[   80.839702][   T27] audit: type=1800 audit(1564604257.668:26): pid=10390 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   80.865295][   T27] audit: type=1800 audit(1564604257.678:27): pid=10390 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[   80.885801][   T27] audit: type=1800 audit(1564604257.678:28): pid=10390 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   81.733316][   T27] audit: type=1800 audit(1564604258.608:29): pid=10390 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.98' (ECDSA) to the list of known hosts.
2019/07/31 20:33:04 parsed 1 programs
2019/07/31 20:33:07 executed programs: 0
syzkaller login: [ 1010.398291][T10567] IPVS: ftp: loaded support on port[0] = 21
[ 1010.398325][T10566] IPVS: ftp: loaded support on port[0] = 21
[ 1010.417726][T10565] IPVS: ftp: loaded support on port[0] = 21
[ 1010.476489][T10570] IPVS: ftp: loaded support on port[0] = 21
[ 1010.490040][T10572] IPVS: ftp: loaded support on port[0] = 21
[ 1010.497530][T10573] IPVS: ftp: loaded support on port[0] = 21
[ 1010.596685][T10567] chnl_net:caif_netlink_parms(): no params data found
[ 1010.625672][T10566] chnl_net:caif_netlink_parms(): no params data found
[ 1010.765329][T10567] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1010.774430][T10567] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1010.782504][T10567] device bridge_slave_0 entered promiscuous mode
[ 1010.792360][T10567] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1010.799495][T10567] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1010.808091][T10567] device bridge_slave_1 entered promiscuous mode
[ 1010.827313][T10565] chnl_net:caif_netlink_parms(): no params data found
[ 1010.854390][T10566] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1010.864007][T10566] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1010.871808][T10566] device bridge_slave_0 entered promiscuous mode
[ 1010.880675][T10567] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1010.893305][T10567] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1010.902943][T10573] chnl_net:caif_netlink_parms(): no params data found
[ 1010.922186][T10570] chnl_net:caif_netlink_parms(): no params data found
[ 1010.931167][T10566] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1010.938443][T10566] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1010.946908][T10566] device bridge_slave_1 entered promiscuous mode
[ 1010.969084][T10567] team0: Port device team_slave_0 added
[ 1010.985694][T10566] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1010.995398][T10572] chnl_net:caif_netlink_parms(): no params data found
[ 1011.008012][T10567] team0: Port device team_slave_1 added
[ 1011.018251][T10566] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1011.051375][T10565] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1011.061232][T10565] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1011.069184][T10565] device bridge_slave_0 entered promiscuous mode
[ 1011.078370][T10566] team0: Port device team_slave_0 added
[ 1011.104615][T10565] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1011.111947][T10565] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1011.119526][T10565] device bridge_slave_1 entered promiscuous mode
[ 1011.126476][T10573] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1011.134050][T10573] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1011.142014][T10573] device bridge_slave_0 entered promiscuous mode
[ 1011.150436][T10566] team0: Port device team_slave_1 added
[ 1011.156402][T10573] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1011.163549][T10573] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1011.171577][T10573] device bridge_slave_1 entered promiscuous mode
[ 1011.185104][T10570] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1011.192303][T10570] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1011.200072][T10570] device bridge_slave_0 entered promiscuous mode
[ 1011.218157][T10572] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1011.225985][T10572] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1011.233910][T10572] device bridge_slave_0 entered promiscuous mode
[ 1011.242524][T10570] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1011.250015][T10570] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1011.257842][T10570] device bridge_slave_1 entered promiscuous mode
[ 1011.321567][T10567] device hsr_slave_0 entered promiscuous mode
[ 1011.371401][T10567] device hsr_slave_1 entered promiscuous mode
[ 1011.441877][T10572] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1011.449781][T10572] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1011.457480][T10572] device bridge_slave_1 entered promiscuous mode
[ 1011.471994][T10565] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1011.483749][T10573] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1011.497791][T10573] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1011.515865][T10570] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1011.561609][T10566] device hsr_slave_0 entered promiscuous mode
[ 1011.600047][T10566] device hsr_slave_1 entered promiscuous mode
[ 1011.659757][T10566] debugfs: Directory 'hsr0' with parent '/' already present!
