[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   56.598828][   T26] audit: type=1800 audit(1570897623.994:25): pid=8650 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   56.621944][   T26] audit: type=1800 audit(1570897623.994:26): pid=8650 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   56.662946][   T26] audit: type=1800 audit(1570897623.994:27): pid=8650 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.15.192' (ECDSA) to the list of known hosts.
syzkaller login: [   74.279993][ T8812] IPVS: ftp: loaded support on port[0] = 21
[   74.280389][ T8811] IPVS: ftp: loaded support on port[0] = 21
[   74.304744][ T8814] IPVS: ftp: loaded support on port[0] = 21
[   74.313908][ T8810] IPVS: ftp: loaded support on port[0] = 21
[   74.314120][ T8809] IPVS: ftp: loaded support on port[0] = 21
[   74.326574][ T8813] IPVS: ftp: loaded support on port[0] = 21
[   74.486133][ T8812] chnl_net:caif_netlink_parms(): no params data found
[   74.617644][ T8812] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.625733][ T8812] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.633878][ T8812] device bridge_slave_0 entered promiscuous mode
[   74.644072][ T8812] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.651255][ T8812] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.659191][ T8812] device bridge_slave_1 entered promiscuous mode
[   74.711566][ T8810] chnl_net:caif_netlink_parms(): no params data found
[   74.758568][ T8813] chnl_net:caif_netlink_parms(): no params data found
[   74.776258][ T8812] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   74.788452][ T8811] chnl_net:caif_netlink_parms(): no params data found
[   74.808680][ T8814] chnl_net:caif_netlink_parms(): no params data found
[   74.818113][ T8812] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   74.854875][ T8809] chnl_net:caif_netlink_parms(): no params data found
[   74.909888][ T8812] team0: Port device team_slave_0 added
[   74.943808][ T8810] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.950984][ T8810] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.960967][ T8810] device bridge_slave_0 entered promiscuous mode
[   74.970305][ T8812] team0: Port device team_slave_1 added
[   74.997267][ T8813] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.005809][ T8813] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.017960][ T8813] device bridge_slave_0 entered promiscuous mode
[   75.025643][ T8810] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.032738][ T8810] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.041516][ T8810] device bridge_slave_1 entered promiscuous mode
[   75.053946][ T8809] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.061050][ T8809] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.069890][ T8809] device bridge_slave_0 entered promiscuous mode
[   75.081955][ T8809] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.089204][ T8809] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.097065][ T8809] device bridge_slave_1 entered promiscuous mode
[   75.105024][ T8811] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.112081][ T8811] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.120001][ T8811] device bridge_slave_0 entered promiscuous mode
[   75.127681][ T8813] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.134830][ T8813] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.142548][ T8813] device bridge_slave_1 entered promiscuous mode
[   75.171467][ T8814] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.178663][ T8814] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.186918][ T8814] device bridge_slave_0 entered promiscuous mode
[   75.194528][ T8811] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.201603][ T8811] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.210175][ T8811] device bridge_slave_1 entered promiscuous mode
[   75.218900][ T8813] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   75.236469][ T8810] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   75.251195][ T8814] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.259749][ T8814] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.267606][ T8814] device bridge_slave_1 entered promiscuous mode
[   75.287436][ T8813] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   75.303482][ T8810] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   75.376520][ T8812] device hsr_slave_0 entered promiscuous mode
[   75.443216][ T8812] device hsr_slave_1 entered promiscuous mode
[   75.515264][ T8809] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   75.530879][ T8809] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   75.555156][ T8811] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   75.578675][ T8814] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   75.614620][ T8809] team0: Port device team_slave_0 added
[   75.621849][ T8809] team0: Port device team_slave_1 added
[   75.628802][ T8811] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   75.639404][ T8810] team0: Port device team_slave_0 added
[   75.646352][ T8814] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   75.657037][ T8813] team0: Port device team_slave_0 added
[   75.664454][ T8813] team0: Port device team_slave_1 added
[   75.685272][ T8810] team0: Port device team_slave_1 added
[   75.700247][ T8814] team0: Port device team_slave_0 added
[   75.719602][ T8811] team0: Port device team_slave_0 added
[   75.727547][ T8811] team0: Port device team_slave_1 added
[   75.741781][ T8814] team0: Port device team_slave_1 added
[   75.805491][ T8809] device hsr_slave_0 entered promiscuous mode
[   75.843449][ T8809] device hsr_slave_1 entered promiscuous mode
[   75.893155][ T8809] debugfs: Directory 'hsr0' with parent '/' already present!
