Warning: Permanently added 'ci-android-49-kasan-gce-3,10.128.0.23' (ECDSA) to the list of known hosts.
serialport: Connected to syzkaller.us-central1-c.ci-android-49-kasan-gce-3 port 1 (session ID: 38bc2f26ffe50ed3dbbb729f6d3a40ace960234745b10e1fe8e2bcfc4742763b, active connections: 1).
INIT: Entering runlevel: 2
[�[36minfo�[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
2017/07/28 01:12:36 parsed 1 programs
2017/07/28 01:12:36 executed programs: 0
syzkaller login: [ 20.730628] keychord: using input dev AT Translated Set 2 keyboard for fevent
[ 20.732634] keychord: using input dev AT Translated Set 2 keyboard for fevent
[ 20.824199] keychord: using input dev AT Translated Set 2 keyboard for fevent
[ 20.827542] ==================================================================
[ 20.827543] BUG: Double free or freeing an invalid pointer
[ 20.827545] Unexpected shadow byte: 0xFB
[ 20.827551] CPU: 1 PID: 3390 Comm: syz-executor4 Not tainted 4.9.39-ga1e4c795 #8
[ 20.827553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 20.827560] ffff8801cefb7b78 ffffffff81eacd59 ffff8801dac01b40 ffff8801cfda89a0
[ 20.827565] ffff8801cfda89b0 ffffffff82b495eb 0000000000000282 ffff8801cefb7ba0
[ 20.827570] ffffffff81546bfc 00000000fffffffb ffff8801dac01b40 ffff8801cfda89a0
[ 20.827571] Call Trace:
[ 20.827583] [<ffffffff81eacd59>] dump_stack+0xc1/0x128
[ 20.827590] [<ffffffff82b495eb>] ? keychord_write+0x61b/0x810
[ 20.827596] [<ffffffff81546bfc>] kasan_object_err+0x1c/0x70
[ 20.827601] [<ffffffff81547404>] kasan_report_double_free+0x44/0x60
[ 20.827604] [<ffffffff815467ed>] kasan_slab_free+0x9d/0xc0
[ 20.827608] [<ffffffff815427f0>] kfree+0xf0/0x2f0
[ 20.827612] [<ffffffff82b495eb>] keychord_write+0x61b/0x810
[ 20.827616] [<ffffffff82b48fd0>] ? keychord_read+0x4f0/0x4f0
[ 20.827620] [<ffffffff81572d6b>] __vfs_write+0xfb/0x660
[ 20.827626] [<ffffffff81f134bb>] ? check_preemption_disabled+0x3b/0x200
[ 20.827630] [<ffffffff81572c70>] ? default_llseek+0x290/0x290
[ 20.827635] [<ffffffff81282f37>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 20.827642] [<ffffffff81d7beff>] ? common_file_perm+0x14f/0x390
[ 20.827646] [<ffffffff81d7c3a2>] ? apparmor_file_permission+0x22/0x30
[ 20.827653] [<ffffffff81cf8459>] ? security_file_permission+0x89/0x1e0
[ 20.827657] [<ffffffff81576785>] ? rw_verify_area+0xe5/0x2b0
[ 20.827660] [<ffffffff81576df0>] vfs_write+0x170/0x4e0
[ 20.827664] [<ffffffff8157a724>] SyS_write+0xd4/0x1a0
[ 20.827668] [<ffffffff8157a650>] ? SyS_read+0x1a0/0x1a0
[ 20.827674] [<ffffffff812377db>] ? trace_hardirqs_on_caller+0x38b/0x590
[ 20.827679] [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 20.827685] [<ffffffff83965985>] entry_SYSCALL_64_fastpath+0x23/0xc6
[ 20.827688] Object at ffff8801cfda89a0, in cache kmalloc-16 size: 16
[ 20.827689] Allocated:
[ 20.827690] PID = 3390
[ 20.827695] save_stack_trace+0x16/0x20
[ 20.827698] save_stack+0x43/0xd0
[ 20.827701] kasan_kmalloc+0xad/0xe0
[ 20.827703] __kmalloc+0x128/0x320
[ 20.827706] keychord_write+0x6d/0x810
[ 20.827709] __vfs_write+0xfb/0x660
[ 20.827712] vfs_write+0x170/0x4e0
[ 20.827715] SyS_write+0xd4/0x1a0
[ 20.827717] entry_SYSCALL_64_fastpath+0x23/0xc6
[ 20.827718] Freed:
[ 20.827719] PID = 3450
[ 20.827722] save_stack_trace+0x16/0x20
[ 20.827724] save_stack+0x43/0xd0
[ 20.827727] kasan_slab_free+0x73/0xc0
[ 20.827730] kfree+0xf0/0x2f0
[ 20.827732] keychord_write+0x150/0x810
[ 20.827735] __vfs_write+0xfb/0x660
[ 20.827738] vfs_write+0x170/0x4e0
[ 20.827741] SyS_write+0xd4/0x1a0
[ 20.827744] entry_SYSCALL_64_fastpath+0x23/0xc6
