[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   67.808152][   T26] audit: type=1800 audit(1576388174.925:25): pid=8983 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   67.828331][   T26] audit: type=1800 audit(1576388174.935:26): pid=8983 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   67.883985][   T26] audit: type=1800 audit(1576388174.935:27): pid=8983 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.15.194' (ECDSA) to the list of known hosts.
2019/12/15 05:36:23 parsed 1 programs
2019/12/15 05:36:26 executed programs: 0
syzkaller login: [   79.254037][ T9166] IPVS: ftp: loaded support on port[0] = 21
[   79.254043][ T9158] IPVS: ftp: loaded support on port[0] = 21
[   79.268124][ T9165] IPVS: ftp: loaded support on port[0] = 21
[   79.280351][ T9163] IPVS: ftp: loaded support on port[0] = 21
[   79.292374][ T9160] IPVS: ftp: loaded support on port[0] = 21
[   79.300640][ T9168] IPVS: ftp: loaded support on port[0] = 21
[   79.615026][ T9160] chnl_net:caif_netlink_parms(): no params data found
[   79.631036][ T9158] chnl_net:caif_netlink_parms(): no params data found
[   79.728203][ T9166] chnl_net:caif_netlink_parms(): no params data found
[   79.741893][ T9165] chnl_net:caif_netlink_parms(): no params data found
[   79.801322][ T9163] chnl_net:caif_netlink_parms(): no params data found
[   79.829045][ T9158] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.836314][ T9158] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.845609][ T9158] device bridge_slave_0 entered promiscuous mode
[   79.875113][ T9168] chnl_net:caif_netlink_parms(): no params data found
[   79.900427][ T9158] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.907549][ T9158] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.915646][ T9158] device bridge_slave_1 entered promiscuous mode
[   79.923518][ T9165] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.933081][ T9165] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.941822][ T9165] device bridge_slave_0 entered promiscuous mode
[   79.967065][ T9160] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.974397][ T9160] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.982414][ T9160] device bridge_slave_0 entered promiscuous mode
[   80.000609][ T9165] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.007760][ T9165] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.015829][ T9165] device bridge_slave_1 entered promiscuous mode
[   80.033206][ T9166] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.045293][ T9166] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.053450][ T9166] device bridge_slave_0 entered promiscuous mode
[   80.067431][ T9160] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.075339][ T9160] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.083838][ T9160] device bridge_slave_1 entered promiscuous mode
[   80.117639][ T9165] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.127276][ T9166] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.135141][ T9166] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.143472][ T9166] device bridge_slave_1 entered promiscuous mode
[   80.153806][ T9158] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.173476][ T9160] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.188435][ T9163] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.195546][ T9163] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.204467][ T9163] device bridge_slave_0 entered promiscuous mode
[   80.213734][ T9165] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.232720][ T9158] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.247294][ T9160] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.263285][ T9163] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.271775][ T9163] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.282257][ T9163] device bridge_slave_1 entered promiscuous mode
[   80.311582][ T9166] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.323759][ T9168] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.331711][ T9168] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.340270][ T9168] device bridge_slave_0 entered promiscuous mode
[   80.353460][ T9168] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.361139][ T9168] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.369504][ T9168] device bridge_slave_1 entered promiscuous mode
[   80.403744][ T9166] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.437413][ T9165] team0: Port device team_slave_0 added
[   80.447068][ T9163] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.460381][ T9163] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.472153][ T9160] team0: Port device team_slave_0 added
[   80.481188][ T9158] team0: Port device team_slave_0 added
[   80.491873][ T9166] team0: Port device team_slave_0 added
[   80.505308][ T9165] team0: Port device team_slave_1 added
[   80.519278][ T9160] team0: Port device team_slave_1 added
[   80.526745][ T9158] team0: Port device team_slave_1 added
[   80.543094][ T9166] team0: Port device team_slave_1 added
[   80.551548][ T9168] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.589254][ T9163] team0: Port device team_slave_0 added
[   80.616366][ T9168] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.682730][ T9160] device hsr_slave_0 entered promiscuous mode
[   80.728838][ T9160] device hsr_slave_1 entered promiscuous mode
[   80.814344][ T9163] team0: Port device team_slave_1 added
[   80.872121][ T9158] device hsr_slave_0 entered promiscuous mode
[   80.919638][ T9158] device hsr_slave_1 entered promiscuous mode
[   80.958577][ T9158] debugfs: Directory 'hsr0' with parent '/' already present!
