquire+0x3ba2/0x5490
[   80.483902][ T9065]  kasan_report+0x12/0x20
[   80.488316][ T9065]  __asan_report_load8_noabort+0x14/0x20
[   80.493953][ T9065]  __lock_acquire+0x3ba2/0x5490
[   80.498865][ T9065]  ? sock_diag_rcv+0x2b/0x40
[   80.503554][ T9065]  ? netlink_unicast+0x536/0x720
[   80.508694][ T9065]  ? netlink_sendmsg+0x8ae/0xd70
[   80.513715][ T9065]  ? sock_sendmsg+0x12e/0x170
[   80.518451][ T9065]  ? ___sys_sendmsg+0x81d/0x960
[   80.523305][ T9065]  ? __sys_sendmsg+0x105/0x1d0
[   80.528153][ T9065]  ? __x64_sys_sendmsg+0x78/0xb0
[   80.533248][ T9065]  ? do_syscall_64+0x103/0x680
[   80.538002][ T9065]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   80.544171][ T9065]  ? mark_held_locks+0xf0/0xf0
[   80.549044][ T9065]  ? mark_held_locks+0xf0/0xf0
[   80.553960][ T9065]  ? fs_reclaim_acquire.part.0+0x30/0x30
[   80.559597][ T9065]  ? find_held_lock+0x35/0x130
[   80.564372][ T9065]  ? fs_reclaim_acquire.part.0+0x30/0x30
[   80.570039][ T9065]  lock_acquire+0x16f/0x3f0
[   80.574548][ T9065]  ? rhashtable_walk_enter+0xf9/0x390
[   80.580073][ T9065]  _raw_spin_lock+0x2f/0x40
[   80.584648][ T9065]  ? rhashtable_walk_enter+0xf9/0x390
[   80.590084][ T9065]  rhashtable_walk_enter+0xf9/0x390
[   80.595298][ T9065]  __tipc_dump_start+0x1fa/0x3c0
[   80.600366][ T9065]  tipc_dump_start+0x70/0x90
[   80.604945][ T9065]  __netlink_dump_start+0x4fb/0x7e0
[   80.610242][ T9065]  ? __tipc_dump_start+0x3c0/0x3c0
[   80.615347][ T9065]  tipc_sock_diag_handler_dump+0x1d9/0x270
[   80.621154][ T9065]  ? __tipc_diag_gen_cookie+0x90/0x90
[   80.626667][ T9065]  ? sock_diag_rcv+0x1c/0x40
[   80.631249][ T9065]  ? __tipc_dump_start+0x3c0/0x3c0
[   80.636355][ T9065]  ? tipc_unregister_sysctl+0x20/0x20
[   80.641733][ T9065]  ? tipc_ioctl+0x2e0/0x2e0
[   80.646330][ T9065]  sock_diag_rcv_msg+0x322/0x410
[   80.651309][ T9065]  netlink_rcv_skb+0x17a/0x460
[   80.656093][ T9065]  ? sock_diag_bind+0x80/0x80
[   80.660771][ T9065]  ? netlink_ack+0xb50/0xb50
[   80.665395][ T9065]  ? kasan_check_read+0x11/0x20
[   80.670246][ T9065]  ? netlink_deliver_tap+0x254/0xc00
[   80.675758][ T9065]  sock_diag_rcv+0x2b/0x40
[   80.680373][ T9065]  netlink_unicast+0x536/0x720
[   80.685150][ T9065]  ? netlink_attachskb+0x770/0x770
[   80.690259][ T9065]  ? _copy_from_iter_full+0x25d/0x8c0
[   80.695627][ T9065]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[   80.701451][ T9065]  ? __check_object_size+0x3d/0x42f
[   80.706834][ T9065]  netlink_sendmsg+0x8ae/0xd70
[   80.711608][ T9065]  ? netlink_unicast+0x720/0x720
[   80.716540][ T9065]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[   80.722172][ T9065]  ? apparmor_socket_sendmsg+0x2a/0x30
[   80.729027][ T9065]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   80.735427][ T9065]  ? security_socket_sendmsg+0x93/0xc0
[   80.740892][ T9065]  ? netlink_unicast+0x720/0x720
[   80.745836][ T9065]  sock_sendmsg+0x12e/0x170
[   80.750336][ T9065]  ___sys_sendmsg+0x81d/0x960
[   80.755017][ T9065]  ? copy_msghdr_from_user+0x430/0x430
[   80.760500][ T9065]  ? prep_transhuge_page+0xa0/0xa0
[   80.765620][ T9065]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   80.771862][ T9065]  ? __handle_mm_fault+0x7cd/0x3ec0
[   80.777075][ T9065]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   80.783336][ T9065]  ? __fget_light+0x1a9/0x230
[   80.788013][ T9065]  ? __fdget+0x1b/0x20
[   80.792129][ T9065]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   80.798377][ T9065]  __sys_sendmsg+0x105/0x1d0
[   80.803063][ T9065]  ? __ia32_sys_shutdown+0x80/0x80
[   80.808352][ T9065]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   80.813886][ T9065]  ? do_syscall_64+0x26/0x680
[   80.818655][ T9065]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   80.824783][ T9065]  ? do_syscall_64+0x26/0x680
[   80.829669][ T9065]  __x64_sys_sendmsg+0x78/0xb0
