[   39.035412][   T26] audit: type=1800 audit(1572909333.612:27): pid=7611 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[   39.061443][   T26] audit: type=1800 audit(1572909333.622:28): pid=7611 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   40.070101][   T26] audit: type=1800 audit(1572909334.712:29): pid=7611 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   40.089528][   T26] audit: type=1800 audit(1572909334.722:30): pid=7611 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.103' (ECDSA) to the list of known hosts.
syzkaller login: [ 1001.988048][ T7776] IPVS: ftp: loaded support on port[0] = 21
[ 1001.988580][ T7777] IPVS: ftp: loaded support on port[0] = 21
[ 1002.015288][ T7773] IPVS: ftp: loaded support on port[0] = 21
[ 1002.016406][ T7774] IPVS: ftp: loaded support on port[0] = 21
[ 1002.037765][ T7775] IPVS: ftp: loaded support on port[0] = 21
[ 1002.038737][ T7772] IPVS: ftp: loaded support on port[0] = 21
[ 1002.246487][ T7774] chnl_net:caif_netlink_parms(): no params data found
[ 1002.287274][ T7776] chnl_net:caif_netlink_parms(): no params data found
[ 1002.347940][ T7775] chnl_net:caif_netlink_parms(): no params data found
[ 1002.373580][ T7773] chnl_net:caif_netlink_parms(): no params data found
[ 1002.383088][ T7777] chnl_net:caif_netlink_parms(): no params data found
[ 1002.398418][ T7776] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1002.406147][ T7776] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1002.414719][ T7776] device bridge_slave_0 entered promiscuous mode
[ 1002.426281][ T7776] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1002.433440][ T7776] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1002.441225][ T7776] device bridge_slave_1 entered promiscuous mode
[ 1002.483753][ T7774] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1002.492071][ T7774] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1002.499889][ T7774] device bridge_slave_0 entered promiscuous mode
[ 1002.509972][ T7774] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1002.517031][ T7774] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1002.524723][ T7774] device bridge_slave_1 entered promiscuous mode
[ 1002.539612][ T7776] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1002.551854][ T7776] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1002.594020][ T7774] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1002.613220][ T7772] chnl_net:caif_netlink_parms(): no params data found
[ 1002.628736][ T7777] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1002.638043][ T7777] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1002.645870][ T7777] device bridge_slave_0 entered promiscuous mode
[ 1002.654285][ T7774] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1002.671849][ T7775] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1002.678922][ T7775] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1002.687306][ T7775] device bridge_slave_0 entered promiscuous mode
[ 1002.697264][ T7775] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1002.704402][ T7775] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1002.712178][ T7775] device bridge_slave_1 entered promiscuous mode
[ 1002.721560][ T7776] team0: Port device team_slave_0 added
[ 1002.731371][ T7777] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1002.738416][ T7777] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1002.746713][ T7777] device bridge_slave_1 entered promiscuous mode
[ 1002.764152][ T7773] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1002.771867][ T7773] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1002.779422][ T7773] device bridge_slave_0 entered promiscuous mode
[ 1002.793806][ T7776] team0: Port device team_slave_1 added
[ 1002.805486][ T7774] team0: Port device team_slave_0 added
[ 1002.813780][ T7774] team0: Port device team_slave_1 added
[ 1002.823633][ T7773] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1002.830851][ T7773] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1002.838374][ T7773] device bridge_slave_1 entered promiscuous mode
[ 1002.855350][ T7775] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1002.873740][ T7777] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1002.892507][ T7777] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1002.908526][ T7775] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1002.923313][ T7772] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1002.931146][ T7772] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1002.938706][ T7772] device bridge_slave_0 entered promiscuous mode
[ 1002.953643][ T7773] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1003.012546][ T7776] device hsr_slave_0 entered promiscuous mode
[ 1003.070439][ T7776] device hsr_slave_1 entered promiscuous mode
[ 1003.144560][ T7772] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1003.152181][ T7772] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1003.159912][ T7772] device bridge_slave_1 entered promiscuous mode
[ 1003.173705][ T7777] team0: Port device team_slave_0 added
[ 1003.181657][ T7773] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1003.232707][ T7774] device hsr_slave_0 entered promiscuous mode
[ 1003.270306][ T7774] device hsr_slave_1 entered promiscuous mode
[ 1003.309962][ T7774] debugfs: Directory 'hsr0' with parent '/' already present!
