[   65.408196][   T26] audit: type=1800 audit(1561749281.268:26): pid=9015 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   66.268410][   T26] kauditd_printk_skb: 2 callbacks suppressed
[   66.268422][   T26] audit: type=1800 audit(1561749282.168:29): pid=9015 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   66.295701][   T26] audit: type=1800 audit(1561749282.168:30): pid=9015 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.196' (ECDSA) to the list of known hosts.
2019/06/28 19:29:56 parsed 1 programs
2019/06/28 19:29:58 executed programs: 0
syzkaller login: [  982.561706][ T9192] IPVS: ftp: loaded support on port[0] = 21
[  982.570026][ T9193] IPVS: ftp: loaded support on port[0] = 21
[  982.575382][ T9199] IPVS: ftp: loaded support on port[0] = 21
[  982.586927][ T9198] IPVS: ftp: loaded support on port[0] = 21
[  982.589669][ T9195] IPVS: ftp: loaded support on port[0] = 21
[  982.641715][ T9200] IPVS: ftp: loaded support on port[0] = 21
[  982.903697][ T9192] chnl_net:caif_netlink_parms(): no params data found
[  982.977948][ T9193] chnl_net:caif_netlink_parms(): no params data found
[  983.067774][ T9192] bridge0: port 1(bridge_slave_0) entered blocking state
[  983.075511][ T9192] bridge0: port 1(bridge_slave_0) entered disabled state
[  983.083294][ T9192] device bridge_slave_0 entered promiscuous mode
[  983.115616][ T9195] chnl_net:caif_netlink_parms(): no params data found
[  983.131221][ T9192] bridge0: port 2(bridge_slave_1) entered blocking state
[  983.138351][ T9192] bridge0: port 2(bridge_slave_1) entered disabled state
[  983.146195][ T9192] device bridge_slave_1 entered promiscuous mode
[  983.239666][ T9193] bridge0: port 1(bridge_slave_0) entered blocking state
[  983.246842][ T9193] bridge0: port 1(bridge_slave_0) entered disabled state
[  983.256506][ T9193] device bridge_slave_0 entered promiscuous mode
[  983.271568][ T9198] chnl_net:caif_netlink_parms(): no params data found
[  983.280597][ T9200] chnl_net:caif_netlink_parms(): no params data found
[  983.297978][ T9193] bridge0: port 2(bridge_slave_1) entered blocking state
[  983.305774][ T9193] bridge0: port 2(bridge_slave_1) entered disabled state
[  983.315786][ T9193] device bridge_slave_1 entered promiscuous mode
[  983.324974][ T9192] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  983.337436][ T9192] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  983.392789][ T9199] chnl_net:caif_netlink_parms(): no params data found
[  983.462122][ T9195] bridge0: port 1(bridge_slave_0) entered blocking state
[  983.469954][ T9195] bridge0: port 1(bridge_slave_0) entered disabled state
[  983.477665][ T9195] device bridge_slave_0 entered promiscuous mode
[  983.493799][ T9193] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  983.506535][ T9192] team0: Port device team_slave_0 added
[  983.512623][ T9198] bridge0: port 1(bridge_slave_0) entered blocking state
[  983.520460][ T9198] bridge0: port 1(bridge_slave_0) entered disabled state
[  983.528697][ T9198] device bridge_slave_0 entered promiscuous mode
[  983.535992][ T9195] bridge0: port 2(bridge_slave_1) entered blocking state
[  983.544023][ T9195] bridge0: port 2(bridge_slave_1) entered disabled state
[  983.553192][ T9195] device bridge_slave_1 entered promiscuous mode
[  983.561281][ T9200] bridge0: port 1(bridge_slave_0) entered blocking state
[  983.574238][ T9200] bridge0: port 1(bridge_slave_0) entered disabled state
[  983.583141][ T9200] device bridge_slave_0 entered promiscuous mode
[  983.595173][ T9193] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  983.606442][ T9192] team0: Port device team_slave_1 added
[  983.619612][ T9198] bridge0: port 2(bridge_slave_1) entered blocking state
[  983.626874][ T9198] bridge0: port 2(bridge_slave_1) entered disabled state
[  983.634776][ T9198] device bridge_slave_1 entered promiscuous mode
[  983.649765][ T9200] bridge0: port 2(bridge_slave_1) entered blocking state
[  983.656861][ T9200] bridge0: port 2(bridge_slave_1) entered disabled state
[  983.665490][ T9200] device bridge_slave_1 entered promiscuous mode
[  983.687943][ T9193] team0: Port device team_slave_0 added
