[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   57.123800][   T26] audit: type=1800 audit(1560527340.169:25): pid=8670 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   57.168703][   T26] audit: type=1800 audit(1560527340.169:26): pid=8670 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   57.212437][   T26] audit: type=1800 audit(1560527340.169:27): pid=8670 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.60' (ECDSA) to the list of known hosts.
2019/06/14 16:01:12 parsed 1 programs
2019/06/14 16:01:13 executed programs: 0
syzkaller login: [  790.847830][ T8844] IPVS: ftp: loaded support on port[0] = 21
[  790.916461][ T8847] IPVS: ftp: loaded support on port[0] = 21
[  790.926958][ T8848] IPVS: ftp: loaded support on port[0] = 21
[  791.018718][ T8852] IPVS: ftp: loaded support on port[0] = 21
[  791.046212][ T8853] IPVS: ftp: loaded support on port[0] = 21
[  791.063305][ T8844] chnl_net:caif_netlink_parms(): no params data found
[  791.099985][ T8848] chnl_net:caif_netlink_parms(): no params data found
[  791.129763][ T8855] IPVS: ftp: loaded support on port[0] = 21
[  791.176584][ T8844] bridge0: port 1(bridge_slave_0) entered blocking state
[  791.184217][ T8844] bridge0: port 1(bridge_slave_0) entered disabled state
[  791.191852][ T8844] device bridge_slave_0 entered promiscuous mode
[  791.199526][ T8847] chnl_net:caif_netlink_parms(): no params data found
[  791.229100][ T8848] bridge0: port 1(bridge_slave_0) entered blocking state
[  791.236503][ T8848] bridge0: port 1(bridge_slave_0) entered disabled state
[  791.244086][ T8848] device bridge_slave_0 entered promiscuous mode
[  791.251836][ T8844] bridge0: port 2(bridge_slave_1) entered blocking state
[  791.259695][ T8844] bridge0: port 2(bridge_slave_1) entered disabled state
[  791.267801][ T8844] device bridge_slave_1 entered promiscuous mode
[  791.287792][ T8844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  791.305698][ T8848] bridge0: port 2(bridge_slave_1) entered blocking state
[  791.312788][ T8848] bridge0: port 2(bridge_slave_1) entered disabled state
[  791.320328][ T8848] device bridge_slave_1 entered promiscuous mode
[  791.328002][ T8844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  791.348337][ T8847] bridge0: port 1(bridge_slave_0) entered blocking state
[  791.355861][ T8847] bridge0: port 1(bridge_slave_0) entered disabled state
[  791.363512][ T8847] device bridge_slave_0 entered promiscuous mode
[  791.370894][ T8847] bridge0: port 2(bridge_slave_1) entered blocking state
[  791.378123][ T8847] bridge0: port 2(bridge_slave_1) entered disabled state
[  791.385811][ T8847] device bridge_slave_1 entered promiscuous mode
[  791.402842][ T8844] team0: Port device team_slave_0 added
[  791.414442][ T8848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  791.425960][ T8848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  791.435871][ T8844] team0: Port device team_slave_1 added
[  791.464915][ T8848] team0: Port device team_slave_0 added
[  791.472090][ T8848] team0: Port device team_slave_1 added
[  791.514235][ T8844] device hsr_slave_0 entered promiscuous mode
[  791.562638][ T8844] device hsr_slave_1 entered promiscuous mode
[  791.604821][ T8847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  791.647749][ T8847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  791.668824][ T8847] team0: Port device team_slave_0 added
[  791.676701][ T8847] team0: Port device team_slave_1 added
[  791.698971][ T8853] chnl_net:caif_netlink_parms(): no params data found
[  791.764049][ T8848] device hsr_slave_0 entered promiscuous mode
[  791.812585][ T8848] device hsr_slave_1 entered promiscuous mode
[  791.896334][ T8855] chnl_net:caif_netlink_parms(): no params data found
[  791.919703][ T8853] bridge0: port 1(bridge_slave_0) entered blocking state
[  791.927507][ T8853] bridge0: port 1(bridge_slave_0) entered disabled state
[  791.935146][ T8853] device bridge_slave_0 entered promiscuous mode
[  791.984236][ T8847] device hsr_slave_0 entered promiscuous mode
[  792.032552][ T8847] device hsr_slave_1 entered promiscuous mode
[  792.149486][ T8852] chnl_net:caif_netlink_parms(): no params data found
[  792.159356][ T8844] bridge0: port 2(bridge_slave_1) entered blocking state
[  792.166532][ T8844] bridge0: port 2(bridge_slave_1) entered forwarding state
[  792.174087][ T8844] bridge0: port 1(bridge_slave_0) entered blocking state
[  792.181117][ T8844] bridge0: port 1(bridge_slave_0) entered forwarding state
