[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 39.459468] audit: type=1800 audit(1547485030.958:25): pid=7868 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 39.496460] audit: type=1800 audit(1547485030.958:26): pid=7868 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 39.524043] audit: type=1800 audit(1547485030.968:27): pid=7868 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.193' (ECDSA) to the list of known hosts. syzkaller login: [ 62.082964] IPVS: ftp: loaded support on port[0] = 21 [ 62.110081] IPVS: ftp: loaded support on port[0] = 21 [ 62.124199] IPVS: ftp: loaded support on port[0] = 21 [ 62.137030] IPVS: ftp: loaded support on port[0] = 21 [ 62.173769] IPVS: ftp: loaded support on port[0] = 21 [ 62.185790] IPVS: ftp: loaded support on port[0] = 21 [ 62.319786] chnl_net:caif_netlink_parms(): no params data found [ 62.432647] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.439555] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.446973] device bridge_slave_0 entered promiscuous mode [ 62.470372] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.476763] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.484573] device bridge_slave_1 entered promiscuous mode [ 62.555068] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 62.565614] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 62.578739] chnl_net:caif_netlink_parms(): no params data found [ 62.593004] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 62.600646] team0: Port device team_slave_0 added [ 62.607546] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 62.614764] team0: Port device team_slave_1 added [ 62.621639] chnl_net:caif_netlink_parms(): no params data found [ 62.643879] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 62.651188] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 62.714388] chnl_net:caif_netlink_parms(): no params data found [ 62.779763] device hsr_slave_0 entered promiscuous mode [ 62.827685] device hsr_slave_1 entered promiscuous mode [ 62.883261] chnl_net:caif_netlink_parms(): no params data found [ 62.899790] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 62.906675] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 62.914027] chnl_net:caif_netlink_parms(): no params data found [ 62.954790] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.962329] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.969848] device bridge_slave_0 entered promiscuous mode [ 62.982694] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.990224] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.997179] device bridge_slave_0 entered promiscuous mode [ 63.021766] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.029094] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.036143] device bridge_slave_1 entered promiscuous mode [ 63.050974] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.058994] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.066975] device bridge_slave_1 entered promiscuous mode [ 63.076886] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.084278] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.091618] device bridge_slave_0 entered promiscuous mode [ 63.119522] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.125970] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.133088] device bridge_slave_1 entered promiscuous mode [ 63.144993] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.152210] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.159434] device bridge_slave_0 entered promiscuous mode [ 63.171034] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 63.179977] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 63.190301] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 63.202670] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.209163] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.216098] device bridge_slave_1 entered promiscuous mode [ 63.222299] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.229518] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.236610] device bridge_slave_0 entered promiscuous mode [ 63.246891] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.253341] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.260469] device bridge_slave_1 entered promiscuous mode [ 63.267891] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 63.280541] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 63.289207] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.295622] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.302427] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.308797] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.336594] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 63.345736] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.364446] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.383384] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 63.392860] team0: Port device team_slave_0 added [ 63.398606] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 63.405857] team0: Port device team_slave_0 added [ 63.412447] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 63.421456] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 63.433824] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 63.448548] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 63.455764] team0: Port device team_slave_1 added [ 63.461968] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 63.470023] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 63.477485] team0: Port device team_slave_1 added [ 63.486187] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 63.499277] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 63.506394] team0: Port device team_slave_0 added [ 63.515090] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 63.526638] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 63.533752] team0: Port device team_slave_0 added [ 63.539317] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 63.546379] team0: Port device team_slave_1 added [ 63.551626] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 63.559049] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 63.566325] team0: Port device