[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   68.283892][   T24] audit: type=1800 audit(1576337669.257:25): pid=9067 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   68.317793][   T24] audit: type=1800 audit(1576337669.257:26): pid=9067 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   68.357763][   T24] audit: type=1800 audit(1576337669.257:27): pid=9067 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.42' (ECDSA) to the list of known hosts.
2019/12/14 15:34:40 parsed 1 programs
2019/12/14 15:34:43 executed programs: 0
syzkaller login: [   82.170343][ T9246] IPVS: ftp: loaded support on port[0] = 21
[   82.192889][ T9242] IPVS: ftp: loaded support on port[0] = 21
[   82.204859][ T9249] IPVS: ftp: loaded support on port[0] = 21
[   82.219801][ T9245] IPVS: ftp: loaded support on port[0] = 21
[   82.243703][ T9250] IPVS: ftp: loaded support on port[0] = 21
[   82.252450][ T9241] IPVS: ftp: loaded support on port[0] = 21
[   82.485085][ T9242] chnl_net:caif_netlink_parms(): no params data found
[   82.534242][ T9246] chnl_net:caif_netlink_parms(): no params data found
[   82.559382][ T9245] chnl_net:caif_netlink_parms(): no params data found
[   82.627114][ T9242] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.634813][ T9242] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.642803][ T9242] device bridge_slave_0 entered promiscuous mode
[   82.682795][ T9242] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.690372][ T9242] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.698714][ T9242] device bridge_slave_1 entered promiscuous mode
[   82.757979][ T9242] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   82.767194][ T9249] chnl_net:caif_netlink_parms(): no params data found
[   82.779395][ T9246] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.786488][ T9246] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.794931][ T9246] device bridge_slave_0 entered promiscuous mode
[   82.804089][ T9246] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.811294][ T9246] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.819272][ T9246] device bridge_slave_1 entered promiscuous mode
[   82.832116][ T9242] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   82.841748][ T9245] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.850709][ T9245] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.859256][ T9245] device bridge_slave_0 entered promiscuous mode
[   82.900595][ T9250] chnl_net:caif_netlink_parms(): no params data found
[   82.917128][ T9245] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.925217][ T9245] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.935363][ T9245] device bridge_slave_1 entered promiscuous mode
[   82.963576][ T9241] chnl_net:caif_netlink_parms(): no params data found
[   82.982820][ T9242] team0: Port device team_slave_0 added
[   83.006694][ T9246] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   83.021022][ T9246] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   83.035191][ T9242] team0: Port device team_slave_1 added
[   83.048957][ T9245] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   83.095082][ T9245] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   83.104551][ T9249] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.112033][ T9249] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.119900][ T9249] device bridge_slave_0 entered promiscuous mode
[   83.129243][ T9246] team0: Port device team_slave_0 added
[   83.171306][ T9249] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.178530][ T9249] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.186275][ T9249] device bridge_slave_1 entered promiscuous mode
[   83.194978][ T9246] team0: Port device team_slave_1 added
[   83.207821][ T9250] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.214939][ T9250] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.226956][ T9250] device bridge_slave_0 entered promiscuous mode
[   83.281370][ T9242] device hsr_slave_0 entered promiscuous mode
[   83.338173][ T9242] device hsr_slave_1 entered promiscuous mode
[   83.397876][ T9250] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.404995][ T9250] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.415118][ T9250] device bridge_slave_1 entered promiscuous mode
[   83.422702][ T9241] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.430068][ T9241] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.437955][ T9241] device bridge_slave_0 entered promiscuous mode
[   83.459645][ T9245] team0: Port device team_slave_0 added
[   83.467283][ T9249] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   83.483798][ T9249] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   83.498608][ T9241] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.505752][ T9241] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.514573][ T9241] device bridge_slave_1 entered promiscuous mode
[   83.529230][ T9245] team0: Port device team_slave_1 added
[   83.574294][ T9241] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   83.586800][ T9241] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   83.662068][ T9246] device hsr_slave_0 entered promiscuous mode
[   83.721651][ T9246] device hsr_slave_1 entered promiscuous mode
[   83.778242][ T9246] debugfs: Directory 'hsr0' with parent '/' already present!