[ 1011.668769][T10565] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1011.682927][T10572] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1011.693335][T10570] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1011.727709][T10573] team0: Port device team_slave_0 added
[ 1011.735021][T10572] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1011.760706][T10572] team0: Port device team_slave_0 added
[ 1011.771131][T10573] team0: Port device team_slave_1 added
[ 1011.777635][T10565] team0: Port device team_slave_0 added
[ 1011.792195][T10572] team0: Port device team_slave_1 added
[ 1011.798916][T10565] team0: Port device team_slave_1 added
[ 1011.812496][T10570] team0: Port device team_slave_0 added
[ 1011.871329][T10565] device hsr_slave_0 entered promiscuous mode
[ 1011.930031][T10565] device hsr_slave_1 entered promiscuous mode
[ 1011.989697][T10565] debugfs: Directory 'hsr0' with parent '/' already present!
[ 1012.001340][T10570] team0: Port device team_slave_1 added
[ 1012.061663][T10572] device hsr_slave_0 entered promiscuous mode
[ 1012.100051][T10572] device hsr_slave_1 entered promiscuous mode
[ 1012.169698][T10572] debugfs: Directory 'hsr0' with parent '/' already present!
[ 1012.222605][T10573] device hsr_slave_0 entered promiscuous mode
[ 1012.289970][T10573] device hsr_slave_1 entered promiscuous mode
[ 1012.369682][T10573] debugfs: Directory 'hsr0' with parent '/' already present!
[ 1012.442842][T10570] device hsr_slave_0 entered promiscuous mode
[ 1012.480294][T10570] device hsr_slave_1 entered promiscuous mode
[ 1012.539783][T10570] debugfs: Directory 'hsr0' with parent '/' already present!
[ 1012.653442][T10567] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1012.675649][T10566] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1012.704452][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1012.712198][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1012.730838][T10567] 8021q: adding VLAN 0 to HW filter on device team0
[ 1012.739939][T10574] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1012.749349][T10574] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1012.778147][T10566] 8021q: adding VLAN 0 to HW filter on device team0
[ 1012.795490][T10573] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1012.805729][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1012.814932][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1012.823418][   T17] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1012.830592][   T17] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1012.839211][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1012.847950][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1012.856328][   T17] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1012.863455][   T17] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1012.871520][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1012.880310][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1012.889379][   T17] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1012.896521][   T17] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1012.904290][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1012.913372][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1012.921848][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1012.933477][T10565] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1012.943223][T10572] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1012.975121][T10584] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1012.983779][T10584] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1012.991790][T10584] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1013.002529][T10584] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1013.011505][T10584] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1013.018574][T10584] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1013.026529][T10584] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1013.035484][T10584] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1013.044125][T10584] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1013.053199][T10584] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1013.062092][T10584] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1013.071273][T10584] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1013.079782][T10584] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1013.087543][T10584] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1013.099039][T10570] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1013.117062][T10572] 8021q: adding VLAN 0 to HW filter on device team0
[ 1013.124489][T10584] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1013.133044][T10584] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1013.142158][T10584] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1013.150894][T10584] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1013.159253][T10584] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1013.168542][T10584] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1013.182377][T10573] 8021q: adding VLAN 0 to HW filter on device team0