[  983.722694][ T9193] team0: Port device team_slave_1 added
[  983.754797][ T9195] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  983.773376][ T9195] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  983.786933][ T9200] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  983.802044][ T9199] bridge0: port 1(bridge_slave_0) entered blocking state
[  983.809928][ T9199] bridge0: port 1(bridge_slave_0) entered disabled state
[  983.817682][ T9199] device bridge_slave_0 entered promiscuous mode
[  983.827015][ T9198] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  983.900328][ T9192] device hsr_slave_0 entered promiscuous mode
[  983.938584][ T9192] device hsr_slave_1 entered promiscuous mode
[  983.979998][ T9200] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  983.992991][ T9199] bridge0: port 2(bridge_slave_1) entered blocking state
[  984.000427][ T9199] bridge0: port 2(bridge_slave_1) entered disabled state
[  984.008730][ T9199] device bridge_slave_1 entered promiscuous mode
[  984.017147][ T9198] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  984.071518][ T9193] device hsr_slave_0 entered promiscuous mode
[  984.118596][ T9193] device hsr_slave_1 entered promiscuous mode
[  984.212884][ T9195] team0: Port device team_slave_0 added
[  984.220151][ T9195] team0: Port device team_slave_1 added
[  984.239774][ T9199] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  984.250854][ T9199] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  984.262142][ T9198] team0: Port device team_slave_0 added
[  984.269767][ T9198] team0: Port device team_slave_1 added
[  984.302847][ T9200] team0: Port device team_slave_0 added
[  984.312027][ T9200] team0: Port device team_slave_1 added
[  984.342025][ T9199] team0: Port device team_slave_0 added
[  984.411775][ T9195] device hsr_slave_0 entered promiscuous mode
[  984.468654][ T9195] device hsr_slave_1 entered promiscuous mode
[  984.539667][ T9199] team0: Port device team_slave_1 added
[  984.591414][ T9200] device hsr_slave_0 entered promiscuous mode
[  984.658514][ T9200] device hsr_slave_1 entered promiscuous mode
[  984.770474][ T9198] device hsr_slave_0 entered promiscuous mode
[  984.838788][ T9198] device hsr_slave_1 entered promiscuous mode
[  984.921734][ T9199] device hsr_slave_0 entered promiscuous mode
[  984.978508][ T9199] device hsr_slave_1 entered promiscuous mode
[  985.164239][ T9199] 8021q: adding VLAN 0 to HW filter on device bond0
[  985.222442][ T9193] 8021q: adding VLAN 0 to HW filter on device bond0
[  985.241781][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  985.254445][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  985.262910][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  985.274123][ T9199] 8021q: adding VLAN 0 to HW filter on device team0
[  985.284469][ T9198] 8021q: adding VLAN 0 to HW filter on device bond0
[  985.310442][ T9193] 8021q: adding VLAN 0 to HW filter on device team0
[  985.339797][ T9195] 8021q: adding VLAN 0 to HW filter on device bond0
[  985.359152][ T9192] 8021q: adding VLAN 0 to HW filter on device bond0
[  985.370464][ T9205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  985.381730][ T9205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  985.390485][ T9205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  985.399739][ T9205] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  985.408349][ T9205] bridge0: port 1(bridge_slave_0) entered blocking state
[  985.415658][ T9205] bridge0: port 1(bridge_slave_0) entered forwarding state
[  985.423978][ T9205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  985.432660][ T9205] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  985.441317][ T9205] bridge0: port 2(bridge_slave_1) entered blocking state
[  985.448977][ T9205] bridge0: port 2(bridge_slave_1) entered forwarding state
[  985.456681][ T9205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  985.465714][ T9205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  985.474320][ T9205] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  985.482886][ T9205] bridge0: port 1(bridge_slave_0) entered blocking state
