[   34.806155] audit: type=1800 audit(1551252615.208:28): pid=7431 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   35.568184] audit: type=1800 audit(1551252616.058:29): pid=7431 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   35.587861] audit: type=1800 audit(1551252616.058:30): pid=7431 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0
[....] startpar: service(s) returned failure: ssh ...[?25l[?1c7[1G[[31mFAIL[39;49m8[?25h[?0c [31mfailed![39;49m

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.77' (ECDSA) to the list of known hosts.
2019/02/27 07:41:12 parsed 1 programs
2019/02/27 07:41:13 executed programs: 0
syzkaller login: [  693.480046] IPVS: ftp: loaded support on port[0] = 21
[  693.482162] IPVS: ftp: loaded support on port[0] = 21
[  693.495823] IPVS: ftp: loaded support on port[0] = 21
[  693.496981] IPVS: ftp: loaded support on port[0] = 21
[  693.503178] IPVS: ftp: loaded support on port[0] = 21
[  693.511801] IPVS: ftp: loaded support on port[0] = 21
[  693.681925] chnl_net:caif_netlink_parms(): no params data found
[  693.714576] bridge0: port 1(bridge_slave_0) entered blocking state
[  693.722159] bridge0: port 1(bridge_slave_0) entered disabled state
[  693.729275] device bridge_slave_0 entered promiscuous mode
[  693.737206] bridge0: port 2(bridge_slave_1) entered blocking state
[  693.743657] bridge0: port 2(bridge_slave_1) entered disabled state
[  693.750542] device bridge_slave_1 entered promiscuous mode
[  693.756825] chnl_net:caif_netlink_parms(): no params data found
[  693.832349] bridge0: port 1(bridge_slave_0) entered blocking state
[  693.838797] bridge0: port 1(bridge_slave_0) entered disabled state
[  693.845593] device bridge_slave_0 entered promiscuous mode
[  693.858224] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  693.890430] bridge0: port 2(bridge_slave_1) entered blocking state
[  693.896775] bridge0: port 2(bridge_slave_1) entered disabled state
[  693.904768] device bridge_slave_1 entered promiscuous mode
[  693.916185] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  693.936009] team0: Port device team_slave_0 added
[  693.947117] chnl_net:caif_netlink_parms(): no params data found
[  693.961791] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  693.970295] chnl_net:caif_netlink_parms(): no params data found
[  693.978404] team0: Port device team_slave_1 added
[  693.990631] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  693.998419] chnl_net:caif_netlink_parms(): no params data found
[  694.013015] chnl_net:caif_netlink_parms(): no params data found
[  694.089709] device hsr_slave_0 entered promiscuous mode
[  694.157947] device hsr_slave_1 entered promiscuous mode
[  694.256345] team0: Port device team_slave_0 added
[  694.261991] bridge0: port 1(bridge_slave_0) entered blocking state
[  694.271204] bridge0: port 1(bridge_slave_0) entered disabled state
[  694.278241] device bridge_slave_0 entered promiscuous mode
[  694.294434] bridge0: port 1(bridge_slave_0) entered blocking state
[  694.300857] bridge0: port 1(bridge_slave_0) entered disabled state
[  694.307809] device bridge_slave_0 entered promiscuous mode
[  694.317191] bridge0: port 2(bridge_slave_1) entered blocking state
[  694.323591] bridge0: port 2(bridge_slave_1) entered disabled state
[  694.330394] device bridge_slave_1 entered promiscuous mode
[  694.345386] team0: Port device team_slave_1 added
[  694.351549] bridge0: port 2(bridge_slave_1) entered blocking state
[  694.358315] bridge0: port 2(bridge_slave_1) entered disabled state
[  694.365262] device bridge_slave_1 entered promiscuous mode
[  694.382268] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  694.393777] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  694.408343] bridge0: port 1(bridge_slave_0) entered blocking state
[  694.414905] bridge0: port 1(bridge_slave_0) entered disabled state
[  694.421959] device bridge_slave_0 entered promiscuous mode
[  694.428458] bridge0: port 1(bridge_slave_0) entered blocking state
[  694.434780] bridge0: port 1(bridge_slave_0) entered disabled state
[  694.441779] device bridge_slave_0 entered promiscuous mode
[  694.509237] device hsr_slave_0 entered promiscuous mode
[  694.547860] device hsr_slave_1 entered promiscuous mode
[  694.609174] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  694.618784] bridge0: port 2(bridge_slave_1) entered blocking state
[  694.625136] bridge0: port 2(bridge_slave_1) entered disabled state
[  694.632119] device bridge_slave_1 entered promiscuous mode
[  694.638258] bridge0: port 2(bridge_slave_1) entered blocking state
[  694.644580] bridge0: port 2(bridge_slave_1) entered disabled state
[  694.651533] device bridge_slave_1 entered promiscuous mode
[  694.662166] team0: Port device team_slave_0 added
[  694.669157] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  694.677359] team0: Port device team_slave_1 added
[  694.684380] bridge0: port 2(bridge_slave_1) entered blocking state
[  694.690834] bridge0: port 2(bridge_slave_1) entered forwarding state
[  694.697819] bridge0: port 1(bridge_slave_0) entered blocking state
[  694.704170] bridge0: port 1(bridge_slave_0) entered forwarding state
[  694.726663] bridge0: port 1(bridge_slave_0) entered disabled state