[ 1013.194398][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1013.203160][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1013.212080][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1013.220294][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1013.228392][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1013.238105][T10566] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1013.247457][T10570] 8021q: adding VLAN 0 to HW filter on device team0
[ 1013.261142][T10565] 8021q: adding VLAN 0 to HW filter on device team0
[ 1013.280750][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1013.288643][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1013.296738][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1013.306053][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1013.314884][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1013.322010][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1013.330431][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1013.338964][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1013.348280][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1013.355382][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1013.363185][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1013.371787][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1013.380426][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1013.388721][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1013.414077][T10567] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1013.425533][T10567] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1013.439958][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1013.448060][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1013.457904][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1013.468283][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1013.477273][T10587] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1013.484407][T10587] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1013.492617][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1013.501455][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1013.510099][T10587] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1013.517123][T10587] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1013.524818][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1013.533351][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1013.542469][T10587] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1013.549511][T10587] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1013.557302][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1013.566202][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1013.574972][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1013.583679][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1013.592478][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1013.601291][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1013.609453][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1013.618546][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1013.627347][T10587] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1013.634443][T10587] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1013.642110][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1013.651140][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1013.659795][T10587] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1013.666874][T10587] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1013.676335][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1013.684512][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1013.692726][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1013.701509][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1013.718795][T10565] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1013.730069][T10565] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1013.755585][T10566] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1013.763818][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1013.776299][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1013.785947][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1013.794781][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1013.803464][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1013.811864][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1013.820235][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1013.829083][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1013.837537][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1013.845822][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1013.854824][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1013.862719][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1013.877188][T10565] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1013.892852