[....] Starting enhanced syslogd: rsyslogd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[ 28.274032] kauditd_printk_skb: 8 callbacks suppressed
[ 28.274044] audit: type=1800 audit(1541819983.427:29): pid=5568 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[ 28.301066] audit: type=1800 audit(1541819983.437:30): pid=5568 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0
Debian GNU/Linux 7 syzkaller ttyS0
syzkaller login: [ 51.705937] sshd (5711) used greatest stack depth: 15744 bytes left
Warning: Permanently added '10.128.0.64' (ECDSA) to the list of known hosts.
2018/11/10 03:20:13 parsed 1 programs
2018/11/10 03:20:16 executed programs: 0
[ 61.384589] IPVS: ftp: loaded support on port[0] = 21
[ 61.407786] IPVS: ftp: loaded support on port[0] = 21
[ 61.419576] IPVS: ftp: loaded support on port[0] = 21
[ 61.423328] IPVS: ftp: loaded support on port[0] = 21
[ 61.430881] IPVS: ftp: loaded support on port[0] = 21
[ 61.432275] IPVS: ftp: loaded support on port[0] = 21
[ 62.294834] bridge0: port 1(bridge_slave_0) entered blocking state
[ 62.311627] bridge0: port 1(bridge_slave_0) entered disabled state
[ 62.319318] device bridge_slave_0 entered promiscuous mode
[ 62.342745] bridge0: port 1(bridge_slave_0) entered blocking state
[ 62.355021] bridge0: port 1(bridge_slave_0) entered disabled state
[ 62.367224] device bridge_slave_0 entered promiscuous mode
[ 62.374659] bridge0: port 1(bridge_slave_0) entered blocking state
[ 62.381159] bridge0: port 1(bridge_slave_0) entered disabled state
[ 62.388490] device bridge_slave_0 entered promiscuous mode
[ 62.397460] bridge0: port 1(bridge_slave_0) entered blocking state
[ 62.403940] bridge0: port 1(bridge_slave_0) entered disabled state
[ 62.411265] device bridge_slave_0 entered promiscuous mode
[ 62.419989] bridge0: port 1(bridge_slave_0) entered blocking state
[ 62.426330] bridge0: port 1(bridge_slave_0) entered disabled state
[ 62.433462] device bridge_slave_0 entered promiscuous mode
[ 62.441399] bridge0: port 1(bridge_slave_0) entered blocking state
[ 62.449046] bridge0: port 1(bridge_slave_0) entered disabled state
[ 62.456129] device bridge_slave_0 entered promiscuous mode
[ 62.468458] bridge0: port 2(bridge_slave_1) entered blocking state
[ 62.474799] bridge0: port 2(bridge_slave_1) entered disabled state
[ 62.483312] device bridge_slave_1 entered promiscuous mode
[ 62.491946] bridge0: port 2(bridge_slave_1) entered blocking state
[ 62.499516] bridge0: port 2(bridge_slave_1) entered disabled state
[ 62.506583] device bridge_slave_1 entered promiscuous mode
[ 62.518371] bridge0: port 2(bridge_slave_1) entered blocking state
[ 62.524723] bridge0: port 2(bridge_slave_1) entered disabled state
[ 62.532485] device bridge_slave_1 entered promiscuous mode
[ 62.539896] bridge0: port 2(bridge_slave_1) entered blocking state
[ 62.546348] bridge0: port 2(bridge_slave_1) entered disabled state
[ 62.555760] device bridge_slave_1 entered promiscuous mode
[ 62.563825] bridge0: port 2(bridge_slave_1) entered blocking state
[ 62.571082] bridge0: port 2(bridge_slave_1) entered disabled state
[ 62.578391] device bridge_slave_1 entered promiscuous mode
[ 62.585987] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[ 62.594610] bridge0: port 2(bridge_slave_1) entered blocking state
[ 62.604015] bridge0: port 2(bridge_slave_1) entered disabled state
[ 62.614554] device bridge_slave_1 entered promiscuous mode
[ 62.622225] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[ 62.634523] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[ 62.643637] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[ 62.653980] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[ 62.662995] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[ 62.675290] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[ 62.685669] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[ 62.697040] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[ 62.721593] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[ 62.730946] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[ 62.761065] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[ 62.841085] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 62.857909] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 62.868580] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 62.917621] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 62.938692] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 62.966396] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 62.985611] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 62.998116] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 63.013188] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 63.058056] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 63.069599] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[ 63.077042] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 63.088073] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 63.097544] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[ 63.117842] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 63.139125] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[ 63.148657] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 63.159563] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[ 63.174156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 