[  694.734228] bridge0: port 2(bridge_slave_1) entered disabled state
[  694.758910] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  694.770851] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  694.783013] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  694.792397] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  694.811118] team0: Port device team_slave_0 added
[  694.859519] device hsr_slave_0 entered promiscuous mode
[  694.908038] device hsr_slave_1 entered promiscuous mode
[  694.983408] team0: Port device team_slave_1 added
[  694.993886] team0: Port device team_slave_0 added
[  695.003585] team0: Port device team_slave_0 added
[  695.009810] team0: Port device team_slave_1 added
[  695.016073] team0: Port device team_slave_1 added
[  695.069429] device hsr_slave_0 entered promiscuous mode
[  695.108127] device hsr_slave_1 entered promiscuous mode
[  695.229291] device hsr_slave_0 entered promiscuous mode
[  695.278023] device hsr_slave_1 entered promiscuous mode
[  695.326254] 8021q: adding VLAN 0 to HW filter on device bond0
[  695.369403] device hsr_slave_0 entered promiscuous mode
[  695.418048] device hsr_slave_1 entered promiscuous mode
[  695.483266] 8021q: adding VLAN 0 to HW filter on device team0
[  695.504832] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  695.512442] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  695.543710] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  695.551725] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  695.559600] bridge0: port 1(bridge_slave_0) entered blocking state
[  695.565939] bridge0: port 1(bridge_slave_0) entered forwarding state
[  695.599067] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  695.606925] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  695.614642] bridge0: port 2(bridge_slave_1) entered blocking state
[  695.620993] bridge0: port 2(bridge_slave_1) entered forwarding state
[  695.652053] 8021q: adding VLAN 0 to HW filter on device bond0
[  695.662106] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  695.670722] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  695.678745] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  695.686405] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  695.694386] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  695.711495] 8021q: adding VLAN 0 to HW filter on device bond0
[  695.732129] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  695.742025] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  695.756747] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  695.764739] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  695.773048] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  695.781432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  695.788806] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  695.795651] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  695.803612] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  695.811847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  695.819924] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  695.829723] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  695.849244] 8021q: adding VLAN 0 to HW filter on device team0
[  695.869033] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  695.876966] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  695.887565] bridge0: port 1(bridge_slave_0) entered blocking state
[  695.893976] bridge0: port 1(bridge_slave_0) entered forwarding state
[  695.901362] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  695.916934] 8021q: adding VLAN 0 to HW filter on device team0
[  695.933778] 8021q: adding VLAN 0 to HW filter on device bond0
[  695.940301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  695.949344] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  695.956871] bridge0: port 2(bridge_slave_1) entered blocking state
[  695.963257] bridge0: port 2(bridge_slave_1) entered forwarding state
[  695.971169] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  695.978168] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  695.984949] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  695.998775] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  696.014654] 8021q: adding VLAN 0 to HW filter on device batadv0
[  696.034891] 8021q: adding VLAN 0 to HW filter on device bond0
[  696.044064] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  696.052760] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  696.063084] bridge0: port 1(bridge_slave_0) entered blocking state
[  696.069490] bridge0: port 1(bridge_slave_0) entered forwarding state
[  696.076610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  696.085469] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  696.093239] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  696.100940] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  696.108858] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  696.116302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  696.123789] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  696.130962] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  696.152690] 8021q: adding VLAN 0 to HW filter on device bond0
[  696.172495] 8021q: adding VLAN 0 to HW filter on device team0