team_slave_1 added [ 63.574504] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 63.582426] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 63.593007] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 63.607748] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 63.671409] device hsr_slave_0 entered promiscuous mode [ 63.707739] device hsr_slave_1 entered promiscuous mode [ 63.792295] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 63.800633] team0: Port device team_slave_0 added [ 63.805845] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 63.821891] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 63.829015] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 63.840350] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 63.848159] team0: Port device team_slave_1 added [ 63.857264] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 63.910054] device hsr_slave_0 entered promiscuous mode [ 63.957778] device hsr_slave_1 entered promiscuous mode [ 64.038062] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 64.089511] device hsr_slave_0 entered promiscuous mode [ 64.128078] device hsr_slave_1 entered promiscuous mode [ 64.169646] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 64.177202] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 64.230146] device hsr_slave_0 entered promiscuous mode [ 64.267968] device hsr_slave_1 entered promiscuous mode [ 64.308130] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 64.315664] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 64.324002] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 64.347252] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 64.411443] device hsr_slave_0 entered promiscuous mode [ 64.448220] device hsr_slave_1 entered promiscuous mode [ 64.488341] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 64.499475] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.508687] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 64.527824] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 64.535898] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 64.554426] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 64.565408] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 64.573178] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 64.588296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 64.596977] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 64.623673] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 64.632045] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 64.638702] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.648546] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 64.667843] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 64.675695] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 64.683831] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.690654] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.701112] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.712795] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 64.723351] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 64.731631] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 64.741029] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.747464] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.761804] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 64.776319] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 64.784709] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 64.794799] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 64.805366] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 64.815062] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 64.822619] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 64.859165] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 64.867602] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 64.873678] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.895811] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.906448] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 64.914074] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 64.922154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 64.930559] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 64.939035] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 64.949238] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 64.963060] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 64.976508] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 64.984721] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 64.993010] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.999425] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.006864] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 65.014675] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 65.032071] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 65.041821] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 65.054841] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.063043] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 65.070989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 65.079255] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 65.089048] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 65.096630] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 65.106568] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 65.124200] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 65.131750] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 65.139212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 65.147014] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 65.155060] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.161450] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.168560] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 65.176042] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 65.186311] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 65.195968] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 65.203827] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 65.214062] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 