[   75.985924][ T8811] device hsr_slave_0 entered promiscuous mode
[   76.043559][ T8811] device hsr_slave_1 entered promiscuous mode
[   76.083005][ T8811] debugfs: Directory 'hsr0' with parent '/' already present!
[   76.155972][ T8810] device hsr_slave_0 entered promiscuous mode
[   76.223200][ T8810] device hsr_slave_1 entered promiscuous mode
[   76.273185][ T8810] debugfs: Directory 'hsr0' with parent '/' already present!
[   76.316115][ T8813] device hsr_slave_0 entered promiscuous mode
[   76.353371][ T8813] device hsr_slave_1 entered promiscuous mode
[   76.403137][ T8813] debugfs: Directory 'hsr0' with parent '/' already present!
[   76.476955][ T8814] device hsr_slave_0 entered promiscuous mode
[   76.524046][ T8814] device hsr_slave_1 entered promiscuous mode
[   76.563136][ T8814] debugfs: Directory 'hsr0' with parent '/' already present!
[   76.689831][ T8812] 8021q: adding VLAN 0 to HW filter on device bond0
[   76.724614][ T2853] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   76.732683][ T2853] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   76.749363][ T8811] 8021q: adding VLAN 0 to HW filter on device bond0
[   76.759646][ T8809] 8021q: adding VLAN 0 to HW filter on device bond0
[   76.778158][ T8809] 8021q: adding VLAN 0 to HW filter on device team0
[   76.788879][ T8812] 8021q: adding VLAN 0 to HW filter on device team0
[   76.806763][ T8821] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   76.815594][ T8821] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   76.847865][ T8813] 8021q: adding VLAN 0 to HW filter on device bond0
[   76.855917][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   76.865201][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   76.873864][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   76.882424][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   76.891345][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.899789][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.908868][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   76.917938][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   76.926999][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.934114][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.941797][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   76.950822][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   76.959171][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.966271][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.974372][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   76.982283][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   76.991757][ T8811] 8021q: adding VLAN 0 to HW filter on device team0
[   77.025964][ T8810] 8021q: adding VLAN 0 to HW filter on device bond0
[   77.035630][ T8814] 8021q: adding VLAN 0 to HW filter on device bond0
[   77.043776][ T8821] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   77.054343][ T8821] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   77.063697][ T8821] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   77.075763][ T8813] 8021q: adding VLAN 0 to HW filter on device team0
[   77.096959][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   77.105716][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   77.116585][ T8823] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.123720][ T8823] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.132379][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   77.141607][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   77.150323][ T8823] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.157628][ T8823] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.165937][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   77.174754][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   77.183660][ T8823] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.190718][ T8823] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.198834][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   77.206942][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   77.215250][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   77.223047][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   77.246325][ T8814] 8021q: adding VLAN 0 to HW filter on device team0
[   77.256088][ T8810] 8021q: adding VLAN 0 to HW filter on device team0
[   77.267106][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   77.276438][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   77.285809][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   77.294808][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   77.303657][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   77.312013][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   77.321312][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   77.329814][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   77.338654][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   77.347089][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   77.371037][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   77.378989][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   77.388488][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   