[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   56.047530][   T26] audit: type=1800 audit(1563360956.450:25): pid=8564 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   56.074999][   T26] audit: type=1800 audit(1563360956.450:26): pid=8564 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   56.097468][   T26] audit: type=1800 audit(1563360956.460:27): pid=8564 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.85' (ECDSA) to the list of known hosts.
2019/07/17 10:58:01 parsed 1 programs
2019/07/17 10:58:04 executed programs: 0
syzkaller login: [  184.233737][ T8738] IPVS: ftp: loaded support on port[0] = 21
[  184.260539][ T8739] IPVS: ftp: loaded support on port[0] = 21
[  184.290952][ T8743] IPVS: ftp: loaded support on port[0] = 21
[  184.292650][ T8746] IPVS: ftp: loaded support on port[0] = 21
[  184.304921][ T8747] IPVS: ftp: loaded support on port[0] = 21
[  184.309691][ T8745] IPVS: ftp: loaded support on port[0] = 21
[  184.510003][ T8738] chnl_net:caif_netlink_parms(): no params data found
[  184.581941][ T8743] chnl_net:caif_netlink_parms(): no params data found
[  184.667648][ T8739] chnl_net:caif_netlink_parms(): no params data found
[  184.690770][ T8738] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.699427][ T8738] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.709235][ T8738] device bridge_slave_0 entered promiscuous mode
[  184.728000][ T8738] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.735566][ T8738] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.743445][ T8738] device bridge_slave_1 entered promiscuous mode
[  184.792936][ T8747] chnl_net:caif_netlink_parms(): no params data found
[  184.825356][ T8743] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.832577][ T8743] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.840726][ T8743] device bridge_slave_0 entered promiscuous mode
[  184.850448][ T8743] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.857603][ T8743] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.865797][ T8743] device bridge_slave_1 entered promiscuous mode
[  184.874463][ T8738] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  184.901238][ T8743] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  184.917109][ T8745] chnl_net:caif_netlink_parms(): no params data found
[  184.936551][ T8743] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  184.959198][ T8738] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  184.998641][ T8739] bridge0: port 1(bridge_slave_0) entered blocking state
[  185.005908][ T8739] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.013776][ T8739] device bridge_slave_0 entered promiscuous mode
[  185.042188][ T8743] team0: Port device team_slave_0 added
[  185.048726][ T8739] bridge0: port 2(bridge_slave_1) entered blocking state
[  185.055934][ T8739] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.063680][ T8739] device bridge_slave_1 entered promiscuous mode
[  185.079006][ T8738] team0: Port device team_slave_0 added
[  185.093919][ T8747] bridge0: port 1(bridge_slave_0) entered blocking state
[  185.103600][ T8747] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.111505][ T8747] device bridge_slave_0 entered promiscuous mode
[  185.121704][ T8743] team0: Port device team_slave_1 added
[  185.134965][ T8738] team0: Port device team_slave_1 added
[  185.146638][ T8746] chnl_net:caif_netlink_parms(): no params data found
[  185.157465][ T8747] bridge0: port 2(bridge_slave_1) entered blocking state
[  185.165665][ T8747] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.173300][ T8747] device bridge_slave_1 entered promiscuous mode
[  185.193617][ T8739] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  185.204879][ T8739] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  185.214170][ T8745] bridge0: port 1(bridge_slave_0) entered blocking state
[  185.221233][ T8745] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.229285][ T8745] device bridge_slave_0 entered promiscuous mode
[  185.241509][ T8745] bridge0: port 2(bridge_slave_1) entered blocking state
[  185.248752][ T8745] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.257150][ T8745] device bridge_slave_1 entered promiscuous mode
[  185.281682][ T8747] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  185.355958][ T8743] device hsr_slave_0 entered promiscuous mode
[  185.407650][ T8743] device hsr_slave_1 entered promiscuous mode
[  185.470585][ T8747] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  185.503177][ T8745] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  185.527813][ T8747] team0: Port device team_slave_0 added
[  185.535243][ T8747] team0: Port device team_slave_1 added
[  185.554873][ T8745] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  185.566474][ T8739] team0: Port device team_slave_0 added
[  185.626306][ T8738] device hsr_slave_0 entered promiscuous mode
[  185.664434][ T8738] device hsr_slave_1 entered promiscuous mode
[  185.704256][ T8738] debugfs: Directory 'hsr0' with parent '/' already present!
