[....] Starting enhanced syslogd: rsyslogd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[ 41.721529] audit: type=1800 audit(1548295164.146:25): pid=7943 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[ 41.749370] audit: type=1800 audit(1548295164.146:26): pid=7943 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[ 41.783843] audit: type=1800 audit(1548295164.146:27): pid=7943 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.0.131' (ECDSA) to the list of known hosts.
2019/01/24 02:01:34 parsed 1 programs
2019/01/24 02:01:37 executed programs: 0
syzkaller login: [ 175.587660] IPVS: ftp: loaded support on port[0] = 21
[ 175.600090] IPVS: ftp: loaded support on port[0] = 21
[ 175.613443] IPVS: ftp: loaded support on port[0] = 21
[ 175.620135] IPVS: ftp: loaded support on port[0] = 21
[ 175.646400] IPVS: ftp: loaded support on port[0] = 21
[ 175.670356] IPVS: ftp: loaded support on port[0] = 21
[ 175.856239] chnl_net:caif_netlink_parms(): no params data found
[ 175.872706] chnl_net:caif_netlink_parms(): no params data found
[ 175.908684] chnl_net:caif_netlink_parms(): no params data found
[ 175.956078] chnl_net:caif_netlink_parms(): no params data found
[ 176.028171] chnl_net:caif_netlink_parms(): no params data found
[ 176.043568] bridge0: port 1(bridge_slave_0) entered blocking state
[ 176.050518] bridge0: port 1(bridge_slave_0) entered disabled state
[ 176.057514] device bridge_slave_0 entered promiscuous mode
[ 176.066212] bridge0: port 2(bridge_slave_1) entered blocking state
[ 176.072713] bridge0: port 2(bridge_slave_1) entered disabled state
[ 176.079725] device bridge_slave_1 entered promiscuous mode
[ 176.086068] bridge0: port 1(bridge_slave_0) entered blocking state
[ 176.092874] bridge0: port 1(bridge_slave_0) entered disabled state
[ 176.100050] device bridge_slave_0 entered promiscuous mode
[ 176.109144] bridge0: port 2(bridge_slave_1) entered blocking state
[ 176.115722] bridge0: port 2(bridge_slave_1) entered disabled state
[ 176.122960] device bridge_slave_1 entered promiscuous mode
[ 176.133020] bridge0: port 1(bridge_slave_0) entered blocking state
[ 176.140241] bridge0: port 1(bridge_slave_0) entered disabled state
[ 176.147117] device bridge_slave_0 entered promiscuous mode
[ 176.153662] bridge0: port 2(bridge_slave_1) entered blocking state
[ 176.160054] bridge0: port 2(bridge_slave_1) entered disabled state
[ 176.167063] device bridge_slave_1 entered promiscuous mode
[ 176.190965] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 176.212650] chnl_net:caif_netlink_parms(): no params data found
[ 176.235467] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 176.247798] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 176.258863] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 176.267318] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 176.289242] bridge0: port 1(bridge_slave_0) entered blocking state
[ 176.296494] bridge0: port 1(bridge_slave_0) entered disabled state
[ 176.304053] device bridge_slave_0 entered promiscuous mode
[ 176.313979] bridge0: port 2(bridge_slave_1) entered blocking state
[ 176.320410] bridge0: port 2(bridge_slave_1) entered disabled state
[ 176.327335] device bridge_slave_1 entered promiscuous mode
[ 176.337115] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 176.344990] bridge0: port 1(bridge_slave_0) entered blocking state
[ 176.351638] bridge0: port 1(bridge_slave_0) entered disabled state
[ 176.358503] device bridge_slave_0 entered promiscuous mode
[ 176.368681] bridge0: port 2(bridge_slave_1) entered blocking state
[ 176.375131] bridge0: port 2(bridge_slave_1) entered disabled state
[ 176.382204] device bridge_slave_1 entered promiscuous mode
[ 176.411716] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 176.419489] team0: Port device team_slave_0 added
[ 176.428523] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 176.435662] team0: Port device team_slave_1 added
[ 176.440942] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 176.448091] team0: Port device team_slave_0 added
[ 176.458076] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 176.471411] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 176.479217] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 176.486949] team0: Port device team_slave_0 added
[ 176.492133] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[ 176.499464] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 176.506636] team0: Port device team_slave_1 added
[ 176.516434] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 176.529107] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 176.536909] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[ 176.544483] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 176.551807] team0: Port device team_slave_1 added
[ 176.557015] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[ 176.564431] bridge0: port 1(bridge_slave_0) entered blocking state
[ 176.570890] bridge0: port 1(bridge_slave_0) entered disabled state
[ 176.577953] device bridge_slave_0 entered promiscuous mode
[ 176.597942] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 176.605718] team0: Port device team_slave_0 added
[ 176.617877] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[ 176.625687] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[ 176.633554] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[ 176.641017] bridge0: port 2(bridge_slave_1) entered blocking state
[ 176.647382] bridge0: port 2(bridge_slave_1) entered disabled state
[ 176.657917] device bridge_slave_1 entered promiscuous mode
[ 176.672230] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 176.679763] team0: Port device team_slave_1 added
[ 176.714400] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 176.722869] team0: Port device team_slave_0 added
