[   68.397921][   T26] audit: type=1800 audit(1568392805.078:32): pid=10201 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   69.107741][   T26] audit: type=1800 audit(1568392805.888:33): pid=10201 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.27' (ECDSA) to the list of known hosts.
2019/09/13 16:40:23 parsed 1 programs
syzkaller login: [   86.726855][   T26] kauditd_printk_skb: 2 callbacks suppressed
[   86.726869][   T26] audit: type=1400 audit(1568392823.508:36): avc:  denied  { map } for  pid=10392 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   86.801030][   T26] audit: type=1400 audit(1568392823.588:37): avc:  denied  { map } for  pid=10392 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=87 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1
2019/09/13 16:40:25 executed programs: 0
[   88.663625][T10412] IPVS: ftp: loaded support on port[0] = 21
[   88.724219][T10415] IPVS: ftp: loaded support on port[0] = 21
[   88.745596][T10416] IPVS: ftp: loaded support on port[0] = 21
[   88.817744][T10422] IPVS: ftp: loaded support on port[0] = 21
[   88.847824][T10418] IPVS: ftp: loaded support on port[0] = 21
[   88.848095][T10412] chnl_net:caif_netlink_parms(): no params data found
[   88.896728][T10421] IPVS: ftp: loaded support on port[0] = 21
[   88.912819][T10412] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.921449][T10412] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.929380][T10412] device bridge_slave_0 entered promiscuous mode
[   88.938276][T10412] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.945723][T10412] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.953485][T10412] device bridge_slave_1 entered promiscuous mode
[   88.974199][T10412] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   89.003878][T10412] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   89.023690][T10412] team0: Port device team_slave_0 added
[   89.038935][T10412] team0: Port device team_slave_1 added
[   89.110966][T10412] device hsr_slave_0 entered promiscuous mode
[   89.149595][T10412] device hsr_slave_1 entered promiscuous mode
[   89.228738][T10415] chnl_net:caif_netlink_parms(): no params data found
[   89.341121][T10415] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.348196][T10415] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.356371][T10415] device bridge_slave_0 entered promiscuous mode
[   89.365453][T10415] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.372612][T10415] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.380273][T10415] device bridge_slave_1 entered promiscuous mode
[   89.392425][T10416] chnl_net:caif_netlink_parms(): no params data found
[   89.410180][T10422] chnl_net:caif_netlink_parms(): no params data found
[   89.418911][T10412] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.426041][T10412] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.433404][T10412] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.440462][T10412] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.454879][T10415] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   89.473966][T10418] chnl_net:caif_netlink_parms(): no params data found
[   89.492730][T10421] chnl_net:caif_netlink_parms(): no params data found
[   89.503526][T10415] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   89.550928][T10415] team0: Port device team_slave_0 added
[   89.561521][T10422] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.568776][T10422] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.576486][T10422] device bridge_slave_0 entered promiscuous mode
[   89.584396][T10422] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.591669][T10422] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.599155][T10422] device bridge_slave_1 entered promiscuous mode
[   89.613921][T10415] team0: Port device team_slave_1 added
[   89.624985][T10418] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.632535][T10418] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.640582][T10418] device bridge_slave_0 entered promiscuous mode
[   89.673854][T10418] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.680996][T10418] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.688477][T10418] device bridge_slave_1 entered promiscuous mode
[   89.761656][T10415] device hsr_slave_0 entered promiscuous mode
[   89.799695][T10415] device hsr_slave_1 entered promiscuous mode
[   89.839328][T10415] debugfs: Directory 'hsr0' with parent '/' already present!