[  185.724808][ T8739] team0: Port device team_slave_1 added
[  185.743121][ T8745] team0: Port device team_slave_0 added
[  185.761578][ T8746] bridge0: port 1(bridge_slave_0) entered blocking state
[  185.769434][ T8746] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.777667][ T8746] device bridge_slave_0 entered promiscuous mode
[  185.785659][ T8746] bridge0: port 2(bridge_slave_1) entered blocking state
[  185.792715][ T8746] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.800707][ T8746] device bridge_slave_1 entered promiscuous mode
[  185.817503][ T8745] team0: Port device team_slave_1 added
[  185.867548][ T8747] device hsr_slave_0 entered promiscuous mode
[  185.934374][ T8747] device hsr_slave_1 entered promiscuous mode
[  186.004219][ T8747] debugfs: Directory 'hsr0' with parent '/' already present!
[  186.037892][ T8746] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  186.050184][ T8746] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  186.127039][ T8739] device hsr_slave_0 entered promiscuous mode
[  186.174336][ T8739] device hsr_slave_1 entered promiscuous mode
[  186.254224][ T8739] debugfs: Directory 'hsr0' with parent '/' already present!
[  186.336148][ T8745] device hsr_slave_0 entered promiscuous mode
[  186.364512][ T8745] device hsr_slave_1 entered promiscuous mode
[  186.404277][ T8745] debugfs: Directory 'hsr0' with parent '/' already present!
[  186.436786][ T8746] team0: Port device team_slave_0 added
[  186.456928][ T8746] team0: Port device team_slave_1 added
[  186.546219][ T8746] device hsr_slave_0 entered promiscuous mode
[  186.584411][ T8746] device hsr_slave_1 entered promiscuous mode
[  186.634168][ T8746] debugfs: Directory 'hsr0' with parent '/' already present!
[  186.707454][ T8747] 8021q: adding VLAN 0 to HW filter on device bond0
[  186.718944][ T8738] 8021q: adding VLAN 0 to HW filter on device bond0
[  186.731984][ T8743] 8021q: adding VLAN 0 to HW filter on device bond0
[  186.779153][ T8739] 8021q: adding VLAN 0 to HW filter on device bond0
[  186.800750][ T8743] 8021q: adding VLAN 0 to HW filter on device team0
[  186.813788][ T8738] 8021q: adding VLAN 0 to HW filter on device team0
[  186.829274][ T8747] 8021q: adding VLAN 0 to HW filter on device team0
[  186.836495][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  186.845929][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  186.853721][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  186.861878][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  186.869761][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  186.878102][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  186.895677][ T8745] 8021q: adding VLAN 0 to HW filter on device bond0
[  186.904675][ T8746] 8021q: adding VLAN 0 to HW filter on device bond0
[  186.911919][ T8749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  186.920665][ T8749] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  186.934942][ T8739] 8021q: adding VLAN 0 to HW filter on device team0
[  186.967885][ T8745] 8021q: adding VLAN 0 to HW filter on device team0
[  186.975896][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  186.986071][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  186.994782][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  187.001950][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  187.010034][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  187.019727][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  187.028185][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.035379][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  187.042963][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  187.052389][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  187.060888][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  187.067960][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  187.076164][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  187.084988][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  187.093271][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.100372][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  187.108041][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  187.117495][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  187.126464][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  187.135222][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  187.143760][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  187.155458][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  187.163709][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  187.172403][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  187.180883][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  187.187990][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  187.195551][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  187.203234][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  187.211568][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  187.220215][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  187.228739][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.235840][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  187.243857][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  187.251950][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  187.259904][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  187.267868][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  187.297820][ T8747] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  187.310741][ T8747] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  187.328820][ T3003] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  187.337586][ T3003] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  187.346973][ T3003] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  187.362773][ T3003] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  187.371888][ T3003] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  187.380873][ T3003] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  187.389472][ T3003] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  187.398201][ T3003] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  187.406980][ T3003] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  187.416101][ T3003] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  187.424942][ T3003] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  187.433267][ T3003] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  187.442044][ T3003] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  187.450894][ T3003] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  187.459627][ T3003] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  187.468178][ T3003] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  187.476853][ T3003] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  187.485732][ T3003] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  187.494496][ T3003] bridge0: port 1(bridge_slave_0) entered blocking state
