[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   32.668881][   T26] kauditd_printk_skb: 8 callbacks suppressed
[   32.668890][   T26] audit: type=1800 audit(1550207857.348:29): pid=7291 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   32.695475][   T26] audit: type=1800 audit(1550207857.358:30): pid=7291 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.66' (ECDSA) to the list of known hosts.
2019/02/15 05:17:54 parsed 1 programs
2019/02/15 05:17:55 executed programs: 0
syzkaller login: [   50.843453][ T7463] IPVS: ftp: loaded support on port[0] = 21
[   50.858968][ T7465] IPVS: ftp: loaded support on port[0] = 21
[   51.000924][ T7463] chnl_net:caif_netlink_parms(): no params data found
[   51.010836][ T7471] IPVS: ftp: loaded support on port[0] = 21
[   51.035828][ T7470] IPVS: ftp: loaded support on port[0] = 21
[   51.060766][ T7463] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.068441][ T7463] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.076345][ T7463] device bridge_slave_0 entered promiscuous mode
[   51.084259][ T7463] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.091366][ T7463] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.099067][ T7463] device bridge_slave_1 entered promiscuous mode
[   51.122699][ T7474] IPVS: ftp: loaded support on port[0] = 21
[   51.130634][ T7465] chnl_net:caif_netlink_parms(): no params data found
[   51.168642][ T7465] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.175819][ T7465] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.183668][ T7465] device bridge_slave_0 entered promiscuous mode
[   51.192220][ T7463] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   51.194541][ T7475] IPVS: ftp: loaded support on port[0] = 21
[   51.208814][ T7463] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   51.228843][ T7465] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.236494][ T7465] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.244079][ T7465] device bridge_slave_1 entered promiscuous mode
[   51.262408][ T7463] team0: Port device team_slave_0 added
[   51.287681][ T7463] team0: Port device team_slave_1 added
[   51.343626][ T7463] device hsr_slave_0 entered promiscuous mode
[   51.391888][ T7463] device hsr_slave_1 entered promiscuous mode
[   51.478488][ T7465] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   51.490985][ T7465] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   51.529405][ T7465] team0: Port device team_slave_0 added
[   51.535906][ T7465] team0: Port device team_slave_1 added
[   51.594483][ T7463] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.601735][ T7463] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.609271][ T7463] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.616470][ T7463] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.652244][ T7471] chnl_net:caif_netlink_parms(): no params data found
[   51.668012][ T7470] chnl_net:caif_netlink_parms(): no params data found
[   51.733407][ T7465] device hsr_slave_0 entered promiscuous mode
[   51.781971][ T7465] device hsr_slave_1 entered promiscuous mode
[   51.861383][ T7471] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.869972][ T7471] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.878011][ T7471] device bridge_slave_0 entered promiscuous mode
[   51.889495][ T7471] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.896645][ T7471] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.904415][ T7471] device bridge_slave_1 entered promiscuous mode
[   51.931072][ T7470] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.939261][ T7470] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.947326][ T7470] device bridge_slave_0 entered promiscuous mode
[   51.957737][ T7470] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.965160][ T7470] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.973087][ T7470] device bridge_slave_1 entered promiscuous mode
[   52.016199][ T7480] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.024170][ T7480] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.042323][ T7474] chnl_net:caif_netlink_parms(): no params data found
[   52.062191][ T7471] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   52.085214][ T7475] chnl_net:caif_netlink_parms(): no params data found
[   52.099261][ T7471] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   52.109051][ T7470] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   52.121824][ T7470] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   52.157761][ T7471] team0: Port device team_slave_0 added
[   52.170398][ T7474] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.177661][ T7474] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.185540][ T7474] device bridge_slave_0 entered promiscuous mode
[   52.193307][ T7474] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.200357][ T7474] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.208265][ T7474] device bridge_slave_1 entered promiscuous mode
[   52.219667][ T7471] team0: Port device team_slave_1 added
[   52.229168][ T7463] 8021q: adding VLAN 0 to HW filter on device bond0
[   52.237306][ T7470] team0: Port device team_slave_0 added
[   52.248679][ T7470] team0: Port device team_slave_1 added
[   52.274140][ T7474] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   52.374023][ T7471] device hsr_slave_0 entered promiscuous mode
[   52.411939][ T7471] device hsr_slave_1 entered promiscuous mode
[   52.474950][ T7474] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   52.489551][ T7475] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.497158][ T7475] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.504975][ T7475] device bridge_slave_0 entered promiscuous mode
[   52.512958][ T7475] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.519988][ T7475] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.528071][ T7475] device bridge_slave_1 entered promiscuous mode
[   52.551316][ T7475] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   52.575183][ T7475] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   52.588816][ T7474] team0: Port device team_slave_0 added