][T10586] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1013.906846][T10586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1013.918208][T10586] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1013.928490][T10567] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1013.946484][T10572] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1013.957081][T10572] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1013.986985][T10586] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1013.995274][T10586] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1014.010696][T10586] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1014.019112][T10586] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1014.026228][T10586] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1014.034271][T10586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1014.043480][T10586] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1014.052025][T10586] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1014.060626][T10586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1014.068951][T10586] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1014.077449][T10586] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1014.085782][T10586] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1014.094145][T10586] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1014.102726][T10586] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1014.111160][T10586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1014.119457][T10586] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1014.127820][T10586] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1014.136632][T10586] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1014.145456][T10586] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1014.159120][T10572] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1014.172415][T10573] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1014.205231][T10581] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1014.242186][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1014.254198][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1014.268126][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1014.277536][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1014.286239][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1014.294846][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1014.307932][T10570] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1014.322053][T10570] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1014.341879][T10573] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1014.361032][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1014.402218][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1014.442834][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1014.538050][T10570] 8021q: adding VLAN 0 to HW filter on device batadv0
2019/07/31 20:33:12 executed programs: 49
2019/07/31 20:33:17 executed programs: 317
2019/07/31 20:33:22 executed programs: 588
2019/07/31 20:33:27 executed programs: 861
2019/07/31 20:33:32 executed programs: 1138
2019/07/31 20:33:37 executed programs: 1399
2019/07/31 20:33:42 executed programs: 1667
2019/07/31 20:33:47 executed programs: 1935
2019/07/31 20:33:52 executed programs: 2196
2019/07/31 20:33:57 executed programs: 2453
2019/07/31 20:34:02 executed programs: 2711
2019/07/31 20:34:07 executed programs: 2961
2019/07/31 20:34:12 executed programs: 3212
2019/07/31 20:34:17 executed programs: 3468
2019/07/31 20:34:22 executed programs: 3718
2019/07/31 20:34:27 executed programs: 3967
2019/07/31 20:34:32 executed programs: 4243
2019/07/31 20:34:37 executed programs: 4495
2019/07/31 20:34:42 executed programs: 4741
2019/07/31 20:34:47 executed programs: 4987
2019/07/31 20:34:52 executed programs: 5217
2019/07/31 20:34:57 executed programs: 5455
2019/07/31 20:35:02 executed programs: 5717
2019/07/31 20:35:07 executed programs: 5943
2019/07/31 20:35:12 executed programs: 6170
2019/07/31 20:35:17 executed programs: 6385
2019/07/31 20:35:22 executed programs: 6610
2019/07/31 20:35:27 executed programs: 6834
2019/07/31 20:35:32 executed programs: 7096
2019/07/31 20:35:37 executed programs: 7350
[ 1162.754350][T23145] ==================================================================
[ 1162.762540][T23145] BUG: KASAN: use-after-free in sk_psock_unlink+0x3dd/0x4b0
[ 1162.769828][T23145] Read of size 4 at addr ffff888094120358 by task syz-executor.2/23145
[ 1162.769832][T23145] 
[ 1162.769854][T23145] CPU: 1 PID: 23145 Comm: syz-executor.2 Not tainted 5.3.0-rc2+ #91
[ 1162.769862][T23145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1162.769875][T23145] Call Trace:
[ 1162.769928][T23145]  dump_stack+0x172/0x1f0
[ 1162.806125][T23145]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1162.811093][T23145]  ? tcp_check_oom+0x560/0x560
[ 1162.815895][T23145]  print_address_description.cold+0xd4/0x306