[  187.501546][ T3003] bridge0: port 1(bridge_slave_0) entered forwarding state
[  187.509845][ T3003] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  187.517807][ T3003] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  187.525820][ T3003] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  187.533485][ T3003] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  187.552487][ T8743] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  187.563323][ T8743] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  187.588153][ T8749] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  187.599981][ T8749] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  187.608582][ T8749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  187.617325][ T8749] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  187.625799][ T8749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  187.634604][ T8749] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  187.642987][ T8749] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.650072][ T8749] bridge0: port 2(bridge_slave_1) entered forwarding state
[  187.658091][ T8749] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  187.666877][ T8749] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  187.675374][ T8749] bridge0: port 1(bridge_slave_0) entered blocking state
[  187.682412][ T8749] bridge0: port 1(bridge_slave_0) entered forwarding state
[  187.690221][ T8749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  187.699160][ T8749] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  187.710194][ T8749] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.721851][ T8749] bridge0: port 2(bridge_slave_1) entered forwarding state
[  187.729810][ T8749] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  187.737613][ T8749] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  187.775132][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  187.783490][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  187.796966][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  187.806262][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  187.813852][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  187.822906][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  187.831345][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  187.840203][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  187.849367][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  187.858058][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  187.866853][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  187.877093][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  187.885677][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  187.894354][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  187.907583][ T8738] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  187.936403][ T8746] 8021q: adding VLAN 0 to HW filter on device team0
[  187.948986][ T8747] 8021q: adding VLAN 0 to HW filter on device batadv0
[  187.956853][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  187.969028][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  187.977466][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  187.988578][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  187.997371][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  188.006118][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  188.014514][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  188.022779][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  188.031248][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  188.040053][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  188.048642][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  188.057270][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  188.065664][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  188.074036][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  188.093620][ T8743] 8021q: adding VLAN 0 to HW filter on device batadv0
[  188.103096][ T8745] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  188.136234][ T8739] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  188.156847][ T8738] 8021q: adding VLAN 0 to HW filter on device batadv0
[  188.183263][ T8749] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  188.202223][ T8749] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  188.211242][ T8749] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.218348][ T8749] bridge0: port 1(bridge_slave_0) entered forwarding state
[  188.226872][ T8749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  188.235626][ T8749] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  188.244035][ T8749] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.251136][ T8749] bridge0: port 2(bridge_slave_1) entered forwarding state
[  188.259236][ T8749] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  188.267941][ T8749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  188.286931][ T8745] 8021q: adding VLAN 0 to HW filter on device batadv0
[  188.314487][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  188.322722][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  188.345717][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  188.363406][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  188.372559][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  188.382254][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  188.404587][ T8739] 8021q: adding VLAN 0 to HW filter on device batadv0
[  188.423904][ T8746] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  188.488390][ T8746] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  188.517273][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  188.537097][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  188.575723][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  188.588732][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  188.631235][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  188.656272][ T8746] 8021q: adding VLAN 0 to HW filter on device batadv0
2019/07/17 10:58:09 executed programs: 6
2019/07/17 10:58:15 executed programs: 10
2019/07/17 10:58:21 executed programs: 18
2019/07/17 10:58:27 executed programs: 31
2019/07/17 10:58:32 executed programs: 38
2019/07/17 10:58:37 executed programs: 45
2019/07/17 10:58:42 executed programs: 51
2019/07/17 10:58:48 executed programs: 58
2019/07/17 10:58:53 executed programs: 65
2019/07/17 10:58:59 executed programs: 71
2019/07/17 10:59:05 executed programs: 78
2019/07/17 10:59:11 executed programs: 84
2019/07/17 10:59:16 executed programs: 92
2019/07/17 10:59:22 executed programs: 100
[  264.900822][T11529] 
[  264.903203][T11529] =========================
[  264.907705][T11529] WARNING: held lock freed!