[   89.847004][T10421] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.854122][T10421] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.863039][T10421] device bridge_slave_0 entered promiscuous mode
[   89.871234][T10422] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   89.882271][T10422] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   89.901691][T10416] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.908751][T10416] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.916513][T10416] device bridge_slave_0 entered promiscuous mode
[   89.924217][T10416] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.931576][T10416] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.939059][T10416] device bridge_slave_1 entered promiscuous mode
[   89.946019][T10421] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.953426][T10421] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.962312][T10421] device bridge_slave_1 entered promiscuous mode
[   89.978408][T10418] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   89.990808][T10418] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.004776][    T5] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.012490][    T5] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.029949][T10421] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   90.052957][T10421] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.063051][T10422] team0: Port device team_slave_0 added
[   90.079506][T10416] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   90.089639][T10418] team0: Port device team_slave_0 added
[   90.096224][T10416] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.111654][T10422] team0: Port device team_slave_1 added
[   90.126013][T10421] team0: Port device team_slave_0 added
[   90.134596][T10418] team0: Port device team_slave_1 added
[   90.147101][T10416] team0: Port device team_slave_0 added
[   90.164003][T10421] team0: Port device team_slave_1 added
[   90.222006][T10422] device hsr_slave_0 entered promiscuous mode
[   90.260992][T10422] device hsr_slave_1 entered promiscuous mode
[   90.299446][T10422] debugfs: Directory 'hsr0' with parent '/' already present!
[   90.313945][T10416] team0: Port device team_slave_1 added
[   90.382230][T10421] device hsr_slave_0 entered promiscuous mode
[   90.441027][T10421] device hsr_slave_1 entered promiscuous mode
[   90.479417][T10421] debugfs: Directory 'hsr0' with parent '/' already present!
[   90.541899][T10418] device hsr_slave_0 entered promiscuous mode
[   90.579788][T10418] device hsr_slave_1 entered promiscuous mode
[   90.620772][T10418] debugfs: Directory 'hsr0' with parent '/' already present!
[   90.682014][T10416] device hsr_slave_0 entered promiscuous mode
[   90.749781][T10416] device hsr_slave_1 entered promiscuous mode
[   90.789383][T10416] debugfs: Directory 'hsr0' with parent '/' already present!
[   90.801446][T10412] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.847197][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   90.855785][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   90.865756][T10412] 8021q: adding VLAN 0 to HW filter on device team0
[   90.888354][T10415] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.912855][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   90.923209][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   90.933670][T10415] 8021q: adding VLAN 0 to HW filter on device team0
[   90.955778][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   90.964499][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   90.973558][   T23] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.981045][   T23] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.989449][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   90.998302][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   91.007186][   T23] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.014613][   T23] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.022935][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   91.031882][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   91.070213][T10421] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.078407][T10423] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   91.087804][T10423] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   91.096603][T10423] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.103792][T10423] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.111687][T10423] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   91.120514][T10423] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   91.128758][T10423] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.136406][T10423] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.144064][T10423] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   91.153195][T10423] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   91.161798][T10423] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   91.170329][T10423] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   91.178733][T10423] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   91.187315][T10423] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   91.195862][T10423] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   91.204522][T10423] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   91.213119][T10423] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   91.221612][T10423] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   91.230124][T10423] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   91.237864][T10423] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   91.245792][T10423] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   91.263412][T10415] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   91.274026][T10415] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   91.299863][T10431] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   91.308378][T10431] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   91.317036][T10431] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   91.325942][T10431] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   91.335523][T10431] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   91.343150][T10431] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   91.351550][T10431] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   91.366768][T10415] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.377355][T10418] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.389548][T10412] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   91.401793][T10412] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   91.414868][T10421] 8021q: adding VLAN 0 to HW filter on device team0
