[   69.044353][   T26] audit: type=1800 audit(1564296090.320:27): pid=10093 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[   69.091685][   T26] audit: type=1800 audit(1564296090.430:28): pid=10093 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   69.754527][   T26] audit: type=1800 audit(1564296091.090:29): pid=10093 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   69.774722][   T26] audit: type=1800 audit(1564296091.090:30): pid=10093 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.253' (ECDSA) to the list of known hosts.
2019/07/28 06:41:42 parsed 1 programs
2019/07/28 06:41:44 executed programs: 0
syzkaller login: [   82.831277][T10270] IPVS: ftp: loaded support on port[0] = 21
[   82.844543][T10271] IPVS: ftp: loaded support on port[0] = 21
[   82.861319][T10274] IPVS: ftp: loaded support on port[0] = 21
[   82.873261][T10275] IPVS: ftp: loaded support on port[0] = 21
[   82.902110][T10278] IPVS: ftp: loaded support on port[0] = 21
[   82.936136][T10279] IPVS: ftp: loaded support on port[0] = 21
[   83.064704][T10270] chnl_net:caif_netlink_parms(): no params data found
[   83.137813][T10270] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.145063][T10270] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.152693][T10270] device bridge_slave_0 entered promiscuous mode
[   83.178621][T10270] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.186455][T10270] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.194010][T10270] device bridge_slave_1 entered promiscuous mode
[   83.241314][T10275] chnl_net:caif_netlink_parms(): no params data found
[   83.257237][T10270] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   83.275066][T10271] chnl_net:caif_netlink_parms(): no params data found
[   83.293792][T10270] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   83.397459][T10271] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.405819][T10271] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.413518][T10271] device bridge_slave_0 entered promiscuous mode
[   83.421780][T10270] team0: Port device team_slave_0 added
[   83.427616][T10271] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.434804][T10271] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.442606][T10271] device bridge_slave_1 entered promiscuous mode
[   83.449425][T10274] chnl_net:caif_netlink_parms(): no params data found
[   83.458463][T10275] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.465779][T10275] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.473593][T10275] device bridge_slave_0 entered promiscuous mode
[   83.483458][T10275] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.491851][T10275] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.499665][T10275] device bridge_slave_1 entered promiscuous mode
[   83.516527][T10270] team0: Port device team_slave_1 added
[   83.570905][T10271] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   83.582129][T10275] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   83.597802][T10278] chnl_net:caif_netlink_parms(): no params data found
[   83.625805][T10271] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   83.646139][T10275] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   83.712624][T10270] device hsr_slave_0 entered promiscuous mode
[   83.751105][T10270] device hsr_slave_1 entered promiscuous mode
[   83.810636][T10274] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.818429][T10274] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.826472][T10274] device bridge_slave_0 entered promiscuous mode
[   83.840005][T10275] team0: Port device team_slave_0 added
[   83.847432][T10279] chnl_net:caif_netlink_parms(): no params data found
[   83.856697][T10271] team0: Port device team_slave_0 added
[   83.864003][T10271] team0: Port device team_slave_1 added
[   83.874492][T10274] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.881923][T10274] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.889387][T10274] device bridge_slave_1 entered promiscuous mode
[   83.897657][T10275] team0: Port device team_slave_1 added
[   83.935862][T10278] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.943125][T10278] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.951118][T10278] device bridge_slave_0 entered promiscuous mode
[   84.034002][T10271] device hsr_slave_0 entered promiscuous mode
[   84.071217][T10271] device hsr_slave_1 entered promiscuous mode
[   84.110857][T10271] debugfs: Directory 'hsr0' with parent '/' already present!
[   84.122338][T10278] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.129393][T10278] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.137596][T10278] device bridge_slave_1 entered promiscuous mode
[   84.154545][T10274] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.183377][T10278] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.194417][T10278] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.203777][T10279] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.212452][T10279] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.219964][T10279] device bridge_slave_0 entered promiscuous mode
[   84.228241][T10274] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.283321][T10275] device hsr_slave_0 entered promiscuous mode
[   84.331005][T10275] device hsr_slave_1 entered promiscuous mode
[   84.370942][T10275] debugfs: Directory 'hsr0' with parent '/' already present!
