[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   67.699644][   T26] audit: type=1800 audit(1565719746.108:29): pid=10250 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   67.723550][   T26] audit: type=1800 audit(1565719746.108:30): pid=10250 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   79.835390][T10416] IPVS: ftp: loaded support on port[0] = 21
[   81.088644][T10403] can: request_module (can-proto-0) failed.
[   81.161181][T10403] can: request_module (can-proto-0) failed.
Warning: Permanently added '10.128.0.65' (ECDSA) to the list of known hosts.
2019/08/13 18:09:27 parsed 1 programs
2019/08/13 18:09:28 executed programs: 0
[   89.706179][T10494] IPVS: ftp: loaded support on port[0] = 21
[   89.725618][T10497] IPVS: ftp: loaded support on port[0] = 21
[   89.733755][T10495] IPVS: ftp: loaded support on port[0] = 21
[   89.750262][T10498] IPVS: ftp: loaded support on port[0] = 21
[   89.786906][T10500] IPVS: ftp: loaded support on port[0] = 21
[   89.787290][T10502] IPVS: ftp: loaded support on port[0] = 21
[   90.014721][T10494] chnl_net:caif_netlink_parms(): no params data found
[   90.033050][T10498] chnl_net:caif_netlink_parms(): no params data found
[   90.061196][T10500] chnl_net:caif_netlink_parms(): no params data found
[   90.114103][T10494] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.121297][T10494] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.129085][T10494] device bridge_slave_0 entered promiscuous mode
[   90.167742][T10494] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.175014][T10494] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.182551][T10494] device bridge_slave_1 entered promiscuous mode
[   90.189413][T10498] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.197415][T10498] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.205053][T10498] device bridge_slave_0 entered promiscuous mode
[   90.241189][T10498] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.248256][T10498] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.256304][T10498] device bridge_slave_1 entered promiscuous mode
[   90.268897][T10495] chnl_net:caif_netlink_parms(): no params data found
[   90.299418][T10494] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   90.319312][T10500] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.327843][T10500] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.335691][T10500] device bridge_slave_0 entered promiscuous mode
[   90.342936][T10497] chnl_net:caif_netlink_parms(): no params data found
[   90.353378][T10494] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.380359][T10500] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.387447][T10500] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.395156][T10500] device bridge_slave_1 entered promiscuous mode
[   90.406695][T10498] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   90.425418][T10502] chnl_net:caif_netlink_parms(): no params data found
[   90.443961][T10498] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.454463][T10494] team0: Port device team_slave_0 added
[   90.466846][T10494] team0: Port device team_slave_1 added
[   90.488053][T10500] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   90.512203][T10495] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.519348][T10495] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.527687][T10495] device bridge_slave_0 entered promiscuous mode
[   90.538587][T10495] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.545869][T10495] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.553957][T10495] device bridge_slave_1 entered promiscuous mode
[   90.562161][T10500] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.578262][T10498] team0: Port device team_slave_0 added
[   90.585302][T10498] team0: Port device team_slave_1 added
[   90.643350][T10495] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   90.652685][T10497] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.659793][T10497] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.667837][T10497] device bridge_slave_0 entered promiscuous mode
[   90.723503][T10494] device hsr_slave_0 entered promiscuous mode
[   90.760374][T10494] device hsr_slave_1 entered promiscuous mode
[   90.843101][T10498] device hsr_slave_0 entered promiscuous mode
[   90.880366][T10498] device hsr_slave_1 entered promiscuous mode
[   90.930091][T10498] debugfs: Directory 'hsr0' with parent '/' already present!
[   90.938759][T10500] team0: Port device team_slave_0 added
[   90.945750][T10495] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.955003][T10497] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.962373][T10497] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.970250][T10497] device bridge_slave_1 entered promiscuous mode
[   90.977028][T10502] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.984136][T10502] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.992136][T10502] device bridge_slave_0 entered promiscuous mode
[   91.011916][T10500] team0: Port device team_slave_1 added
[   91.026195][T10502] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.033429][T10502] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.041290][T10502] device bridge_slave_1 entered promiscuous mode
[   91.141673][T10500] device hsr_slave_0 entered promiscuous mode
[   91.200245][T10500] device hsr_slave_1 entered promiscuous mode
[   91.250565][T10500] debugfs: Directory 'hsr0' with parent '/' already present!
[   91.259299][T10495] team0: Port device team_slave_0 added
[   91.266679][T10497] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.277593][T10497] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.288168][T10502] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.304663][T10495] team0: Port device team_slave_1 added
[   91.317898][T10502] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.347505][T10497] team0: Port device team_slave_0 added
[   91.402636][T10495] device hsr_slave_0 entered promiscuous mode
[   91.450365][T10495] device hsr_slave_1 entered promiscuous mode
[   91.490179][T10495] debugfs: Directory 'hsr0' with parent '/' already present!