[   91.422975][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   91.432512][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   91.441017][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   91.449027][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   91.464593][T10418] 8021q: adding VLAN 0 to HW filter on device team0
[   91.480795][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   91.488945][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   91.496795][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   91.505929][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   91.514895][    T5] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.522137][    T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.530086][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   91.543457][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   91.552212][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.559305][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.567086][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   91.579976][T10416] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.600044][T10412] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.608104][   T26] audit: type=1400 audit(1568392828.388:38): avc:  denied  { associate } for  pid=10415 comm="syz-executor.4" name="syz4" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1
[   91.623722][T10422] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.645432][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   91.658911][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   91.667849][   T23] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.675332][   T23] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.682933][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   91.691656][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   91.700566][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   91.708989][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   91.717950][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   91.726227][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   91.737391][T10416] 8021q: adding VLAN 0 to HW filter on device team0
[   91.756839][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   91.775179][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   91.783652][   T26] audit: type=1400 audit(1568392828.578:39): avc:  denied  { map_create } for  pid=10442 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1
[   91.808690][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   91.817338][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   91.832406][   T26] audit: type=1400 audit(1568392828.578:40): avc:  denied  { map_read map_write } for  pid=10442 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1
[   91.857327][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   91.868664][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   91.877443][T10430] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.884529][T10430] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.894634][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   91.906562][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   91.915216][T10430] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.922331][T10430] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.932518][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   91.949145][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   91.960981][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   91.971422][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   91.988390][T10421] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   92.002146][T10421] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   92.025836][T10422] 8021q: adding VLAN 0 to HW filter on device team0
[   92.062846][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   92.072771][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   92.083562][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   92.092328][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   92.101287][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   92.110325][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   92.118609][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   92.126389][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   92.134801][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   92.144046][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   92.152481][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   92.160928][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   92.168978][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   92.177330][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   92.185646][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   92.194607][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   92.203156][T10430] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.210243][T10430] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.218005][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   92.226649][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   92.235209][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   92.243755][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   92.252303][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   92.260785][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   92.268975][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   92.277387][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   92.285988][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   92.293768][T10430] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   92.304441][T10418] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   92.326184][T10421] 8021q: adding VLAN 0 to HW filter on device batadv0
[   92.333927][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   92.342699][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   92.351608][   T23] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.358670][   T23] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.367175][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   92.383188][T10418] 8021q: adding VLAN 0 to HW filter on device batadv0