[ 1003.323874][ T7775] team0: Port device team_slave_0 added
[ 1003.337803][ T7777] team0: Port device team_slave_1 added
[ 1003.364492][ T7775] team0: Port device team_slave_1 added
[ 1003.410232][ T7773] team0: Port device team_slave_0 added
[ 1003.452511][ T7775] device hsr_slave_0 entered promiscuous mode
[ 1003.510150][ T7775] device hsr_slave_1 entered promiscuous mode
[ 1003.540331][ T7775] debugfs: Directory 'hsr0' with parent '/' already present!
[ 1003.549446][ T7772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1003.612388][ T7777] device hsr_slave_0 entered promiscuous mode
[ 1003.630378][ T7777] device hsr_slave_1 entered promiscuous mode
[ 1003.669877][ T7777] debugfs: Directory 'hsr0' with parent '/' already present!
[ 1003.685258][ T7773] team0: Port device team_slave_1 added
[ 1003.703234][ T7772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1004.042735][ T7773] device hsr_slave_0 entered promiscuous mode
[ 1004.270171][ T7773] device hsr_slave_1 entered promiscuous mode
[ 1004.529926][ T7773] debugfs: Directory 'hsr0' with parent '/' already present!
[ 1004.545302][ T7772] team0: Port device team_slave_0 added
[ 1004.631828][ T7772] team0: Port device team_slave_1 added
[ 1005.513722][ T7772] device hsr_slave_0 entered promiscuous mode
[ 1005.670915][ T7772] device hsr_slave_1 entered promiscuous mode
[ 1005.812145][ T7772] debugfs: Directory 'hsr0' with parent '/' already present!
[ 1005.882583][ T7776] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1006.149533][ T7775] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1006.276057][ T7774] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1006.325548][ T7777] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1006.360335][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1006.372606][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1006.404059][ T7776] 8021q: adding VLAN 0 to HW filter on device team0
[ 1006.478162][ T7774] 8021q: adding VLAN 0 to HW filter on device team0
[ 1006.507366][ T7777] 8021q: adding VLAN 0 to HW filter on device team0
[ 1006.545115][ T7775] 8021q: adding VLAN 0 to HW filter on device team0
[ 1006.621668][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1006.640191][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1006.647986][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1006.720459][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1006.728585][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1006.800332][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1006.808137][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1006.860943][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1006.907976][ T3014] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1006.915235][ T3014] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1006.965872][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1006.990380][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1007.045228][ T3014] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1007.052360][ T3014] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1007.105192][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1007.146006][ T3014] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1007.173204][ T7773] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1007.253357][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1007.274794][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1007.284281][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1007.292686][ T7882] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1007.299878][ T7882] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1007.308242][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1007.317287][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1007.325657][ T7882] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1007.333138][ T7882] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1007.342221][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1007.350943][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1007.359402][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1007.368064][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1007.376315][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1007.385894][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1007.394453][ T7882] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1007.401543][ T7882] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1007.409018][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1007.418007][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1007.426411][ T7882] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1007.433835][ T7882] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1007.442172][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1007.450964][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1007.459206][ T7882] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1007.466318][ T7882] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1007.474394][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1007.483082][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1007.491417][ T7882] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1007.498529][ T7882] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1007.506132][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1007.515149][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1007.530766][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1007.538586][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1007.550313][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1007.558092][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1007.566605][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1007.574458][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1007.583581][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1007.591635][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1007.599193][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1007.615012][ T7774] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1007.626919][ T7774] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1007.646674][ T7773] 8021q: adding VLAN 0 to HW filter on device team0
