Starting mcstransd: 
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c[   69.792203][   T26] kauditd_printk_skb: 5 callbacks suppressed
.
[   69.792215][   T26] audit: type=1800 audit(1562969835.848:33): pid=8956 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   69.821103][   T26] audit: type=1800 audit(1562969835.848:34): pid=8956 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   73.650421][   T26] audit: type=1400 audit(1562969839.708:35): avc:  denied  { map } for  pid=9135 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.1.59' (ECDSA) to the list of known hosts.
[  994.638954][   T26] audit: type=1400 audit(1562970760.698:36): avc:  denied  { map } for  pid=9147 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
2019/07/12 22:32:41 parsed 1 programs
[  995.676293][   T26] audit: type=1400 audit(1562970761.738:37): avc:  denied  { map } for  pid=9147 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=24 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1
2019/07/12 22:32:44 executed programs: 0
[  998.087061][ T9169] IPVS: ftp: loaded support on port[0] = 21
[  998.100548][ T9170] IPVS: ftp: loaded support on port[0] = 21
[  998.111745][ T9173] IPVS: ftp: loaded support on port[0] = 21
[  998.121561][ T9175] IPVS: ftp: loaded support on port[0] = 21
[  998.160415][ T9177] IPVS: ftp: loaded support on port[0] = 21
[  998.209059][ T9178] IPVS: ftp: loaded support on port[0] = 21
[  998.362319][ T9173] chnl_net:caif_netlink_parms(): no params data found
[  998.601683][ T9170] chnl_net:caif_netlink_parms(): no params data found
[  998.612359][ T9169] chnl_net:caif_netlink_parms(): no params data found
[  998.621280][ T9178] chnl_net:caif_netlink_parms(): no params data found
[  998.639231][ T9173] bridge0: port 1(bridge_slave_0) entered blocking state
[  998.647936][ T9173] bridge0: port 1(bridge_slave_0) entered disabled state
[  998.656033][ T9173] device bridge_slave_0 entered promiscuous mode
[  998.671324][ T9173] bridge0: port 2(bridge_slave_1) entered blocking state
[  998.679681][ T9173] bridge0: port 2(bridge_slave_1) entered disabled state
[  998.687453][ T9173] device bridge_slave_1 entered promiscuous mode
[  998.730750][ T9177] chnl_net:caif_netlink_parms(): no params data found
[  998.753065][ T9173] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  998.763116][ T9175] chnl_net:caif_netlink_parms(): no params data found
[  998.808747][ T9173] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  998.824697][ T9178] bridge0: port 1(bridge_slave_0) entered blocking state
[  998.831866][ T9178] bridge0: port 1(bridge_slave_0) entered disabled state
[  998.839831][ T9178] device bridge_slave_0 entered promiscuous mode
[  998.885897][ T9170] bridge0: port 1(bridge_slave_0) entered blocking state
[  998.892972][ T9170] bridge0: port 1(bridge_slave_0) entered disabled state
[  998.901006][ T9170] device bridge_slave_0 entered promiscuous mode
[  998.914988][ T9178] bridge0: port 2(bridge_slave_1) entered blocking state
[  998.922078][ T9178] bridge0: port 2(bridge_slave_1) entered disabled state
[  998.930090][ T9178] device bridge_slave_1 entered promiscuous mode
[  998.957589][ T9170] bridge0: port 2(bridge_slave_1) entered blocking state
[  998.965110][ T9170] bridge0: port 2(bridge_slave_1) entered disabled state
[  998.972848][ T9170] device bridge_slave_1 entered promiscuous mode
[  998.982157][ T9173] team0: Port device team_slave_0 added
[  999.008119][ T9169] bridge0: port 1(bridge_slave_0) entered blocking state
[  999.016050][ T9169] bridge0: port 1(bridge_slave_0) entered disabled state
[  999.024006][ T9169] device bridge_slave_0 entered promiscuous mode
[  999.045127][ T9173] team0: Port device team_slave_1 added
[  999.064665][ T9178] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  999.076085][ T9169] bridge0: port 2(bridge_slave_1) entered blocking state
[  999.083169][ T9169] bridge0: port 2(bridge_slave_1) entered disabled state
[  999.091478][ T9169] device bridge_slave_1 entered promiscuous mode
[  999.112475][ T9175] bridge0: port 1(bridge_slave_0) entered blocking state
[  999.121178][ T9175] bridge0: port 1(bridge_slave_0) entered disabled state
[  999.129130][ T9175] device bridge_slave_0 entered promiscuous mode
[  999.138743][ T9170] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  999.148070][ T9177] bridge0: port 1(bridge_slave_0) entered blocking state
[  999.155436][ T9177] bridge0: port 1(bridge_slave_0) entered disabled state
[  999.163135][ T9177] device bridge_slave_0 entered promiscuous mode