[  985.491754][ T9205] bridge0: port 1(bridge_slave_0) entered forwarding state
[  985.500650][ T9205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  985.509517][ T9205] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  985.518377][ T9205] bridge0: port 2(bridge_slave_1) entered blocking state
[  985.525446][ T9205] bridge0: port 2(bridge_slave_1) entered forwarding state
[  985.534436][ T9205] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  985.542797][ T9205] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  985.574604][ T9200] 8021q: adding VLAN 0 to HW filter on device bond0
[  985.582311][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  985.599789][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  985.608727][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  985.616930][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  985.634011][ T9198] 8021q: adding VLAN 0 to HW filter on device team0
[  985.644969][ T9195] 8021q: adding VLAN 0 to HW filter on device team0
[  985.662377][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  985.671957][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  985.681870][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  985.691062][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  985.699885][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  985.709242][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  985.717689][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  985.725898][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  985.733950][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  985.751234][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  985.759741][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  985.769371][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  985.779430][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  985.788890][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  985.797393][   T22] bridge0: port 1(bridge_slave_0) entered blocking state
[  985.804548][   T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[  985.812832][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  985.821929][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  985.831026][   T22] bridge0: port 1(bridge_slave_0) entered blocking state
[  985.838270][   T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[  985.847922][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  985.856201][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  985.865599][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  985.873892][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  985.886756][ T9199] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  985.900362][ T9199] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  985.929939][ T9192] 8021q: adding VLAN 0 to HW filter on device team0
[  985.937500][ T9203] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  985.947326][ T9203] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  985.959522][ T9203] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  985.970070][ T9203] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  985.978782][ T9203] bridge0: port 2(bridge_slave_1) entered blocking state
[  985.985872][ T9203] bridge0: port 2(bridge_slave_1) entered forwarding state
[  985.993580][ T9203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  986.002112][ T9203] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  986.011275][ T9203] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  986.021257][ T9203] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  986.030057][ T9203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  986.038805][ T9203] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  986.047672][ T9203] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  986.068282][ T9200] 8021q: adding VLAN 0 to HW filter on device team0
[  986.085266][ T9205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  986.094227][ T9205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  986.103768][ T9205] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  986.112644][ T9205] bridge0: port 2(bridge_slave_1) entered blocking state