[  792.190846][ T8853] bridge0: port 2(bridge_slave_1) entered blocking state
[  792.198027][ T8853] bridge0: port 2(bridge_slave_1) entered disabled state
[  792.208231][ T8853] device bridge_slave_1 entered promiscuous mode
[  792.216385][ T8859] bridge0: port 1(bridge_slave_0) entered disabled state
[  792.225380][ T8859] bridge0: port 2(bridge_slave_1) entered disabled state
[  792.287993][ T8853] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  792.297296][ T8855] bridge0: port 1(bridge_slave_0) entered blocking state
[  792.304791][ T8855] bridge0: port 1(bridge_slave_0) entered disabled state
[  792.312467][ T8855] device bridge_slave_0 entered promiscuous mode
[  792.319809][ T8855] bridge0: port 2(bridge_slave_1) entered blocking state
[  792.327378][ T8855] bridge0: port 2(bridge_slave_1) entered disabled state
[  792.335135][ T8855] device bridge_slave_1 entered promiscuous mode
[  792.355149][ T8853] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  792.376015][ T8855] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  792.388581][ T8852] bridge0: port 1(bridge_slave_0) entered blocking state
[  792.395978][ T8852] bridge0: port 1(bridge_slave_0) entered disabled state
[  792.406536][ T8852] device bridge_slave_0 entered promiscuous mode
[  792.417216][ T8852] bridge0: port 2(bridge_slave_1) entered blocking state
[  792.424367][ T8852] bridge0: port 2(bridge_slave_1) entered disabled state
[  792.431911][ T8852] device bridge_slave_1 entered promiscuous mode
[  792.441909][ T8855] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  792.456112][ T8853] team0: Port device team_slave_0 added
[  792.480946][ T8853] team0: Port device team_slave_1 added
[  792.491124][ T8852] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  792.501747][ T8855] team0: Port device team_slave_0 added
[  792.508339][ T8855] team0: Port device team_slave_1 added
[  792.521995][ T8848] 8021q: adding VLAN 0 to HW filter on device bond0
[  792.537422][ T8852] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  792.594484][ T8855] device hsr_slave_0 entered promiscuous mode
[  792.632635][ T8855] device hsr_slave_1 entered promiscuous mode
[  792.708212][ T8848] 8021q: adding VLAN 0 to HW filter on device team0
[  792.717716][ T8852] team0: Port device team_slave_0 added
[  792.730751][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  792.740862][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  792.786707][ T8853] device hsr_slave_0 entered promiscuous mode
[  792.852825][ T8853] device hsr_slave_1 entered promiscuous mode
[  792.895695][ T8844] 8021q: adding VLAN 0 to HW filter on device bond0
[  792.910328][ T8852] team0: Port device team_slave_1 added
[  792.919294][ T8847] 8021q: adding VLAN 0 to HW filter on device bond0
[  792.956274][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  792.964364][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  792.971932][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  792.981149][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  792.989671][ T8865] bridge0: port 1(bridge_slave_0) entered blocking state
[  792.996766][ T8865] bridge0: port 1(bridge_slave_0) entered forwarding state
[  793.005729][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  793.014440][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  793.022858][ T8865] bridge0: port 2(bridge_slave_1) entered blocking state
[  793.029897][ T8865] bridge0: port 2(bridge_slave_1) entered forwarding state
[  793.037490][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  793.048480][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  793.056571][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  793.064364][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  793.125687][ T8852] device hsr_slave_0 entered promiscuous mode
[  793.172694][ T8852] device hsr_slave_1 entered promiscuous mode
[  793.227712][ T8844] 8021q: adding VLAN 0 to HW filter on device team0
[  793.243831][ T8847] 8021q: adding VLAN 0 to HW filter on device team0
[  793.267721][ T8859] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  793.276615][ T8859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  793.285880][ T8859] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  793.295066][ T8859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  793.304380][ T8859] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  793.312821][ T8859] bridge0: port 1(bridge_slave_0) entered blocking state
