[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1[   30.670004] kauditd_printk_skb: 9 callbacks suppressed
G[[32m ok [39;[   30.670016] audit: type=1800 audit(1541819578.112:33): pid=5657 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
49m8[?25h[?0c.
[   30.700941] audit: type=1800 audit(1541819578.122:34): pid=5657 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   33.079018] audit: type=1400 audit(1541819580.522:35): avc:  denied  { map } for  pid=5834 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.10.16' (ECDSA) to the list of known hosts.
[   79.833535] audit: type=1400 audit(1541819627.282:36): avc:  denied  { map } for  pid=5849 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
2018/11/10 03:13:47 parsed 1 programs
[   80.396677] audit: type=1400 audit(1541819627.842:37): avc:  denied  { map } for  pid=5849 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=13994 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1
2018/11/10 03:13:50 executed programs: 0
[   82.708803] IPVS: ftp: loaded support on port[0] = 21
[   82.838023] IPVS: ftp: loaded support on port[0] = 21
[   82.877815] IPVS: ftp: loaded support on port[0] = 21
[   82.885450] IPVS: ftp: loaded support on port[0] = 21
[   82.891723] IPVS: ftp: loaded support on port[0] = 21
[   82.927761] IPVS: ftp: loaded support on port[0] = 21
[   83.880824] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.893169] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.900658] device bridge_slave_0 entered promiscuous mode
[   83.978128] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.991880] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.010878] device bridge_slave_1 entered promiscuous mode
[   84.078127] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.088847] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.099413] device bridge_slave_0 entered promiscuous mode
[   84.106662] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   84.134432] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.140799] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.155019] device bridge_slave_0 entered promiscuous mode
[   84.171722] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.194365] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.201358] device bridge_slave_1 entered promiscuous mode
[   84.215604] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.221933] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.233746] device bridge_slave_0 entered promiscuous mode
[   84.247801] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.255063] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.262993] device bridge_slave_1 entered promiscuous mode
[   84.269916] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   84.284535] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.291073] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.301427] device bridge_slave_0 entered promiscuous mode
[   84.313959] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   84.321337] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.329772] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.338523] device bridge_slave_1 entered promiscuous mode
[   84.368196] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   84.376483] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.384493] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.391808] device bridge_slave_0 entered promiscuous mode
[   84.401990] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   84.417140] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   84.433278] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   84.440707] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.447944] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.459950] device bridge_slave_1 entered promiscuous mode
[   84.489621] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.496756] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.508420] device bridge_slave_1 entered promiscuous mode
[   84.516529] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   84.536843] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   84.559420] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   84.593546] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   84.647519] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   84.657941] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   84.673612] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   84.682812] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   84.712677] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   84.749753] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   84.767546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   84.785724] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   84.807268] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   84.845413] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   84.926066] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   84.938028] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   84.953883] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   84.983465] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   85.030661] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   85.105600] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   85.123456] team0: Port device team_slave_0 added
[   85.165001] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   85.188286] team0: Port device team_slave_0 added
[   85.197653] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   85.211527] team0: Port device team_slave_1 added
[   85.249435] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   85.259052] team0: Port device team_slave_0 added
[   85.274024] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   85.281400] team0: Port device team_slave_1 added
[   85.308134] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   85.361054] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   85.373799] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   85.398693] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   85.409198] team0: Port device team_slave_0 added
[   85.415076] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   85.422386] team0: Port device team_slave_1 added
[   85.434402] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   85.456801] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   85.473702] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   85.491357] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   85.499647] team0: Port device team_slave_0 added
[   85.513396] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   85.521364] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   85.535152] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   85.543450] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   85.550778] team0: Port device team_slave_1 added
[   85.558932] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   85.571515] team0: Port device team_slave_0 added
[   85.581824] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   85.600559] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   85.612647] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   85.619873] team0: Port device team_slave_1 added
[   85.627189] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   85.639475] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   85.649613] team0: Port device team_slave_1 added