[  986.119765][ T9205] bridge0: port 2(bridge_slave_1) entered forwarding state
[  986.127891][ T9205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  986.136556][ T9205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  986.145042][ T9205] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  986.153509][ T9205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  986.176239][ T9193] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  986.200736][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  986.211616][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  986.221411][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  986.230823][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  986.239742][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  986.248332][ T9201] bridge0: port 1(bridge_slave_0) entered blocking state
[  986.255424][ T9201] bridge0: port 1(bridge_slave_0) entered forwarding state
[  986.263134][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  986.272060][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  986.281934][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  986.290723][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  986.299635][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  986.307912][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  986.316394][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  986.324788][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  986.345215][ T9199] 8021q: adding VLAN 0 to HW filter on device batadv0
[  986.367026][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  986.382164][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  986.391040][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  986.399524][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  986.408867][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  986.417459][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  986.427319][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  986.436529][   T22] bridge0: port 2(bridge_slave_1) entered blocking state
[  986.443683][   T22] bridge0: port 2(bridge_slave_1) entered forwarding state
[  986.451702][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  986.460235][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  986.468711][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  986.477562][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  986.486123][   T22] bridge0: port 1(bridge_slave_0) entered blocking state
[  986.493480][   T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[  986.503096][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  986.512077][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  986.520659][   T22] bridge0: port 2(bridge_slave_1) entered blocking state
[  986.527735][   T22] bridge0: port 2(bridge_slave_1) entered forwarding state
[  986.535654][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  986.546186][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  986.591748][ T9213] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  986.607098][ T9213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  986.622775][ T9213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  986.633524][ T9213] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  986.643285][ T9213] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  986.652117][ T9213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  986.662420][ T9213] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  986.671010][ T9213] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  986.679935][ T9213] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  986.688713][ T9213] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  986.698618][ T9213] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  986.708639][ T9213] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  986.718419][ T9213] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  986.729766][ T9195] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  986.765417][ T9193] 8021q: adding VLAN 0 to HW filter on device batadv0
