[   62.788753][   T24] audit: type=1400 audit(1581139875.532:43): avc:  denied  { integrity } for  pid=8400 comm="syz-fuzzer" lockdown_reason="debugfs access" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=lockdown permissive=1
[   62.818175][   T24] audit: type=1400 audit(1581139875.532:44): avc:  denied  { map } for  pid=8400 comm="syz-fuzzer" path="/root/syzkaller-shm218757235" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1
[   62.939979][ T8418] IPVS: ftp: loaded support on port[0] = 21
[   63.226432][   T26] tipc: TX() has been purged, node left!
[   63.510661][ T8413] can: request_module (can-proto-0) failed.
[   66.172100][ T8413] can: request_module (can-proto-0) failed.
[   66.183835][ T8413] can: request_module (can-proto-0) failed.
[   66.418418][   T24] audit: type=1400 audit(1581139879.162:45): avc:  denied  { create } for  pid=8400 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1
[   66.444016][   T24] audit: type=1400 audit(1581139879.162:46): avc:  denied  { create } for  pid=8400 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[   66.469271][   T24] audit: type=1400 audit(1581139879.162:47): avc:  denied  { create } for  pid=8400 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
Warning: Permanently added '10.128.0.184' (ECDSA) to the list of known hosts.
2020/02/08 05:31:25 parsed 1 programs
2020/02/08 05:31:26 executed programs: 0
[   73.949060][ T8495] IPVS: ftp: loaded support on port[0] = 21
[   73.964692][ T8498] IPVS: ftp: loaded support on port[0] = 21
[   73.992091][ T8501] IPVS: ftp: loaded support on port[0] = 21
[   73.992122][ T8499] IPVS: ftp: loaded support on port[0] = 21
[   74.053237][ T8504] IPVS: ftp: loaded support on port[0] = 21
[   74.094620][ T8505] IPVS: ftp: loaded support on port[0] = 21
[   74.156513][ T8501] chnl_net:caif_netlink_parms(): no params data found
[   74.228275][ T8495] chnl_net:caif_netlink_parms(): no params data found
[   74.238565][ T8501] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.246383][ T8501] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.253987][ T8501] device bridge_slave_0 entered promiscuous mode
[   74.291237][ T8501] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.299409][ T8501] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.308420][ T8501] device bridge_slave_1 entered promiscuous mode
[   74.339275][ T8495] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.346597][ T8495] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.354256][ T8495] device bridge_slave_0 entered promiscuous mode
[   74.365336][ T8495] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.372644][ T8495] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.380284][ T8495] device bridge_slave_1 entered promiscuous mode
[   74.401059][ T8501] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   74.415507][ T8501] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   74.439414][ T8504] chnl_net:caif_netlink_parms(): no params data found
[   74.471355][ T8501] team0: Port device team_slave_0 added
[   74.495350][ T8499] chnl_net:caif_netlink_parms(): no params data found
[   74.510030][ T8501] team0: Port device team_slave_1 added
[   74.517314][ T8495] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   74.549571][ T8495] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   74.618338][ T8501] device hsr_slave_0 entered promiscuous mode
[   74.666668][ T8501] device hsr_slave_1 entered promiscuous mode
[   74.743887][ T8498] chnl_net:caif_netlink_parms(): no params data found
[   74.763045][ T8495] team0: Port device team_slave_0 added
[   74.772059][ T8495] team0: Port device team_slave_1 added
[   74.785926][ T8504] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.793148][ T8504] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.800870][ T8504] device bridge_slave_0 entered promiscuous mode
[   74.832135][ T8499] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.839437][ T8499] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.847475][ T8499] device bridge_slave_0 entered promiscuous mode
[   74.854474][ T8504] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.861724][ T8504] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.869693][ T8504] device bridge_slave_1 entered promiscuous mode
[   74.885491][ T8505] chnl_net:caif_netlink_parms(): no params data found
[   74.897110][ T8498] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.904165][ T8498] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.912176][ T8498] device bridge_slave_0 entered promiscuous mode
[   74.920091][ T8499] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.927378][ T8499] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.934880][ T8499] device bridge_slave_1 entered promiscuous mode
[   74.970951][ T8498] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.978183][ T8498] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.985713][ T8498] device bridge_slave_1 entered promiscuous mode
[   75.011033][ T8504] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   75.057928][ T8495] device hsr_slave_0 entered promiscuous mode
[   75.106612][ T8495] device hsr_slave_1 entered promiscuous mode
[   75.166381][ T8495] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   75.174108][ T8495] Cannot create hsr debugfs directory
[   75.188136][ T8498] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   75.188668][   T24] audit: type=1400 audit(1581139887.932:48): avc:  denied  { write } for  pid=8501 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[   75.205324][ T8498] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   75.234824][   T24] audit: type=1400 audit(1581139887.972:49): avc:  denied  { read } for  pid=8501 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[   75.235066][ T8499] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   75.271262][ T8504] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   75.301652][ T8501] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   75.350266][ T8499] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   75.374146][ T8499] team0: Port device team_slave_0 added
