[ 40.735625][ T26] audit: type=1800 audit(1563366225.300:26): pid=7732 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[ 40.777605][ T26] audit: type=1800 audit(1563366225.300:27): pid=7732 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[ 40.799850][ T26] audit: type=1800 audit(1563366225.300:28): pid=7732 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[ 41.784699][ T26] audit: type=1800 audit(1563366226.380:29): pid=7732 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.10.55' (ECDSA) to the list of known hosts.
2019/07/17 12:24:57 parsed 1 programs
2019/07/17 12:24:59 executed programs: 0
syzkaller login: [ 115.441580][ T7905] IPVS: ftp: loaded support on port[0] = 21
[ 115.450691][ T7903] IPVS: ftp: loaded support on port[0] = 21
[ 115.472365][ T7908] IPVS: ftp: loaded support on port[0] = 21
[ 115.479113][ T7909] IPVS: ftp: loaded support on port[0] = 21
[ 115.492540][ T7911] IPVS: ftp: loaded support on port[0] = 21
[ 115.517638][ T7912] IPVS: ftp: loaded support on port[0] = 21
[ 115.762103][ T7909] chnl_net:caif_netlink_parms(): no params data found
[ 115.778988][ T7908] chnl_net:caif_netlink_parms(): no params data found
[ 115.801187][ T7905] chnl_net:caif_netlink_parms(): no params data found
[ 115.816869][ T7903] chnl_net:caif_netlink_parms(): no params data found
[ 115.892498][ T7909] bridge0: port 1(bridge_slave_0) entered blocking state
[ 115.900485][ T7909] bridge0: port 1(bridge_slave_0) entered disabled state
[ 115.908334][ T7909] device bridge_slave_0 entered promiscuous mode
[ 115.924333][ T7911] chnl_net:caif_netlink_parms(): no params data found
[ 115.938615][ T7909] bridge0: port 2(bridge_slave_1) entered blocking state
[ 115.946448][ T7909] bridge0: port 2(bridge_slave_1) entered disabled state
[ 115.953941][ T7909] device bridge_slave_1 entered promiscuous mode
[ 115.972841][ T7912] chnl_net:caif_netlink_parms(): no params data found
[ 115.987033][ T7905] bridge0: port 1(bridge_slave_0) entered blocking state
[ 115.994087][ T7905] bridge0: port 1(bridge_slave_0) entered disabled state
[ 116.002318][ T7905] device bridge_slave_0 entered promiscuous mode
[ 116.013174][ T7905] bridge0: port 2(bridge_slave_1) entered blocking state
[ 116.020361][ T7905] bridge0: port 2(bridge_slave_1) entered disabled state
[ 116.027976][ T7905] device bridge_slave_1 entered promiscuous mode
[ 116.034885][ T7908] bridge0: port 1(bridge_slave_0) entered blocking state
[ 116.044157][ T7908] bridge0: port 1(bridge_slave_0) entered disabled state
[ 116.052814][ T7908] device bridge_slave_0 entered promiscuous mode
[ 116.067266][ T7903] bridge0: port 1(bridge_slave_0) entered blocking state
[ 116.074304][ T7903] bridge0: port 1(bridge_slave_0) entered disabled state
[ 116.081953][ T7903] device bridge_slave_0 entered promiscuous mode
[ 116.091808][ T7903] bridge0: port 2(bridge_slave_1) entered blocking state
[ 116.098932][ T7903] bridge0: port 2(bridge_slave_1) entered disabled state
[ 116.106789][ T7903] device bridge_slave_1 entered promiscuous mode
[ 116.131713][ T7908] bridge0: port 2(bridge_slave_1) entered blocking state
[ 116.138838][ T7908] bridge0: port 2(bridge_slave_1) entered disabled state
[ 116.149053][ T7908] device bridge_slave_1 entered promiscuous mode