[   81.022133][ T9165] device hsr_slave_0 entered promiscuous mode
[   81.079066][ T9165] device hsr_slave_1 entered promiscuous mode
[   81.128508][ T9165] debugfs: Directory 'hsr0' with parent '/' already present!
[   81.210673][ T9163] device hsr_slave_0 entered promiscuous mode
[   81.278974][ T9163] device hsr_slave_1 entered promiscuous mode
[   81.318578][ T9163] debugfs: Directory 'hsr0' with parent '/' already present!
[   81.344526][ T9160] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   81.403978][ T9168] team0: Port device team_slave_0 added
[   81.416487][ T9168] team0: Port device team_slave_1 added
[   81.480629][ T9166] device hsr_slave_0 entered promiscuous mode
[   81.518975][ T9166] device hsr_slave_1 entered promiscuous mode
[   81.558576][ T9166] debugfs: Directory 'hsr0' with parent '/' already present!
[   81.566773][ T9160] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   81.625610][ T9160] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   81.711982][ T9168] device hsr_slave_0 entered promiscuous mode
[   81.758893][ T9168] device hsr_slave_1 entered promiscuous mode
[   81.818459][ T9168] debugfs: Directory 'hsr0' with parent '/' already present!
[   81.854056][ T9160] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   81.915714][ T9158] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   81.974703][ T9158] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   82.034388][ T9158] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   82.081643][ T9165] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   82.134003][ T9165] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   82.200727][ T9165] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   82.248669][ T9158] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   82.296265][ T9165] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   82.364587][ T9163] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   82.425570][ T9163] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   82.474510][ T9166] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   82.520207][ T9168] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   82.567018][ T9163] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   82.610651][ T9163] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   82.661792][ T9166] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   82.721124][ T9166] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   82.761373][ T9166] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   82.819847][ T9168] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   82.893980][ T9168] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   82.953985][ T9168] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   83.137706][ T9165] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.168833][ T9163] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.179600][ T9158] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.194795][ T9165] 8021q: adding VLAN 0 to HW filter on device team0
[   83.204883][ T9160] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.213171][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   83.222847][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   83.249607][ T9168] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.263190][ T9160] 8021q: adding VLAN 0 to HW filter on device team0
[   83.277581][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   83.285860][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   83.294054][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   83.302427][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   83.316770][ T9158] 8021q: adding VLAN 0 to HW filter on device team0
[   83.326445][ T9166] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.354196][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   83.362262][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   83.370709][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   83.380186][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   83.389058][ T2730] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.396335][ T2730] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.404524][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   83.414522][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   83.423037][ T2730] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.430119][ T2730] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.437854][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   83.446516][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   83.455106][ T2730] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.462223][ T2730] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.470449][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   83.479440][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   83.487920][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   83.496421][ T2730] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.503482][ T2730] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.511278][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   83.519851][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   83.554562][ T9163] 8021q: adding VLAN 0 to HW filter on device team0