[   84.385605][T10279] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.392772][T10279] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.400284][T10279] device bridge_slave_1 entered promiscuous mode
[   84.446652][T10279] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.458538][T10274] team0: Port device team_slave_0 added
[   84.474750][T10278] team0: Port device team_slave_0 added
[   84.482792][T10279] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.499492][T10274] team0: Port device team_slave_1 added
[   84.507661][T10278] team0: Port device team_slave_1 added
[   84.528166][T10279] team0: Port device team_slave_0 added
[   84.536988][T10279] team0: Port device team_slave_1 added
[   84.593522][T10279] device hsr_slave_0 entered promiscuous mode
[   84.641184][T10279] device hsr_slave_1 entered promiscuous mode
[   84.680854][T10279] debugfs: Directory 'hsr0' with parent '/' already present!
[   84.701763][T10270] 8021q: adding VLAN 0 to HW filter on device bond0
[   84.773394][T10278] device hsr_slave_0 entered promiscuous mode
[   84.841024][T10278] device hsr_slave_1 entered promiscuous mode
[   84.891056][T10278] debugfs: Directory 'hsr0' with parent '/' already present!
[   84.953488][T10274] device hsr_slave_0 entered promiscuous mode
[   84.991119][T10274] device hsr_slave_1 entered promiscuous mode
[   85.040833][T10274] debugfs: Directory 'hsr0' with parent '/' already present!
[   85.063212][T10270] 8021q: adding VLAN 0 to HW filter on device team0
[   85.079600][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   85.087268][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   85.123561][T10288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   85.132832][T10288] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   85.141772][T10288] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.148798][T10288] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.156437][T10288] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   85.165232][T10288] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   85.173586][T10288] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.180609][T10288] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.188244][T10288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   85.198712][T10288] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   85.206988][T10288] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   85.232202][T10271] 8021q: adding VLAN 0 to HW filter on device bond0
[   85.265606][T10270] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   85.276076][T10270] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   85.303125][T10275] 8021q: adding VLAN 0 to HW filter on device bond0
[   85.310509][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   85.319321][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   85.328066][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   85.336644][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   85.345047][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   85.353332][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   85.362534][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   85.370702][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   85.378879][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   85.391161][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   85.424015][ T2905] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   85.432287][ T2905] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   85.439817][ T2905] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   85.447971][ T2905] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   85.458056][T10275] 8021q: adding VLAN 0 to HW filter on device team0
[   85.476101][T10271] 8021q: adding VLAN 0 to HW filter on device team0
[   85.489665][T10270] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.502633][T10279] 8021q: adding VLAN 0 to HW filter on device bond0
[   85.510195][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   85.518826][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   85.527425][   T22] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.534515][   T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.564678][T10279] 8021q: adding VLAN 0 to HW filter on device team0
[   85.572079][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   85.583853][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   85.592800][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   85.605819][   T22] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.612910][   T22] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.620501][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   85.631046][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   85.639286][   T22] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.646356][   T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.654336][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   85.662928][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   85.671302][   T22] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.678334][   T22] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.685939][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   85.694788][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   85.702518][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   85.710428][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   85.725567][T10274] 8021q: adding VLAN 0 to HW filter on device bond0
[   85.741334][ T2905] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   85.750115][ T2905] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   85.780548][ T2905] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   85.789198][ T2905] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.796319][ T2905] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.803868][ T2905] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   85.812775][ T2905] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   85.821259][ T2905] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.828332][ T2905] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.836051][ T2905] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   85.844543][ T2905] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   85.854734][ T2905] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   85.868690][T10278] 8021q: adding VLAN 0 to HW filter on device bond0