[  986.790274][ T9198] 8021q: adding VLAN 0 to HW filter on device batadv0
[  986.807071][ T9195] 8021q: adding VLAN 0 to HW filter on device batadv0
[  986.819523][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  986.863014][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  986.879234][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  986.891074][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  986.899811][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  986.908731][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  986.928647][ T9200] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  986.952821][ T9213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  986.989791][ T9213] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  986.999383][ T9213] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  987.015112][ T9213] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  987.054820][ T9192] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  987.156015][ T9200] 8021q: adding VLAN 0 to HW filter on device batadv0
[  987.240243][ T9192] 8021q: adding VLAN 0 to HW filter on device batadv0
2019/06/28 19:30:03 executed programs: 16
2019/06/28 19:30:08 executed programs: 222
2019/06/28 19:30:13 executed programs: 421
2019/06/28 19:30:18 executed programs: 623
2019/06/28 19:30:23 executed programs: 826
2019/06/28 19:30:28 executed programs: 1027
2019/06/28 19:30:33 executed programs: 1230
2019/06/28 19:30:38 executed programs: 1419
2019/06/28 19:30:43 executed programs: 1609
2019/06/28 19:30:48 executed programs: 1804
2019/06/28 19:30:53 executed programs: 1986
2019/06/28 19:30:58 executed programs: 2173
2019/06/28 19:31:03 executed programs: 2369
2019/06/28 19:31:08 executed programs: 2564
2019/06/28 19:31:13 executed programs: 2743
2019/06/28 19:31:19 executed programs: 2930
2019/06/28 19:31:24 executed programs: 3110
2019/06/28 19:31:29 executed programs: 3280
2019/06/28 19:31:34 executed programs: 3467
[ 1079.534084][T15186] ==================================================================
[ 1079.542485][T15186] BUG: KASAN: use-after-free in sk_psock_unlink+0x3dd/0x4b0
[ 1079.549786][T15186] Read of size 4 at addr ffff888095787018 by task syz-executor.5/15186
[ 1079.558026][T15186] 
[ 1079.560373][T15186] CPU: 0 PID: 15186 Comm: syz-executor.5 Not tainted 5.2.0-rc6-next-20190628 #25
[ 1079.569486][T15186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1079.579552][T15186] Call Trace:
[ 1079.582927][T15186]  dump_stack+0x172/0x1f0
[ 1079.587281][T15186]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1079.592285][T15186]  ? tcp_check_oom+0x560/0x560
[ 1079.597060][T15186]  print_address_description.cold+0xd4/0x306
[ 1079.603052][T15186]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1079.607998][T15186]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1079.612955][T15186]  ? tcp_check_oom+0x560/0x560
[ 1079.617726][T15186]  __kasan_report.cold+0x1b/0x36
[ 1079.622676][T15186]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1079.627626][T15186]  kasan_report+0x12/0x17
[ 1079.632052][T15186]  __asan_report_load4_noabort+0x14/0x20
[ 1079.637690][T15186]  sk_psock_unlink+0x3dd/0x4b0
[ 1079.642527][T15186]  ? sk_psock_link_pop+0x186/0x1f0
[ 1079.647657][T15186]  ? tcp_check_oom+0x560/0x560
[ 1079.652478][T15186]  tcp_bpf_remove+0x21/0x50
[ 1079.656997][T15186]  tcp_bpf_close+0x130/0x390
[ 1079.661695][T15186]  tls_sk_proto_close+0x2f8/0x6b0
[ 1079.666912][T15186]  ? __sock_release+0x89/0x2a0
[ 1079.671691][T15186]  ? tcp_bpf_recvmsg+0xa70/0xa70
[ 1079.676641][T15186]  ? wait_on_pending_writer+0x420/0x420
[ 1079.682273][T15186]  ? ip_mc_drop_socket+0x211/0x270
[ 1079.687506][T15186]  ? down_write+0xdf/0x150
[ 1079.691945][T15186]  inet_release+0xed/0x200
[ 1079.696431][T15186]  inet6_release+0x53/0x80
[ 1079.700952][T15186]  __sock_release+0xce/0x2a0
[ 1079.705563][T15186]  sock_close+0x1b/0x30
[ 1079.709736][T15186]  __fput+0x2ff/0x890
[ 1079.713735][T15186]  ? __sock_release+0x2a0/0x2a0
[ 1079.718607][T15186]  ____fput+0x16/0x20
[ 1079.722595][T15186]  task_work_run+0x145/0x1c0
[ 1079.727207][T15186]  exit_to_usermode_loop+0x280/0x2d0
