[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   37.188466][   T26] audit: type=1800 audit(1572106683.780:25): pid=7155 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2447 res=0
[   37.224431][   T26] audit: type=1800 audit(1572106683.780:26): pid=7155 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0
[   37.249941][   T26] audit: type=1800 audit(1572106683.780:27): pid=7155 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2469 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.1.45' (ECDSA) to the list of known hosts.
2019/10/26 16:18:12 fuzzer started
2019/10/26 16:18:14 dialing manager at 10.128.0.105:33655
2019/10/26 16:18:14 syscalls: 2533
2019/10/26 16:18:14 code coverage: enabled
2019/10/26 16:18:14 comparison tracing: enabled
2019/10/26 16:18:14 extra coverage: extra coverage is not supported by the kernel
2019/10/26 16:18:14 setuid sandbox: enabled
2019/10/26 16:18:14 namespace sandbox: enabled
2019/10/26 16:18:14 Android sandbox: /sys/fs/selinux/policy does not exist
2019/10/26 16:18:14 fault injection: enabled
2019/10/26 16:18:14 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/10/26 16:18:14 net packet injection: enabled
2019/10/26 16:18:14 net device setup: enabled
2019/10/26 16:18:14 concurrency sanitizer: enabled
syzkaller login: [   63.814538][ T7320] KCSAN: could not find function: 'poll_schedule_timeout'
2019/10/26 16:18:36 adding functions to KCSAN blacklist: 'wbt_done' '__alloc_file' 'snd_seq_prioq_cell_out' 'shmem_file_read_iter' 'ext4_has_free_clusters' 'run_timer_softirq' 'add_timer' 'common_perm_cond' 'wbt_issue' 'fsnotify' 'timer_clear_idle' 'tomoyo_supervisor' 'pipe_poll' '__nf_ct_refresh_acct' 'ipip_tunnel_xmit' 'blk_mq_sched_dispatch_requests' 'mm_update_next_owner' 'shmem_getpage_gfp' 'rcu_gp_fqs_loop' 'datagram_poll' 'pcpu_alloc' 'watchdog' 'ext4_da_write_end' 'do_nanosleep' 'echo_char' '__add_to_page_cache_locked' 'ext4_mb_good_group' 'generic_fillattr' 'dccp_rcv_close' 'sk_wait_data' '__ext4_new_inode' 'update_defense_level' 'ktime_get_seconds' '__snd_rawmidi_transmit_ack' 'do_exit' 'icmp_global_allow' 'osq_lock' 'process_srcu' 'vm_area_dup' 'ext4_free_inodes_count' 'blk_mq_dispatch_rq_list' 'batadv_tt_local_add' 'generic_write_end' 'commit_echoes' 'snapshot_refaults' 'pid_update_inode' 'tcp_poll' 'mod_timer' 'copy_process' 'fib6_ifup' 'filemap_map_pages' 'do_syslog' 'tcp_add_backlog' '__delete_from_page_cache' 'p9_poll_workfn' 'sit_tunnel_xmit' 'vti_tunnel_xmit' 'xas_clear_mark' 'ext4_mark_iloc_dirty' 'find_next_bit' '__nf_conntrack_find_get' 'poll_schedule_timeout' 'futex_wait_queue_me' 'list_lru_add' 'dd_has_work' 'ext4_ext_insert_extent' 'xas_find_marked' 'tcp_sendmsg_locked' 'generic_permission' 'tick_sched_do_timer' 'tick_nohz_idle_stop_tick' '__skb_try_recv_from_queue' 'blk_mq_get_request' 'virtnet_poll_tx' 'mem_cgroup_select_victim_node' '__hrtimer_run_queues' 'tick_do_update_jiffies64' 'task_dump_owner' 'ep_poll' 'kvm_arch_vcpu_load' 'ext4_free_inode' 'ext4_nonda_switch' 'inet_putpeer' 'audit_log_start' '__skb_recv_udp' 'rcu_gp_fqs_check_wake' 'taskstats_exit' 'get_task_cred' 'queue_access_lock' 'find_get_pages_range_tag' 'fprop_fraction_percpu' 'ktime_get_real_seconds' 
16:22:23 executing program 0:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
creat(&(0x7f0000000180)='./file0\x00', 0x0)