77.397575][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   77.408278][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   77.417176][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   77.426300][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   77.435165][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   77.443925][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   77.452447][ T8823] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.459695][ T8823] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.467432][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   77.476088][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   77.502208][ T8809] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   77.514643][ T8809] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   77.526472][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   77.534997][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   77.543300][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   77.551114][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   77.560192][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   77.569271][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   77.578733][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   77.587473][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   77.596558][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   77.604984][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   77.613539][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   77.621826][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   77.630300][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   77.638985][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   77.648135][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   77.656731][ T8823] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.663979][ T8823] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.671531][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   77.680007][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   77.688365][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   77.697144][ T8823] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   77.705835][ T8823] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.713099][ T8823] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.722072][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   77.740168][ T8811] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   77.752584][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   77.764664][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   77.773207][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   77.781808][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   77.790945][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.798143][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.806253][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   77.815300][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   77.823824][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.830966][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.839811][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   77.848929][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   77.859564][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   77.867814][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   77.876579][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   77.885467][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.892599][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.940267][ T8809] 8021q: adding VLAN 0 to HW filter on device batadv0
[   77.960600][ T8822] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   77.970856][ T8822] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   77.980161][ T8822] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   77.990252][ T8822] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   78.000133][ T8822] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   78.008799][ T8822] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   78.017223][ T8822] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   78.025843][ T8822] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   78.034704][ T8822] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   78.050891][ T8814] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   78.063335][ T8814] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   78.073651][ T8811] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.085436][ T8812] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.108150][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   78.117039][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   78.143303][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   78.151866][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   78.160648][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   78.169948][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   78.201355][ T8814] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.232659][ T8824] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   78.242183][ T8824] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   78.257945][ T8824] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   78.267109][ T8824] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   78.277382][ T8824] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   78.286720][ T8824] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   78.296258][ T8824] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   78.305784][ T8824] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   78.315159][ T8824] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   78.324507][ T8824] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   78.337803][ T8824] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   78.347191][ T8824] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