[ 1162.821877][T23145]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1162.826821][T23145]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1162.831761][T23145]  ? tcp_check_oom+0x560/0x560
[ 1162.836535][T23145]  __kasan_report.cold+0x1b/0x36
[ 1162.836552][T23145]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1162.836570][T23145]  kasan_report+0x12/0x17
[ 1162.852255][T23145]  __asan_report_load4_noabort+0x14/0x20
[ 1162.857881][T23145]  sk_psock_unlink+0x3dd/0x4b0
[ 1162.862638][T23145]  ? sk_psock_unlink+0x1/0x4b0
[ 1162.867400][T23145]  ? tcp_check_oom+0x560/0x560
[ 1162.872171][T23145]  tcp_bpf_remove+0x21/0x50
[ 1162.876663][T23145]  tcp_bpf_close+0x130/0x390
[ 1162.881252][T23145]  tls_sk_proto_close+0x2f8/0x6b0
[ 1162.886293][T23145]  ? __sock_release+0x89/0x280
[ 1162.891048][T23145]  ? tcp_bpf_recvmsg+0xa70/0xa70
[ 1162.895976][T23145]  ? wait_on_pending_writer+0x420/0x420
[ 1162.901522][T23145]  ? ip_mc_drop_socket+0x211/0x270
[ 1162.906636][T23145]  ? down_write+0xdf/0x150
[ 1162.911044][T23145]  inet_release+0xed/0x200
[ 1162.915467][T23145]  inet6_release+0x53/0x80
[ 1162.919874][T23145]  __sock_release+0xce/0x280
[ 1162.924459][T23145]  sock_close+0x1e/0x30
[ 1162.928623][T23145]  __fput+0x2ff/0x890
[ 1162.932601][T23145]  ? __sock_release+0x280/0x280
[ 1162.937446][T23145]  ____fput+0x16/0x20
[ 1162.941433][T23145]  task_work_run+0x145/0x1c0
[ 1162.946060][T23145]  exit_to_usermode_loop+0x316/0x380
[ 1162.951343][T23145]  do_syscall_64+0x5a9/0x6a0
[ 1162.955928][T23145]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1162.961808][T23145] RIP: 0033:0x4134f0
[ 1162.965703][T23145] Code: 01 f0 ff ff 0f 83 30 1b 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 83 3d 9d 2d 66 00 00 75 14 b8 03 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff
[ 1162.985299][T23145] RSP: 002b:00007fff1f4ede78 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1162.993704][T23145] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 00000000004134f0
[ 1163.001669][T23145] RDX: 0000001b2fe20000 RSI: 0000000000000000 RDI: 0000000000000005
[ 1163.009629][T23145] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffff
[ 1163.017593][T23145] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000075bf20
[ 1163.025554][T23145] R13: 0000000000000005 R14: 0000000000761178 R15: ffffffffffffffff
[ 1163.033522][T23145] 
[ 1163.035853][T23145] Allocated by task 23145:
[ 1163.040277][T23145]  save_stack+0x23/0x90
[ 1163.044424][T23145]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 1163.050053][T23145]  kasan_kmalloc+0x9/0x10
[ 1163.054373][T23145]  kmem_cache_alloc_trace+0x158/0x790
[ 1163.059737][T23145]  sock_map_alloc+0x1bb/0x3a0
[ 1163.064418][T23145]  __do_sys_bpf+0x475/0x42f0
[ 1163.069005][T23145]  __x64_sys_bpf+0x73/0xb0
[ 1163.073412][T23145]  do_syscall_64+0xfd/0x6a0
[ 1163.077902][T23145]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1163.083773][T23145] 
[ 1163.086093][T23145] Freed by task 10574:
[ 1163.090151][T23145]  save_stack+0x23/0x90
[ 1163.094292][T23145]  __kasan_slab_free+0x102/0x150
[ 1163.099230][T23145]  kasan_slab_free+0xe/0x10
[ 1163.103724][T23145]  kfree+0x10a/0x2c0
[ 1163.107607][T23145]  sock_map_free+0x22a/0x310
[ 1163.112185][T23145]  bpf_map_free_deferred+0xb3/0x100
[ 1163.117376][T23145]  process_one_work+0x9af/0x1740
[ 1163.122301][T23145]  worker_thread+0x98/0xe40
[ 1163.126877][T23145]  kthread+0x361/0x430
[ 1163.130938][T23145]  ret_from_fork+0x24/0x30
[ 1163.135335][T23145] 
[ 1163.137657][T23145] The buggy address belongs to the object at ffff888094120340
[ 1163.137657][T23145]  which belongs to the cache kmalloc-512 of size 512
[ 1163.151699][T23145] The buggy address is located 24 bytes inside of
[ 1163.151699][T23145]  512-byte region [ffff888094120340, ffff888094120540)
[ 1163.164867][T23145] The buggy address belongs to the page:
[ 1163.170538][T23145] page:ffffea0002504800 refcount:1 mapcount:0 mapping:ffff8880aa400a80 index:0xffff8880941205c0
[ 1163.180971][T23145] flags: 0x1fffc0000000200(slab)
[ 1163.185917][T23145] raw: 01fffc0000000200 ffffea000244b708 ffffea0002555008 ffff8880aa400a80
[ 1163.194495][T23145] raw: ffff8880941205c0 ffff8880941200c0 0000000100000002 0000000000000000
[ 1163.203063][T23145] page dumped because: kasan: bad access detected
[ 1163.209456][T23145] 
[ 1163.211771][T23145] Memory state around the buggy address:
[ 1163.217400][T23145]  ffff888094120200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1163.225452][T23145]  ffff888094120280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 1163.233507][T23145] >ffff888094120300: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
[ 1163.241551][T23145]                                                     ^
[ 1163.248473][T23145]  ffff888094120380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1163.256521][T23145]  ffff888094120400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1163.264565][T23145] ==================================================================
[ 1163.349647][T23145] Kernel panic - not syncing: panic_on_warn set ...