[  999.171953][ T9178] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  999.202175][ T9169] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  999.211562][ T9175] bridge0: port 2(bridge_slave_1) entered blocking state
[  999.218836][ T9175] bridge0: port 2(bridge_slave_1) entered disabled state
[  999.226661][ T9175] device bridge_slave_1 entered promiscuous mode
[  999.241325][ T9170] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  999.252145][ T9177] bridge0: port 2(bridge_slave_1) entered blocking state
[  999.259257][ T9177] bridge0: port 2(bridge_slave_1) entered disabled state
[  999.267416][ T9177] device bridge_slave_1 entered promiscuous mode
[  999.275949][ T9178] team0: Port device team_slave_0 added
[  999.296737][ T9169] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  999.316175][ T9175] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  999.332803][ T9178] team0: Port device team_slave_1 added
[  999.396493][ T9173] device hsr_slave_0 entered promiscuous mode
[  999.434204][ T9173] device hsr_slave_1 entered promiscuous mode
[  999.481261][ T9175] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  999.500399][ T9170] team0: Port device team_slave_0 added
[  999.508018][ T9177] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  999.524739][ T9177] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  999.565810][ T9170] team0: Port device team_slave_1 added
[  999.580569][ T9177] team0: Port device team_slave_0 added
[  999.588005][ T9177] team0: Port device team_slave_1 added
[  999.595190][ T9169] team0: Port device team_slave_0 added
[  999.655991][ T9178] device hsr_slave_0 entered promiscuous mode
[  999.704046][ T9178] device hsr_slave_1 entered promiscuous mode
[  999.755641][ T9169] team0: Port device team_slave_1 added
[  999.781472][ T9175] team0: Port device team_slave_0 added
[  999.792301][ T9175] team0: Port device team_slave_1 added
[  999.876742][ T9170] device hsr_slave_0 entered promiscuous mode
[  999.934116][ T9170] device hsr_slave_1 entered promiscuous mode
[ 1000.026894][ T9177] device hsr_slave_0 entered promiscuous mode
[ 1000.064065][ T9177] device hsr_slave_1 entered promiscuous mode
[ 1000.175632][ T9169] device hsr_slave_0 entered promiscuous mode
[ 1000.223958][ T9169] device hsr_slave_1 entered promiscuous mode
[ 1000.335855][ T9175] device hsr_slave_0 entered promiscuous mode
[ 1000.384104][ T9175] device hsr_slave_1 entered promiscuous mode
[ 1000.553043][ T9173] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1000.583128][ T9169] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1000.620745][ T9173] 8021q: adding VLAN 0 to HW filter on device team0
[ 1000.633002][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1000.642407][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1000.650175][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1000.658842][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1000.667907][ T3002] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1000.675164][ T3002] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1000.683378][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1000.693106][ T9178] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1000.739762][ T9170] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1000.757500][ T9170] 8021q: adding VLAN 0 to HW filter on device team0
[ 1000.767951][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1000.777053][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1000.786174][ T3002] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1000.793218][ T3002] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1000.800893][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1000.809589][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1000.818361][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1000.826440][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1000.849754][ T9177] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1000.861550][ T9169] 8021q: adding VLAN 0 to HW filter on device team0
[ 1000.877986][ T9178] 8021q: adding VLAN 0 to HW filter on device team0