[   83.792662][ T9250] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   83.804967][ T9250] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   83.836226][ T9249] team0: Port device team_slave_0 added
[   83.852896][ T9249] team0: Port device team_slave_1 added
[   83.914543][ T9241] team0: Port device team_slave_0 added
[   83.925594][ T9241] team0: Port device team_slave_1 added
[   83.931785][ T9242] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   84.051168][ T9245] device hsr_slave_0 entered promiscuous mode
[   84.088164][ T9245] device hsr_slave_1 entered promiscuous mode
[   84.127821][ T9245] debugfs: Directory 'hsr0' with parent '/' already present!
[   84.142469][ T9250] team0: Port device team_slave_0 added
[   84.159362][ T9242] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   84.220384][ T9242] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   84.319881][ T9249] device hsr_slave_0 entered promiscuous mode
[   84.348149][ T9249] device hsr_slave_1 entered promiscuous mode
[   84.387930][ T9249] debugfs: Directory 'hsr0' with parent '/' already present!
[   84.404069][ T9250] team0: Port device team_slave_1 added
[   84.410515][ T9246] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   84.460815][ T9246] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   84.521426][ T9242] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   84.640903][ T9241] device hsr_slave_0 entered promiscuous mode
[   84.698051][ T9241] device hsr_slave_1 entered promiscuous mode
[   84.767874][ T9241] debugfs: Directory 'hsr0' with parent '/' already present!
[   84.777240][ T9246] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   84.839777][ T9246] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   84.968616][ T9249] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   85.036794][ T9249] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   85.121942][ T9250] device hsr_slave_0 entered promiscuous mode
[   85.188098][ T9250] device hsr_slave_1 entered promiscuous mode
[   85.217859][ T9250] debugfs: Directory 'hsr0' with parent '/' already present!
[   85.225830][ T9245] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   85.296328][ T9249] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   85.353190][ T9245] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   85.414328][ T9245] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   85.460151][ T9249] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   85.513714][ T9245] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   85.558245][ T9241] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   85.620223][ T9241] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   85.695608][ T9241] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   85.731770][ T9241] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   85.797369][ T9250] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   85.850615][ T9250] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   85.899949][ T9250] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   85.972208][ T9250] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   86.010797][ T9242] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.028742][ T9246] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.059572][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   86.069642][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   86.082400][ T9246] 8021q: adding VLAN 0 to HW filter on device team0
[   86.123562][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   86.132696][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   86.141369][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   86.150626][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   86.160088][ T2730] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.167594][ T2730] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.176370][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   86.186368][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   86.195144][ T2730] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.202592][ T2730] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.213885][ T9245] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.229956][ T9242] 8021q: adding VLAN 0 to HW filter on device team0
[   86.251168][ T9257] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   86.259577][ T9257] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   86.268963][ T9257] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   86.277699][ T9257] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   86.286607][ T9257] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   86.296147][ T9257] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   86.304943][ T9257] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   86.313700][ T9257] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   86.334349][ T9245] 8021q: adding VLAN 0 to HW filter on device team0