[ 1007.657798][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1007.666610][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1007.675560][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1007.683986][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1007.692593][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1007.701035][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1007.709126][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1007.717648][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1007.726017][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1007.734510][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1007.743152][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1007.751512][ T7816] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1007.758546][ T7816] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1007.766495][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1007.774837][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1007.795844][ T7835] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1007.804497][ T7835] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1007.812332][ T7835] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1007.823651][ T7835] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1007.832404][ T7835] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1007.839563][ T7835] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1007.847152][ T7835] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1007.855934][ T7835] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1007.865289][ T7835] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1007.873600][ T7835] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1007.882304][ T7835] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1007.897266][ T7776] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1007.908641][ T7776] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1007.929379][ T7773] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1007.940629][ T7773] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1007.964410][ T7774] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1007.975849][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1007.984055][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1007.993490][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1008.002488][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1008.010903][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1008.019087][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1008.028239][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1008.036807][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1008.045108][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1008.053327][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1008.062047][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1008.070531][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1008.080229][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1008.088697][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1008.097275][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1008.105509][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1008.114113][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1008.122470][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1008.131138][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1008.139670][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1008.148790][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1008.157023][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1008.165233][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1008.173428][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1008.182311][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1008.194191][ T7775] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1008.205745][ T7775] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1008.223462][ T7835] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1008.232411][ T7835] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1008.241657][ T7835] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1008.249598][ T7835] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1008.261369][ T7835] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1008.270624][ T7835] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1008.287981][ T7776] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1008.305909][ T7772] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1008.320477][ T7778] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1008.327913][ T7778] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1008.344179][ T7778] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1008.359995][ T7778] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1008.367557][ T7778] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1008.375035][ T7778] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1008.393757][ T7773] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1008.405739][ T7775] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1008.419620][ T7772] 8021q: adding VLAN 0 to HW filter on device team0
