[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   72.698106][   T28] audit: type=1800 audit(1577097322.434:25): pid=9103 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   72.734390][   T28] audit: type=1800 audit(1577097322.434:26): pid=9103 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   72.755552][   T28] audit: type=1800 audit(1577097322.434:27): pid=9103 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.209' (ECDSA) to the list of known hosts.
2019/12/23 10:35:43 parsed 1 programs
2019/12/23 10:35:45 executed programs: 0
syzkaller login: [   96.123312][ T9277] IPVS: ftp: loaded support on port[0] = 21
[   96.148959][ T9280] IPVS: ftp: loaded support on port[0] = 21
[   96.150182][ T9281] IPVS: ftp: loaded support on port[0] = 21
[   96.205493][ T9284] IPVS: ftp: loaded support on port[0] = 21
[   96.245745][ T9287] IPVS: ftp: loaded support on port[0] = 21
[   96.254680][ T9286] IPVS: ftp: loaded support on port[0] = 21
[   96.494611][ T9281] chnl_net:caif_netlink_parms(): no params data found
[   96.552646][ T9277] chnl_net:caif_netlink_parms(): no params data found
[   96.573774][ T9287] chnl_net:caif_netlink_parms(): no params data found
[   96.606672][ T9280] chnl_net:caif_netlink_parms(): no params data found
[   96.660329][ T9281] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.668878][ T9281] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.678516][ T9281] device bridge_slave_0 entered promiscuous mode
[   96.770131][ T9281] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.777432][ T9281] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.787693][ T9281] device bridge_slave_1 entered promiscuous mode
[   96.795194][ T9280] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.802247][ T9280] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.810197][ T9280] device bridge_slave_0 entered promiscuous mode
[   96.828656][ T9287] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.836195][ T9287] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.843826][ T9287] device bridge_slave_0 entered promiscuous mode
[   96.851293][ T9277] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.861011][ T9277] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.868850][ T9277] device bridge_slave_0 entered promiscuous mode
[   96.895663][ T9280] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.902861][ T9280] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.910882][ T9280] device bridge_slave_1 entered promiscuous mode
[   96.926394][ T9287] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.933504][ T9287] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.941442][ T9287] device bridge_slave_1 entered promiscuous mode
[   96.948620][ T9277] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.956154][ T9277] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.963786][ T9277] device bridge_slave_1 entered promiscuous mode
[   96.995597][ T9281] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   97.019554][ T9277] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   97.032352][ T9277] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   97.041635][ T9284] chnl_net:caif_netlink_parms(): no params data found
[   97.053193][ T9281] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   97.064086][ T9280] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   97.093216][ T9287] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   97.103353][ T9286] chnl_net:caif_netlink_parms(): no params data found
[   97.131798][ T9280] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   97.149774][ T9287] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   97.172574][ T9281] team0: Port device team_slave_0 added
[   97.201016][ T9277] team0: Port device team_slave_0 added
[   97.221982][ T9281] team0: Port device team_slave_1 added
[   97.239115][ T9280] team0: Port device team_slave_0 added
[   97.247148][ T9277] team0: Port device team_slave_1 added
[   97.261176][ T9287] team0: Port device team_slave_0 added
[   97.269420][ T9284] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.276647][ T9284] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.286414][ T9284] device bridge_slave_0 entered promiscuous mode
[   97.295408][ T9284] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.302473][ T9284] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.311020][ T9284] device bridge_slave_1 entered promiscuous mode
[   97.319431][ T9280] team0: Port device team_slave_1 added
[   97.333548][ T9287] team0: Port device team_slave_1 added
[   97.436150][ T9281] device hsr_slave_0 entered promiscuous mode
[   97.474732][ T9281] device hsr_slave_1 entered promiscuous mode
[   97.514740][ T9286] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.521828][ T9286] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.529995][ T9286] device bridge_slave_0 entered promiscuous mode
[   97.543007][ T9286] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.550184][ T9286] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.558017][ T9286] device bridge_slave_1 entered promiscuous mode
[   97.607320][ T9277] device hsr_slave_0 entered promiscuous mode
[   97.644390][ T9277] device hsr_slave_1 entered promiscuous mode
[   97.694197][ T9277] debugfs: Directory 'hsr0' with parent '/' already present!