[  696.193007] 8021q: adding VLAN 0 to HW filter on device team0
[  696.203482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  696.218377] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  696.229010] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  696.236652] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  696.243974] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  696.252054] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  696.259640] bridge0: port 2(bridge_slave_1) entered blocking state
[  696.265963] bridge0: port 2(bridge_slave_1) entered forwarding state
[  696.272838] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  696.280544] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  696.287328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  696.297114] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  696.309743] 8021q: adding VLAN 0 to HW filter on device team0
[  696.330897] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  696.340990] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  696.351463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  696.359640] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  696.367131] bridge0: port 1(bridge_slave_0) entered blocking state
[  696.373521] bridge0: port 1(bridge_slave_0) entered forwarding state
[  696.380586] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  696.388750] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  696.396573] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  696.405765] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  696.413719] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  696.421689] bridge0: port 2(bridge_slave_1) entered blocking state
[  696.428091] bridge0: port 2(bridge_slave_1) entered forwarding state
[  696.443244] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  696.481005] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  696.489190] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  696.496122] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  696.504223] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  696.512317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  696.520656] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  696.529518] bridge0: port 1(bridge_slave_0) entered blocking state
[  696.535897] bridge0: port 1(bridge_slave_0) entered forwarding state
[  696.545019] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  696.552836] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  696.560410] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  696.568304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  696.575822] bridge0: port 2(bridge_slave_1) entered blocking state
[  696.582228] bridge0: port 2(bridge_slave_1) entered forwarding state
[  696.589247] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  696.596912] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  696.604549] bridge0: port 1(bridge_slave_0) entered blocking state
[  696.610899] bridge0: port 1(bridge_slave_0) entered forwarding state
[  696.618025] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  696.625698] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  696.633591] bridge0: port 2(bridge_slave_1) entered blocking state
[  696.639973] bridge0: port 2(bridge_slave_1) entered forwarding state
[  696.646736] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  696.654558] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  696.662379] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  696.670436] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  696.678119] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  696.685855] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  696.693640] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  696.702053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  696.709814] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  696.717938] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  696.725035] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  696.732194] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  696.739297] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  696.750760] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  696.763454] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  696.796215] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  696.806592] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  696.823775] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  696.831654] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  696.841737] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  696.850126] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  696.857696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  696.865481] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  696.873241] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  696.880850] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  696.888393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  696.896084] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  696.912140] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  696.922401] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  696.974143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  696.981912] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  696.991940] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  696.999723] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  697.007038] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  697.014863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  697.023056] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  697.048374] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  697.055230] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  697.072306] 8021q: adding VLAN 0 to HW filter on device batadv0