[ 1079.732603][T15186]  do_syscall_64+0x5a9/0x6a0
[ 1079.737217][T15186]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1079.743210][T15186] RIP: 0033:0x4131e0
[ 1079.747112][T15186] Code: 01 f0 ff ff 0f 83 30 1b 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 83 3d ad 30 66 00 00 75 14 b8 03 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff
[ 1079.766814][T15186] RSP: 002b:00007ffe140c8b98 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1079.775271][T15186] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 00000000004131e0
[ 1079.783266][T15186] RDX: 0000001b32920000 RSI: 0000000000000000 RDI: 0000000000000005
[ 1079.791248][T15186] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffff
[ 1079.799232][T15186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000761178
[ 1079.807210][T15186] R13: 0000000000000005 R14: 0000000000000000 R15: ffffffffffffffff
[ 1079.815203][T15186] 
[ 1079.817572][T15186] Allocated by task 15186:
[ 1079.822088][T15186]  save_stack+0x23/0x90
[ 1079.826252][T15186]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 1079.831893][T15186]  kasan_kmalloc+0x9/0x10
[ 1079.836241][T15186]  kmem_cache_alloc_trace+0x158/0x790
[ 1079.841627][T15186]  sock_map_alloc+0x1bb/0x3a0
[ 1079.846313][T15186]  __do_sys_bpf+0x475/0x42f0
[ 1079.850920][T15186]  __x64_sys_bpf+0x73/0xb0
[ 1079.855438][T15186]  do_syscall_64+0xfd/0x6a0
[ 1079.861425][T15186]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1079.867516][T15186] 
[ 1079.869849][T15186] Freed by task 2995:
[ 1079.873848][T15186]  save_stack+0x23/0x90
[ 1079.878019][T15186]  __kasan_slab_free+0x102/0x150
[ 1079.882965][T15186]  kasan_slab_free+0xe/0x10
[ 1079.887472][T15186]  kfree+0x10a/0x2c0
[ 1079.891376][T15186]  sock_map_free+0x22a/0x310
[ 1079.895980][T15186]  bpf_map_free_deferred+0xb3/0x100
[ 1079.901191][T15186]  process_one_work+0x9af/0x1740
[ 1079.906144][T15186]  worker_thread+0x98/0xe40
[ 1079.910656][T15186]  kthread+0x361/0x430
[ 1079.914736][T15186]  ret_from_fork+0x24/0x30
[ 1079.919149][T15186] 
[ 1079.921482][T15186] The buggy address belongs to the object at ffff888095787000
[ 1079.921482][T15186]  which belongs to the cache kmalloc-512 of size 512
[ 1079.935643][T15186] The buggy address is located 24 bytes inside of
[ 1079.935643][T15186]  512-byte region [ffff888095787000, ffff888095787200)
[ 1079.935660][T15186] The buggy address belongs to the page:
[ 1079.935673][T15186] page:ffffea000255e1c0 refcount:1 mapcount:0 mapping:ffff8880aa400a80 index:0x0
[ 1079.935686][T15186] flags: 0x1fffc0000000200(slab)
[ 1079.935703][T15186] raw: 01fffc0000000200 ffffea0002619948 ffffea0002621a88 ffff8880aa400a80
[ 1079.935718][T15186] raw: 0000000000000000 ffff888095787000 0000000100000006 0000000000000000
[ 1079.935724][T15186] page dumped because: kasan: bad access detected
[ 1079.935728][T15186] 
[ 1079.935732][T15186] Memory state around the buggy address:
[ 1079.935743][T15186]  ffff888095786f00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 1079.935753][T15186]  ffff888095786f80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 1079.935763][T15186] >ffff888095787000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1079.935769][T15186]                             ^
[ 1079.935780][T15186]  ffff888095787080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1079.935791][T15186]  ffff888095787100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1079.935796][T15186] ==================================================================
[ 1079.935800][T15186] Disabling lock debugging due to kernel taint
[ 1079.944373][T15186] Kernel panic - not syncing: panic_on_warn set ...
[ 1079.953116][ T3879] kobject: 'loop2' (00000000992578d5): fill_kobj_path: path = '/devices/virtual/block/loop2'
[ 1079.954767][T15186] CPU: 0 PID: 15186 Comm: syz-executor.5 Tainted: G    B             5.2.0-rc6-next-20190628 #25
[ 1079.966006][ T3879] kobject: 'loop4' (000000009e23cb52): kobject_uevent_env
[ 1079.969520][T15186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1079.969526][T15186] Call Trace:
[ 1079.969545][T15186]  dump_stack+0x172/0x1f0
[ 1079.969559][T15186]  ? tcp_check_oom+0x560/0x560