[ 1000.885324][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1000.894614][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1000.902946][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1000.911681][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1000.920070][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1000.928450][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1000.936824][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1000.945513][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1000.954052][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1000.961673][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1000.969389][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1000.977244][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1000.985365][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1000.999313][ T9173] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1001.021023][ T9191] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1001.032235][ T9191] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1001.040899][ T9191] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1001.048003][ T9191] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1001.055650][ T9191] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1001.064344][ T9191] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1001.072607][ T9191] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1001.079706][ T9191] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1001.088706][ T9191] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1001.117613][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1001.126874][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1001.135938][   T22] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1001.142983][   T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1001.151028][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1001.159529][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1001.168240][   T22] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1001.175343][   T22] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1001.182938][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1001.191477][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1001.199937][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1001.208389][   T22] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1001.215444][   T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1001.222995][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1001.231633][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1001.239628][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1001.250463][ T9182] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1001.258456][ T9182] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1001.280071][ T9173] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1001.295983][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1001.308459][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1001.319688][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1001.328367][ T3002] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1001.335476][ T3002] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1001.344237][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1001.352678][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1001.361654][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1001.371831][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1001.379795][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1001.388601][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1001.400429][ T9175] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1001.419226][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1001.427813][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1001.437611][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1001.446448][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1001.455532][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1001.464468][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1001.472157][ T3002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1001.486019][ T9177] 8021q: adding VLAN 0 to HW filter on device team0
[ 1001.498496][ T9170] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1001.514957][ T9170] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1001.532466][   T26] audit: type=1400 audit(1562970767.588:38): avc:  denied  { associate } for  pid=9173 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1
[ 1001.543793][ T9190] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1001.578363][ T9190] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1001.587953][ T9190] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1001.596774][ T9190] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1001.605114][ T9190] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1001.613604][ T9190] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1001.632434][ T9175] 8021q: adding VLAN 0 to HW filter on device team0