[  697.092829] 8021q: adding VLAN 0 to HW filter on device batadv0
[  697.101611] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  697.112650] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  697.120819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  697.128528] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  697.141165] 8021q: adding VLAN 0 to HW filter on device batadv0
[  697.152926] 8021q: adding VLAN 0 to HW filter on device batadv0
[  697.174261] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  697.194894] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  697.205325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  697.213382] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  697.332594] 8021q: adding VLAN 0 to HW filter on device batadv0
2019/02/27 07:41:18 executed programs: 52
2019/02/27 07:41:23 executed programs: 280
2019/02/27 07:41:28 executed programs: 510
2019/02/27 07:41:34 executed programs: 740
2019/02/27 07:41:39 executed programs: 980
2019/02/27 07:41:44 executed programs: 1217
2019/02/27 07:41:49 executed programs: 1449
2019/02/27 07:41:54 executed programs: 1678
2019/02/27 07:41:59 executed programs: 1910
2019/02/27 07:42:04 executed programs: 2139
2019/02/27 07:42:09 executed programs: 2370
2019/02/27 07:42:14 executed programs: 2608
2019/02/27 07:42:19 executed programs: 2834
2019/02/27 07:42:24 executed programs: 3068
2019/02/27 07:42:29 executed programs: 3299
2019/02/27 07:42:34 executed programs: 3531
2019/02/27 07:42:39 executed programs: 3757
2019/02/27 07:42:44 executed programs: 3986
2019/02/27 07:42:49 executed programs: 4209
2019/02/27 07:42:54 executed programs: 4441
2019/02/27 07:42:59 executed programs: 4673
2019/02/27 07:43:04 executed programs: 4904
2019/02/27 07:43:09 executed programs: 5124
2019/02/27 07:43:14 executed programs: 5357
2019/02/27 07:43:19 executed programs: 5587
2019/02/27 07:43:24 executed programs: 5803
2019/02/27 07:43:29 executed programs: 6026
2019/02/27 07:43:34 executed programs: 6258
2019/02/27 07:43:40 executed programs: 6480
2019/02/27 07:43:45 executed programs: 6707
2019/02/27 07:43:50 executed programs: 6937
2019/02/27 07:43:55 executed programs: 7165
2019/02/27 07:44:00 executed programs: 7393
2019/02/27 07:44:05 executed programs: 7629
2019/02/27 07:44:10 executed programs: 7857
2019/02/27 07:44:15 executed programs: 8085
2019/02/27 07:44:20 executed programs: 8316
2019/02/27 07:44:25 executed programs: 8549
2019/02/27 07:44:30 executed programs: 8767
2019/02/27 07:44:35 executed programs: 9000
2019/02/27 07:44:40 executed programs: 9233
2019/02/27 07:44:45 executed programs: 9470
2019/02/27 07:44:50 executed programs: 9703
2019/02/27 07:44:55 executed programs: 9937
2019/02/27 07:45:00 executed programs: 10160
2019/02/27 07:45:05 executed programs: 10392
2019/02/27 07:45:10 executed programs: 10626
2019/02/27 07:45:15 executed programs: 10851
2019/02/27 07:45:20 executed programs: 11081
2019/02/27 07:45:25 executed programs: 11308
2019/02/27 07:45:30 executed programs: 11531
2019/02/27 07:45:35 executed programs: 11761
2019/02/27 07:45:40 executed programs: 11996
2019/02/27 07:45:45 executed programs: 12226
2019/02/27 07:45:50 executed programs: 12454
2019/02/27 07:45:55 executed programs: 12687
2019/02/27 07:46:00 executed programs: 12913
2019/02/27 07:46:05 executed programs: 13136
2019/02/27 07:46:10 executed programs: 13364
2019/02/27 07:46:15 executed programs: 13600
2019/02/27 07:46:20 executed programs: 13829
2019/02/27 07:46:25 executed programs: 14060
2019/02/27 07:46:30 executed programs: 14282
2019/02/27 07:46:35 executed programs: 14512
2019/02/27 07:46:40 executed programs: 14744
2019/02/27 07:46:45 executed programs: 14972
2019/02/27 07:46:50 executed programs: 15203
2019/02/27 07:46:55 executed programs: 15439
2019/02/27 07:47:01 executed programs: 15670
2019/02/27 07:47:06 executed programs: 15903
2019/02/27 07:47:11 executed programs: 16130
2019/02/27 07:47:16 executed programs: 16361
2019/02/27 07:47:21 executed programs: 16591
2019/02/27 07:47:26 executed programs: 16812
2019/02/27 07:47:31 executed programs: 17041
2019/02/27 07:47:36 executed programs: 17272
2019/02/27 07:47:41 executed programs: 17499
2019/02/27 07:47:46 executed programs: 17727
2019/02/27 07:47:51 executed programs: 17955
2019/02/27 07:47:56 executed programs: 18182
2019/02/27 07:48:01 executed programs: 18419
2019/02/27 07:48:06 executed programs: 18647
2019/02/27 07:48:11 executed programs: 18877
[ 1115.076657] ==================================================================
