Warning: Permanently added '10.128.0.104' (ECDSA) to the list of known hosts. 2019/07/23 20:53:46 parsed 1 programs 2019/07/23 20:53:49 executed programs: 0 syzkaller login: [ 1433.193330][ T9262] IPVS: ftp: loaded support on port[0] = 21 [ 1433.217030][ T9263] IPVS: ftp: loaded support on port[0] = 21 [ 1433.245077][ T9269] IPVS: ftp: loaded support on port[0] = 21 [ 1433.245356][ T9266] IPVS: ftp: loaded support on port[0] = 21 [ 1433.260826][ T9271] IPVS: ftp: loaded support on port[0] = 21 [ 1433.291991][ T9270] IPVS: ftp: loaded support on port[0] = 21 [ 1433.596142][ T9263] chnl_net:caif_netlink_parms(): no params data found [ 1433.604941][ T9266] chnl_net:caif_netlink_parms(): no params data found [ 1433.685597][ T9262] chnl_net:caif_netlink_parms(): no params data found [ 1433.795799][ T9263] bridge0: port 1(bridge_slave_0) entered blocking state [ 1433.804404][ T9263] bridge0: port 1(bridge_slave_0) entered disabled state [ 1433.812861][ T9263] device bridge_slave_0 entered promiscuous mode [ 1433.823354][ T9263] bridge0: port 2(bridge_slave_1) entered blocking state [ 1433.830609][ T9263] bridge0: port 2(bridge_slave_1) entered disabled state [ 1433.838751][ T9263] device bridge_slave_1 entered promiscuous mode [ 1433.852750][ T9271] chnl_net:caif_netlink_parms(): no params data found [ 1433.872614][ T9269] chnl_net:caif_netlink_parms(): no params data found [ 1433.887789][ T9270] chnl_net:caif_netlink_parms(): no params data found [ 1433.952121][ T9266] bridge0: port 1(bridge_slave_0) entered blocking state [ 1433.959753][ T9266] bridge0: port 1(bridge_slave_0) entered disabled state [ 1433.967452][ T9266] device bridge_slave_0 entered promiscuous mode [ 1433.978148][ T9263] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1433.993093][ T9263] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1434.010233][ T9262] bridge0: port 1(bridge_slave_0) entered blocking state [ 1434.017323][ T9262] bridge0: port 1(bridge_slave_0) entered disabled state [ 1434.025928][ T9262] device bridge_slave_0 entered promiscuous mode [ 1434.041963][ T9266] bridge0: port 2(bridge_slave_1) entered blocking state [ 1434.049713][ T9266] bridge0: port 2(bridge_slave_1) entered disabled state [ 1434.057534][ T9266] device bridge_slave_1 entered promiscuous mode [ 1434.092310][ T9262] bridge0: port 2(bridge_slave_1) entered blocking state [ 1434.099809][ T9262] bridge0: port 2(bridge_slave_1) entered disabled state [ 1434.107604][ T9262] device bridge_slave_1 entered promiscuous mode [ 1434.139704][ T9271] bridge0: port 1(bridge_slave_0) entered blocking state [ 1434.146841][ T9271] bridge0: port 1(bridge_slave_0) entered disabled state [ 1434.155200][ T9271] device bridge_slave_0 entered promiscuous mode [ 1434.165685][ T9263] team0: Port device team_slave_0 added [ 1434.184392][ T9266] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1434.194910][ T9269] bridge0: port 1(bridge_slave_0) entered blocking state [ 1434.202924][ T9269] bridge0: port 1(bridge_slave_0) entered disabled state [ 1434.211342][ T9269] device bridge_slave_0 entered promiscuous mode [ 1434.219264][ T9269] bridge0: port 2(bridge_slave_1) entered blocking state [ 1434.226332][ T9269] bridge0: port 2(bridge_slave_1) entered disabled state [ 1434.234464][ T9269] device bridge_slave_1 entered promiscuous mode [ 1434.241890][ T9271] bridge0: port 2(bridge_slave_1) entered blocking state [ 1434.249180][ T9271] bridge0: port 2(bridge_slave_1) entered disabled state [ 1434.256862][ T9271] device bridge_slave_1 entered promiscuous mode [ 1434.265667][ T9263] team0: Port device team_slave_1 added [ 1434.288733][ T9266] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1434.311454][ T9270] bridge0: port 1(bridge_slave_0) entered blocking state [ 1434.319344][ T9270] bridge0: port 1(bridge_slave_0) entered disabled state [ 1434.327103][ T9270] device bridge_slave_0 entered promiscuous mode [ 1434.363395][ T9262] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1434.380915][ T9270] bridge0: port 2(bridge_slave_1) entered blocking state [ 1434.387991][ T9270] bridge0: port 2(bridge_slave_1) entered disabled state [ 1434.395865][ T9270] device bridge_slave_1 entered promiscuous mode [ 1434.411883][ T9269] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1434.424051][ T9269] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1434.434441][ T9266] team0: Port device team_slave_0 added [ 1434.441925][ T9262] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1434.453438][ T9271] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1434.501150][ T9263] device hsr_slave_0 entered promiscuous mode [ 1434.548830][ T9263] device hsr_slave_1 entered promiscuous mode [ 1434.624977][ T9266] team0: Port device team_slave_1 added [ 1434.639608][ T9271] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1434.660393][ T9270] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1434.680758][ T9269] team0: Port