[   91.499317][T10502] team0: Port device team_slave_0 added
[   91.513709][T10497] team0: Port device team_slave_1 added
[   91.528487][T10502] team0: Port device team_slave_1 added
[   91.571816][T10497] device hsr_slave_0 entered promiscuous mode
[   91.601136][T10497] device hsr_slave_1 entered promiscuous mode
[   91.640329][T10497] debugfs: Directory 'hsr0' with parent '/' already present!
[   91.702969][T10502] device hsr_slave_0 entered promiscuous mode
[   91.740496][T10502] device hsr_slave_1 entered promiscuous mode
[   91.790148][T10502] debugfs: Directory 'hsr0' with parent '/' already present!
[   91.822912][T10498] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.847858][T10494] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.868112][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   91.876153][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   91.888781][T10498] 8021q: adding VLAN 0 to HW filter on device team0
[   91.917383][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   91.926595][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   91.935224][   T17] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.942297][   T17] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.950118][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   91.964552][T10500] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.984425][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   91.993298][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   92.002675][   T17] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.009731][   T17] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.017501][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   92.026367][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   92.034239][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   92.050435][T10495] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.070088][T10500] 8021q: adding VLAN 0 to HW filter on device team0
[   92.086210][T10494] 8021q: adding VLAN 0 to HW filter on device team0
[   92.101541][T10495] 8021q: adding VLAN 0 to HW filter on device team0
[   92.108348][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   92.117817][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   92.125680][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   92.134205][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   92.142743][    T5] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.149844][    T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.157733][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   92.167012][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   92.175392][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.182441][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.189903][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   92.198877][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   92.207523][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   92.215219][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   92.223351][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   92.250807][ T3013] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   92.259390][ T3013] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   92.268284][ T3013] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   92.276765][ T3013] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   92.285350][ T3013] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   92.293680][ T3013] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   92.302281][ T3013] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   92.310935][ T3013] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.317972][ T3013] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.325713][ T3013] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   92.334365][ T3013] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   92.343099][ T3013] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.350185][ T3013] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.358963][ T3013] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   92.366870][ T3013] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   92.374882][ T3013] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   92.383800][ T3013] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   92.394493][T10497] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.415261][T10500] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   92.426333][T10500] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   92.439772][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   92.449098][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   92.457639][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   92.466204][    T5] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.473298][    T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.481330][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   92.489812][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   92.498185][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.505227][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.512857][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   92.521415][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   92.529791][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   92.538377][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   92.546722][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   92.555333][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   92.564091][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   92.572504][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   92.580766][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   92.596598][T10502] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.611231][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   92.619142][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   92.627232][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   92.635065][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   92.643228][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   92.651141][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   92.659521][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   92.668018][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   92.675834][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   92.685754][T10497] 8021q: adding VLAN 0 to HW filter on device team0
