[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   62.500216][   T26] kauditd_printk_skb: 7 callbacks suppressed
[   62.500226][   T26] audit: type=1800 audit(1564101448.438:29): pid=9689 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   62.536021][   T26] audit: type=1800 audit(1564101448.448:30): pid=9689 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.15.207' (ECDSA) to the list of known hosts.
2019/07/26 00:38:39 parsed 1 programs
2019/07/26 00:38:41 executed programs: 0
syzkaller login: [  135.396227][ T9865] IPVS: ftp: loaded support on port[0] = 21
[  135.396248][ T9866] IPVS: ftp: loaded support on port[0] = 21
[  135.447059][ T9871] IPVS: ftp: loaded support on port[0] = 21
[  135.475606][ T9874] IPVS: ftp: loaded support on port[0] = 21
[  135.485293][ T9869] IPVS: ftp: loaded support on port[0] = 21
[  135.485989][ T9873] IPVS: ftp: loaded support on port[0] = 21
[  135.536451][ T9866] chnl_net:caif_netlink_parms(): no params data found
[  135.594340][ T9865] chnl_net:caif_netlink_parms(): no params data found
[  135.613977][ T9866] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.621151][ T9866] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.629119][ T9866] device bridge_slave_0 entered promiscuous mode
[  135.637943][ T9866] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.645038][ T9866] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.652645][ T9866] device bridge_slave_1 entered promiscuous mode
[  135.682997][ T9866] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  135.710319][ T9866] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  135.725195][ T9865] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.732539][ T9865] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.740047][ T9865] device bridge_slave_0 entered promiscuous mode
[  135.765310][ T9866] team0: Port device team_slave_0 added
[  135.772153][ T9866] team0: Port device team_slave_1 added
[  135.782996][ T9865] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.790115][ T9865] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.797690][ T9865] device bridge_slave_1 entered promiscuous mode
[  135.923403][ T9866] device hsr_slave_0 entered promiscuous mode
[  135.961904][ T9866] device hsr_slave_1 entered promiscuous mode
[  136.016217][ T9865] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  136.037851][ T9874] chnl_net:caif_netlink_parms(): no params data found
[  136.046933][ T9873] chnl_net:caif_netlink_parms(): no params data found
[  136.055056][ T9871] chnl_net:caif_netlink_parms(): no params data found
[  136.067376][ T9865] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  136.105256][ T9865] team0: Port device team_slave_0 added
[  136.112432][ T9865] team0: Port device team_slave_1 added
[  136.187727][ T9869] chnl_net:caif_netlink_parms(): no params data found
[  136.199246][ T9873] bridge0: port 1(bridge_slave_0) entered blocking state
[  136.206904][ T9873] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.214574][ T9873] device bridge_slave_0 entered promiscuous mode
[  136.224891][ T9873] bridge0: port 2(bridge_slave_1) entered blocking state
[  136.237050][ T9873] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.244680][ T9873] device bridge_slave_1 entered promiscuous mode
[  136.255676][ T9874] bridge0: port 1(bridge_slave_0) entered blocking state
[  136.262791][ T9874] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.270367][ T9874] device bridge_slave_0 entered promiscuous mode
[  136.277986][ T9874] bridge0: port 2(bridge_slave_1) entered blocking state
[  136.285091][ T9874] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.293378][ T9874] device bridge_slave_1 entered promiscuous mode
[  136.300396][ T9866] bridge0: port 2(bridge_slave_1) entered blocking state
[  136.307539][ T9866] bridge0: port 2(bridge_slave_1) entered forwarding state
[  136.314872][ T9866] bridge0: port 1(bridge_slave_0) entered blocking state
[  136.321935][ T9866] bridge0: port 1(bridge_slave_0) entered forwarding state
[  136.333376][ T9871] bridge0: port 1(bridge_slave_0) entered blocking state
[  136.340550][ T9871] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.348108][ T9871] device bridge_slave_0 entered promiscuous mode
[  136.403776][ T9865] device hsr_slave_0 entered promiscuous mode
[  136.441838][ T9865] device hsr_slave_1 entered promiscuous mode
[  136.481604][ T9865] debugfs: Directory 'hsr0' with parent '/' already present!