[ 116.171186][ T7908] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 116.182141][ T7903] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 116.196073][ T7909] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 116.214429][ T7905] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 116.226341][ T7908] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 116.239766][ T7903] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 116.258882][ T7909] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 116.274065][ T7905] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 116.301852][ T7908] team0: Port device team_slave_0 added
[ 116.308995][ T7911] bridge0: port 1(bridge_slave_0) entered blocking state
[ 116.316194][ T7911] bridge0: port 1(bridge_slave_0) entered disabled state
[ 116.323678][ T7911] device bridge_slave_0 entered promiscuous mode
[ 116.334548][ T7911] bridge0: port 2(bridge_slave_1) entered blocking state
[ 116.341670][ T7911] bridge0: port 2(bridge_slave_1) entered disabled state
[ 116.349340][ T7911] device bridge_slave_1 entered promiscuous mode
[ 116.370025][ T7903] team0: Port device team_slave_0 added
[ 116.378352][ T7908] team0: Port device team_slave_1 added
[ 116.385170][ T7909] team0: Port device team_slave_0 added
[ 116.395488][ T7909] team0: Port device team_slave_1 added
[ 116.401216][ T7912] bridge0: port 1(bridge_slave_0) entered blocking state
[ 116.409623][ T7912] bridge0: port 1(bridge_slave_0) entered disabled state
[ 116.417344][ T7912] device bridge_slave_0 entered promiscuous mode
[ 116.425191][ T7905] team0: Port device team_slave_0 added
[ 116.432343][ T7903] team0: Port device team_slave_1 added
[ 116.444491][ T7911] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 116.455448][ T7912] bridge0: port 2(bridge_slave_1) entered blocking state
[ 116.462492][ T7912] bridge0: port 2(bridge_slave_1) entered disabled state
[ 116.470260][ T7912] device bridge_slave_1 entered promiscuous mode
[ 116.482143][ T7905] team0: Port device team_slave_1 added
[ 116.501903][ T7911] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 116.527640][ T7912] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 116.607778][ T7908] device hsr_slave_0 entered promiscuous mode
[ 116.645778][ T7908] device hsr_slave_1 entered promiscuous mode
[ 116.737295][ T7909] device hsr_slave_0 entered promiscuous mode
[ 116.785934][ T7909] device hsr_slave_1 entered promiscuous mode
[ 116.826941][ T7909] debugfs: Directory 'hsr0' with parent '/' already present!
[ 116.835838][ T7912] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 116.887815][ T7903] device hsr_slave_0 entered promiscuous mode
[ 116.945687][ T7903] device hsr_slave_1 entered promiscuous mode
[ 117.005365][ T7903] debugfs: Directory 'hsr0' with parent '/' already present!
[ 117.013718][ T7911] team0: Port device team_slave_0 added
[ 117.038448][ T7912] team0: Port device team_slave_0 added
[ 117.045119][ T7911] team0: Port device team_slave_1 added
[ 117.066891][ T7912] team0: Port device team_slave_1 added
[ 117.137315][ T7905] device hsr_slave_0 entered promiscuous mode
[ 117.186364][ T7905] device hsr_slave_1 entered promiscuous mode
[ 117.245469][ T7905] debugfs: Directory 'hsr0' with parent '/' already present!
[ 117.307803][ T7911] device hsr_slave_0 entered promiscuous mode
[ 117.345686][ T7911] device hsr_slave_1 entered promiscuous mode
[ 117.385411][ T7911] debugfs: Directory 'hsr0' with parent '/' already present!
[ 117.427767][ T7912] device hsr_slave_0 entered promiscuous mode
[ 117.465709][ T7912] device hsr_slave_1 entered promiscuous mode
[ 117.515424][ T7912] debugfs: Directory 'hsr0' with parent '/' already present!