[   85.658532] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   85.671521] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   85.686084] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   85.703324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   85.713094] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   85.720799] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   85.728542] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   85.736540] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   85.746647] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   85.756496] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   85.774376] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   85.784678] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   85.793346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   85.801262] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   85.822257] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   85.843447] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   85.851312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   85.859653] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   85.867239] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   85.874872] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   85.885758] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   85.895379] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   85.906682] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   85.917468] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   85.928841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   85.946981] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   85.961196] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   85.969369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   85.977249] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   85.984910] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   85.992327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   86.000083] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   86.010719] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   86.020868] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   86.034850] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   86.044581] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   86.058815] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   86.067839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   86.077443] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   86.085298] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   86.105984] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   86.115321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   86.133673] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   86.143527] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   86.158950] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   86.176907] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   86.189050] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   86.203602] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   86.211808] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   86.224439] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   86.725887] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.732383] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.739446] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.745857] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.768548] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   86.838403] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.844849] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.851500] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.857979] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.873798] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   86.896506] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.902925] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.909584] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.916009] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.931024] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   86.941601] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.948014] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.954737] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.961109] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.972226] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   86.990586] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.997000] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.003719] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.010095] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.025683] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   87.065264] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.071634] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.078362] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.084774] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.103752] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   87.579708] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   87.593002] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   87.600194] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   87.610942] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   87.619446] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   87.627029] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   89.686281] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.739864] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.861362] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.907195] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.934700] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.955144] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.977774] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   90.005597] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   90.157049] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   90.175034] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   90.197221] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   90.211727] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   90.239609] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   90.247679] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   90.263225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   90.290924] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   90.303314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   90.310382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   90.437041] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   90.444883] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   90.453571] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   90.480433] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   90.499092] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   90.509937] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   90.519052] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   90.536086] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   90.545998] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   90.553175] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   90.560218] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   90.570923] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   90.580984] 8021q: adding VLAN 0 to HW filter on device team0
[   90.668413] 8021q: adding VLAN 0 to HW filter on device team0
[   90.740880] 8021q: adding VLAN 0 to HW filter on device team0
[   90.800258] 8021q: adding VLAN 0 to HW filter on device team0
[   90.838515] 8021q: adding VLAN 0 to HW filter on device team0
[   90.859301] 8021q: adding VLAN 0 to HW filter on device team0
[   92.072569] audit: type=1400 audit(1541819639.502:38): avc:  denied  { associate } for  pid=5880 comm="syz-executor1" name="syz1" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1
2018/11/10 03:13:59 executed programs: 6
2018/11/10 03:14:06 executed programs: 39
2018/11/10 03:14:12 executed programs: 81
2018/11/10 03:14:19 executed programs: 140
2018/11/10 03:14:25 executed programs: 164
2018/11/10 03:14:32 executed programs: 223
2018/11/10 03:14:38 executed programs: 269
2018/11/10 03:14:45 executed programs: 317
2018/11/10 03:14:51 executed programs: 369
2018/11/10 03:14:58 executed programs: 425
[  155.145727] cgroup: fork rejected by pids controller in /syz3
2018/11/10 03:15:05 executed programs: 476
[  158.475643] cgroup: fork rejected by pids controller in /syz5
[  158.646594] IPVS: ftp: loaded support on port[0] = 21
[  159.143782] device bridge_slave_1 left promiscuous mode
[  159.149863] bridge0: port 2(bridge_slave_1) entered disabled state
[  159.231851] device bridge_slave_0 left promiscuous mode
[  159.241886] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.297373] team0 (unregistering): Port device team_slave_1 removed
[  159.307376] team0 (unregistering): Port device team_slave_0 removed