[   97.703506][ T9284] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   97.785965][ T9280] device hsr_slave_0 entered promiscuous mode
[   97.824282][ T9280] device hsr_slave_1 entered promiscuous mode
[   97.864115][ T9280] debugfs: Directory 'hsr0' with parent '/' already present!
[   97.885278][ T9284] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   97.957296][ T9287] device hsr_slave_0 entered promiscuous mode
[   97.994445][ T9287] device hsr_slave_1 entered promiscuous mode
[   98.034202][ T9287] debugfs: Directory 'hsr0' with parent '/' already present!
[   98.061262][ T9286] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   98.084995][ T9286] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   98.143884][ T9284] team0: Port device team_slave_0 added
[   98.160961][ T9287] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   98.221443][ T9287] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   98.284044][ T9284] team0: Port device team_slave_1 added
[   98.300528][ T9277] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   98.335676][ T9281] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   98.375586][ T9287] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   98.418013][ T9286] team0: Port device team_slave_0 added
[   98.423898][ T9287] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   98.497168][ T9277] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   98.565530][ T9281] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   98.636844][ T9286] team0: Port device team_slave_1 added
[   98.642598][ T9281] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   98.757440][ T9284] device hsr_slave_0 entered promiscuous mode
[   98.814487][ T9284] device hsr_slave_1 entered promiscuous mode
[   98.864044][ T9284] debugfs: Directory 'hsr0' with parent '/' already present!
[   98.871679][ T9277] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   98.936834][ T9281] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   98.977445][ T9280] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   99.052109][ T9277] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   99.116164][ T9280] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   99.158731][ T9280] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   99.220689][ T9280] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   99.347540][ T9286] device hsr_slave_0 entered promiscuous mode
[   99.386086][ T9286] device hsr_slave_1 entered promiscuous mode
[   99.434098][ T9286] debugfs: Directory 'hsr0' with parent '/' already present!
[   99.501025][ T9284] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   99.566745][ T9284] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   99.606118][ T9284] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   99.676157][ T9284] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   99.794742][ T9286] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   99.836839][ T9286] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   99.899981][ T9287] 8021q: adding VLAN 0 to HW filter on device bond0
[   99.916904][ T9286] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   99.978990][ T9286] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  100.067858][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  100.076900][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  100.103654][ T9287] 8021q: adding VLAN 0 to HW filter on device team0
[  100.121711][ T9277] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.168430][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  100.178076][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  100.189990][   T22] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.197227][   T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.205408][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  100.213892][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  100.222548][   T22] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.229657][   T22] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.238766][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  100.272827][ T9281] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.285587][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  100.296770][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  100.305436][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  100.315429][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  100.326770][ T9277] 8021q: adding VLAN 0 to HW filter on device team0
[  100.367089][ T9280] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.374838][ T3348] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  100.389268][ T3348] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  100.397859][ T3348] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  100.407199][ T3348] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  100.415842][ T3348] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.422892][ T3348] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.430992][ T3348] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  100.439638][ T3348] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  100.456042][ T9284] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.475308][ T3722] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  100.484656][ T3722] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  100.492993][ T3722] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  100.501144][ T3722] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  100.509050][ T3722] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  100.517754][ T3722] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  100.526305][ T3722] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.533341][ T3722] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.548218][ T9281] 8021q: adding VLAN 0 to HW filter on device team0
[  100.565478][ T3722] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  100.574846][ T3722] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  100.590427][ T9284] 8021q: adding VLAN 0 to HW filter on device team0
