[ 38.825653][ T26] audit: type=1800 audit(1554061038.696:27): pid=7661 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[ 38.852195][ T26] audit: type=1800 audit(1554061038.696:28): pid=7661 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[ 39.716316][ T26] audit: type=1800 audit(1554061039.666:29): pid=7661 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[....] startpar: service(s) returned failure: ssh ...�[?25l�[?1c�7�[1G[�[31mFAIL�[39;49m�8�[?25h�[?0c �[31mfailed!�[39;49m
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.0.231' (ECDSA) to the list of known hosts.
2019/03/31 19:37:58 parsed 1 programs
2019/03/31 19:38:00 executed programs: 0
syzkaller login: [ 80.159925][ T7855] IPVS: ftp: loaded support on port[0] = 21
[ 80.169786][ T7858] IPVS: ftp: loaded support on port[0] = 21
[ 80.171892][ T7854] IPVS: ftp: loaded support on port[0] = 21
[ 80.179147][ T7860] IPVS: ftp: loaded support on port[0] = 21
[ 80.201434][ T7862] IPVS: ftp: loaded support on port[0] = 21
[ 80.218058][ T7863] IPVS: ftp: loaded support on port[0] = 21
[ 80.388834][ T7858] chnl_net:caif_netlink_parms(): no params data found
[ 80.435579][ T7855] chnl_net:caif_netlink_parms(): no params data found
[ 80.476522][ T7854] chnl_net:caif_netlink_parms(): no params data found
[ 80.507481][ T7860] chnl_net:caif_netlink_parms(): no params data found
[ 80.569493][ T7858] bridge0: port 1(bridge_slave_0) entered blocking state
[ 80.577483][ T7858] bridge0: port 1(bridge_slave_0) entered disabled state
[ 80.585527][ T7858] device bridge_slave_0 entered promiscuous mode
[ 80.617422][ T7862] chnl_net:caif_netlink_parms(): no params data found
[ 80.629017][ T7858] bridge0: port 2(bridge_slave_1) entered blocking state
[ 80.636856][ T7858] bridge0: port 2(bridge_slave_1) entered disabled state
[ 80.645504][ T7858] device bridge_slave_1 entered promiscuous mode
[ 80.678299][ T7855] bridge0: port 1(bridge_slave_0) entered blocking state
[ 80.688113][ T7855] bridge0: port 1(bridge_slave_0) entered disabled state
[ 80.696020][ T7855] device bridge_slave_0 entered promiscuous mode
[ 80.736235][ T7855] bridge0: port 2(bridge_slave_1) entered blocking state
[ 80.743798][ T7855] bridge0: port 2(bridge_slave_1) entered disabled state
[ 80.754082][ T7855] device bridge_slave_1 entered promiscuous mode
[ 80.765019][ T7858] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 80.774748][ T7854] bridge0: port 1(bridge_slave_0) entered blocking state
[ 80.783227][ T7854] bridge0: port 1(bridge_slave_0) entered disabled state
[ 80.790844][ T7854] device bridge_slave_0 entered promiscuous mode
[ 80.808947][ T7860] bridge0: port 1(bridge_slave_0) entered blocking state
[ 80.818534][ T7860] bridge0: port 1(bridge_slave_0) entered disabled state
[ 80.826444][ T7860] device bridge_slave_0 entered promiscuous mode
[ 80.840839][ T7858] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 80.865739][ T7854] bridge0: port 2(bridge_slave_1) entered blocking state
[ 80.873677][ T7854] bridge0: port 2(bridge_slave_1) entered disabled state
[ 80.881243][ T7854] device bridge_slave_1 entered promiscuous mode
[ 80.896028][ T7860] bridge0: port 2(bridge_slave_1) entered blocking state
[ 80.903265][ T7860] bridge0: port 2(bridge_slave_1) entered disabled state
[ 80.910830][ T7860] device bridge_slave_1 entered promiscuous mode
[ 80.924542][ T7863] chnl_net:caif_netlink_parms(): no params data found
[ 80.934939][ T7858] team0: Port device team_slave_0 added
[ 80.951264][ T7855] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 80.966179][ T7860] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 80.976109][ T7858] team0: Port device team_slave_1 added
[ 80.985886][ T7854] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 80.994798][ T7862] bridge0: port 1(bridge_slave_0) entered blocking state
[ 81.002478][ T7862] bridge0: port 1(bridge_slave_0) entered disabled state
[ 81.010010][ T7862] device bridge_slave_0 entered promiscuous mode
[ 81.018074][ T7855] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 81.036962][ T7860] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 81.052787][ T7854] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 81.062214][ T7860] team0: Port device team_slave_0 added
[ 81.068020][ T7862] bridge0: port 2(bridge_slave_1) entered blocking state