[ 117.604200][ T7909] 8021q: adding VLAN 0 to HW filter on device bond0
[ 117.647418][ T7909] 8021q: adding VLAN 0 to HW filter on device team0
[ 117.665770][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 117.673839][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 117.686174][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 117.694588][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 117.707355][ T3017] bridge0: port 1(bridge_slave_0) entered blocking state
[ 117.714427][ T3017] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 117.727850][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 117.748026][ T7911] 8021q: adding VLAN 0 to HW filter on device bond0
[ 117.760348][ T7908] 8021q: adding VLAN 0 to HW filter on device bond0
[ 117.771117][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 117.780595][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 117.789629][ T3017] bridge0: port 2(bridge_slave_1) entered blocking state
[ 117.796720][ T3017] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 117.804970][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 117.813467][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 117.840205][ T7912] 8021q: adding VLAN 0 to HW filter on device bond0
[ 117.853424][ T7911] 8021q: adding VLAN 0 to HW filter on device team0
[ 117.873234][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 117.882993][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 117.891608][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 117.899520][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 117.907538][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 117.916010][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 117.924289][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 117.935505][ T7905] 8021q: adding VLAN 0 to HW filter on device bond0
[ 117.943838][ T7908] 8021q: adding VLAN 0 to HW filter on device team0
[ 117.965835][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 117.973437][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 117.982191][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 117.990702][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 117.999001][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 118.007849][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 118.016602][ T3017] bridge0: port 1(bridge_slave_0) entered blocking state
[ 118.023720][ T3017] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 118.031278][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 118.040178][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 118.048555][ T3017] bridge0: port 1(bridge_slave_0) entered blocking state
[ 118.055627][ T3017] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 118.063102][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 118.071646][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 118.080081][ T3017] bridge0: port 2(bridge_slave_1) entered blocking state
[ 118.087157][ T3017] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 118.094576][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 118.103239][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 118.113292][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 118.121320][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 118.136301][ T7905] 8021q: adding VLAN 0 to HW filter on device team0
[ 118.157532][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 118.165057][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 118.172888][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 118.184317][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 118.192837][ T3017] bridge0: port 1(bridge_slave_0) entered blocking state
[ 118.199926][ T3017] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 118.207707][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 118.216292][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 118.224493][ T3017] bridge0: port 2(bridge_slave_1) entered blocking state
[ 118.231560][ T3017] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 118.239193][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 118.249668][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 118.258370][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 118.267244][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 118.277186][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 118.284928][ T3017] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 118.301354][ T7903] 8021q: adding VLAN 0 to HW filter on device bond0
[ 118.313770][ T7912] 8021q: adding VLAN 0 to HW filter on device team0
[ 118.324006][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 118.333677][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 118.344306][ T22] bridge0: port 2(bridge_slave_1) entered blocking state
[ 118.351395][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 118.358977][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 118.368005][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 118.375714][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 118.389085][ T7911] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 118.399883][ T7911] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 118.422059][ T7905] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 118.433082][ T7905] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 118.455729][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 118.464387][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 118.472873][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 118.481325][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 118.489663][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 118.498098][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 118.507033][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 118.515170][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 118.523360][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 118.532053][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 118.540556][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 118.548880][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 118.557203][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 118.565461][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 118.573598][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 118.582411][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 118.590973][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 118.599528][ T5] bridge0: port 1(bridge_slave_0) entered blocking state
[ 118.606612][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 118.614204][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 118.623255][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 118.631639][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 118.640045][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 118.648389][ T5] bridge0: port 2(bridge_slave_1) entered blocking state
[ 118.655465][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 118.663038][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 118.671637][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 118.680109][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 118.687929][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 118.695659][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 118.704452][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 118.712520][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 118.733738][ T7903] 8021q: adding VLAN 0 to HW filter on device team0
[ 118.751263][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 118.760596][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 118.771853][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 118.780568][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 118.798830][ T7911] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 118.814352][ T7909] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 118.830239][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 118.842169][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 118.851310][ T22] bridge0: port 1(bridge_slave_0) entered blocking state
[ 118.858423][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 118.867284][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 118.876444][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 118.884665][ T22] bridge0: port 2(bridge_slave_1) entered blocking state
[ 118.891736][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 118.900004][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 118.908994][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 118.917892][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 118.939432][ T7905] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 118.949483][ T7908] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 118.961128][ T7908] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 118.971852][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 118.983323][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 119.000035][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 119.011165][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 119.020336][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 119.029283][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 119.037753][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 119.045983][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 119.054120][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 119.063119][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 119.071383][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 119.079629][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 119.088757][ T7903] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 119.111761][ T7912] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 119.127878][ T7912] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 119.143508][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 119.161187][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 119.170374][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 119.179282][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 119.189068][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 119.197466][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 119.205730][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 119.213846][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 119.222534][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 119.231008][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 119.239103][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 119.251926][ T7903] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 119.365992][ T7912] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 119.391048][ T7908] 8021q: adding VLAN 0 to HW filter on device batadv0
2019/07/17 12:25:05 executed programs: 15
2019/07/17 12:25:10 executed programs: 76
2019/07/17 12:25:15 executed programs: 140
2019/07/17 12:25:20 executed programs: 202
2019/07/17 12:25:25 executed programs: 264
2019/07/17 12:25:30 executed programs: 326
2019/07/17 12:25:35 executed programs: 388
2019/07/17 12:25:40 executed programs: 450
2019/07/17 12:25:45 executed programs: 510
2019/07/17 12:25:50 executed programs: 573
[ 168.145629][ C1] ------------[ cut here ]------------
[ 168.146943][T10948] ==================================================================
[ 168.151256][ C1] refcount_t: increment on 0; use-after-free.