[  159.318989] bond0 (unregistering): Releasing backup interface bond_slave_1
[  159.339582] bond0 (unregistering): Releasing backup interface bond_slave_0
[  159.412693] bond0 (unregistering): Released all slaves
[  159.521827] bridge0: port 1(bridge_slave_0) entered blocking state
[  159.528767] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.536918] device bridge_slave_0 entered promiscuous mode
[  159.582140] bridge0: port 2(bridge_slave_1) entered blocking state
[  159.589649] bridge0: port 2(bridge_slave_1) entered disabled state
[  159.597471] device bridge_slave_1 entered promiscuous mode
[  159.642250] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  159.683807] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  159.808178] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  159.855739] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  160.046306] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  160.053878] team0: Port device team_slave_0 added
[  160.094281] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  160.101794] team0: Port device team_slave_1 added
[  160.144395] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  160.184474] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  160.223726] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  160.230953] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  160.243743] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  160.275182] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  160.282409] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  160.295561] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  160.555272] bridge0: port 2(bridge_slave_1) entered blocking state
[  160.561655] bridge0: port 2(bridge_slave_1) entered forwarding state
[  160.568365] bridge0: port 1(bridge_slave_0) entered blocking state
[  160.574743] bridge0: port 1(bridge_slave_0) entered forwarding state
[  160.583045] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  160.612908] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  161.187020] 8021q: adding VLAN 0 to HW filter on device bond0
[  161.242645] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  161.300167] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  161.306415] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  161.314828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  161.367545] 8021q: adding VLAN 0 to HW filter on device team0
2018/11/10 03:15:12 executed programs: 516
[  164.795131] ==================================================================
[  164.802882] BUG: KASAN: use-after-free in task_is_descendant.part.3+0x610/0x670
[  164.810346] Read of size 8 at addr ffff8801c46f24e0 by task syz-executor2/9973
[  164.817708] 
[  164.819352] CPU: 0 PID: 9973 Comm: syz-executor2 Not tainted 4.20.0-rc1+ #107
[  164.826621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  164.835981] Call Trace:
[  164.838585]  dump_stack+0x244/0x39d
[  164.842240]  ? dump_stack_print_info.cold.1+0x20/0x20
[  164.847441]  ? printk+0xa7/0xcf
[  164.850737]  ? kmsg_dump_rewind_nolock+0xe4/0xe4
[  164.855513]  print_address_description.cold.7+0x9/0x1ff
[  164.860883]  kasan_report.cold.8+0x242/0x309
[  164.865294]  ? task_is_descendant.part.3+0x610/0x670
[  164.870412]  __asan_report_load8_noabort+0x14/0x20
[  164.875357]  task_is_descendant.part.3+0x610/0x670
[  164.880310]  ? yama_relation_cleanup+0x500/0x500
[  164.885079]  ? check_preemption_disabled+0x48/0x280
[  164.890113]  ? kasan_check_read+0x11/0x20
[  164.894272]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  164.899564]  ? rcu_softirq_qs+0x20/0x20
[  164.903548]  ? find_held_lock+0x36/0x1c0
[  164.907632]  yama_ptrace_access_check+0x215/0x10fc
[  164.912578]  ? check_preemption_disabled+0x48/0x280
[  164.917616]  ? task_is_descendant.part.3+0x670/0x670
[  164.922736]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  164.927654]  ? kasan_check_read+0x11/0x20
[  164.931790]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  164.937054]  ? rcu_softirq_qs+0x20/0x20
[  164.941023]  ? cap_ptrace_access_check+0x2cc/0x6b0
[  164.945941]  ? __ptrace_may_access+0x4b0/0x980
[  164.950512]  ? cap_ptrace_traceme+0x6b0/0x6b0
[  164.954995]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  164.959912]  ? kasan_check_read+0x11/0x20
[  164.964065]  ? rcu_softirq_qs+0x20/0x20
[  164.968030]  security_ptrace_access_check+0x54/0xb0
[  164.973045]  __ptrace_may_access+0x5c8/0x980
[  164.977459]  ? ptrace_setsiginfo+0x1a0/0x1a0
[  164.981856]  ? rcu_softirq_qs+0x20/0x20
[  164.985836]  ptrace_attach+0x1fa/0x640
[  164.989719]  __x64_sys_ptrace+0x229/0x260
[  164.993871]  do_syscall_64+0x1b9/0x820
[  164.997764]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  165.003118]  ? syscall_return_slowpath+0x5e0/0x5e0
[  165.008041]  ? trace_hardirqs_on_caller+0x310/0x310
[  165.013056]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  165.018072]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  165.024727]  ? __switch_to_asm+0x40/0x70
[  165.028787]  ? __switch_to_asm+0x34/0x70
[  165.032838]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  165.037685]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  165.042873] RIP: 0033:0x457569
[  165.046057] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  165.064945] RSP: 002b:00007f2ed4dbfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000065
[  165.072640] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457569
[  165.079904] RDX: 0000000000000000 RSI: 000000000000021d RDI: 0000000000004206
[  165.087168] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  165.094437] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2ed4dc06d4
[  165.101693] R13: 00000000004c33bd R14: 00000000004d50e0 R15: 00000000ffffffff
[  165.108974] 
[  165.110593] Allocated by task 5873:
[  165.114219]  save_stack+0x43/0xd0
[  165.117659]  kasan_kmalloc+0xc7/0xe0
[  165.121366]  kasan_slab_alloc+0x12/0x20
[  165.125358]  kmem_cache_alloc_node+0x144/0x730
[  165.129928]  copy_process+0x2026/0x87a0
[  165.133888]  _do_fork+0x1cb/0x11d0
[  165.137416]  __x64_sys_clone+0xbf/0x150
[  165.141433]  do_syscall_64+0x1b9/0x820
[  165.145308]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  165.150480] 
[  165.152097] Freed by task 9:
[  165.155118]  save_stack+0x43/0xd0
[  165.158555]  __kasan_slab_free+0x102/0x150
[  165.162773]  kasan_slab_free+0xe/0x10
[  165.166560]  kmem_cache_free+0x83/0x290
[  165.170520]  free_task+0x16e/0x1f0
[  165.174047]  __put_task_struct+0x2e6/0x620
[  165.178268]  delayed_put_task_struct+0x2ff/0x4c0
[  165.183016]  rcu_process_callbacks+0x100a/0x1ac0
[  165.187759]  __do_softirq+0x308/0xb7e
[  165.191537] 
[  165.193215] The buggy address belongs to the object at ffff8801c46f2000
[  165.193215]  which belongs to the cache task_struct(65:syz2) of size 6080
[  165.206748] The buggy address is located 1248 bytes inside of
[  165.206748]  6080-byte region [ffff8801c46f2000, ffff8801c46f37c0)
[  165.218810] The buggy address belongs to the page:
[  165.223739] page:ffffea000711bc80 count:1 mapcount:0 mapping:ffff8801c204fc80 index:0x0 compound_mapcount: 0
[  165.233706] flags: 0x2fffc0000010200(slab|head)
[  165.238363] raw: 02fffc0000010200 ffffea00073cf808 ffffea000697c908 ffff8801c204fc80
[  165.246240] raw: 0000000000000000 ffff8801c46f2000 0000000100000001 ffff8801d8404a80
[  165.254102] page dumped because: kasan: bad access detected
[  165.259808] page->mem_cgroup:ffff8801d8404a80
[  165.264297] 
[  165.265928] Memory state around the buggy address:
[  165.270842]  ffff8801c46f2380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  165.278194]  ffff8801c46f2400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  165.285542] >ffff8801c46f2480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  165.292902]                                                        ^
[  165.299385]  ffff8801c46f2500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  165.306731]  ffff8801c46f2580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  165.314073] ==================================================================
[  165.321415] Disabling lock debugging due to kernel taint
[  165.327311] Kernel panic - not syncing: panic_on_warn set ...