[   75.380075][ T8505] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.387254][ T8505] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.394755][ T8505] device bridge_slave_0 entered promiscuous mode
[   75.409394][ T8498] team0: Port device team_slave_0 added
[   75.415593][ T8501] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   75.477769][ T8504] team0: Port device team_slave_0 added
[   75.484601][ T8499] team0: Port device team_slave_1 added
[   75.491707][ T8505] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.501208][ T8505] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.509551][ T8505] device bridge_slave_1 entered promiscuous mode
[   75.517950][ T8498] team0: Port device team_slave_1 added
[   75.529064][ T8501] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   75.560519][ T8501] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   75.629108][ T8504] team0: Port device team_slave_1 added
[   75.654304][ T8505] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   75.718461][ T8499] device hsr_slave_0 entered promiscuous mode
[   75.757466][ T8499] device hsr_slave_1 entered promiscuous mode
[   75.806424][ T8499] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   75.813999][ T8499] Cannot create hsr debugfs directory
[   75.836126][ T8495] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   75.888987][ T8505] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   75.949659][ T8498] device hsr_slave_0 entered promiscuous mode
[   76.006542][ T8498] device hsr_slave_1 entered promiscuous mode
[   76.086345][ T8498] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   76.093921][ T8498] Cannot create hsr debugfs directory
[   76.113153][ T8495] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   76.209837][ T8504] device hsr_slave_0 entered promiscuous mode
[   76.256700][ T8504] device hsr_slave_1 entered promiscuous mode
[   76.296361][ T8504] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   76.303964][ T8504] Cannot create hsr debugfs directory
[   76.314805][ T8495] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   76.370524][ T8505] team0: Port device team_slave_0 added
[   76.380088][ T8505] team0: Port device team_slave_1 added
[   76.398864][ T8495] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   76.519111][ T8505] device hsr_slave_0 entered promiscuous mode
[   76.546549][ T8505] device hsr_slave_1 entered promiscuous mode
[   76.586358][ T8505] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   76.599713][ T8505] Cannot create hsr debugfs directory
[   76.617442][ T8499] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   76.677765][ T8499] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   76.720483][ T8499] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   76.789811][ T8499] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   76.834962][ T8498] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   76.878955][ T8498] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   76.939655][ T8498] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   76.978810][ T8498] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   77.062500][ T8504] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   77.092189][ T8501] 8021q: adding VLAN 0 to HW filter on device bond0
[   77.117968][ T8504] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   77.202020][ T8504] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   77.238308][ T8504] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   77.289859][ T8505] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   77.352323][ T8505] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   77.414633][ T8505] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   77.458422][ T8505] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   77.501440][ T2910] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   77.509882][ T2910] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   77.539508][ T8501] 8021q: adding VLAN 0 to HW filter on device team0
[   77.552413][ T8495] 8021q: adding VLAN 0 to HW filter on device bond0
[   77.592366][ T8495] 8021q: adding VLAN 0 to HW filter on device team0
[   77.602551][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   77.614031][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   77.622887][ T2681] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.630175][ T2681] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.639280][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   77.648182][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   77.656636][ T2681] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.663670][ T2681] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.671250][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   77.679656][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   77.687412][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   77.695941][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   77.725909][ T2870] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   77.736030][ T2870] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   77.746343][ T2870] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   77.764559][ T8499] 8021q: adding VLAN 0 to HW filter on device bond0