[  264.912212][T11529] 5.2.0+ #66 Not tainted
[  264.916449][T11529] -------------------------
[  264.920959][T11529] syz-executor.5/11529 is freeing memory ffff88808b413300-ffff88808b413aff, with a lock still held there!
[  264.932236][T11529] 000000009cb02f96 (sk_lock-AF_NETROM){+.+.}, at: nr_release+0x130/0x3e0
[  264.940946][T11529] 2 locks held by syz-executor.5/11529:
[  264.946499][T11529]  #0: 00000000d9e91b84 (&sb->s_type->i_mutex_key#12){+.+.}, at: __sock_release+0x89/0x280
[  264.956582][T11529]  #1: 000000009cb02f96 (sk_lock-AF_NETROM){+.+.}, at: nr_release+0x130/0x3e0
[  264.965456][T11529] 
[  264.965456][T11529] stack backtrace:
[  264.971362][T11529] CPU: 1 PID: 11529 Comm: syz-executor.5 Not tainted 5.2.0+ #66
[  264.978997][T11529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  264.989057][T11529] Call Trace:
[  264.992422][T11529]  dump_stack+0x172/0x1f0
[  264.996767][T11529]  debug_check_no_locks_freed.cold+0x9d/0xa9
[  265.002843][T11529]  ? trace_hardirqs_off+0x62/0x240
[  265.007969][T11529]  kfree+0xec/0x2c0
[  265.011883][T11529]  __sk_destruct+0x4f7/0x6e0
[  265.016484][T11529]  sk_destruct+0x86/0xa0
[  265.020914][T11529]  __sk_free+0xfb/0x360
[  265.025086][T11529]  sk_free+0x42/0x50
[  265.028995][T11529]  nr_destroy_socket+0x3ea/0x4b0
[  265.033942][T11529]  nr_release+0x347/0x3e0
[  265.038286][T11529]  __sock_release+0xce/0x280
[  265.042887][T11529]  sock_close+0x1e/0x30
[  265.047051][T11529]  __fput+0x2ff/0x890
[  265.051048][T11529]  ? __sock_release+0x280/0x280
[  265.055908][T11529]  ____fput+0x16/0x20
[  265.059898][T11529]  task_work_run+0x145/0x1c0
[  265.064505][T11529]  exit_to_usermode_loop+0x316/0x380
[  265.069983][T11529]  do_syscall_64+0x5a9/0x6a0
[  265.074660][T11529]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  265.080573][T11529] RIP: 0033:0x413501
[  265.084485][T11529] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  265.104103][T11529] RSP: 002b:00007fff70b86280 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  265.112529][T11529] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000413501
[  265.120512][T11529] RDX: 0000001b2e020000 RSI: 0000000000000000 RDI: 0000000000000003
[  265.128500][T11529] RBP: 0000000000000001 R08: ffffffffffffffff R09: ffffffffffffffff
[  265.136486][T11529] R10: 00007fff70b86360 R11: 0000000000000293 R12: 000000000075c9a0
[  265.144471][T11529] R13: 000000000075c9a0 R14: 0000000000760cc8 R15: ffffffffffffffff
[  265.164201][T11425] kobject: 'bcsf0' (0000000062d55aad): kobject_cleanup, parent 00000000e15866e5
[  265.216909][T11425] kobject: 'bcsf0' (0000000062d55aad): calling ktype release
[  265.337360][T11425] kobject: 'bcsf0': free name
[  265.415849][T11441] kobject: 'bcsf0' (0000000054d2c8a8): kobject_add_internal: parent: 'net', set: 'devices'
[  265.492901][T11441] kobject: 'bcsf0' (0000000054d2c8a8): kobject_uevent_env
[  265.588729][T11441] kobject: 'bcsf0' (0000000054d2c8a8): fill_kobj_path: path = '/devices/virtual/net/bcsf0'
[  265.749433][T11441] kobject: 'queues' (000000006c4e8d6c): kobject_add_internal: parent: 'bcsf0', set: '<NULL>'
[  265.904530][T11441] kobject: 'queues' (000000006c4e8d6c): kobject_uevent_env
[  265.993967][T11441] kobject: 'queues' (000000006c4e8d6c): kobject_uevent_env: filter function caused the event to drop!