63.187258] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 63.197985] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[ 63.209497] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[ 63.217323] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[ 63.224152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 63.257568] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 63.265551] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 63.275314] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[ 63.303883] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 63.332087] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[ 63.355219] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[ 63.367309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 63.381635] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 63.397994] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[ 63.405605] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 63.458908] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 63.477521] team0: Port device team_slave_0 added
[ 63.517786] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 63.535337] team0: Port device team_slave_0 added
[ 63.541685] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 63.550150] team0: Port device team_slave_0 added
[ 63.576884] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 63.584331] team0: Port device team_slave_1 added
[ 63.615006] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 63.624964] team0: Port device team_slave_1 added
[ 63.632944] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 63.653407] team0: Port device team_slave_1 added
[ 63.661627] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 63.670378] team0: Port device team_slave_0 added
[ 63.685052] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 63.697564] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 63.719865] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 63.728054] team0: Port device team_slave_0 added
[ 63.733828] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 63.742650] team0: Port device team_slave_0 added
[ 63.757910] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 63.768551] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 63.793012] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 63.810492] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 63.829069] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[ 63.836460] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 63.844098] team0: Port device team_slave_1 added
[ 63.852655] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 63.866077] team0: Port device team_slave_1 added
[ 63.873029] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 63.884630] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 63.903542] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[ 63.915152] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 63.923034] team0: Port device team_slave_1 added
[ 63.931541] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[ 63.947333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 63.955375] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 63.966104] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 63.977500] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 63.996317] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 64.004233] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 64.012342] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[ 64.020923] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[ 64.044391] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 64.080495] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 64.088997] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 64.097293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 64.105119] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 64.112837] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 64.125379] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[ 64.138891] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[ 64.161906] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 64.175167] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 64.192411] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 64.200704] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 64.210518] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[ 64.221748] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[ 64.234612] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[ 64.256542] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 64.265850] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 64.282364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 64.291236] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 64.303018] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 64.311007] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 64.324644] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[ 64.334480] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[ 64.348967] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 64.362457] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 64.377558] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 64.388707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 64.404660] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[ 64.424413] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 64.437434] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 64.510606] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[ 64.530789] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 64.540047] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 64.894846] bridge0: port 2(bridge_slave_1) entered blocking state
