INIT: Entering runlevel: 2

[info] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added 'ci-upstream-mmots-kasan-gce-5,10.128.0.43' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   41.266540] refcount_t: underflow; use-after-free.
[   41.271623] ------------[ cut here ]------------
[   41.276487] WARNING: CPU: 1 PID: 2992 at lib/refcount.c:186 refcount_sub_and_test+0x167/0x1b0
[   41.285640] Kernel panic - not syncing: panic_on_warn set ...
[   41.285640] 
[   41.292976] CPU: 1 PID: 2992 Comm: syzkaller813086 Not tainted 4.13.0-mm1+ #7
[   41.300220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   41.309543] Call Trace:
[   41.312104]  dump_stack+0x194/0x257
[   41.315705]  ? arch_local_irq_restore+0x53/0x53
[   41.320355]  panic+0x1e4/0x417
[   41.323519]  ? __warn+0x1d9/0x1d9
[   41.326940]  ? show_regs_print_info+0x65/0x65
[   41.331420]  ? refcount_sub_and_test+0x167/0x1b0
[   41.336148]  __warn+0x1c4/0x1d9
[   41.339399]  ? refcount_sub_and_test+0x167/0x1b0
[   41.344129]  report_bug+0x211/0x2d0
[   41.347736]  fixup_bug+0x40/0x90
[   41.351074]  do_trap+0x260/0x390
[   41.354415]  do_error_trap+0x120/0x390
[   41.358279]  ? do_trap+0x390/0x390
[   41.361793]  ? refcount_sub_and_test+0x167/0x1b0
[   41.366537]  ? vprintk_emit+0x3ea/0x590
[   41.370492]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   41.375310]  do_invalid_op+0x1b/0x20
[   41.378995]  invalid_op+0x18/0x20
[   41.382419] RIP: 0010:refcount_sub_and_test+0x167/0x1b0
[   41.387752] RSP: 0018:ffff8801ce74e300 EFLAGS: 00010282
[   41.393089] RAX: 0000000000000026 RBX: 0000000000000001 RCX: 0000000000000000
[   41.400329] RDX: 0000000000000026 RSI: 1ffff10039ce9c20 RDI: ffffed0039ce9c54
[   41.407580] RBP: ffff8801ce74e390 R08: ffff8801ce74d9f0 R09: 0000000000000000
[   41.414821] R10: 0000000000000000 R11: 0000000000000000 R12: 1ffff10039ce9c61
[   41.422065] R13: 00000000ffffff01 R14: 0000000000000100 R15: ffff8801ce2f1364
[   41.429331]  ? refcount_inc+0x50/0x50
[   41.433114]  ? __sctp_outq_teardown+0xc7d/0x15a0
[   41.437839]  ? sctp_association_free+0x2d0/0x930
[   41.442568]  ? sctp_do_sm+0x28e7/0x6dd0
[   41.446510]  ? sctp_primitive_SHUTDOWN+0xa0/0xd0
[   41.451234]  ? sctp_close+0x3c6/0x980
[   41.455009]  ? inet_release+0xed/0x1c0
[   41.458875]  sctp_wfree+0x183/0x620
[   41.462473]  ? __sctp_write_space+0x910/0x910
[   41.466953]  skb_release_head_state+0x124/0x200
[   41.471620]  skb_release_all+0x15/0x60
[   41.475489]  consume_skb+0x153/0x490
[   41.479172]  ? sctp_chunk_put+0x99/0x420
[   41.483205]  ? alloc_skb_with_frags+0x710/0x710
[   41.487844]  ? sctp_chunk_hold+0x20/0x20
[   41.491880]  ? refcount_sub_and_test+0x115/0x1b0
[   41.496605]  ? refcount_inc+0x50/0x50
[   41.500375]  ? mark_held_locks+0xb2/0x100
[   41.504495]  ? sctp_datamsg_put+0x456/0x560
[   41.508792]  sctp_chunk_put+0x29c/0x420
[   41.512741]  ? sctp_chunk_hold+0x20/0x20
[   41.516777]  ? sctp_transport_dst_confirm+0x50/0x50
[   41.521781]  sctp_chunk_free+0x53/0x60
[   41.525640]  __sctp_outq_teardown+0xc7d/0x15a0
[   41.530207]  ? inet6_release+0x50/0x70
[   41.534073]  ? sctp_inq_set_th_handler+0x1b0/0x1b0