[ 176.728187] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[ 176.782318] device hsr_slave_0 entered promiscuous mode
[ 176.829829] device hsr_slave_1 entered promiscuous mode
[ 176.876651] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[ 176.896684] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 176.904163] team0: Port device team_slave_1 added
[ 176.909463] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[ 176.916823] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[ 177.011069] device hsr_slave_0 entered promiscuous mode
[ 177.089545] device hsr_slave_1 entered promiscuous mode
[ 177.169793] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[ 177.176772] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[ 177.221372] device hsr_slave_0 entered promiscuous mode
[ 177.259501] device hsr_slave_1 entered promiscuous mode
[ 177.309968] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[ 177.318218] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 177.333108] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[ 177.348373] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[ 177.356372] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[ 177.367406] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 177.441100] device hsr_slave_0 entered promiscuous mode
[ 177.479688] device hsr_slave_1 entered promiscuous mode
[ 177.572564] device hsr_slave_0 entered promiscuous mode
[ 177.609742] device hsr_slave_1 entered promiscuous mode
[ 177.669732] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[ 177.676619] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[ 177.684942] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[ 177.708411] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[ 177.715609] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 177.723115] team0: Port device team_slave_0 added
[ 177.728652] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 177.737262] team0: Port device team_slave_1 added
[ 177.743703] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[ 177.755056] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[ 177.764797] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 177.793467] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 177.841129] device hsr_slave_0 entered promiscuous mode
[ 177.879654] device hsr_slave_1 entered promiscuous mode
[ 177.938507] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[ 177.953667] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 177.962888] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[ 177.982722] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 177.991482] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 178.013106] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 178.102874] 8021q: adding VLAN 0 to HW filter on device bond0
[ 178.120609] 8021q: adding VLAN 0 to HW filter on device bond0
[ 178.153225] 8021q: adding VLAN 0 to HW filter on device bond0
[ 178.162256] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 178.171289] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 178.183667] 8021q: adding VLAN 0 to HW filter on device bond0
[ 178.208627] 8021q: adding VLAN 0 to HW filter on device bond0
[ 178.218595] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 178.227982] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 178.236068] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 178.245226] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 178.252924] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 178.260218] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 178.268565] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 178.277021] 8021q: adding VLAN 0 to HW filter on device bond0
[ 178.283617] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 178.291835] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 178.298706] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 178.305821] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 178.312828] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 178.320253] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 178.327129] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 178.334098] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 178.343280] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[ 178.350028] 8021q: adding VLAN 0 to HW filter on device team0
[ 178.359139] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[ 178.370782] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[ 178.376850] 8021q: adding VLAN 0 to HW filter on device team0
[ 178.386013] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[ 178.394180] 8021q: adding VLAN 0 to HW filter on device team0
[ 178.400533] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 178.408317] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 178.416153] bridge0: port 1(bridge_slave_0) entered blocking state
[ 178.422643] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 178.431104] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 178.437246] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 178.445131] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 178.452227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 178.462733] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[ 178.468803] 8021q: adding VLAN 0 to HW filter on device team0
[ 178.477952] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 178.487133] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[ 178.497267] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[ 178.507987] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[ 178.517878] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[ 178.526337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 178.534739] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 178.542764] bridge0: port 1(bridge_slave_0) entered blocking state