[ 20.827745] ==================================================================
[ 20.827746] Disabling lock debugging due to kernel taint
[ 20.832270] ==================================================================
[ 20.832272] BUG: Double free or freeing an invalid pointer
[ 20.832273] Unexpected shadow byte: 0xFB
[ 20.832278] CPU: 1 PID: 3407 Comm: syz-executor1 Tainted: G B 4.9.39-ga1e4c795 #8
[ 20.832279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 20.832285] ffff8801ce1d7b78 ffffffff81eacd59 ffff8801dac01b40 ffff8801cfda8940
[ 20.832290] ffff8801cfda8950 ffffffff82b495eb 0000000000000282 ffff8801ce1d7ba0
[ 20.832294] ffffffff81546bfc 00000000fffffffb ffff8801dac01b40 ffff8801cfda8940
[ 20.832295] Call Trace:
[ 20.832302] [<ffffffff81eacd59>] dump_stack+0xc1/0x128
[ 20.832306] [<ffffffff82b495eb>] ? keychord_write+0x61b/0x810
[ 20.832310] [<ffffffff81546bfc>] kasan_object_err+0x1c/0x70
[ 20.832314] [<ffffffff81547404>] kasan_report_double_free+0x44/0x60
[ 20.832318] [<ffffffff815467ed>] kasan_slab_free+0x9d/0xc0
[ 20.832321] [<ffffffff815427f0>] kfree+0xf0/0x2f0
[ 20.832325] [<ffffffff82b495eb>] keychord_write+0x61b/0x810
[ 20.832329] [<ffffffff82b48fd0>] ? keychord_read+0x4f0/0x4f0
[ 20.832332] [<ffffffff81572d6b>] __vfs_write+0xfb/0x660
[ 20.832336] [<ffffffff81f134bb>] ? check_preemption_disabled+0x3b/0x200
[ 20.832340] [<ffffffff81572c70>] ? default_llseek+0x290/0x290
[ 20.832344] [<ffffffff81282f37>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 20.832348] [<ffffffff81d7beff>] ? common_file_perm+0x14f/0x390
[ 20.832352] [<ffffffff81d7c3a2>] ? apparmor_file_permission+0x22/0x30
[ 20.832357] [<ffffffff81cf8459>] ? security_file_permission+0x89/0x1e0
[ 20.832360] [<ffffffff81576785>] ? rw_verify_area+0xe5/0x2b0
[ 20.832364] [<ffffffff81576df0>] vfs_write+0x170/0x4e0
[ 20.832368] [<ffffffff8157a724>] SyS_write+0xd4/0x1a0
[ 20.832371] [<ffffffff8157a650>] ? SyS_read+0x1a0/0x1a0
[ 20.832376] [<ffffffff812377db>] ? trace_hardirqs_on_caller+0x38b/0x590
[ 20.832379] [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 20.832383] [<ffffffff83965985>] entry_SYSCALL_64_fastpath+0x23/0xc6
[ 20.832386] Object at ffff8801cfda8940, in cache kmalloc-16 size: 16
[ 20.832387] Allocated:
[ 20.832388] PID = 3407
[ 20.832391] save_stack_trace+0x16/0x20
[ 20.832394] save_stack+0x43/0xd0
[ 20.832397] kasan_kmalloc+0xad/0xe0
[ 20.832399] __kmalloc+0x128/0x320
[ 20.832402] keychord_write+0x6d/0x810
[ 20.832404] __vfs_write+0xfb/0x660
[ 20.832407] vfs_write+0x170/0x4e0
[ 20.832410] SyS_write+0xd4/0x1a0
[ 20.832413] entry_SYSCALL_64_fastpath+0x23/0xc6
[ 20.832414] Freed:
[ 20.832415] PID = 3451
[ 20.832417] save_stack_trace+0x16/0x20
[ 20.832420] save_stack+0x43/0xd0
[ 20.832423] kasan_slab_free+0x73/0xc0
[ 20.832425] kfree+0xf0/0x2f0
[ 20.832428] keychord_write+0x150/0x810
[ 20.832431] __vfs_write+0xfb/0x660
[ 20.832434] vfs_write+0x170/0x4e0
[ 20.832436] SyS_write+0xd4/0x1a0
[ 20.832439] entry_SYSCALL_64_fastpath+0x23/0xc6
[ 20.832440] ==================================================================
[ 20.841367] ==================================================================
[ 20.841368] BUG: Double free or freeing an invalid pointer
[ 20.841369] Unexpected shadow byte: 0xFB
[ 20.841374] CPU: 0 PID: 3417 Comm: syz-executor7 Tainted: G B 4.9.39-ga1e4c795 #8
[ 20.841376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 20.841382] ffff8801c9e87b78 ffffffff81eacd59 ffff8801dac01b40 ffff8801ca566be0
[ 20.841387] ffff8801ca566bf0 ffffffff82b495eb 0000000000000282 ffff8801c9e87ba0
[ 20.841391] ffffffff81546bfc 00000000fffffffb ffff8801dac01b40 ffff8801ca566be0