[  793.319862][ T8859] bridge0: port 1(bridge_slave_0) entered forwarding state
[  793.327543][ T8859] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  793.343220][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  793.351882][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  793.360899][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  793.369444][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  793.385230][ T8857] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  793.394296][ T8857] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  793.403144][ T8857] bridge0: port 2(bridge_slave_1) entered blocking state
[  793.410185][ T8857] bridge0: port 2(bridge_slave_1) entered forwarding state
[  793.434441][ T2655] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  793.443643][ T2655] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  793.451878][ T2655] bridge0: port 1(bridge_slave_0) entered blocking state
[  793.458985][ T2655] bridge0: port 1(bridge_slave_0) entered forwarding state
[  793.468071][ T2655] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  793.477263][ T2655] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  793.485741][ T2655] bridge0: port 2(bridge_slave_1) entered blocking state
[  793.492850][ T2655] bridge0: port 2(bridge_slave_1) entered forwarding state
[  793.501728][ T2655] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  793.509910][ T2655] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  793.518322][ T2655] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  793.531134][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  793.566569][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  793.577785][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  793.588157][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  793.604077][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  793.639827][ T8857] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  793.648981][ T8857] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  793.658376][ T8857] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  793.666898][ T8857] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  793.676206][ T8857] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  793.684611][ T8857] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  793.693468][ T8857] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  793.710509][ T8844] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  793.722207][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  793.743912][ T8853] 8021q: adding VLAN 0 to HW filter on device bond0
[  793.757445][ T8848] 8021q: adding VLAN 0 to HW filter on device batadv0
[  793.771129][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  793.780154][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  793.789520][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  793.802849][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  793.843631][ T8852] 8021q: adding VLAN 0 to HW filter on device bond0
[  793.850501][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  793.859167][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  793.867703][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  793.875977][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  793.884649][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  793.893208][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  793.901333][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  793.918446][ T8853] 8021q: adding VLAN 0 to HW filter on device team0
[  793.935561][ T8855] 8021q: adding VLAN 0 to HW filter on device bond0
[  793.951006][ T8847] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  793.965109][ T8847] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  793.989194][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  793.998337][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  794.008564][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  794.017251][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  794.026235][ T8867] bridge0: port 1(bridge_slave_0) entered blocking state
[  794.033366][ T8867] bridge0: port 1(bridge_slave_0) entered forwarding state
[  794.041077][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  794.049767][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  794.058390][ T8867] bridge0: port 2(bridge_slave_1) entered blocking state
[  794.065479][ T8867] bridge0: port 2(bridge_slave_1) entered forwarding state