[ 178.549091] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 178.556037] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 178.563891] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 178.571590] bridge0: port 1(bridge_slave_0) entered blocking state
[ 178.577921] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 178.584815] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 178.593113] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 178.600924] bridge0: port 2(bridge_slave_1) entered blocking state
[ 178.607404] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 178.614279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 178.622692] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 178.629912] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 178.639749] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[ 178.648249] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[ 178.655206] 8021q: adding VLAN 0 to HW filter on device team0
[ 178.664649] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[ 178.674206] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 178.683167] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[ 178.690312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 178.698187] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 178.706256] bridge0: port 2(bridge_slave_1) entered blocking state
[ 178.712639] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 178.719962] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 178.727637] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 178.735338] bridge0: port 1(bridge_slave_0) entered blocking state
[ 178.741821] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 178.748760] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 178.755773] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 178.762652] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 178.770919] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 178.778458] bridge0: port 2(bridge_slave_1) entered blocking state
[ 178.784827] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 178.791934] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 178.801347] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[ 178.810377] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[ 178.820016] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[ 178.829535] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[ 178.839255] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[ 178.845673] 8021q: adding VLAN 0 to HW filter on device team0
[ 178.852114] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 178.860377] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 178.868200] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 178.876375] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 178.884884] bridge0: port 1(bridge_slave_0) entered blocking state
[ 178.891269] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 178.898049] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 178.906381] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 178.915187] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[ 178.925211] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[ 178.935182] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[ 178.945334] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[ 178.952532] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 178.962618] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 178.970492] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 178.978127] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 178.986596] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 178.994312] bridge0: port 1(bridge_slave_0) entered blocking state
[ 179.000723] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 179.007477] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 179.015297] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 179.022973] bridge0: port 2(bridge_slave_1) entered blocking state
[ 179.029362] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 179.040245] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[ 179.049600] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[ 179.058223] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[ 179.071955] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[ 179.080270] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 179.087484] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 179.094755] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 179.102590] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 179.110536] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 179.118186] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 179.126136] bridge0: port 2(bridge_slave_1) entered blocking state
[ 179.132519] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 179.139216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 179.146999] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 179.154729] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 179.162612] bridge0: port 2(bridge_slave_1) entered blocking state
[ 179.168950] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 179.176086] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 179.185135] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[ 179.196763] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