[   77.778720][ T2870] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   77.786524][ T2870] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   77.795222][ T2870] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   77.803718][ T2870] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   77.812053][ T2870] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   77.834356][ T8501] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   77.847699][ T8501] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   77.865613][ T2910] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   77.877240][ T2910] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   77.885356][ T2910] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   77.893966][ T2910] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   77.902065][ T2910] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   77.910768][ T2910] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   77.919670][ T2910] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.926773][ T2910] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.935768][ T2910] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   77.956561][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   77.965058][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   77.974983][ T2867] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.982192][ T2867] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.990599][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   77.999611][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   78.025790][ T8504] 8021q: adding VLAN 0 to HW filter on device bond0
[   78.035691][ T8499] 8021q: adding VLAN 0 to HW filter on device team0
[   78.050505][ T8498] 8021q: adding VLAN 0 to HW filter on device bond0
[   78.073117][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   78.082271][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   78.090870][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   78.098367][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   78.105739][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   78.113589][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   78.121506][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   78.139076][ T8501] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.148241][ T8498] 8021q: adding VLAN 0 to HW filter on device team0
[   78.164829][ T8505] 8021q: adding VLAN 0 to HW filter on device bond0
[   78.176091][ T2869] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   78.188504][ T2869] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   78.197357][ T2869] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.204512][ T2869] bridge0: port 1(bridge_slave_0) entered forwarding state
[   78.212091][ T2869] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   78.220467][ T2869] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   78.233090][   T24] audit: type=1400 audit(1581139890.972:50): avc:  denied  { associate } for  pid=8501 comm="syz-executor.3" name="syz3" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1
[   78.266192][ T8495] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   78.279208][ T8495] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   78.304495][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   78.312898][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   78.322286][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   78.330790][ T2867] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.337862][ T2867] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.345707][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   78.354119][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   78.362423][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   78.371444][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   78.380102][ T2867] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.387192][ T2867] bridge0: port 1(bridge_slave_0) entered forwarding state
[   78.394606][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   78.403343][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   78.411533][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   78.420018][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   78.428394][ T2867] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.435440][ T2867] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.443123][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   78.451032][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   78.458927][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   78.466688][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   78.474276][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   78.483518][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   78.491292][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   78.501848][ T8505] 8021q: adding VLAN 0 to HW filter on device team0
[   78.514233][ T8504] 8021q: adding VLAN 0 to HW filter on device team0
[   78.533084][ T2910] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   78.542272][ T2910] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   78.582887][ T2910] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   78.620824][ T2910] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   78.693484][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   78.703136][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   78.703592][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   78.703897][ T2867] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.703928][ T2867] bridge0: port 1(bridge_slave_0) entered forwarding state
[   78.704163][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   78.704532][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   78.758425][ T2867] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.758458][ T2867] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.758803][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   78.759345][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   78.759814][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   78.760302][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   78.760810][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
2020/02/08 05:31:31 executed programs: 7