[  266.013996][T11529] ==================================================================
[  266.022103][T11529] BUG: KASAN: use-after-free in do_raw_spin_lock+0x28a/0x2e0
[  266.029472][T11529] Read of size 4 at addr ffff88808b41338c by task syz-executor.5/11529
[  266.037706][T11529] 
[  266.040042][T11529] CPU: 0 PID: 11529 Comm: syz-executor.5 Not tainted 5.2.0+ #66
[  266.047673][T11529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  266.057729][T11529] Call Trace:
[  266.061028][T11529]  dump_stack+0x172/0x1f0
[  266.065363][T11529]  ? do_raw_spin_lock+0x28a/0x2e0
[  266.070400][T11529]  print_address_description.cold+0xd4/0x306
[  266.076390][T11529]  ? do_raw_spin_lock+0x28a/0x2e0
[  266.081424][T11529]  ? do_raw_spin_lock+0x28a/0x2e0
[  266.086460][T11529]  __kasan_report.cold+0x1b/0x36
[  266.091401][T11529]  ? do_raw_spin_lock+0x28a/0x2e0
[  266.096436][T11529]  kasan_report+0x12/0x20
[  266.100769][T11529]  __asan_report_load4_noabort+0x14/0x20
[  266.106407][T11529]  do_raw_spin_lock+0x28a/0x2e0
[  266.111263][T11529]  ? rwlock_bug.part.0+0x90/0x90
[  266.116206][T11529]  ? lock_acquire+0x190/0x410
[  266.120887][T11529]  ? release_sock+0x20/0x1c0
[  266.125482][T11529]  ? __sk_free+0x100/0x360
[  266.129947][T11529]  _raw_spin_lock_bh+0x3b/0x50
[  266.133995][T11441] kobject: 'rx-0' (00000000f392c204): kobject_add_internal: parent: 'queues', set: 'queues'
[  266.134711][T11529]  ? release_sock+0x20/0x1c0
[  266.149336][T11529]  release_sock+0x20/0x1c0
[  266.153758][T11529]  nr_release+0x303/0x3e0
[  266.158100][T11529]  __sock_release+0xce/0x280
[  266.162690][T11529]  sock_close+0x1e/0x30
[  266.166847][T11529]  __fput+0x2ff/0x890
[  266.170826][T11529]  ? __sock_release+0x280/0x280
[  266.175684][T11529]  ____fput+0x16/0x20
[  266.179666][T11529]  task_work_run+0x145/0x1c0
[  266.184265][T11529]  exit_to_usermode_loop+0x316/0x380
[  266.189557][T11529]  do_syscall_64+0x5a9/0x6a0
[  266.194172][T11529]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  266.200059][T11529] RIP: 0033:0x413501
[  266.203950][T11529] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  266.223550][T11529] RSP: 002b:00007fff70b86280 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  266.231967][T11529] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000413501
[  266.239943][T11529] RDX: 0000001b2e020000 RSI: 0000000000000000 RDI: 0000000000000003
[  266.247941][T11529] RBP: 0000000000000001 R08: ffffffffffffffff R09: ffffffffffffffff
[  266.255922][T11529] R10: 00007fff70b86360 R11: 0000000000000293 R12: 000000000075c9a0
[  266.263896][T11529] R13: 000000000075c9a0 R14: 0000000000760cc8 R15: ffffffffffffffff
[  266.264020][T11441] kobject: 'rx-0' (00000000f392c204): kobject_uevent_env
[  266.271866][T11529] 
[  266.281183][T11529] Allocated by task 11514:
[  266.285599][T11529]  save_stack+0x23/0x90
[  266.289755][T11529]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[  266.295388][T11529]  kasan_kmalloc+0x9/0x10
[  266.299718][T11529]  __kmalloc+0x163/0x780