[ 179.205202] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[ 179.213890] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[ 179.221481] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 179.231904] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 179.240104] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 179.247567] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 179.255545] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 179.263293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 179.272451] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[ 179.281104] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[ 179.287943] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 179.296598] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 179.304570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 179.312741] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 179.322647] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[ 179.336029] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[ 179.352364] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[ 179.361427] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
[ 179.368170] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 179.377850] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 179.386604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 179.394530] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 179.402689] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 179.410802] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 179.418276] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 179.427382] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[ 179.437213] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[ 179.448652] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
[ 179.458915] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
[ 179.468995] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 179.477617] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 179.485916] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 179.493555] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 179.501274] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 179.508660] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 179.516308] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 179.524270] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 179.533454] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[ 179.544187] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[ 179.554027] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
[ 179.563315] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[ 179.569926] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 179.576839] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 179.585989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 179.594060] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 179.601943] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 179.609669] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 179.618343] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[ 179.629822] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
[ 179.641675] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[ 179.649863] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
[ 179.658147] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[ 179.664736] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 179.673375] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 179.681948] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 179.689606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 179.697041] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 179.704721] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 179.712453] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 179.720384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 179.727848] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 179.735363] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 179.742499] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 179.754435] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[ 179.764937] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
[ 179.774910] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[ 179.784894] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[ 179.791486] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 179.799068] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 179.807101] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 179.815384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 179.822991] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 179.830755] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 179.838361] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 179.848205] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
[ 179.857541] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
[ 179.875075] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[ 179.882295] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 179.890458] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 179.897859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 179.908086] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 179.922889] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
[ 179.932011] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[ 179.938029] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 179.951984] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[ 179.960241] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 179.967892] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 179.980123] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[ 179.986145] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 179.995253] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
