Starting mcstransd: 
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   72.234764][   T26] kauditd_printk_skb: 5 callbacks suppressed
[   72.234776][   T26] audit: type=1800 audit(1562009652.491:33): pid=9307 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   72.278694][   T26] audit: type=1800 audit(1562009652.501:34): pid=9307 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   74.358177][   T26] audit: type=1400 audit(1562009654.621:35): avc:  denied  { map } for  pid=9484 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.0.142' (ECDSA) to the list of known hosts.
[   89.877708][   T26] audit: type=1400 audit(1562009670.141:36): avc:  denied  { map } for  pid=9496 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
2019/07/01 19:34:31 parsed 1 programs
[   90.897433][   T26] audit: type=1400 audit(1562009671.161:37): avc:  denied  { map } for  pid=9496 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=16196 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1
2019/07/01 19:34:33 executed programs: 0
[   93.121618][ T9521] IPVS: ftp: loaded support on port[0] = 21
[   93.138592][ T9522] IPVS: ftp: loaded support on port[0] = 21
[   93.142767][ T9518] IPVS: ftp: loaded support on port[0] = 21
[   93.154077][ T9524] IPVS: ftp: loaded support on port[0] = 21
[   93.197258][ T9526] IPVS: ftp: loaded support on port[0] = 21
[   93.219992][ T9527] IPVS: ftp: loaded support on port[0] = 21
[   93.413100][ T9524] chnl_net:caif_netlink_parms(): no params data found
[   93.522503][ T9524] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.530143][ T9524] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.538828][ T9524] device bridge_slave_0 entered promiscuous mode
[   93.565466][ T9524] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.573120][ T9524] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.581597][ T9524] device bridge_slave_1 entered promiscuous mode
[   93.604595][ T9522] chnl_net:caif_netlink_parms(): no params data found
[   93.675472][ T9524] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   93.724869][ T9521] chnl_net:caif_netlink_parms(): no params data found
[   93.737104][ T9524] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   93.843497][ T9526] chnl_net:caif_netlink_parms(): no params data found
[   93.853150][ T9527] chnl_net:caif_netlink_parms(): no params data found
[   93.861909][ T9522] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.869363][ T9522] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.877288][ T9522] device bridge_slave_0 entered promiscuous mode
[   93.887978][ T9522] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.895314][ T9522] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.903239][ T9522] device bridge_slave_1 entered promiscuous mode
[   93.920649][ T9524] team0: Port device team_slave_0 added
[   93.930820][ T9524] team0: Port device team_slave_1 added
[   93.969403][ T9518] chnl_net:caif_netlink_parms(): no params data found
[   93.984083][ T9522] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   94.059416][ T9524] device hsr_slave_0 entered promiscuous mode
[   94.106467][ T9524] device hsr_slave_1 entered promiscuous mode
[   94.147816][ T9522] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   94.169836][ T9526] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.177678][ T9526] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.185431][ T9526] device bridge_slave_0 entered promiscuous mode
[   94.211550][ T9521] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.219854][ T9521] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.227939][ T9521] device bridge_slave_0 entered promiscuous mode
[   94.241670][ T9521] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.249821][ T9521] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.257858][ T9521] device bridge_slave_1 entered promiscuous mode
[   94.265216][ T9526] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.272869][ T9526] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.280795][ T9526] device bridge_slave_1 entered promiscuous mode
[   94.295543][ T9522] team0: Port device team_slave_0 added
[   94.303497][ T9522] team0: Port device team_slave_1 added
[   94.337492][ T9527] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.344619][ T9527] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.353227][ T9527] device bridge_slave_0 entered promiscuous mode
[   94.361272][ T9527] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.368537][ T9527] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.376845][ T9527] device bridge_slave_1 entered promiscuous mode
[   94.390930][ T9521] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   94.414976][ T9526] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   94.437231][ T9521] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   94.449592][ T9527] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   94.472054][ T9526] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   94.501463][ T9527] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   94.510214][ T9518] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.517711][ T9518] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.525423][ T9518] device bridge_slave_0 entered promiscuous mode