[   52.597035][ T2598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   52.605482][ T2598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   52.673635][ T7470] device hsr_slave_0 entered promiscuous mode
[   52.721910][ T7470] device hsr_slave_1 entered promiscuous mode
[   52.762820][ T7474] team0: Port device team_slave_1 added
[   52.778951][ T7463] 8021q: adding VLAN 0 to HW filter on device team0
[   52.801323][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   52.809778][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   52.818300][   T22] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.825400][   T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.834943][ T7475] team0: Port device team_slave_0 added
[   52.873086][ T7475] team0: Port device team_slave_1 added
[   52.884896][ T7471] 8021q: adding VLAN 0 to HW filter on device bond0
[   52.943865][ T7474] device hsr_slave_0 entered promiscuous mode
[   52.981924][ T7474] device hsr_slave_1 entered promiscuous mode
[   53.024576][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   53.033815][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   53.042417][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   53.050647][   T22] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.057733][   T22] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.074139][ T7471] 8021q: adding VLAN 0 to HW filter on device team0
[   53.113442][ T7475] device hsr_slave_0 entered promiscuous mode
[   53.151846][ T7475] device hsr_slave_1 entered promiscuous mode
[   53.203899][ T7465] 8021q: adding VLAN 0 to HW filter on device bond0
[   53.221848][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   53.230741][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   53.239497][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   53.247273][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   53.254960][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   53.263818][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   53.272220][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   53.288569][ T7463] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   53.299581][ T7463] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   53.319220][ T7465] 8021q: adding VLAN 0 to HW filter on device team0
[   53.332244][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   53.340658][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   53.349432][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   53.358055][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   53.366484][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   53.374632][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   53.382896][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   53.390364][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   53.398054][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   53.433689][ T7470] 8021q: adding VLAN 0 to HW filter on device bond0
[   53.455344][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   53.464437][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   53.473720][    T5] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.480746][    T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.488296][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   53.496948][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   53.505293][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.512338][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.519752][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   53.529534][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   53.537418][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   53.546209][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   53.554548][    T5] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.561643][    T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.570318][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   53.582743][ T7482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   53.607365][ T7474] 8021q: adding VLAN 0 to HW filter on device bond0
[   53.617923][ T7463] 8021q: adding VLAN 0 to HW filter on device batadv0
[   53.628534][ T7483] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   53.637180][ T7483] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   53.645038][ T7483] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   53.654454][ T7483] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   53.663136][ T7483] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.670153][ T7483] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.677807][ T7483] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   53.686511][ T7483] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   53.695024][ T7483] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   53.703504][ T7483] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   53.718798][ T7470] 8021q: adding VLAN 0 to HW filter on device team0
[   53.744550][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   53.764044][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   53.774222][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   53.782788][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   53.791060][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   53.799472][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   53.807910][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   53.816370][   T22] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.823433][   T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.831217][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   53.839728][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   53.848063][   T22] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.855137][   T22] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.862614][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   53.872715][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   53.880344][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   53.891741][ T7482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   