[   86.345172][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   86.355203][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   86.363580][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   86.372503][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   86.381315][    T5] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.388454][    T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.398589][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   86.427140][ T9246] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   86.439381][ T9246] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   86.457468][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   86.468441][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   86.477460][ T2730] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.484787][ T2730] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.493170][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   86.502142][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   86.510541][ T2730] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.517765][ T2730] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.525338][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   86.534353][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   86.543030][ T2730] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.550179][ T2730] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.558094][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   86.566717][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   86.576068][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   86.584847][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   86.593940][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   86.602408][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   86.611279][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   86.619678][ T2730] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   86.639556][ T9241] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.667324][ T9246] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.674941][ T9257] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   86.690378][ T9257] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   86.698421][ T9257] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   86.713608][ T9249] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.730033][ T9241] 8021q: adding VLAN 0 to HW filter on device team0
[   86.748377][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   86.760756][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   86.773232][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   86.782037][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   86.792318][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   86.801484][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   86.812597][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   86.821537][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   86.830709][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   86.839567][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   86.875932][ T9242] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   86.914940][ T9242] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   86.915854][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   86.916447][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   86.954556][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   86.956019][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   86.971773][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   86.972591][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   86.989863][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
2019/12/14 15:34:48 executed programs: 6
[   86.990417][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   86.990908][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   87.028140][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   87.032187][ T9249] 8021q: adding VLAN 0 to HW filter on device team0
[   87.085341][ T9250] 8021q: adding VLAN 0 to HW filter on device bond0
[   87.085705][ T9245] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   87.086410][ T9245] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   87.120111][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   87.120973][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   87.121498][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   87.121860][ T3141] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.121914][ T3141] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.128640][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   87.181952][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   87.195648][ T3141] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.195681][ T3141] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.228709][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   87.258700][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   87.259114][ T3141] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.259149][ T3141] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.259518][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   87.260317][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   87.260862][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   87.261382][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   87.262239][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   87.340847][ T9242] 8021q: adding VLAN 0 to HW filter on device batadv0