[  165.333234] CPU: 0 PID: 9973 Comm: syz-executor2 Tainted: G    B             4.20.0-rc1+ #107
[  165.341890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  165.351226] Call Trace:
[  165.353800]  dump_stack+0x244/0x39d
[  165.357426]  ? dump_stack_print_info.cold.1+0x20/0x20
[  165.362610]  panic+0x2ad/0x55c
[  165.365792]  ? add_taint.cold.5+0x16/0x16
[  165.369926]  ? trace_hardirqs_on+0xb4/0x310
[  165.374250]  kasan_end_report+0x47/0x4f
[  165.378226]  kasan_report.cold.8+0x76/0x309
[  165.382539]  ? task_is_descendant.part.3+0x610/0x670
[  165.387638]  __asan_report_load8_noabort+0x14/0x20
[  165.392568]  task_is_descendant.part.3+0x610/0x670
[  165.397487]  ? yama_relation_cleanup+0x500/0x500
[  165.402235]  ? check_preemption_disabled+0x48/0x280
[  165.407238]  ? kasan_check_read+0x11/0x20
[  165.411375]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  165.416635]  ? rcu_softirq_qs+0x20/0x20
[  165.420606]  ? find_held_lock+0x36/0x1c0
[  165.424693]  yama_ptrace_access_check+0x215/0x10fc
[  165.429617]  ? check_preemption_disabled+0x48/0x280
[  165.434619]  ? task_is_descendant.part.3+0x670/0x670
[  165.439723]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  165.444637]  ? kasan_check_read+0x11/0x20
[  165.448778]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  165.454052]  ? rcu_softirq_qs+0x20/0x20
[  165.458019]  ? cap_ptrace_access_check+0x2cc/0x6b0
[  165.462935]  ? __ptrace_may_access+0x4b0/0x980
[  165.467502]  ? cap_ptrace_traceme+0x6b0/0x6b0
[  165.471983]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  165.476901]  ? kasan_check_read+0x11/0x20
[  165.481039]  ? rcu_softirq_qs+0x20/0x20
[  165.485012]  security_ptrace_access_check+0x54/0xb0
[  165.490024]  __ptrace_may_access+0x5c8/0x980
[  165.494445]  ? ptrace_setsiginfo+0x1a0/0x1a0
[  165.498854]  ? rcu_softirq_qs+0x20/0x20
[  165.502821]  ptrace_attach+0x1fa/0x640
[  165.506697]  __x64_sys_ptrace+0x229/0x260
[  165.510842]  do_syscall_64+0x1b9/0x820
[  165.514722]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  165.520072]  ? syscall_return_slowpath+0x5e0/0x5e0
[  165.524990]  ? trace_hardirqs_on_caller+0x310/0x310
[  165.529997]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  165.535010]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  165.541686]  ? __switch_to_asm+0x40/0x70
[  165.545746]  ? __switch_to_asm+0x34/0x70
[  165.549792]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  165.554637]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  165.559844] RIP: 0033:0x457569
[  165.563027] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  165.581911] RSP: 002b:00007f2ed4dbfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000065
[  165.589620] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457569
[  165.596963] RDX: 0000000000000000 RSI: 000000000000021d RDI: 0000000000004206
[  165.604231] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  165.611511] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2ed4dc06d4
[  165.618770] R13: 00000000004c33bd R14: 00000000004d50e0 R15: 00000000ffffffff
[  165.627052] Kernel Offset: disabled
[  165.630674] Rebooting in 86400 seconds..