device team_slave_0 added [ 1434.702532][ T9270] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1434.726752][ T9269] team0: Port device team_slave_1 added [ 1434.736289][ T9262] team0: Port device team_slave_0 added [ 1434.774845][ T9262] team0: Port device team_slave_1 added [ 1434.782956][ T9271] team0: Port device team_slave_0 added [ 1434.794523][ T9270] team0: Port device team_slave_0 added [ 1434.852415][ T9266] device hsr_slave_0 entered promiscuous mode [ 1434.918589][ T9266] device hsr_slave_1 entered promiscuous mode [ 1434.958350][ T9266] debugfs: Directory 'hsr0' with parent '/' already present! [ 1434.978991][ T9271] team0: Port device team_slave_1 added [ 1434.986073][ T9270] team0: Port device team_slave_1 added [ 1435.031635][ T9269] device hsr_slave_0 entered promiscuous mode [ 1435.078580][ T9269] device hsr_slave_1 entered promiscuous mode [ 1435.128370][ T9269] debugfs: Directory 'hsr0' with parent '/' already present! [ 1435.200283][ T9262] device hsr_slave_0 entered promiscuous mode [ 1435.239431][ T9262] device hsr_slave_1 entered promiscuous mode [ 1435.308213][ T9262] debugfs: Directory 'hsr0' with parent '/' already present! [ 1435.401523][ T9270] device hsr_slave_0 entered promiscuous mode [ 1435.448688][ T9270] device hsr_slave_1 entered promiscuous mode [ 1435.508348][ T9270] debugfs: Directory 'hsr0' with parent '/' already present! [ 1435.571467][ T9271] device hsr_slave_0 entered promiscuous mode [ 1435.618762][ T9271] device hsr_slave_1 entered promiscuous mode [ 1435.688297][ T9271] debugfs: Directory 'hsr0' with parent '/' already present! [ 1435.870055][ T9263] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1435.890722][ T9262] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1435.904672][ T9269] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1435.942910][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1435.954894][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1435.969807][ T9262] 8021q: adding VLAN 0 to HW filter on device team0 [ 1435.980726][ T9266] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1435.997325][ T9263] 8021q: adding VLAN 0 to HW filter on device team0 [ 1436.005191][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1436.013738][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1436.022183][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1436.030724][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1436.060094][ T9269] 8021q: adding VLAN 0 to HW filter on device team0 [ 1436.083645][ T9266] 8021q: adding VLAN 0 to HW filter on device team0 [ 1436.090733][ T9272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1436.101328][ T9272] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1436.110172][ T9272] bridge0: port 1(bridge_slave_0) entered blocking state [ 1436.117389][ T9272] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1436.125644][ T9272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1436.135800][ T9272] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1436.144356][ T9272] bridge0: port 2(bridge_slave_1) entered blocking state [ 1436.151436][ T9272] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1436.159939][ T9272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1436.168857][ T9272] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1436.177241][ T9272] bridge0: port 1(bridge_slave_0) entered blocking state [ 1436.184431][ T9272] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1436.193276][ T9272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1436.201337][ T9272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1436.209191][ T9272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1436.217915][ T9272] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1436.226673][ T9272] bridge0: port 2(bridge_slave_1) entered blocking state [ 1436.233791][ T9272] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1436.247111][ T9270] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1436.266620][ T9271] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1436.277234][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1436.289161][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1436.297259][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1436.306935][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1436.345275][ T9270] 8021q: adding VLAN 0 to HW filter on device team0 [ 1436.352645][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1436.362877][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1436.371958][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1436.380807][ T9284] bridge0: port 1(bridge_slave_0) entered blocking state [ 1436.387901][ T9284] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1436.395951][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1436.404568][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1436.413085][ T9284] bridge0: port 2(bridge_slave_1) entered