[   92.409033][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   92.432646][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   92.467147][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   92.479028][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   92.488483][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.495661][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.533381][T10416] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   92.553520][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   92.570130][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   92.580523][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   92.588922][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   92.597725][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   92.606861][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   92.615626][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   92.623979][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   92.632657][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   92.646045][T10416] 8021q: adding VLAN 0 to HW filter on device batadv0
[   92.659815][T10493] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   92.668211][T10493] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   92.708207][T10422] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   92.771480][T10422] 8021q: adding VLAN 0 to HW filter on device batadv0
2019/09/13 16:40:30 executed programs: 55
2019/09/13 16:40:35 executed programs: 283
2019/09/13 16:40:40 executed programs: 503
2019/09/13 16:40:45 executed programs: 740
2019/09/13 16:40:50 executed programs: 974
2019/09/13 16:40:55 executed programs: 1203
2019/09/13 16:41:00 executed programs: 1432
2019/09/13 16:41:05 executed programs: 1657
[  132.977694][T17632] ==================================================================
[  132.985806][T17632] BUG: KASAN: use-after-free in sk_psock_unlink+0x370/0x440
[  132.993087][T17632] Read of size 4 at addr ffff88808b774a18 by task syz-executor.2/17632
[  133.001336][T17632] 
[  133.003671][T17632] CPU: 0 PID: 17632 Comm: syz-executor.2 Not tainted 5.3.0-rc8+ #0
[  133.011551][T17632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  133.021600][T17632] Call Trace:
[  133.024894][T17632]  dump_stack+0x172/0x1f0
[  133.029227][T17632]  ? sk_psock_unlink+0x370/0x440
[  133.034168][T17632]  ? tcp_check_oom+0x560/0x560
[  133.038939][T17632]  print_address_description.cold+0xd4/0x306
[  133.044915][T17632]  ? sk_psock_unlink+0x370/0x440
[  133.049852][T17632]  ? sk_psock_unlink+0x370/0x440
[  133.054803][T17632]  ? tcp_check_oom+0x560/0x560
[  133.059568][T17632]  __kasan_report.cold+0x1b/0x36
[  133.064506][T17632]  ? sk_psock_unlink+0x370/0x440
[  133.069459][T17632]  kasan_report+0x12/0x17
[  133.073790][T17632]  __asan_report_load4_noabort+0x14/0x20
[  133.079421][T17632]  sk_psock_unlink+0x370/0x440
[  133.084182][T17632]  ? sk_psock_link_pop+0x186/0x1f0
[  133.089287][T17632]  ? tcp_check_oom+0x560/0x560
[  133.094052][T17632]  tcp_bpf_remove+0x21/0x50
[  133.098555][T17632]  tcp_bpf_close+0x130/0x390
[  133.103147][T17632]  inet_release+0xed/0x200
[  133.107578][T17632]  inet6_release+0x53/0x80
[  133.112087][T17632]  __sock_release+0xce/0x280
[  133.116676][T17632]  sock_close+0x1e/0x30
[  133.120830][T17632]  __fput+0x2ff/0x890
[  133.124824][T17632]  ? __sock_release+0x280/0x280
[  133.129693][T17632]  ____fput+0x16/0x20
[  133.133685][T17632]  task_work_run+0x145/0x1c0
[  133.138282][T17632]  exit_to_usermode_loop+0x316/0x380
[  133.143570][T17632]  do_syscall_64+0x5a9/0x6a0
[  133.148164][T17632]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  133.154053][T17632] RIP: 0033:0x4135d1
[  133.157948][T17632] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  133.177551][T17632] RSP: 002b:00007ffd8cb7c4a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  133.185960][T17632] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 00000000004135d1
[  133.193921][T17632] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[  133.193927][T17632] RBP: 0000000000000001 R08: ffffffffffffffff R09: ffffffffffffffff
[  133.193933][T17632] R10: 00007ffd8cb7c580 R11: 0000000000000293 R12: 000000000075bf20
[  133.193940][T17632] R13: 000000000002073a R14: 00000000007610a8 R15: ffffffffffffffff
[  133.193951][T17632] 
[  133.193958][T17632] Allocated by task 17637:
[  133.193974][T17632]  save_stack+0x23/0x90
[  133.193989][T17632]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[  133.194005][T17632]  kasan_kmalloc+0x9/0x10
[  133.246682][T17632]  kmem_cache_alloc_trace+0x158/0x790
[  133.252035][T17632]  sock_hash_alloc+0x1e3/0x5b0
[  133.256774][T17632]  __do_sys_bpf+0x475/0x3460
[  133.261339][T17632]  __x64_sys_bpf+0x73/0xb0
[  133.265729][T17632]  do_syscall_64+0xfd/0x6a0
[  133.270208][T17632]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  133.276081][T17632] 
[  133.278384][T17632] Freed by task 15738:
[  133.282430][T17632]  save_stack+0x23/0x90
[  133.286558][T17632]  __kasan_slab_free+0x102/0x150
[  133.291641][T17632]  kasan_slab_free+0xe/0x10
[  133.296126][T17632]  kfree+0x10a/0x2c0
[  133.299998][T17632]  sock_hash_free+0x327/0x4a0
[  133.304664][T17632]  bpf_map_free_deferred+0xb3/0x100
[  133.309835][T17632]  process_one_work+0x9af/0x1740
[  133.314747][T17632]  worker_thread+0x98/0xe40
[  133.319230][T17632]  kthread+0x361/0x430
[  133.323273][T17632]  ret_from_fork+0x24/0x30
[  133.327660][T17632] 
[  133.329967][T17632] The buggy address belongs to the object at ffff88808b774a00
[  133.329967][T17632]  which belongs to the cache kmalloc-512 of size 512
[  133.344051][T17632] The buggy address is located 24 bytes inside of
[  133.344051][T17632]  512-byte region [ffff88808b774a00, ffff88808b774c00)
[  133.357234][T17632] The buggy address belongs to the page:
[  133.362847][T17632] page:ffffea00022ddd00 refcount:1 mapcount:0 mapping:ffff8880aa400a80 index:0xffff88808b774500
[  133.373234][T17632] flags: 0x1fffc0000000200(slab)
[  133.378156][T17632] raw: 01fffc0000000200 ffffea0002223b88 ffffea0002a10008 ffff8880aa400a80
[  133.386717][T17632] raw: ffff88808b774500 ffff88808b774000 0000000100000002 0000000000000000
[  133.395285][T17632] page dumped because: kasan: bad access detected
[  133.402383][T17632] 
[  133.404764][T17632] Memory state around the buggy address:
[  133.410404][T17632]  ffff88808b774900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  133.418549][T17632]  ffff88808b774980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  133.426602][T17632] >ffff88808b774a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  133.434653][T17632]                             ^
[  133.439483][T17632]  ffff88808b774a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  133.447529][T17632]  ffff88808b774b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  133.455561][T17632] ==================================================================
[  133.464886][T17632] Kernel panic - not syncing: panic_on_warn set ...