[  794.073110][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  794.099490][ T8852] 8021q: adding VLAN 0 to HW filter on device team0
[  794.126145][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  794.134203][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  794.141946][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  794.155192][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  794.164045][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  794.173386][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  794.182655][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  794.191559][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  794.200780][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  794.210499][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  794.212277][    C1] hrtimer: interrupt took 38240 ns
[  794.219545][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  794.232212][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  794.240822][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  794.249567][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  794.259569][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  794.275712][ T8844] 8021q: adding VLAN 0 to HW filter on device batadv0
[  794.317243][ T8855] 8021q: adding VLAN 0 to HW filter on device team0
[  794.325377][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  794.334702][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  794.344225][ T8865] bridge0: port 1(bridge_slave_0) entered blocking state
[  794.351308][ T8865] bridge0: port 1(bridge_slave_0) entered forwarding state
[  794.359256][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  794.368228][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  794.402665][ T8865] bridge0: port 2(bridge_slave_1) entered blocking state
[  794.409740][ T8865] bridge0: port 2(bridge_slave_1) entered forwarding state
[  794.437871][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  794.447486][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  794.458600][ T8847] 8021q: adding VLAN 0 to HW filter on device batadv0
[  794.523095][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  794.551379][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  794.570274][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  794.580088][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  794.589016][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  794.597669][ T8867] bridge0: port 1(bridge_slave_0) entered blocking state
[  794.604796][ T8867] bridge0: port 1(bridge_slave_0) entered forwarding state
[  794.612885][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  794.621540][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  794.630266][ T8867] bridge0: port 2(bridge_slave_1) entered blocking state
[  794.637385][ T8867] bridge0: port 2(bridge_slave_1) entered forwarding state
[  794.638172][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  794.654113][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  794.663064][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  794.670960][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  794.693281][ T8853] 8021q: adding VLAN 0 to HW filter on device batadv0
[  794.701309][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  794.716442][ T8867] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  794.812542][ T8859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  794.858742][ T8859] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  794.887180][ T8859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  794.939248][ T8859] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  794.981948][ T8859] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  794.992171][ T8859] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  795.014677][ T8859] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  795.046671][ T8859] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  795.113507][ T8852] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  795.164798][ T8855] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  795.177745][ T8855] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  795.222920][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  795.230846][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  795.248395][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  795.258514][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  795.273294][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  795.297573][ T8852] 8021q: adding VLAN 0 to HW filter on device batadv0