[  136.498246][ T9873] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  136.508839][ T9873] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  136.521532][ T9871] bridge0: port 2(bridge_slave_1) entered blocking state
[  136.528585][ T9871] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.536574][ T9871] device bridge_slave_1 entered promiscuous mode
[  136.558791][ T9874] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  136.574668][ T9871] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  136.586473][ T9871] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  136.598345][ T9874] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  136.615783][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.633558][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.658978][ T9873] team0: Port device team_slave_0 added
[  136.668913][ T9873] team0: Port device team_slave_1 added
[  136.686408][ T9871] team0: Port device team_slave_0 added
[  136.698751][ T9869] bridge0: port 1(bridge_slave_0) entered blocking state
[  136.706520][ T9869] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.714243][ T9869] device bridge_slave_0 entered promiscuous mode
[  136.722190][ T9874] team0: Port device team_slave_0 added
[  136.727897][ T9869] bridge0: port 2(bridge_slave_1) entered blocking state
[  136.735287][ T9869] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.743280][ T9869] device bridge_slave_1 entered promiscuous mode
[  136.754864][ T9871] team0: Port device team_slave_1 added
[  136.766430][ T9869] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  136.833000][ T9873] device hsr_slave_0 entered promiscuous mode
[  136.883072][ T9873] device hsr_slave_1 entered promiscuous mode
[  136.931551][ T9873] debugfs: Directory 'hsr0' with parent '/' already present!
[  136.939863][ T9874] team0: Port device team_slave_1 added
[  136.992998][ T9874] device hsr_slave_0 entered promiscuous mode
[  137.041952][ T9874] device hsr_slave_1 entered promiscuous mode
[  137.081932][ T9874] debugfs: Directory 'hsr0' with parent '/' already present!
[  137.091915][ T9869] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  137.162997][ T9871] device hsr_slave_0 entered promiscuous mode
[  137.231860][ T9871] device hsr_slave_1 entered promiscuous mode
[  137.271609][ T9871] debugfs: Directory 'hsr0' with parent '/' already present!
[  137.282277][ T9869] team0: Port device team_slave_0 added
[  137.289073][ T9869] team0: Port device team_slave_1 added
[  137.305664][ T9866] 8021q: adding VLAN 0 to HW filter on device bond0
[  137.338681][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  137.347039][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  137.356117][ T9866] 8021q: adding VLAN 0 to HW filter on device team0
[  137.373265][ T9865] 8021q: adding VLAN 0 to HW filter on device bond0
[  137.423756][ T9869] device hsr_slave_0 entered promiscuous mode
[  137.481842][ T9869] device hsr_slave_1 entered promiscuous mode
[  137.521649][ T9869] debugfs: Directory 'hsr0' with parent '/' already present!
[  137.533584][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  137.542279][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  137.550483][ T3014] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.557553][ T3014] bridge0: port 1(bridge_slave_0) entered forwarding state
[  137.565160][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  137.573723][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  137.582086][ T3014] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.589131][ T3014] bridge0: port 2(bridge_slave_1) entered forwarding state
[  137.596792][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  137.606161][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  137.629706][ T9865] 8021q: adding VLAN 0 to HW filter on device team0
[  137.637847][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  137.647717][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  137.656437][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  137.665080][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  137.673390][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  137.680879][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  137.688817][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  137.714222][ T9866] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  137.724984][ T9866] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  137.736431][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  137.744850][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  137.753040][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  137.761148][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  137.769344][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  137.777714][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  137.786175][ T3014] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.793237][ T3014] bridge0: port 1(bridge_slave_0) entered forwarding state
[  137.800697][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  137.809200][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  137.817433][ T3014] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.824484][ T3014] bridge0: port 2(bridge_slave_1) entered forwarding state
[  137.832047][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  137.840416][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  137.848919][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  137.856545][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  137.873604][ T9873] 8021q: adding VLAN 0 to HW filter on device bond0
[  137.889155][ T9865] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  137.900462][ T9865] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  137.913510][ T9871] 8021q: adding VLAN 0 to HW filter on device bond0
[  137.930665][ T9874] 8021q: adding VLAN 0 to HW filter on device bond0
[  137.939263][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  137.948005][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  137.956735][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  137.965204][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  137.974379][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  137.982549][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  137.990649][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  137.998818][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  138.006890][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  138.014610][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  138.027678][ T9865] 8021q: adding VLAN 0 to HW filter on device batadv0
[  138.054244][ T9866] 8021q: adding VLAN 0 to HW filter on device batadv0
[  138.066065][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  138.075137][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  138.093800][ T9874] 8021q: adding VLAN 0 to HW filter on device team0
[  138.105753][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  138.113641][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  138.121301][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  138.130220][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  138.139355][   T17] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.146432][   T17] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.154818][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  138.167068][ T9871] 8021q: adding VLAN 0 to HW filter on device team0
[  138.191310][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  138.204163][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  138.213042][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  138.230270][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  138.238730][   T17] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.245790][   T17] bridge0: port 2(bridge_slave_1) entered forwarding state
