[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   53.576039][   T26] audit: type=1800 audit(1569484885.889:25): pid=8450 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   53.597732][   T26] audit: type=1800 audit(1569484885.889:26): pid=8450 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   53.633388][   T26] audit: type=1800 audit(1569484885.889:27): pid=8450 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.10.48' (ECDSA) to the list of known hosts.
2019/09/26 08:05:40 parsed 1 programs
2019/09/26 08:05:42 executed programs: 0
syzkaller login: [  310.259610][ T8626] IPVS: ftp: loaded support on port[0] = 21
[  310.285698][ T8633] IPVS: ftp: loaded support on port[0] = 21
[  310.286101][ T8625] IPVS: ftp: loaded support on port[0] = 21
[  310.300804][ T8634] IPVS: ftp: loaded support on port[0] = 21
[  310.334934][ T8632] IPVS: ftp: loaded support on port[0] = 21
[  310.348786][ T8629] IPVS: ftp: loaded support on port[0] = 21
[  310.556505][ T8625] chnl_net:caif_netlink_parms(): no params data found
[  310.614963][ T8632] chnl_net:caif_netlink_parms(): no params data found
[  310.639482][ T8634] chnl_net:caif_netlink_parms(): no params data found
[  310.672676][ T8626] chnl_net:caif_netlink_parms(): no params data found
[  310.747767][ T8634] bridge0: port 1(bridge_slave_0) entered blocking state
[  310.755287][ T8634] bridge0: port 1(bridge_slave_0) entered disabled state
[  310.763251][ T8634] device bridge_slave_0 entered promiscuous mode
[  310.773571][ T8634] bridge0: port 2(bridge_slave_1) entered blocking state
[  310.780606][ T8634] bridge0: port 2(bridge_slave_1) entered disabled state
[  310.788202][ T8634] device bridge_slave_1 entered promiscuous mode
[  310.815974][ T8633] chnl_net:caif_netlink_parms(): no params data found
[  310.835655][ T8632] bridge0: port 1(bridge_slave_0) entered blocking state
[  310.842837][ T8632] bridge0: port 1(bridge_slave_0) entered disabled state
[  310.850299][ T8632] device bridge_slave_0 entered promiscuous mode
[  310.857664][ T8625] bridge0: port 1(bridge_slave_0) entered blocking state
[  310.865069][ T8625] bridge0: port 1(bridge_slave_0) entered disabled state
[  310.873202][ T8625] device bridge_slave_0 entered promiscuous mode
[  310.884553][ T8625] bridge0: port 2(bridge_slave_1) entered blocking state
[  310.891587][ T8625] bridge0: port 2(bridge_slave_1) entered disabled state
[  310.899183][ T8625] device bridge_slave_1 entered promiscuous mode
[  310.929026][ T8634] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  310.939171][ T8632] bridge0: port 2(bridge_slave_1) entered blocking state
[  310.946401][ T8632] bridge0: port 2(bridge_slave_1) entered disabled state
[  310.954967][ T8632] device bridge_slave_1 entered promiscuous mode
[  310.989591][ T8634] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  310.998836][ T8626] bridge0: port 1(bridge_slave_0) entered blocking state
[  311.006070][ T8626] bridge0: port 1(bridge_slave_0) entered disabled state
[  311.013787][ T8626] device bridge_slave_0 entered promiscuous mode
[  311.025003][ T8626] bridge0: port 2(bridge_slave_1) entered blocking state
[  311.032092][ T8626] bridge0: port 2(bridge_slave_1) entered disabled state
[  311.039753][ T8626] device bridge_slave_1 entered promiscuous mode
[  311.069011][ T8626] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  311.085804][ T8626] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  311.096677][ T8629] chnl_net:caif_netlink_parms(): no params data found