[  266.303959][T11529]  sk_prot_alloc+0x23a/0x310
[  266.308546][T11529]  sk_alloc+0x39/0xf70
[  266.312614][T11529]  nr_rx_frame+0x733/0x1e80
[  266.317113][T11529]  nr_loopback_timer+0x7b/0x170
[  266.321961][T11529]  call_timer_fn+0x1ac/0x780
[  266.326559][T11529]  run_timer_softirq+0x697/0x17a0
[  266.331583][T11529]  __do_softirq+0x262/0x98c
[  266.336072][T11529] 
[  266.338389][T11529] Freed by task 11529:
[  266.342470][T11529]  save_stack+0x23/0x90
[  266.346624][T11529]  __kasan_slab_free+0x102/0x150
[  266.351560][T11529]  kasan_slab_free+0xe/0x10
[  266.356091][T11529]  kfree+0x10a/0x2c0
[  266.359987][T11529]  __sk_destruct+0x4f7/0x6e0
[  266.364580][T11529]  sk_destruct+0x86/0xa0
[  266.368988][T11529]  __sk_free+0xfb/0x360
[  266.373141][T11529]  sk_free+0x42/0x50
[  266.377036][T11529]  nr_destroy_socket+0x3ea/0x4b0
[  266.381973][T11529]  nr_release+0x347/0x3e0
[  266.386304][T11529]  __sock_release+0xce/0x280
[  266.390894][T11529]  sock_close+0x1e/0x30
[  266.395052][T11529]  __fput+0x2ff/0x890
[  266.399030][T11529]  ____fput+0x16/0x20
[  266.403010][T11529]  task_work_run+0x145/0x1c0
[  266.407600][T11529]  exit_to_usermode_loop+0x316/0x380
[  266.412894][T11529]  do_syscall_64+0x5a9/0x6a0
[  266.413999][T11441] kobject: 'rx-0' (00000000f392c204): fill_kobj_path: path = '/devices/virtual/net/bcsf0/queues/rx-0'
[  266.417494][T11529]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  266.434265][T11529] 
[  266.436593][T11529] The buggy address belongs to the object at ffff88808b413300
[  266.436593][T11529]  which belongs to the cache kmalloc-2k of size 2048
[  266.450649][T11529] The buggy address is located 140 bytes inside of
[  266.450649][T11529]  2048-byte region [ffff88808b413300, ffff88808b413b00)
[  266.464001][T11529] The buggy address belongs to the page:
[  266.469636][T11529] page:ffffea00022d0480 refcount:1 mapcount:0 mapping:ffff8880aa400e00 index:0x0 compound_mapcount: 0
[  266.480755][T11529] flags: 0x1fffc0000010200(slab|head)
[  266.486167][T11529] raw: 01fffc0000010200 ffffea0002979308 ffff8880aa401948 ffff8880aa400e00
[  266.494758][T11529] raw: 0000000000000000 ffff88808b412200 0000000100000003 0000000000000000
[  266.503335][T11529] page dumped because: kasan: bad access detected
[  266.509744][T11529] 
[  266.512069][T11529] Memory state around the buggy address:
[  266.517700][T11529]  ffff88808b413280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  266.525773][T11529]  ffff88808b413300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  266.533924][T11529] >ffff88808b413380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  266.541980][T11529]                       ^
[  266.546307][T11529]  ffff88808b413400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  266.554367][T11529]  ffff88808b413480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  266.562423][T11529] ==================================================================
[  266.570597][T11529] Kernel panic - not syncing: panic_on_warn set ...