[   87.392483][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   87.393119][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   87.414362][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   87.424991][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   87.425388][   T17] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.440518][   T17] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.464674][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   87.480440][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   87.490500][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   87.491492][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   87.492462][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   87.493095][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   87.526585][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   87.527185][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   87.549969][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   87.564054][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   87.564542][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   87.585848][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   87.605878][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   87.608881][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   87.609628][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   87.626482][ T9250] 8021q: adding VLAN 0 to HW filter on device team0
[   87.640184][ T9245] 8021q: adding VLAN 0 to HW filter on device batadv0
[   87.674553][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   87.675136][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   87.675580][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   87.675915][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   87.676264][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   87.676600][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   87.677138][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   87.677548][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   87.681969][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   87.682366][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   87.682774][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   87.683140][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   87.683406][ T3135] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.683429][ T3135] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.683717][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   87.684055][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   87.684311][ T3135] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.684332][ T3135] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.684582][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   87.685117][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   87.685609][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   87.686469][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   87.699321][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   87.699888][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   87.701685][ T9249] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   87.707059][ T9241] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   87.953669][ T9250] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   87.953684][ T9250] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   87.988629][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   87.989437][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   87.990064][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   87.990568][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   87.991619][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   87.992114][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   87.992615][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   87.992723][ T3135] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   87.993155][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   88.055842][ T9250] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.188266][ T9257] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   88.188394][ T9257] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   88.188500][ T9257] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   88.188612][ T9257] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   88.205887][ T9241] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.212042][ T9249] 8021q: adding VLAN 0 to HW filter on device batadv0
2019/12/14 15:34:53 executed programs: 88
[   93.173646][ T9728] ==================================================================
[   93.182051][ T9728] BUG: KASAN: use-after-free in n_tty_receive_buf_common+0x270f/0x2b70
[   93.190492][ T9728] Read of size 1 at addr ffff88809a06cf80 by task syz-executor.0/9728
[   93.198773][ T9728] 
[   93.201132][ T9728] CPU: 0 PID: 9728 Comm: syz-executor.0 Not tainted 5.5.0-rc1-syzkaller #0
[   93.209728][ T9728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   93.220045][ T9728] Call Trace:
[   93.223344][ T9728]  dump_stack+0x197/0x210
[   93.227681][ T9728]  ? n_tty_receive_buf_common+0x270f/0x2b70
[   93.233602][ T9728]  print_address_description.constprop.0.cold+0xd4/0x30b
[   93.240732][ T9728]  ? n_tty_receive_buf_common+0x270f/0x2b70
[   93.246694][ T9728]  ? n_tty_receive_buf_common+0x270f/0x2b70
[   93.252608][ T9728]  __kasan_report.cold+0x1b/0x41
[   93.257902][ T9728]  ? n_tty_receive_buf_common+0x270f/0x2b70
[   93.263804][ T9728]  kasan_report+0x12/0x20
[   93.268183][ T9728]  __asan_report_load1_noabort+0x14/0x20
[   93.273946][ T9728]  n_tty_receive_buf_common+0x270f/0x2b70
[   93.279681][ T9728]  ? __kasan_check_read+0x11/0x20
[   93.284895][ T9728]  n_tty_receive_buf2+0x34/0x40
[   93.289976][ T9728]  tty_ldisc_receive_buf+0xad/0x1c0
[   93.295440][ T9728]  ? add_wait_queue+0x112/0x170
[   93.300509][ T9728]  ? n_tty_receive_buf_common+0x2b70/0x2b70
[   93.306509][ T9728]  paste_selection+0x1ff/0x460
[   93.311423][ T9728]  ? vcs_remove_sysfs+0x60/0x60