[   92.707142][T10502] 8021q: adding VLAN 0 to HW filter on device team0
[   92.715790][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   92.724758][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   92.733415][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   92.741750][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   92.749902][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   92.758647][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   92.766963][ T3570] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.774041][ T3570] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.781663][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   92.790311][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   92.798819][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   92.807558][ T3570] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.814655][ T3570] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.822243][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   92.830934][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   92.839222][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   92.848186][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   92.864720][T10495] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   92.875097][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   92.884754][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   92.893376][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   92.902856][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   92.911444][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   92.921537][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   92.929581][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   92.938434][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   92.964740][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   92.973296][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   92.981931][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   92.990595][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   92.998866][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   93.007607][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   93.015823][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   93.024130][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   93.032358][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   93.041174][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   93.049470][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   93.059837][T10500] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.070936][T10495] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.104850][T10494] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   93.123407][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   93.139806][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   93.148526][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.155632][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.163508][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   93.199273][T10494] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.208823][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   93.226934][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   93.242963][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.250115][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.258580][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   93.267431][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   93.276446][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   93.284920][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   93.293329][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   93.301902][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   93.315490][T10498] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.334188][T10497] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   93.354650][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   93.379815][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   93.406816][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   93.416137][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   93.425061][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   93.433696][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   93.442455][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   93.493355][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   93.510642][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   93.524352][T10497] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.558844][T10502] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   93.685777][T10502] 8021q: adding VLAN 0 to HW filter on device batadv0
2019/08/13 18:09:33 executed programs: 58
2019/08/13 18:09:38 executed programs: 305
2019/08/13 18:09:43 executed programs: 576
2019/08/13 18:09:48 executed programs: 853
2019/08/13 18:09:53 executed programs: 1124
2019/08/13 18:09:58 executed programs: 1396
2019/08/13 18:10:03 executed programs: 1666
2019/08/13 18:10:08 executed programs: 1934
2019/08/13 18:10:13 executed programs: 2204
2019/08/13 18:10:18 executed programs: 2473
2019/08/13 18:10:23 executed programs: 2728
2019/08/13 18:10:28 executed programs: 2986
2019/08/13 18:10:33 executed programs: 3244
2019/08/13 18:10:38 executed programs: 3508
[  161.175618][T23500] ==================================================================
[  161.183749][T23500] BUG: KASAN: use-after-free in rxrpc_queue_local+0x125/0x4b0
[  161.191223][T23500] Read of size 4 at addr ffff8880882d7254 by task syz-executor.5/23500
[  161.199455][T23500] 
[  161.201795][T23500] CPU: 1 PID: 23500 Comm: syz-executor.5 Not tainted 5.3.0-rc3+ #1
[  161.209686][T23500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  161.219926][T23500] Call Trace:
[  161.223233][T23500]  dump_stack+0x172/0x1f0
[  161.227662][T23500]  ? rxrpc_queue_local+0x125/0x4b0
[  161.232785][T23500]  print_address_description.cold+0xd4/0x306
[  161.238787][T23500]  ? rxrpc_queue_local+0x125/0x4b0
[  161.243907][T23500]  ? rxrpc_queue_local+0x125/0x4b0
[  161.249036][T23500]  __kasan_report.cold+0x1b/0x36
[  161.253982][T23500]  ? rxrpc_queue_local+0x125/0x4b0
[  161.253995][T23500]  ? rxrpc_unuse_local+0x102/0x160
[  161.254008][T23500]  kasan_report+0x12/0x17
[  161.254021][T23500]  check_memory_region+0x134/0x1a0
[  161.254043][T23500]  __kasan_check_read+0x11/0x20
[  161.278623][T23500]  rxrpc_queue_local+0x125/0x4b0