executing program
[   78.359928][ T8810] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   78.371857][ T8810] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   78.405753][ T8813] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   78.432648][ T8813] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   78.453239][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   78.461389][ T8841] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[   78.463982][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
executing program
executing program
[   78.509053][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   78.518585][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   78.574479][ T8810] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.595184][ T8813] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.599694][ T8848] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
executing program
[   78.626000][ T8849] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[   78.712800][ T8855] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
executing program
executing program
[   78.875997][ T8865] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[   78.908418][ T8867] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[   78.983858][   T38] Bluetooth: Error in BCSP hdr checksum
[   80.524363][   T12] Bluetooth: hci0: command 0x1003 tx timeout
[   80.531809][ T8868] Bluetooth: hci0: sending frame failed (-49)
[   80.683211][ T8821] Bluetooth: hci1: command 0x1003 tx timeout
[   80.683470][   T12] Bluetooth: hci2: command 0x1003 tx timeout
[   80.689613][ T8868] Bluetooth: hci1: sending frame failed (-49)
[   80.702362][ T8868] Bluetooth: hci2: sending frame failed (-49)
[   80.763651][   T12] Bluetooth: hci3: command 0x1003 tx timeout
[   80.770332][ T8868] Bluetooth: hci3: sending frame failed (-49)
[   80.923524][   T12] Bluetooth: hci4: command 0x1003 tx timeout
[   80.929638][ T8868] Bluetooth: hci4: sending frame failed (-49)
[   81.003203][ T8821] Bluetooth: hci5: command 0x1003 tx timeout
[   81.009470][ T8868] Bluetooth: hci5: sending frame failed (-49)
[   82.603153][ T8821] Bluetooth: hci0: command 0x1001 tx timeout
[   82.609501][ T8868] Bluetooth: hci0: sending frame failed (-49)
[   82.763271][ T8821] Bluetooth: hci2: command 0x1001 tx timeout
[   82.769463][ T8868] Bluetooth: hci2: sending frame failed (-49)
[   82.775682][ T8821] Bluetooth: hci1: command 0x1001 tx timeout
[   82.781938][ T8868] Bluetooth: hci1: sending frame failed (-49)
[   82.843207][ T8821] Bluetooth: hci3: command 0x1001 tx timeout
[   82.849546][ T8868] Bluetooth: hci3: sending frame failed (-49)
[   83.002937][ T8821] Bluetooth: hci4: command 0x1001 tx timeout
[   83.009839][ T8868] Bluetooth: hci4: sending frame failed (-49)
[   83.082940][ T8821] Bluetooth: hci5: command 0x1001 tx timeout
[   83.089238][ T8868] Bluetooth: hci5: sending frame failed (-49)
[   84.683268][ T8821] Bluetooth: hci0: command 0x1009 tx timeout
[   84.843059][ T8821] Bluetooth: hci2: command 0x1009 tx timeout
[   84.843187][   T12] Bluetooth: hci1: command 0x1009 tx timeout
[   84.923484][   T12] Bluetooth: hci3: command 0x1009 tx timeout
[   85.083219][   T12] Bluetooth: hci4: command 0x1009 tx timeout
[   85.162995][   T12] Bluetooth: hci5: command 0x1009 tx timeout
executing program
executing program
executing program
[   89.259873][ T8854] ==================================================================
[   89.268241][ T8854] BUG: KASAN: use-after-free in kfree_skb+0x38/0x3c0
[   89.274927][ T8854] Read of size 4 at addr ffff888089039514 by task syz-executor207/8854
[   89.283348][ T8854] 
[   89.285680][ T8854] CPU: 1 PID: 8854 Comm: syz-executor207 Not tainted 5.4.0-rc2+ #0
[   89.293568][ T8854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   89.303813][ T8854] Call Trace:
[   89.303849][ T8854]  dump_stack+0x172/0x1f0
[   89.303863][ T8854]  ? kfree_skb+0x38/0x3c0
[   89.303881][ T8854]  print_address_description.constprop.0.cold+0xd4/0x30b
[   89.303891][ T8854]  ? kfree_skb+0x38/0x3c0
[   89.303901][ T8854]  ? kfree_skb+0x38/0x3c0
[   89.303913][ T8854]  __kasan_report.cold+0x1b/0x41
[   89.303925][ T8854]  ? kfree_skb+0x38/0x3c0
[   89.303939][ T8854]  kasan_report+0x12/0x20
[   89.303954][ T8854]  check_memory_region+0x134/0x1a0
[   89.303968][ T8854]  __kasan_check_read+0x11/0x20
[   89.303980][ T8854]  kfree_skb+0x38/0x3c0
[   89.303996][ T8854]  bcsp_close+0xc7/0x130
[   89.304018][ T8854]  hci_uart_tty_close+0x21e/0x280
[   89.304028][ T8854]  ? hci_uart_close+0x50/0x50
[   89.316310][ T8854]  tty_ldisc_close.isra.0+0x119/0x1a0