[ 168.151446][ C1] WARNING: CPU: 1 PID: 0 at lib/refcount.c:156 refcount_inc_checked+0x4b/0x50
[ 168.159368][T10948] BUG: KASAN: use-after-free in refcount_inc_not_zero_checked+0x7c/0x280
[ 168.165401][ C1] Kernel panic - not syncing: panic_on_warn set ...
[ 168.174224][T10948] Read of size 4 at addr ffff88809045d1c0 by task syz-executor.4/10948
[ 168.182601][ C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.2.0+ #32
[ 168.189149][T10948]
[ 168.206486][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 168.216521][ C1] Call Trace:
[ 168.219788][ C1]
[ 168.222626][ C1] dump_stack+0x1d8/0x2f8
[ 168.226941][ C1] panic+0x29b/0x7d9
[ 168.230840][ C1] ? __warn+0x126/0x230
[ 168.234974][ C1] ? nmi_panic+0x97/0x97
[ 168.239197][ C1] ? __probe_kernel_read+0x140/0x1a0
[ 168.244465][ C1] ? is_valid_bugaddr+0x81/0x100
[ 168.249394][ C1] __warn+0x22f/0x230
[ 168.253358][ C1] ? refcount_inc_checked+0x4b/0x50
[ 168.258538][ C1] report_bug+0x190/0x290
[ 168.262846][ C1] ? refcount_inc_checked+0x4b/0x50
[ 168.268034][ C1] do_error_trap+0xd7/0x440
[ 168.272524][ C1] do_invalid_op+0x36/0x40
[ 168.276922][ C1] ? refcount_inc_checked+0x4b/0x50
[ 168.282104][ C1] invalid_op+0x14/0x20
[ 168.286240][ C1] RIP: 0010:refcount_inc_checked+0x4b/0x50
[ 168.292026][ C1] Code: 3d 4e 9e 94 05 01 75 08 e8 22 d2 11 fe 5b 5d c3 e8 1a d2 11 fe c6 05 38 9e 94 05 01 48 c7 c7 79 c4 87 88 31 c0 e8 35 0d e3 fd <0f> 0b eb df 90 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0
[ 168.311718][ C1] RSP: 0018:ffff8880aeb09b40 EFLAGS: 00010246
[ 168.317761][ C1] RAX: 9d40dd55655d6400 RBX: ffff88809045d1c0 RCX: ffff8880a98bc340
[ 168.325713][ C1] RDX: 0000000000000302 RSI: 0000000000000302 RDI: 0000000000000000
[ 168.333666][ C1] RBP: ffff8880aeb09b48 R08: ffffffff81600c14 R09: ffffed1015d640c2
[ 168.341620][ C1] R10: ffffed1015d640c2 R11: 0000000000000000 R12: ffff8880978cf500
[ 168.349575][ C1] R13: dffffc0000000000 R14: 0000000000000004 R15: ffff88809045d140
[ 168.357533][ C1] ? vprintk_emit+0x2d4/0x3a0
[ 168.362292][ C1] nr_rx_frame+0x17bc/0x1e40
[ 168.366876][ C1] nr_loopback_timer+0x6a/0x140
[ 168.371709][ C1] ? nr_loopback_clear+0x30/0x30
[ 168.376626][ C1] call_timer_fn+0xec/0x200
[ 168.381122][ C1] ? __run_timers+0x9c0/0x9c0
[ 168.385794][ C1] ? nr_loopback_clear+0x30/0x30
[ 168.390727][ C1] ? nr_loopback_clear+0x30/0x30
[ 168.395644][ C1] __run_timers+0x7cd/0x9c0
[ 168.400139][ C1] ? trace_timer_cancel+0x290/0x290
[ 168.405317][ C1] ? scheduler_ipi+0x39e/0x4a0
[ 168.410156][ C1] ? check_preemption_disabled+0x47/0x2a0
[ 168.415858][ C1] ? check_preemption_disabled+0x47/0x2a0
[ 168.421564][ C1] run_timer_softirq+0x4a/0x90
[ 168.426308][ C1] __do_softirq+0x333/0x7c4
[ 168.430791][ C1] ? irq_exit+0x227/0x230
[ 168.435111][ C1] irq_exit+0x227/0x230
[ 168.439334][ C1] smp_apic_timer_interrupt+0x113/0x280
[ 168.444875][ C1] apic_timer_interrupt+0xf/0x20
[ 168.449797][ C1]
[ 168.452722][ C1] RIP: 0010:native_safe_halt+0xe/0x10
[ 168.458075][ C1] Code: 08 fa eb ae 89 d9 80 e1 07 80 c1 03 38 c1 7c ba 48 89 df e8 a4 44 08 fa eb b0 90 90 e9 07 00 00 00 0f 00 2d e6 dc 58 00 fb f4 90 e9 07 00 00 00 0f 00 2d d6 dc 58 00 f4 c3 90 90 55 48 89 e5