[ 1079.969572][T15186]  panic+0x2dc/0x755
[ 1079.969585][T15186]  ? add_taint.cold+0x16/0x16
[ 1079.969597][T15186]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1079.969606][T15186]  ? tcp_check_oom+0x560/0x560
[ 1079.969626][T15186]  ? preempt_schedule+0x4b/0x60
[ 1079.978857][ T3879] kobject: 'loop4' (000000009e23cb52): fill_kobj_path: path = '/devices/virtual/block/loop4'
[ 1079.986823][T15186]  ? ___preempt_schedule+0x16/0x18
[ 1079.995105][ T3879] kobject: 'loop3' (00000000df0fb4d8): kobject_uevent_env
[ 1079.995658][T15186]  ? trace_hardirqs_on+0x5e/0x240
[ 1080.001733][ T3879] kobject: 'loop3' (00000000df0fb4d8): fill_kobj_path: path = '/devices/virtual/block/loop3'
[ 1080.009422][T15186]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1080.009434][T15186]  ? tcp_check_oom+0x560/0x560
[ 1080.009446][T15186]  end_report+0x47/0x4f
[ 1080.009457][T15186]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1080.009469][T15186]  __kasan_report.cold+0xe/0x36
[ 1080.009481][T15186]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1080.009500][T15186]  kasan_report+0x12/0x17
[ 1080.019243][ T3879] kobject: 'loop1' (0000000005fb502d): kobject_uevent_env
[ 1080.025851][T15186]  __asan_report_load4_noabort+0x14/0x20
[ 1080.032409][ T3879] kobject: 'loop1' (0000000005fb502d): fill_kobj_path: path = '/devices/virtual/block/loop1'
[ 1080.039014][T15186]  sk_psock_unlink+0x3dd/0x4b0
[ 1080.039026][T15186]  ? sk_psock_link_pop+0x186/0x1f0
[ 1080.039038][T15186]  ? tcp_check_oom+0x560/0x560
[ 1080.039050][T15186]  tcp_bpf_remove+0x21/0x50
[ 1080.039061][T15186]  tcp_bpf_close+0x130/0x390
[ 1080.039074][T15186]  tls_sk_proto_close+0x2f8/0x6b0
[ 1080.039088][T15186]  ? __sock_release+0x89/0x2a0
[ 1080.039106][T15186]  ? tcp_bpf_recvmsg+0xa70/0xa70
[ 1080.048814][ T3879] kobject: 'loop4' (000000009e23cb52): kobject_uevent_env
[ 1080.055426][T15186]  ? wait_on_pending_writer+0x420/0x420
[ 1080.063206][ T3879] kobject: 'loop4' (000000009e23cb52): fill_kobj_path: path = '/devices/virtual/block/loop4'
[ 1080.068150][T15186]  ? ip_mc_drop_socket+0x211/0x270
[ 1080.068164][T15186]  ? down_write+0xdf/0x150
[ 1080.068178][T15186]  inet_release+0xed/0x200
[ 1080.068194][T15186]  inet6_release+0x53/0x80
[ 1080.068215][T15186]  __sock_release+0xce/0x2a0
[ 1080.080161][ T3879] kobject: 'loop3' (00000000df0fb4d8): kobject_uevent_env
[ 1080.088873][T15186]  sock_close+0x1b/0x30
[ 1080.088888][T15186]  __fput+0x2ff/0x890
[ 1080.088909][T15186]  ? __sock_release+0x2a0/0x2a0
[ 1080.088923][T15186]  ____fput+0x16/0x20
[ 1080.088934][T15186]  task_work_run+0x145/0x1c0
[ 1080.088961][T15186]  exit_to_usermode_loop+0x280/0x2d0
[ 1080.096806][ T3879] kobject: 'loop3' (00000000df0fb4d8): fill_kobj_path: path = '/devices/virtual/block/loop3'
[ 1080.106321][T15186]  do_syscall_64+0x5a9/0x6a0
[ 1080.106340][T15186]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1080.106349][T15186] RIP: 0033:0x4131e0
[ 1080.106363][T15186] Code: 01 f0 ff ff 0f 83 30 1b 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 83 3d ad 30 66 00 00 75 14 b8 03 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff
[ 1080.106369][T15186] RSP: 002b:00007ffe140c8b98 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1080.113060][ T3879] kobject: 'loop1' (0000000005fb502d): kobject_uevent_env
[ 1080.114011][T15186] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 00000000004131e0
[ 1080.119180][ T3879] kobject: 'loop1' (0000000005fb502d): fill_kobj_path: path = '/devices/virtual/block/loop1'
[ 1080.122663][T15186] RDX: 0000001b32920000 RSI: 0000000000000000 RDI: 0000000000000005
[ 1080.129140][ T3879] kobject: 'loop2' (00000000992578d5): kobject_uevent_env
[ 1080.132516][T15186] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffff
[ 1080.137298][ T3879] kobject: 'loop2' (00000000992578d5): fill_kobj_path: path = '/devices/virtual/block/loop2'
[ 1080.142092][T15186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000761178
[ 1080.142099][T15186] R13: 0000000000000005 R14: 0000000000000000 R15: ffffffffffffffff
[ 1080.143357][T15186] Kernel Offset: disabled
[ 1080.486685][T15186] Rebooting in 86400 seconds..