[   78.761161][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   78.761298][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   78.761368][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   78.762135][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   78.762704][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   78.794053][ T8495] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.907026][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   78.907410][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   78.908149][ T2681] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.908176][ T2681] bridge0: port 1(bridge_slave_0) entered forwarding state
[   78.908409][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   78.909004][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   78.909405][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   78.909787][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   78.910054][ T2681] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.910077][ T2681] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.910297][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   78.910972][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   78.911388][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   78.911780][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   78.919928][ T8499] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   78.943363][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   78.943828][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   78.944232][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   78.944764][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   78.945064][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   78.945346][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   78.945984][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   78.951935][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   78.952360][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   78.953195][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   78.953502][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   78.953904][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   78.954350][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   78.954658][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   78.982962][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   78.983381][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   78.983930][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   78.984222][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   78.984617][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   78.984900][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   78.985396][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   79.005918][ T8504] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   79.029908][ T8498] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   79.030576][ T8498] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   79.040655][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   79.041115][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   79.041439][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   79.041747][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   79.042023][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   79.056529][ T2910] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   79.056629][ T2910] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   79.058471][ T8505] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   79.068497][ T8499] 8021q: adding VLAN 0 to HW filter on device batadv0
[   79.594127][ T8504] 8021q: adding VLAN 0 to HW filter on device batadv0
[   79.669593][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   79.691210][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   79.743483][ T8505] 8021q: adding VLAN 0 to HW filter on device batadv0
[   79.792097][ T2910] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   79.814515][ T2910] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   79.844439][ T2910] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   79.855418][ T2910] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   79.865616][ T8498] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.299733][ T8586] ==================================================================
[   80.299760][ T8586] BUG: KASAN: use-after-free in con_shutdown+0x76/0x80
[   80.299765][ T8586] Write of size 8 at addr ffff88808893a108 by task syz-executor.0/8586
[   80.299767][ T8586] 
[   80.299774][ T8586] CPU: 0 PID: 8586 Comm: syz-executor.0 Not tainted 5.5.0-syzkaller #0
[   80.299778][ T8586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   80.299781][ T8586] Call Trace:
[   80.299792][ T8586]  dump_stack+0x12d/0x187
[   80.299810][ T8586]  print_address_description.constprop.8.cold.10+0x9/0x31d
[   80.299815][ T8586]  ? con_shutdown+0x76/0x80
[   80.299823][ T8586]  __kasan_report.cold.11+0x1b/0x32
[   80.299826][ T8586]  ? con_shutdown+0x76/0x80
[   80.299836][ T8586]  ? con_shutdown+0x76/0x80
[   80.299845][ T8586]  kasan_report+0x12/0x20
[   80.299852][ T8586]  __asan_report_store8_noabort+0x17/0x20
[   80.299856][ T8586]  con_shutdown+0x76/0x80
[   80.299865][ T8586]  release_tty+0xa6/0x400
[   80.299875][ T8586]  tty_release_struct+0x33/0x50
[   80.299884][ T8586]  tty_release+0x97e/0xc60
[   80.299905][ T8586]  __fput+0x25a/0x770
[   80.299918][ T8586]  ? _raw_spin_unlock_irq+0x22/0x80
[   80.299932][ T8586]  ____fput+0x9/0x10
[   80.299940][ T8586]  task_work_run+0x108/0x180
[   80.299958][ T8586]  exit_to_usermode_loop+0x24e/0x2e0
[   80.299969][ T8586]  do_syscall_64+0x4ff/0x5f0
[   80.299980][ T8586]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   80.299985][ T8586] RIP: 0033:0x414291