[   94.580098][ T9522] device hsr_slave_0 entered promiscuous mode
[   94.626115][ T9522] device hsr_slave_1 entered promiscuous mode
[   94.688568][ T9518] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.695712][ T9518] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.705202][ T9518] device bridge_slave_1 entered promiscuous mode
[   94.733364][ T9526] team0: Port device team_slave_0 added
[   94.741289][ T9521] team0: Port device team_slave_0 added
[   94.749452][ T9521] team0: Port device team_slave_1 added
[   94.757247][ T9518] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   94.767427][ T9527] team0: Port device team_slave_0 added
[   94.779257][ T9526] team0: Port device team_slave_1 added
[   94.787124][ T9518] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   94.814633][ T9527] team0: Port device team_slave_1 added
[   94.847358][ T9518] team0: Port device team_slave_0 added
[   94.862428][ T9518] team0: Port device team_slave_1 added
[   94.929369][ T9521] device hsr_slave_0 entered promiscuous mode
[   94.976123][ T9521] device hsr_slave_1 entered promiscuous mode
[   95.109222][ T9526] device hsr_slave_0 entered promiscuous mode
[   95.166390][ T9526] device hsr_slave_1 entered promiscuous mode
[   95.288540][ T9527] device hsr_slave_0 entered promiscuous mode
[   95.326325][ T9527] device hsr_slave_1 entered promiscuous mode
[   95.429308][ T9518] device hsr_slave_0 entered promiscuous mode
[   95.486411][ T9518] device hsr_slave_1 entered promiscuous mode
[   95.691998][ T9524] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.715401][ T9521] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.741544][ T9522] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.764102][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   95.776931][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   95.785194][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   95.793564][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   95.802929][ T9521] 8021q: adding VLAN 0 to HW filter on device team0
[   95.826872][ T9524] 8021q: adding VLAN 0 to HW filter on device team0
[   95.850521][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   95.859971][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   95.870052][   T17] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.877396][   T17] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.885384][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   95.894429][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   95.903553][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   95.942822][ T9518] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.955510][ T9527] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.970197][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   95.979463][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   95.989056][   T17] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.996366][   T17] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.004279][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   96.013104][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   96.021501][   T17] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.028650][   T17] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.037304][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   96.046227][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   96.055056][   T17] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.062336][   T17] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.071145][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   96.081623][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   96.101133][ T9522] 8021q: adding VLAN 0 to HW filter on device team0
[   96.128481][ T9526] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.140624][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   96.149905][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   96.159536][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   96.169037][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   96.200582][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   96.208587][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   96.220107][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   96.228800][ T2404] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.235943][ T2404] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.243821][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   96.252113][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   96.260100][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   96.269026][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   96.277613][ T2404] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.284661][ T2404] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.292820][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   96.301809][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   96.310670][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   96.320338][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   96.328923][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   96.337610][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   96.346083][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   96.354425][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   96.363348][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   96.375477][ T9527] 8021q: adding VLAN 0 to HW filter on device team0