[   89.316328][ T8854]  tty_ldisc_kill+0x9c/0x160
[   89.316344][ T8854]  tty_ldisc_release+0xe9/0x2b0
[   89.316360][ T8854]  tty_release_struct+0x1b/0x50
[   89.331998][ T8854]  tty_release+0xbcb/0xe90
[   89.332024][ T8854]  __fput+0x2ff/0x890
[   89.341257][ T8854]  ? put_tty_driver+0x20/0x20
[   89.341276][ T8854]  ____fput+0x16/0x20
[   89.341291][ T8854]  task_work_run+0x145/0x1c0
[   89.341312][ T8854]  exit_to_usermode_loop+0x316/0x380
[   89.341330][ T8854]  do_syscall_64+0x65f/0x760
[   89.341347][ T8854]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   89.356573][ T8854] RIP: 0033:0x4073f1
[   89.356590][ T8854] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 24 1a 00 00 c3 48 83 ec 08 e8 6a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 b3 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
executing program
[   89.356598][ T8854] RSP: 002b:00007ffc66cb6300 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   89.356609][ T8854] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00000000004073f1
[   89.356622][ T8854] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[   89.365168][ T8854] RBP: 00000000006dec4c R08: 00000000004b1131 R09: 00000000004b1131
[   89.365175][ T8854] R10: 00007ffc66cb6320 R11: 0000000000000293 R12: 00000000006dec40
[   89.365182][ T8854] R13: 0000000000000000 R14: 20c49ba5e353f7cf R15: 0000000000000009
[   89.365201][ T8854] 
[   89.365208][ T8854] Allocated by task 38:
[   89.365226][ T8854]  save_stack+0x23/0x90
[   89.365239][ T8854]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[   89.365251][ T8854]  kasan_slab_alloc+0xf/0x20
[   89.365265][ T8854]  kmem_cache_alloc_node+0x138/0x740
[   89.365278][ T8854]  __alloc_skb+0xd5/0x5e0
[   89.365290][ T8854]  bcsp_recv+0x8c1/0x13a0
[   89.365301][ T8854]  hci_uart_tty_receive+0x279/0x6e0
[   89.365317][ T8854]  tty_ldisc_receive_buf+0x15f/0x1c0
[   89.365329][ T8854]  tty_port_default_receive_buf+0x7d/0xb0
[   89.365340][ T8854]  flush_to_ldisc+0x222/0x390
executing program
[   89.365352][ T8854]  process_one_work+0x9af/0x1740
[   89.365363][ T8854]  worker_thread+0x98/0xe40
[   89.365380][ T8854]  kthread+0x361/0x430
[   89.481127][ T8854]  ret_from_fork+0x24/0x30
[   89.481132][ T8854] 
[   89.481140][ T8854] Freed by task 38:
[   89.481153][ T8854]  save_stack+0x23/0x90
[   89.481165][ T8854]  __kasan_slab_free+0x102/0x150
[   89.481176][ T8854]  kasan_slab_free+0xe/0x10
[   89.481186][ T8854]  kmem_cache_free+0x86/0x320
[   89.481206][ T8854]  kfree_skbmem+0xc5/0x150
[   89.497245][ T8854]  kfree_skb+0x109/0x3c0
[   89.508155][ T8881] kobject: 'hci3' (00000000afb2fa57): fill_kobj_path: path = '/devices/virtual/bluetooth/hci3'
[   89.511653][ T8854]  bcsp_recv+0x2d8/0x13a0
[   89.511667][ T8854]  hci_uart_tty_receive+0x279/0x6e0
[   89.511683][ T8854]  tty_ldisc_receive_buf+0x15f/0x1c0
[   89.511698][ T8854]  tty_port_default_receive_buf+0x7d/0xb0
[   89.511710][ T8854]  flush_to_ldisc+0x222/0x390
[   89.511724][ T8854]  process_one_work+0x9af/0x1740
[   89.511739][ T8854]  worker_thread+0x98/0xe40
[   89.527263][ T8881] kobject: 'rfkill14' (000000003d66e33a): kobject_add_internal: parent: 'hci3', set: 'devices'
[   89.531432][ T8854]  kthread+0x361/0x430
[   89.531448][ T8854]  ret_from_fork+0x24/0x30
[   89.531452][ T8854] 
[   89.531463][ T8854] The buggy address belongs to the object at ffff888089039440
[   89.531463][ T8854]  which belongs to the cache skbuff_head_cache of size 224
[   89.531475][ T8854] The buggy address is located 212 bytes inside of
[   89.531475][ T8854]  224-byte region [ffff888089039440, ffff888089039520)
[   89.531480][ T8854] The buggy address belongs to the page:
[   89.531493][ T8854] page:ffffea0002240e40 refcount:1 mapcount:0 mapping:ffff8880a99dd8c0 index:0x0
[   89.531504][ T8854] flags: 0x1fffc0000000200(slab)
[   89.531521][ T8854] raw: 01fffc0000000200 ffffea0002240c88 ffffea0002a412c8 ffff8880a99dd8c0
[   89.548780][ T8881] kobject: 'rfkill14' (000000003d66e33a): kobject_uevent_env
[   89.550601][ T8854] raw: 0000000000000000 ffff888089039080 000000010000000c 0000000000000000
[   89.550609][ T8854] page dumped because: kasan: bad access detected
[   89.550613][ T8854] 
[   89.550618][ T8854] Memory state around the buggy address:
[   89.550630][ T8854]  ffff888089039400: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
[   89.550641][ T8854]  ffff888089039480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   89.550651][ T8854] >ffff888089039500: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc
[   89.550657][ T8854]                          ^
[   89.550667][ T8854]  ffff888089039580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   89.550679][ T8854]  ffff888089039600: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[   89.576783][ T8881] kobject: 'rfkill14' (000000003d66e33a): fill_kobj_path: path = '/devices/virtual/bluetooth/hci3/rfkill14'
[   89.579017][ T8854] ==================================================================
[   89.579022][ T8854] Disabling lock debugging due to kernel taint
[   89.595925][ T8883] kobject: 'hci4' (0000000026146849): kobject_add_internal: parent: 'bluetooth', set: 'devices'
[   89.609317][ T8854] Kernel panic - not syncing: panic_on_warn set ...