[  161.283574][T23500]  rxrpc_unuse_local+0x102/0x160
[  161.288531][T23500]  rxrpc_release+0x47d/0x840
[  161.293139][T23500]  __sock_release+0xce/0x280
[  161.297741][T23500]  sock_close+0x1e/0x30
[  161.301998][T23500]  __fput+0x2ff/0x890
[  161.305988][T23500]  ? __sock_release+0x280/0x280
[  161.310860][T23500]  ____fput+0x16/0x20
[  161.310875][T23500]  task_work_run+0x145/0x1c0
[  161.310894][T23500]  exit_to_usermode_loop+0x316/0x380
[  161.310908][T23500]  do_syscall_64+0x5a9/0x6a0
[  161.310926][T23500]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  161.310945][T23500] RIP: 0033:0x413511
[  161.340529][T23500] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  161.360134][T23500] RSP: 002b:00007ffdcffad810 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  161.368552][T23500] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000413511
[  161.376533][T23500] RDX: 0000001b2bf20000 RSI: 0000000000000000 RDI: 0000000000000003
[  161.384514][T23500] RBP: 0000000000000001 R08: ffffffffffffffff R09: ffffffffffffffff
[  161.392503][T23500] R10: 00007ffdcffad8f0 R11: 0000000000000293 R12: 000000000075bf20
[  161.400482][T23500] R13: 000000000002755b R14: 0000000000760270 R15: ffffffffffffffff
[  161.408463][T23500] 
[  161.410791][T23500] Allocated by task 23501:
[  161.415209][T23500]  save_stack+0x23/0x90
[  161.419382][T23500]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[  161.425026][T23500]  kasan_kmalloc+0x9/0x10
[  161.430824][T23500]  kmem_cache_alloc_trace+0x158/0x790
[  161.436208][T23500]  rxrpc_lookup_local+0x562/0x1ba0
[  161.441321][T23500]  rxrpc_bind+0x34d/0x5e0
[  161.441334][T23500]  __sys_bind+0x239/0x290
[  161.441345][T23500]  __x64_sys_bind+0x73/0xb0
[  161.441359][T23500]  do_syscall_64+0xfd/0x6a0
[  161.441373][T23500]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  161.441377][T23500] 
[  161.441392][T23500] Freed by task 10495:
[  161.450039][T23500]  save_stack+0x23/0x90
[  161.450051][T23500]  __kasan_slab_free+0x102/0x150
[  161.450061][T23500]  kasan_slab_free+0xe/0x10
[  161.450070][T23500]  kfree+0x10a/0x2c0
[  161.450082][T23500]  rxrpc_local_rcu+0x62/0x80
[  161.450095][T23500]  rcu_core+0x67f/0x1580
[  161.450105][T23500]  rcu_core_si+0x9/0x10
[  161.450134][T23500]  __do_softirq+0x262/0x98c
[  161.493417][T23500] 
[  161.501797][T23500] The buggy address belongs to the object at ffff8880882d7240
[  161.501797][T23500]  which belongs to the cache kmalloc-1k of size 1024
[  161.501808][T23500] The buggy address is located 20 bytes inside of
[  161.501808][T23500]  1024-byte region [ffff8880882d7240, ffff8880882d7640)
[  161.501811][T23500] The buggy address belongs to the page:
[  161.501823][T23500] page:ffffea000220b580 refcount:1 mapcount:0 mapping:ffff8880aa400c40 index:0xffff8880882d6040 compound_mapcount: 0
[  161.501837][T23500] flags: 0x1fffc0000010200(slab|head)
[  161.501854][T23500] raw: 01fffc0000010200 ffffea00020a8d88 ffffea000230e388 ffff8880aa400c40
[  161.501868][T23500] raw: ffff8880882d6040 ffff8880882d6040 0000000100000005 0000000000000000
[  161.501873][T23500] page dumped because: kasan: bad access detected
[  161.501876][T23500] 
[  161.501879][T23500] Memory state around the buggy address:
[  161.501897][T23500]  ffff8880882d7100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  161.545480][ T3908] kobject: 'loop2' (00000000d5a19e60): kobject_uevent_env
[  161.554216][T23500]  ffff8880882d7180: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  161.554226][T23500] >ffff8880882d7200: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
[  161.554231][T23500]                                                  ^
[  161.554240][T23500]  ffff8880882d7280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  161.554249][T23500]  ffff8880882d7300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  161.554253][T23500] ==================================================================
[  161.556483][T23500] Kernel panic - not syncing: panic_on_warn set ...
[  161.593338][ T3908] kobject: 'loop2' (00000000d5a19e60): fill_kobj_path: path = '/devices/virtual/block/loop2'
[  161.599489][T23500] CPU: 1 PID: 23500 Comm: syz-executor.5 Tainted: G    B             5.3.0-rc3+ #1
[  161.679983][T23500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  161.690062][T23500] Call Trace:
[  161.693361][T23500]  dump_stack+0x172/0x1f0
[  161.697679][T23500]  panic+0x2dc/0x755
[  161.701579][T23500]  ? add_taint.cold+0x16/0x16
[  161.706274][T23500]  ? rxrpc_queue_local+0x125/0x4b0
[  161.711725][T23500]  ? preempt_schedule+0x4b/0x60
[  161.716570][T23500]  ? ___preempt_schedule+0x16/0x20
[  161.721699][T23500]  ? trace_hardirqs_on+0x5e/0x240
[  161.726735][T23500]  ? rxrpc_queue_local+0x125/0x4b0
[  161.731858][T23500]  end_report+0x47/0x4f
[  161.736018][T23500]  ? rxrpc_queue_local+0x125/0x4b0
[  161.741140][T23500]  __kasan_report.cold+0xe/0x36
[  161.746005][T23500]  ? rxrpc_queue_local+0x125/0x4b0
[  161.751105][T23500]  ? rxrpc_unuse_local+0x102/0x160
[  161.756205][T23500]  kasan_report+0x12/0x17
[  161.760537][T23500]  check_memory_region+0x134/0x1a0
[  161.765647][T23500]  __kasan_check_read+0x11/0x20
[  161.770498][T23500]  rxrpc_queue_local+0x125/0x4b0
[  161.775538][T23500]  rxrpc_unuse_local+0x102/0x160
[  161.780576][T23500]  rxrpc_release+0x47d/0x840
[  161.785171][T23500]  __sock_release+0xce/0x280
[  161.789765][T23500]  sock_close+0x1e/0x30
[  161.793913][T23500]  __fput+0x2ff/0x890
[  161.798255][T23500]  ? __sock_release+0x280/0x280
[  161.803215][T23500]  ____fput+0x16/0x20
[  161.807186][T23500]  task_work_run+0x145/0x1c0
[  161.811777][T23500]  exit_to_usermode_loop+0x316/0x380
[  161.817049][T23500]  do_syscall_64+0x5a9/0x6a0
[  161.821647][T23500]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  161.827732][T23500] RIP: 0033:0x413511
[  161.831649][T23500] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  161.851249][T23500] RSP: 002b:00007ffdcffad810 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  161.859644][T23500] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000413511
[  161.867777][T23500] RDX: 0000001b2bf20000 RSI: 0000000000000000 RDI: 0000000000000003
[  161.875828][T23500] RBP: 0000000000000001 R08: ffffffffffffffff R09: ffffffffffffffff
[  161.883804][T23500] R10: 00007ffdcffad8f0 R11: 0000000000000293 R12: 000000000075bf20
[  161.891787][T23500] R13: 000000000002755b R14: 0000000000760270 R15: ffffffffffffffff
[  161.900847][T23500] Kernel Offset: disabled
[  161.905179][T23500] Rebooting in 86400 seconds..