[  795.314374][ T8865] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  795.337343][ T8855] 8021q: adding VLAN 0 to HW filter on device batadv0
2019/06/14 16:01:18 executed programs: 19
2019/06/14 16:01:23 executed programs: 120
2019/06/14 16:01:29 executed programs: 226
2019/06/14 16:01:34 executed programs: 330
2019/06/14 16:01:39 executed programs: 427
2019/06/14 16:01:44 executed programs: 530
2019/06/14 16:01:49 executed programs: 631
2019/06/14 16:01:54 executed programs: 735
2019/06/14 16:01:59 executed programs: 836
2019/06/14 16:02:04 executed programs: 936
2019/06/14 16:02:09 executed programs: 1038
2019/06/14 16:02:14 executed programs: 1141
2019/06/14 16:02:19 executed programs: 1242
2019/06/14 16:02:24 executed programs: 1340
2019/06/14 16:02:29 executed programs: 1441
2019/06/14 16:02:34 executed programs: 1542
2019/06/14 16:02:39 executed programs: 1645
2019/06/14 16:02:44 executed programs: 1742
2019/06/14 16:02:49 executed programs: 1840
2019/06/14 16:02:54 executed programs: 1939
2019/06/14 16:02:59 executed programs: 2039
2019/06/14 16:03:04 executed programs: 2137
2019/06/14 16:03:09 executed programs: 2238
2019/06/14 16:03:14 executed programs: 2338
2019/06/14 16:03:20 executed programs: 2438
2019/06/14 16:03:25 executed programs: 2538
2019/06/14 16:03:30 executed programs: 2639
2019/06/14 16:03:35 executed programs: 2735
[  936.404266][T21346] ==================================================================
[  936.412596][T21346] BUG: KASAN: use-after-free in tomoyo_realpath_from_path+0x722/0x7a0
[  936.412613][T21346] Read of size 2 at addr ffff888099ba8d10 by task syz-executor.5/21346
[  936.412617][T21346] 
[  936.412640][T21346] CPU: 1 PID: 21346 Comm: syz-executor.5 Not tainted 5.2.0-rc4-next-20190614 #15
[  936.440457][T21346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  936.450512][T21346] Call Trace:
[  936.453808][T21346]  dump_stack+0x172/0x1f0
[  936.458154][T21346]  ? tomoyo_realpath_from_path+0x722/0x7a0
[  936.458176][T21346]  print_address_description.cold+0xd4/0x306
[  936.458189][T21346]  ? tomoyo_realpath_from_path+0x722/0x7a0
[  936.475813][T21346]  ? tomoyo_realpath_from_path+0x722/0x7a0
[  936.475832][T21346]  __kasan_report.cold+0x1b/0x36
[  936.475851][T21346]  ? tomoyo_realpath_from_path+0x722/0x7a0
[  936.475867][T21346]  kasan_report+0x12/0x20
[  936.475888][T21346]  __asan_report_load2_noabort+0x14/0x20
[  936.502323][T21346]  tomoyo_realpath_from_path+0x722/0x7a0
[  936.507972][T21346]  tomoyo_check_open_permission+0x2a8/0x3f0
[  936.513878][T21346]  ? tomoyo_path_number_perm+0x520/0x520
[  936.519524][T21346]  ? retint_kernel+0x2b/0x2b
[  936.524126][T21346]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  936.529594][T21346]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  936.535174][T21346]  ? tomoyo_file_open+0x57/0xd0
[  936.540030][T21346]  ? tomoyo_domain+0x10/0x160
[  936.540046][T21346]  ? tomoyo_domain+0x64/0x160
[  936.540067][T21346]  tomoyo_file_open+0xa9/0xd0
[  936.540087][T21346]  security_file_open+0x71/0x300
[  936.559021][T21346]  ? security_file_open+0x1/0x300
[  936.564057][T21346]  do_dentry_open+0x373/0x1250
[  936.568839][T21346]  ? chown_common+0x5c0/0x5c0
[  936.573521][T21346]  ? security_inode_permission+0x59/0x100
[  936.579266][T21346]  ? inode_permission+0xb4/0x560
[  936.584224][T21346]  ? may_open.isra.0+0x1ad/0x320
[  936.589166][T21346]  vfs_open+0xa0/0xd0
[  936.593152][T21346]  path_openat+0x10e9/0x46d0
[  936.597750][T21346]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  936.597769][T21346]  ? kasan_slab_alloc+0xf/0x20
[  936.608310][T21346]  ? kmem_cache_alloc+0x11a/0x6f0
[  936.613341][T21346]  ? getname_flags+0xd6/0x5b0
[  936.618019][T21346]  ? getname+0x1a/0x20
[  936.618032][T21346]  ? do_sys_open+0x2c9/0x5d0
[  936.618053][T21346]  ? mark_lock+0x13c0/0x13d0
[  936.618073][T21346]  ? path_lookupat.isra.0+0x8d0/0x8d0
[  936.626703][T21346]  ? mark_held_locks+0xa4/0xf0
[  936.626722][T21346]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  936.626736][T21346]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  936.626752][T21346]  ? __alloc_fd+0x44d/0x560
[  936.626767][T21346]  ? find_held_lock+0x35/0x130
[  936.626786][T21346]  do_filp_open+0x1a1/0x280
[  936.661594][T21346]  ? may_open_dev+0x100/0x100
[  936.661625][T21346]  ? do_raw_spin_unlock+0x57/0x270