[  100.620098][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  100.628763][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  100.636752][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  100.645446][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  100.653660][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  100.662206][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  100.671416][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  100.680328][ T2523] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.687433][ T2523] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.695308][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  100.704086][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  100.712419][ T2523] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.719515][ T2523] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.727318][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  100.736126][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  100.743773][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  100.751558][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  100.771311][ T9287] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  100.795839][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  100.803773][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  100.812804][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  100.825212][   T22] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.832284][   T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.840355][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  100.849117][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  100.858099][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  100.866775][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  100.877052][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  100.885937][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  100.894902][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  100.903331][   T22] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.910439][   T22] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.918958][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  100.927538][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  100.940871][ T9280] 8021q: adding VLAN 0 to HW filter on device team0
[  100.960592][ T9286] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.987840][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  100.997454][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  101.007567][ T2523] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.014693][ T2523] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.022360][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  101.031478][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  101.039881][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  101.048565][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  101.057056][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  101.066293][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  101.073691][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  101.117310][ T9281] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  101.128361][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  101.138247][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  101.147189][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  101.156969][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  101.166164][ T2523] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.173212][ T2523] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.181278][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  101.190383][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  101.199072][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  101.207790][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  101.217090][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  101.225771][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  101.235045][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  101.243539][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  101.252189][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  101.260995][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  101.269664][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  101.277515][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  101.285502][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  101.293773][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  101.302308][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  101.310352][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  101.328957][ T9286] 8021q: adding VLAN 0 to HW filter on device team0
[  101.337747][ T3722] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  101.352509][ T3722] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  101.393740][ T9277] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  101.408111][ T9277] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  101.420832][ T9287] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.428892][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  101.440335][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  101.447901][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  101.457001][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  101.465581][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  101.474225][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  101.482526][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.489665][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.498478][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  101.507259][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  101.515877][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  101.524485][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  101.532843][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.540034][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.547704][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  101.556932][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  101.565552][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  101.574510][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  101.582780][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  101.591464][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  101.601715][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  101.609786][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  101.622199][ T9284] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  101.665229][ T9281] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.675632][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  101.690286][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  101.698706][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  101.710147][ T9280] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  101.742315][ T3348] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  101.769342][ T3348] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  101.799035][ T9277] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.864694][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  101.873420][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  101.901042][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  101.901682][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  101.901800][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  101.901914][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  101.902023][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  101.902397][ T2523] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  101.920702][ T9284] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.952494][ T9286] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  101.952515][ T9286] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  101.976817][ T9280] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.977342][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  101.978095][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  101.978636][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  101.979050][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  101.979647][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  101.980068][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  102.005196][ T3722] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  102.196224][ T3348] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