[ 81.075334][ T7862] bridge0: port 2(bridge_slave_1) entered disabled state
[ 81.083404][ T7862] device bridge_slave_1 entered promiscuous mode
[ 81.114757][ T7855] team0: Port device team_slave_0 added
[ 81.121017][ T7854] team0: Port device team_slave_0 added
[ 81.127400][ T7860] team0: Port device team_slave_1 added
[ 81.137646][ T7862] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 81.150339][ T7854] team0: Port device team_slave_1 added
[ 81.213908][ T7858] device hsr_slave_0 entered promiscuous mode
[ 81.282089][ T7858] device hsr_slave_1 entered promiscuous mode
[ 81.352709][ T7855] team0: Port device team_slave_1 added
[ 81.359984][ T7862] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 81.433678][ T7855] device hsr_slave_0 entered promiscuous mode
[ 81.472111][ T7855] device hsr_slave_1 entered promiscuous mode
[ 81.522285][ T7863] bridge0: port 1(bridge_slave_0) entered blocking state
[ 81.529366][ T7863] bridge0: port 1(bridge_slave_0) entered disabled state
[ 81.537803][ T7863] device bridge_slave_0 entered promiscuous mode
[ 81.545544][ T7863] bridge0: port 2(bridge_slave_1) entered blocking state
[ 81.552716][ T7863] bridge0: port 2(bridge_slave_1) entered disabled state
[ 81.560254][ T7863] device bridge_slave_1 entered promiscuous mode
[ 81.568049][ T7862] team0: Port device team_slave_0 added
[ 81.633582][ T7860] device hsr_slave_0 entered promiscuous mode
[ 81.672060][ T7860] device hsr_slave_1 entered promiscuous mode
[ 81.793579][ T7854] device hsr_slave_0 entered promiscuous mode
[ 81.862124][ T7854] device hsr_slave_1 entered promiscuous mode
[ 81.950175][ T7862] team0: Port device team_slave_1 added
[ 81.964844][ T7863] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 81.975659][ T7863] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 82.043953][ T7862] device hsr_slave_0 entered promiscuous mode
[ 82.082149][ T7862] device hsr_slave_1 entered promiscuous mode
[ 82.164024][ T7863] team0: Port device team_slave_0 added
[ 82.192938][ T7863] team0: Port device team_slave_1 added
[ 82.284708][ T7863] device hsr_slave_0 entered promiscuous mode
[ 82.322314][ T7863] device hsr_slave_1 entered promiscuous mode
[ 82.395895][ T7860] 8021q: adding VLAN 0 to HW filter on device bond0
[ 82.415272][ T7858] 8021q: adding VLAN 0 to HW filter on device bond0
[ 82.445617][ T7862] 8021q: adding VLAN 0 to HW filter on device bond0
[ 82.460274][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 82.470398][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 82.483600][ T7860] 8021q: adding VLAN 0 to HW filter on device team0
[ 82.499136][ T7862] 8021q: adding VLAN 0 to HW filter on device team0
[ 82.509326][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 82.521135][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 82.529503][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 82.537979][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 82.559034][ T7858] 8021q: adding VLAN 0 to HW filter on device team0
[ 82.577859][ T7854] 8021q: adding VLAN 0 to HW filter on device bond0
[ 82.586046][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 82.595218][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 82.603960][ T3480] bridge0: port 1(bridge_slave_0) entered blocking state
[ 82.611095][ T3480] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 82.619153][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 82.628004][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 82.636396][ T3480] bridge0: port 1(bridge_slave_0) entered blocking state
[ 82.643479][ T3480] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 82.650950][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 82.660883][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 82.669233][ T3480] bridge0: port 1(bridge_slave_0) entered blocking state
[ 82.676305][ T3480] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 82.684472][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 82.692427][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 82.700242][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 82.712901][ T7863] 8021q: adding VLAN 0 to HW filter on device bond0