[   96.400913][ T9521] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   96.417969][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   96.427715][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   96.437103][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   96.446490][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   96.455263][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   96.464047][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   96.473079][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   96.481642][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   96.489931][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   96.503137][ T9518] 8021q: adding VLAN 0 to HW filter on device team0
[   96.532957][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   96.541287][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   96.549860][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   96.558355][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   96.567346][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   96.576243][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   96.584673][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   96.592906][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   96.601449][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   96.610252][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   96.620167][   T17] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.627330][   T17] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.635229][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   96.644475][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   96.653144][   T17] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.660275][   T17] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.669161][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   96.678640][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   96.690284][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   96.698457][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   96.707419][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   96.730351][ T9521] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.741736][ T9524] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   96.755435][ T9526] 8021q: adding VLAN 0 to HW filter on device team0
[   96.763456][ T9530] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   96.777463][ T9530] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   96.786082][ T9530] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.793154][ T9530] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.801057][ T9530] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   96.809439][ T9530] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   96.817992][ T9530] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   96.826557][ T9530] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   96.834938][ T9530] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   96.843873][ T9530] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   96.852782][ T9530] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   96.861543][ T9530] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   96.875986][ T9522] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   96.889359][ T9522] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   96.911357][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   96.919983][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   96.930150][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   96.939593][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   96.956079][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   96.964900][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   96.974296][ T2404] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.981433][ T2404] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.989503][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   96.998158][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   97.016161][ T9522] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.046725][   T26] audit: type=1400 audit(1562009677.301:38): avc:  denied  { associate } for  pid=9521 comm="syz-executor.4" name="syz4" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1
[   97.058242][ T9527] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   97.093427][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   97.120069][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   97.132646][ T2994] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.139839][ T2994] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.148870][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   97.157647][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   97.166274][ T2994] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.173369][ T2994] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.181217][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   97.193718][ T9524] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.220206][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   97.234980][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   97.244995][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   97.263866][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   97.309314][   T26] audit: type=1400 audit(1562009677.571:39): avc:  denied  { map_create } for  pid=9547 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1
