Pseudo-terminal will not be allocated because stdin is not a terminal.
Warning: Permanently added 'ci-android-49-kasan-gce-6,10.128.0.10' (ECDSA) to the list of known hosts.
Warning: Permanently added '[ssh-serialport.googleapis.com]:9600,[216.239.38.127]:9600' (RSA) to the list of known hosts.
2017/07/22 15:55:37 parsed 1 programs
2017/07/22 15:55:37 executed programs: 0
serialport: Connected to syzkaller.us-central1-c.ci-android-49-kasan-gce-6 port 1 (session ID: f2117e1817f0307e0d5c0556560be2750bec59602507ff62e9423d68047999ca, active connections: 1).
INIT: Entering runlevel: 2
[�[36minfo�[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
2017/07/22 15:55:42 executed programs: 349
2017/07/22 15:55:47 executed programs: 630
2017/07/22 15:55:52 executed programs: 921
2017/07/22 15:55:57 executed programs: 1207
2017/07/22 15:56:02 executed programs: 1491
2017/07/22 15:56:08 executed programs: 1774
2017/07/22 15:56:13 executed programs: 2062
2017/07/22 15:56:18 executed programs: 2349
2017/07/22 15:56:23 executed programs: 2634
2017/07/22 15:56:28 executed programs: 2911
2017/07/22 15:56:33 executed programs: 3189
2017/07/22 15:56:38 executed programs: 3476
2017/07/22 15:56:43 executed programs: 3759
2017/07/22 15:56:48 executed programs: 4049
2017/07/22 15:56:53 executed programs: 4338
2017/07/22 15:56:58 executed programs: 4620
2017/07/22 15:57:03 executed programs: 4902
2017/07/22 15:57:08 executed programs: 5188
2017/07/22 15:57:13 executed programs: 5471
2017/07/22 15:57:18 executed programs: 5751
2017/07/22 15:57:23 executed programs: 6042
2017/07/22 15:57:28 executed programs: 6330
2017/07/22 15:57:33 executed programs: 6615
2017/07/22 15:57:38 executed programs: 6898
2017/07/22 15:57:43 executed programs: 7187
syzkaller login: [ 1246.709244] ==================================================================
[ 1246.710845] BUG: KASAN: use-after-free in do_get_mempolicy+0xb41/0xba0 at addr ffff8801d867e0a6
[ 1246.712563] Read of size 2 by task syz-executor7/30145
[ 1246.713604] CPU: 1 PID: 30145 Comm: syz-executor7 Not tainted 4.9.39-g5b07c2d #4
[ 1246.714802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1246.716108] ffff8801c7f3fcf8 ffffffff81eacd59 ffff8801dac0ec80 ffff8801d867e0a0
[ 1246.717584] ffff8801d867e0b8 ffffed003b0cfc14 ffff8801d867e0a6 ffff8801c7f3fd20
[ 1246.719098] ffffffff81546bfc ffffed003b0cfc14 ffff8801dac0ec80 0000000000000000
[ 1246.720279] Call Trace:
[ 1246.720755] [<ffffffff81eacd59>] dump_stack+0xc1/0x128
[ 1246.721581] [<ffffffff81546bfc>] kasan_object_err+0x1c/0x70
[ 1246.722425] [<ffffffff81546ead>] kasan_report.part.1+0x20d/0x4e0
[ 1246.723490] [<ffffffff8152bf91>] ? do_get_mempolicy+0xb41/0xba0
[ 1246.724327] [<ffffffff81edfa3b>] ? call_rwsem_wake+0x1b/0x30
[ 1246.725178] [<ffffffff815471d9>] __asan_report_load2_noabort+0x29/0x30
[ 1246.726538] [<ffffffff8152bf91>] do_get_mempolicy+0xb41/0xba0