[  311.106932][ T8625] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  311.117248][ T8632] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  311.126731][ T8633] bridge0: port 1(bridge_slave_0) entered blocking state
[  311.134264][ T8633] bridge0: port 1(bridge_slave_0) entered disabled state
[  311.141766][ T8633] device bridge_slave_0 entered promiscuous mode
[  311.149776][ T8633] bridge0: port 2(bridge_slave_1) entered blocking state
[  311.157257][ T8633] bridge0: port 2(bridge_slave_1) entered disabled state
[  311.164992][ T8633] device bridge_slave_1 entered promiscuous mode
[  311.183490][ T8634] team0: Port device team_slave_0 added
[  311.195004][ T8625] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  311.209668][ T8632] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  311.234801][ T8634] team0: Port device team_slave_1 added
[  311.241557][ T8626] team0: Port device team_slave_0 added
[  311.252587][ T8626] team0: Port device team_slave_1 added
[  311.270039][ T8632] team0: Port device team_slave_0 added
[  311.283337][ T8625] team0: Port device team_slave_0 added
[  311.307231][ T8633] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  311.317542][ T8632] team0: Port device team_slave_1 added
[  311.324223][ T8625] team0: Port device team_slave_1 added
[  311.375102][ T8634] device hsr_slave_0 entered promiscuous mode
[  311.412678][ T8634] device hsr_slave_1 entered promiscuous mode
[  311.492874][ T8633] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  311.515082][ T8629] bridge0: port 1(bridge_slave_0) entered blocking state
[  311.522634][ T8629] bridge0: port 1(bridge_slave_0) entered disabled state
[  311.530143][ T8629] device bridge_slave_0 entered promiscuous mode
[  311.541982][ T8629] bridge0: port 2(bridge_slave_1) entered blocking state
[  311.549021][ T8629] bridge0: port 2(bridge_slave_1) entered disabled state
[  311.557711][ T8629] device bridge_slave_1 entered promiscuous mode
[  311.614834][ T8626] device hsr_slave_0 entered promiscuous mode
[  311.652524][ T8626] device hsr_slave_1 entered promiscuous mode
[  311.692285][ T8626] debugfs: Directory 'hsr0' with parent '/' already present!
[  311.765172][ T8632] device hsr_slave_0 entered promiscuous mode
[  311.832127][ T8632] device hsr_slave_1 entered promiscuous mode
[  311.912058][ T8632] debugfs: Directory 'hsr0' with parent '/' already present!
[  311.926040][ T8633] team0: Port device team_slave_0 added
[  311.960425][ T8633] team0: Port device team_slave_1 added
[  312.014926][ T8625] device hsr_slave_0 entered promiscuous mode
[  312.052332][ T8625] device hsr_slave_1 entered promiscuous mode
[  312.092082][ T8625] debugfs: Directory 'hsr0' with parent '/' already present!
[  312.101679][ T8629] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  312.112408][ T8629] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  312.174889][ T8633] device hsr_slave_0 entered promiscuous mode
[  312.242903][ T8633] device hsr_slave_1 entered promiscuous mode
[  312.312467][ T8633] debugfs: Directory 'hsr0' with parent '/' already present!
[  312.333949][ T8629] team0: Port device team_slave_0 added
[  312.342323][ T8629] team0: Port device team_slave_1 added
[  312.415110][ T8629] device hsr_slave_0 entered promiscuous mode
[  312.452378][ T8629] device hsr_slave_1 entered promiscuous mode
[  312.492197][ T8629] debugfs: Directory 'hsr0' with parent '/' already present!