[   80.834560][ T9065]  do_syscall_64+0x103/0x680
[   80.839145][ T9065]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   80.845030][ T9065] RIP: 0033:0x4401f9
[   80.848914][ T9065] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   80.868719][ T9065] RSP: 002b:00007ffce5915488 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   80.877142][ T9065] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004401f9
[   80.885116][ T9065] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[   80.893091][ T9065] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8
[   80.901061][ T9065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401a80
[   80.909106][ T9065] R13: 0000000000401b10 R14: 0000000000000000 R15: 0000000000000000
[   80.917090][ T9065] 
[   80.919499][ T9065] Allocated by task 1:
[   80.923552][ T9065]  save_stack+0x23/0x90
[   80.927695][ T9065]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[   80.933320][ T9065]  kasan_slab_alloc+0xf/0x20
[   80.937910][ T9065]  kmem_cache_alloc+0x11a/0x6f0
[   80.942756][ T9065]  __kernfs_new_node+0xf0/0x6c0
[   80.947692][ T9065]  kernfs_new_node+0x96/0x120
[   80.952546][ T9065]  __kernfs_create_file+0x51/0x340
[   80.957676][ T9065]  sysfs_add_file_mode_ns+0x222/0x560
[   80.963067][ T9065]  internal_create_group+0x35b/0xc40
[   80.968358][ T9065]  sysfs_create_groups+0x9b/0x141
[   80.973429][ T9065]  device_add+0x80f/0x17a0
[   80.977853][ T9065]  netdev_register_kobject+0x183/0x3b0
[   80.983314][ T9065]  register_netdevice+0x878/0xff0
[   80.988489][ T9065]  register_netdev+0x30/0x50
[   80.993083][ T9065]  vti6_init_net+0x518/0x820
[   80.997741][ T9065]  ops_init+0xb6/0x410
[   81.001818][ T9065]  register_pernet_operations+0x382/0x7f0
[   81.007683][ T9065]  register_pernet_device+0x2a/0x80
[   81.012929][ T9065]  vti6_tunnel_init+0x19/0x176
[   81.019101][ T9065]  do_one_initcall+0x109/0x7ca
[   81.023857][ T9065]  kernel_init_freeable+0x4da/0x5c9
[   81.029053][ T9065]  kernel_init+0x12/0x1c5
[   81.033704][ T9065]  ret_from_fork+0x3a/0x50
[   81.038102][ T9065] 
[   81.040422][ T9065] Freed by task 0:
[   81.044119][ T9065] (stack is not available)
[   81.048532][ T9065] 
[   81.050895][ T9065] The buggy address belongs to the object at ffff88821640d000
[   81.050895][ T9065]  which belongs to the cache kernfs_node_cache of size 160
[   81.065837][ T9065] The buggy address is located 32 bytes to the right of
[   81.065837][ T9065]  160-byte region [ffff88821640d000, ffff88821640d0a0)
[   81.079741][ T9065] The buggy address belongs to the page:
[   81.085375][ T9065] page:ffffea0008590340 count:1 mapcount:0 mapping:ffff88821bc45500 index:0xffff88821640dfee
[   81.095607][ T9065] flags: 0x6fffc0000000200(slab)
[   81.100538][ T9065] raw: 06fffc0000000200 ffffea00085a7c48 ffffea0008590388 ffff88821bc45500
[   81.109111][ T9065] raw: ffff88821640dfee ffff88821640d000 0000000100000012 0000000000000000
[   81.117853][ T9065] page dumped because: kasan: bad access detected
[   81.124254][ T9065] 
[   81.126715][ T9065] Memory state around the buggy address:
[   81.132497][ T9065]  ffff88821640cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   81.140644][ T9065]  ffff88821640d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   81.148791][ T9065] >ffff88821640d080: 00 00 00 00 fc fc fc fc fc fc fc fc 00 00 00 00
[   81.156850][ T9065]                                            ^
[   81.163006][ T9065]  ffff88821640d100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   81.171058][ T9065]  ffff88821640d180: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   81.179125][ T9065] ==================================================================
[   81.187163][ T9065] Disabling lock debugging due to kernel taint
[   81.193290][ T9065] Kernel panic - not syncing: panic_on_warn set ...