[ 1163.356312][T23145] CPU: 0 PID: 23145 Comm: syz-executor.2 Tainted: G    B             5.3.0-rc2+ #91
[ 1163.365675][T23145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1163.375724][T23145] Call Trace:
[ 1163.379023][T23145]  dump_stack+0x172/0x1f0
[ 1163.383372][T23145]  ? tcp_check_oom+0x560/0x560
[ 1163.384694][ T3907] kobject: 'loop4' (000000000c4a0fce): kobject_uevent_env
[ 1163.388146][T23145]  panic+0x2dc/0x755
[ 1163.399113][T23145]  ? add_taint.cold+0x16/0x16
[ 1163.403791][T23145]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1163.404080][ T3907] kobject: 'loop4' (000000000c4a0fce): fill_kobj_path: path = '/devices/virtual/block/loop4'
[ 1163.408728][T23145]  ? tcp_check_oom+0x560/0x560
[ 1163.408744][T23145]  ? preempt_schedule+0x4b/0x60
[ 1163.408766][T23145]  ? ___preempt_schedule+0x16/0x20
[ 1163.433573][T23145]  ? trace_hardirqs_on+0x5e/0x240
[ 1163.438606][T23145]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1163.443560][T23145]  ? tcp_check_oom+0x560/0x560
[ 1163.448330][T23145]  end_report+0x47/0x4f
[ 1163.452489][T23145]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1163.457428][T23145]  __kasan_report.cold+0xe/0x36
[ 1163.462304][T23145]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1163.467244][T23145]  kasan_report+0x12/0x17
[ 1163.471591][T23145]  __asan_report_load4_noabort+0x14/0x20
[ 1163.477327][T23145]  sk_psock_unlink+0x3dd/0x4b0
[ 1163.477625][ T3907] kobject: 'loop1' (000000007decbe86): kobject_uevent_env
[ 1163.482197][T23145]  ? sk_psock_unlink+0x1/0x4b0
[ 1163.482214][T23145]  ? tcp_check_oom+0x560/0x560
[ 1163.482225][T23145]  tcp_bpf_remove+0x21/0x50
[ 1163.482236][T23145]  tcp_bpf_close+0x130/0x390
[ 1163.482251][T23145]  tls_sk_proto_close+0x2f8/0x6b0
[ 1163.482273][T23145]  ? __sock_release+0x89/0x280
[ 1163.491445][ T3907] kobject: 'loop1' (000000007decbe86): fill_kobj_path: path = '/devices/virtual/block/loop1'
[ 1163.494136][T23145]  ? tcp_bpf_recvmsg+0xa70/0xa70
[ 1163.494159][T23145]  ? wait_on_pending_writer+0x420/0x420
[ 1163.538307][T23145]  ? ip_mc_drop_socket+0x211/0x270
[ 1163.543686][T23145]  ? down_write+0xdf/0x150
[ 1163.544567][ T3907] kobject: 'loop5' (000000008f11509d): kobject_uevent_env
[ 1163.548105][T23145]  inet_release+0xed/0x200
[ 1163.557087][ T3907] kobject: 'loop5' (000000008f11509d): fill_kobj_path: path = '/devices/virtual/block/loop5'
[ 1163.559698][T23145]  inet6_release+0x53/0x80
[ 1163.559714][T23145]  __sock_release+0xce/0x280
[ 1163.559732][T23145]  sock_close+0x1e/0x30
[ 1163.583011][T23145]  __fput+0x2ff/0x890
[ 1163.587005][T23145]  ? __sock_release+0x280/0x280
[ 1163.591874][T23145]  ____fput+0x16/0x20
[ 1163.595859][T23145]  task_work_run+0x145/0x1c0
[ 1163.600490][T23145]  exit_to_usermode_loop+0x316/0x380
[ 1163.605816][T23145]  do_syscall_64+0x5a9/0x6a0
[ 1163.610418][T23145]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1163.616313][T23145] RIP: 0033:0x4134f0
[ 1163.616418][ T3907] kobject: 'loop3' (00000000b8731efb): kobject_uevent_env
[ 1163.620201][T23145] Code: 01 f0 ff ff 0f 83 30 1b 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 83 3d 9d 2d 66 00 00 75 14 b8 03 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff
[ 1163.620209][T23145] RSP: 002b:00007fff1f4ede78 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1163.620221][T23145] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 00000000004134f0
[ 1163.620236][T23145] RDX: 0000001b2fe20000 RSI: 0000000000000000 RDI: 0000000000000005
[ 1163.629944][ T3907] kobject: 'loop3' (00000000b8731efb): fill_kobj_path: path = '/devices/virtual/block/loop3'
[ 1163.646918][T23145] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffff
[ 1163.646926][T23145] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000075bf20
[ 1163.646933][T23145] R13: 0000000000000005 R14: 0000000000761178 R15: ffffffffffffffff
[ 1163.656409][T23145] Kernel Offset: disabled
[ 1163.710669][T23145] Rebooting in 86400 seconds..