[ 180.004802] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[ 180.017594] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[ 180.029211] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 180.040625] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 180.048876] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 180.058944] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 180.068856] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[ 180.075518] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 180.089113] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 180.101126] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 180.116669] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[ 180.154011] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[ 180.183263] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 180.229099] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 180.413796] hrtimer: interrupt took 35816 ns
2019/01/24 02:01:45 executed programs: 6
2019/01/24 02:01:50 executed programs: 22
[ 188.531885] syz-executor2 (8207) used greatest stack depth: 17224 bytes left
2019/01/24 02:01:55 executed programs: 37
[ 196.482060] syz-executor1 (8402) used greatest stack depth: 16376 bytes left
2019/01/24 02:02:00 executed programs: 55
[ 203.150208] syz-executor2 (8578) used greatest stack depth: 14776 bytes left
2019/01/24 02:02:05 executed programs: 71
2019/01/24 02:02:10 executed programs: 88
2019/01/24 02:02:16 executed programs: 108
2019/01/24 02:02:21 executed programs: 124
2019/01/24 02:02:26 executed programs: 141
2019/01/24 02:02:31 executed programs: 157
[ 233.380517] ==================================================================
[ 233.388171] BUG: KASAN: use-after-free in tls_write_space+0x316/0x3b0
[ 233.394758] Read of size 1 at addr ffff8880904295e0 by task syz-executor0/9405
[ 233.402115]
[ 233.403756] CPU: 1 PID: 9405 Comm: syz-executor0 Not tainted 5.0.0-rc3+ #41
[ 233.410857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 233.420214] Call Trace:
[ 233.422797]
[ 233.424948] dump_stack+0x1db/0x2d0
[ 233.428574] ? dump_stack_print_info.cold+0x20/0x20
[ 233.433595] ? tls_write_space+0x316/0x3b0
[ 233.437831] print_address_description.cold+0x7c/0x20d
[ 233.443117] ? tls_write_space+0x316/0x3b0
[ 233.447348] ? tls_write_space+0x316/0x3b0
[ 233.451580] kasan_report.cold+0x1b/0x40
[ 233.455640] ? mod_timer_pending+0x1450/0x1500
[ 233.460216] ? tls_write_space+0x316/0x3b0
[ 233.464451] __asan_report_load1_noabort+0x14/0x20
[ 233.469379] tls_write_space+0x316/0x3b0
[ 233.473443] ? tls_hw_hash+0x230/0x230
[ 233.477334] ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 233.482359] tcp_check_space+0x52e/0x920
[ 233.486426] ? tcp_prune_ofo_queue.part.0+0x8e0/0x8e0
[ 233.491614] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 233.497175] ? sk_reset_timer+0x38/0x60
[ 233.501153] tcp_rcv_established+0x9fb/0x2180
[ 233.505652] ? tcp_data_queue+0x4f60/0x4f60
[ 233.509969] ? kasan_check_read+0x11/0x20
[ 233.514112] ? __lock_is_held+0xb6/0x140
[ 233.518178] tcp_v4_do_rcv+0x616/0x8d0
[ 233.522068] tcp_v4_rcv+0x3151/0x3c40
[ 233.525882] ? tcp_v4_early_demux+0xaf0/0xaf0
[ 233.530387] ? __lock_is_held+0x41/0x140
[ 233.534504] ip_protocol_deliver_rcu+0xb6/0xa20
[ 233.539168] ? ip_call_ra_chain+0x770/0x770
[ 233.543499] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[ 233.548782] ip_local_deliver_finish+0x23b/0x390
[ 233.553538] ip_local_deliver+0x1f0/0x740
[ 233.557682] ? ip_local_deliver_finish+0x390/0x390
[ 233.562623] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 233.568184] ? ip_protocol_deliver_rcu+0xa20/0xa20
[ 233.573110] ? lock_downgrade+0x910/0x910
[ 233.577258] ? kasan_check_read+0x11/0x20
[ 233.581445] ? rcu_read_unlock_special+0x380/0x380
[ 233.586378] ip_rcv_finish+0x1f4/0x2f0
[ 233.590265] ip_rcv+0xed/0x620
[ 233.593455] ? ip_local_deliver+0x740/0x740
[ 233.597771] ? kfree+0xcf/0x230
[ 233.601052] ? ip_rcv_finish_core.isra.0+0x1ee0/0x1ee0
[ 233.606321] ? find_held_lock+0x35/0x120
[ 233.610399] ? ip_local_deliver+0x740/0x740
[ 233.614734] __netif_receive_skb_one_core+0x160/0x210
[ 233.619917] ? __netif_receive_skb_core+0x3750/0x3750
[ 233.625099] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[ 233.630391] ? rcu_softirq_qs+0x20/0x20
[ 233.634362] ? trace_hardirqs_off_caller+0x300/0x300
[ 233.639466] __netif_receive_skb+0x2c/0x1c0
[ 233.643795] process_backlog+0x206/0x750
[ 233.647865] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 233.653418] net_rx_action+0x76d/0x1930
[ 233.657398] ? napi_complete_done+0x6e0/0x6e0
[ 233.661888] ? rcu_fwd_progress_check+0xd0/0xd0
[ 233.666552] ? clockevents_program_event+0x15f/0x380
[ 233.671664] ? pvclock_read_flags+0x160/0x160
[ 233.676151] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 233.681688] ? check_preemption_disabled+0x48/0x290
[ 233.686705] ? kvm_clock_read+0x18/0x30
[ 233.690677] ? print_usage_bug+0xd0/0xd0
[ 233.694732] ? sched_clock+0x2e/0x50
[ 233.698452] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 233.703999] ? check_preemption_disabled+0x48/0x290
[ 233.709031] ? add_lock_to_list.isra.0+0x450/0x450
[ 233.713955] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 233.719489] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 233.725019] ? check_preemption_disabled+0x48/0x290
[ 233.730036] ? __lock_is_held+0xb6/0x140
[ 233.734100] __do_softirq+0x30b/0xb11
[ 233.737920] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 233.743470] ? __irqentry_text_end+0x1f96d2/0x1f96d2
[ 233.748578] ? smp_reschedule_interrupt+0xf1/0x650
[ 233.753509] ? trace_hardirqs_off+0x310/0x310
[ 233.758002] ? task_prio+0x50/0x50
[ 233.761545] ? check_preemption_disabled+0x48/0x290
[ 233.766599] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 233.771540] ? release_sock+0x1e8/0x2b0
[ 233.775532] do_softirq_own_stack+0x2a/0x40
[ 233.779841]
[ 233.782079] do_softirq.part.0+0x11a/0x170
[ 233.786309] __local_bh_enable_ip+0x211/0x270
[ 233.790811] _raw_spin_unlock_bh+0x31/0x40
[ 233.795042] release_sock+0x1e8/0x2b0
[ 233.798837] ? __release_sock+0x3a0/0x3a0
[ 233.803002] ? tls_ctx_free.part.0+0x32/0x40
[ 233.807414] tls_sk_proto_close+0x3fb/0x770
[ 233.811748] ? tcp_check_oom+0x530/0x530
[ 233.815823] ? tls_push_pending_closed_record+0x230/0x230