[  138.253689][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  138.262371][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  138.273705][ T9873] 8021q: adding VLAN 0 to HW filter on device team0
[  138.289256][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  138.298254][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  138.307134][ T9881] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.314307][ T9881] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.327563][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  138.337436][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  138.345899][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  138.354960][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  138.363505][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  138.373667][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  138.382659][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  138.390431][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  138.406798][ T9871] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  138.417714][ T9871] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  138.435450][ T9874] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  138.449454][ T9874] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  138.466331][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  138.480481][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  138.494042][ T9881] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.501089][ T9881] bridge0: port 2(bridge_slave_1) entered forwarding state
[  138.509477][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  138.518069][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  138.526740][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  138.535365][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  138.544718][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  138.553261][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  138.562011][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  138.578364][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  138.586995][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  138.599519][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  138.608012][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  138.616429][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  138.625202][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  138.633386][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  138.645182][ T9869] 8021q: adding VLAN 0 to HW filter on device bond0
[  138.659761][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  138.668793][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  138.677386][ T3516] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.684459][ T3516] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.692927][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  138.701299][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  138.709864][ T3516] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.716906][ T3516] bridge0: port 2(bridge_slave_1) entered forwarding state
[  138.724724][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  138.738979][ T9871] 8021q: adding VLAN 0 to HW filter on device batadv0
[  138.755708][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  138.770786][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  138.786099][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  138.794907][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  138.803476][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  138.810939][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  138.819065][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  138.828740][ T9869] 8021q: adding VLAN 0 to HW filter on device team0
[  138.846163][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  138.855821][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  138.864651][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  138.873353][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  138.882313][   T17] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.889360][   T17] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.912339][ T9874] 8021q: adding VLAN 0 to HW filter on device batadv0
[  138.923631][ T9873] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  138.939929][ T9873] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  138.951849][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  138.959795][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  138.968284][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  138.976501][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  138.985612][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  138.993880][ T3516] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.000905][ T3516] bridge0: port 2(bridge_slave_1) entered forwarding state
[  139.008559][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  139.017258][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  139.025413][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  139.033942][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  139.060814][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  139.073871][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  139.090892][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  139.105204][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  139.114497][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  139.123265][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  139.135725][ T9869] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  139.146763][ T9869] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  139.159261][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  139.168277][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  139.192004][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  139.200150][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  139.209264][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  139.220983][ T9873] 8021q: adding VLAN 0 to HW filter on device batadv0
[  139.243311][ T9869] 8021q: adding VLAN 0 to HW filter on device batadv0
2019/07/26 00:38:46 executed programs: 20
2019/07/26 00:38:51 executed programs: 72
2019/07/26 00:38:56 executed programs: 125
2019/07/26 00:39:01 executed programs: 181
2019/07/26 00:39:03 result: hanged=false err=executor 1: exit status 67
setns(netns) failed (errno 22)
child failed (errno 0)
loop exited with status 67


setns(netns) failed (errno 22)
child failed (errno 0)
loop exited with status 67
[  157.189735][T11024] IPVS: ftp: loaded support on port[0] = 21
[  157.306386][T11024] chnl_net:caif_netlink_parms(): no params data found
[  157.327782][T11024] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.335016][T11024] bridge0: port 1(bridge_slave_0) entered disabled state
[  157.342713][T11024] device bridge_slave_0 entered promiscuous mode
[  157.373971][T11024] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.381348][T11024] bridge0: port 2(bridge_slave_1) entered disabled state
[  157.389088][T11024] device bridge_slave_1 entered promiscuous mode
[  157.404413][T11024] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  157.414694][T11024] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  157.480116][T11024] team0: Port device team_slave_0 added
[  157.486942][T11024] team0: Port device team_slave_1 added
[  157.573196][T11024] device hsr_slave_0 entered promiscuous mode
[  157.611828][T11024] device hsr_slave_1 entered promiscuous mode
[  157.651575][T11024] debugfs: Directory 'hsr0' with parent '/' already present!