[ 1008.429464][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1008.445393][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1008.464302][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
executing program
[ 1008.472982][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1008.484672][ T7777] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1008.503567][ T7835] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1008.529401][ T7835] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1008.539220][ T7835] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1008.546348][ T7835] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1008.547911][ T7835] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1008.563656][ T7835] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
executing program
executing program
executing program
[ 1008.573174][ T7835] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1008.580285][ T7835] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1008.606942][ T7989] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[ 1008.648514][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1008.668765][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1008.678804][ T7992] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[ 1008.684880][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1008.716525][ T7996] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[ 1008.723903][ T7993] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[ 1008.752851][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1008.779089][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1008.791260][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1008.810324][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1008.823891][ T7772] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1008.836867][ T7772] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
executing program
[ 1008.854958][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1008.863103][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1008.872433][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1008.883603][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1008.892246][ T7816] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1008.917436][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1008.925645][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1008.933359][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1008.936464][ T7772] 8021q: adding VLAN 0 to HW filter on device batadv0
executing program
[ 1008.969532][ T8007] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[ 1009.025316][ T8014] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[ 1009.045584][    T7] Bluetooth: Error in BCSP hdr checksum
[ 1010.820628][   T12] Bluetooth: hci1: command 0x1003 tx timeout
[ 1010.827935][ T8015] Bluetooth: hci1: sending frame failed (-49)
[ 1010.834950][ T7999] Bluetooth: hci3: command 0x1003 tx timeout
[ 1010.841117][ T8015] Bluetooth: hci3: sending frame failed (-49)
[ 1010.847429][ T7999] Bluetooth: hci2: command 0x1003 tx timeout
[ 1010.853659][ T8015] Bluetooth: hci2: sending frame failed (-49)
[ 1010.859953][ T7999] Bluetooth: hci0: command 0x1003 tx timeout
[ 1010.866354][ T8015] Bluetooth: hci0: sending frame failed (-49)
[ 1010.980704][   T12] Bluetooth: hci4: command 0x1003 tx timeout
[ 1010.986822][ T8015] Bluetooth: hci4: sending frame failed (-49)
[ 1011.060117][   T12] Bluetooth: hci5: command 0x1003 tx timeout
[ 1011.066441][ T8015] Bluetooth: hci5: sending frame failed (-49)
[ 1012.900004][   T12] Bluetooth: hci0: command 0x1001 tx timeout
[ 1012.900167][ T7999] Bluetooth: hci2: command 0x1001 tx timeout
[ 1012.912185][ T8015] Bluetooth: hci0: sending frame failed (-49)
[ 1012.918360][ T7999] Bluetooth: hci3: command 0x1001 tx timeout
[ 1012.918393][ T8015] Bluetooth: hci2: sending frame failed (-49)
[ 1012.924562][ T7999] Bluetooth: hci1: command 0x1001 tx timeout
[ 1012.931220][ T8015] Bluetooth: hci3: sending frame failed (-49)
[ 1012.942760][ T8015] Bluetooth: hci1: sending frame failed (-49)
[ 1013.060043][ T7999] Bluetooth: hci4: command 0x1001 tx timeout
[ 1013.066158][ T8015] Bluetooth: hci4: sending frame failed (-49)
[ 1013.149842][ T7999] Bluetooth: hci5: command 0x1001 tx timeout
[ 1013.156022][ T8015] Bluetooth: hci5: sending frame failed (-49)
[ 1014.979851][ T7999] Bluetooth: hci0: command 0x1009 tx timeout
[ 1014.979856][   T12] Bluetooth: hci1: command 0x1009 tx timeout
[ 1014.979885][   T12] Bluetooth: hci3: command 0x1009 tx timeout
[ 1014.998035][   T12] Bluetooth: hci2: command 0x1009 tx timeout
[ 1015.139874][   T12] Bluetooth: hci4: command 0x1009 tx timeout
[ 1015.220066][   T12] Bluetooth: hci5: command 0x1009 tx timeout
[ 1018.906812][ T7994] ==================================================================
[ 1018.915133][ T7994] BUG: KASAN: use-after-free in kfree_skb+0x2a/0xb0
[ 1018.915147][ T7994] Read of size 4 at addr ffff8880a0ee3c54 by task syz-executor933/7994
[ 1018.929982][ T7994] 
[ 1018.929996][ T7994] CPU: 1 PID: 7994 Comm: syz-executor933 Not tainted 5.4.0-rc6 #0
[ 1018.930001][ T7994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1018.930005][ T7994] Call Trace:
executing program
[ 1018.930080][ T7994]  dump_stack+0x1d8/0x2f8
[ 1018.930133][ T7994]  print_address_description+0x75/0x5c0
[ 1018.940263][ T7994]  ? vprintk_func+0x158/0x170
[ 1018.940275][ T7994]  ? printk+0x62/0x8d
[ 1018.953587][ T7994]  ? vprintk_emit+0x2d4/0x3a0