[ 1115.084403] BUG: KASAN: use-after-free in unix_dgram_poll+0x5e1/0x690
[ 1115.090990] Read of size 4 at addr ffff88809292aae0 by task syz-executor.1/18946
[ 1115.098524] 
[ 1115.100160] CPU: 0 PID: 18946 Comm: syz-executor.1 Not tainted 5.0.0-rc8+ #88
[ 1115.107432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1115.116826] Call Trace:
[ 1115.119481]  dump_stack+0x172/0x1f0
[ 1115.123122]  ? unix_dgram_poll+0x5e1/0x690
[ 1115.127400]  ? aio_setup_rw+0x180/0x180
[ 1115.131420]  print_address_description.cold+0x7c/0x20d
[ 1115.136683]  ? unix_dgram_poll+0x5e1/0x690
[ 1115.140928]  ? unix_dgram_poll+0x5e1/0x690
[ 1115.145166]  ? aio_setup_rw+0x180/0x180
[ 1115.149138]  kasan_report.cold+0x1b/0x40
[ 1115.153207]  ? unix_dgram_poll+0x5e1/0x690
[ 1115.157457]  __asan_report_load4_noabort+0x14/0x20
[ 1115.162401]  unix_dgram_poll+0x5e1/0x690
[ 1115.166450]  ? unix_writable.part.0+0xb0/0xb0
[ 1115.171034]  sock_poll+0x291/0x340
[ 1115.174644]  io_submit_one+0xe3e/0x1cf0
[ 1115.178659]  ? sock_ioctl+0x610/0x610
[ 1115.182459]  ? ioctx_alloc+0x1db0/0x1db0
[ 1115.186568]  ? __might_fault+0x12b/0x1e0
[ 1115.190640]  ? aio_setup_rw+0x180/0x180
[ 1115.194607]  __x64_sys_io_submit+0x1bd/0x580
[ 1115.199003]  ? __x64_sys_io_submit+0x1bd/0x580
[ 1115.203571]  ? __ia32_sys_io_destroy+0x420/0x420
[ 1115.208312]  ? 0xffffffff81000000
[ 1115.211803]  ? do_syscall_64+0x26/0x610
[ 1115.215883]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1115.221353]  ? do_syscall_64+0x26/0x610
[ 1115.225365]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 1115.229953]  do_syscall_64+0x103/0x610
[ 1115.233824]  ? __ia32_sys_io_destroy+0x420/0x420
[ 1115.238566]  ? do_syscall_64+0x103/0x610
[ 1115.242614]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1115.247789] RIP: 0033:0x457e29
[ 1115.250976] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1115.269859] RSP: 002b:00007fd43ca93c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[ 1115.277550] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1115.284800] RDX: 0000000020000600 RSI: 1ffffffffffffd70 RDI: 00007fd43ca73000
[ 1115.292055] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1115.299307] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd43ca946d4
[ 1115.306749] R13: 00000000004bf02f R14: 00000000004d09b0 R15: 00000000ffffffff
[ 1115.314031] 
[ 1115.315683] Allocated by task 18946:
[ 1115.319397]  save_stack+0x45/0xd0
[ 1115.322838]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 1115.327782]  kasan_slab_alloc+0xf/0x20
[ 1115.331656]  kmem_cache_alloc+0x11a/0x6f0
[ 1115.335825]  sk_prot_alloc+0x67/0x2e0
[ 1115.339615]  sk_alloc+0x39/0xf70
[ 1115.342978]  unix_create1+0xc3/0x530
[ 1115.346680]  unix_create+0x103/0x1e0
[ 1115.350377]  __sock_create+0x3e6/0x750
[ 1115.354255]  __sys_socketpair+0x272/0x5e0
[ 1115.358399]  __x64_sys_socketpair+0x97/0xf0
[ 1115.362705]  do_syscall_64+0x103/0x610
[ 1115.366585]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1115.371770] 
[ 1115.373379] Freed by task 18944:
[ 1115.376729]  save_stack+0x45/0xd0
[ 1115.380161]  __kasan_slab_free+0x102/0x150
[ 1115.384376]  kasan_slab_free+0xe/0x10
[ 1115.388173]  kmem_cache_free+0x86/0x260
[ 1115.392142]  __sk_destruct+0x4b6/0x6d0
[ 1115.396124]  sk_destruct+0x7b/0x90
[ 1115.399665]  __sk_free+0xce/0x300
[ 1115.403106]  sk_free+0x42/0x50
[ 1115.406353]  unix_release_sock+0x921/0xbb0
[ 1115.410586]  unix_release+0x44/0x90
[ 1115.414193]  __sock_release+0xd3/0x250
[ 1115.418062]  sock_close+0x1b/0x30
[ 1115.421523]  __fput+0x2df/0x8d0
[ 1115.424807]  ____fput+0x16/0x20
[ 1115.428093]  task_work_run+0x14a/0x1c0
[ 1115.431971]  exit_to_usermode_loop+0x273/0x2c0
[ 1115.436536]  do_syscall_64+0x52d/0x610
[ 1115.440418]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1115.445597] 
[ 1115.447220] The buggy address belongs to the object at ffff88809292a740
[ 1115.447220]  which belongs to the cache UNIX(49:syz1) of size 1728
[ 1115.460129] The buggy address is located 928 bytes inside of
[ 1115.460129]  1728-byte region [ffff88809292a740, ffff88809292ae00)
[ 1115.472064] The buggy address belongs to the page:
[ 1115.476974] page:ffffea00024a4a80 count:1 mapcount:0 mapping:ffff8880920c0800 index:0x0
[ 1115.485097] flags: 0x1fffc0000000200(slab)
[ 1115.489318] raw: 01fffc0000000200 ffffea00028223c8 ffffea0002581248 ffff8880920c0800
[ 1115.497201] raw: 0000000000000000 ffff88809292a000 0000000100000002 ffff8880a9718ec0
[ 1115.505057] page dumped because: kasan: bad access detected
[ 1115.510750] page->mem_cgroup:ffff8880a9718ec0
[ 1115.515219] 
[ 1115.516841] Memory state around the buggy address:
[ 1115.521768]  ffff88809292a980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1115.529106]  ffff88809292aa00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1115.536444] >ffff88809292aa80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1115.543779]                                                        ^
[ 1115.550252]  ffff88809292ab00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1115.557597]  ffff88809292ab80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1115.564943] ==================================================================
[ 1115.572276] Disabling lock debugging due to kernel taint
[ 1115.586505] Kernel panic - not syncing: panic_on_warn set ...