[ 168.477660][ C1] RSP: 0018:ffff8880a98cfd38 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13
[ 168.486060][ C1] RAX: 1ffffffff11950db RBX: ffff8880a98bc340 RCX: dffffc0000000000
[ 168.494013][ C1] RDX: 0000000000000000 RSI: ffffffff812cde8a RDI: ffff8880a98bcb78
[ 168.501963][ C1] RBP: ffff8880a98cfd40 R08: ffff8880a98bcb90 R09: ffffed1015317869
[ 168.509923][ C1] R10: ffffed1015317869 R11: 0000000000000000 R12: 0000000000000001
[ 168.517874][ C1] R13: 1ffff11015317868 R14: dffffc0000000000 R15: dffffc0000000000
[ 168.529743][ C1] ? arch_cpu_idle+0xa/0x10
[ 168.534229][ C1] ? default_idle+0x50/0x70
[ 168.538711][ C1] arch_cpu_idle+0xa/0x10
[ 168.543039][ C1] default_idle_call+0x59/0xa0
[ 168.547783][ C1] do_idle+0x180/0x780
[ 168.551838][ C1] ? idle_inject_timer_fn+0x60/0x60
[ 168.557019][ C1] ? schedule_idle+0x64/0x90
[ 168.561596][ C1] cpu_startup_entry+0x25/0x30
[ 168.566339][ C1] start_secondary+0x3f4/0x490
[ 168.571084][ C1] ? mwait_play_dead+0x1e0/0x1e0
[ 168.576012][ C1] secondary_startup_64+0xa4/0xb0
[ 168.581139][T10948] CPU: 0 PID: 10948 Comm: syz-executor.4 Not tainted 5.2.0+ #32
[ 168.590283][T10948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 168.600320][T10948] Call Trace:
[ 168.603602][T10948] dump_stack+0x1d8/0x2f8
[ 168.607918][T10948] print_address_description+0x75/0x5b0
[ 168.613439][T10948] ? log_buf_vmcoreinfo_setup+0x153/0x153
[ 168.619166][T10948] __kasan_report+0x14b/0x1c0
[ 168.623823][T10948] ? refcount_inc_not_zero_checked+0x7c/0x280
[ 168.629869][T10948] kasan_report+0x26/0x50
[ 168.634180][T10948] check_memory_region+0x2cf/0x2e0
[ 168.639274][T10948] __kasan_check_read+0x11/0x20
[ 168.644101][T10948] refcount_inc_not_zero_checked+0x7c/0x280
[ 168.649971][T10948] ? refcount_add_checked+0x60/0x60
[ 168.655146][T10948] ? __kasan_check_write+0x14/0x20
[ 168.660241][T10948] ? down_write+0x10a/0x180
[ 168.664727][T10948] refcount_inc_checked+0x15/0x50
[ 168.669731][T10948] nr_release+0x59/0x390
[ 168.673957][T10948] sock_close+0xe1/0x260
[ 168.678178][T10948] ? sock_mmap+0xa0/0xa0
[ 168.682404][T10948] __fput+0x2e4/0x740
[ 168.686391][T10948] ____fput+0x15/0x20
[ 168.690351][T10948] task_work_run+0x17e/0x1b0
[ 168.694922][T10948] prepare_exit_to_usermode+0x459/0x580
[ 168.700452][T10948] syscall_return_slowpath+0x110/0x450
[ 168.705890][T10948] do_syscall_64+0x126/0x140
[ 168.710462][T10948] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 168.716332][T10948] RIP: 0033:0x413501
[ 168.720204][T10948] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 168.739788][T10948] RSP: 002b:00007ffc46b19150 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 168.748192][T10948] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000413501
[ 168.757346][T10948] RDX: 0000001b31920000 RSI: 0000000000000000 RDI: 0000000000000003
[ 168.765298][T10948] RBP: 0000000000000001 R08: ffffffffffffffff R09: ffffffffffffffff
[ 168.773251][T10948] R10: 00007ffc46b19230 R11: 0000000000000293 R12: 000000000075c9a0