[ 1018.963430][ T7994]  __kasan_report+0x14b/0x1c0
[ 1018.972106][ T7994]  ? _raw_spin_unlock+0x50/0x50
[ 1018.972119][ T7994]  ? kfree_skb+0x2a/0xb0
[ 1018.981417][ T7994]  kasan_report+0x26/0x50
[ 1018.981429][ T7994]  check_memory_region+0x2cf/0x2e0
[ 1018.981438][ T7994]  __kasan_check_read+0x11/0x20
[ 1018.981449][ T7994]  kfree_skb+0x2a/0xb0
[ 1018.999966][ T7994]  bcsp_close+0xb1/0xf0
[ 1018.999979][ T7994]  hci_uart_tty_close+0x201/0x240
[ 1019.013008][ T7994]  ? hci_uart_tty_open+0x340/0x340
[ 1019.013086][ T7994]  tty_ldisc_close+0x126/0x180
[ 1019.013099][ T7994]  tty_ldisc_release+0x248/0x5a0
[ 1019.023214][ T7994]  tty_release_struct+0x2a/0xe0
[ 1019.023225][ T7994]  tty_release+0xce9/0xfa0
[ 1019.023241][ T7994]  ? tty_release_struct+0xe0/0xe0
[ 1019.023288][ T7994]  __fput+0x2e4/0x740
[ 1019.032934][ T7994]  ____fput+0x15/0x20
[ 1019.033003][ T7994]  task_work_run+0x17e/0x1b0
[ 1019.033038][ T7994]  prepare_exit_to_usermode+0x459/0x580
[ 1019.042253][ T7994]  syscall_return_slowpath+0x113/0x4a0
[ 1019.042267][ T7994]  do_syscall_64+0x11f/0x1c0
[ 1019.042280][ T7994]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1019.042292][ T7994] RIP: 0033:0x4076d1
[ 1019.055215][ T7994] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 24 1a 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 1019.065312][ T7994] RSP: 002b:00007ffe59a19680 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1019.065321][ T7994] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00000000004076d1
[ 1019.065326][ T7994] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1019.065331][ T7994] RBP: 00000000006dec4c R08: 00000000004b1469 R09: 00000000004b1469
[ 1019.065336][ T7994] R10: 00007ffe59a196a0 R11: 0000000000000293 R12: 00000000006dec50
[ 1019.065341][ T7994] R13: 0000000000000000 R14: 20c49ba5e353f7cf R15: 0000000000000009
[ 1019.065356][ T7994] 
executing program
[ 1019.075342][ T7994] Allocated by task 7:
[ 1019.075356][ T7994]  __kasan_kmalloc+0x11c/0x1b0
[ 1019.075363][ T7994]  kasan_slab_alloc+0xf/0x20
[ 1019.075430][ T7994]  kmem_cache_alloc_node+0x235/0x280
[ 1019.104717][ T7994]  __alloc_skb+0x9f/0x500
[ 1019.104727][ T7994]  bcsp_recv+0x12e7/0x1720
[ 1019.104734][ T7994]  hci_uart_tty_receive+0x16b/0x470
[ 1019.104743][ T7994]  tty_ldisc_receive_buf+0x12e/0x170
[ 1019.104749][ T7994]  tty_port_default_receive_buf+0x82/0xb0
[ 1019.104756][ T7994]  flush_to_ldisc+0x328/0x550
[ 1019.104771][ T7994]  process_one_work+0x7ef/0x10e0
[ 1019.121132][ T7994]  worker_thread+0xc01/0x1630
[ 1019.121141][ T7994]  kthread+0x332/0x350
[ 1019.121151][ T7994]  ret_from_fork+0x24/0x30
[ 1019.121154][ T7994] 
[ 1019.121160][ T7994] Freed by task 7:
[ 1019.121168][ T7994]  __kasan_slab_free+0x12a/0x1e0
[ 1019.121178][ T7994]  kasan_slab_free+0xe/0x10
[ 1019.121185][ T7994]  kmem_cache_free+0x81/0xf0
[ 1019.121192][ T7994]  __kfree_skb+0x118/0x170
[ 1019.138505][ T8019] kobject: 'rfkill11' (00000000bd5981f2): kobject_uevent_env
[ 1019.145183][ T7994]  kfree_skb+0x6f/0xb0
[ 1019.145194][ T7994]  bcsp_recv+0x99c/0x1720
[ 1019.145201][ T7994]  hci_uart_tty_receive+0x16b/0x470
[ 1019.145211][ T7994]  tty_ldisc_receive_buf+0x12e/0x170
[ 1019.145217][ T7994]  tty_port_default_receive_buf+0x82/0xb0
[ 1019.145224][ T7994]  flush_to_ldisc+0x328/0x550
[ 1019.145237][ T7994]  process_one_work+0x7ef/0x10e0
[ 1019.177952][ T8023] kobject: 'hci2' (00000000bca42fba): kobject_add_internal: parent: 'bluetooth', set: 'devices'
[ 1019.178547][ T7994]  worker_thread+0xc01/0x1630
[ 1019.178555][ T7994]  kthread+0x332/0x350
[ 1019.178568][ T7994]  ret_from_fork+0x24/0x30
[ 1019.183207][ T8019] kobject: 'rfkill11' (00000000bd5981f2): fill_kobj_path: path = '/devices/virtual/bluetooth/hci0/rfkill11'
[ 1019.188133][ T7994] 
[ 1019.188142][ T7994] The buggy address belongs to the object at ffff8880a0ee3b80
[ 1019.188142][ T7994]  which belongs to the cache skbuff_head_cache of size 224
[ 1019.188150][ T7994] The buggy address is located 212 bytes inside of
[ 1019.188150][ T7994]  224-byte region [ffff8880a0ee3b80, ffff8880a0ee3c60)
[ 1019.188154][ T7994] The buggy address belongs to the page:
[ 1019.188163][ T7994] page:ffffea000283b8c0 refcount:1 mapcount:0 mapping:ffff8880a99baa80 index:0x0
[ 1019.188171][ T7994] flags: 0x1fffc0000000200(slab)
[ 1019.188182][ T7994] raw: 01fffc0000000200 ffffea0002284008 ffffea0002299d48 ffff8880a99baa80
[ 1019.193647][ T8023] kobject: 'hci2' (00000000bca42fba): kobject_uevent_env
[ 1019.199152][ T7994] raw: 0000000000000000 ffff8880a0ee3040 000000010000000c 0000000000000000
[ 1019.199156][ T7994] page dumped because: kasan: bad access detected
[ 1019.199160][ T7994] 
[ 1019.199163][ T7994] Memory state around the buggy address:
[ 1019.199173][ T7994]  ffff8880a0ee3b00: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc
[ 1019.205957][ T8023] kobject: 'hci2' (00000000bca42fba): fill_kobj_path: path = '/devices/virtual/bluetooth/hci2'
[ 1019.208739][ T7994]  ffff8880a0ee3b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1019.208747][ T7994] >ffff8880a0ee3c00: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 1019.208752][ T7994]                                                  ^
[ 1019.208759][ T7994]  ffff8880a0ee3c80: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
[ 1019.208765][ T7994]  ffff8880a0ee3d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1019.208769][ T7994] ==================================================================
[ 1019.208773][ T7994] Disabling lock debugging due to kernel taint
[ 1019.210070][ T7990] kobject: 'rfkill5' (000000000c16ae2d): kobject_uevent_env
[ 1019.214800][ T7994] Kernel panic - not syncing: panic_on_warn set ...