[ 64.901443] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 64.908515] bridge0: port 1(bridge_slave_0) entered blocking state
[ 64.914891] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 64.925038] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 65.053310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 65.069527] bridge0: port 2(bridge_slave_1) entered blocking state
[ 65.075928] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 65.082671] bridge0: port 1(bridge_slave_0) entered blocking state
[ 65.089082] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 65.106382] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 65.117691] bridge0: port 2(bridge_slave_1) entered blocking state
[ 65.124063] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 65.130808] bridge0: port 1(bridge_slave_0) entered blocking state
[ 65.137260] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 65.147191] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 65.222629] bridge0: port 2(bridge_slave_1) entered blocking state
[ 65.229092] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 65.235759] bridge0: port 1(bridge_slave_0) entered blocking state
[ 65.242208] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 65.251188] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 65.321479] bridge0: port 2(bridge_slave_1) entered blocking state
[ 65.327953] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 65.334636] bridge0: port 1(bridge_slave_0) entered blocking state
[ 65.341096] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 65.365819] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 65.479388] bridge0: port 2(bridge_slave_1) entered blocking state
[ 65.485807] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 65.492528] bridge0: port 1(bridge_slave_0) entered blocking state
[ 65.498942] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 65.510466] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 66.065633] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 66.074932] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 66.083305] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 66.091230] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 66.102368] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 67.928520] 8021q: adding VLAN 0 to HW filter on device bond0
[ 67.955169] 8021q: adding VLAN 0 to HW filter on device bond0
[ 68.016373] 8021q: adding VLAN 0 to HW filter on device bond0
[ 68.210867] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 68.230048] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 68.267044] 8021q: adding VLAN 0 to HW filter on device bond0
[ 68.319913] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 68.353671] 8021q: adding VLAN 0 to HW filter on device bond0
[ 68.497447] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 68.503637] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 68.512291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 68.525758] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 68.541256] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 68.550495] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 68.559394] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 68.573592] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 68.589208] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 68.610516] 8021q: adding VLAN 0 to HW filter on device bond0
[ 68.649647] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 68.727471] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 68.790681] 8021q: adding VLAN 0 to HW filter on device team0
[ 68.822742] 8021q: adding VLAN 0 to HW filter on device team0
[ 68.875254] 8021q: adding VLAN 0 to HW filter on device team0
[ 68.894211] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 68.933732] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 68.941284] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 68.958029] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 69.049156] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 69.059315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 69.071538] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 69.175085] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 69.193802] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 69.202277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 69.224396] 8021q: adding VLAN 0 to HW filter on device team0
[ 69.357179] 8021q: adding VLAN 0 to HW filter on device team0
[ 69.458558] 8021q: adding VLAN 0 to HW filter on device team0
2018/11/10 03:20:25 executed programs: 6
2018/11/10 03:20:32 executed programs: 40
2018/11/10 03:20:39 executed programs: 87
[ 83.953632] ==================================================================
[ 83.962265] BUG: KASAN: use-after-free in task_is_descendant.part.3+0x610/0x670