[   83.569912][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   83.577828][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   83.586297][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   83.595169][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   83.604343][   T44] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.611439][   T44] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.619344][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   83.627822][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   83.636235][   T44] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.643286][   T44] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.650940][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   83.659449][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   83.667841][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   83.676475][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   83.685350][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   83.697331][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   83.705974][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   83.715998][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   83.726698][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   83.735421][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   83.744051][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   83.753123][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   83.761992][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   83.770611][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   83.780679][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   83.797936][ T9158] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   83.810256][ T9158] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   83.835783][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   83.844650][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   83.853459][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   83.863077][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   83.871679][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   83.880841][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   83.890511][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   83.899728][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   83.907969][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   83.917435][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   83.925978][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   83.934828][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   83.943436][   T44] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.950530][   T44] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.958387][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   83.966839][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   83.975288][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   83.984045][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   83.992984][   T44] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.000981][   T44] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.009617][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   84.018868][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   84.026607][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   84.050645][ T9168] 8021q: adding VLAN 0 to HW filter on device team0
[   84.070321][ T9166] 8021q: adding VLAN 0 to HW filter on device team0
[   84.088402][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   84.096447][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   84.105268][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   84.119341][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   84.127927][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   84.136962][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   84.146248][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   84.155817][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   84.164549][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   84.173164][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   84.181858][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   84.190416][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   84.197994][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   84.215411][ T9163] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   84.232044][ T9163] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   84.247025][ T9160] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   84.263994][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   84.273118][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   84.283412][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   84.293013][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   84.302270][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   84.311290][ T9176] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.318542][ T9176] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.326473][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   84.335886][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   84.345722][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   84.354652][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   84.363500][ T9176] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.370611][ T9176] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.378194][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   