[   93.316404][ T9728]  ? lock_downgrade+0x920/0x920
[   93.321516][ T9728]  ? wake_up_q+0x140/0x140
[   93.325946][ T9728]  tioclinux+0x133/0x480
[   93.330442][ T9728]  vt_ioctl+0x1a41/0x26d0
[   93.334893][ T9728]  ? complete_change_console+0x3a0/0x3a0
[   93.340518][ T9728]  ? lock_downgrade+0x920/0x920
[   93.345367][ T9728]  ? rwlock_bug.part.0+0x90/0x90
[   93.350305][ T9728]  ? tomoyo_path_number_perm+0x214/0x520
[   93.355927][ T9728]  ? find_held_lock+0x35/0x130
[   93.360685][ T9728]  ? tomoyo_path_number_perm+0x214/0x520
[   93.366322][ T9728]  ? __sanitizer_cov_trace_switch+0x49/0x80
[   93.372340][ T9728]  ? tty_jobctrl_ioctl+0x50/0xd40
[   93.377465][ T9728]  ? complete_change_console+0x3a0/0x3a0
[   93.383090][ T9728]  tty_ioctl+0xa37/0x14f0
[   93.387408][ T9728]  ? tty_vhangup+0x30/0x30
[   93.391817][ T9728]  ? tomoyo_path_number_perm+0x454/0x520
[   93.397829][ T9728]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   93.404097][ T9728]  ? tomoyo_path_number_perm+0x25e/0x520
[   93.409974][ T9728]  ? tomoyo_execute_permission+0x4a0/0x4a0
[   93.415825][ T9728]  ? tty_vhangup+0x30/0x30
[   93.420422][ T9728]  do_vfs_ioctl+0x977/0x14e0
[   93.425144][ T9728]  ? compat_ioctl_preallocate+0x220/0x220
[   93.430907][ T9728]  ? __fget+0x37f/0x550
[   93.435087][ T9728]  ? ksys_dup3+0x3e0/0x3e0
[   93.439714][ T9728]  ? ns_to_kernel_old_timeval+0x100/0x100
[   93.445680][ T9728]  ? tomoyo_file_ioctl+0x23/0x30
[   93.450654][ T9728]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   93.456937][ T9728]  ? security_file_ioctl+0x8d/0xc0
[   93.462097][ T9728]  ksys_ioctl+0xab/0xd0
[   93.466285][ T9728]  __x64_sys_ioctl+0x73/0xb0
[   93.470895][ T9728]  do_syscall_64+0xfa/0x790
[   93.475429][ T9728]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   93.481610][ T9728] RIP: 0033:0x45a909
[   93.485662][ T9728] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[   93.505873][ T9728] RSP: 002b:00007fdde5d3ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   93.514530][ T9728] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a909
[   93.522651][ T9728] RDX: 0000000020000000 RSI: 000000000000541c RDI: 0000000000000003
[   93.530628][ T9728] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[   93.538673][ T9728] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdde5d3f6d4
[   93.546633][ T9728] R13: 00000000004c5c62 R14: 00000000004dbf18 R15: 00000000ffffffff
[   93.554732][ T9728] 
[   93.557198][ T9728] Allocated by task 9728:
[   93.561551][ T9728]  save_stack+0x23/0x90
[   93.566104][ T9728]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[   93.571769][ T9728]  kasan_kmalloc+0x9/0x10
[   93.576123][ T9728]  __kmalloc+0x163/0x770
[   93.580457][ T9728]  set_selection_kernel+0x872/0x13b0
[   93.585893][ T9728]  set_selection_user+0x95/0xd9
[   93.590853][ T9728]  tioclinux+0x11c/0x480
[   93.595530][ T9728]  vt_ioctl+0x1a41/0x26d0
[   93.600310][ T9728]  tty_ioctl+0xa37/0x14f0
[   93.604864][ T9728]  do_vfs_ioctl+0x977/0x14e0
[   93.609448][ T9728]  ksys_ioctl+0xab/0xd0
[   93.613714][ T9728]  __x64_sys_ioctl+0x73/0xb0
[   93.618303][ T9728]  do_syscall_64+0xfa/0x790
[   93.622807][ T9728]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   93.628692][ T9728] 
[   93.631012][ T9728] Freed by task 9733:
[   93.635297][ T9728]  save_stack+0x23/0x90
[   93.639746][ T9728]  __kasan_slab_free+0x102/0x150
[   93.644693][ T9728]  kasan_slab_free+0xe/0x10
[   93.649186][ T9728]  kfree+0x10a/0x2c0
[   93.653310][ T9728]  set_selection_kernel+0x88f/0x13b0
[   93.658602][ T9728]  set_selection_user+0x95/0xd9
[   93.663449][ T9728]  tioclinux+0x11c/0x480
[   93.667817][ T9728]  vt_ioctl+0x1a41/0x26d0
[   93.672342][ T9728]  tty_ioctl+0xa37/0x14f0
[   93.676849][ T9728]  do_vfs_ioctl+0x977/0x14e0
[   93.681441][ T9728]  ksys_ioctl+0xab/0xd0
[   93.685705][ T9728]  __x64_sys_ioctl+0x73/0xb0
[   93.690292][ T9728]  do_syscall_64+0xfa/0x790
[   93.694792][ T9728]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   93.700663][ T9728] 
[   93.703003][ T9728] The buggy address belongs to the object at ffff88809a06cf80
[   93.703003][ T9728]  which belongs to the cache kmalloc-32 of size 32
[   93.716971][ T9728] The buggy address is located 0 bytes inside of
[   93.716971][ T9728]  32-byte region [ffff88809a06cf80, ffff88809a06cfa0)
[   93.730098][ T9728] The buggy address belongs to the page:
[   93.735721][ T9728] page:ffffea0002681b00 refcount:1 mapcount:0 mapping:ffff8880aa4001c0 index:0xffff88809a06cfc1
[   93.746779][ T9728] raw: 00fffe0000000200 ffffea0002747388 ffffea00028bf488 ffff8880aa4001c0
[   93.755464][ T9728] raw: ffff88809a06cfc1 ffff88809a06c000 000000010000003f 0000000000000000
[   93.764036][ T9728] page dumped because: kasan: bad access detected
[   93.770439][ T9728] 
[   93.772747][ T9728] Memory state around the buggy address:
[   93.778681][ T9728]  ffff88809a06ce80: 05 fc fc fc fc fc fc fc 05 fc fc fc fc fc fc fc
[   93.786858][ T9728]  ffff88809a06cf00: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[   93.794924][ T9728] >ffff88809a06cf80: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc
[   93.802971][ T9728]                    ^
[   93.807071][ T9728]  ffff88809a06d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   93.815122][ T9728]  ffff88809a06d080: 00 00 00 00 fc fc fc fc fc fc fc fc 00 00 00 00
[   93.823166][ T9728] ==================================================================
[   93.831211][ T9728] Disabling lock debugging due to kernel taint
[   93.841474][ T9728] Kernel panic - not syncing: panic_on_warn set ...