[ 82.739085][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 82.746850][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 82.755506][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 82.764631][ T22] bridge0: port 2(bridge_slave_1) entered blocking state
[ 82.771912][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 82.779612][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 82.788157][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 82.795731][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 82.803463][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 82.812310][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 82.820718][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 82.829482][ T22] bridge0: port 2(bridge_slave_1) entered blocking state
[ 82.836579][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 82.844272][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 82.855089][ T7854] 8021q: adding VLAN 0 to HW filter on device team0
[ 82.879810][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 82.891528][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 82.901453][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 82.919393][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 82.951351][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 82.965816][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 82.974587][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 82.983235][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 82.991904][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 83.000151][ T7866] bridge0: port 2(bridge_slave_1) entered blocking state
[ 83.012546][ T7866] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 83.020418][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 83.029006][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 83.037620][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 83.045578][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 83.057043][ T7855] 8021q: adding VLAN 0 to HW filter on device bond0
[ 83.067009][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 83.075561][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 83.101289][ T7860] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 83.112659][ T7860] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 83.124788][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 83.134213][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 83.143251][ T7866] bridge0: port 1(bridge_slave_0) entered blocking state
[ 83.150287][ T7866] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 83.157917][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 83.166347][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 83.174988][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 83.183297][ T7866] bridge0: port 2(bridge_slave_1) entered blocking state
[ 83.190318][ T7866] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 83.197963][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 83.206185][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 83.214694][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 83.223017][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 83.231226][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 83.239203][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 83.254090][ T7862] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 83.266021][ T7862] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 83.277501][ T7871] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 83.287188][ T7871] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 83.295058][ T7871] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 83.303585][ T7871] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 83.312214][ T7871] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 83.327310][ T7863] 8021q: adding VLAN 0 to HW filter on device team0
[ 83.348483][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 83.357117][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 83.366554][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 83.375837][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 83.396132][ T7855] 8021q: adding VLAN 0 to HW filter on device team0