[ 1019.217585][ T7990] kobject: 'rfkill5' (000000000c16ae2d): fill_kobj_path: path = '/devices/virtual/bluetooth/hci1/rfkill5'
[ 1019.221917][ T7994] CPU: 0 PID: 7994 Comm: syz-executor933 Tainted: G    B             5.4.0-rc6 #0
[ 1019.221921][ T7994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1019.221924][ T7994] Call Trace:
[ 1019.221937][ T7994]  dump_stack+0x1d8/0x2f8
[ 1019.222008][ T7994]  panic+0x264/0x7a9
[ 1019.222023][ T7994]  ? __kasan_report+0x195/0x1c0
[ 1019.227358][ T7990] kobject: 'rfkill5' (000000000c16ae2d): kobject_cleanup, parent 00000000ec4cb635
[ 1019.228133][ T7994]  ? trace_hardirqs_on+0x34/0x80
[ 1019.233262][ T7990] kobject: 'rfkill5' (000000000c16ae2d): calling ktype release
[ 1019.237469][ T7994]  ? __kasan_report+0x195/0x1c0
[ 1019.242276][ T7990] kobject: 'rfkill5': free name
[ 1019.246417][ T7994]  __kasan_report+0x1bb/0x1c0
[ 1019.254044][ T7990] kobject: 'hci1' (000000008f221d93): kobject_uevent_env
[ 1019.257837][ T7994]  ? _raw_spin_unlock+0x50/0x50
[ 1019.262415][ T7990] kobject: 'hci1' (000000008f221d93): fill_kobj_path: path = '/devices/virtual/bluetooth/hci1'
[ 1019.267333][ T7994]  ? kfree_skb+0x2a/0xb0
[ 1019.272989][ T7990] kobject: 'hci1' (000000008f221d93): kobject_cleanup, parent 00000000ec4cb635
[ 1019.278279][ T7994]  kasan_report+0x26/0x50
[ 1019.283195][ T7990] kobject: 'hci1' (000000008f221d93): calling ktype release
[ 1019.287847][ T7994]  check_memory_region+0x2cf/0x2e0
[ 1019.298488][ T7990] kobject: 'hci1': free name
[ 1019.302886][ T7994]  __kasan_check_read+0x11/0x20
[ 1019.302904][ T7994]  kfree_skb+0x2a/0xb0
[ 1019.302913][ T7994]  bcsp_close+0xb1/0xf0
[ 1019.302921][ T7994]  hci_uart_tty_close+0x201/0x240
[ 1019.302928][ T7994]  ? hci_uart_tty_open+0x340/0x340
[ 1019.302938][ T7994]  tty_ldisc_close+0x126/0x180
[ 1019.302946][ T7994]  tty_ldisc_release+0x248/0x5a0
[ 1019.302954][ T7994]  tty_release_struct+0x2a/0xe0
[ 1019.302962][ T7994]  tty_release+0xce9/0xfa0
[ 1019.302973][ T7994]  ? tty_release_struct+0xe0/0xe0
[ 1019.302984][ T7994]  __fput+0x2e4/0x740
[ 1019.307360][ T8023] kobject: 'rfkill12' (000000001d58cabb): kobject_add_internal: parent: 'hci2', set: 'devices'
[ 1019.311426][ T7994]  ____fput+0x15/0x20
[ 1019.311435][ T7994]  task_work_run+0x17e/0x1b0
[ 1019.311447][ T7994]  prepare_exit_to_usermode+0x459/0x580
[ 1019.311457][ T7994]  syscall_return_slowpath+0x113/0x4a0
[ 1019.311468][ T7994]  do_syscall_64+0x11f/0x1c0
[ 1019.327138][ T8023] kobject: 'rfkill12' (000000001d58cabb): kobject_uevent_env
[ 1019.339960][ T7994]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1019.339968][ T7994] RIP: 0033:0x4076d1
[ 1019.339977][ T7994] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 24 1a 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 1019.339982][ T7994] RSP: 002b:00007ffe59a19680 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1019.339989][ T7994] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00000000004076d1
[ 1019.339993][ T7994] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1019.339997][ T7994] RBP: 00000000006dec4c R08: 00000000004b1469 R09: 00000000004b1469
[ 1019.340001][ T7994] R10: 00007ffe59a196a0 R11: 0000000000000293 R12: 00000000006dec50
[ 1019.340010][ T7994] R13: 0000000000000000 R14: 20c49ba5e353f7cf R15: 0000000000000009
[ 1019.357418][ T7994] Kernel Offset: disabled
[ 1019.816899][ T7994] Rebooting in 86400 seconds..