[ 233.821368] ? ip_mc_drop_socket+0x20c/0x270
[ 233.825777] inet_release+0x105/0x1f0
[ 233.829604] __sock_release+0x1d3/0x250
[ 233.833589] sock_release+0x18/0x20
[ 233.837204] smc_release+0x2f3/0x950
[ 233.840927] __sock_release+0xd3/0x250
[ 233.844807] sock_close+0x1b/0x30
[ 233.848276] __fput+0x3c5/0xb10
[ 233.851568] ? __sock_release+0x250/0x250
[ 233.855722] ? get_max_files+0x20/0x20
[ 233.859601] ? task_work_run+0x1bb/0x2b0
[ 233.863686] ? trace_hardirqs_off_caller+0x300/0x300
[ 233.868780] ? do_raw_spin_trylock+0x270/0x270
[ 233.873370] ____fput+0x16/0x20
[ 233.876641] task_work_run+0x1f4/0x2b0
[ 233.880523] ? task_work_cancel+0x2c0/0x2c0
[ 233.884858] ? smc_sendmsg+0x312/0x3c0
[ 233.888764] ? smc_sendpage+0x1b0/0x1b0
[ 233.892737] get_signal+0x168d/0x19b0
[ 233.896542] ? sock_write_iter+0x444/0x5e0
[ 233.900774] ? ptrace_notify+0x130/0x130
[ 233.904827] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 233.910387] ? iov_iter_init+0xea/0x220
[ 233.914358] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 233.919888] ? __vfs_write+0x11e/0xb40
[ 233.923773] do_signal+0x91/0x1ea0
[ 233.927301] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 233.932842] ? check_preemption_disabled+0x48/0x290
[ 233.937865] ? kick_process+0xef/0x180
[ 233.941749] ? setup_sigcontext+0x7d0/0x7d0
[ 233.946071] ? task_work_add+0x124/0x1f0
[ 233.950122] ? exit_to_usermode_loop+0x98/0x3b0
[ 233.954781] ? exit_to_usermode_loop+0x98/0x3b0
[ 233.959456] ? lockdep_hardirqs_on+0x415/0x5d0
[ 233.964053] ? trace_hardirqs_on+0xbd/0x310
[ 233.968382] ? do_fast_syscall_32+0xc97/0xf98
[ 233.972870] ? trace_hardirqs_off_caller+0x300/0x300
[ 233.977961] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 233.983486] ? fput+0x128/0x1a0
[ 233.986761] exit_to_usermode_loop+0x2f7/0x3b0
[ 233.991346] ? entry_SYSENTER_compat+0x70/0x7f
[ 233.995955] ? syscall_trace_enter+0x12a0/0x12a0
[ 234.000710] do_fast_syscall_32+0xc97/0xf98
[ 234.005056] ? do_int80_syscall_32+0x880/0x880
[ 234.009708] ? trace_hardirqs_off+0x310/0x310
[ 234.014205] ? syscall_return_slowpath+0x3b0/0x5f0
[ 234.019149] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 234.024680] ? prepare_exit_to_usermode+0x232/0x3b0
[ 234.029708] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 234.034552] entry_SYSENTER_compat+0x70/0x7f
[ 234.038965] RIP: 0023:0xf7f35869
[ 234.042338] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 234.061232] RSP: 002b:00000000f7f310cc EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[ 234.068931] RAX: 0000000000270000 RBX: 0000000000000006 RCX: 0000000020000040
[ 234.076190] RDX: 00000000ffffffc4 RSI: 0000000000000000 RDI: 0000000000000000
[ 234.083450] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 234.090710] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 234.097969] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 234.105235]
[ 234.106866] Allocated by task 9406:
[ 234.110487] save_stack+0x45/0xd0
[ 234.113947] __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 234.118866] kasan_kmalloc+0x9/0x10
[ 234.122493] kmem_cache_alloc_trace+0x151/0x760
[ 234.127154] create_ctx+0x46/0x1f0
[ 234.130691] tls_init+0x1dd/0xd40
[ 234.134135] tcp_set_ulp+0x3de/0x540
[ 234.137838] do_tcp_setsockopt.isra.0+0x44c/0x26a0
[ 234.142760] tcp_setsockopt+0xc4/0xf0
[ 234.146552] sock_common_setsockopt+0x9a/0xe0
[ 234.151036] smc_setsockopt+0xd1/0x7a0
[ 234.154913] __compat_sys_setsockopt+0x320/0x830
[ 234.159659] __ia32_compat_sys_setsockopt+0xbd/0x150
[ 234.164754] do_fast_syscall_32+0x333/0xf98
[ 234.169063] entry_SYSENTER_compat+0x70/0x7f
[ 234.173456]
[ 234.175073] Freed by task 9405:
[ 234.178375] save_stack+0x45/0xd0
[ 234.181854] __kasan_slab_free+0x102/0x150
[ 234.186076] kasan_slab_free+0xe/0x10
[ 234.189866] kfree+0xcf/0x230
[ 234.192964] tls_ctx_free.part.0+0x32/0x40
[ 234.197191] tls_sk_proto_close+0x3ee/0x770
[ 234.201534] inet_release+0x105/0x1f0
[ 234.205365] __sock_release+0x1d3/0x250
[ 234.209370] sock_release+0x18/0x20
[ 234.212991] smc_release+0x2f3/0x950
[ 234.216722] __sock_release+0xd3/0x250
[ 234.220596] sock_close+0x1b/0x30
[ 234.224077] __fput+0x3c5/0xb10
[ 234.227377] ____fput+0x16/0x20
[ 234.230641] task_work_run+0x1f4/0x2b0
[ 234.234515] get_signal+0x168d/0x19b0
[ 234.238318] do_signal+0x91/0x1ea0
[ 234.241859] exit_to_usermode_loop+0x2f7/0x3b0
[ 234.246432] do_fast_syscall_32+0xc97/0xf98
[ 234.250745] entry_SYSENTER_compat+0x70/0x7f
[ 234.255133]
[ 234.256752] The buggy address belongs to the object at ffff888090429500
[ 234.256752] which belongs to the cache kmalloc-512 of size 512
[ 234.269413] The buggy address is located 224 bytes inside of
[ 234.269413] 512-byte region [ffff888090429500, ffff888090429700)
[ 234.281270] The buggy address belongs to the page:
[ 234.286185] page:ffffea0002410a40 count:1 mapcount:0 mapping:ffff88812c3f0940 index:0x0
[ 234.294312] flags: 0x1fffc0000000200(slab)
[ 234.298547] raw: 01fffc0000000200 ffffea00024efbc8 ffffea00027a8c48 ffff88812c3f0940
[ 234.306433] raw: 0000000000000000 ffff888090429000 0000000100000006 0000000000000000
[ 234.314321] page dumped because: kasan: bad access detected
[ 234.320050]
[ 234.321662] Memory state around the buggy address:
[ 234.326582] ffff888090429480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 234.333930] ffff888090429500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 234.341280] >ffff888090429580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 234.348624] ^
[ 234.355104] ffff888090429600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 234.362464] ffff888090429680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 234.369806] ==================================================================
[ 234.377147] Disabling lock debugging due to kernel taint
[ 234.382660] Kernel panic - not syncing: panic_on_warn set ...