[ 83.414291][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 83.424020][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 83.432690][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 83.440964][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 83.449739][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 83.458099][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 83.466724][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 83.475086][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 83.483494][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 83.491524][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 83.499591][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 83.507319][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 83.515763][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 83.524368][ T7866] bridge0: port 1(bridge_slave_0) entered blocking state
[ 83.531405][ T7866] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 83.539174][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 83.547732][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 83.556098][ T7866] bridge0: port 2(bridge_slave_1) entered blocking state
[ 83.563181][ T7866] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 83.570901][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 83.579002][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 83.596275][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 83.604856][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 83.615665][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 83.624251][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 83.632522][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 83.640940][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 83.649400][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 83.674166][ T7862] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 83.688844][ T7858] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 83.698928][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 83.708247][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 83.718048][ T3480] bridge0: port 1(bridge_slave_0) entered blocking state
[ 83.725188][ T3480] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 83.733613][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 83.742281][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 83.751234][ T3480] bridge0: port 2(bridge_slave_1) entered blocking state
[ 83.758957][ T3480] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 83.767327][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 83.777508][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 83.787038][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 83.795555][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 83.804652][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 83.814030][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 83.821962][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 83.835273][ T7854] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 83.845037][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 83.870021][ T7860] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 83.887179][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 83.897270][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 83.912281][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 83.920457][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 83.930030][ T7863] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 83.946812][ T7858] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 83.996181][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 84.027316][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 84.040220][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 84.046263][ C1] hrtimer: interrupt took 26336 ns
[ 84.072619][ T7854] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 84.103120][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 84.110983][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 84.151432][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 84.208788][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 84.268160][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 84.302434][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 84.344056][ T7866] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 84.393803][ T7863] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 84.402817][ T7855] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 84.503907][ T7855] 8021q: adding VLAN 0 to HW filter on device batadv0