[  312.565111][ T8629] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.572360][ T8629] bridge0: port 2(bridge_slave_1) entered forwarding state
[  312.579806][ T8629] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.586893][ T8629] bridge0: port 1(bridge_slave_0) entered forwarding state
[  312.651401][ T8633] 8021q: adding VLAN 0 to HW filter on device bond0
[  312.671517][ T8626] 8021q: adding VLAN 0 to HW filter on device bond0
[  312.691857][ T8629] 8021q: adding VLAN 0 to HW filter on device bond0
[  312.708795][ T8625] 8021q: adding VLAN 0 to HW filter on device bond0
[  312.720460][ T8633] 8021q: adding VLAN 0 to HW filter on device team0
[  312.735333][ T8634] 8021q: adding VLAN 0 to HW filter on device bond0
[  312.745299][   T17] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.753708][   T17] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.763193][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  312.775435][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  312.783105][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  312.805043][ T8632] 8021q: adding VLAN 0 to HW filter on device bond0
[  312.817610][ T8629] 8021q: adding VLAN 0 to HW filter on device team0
[  312.831404][ T8625] 8021q: adding VLAN 0 to HW filter on device team0
[  312.843272][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  312.851879][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  312.860857][ T8636] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.867936][ T8636] bridge0: port 1(bridge_slave_0) entered forwarding state
[  312.875452][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  312.884098][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  312.892630][ T8636] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.899654][ T8636] bridge0: port 2(bridge_slave_1) entered forwarding state
[  312.907195][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  312.915716][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  312.924596][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  312.933176][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  312.941326][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  312.948974][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  312.956628][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  312.964940][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  312.972744][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  312.980248][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  312.988141][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  312.997796][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  313.005882][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  313.013635][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  313.030459][ T8632] 8021q: adding VLAN 0 to HW filter on device team0
[  313.040718][ T8626] 8021q: adding VLAN 0 to HW filter on device team0
[  313.052537][ T8634] 8021q: adding VLAN 0 to HW filter on device team0
[  313.065457][ T8633] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  313.074032][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  313.082900][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  313.091426][ T8636] bridge0: port 1(bridge_slave_0) entered blocking state
[  313.098492][ T8636] bridge0: port 1(bridge_slave_0) entered forwarding state
[  313.106094][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  313.114102][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  313.121624][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  313.130127][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  313.138390][ T8636] bridge0: port 2(bridge_slave_1) entered blocking state
[  313.145454][ T8636] bridge0: port 2(bridge_slave_1) entered forwarding state
[  313.153163][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  313.160704][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  313.168391][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  313.176927][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  313.186222][ T8636] bridge0: port 1(bridge_slave_0) entered blocking state
[  313.193306][ T8636] bridge0: port 1(bridge_slave_0) entered forwarding state
[  313.201367][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  313.236688][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  313.245233][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  313.254100][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  313.270012][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  313.279591][ T3768] bridge0: port 1(bridge_slave_0) entered blocking state
[  313.286671][ T3768] bridge0: port 1(bridge_slave_0) entered forwarding state
[  313.294868][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  313.303539][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  313.311748][ T3768] bridge0: port 2(bridge_slave_1) entered blocking state
[  313.318806][ T3768] bridge0: port 2(bridge_slave_1) entered forwarding state
[  313.326391][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  313.335383][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  313.344099][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  313.352732][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  313.360949][ T3768] bridge0: port 2(bridge_slave_1) entered blocking state
[  313.368016][ T3768] bridge0: port 2(bridge_slave_1) entered forwarding state
[  313.375746][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  313.385234][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  313.393681][ T3768] bridge0: port 1(bridge_slave_0) entered blocking state
[  313.400708][ T3768] bridge0: port 1(bridge_slave_0) entered forwarding state