2019/12/23 10:35:52 executed programs: 6
[  102.196367][ T3348] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  102.248973][ T9286] 8021q: adding VLAN 0 to HW filter on device batadv0
INIT: Id "2" respawning too fast: disabled for 5 minutes
[  104.369166][ T9474] ==================================================================
[  104.369235][ T9474] BUG: KASAN: use-after-free in try_to_grab_pending+0x115/0x910
[  104.369248][ T9474] Write of size 8 at addr ffff8880a2ca8008 by task syz-executor.0/9474
[  104.369252][ T9474] 
[  104.369270][ T9474] CPU: 0 PID: 9474 Comm: syz-executor.0 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  104.369279][ T9474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  104.369284][ T9474] Call Trace:
[  104.369301][ T9474]  dump_stack+0x197/0x210
[  104.369318][ T9474]  ? try_to_grab_pending+0x115/0x910
[  104.369341][ T9474]  print_address_description.constprop.0.cold+0xd4/0x30b
[  104.369356][ T9474]  ? try_to_grab_pending+0x115/0x910
[  104.369371][ T9474]  ? try_to_grab_pending+0x115/0x910
[  104.369387][ T9474]  __kasan_report.cold+0x1b/0x41
[  104.369405][ T9474]  ? try_to_grab_pending+0x115/0x910
[  104.369424][ T9474]  kasan_report+0x12/0x20
[  104.369441][ T9474]  check_memory_region+0x134/0x1a0
[  104.369458][ T9474]  __kasan_check_write+0x14/0x20
[  104.369473][ T9474]  try_to_grab_pending+0x115/0x910
[  104.369486][ T9474]  ? __kasan_check_read+0x11/0x20
[  104.369504][ T9474]  __cancel_work_timer+0xc4/0x540
[  104.369523][ T9474]  ? mod_delayed_work_on+0x200/0x200
[  104.369550][ T9474]  ? get_work_pool+0x1b0/0x1b0
[  104.369580][ T9474]  cancel_work_sync+0x18/0x20
[  104.369598][ T9474]  tty_buffer_cancel_work+0x16/0x20
[  104.369616][ T9474]  release_tty+0x261/0x470
[  104.369636][ T9474]  tty_release_struct+0x3c/0x50
[  104.369649][ T9474]  tty_release+0xbcb/0xe90
[  104.369677][ T9474]  __fput+0x2ff/0x890
[  104.369693][ T9474]  ? do_tty_hangup+0x30/0x30
[  104.369711][ T9474]  ____fput+0x16/0x20
[  104.369728][ T9474]  task_work_run+0x145/0x1c0
[  104.369752][ T9474]  exit_to_usermode_loop+0x316/0x380
[  104.369770][ T9474]  do_syscall_64+0x676/0x790
[  104.369790][ T9474]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  104.369802][ T9474] RIP: 0033:0x4144b1
[  104.369818][ T9474] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  104.369826][ T9474] RSP: 002b:00007fffd8a9b6c0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  104.369838][ T9474] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00000000004144b1
[  104.369846][ T9474] RDX: 0000000000000001 RSI: 0000000000000002 RDI: 0000000000000003
[  104.369854][ T9474] RBP: 0000000000000000 R08: ffffffffffffffff R09: ffffffffffffffff
[  104.369862][ T9474] R10: 00007fffd8a9b7a0 R11: 0000000000000293 R12: 000000000075c118
[  104.369870][ T9474] R13: 000000000001973c R14: 0000000000761640 R15: 000000000075c124
[  104.369888][ T9474] 
[  104.369894][ T9474] Allocated by task 9232:
[  104.369907][ T9474]  save_stack+0x23/0x90
[  104.369921][ T9474]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[  104.369933][ T9474]  kasan_kmalloc+0x9/0x10
[  104.369945][ T9474]  kmem_cache_alloc_trace+0x158/0x790
[  104.369958][ T9474]  vc_allocate+0x1fc/0x760
[  104.369969][ T9474]  con_install+0x52/0x410
[  104.369981][ T9474]  tty_init_dev+0xf9/0x470
[  104.369991][ T9474]  tty_open+0x4a5/0xbb0
[  104.370001][ T9474]  chrdev_open+0x245/0x6b0
[  104.370010][ T9474]  do_dentry_open+0x4ca/0x1350
[  104.370020][ T9474]  vfs_open+0xa0/0xd0
[  104.370032][ T9474]  path_openat+0x12fd/0x34d0
[  104.370044][ T9474]  do_filp_open+0x192/0x260
[  104.370056][ T9474]  do_sys_openat2+0x633/0x840
[  104.370068][ T9474]  do_sys_open+0xfc/0x190
[  104.370081][ T9474]  __x64_sys_open+0x7e/0xc0
[  104.370096][ T9474]  do_syscall_64+0xfa/0x790
[  104.370109][ T9474]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  104.370113][ T9474] 
[  104.370120][ T9474] Freed by task 9493:
[  104.370132][ T9474]  save_stack+0x23/0x90
[  104.370151][ T9474]  __kasan_slab_free+0x102/0x150
[  104.370164][ T9474]  kasan_slab_free+0xe/0x10
[  104.370181][ T9474]  kfree+0x10a/0x2c0
[  104.370201][ T9474]  vt_disallocate_all+0x2bd/0x3e0
[  104.370218][ T9474]  vt_ioctl+0xc38/0x26d0
[  104.370229][ T9474]  tty_ioctl+0xa37/0x14f0
[  104.370247][ T9474]  ksys_ioctl+0x123/0x180
[  104.370261][ T9474]  __x64_sys_ioctl+0x73/0xb0
[  104.370276][ T9474]  do_syscall_64+0xfa/0x790
[  104.370289][ T9474]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  104.370293][ T9474] 
[  104.370303][ T9474] The buggy address belongs to the object at ffff8880a2ca8000
[  104.370303][ T9474]  which belongs to the cache kmalloc-2k of size 2048
[  104.370315][ T9474] The buggy address is located 8 bytes inside of
[  104.370315][ T9474]  2048-byte region [ffff8880a2ca8000, ffff8880a2ca8800)
[  104.370320][ T9474] The buggy address belongs to the page:
[  104.370333][ T9474] page:ffffea00028b2a00 refcount:1 mapcount:0 mapping:ffff8880aa400e00 index:0x0
[  104.370353][ T9474] raw: 00fffe0000000200 ffffea00027c1f88 ffffea0002304c88 ffff8880aa400e00
[  104.370374][ T9474] raw: 0000000000000000 ffff8880a2ca8000 0000000100000001 0000000000000000
[  104.370381][ T9474] page dumped because: kasan: bad access detected
[  104.370385][ T9474] 
[  104.370390][ T9474] Memory state around the buggy address:
[  104.370402][ T9474]  ffff8880a2ca7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  104.370414][ T9474]  ffff8880a2ca7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  104.370426][ T9474] >ffff8880a2ca8000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  104.370432][ T9474]                       ^
[  104.370443][ T9474]  ffff8880a2ca8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  104.370455][ T9474]  ffff8880a2ca8100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  104.370461][ T9474] ==================================================================
[  104.370466][ T9474] Disabling lock debugging due to kernel taint
[  104.370474][ T9474] Kernel panic - not syncing: panic_on_warn set ...