[  133.470584][ T3905] kobject: 'loop5' (0000000094edae85): kobject_uevent_env
[  133.471493][T17632] CPU: 0 PID: 17632 Comm: syz-executor.2 Tainted: G    B             5.3.0-rc8+ #0
[  133.478684][ T3905] kobject: 'loop5' (0000000094edae85): fill_kobj_path: path = '/devices/virtual/block/loop5'
[  133.487920][T17632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  133.487924][T17632] Call Trace:
[  133.487941][T17632]  dump_stack+0x172/0x1f0
[  133.487955][T17632]  ? tcp_check_oom+0x560/0x560
[  133.487974][T17632]  panic+0x2dc/0x755
[  133.524358][T17632]  ? add_taint.cold+0x16/0x16
[  133.529036][T17632]  ? sk_psock_unlink+0x370/0x440
[  133.533969][T17632]  ? tcp_check_oom+0x560/0x560
[  133.538731][T17632]  ? preempt_schedule+0x4b/0x60
[  133.543585][T17632]  ? ___preempt_schedule+0x16/0x20
[  133.548696][T17632]  ? trace_hardirqs_on+0x5e/0x240
[  133.553724][T17632]  ? sk_psock_unlink+0x370/0x440
[  133.558662][T17632]  ? tcp_check_oom+0x560/0x560
[  133.563429][T17632]  end_report+0x47/0x4f
[  133.567583][T17632]  ? sk_psock_unlink+0x370/0x440
[  133.572524][T17632]  __kasan_report.cold+0xe/0x36
[  133.577397][T17632]  ? sk_psock_unlink+0x370/0x440
[  133.577695][ T3905] kobject: 'loop5' (0000000094edae85): kobject_uevent_env
[  133.582342][T17632]  kasan_report+0x12/0x17
[  133.582356][T17632]  __asan_report_load4_noabort+0x14/0x20
[  133.582366][T17632]  sk_psock_unlink+0x370/0x440
[  133.582381][T17632]  ? sk_psock_link_pop+0x186/0x1f0
[  133.591436][ T3905] kobject: 'loop5' (0000000094edae85): fill_kobj_path: path = '/devices/virtual/block/loop5'
[  133.593783][T17632]  ? tcp_check_oom+0x560/0x560
[  133.624200][T17632]  tcp_bpf_remove+0x21/0x50
[  133.628698][T17632]  tcp_bpf_close+0x130/0x390
[  133.633268][T17632]  inet_release+0xed/0x200
[  133.637671][T17632]  inet6_release+0x53/0x80
[  133.642079][T17632]  __sock_release+0xce/0x280
[  133.646652][T17632]  sock_close+0x1e/0x30
[  133.650790][T17632]  __fput+0x2ff/0x890
[  133.654753][T17632]  ? __sock_release+0x280/0x280
[  133.659583][T17632]  ____fput+0x16/0x20
[  133.663546][T17632]  task_work_run+0x145/0x1c0
[  133.668118][T17632]  exit_to_usermode_loop+0x316/0x380
[  133.673378][T17632]  do_syscall_64+0x5a9/0x6a0
[  133.677945][T17632]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  133.683809][T17632] RIP: 0033:0x4135d1
[  133.687680][T17632] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  133.707347][T17632] RSP: 002b:00007ffd8cb7c4a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  133.715731][T17632] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 00000000004135d1
[  133.723676][T17632] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[  133.731622][T17632] RBP: 0000000000000001 R08: ffffffffffffffff R09: ffffffffffffffff
[  133.739576][T17632] R10: 00007ffd8cb7c580 R11: 0000000000000293 R12: 000000000075bf20
[  133.747519][T17632] R13: 000000000002073a R14: 00000000007610a8 R15: ffffffffffffffff
[  133.757724][T17632] Kernel Offset: disabled
[  133.762079][T17632] Rebooting in 86400 seconds..