2019/03/31 19:38:05 executed programs: 18
[ 86.072107][ C0] ==================================================================
[ 86.080426][ C0] BUG: KASAN: use-after-free in ccid_hc_tx_delete+0xde/0x100
[ 86.087806][ C0] Read of size 8 at addr ffff88809eedb3c0 by task syz-executor.0/8043
[ 86.087817][ C0]
[ 86.087830][ C0] CPU: 0 PID: 8043 Comm: syz-executor.0 Not tainted 5.1.0-rc2+ #46
[ 86.087837][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 86.087841][ C0] Call Trace:
[ 86.087847][ C0]
[ 86.087866][ C0] dump_stack+0x172/0x1f0
[ 86.087880][ C0] ? ccid_hc_tx_delete+0xde/0x100
[ 86.087895][ C0] print_address_description.cold+0x7c/0x20d
[ 86.087906][ C0] ? ccid_hc_tx_delete+0xde/0x100
[ 86.087918][ C0] ? ccid_hc_tx_delete+0xde/0x100
[ 86.087931][ C0] kasan_report.cold+0x1b/0x40
[ 86.087945][ C0] ? ccid_hc_tx_delete+0xde/0x100
[ 86.087961][ C0] __asan_report_load8_noabort+0x14/0x20
[ 86.087974][ C0] ccid_hc_tx_delete+0xde/0x100
[ 86.087986][ C0] dccp_sk_destruct+0x3f/0x90
[ 86.087996][ C0] ? dccp_init_sock+0x3f0/0x3f0
[ 86.088007][ C0] __sk_destruct+0x55/0x6d0
[ 86.088019][ C0] ? proto_unregister+0x4e0/0x4e0
[ 86.088033][ C0] rcu_core+0x928/0x1390
[ 86.088052][ C0] ? rcu_check_gp_start_stall+0x250/0x250
[ 86.088076][ C0] __do_softirq+0x266/0x95a
[ 86.088098][ C0] ? sched_clock_cpu+0x1b/0x1b0
[ 86.088120][ C0] irq_exit+0x180/0x1d0
[ 86.163660][ C0] smp_apic_timer_interrupt+0x14a/0x570
[ 86.163676][ C0] apic_timer_interrupt+0xf/0x20
[ 86.163682][ C0]
[ 86.163698][ C0] RIP: 0010:kmem_cache_free+0xab/0x260
[ 86.163711][ C0] Code: e8 ea 28 00 00 84 c0 74 77 41 f7 c5 00 02 00 00 74 4f e8 18 af cd ff 48 83 3d 70 69 ea 06 00 0f 84 ae 01 00 00 4c 89 ef 57 9d <0f> 1f 44 00 00 4c 8b 6d 08 0f 1f 44 00 00 65 8b 05 90 53 59 7e 83
[ 86.163719][ C0] RSP: 0018:ffff888095a37670 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13
[ 86.163730][ C0] RAX: 0000000000000007 RBX: ffff8880927c7ec8 RCX: 1ffff1101358999c
[ 86.163738][ C0] RDX: 0000000000000000 RSI: ffff88809ac4ccc0 RDI: 0000000000000282
[ 86.163747][ C0] RBP: ffff888095a37690 R08: ffff88809ac4c440 R09: ffff88809ac4cce0
[ 86.163755][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88812c3eb0c0
[ 86.163762][ C0] R13: 0000000000000282 R14: ffffffff819c5778 R15: ffff88809f643400
[ 86.163777][ C0] ? ptlock_free+0x38/0x42
[ 86.163804][ C0] ptlock_free+0x38/0x42
[ 86.163817][ C0] zap_huge_pmd+0x584/0xd60
[ 86.163834][ C0] unmap_page_range+0x13d6/0x2330
[ 86.163862][ C0] ? vm_normal_page_pmd+0x400/0x400
[ 86.163878][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 86.163891][ C0] ? uprobe_munmap+0xad/0x2b0
[ 86.163907][ C0] unmap_single_vma+0x19d/0x300
[ 86.163925][ C0] unmap_vmas+0x115/0x250
[ 86.163941][ C0] ? zap_vma_ptes+0x110/0x110
[ 86.163953][ C0] ? lru_deactivate_file_fn+0x1a30/0x1a30
[ 86.163972][ C0] ? kasan_check_write+0x14/0x20
[ 86.164014][ C0] exit_mmap+0x2c2/0x530
[ 86.164028][ C0] ? __ia32_sys_munmap+0x80/0x80
[ 86.164045][ C0] ? __sanitizer_cov_trace_const_cmp4+0x9/0x20
[ 86.164071][ C0] ? rcu_read_lock_sched_held+0x110/0x130
[ 86.207231][ C0] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 86.266333][ C0] ? __khugepaged_exit+0xcf/0x400
[ 86.266354][ C0] mmput+0x15f/0x4c0
[ 86.266370][ C0] do_exit+0x816/0x2fa0
[ 86.266386][ C0] ? get_signal+0x331/0x1d50
[ 86.266409][ C0] ? mm_update_next_owner+0x640/0x640
[ 86.407819][ C0] ? kasan_check_write+0x14/0x20
[ 86.407846][ C0] ? _raw_spin_unlock_irq+0x28/0x90
[ 86.417968][ C0] ? get_signal+0x331/0x1d50
[ 86.422647][ C0] ? _raw_spin_unlock_irq+0x28/0x90
[ 86.427853][ C0] do_group_exit+0x135/0x370
[ 86.432455][ C0] get_signal+0x399/0x1d50
[ 86.436893][ C0] do_signal+0x87/0x1940
[ 86.441146][ C0] ? kasan_check_read+0x11/0x20
[ 86.446005][ C0] ? _copy_to_user+0xc9/0x120
[ 86.450693][ C0] ? setup_sigcontext+0x7d0/0x7d0
[ 86.455736][ C0] ? exit_to_usermode_loop+0x43/0x2c0
[ 86.461112][ C0] ? do_syscall_64+0x52d/0x610
[ 86.465881][ C0] ? exit_to_usermode_loop+0x43/0x2c0
[ 86.471260][ C0] ? lockdep_hardirqs_on+0x418/0x5d0
[ 86.476556][ C0] ? trace_hardirqs_on+0x67/0x230
[ 86.481594][ C0] exit_to_usermode_loop+0x244/0x2c0
[ 86.486895][ C0] do_syscall_64+0x52d/0x610