[ 1115.592410] CPU: 1 PID: 18946 Comm: syz-executor.1 Tainted: G    B             5.0.0-rc8+ #88
[ 1115.601047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1115.610379] Call Trace:
[ 1115.612959]  dump_stack+0x172/0x1f0
[ 1115.616569]  ? aio_setup_rw+0x180/0x180
[ 1115.620605]  panic+0x2cb/0x65c
[ 1115.623787]  ? __warn_printk+0xf3/0xf3
[ 1115.627691]  ? unix_dgram_poll+0x5e1/0x690
[ 1115.631917]  ? aio_setup_rw+0x180/0x180
[ 1115.635873]  ? preempt_schedule+0x4b/0x60
[ 1115.640030]  ? ___preempt_schedule+0x16/0x18
[ 1115.644453]  ? trace_hardirqs_on+0x5e/0x230
[ 1115.648762]  ? unix_dgram_poll+0x5e1/0x690
[ 1115.652983]  ? aio_setup_rw+0x180/0x180
[ 1115.656942]  end_report+0x47/0x4f
[ 1115.660378]  ? unix_dgram_poll+0x5e1/0x690
[ 1115.664598]  kasan_report.cold+0xe/0x40
[ 1115.668587]  ? unix_dgram_poll+0x5e1/0x690
[ 1115.672807]  __asan_report_load4_noabort+0x14/0x20
[ 1115.677721]  unix_dgram_poll+0x5e1/0x690
[ 1115.681768]  ? unix_writable.part.0+0xb0/0xb0
[ 1115.686285]  sock_poll+0x291/0x340
[ 1115.689816]  io_submit_one+0xe3e/0x1cf0
[ 1115.693779]  ? sock_ioctl+0x610/0x610
[ 1115.697561]  ? ioctx_alloc+0x1db0/0x1db0
[ 1115.701617]  ? __might_fault+0x12b/0x1e0
[ 1115.705659]  ? aio_setup_rw+0x180/0x180
[ 1115.709620]  __x64_sys_io_submit+0x1bd/0x580
[ 1115.714012]  ? __x64_sys_io_submit+0x1bd/0x580
[ 1115.718577]  ? __ia32_sys_io_destroy+0x420/0x420
[ 1115.723314]  ? 0xffffffff81000000
[ 1115.726762]  ? do_syscall_64+0x26/0x610
[ 1115.730718]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1115.736064]  ? do_syscall_64+0x26/0x610
[ 1115.740019]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 1115.744585]  do_syscall_64+0x103/0x610
[ 1115.748454]  ? __ia32_sys_io_destroy+0x420/0x420
[ 1115.753206]  ? do_syscall_64+0x103/0x610
[ 1115.757294]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1115.762471] RIP: 0033:0x457e29
[ 1115.765655] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1115.784537] RSP: 002b:00007fd43ca93c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[ 1115.792233] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1115.799483] RDX: 0000000020000600 RSI: 1ffffffffffffd70 RDI: 00007fd43ca73000
[ 1115.806735] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1115.813984] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd43ca946d4
[ 1115.821233] R13: 00000000004bf02f R14: 00000000004d09b0 R15: 00000000ffffffff
[ 1115.829523] Kernel Offset: disabled
[ 1115.833141] Rebooting in 86400 seconds..