[   41.538975]  ? unwind_next_frame.part.6+0x1ae/0xc70
[   41.543967]  ? unwind_next_frame.part.6+0x1ae/0xc70
[   41.548958]  ? unwind_dump+0x4c0/0x4c0
[   41.552820]  ? unwind_dump+0x4c0/0x4c0
[   41.556683]  ? copy_trace+0x1d0/0x1d0
[   41.560460]  ? check_noncircular+0x20/0x20
[   41.564669]  ? check_noncircular+0x20/0x20
[   41.568873]  ? unwind_get_return_address+0x61/0xa0
[   41.573779]  ? __save_stack_trace+0x61/0xd0
[   41.578081]  ? check_noncircular+0x20/0x20
[   41.582291]  ? print_usage_bug+0x480/0x480
[   41.586504]  ? find_held_lock+0x39/0x1d0
[   41.590545]  ? lock_downgrade+0x990/0x990
[   41.594669]  ? sk_dst_check+0x560/0x560
[   41.598615]  ? rcu_read_lock_sched_held+0x108/0x120
[   41.603605]  ? lock_release+0xd70/0xd70
[   41.607559]  sctp_outq_free+0x15/0x20
[   41.611332]  sctp_association_free+0x2d0/0x930
[   41.615891]  ? sctp_asconf_queue_teardown+0x700/0x700
[   41.621054]  ? sock_def_wakeup+0x222/0x350
[   41.625263]  ? sk_dst_check+0x560/0x560
[   41.629224]  ? sctp_association_put+0x74/0x2f0
[   41.633777]  ? sctp_association_hold+0x20/0x20
[   41.638336]  ? __unwind_start+0x169/0x330
[   41.642465]  ? sctp_sm_lookup_event+0x95/0x3c0
[   41.647024]  sctp_do_sm+0x28e7/0x6dd0
[   41.650810]  ? sctp_do_8_2_transport_strike.isra.16+0x8a0/0x8a0
[   41.656849]  ? debug_check_no_locks_freed+0x3d0/0x3d0
[   41.662012]  ? print_usage_bug+0x480/0x480
[   41.666219]  ? print_usage_bug+0x480/0x480
[   41.670426]  ? find_held_lock+0x39/0x1d0
[   41.674467]  ? lock_downgrade+0x990/0x990
[   41.678593]  ? skb_dequeue+0x22/0x180
[   41.682372]  ? do_raw_spin_trylock+0x190/0x190
[   41.686946]  ? mark_held_locks+0xb2/0x100
[   41.691072]  ? trace_hardirqs_on+0xd/0x10
[   41.695199]  sctp_primitive_SHUTDOWN+0xa0/0xd0
[   41.699755]  sctp_close+0x3c6/0x980
[   41.703362]  ? sctp_apply_peer_addr_params+0xf30/0xf30
[   41.708610]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   41.713596]  ? trace_hardirqs_on+0xd/0x10
[   41.717726]  ? rcu_eqs_enter_common.constprop.73+0x270/0x270
[   41.723500]  ? ipv6_sock_ac_close+0x2e8/0x3e0
[   41.727970]  ? ipv6_sock_mc_close+0x148/0x1a0
[   41.732434]  ? ipv6_sock_ac_drop+0x580/0x580
[   41.736815]  ? ip_mc_drop_socket+0x1ce/0x230
[   41.741202]  ? __fsnotify_parent+0xb4/0x3a0
[   41.745503]  inet_release+0xed/0x1c0
[   41.749195]  inet6_release+0x50/0x70
[   41.752885]  sock_release+0x8d/0x1e0
[   41.756573]  ? sock_release+0x1e0/0x1e0
[   41.760528]  sock_close+0x16/0x20
[   41.763960]  __fput+0x333/0x7f0
[   41.767219]  ? fput+0x140/0x140
[   41.770486]  ? check_same_owner+0x320/0x320
[   41.774787]  ____fput+0x15/0x20
[   41.778043]  task_work_run+0x199/0x270
[   41.781907]  ? task_work_cancel+0x210/0x210
[   41.786217]  ? free_nsproxy+0x185/0x1f0
[   41.790166]  ? switch_task_namespaces+0xa2/0xc0
[   41.794815]  do_exit+0xa52/0x1b40
[   41.798248]  ? print_usage_bug+0x480/0x480
[   41.802466]  ? mm_update_next_owner+0x930/0x930
[   41.807115]  ? find_held_lock+0x39/0x1d0
[   41.811156]  ? check_noncircular+0x20/0x20
[   41.815367]  ? check_noncircular+0x20/0x20
[   41.819575]  ? lock_downgrade+0x990/0x990