[ 1001.649325][ T9190] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1001.661215][ T9190] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1001.669800][ T9190] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1001.680764][ T9190] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1001.697667][   T26] audit: type=1400 audit(1562970767.758:39): avc:  denied  { map_create } for  pid=9198 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1
[ 1001.702066][ T9190] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1001.727835][   T26] audit: type=1400 audit(1562970767.758:40): avc:  denied  { map_read map_write } for  pid=9198 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1
[ 1001.750950][ T9190] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1001.762776][ T9190] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1001.771229][ T9190] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1001.815838][ T9169] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1001.835081][ T9190] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1001.842991][ T9190] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1001.860784][ T9190] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1001.879867][ T9190] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1001.887018][ T9190] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1001.901769][ T9190] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1001.910368][ T9190] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1001.920574][ T9190] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1001.930067][ T9190] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1001.939463][ T9190] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1001.946605][ T9190] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1001.960349][ T9190] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1001.968513][ T9190] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1002.009380][ T9170] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1002.032809][ T9182] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1002.042132][ T9182] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1002.052572][ T9182] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1002.059691][ T9182] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1002.072226][ T9182] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1002.094131][ T9182] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1002.113462][ T9182] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1002.120635][ T9182] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1002.137453][ T9182] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1002.150181][ T9182] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1002.162756][ T9182] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1002.177433][ T9182] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1002.188292][ T9182] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1002.198611][ T9182] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1002.210803][ T9178] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1002.232188][ T9197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1002.241300][ T9197] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1002.253471][ T9197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1002.264012][ T9197] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1002.272326][ T9197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1002.281180][ T9197] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1002.298582][ T9178] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1002.315580][ T9169] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1002.331017][ T9177] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1002.352493][ T9177] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1002.374586][ T9197] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1002.382553][ T9197] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1002.399409][ T9197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1002.409082][ T9197] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1002.417817][ T9197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1002.426865][ T9197] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1002.435358][ T9197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1002.444062][ T9197] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1002.452888][ T9197] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1002.482812][ T9175] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1002.507810][ T9175] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1002.544289][ T9182] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1002.567860][ T9182] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1002.588775][ T9182] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1002.614475][ T9182] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1002.626812][ T9177] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1002.654504][ T9197] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1002.707905][ T9175] 8021q: adding VLAN 0 to HW filter on device batadv0