blocking state [ 1436.420193][ T9284] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1436.427928][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1436.436724][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1436.445270][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1436.454474][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1436.463300][ T9284] bridge0: port 1(bridge_slave_0) entered blocking state [ 1436.470452][ T9284] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1436.478005][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1436.486879][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1436.494752][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1436.502830][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1436.512235][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1436.521195][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1436.529804][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1436.538468][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1436.546593][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1436.554677][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1436.563471][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1436.591007][ T9263] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1436.607205][ T9263] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1436.624893][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1436.634664][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1436.644302][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1436.653737][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1436.662789][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1436.671341][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1436.680739][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1436.689798][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1436.698471][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1436.707340][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1436.716044][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1436.735539][ T9262] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1436.746255][ T9262] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1436.761255][ T9271] 8021q: adding VLAN 0 to HW filter on device team0 [ 1436.796525][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1436.805369][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1436.815921][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1436.825441][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1436.834208][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1436.843335][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1436.852173][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1436.860813][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1436.870422][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1436.879282][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1436.888191][ T9273] bridge0: port 1(bridge_slave_0) entered blocking state [ 1436.895271][ T9273] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1436.903452][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1436.912093][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1436.920887][ T9273] bridge0: port 2(bridge_slave_1) entered blocking state [ 1436.927963][ T9273] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1436.935912][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1436.944572][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1436.953464][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1436.962252][ T9273] bridge0: port 2(bridge_slave_1) entered blocking state [ 1436.969395][ T9273] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1436.977344][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1436.986674][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1436.994765][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1437.003292][ T9273] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1437.021222][ T9263] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1437.061452][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1437.077956][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1437.088190][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1437.096554][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1437.105614][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1437.114167][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1437.122860][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1437.131539][ T157] bridge0: port 1(bridge_slave_0) entered blocking state [ 1437.138662][ T157] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1437.146287][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1437.155182][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1437.163802][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1437.172449][ T157] bridge0: port 2(bridge_slave_1) entered blocking state [ 1437.179594][ T157] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1437.187411][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1437.196230][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1437.205300][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1437.214686][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1437.222819][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1437.231454][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1437.253729][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1437.263476][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1437.272589][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1437.281261][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1437.290629][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1437.302303][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1437.310936][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1437.320523][ T157] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1437.344482][ T9269] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1437.371661][ T9262] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1437.390201][ T9276] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1437.401829][ T9276] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1437.411831][ T9276] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1437.420944][ T9276] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1437.429374][ T9276] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1437.437952][ T9276] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1437.447093][ T9276] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1437.457236][ T9276] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1437.467264][ T9266] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1437.504923][ T9270] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1437.525898][ T9270] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1437.536699][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1437.546634][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1437.555251][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1437.564549][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1437.579340][ T9276] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1437.587936][ T9276] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1437.604591][ T9269] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1437.682120][ T9270] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1437.694666][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1437.709974][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1437.734738][ T9266] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1437.766810][ T9271] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1437.894632][ T9271] 8021q: adding VLAN 0 to HW filter on device batadv0 2019/07/23 20:53:54 executed programs: 9 [ 1438.192597][ T9309] Bluetooth: Invalid header checksum [ 1438.204235][ T7] Bluetooth: Invalid header checksum [ 1438.212646][ T7] Bluetooth: Invalid header checksum [ 1438.224957][ T9322] Bluetooth: Invalid header checksum [ 1438.240262][ T9321] Bluetooth: Invalid header checksum [ 1438.264529][ T9309] Bluetooth: Invalid header checksum [ 1438.432154][ T7] Bluetooth: Invalid header checksum [ 1438.437530][ T7] Bluetooth: Invalid header checksum [ 1438.459100][ T9339] Bluetooth: Invalid header checksum [ 1438.509148][ T9283] Bluetooth: Invalid header checksum [ 1438.518878][ T9283] Bluetooth: Invalid header checksum [ 1438.779241][ T9282] Bluetooth: Invalid header checksum [ 1438.788843][ T9282] Bluetooth: Invalid header checksum [ 1438.809676][ T9359] Bluetooth: Invalid header checksum [ 1438.868770][ T21] Bluetooth: Invalid header checksum [ 1438.874398][ T21] Bluetooth: Invalid header checksum [ 1439.079611][ T7] Bluetooth: Invalid header checksum [ 1439.085011][ T7] Bluetooth: Invalid header checksum [ 1439.120044][ T9380] Bluetooth: Invalid header checksum [ 1439.400803][ T9309] Bluetooth: Invalid header checksum [ 1439.406445][ T9309] Bluetooth: Invalid header checksum [ 1439.418544][ T9282] Bluetooth: Invalid header checksum [ 1439.423923][ T9282] Bluetooth: Invalid header checksum [ 1439.442960][ T9412] Bluetooth: Invalid header checksum [ 1439.459964][ T9309] Bluetooth: Invalid header checksum [ 1439.483119][ T9402] Bluetooth: Invalid header checksum [ 1439.485324][ T9412] Bluetooth: Invalid header checksum [ 1439.495111][ T9309] Bluetooth: Invalid header checksum [ 1439.501628][ T9403] Bluetooth: Invalid header checksum [ 1439.799231][ T9309] Bluetooth: Invalid header checksum [ 1439.804759][ T9309] Bluetooth: Invalid header checksum [ 1439.810721][ T9425] Bluetooth: Invalid header checksum [ 1440.149323][ T9309] Bluetooth: Invalid header checksum [ 1440.154707][ T9309] Bluetooth: Invalid header checksum [ 1440.171203][ T9450] Bluetooth: Invalid header