[  313.408284][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  313.416836][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  313.425482][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  313.434085][ T3768] bridge0: port 2(bridge_slave_1) entered blocking state
[  313.441120][ T3768] bridge0: port 2(bridge_slave_1) entered forwarding state
[  313.448871][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  313.457340][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  313.466268][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  313.474629][ T3768] bridge0: port 1(bridge_slave_0) entered blocking state
[  313.481644][ T3768] bridge0: port 1(bridge_slave_0) entered forwarding state
[  313.490070][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  313.497907][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  313.505761][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  313.541165][ T8645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  313.550537][ T8645] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  313.559676][ T8645] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  313.569083][ T8645] bridge0: port 2(bridge_slave_1) entered blocking state
[  313.576156][ T8645] bridge0: port 2(bridge_slave_1) entered forwarding state
[  313.584041][ T8645] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  313.593641][ T8645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  313.602316][ T8645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  313.610688][ T8645] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  313.619093][ T8645] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  313.627714][ T8645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  313.636140][ T8645] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  313.644517][ T8645] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  313.653227][ T8645] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  313.661769][ T8645] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  313.669713][ T8645] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  313.697522][ T8633] 8021q: adding VLAN 0 to HW filter on device batadv0
[  313.719178][ T8629] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  313.730368][ T8629] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  313.743450][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  313.752536][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  313.760856][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  313.770080][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  313.778496][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  313.787046][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  313.795503][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  313.804174][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  313.812638][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  313.820795][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  313.829015][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  313.837249][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  313.845460][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  313.853853][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  313.862054][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  313.870486][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  313.879084][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  313.887344][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  313.895954][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  313.904673][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  313.913524][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  313.921707][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  313.930280][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  313.938445][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  313.946822][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  313.954721][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  313.962874][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  313.970583][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  313.987042][ T8632] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  314.001283][ T8634] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  314.020874][ T8634] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  314.029871][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  314.038696][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  314.047601][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  314.056029][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  314.064358][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  314.072727][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  314.085176][ T8625] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  314.097021][ T8625] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  314.114794][ T8626] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  314.137100][ T8644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  314.152477][ T8644] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  314.160530][ T8644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  314.169232][ T8644] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  314.187156][ T8629] 8021q: adding VLAN 0 to HW filter on device batadv0
[  314.207522][ T8634] 8021q: adding VLAN 0 to HW filter on device batadv0
[  314.235003][ T8626] 8021q: adding VLAN 0 to HW filter on device batadv0
[  314.246023][ T8625] 8021q: adding VLAN 0 to HW filter on device batadv0
[  314.270238][ T8632] 8021q: adding VLAN 0 to HW filter on device batadv0
[  314.553908][    C1] hrtimer: interrupt took 50876 ns