[   93.848113][ T9728] CPU: 0 PID: 9728 Comm: syz-executor.0 Tainted: G    B             5.5.0-rc1-syzkaller #0
[   93.851807][ T4087] kobject: 'loop1' (000000002ad03f65): kobject_uevent_env
[   93.858089][ T9728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   93.858094][ T9728] Call Trace:
[   93.858117][ T9728]  dump_stack+0x197/0x210
[   93.858133][ T9728]  panic+0x2e3/0x75c
[   93.858151][ T9728]  ? add_taint.cold+0x16/0x16
[   93.873851][ T4087] kobject: 'loop1' (000000002ad03f65): fill_kobj_path: path = '/devices/virtual/block/loop1'
[   93.875489][ T9728]  ? n_tty_receive_buf_common+0x270f/0x2b70
[   93.875513][ T9728]  ? preempt_schedule+0x4b/0x60
[   93.914550][ T9728]  ? ___preempt_schedule+0x16/0x18
[   93.914571][ T9728]  ? trace_hardirqs_on+0x5e/0x240
[   93.914588][ T9728]  ? n_tty_receive_buf_common+0x270f/0x2b70
[   93.914601][ T9728]  end_report+0x47/0x4f
[   93.914615][ T9728]  ? n_tty_receive_buf_common+0x270f/0x2b70
[   93.914636][ T9728]  __kasan_report.cold+0xe/0x41
[   93.914650][ T9728]  ? n_tty_receive_buf_common+0x270f/0x2b70
[   93.914663][ T9728]  kasan_report+0x12/0x20
[   93.914676][ T9728]  __asan_report_load1_noabort+0x14/0x20
[   93.914688][ T9728]  n_tty_receive_buf_common+0x270f/0x2b70
[   93.914700][ T9728]  ? __kasan_check_read+0x11/0x20
[   93.914720][ T9728]  n_tty_receive_buf2+0x34/0x40
[   93.914735][ T9728]  tty_ldisc_receive_buf+0xad/0x1c0
[   93.914747][ T9728]  ? add_wait_queue+0x112/0x170
[   93.914759][ T9728]  ? n_tty_receive_buf_common+0x2b70/0x2b70
[   93.914772][ T9728]  paste_selection+0x1ff/0x460
[   93.914785][ T9728]  ? vcs_remove_sysfs+0x60/0x60
[   93.914798][ T9728]  ? lock_downgrade+0x920/0x920
[   93.914812][ T9728]  ? wake_up_q+0x140/0x140
[   93.914839][ T9728]  tioclinux+0x133/0x480
[   94.017736][ T9728]  vt_ioctl+0x1a41/0x26d0
[   94.017751][ T9728]  ? complete_change_console+0x3a0/0x3a0
[   94.017763][ T9728]  ? lock_downgrade+0x920/0x920
[   94.017776][ T9728]  ? rwlock_bug.part.0+0x90/0x90
[   94.017792][ T9728]  ? tomoyo_path_number_perm+0x214/0x520
[   94.017802][ T9728]  ? find_held_lock+0x35/0x130
[   94.017815][ T9728]  ? tomoyo_path_number_perm+0x214/0x520
[   94.017829][ T9728]  ? __sanitizer_cov_trace_switch+0x49/0x80
[   94.017841][ T9728]  ? tty_jobctrl_ioctl+0x50/0xd40
[   94.017853][ T9728]  ? complete_change_console+0x3a0/0x3a0
[   94.017864][ T9728]  tty_ioctl+0xa37/0x14f0
[   94.017875][ T9728]  ? tty_vhangup+0x30/0x30
[   94.017947][ T9728]  ? tomoyo_path_number_perm+0x454/0x520
[   94.084511][ T9728]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   94.084530][ T9728]  ? tomoyo_path_number_perm+0x25e/0x520
[   94.096491][ T9728]  ? tomoyo_execute_permission+0x4a0/0x4a0
[   94.096513][ T9728]  ? tty_vhangup+0x30/0x30
[   94.096527][ T9728]  do_vfs_ioctl+0x977/0x14e0
[   94.096543][ T9728]  ? compat_ioctl_preallocate+0x220/0x220
[   94.096555][ T9728]  ? __fget+0x37f/0x550
[   94.096568][ T9728]  ? ksys_dup3+0x3e0/0x3e0
[   94.096584][ T9728]  ? ns_to_kernel_old_timeval+0x100/0x100
[   94.096600][ T9728]  ? tomoyo_file_ioctl+0x23/0x30
[   94.096613][ T9728]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   94.096624][ T9728]  ? security_file_ioctl+0x8d/0xc0
[   94.096636][ T9728]  ksys_ioctl+0xab/0xd0
[   94.096648][ T9728]  __x64_sys_ioctl+0x73/0xb0
[   94.096664][ T9728]  do_syscall_64+0xfa/0x790
[   94.096680][ T9728]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   94.096691][ T9728] RIP: 0033:0x45a909
[   94.096704][ T9728] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[   94.096711][ T9728] RSP: 002b:00007fdde5d3ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   94.096723][ T9728] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a909
[   94.096730][ T9728] RDX: 0000000020000000 RSI: 000000000000541c RDI: 0000000000000003
[   94.096737][ T9728] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[   94.096744][ T9728] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdde5d3f6d4
[   94.096751][ T9728] R13: 00000000004c5c62 R14: 00000000004dbf18 R15: 00000000ffffffff
[   94.098178][ T9728] Kernel Offset: disabled