2019/07/12 22:32:49 executed programs: 19
2019/07/12 22:32:54 executed programs: 180
2019/07/12 22:32:59 executed programs: 333
2019/07/12 22:33:04 executed programs: 481
2019/07/12 22:33:09 executed programs: 641
2019/07/12 22:33:14 executed programs: 793
2019/07/12 22:33:19 executed programs: 943
2019/07/12 22:33:24 executed programs: 1093
2019/07/12 22:33:29 executed programs: 1245
2019/07/12 22:33:34 executed programs: 1394
2019/07/12 22:33:39 executed programs: 1548
2019/07/12 22:33:44 executed programs: 1700
2019/07/12 22:33:49 executed programs: 1849
2019/07/12 22:33:54 executed programs: 1997
2019/07/12 22:33:59 executed programs: 2148
2019/07/12 22:34:04 executed programs: 2297
2019/07/12 22:34:09 executed programs: 2446
2019/07/12 22:34:14 executed programs: 2596
2019/07/12 22:34:19 executed programs: 2738
2019/07/12 22:34:24 executed programs: 2882
2019/07/12 22:34:29 executed programs: 3028
2019/07/12 22:34:34 executed programs: 3171
2019/07/12 22:34:39 executed programs: 3323
2019/07/12 22:34:44 executed programs: 3473
2019/07/12 22:34:49 executed programs: 3613
2019/07/12 22:34:54 executed programs: 3757
2019/07/12 22:34:59 executed programs: 3899
2019/07/12 22:35:04 executed programs: 4039
2019/07/12 22:35:09 executed programs: 4187
2019/07/12 22:35:14 executed programs: 4327
2019/07/12 22:35:19 executed programs: 4466
2019/07/12 22:35:24 executed programs: 4604
2019/07/12 22:35:29 executed programs: 4737
2019/07/12 22:35:34 executed programs: 4873
2019/07/12 22:35:40 executed programs: 5019
2019/07/12 22:35:45 executed programs: 5166
2019/07/12 22:35:50 executed programs: 5302
2019/07/12 22:35:55 executed programs: 5438
2019/07/12 22:36:00 executed programs: 5569
2019/07/12 22:36:05 executed programs: 5699
2019/07/12 22:36:10 executed programs: 5849
2019/07/12 22:36:15 executed programs: 5997
2019/07/12 22:36:20 executed programs: 6130
2019/07/12 22:36:25 executed programs: 6266
2019/07/12 22:36:30 executed programs: 6393
2019/07/12 22:36:35 executed programs: 6517
2019/07/12 22:36:40 executed programs: 6666
2019/07/12 22:36:45 executed programs: 6815
2019/07/12 22:36:50 executed programs: 6951
2019/07/12 22:36:55 executed programs: 7080
2019/07/12 22:37:00 executed programs: 7211
2019/07/12 22:37:05 executed programs: 7339
2019/07/12 22:37:10 executed programs: 7483
2019/07/12 22:37:15 executed programs: 7631
2019/07/12 22:37:20 executed programs: 7766
2019/07/12 22:37:25 executed programs: 7891
2019/07/12 22:37:30 executed programs: 8015
2019/07/12 22:37:35 executed programs: 8138
2019/07/12 22:37:40 executed programs: 8277
2019/07/12 22:37:45 executed programs: 8421
2019/07/12 22:37:50 executed programs: 8550
2019/07/12 22:37:55 executed programs: 8698
2019/07/12 22:38:00 executed programs: 8865
2019/07/12 22:38:06 executed programs: 9024
2019/07/12 22:38:11 executed programs: 9185
2019/07/12 22:38:16 executed programs: 9339
2019/07/12 22:38:21 executed programs: 9487
2019/07/12 22:38:26 executed programs: 9641
2019/07/12 22:38:31 executed programs: 9797
2019/07/12 22:38:36 executed programs: 9951
2019/07/12 22:38:41 executed programs: 10105
2019/07/12 22:38:46 executed programs: 10256
2019/07/12 22:38:51 executed programs: 10406
2019/07/12 22:38:56 executed programs: 10555
2019/07/12 22:39:01 executed programs: 10704
2019/07/12 22:39:06 executed programs: 10854
2019/07/12 22:39:11 executed programs: 11006
2019/07/12 22:39:16 executed programs: 11157
2019/07/12 22:39:21 executed programs: 11303
[ 1395.874683][T24313] ==================================================================
[ 1395.883063][T24313] BUG: KASAN: use-after-free in sk_psock_unlink+0x3dd/0x4b0
[ 1395.890356][T24313] Read of size 4 at addr ffff8880a1be1018 by task syz-executor.1/24313
[ 1395.898587][T24313] 
[ 1395.900919][T24313] CPU: 1 PID: 24313 Comm: syz-executor.1 Not tainted 5.2.0+ #52
[ 1395.908536][T24313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1395.918585][T24313] Call Trace:
[ 1395.921944][T24313]  dump_stack+0x172/0x1f0
[ 1395.926281][T24313]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1395.931288][T24313]  ? tcp_check_oom+0x560/0x560
[ 1395.936066][T24313]  print_address_description.cold+0x7c/0x20d