[   81.199860][ T9065] CPU: 0 PID: 9065 Comm: syz-executor701 Tainted: G    B             5.1.0+ #17
[   81.208863][ T9065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   81.218902][ T9065] Call Trace:
[   81.222188][ T9065]  dump_stack+0x172/0x1f0
[   81.226513][ T9065]  panic+0x2cb/0x65c
[   81.230398][ T9065]  ? __warn_printk+0xf3/0xf3
[   81.234975][ T9065]  ? lock_downgrade+0x880/0x880
[   81.239840][ T9065]  ? __lock_acquire+0x3ba2/0x5490
[   81.245044][ T9065]  ? trace_hardirqs_off+0x62/0x220
[   81.250244][ T9065]  ? trace_hardirqs_off+0x59/0x220
[   81.255367][ T9065]  ? __lock_acquire+0x3ba2/0x5490
[   81.260491][ T9065]  end_report+0x47/0x4f
[   81.264724][ T9065]  ? __lock_acquire+0x3ba2/0x5490
[   81.269985][ T9065]  __kasan_report.cold+0xe/0x40
[   81.274827][ T9065]  ? __lock_acquire+0x3ba2/0x5490
[   81.279945][ T9065]  kasan_report+0x12/0x20
[   81.284315][ T9065]  __asan_report_load8_noabort+0x14/0x20
[   81.290048][ T9065]  __lock_acquire+0x3ba2/0x5490
[   81.294930][ T9065]  ? sock_diag_rcv+0x2b/0x40
[   81.299555][ T9065]  ? netlink_unicast+0x536/0x720
[   81.304503][ T9065]  ? netlink_sendmsg+0x8ae/0xd70
[   81.309533][ T9065]  ? sock_sendmsg+0x12e/0x170
[   81.314293][ T9065]  ? ___sys_sendmsg+0x81d/0x960
[   81.319140][ T9065]  ? __sys_sendmsg+0x105/0x1d0
[   81.324265][ T9065]  ? __x64_sys_sendmsg+0x78/0xb0
[   81.329276][ T9065]  ? do_syscall_64+0x103/0x680
[   81.334026][ T9065]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   81.340080][ T9065]  ? mark_held_locks+0xf0/0xf0
[   81.344846][ T9065]  ? mark_held_locks+0xf0/0xf0
[   81.349599][ T9065]  ? fs_reclaim_acquire.part.0+0x30/0x30
[   81.355217][ T9065]  ? find_held_lock+0x35/0x130
[   81.359981][ T9065]  ? fs_reclaim_acquire.part.0+0x30/0x30
[   81.365810][ T9065]  lock_acquire+0x16f/0x3f0
[   81.370367][ T9065]  ? rhashtable_walk_enter+0xf9/0x390
[   81.375734][ T9065]  _raw_spin_lock+0x2f/0x40
[   81.380439][ T9065]  ? rhashtable_walk_enter+0xf9/0x390
[   81.385865][ T9065]  rhashtable_walk_enter+0xf9/0x390
[   81.391214][ T9065]  __tipc_dump_start+0x1fa/0x3c0
[   81.396165][ T9065]  tipc_dump_start+0x70/0x90
[   81.400753][ T9065]  __netlink_dump_start+0x4fb/0x7e0
[   81.406283][ T9065]  ? __tipc_dump_start+0x3c0/0x3c0
[   81.411619][ T9065]  tipc_sock_diag_handler_dump+0x1d9/0x270
[   81.417467][ T9065]  ? __tipc_diag_gen_cookie+0x90/0x90
[   81.422832][ T9065]  ? sock_diag_rcv+0x1c/0x40
[   81.427411][ T9065]  ? __tipc_dump_start+0x3c0/0x3c0
[   81.432510][ T9065]  ? tipc_unregister_sysctl+0x20/0x20
[   81.438012][ T9065]  ? tipc_ioctl+0x2e0/0x2e0
[   81.442597][ T9065]  sock_diag_rcv_msg+0x322/0x410
[   81.447620][ T9065]  netlink_rcv_skb+0x17a/0x460
[   81.452465][ T9065]  ? sock_diag_bind+0x80/0x80