[  157.687916][T11024] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.694989][T11024] bridge0: port 2(bridge_slave_1) entered forwarding state
[  157.702283][T11024] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.709305][T11024] bridge0: port 1(bridge_slave_0) entered forwarding state
[  157.733464][T11024] 8021q: adding VLAN 0 to HW filter on device bond0
[  157.744011][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  157.752911][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  157.760364][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  157.795316][T11024] 8021q: adding VLAN 0 to HW filter on device team0
[  157.805360][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  157.814201][ T3516] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.821280][ T3516] bridge0: port 1(bridge_slave_0) entered forwarding state
[  157.831328][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  157.840249][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.847359][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  157.890708][T11024] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  157.901633][T11024] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  157.917305][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  157.926544][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  157.935004][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  157.946330][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  157.960676][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  157.969024][ T9881] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  158.040521][T11024] 8021q: adding VLAN 0 to HW filter on device batadv0
[  158.123783][ T9894] device bridge_slave_1 left promiscuous mode
[  158.130490][ T9894] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.164515][ T9894] device bridge_slave_0 left promiscuous mode
[  158.170697][ T9894] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.911752][ T9894] device hsr_slave_0 left promiscuous mode
[  158.951557][ T9894] device hsr_slave_1 left promiscuous mode
[  159.000180][ T9894] team0 (unregistering): Port device team_slave_1 removed
[  159.012811][ T9894] team0 (unregistering): Port device team_slave_0 removed
[  159.028557][ T9894] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  159.097450][ T9894] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  159.157731][ T9894] bond0 (unregistering): Released all slaves
2019/07/26 00:39:06 executed programs: 231
[  163.321667][    C0] ------------[ cut here ]------------
[  163.327204][    C0] refcount_t: increment on 0; use-after-free.
[  163.327300][T11375] ==================================================================
[  163.333588][    C0] WARNING: CPU: 0 PID: 0 at lib/refcount.c:156 refcount_inc_checked+0x61/0x70
[  163.341519][T11375] BUG: KASAN: use-after-free in refcount_inc_not_zero_checked+0x81/0x200
[  163.350326][    C0] Kernel panic - not syncing: panic_on_warn set ...