[ 86.491494][ C0] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 86.497416][ C0] RIP: 0033:0x458209
[ 86.501320][ C0] Code: Bad RIP value.
[ 86.505385][ C0] RSP: 002b:00007f33ce9e6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 86.513886][ C0] RAX: 0000000000000001 RBX: 000000000073bfa8 RCX: 0000000000458209
[ 86.521863][ C0] RDX: 00000000004be6d7 RSI: 0000000000000081 RDI: 000000000073bfac
[ 86.521872][ C0] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 86.521879][ C0] R10: 000000000000000a R11: 0000000000000246 R12: 000000000073bfac
[ 86.521887][ C0] R13: 00007fff0832043f R14: 00007f33ce9e79c0 R15: 000000000073bfac
[ 86.521909][ C0]
[ 86.521916][ C0] Allocated by task 8027:
[ 86.521935][ C0] save_stack+0x45/0xd0
[ 86.521948][ C0] __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 86.521960][ C0] kasan_slab_alloc+0xf/0x20
[ 86.521972][ C0] kmem_cache_alloc+0x11a/0x6f0
[ 86.521986][ C0] ccid_new+0x256/0x3f0
[ 86.522005][ C0] dccp_hdlr_ccid+0x27/0x150
[ 86.556215][ C0] __dccp_feat_activate+0x17a/0x270
[ 86.556236][ C0] dccp_feat_activate_values+0x33a/0x766
[ 86.583975][ C0] dccp_rcv_state_process+0x116f/0x1935
[ 86.583989][ C0] dccp_v6_do_rcv+0x269/0xbf0
[ 86.584002][ C0] __release_sock+0x12e/0x3a0
[ 86.584012][ C0] release_sock+0x59/0x1c0
[ 86.584034][ C0] __inet_stream_connect+0x59f/0xea0
[ 86.593850][ C0] inet_stream_connect+0x58/0xa0
[ 86.593863][ C0] __sys_connect+0x266/0x330
[ 86.593874][ C0] __x64_sys_connect+0x73/0xb0
[ 86.593887][ C0] do_syscall_64+0x103/0x610
[ 86.593900][ C0] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 86.593904][ C0]
[ 86.593911][ C0] Freed by task 8036:
[ 86.593924][ C0] save_stack+0x45/0xd0
[ 86.593935][ C0] __kasan_slab_free+0x102/0x150
[ 86.593947][ C0] kasan_slab_free+0xe/0x10
[ 86.593959][ C0] kmem_cache_free+0x86/0x260
[ 86.593972][ C0] ccid_hc_tx_delete+0xc1/0x100
[ 86.593983][ C0] dccp_hdlr_ccid+0x7d/0x150
[ 86.594002][ C0] __dccp_feat_activate+0x17a/0x270
[ 86.688052][ C0] dccp_feat_activate_values+0x33a/0x766
[ 86.693693][ C0] dccp_create_openreq_child+0x40c/0x570
[ 86.699341][ C0] dccp_v6_request_recv_sock+0x214/0x1e80
[ 86.705071][ C0] dccp_check_req+0x35c/0x6f0
[ 86.709753][ C0] dccp_v6_rcv+0x6d7/0x191e
[ 86.714262][ C0] ip6_protocol_deliver_rcu+0x303/0x16c0
[ 86.719901][ C0] ip6_input_finish+0x84/0x170
[ 86.724669][ C0] ip6_input+0xe4/0x3f0
[ 86.728830][ C0] ip6_rcv_finish+0x1e7/0x320
[ 86.733511][ C0] ipv6_rcv+0x10e/0x420
[ 86.737670][ C0] __netif_receive_skb_one_core+0x115/0x1a0
[ 86.743564][ C0] __netif_receive_skb+0x2c/0x1c0
[ 86.748598][ C0] process_backlog+0x206/0x750
[ 86.753438][ C0] net_rx_action+0x4fa/0x1070
[ 86.758166][ C0] __do_softirq+0x266/0x95a
[ 86.762664][ C0]
[ 86.764996][ C0] The buggy address belongs to the object at ffff88809eedb3c0
[ 86.764996][ C0] which belongs to the cache ccid2_hc_tx_sock of size 1240
[ 86.779690][ C0] The buggy address is located 0 bytes inside of
[ 86.779690][ C0] 1240-byte region [ffff88809eedb3c0, ffff88809eedb898)
[ 86.792875][ C0] The buggy address belongs to the page:
[ 86.798544][ C0] page:ffffea00027bb680 count:1 mapcount:0 mapping:ffff8882160baa80 index:0x0 compound_mapcount: 0
[ 86.809266][ C0] flags: 0x1fffc0000010200(slab|head)
[ 86.815922][ C0] raw: 01fffc0000010200 ffffea00026e4908 ffffea000225d988 ffff8882160baa80
[ 86.824651][ C0] raw: 0000000000000000 ffff88809eeda340 0000000100000005 0000000000000000
[ 86.833239][ C0] page dumped because: kasan: bad access detected
[ 86.839657][ C0]
[ 86.841986][ C0] Memory state around the buggy address:
[ 86.847633][ C0] ffff88809eedb280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 86.858571][ C0] ffff88809eedb300: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 86.866830][ C0] >ffff88809eedb380: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
[ 86.874987][ C0] ^
[ 86.881334][ C0] ffff88809eedb400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 86.889402][ C0] ffff88809eedb480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 86.897483][ C0] ==================================================================
[ 86.900259][ T3876] kobject: 'loop5' (00000000486be63f): kobject_uevent_env
[ 86.905534][ C0] Disabling lock debugging due to kernel taint
[ 86.905596][ C0] Kernel panic - not syncing: panic_on_warn set ...