[ 1395.942056][T24313]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1395.946991][T24313]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1395.947016][T24313]  ? tcp_check_oom+0x560/0x560
[ 1395.947032][T24313]  __kasan_report.cold+0x1b/0x40
[ 1395.947048][T24313]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1395.947066][T24313]  kasan_report+0x12/0x20
[ 1395.947087][T24313]  __asan_report_load4_noabort+0x14/0x20
[ 1395.947099][T24313]  sk_psock_unlink+0x3dd/0x4b0
[ 1395.966718][T24313]  ? sk_psock_link_pop+0x186/0x1f0
[ 1395.966737][T24313]  ? tcp_check_oom+0x560/0x560
[ 1395.966829][T24313]  tcp_bpf_remove+0x21/0x50
[ 1395.995750][T24313]  tcp_bpf_close+0x130/0x390
[ 1396.000399][T24313]  inet_release+0xe0/0x1f0
[ 1396.004872][T24313]  inet6_release+0x53/0x80
[ 1396.009326][T24313]  __sock_release+0xce/0x280
[ 1396.013925][T24313]  sock_close+0x1e/0x30
[ 1396.018082][T24313]  __fput+0x2ff/0x890
[ 1396.022071][T24313]  ? __sock_release+0x280/0x280
[ 1396.026934][T24313]  ____fput+0x16/0x20
[ 1396.030928][T24313]  task_work_run+0x145/0x1c0
[ 1396.035527][T24313]  exit_to_usermode_loop+0x309/0x370
[ 1396.040815][T24313]  do_syscall_64+0x58e/0x680
[ 1396.045481][T24313]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1396.051403][T24313] RIP: 0033:0x413501
[ 1396.055298][T24313] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 1396.074906][T24313] RSP: 002b:00007ffc4c2dc810 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1396.083349][T24313] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 0000000000413501
[ 1396.091325][T24313] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[ 1396.099293][T24313] RBP: 0000000000000001 R08: ffffffffffffffff R09: ffffffffffffffff
[ 1396.107263][T24313] R10: 00007ffc4c2dc8f0 R11: 0000000000000293 R12: 000000000075bf20
[ 1396.107271][T24313] R13: 0000000000154c7a R14: 00000000007611b8 R15: ffffffffffffffff
[ 1396.107290][T24313] 
[ 1396.107298][T24313] Allocated by task 24314:
[ 1396.107317][T24313]  save_stack+0x23/0x90
[ 1396.107330][T24313]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 1396.107341][T24313]  kasan_kmalloc+0x9/0x10
[ 1396.107352][T24313]  kmem_cache_alloc_trace+0x151/0x750
[ 1396.107363][T24313]  sock_hash_alloc+0x1e3/0x5b0
[ 1396.107378][T24313]  __do_sys_bpf+0x44f/0x42d0
[ 1396.107395][T24313]  __x64_sys_bpf+0x73/0xb0
[ 1396.163243][T24313]  do_syscall_64+0xfd/0x680
[ 1396.167785][T24313]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1396.173704][T24313] 
[ 1396.176028][T24313] Freed by task 11982:
[ 1396.180099][T24313]  save_stack+0x23/0x90
[ 1396.184252][T24313]  __kasan_slab_free+0x102/0x150
[ 1396.189189][T24313]  kasan_slab_free+0xe/0x10
[ 1396.193692][T24313]  kfree+0xcf/0x220
[ 1396.197501][T24313]  sock_hash_free+0x327/0x4a0
[ 1396.202177][T24313]  bpf_map_free_deferred+0xb3/0x100
[ 1396.207545][T24313]  process_one_work+0x989/0x16d0
[ 1396.212471][T24313]  worker_thread+0x98/0xe40
[ 1396.212483][T24313]  kthread+0x354/0x420
[ 1396.212494][T24313]  ret_from_fork+0x24/0x30
[ 1396.212504][T24313] 
[ 1396.227787][T24313] The buggy address belongs to the object at ffff8880a1be1000
[ 1396.227787][T24313]  which belongs to the cache kmalloc-512 of size 512
[ 1396.241840][T24313] The buggy address is located 24 bytes inside of
[ 1396.241840][T24313]  512-byte region [ffff8880a1be1000, ffff8880a1be1200)
[ 1396.255019][T24313] The buggy address belongs to the page:
[ 1396.260654][T24313] page:ffffea000286f840 refcount:1 mapcount:0 mapping:ffff8880aa400940 index:0xffff8880a1be1500
[ 1396.271062][T24313] flags: 0x1fffc0000000200(slab)
[ 1396.276002][T24313] raw: 01fffc0000000200 ffffea00025e40c8 ffffea00027f9d88 ffff8880aa400940
[ 1396.284597][T24313] raw: ffff8880a1be1500 ffff8880a1be1000 0000000100000005 0000000000000000
[ 1396.293169][T24313] page dumped because: kasan: bad access detected
[ 1396.299576][T24313] 
[ 1396.301904][T24313] Memory state around the buggy address:
[ 1396.307533][T24313]  ffff8880a1be0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1396.315597][T24313]  ffff8880a1be0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1396.323657][T24313] >ffff8880a1be1000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1396.331709][T24313]                             ^
[ 1396.336559][T24313]  ffff8880a1be1080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1396.344617][T24313]  ffff8880a1be1100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1396.344623][T24313] ==================================================================
[ 1396.344628][T24313] Disabling lock debugging due to kernel taint
[ 1396.363864][T24313] Kernel panic - not syncing: panic_on_warn set ...