[   80.299992][ T8586] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[   80.299995][ T8586] RSP: 002b:00007ffd63874bf0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   80.300000][ T8586] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000414291
[   80.300003][ T8586] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[   80.300006][ T8586] RBP: 0000000000000001 R08: ffffffffffffffff R09: ffffffffffffffff
[   80.300009][ T8586] R10: 00007ffd63874cd0 R11: 0000000000000293 R12: 000000000075bf20
[   80.300012][ T8586] R13: 0000000000013951 R14: 0000000000760128 R15: 000000000075bf2c
[   80.300034][ T8586] 
[   80.300038][ T8586] Allocated by task 8587:
[   80.300044][ T8586]  save_stack+0x21/0x90
[   80.300048][ T8586]  __kasan_kmalloc.constprop.17+0xc7/0xd0
[   80.300053][ T8586]  kasan_kmalloc+0x9/0x10
[   80.300057][ T8586]  kmem_cache_alloc_trace+0x15b/0x780
[   80.300061][ T8586]  vc_allocate+0x1b7/0x7c0
[   80.300065][ T8586]  con_install+0x4d/0x410
[   80.300070][ T8586]  tty_init_dev+0xda/0x3c0
[   80.300074][ T8586]  tty_open+0x514/0x9f0
[   80.300080][ T8586]  chrdev_open+0x1ed/0x5c0
[   80.300085][ T8586]  do_dentry_open+0x3fa/0x1100
[   80.300089][ T8586]  vfs_open+0x9a/0xc0
[   80.300095][ T8586]  path_openat+0x8fb/0x2d40
[   80.300099][ T8586]  do_filp_open+0x171/0x240
[   80.300103][ T8586]  do_sys_openat2+0x2e0/0x510
[   80.300107][ T8586]  do_sys_open+0x90/0xe0
[   80.300111][ T8586]  __x64_sys_open+0x79/0xb0
[   80.300115][ T8586]  do_syscall_64+0xca/0x5f0
[   80.300120][ T8586]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   80.300122][ T8586] 
[   80.300125][ T8586] Freed by task 8585:
[   80.300129][ T8586]  save_stack+0x21/0x90
[   80.300133][ T8586]  __kasan_slab_free+0x102/0x150
[   80.300137][ T8586]  kasan_slab_free+0xe/0x10
[   80.300141][ T8586]  kfree+0x108/0x2c0
[   80.300146][ T8586]  vt_disallocate_all+0x247/0x3f0
[   80.300150][ T8586]  vt_ioctl+0x18c6/0x21f0
[   80.300154][ T8586]  tty_ioctl+0x45b/0x12f0
[   80.300160][ T8586]  ksys_ioctl+0xc1/0x110
[   80.300164][ T8586]  __x64_sys_ioctl+0x6e/0xb0
[   80.300169][ T8586]  do_syscall_64+0xca/0x5f0
[   80.300173][ T8586]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   80.300175][ T8586] 
[   80.300180][ T8586] The buggy address belongs to the object at ffff88808893a000
[   80.300180][ T8586]  which belongs to the cache kmalloc-2k of size 2048
[   80.300184][ T8586] The buggy address is located 264 bytes inside of
[   80.300184][ T8586]  2048-byte region [ffff88808893a000, ffff88808893a800)
[   80.300187][ T8586] The buggy address belongs to the page:
[   80.300192][ T8586] page:ffffea0002224e80 refcount:1 mapcount:0 mapping:ffff8880aa400e00 index:0x0
[   80.300198][ T8586] flags: 0xfffe0000000200(slab)
[   80.300205][ T8586] raw: 00fffe0000000200 ffffea00022286c8 ffffea0002224e48 ffff8880aa400e00
[   80.300211][ T8586] raw: 0000000000000000 ffff88808893a000 0000000100000001 0000000000000000
[   80.300214][ T8586] page dumped because: kasan: bad access detected
[   80.300216][ T8586] 
[   80.300219][ T8586] Memory state around the buggy address:
[   80.300223][ T8586]  ffff88808893a000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   80.300227][ T8586]  ffff88808893a080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   80.300231][ T8586] >ffff88808893a100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   80.300234][ T8586]                       ^
[   80.300238][ T8586]  ffff88808893a180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   80.300242][ T8586]  ffff88808893a200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   80.300245][ T8586] ==================================================================
[   80.300247][ T8586] Disabling lock debugging due to kernel taint
[   80.300263][ T8586] Kernel panic - not syncing: panic_on_warn set ...
[   80.300268][ T8586] CPU: 0 PID: 8586 Comm: syz-executor.0 Tainted: G    B             5.5.0-syzkaller #0
[   80.300270][ T8586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   80.300272][ T8586] Call Trace:
[   80.300278][ T8586]  dump_stack+0x12d/0x187
[   80.300283][ T8586]  ? update_region+0x90/0x100
[   80.300290][ T8586]  panic+0x22a/0x4e3
[   80.300294][ T8586]  ? add_taint.cold.7+0x11/0x11
[   80.300301][ T8586]  ? do_raw_spin_unlock+0x54/0x260
[   80.300307][ T8586]  ? con_shutdown+0x76/0x80
[   80.300312][ T8586]  end_report+0x47/0x4f
[   80.300360][ T8586]  __kasan_report.cold.11+0xe/0x32
[   80.300374][ T8586]  ? con_shutdown+0x76/0x80
[   80.300381][ T8586]  ? con_shutdown+0x76/0x80
[   80.300388][ T8586]  kasan_report+0x12/0x20
[   80.300393][ T8586]  __asan_report_store8_noabort+0x17/0x20
[   80.300396][ T8586]  con_shutdown+0x76/0x80
[   80.300401][ T8586]  release_tty+0xa6/0x400
[   80.300407][ T8586]  tty_release_struct+0x33/0x50
[   80.300412][ T8586]  tty_release+0x97e/0xc60
[   80.300423][ T8586]  __fput+0x25a/0x770
[   80.300427][ T8586]  ? _raw_spin_unlock_irq+0x22/0x80
[   80.300435][ T8586]  ____fput+0x9/0x10
[   80.300441][ T8586]  task_work_run+0x108/0x180
[   80.300452][ T8586]  exit_to_usermode_loop+0x24e/0x2e0
[   80.300459][ T8586]  do_syscall_64+0x4ff/0x5f0
[   80.300464][ T8586]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   80.300468][ T8586] RIP: 0033:0x414291
[   80.300473][ T8586] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[   80.300475][ T8586] RSP: 002b:00007ffd63874bf0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   80.300480][ T8586] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000414291
[   80.300482][ T8586] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[   80.300484][ T8586] RBP: 0000000000000001 R08: ffffffffffffffff R09: ffffffffffffffff
[   80.300486][ T8586] R10: 00007ffd63874cd0 R11: 0000000000000293 R12: 000000000075bf20
[   80.300489][ T8586] R13: 0000000000013951 R14: 0000000000760128 R15: 000000000075bf2c
[   80.302028][ T8586] Kernel Offset: disabled
[   81.008546][ T8586] Rebooting in 86400 seconds..