65.220262] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.228588] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 65.239144] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 65.247253] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 65.259650] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 65.268439] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.278731] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 65.285337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 65.293407] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 65.301508] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.307932] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.314856] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 65.323294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 65.336498] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 65.345599] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 65.355636] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 65.369775] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 65.380226] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 65.391043] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 65.398530] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 65.405394] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 65.412534] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 65.419673] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 65.427313] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 65.435056] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 65.443226] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 65.451337] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.457750] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.464558] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 65.476738] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 65.483198] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.495404] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.513063] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.529423] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 65.535491] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.551744] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 65.564409] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 65.573238] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 65.585058] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 65.593032] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 65.601521] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 65.609376] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 65.617147] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 65.625588] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.632038] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.639291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 65.647182] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 65.660188] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 65.668670] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 65.678874] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready executing program [ 65.687062] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 65.698319] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 65.714944] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 65.722797] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready executing program executing program executing program [ 65.736836] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 65.745311] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 65.759402] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.765784] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.777095] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready executing program executing program executing program [ 65.794590] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 65.802277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 65.810431] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 65.818869] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.825227] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.832412] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready executing program [ 65.841010] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 65.848937] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.855309] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.862351] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 65.870943] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 65.881202] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready executing program [ 65.890872] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 65.902949] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 65.917070] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 65.925029] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 65.932118] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready executing program [ 65.942446] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 65.950774] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 65.961138] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 65.970598] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 65.980899] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready executing program executing program [ 65.993263] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 66.000589] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 66.013700] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 66.022203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 66.030403] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 66.038274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready executing program executing program executing program [ 66.046000] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 66.053833] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 66.064987] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 66.079474] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 66.085693] 8021q: adding VLAN 0 to HW filter on device team0 executing program [ 66.096862] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 