84.387379][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   84.396673][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   84.406617][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   84.415129][ T9176] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.422571][ T9176] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.433936][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   84.442746][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   84.451805][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   84.460675][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   84.471604][ T9165] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   84.486828][ T9158] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.541947][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   84.551411][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   84.574701][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.581857][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.590181][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   84.599133][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   84.610090][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   84.619655][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   84.628493][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   84.641453][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   84.664622][ T9160] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.684684][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   84.693280][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   84.702401][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   84.714407][ T9176] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   84.728012][ T9163] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.778976][ T3038] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   84.792335][ T3038] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   84.792462][ T3038] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   84.793320][ T3038] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   84.793980][ T3038] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   84.794973][ T3038] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   84.795611][ T3038] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   84.796338][ T3038] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   84.797071][ T3038] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   84.797578][ T3038] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   84.798157][ T3038] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   84.809805][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   84.810267][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   84.814583][ T9165] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.831331][ T3038] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   84.831946][ T3038] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   84.834761][ T9166] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   84.853766][ T3038] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   84.854188][ T3038] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   84.856946][ T9168] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   84.927386][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   84.927486][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   84.957479][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   84.957630][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   84.966445][ T9168] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.988691][ T9166] 8021q: adding VLAN 0 to HW filter on device batadv0
2019/12/15 05:36:32 executed programs: 6
[   85.992729][ T9234] ==================================================================
[   85.992793][ T9234] BUG: KASAN: use-after-free in fbcon_cursor+0x4ef/0x660
[   85.992805][ T9234] Read of size 2 at addr ffff8880a6acb2cc by task syz-executor.2/9234
[   85.992808][ T9234] 
[   85.992825][ T9234] CPU: 0 PID: 9234 Comm: syz-executor.2 Not tainted 5.5.0-rc1-syzkaller #0
[   85.992833][ T9234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   85.992837][ T9234] Call Trace:
[   85.992854][ T9234]  dump_stack+0x197/0x210
[   85.992864][ T9234]  ? fbcon_cursor+0x4ef/0x660
[   85.992884][ T9234]  print_address_description.constprop.0.cold+0xd4/0x30b
[   85.992894][ T9234]  ? fbcon_cursor+0x4ef/0x660
[   85.992905][ T9234]  ? fbcon_cursor+0x4ef/0x660
[   85.992919][ T9234]  __kasan_report.cold+0x1b/0x41
[   85.992933][ T9234]  ? fbcon_cursor+0x4ef/0x660
[   85.992949][ T9234]  kasan_report+0x12/0x20
[   85.992973][ T9234]  __asan_report_load2_noabort+0x14/0x20
[   85.992985][ T9234]  fbcon_cursor+0x4ef/0x660
[   85.992998][ T9234]  ? mark_lock+0xc2/0x1220
[   85.993020][ T9234]  fbcon_scrolldelta+0x679/0x1220
[   85.993034][ T9234]  ? mark_held_locks+0xa4/0xf0
[   85.993045][ T9234]  ? kfree+0x226/0x2c0
[   85.993059][ T9234]  ? vc_do_resize+0xa69/0x1460
[   85.993068][ T9234]  ? kfree+0x226/0x2c0
[   85.993081][ T9234]  ? lockdep_hardirqs_on+0x421/0x5e0
[   85.993098][ T9234]  fbcon_set_origin+0x43/0x50
[   85.993112][ T9234]  ? fbcon_scrolldelta+0x1220/0x1220
[   85.993126][ T9234]  set_origin+0xf3/0x400
[   85.993142][ T9234]  vc_do_resize+0xacc/0x1460
[   85.993156][ T9234]  ? down+0x70/0x90
[   85.993187][ T9234]  ? vc_uniscr_alloc+0xd0/0xd0
[   85.993202][ T9234]  ? lock_acquire+0x190/0x410