[  936.661647][T21346]  ? _raw_spin_unlock+0x2d/0x50
[  936.680745][T21346]  do_sys_open+0x3fe/0x5d0
[  936.685184][T21346]  ? filp_open+0x80/0x80
[  936.689468][T21346]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  936.694924][T21346]  ? do_syscall_64+0x26/0x680
[  936.694943][T21346]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  936.694956][T21346]  ? do_syscall_64+0x26/0x680
[  936.694974][T21346]  __x64_sys_open+0x7e/0xc0
[  936.694995][T21346]  do_syscall_64+0xfd/0x680
[  936.719989][T21346]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  936.725881][T21346] RIP: 0033:0x4131b1
[  936.729795][T21346] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  936.749399][T21346] RSP: 002b:00007f820a23dbb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[  936.757816][T21346] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00000000004131b1
[  936.765788][T21346] RDX: fffffffffffffffa RSI: 0000000000000000 RDI: 00007f820a23dbd0
[  936.773758][T21346] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 000000000000000f
[  936.781724][T21346] R10: 0000000000000004 R11: 0000000000000293 R12: 00007f820a23e6d4
[  936.781733][T21346] R13: 00000000004c86c8 R14: 00000000004deff0 R15: 00000000ffffffff
[  936.781755][T21346] 
[  936.781768][T21346] Allocated by task 21342:
[  936.804458][T21346]  save_stack+0x23/0x90
[  936.804473][T21346]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[  936.804485][T21346]  kasan_kmalloc+0x9/0x10
[  936.804502][T21346]  __kmalloc+0x15c/0x740
[  936.822804][T21346]  sk_prot_alloc+0x19c/0x2e0
[  936.822815][T21346]  sk_alloc+0x39/0xf70
[  936.822829][T21346]  mISDN_sock_create+0xb4/0x3a0
[  936.822847][T21346]  __sock_create+0x3d8/0x730
[  936.831512][T21346]  __sys_socket+0x103/0x220
[  936.831542][T21346]  __x64_sys_socket+0x73/0xb0
[  936.831558][T21346]  do_syscall_64+0xfd/0x680
[  936.831581][T21346]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  936.860506][T21346] 
[  936.862835][T21346] Freed by task 21336:
[  936.866908][T21346]  save_stack+0x23/0x90
[  936.871078][T21346]  __kasan_slab_free+0x102/0x150
[  936.876015][T21346]  kasan_slab_free+0xe/0x10
[  936.876026][T21346]  kfree+0x10a/0x2c0
[  936.876045][T21346]  __sk_destruct+0x4f7/0x6e0
[  936.889000][T21346]  sk_destruct+0x7b/0x90
[  936.893244][T21346]  __sk_free+0xce/0x300
[  936.897399][T21346]  sk_free+0x42/0x50
[  936.901301][T21346]  base_sock_release+0x269/0x279
[  936.906250][T21346]  __sock_release+0xce/0x2a0
[  936.910861][T21346]  sock_close+0x1b/0x30
[  936.915016][T21346]  __fput+0x2ff/0x890
[  936.915029][T21346]  ____fput+0x16/0x20
[  936.915041][T21346]  task_work_run+0x145/0x1c0
[  936.915062][T21346]  exit_to_usermode_loop+0x273/0x2c0
[  936.932839][T21346]  do_syscall_64+0x58e/0x680
[  936.937439][T21346]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  936.937444][T21346] 
[  936.937456][T21346] The buggy address belongs to the object at ffff888099ba8d00
[  936.937456][T21346]  which belongs to the cache kmalloc-2k of size 2048
[  936.937467][T21346] The buggy address is located 16 bytes inside of
[  936.937467][T21346]  2048-byte region [ffff888099ba8d00, ffff888099ba9500)
[  936.937479][T21346] The buggy address belongs to the page:
[  936.972984][T21346] page:ffffea000266ea00 refcount:1 mapcount:0 mapping:ffff8880aa400e00 index:0x0 compound_mapcount: 0
[  936.973002][T21346] flags: 0x1fffc0000010200(slab|head)
[  936.973023][T21346] raw: 01fffc0000010200 ffffea00025ced08 ffffea0002221a08 ffff8880aa400e00
[  936.973038][T21346] raw: 0000000000000000 ffff888099ba8480 0000000100000003 0000000000000000
[  936.973044][T21346] page dumped because: kasan: bad access detected
[  936.973056][T21346] 
[  936.994948][T21346] Memory state around the buggy address:
[  937.026443][T21346]  ffff888099ba8c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  937.026454][T21346]  ffff888099ba8c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  937.026465][T21346] >ffff888099ba8d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  937.026470][T21346]                          ^
[  937.026481][T21346]  ffff888099ba8d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  937.026491][T21346]  ffff888099ba8e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  937.026503][T21346] ==================================================================
[  937.050651][T21346] Disabling lock debugging due to kernel taint
[  937.212093][T21346] Kernel panic - not syncing: panic_on_warn set ...