[ 86.905616][ C0] CPU: 0 PID: 8043 Comm: syz-executor.0 Tainted: G B 5.1.0-rc2+ #46
[ 86.905623][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 86.905635][ C0] Call Trace:
[ 86.948101][ C0]
[ 86.948412][ T3876] kobject: 'loop5' (00000000486be63f): fill_kobj_path: path = '/devices/virtual/block/loop5'
[ 86.950958][ C0] dump_stack+0x172/0x1f0
[ 86.950981][ C0] panic+0x2cb/0x65c
[ 86.969403][ C0] ? __warn_printk+0xf3/0xf3
[ 86.973997][ C0] ? retint_kernel+0x2d/0x2d
[ 86.974225][ T3876] kobject: 'loop1' (000000006ecdab8d): kobject_uevent_env
[ 86.978596][ C0] ? trace_hardirqs_on+0x5e/0x230
[ 86.978619][ C0] ? ccid_hc_tx_delete+0xde/0x100
[ 86.996435][ C0] end_report+0x47/0x4f
[ 86.999249][ T3876] kobject: 'loop1' (000000006ecdab8d): fill_kobj_path: path = '/devices/virtual/block/loop1'
[ 87.000592][ C0] ? ccid_hc_tx_delete+0xde/0x100
[ 87.000611][ C0] kasan_report.cold+0xe/0x40
[ 87.000631][ C0] ? ccid_hc_tx_delete+0xde/0x100
[ 87.025451][ C0] __asan_report_load8_noabort+0x14/0x20
[ 87.031075][ C0] ccid_hc_tx_delete+0xde/0x100
[ 87.035941][ C0] dccp_sk_destruct+0x3f/0x90
[ 87.040616][ C0] ? dccp_init_sock+0x3f0/0x3f0
[ 87.045451][ C0] __sk_destruct+0x55/0x6d0
[ 87.046664][ T3876] kobject: 'loop3' (000000006c01f17d): kobject_uevent_env
[ 87.049949][ C0] ? proto_unregister+0x4e0/0x4e0
[ 87.049964][ C0] rcu_core+0x928/0x1390
[ 87.049985][ C0] ? rcu_check_gp_start_stall+0x250/0x250
[ 87.059105][ T3876] kobject: 'loop3' (000000006c01f17d): fill_kobj_path: path = '/devices/virtual/block/loop3'
[ 87.062101][ C0] __do_softirq+0x266/0x95a
[ 87.062116][ C0] ? sched_clock_cpu+0x1b/0x1b0
[ 87.062132][ C0] irq_exit+0x180/0x1d0
[ 87.062146][ C0] smp_apic_timer_interrupt+0x14a/0x570
[ 87.062164][ C0] apic_timer_interrupt+0xf/0x20
[ 87.106079][ C0]
[ 87.109022][ C0] RIP: 0010:kmem_cache_free+0xab/0x260
[ 87.114457][ C0] Code: e8 ea 28 00 00 84 c0 74 77 41 f7 c5 00 02 00 00 74 4f e8 18 af cd ff 48 83 3d 70 69 ea 06 00 0f 84 ae 01 00 00 4c 89 ef 57 9d <0f> 1f 44 00 00 4c 8b 6d 08 0f 1f 44 00 00 65 8b 05 90 53 59 7e 83
[ 87.134172][ C0] RSP: 0018:ffff888095a37670 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13
[ 87.142581][ C0] RAX: 0000000000000007 RBX: ffff8880927c7ec8 RCX: 1ffff1101358999c
[ 87.150541][ C0] RDX: 0000000000000000 RSI: ffff88809ac4ccc0 RDI: 0000000000000282
[ 87.158489][ C0] RBP: ffff888095a37690 R08: ffff88809ac4c440 R09: ffff88809ac4cce0
[ 87.166438][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88812c3eb0c0
[ 87.174384][ C0] R13: 0000000000000282 R14: ffffffff819c5778 R15: ffff88809f643400
[ 87.182442][ C0] ? ptlock_free+0x38/0x42