[  266.577187][T11529] CPU: 0 PID: 11529 Comm: syz-executor.5 Tainted: G    B             5.2.0+ #66
[  266.586202][T11529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  266.596342][T11529] Call Trace:
[  266.599638][T11529]  dump_stack+0x172/0x1f0
[  266.603972][T11529]  panic+0x2dc/0x755
[  266.607871][T11529]  ? add_taint.cold+0x16/0x16
[  266.612561][T11529]  ? trace_hardirqs_on+0x5e/0x240
[  266.617589][T11529]  ? trace_hardirqs_on+0x5e/0x240
[  266.622624][T11529]  ? do_raw_spin_lock+0x28a/0x2e0
[  266.627655][T11529]  end_report+0x47/0x4f
[  266.631812][T11529]  ? do_raw_spin_lock+0x28a/0x2e0
[  266.636847][T11529]  __kasan_report.cold+0xe/0x36
[  266.641711][T11529]  ? do_raw_spin_lock+0x28a/0x2e0
[  266.644415][T11441] kobject: 'tx-0' (00000000c720c1a3): kobject_add_internal: parent: 'queues', set: 'queues'
[  266.646744][T11529]  kasan_report+0x12/0x20
[  266.661108][T11529]  __asan_report_load4_noabort+0x14/0x20
[  266.666743][T11529]  do_raw_spin_lock+0x28a/0x2e0
[  266.671596][T11529]  ? rwlock_bug.part.0+0x90/0x90
[  266.676533][T11529]  ? lock_acquire+0x190/0x410
[  266.681211][T11529]  ? release_sock+0x20/0x1c0
[  266.685807][T11529]  ? __sk_free+0x100/0x360
[  266.690231][T11529]  _raw_spin_lock_bh+0x3b/0x50
[  266.695008][T11529]  ? release_sock+0x20/0x1c0
[  266.699599][T11529]  release_sock+0x20/0x1c0
[  266.704019][T11529]  nr_release+0x303/0x3e0
[  266.708354][T11529]  __sock_release+0xce/0x280
[  266.712950][T11529]  sock_close+0x1e/0x30
[  266.717109][T11529]  __fput+0x2ff/0x890
[  266.721121][T11529]  ? __sock_release+0x280/0x280
[  266.727493][T11529]  ____fput+0x16/0x20
[  266.731480][T11529]  task_work_run+0x145/0x1c0
[  266.736087][T11529]  exit_to_usermode_loop+0x316/0x380
[  266.741380][T11529]  do_syscall_64+0x5a9/0x6a0
[  266.746001][T11529]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  266.751906][T11529] RIP: 0033:0x413501
[  266.755813][T11529] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  266.775423][T11529] RSP: 002b:00007fff70b86280 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  266.783838][T11529] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000413501
[  266.791818][T11529] RDX: 0000001b2e020000 RSI: 0000000000000000 RDI: 0000000000000003
[  266.792183][T11441] kobject: 'tx-0' (00000000c720c1a3): kobject_uevent_env
[  266.799782][T11529] RBP: 0000000000000001 R08: ffffffffffffffff R09: ffffffffffffffff
[  266.799789][T11529] R10: 00007fff70b86360 R11: 0000000000000293 R12: 000000000075c9a0
[  266.799795][T11529] R13: 000000000075c9a0 R14: 0000000000760cc8 R15: ffffffffffffffff
[  266.809413][T11529] Kernel Offset: disabled
[  266.838126][T11529] Rebooting in 86400 seconds..