53.899964][ T7482] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   53.925043][ T7471] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   53.939768][ T7471] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   53.954529][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   53.963909][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   53.972854][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   53.981277][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   53.990278][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   53.998714][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   54.007144][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   54.015424][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   54.023690][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   54.032202][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   54.040309][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   54.048423][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   54.056809][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   54.065373][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   54.090103][ T7475] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.101535][ T7474] 8021q: adding VLAN 0 to HW filter on device team0
[   54.115022][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   54.123374][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   54.137497][ T7470] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.150979][ T7465] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   54.164149][ T7465] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   54.183637][ T7471] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.197090][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   54.206372][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   54.215466][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   54.224044][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   54.232950][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   54.240486][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   54.248210][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   54.262113][ T7475] 8021q: adding VLAN 0 to HW filter on device team0
[   54.281997][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   54.290420][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   54.331596][    T5] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.338650][    T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.347091][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   54.372351][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   54.380761][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   54.390290][    T5] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.397358][    T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.404971][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   54.414377][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   54.422820][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.429845][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.437634][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   54.446229][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   54.454832][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   54.464653][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.471736][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.479407][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   54.488313][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   54.496912][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   54.507001][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   54.516302][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   54.524749][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   54.533825][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   54.542353][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   54.553594][ T7465] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.580108][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   54.589153][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   54.604793][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   54.613768][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   54.622828][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   54.631083][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   54.639363][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   54.647796][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   54.657402][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   54.667519][ T7474] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   54.689974][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   54.711080][ T7474] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.732301][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   54.742167][ T7480] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   54.762204][ T7475] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   54.774157][ T7475] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   54.783908][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   54.794666][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   54.838652][ T7475] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.162993][ T7495] ==================================================================
[   55.171104][ T7495] BUG: KASAN: use-after-free in __lock_acquire+0x3150/0x4710
[   55.178451][ T7495] Read of size 8 at addr ffff8880195faa60 by task syz-executor.4/7495
[   55.186588][ T7495] 
[   55.188922][ T7495] CPU: 1 PID: 7495 Comm: syz-executor.4 Not tainted 5.0.0-rc6-next-20190214 #35
[   55.197908][ T7495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   55.207946][ T7495] Call Trace:
[   55.211218][ T7495]  dump_stack+0x172/0x1f0
[   55.215534][ T7495]  ? __lock_acquire+0x3150/0x4710
[   55.220538][ T7495]  print_address_description.cold+0x7c/0x20d
[   55.226507][ T7495]  ? __lock_acquire+0x3150/0x4710
[   55.231512][ T7495]  ? __lock_acquire+0x3150/0x4710
[   55.236521][ T7495]  kasan_report.cold+0x1b/0x40