[   97.309473][ T9527] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.349670][   T26] audit: type=1400 audit(1562009677.571:40): avc:  denied  { map_read map_write } for  pid=9547 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1
[   97.376643][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   97.384698][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   97.397237][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   97.412146][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   97.421524][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   97.433290][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   97.441845][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   97.456079][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   97.464957][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   97.474283][ T2404] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   97.510525][ T9535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   97.520164][ T9535] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   97.549998][ T9535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   97.579445][ T9535] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   97.614939][ T9518] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   97.636398][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   97.650694][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   97.693997][ T9526] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   97.740785][ T9526] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   97.782572][ T9535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   97.812035][ T9535] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   97.898781][ T9518] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.964121][ T9526] 8021q: adding VLAN 0 to HW filter on device batadv0
2019/07/01 19:34:38 executed programs: 14
2019/07/01 19:34:43 executed programs: 161
2019/07/01 19:34:48 executed programs: 307
2019/07/01 19:34:53 executed programs: 446
2019/07/01 19:34:58 executed programs: 593
2019/07/01 19:35:03 executed programs: 743
2019/07/01 19:35:08 executed programs: 895
2019/07/01 19:35:13 executed programs: 1039
2019/07/01 19:35:18 executed programs: 1186
2019/07/01 19:35:23 executed programs: 1333
2019/07/01 19:35:28 executed programs: 1473
2019/07/01 19:35:33 executed programs: 1622
2019/07/01 19:35:38 executed programs: 1771
2019/07/01 19:35:43 executed programs: 1915
2019/07/01 19:35:48 executed programs: 2052
2019/07/01 19:35:53 executed programs: 2187
2019/07/01 19:35:58 executed programs: 2327
2019/07/01 19:36:03 executed programs: 2468
2019/07/01 19:36:08 executed programs: 2616
2019/07/01 19:36:13 executed programs: 2755
2019/07/01 19:36:18 executed programs: 2890
2019/07/01 19:36:23 executed programs: 3021
2019/07/01 19:36:28 executed programs: 3157
2019/07/01 19:36:33 executed programs: 3290
2019/07/01 19:36:38 executed programs: 3441
2019/07/01 19:36:43 executed programs: 3580
2019/07/01 19:36:48 executed programs: 3711
2019/07/01 19:36:54 executed programs: 3842
2019/07/01 19:36:59 executed programs: 3976
2019/07/01 19:37:04 executed programs: 4105
2019/07/01 19:37:09 executed programs: 4254
2019/07/01 19:37:14 executed programs: 4396
2019/07/01 19:37:19 executed programs: 4529
2019/07/01 19:37:24 executed programs: 4659
2019/07/01 19:37:29 executed programs: 4791
2019/07/01 19:37:34 executed programs: 4922
2019/07/01 19:37:39 executed programs: 5066
2019/07/01 19:37:44 executed programs: 5208
2019/07/01 19:37:49 executed programs: 5355
2019/07/01 19:37:54 executed programs: 5489
2019/07/01 19:37:59 executed programs: 5622
2019/07/01 19:38:04 executed programs: 5745
2019/07/01 19:38:09 executed programs: 5866
2019/07/01 19:38:14 executed programs: 6000
2019/07/01 19:38:19 executed programs: 6154
2019/07/01 19:38:24 executed programs: 6303
2019/07/01 19:38:29 executed programs: 6435
2019/07/01 19:38:34 executed programs: 6562
2019/07/01 19:38:39 executed programs: 6686
2019/07/01 19:38:44 executed programs: 6808
2019/07/01 19:38:50 executed programs: 6956
2019/07/01 19:38:55 executed programs: 7099
2019/07/01 19:39:00 executed programs: 7228
2019/07/01 19:39:05 executed programs: 7349
2019/07/01 19:39:10 executed programs: 7471
2019/07/01 19:39:15 executed programs: 7592
2019/07/01 19:39:20 executed programs: 7729
2019/07/01 19:39:25 executed programs: 7870
2019/07/01 19:39:30 executed programs: 8001
2019/07/01 19:39:35 executed programs: 8125
2019/07/01 19:39:40 executed programs: 8250
2019/07/01 19:39:45 executed programs: 8376
2019/07/01 19:39:50 executed programs: 8528
2019/07/01 19:39:55 executed programs: 8682
2019/07/01 19:40:00 executed programs: 8829
[  423.111746][T13031] ==================================================================