[   85.896140][T10274] 8021q: adding VLAN 0 to HW filter on device team0
[   85.904352][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   85.913575][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   85.923214][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   85.931633][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   85.939949][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   85.948448][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   85.957030][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   85.965343][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   85.973710][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   85.982027][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   85.990190][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   85.998572][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   86.006954][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   86.015216][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   86.023501][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   86.031947][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   86.040163][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   86.048363][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   86.055936][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   86.063594][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   86.072306][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   86.080137][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   86.090999][T10275] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   86.103793][T10279] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   86.123229][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   86.133701][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   86.142287][T10280] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.149352][T10280] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.156936][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   86.165802][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   86.174482][T10280] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.181558][T10280] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.189084][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   86.197608][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   86.206024][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   86.214523][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   86.223522][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   86.231467][T10280] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   86.248456][T10275] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.272989][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   86.283721][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   86.292213][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   86.300403][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   86.309248][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   86.317766][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   86.326692][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   86.335177][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   86.343711][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   86.355927][T10278] 8021q: adding VLAN 0 to HW filter on device team0
[   86.372827][T10271] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   86.382708][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   86.390686][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   86.398910][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   86.407865][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   86.423202][T10279] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.445525][T10274] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   86.456375][T10274] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   86.474119][ T2905] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   86.490136][ T2905] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   86.498738][ T2905] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   86.508280][ T2905] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   86.516637][ T2905] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   86.525239][ T2905] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   86.534382][ T2905] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.541499][ T2905] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.549022][ T2905] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   86.557804][ T2905] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   86.566339][ T2905] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.573412][ T2905] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.581053][ T2905] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   86.589797][ T2905] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   86.597641][ T2905] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   86.622068][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   86.630498][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   86.640282][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   86.649084][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   86.657728][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   86.666123][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   86.674548][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   86.687739][T10271] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.697016][T10288] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   86.714486][T10278] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   86.726889][T10278] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   86.732025][T10270] BUG: Bad rss-counter state mm:000000003951f91e idx:0 val:241
[   86.738572][T10288] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   86.741764][T10270] BUG: Bad rss-counter state mm:000000003951f91e idx:1 val:544
[   86.751273][T10288] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   86.757305][T10270] BUG: non-zero pgtables_bytes on freeing mm: 73728