[ 20.841392] Call Trace:
[ 20.841400] [<ffffffff81eacd59>] dump_stack+0xc1/0x128
[ 20.841405] [<ffffffff82b495eb>] ? keychord_write+0x61b/0x810
[ 20.841409] [<ffffffff81546bfc>] kasan_object_err+0x1c/0x70
[ 20.841413] [<ffffffff81547404>] kasan_report_double_free+0x44/0x60
[ 20.841417] [<ffffffff815467ed>] kasan_slab_free+0x9d/0xc0
[ 20.841420] [<ffffffff815427f0>] kfree+0xf0/0x2f0
[ 20.841424] [<ffffffff82b495eb>] keychord_write+0x61b/0x810
[ 20.841428] [<ffffffff82b48fd0>] ? keychord_read+0x4f0/0x4f0
[ 20.841431] [<ffffffff81572d6b>] __vfs_write+0xfb/0x660
[ 20.841436] [<ffffffff81f134bb>] ? check_preemption_disabled+0x3b/0x200
[ 20.841439] [<ffffffff81572c70>] ? default_llseek+0x290/0x290
[ 20.841444] [<ffffffff81282f37>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 20.841448] [<ffffffff81d7beff>] ? common_file_perm+0x14f/0x390
[ 20.841452] [<ffffffff81d7c3a2>] ? apparmor_file_permission+0x22/0x30
[ 20.841457] [<ffffffff81cf8459>] ? security_file_permission+0x89/0x1e0
[ 20.841461] [<ffffffff81576785>] ? rw_verify_area+0xe5/0x2b0
[ 20.841465] [<ffffffff81576df0>] vfs_write+0x170/0x4e0
[ 20.841469] [<ffffffff8157a724>] SyS_write+0xd4/0x1a0
[ 20.841473] [<ffffffff8157a650>] ? SyS_read+0x1a0/0x1a0
[ 20.841477] [<ffffffff812377db>] ? trace_hardirqs_on_caller+0x38b/0x590
[ 20.841481] [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 20.841485] [<ffffffff83965985>] entry_SYSCALL_64_fastpath+0x23/0xc6
[ 20.841488] Object at ffff8801ca566be0, in cache kmalloc-16 size: 16
[ 20.841489] Allocated:
[ 20.841490] PID = 3417
[ 20.841493] save_stack_trace+0x16/0x20
[ 20.841496] save_stack+0x43/0xd0
[ 20.841499] kasan_kmalloc+0xad/0xe0
[ 20.841502] __kmalloc+0x128/0x320
[ 20.841504] keychord_write+0x6d/0x810
[ 20.841507] __vfs_write+0xfb/0x660
[ 20.841510] vfs_write+0x170/0x4e0
[ 20.841513] SyS_write+0xd4/0x1a0
[ 20.841516] entry_SYSCALL_64_fastpath+0x23/0xc6
[ 20.841516] Freed:
[ 20.841518] PID = 3456
[ 20.841520] save_stack_trace+0x16/0x20
[ 20.841523] save_stack+0x43/0xd0
[ 20.841526] kasan_slab_free+0x73/0xc0
[ 20.841528] kfree+0xf0/0x2f0
[ 20.841531] keychord_write+0x150/0x810
[ 20.841533] __vfs_write+0xfb/0x660
[ 20.841536] vfs_write+0x170/0x4e0
[ 20.841539] SyS_write+0xd4/0x1a0
[ 20.841542] entry_SYSCALL_64_fastpath+0x23/0xc6
[ 20.841543] ==================================================================
[ 20.841545] ==================================================================
[ 20.841547] BUG: Double free or freeing an invalid pointer
[ 20.841548] Unexpected shadow byte: 0xFB
[ 20.841553] CPU: 1 PID: 3418 Comm: syz-executor6 Tainted: G B 4.9.39-ga1e4c795 #8
[ 20.841555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 20.841560] ffff8801c9ea7b78 ffffffff81eacd59 ffff8801dac01b40 ffff8801cfda88c0
[ 20.841565] ffff8801cfda88d0 ffffffff82b495eb 0000000000000282 ffff8801c9ea7ba0
[ 20.841569] ffffffff81546bfc 00000000fffffffb ffff8801dac01b40 ffff8801cfda88c0
[ 20.841570] Call Trace:
[ 20.841577] [<ffffffff81eacd59>] dump_stack+0xc1/0x128
[ 20.841581] [<ffffffff82b495eb>] ? keychord_write+0x61b/0x810
[ 20.841588] [<ffffffff81546bfc>] kasan_object_err+0x1c/0x70
[ 20.841592] [<ffffffff81547404>] kasan_report_double_free+0x44/0x60
[ 20.841596] [<ffffffff815467ed>] kasan_slab_free+0x9d/0xc0
[ 20.841599] [<ffffffff815427f0>] kfree+0xf0/0x2f0
[ 20.841603] [<ffffffff82b495eb>] keychord_write+0x61b/0x810
[ 20.841606] [<ffffffff82b48fd0>] ? keychord_read+0x4f0/0x4f0
[ 20.841610] [<ffffffff81572d6b>] __vfs_write+0xfb/0x660
[ 20.841614] [<ffffffff81f134bb>] ? check_preemption_disabled+0x3b/0x200