[   55.241261][ T7495]  ? __lock_acquire+0x3150/0x4710
[   55.246274][ T7495]  __asan_report_load8_noabort+0x14/0x20
[   55.251898][ T7495]  __lock_acquire+0x3150/0x4710
[   55.256740][ T7495]  ? finish_task_switch+0x146/0x780
[   55.261923][ T7495]  ? find_held_lock+0x35/0x130
[   55.266714][ T7495]  ? finish_task_switch+0x146/0x780
[   55.271908][ T7495]  ? mark_held_locks+0xf0/0xf0
[   55.276660][ T7495]  ? _raw_spin_unlock_irq+0x28/0x90
[   55.281929][ T7495]  ? lockdep_hardirqs_on+0x418/0x5d0
[   55.287214][ T7495]  ? trace_hardirqs_on+0x67/0x230
[   55.292214][ T7495]  ? kasan_check_read+0x11/0x20
[   55.297042][ T7495]  ? _raw_spin_unlock_irq+0x5e/0x90
[   55.302226][ T7495]  ? finish_task_switch+0x146/0x780
[   55.307408][ T7495]  ? finish_task_switch+0x118/0x780
[   55.312588][ T7495]  ? __switch_to_asm+0x34/0x70
[   55.317354][ T7495]  ? __switch_to_asm+0x40/0x70
[   55.322100][ T7495]  lock_acquire+0x16f/0x3f0
[   55.326584][ T7495]  ? lock_sock_nested+0x41/0x120
[   55.331505][ T7495]  _raw_spin_lock_bh+0x33/0x50
[   55.336246][ T7495]  ? lock_sock_nested+0x41/0x120
[   55.341159][ T7495]  lock_sock_nested+0x41/0x120
[   55.345909][ T7495]  nr_accept+0x200/0x790
[   55.350139][ T7495]  ? nr_ioctl+0x320/0x320
[   55.354457][ T7495]  ? __alloc_fd+0x430/0x530
[   55.358952][ T7495]  ? finish_wait+0x260/0x260
[   55.363542][ T7495]  ? apparmor_socket_accept+0xb6/0x160
[   55.368978][ T7495]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   55.375207][ T7495]  __sys_accept4+0x350/0x6a0
[   55.379824][ T7495]  ? __ia32_sys_listen+0x80/0x80
[   55.384760][ T7495]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   55.390988][ T7495]  ? put_timespec64+0xda/0x140
[   55.395744][ T7495]  ? nsecs_to_jiffies+0x30/0x30
[   55.400600][ T7495]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   55.406053][ T7495]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   55.411514][ T7495]  ? do_syscall_64+0x26/0x610
[   55.416190][ T7495]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   55.422252][ T7495]  ? do_syscall_64+0x26/0x610
[   55.426936][ T7495]  __x64_sys_accept+0x75/0xb0
[   55.431608][ T7495]  do_syscall_64+0x103/0x610
[   55.436210][ T7495]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   55.442095][ T7495] RIP: 0033:0x457e29
[   55.445986][ T7495] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[   55.466726][ T7495] RSP: 002b:00007f16cb51ec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002b
[   55.475123][ T7495] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[   55.483072][ T7495] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[   55.491021][ T7495] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
[   55.498976][ T7495] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f16cb51f6d4
[   55.506944][ T7495] R13: 00000000004bdbf0 R14: 00000000004cde80 R15: 00000000ffffffff
[   55.514912][ T7495] 
[   55.517231][ T7495] Allocated by task 7492:
[   55.521562][ T7495]  save_stack+0x45/0xd0
[   55.525717][ T7495]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[   55.531339][ T7495]  kasan_kmalloc+0x9/0x10
[   55.531351][ T7495]  __kmalloc+0x15c/0x740
[   55.531366][ T7495]  sk_prot_alloc+0x19c/0x2e0
[   55.531377][ T7495]  sk_alloc+0x39/0xf70
[   55.531387][ T7495]  nr_create+0xb9/0x5e0
[   55.531401][ T7495]  __sock_create+0x3e6/0x750
[   55.531409][ T7495]  __sys_socket+0x103/0x220
[   55.531416][ T7495]  __x64_sys_socket+0x73/0xb0
[   55.531427][ T7495]  do_syscall_64+0x103/0x610
[   55.531440][ T7495]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   55.531443][ T7495] 
[   55.531447][ T7495] Freed by task 7491:
[   55.531455][ T7495]  save_stack+0x45/0xd0
[   55.531464][ T7495]  __kasan_slab_free+0x102/0x150
[   55.531473][ T7495]  kasan_slab_free+0xe/0x10
[   55.531481][ T7495]  kfree+0xcf/0x230
[   55.531489][ T7495]  __sk_destruct+0x4f1/0x6d0
[   55.540349][ T7495]  sk_destruct+0x7b/0x90
[   55.540365][ T7495]  __sk_free+0xce/0x300
[   55.579571][ T7495]  sk_free+0x42/0x50
[   55.579583][ T7495]  nr_release+0x337/0x3c0
[   55.579598][ T7495]  __sock_release+0xd3/0x250
[   55.579609][ T7495]  sock_close+0x1b/0x30
[   55.579619][ T7495]  __fput+0x2e5/0x8d0
[   55.579628][ T7495]  ____fput+0x16/0x20
[   55.579640][ T7495]  task_work_run+0x14a/0x1c0
[   55.579653][ T7495]  exit_to_usermode_loop+0x273/0x2c0
[   55.579669][ T7495]  do_syscall_64+0x52d/0x610
[   55.592701][ T7495]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   55.592713][ T7495] 
[   55.661333][ T7495] The buggy address belongs to the object at ffff8880195fa9c0
[   55.661333][ T7495]  which belongs to the cache kmalloc-2k of size 2048
[   55.675362][ T7495] The buggy address is located 160 bytes inside of
[   55.675362][ T7495]  2048-byte region [ffff8880195fa9c0, ffff8880195fb1c0)
[   55.688705][ T7495] The buggy address belongs to the page:
[   55.694318][ T7495] page:ffffea0000657e80 count:1 mapcount:0 mapping:ffff88812c3f0c40 index:0x0 compound_mapcount: 0
[   55.704968][ T7495] flags: 0x1fffc0000010200(slab|head)
[   55.704985][ T7495] raw: 01fffc0000010200 ffffea00026f8a88 ffffea000220c888 ffff88812c3f0c40
[   55.719009][ T7495] raw: 0000000000000000 ffff8880195fa140 0000000100000003 0000000000000000
[   55.719014][ T7495] page dumped because: kasan: bad access detected
[   55.719016][ T7495] 
[   55.719019][ T7495] Memory state around the buggy address:
[   55.719029][ T7495]  ffff8880195fa900: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[   55.719038][ T7495]  ffff8880195fa980: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
[   55.719046][ T7495] >ffff8880195faa00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   55.719051][ T7495]                                                        ^
[   55.719061][ T7495]  ffff8880195faa80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   55.719070][ T7495]  ffff8880195fab00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   55.719073][ T7495] ==================================================================
[   55.719077][ T7495] Disabling lock debugging due to kernel taint
[   55.719087][ T7495] Kernel panic - not syncing: panic_on_warn set ...