[   86.776189][T10274] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.783087][T10294] ==================================================================
[   86.791186][T10294] BUG: KASAN: use-after-free in exit_mmap+0xb2/0x530
[   86.791198][T10294] Read of size 8 at addr ffff8880a8cfeee8 by task syz-executor.0/10294
[   86.791201][T10294] 
[   86.791215][T10294] CPU: 1 PID: 10294 Comm: syz-executor.0 Not tainted 5.3.0-rc1+ #105
[   86.791222][T10294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   86.791226][T10294] Call Trace:
[   86.791244][T10294]  dump_stack+0x172/0x1f0
[   86.791255][T10294]  ? exit_mmap+0xb2/0x530
[   86.791272][T10294]  print_address_description.cold+0xd4/0x306
[   86.791282][T10294]  ? exit_mmap+0xb2/0x530
[   86.791292][T10294]  ? exit_mmap+0xb2/0x530
[   86.791306][T10294]  __kasan_report.cold+0x1b/0x36
[   86.791320][T10294]  ? synchronize_srcu+0x1d0/0x3e8
[   86.791329][T10294]  ? exit_mmap+0xb2/0x530
[   86.791342][T10294]  kasan_report+0x12/0x17
[   86.791356][T10294]  check_memory_region+0x134/0x1a0
[   86.791368][T10294]  __kasan_check_read+0x11/0x20
[   86.791377][T10294]  exit_mmap+0xb2/0x530
[   86.791389][T10294]  ? __ia32_sys_munmap+0x80/0x80
[   86.791404][T10294]  ? trace_hardirqs_on+0x67/0x240
[   86.791419][T10294]  ? __khugepaged_exit+0x2eb/0x410
[   86.791437][T10294]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   86.791449][T10294]  ? __khugepaged_exit+0xcf/0x410
[   86.791465][T10294]  mmput+0x179/0x4d0
[   86.791479][T10294]  do_exit+0x84e/0x2eb0
[   86.791492][T10294]  ? task_work_run+0x118/0x1c0
[   86.791504][T10294]  ? __kasan_check_read+0x11/0x20
[   86.791520][T10294]  ? mm_update_next_owner+0x640/0x640
[   86.791534][T10294]  ? __kasan_check_write+0x14/0x20
[   86.791550][T10294]  ? lock_downgrade+0x920/0x920
[   86.791563][T10294]  ? rwlock_bug.part.0+0x90/0x90
[   86.791577][T10294]  ? get_signal+0x20e/0x2500
[   86.791592][T10294]  do_group_exit+0x135/0x360
[   86.791607][T10294]  get_signal+0x47c/0x2500
[   86.791625][T10294]  ? do_vfs_ioctl+0x120/0x13e0
[   86.791640][T10294]  do_signal+0x87/0x1700
[   86.791652][T10294]  ? __fget+0x384/0x560
[   86.791668][T10294]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   86.791681][T10294]  ? setup_sigcontext+0x7d0/0x7d0
[   86.791696][T10294]  ? kick_process+0xef/0x180
[   86.791714][T10294]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   86.791728][T10294]  ? fput_many+0x12c/0x1a0
[   86.791740][T10294]  ? trace_hardirqs_on+0x67/0x240
[   86.791758][T10294]  exit_to_usermode_loop+0x286/0x380
[   86.791774][T10294]  do_syscall_64+0x5a9/0x6a0
[   86.791790][T10294]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   86.791800][T10294] RIP: 0033:0x459829
[   86.791815][T10294] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[   86.791822][T10294] RSP: 002b:00007f1743994c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   86.791834][T10294] RAX: ffffffffffffffea RBX: 0000000000000003 RCX: 0000000000459829
[   86.791849][T10294] RDX: 0000000020000180 RSI: 000000004008af10 RDI: 0000000000000003
[   86.819885][T10278] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.827231][T10294] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000
[   86.827239][T10294] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f17439956d4
[   86.827246][T10294] R13: 00000000004c48f4 R14: 00000000004d8b10 R15: 00000000ffffffff
[   86.827258][T10294] 
[   86.827265][T10294] Allocated by task 10270:
[   86.827283][T10294]  save_stack+0x23/0x90
[   86.827295][T10294]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[   86.827306][T10294]  kasan_slab_alloc+0xf/0x20
[   86.827315][T10294]  kmem_cache_alloc+0x121/0x710
[   86.827326][T10294]  dup_mm+0x8a/0x1430
[   86.827337][T10294]  copy_process+0x28b7/0x6b00
[   86.827348][T10294]  _do_fork+0x146/0xfa0
[   86.827360][T10294]  __x64_sys_clone+0x18d/0x250
[   86.827373][T10294]  do_syscall_64+0xfd/0x6a0
[   86.827385][T10294]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   86.827388][T10294] 
[   86.827393][T10294] Freed by task 10270:
[   86.827404][T10294]  save_stack+0x23/0x90
[   86.827414][T10294]  __kasan_slab_free+0x102/0x150
[   86.827425][T10294]  kasan_slab_free+0xe/0x10
[   86.827436][T10294]  kmem_cache_free+0x86/0x320
[   86.827447][T10294]  __mmdrop+0x238/0x320
[   86.827461][T10294]  finish_task_switch+0x457/0x720
[   86.827473][T10294]  __schedule+0x75d/0x1580
[   86.827483][T10294]  schedule+0xa8/0x270
[   86.827495][T10294]  do_nanosleep+0x201/0x6a0
[   86.827510][T10294]  hrtimer_nanosleep+0x2a6/0x570
[   86.827522][T10294]  __x64_sys_nanosleep+0x1a6/0x220
[   86.827542][T10294]  do_syscall_64+0xfd/0x6a0
[   86.839461][T10294]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   86.839465][T10294] 
[   86.839475][T10294] The buggy address belongs to the object at ffff8880a8cfea00
[   86.839475][T10294]  which belongs to the cache mm_struct of size 1496
[   86.839494][T10294] The buggy address is located 1256 bytes inside of
[   86.839494][T10294]  1496-byte region [ffff8880a8cfea00, ffff8880a8cfefd8)
[   87.253445][T10294] The buggy address belongs to the page:
[   87.259087][T10294] page:ffffea0002a33f80 refcount:1 mapcount:0 mapping:ffff88821bc42c40 index:0xffff8880a8cfe380 compound_mapcount: 0
[   87.271323][T10294] flags: 0x1fffc0000010200(slab|head)
[   87.276697][T10294] raw: 01fffc0000010200 ffffea00023ac188 ffffea0002689908 ffff88821bc42c40
[   87.285283][T10294] raw: ffff8880a8cfe380 ffff8880a8cfe380 0000000100000001 0000000000000000
[   87.293858][T10294] page dumped because: kasan: bad access detected
[   87.300261][T10294] 
[   87.302581][T10294] Memory state around the buggy address:
[   87.308226][T10294]  ffff8880a8cfed80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   87.316290][T10294]  ffff8880a8cfee00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   87.324352][T10294] >ffff8880a8cfee80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   87.332409][T10294]                                                           ^
[   87.339867][T10294]  ffff8880a8cfef00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   87.347933][T10294]  ffff8880a8cfef80: fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc
[   87.355990][T10294] ==================================================================
[   87.459743][T10294] Kernel panic - not syncing: panic_on_warn set ...