checksum [ 1440.388477][ T9310] Bluetooth: Invalid header checksum [ 1440.393863][ T9310] Bluetooth: Invalid header checksum [ 1440.414109][ T9463] Bluetooth: Invalid header checksum [ 1440.513661][ T9310] Bluetooth: Invalid header checksum [ 1440.523782][ T9472] Bluetooth: Invalid header checksum [ 1440.528487][ T9310] Bluetooth: Invalid header checksum [ 1441.088437][ T9310] Bluetooth: Invalid header checksum [ 1441.094012][ T9310] Bluetooth: Invalid header checksum [ 1441.104399][ T9509] Bluetooth: Invalid header checksum [ 1441.189207][ T9412] Bluetooth: Invalid header checksum [ 1441.194812][ T9412] Bluetooth: Invalid header checksum [ 1441.207375][ T9514] Bluetooth: Invalid header checksum [ 1441.248809][ T9412] Bluetooth: Invalid header checksum [ 1441.254197][ T9412] Bluetooth: Invalid header checksum [ 1441.262766][ T9516] Bluetooth: Invalid header checksum [ 1441.688523][ T9416] Bluetooth: Invalid header checksum [ 1441.694246][ T9416] Bluetooth: Invalid header checksum [ 1441.709920][ T9545] Bluetooth: Invalid header checksum [ 1441.788629][ T9412] Bluetooth: Invalid header checksum [ 1441.794590][ T9550] Bluetooth: Invalid header checksum [ 1441.794667][ T9412] Bluetooth: Invalid header checksum [ 1441.933660][ T9412] Bluetooth: Invalid header checksum [ 1441.946750][ T9412] Bluetooth: Invalid header checksum [ 1441.954200][ T9560] Bluetooth: Invalid header checksum [ 1442.025229][ T21] Bluetooth: Invalid header checksum [ 1442.030902][ T21] Bluetooth: Invalid header checksum [ 1442.060475][ T9569] Bluetooth: Invalid header checksum [ 1442.201310][ T9412] Bluetooth: Invalid header checksum [ 1442.206858][ T9412] Bluetooth: Invalid header checksum [ 1442.224064][ T9577] Bluetooth: Invalid header checksum [ 1442.348918][ T21] Bluetooth: Invalid header checksum [ 1442.354308][ T21] Bluetooth: Invalid header checksum [ 1442.364886][ T9585] Bluetooth: Invalid header checksum [ 1442.588869][ T9309] Bluetooth: Invalid header checksum [ 1442.594242][ T9309] Bluetooth: Invalid header checksum [ 1442.617592][ T9599] Bluetooth: Invalid header checksum [ 1442.623628][ T9280] Bluetooth: Invalid header checksum [ 1442.629390][ T9280] Bluetooth: Invalid header checksum [ 1442.636928][ T9280] Bluetooth: Invalid header checksum [ 1442.662461][ T9310] Bluetooth: Invalid header checksum [ 1442.668482][ T9605] Bluetooth: Invalid header checksum [ 1442.674469][ T9310] Bluetooth: Invalid header checksum [ 1442.686051][ T9609] Bluetooth: Invalid header checksum [ 1442.695017][ T9280] Bluetooth: Invalid header checksum 2019/07/23 20:53:59 executed programs: 113 [ 1443.298603][ T21] Bluetooth: Invalid header checksum [ 1443.303988][ T21] Bluetooth: Invalid header checksum [ 1443.327952][ T9642] Bluetooth: Invalid header checksum [ 1443.392922][ T9309] Bluetooth: Invalid header checksum [ 1443.401123][ T9648] Bluetooth: Invalid header checksum [ 1443.432526][ T9309] Bluetooth: Invalid header checksum [ 1443.737041][ T9310] Bluetooth: Invalid header checksum [ 1443.748580][ T9670] Bluetooth: Invalid header checksum [ 1443.754525][ T9300] Bluetooth: Invalid header checksum [ 1443.762518][ T9300] Bluetooth: Invalid header checksum [ 1443.773359][ T9671] Bluetooth: Invalid header checksum [ 1443.998567][ T21] Bluetooth: Invalid header checksum [ 1444.004034][ T21] Bluetooth: Invalid header checksum [ 1444.010031][ T9689] Bluetooth: Invalid header checksum [ 1444.498640][ T21] Bluetooth: Invalid header checksum [ 1444.504201][ T21] Bluetooth: Invalid header checksum [ 1444.510301][ T9714] Bluetooth: Invalid header checksum [ 1444.538669][ T9416] Bluetooth: Invalid header checksum [ 1444.544341][ T9416] Bluetooth: Invalid header checksum [ 1444.552729][ T9721] Bluetooth: Invalid header checksum [ 1444.558752][ T9280] Bluetooth: Invalid header checksum [ 1444.564295][ T9280] Bluetooth: Invalid header checksum [ 1444.918511][ T9309] Bluetooth: Invalid header checksum [ 1444.924123][ T9309] Bluetooth: Invalid header checksum [ 1444.942187][ T9742] Bluetooth: Invalid header checksum [ 1444.968389][ T9310] Bluetooth: Invalid header checksum [ 1444.973911][ T9310] Bluetooth: Invalid header checksum [ 1444.988713][ T9280] Bluetooth: Invalid header checksum [ 1444.994094][ T9280] Bluetooth: Invalid header checksum [ 1444.999628][ T9743] Bluetooth: Invalid header checksum [ 1445.668676][ T9414] Bluetooth: Invalid header checksum [ 1445.688211][ T9414] Bluetooth: Invalid header checksum [ 1445.697829][ T9787] Bluetooth: Invalid header checksum [ 1446.258483][ T9416] Bluetooth: Invalid header checksum [ 1446.263861][ T9416] Bluetooth: Invalid header checksum [ 1446.282819][ T9828] Bluetooth: Invalid header checksum [ 1446.299253][ T9309] Bluetooth: Invalid header checksum [ 1446.305017][ T9309] Bluetooth: Invalid header checksum [ 1446.618395][ T9416] Bluetooth: Invalid header checksum [ 1446.626758][ T9416] Bluetooth: Invalid header checksum [ 1446.637670][ T9850] Bluetooth: Invalid header checksum [ 1446.648716][ T9310] Bluetooth: Invalid header checksum [ 1446.654199][ T9310] Bluetooth: Invalid header checksum [ 1446.718988][ T9416] Bluetooth: Invalid header checksum [ 1446.726774][ T9416] Bluetooth: Invalid header checksum [ 1446.730673][ T9853] Bluetooth: Invalid header checksum [ 1447.378783][ T9310] Bluetooth: Invalid header checksum [ 1447.384208][ T9310] Bluetooth: Invalid header checksum [ 1447.389019][ T9412] Bluetooth: Invalid header checksum [ 1447.394860][ T9412] Bluetooth: Invalid header checksum [ 1447.400787][ T9895] Bluetooth: Invalid header checksum [ 1447.422601][ T9897] Bluetooth: Invalid header checksum [ 1448.114738][ T9414] Bluetooth: Invalid header checksum [ 1448.123834][ T9414] Bluetooth: Invalid header checksum [ 1448.138808][ T9300] Bluetooth: Invalid header checksum [ 1448.139516][ T9941] Bluetooth: Invalid header checksum [ 1448.144290][ T9300] Bluetooth: Invalid header checksum [ 1448.156333][ T9310] Bluetooth: Invalid header checksum [ 1448.157645][ T7] Bluetooth: Invalid header checksum [ 1448.162953][ T9943] Bluetooth: Invalid header checksum [ 1448.167757][ T7] Bluetooth: Invalid header checksum [ 1448.169487][ T9939] Bluetooth: Invalid header checksum [ 1448.180168][ T9310] Bluetooth: Invalid header checksum [ 1448.198490][ T9412] Bluetooth: Invalid header checksum [ 1448.203852][ T9412] Bluetooth: Invalid header checksum [ 1448.205536][ T9949] Bluetooth: Invalid header checksum 2019/07/23 20:54:04 executed programs: 215 [ 1448.450461][ T9416] Bluetooth: Invalid header checksum [ 1448.484401][ T9416] Bluetooth: Invalid header checksum [ 1448.489288][ T9958] Bluetooth: Invalid header checksum [ 1448.768596][ T9300] Bluetooth: Invalid header checksum [ 1448.774003][ T9300] Bluetooth: Invalid header checksum [ 1448.792656][ T9975] Bluetooth: Invalid header checksum [ 1449.128495][ T9414] Bluetooth: Invalid header checksum [ 1449.134418][ T9996] Bluetooth: Invalid header checksum [ 1449.143690][ T9414] Bluetooth: Invalid header checksum [ 1449.239216][ T9416] Bluetooth: Invalid header checksum [ 1449.244781][ T9416] Bluetooth: Invalid header checksum [ 1449.458817][ T9416] Bluetooth: Invalid header checksum [ 1449.464515][ T9416] Bluetooth: Invalid header checksum [ 1449.918655][ T9280] Bluetooth: Invalid header checksum [ 1449.924028][ T9280] Bluetooth: Invalid header checksum [ 1450.588567][ T9300] Bluetooth: Invalid header checksum [ 1450.592623][T10086] Bluetooth: Invalid header checksum [ 1450.594134][ T9300] Bluetooth: Invalid header checksum [ 1450.628562][ T21] Bluetooth: Invalid header checksum [ 1450.634094][ T21] Bluetooth: Invalid header checksum [ 1450.656811][T10089] Bluetooth: Invalid header checksum [ 1450.978413][ T21] Bluetooth: Invalid header checksum [ 1450.984194][ T21] Bluetooth: Invalid header checksum [ 1451.028932][ T9300] Bluetooth: Invalid header checksum [ 1451.034404][ T9300] Bluetooth: Invalid header checksum [ 1451.060175][ T9416] Bluetooth: Invalid header checksum [ 1451.080150][ T9416] Bluetooth: Invalid header checksum [ 1451.086066][T10115] Bluetooth: Invalid header checksum [ 1451.265965][ T9414] Bluetooth: Invalid header checksum [ 1451.271583][ T9414] Bluetooth: Invalid header checksum [ 1451.738868][ T9280] Bluetooth: Invalid header checksum [ 1451.744244][ T9280] Bluetooth: Invalid header checksum [ 1451.765825][T10156] Bluetooth: Invalid header checksum [ 1451.808513][ T9412] Bluetooth: Invalid header checksum [ 1451.814003][ T9412] Bluetooth: Invalid header checksum [ 1451.861745][T10154] Bluetooth: Invalid header checksum [ 1452.088452][ T9412] Bluetooth: Invalid header checksum [ 1452.094204][ T9412] Bluetooth: Invalid header checksum [ 1452.133006][T10176] Bluetooth: Invalid header checksum [ 1452.245370][ T9412] Bluetooth: Invalid header checksum [ 1452.250894][ T9412] Bluetooth: Invalid header checksum [ 1452.254826][T10183] Bluetooth: Invalid header checksum [ 1452.839233][ T9414] Bluetooth: Invalid header checksum [ 1452.844806][ T9414] Bluetooth: Invalid header checksum [ 1452.852860][T10218] Bluetooth: Invalid header checksum [ 1453.158746][ T9412] Bluetooth: Invalid header checksum [ 1453.164397][ T9412] Bluetooth: Invalid header checksum [ 1453.198706][ T9310] Bluetooth: Invalid header checksum [ 1453.204085][ T9310] Bluetooth: Invalid header checksum [ 1453.218811][T10243] Bluetooth: Invalid header checksum [ 1453.229228][ T9309] Bluetooth: Invalid header checksum [ 1453.234654][ T9309] Bluetooth: Invalid header checksum [ 1453.240829][ T21] Bluetooth: Invalid header checksum [ 1453.246297][ T21] Bluetooth: Invalid header checksum [ 1453.269179][T10245] Bluetooth: Invalid header checksum 2019/07/23 20:54:09 executed programs: 316 [ 1453.544265][ T9310] Bluetooth: Invalid header checksum [ 1453.553990][ T9310] Bluetooth: Invalid header checksum [ 1453.567461][T10260] Bluetooth: Invalid header checksum [ 1453.578770][ T7] Bluetooth: Invalid