66.105513] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 66.117275] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 66.125529] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 66.140709] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 66.141272] ================================================================== [ 66.148803] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 66.155375] BUG: KASAN: use-after-free in __xfrm_policy_unlink+0x9ec/0xa00 [ 66.165470] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 66.169460] Write of size 8 at addr ffff8880a8c7fb50 by task syz-executor303/8090 [ 66.169464] [ 66.169480] CPU: 1 PID: 8090 Comm: syz-executor303 Not tainted 5.0.0-rc2 #25 [ 66.169488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 66.169493] Call Trace: [ 66.169512] dump_stack+0x1db/0x2d0 [ 66.169529] ? dump_stack_print_info.cold+0x20/0x20 [ 66.213144] ? find_held_lock+0x35/0x120 [ 66.217218] ? __xfrm_policy_unlink+0x9ec/0xa00 [ 66.221895] print_address_description.cold+0x7c/0x20d [ 66.227188] ? __xfrm_policy_unlink+0x9ec/0xa00 [ 66.231869] ? __xfrm_policy_unlink+0x9ec/0xa00 [ 66.236548] kasan_report.cold+0x1b/0x40 [ 66.240632] ? __xfrm_policy_unlink+0x9ec/0xa00 [ 66.245347] __asan_report_store8_noabort+0x17/0x20 [ 66.250373] __xfrm_policy_unlink+0x9ec/0xa00 [ 66.254893] ? xfrm_policy_walk_done+0x360/0x360 [ 66.259659] ? __fib6_clean_all+0x300/0x430 [ 66.263985] ? xfrm_policy_byid+0x4a0/0x4a0 [ 66.268311] ? fib6_clean_tree+0x340/0x340 [ 66.272552] ? ipv6_route_yield+0x220/0x220 [ 66.276877] ? xfrm_pol_inexact_addr_use_any_list+0x1f0/0x1f0 [ 66.282795] xfrm_policy_insert+0x223/0x910 [ 66.287124] ? __fib6_clean_all+0x430/0x430 [ 66.291454] ? xfrm_policy_inexact_insert+0xda0/0xda0 [ 66.296645] ? copy_from_user_policy+0x110/0x2b0 [ 66.301413] ? xfrm_policy_construct+0x471/0x660 [ 66.306171] xfrm_add_policy+0x2a1/0x6c0 [ 66.310228] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 66.315766] ? xfrm_policy_construct+0x660/0x660 [ 66.320520] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 66.326083] ? __nla_parse+0x12a/0x340 [ 66.329991] ? nla_parse+0x45/0x60 [ 66.333548] ? xfrm_policy_construct+0x660/0x660 [ 66.338306] xfrm_user_rcv_msg+0x458/0x8d0 [ 66.342554] ? xfrm_dump_sa_done+0xf0/0xf0 [ 66.346788] ? xfrm_netlink_rcv+0x61/0x90 [ 66.350961] ? __mutex_lock+0x622/0x1670 [ 66.355080] netlink_rcv_skb+0x17d/0x410 [ 66.359159] ? xfrm_dump_sa_done+0xf0/0xf0 [ 66.363395] ? netlink_ack+0xba0/0xba0 [ 66.367285] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 66.372578] xfrm_netlink_rcv+0x70/0x90 [ 66.376553] netlink_unicast+0x574/0x770 [ 66.380619] ? netlink_attachskb+0x980/0x980 [ 66.385031] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 66.390576] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 66.395615] netlink_sendmsg+0xa05/0xf90 [ 66.399679] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 66.405237] ? netlink_unicast+0x770/0x770 [ 66.409494] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 66.414367] ? apparmor_socket_sendmsg+0x2a/0x30 [ 66.419134] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 66.424680] ? security_socket_sendmsg+0x93/0xc0 [ 66.429454] ? netlink_unicast+0x770/0x770 [ 66.433708] sock_sendmsg+0xdd/0x130 [ 66.437455] ___sys_sendmsg+0x7ec/0x910 [ 66.441431] ? copy_msghdr_from_user+0x570/0x570 [ 66.446188] ? iterate_fd+0x4b0/0x4b0 [ 66.449998] ? check_preemption_disabled+0x48/0x290 [ 66.455016] ? __fget_light+0x2db/0x420 [ 66.459002] ? fget_raw+0x20/0x20 [ 66.462462] ? lock_downgrade+0x910/0x910 [ 66.466619] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 66.471897] ? rcu_read_unlock_special+0x380/0x380 [ 66.476863] ? __fdget+0x1b/0x20 [ 66.480262] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 66.485810] ? sockfd_lookup_light+0xc2/0x160 [ 66.490319] __sys_sendmsg+0x112/0x270 [ 66.494331] ? __ia32_sys_shutdown+0x80/0x80 [ 66.498736] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 66.504266] ? vmacache_update+0x114/0x140 [ 66.508507] ? do_futex+0x2910/0x2910 [ 66.512319] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 66.517682] ? trace_hardirqs_off_caller+0x300/0x300 [ 66.522798] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 66.527568] __x64_sys_sendmsg+0x78/0xb0 [ 66.531629] do_syscall_64+0x1a3/0x800 [ 66.535521] ? syscall_return_slowpath+0x5f0/0x5f0 [ 66.540450] ? prepare_exit_to_usermode+0x232/0x3b0 [ 66.545473] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 66.550323] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 66.555524] RIP: 0033:0x44e529 [ 66.558711] Code: e8 7c e6 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 1b 05 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 66.577605] RSP: 002b:00007f6b30161ce8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 66.585307] RAX: ffffffffffffffda RBX: 00000000006eaa08 RCX: 000000000044e529 [ 66.592585] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000003 [ 66.599854] RBP: 00000000006eaa00 R08: 0000000000000000 R09: 0000000000000000 [ 66.607115] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006eaa0c [ 66.614375] R13: 00007ffcceee1bef R14: 00007f6b301629c0 R15: 0000000000000000 [ 66.621652] [ 66.623288] Allocated by task 8085: [ 66.626916] save_stack+0x45/0xd0 [ 66.630388] __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 66.635335] kasan_kmalloc+0x9/0x10 [ 66.638971] kmem_cache_alloc_trace+0x151/0x760 [ 66.643631] xfrm_policy_alloc+0xfb/0x530 [ 66.647807] xfrm_policy_construct+0x30/0x660 [ 66.652304] xfrm_add_policy+0x20a/0x6c0 [ 66.656364] xfrm_user_rcv_msg+0x458/0x8d0 [ 66.660601] netlink_rcv_skb+0x17d/0x410 [ 66.664664] xfrm_netlink_rcv+0x70/0x90 [ 66.668646] netlink_unicast+0x574/0x770 [ 66.672708] netlink_sendmsg+0xa05/0xf90 [ 66.676774] sock_sendmsg+0xdd/0x130 [ 66.680491] ___sys_sendmsg+0x7ec/0x910 [ 66.684471] __sys_sendmsg+0x112/0x270 [ 66.688358] __x64_sys_sendmsg+0x78/0xb0 [ 66.692424] do_syscall_64+0x1a3/0x800 [ 66.696325] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 66.701507] [ 66.703145] Freed by task 9: [ 66.706169] save_stack+0x45/0xd0 [ 66.709628] __kasan_slab_free+0x102/0x150 [ 66.713863] kasan_slab_free+0xe/0x10 [ 66.717666] kfree+0xcf/0x230 [ 