[ 1396.373624][T24313] CPU: 1 PID: 24313 Comm: syz-executor.1 Tainted: G    B             5.2.0+ #52
[ 1396.382636][T24313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1396.392686][T24313] Call Trace:
[ 1396.395979][T24313]  dump_stack+0x172/0x1f0
[ 1396.400320][T24313]  ? tcp_check_oom+0x560/0x560
[ 1396.405080][T24313]  panic+0x2cb/0x744
[ 1396.408969][T24313]  ? __warn_printk+0xf3/0xf3
[ 1396.413564][T24313]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1396.418507][T24313]  ? tcp_check_oom+0x560/0x560
[ 1396.423298][T24313]  ? preempt_schedule+0x4b/0x60
[ 1396.428188][T24313]  ? ___preempt_schedule+0x16/0x18
[ 1396.433788][T24313]  ? trace_hardirqs_on+0x5e/0x220
[ 1396.436770][ T3891] kobject: 'loop0' (00000000951a32eb): fill_kobj_path: path = '/devices/virtual/block/loop0'
[ 1396.438817][T24313]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1396.438833][T24313]  ? tcp_check_oom+0x560/0x560
[ 1396.438855][T24313]  end_report+0x47/0x4f
[ 1396.461965][ T3891] kobject: 'loop2' (00000000dc74e8ab): kobject_uevent_env
[ 1396.462789][T24313]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1396.462806][T24313]  __kasan_report.cold+0xe/0x40
[ 1396.462824][T24313]  ? sk_psock_unlink+0x3dd/0x4b0
[ 1396.477872][ T3891] kobject: 'loop2' (00000000dc74e8ab): fill_kobj_path: path = '/devices/virtual/block/loop2'
[ 1396.479664][T24313]  kasan_report+0x12/0x20
[ 1396.479678][T24313]  __asan_report_load4_noabort+0x14/0x20
[ 1396.479696][T24313]  sk_psock_unlink+0x3dd/0x4b0
[ 1396.499751][ T3891] kobject: 'loop4' (00000000beb4a125): kobject_uevent_env
[ 1396.504667][T24313]  ? sk_psock_link_pop+0x186/0x1f0
[ 1396.504684][T24313]  ? tcp_check_oom+0x560/0x560
[ 1396.504698][T24313]  tcp_bpf_remove+0x21/0x50
[ 1396.504710][T24313]  tcp_bpf_close+0x130/0x390
[ 1396.504723][T24313]  inet_release+0xe0/0x1f0
[ 1396.504739][T24313]  inet6_release+0x53/0x80
[ 1396.504763][T24313]  __sock_release+0xce/0x280
[ 1396.512214][ T3891] kobject: 'loop4' (00000000beb4a125): fill_kobj_path: path = '/devices/virtual/block/loop4'
[ 1396.516597][T24313]  sock_close+0x1e/0x30
[ 1396.516612][T24313]  __fput+0x2ff/0x890
[ 1396.516625][T24313]  ? __sock_release+0x280/0x280
[ 1396.516640][T24313]  ____fput+0x16/0x20
[ 1396.516658][T24313]  task_work_run+0x145/0x1c0
[ 1396.580529][T24313]  exit_to_usermode_loop+0x309/0x370
[ 1396.585822][T24313]  do_syscall_64+0x58e/0x680
[ 1396.590419][T24313]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1396.596309][T24313] RIP: 0033:0x413501
[ 1396.600244][T24313] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 1396.619850][T24313] RSP: 002b:00007ffc4c2dc810 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1396.623316][ T3891] kobject: 'loop5' (000000006339fe94): kobject_uevent_env
[ 1396.628265][T24313] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 0000000000413501
[ 1396.628272][T24313] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[ 1396.628279][T24313] RBP: 0000000000000001 R08: ffffffffffffffff R09: ffffffffffffffff
[ 1396.628285][T24313] R10: 00007ffc4c2dc8f0 R11: 0000000000000293 R12: 000000000075bf20
[ 1396.628293][T24313] R13: 0000000000154c7a R14: 00000000007611b8 R15: ffffffffffffffff
[ 1396.629653][T24313] Kernel Offset: disabled
[ 1396.680768][T24313] Rebooting in 86400 seconds..