[  163.360197][T11375] Read of size 4 at addr ffff88808dca7340 by task syz-executor.0/11375
[  163.360207][T11375] 
[  163.366779][    C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.3.0-rc1-next-20190725 #52
[  163.385762][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  163.395798][    C0] Call Trace:
[  163.399067][    C0]  <IRQ>
[  163.401924][    C0]  dump_stack+0x172/0x1f0
[  163.406241][    C0]  ? refcount_inc_not_zero_checked+0x1d0/0x200
[  163.412380][    C0]  panic+0x2dc/0x755
[  163.416263][    C0]  ? add_taint.cold+0x16/0x16
[  163.420940][    C0]  ? __kasan_check_write+0x14/0x20
[  163.426062][    C0]  ? __warn.cold+0x5/0x4c
[  163.430380][    C0]  ? __warn+0xe7/0x1e0
[  163.434434][    C0]  ? refcount_inc_checked+0x61/0x70
[  163.439618][    C0]  __warn.cold+0x20/0x4c
[  163.443845][    C0]  ? vprintk_emit+0x1ea/0x700
[  163.448508][    C0]  ? refcount_inc_checked+0x61/0x70
[  163.453702][    C0]  report_bug+0x263/0x2b0
[  163.458021][    C0]  do_error_trap+0x11b/0x200
[  163.462604][    C0]  do_invalid_op+0x37/0x50
[  163.467002][    C0]  ? refcount_inc_checked+0x61/0x70
[  163.472182][    C0]  invalid_op+0x23/0x30
[  163.476322][    C0] RIP: 0010:refcount_inc_checked+0x61/0x70
[  163.482112][    C0] Code: 1d c4 6e 64 06 31 ff 89 de e8 eb 45 35 fe 84 db 75 dd e8 a2 44 35 fe 48 c7 c7 00 22 c6 87 c6 05 a4 6e 64 06 01 e8 77 a0 06 fe <0f> 0b eb c1 90 90 90 90 90 90 90 90 90 90 90 55 48 89 e5 41 57 41
[  163.501957][    C0] RSP: 0018:ffff8880ae809bf0 EFLAGS: 00010282
[  163.508004][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  163.515968][    C0] RDX: 0000000000000100 RSI: ffffffff815c62a6 RDI: ffffed1015d01370
[  163.523921][    C0] RBP: ffff8880ae809c00 R08: ffffffff88c7a1c0 R09: fffffbfff134b609
[  163.531886][    C0] R10: fffffbfff134b608 R11: ffffffff89a5b047 R12: ffff88808dca7340
[  163.539841][    C0] R13: ffff88808dca7328 R14: ffff8880a11f7188 R15: ffff8880a11f7160
[  163.547814][    C0]  ? vprintk_func+0x86/0x189
[  163.552395][    C0]  nr_insert_socket+0x2d/0xe0
[  163.557074][    C0]  nr_rx_frame+0x1605/0x1e73
[  163.561654][    C0]  nr_loopback_timer+0x7b/0x170
[  163.566502][    C0]  call_timer_fn+0x1ac/0x780
[  163.571080][    C0]  ? nr_process_rx_frame+0x1540/0x1540
[  163.576521][    C0]  ? msleep_interruptible+0x150/0x150
[  163.581882][    C0]  ? trace_hardirqs_on+0x67/0x240
[  163.586888][    C0]  ? __kasan_check_read+0x11/0x20
[  163.591892][    C0]  ? nr_process_rx_frame+0x1540/0x1540
[  163.597337][    C0]  ? nr_process_rx_frame+0x1540/0x1540
[  163.602798][    C0]  run_timer_softirq+0x697/0x17a0
[  163.607812][    C0]  ? add_timer+0x930/0x930
[  163.612212][    C0]  ? kvm_clock_read+0x18/0x30
[  163.616876][    C0]  ? kvm_sched_clock_read+0x9/0x20
[  163.621969][    C0]  ? sched_clock+0x2e/0x50
[  163.626370][    C0]  ? sched_clock_cpu+0x1b/0x1b0
[  163.631203][    C0]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  163.637429][    C0]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  163.643655][    C0]  __do_softirq+0x262/0x98c
[  163.648162][    C0]  ? sched_clock_cpu+0x1b/0x1b0
[  163.652999][    C0]  irq_exit+0x19b/0x1e0
[  163.657150][    C0]  smp_apic_timer_interrupt+0x1a3/0x610
[  163.662688][    C0]  apic_timer_interrupt+0xf/0x20
[  163.667599][    C0]  </IRQ>
[  163.670531][    C0] RIP: 0010:native_safe_halt+0xe/0x10
[  163.675887][    C0] Code: 78 d2 6d fa eb 8a 90 90 90 90 90 90 e9 07 00 00 00 0f 00 2d 84 14 49 00 f4 c3 66 90 e9 07 00 00 00 0f 00 2d 74 14 49 00 fb f4 <c3> 90 55 48 89 e5 41 57 41 56 41 55 41 54 53 e8 9e 5d 21 fa e8 69