[  423.120158][T13031] BUG: KASAN: use-after-free in sk_psock_unlink+0x3dd/0x4b0
[  423.127461][T13031] Read of size 4 at addr ffff88809e467858 by task syz-executor.3/13031
[  423.135695][T13031] 
[  423.135736][T13031] CPU: 0 PID: 13031 Comm: syz-executor.3 Not tainted 5.2.0-rc7 #39
[  423.135744][T13031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  423.135779][T13031] Call Trace:
[  423.135874][T13031]  dump_stack+0x172/0x1f0
[  423.135896][T13031]  ? sk_psock_unlink+0x3dd/0x4b0
[  423.135954][T13031]  ? tcp_check_oom+0x560/0x560
[  423.159590][T13031]  print_address_description.cold+0x7c/0x20d
[  423.159606][T13031]  ? sk_psock_unlink+0x3dd/0x4b0
[  423.159618][T13031]  ? sk_psock_unlink+0x3dd/0x4b0
[  423.159639][T13031]  ? tcp_check_oom+0x560/0x560
[  423.184538][T13031]  __kasan_report.cold+0x1b/0x40
[  423.199225][T13031]  ? retint_user+0x13/0x18
[  423.203654][T13031]  ? sk_psock_unlink+0x3dd/0x4b0
[  423.208602][T13031]  kasan_report+0x12/0x20
[  423.212950][T13031]  __asan_report_load4_noabort+0x14/0x20
[  423.218601][T13031]  sk_psock_unlink+0x3dd/0x4b0
[  423.223380][T13031]  ? tcp_check_oom+0x560/0x560
[  423.228216][T13031]  tcp_bpf_remove+0x21/0x50
[  423.232727][T13031]  tcp_bpf_close+0x130/0x390
[  423.237359][T13031]  inet_release+0xe0/0x1f0
[  423.241833][T13031]  inet6_release+0x53/0x80
[  423.246302][T13031]  __sock_release+0xce/0x2a0
[  423.250900][T13031]  sock_close+0x1b/0x30
[  423.250916][T13031]  __fput+0x2ff/0x890
[  423.250934][T13031]  ? __sock_release+0x2a0/0x2a0
[  423.263900][T13031]  ____fput+0x16/0x20
[  423.267891][T13031]  task_work_run+0x145/0x1c0
[  423.272523][T13031]  exit_to_usermode_loop+0x273/0x2c0
[  423.277833][T13031]  do_syscall_64+0x58e/0x680
[  423.282432][T13031]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  423.288340][T13031] RIP: 0033:0x413201
[  423.292250][T13031] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  423.311879][T13031] RSP: 002b:00007fff5d0ee900 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  423.311905][T13031] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 0000000000413201
[  423.311913][T13031] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[  423.311921][T13031] RBP: 0000000000000000 R08: ffffffffffffffff R09: ffffffffffffffff
[  423.311930][T13031] R10: 00007fff5d0ee9e0 R11: 0000000000000293 R12: 00000000007610a8
[  423.311938][T13031] R13: 000000000006749d R14: 00000000000674ca R15: ffffffffffffffff
[  423.311965][T13031] 
[  423.311986][T13031] Allocated by task 13036:
[  423.312008][T13031]  save_stack+0x23/0x90
[  423.336332][T13031]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[  423.336345][T13031]  kasan_kmalloc+0x9/0x10
[  423.336357][T13031]  kmem_cache_alloc_trace+0x151/0x750
[  423.336370][T13031]  sock_hash_alloc+0x1e3/0x5b0
[  423.336383][T13031]  __do_sys_bpf+0x730/0x43d0
[  423.336394][T13031]  __x64_sys_bpf+0x73/0xb0
[  423.336408][T13031]  do_syscall_64+0xfd/0x680
[  423.336422][T13031]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  423.336426][T13031] 
[  423.336433][T13031] Freed by task 9535:
[  423.336443][T13031]  save_stack+0x23/0x90
[  423.336454][T13031]  __kasan_slab_free+0x102/0x150
[  423.336465][T13031]  kasan_slab_free+0xe/0x10
[  423.336474][T13031]  kfree+0xcf/0x220
[  423.336483][T13031]  sock_hash_free+0x327/0x4a0
[  423.336493][T13031]  bpf_map_free_deferred+0xb4/0xe0
[  423.336507][T13031]  process_one_work+0x989/0x1790
[  423.336519][T13031]  worker_thread+0x98/0xe40
[  423.336537][T13031]  kthread+0x354/0x420
[  423.457531][T13031]  ret_from_fork+0x24/0x30
[  423.461948][T13031] 
[  423.464283][T13031] The buggy address belongs to the object at ffff88809e467840
[  423.464283][T13031]  which belongs to the cache kmalloc-512 of size 512
[  423.478342][T13031] The buggy address is located 24 bytes inside of
[  423.478342][T13031]  512-byte region [ffff88809e467840, ffff88809e467a40)
[  423.491529][T13031] The buggy address belongs to the page:
[  423.497186][T13031] page:ffffea00027919c0 refcount:1 mapcount:0 mapping:ffff8880aa400940 index:0xffff88809e4675c0
[  423.507606][T13031] flags: 0x1fffc0000000200(slab)
[  423.512557][T13031] raw: 01fffc0000000200 ffffea00020acb88 ffffea000290fd88 ffff8880aa400940
[  423.521158][T13031] raw: ffff88809e4675c0 ffff88809e4670c0 0000000100000003 0000000000000000
[  423.529747][T13031] page dumped because: kasan: bad access detected
[  423.536167][T13031] 
[  423.538497][T13031] Memory state around the buggy address:
[  423.544143][T13031]  ffff88809e467700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  423.552219][T13031]  ffff88809e467780: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  423.560294][T13031] >ffff88809e467800: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
[  423.568362][T13031]                                                     ^
[  423.575314][T13031]  ffff88809e467880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  423.583384][T13031]  ffff88809e467900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  423.591445][T13031] ==================================================================
[  423.599500][T13031] Disabling lock debugging due to kernel taint
[  423.634316][T13031] Kernel panic - not syncing: panic_on_warn set ...