[ 234.388558] CPU: 1 PID: 9405 Comm: syz-executor0 Tainted: G B 5.0.0-rc3+ #41
[ 234.397048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 234.406399] Call Trace:
[ 234.408974]
[ 234.411128] dump_stack+0x1db/0x2d0
[ 234.414769] ? dump_stack_print_info.cold+0x20/0x20
[ 234.419804] panic+0x2cb/0x65c
[ 234.422992] ? add_taint.cold+0x16/0x16
[ 234.426969] ? trace_hardirqs_on+0xb4/0x310
[ 234.431286] ? trace_hardirqs_on+0xb4/0x310
[ 234.435650] ? tls_write_space+0x316/0x3b0
[ 234.439930] end_report+0x47/0x4f
[ 234.443385] ? tls_write_space+0x316/0x3b0
[ 234.447631] kasan_report.cold+0xe/0x40
[ 234.451630] ? mod_timer_pending+0x1450/0x1500
[ 234.456230] ? tls_write_space+0x316/0x3b0
[ 234.460481] __asan_report_load1_noabort+0x14/0x20
[ 234.465418] tls_write_space+0x316/0x3b0
[ 234.469494] ? tls_hw_hash+0x230/0x230
[ 234.473398] ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 234.478423] tcp_check_space+0x52e/0x920
[ 234.482523] ? tcp_prune_ofo_queue.part.0+0x8e0/0x8e0
[ 234.487743] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 234.493303] ? sk_reset_timer+0x38/0x60
[ 234.497350] tcp_rcv_established+0x9fb/0x2180
[ 234.501880] ? tcp_data_queue+0x4f60/0x4f60
[ 234.506242] ? kasan_check_read+0x11/0x20
[ 234.510401] ? __lock_is_held+0xb6/0x140
[ 234.514478] tcp_v4_do_rcv+0x616/0x8d0
[ 234.518376] tcp_v4_rcv+0x3151/0x3c40
[ 234.522202] ? tcp_v4_early_demux+0xaf0/0xaf0
[ 234.526702] ? __lock_is_held+0x41/0x140
[ 234.530779] ip_protocol_deliver_rcu+0xb6/0xa20
[ 234.535470] ? ip_call_ra_chain+0x770/0x770
[ 234.539803] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[ 234.545096] ip_local_deliver_finish+0x23b/0x390
[ 234.549886] ip_local_deliver+0x1f0/0x740
[ 234.554037] ? ip_local_deliver_finish+0x390/0x390
[ 234.559005] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 234.564568] ? ip_protocol_deliver_rcu+0xa20/0xa20
[ 234.569561] ? lock_downgrade+0x910/0x910
[ 234.573719] ? kasan_check_read+0x11/0x20
[ 234.577891] ? rcu_read_unlock_special+0x380/0x380
[ 234.582842] ip_rcv_finish+0x1f4/0x2f0
[ 234.586740] ip_rcv+0xed/0x620
[ 234.589931] ? ip_local_deliver+0x740/0x740
[ 234.594248] ? kfree+0xcf/0x230
[ 234.597584] ? ip_rcv_finish_core.isra.0+0x1ee0/0x1ee0
[ 234.602911] ? find_held_lock+0x35/0x120
[ 234.607007] ? ip_local_deliver+0x740/0x740
[ 234.611324] __netif_receive_skb_one_core+0x160/0x210
[ 234.616532] ? __netif_receive_skb_core+0x3750/0x3750
[ 234.621751] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[ 234.627028] ? rcu_softirq_qs+0x20/0x20
[ 234.631019] ? trace_hardirqs_off_caller+0x300/0x300
[ 234.636147] __netif_receive_skb+0x2c/0x1c0
[ 234.640475] process_backlog+0x206/0x750
[ 234.644548] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 234.650108] net_rx_action+0x76d/0x1930
[ 234.654095] ? napi_complete_done+0x6e0/0x6e0
[ 234.658623] ? rcu_fwd_progress_check+0xd0/0xd0
[ 234.663314] ? clockevents_program_event+0x15f/0x380
[ 234.668436] ? pvclock_read_flags+0x160/0x160
[ 234.672962] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 234.678529] ? check_preemption_disabled+0x48/0x290
[ 234.683563] ? kvm_clock_read+0x18/0x30
[ 234.687583] ? print_usage_bug+0xd0/0xd0
[ 234.691658] ? sched_clock+0x2e/0x50
[ 234.695391] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 234.700942] ? check_preemption_disabled+0x48/0x290
[ 234.705990] ? add_lock_to_list.isra.0+0x450/0x450
[ 234.710939] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 234.716500] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 234.722059] ? check_preemption_disabled+0x48/0x290
[ 234.727123] ? __lock_is_held+0xb6/0x140
[ 234.731216] __do_softirq+0x30b/0xb11
[ 234.735096] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 234.741116] ? __irqentry_text_end+0x1f96d2/0x1f96d2