[   55.761458][ T3874] kobject: 'loop1' (0000000044b33407): kobject_uevent_env
[   55.766120][ T7495] CPU: 1 PID: 7495 Comm: syz-executor.4 Tainted: G    B             5.0.0-rc6-next-20190214 #35
[   55.766127][ T7495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   55.766131][ T7495] Call Trace:
[   55.766153][ T7495]  dump_stack+0x172/0x1f0
[   55.766170][ T7495]  panic+0x2cb/0x65c
[   55.766182][ T7495]  ? __warn_printk+0xf3/0xf3
[   55.766194][ T7495]  ? lock_downgrade+0x880/0x880
[   55.766209][ T7495]  ? __lock_acquire+0x3150/0x4710
[   55.781488][ T3874] kobject: 'loop1' (0000000044b33407): fill_kobj_path: path = '/devices/virtual/block/loop1'
[   55.781568][ T7495]  ? trace_hardirqs_off+0x62/0x220
[   55.781578][ T7495]  ? trace_hardirqs_off+0x59/0x220
[   55.781596][ T7495]  ? __lock_acquire+0x3150/0x4710
[   55.889094][ T7495]  end_report+0x47/0x4f
[   55.893231][ T7495]  ? __lock_acquire+0x3150/0x4710
[   55.898236][ T7495]  kasan_report.cold+0xe/0x40
[   55.902903][ T7495]  ? __lock_acquire+0x3150/0x4710
[   55.907926][ T7495]  __asan_report_load8_noabort+0x14/0x20
[   55.913572][ T7495]  __lock_acquire+0x3150/0x4710
[   55.918413][ T7495]  ? finish_task_switch+0x146/0x780
[   55.923600][ T7495]  ? find_held_lock+0x35/0x130
[   55.928344][ T7495]  ? finish_task_switch+0x146/0x780
[   55.933534][ T7495]  ? mark_held_locks+0xf0/0xf0
[   55.938287][ T7495]  ? _raw_spin_unlock_irq+0x28/0x90
[   55.943579][ T7495]  ? lockdep_hardirqs_on+0x418/0x5d0
[   55.948851][ T7495]  ? trace_hardirqs_on+0x67/0x230
[   55.953853][ T7495]  ? kasan_check_read+0x11/0x20
[   55.958681][ T7495]  ? _raw_spin_unlock_irq+0x5e/0x90
[   55.963866][ T7495]  ? finish_task_switch+0x146/0x780
[   55.969037][ T7495]  ? finish_task_switch+0x118/0x780
[   55.974226][ T7495]  ? __switch_to_asm+0x34/0x70
[   55.978995][ T7495]  ? __switch_to_asm+0x40/0x70
[   55.983741][ T7495]  lock_acquire+0x16f/0x3f0
[   55.988238][ T7495]  ? lock_sock_nested+0x41/0x120
[   55.993160][ T7495]  _raw_spin_lock_bh+0x33/0x50
[   55.997909][ T7495]  ? lock_sock_nested+0x41/0x120
[   56.002823][ T7495]  lock_sock_nested+0x41/0x120
[   56.007593][ T7495]  nr_accept+0x200/0x790
[   56.011823][ T7495]  ? nr_ioctl+0x320/0x320
2019/02/15 05:18:00 executed programs: 13
[   56.016138][ T7495]  ? __alloc_fd+0x430/0x530
[   56.020637][ T7495]  ? finish_wait+0x260/0x260
[   56.025047][ T3874] kobject: 'loop1' (0000000044b33407): kobject_uevent_env
[   56.025221][ T7495]  ? apparmor_socket_accept+0xb6/0x160
[   56.034701][ T3874] kobject: 'loop1' (0000000044b33407): fill_kobj_path: path = '/devices/virtual/block/loop1'
[   56.037762][ T7495]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   56.037777][ T7495]  __sys_accept4+0x350/0x6a0
[   56.037790][ T7495]  ? __ia32_sys_listen+0x80/0x80
[   56.037802][ T7495]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   56.037819][ T7495]  ? put_timespec64+0xda/0x140
[   56.074624][ T7495]  ? nsecs_to_jiffies+0x30/0x30
[   56.079464][ T7495]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   56.084921][ T7495]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   56.090355][ T7495]  ? do_syscall_64+0x26/0x610
[   56.095008][ T7495]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   56.101052][ T7495]  ? do_syscall_64+0x26/0x610
[   56.105713][ T7495]  __x64_sys_accept+0x75/0xb0
[   56.110393][ T7495]  do_syscall_64+0x103/0x610
[   56.114965][ T7495]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   56.120833][ T7495] RIP: 0033:0x457e29
[   56.124704][ T7495] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[   56.144288][ T7495] RSP: 002b:00007f16cb51ec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002b
[   56.152710][ T7495] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[   56.160677][ T7495] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[   56.168635][ T7495] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
[   56.176592][ T7495] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f16cb51f6d4
[   56.184650][ T7495] R13: 00000000004bdbf0 R14: 00000000004cde80 R15: 00000000ffffffff
[   56.193844][ T7495] Kernel Offset: disabled
[   56.198162][ T7495] Rebooting in 86400 seconds..