header checksum [ 1453.584173][ T7] Bluetooth: Invalid header checksum [ 1453.585682][T10265] Bluetooth: Invalid header checksum [ 1453.590311][ T21] Bluetooth: Invalid header checksum [ 1453.596303][T10263] Bluetooth: Invalid header checksum [ 1453.605690][ T9300] Bluetooth: Invalid header checksum [ 1453.612731][ T9300] Bluetooth: Invalid header checksum [ 1453.614495][ T21] Bluetooth: Invalid header checksum [ 1453.633688][T10267] ================================================================== [ 1453.641952][T10267] BUG: KASAN: use-after-free in h5_rx_3wire_hdr+0x38f/0x3c0 [ 1453.649249][T10267] Read of size 8 at addr ffff888087d29708 by task syz-executor.2/10267 [ 1453.657483][T10267] [ 1453.659811][T10267] CPU: 0 PID: 10267 Comm: syz-executor.2 Not tainted 5.2.0-next-20190718 #41 [ 1453.668545][T10267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1453.678588][T10267] Call Trace: [ 1453.681898][T10267] dump_stack+0x172/0x1f0 [ 1453.686277][T10267] ? h5_rx_3wire_hdr+0x38f/0x3c0 [ 1453.691238][T10267] print_address_description.cold+0xd4/0x306 [ 1453.697205][T10267] ? h5_rx_3wire_hdr+0x38f/0x3c0 [ 1453.702149][T10267] ? h5_rx_3wire_hdr+0x38f/0x3c0 [ 1453.707091][T10267] __kasan_report.cold+0x1b/0x36 [ 1453.712021][T10267] ? h5_rx_3wire_hdr+0x38f/0x3c0 [ 1453.716967][T10267] kasan_report+0x12/0x17 [ 1453.721309][T10267] __asan_report_load8_noabort+0x14/0x20 [ 1453.726941][T10267] h5_rx_3wire_hdr+0x38f/0x3c0 [ 1453.731703][T10267] h5_recv+0x32f/0x500 [ 1453.735789][T10267] ? h5_slip_one_byte+0x1d0/0x1d0 [ 1453.740841][T10267] hci_uart_tty_receive+0x279/0x790 [ 1453.746070][T10267] ? hci_uart_write_work+0x900/0x900 [ 1453.751370][T10267] tty_ioctl+0x949/0x14f0 [ 1453.755704][T10267] ? do_tty_hangup+0x30/0x30 [ 1453.760309][T10267] ? tomoyo_path_number_perm+0x459/0x520 [ 1453.765949][T10267] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1453.772292][T10267] ? tomoyo_path_number_perm+0x263/0x520 [ 1453.777922][T10267] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 1453.783740][T10267] ? do_tty_hangup+0x30/0x30 [ 1453.788331][T10267] do_vfs_ioctl+0xdb6/0x13e0 [ 1453.792930][T10267] ? ioctl_preallocate+0x210/0x210 [ 1453.798067][T10267] ? __this_cpu_preempt_check+0x93/0x210 [ 1453.804014][T10267] ? __this_cpu_preempt_check+0x3a/0x210 [ 1453.809757][T10267] ? retint_kernel+0x2b/0x2b [ 1453.814395][T10267] ? __fget_light+0x158/0x230 [ 1453.819070][T10267] ? tomoyo_file_ioctl+0x23/0x30 [ 1453.824057][T10267] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1453.830307][T10267] ? security_file_ioctl+0x8d/0xc0 [ 1453.835413][T10267] ksys_ioctl+0xab/0xd0 [ 1453.839570][T10267] __x64_sys_ioctl+0x73/0xb0 [ 1453.844157][T10267] do_syscall_64+0xfd/0x6a0 [ 1453.848688][T10267] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1453.854605][T10267] RIP: 0033:0x459829 [ 1453.858500][T10267] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1453.878098][T10267] RSP: 002b:00007ffd1dc41858 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1453.886534][T10267] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1453.894591][T10267] RDX: 0000000020000080 RSI: 0000000000005412 RDI: 0000000000000003 [ 1453.902555][T10267] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1453.910519][T10267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000555555d0c914 [ 1453.918480][T10267] R13: 00000000004c408a R14: 00000000004d7ff0 R15: 00000000ffffffff [ 1453.926452][T10267] [ 1453.928769][T10267] Allocated by task 9300: [ 1453.933114][T10267] save_stack+0x23/0x90 [ 1453.937308][T10267] __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 1453.942960][T10267] kasan_slab_alloc+0xf/0x20 [ 1453.947570][T10267] kmem_cache_alloc_node+0x138/0x740 [ 1453.952847][T10267] __alloc_skb+0xd5/0x5e0 [ 1453.957254][T10267] h5_rx_pkt_start+0xce/0x270 [ 1453.961933][T10267] h5_recv+0x32f/0x500 [ 1453.966009][T10267] hci_uart_tty_receive+0x279/0x790 [ 1453.971199][T10267] tty_ldisc_receive_buf+0x15f/0x1c0 [ 1453.976477][T10267] tty_port_default_receive_buf+0x7d/0xb0 [ 1453.982216][T10267] flush_to_ldisc+0x222/0x390 [ 1453.986922][T10267] process_one_work+0x9af/0x1740 [ 1453.991869][T10267] worker_thread+0x98/0xe40 [ 1453.996389][T10267] kthread+0x361/0x430 [ 1454.000448][T10267] ret_from_fork+0x24/0x30 [ 1454.004847][T10267] [ 1454.007183][T10267] Freed by task 9300: [ 1454.011157][T10267] save_stack+0x23/0x90 [ 1454.015320][T10267] __kasan_slab_free+0x102/0x150 [ 1454.020270][T10267] kasan_slab_free+0xe/0x10 [ 1454.024775][T10267] kmem_cache_free+0x86/0x320 [ 1454.029450][T10267] kfree_skbmem+0xc5/0x150 [ 1454.034080][T10267] kfree_skb+0x109/0x3c0 [ 1454.038348][T10267] h5_reset_rx+0x4c/0x120 [ 1454.042789][T10267] h5_rx_3wire_hdr+0x2f5/0x3c0 [ 1454.047570][T10267] h5_recv+0x32f/0x500 [ 1454.051661][T10267] hci_uart_tty_receive+0x279/0x790 [ 1454.056855][T10267] tty_ldisc_receive_buf+0x15f/0x1c0 [ 1454.062147][T10267] tty_port_default_receive_buf+0x7d/0xb0 [ 