[ 234.746235] ? smp_reschedule_interrupt+0xf1/0x650
[ 234.751177] ? trace_hardirqs_off+0x310/0x310
[ 234.755688] ? task_prio+0x50/0x50
[ 234.759247] ? check_preemption_disabled+0x48/0x290
[ 234.764272] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 234.769131] ? release_sock+0x1e8/0x2b0
[ 234.773133] do_softirq_own_stack+0x2a/0x40
[ 234.777458]
[ 234.779759] do_softirq.part.0+0x11a/0x170
[ 234.783997] __local_bh_enable_ip+0x211/0x270
[ 234.788509] _raw_spin_unlock_bh+0x31/0x40
[ 234.792767] release_sock+0x1e8/0x2b0
[ 234.796579] ? __release_sock+0x3a0/0x3a0
[ 234.800738] ? tls_ctx_free.part.0+0x32/0x40
[ 234.805183] tls_sk_proto_close+0x3fb/0x770
[ 234.809546] ? tcp_check_oom+0x530/0x530
[ 234.813623] ? tls_push_pending_closed_record+0x230/0x230
[ 234.819172] ? ip_mc_drop_socket+0x20c/0x270
[ 234.823594] inet_release+0x105/0x1f0
[ 234.827439] __sock_release+0x1d3/0x250
[ 234.831421] sock_release+0x18/0x20
[ 234.835063] smc_release+0x2f3/0x950
[ 234.838792] __sock_release+0xd3/0x250
[ 234.842684] sock_close+0x1b/0x30
[ 234.846145] __fput+0x3c5/0xb10
[ 234.849434] ? __sock_release+0x250/0x250
[ 234.853593] ? get_max_files+0x20/0x20
[ 234.857479] ? task_work_run+0x1bb/0x2b0
[ 234.861560] ? trace_hardirqs_off_caller+0x300/0x300
[ 234.866689] ? do_raw_spin_trylock+0x270/0x270
[ 234.871284] ____fput+0x16/0x20
[ 234.874573] task_work_run+0x1f4/0x2b0
[ 234.878514] ? task_work_cancel+0x2c0/0x2c0
[ 234.882847] ? smc_sendmsg+0x312/0x3c0
[ 234.886798] ? smc_sendpage+0x1b0/0x1b0
[ 234.890825] get_signal+0x168d/0x19b0
[ 234.894682] ? sock_write_iter+0x444/0x5e0
[ 234.898923] ? ptrace_notify+0x130/0x130
[ 234.903009] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 234.908570] ? iov_iter_init+0xea/0x220
[ 234.912558] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 234.918124] ? __vfs_write+0x11e/0xb40
[ 234.922032] do_signal+0x91/0x1ea0
[ 234.925579] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 234.931136] ? check_preemption_disabled+0x48/0x290
[ 234.936184] ? kick_process+0xef/0x180
[ 234.940095] ? setup_sigcontext+0x7d0/0x7d0
[ 234.944455] ? task_work_add+0x124/0x1f0
[ 234.948531] ? exit_to_usermode_loop+0x98/0x3b0
[ 234.953207] ? exit_to_usermode_loop+0x98/0x3b0
[ 234.957888] ? lockdep_hardirqs_on+0x415/0x5d0
[ 234.962483] ? trace_hardirqs_on+0xbd/0x310
[ 234.966836] ? do_fast_syscall_32+0xc97/0xf98
[ 234.971368] ? trace_hardirqs_off_caller+0x300/0x300
[ 234.976478] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 234.982036] ? fput+0x128/0x1a0
[ 234.985339] exit_to_usermode_loop+0x2f7/0x3b0
[ 234.989962] ? entry_SYSENTER_compat+0x70/0x7f
[ 234.994562] ? syscall_trace_enter+0x12a0/0x12a0
[ 234.999387] do_fast_syscall_32+0xc97/0xf98
[ 235.003727] ? do_int80_syscall_32+0x880/0x880
[ 235.008320] ? trace_hardirqs_off+0x310/0x310
[ 235.012832] ? syscall_return_slowpath+0x3b0/0x5f0
[ 235.017793] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 235.023358] ? prepare_exit_to_usermode+0x232/0x3b0
[ 235.028373] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 235.033218] entry_SYSENTER_compat+0x70/0x7f
[ 235.037616] RIP: 0023:0xf7f35869
[ 235.040992] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 235.059887] RSP: 002b:00000000f7f310cc EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[ 235.067586] RAX: 0000000000270000 RBX: 0000000000000006 RCX: 0000000020000040
[ 235.074847] RDX: 00000000ffffffc4 RSI: 0000000000000000 RDI: 0000000000000000
[ 235.082110] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 235.089375] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 235.096636] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 235.104941] Kernel Offset: disabled
[ 235.108563] Rebooting in 86400 seconds..