[   87.466471][T10294] CPU: 1 PID: 10294 Comm: syz-executor.0 Tainted: G    B             5.3.0-rc1+ #105
[   87.476008][T10294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   87.486068][T10294] Call Trace:
[   87.489370][T10294]  dump_stack+0x172/0x1f0
[   87.493741][T10294]  panic+0x2dc/0x755
[   87.497694][T10294]  ? add_taint.cold+0x16/0x16
[   87.502377][T10294]  ? exit_mmap+0xb2/0x530
[   87.506756][T10294]  ? preempt_schedule+0x4b/0x60
[   87.511633][T10294]  ? ___preempt_schedule+0x16/0x20
[   87.516754][T10294]  ? trace_hardirqs_on+0x5e/0x240
[   87.521756][ T3906] kobject: 'loop5' (0000000042743bff): kobject_uevent_env
[   87.521796][T10294]  ? exit_mmap+0xb2/0x530
[   87.528922][ T3906] kobject: 'loop5' (0000000042743bff): fill_kobj_path: path = '/devices/virtual/block/loop5'
[   87.533224][T10294]  end_report+0x47/0x4f
[   87.533236][T10294]  ? exit_mmap+0xb2/0x530
[   87.533248][T10294]  __kasan_report.cold+0xe/0x36
[   87.533262][T10294]  ? synchronize_srcu+0x1d0/0x3e8
[   87.533271][T10294]  ? exit_mmap+0xb2/0x530
[   87.533284][T10294]  kasan_report+0x12/0x17
[   87.533298][T10294]  check_memory_region+0x134/0x1a0
[   87.533311][T10294]  __kasan_check_read+0x11/0x20
[   87.533322][T10294]  exit_mmap+0xb2/0x530
[   87.533341][T10294]  ? __ia32_sys_munmap+0x80/0x80
[   87.552455][ T3906] kobject: 'loop2' (00000000305bec2f): kobject_uevent_env
[   87.556801][T10294]  ? trace_hardirqs_on+0x67/0x240
[   87.556819][T10294]  ? __khugepaged_exit+0x2eb/0x410
[   87.556838][T10294]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   87.556857][T10294]  ? __khugepaged_exit+0xcf/0x410
[   87.565333][ T3906] kobject: 'loop2' (00000000305bec2f): fill_kobj_path: path = '/devices/virtual/block/loop2'
[   87.566212][T10294]  mmput+0x179/0x4d0
[   87.632177][T10294]  do_exit+0x84e/0x2eb0
[   87.636335][T10294]  ? task_work_run+0x118/0x1c0
[   87.641111][T10294]  ? __kasan_check_read+0x11/0x20
[   87.646136][T10294]  ? mm_update_next_owner+0x640/0x640
[   87.651516][T10294]  ? __kasan_check_write+0x14/0x20
[   87.656624][T10294]  ? lock_downgrade+0x920/0x920
[   87.661471][T10294]  ? rwlock_bug.part.0+0x90/0x90
[   87.666410][T10294]  ? get_signal+0x20e/0x2500
[   87.671010][T10294]  do_group_exit+0x135/0x360
[   87.675600][T10294]  get_signal+0x47c/0x2500
[   87.680025][T10294]  ? do_vfs_ioctl+0x120/0x13e0
[   87.684791][T10294]  do_signal+0x87/0x1700
[   87.689115][T10294]  ? __fget+0x384/0x560
[   87.693276][T10294]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   87.699517][T10294]  ? setup_sigcontext+0x7d0/0x7d0
[   87.704542][T10294]  ? kick_process+0xef/0x180
[   87.709141][T10294]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   87.715396][T10294]  ? fput_many+0x12c/0x1a0
[   87.719815][T10294]  ? trace_hardirqs_on+0x67/0x240
[   87.724847][T10294]  exit_to_usermode_loop+0x286/0x380
[   87.730140][T10294]  do_syscall_64+0x5a9/0x6a0
[   87.734744][T10294]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   87.740645][T10294] RIP: 0033:0x459829
[   87.744545][T10294] Code: Bad RIP value.
[   87.748606][T10294] RSP: 002b:00007f1743994c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   87.757015][T10294] RAX: ffffffffffffffea RBX: 0000000000000003 RCX: 0000000000459829
[   87.764997][T10294] RDX: 0000000020000180 RSI: 000000004008af10 RDI: 0000000000000003
[   87.772968][T10294] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000
[   87.780939][T10294] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f17439956d4
[   87.788912][T10294] R13: 00000000004c48f4 R14: 00000000004d8b10 R15: 00000000ffffffff
[   87.798008][T10294] Kernel Offset: disabled
[   87.802387][T10294] Rebooting in 86400 seconds..