2019/09/26 08:05:47 executed programs: 22
2019/09/26 08:05:52 executed programs: 162
2019/09/26 08:05:57 executed programs: 310
2019/09/26 08:06:02 executed programs: 443
2019/09/26 08:06:07 executed programs: 585
2019/09/26 08:06:12 executed programs: 722
[  344.399784][T12258] ==================================================================
[  344.408178][T12258] BUG: KASAN: use-after-free in rxrpc_release_call+0x937/0xa50
[  344.415707][T12258] Read of size 8 at addr ffff888083273250 by task syz-executor.2/12258
[  344.415716][T12258] 
[  344.415733][T12258] CPU: 1 PID: 12258 Comm: syz-executor.2 Not tainted 5.3.0-next-20190925 #0
[  344.415745][T12258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  344.415760][T12258] Call Trace:
[  344.448342][T12258]  dump_stack+0x172/0x1f0
[  344.452674][T12258]  ? rxrpc_release_call+0x937/0xa50
[  344.457891][T12258]  print_address_description.constprop.0.cold+0xd4/0x30b
[  344.464906][T12258]  ? rxrpc_release_call+0x937/0xa50
[  344.464922][T12258]  ? rxrpc_release_call+0x937/0xa50
[  344.464938][T12258]  __kasan_report.cold+0x1b/0x41
[  344.464958][T12258]  ? rxrpc_release_call+0x937/0xa50
[  344.485414][T12258]  kasan_report+0x12/0x20
[  344.489751][T12258]  __asan_report_load8_noabort+0x14/0x20
[  344.495381][T12258]  rxrpc_release_call+0x937/0xa50
[  344.500409][T12258]  ? rxrpc_release_calls_on_socket+0x6e7/0x1320
[  344.506659][T12258]  rxrpc_release_calls_on_socket+0x6e7/0x1320
[  344.512738][T12258]  ? rxrpc_discard_prealloc+0x664/0xf20
[  344.518279][T12258]  ? rxrpc_release+0x238/0x550
[  344.523052][T12258]  rxrpc_release+0x2a6/0x550
[  344.527684][T12258]  __sock_release+0xce/0x280
[  344.532292][T12258]  sock_close+0x1e/0x30
[  344.536436][T12258]  __fput+0x2ff/0x890
[  344.540396][T12258]  ? __sock_release+0x280/0x280
[  344.545224][T12258]  ____fput+0x16/0x20
[  344.549182][T12258]  task_work_run+0x145/0x1c0
[  344.553756][T12258]  exit_to_usermode_loop+0x316/0x380
[  344.559031][T12258]  do_syscall_64+0x65f/0x760
[  344.563614][T12258]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  344.569481][T12258] RIP: 0033:0x413711
[  344.573351][T12258] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  344.592929][T12258] RSP: 002b:00007ffe1a6003b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  344.601315][T12258] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000413711
[  344.609260][T12258] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  344.617205][T12258] RBP: 0000000000000001 R08: ffffffffffffffff R09: ffffffffffffffff
[  344.625152][T12258] R10: 00007ffe1a600490 R11: 0000000000000293 R12: 000000000075bf20
[  344.633098][T12258] R13: 0000000000054127 R14: 00000000007614e0 R15: 000000000075bf2c
[  344.641063][T12258] 
[  344.643383][T12258] Allocated by task 12259:
[  344.647788][T12258]  save_stack+0x23/0x90
[  344.651931][T12258]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[  344.657536][T12258]  kasan_kmalloc+0x9/0x10
[  344.661838][T12258]  kmem_cache_alloc_trace+0x158/0x790
[  344.667184][T12258]  rxrpc_alloc_connection+0x86/0x5f0
[  344.672445][T12258]  rxrpc_connect_call+0x648/0x4c00
[  344.677530][T12258]  rxrpc_new_client_call+0x978/0x19d0
[  344.682915][T12258]  rxrpc_do_sendmsg+0xff5/0x1d53
[  344.687849][T12258]  rxrpc_sendmsg+0x4d6/0x5f0
[  344.692412][T12258]  sock_sendmsg+0xd7/0x130
[  344.696809][T12258]  ___sys_sendmsg+0x3e2/0x920
[  344.701470][T12258]  __sys_sendmmsg+0x1bf/0x4d0
[  344.706137][T12258]  __x64_sys_sendmmsg+0x9d/0x100
[  344.711062][T12258]  do_syscall_64+0xfa/0x760
[  344.715543][T12258]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  344.721401][T12258] 
[  344.723716][T12258] Freed by task 16:
[  344.727509][T12258]  save_stack+0x23/0x90
[  344.731643][T12258]  __kasan_slab_free+0x102/0x150
[  344.736553][T12258]  kasan_slab_free+0xe/0x10
[  344.741026][T12258]  kfree+0x10a/0x2c0
[  344.744988][T12258]  rxrpc_destroy_connection+0x1f2/0x2d0
[  344.750554][T12258]  rcu_core+0x581/0x1560
[  344.754778][T12258]  rcu_core_si+0x9/0x10
[  344.758908][T12258]  __do_softirq+0x262/0x98c
[  344.763419][T12258] 
[  344.765733][T12258] The buggy address belongs to the object at ffff888083273000
[  344.765733][T12258]  which belongs to the cache kmalloc-1k of size 1024
[  344.779756][T12258] The buggy address is located 592 bytes inside of
[  344.779756][T12258]  1024-byte region [ffff888083273000, ffff888083273400)
[  344.793098][T12258] The buggy address belongs to the page:
[  344.798707][T12258] page:ffffea00020c9cc0 refcount:1 mapcount:0 mapping:ffff8880aa400c40 index:0x0
[  344.807791][T12258] flags: 0x1fffc0000000200(slab)
[  344.812708][T12258] raw: 01fffc0000000200 ffffea00020c9b08 ffffea00020cda88 ffff8880aa400c40
[  344.821275][T12258] raw: 0000000000000000 ffff888083273000 0000000100000002 0000000000000000
[  344.829834][T12258] page dumped because: kasan: bad access detected
[  344.836218][T12258] 
[  344.838521][T12258] Memory state around the buggy address:
[  344.844126][T12258]  ffff888083273100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  344.852179][T12258]  ffff888083273180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  344.860219][T12258] >ffff888083273200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  344.868250][T12258]                                                  ^
[  344.874896][T12258]  ffff888083273280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  344.882929][T12258]  ffff888083273300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  344.890961][T12258] ==================================================================
[  344.899090][T12258] Disabling lock debugging due to kernel taint
[  344.907935][T12258] Kernel panic - not syncing: panic_on_warn set ...