[ 1246.727386] [<ffffffff8152b450>] ? sp_free+0x60/0x60
[ 1246.728081] [<ffffffff8152ca73>] SyS_get_mempolicy+0xc3/0x190
[ 1246.728992] [<ffffffff8152c9b0>] ? SyS_migrate_pages+0x710/0x710
[ 1246.734043] [<ffffffff8152fc76>] ? SyS_mbind+0xe6/0x150
[ 1246.739469] [<ffffffff839658a7>] ? entry_SYSCALL_64_fastpath+0x5/0xc6
[ 1246.746129] [<ffffffff812377db>] ? trace_hardirqs_on_caller+0x38b/0x590
[ 1246.752952] [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1246.759548] [<ffffffff839658c5>] entry_SYSCALL_64_fastpath+0x23/0xc6
[ 1246.766098] Object at ffff8801d867e0a0, in cache numa_policy size: 24
[ 1246.772642] Allocated:
[ 1246.775111] PID = 30145
[ 1246.777687] save_stack_trace+0x16/0x20
[ 1246.781633] save_stack+0x43/0xd0
[ 1246.785069] kasan_kmalloc+0xad/0xe0
[ 1246.788750] kasan_slab_alloc+0x12/0x20
[ 1246.792694] kmem_cache_alloc+0xc9/0x2a0
[ 1246.796728] __mpol_dup+0x79/0x3c0
[ 1246.800237] do_mbind+0x71e/0xb30
[ 1246.803672] SyS_mbind+0x13b/0x150
[ 1246.807180] entry_SYSCALL_64_fastpath+0x23/0xc6
[ 1246.811899] Freed:
[ 1246.814018] PID = 30128
[ 1246.816571] save_stack_trace+0x16/0x20
[ 1246.820511] save_stack+0x43/0xd0
[ 1246.823936] kasan_slab_free+0x73/0xc0
[ 1246.827805] kmem_cache_free+0xb2/0x2e0
[ 1246.831780] __mpol_put+0x26/0x30
[ 1246.835202] remove_vma+0x12b/0x1a0
[ 1246.838800] do_munmap+0x7ff/0xeb0
[ 1246.842308] mmap_region+0x14d/0xfe0
[ 1246.845990] do_mmap+0x595/0xbe0
[ 1246.849327] vm_mmap_pgoff+0x158/0x1a0
[ 1246.853183] SyS_mmap_pgoff+0x1fc/0x580
[ 1246.857127] SyS_mmap+0x16/0x20
[ 1246.860378] entry_SYSCALL_64_fastpath+0x23/0xc6
[ 1246.865109] Memory state around the buggy address:
[ 1246.870009] ffff8801d867df80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1246.877337] ffff8801d867e000: fb fb fb fc fc fb fb fb fc fc fb fb fb fc fc fb
[ 1246.884664] >ffff8801d867e080: fb fb fc fc fb fb fb fc fc fb fb fb fc fc fb fb
[ 1246.891994] ^
[ 1246.896383] ffff8801d867e100: fb fc fc fb fb fb fc fc fb fb fb fc fc fb fb fb
[ 1246.903711] ffff8801d867e180: fc fc fb fb fb fc fc fb fb fb fc fc fb fb fb fc
[ 1246.911037] ==================================================================
[ 1246.918378] Disabling lock debugging due to kernel taint
[ 1246.952502] ==================================================================
[ 1246.959908] BUG: KASAN: use-after-free in do_get_mempolicy+0xb23/0xba0 at addr ffff8801d867e0b0
[ 1246.968716] Read of size 8 by task syz-executor7/30145
[ 1246.973976] CPU: 1 PID: 30145 Comm: syz-executor7 Tainted: G B 4.9.39-g5b07c2d #4
[ 1246.982696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1246.992022] ffff8801c7f3fcf8 ffffffff81eacd59 ffff8801dac0ec80 ffff8801d867e0a0
[ 1247.000020] ffff8801d867e0b8 ffffed003b0cfc16 ffff8801d867e0b0 ffff8801c7f3fd20
[ 1247.008057] ffffffff81546bfc ffffed003b0cfc16 ffff8801dac0ec80 0000000000000000
[ 1247.016030] Call Trace:
[ 1247.018596] [<ffffffff81eacd59>] dump_stack+0xc1/0x128
[ 1247.023931] [<ffffffff81546bfc>] kasan_object_err+0x1c/0x70
[ 1247.029697] [<ffffffff81546ead>] kasan_report.part.1+0x20d/0x4e0
[ 1247.035911] [<ffffffff8152bf73>] ? do_get_mempolicy+0xb23/0xba0
[ 1247.042029] [<ffffffff81547239>] __asan_report_load8_noabort+0x29/0x30
[ 1247.048782] [<ffffffff8152bf73>] do_get_mempolicy+0xb23/0xba0
[ 1247.054725] [<ffffffff8152b450>] ? sp_free+0x60/0x60
[ 1247.059887] [<ffffffff8152ca73>] SyS_get_mempolicy+0xc3/0x190
[ 1247.065840] [<ffffffff8152c9b0>] ? SyS_migrate_pages+0x710/0x710
[ 1247.072044] [<ffffffff8152fc76>] ? SyS_mbind+0xe6/0x150
[ 1247.077465] [<ffffffff839658a7>] ? entry_SYSCALL_64_fastpath+0x5/0xc6
[ 1247.084103] [<ffffffff812377db>] ? trace_hardirqs_on_caller+0x38b/0x590
[ 1247.090917] [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1247.097465] [<ffffffff839658c5>] entry_SYSCALL_64_fastpath+0x23/0xc6
[ 1247.104016] Object at ffff8801d867e0a0, in cache numa_policy size: 24
[ 1247.110561] Allocated:
[ 1247.113028] PID = 30145
[ 1247.115598] save_stack_trace+0x16/0x20
[ 1247.119539] save_stack+0x43/0xd0
[ 1247.122960] kasan_kmalloc+0xad/0xe0
[ 1247.126640] kasan_slab_alloc+0x12/0x20
[ 1247.130597] kmem_cache_alloc+0xc9/0x2a0
[ 1247.134628] __mpol_dup+0x79/0x3c0
[ 1247.138136] do_mbind+0x71e/0xb30
[ 1247.141556] SyS_mbind+0x13b/0x150
[ 1247.145065] entry_SYSCALL_64_fastpath+0x23/0xc6
[ 1247.149802] Freed:
[ 1247.151918] PID = 30128
[ 1247.154471] save_stack_trace+0x16/0x20
[ 1247.158415] save_stack+0x43/0xd0
[ 1247.161837] kasan_slab_free+0x73/0xc0
[ 1247.165692] kmem_cache_free+0xb2/0x2e0
[ 1247.169637] __mpol_put+0x26/0x30
[ 1247.173059] remove_vma+0x12b/0x1a0
[ 1247.176652] do_munmap+0x7ff/0xeb0
[ 1247.180161] mmap_region+0x14d/0xfe0
[ 1247.183843] do_mmap+0x595/0xbe0
[ 1247.187179] vm_mmap_pgoff+0x158/0x1a0
[ 1247.191034] SyS_mmap_pgoff+0x1fc/0x580
[ 1247.194994] SyS_mmap+0x16/0x20
[ 1247.198243] entry_SYSCALL_64_fastpath+0x23/0xc6
[ 1247.202963] Memory state around the buggy address:
[ 1247.207877] ffff8801d867df80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1247.215205] ffff8801d867e000: fb fb fb fc fc fb fb fb fc fc fb fb fb fc fc fb
[ 1247.222533] >ffff8801d867e080: fb fb fc fc fb fb fb fc fc fb fb fb fc fc fb fb
[ 1247.229881] ^
[ 1247.234777] ffff8801d867e100: fb fc fc fb fb fb fc fc fb fb fb fc fc fb fb fb
[ 1247.242104] ffff8801d867e180: fc fc fb fb fb fc fc fb fb fb fc fc fb fb fb fc
[ 1247.249430] ==================================================================
[ 1247.258794] ==================================================================
[ 1247.266146] BUG: KASAN: use-after-free in do_get_mempolicy+0xaee/0xba0 at addr ffff8801d867e0a6
[ 1247.274953] Read of size 2 by task syz-executor7/30145
[ 1247.280212] CPU: 1 PID: 30145 Comm: syz-executor7 Tainted: G B 4.9.39-g5b07c2d #4