[  297.362311][ T7324] IPVS: ftp: loaded support on port[0] = 21
16:22:24 executing program 1:
r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
fsetxattr$security_selinux(r0, &(0x7f0000000440)='security.selinux\x00', &(0x7f0000000480)='system_u:object_r:login_exec_t:s0\x00', 0x22, 0x0)

[  297.472944][ T7324] chnl_net:caif_netlink_parms(): no params data found
[  297.562350][ T7324] bridge0: port 1(bridge_slave_0) entered blocking state
[  297.569548][ T7324] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.577703][ T7324] device bridge_slave_0 entered promiscuous mode
[  297.602071][ T7324] bridge0: port 2(bridge_slave_1) entered blocking state
[  297.609201][ T7324] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.617232][ T7324] device bridge_slave_1 entered promiscuous mode
[  297.653433][ T7327] IPVS: ftp: loaded support on port[0] = 21
[  297.662164][ T7324] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  297.678594][ T7324] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
16:22:24 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000800)={[{@fat=@codepage={'codepage', 0x3d, '1251'}}]})

[  297.725281][ T7324] team0: Port device team_slave_0 added
[  297.751586][ T7324] team0: Port device team_slave_1 added
[  297.843679][ T7324] device hsr_slave_0 entered promiscuous mode
[  297.881085][ T7324] device hsr_slave_1 entered promiscuous mode
[  297.999787][ T7329] IPVS: ftp: loaded support on port[0] = 21
[  298.042432][ T7327] chnl_net:caif_netlink_parms(): no params data found
[  298.109503][ T7324] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.116816][ T7324] bridge0: port 2(bridge_slave_1) entered forwarding state
[  298.124214][ T7324] bridge0: port 1(bridge_slave_0) entered blocking state
[  298.131308][ T7324] bridge0: port 1(bridge_slave_0) entered forwarding state
[  298.298338][ T7327] bridge0: port 1(bridge_slave_0) entered blocking state
16:22:24 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)
sched_setattr(0x0, &(0x7f0000000140)={0x30}, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc420000000056b5000000000800000000080008000100000008020500ac14341b080003000800050f01"], 0x1}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SET_MCE(0xffffffffffffffff, 0x4040ae9e, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x18})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000010000/0x1000)=nil})
ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0x801c581f, &(0x7f0000000000)={0xffffffffffffc14e, 0x0, 0x6})
syz_open_dev$amidi(0x0, 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f00000001c0)=0x1)
sendto$isdn(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x22, 0x0, 0x33, 0x3}, 0x6)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  298.340744][ T7327] bridge0: port 1(bridge_slave_0) entered disabled state
[  298.348956][ T7327] device bridge_slave_0 entered promiscuous mode
[  298.392389][ T7327] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.430805][ T7327] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.438910][ T7327] device bridge_slave_1 entered promiscuous mode
[  298.586202][ T3500] bridge0: port 1(bridge_slave_0) entered disabled state
[  298.622282][ T3500] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.681591][ T7324] 8021q: adding VLAN 0 to HW filter on device bond0
[  298.690404][ T7327] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  298.770904][ T7324] 8021q: adding VLAN 0 to HW filter on device team0
[  298.779463][ T7327] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  298.822676][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  298.831383][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  298.931457][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  298.951769][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  298.993553][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  299.000739][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  299.041445][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  299.072939][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  299.101577][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  299.108834][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  299.161646][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  299.197584][ T7329] chnl_net:caif_netlink_parms(): no params data found
[  299.233124][ T7327] team0: Port device team_slave_0 added
[  299.239942][ T7357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  299.273797][ T7357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  299.301804][ T7357] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  299.333566][ T7357] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  299.369106][ T7360] IPVS: ftp: loaded support on port[0] = 21
[  299.377463][ T7327] team0: Port device team_slave_1 added
[  299.392056][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  299.424047][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  299.444769][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  299.491762][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  299.523725][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
16:22:26 executing program 4:
prlimit64(0x0, 0x0, &(0x7f0000000140), &(0x7f0000000180))