[  344.914534][T12258] CPU: 1 PID: 12258 Comm: syz-executor.2 Tainted: G    B             5.3.0-next-20190925 #0
[  344.924579][T12258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  344.927793][ T3894] kobject: 'loop1' (00000000beb7479b): kobject_uevent_env
[  344.934619][T12258] Call Trace:
[  344.934636][T12258]  dump_stack+0x172/0x1f0
[  344.934652][T12258]  panic+0x2dc/0x755
[  344.953187][T12258]  ? add_taint.cold+0x16/0x16
[  344.957864][T12258]  ? rxrpc_release_call+0x937/0xa50
[  344.963060][T12258]  ? preempt_schedule+0x4b/0x60
[  344.967906][T12258]  ? ___preempt_schedule+0x16/0x20
[  344.973031][T12258]  ? trace_hardirqs_on+0x5e/0x240
[  344.974635][ T3894] kobject: 'loop1' (00000000beb7479b): fill_kobj_path: path = '/devices/virtual/block/loop1'
[  344.978064][T12258]  ? rxrpc_release_call+0x937/0xa50
[  344.978075][T12258]  end_report+0x47/0x4f
[  344.978091][T12258]  ? rxrpc_release_call+0x937/0xa50
[  345.002696][T12258]  __kasan_report.cold+0xe/0x41
[  345.007550][T12258]  ? rxrpc_release_call+0x937/0xa50
[  345.012750][T12258]  kasan_report+0x12/0x20
[  345.017079][T12258]  __asan_report_load8_noabort+0x14/0x20
[  345.022705][T12258]  rxrpc_release_call+0x937/0xa50
[  345.027729][T12258]  ? rxrpc_release_calls_on_socket+0x6e7/0x1320
[  345.030983][ T3894] kobject: 'loop5' (00000000855f053d): kobject_uevent_env
[  345.041051][T12258]  rxrpc_release_calls_on_socket+0x6e7/0x1320
[  345.041063][T12258]  ? rxrpc_discard_prealloc+0x664/0xf20
[  345.041078][T12258]  ? rxrpc_release+0x238/0x550
[  345.057403][T12258]  rxrpc_release+0x2a6/0x550
[  345.061991][T12258]  __sock_release+0xce/0x280
[  345.066579][T12258]  sock_close+0x1e/0x30
[  345.070732][T12258]  __fput+0x2ff/0x890
[  345.074708][T12258]  ? __sock_release+0x280/0x280
[  345.074906][ T3894] kobject: 'loop5' (00000000855f053d): fill_kobj_path: path = '/devices/virtual/block/loop5'
[  345.079548][T12258]  ____fput+0x16/0x20
[  345.079561][T12258]  task_work_run+0x145/0x1c0
[  345.079581][T12258]  exit_to_usermode_loop+0x316/0x380
[  345.091266][ T3894] kobject: 'loop4' (00000000e1e6c7e4): kobject_uevent_env
[  345.093661][T12258]  do_syscall_64+0x65f/0x760
[  345.093679][T12258]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  345.093688][T12258] RIP: 0033:0x413711
[  345.093703][T12258] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  345.098594][ T3894] kobject: 'loop4' (00000000e1e6c7e4): fill_kobj_path: path = '/devices/virtual/block/loop4'
[  345.103520][T12258] RSP: 002b:00007ffe1a6003b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  345.103533][T12258] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000413711
[  345.103541][T12258] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  345.103548][T12258] RBP: 0000000000000001 R08: ffffffffffffffff R09: ffffffffffffffff
[  345.103556][T12258] R10: 00007ffe1a600490 R11: 0000000000000293 R12: 000000000075bf20
[  345.103568][T12258] R13: 0000000000054127 R14: 00000000007614e0 R15: 000000000075bf2c
[  345.112143][ T3894] kobject: 'loop4' (00000000e1e6c7e4): kobject_uevent_env
[  345.122471][T12258] Kernel Offset: disabled
[  345.215643][T12258] Rebooting in 86400 seconds..