[   85.993217][ T9234]  ? vt_ioctl+0x1463/0x26d0
[   85.993238][ T9234]  vc_resize+0x4d/0x60
[   85.993254][ T9234]  vt_ioctl+0x14bb/0x26d0
[   85.993272][ T9234]  ? complete_change_console+0x3a0/0x3a0
[   85.993286][ T9234]  ? lock_downgrade+0x920/0x920
[   85.993301][ T9234]  ? rwlock_bug.part.0+0x90/0x90
[   85.993317][ T9234]  ? tomoyo_path_number_perm+0x214/0x520
[   85.993331][ T9234]  ? find_held_lock+0x35/0x130
[   85.993345][ T9234]  ? tomoyo_path_number_perm+0x214/0x520
[   85.993361][ T9234]  ? __sanitizer_cov_trace_switch+0x49/0x80
[   85.993377][ T9234]  ? tty_jobctrl_ioctl+0x50/0xd40
[   85.993392][ T9234]  ? complete_change_console+0x3a0/0x3a0
[   85.993408][ T9234]  tty_ioctl+0xa37/0x14f0
[   85.993425][ T9234]  ? tty_vhangup+0x30/0x30
[   85.993438][ T9234]  ? tomoyo_path_number_perm+0x454/0x520
[   85.993457][ T9234]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   85.993470][ T9234]  ? tomoyo_path_number_perm+0x25e/0x520
[   85.993487][ T9234]  ? tomoyo_execute_permission+0x4a0/0x4a0
[   85.993520][ T9234]  ? tty_vhangup+0x30/0x30
[   85.993536][ T9234]  do_vfs_ioctl+0x977/0x14e0
[   85.993555][ T9234]  ? compat_ioctl_preallocate+0x220/0x220
[   85.993568][ T9234]  ? __fget+0x37f/0x550
[   85.993586][ T9234]  ? ksys_dup3+0x3e0/0x3e0
[   85.993602][ T9234]  ? ns_to_kernel_old_timeval+0x100/0x100
[   85.993621][ T9234]  ? tomoyo_file_ioctl+0x23/0x30
[   85.993636][ T9234]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   85.993649][ T9234]  ? security_file_ioctl+0x8d/0xc0
[   85.993664][ T9234]  ksys_ioctl+0xab/0xd0
[   85.993680][ T9234]  __x64_sys_ioctl+0x73/0xb0
[   85.993697][ T9234]  do_syscall_64+0xfa/0x790
[   85.993715][ T9234]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   85.993725][ T9234] RIP: 0033:0x45a909
[   85.993739][ T9234] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[   85.993746][ T9234] RSP: 002b:00007f0e231fec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   85.993758][ T9234] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a909
[   85.993766][ T9234] RDX: 0000000020000000 RSI: 0000000000005609 RDI: 0000000000000003
[   85.993773][ T9234] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[   85.993782][ T9234] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0e231ff6d4
[   85.993790][ T9234] R13: 00000000004c7009 R14: 00000000004dd670 R15: 00000000ffffffff
[   85.993808][ T9234] 
[   85.993815][ T9234] Allocated by task 9234:
[   85.993826][ T9234]  save_stack+0x23/0x90
[   85.993838][ T9234]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[   85.993848][ T9234]  kasan_kmalloc+0x9/0x10
[   85.993858][ T9234]  __kmalloc+0x163/0x770
[   85.993870][ T9234]  vc_do_resize+0x262/0x1460
[   85.993881][ T9234]  vc_resize+0x4d/0x60
[   85.993893][ T9234]  vt_ioctl+0x14bb/0x26d0
[   85.993903][ T9234]  tty_ioctl+0xa37/0x14f0
[   85.993914][ T9234]  do_vfs_ioctl+0x977/0x14e0
[   85.993925][ T9234]  ksys_ioctl+0xab/0xd0
[   85.993936][ T9234]  __x64_sys_ioctl+0x73/0xb0
[   85.993948][ T9234]  do_syscall_64+0xfa/0x790
[   85.993960][ T9234]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   85.993971][ T9234] 
[   85.993976][ T9234] Freed by task 9234:
[   85.993985][ T9234]  save_stack+0x23/0x90
[   85.993996][ T9234]  __kasan_slab_free+0x102/0x150
[   85.994007][ T9234]  kasan_slab_free+0xe/0x10
[   85.994017][ T9234]  kfree+0x10a/0x2c0
[   85.994029][ T9234]  vc_do_resize+0xa69/0x1460
[   85.994041][ T9234]  vc_resize+0x4d/0x60
[   85.994053][ T9234]  vt_ioctl+0x14bb/0x26d0
[   85.994064][ T9234]  tty_ioctl+0xa37/0x14f0
[   85.994075][ T9234]  do_vfs_ioctl+0x977/0x14e0
[   85.994086][ T9234]  ksys_ioctl+0xab/0xd0
[   85.994097][ T9234]  __x64_sys_ioctl+0x73/0xb0
[   85.994109][ T9234]  do_syscall_64+0xfa/0x790
[   85.994122][ T9234]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   85.994126][ T9234] 
[   85.994136][ T9234] The buggy address belongs to the object at ffff8880a6acb2c0
[   85.994136][ T9234]  which belongs to the cache kmalloc-32 of size 32
[   85.994148][ T9234] The buggy address is located 12 bytes inside of
[   85.994148][ T9234]  32-byte region [ffff8880a6acb2c0, ffff8880a6acb2e0)
[   85.994153][ T9234] The buggy address belongs to the page:
[   85.994167][ T9234] page:ffffea00029ab2c0 refcount:1 mapcount:0 mapping:ffff8880aa4001c0 index:0xffff8880a6acbfc1
[   85.994186][ T9234] raw: 00fffe0000000200 ffffea00027bfec8 ffffea0002943e88 ffff8880aa4001c0
[   85.994202][ T9234] raw: ffff8880a6acbfc1 ffff8880a6acb000 000000010000003f 0000000000000000
[   85.994208][ T9234] page dumped because: kasan: bad access detected
[   85.994212][ T9234] 
[   85.994216][ T9234] Memory state around the buggy address:
[   85.994228][ T9234]  ffff8880a6acb180: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[   85.994239][ T9234]  ffff8880a6acb200: fb fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc
[   85.994249][ T9234] >ffff8880a6acb280: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[   85.994255][ T9234]                                               ^
[   85.994266][ T9234]  ffff8880a6acb300: 00 00 00 00 fc fc fc fc 00 00 00 fc fc fc fc fc
[   85.994276][ T9234]  ffff8880a6acb380: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[   85.994281][ T9234] ==================================================================
[   85.994286][ T9234] Disabling lock debugging due to kernel taint
[   85.994293][ T9234] Kernel panic - not syncing: panic_on_warn set ...