[  299.544281][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  299.620095][ T7324] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  299.783900][ T7327] device hsr_slave_0 entered promiscuous mode
[  299.821185][ T7327] device hsr_slave_1 entered promiscuous mode
[  299.860811][ T7327] debugfs: Directory 'hsr0' with parent '/' already present!
[  299.883495][ T7329] bridge0: port 1(bridge_slave_0) entered blocking state
[  299.901771][ T7329] bridge0: port 1(bridge_slave_0) entered disabled state
[  299.949376][ T7329] device bridge_slave_0 entered promiscuous mode
[  299.966179][ T7329] bridge0: port 2(bridge_slave_1) entered blocking state
[  300.020741][ T7329] bridge0: port 2(bridge_slave_1) entered disabled state
[  300.054900][ T7329] device bridge_slave_1 entered promiscuous mode
[  300.124263][ T7324] 8021q: adding VLAN 0 to HW filter on device batadv0
[  300.211788][ T7366] IPVS: ftp: loaded support on port[0] = 21
[  300.222871][ T7329] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  300.312322][ T7329] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  300.492225][ T7329] team0: Port device team_slave_0 added
[  300.545873][ T7329] team0: Port device team_slave_1 added
[  300.684464][ T7329] device hsr_slave_0 entered promiscuous mode
[  300.741186][ T7329] device hsr_slave_1 entered promiscuous mode
[  300.780833][ T7329] debugfs: Directory 'hsr0' with parent '/' already present!
[  300.802940][ T7360] chnl_net:caif_netlink_parms(): no params data found
[  301.139739][ T7327] 8021q: adding VLAN 0 to HW filter on device bond0
16:22:27 executing program 5:
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
ftruncate(r0, 0x8200)
open(&(0x7f000000fffa)='./bus\x00', 0x0, 0x0)

[  301.201568][ T7360] bridge0: port 1(bridge_slave_0) entered blocking state
[  301.209715][ T7360] bridge0: port 1(bridge_slave_0) entered disabled state
16:22:27 executing program 0:
r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dlm-monitor\x00', 0x55f800, 0x0)
perf_event_open(0x0, 0x0, 0x0, r0, 0x5)
perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
epoll_create1(0x0)
getpid()
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
write$cgroup_type(r1, &(0x7f0000000200)='threaded\x04', 0xbfe00)
ioctl$SIOCX25SSUBSCRIP(r1, 0x89e1, &(0x7f0000000480)={'irlan0\x00', 0x5, 0x87})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/.yz1\'', 0x1ff)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00'})
socket$kcm(0x29, 0x0, 0x0)
ioctl$TUNSETVNETHDRSZ(0xffffffffffffffff, 0x400454d8, &(0x7f0000000200)=0xa7)
r2 = socket$kcm(0xa, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x3}, 0xfffffffffffffe40)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000))
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r3, 0x0, 0x3, &(0x7f00000013c0)={'filter\x00', 0x4}, 0x68)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
r6 = syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
ioctl(r6, 0x40084146, &(0x7f0000000000))
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000000c0)={<r7=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r6, &(0x7f00000001c0)={0x7, 0x8, 0xfa00, {r7, 0x10000}}, 0x10)
ioctl(r5, 0x40084146, &(0x7f0000000000))
ioctl$RTC_VL_READ(r5, 0x80047013, &(0x7f0000000080))
r8 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r8, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x2, 0x13012, r8, 0x0)

[  301.289741][ T7360] device bridge_slave_0 entered promiscuous mode
[  301.375585][ T7360] bridge0: port 2(bridge_slave_1) entered blocking state
[  301.450801][ T7360] bridge0: port 2(bridge_slave_1) entered disabled state
[  301.514046][ T7360] device bridge_slave_1 entered promiscuous mode
[  301.593889][    C0] hrtimer: interrupt took 34150 ns
[  301.644331][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  301.681446][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  301.740567][ T7360] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  301.820836][ T7366] chnl_net:caif_netlink_parms(): no params data found
[  301.839056][ T7426] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  301.902200][ T7327] 8021q: adding VLAN 0 to HW filter on device team0
[  301.951249][ T7360] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  302.130746][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  302.137831][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  302.249040][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  302.311618][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  302.371426][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  302.379042][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
16:22:29 executing program 0:

[  302.452567][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  302.525453][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  302.581346][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  302.589000][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  302.671509][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
16:22:29 executing program 0:

[  302.769878][ T7434] IPVS: ftp: loaded support on port[0] = 21
[  302.785395][ T7327] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  302.900768][ T7327] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  302.996384][ T7360] team0: Port device team_slave_0 added
[  303.022168][ T7360] team0: Port device team_slave_1 added
[  303.031386][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  303.062263][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  303.102057][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  303.132078][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  303.171459][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  303.180476][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
16:22:29 executing program 0:

[  303.282370][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  303.350942][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  303.431850][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  303.466462][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  303.574729][ T7329] 8021q: adding VLAN 0 to HW filter on device bond0
[  303.606889][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
16:22:30 executing program 0:

[  303.645359][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  303.706992][ T7327] 8021q: adding VLAN 0 to HW filter on device batadv0
[  303.741498][ T7366] bridge0: port 1(bridge_slave_0) entered blocking state
[  303.748605][ T7366] bridge0: port 1(bridge_slave_0) entered disabled state
[  303.821804][ T7366] device bridge_slave_0 entered promiscuous mode
[  303.910808][ T7329] 8021q: adding VLAN 0 to HW filter on device team0
[  303.919303][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  303.933873][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  303.980251][ T7366] bridge0: port 2(bridge_slave_1) entered blocking state
[  304.005997][ T7366] bridge0: port 2(bridge_slave_1) entered disabled state
[  304.056512][ T7366] device bridge_slave_1 entered promiscuous mode
16:22:30 executing program 0:

[  304.148967][ T7360] device hsr_slave_0 entered promiscuous mode
[  304.231317][ T7360] device hsr_slave_1 entered promiscuous mode
[  304.290767][ T7360] debugfs: Directory 'hsr0' with parent '/' already present!
[  304.362801][ T7350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  304.380288][ T7350] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  304.415453][ T7350] bridge0: port 1(bridge_slave_0) entered blocking state
[  304.422940][ T7350] bridge0: port 1(bridge_slave_0) entered forwarding state
16:22:31 executing program 0:

[  304.461537][ T7350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  304.501499][ T7350] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  304.541199][ T7350] bridge0: port 2(bridge_slave_1) entered blocking state
[  304.548886][ T7350] bridge0: port 2(bridge_slave_1) entered forwarding state
[  304.601395][ T7350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  304.648126][ T7350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  304.745561][ T7366] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  304.826083][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  304.863883][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  304.930641][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  304.983757][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  305.022887][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
16:22:31 executing program 1:

[  305.116472][ T7366] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  305.150109][ T2405] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  305.172164][ T2405] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  305.211585][ T2405] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  305.237898][ T2405] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  305.269165][ T2405] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  305.309232][ T7329] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  305.425382][ T7329] 8021q: adding VLAN 0 to HW filter on device batadv0
[  305.511860][ T7366] team0: Port device team_slave_0 added
[  305.538699][ T7434] chnl_net:caif_netlink_parms(): no params data found
[  305.592280][ T7366] team0: Port device team_slave_1 added
[  305.661338][ T7360] 8021q: adding VLAN 0 to HW filter on device bond0
[  305.749024][ T7366] device hsr_slave_0 entered promiscuous mode
[  305.812396][ T7366] device hsr_slave_1 entered promiscuous mode
[  305.850930][ T7366] debugfs: Directory 'hsr0' with parent '/' already present!
[  305.877544][ T7360] 8021q: adding VLAN 0 to HW filter on device team0
[  305.946842][ T2405] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  305.965611][ T2405] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  306.041354][ T2405] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  306.057347][ T2405] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  306.102074][ T2405] bridge0: port 1(bridge_slave_0) entered blocking state
[  306.109255][ T2405] bridge0: port 1(bridge_slave_0) entered forwarding state
[  306.150963][ T7504] FAT-fs (loop2): bogus number of reserved sectors
[  306.177515][ T2405] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  306.211279][ T7504] FAT-fs (loop2): Can't find a valid FAT filesystem
[  306.223814][ T2405] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  306.259667][ T2405] bridge0: port 2(bridge_slave_1) entered blocking state
[  306.266856][ T2405] bridge0: port 2(bridge_slave_1) entered forwarding state
[  306.321172][ T2405] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  306.395685][ T7459] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  306.414639][ T7459] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  306.460263][ T7459] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  306.497327][ T7459] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  306.550367][ T7459] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  306.604538][ T7459] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  306.645427][ T7459] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  306.678741][ T7459] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  306.716146][ T7434] bridge0: port 1(bridge_slave_0) entered blocking state
[  306.730042][ T7434] bridge0: port 1(bridge_slave_0) entered disabled state
[  306.763128][ T7434] device bridge_slave_0 entered promiscuous mode
[  306.813512][ T7360] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  306.886499][ T7360] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  306.941547][ T7350] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  306.965991][ T7350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  307.018481][ T7350] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  307.095609][ T7434] bridge0: port 2(bridge_slave_1) entered blocking state
[  307.123042][ T7434] bridge0: port 2(bridge_slave_1) entered disabled state
[  307.163914][ T7434] device bridge_slave_1 entered promiscuous mode
[  307.265086][ T7360] 8021q: adding VLAN 0 to HW filter on device batadv0
[  307.337366][ T7434] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  307.378807][ T7434] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  307.426895][ T7366] 8021q: adding VLAN 0 to HW filter on device bond0
[  307.517296][ T7350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  307.536970][ T7350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  307.580285][ T7366] 8021q: adding VLAN 0 to HW filter on device team0
[  307.589586][ T7434] team0: Port device team_slave_0 added
[  307.621178][ T7434] team0: Port device team_slave_1 added
[  307.628545][ T7350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  307.666494][ T7350] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  307.685992][ T7350] bridge0: port 1(bridge_slave_0) entered blocking state
[  307.693167][ T7350] bridge0: port 1(bridge_slave_0) entered forwarding state
[  307.794926][ T2405] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  307.812904][ T2405] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  307.838148][ T2405] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  307.868253][ T2405] bridge0: port 2(bridge_slave_1) entered blocking state
[  307.875401][ T2405] bridge0: port 2(bridge_slave_1) entered forwarding state
[  307.906459][ T2405] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  307.927040][ T2405] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
16:22:34 executing program 2:

[  308.013903][ T7434] device hsr_slave_0 entered promiscuous mode
[  308.045762][ T7434] device hsr_slave_1 entered promiscuous mode
[  308.106222][ T7434] debugfs: Directory 'hsr0' with parent '/' already present!
[  308.166403][ T7350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  308.175543][ T7350] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  308.213285][ T7350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  308.249036][ T7350] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  308.266960][ T7350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  308.293024][ T7350] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  308.314555][ T7350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  308.369397][ T7350] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  308.421138][ T7366] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  308.513601][ T7459] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  308.592626][ T7366] 8021q: adding VLAN 0 to HW filter on device batadv0
[  309.138971][ T7360] ==================================================================
[  309.147743][ T7360] BUG: KCSAN: data-race in get_task_mm / ns_capable_common
[  309.155090][ T7360] 
[  309.155098][ T7434] 8021q: adding VLAN 0 to HW filter on device bond0
[  309.164137][ T7360] read to 0xffff8880adba3124 of 4 bytes by task 7516 on cpu 1:
[  309.172154][ T7360]  get_task_mm+0x4f/0xa0
[  309.176674][ T7360]  do_task_stat+0xe2/0x1370
[  309.181512][ T7360]  proc_tgid_stat+0x3d/0x60
[  309.186418][ T7360]  proc_single_show+0x89/0xe0
[  309.192078][ T7360]  seq_read+0x350/0x960
[  309.196405][ T7360]  __vfs_read+0x67/0xc0
[  309.200726][ T7360]  vfs_read+0x143/0x2c0
[  309.204892][ T7360]  ksys_read+0xd5/0x1b0
[  309.207917][ T7459] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  309.209269][ T7360]  __x64_sys_read+0x4c/0x60
[  309.221605][ T7360]  do_syscall_64+0xcc/0x370
[  309.226394][ T7360]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  309.232369][ T7360] 
[  309.234708][ T7360] write to 0xffff8880adba3124 of 4 bytes by task 7360 on cpu 0:
[  309.247176][ T7360]  ns_capable_common+0x9f/0xc0
[  309.252912][ T7360]  ns_capable+0x29/0x40
[  309.257626][ T7360]  do_ip6t_set_ctl+0x65/0x311
[  309.262499][ T7360]  nf_setsockopt+0x6e/0xb0
[  309.267257][ T7360]  ipv6_setsockopt+0x119/0x130
[  309.272031][ T7360]  tcp_setsockopt+0x7c/0xc0
[  309.274246][ T7459] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  309.276726][ T7360]  sock_common_setsockopt+0x67/0x90
[  309.291076][ T7360]  __sys_setsockopt+0x1ce/0x370
[  309.299484][ T7360]  __x64_sys_setsockopt+0x70/0x90
[  309.304861][ T7360]  do_syscall_64+0xcc/0x370
[  309.310123][ T7360]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  309.318760][ T7360] 
[  309.321777][ T7360] Reported by Kernel Concurrency Sanitizer on:
[  309.331998][ T7360] CPU: 0 PID: 7360 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  309.342391][ T7360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  309.354135][ T7360] ==================================================================
[  309.362452][ T7360] Kernel panic - not syncing: panic_on_warn set ...
[  309.372474][ T7360] CPU: 0 PID: 7360 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  309.382673][ T7360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  309.390220][ T7434] 8021q: adding VLAN 0 to HW filter on device team0
[  309.396096][ T7360] Call Trace:
[  309.396124][ T7360]  dump_stack+0xf5/0x159
[  309.396256][ T7360]  panic+0x210/0x640
[  309.396277][ T7360]  ? __x64_sys_setsockopt+0x70/0x90
[  309.396292][ T7360]  ? vprintk_func+0x8d/0x140
[  309.396308][ T7360]  kcsan_report.cold+0xc/0x10
[  309.396324][ T7360]  __kcsan_setup_watchpoint+0x32e/0x4a0
[  309.396342][ T7360]  __tsan_write4+0x32/0x40
[  309.396364][ T7360]  ns_capable_common+0x9f/0xc0
[  309.396390][ T7360]  ns_capable+0x29/0x40
[  309.458496][ T7360]  do_ip6t_set_ctl+0x65/0x311
[  309.463284][ T7360]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  309.469369][ T7360]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  309.475179][ T7360]  ? mutex_unlock+0x41/0x50
[  309.479878][ T7360]  nf_setsockopt+0x6e/0xb0
[  309.484556][ T7360]  ipv6_setsockopt+0x119/0x130
[  309.489344][ T7360]  tcp_setsockopt+0x7c/0xc0
[  309.493875][ T7360]  sock_common_setsockopt+0x67/0x90
[  309.499347][ T7360]  __sys_setsockopt+0x1ce/0x370
[  309.504610][ T7360]  __x64_sys_setsockopt+0x70/0x90
[  309.509795][ T7360]  do_syscall_64+0xcc/0x370
[  309.514532][ T7360]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  309.520688][ T7360] RIP: 0033:0x45ca6a
[  309.524602][ T7360] Code: 49 89 ca b8 37 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 6a 8b fb ff c3 66 0f 1f 84 00 00 00 00 00 49 89 ca b8 36 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 4a 8b fb ff c3 66 0f 1f 84 00 00 00 00 00
[  309.544391][ T7360] RSP: 002b:00007fffa6b77378 EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  309.551928][ T7459] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  309.552829][ T7360] RAX: ffffffffffffffda RBX: 00007fffa6b773a0 RCX: 000000000045ca6a
[  309.569201][ T7360] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  309.577510][ T7360] RBP: 0000000000713cc0 R08: 00000000000002e8 R09: 0000000000004000
[  309.585498][ T7360] R10: 0000000000712fa0 R11: 0000000000000206 R12: 0000000000000003
[  309.591457][ T7459] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  309.593490][ T7360] R13: 0000000000000000 R14: 0000000000000029 R15: 0000000000712f40
[  309.611224][ T7360] Kernel Offset: disabled
[  309.615569][ T7360] Rebooting in 86400 seconds..