[ 168.781208][T10948] R13: 000000000075c9a0 R14: 0000000000760a68 R15: ffffffffffffffff
[ 168.789174][T10948]
[ 168.791492][T10948] Allocated by task 0:
[ 168.795547][T10948] __kasan_kmalloc+0x11c/0x1b0
[ 168.800288][T10948] kasan_kmalloc+0x9/0x10
[ 168.804602][T10948] __kmalloc+0x254/0x340
[ 168.808820][T10948] sk_prot_alloc+0xb0/0x290
[ 168.813323][T10948] sk_alloc+0x38/0x950
[ 168.817370][T10948] nr_rx_frame+0xabc/0x1e40
[ 168.821851][T10948] nr_loopback_timer+0x6a/0x140
[ 168.826684][T10948] call_timer_fn+0xec/0x200
[ 168.831164][T10948] __run_timers+0x7cd/0x9c0
[ 168.835643][T10948] run_timer_softirq+0x4a/0x90
[ 168.840382][T10948] __do_softirq+0x333/0x7c4
[ 168.844856][T10948]
[ 168.847160][T10948] Freed by task 10950:
[ 168.851204][T10948] __kasan_slab_free+0x12a/0x1e0
[ 168.856203][T10948] kasan_slab_free+0xe/0x10
[ 168.860686][T10948] kfree+0x115/0x200
[ 168.864559][T10948] __sk_destruct+0x567/0x660
[ 168.869128][T10948] __sk_free+0x317/0x3e0
[ 168.873432][T10948] sock_efree+0x60/0x80
[ 168.877574][T10948] skb_release_head_state+0x100/0x210
[ 168.882924][T10948] __kfree_skb+0x25/0x170
[ 168.887230][T10948] kfree_skb+0x6f/0xb0
[ 168.891275][T10948] nr_accept+0x4ec/0x640
[ 168.895498][T10948] __sys_accept4+0x5bc/0x9a0
[ 168.900065][T10948] __x64_sys_accept4+0x9a/0xb0
[ 168.904806][T10948] do_syscall_64+0xfe/0x140
[ 168.909295][T10948] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 168.915160][T10948]
[ 168.917466][T10948] The buggy address belongs to the object at ffff88809045d140
[ 168.917466][T10948] which belongs to the cache kmalloc-2k of size 2048
[ 168.931496][T10948] The buggy address is located 128 bytes inside of
[ 168.931496][T10948] 2048-byte region [ffff88809045d140, ffff88809045d940)
[ 168.944827][T10948] The buggy address belongs to the page:
[ 168.950439][T10948] page:ffffea0002411700 refcount:1 mapcount:0 mapping:ffff8880aa400e00 index:0x0 compound_mapcount: 0
[ 168.961344][T10948] flags: 0x1fffc0000010200(slab|head)
[ 168.966782][T10948] raw: 01fffc0000010200 ffffea0002411488 ffffea0002411788 ffff8880aa400e00
[ 168.975356][T10948] raw: 0000000000000000 ffff88809045c040 0000000100000003 0000000000000000
[ 168.983913][T10948] page dumped because: kasan: bad access detected
[ 168.990309][T10948]
[ 168.992615][T10948] Memory state around the buggy address:
[ 168.998221][T10948] ffff88809045d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 169.006259][T10948] ffff88809045d100: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
[ 169.014294][T10948] >ffff88809045d180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 169.022340][T10948] ^
[ 169.028468][T10948] ffff88809045d200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 169.036515][T10948] ffff88809045d280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 169.044553][T10948] ==================================================================
[ 169.052594][T10948] Disabling lock debugging due to kernel taint
[ 169.060053][ C1] Kernel Offset: disabled
[ 169.064394][ C1] Rebooting in 86400 seconds..