[   81.457401][ T9065]  ? netlink_ack+0xb50/0xb50
[   81.461997][ T9065]  ? kasan_check_read+0x11/0x20
[   81.466944][ T9065]  ? netlink_deliver_tap+0x254/0xc00
[   81.472333][ T9065]  sock_diag_rcv+0x2b/0x40
[   81.476743][ T9065]  netlink_unicast+0x536/0x720
[   81.481508][ T9065]  ? netlink_attachskb+0x770/0x770
[   81.486611][ T9065]  ? _copy_from_iter_full+0x25d/0x8c0
[   81.492091][ T9065]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[   81.497934][ T9065]  ? __check_object_size+0x3d/0x42f
[   81.503139][ T9065]  netlink_sendmsg+0x8ae/0xd70
[   81.508102][ T9065]  ? netlink_unicast+0x720/0x720
[   81.513154][ T9065]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[   81.518750][ T9065]  ? apparmor_socket_sendmsg+0x2a/0x30
[   81.524480][ T9065]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   81.530832][ T9065]  ? security_socket_sendmsg+0x93/0xc0
[   81.536364][ T9065]  ? netlink_unicast+0x720/0x720
[   81.541410][ T9065]  sock_sendmsg+0x12e/0x170
[   81.546344][ T9065]  ___sys_sendmsg+0x81d/0x960
[   81.551022][ T9065]  ? copy_msghdr_from_user+0x430/0x430
[   81.556475][ T9065]  ? prep_transhuge_page+0xa0/0xa0
[   81.561649][ T9065]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   81.567880][ T9065]  ? __handle_mm_fault+0x7cd/0x3ec0
[   81.573075][ T9065]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   81.579767][ T9065]  ? __fget_light+0x1a9/0x230
[   81.584570][ T9065]  ? __fdget+0x1b/0x20
[   81.588636][ T9065]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   81.594872][ T9065]  __sys_sendmsg+0x105/0x1d0
[   81.599506][ T9065]  ? __ia32_sys_shutdown+0x80/0x80
[   81.604678][ T9065]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   81.610144][ T9065]  ? do_syscall_64+0x26/0x680
[   81.614952][ T9065]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   81.621071][ T9065]  ? do_syscall_64+0x26/0x680
[   81.625746][ T9065]  __x64_sys_sendmsg+0x78/0xb0
[   81.630508][ T9065]  do_syscall_64+0x103/0x680
[   81.635093][ T9065]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   81.640984][ T9065] RIP: 0033:0x4401f9
[   81.644873][ T9065] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   81.664558][ T9065] RSP: 002b:00007ffce5915488 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   81.672961][ T9065] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004401f9
[   81.680930][ T9065] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[   81.688892][ T9065] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8
[   81.696899][ T9065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401a80
[   81.704964][ T9065] R13: 0000000000401b10 R14: 0000000000000000 R15: 0000000000000000
[   81.714305][ T9065] Kernel Offset: disabled
[   81.718687][ T9065] Rebooting in 86400 seconds..