[  937.218725][T21346] CPU: 1 PID: 21346 Comm: syz-executor.5 Tainted: G    B             5.2.0-rc4-next-20190614 #15
[  937.229212][T21346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  937.239273][T21346] Call Trace:
[  937.242579][T21346]  dump_stack+0x172/0x1f0
[  937.246933][T21346]  panic+0x2cb/0x744
[  937.250830][T21346]  ? __warn_printk+0xf3/0xf3
[  937.255436][T21346]  ? tomoyo_realpath_from_path+0x722/0x7a0
2019/06/14 16:03:40 executed programs: 2831
[  937.261243][T21346]  ? preempt_schedule+0x4b/0x60
[  937.266115][T21346]  ? ___preempt_schedule+0x16/0x18
[  937.271223][T21346]  ? trace_hardirqs_on+0x5e/0x220
[  937.276226][T21346]  ? tomoyo_realpath_from_path+0x722/0x7a0
[  937.282007][T21346]  end_report+0x47/0x4f
[  937.286136][T21346]  ? tomoyo_realpath_from_path+0x722/0x7a0
[  937.291938][T21346]  __kasan_report.cold+0xe/0x36
[  937.296768][T21346]  ? tomoyo_realpath_from_path+0x722/0x7a0
[  937.302577][T21346]  kasan_report+0x12/0x20
[  937.306898][T21346]  __asan_report_load2_noabort+0x14/0x20
[  937.312509][T21346]  tomoyo_realpath_from_path+0x722/0x7a0
[  937.318117][T21346]  tomoyo_check_open_permission+0x2a8/0x3f0
[  937.323988][T21346]  ? tomoyo_path_number_perm+0x520/0x520
[  937.329611][T21346]  ? retint_kernel+0x2b/0x2b
[  937.334184][T21346]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  937.339626][T21346]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  937.345066][T21346]  ? tomoyo_file_open+0x57/0xd0
[  937.349888][T21346]  ? tomoyo_domain+0x10/0x160
[  937.354540][T21346]  ? tomoyo_domain+0x64/0x160
[  937.359191][T21346]  tomoyo_file_open+0xa9/0xd0
[  937.363846][T21346]  security_file_open+0x71/0x300
[  937.368757][T21346]  ? security_file_open+0x1/0x300
[  937.373758][T21346]  do_dentry_open+0x373/0x1250
[  937.378498][T21346]  ? chown_common+0x5c0/0x5c0
[  937.383154][T21346]  ? security_inode_permission+0x59/0x100
[  937.388848][T21346]  ? inode_permission+0xb4/0x560
[  937.393775][T21346]  ? may_open.isra.0+0x1ad/0x320
[  937.398711][T21346]  vfs_open+0xa0/0xd0
[  937.402682][T21346]  path_openat+0x10e9/0x46d0
[  937.407263][T21346]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  937.413042][T21346]  ? kasan_slab_alloc+0xf/0x20
[  937.417783][T21346]  ? kmem_cache_alloc+0x11a/0x6f0
[  937.422782][T21346]  ? getname_flags+0xd6/0x5b0
[  937.427437][T21346]  ? getname+0x1a/0x20
[  937.431478][T21346]  ? do_sys_open+0x2c9/0x5d0
[  937.436046][T21346]  ? mark_lock+0x13c0/0x13d0
[  937.440609][T21346]  ? path_lookupat.isra.0+0x8d0/0x8d0
[  937.445953][T21346]  ? mark_held_locks+0xa4/0xf0
[  937.450692][T21346]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  937.456152][T21346]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  937.461584][T21346]  ? __alloc_fd+0x44d/0x560
[  937.466063][T21346]  ? find_held_lock+0x35/0x130
[  937.470801][T21346]  do_filp_open+0x1a1/0x280
[  937.475279][T21346]  ? may_open_dev+0x100/0x100
[  937.479953][T21346]  ? do_raw_spin_unlock+0x57/0x270
[  937.485043][T21346]  ? _raw_spin_unlock+0x2d/0x50
[  937.489868][T21346]  do_sys_open+0x3fe/0x5d0
[  937.494258][T21346]  ? filp_open+0x80/0x80
[  937.498476][T21346]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  937.503915][T21346]  ? do_syscall_64+0x26/0x680
[  937.508572][T21346]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  937.514612][T21346]  ? do_syscall_64+0x26/0x680
[  937.519260][T21346]  __x64_sys_open+0x7e/0xc0
[  937.523737][T21346]  do_syscall_64+0xfd/0x680
[  937.528219][T21346]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  937.534084][T21346] RIP: 0033:0x4131b1
[  937.537955][T21346] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  937.558677][T21346] RSP: 002b:00007f820a23dbb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[  937.567064][T21346] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00000000004131b1
[  937.575332][T21346] RDX: fffffffffffffffa RSI: 0000000000000000 RDI: 00007f820a23dbd0
[  937.583278][T21346] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 000000000000000f
[  937.591226][T21346] R10: 0000000000000004 R11: 0000000000000293 R12: 00007f820a23e6d4
[  937.599172][T21346] R13: 00000000004c86c8 R14: 00000000004deff0 R15: 00000000ffffffff
[  937.608257][T21346] Kernel Offset: disabled
[  937.612578][T21346] Rebooting in 86400 seconds..