[   89.617820][ T8883] kobject: 'hci4' (0000000026146849): kobject_uevent_env
[   89.622844][ T8854] CPU: 0 PID: 8854 Comm: syz-executor207 Tainted: G    B             5.4.0-rc2+ #0
[   89.622852][ T8854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   89.622856][ T8854] Call Trace:
[   89.622873][ T8854]  dump_stack+0x172/0x1f0
[   89.622889][ T8854]  panic+0x2e3/0x75c
[   89.627232][ T8883] kobject: 'hci4' (0000000026146849): fill_kobj_path: path = '/devices/virtual/bluetooth/hci4'
[   89.632402][ T8854]  ? add_taint.cold+0x16/0x16
[   89.632413][ T8854]  ? kfree_skb+0x38/0x3c0
[   89.632430][ T8854]  ? preempt_schedule+0x4b/0x60
[   89.638108][ T8883] kobject: 'rfkill15' (0000000015a0542a): kobject_add_internal: parent: 'hci4', set: 'devices'
[   89.643380][ T8854]  ? ___preempt_schedule+0x16/0x20
[   89.643393][ T8854]  ? trace_hardirqs_on+0x5e/0x240
[   89.643404][ T8854]  ? kfree_skb+0x38/0x3c0
[   89.643420][ T8854]  end_report+0x47/0x4f
[   89.649947][ T8883] kobject: 'rfkill15' (0000000015a0542a): kobject_uevent_env
[   89.653087][ T8854]  ? kfree_skb+0x38/0x3c0
[   89.653100][ T8854]  __kasan_report.cold+0xe/0x41
[   89.653115][ T8854]  ? kfree_skb+0x38/0x3c0
[   89.657638][ T8883] kobject: 'rfkill15' (0000000015a0542a): fill_kobj_path: path = '/devices/virtual/bluetooth/hci4/rfkill15'
[   89.667910][ T8854]  kasan_report+0x12/0x20
[   89.667921][ T8854]  check_memory_region+0x134/0x1a0
[   89.667931][ T8854]  __kasan_check_read+0x11/0x20
[   89.667945][ T8854]  kfree_skb+0x38/0x3c0
[   89.994935][ T8854]  bcsp_close+0xc7/0x130
[   89.999176][ T8854]  hci_uart_tty_close+0x21e/0x280
[   90.004179][ T8854]  ? hci_uart_close+0x50/0x50
[   90.008849][ T8854]  tty_ldisc_close.isra.0+0x119/0x1a0
[   90.014393][ T8854]  tty_ldisc_kill+0x9c/0x160
[   90.019120][ T8854]  tty_ldisc_release+0xe9/0x2b0
[   90.023990][ T8854]  tty_release_struct+0x1b/0x50
[   90.028840][ T8854]  tty_release+0xbcb/0xe90
[   90.033240][ T8854]  __fput+0x2ff/0x890
[   90.037466][ T8854]  ? put_tty_driver+0x20/0x20
[   90.042129][ T8854]  ____fput+0x16/0x20
[   90.046177][ T8854]  task_work_run+0x145/0x1c0
[   90.050765][ T8854]  exit_to_usermode_loop+0x316/0x380
[   90.056053][ T8854]  do_syscall_64+0x65f/0x760
[   90.060747][ T8854]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   90.066626][ T8854] RIP: 0033:0x4073f1
[   90.070517][ T8854] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 24 1a 00 00 c3 48 83 ec 08 e8 6a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 b3 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[   90.090551][ T8854] RSP: 002b:00007ffc66cb6300 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   90.098943][ T8854] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00000000004073f1
[   90.106894][ T8854] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[   90.114887][ T8854] RBP: 00000000006dec4c R08: 00000000004b1131 R09: 00000000004b1131
[   90.122898][ T8854] R10: 00007ffc66cb6320 R11: 0000000000000293 R12: 00000000006dec40
[   90.130893][ T8854] R13: 0000000000000000 R14: 20c49ba5e353f7cf R15: 0000000000000009
[   90.140569][ T8854] Kernel Offset: disabled
[   90.144953][ T8854] Rebooting in 86400 seconds..