[   85.994308][ T9234] CPU: 0 PID: 9234 Comm: syz-executor.2 Tainted: G    B             5.5.0-rc1-syzkaller #0
[   85.994314][ T9234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   85.994318][ T9234] Call Trace:
[   85.994332][ T9234]  dump_stack+0x197/0x210
[   85.994347][ T9234]  panic+0x2e3/0x75c
[   85.994359][ T9234]  ? add_taint.cold+0x16/0x16
[   85.994378][ T9234]  ? trace_hardirqs_on+0x67/0x240
[   85.994390][ T9234]  ? trace_hardirqs_on+0x5e/0x240
[   85.994402][ T9234]  ? fbcon_cursor+0x4ef/0x660
[   85.994414][ T9234]  end_report+0x47/0x4f
[   85.994424][ T9234]  ? fbcon_cursor+0x4ef/0x660
[   85.994436][ T9234]  __kasan_report.cold+0xe/0x41
[   85.994449][ T9234]  ? fbcon_cursor+0x4ef/0x660
[   85.994461][ T9234]  kasan_report+0x12/0x20
[   85.994474][ T9234]  __asan_report_load2_noabort+0x14/0x20
[   85.994484][ T9234]  fbcon_cursor+0x4ef/0x660
[   85.994495][ T9234]  ? mark_lock+0xc2/0x1220
[   85.994511][ T9234]  fbcon_scrolldelta+0x679/0x1220
[   85.994522][ T9234]  ? mark_held_locks+0xa4/0xf0
[   85.994532][ T9234]  ? kfree+0x226/0x2c0
[   85.994544][ T9234]  ? vc_do_resize+0xa69/0x1460
[   85.994554][ T9234]  ? kfree+0x226/0x2c0
[   85.994565][ T9234]  ? lockdep_hardirqs_on+0x421/0x5e0
[   85.994580][ T9234]  fbcon_set_origin+0x43/0x50
[   85.994594][ T9234]  ? fbcon_scrolldelta+0x1220/0x1220
[   85.994606][ T9234]  set_origin+0xf3/0x400
[   85.994620][ T9234]  vc_do_resize+0xacc/0x1460
[   85.994633][ T9234]  ? down+0x70/0x90
[   85.994652][ T9234]  ? vc_uniscr_alloc+0xd0/0xd0
[   85.994665][ T9234]  ? lock_acquire+0x190/0x410
[   85.994678][ T9234]  ? vt_ioctl+0x1463/0x26d0
[   85.994693][ T9234]  vc_resize+0x4d/0x60
[   85.994708][ T9234]  vt_ioctl+0x14bb/0x26d0
[   85.994723][ T9234]  ? complete_change_console+0x3a0/0x3a0
[   85.994734][ T9234]  ? lock_downgrade+0x920/0x920
[   85.994747][ T9234]  ? rwlock_bug.part.0+0x90/0x90
[   85.994760][ T9234]  ? tomoyo_path_number_perm+0x214/0x520
[   85.994772][ T9234]  ? find_held_lock+0x35/0x130
[   85.994785][ T9234]  ? tomoyo_path_number_perm+0x214/0x520
[   85.994798][ T9234]  ? __sanitizer_cov_trace_switch+0x49/0x80
[   85.994810][ T9234]  ? tty_jobctrl_ioctl+0x50/0xd40
[   85.994823][ T9234]  ? complete_change_console+0x3a0/0x3a0
[   85.994835][ T9234]  tty_ioctl+0xa37/0x14f0
[   85.994849][ T9234]  ? tty_vhangup+0x30/0x30
[   85.994860][ T9234]  ? tomoyo_path_number_perm+0x454/0x520
[   85.994875][ T9234]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   85.994887][ T9234]  ? tomoyo_path_number_perm+0x25e/0x520
[   85.994902][ T9234]  ? tomoyo_execute_permission+0x4a0/0x4a0
[   85.994923][ T9234]  ? tty_vhangup+0x30/0x30
[   85.994936][ T9234]  do_vfs_ioctl+0x977/0x14e0
[   85.994951][ T9234]  ? compat_ioctl_preallocate+0x220/0x220
[   85.994969][ T9234]  ? __fget+0x37f/0x550
[   85.994984][ T9234]  ? ksys_dup3+0x3e0/0x3e0
[   85.994998][ T9234]  ? ns_to_kernel_old_timeval+0x100/0x100
[   85.995014][ T9234]  ? tomoyo_file_ioctl+0x23/0x30
[   85.995027][ T9234]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   85.995038][ T9234]  ? security_file_ioctl+0x8d/0xc0
[   85.995052][ T9234]  ksys_ioctl+0xab/0xd0
[   85.995065][ T9234]  __x64_sys_ioctl+0x73/0xb0
[   85.995079][ T9234]  do_syscall_64+0xfa/0x790
[   85.995094][ T9234]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   85.995102][ T9234] RIP: 0033:0x45a909
[   85.995115][ T9234] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[   85.995122][ T9234] RSP: 002b:00007f0e231fec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   85.995133][ T9234] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a909
[   85.995140][ T9234] RDX: 0000000020000000 RSI: 0000000000005609 RDI: 0000000000000003
[   85.995148][ T9234] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[   85.995155][ T9234] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0e231ff6d4
[   85.995163][ T9234] R13: 00000000004c7009 R14: 00000000004dd670 R15: 00000000ffffffff
[   85.997167][ T9234] Kernel Offset: disabled