[  163.695471][    C0] RSP: 0018:ffffffff88c07ce8 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13
[  163.703869][    C0] RAX: 1ffffffff11a5e5b RBX: ffffffff88c7a1c0 RCX: 1ffffffff134bc46
[  163.711827][    C0] RDX: dffffc0000000000 RSI: ffffffff817831be RDI: ffffffff873f168c
[  163.719884][    C0] RBP: ffffffff88c07d18 R08: ffffffff88c7a1c0 R09: fffffbfff118f439
[  163.727840][    C0] R10: fffffbfff118f438 R11: ffffffff88c7a1c7 R12: dffffc0000000000
[  163.735795][    C0] R13: ffffffff89a5b040 R14: 0000000000000000 R15: 0000000000000000
[  163.743769][    C0]  ? trace_hardirqs_on+0x5e/0x240
[  163.748777][    C0]  ? default_idle+0x1c/0x360
[  163.753358][    C0]  ? default_idle+0x4e/0x360
[  163.757944][    C0]  arch_cpu_idle+0xa/0x10
[  163.762268][    C0]  default_idle_call+0x84/0xb0
[  163.767045][    C0]  do_idle+0x413/0x760
[  163.771099][    C0]  ? arch_cpu_idle_exit+0x80/0x80
[  163.776112][    C0]  cpu_startup_entry+0x1b/0x20
[  163.780861][    C0]  rest_init+0x245/0x37b
[  163.785088][    C0]  arch_call_rest_init+0xe/0x1b
[  163.789927][    C0]  start_kernel+0x912/0x951
[  163.794412][    C0]  ? mem_encrypt_init+0xb/0xb
[  163.799075][    C0]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  163.805300][    C0]  ? x86_family+0x41/0x50
[  163.809615][    C0]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  163.815843][    C0]  x86_64_start_reservations+0x29/0x2b
[  163.821287][    C0]  x86_64_start_kernel+0x77/0x7b
[  163.826211][    C0]  secondary_startup_64+0xa4/0xb0
[  163.831233][T11375] CPU: 1 PID: 11375 Comm: syz-executor.0 Not tainted 5.3.0-rc1-next-20190725 #52
[  163.840332][T11375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  163.850369][T11375] Call Trace:
[  163.853645][T11375]  dump_stack+0x172/0x1f0
[  163.857958][T11375]  ? refcount_inc_not_zero_checked+0x81/0x200
[  163.864006][T11375]  print_address_description.cold+0xd4/0x306
[  163.869965][T11375]  ? refcount_inc_not_zero_checked+0x81/0x200
[  163.876017][T11375]  ? refcount_inc_not_zero_checked+0x81/0x200
[  163.882068][T11375]  __kasan_report.cold+0x1b/0x36
[  163.886987][T11375]  ? refcount_inc_not_zero_checked+0x81/0x200
[  163.893036][T11375]  kasan_report+0x12/0x17
[  163.897347][T11375]  check_memory_region+0x134/0x1a0
[  163.902438][T11375]  __kasan_check_read+0x11/0x20
[  163.907270][T11375]  refcount_inc_not_zero_checked+0x81/0x200
[  163.913143][T11375]  ? refcount_dec_and_mutex_lock+0x90/0x90
[  163.918929][T11375]  ? __kasan_check_write+0x14/0x20
[  163.924024][T11375]  refcount_inc_checked+0x17/0x70
[  163.929034][T11375]  nr_release+0x62/0x3e0
[  163.933443][T11375]  __sock_release+0xce/0x280
[  163.938012][T11375]  sock_close+0x1e/0x30
[  163.942154][T11375]  __fput+0x2ff/0x890
[  163.946119][T11375]  ? __sock_release+0x280/0x280
[  163.950950][T11375]  ____fput+0x16/0x20
[  163.954915][T11375]  task_work_run+0x145/0x1c0
[  163.959493][T11375]  exit_to_usermode_loop+0x316/0x380
[  163.964762][T11375]  do_syscall_64+0x65f/0x760
[  163.969341][T11375]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  163.975218][T11375] RIP: 0033:0x413511
[  163.979096][T11375] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  163.998696][T11375] RSP: 002b:00007fff30f7c4b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  164.007087][T11375] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000413511
[  164.015035][T11375] RDX: 0000001b2c820000 RSI: 0000000000000000 RDI: 0000000000000003