66.720769] xfrm_policy_destroy_rcu+0x48/0x60 [ 66.725855] rcu_process_callbacks+0xc4a/0x1680 [ 66.730539] __do_softirq+0x30b/0xb11 [ 66.734332] [ 66.735959] The buggy address belongs to the object at ffff8880a8c7fb40 [ 66.735959] which belongs to the cache kmalloc-1k of size 1024 [ 66.748626] The buggy address is located 16 bytes inside of [ 66.748626] 1024-byte region [ffff8880a8c7fb40, ffff8880a8c7ff40) [ 66.760500] The buggy address belongs to the page: [ 66.765465] page:ffffea0002a31f80 count:1 mapcount:0 mapping:ffff88812c3f0ac0 index:0x0 compound_mapcount: 0 [ 66.775449] flags: 0x1fffc0000010200(slab|head) [ 66.780132] raw: 01fffc0000010200 ffffea000233ad08 ffffea000234bd08 ffff88812c3f0ac0 [ 66.788031] raw: 0000000000000000 ffff8880a8c7e040 0000000100000007 0000000000000000 [ 66.795934] page dumped because: kasan: bad access detected [ 66.801644] [ 66.803267] Memory state around the buggy address: [ 66.808200] ffff8880a8c7fa00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.815568] ffff8880a8c7fa80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 66.822944] >ffff8880a8c7fb00: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb [ 66.830320] ^ [ 66.836300] ffff8880a8c7fb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.843668] ffff8880a8c7fc00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.851037] ================================================================== [ 66.858418] Disabling lock debugging due to kernel taint [ 66.863981] Kernel panic - not syncing: panic_on_warn set ... [ 66.869880] CPU: 1 PID: 8090 Comm: syz-executor303 Tainted: G B 5.0.0-rc2 #25 [ 66.878454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 66.887813] Call Trace: [ 66.890411] dump_stack+0x1db/0x2d0 [ 66.894047] ? dump_stack_print_info.cold+0x20/0x20 [ 66.899073] panic+0x2cb/0x65c [ 66.902276] ? add_taint.cold+0x16/0x16 [ 66.906268] ? trace_hardirqs_on+0xb4/0x310 [ 66.910602] ? trace_hardirqs_on+0xb4/0x310 [ 66.914931] ? __xfrm_policy_unlink+0x9ec/0xa00 [ 66.919603] end_report+0x47/0x4f [ 66.923071] ? __xfrm_policy_unlink+0x9ec/0xa00 [ 66.927769] kasan_report.cold+0xe/0x40 [ 66.931746] ? __xfrm_policy_unlink+0x9ec/0xa00 [ 66.936418] __asan_report_store8_noabort+0x17/0x20 [ 66.941525] __xfrm_policy_unlink+0x9ec/0xa00 [ 66.946039] ? xfrm_policy_walk_done+0x360/0x360 [ 66.950796] ? __fib6_clean_all+0x300/0x430 [ 66.955118] ? xfrm_policy_byid+0x4a0/0x4a0 [ 66.959462] ? fib6_clean_tree+0x340/0x340 [ 66.963711] ? ipv6_route_yield+0x220/0x220 [ 66.968033] ? xfrm_pol_inexact_addr_use_any_list+0x1f0/0x1f0 [ 66.973947] xfrm_policy_insert+0x223/0x910 [ 66.978309] ? __fib6_clean_all+0x430/0x430 [ 66.982630] ? xfrm_policy_inexact_insert+0xda0/0xda0 [ 66.987823] ? copy_from_user_policy+0x110/0x2b0 [ 66.992583] ? xfrm_policy_construct+0x471/0x660 [ 66.997357] xfrm_add_policy+0x2a1/0x6c0 [ 67.001418] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 67.006965] ? xfrm_policy_construct+0x660/0x660 [ 67.011724] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 67.017289] ? __nla_parse+0x12a/0x340 [ 67.021200] ? nla_parse+0x45/0x60 [ 67.024747] ? xfrm_policy_construct+0x660/0x660 [ 67.029507] xfrm_user_rcv_msg+0x458/0x8d0 [ 67.033745] ? xfrm_dump_sa_done+0xf0/0xf0 [ 67.037979] ? xfrm_netlink_rcv+0x61/0x90 [ 67.042129] ? __mutex_lock+0x622/0x1670 [ 67.046244] netlink_rcv_skb+0x17d/0x410 [ 67.050309] ? xfrm_dump_sa_done+0xf0/0xf0 [ 67.054550] ? netlink_ack+0xba0/0xba0 [ 67.058458] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 67.063748] xfrm_netlink_rcv+0x70/0x90 [ 67.067726] netlink_unicast+0x574/0x770 [ 67.071794] ? netlink_attachskb+0x980/0x980 [ 67.076205] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 67.081743] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 67.086765] netlink_sendmsg+0xa05/0xf90 [ 67.090825] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 67.096420] ? netlink_unicast+0x770/0x770 [ 67.100662] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 67.105513] ? apparmor_socket_sendmsg+0x2a/0x30 [ 67.110273] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 67.115813] ? security_socket_sendmsg+0x93/0xc0 [ 67.120575] ? netlink_unicast+0x770/0x770 [ 67.124814] sock_sendmsg+0xdd/0x130 [ 67.128532] ___sys_sendmsg+0x7ec/0x910 [ 67.132510] ? copy_msghdr_from_user+0x570/0x570 [ 67.137263] ? iterate_fd+0x4b0/0x4b0 [ 67.141105] ? check_preemption_disabled+0x48/0x290 [ 67.146129] ? __fget_light+0x2db/0x420 [ 67.150103] ? fget_raw+0x20/0x20 [ 67.153564] ? lock_downgrade+0x910/0x910 [ 67.157711] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 67.163199] ? rcu_read_unlock_special+0x380/0x380 [ 67.168135] ? __fdget+0x1b/0x20 [ 67.171504] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 67.177042] ? sockfd_lookup_light+0xc2/0x160 [ 67.181542] __sys_sendmsg+0x112/0x270 [ 67.185434] ? __ia32_sys_shutdown+0x80/0x80 [ 67.189848] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 67.195386] ? vmacache_update+0x114/0x140 [ 67.199627] ? do_futex+0x2910/0x2910 [ 67.203432] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 67.208801] ? trace_hardirqs_off_caller+0x300/0x300 [ 67.213909] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 67.218683] __x64_sys_sendmsg+0x78/0xb0 [ 67.222763] do_syscall_64+0x1a3/0x800 [ 67.226652] ? syscall_return_slowpath+0x5f0/0x5f0 [ 67.231585] ? prepare_exit_to_usermode+0x232/0x3b0 [ 67.236605] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 67.241494] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 67.246679] RIP: 0033:0x44e529 [ 67.249870] Code: e8 7c e6 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 1b 05 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 67.268778] RSP: 002b:00007f6b30161ce8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 67.276547] RAX: ffffffffffffffda RBX: 00000000006eaa08 RCX: 000000000044e529 [ 67.283826] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000003 [ 67.291107] RBP: 00000000006eaa00 R08: 0000000000000000 R09: 0000000000000000 [ 67.298388] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006eaa0c [ 67.305665] R13: 00007ffcceee1bef R14: 00007f6b301629c0 R15: 0000000000000000 [ 67.313938] Kernel Offset: disabled [ 67.317569] Rebooting in 86400 seconds..