1454.067863][T10267] flush_to_ldisc+0x222/0x390 [ 1454.072567][T10267] process_one_work+0x9af/0x1740 [ 1454.077501][T10267] worker_thread+0x98/0xe40 [ 1454.082024][T10267] kthread+0x361/0x430 [ 1454.086085][T10267] ret_from_fork+0x24/0x30 [ 1454.090488][T10267] [ 1454.092836][T10267] The buggy address belongs to the object at ffff888087d29640 [ 1454.092836][T10267] which belongs to the cache skbuff_head_cache of size 224 [ 1454.109200][T10267] The buggy address is located 200 bytes inside of [ 1454.109200][T10267] 224-byte region [ffff888087d29640, ffff888087d29720) [ 1454.123789][T10267] The buggy address belongs to the page: [ 1454.131121][T10267] page:ffffea00021f4a40 refcount:1 mapcount:0 mapping:ffff88821b69fa80 index:0x0 [ 1454.140542][T10267] flags: 0x1fffc0000000200(slab) [ 1454.145487][T10267] raw: 01fffc0000000200 ffffea000237d008 ffffea0002344808 ffff88821b69fa80 [ 1454.154098][T10267] raw: 0000000000000000 ffff888087d29000 000000010000000c 0000000000000000 [ 1454.162702][T10267] page dumped because: kasan: bad access detected [ 1454.169125][T10267] [ 1454.171455][T10267] Memory state around the buggy address: [ 1454.179090][T10267] ffff888087d29600: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb [ 1454.188893][T10267] ffff888087d29680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1454.197063][T10267] >ffff888087d29700: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 1454.205136][T10267] ^ [ 1454.209489][T10267] ffff888087d29780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1454.217716][T10267] ffff888087d29800: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 1454.228064][T10267] ================================================================== [ 1454.236230][T10267] Disabling lock debugging due to kernel taint [ 1454.243992][T10267] Kernel panic - not syncing: panic_on_warn set ... [ 1454.247126][ T21] Bluetooth: Invalid header checksum [ 1454.250628][T10267] CPU: 0 PID: 10267 Comm: syz-executor.2 Tainted: G B 5.2.0-next-20190718 #41 [ 1454.250637][T10267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1454.250648][T10267] Call Trace: [ 1454.250673][T10267] dump_stack+0x172/0x1f0 [ 1454.250691][T10267] panic+0x2dc/0x755 [ 1454.250705][T10267] ? add_taint.cold+0x16/0x16 [ 1454.250722][T10267] ? h5_rx_3wire_hdr+0x38f/0x3c0 [ 1454.250737][T10267] ? preempt_schedule+0x4b/0x60 [ 1454.250753][T10267] ? ___preempt_schedule+0x16/0x18 [ 1454.250770][T10267] ? trace_hardirqs_on+0x5e/0x240 [ 1454.250785][T10267] ? h5_rx_3wire_hdr+0x38f/0x3c0 [ 1454.250800][T10267] end_report+0x47/0x4f [ 1454.250812][T10267] ? h5_rx_3wire_hdr+0x38f/0x3c0 [ 1454.250825][T10267] __kasan_report.cold+0xe/0x36 [ 1454.250840][T10267] ? h5_rx_3wire_hdr+0x38f/0x3c0 [ 1454.250854][T10267] kasan_report+0x12/0x17 [ 1454.250869][T10267] __asan_report_load8_noabort+0x14/0x20 [ 1454.250879][T10267] h5_rx_3wire_hdr+0x38f/0x3c0 [ 1454.250892][T10267] h5_recv+0x32f/0x500 [ 1454.250912][T10267] ? h5_slip_one_byte+0x1d0/0x1d0 [ 1454.362261][T10267] hci_uart_tty_receive+0x279/0x790 [ 1454.367456][T10267] ? hci_uart_write_work+0x900/0x900 [ 1454.372759][T10267] tty_ioctl+0x949/0x14f0 [ 1454.377175][T10267] ? do_tty_hangup+0x30/0x30 [ 1454.381782][T10267] ? tomoyo_path_number_perm+0x459/0x520 [ 1454.387579][T10267] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1454.393823][T10267] ? tomoyo_path_number_perm+0x263/0x520 [ 1454.399484][T10267] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 1454.405294][T10267] ? do_tty_hangup+0x30/0x30 [ 1454.409902][T10267] do_vfs_ioctl+0xdb6/0x13e0 [ 1454.414575][T10267] ? ioctl_preallocate+0x210/0x210 [ 1454.419838][T10267] ? __this_cpu_preempt_check+0x93/0x210 [ 1454.425487][T10267] ? __this_cpu_preempt_check+0x3a/0x210 [ 1454.431111][T10267] ? retint_kernel+0x2b/0x2b [ 1454.435783][T10267] ? __fget_light+0x158/0x230 [ 1454.440457][T10267] ? tomoyo_file_ioctl+0x23/0x30 [ 1454.445410][T10267] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1454.451665][T10267] ? security_file_ioctl+0x8d/0xc0 [ 1454.456792][T10267] ksys_ioctl+0xab/0xd0 [ 1454.460946][T10267] __x64_sys_ioctl+0x73/0xb0 [ 1454.465529][T10267] do_syscall_64+0xfd/0x6a0 [ 1454.470030][T10267] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1454.475940][T10267] RIP: 0033:0x459829 [ 1454.479836][T10267] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1454.499569][T10267] RSP: 002b:00007ffd1dc41858 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1454.507972][T10267] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1454.516029][T10267] RDX: 0000000020000080 RSI: 0000000000005412 RDI: 0000000000000003 [ 1454.524015][T10267] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1454.531996][T10267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000555555d0c914 [ 1454.540068][T10267] R13: 00000000004c408a R14: 00000000004d7ff0 R15: 00000000ffffffff [ 1454.549159][T10267] Kernel Offset: disabled [ 1454.553683][T10267] Rebooting in 86400 seconds..