[ 1247.288926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1247.298250] ffff8801c7f3fcf8 ffffffff81eacd59 ffff8801dac0ec80 ffff8801d867e0a0
[ 1247.306241] ffff8801d867e0b8 ffffed003b0cfc14 ffff8801d867e0a6 ffff8801c7f3fd20
[ 1247.314223] ffffffff81546bfc ffffed003b0cfc14 ffff8801dac0ec80 0000000000000000
[ 1247.322192] Call Trace:
[ 1247.324758] [<ffffffff81eacd59>] dump_stack+0xc1/0x128
[ 1247.330097] [<ffffffff81546bfc>] kasan_object_err+0x1c/0x70
[ 1247.335871] [<ffffffff81546ead>] kasan_report.part.1+0x20d/0x4e0
[ 1247.342101] [<ffffffff8152bf3e>] ? do_get_mempolicy+0xaee/0xba0
[ 1247.348218] [<ffffffff815471d9>] __asan_report_load2_noabort+0x29/0x30
[ 1247.354943] [<ffffffff8152bf3e>] do_get_mempolicy+0xaee/0xba0
[ 1247.360886] [<ffffffff8152b450>] ? sp_free+0x60/0x60
[ 1247.366046] [<ffffffff8152ca73>] SyS_get_mempolicy+0xc3/0x190
[ 1247.371988] [<ffffffff8152c9b0>] ? SyS_migrate_pages+0x710/0x710
[ 1247.378188] [<ffffffff8152fc76>] ? SyS_mbind+0xe6/0x150
[ 1247.383624] [<ffffffff839658a7>] ? entry_SYSCALL_64_fastpath+0x5/0xc6
[ 1247.390264] [<ffffffff812377db>] ? trace_hardirqs_on_caller+0x38b/0x590
[ 1247.397077] [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1247.403640] [<ffffffff839658c5>] entry_SYSCALL_64_fastpath+0x23/0xc6
[ 1247.410190] Object at ffff8801d867e0a0, in cache numa_policy size: 24
[ 1247.416733] Allocated:
[ 1247.419203] PID = 30145
[ 1247.421763] save_stack_trace+0x16/0x20
[ 1247.425710] save_stack+0x43/0xd0
[ 1247.429148] kasan_kmalloc+0xad/0xe0
[ 1247.432832] kasan_slab_alloc+0x12/0x20
[ 1247.436772] kmem_cache_alloc+0xc9/0x2a0
[ 1247.440801] __mpol_dup+0x79/0x3c0
[ 1247.444310] do_mbind+0x71e/0xb30
[ 1247.447731] SyS_mbind+0x13b/0x150
[ 1247.451240] entry_SYSCALL_64_fastpath+0x23/0xc6
[ 1247.455958] Freed:
[ 1247.458075] PID = 30128
[ 1247.460629] save_stack_trace+0x16/0x20
[ 1247.464571] save_stack+0x43/0xd0
[ 1247.467995] kasan_slab_free+0x73/0xc0
[ 1247.471853] kmem_cache_free+0xb2/0x2e0
[ 1247.475798] __mpol_put+0x26/0x30
[ 1247.479222] remove_vma+0x12b/0x1a0
[ 1247.482818] do_munmap+0x7ff/0xeb0
[ 1247.486327] mmap_region+0x14d/0xfe0
[ 1247.490007] do_mmap+0x595/0xbe0
[ 1247.493373] vm_mmap_pgoff+0x158/0x1a0
[ 1247.497231] SyS_mmap_pgoff+0x1fc/0x580
[ 1247.501175] SyS_mmap+0x16/0x20
[ 1247.504425] entry_SYSCALL_64_fastpath+0x23/0xc6
[ 1247.509148] Memory state around the buggy address:
[ 1247.514067] ffff8801d867df80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1247.521394] ffff8801d867e000: fb fb fb fc fc fb fb fb fc fc fb fb fb fc fc fb
[ 1247.528724] >ffff8801d867e080: fb fb fc fc fb fb fb fc fc fb fb fb fc fc fb fb
[ 1247.536064] ^
[ 1247.540443] ffff8801d867e100: fb fc fc fb fb fb fc fc fb fb fb fc fc fb fb fb
[ 1247.547770] ffff8801d867e180: fc fc fb fb fb fc fc fb fb fb fc fc fb fb fb fc
[ 1247.555127] ==================================================================