[  164.022985][T11375] RBP: 0000000000000001 R08: ffffffffffffffff R09: ffffffffffffffff
[  164.030934][T11375] R10: 00007fff30f7c590 R11: 0000000000000293 R12: 000000000075c9a0
[  164.038886][T11375] R13: 000000000075c9a0 R14: 0000000000760cb8 R15: ffffffffffffffff
[  164.046845][T11375] 
[  164.049158][T11375] Allocated by task 0:
[  164.053206][T11375]  save_stack+0x23/0x90
[  164.057346][T11375]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[  164.062956][T11375]  kasan_kmalloc+0x9/0x10
[  164.067264][T11375]  __kmalloc+0x163/0x770
[  164.071489][T11375]  sk_prot_alloc+0x23a/0x310
[  164.076056][T11375]  sk_alloc+0x39/0xf70
[  164.080107][T11375]  nr_rx_frame+0x733/0x1e73
[  164.084590][T11375]  nr_loopback_timer+0x7b/0x170
[  164.089420][T11375]  call_timer_fn+0x1ac/0x780
[  164.093992][T11375]  run_timer_softirq+0x697/0x17a0
[  164.098998][T11375]  __do_softirq+0x262/0x98c
[  164.103472][T11375] 
[  164.105781][T11375] Freed by task 11379:
[  164.109832][T11375]  save_stack+0x23/0x90
[  164.113969][T11375]  __kasan_slab_free+0x102/0x150
[  164.118884][T11375]  kasan_slab_free+0xe/0x10
[  164.123364][T11375]  kfree+0x10a/0x2c0
[  164.127236][T11375]  __sk_destruct+0x4f7/0x6e0
[  164.131803][T11375]  sk_destruct+0x86/0xa0
[  164.136025][T11375]  __sk_free+0xfb/0x360
[  164.140160][T11375]  sk_free+0x42/0x50
[  164.144033][T11375]  sock_efree+0x61/0x80
[  164.148168][T11375]  skb_release_head_state+0xeb/0x250
[  164.153449][T11375]  skb_release_all+0x16/0x60
[  164.158030][T11375]  kfree_skb+0x101/0x3c0
[  164.162252][T11375]  nr_accept+0x56e/0x700
[  164.166474][T11375]  __sys_accept4+0x34e/0x6a0
[  164.171046][T11375]  __x64_sys_accept+0x75/0xb0
[  164.175704][T11375]  do_syscall_64+0xfa/0x760
[  164.180188][T11375]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  164.186056][T11375] 
[  164.188369][T11375] The buggy address belongs to the object at ffff88808dca72c0
[  164.188369][T11375]  which belongs to the cache kmalloc-2k of size 2048
[  164.202405][T11375] The buggy address is located 128 bytes inside of
[  164.202405][T11375]  2048-byte region [ffff88808dca72c0, ffff88808dca7ac0)
[  164.215736][T11375] The buggy address belongs to the page:
[  164.221353][T11375] page:ffffea0002372980 refcount:1 mapcount:0 mapping:ffff8880aa400e00 index:0x0 compound_mapcount: 0
[  164.232265][T11375] flags: 0x1fffc0000010200(slab|head)
[  164.237631][T11375] raw: 01fffc0000010200 ffffea00029ec308 ffffea000240e488 ffff8880aa400e00
[  164.246194][T11375] raw: 0000000000000000 ffff88808dca61c0 0000000100000003 0000000000000000
[  164.254750][T11375] page dumped because: kasan: bad access detected
[  164.261134][T11375] 
[  164.263436][T11375] Memory state around the buggy address:
[  164.269044][T11375]  ffff88808dca7200: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  164.277087][T11375]  ffff88808dca7280: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
[  164.285129][T11375] >ffff88808dca7300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  164.293169][T11375]                                            ^
[  164.299299][T11375]  ffff88808dca7380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  164.307352][T11375]  ffff88808dca7400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  164.315386][T11375] ==================================================================
[  164.324665][    C0] Kernel Offset: disabled
[  164.328987][    C0] Rebooting in 86400 seconds..