[ 87.186839][ C0] ptlock_free+0x38/0x42
[ 87.191064][ C0] zap_huge_pmd+0x584/0xd60
[ 87.195545][ C0] unmap_page_range+0x13d6/0x2330
[ 87.200559][ C0] ? vm_normal_page_pmd+0x400/0x400
[ 87.205747][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 87.211978][ C0] ? uprobe_munmap+0xad/0x2b0
[ 87.216660][ C0] unmap_single_vma+0x19d/0x300
[ 87.221499][ C0] unmap_vmas+0x115/0x250
[ 87.225839][ C0] ? zap_vma_ptes+0x110/0x110
[ 87.230500][ C0] ? lru_deactivate_file_fn+0x1a30/0x1a30
[ 87.236402][ C0] ? kasan_check_write+0x14/0x20
[ 87.241319][ C0] exit_mmap+0x2c2/0x530
[ 87.245538][ C0] ? __ia32_sys_munmap+0x80/0x80
[ 87.250453][ C0] ? __sanitizer_cov_trace_const_cmp4+0x9/0x20
[ 87.256593][ C0] ? rcu_read_lock_sched_held+0x110/0x130
[ 87.262315][ C0] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 87.268530][ C0] ? __khugepaged_exit+0xcf/0x400
[ 87.273541][ C0] mmput+0x15f/0x4c0
[ 87.277429][ C0] do_exit+0x816/0x2fa0
[ 87.281575][ C0] ? get_signal+0x331/0x1d50
[ 87.286150][ C0] ? mm_update_next_owner+0x640/0x640
[ 87.291499][ C0] ? kasan_check_write+0x14/0x20
[ 87.296427][ C0] ? _raw_spin_unlock_irq+0x28/0x90
[ 87.301620][ C0] ? get_signal+0x331/0x1d50
[ 87.306195][ C0] ? _raw_spin_unlock_irq+0x28/0x90
[ 87.311678][ C0] do_group_exit+0x135/0x370
[ 87.316275][ C0] get_signal+0x399/0x1d50
[ 87.320685][ C0] do_signal+0x87/0x1940
[ 87.324920][ C0] ? kasan_check_read+0x11/0x20
[ 87.329753][ C0] ? _copy_to_user+0xc9/0x120
[ 87.334411][ C0] ? setup_sigcontext+0x7d0/0x7d0
[ 87.339424][ C0] ? exit_to_usermode_loop+0x43/0x2c0
[ 87.344781][ C0] ? do_syscall_64+0x52d/0x610
[ 87.349548][ C0] ? exit_to_usermode_loop+0x43/0x2c0
[ 87.354909][ C0] ? lockdep_hardirqs_on+0x418/0x5d0
[ 87.360182][ C0] ? trace_hardirqs_on+0x67/0x230
[ 87.365191][ C0] exit_to_usermode_loop+0x244/0x2c0
[ 87.370458][ C0] do_syscall_64+0x52d/0x610
[ 87.375029][ C0] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 87.380896][ C0] RIP: 0033:0x458209
[ 87.384776][ C0] Code: Bad RIP value.
[ 87.388912][ C0] RSP: 002b:00007f33ce9e6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 87.397294][ C0] RAX: 0000000000000001 RBX: 000000000073bfa8 RCX: 0000000000458209
[ 87.405240][ C0] RDX: 00000000004be6d7 RSI: 0000000000000081 RDI: 000000000073bfac
[ 87.413196][ C0] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 87.421155][ C0] R10: 000000000000000a R11: 0000000000000246 R12: 000000000073bfac
[ 87.429105][ C0] R13: 00007fff0832043f R14: 00007f33ce9e79c0 R15: 000000000073bfac
[ 87.437842][ C0] Kernel Offset: disabled
[ 87.442156][ C0] Rebooting in 86400 seconds..