[ 83.969740] Read of size 8 at addr ffff8801d933ab60 by task syz-executor2/7664
[ 83.977136]
[ 83.978786] CPU: 1 PID: 7664 Comm: syz-executor2 Not tainted 4.20.0-rc1+ #231
[ 83.986071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 83.995457] Call Trace:
[ 83.998069] dump_stack+0x244/0x39d
[ 84.001725] ? dump_stack_print_info.cold.1+0x20/0x20
[ 84.006948] ? printk+0xa7/0xcf
[ 84.010248] ? kmsg_dump_rewind_nolock+0xe4/0xe4
[ 84.015035] print_address_description.cold.7+0x9/0x1ff
[ 84.020448] kasan_report.cold.8+0x242/0x309
[ 84.024891] ? task_is_descendant.part.3+0x610/0x670
[ 84.030035] __asan_report_load8_noabort+0x14/0x20
[ 84.034991] task_is_descendant.part.3+0x610/0x670
[ 84.039950] ? yama_relation_cleanup+0x500/0x500
[ 84.044732] ? check_preemption_disabled+0x48/0x280
[ 84.049774] ? kasan_check_read+0x11/0x20
[ 84.053949] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[ 84.059243] ? rcu_softirq_qs+0x20/0x20
[ 84.063238] ? find_held_lock+0x36/0x1c0
[ 84.067352] yama_ptrace_access_check+0x215/0x10fc
[ 84.072318] ? check_preemption_disabled+0x48/0x280
[ 84.077352] ? task_is_descendant.part.3+0x670/0x670
[ 84.082473] ? rcu_read_unlock_special+0x1c0/0x1c0
[ 84.087448] ? kasan_check_read+0x11/0x20
[ 84.091605] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[ 84.096887] ? rcu_softirq_qs+0x20/0x20
[ 84.100880] ? cap_ptrace_access_check+0x2cc/0x6b0
[ 84.105813] ? __ptrace_may_access+0x4b0/0x980
[ 84.110404] ? cap_ptrace_traceme+0x6b0/0x6b0
[ 84.114917] ? rcu_read_unlock_special+0x1c0/0x1c0
[ 84.119859] ? kasan_check_read+0x11/0x20
[ 84.124032] ? rcu_softirq_qs+0x20/0x20
[ 84.128020] security_ptrace_access_check+0x54/0xb0
[ 84.133051] __ptrace_may_access+0x5c8/0x980
[ 84.137477] ? ptrace_setsiginfo+0x1a0/0x1a0
[ 84.141890] ? rcu_softirq_qs+0x20/0x20
[ 84.145903] ptrace_attach+0x1fa/0x640
[ 84.149823] __ia32_compat_sys_ptrace+0x1d2/0x260
[ 84.154676] do_fast_syscall_32+0x34d/0xfb2
[ 84.159011] ? do_int80_syscall_32+0x890/0x890
[ 84.163599] ? entry_SYSENTER_compat+0x68/0x7f
[ 84.168188] ? trace_hardirqs_off_caller+0xbb/0x310
[ 84.173215] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 84.178130] ? trace_hardirqs_on_caller+0x310/0x310
[ 84.183154] ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 84.188195] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[ 84.194871] ? __switch_to_asm+0x40/0x70
[ 84.198944] ? __switch_to_asm+0x34/0x70
[ 84.203029] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 84.207885] entry_SYSENTER_compat+0x70/0x7f
[ 84.212283] RIP: 0023:0xf7f21a29
[ 84.215648] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 84.234739] RSP: 002b:00000000f7f1d0cc EFLAGS: 00000296 ORIG_RAX: 000000000000001a
[ 84.242466] RAX: ffffffffffffffda RBX: 0000000000004206 RCX: 0000000000000136
[ 84.249743] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 84.257019] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 84.264381] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 84.271668] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 84.278962]
[ 84.280595] Allocated by task 5747:
[ 84.284247] save_stack+0x43/0xd0
[ 84.287709] kasan_kmalloc+0xc7/0xe0
[ 84.291439] kasan_slab_alloc+0x12/0x20
[ 84.295442] kmem_cache_alloc_node+0x144/0x730
[ 84.300049] copy_process+0x2026/0x87a0
[ 84.304031] _do_fork+0x1cb/0x11d0
[ 84.307578] __ia32_compat_sys_x86_clone+0xbc/0x140
[ 84.312601] do_fast_syscall_32+0x34d/0xfb2
[ 84.316925] entry_SYSENTER_compat+0x70/0x7f
[ 84.321357]
[ 84.322983] Freed by task 16:
[ 84.326113] save_stack+0x43/0xd0
[ 84.329574] __kasan_slab_free+0x102/0x150
[ 84.333814] kasan_slab_free+0xe/0x10
[ 84.337619] kmem_cache_free+0x83/0x290
[ 84.341604] free_task+0x16e/0x1f0
[ 84.345149] __put_task_struct+0x2e6/0x620
[ 84.349389] delayed_put_task_struct+0x2ff/0x4c0
[ 84.354153] rcu_process_callbacks+0x100a/0x1ac0
[ 84.358911] __do_softirq+0x308/0xb7e
[ 84.362722]
[ 84.364356] The buggy address belongs to the object at ffff8801d933a680
[ 84.364356] which belongs to the cache task_struct(81:syz2) of size 6080
[ 84.377897] The buggy address is located 1248 bytes inside of
[ 84.377897] 6080-byte region [ffff8801d933a680, ffff8801d933be40)
[ 84.389966] The buggy address belongs to the page:
[ 84.394909] page:ffffea000764ce80 count:1 mapcount:0 mapping:ffff8801c14199c0 index:0x0 compound_mapcount: 0
[ 84.404901] flags: 0x2fffc0000010200(slab|head)
[ 84.409590] raw: 02fffc0000010200 ffffea000707d708 ffffea0007640988 ffff8801c14199c0
[ 84.417488] raw: 0000000000000000 ffff8801d933a680 0000000100000001 ffff8801d5b1ab80
[ 84.425378] page dumped because: kasan: bad access detected
[ 84.431084] page->mem_cgroup:ffff8801d5b1ab80
[ 84.435571]
[ 84.437193] Memory state around the buggy address:
[ 84.442125] ffff8801d933aa00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 84.449503] ffff8801d933aa80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 84.456880] >ffff8801d933ab00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 84.464242] ^
[ 84.470742] ffff8801d933ab80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 84.478112] ffff8801d933ac00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 84.485524] ==================================================================
[ 84.492881] Disabling lock debugging due to kernel taint
[ 84.498539] Kernel panic - not syncing: panic_on_warn set ...