[   41.823706]  ? reacquire_held_locks+0x205/0x3d0
[   41.828350]  ? check_noncircular+0x20/0x20
[   41.832556]  ? find_held_lock+0x39/0x1d0
[   41.836601]  ? lock_downgrade+0x990/0x990
[   41.840722]  ? lock_downgrade+0x990/0x990
[   41.844845]  ? find_held_lock+0x39/0x1d0
[   41.848888]  ? lock_downgrade+0x990/0x990
[   41.853011]  ? recalc_sigpending_tsk+0x117/0x150
[   41.857745]  ? recalc_sigpending+0x103/0x160
[   41.862126]  ? recalc_sigpending_tsk+0x150/0x150
[   41.866851]  ? get_signal+0x397/0x17e0
[   41.870729]  do_group_exit+0x149/0x400
[   41.874592]  ? __lock_is_held+0xbc/0x140
[   41.878633]  ? SyS_exit+0x30/0x30
[   41.882070]  ? _raw_spin_unlock_irq+0x27/0x70
[   41.886550]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   41.891543]  get_signal+0x7e8/0x17e0
[   41.895259]  ? ptrace_notify+0x130/0x130
[   41.899303]  ? __local_bh_enable_ip+0x9d/0x160
[   41.903866]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   41.908867]  ? release_sock+0x1d4/0x2a0
[   41.912818]  ? trace_hardirqs_on+0xd/0x10
[   41.916937]  ? __local_bh_enable_ip+0x9d/0x160
[   41.921493]  ? _raw_spin_unlock_bh+0x30/0x40
[   41.925874]  ? release_sock+0x1d4/0x2a0
[   41.929825]  ? trace_hardirqs_on+0xd/0x10
[   41.933952]  do_signal+0x94/0x1ee0
[   41.937467]  ? inet_sendmsg+0x11f/0x5e0
[   41.941409]  ? inet_sendmsg+0x126/0x5e0
[   41.945357]  ? __might_sleep+0x95/0x190
[   41.949305]  ? setup_sigcontext+0x7d0/0x7d0
[   41.953613]  ? selinux_socket_sendmsg+0x36/0x40
[   41.958268]  ? security_socket_sendmsg+0x89/0xb0
[   41.963006]  ? inet_recvmsg+0x5f0/0x5f0
[   41.966960]  ? sock_sendmsg+0x4f/0x110
[   41.970822]  ? fput+0xd2/0x140
[   41.973991]  ? SYSC_sendto+0x413/0x5a0
[   41.977860]  ? SYSC_connect+0x480/0x480
[   41.981803]  ? __handle_mm_fault+0x39c0/0x39c0
[   41.986366]  ? exit_to_usermode_loop+0x98/0x300
[   41.991014]  exit_to_usermode_loop+0x224/0x300
[   41.995570]  ? trace_event_raw_event_sys_exit+0x260/0x260
[   42.001080]  ? __do_page_fault+0xb60/0xb60
[   42.005288]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   42.010283]  syscall_return_slowpath+0x42f/0x500
[   42.015011]  ? finish_task_switch+0x1aa/0x740
[   42.019489]  ? prepare_exit_to_usermode+0x2c0/0x2c0
[   42.024830]  ? entry_SYSCALL_64_fastpath+0x91/0xbe
[   42.029733]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   42.034729]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   42.039463]  entry_SYSCALL_64_fastpath+0xbc/0xbe
[   42.044191] RIP: 0033:0x445da9
[   42.047353] RSP: 002b:00007fae952aedb8 EFLAGS: 00000212 ORIG_RAX: 000000000000002c
[   42.055034] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000445da9
[   42.062274] RDX: 0000000000000001 RSI: 0000000020018fff RDI: 0000000000000003
[   42.069513] RBP: 0000000000000000 R08: 00000000206e4000 R09: 000000000000001c
[   42.076753] R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000000000
[   42.084413] R13: 00000000007efe8f R14: 00007fae952af9c0 R15: 0000000000000000
[   42.091823] Dumping ftrace buffer:
[   42.095494]    (ftrace buffer empty)
[   42.099178] Kernel Offset: disabled
[   42.102782] Rebooting in 86400 seconds..