[  423.640970][T13031] CPU: 0 PID: 13031 Comm: syz-executor.3 Tainted: G    B             5.2.0-rc7 #39
[  423.648837][ T3879] kobject: 'loop2' (00000000708cbb64): kobject_uevent_env
[  423.650244][T13031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  423.650250][T13031] Call Trace:
[  423.650272][T13031]  dump_stack+0x172/0x1f0
[  423.650295][T13031]  ? tcp_check_oom+0x560/0x560
[  423.671956][ T3879] kobject: 'loop2' (00000000708cbb64): fill_kobj_path: path = '/devices/virtual/block/loop2'
[  423.675055][T13031]  panic+0x2cb/0x744
[  423.675075][T13031]  ? __warn_printk+0xf3/0xf3
[  423.698434][T13031]  ? sk_psock_unlink+0x3dd/0x4b0
[  423.702854][ T3879] kobject: 'loop4' (00000000bd56990d): kobject_uevent_env
[  423.703387][T13031]  ? tcp_check_oom+0x560/0x560
[  423.715247][T13031]  ? preempt_schedule+0x4b/0x60
[  423.720115][T13031]  ? ___preempt_schedule+0x16/0x18
[  423.723244][ T3879] kobject: 'loop4' (00000000bd56990d): fill_kobj_path: path = '/devices/virtual/block/loop4'
[  423.725244][T13031]  ? trace_hardirqs_on+0x5e/0x220
[  423.725266][T13031]  ? sk_psock_unlink+0x3dd/0x4b0
[  423.740134][ T3879] kobject: 'loop0' (000000005c3ead6b): kobject_uevent_env
[  423.740449][T13031]  ? tcp_check_oom+0x560/0x560
[  423.745459][ T3879] kobject: 'loop0' (000000005c3ead6b): fill_kobj_path: path = '/devices/virtual/block/loop0'
[  423.752491][T13031]  end_report+0x47/0x4f
[  423.752505][T13031]  ? sk_psock_unlink+0x3dd/0x4b0
[  423.752515][T13031]  __kasan_report.cold+0xe/0x40
[  423.752534][T13031]  ? retint_user+0x13/0x18
[  423.752544][T13031]  ? sk_psock_unlink+0x3dd/0x4b0
[  423.752555][T13031]  kasan_report+0x12/0x20
[  423.752567][T13031]  __asan_report_load4_noabort+0x14/0x20
[  423.752577][T13031]  sk_psock_unlink+0x3dd/0x4b0
[  423.752593][T13031]  ? tcp_check_oom+0x560/0x560
[  423.752612][T13031]  tcp_bpf_remove+0x21/0x50
[  423.814680][T13031]  tcp_bpf_close+0x130/0x390
[  423.819278][T13031]  inet_release+0xe0/0x1f0
[  423.823703][T13031]  inet6_release+0x53/0x80
[  423.828121][T13031]  __sock_release+0xce/0x2a0
[  423.832716][T13031]  sock_close+0x1b/0x30
[  423.836883][T13031]  __fput+0x2ff/0x890
[  423.840868][T13031]  ? __sock_release+0x2a0/0x2a0
[  423.845727][T13031]  ____fput+0x16/0x20
[  423.849702][T13031]  task_work_run+0x145/0x1c0
[  423.854275][T13031]  exit_to_usermode_loop+0x273/0x2c0
[  423.859543][T13031]  do_syscall_64+0x58e/0x680
[  423.864117][T13031]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  423.869989][T13031] RIP: 0033:0x413201
[  423.873885][T13031] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  423.893469][T13031] RSP: 002b:00007fff5d0ee900 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  423.901864][T13031] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 0000000000413201
[  423.909812][T13031] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[  423.917766][T13031] RBP: 0000000000000000 R08: ffffffffffffffff R09: ffffffffffffffff
[  423.925768][T13031] R10: 00007fff5d0ee9e0 R11: 0000000000000293 R12: 00000000007610a8
[  423.933722][T13031] R13: 000000000006749d R14: 00000000000674ca R15: ffffffffffffffff
[  423.942900][T13031] Kernel Offset: disabled
[  423.947250][T13031] Rebooting in 86400 seconds..