[ 84.504455] CPU: 1 PID: 7664 Comm: syz-executor2 Tainted: G B 4.20.0-rc1+ #231
[ 84.513128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 84.522477] Call Trace:
[ 84.525070] dump_stack+0x244/0x39d
[ 84.528704] ? dump_stack_print_info.cold.1+0x20/0x20
[ 84.533904] panic+0x2ad/0x55c
[ 84.537105] ? add_taint.cold.5+0x16/0x16
[ 84.541260] ? trace_hardirqs_on+0xb4/0x310
[ 84.545592] kasan_end_report+0x47/0x4f
[ 84.549568] kasan_report.cold.8+0x76/0x309
[ 84.553896] ? task_is_descendant.part.3+0x610/0x670
[ 84.559006] __asan_report_load8_noabort+0x14/0x20
[ 84.563949] task_is_descendant.part.3+0x610/0x670
[ 84.568888] ? yama_relation_cleanup+0x500/0x500
[ 84.573659] ? check_preemption_disabled+0x48/0x280
[ 84.578679] ? kasan_check_read+0x11/0x20
[ 84.582841] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[ 84.588118] ? rcu_softirq_qs+0x20/0x20
[ 84.592098] ? find_held_lock+0x36/0x1c0
[ 84.596180] yama_ptrace_access_check+0x215/0x10fc
[ 84.601130] ? check_preemption_disabled+0x48/0x280
[ 84.606150] ? task_is_descendant.part.3+0x670/0x670
[ 84.611277] ? rcu_read_unlock_special+0x1c0/0x1c0
[ 84.616223] ? kasan_check_read+0x11/0x20
[ 84.620385] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[ 84.625684] ? rcu_softirq_qs+0x20/0x20
[ 84.629674] ? cap_ptrace_access_check+0x2cc/0x6b0
[ 84.634607] ? __ptrace_may_access+0x4b0/0x980
[ 84.639193] ? cap_ptrace_traceme+0x6b0/0x6b0
[ 84.643693] ? rcu_read_unlock_special+0x1c0/0x1c0
[ 84.648627] ? kasan_check_read+0x11/0x20
[ 84.652775] ? rcu_softirq_qs+0x20/0x20
[ 84.656757] security_ptrace_access_check+0x54/0xb0
[ 84.661779] __ptrace_may_access+0x5c8/0x980
[ 84.666216] ? ptrace_setsiginfo+0x1a0/0x1a0
[ 84.670641] ? rcu_softirq_qs+0x20/0x20
[ 84.674622] ptrace_attach+0x1fa/0x640
[ 84.678517] __ia32_compat_sys_ptrace+0x1d2/0x260
[ 84.683367] do_fast_syscall_32+0x34d/0xfb2
[ 84.687697] ? do_int80_syscall_32+0x890/0x890
[ 84.692286] ? entry_SYSENTER_compat+0x68/0x7f
[ 84.696873] ? trace_hardirqs_off_caller+0xbb/0x310
[ 84.701907] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 84.706762] ? trace_hardirqs_on_caller+0x310/0x310
[ 84.711805] ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 84.716829] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[ 84.723961] ? __switch_to_asm+0x40/0x70
[ 84.728028] ? __switch_to_asm+0x34/0x70
[ 84.732094] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 84.736958] entry_SYSENTER_compat+0x70/0x7f
[ 84.741384] RIP: 0023:0xf7f21a29
[ 84.744767] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 84.763689] RSP: 002b:00000000f7f1d0cc EFLAGS: 00000296 ORIG_RAX: 000000000000001a
[ 84.771426] RAX: ffffffffffffffda RBX: 0000000000004206 RCX: 0000000000000136
[ 84.778697] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 84.785963] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 84.793234] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 84.800516] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 84.808768] Kernel Offset: disabled
[ 84.812412] Rebooting in 86400 seconds..