[  104.370490][ T9474] CPU: 0 PID: 9474 Comm: syz-executor.0 Tainted: G    B             5.5.0-rc2-next-20191220-syzkaller #0
[  104.370498][ T9474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  104.370502][ T9474] Call Trace:
[  104.370515][ T9474]  dump_stack+0x197/0x210
[  104.370532][ T9474]  panic+0x2e3/0x75c
[  104.370546][ T9474]  ? add_taint.cold+0x16/0x16
[  104.370564][ T9474]  ? try_to_grab_pending+0x115/0x910
[  104.370581][ T9474]  ? trace_hardirqs_off+0x62/0x240
[  104.370596][ T9474]  ? trace_hardirqs_off+0x59/0x240
[  104.370612][ T9474]  ? try_to_grab_pending+0x115/0x910
[  104.370626][ T9474]  end_report+0x47/0x4f
[  104.370640][ T9474]  ? try_to_grab_pending+0x115/0x910
[  104.370653][ T9474]  __kasan_report.cold+0xe/0x41
[  104.370669][ T9474]  ? try_to_grab_pending+0x115/0x910
[  104.370683][ T9474]  kasan_report+0x12/0x20
[  104.370697][ T9474]  check_memory_region+0x134/0x1a0
[  104.370711][ T9474]  __kasan_check_write+0x14/0x20
[  104.370725][ T9474]  try_to_grab_pending+0x115/0x910
[  104.370738][ T9474]  ? __kasan_check_read+0x11/0x20
[  104.370753][ T9474]  __cancel_work_timer+0xc4/0x540
[  104.370768][ T9474]  ? mod_delayed_work_on+0x200/0x200
[  104.370784][ T9474]  ? get_work_pool+0x1b0/0x1b0
[  104.370803][ T9474]  cancel_work_sync+0x18/0x20
[  104.370818][ T9474]  tty_buffer_cancel_work+0x16/0x20
[  104.370832][ T9474]  release_tty+0x261/0x470
[  104.370847][ T9474]  tty_release_struct+0x3c/0x50
[  104.370859][ T9474]  tty_release+0xbcb/0xe90
[  104.370878][ T9474]  __fput+0x2ff/0x890
[  104.370891][ T9474]  ? do_tty_hangup+0x30/0x30
[  104.370907][ T9474]  ____fput+0x16/0x20
[  104.370921][ T9474]  task_work_run+0x145/0x1c0
[  104.370937][ T9474]  exit_to_usermode_loop+0x316/0x380
[  104.370952][ T9474]  do_syscall_64+0x676/0x790
[  104.370967][ T9474]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  104.370976][ T9474] RIP: 0033:0x4144b1
[  104.370990][ T9474] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  104.370998][ T9474] RSP: 002b:00007fffd8a9b6c0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  104.371010][ T9474] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00000000004144b1
[  104.371018][ T9474] RDX: 0000000000000001 RSI: 0000000000000002 RDI: 0000000000000003
[  104.371027][ T9474] RBP: 0000000000000000 R08: ffffffffffffffff R09: ffffffffffffffff
[  104.371035][ T9474] R10: 00007fffd8a9b7a0 R11: 0000000000000293 R12: 000000000075c118
[  104.371043][ T9474] R13: 000000000001973c R14: 0000000000761640 R15: 000000000075c124
[  104.372348][ T9474] Kernel Offset: disabled
[  105.163286][ T9474] Rebooting in 86400 seconds..