[   29.301886][   T26] audit: type=1800 audit(1572618640.792:22): pid=7077 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="motd" dev="sda1" ino=2447 res=0
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   40.663778][ T7244] IPVS: ftp: loaded support on port[0] = 21
[   41.104396][ T7233] can: request_module (can-proto-0) failed.
[   42.259979][ T7233] can: request_module (can-proto-0) failed.
Warning: Permanently added '10.128.10.28' (ECDSA) to the list of known hosts.
2019/11/01 14:31:00 parsed 1 programs
2019/11/01 14:31:01 executed programs: 0
[   49.621025][ T7321] IPVS: ftp: loaded support on port[0] = 21
[   49.627093][ T7322] IPVS: ftp: loaded support on port[0] = 21
[   49.702616][ T7324] IPVS: ftp: loaded support on port[0] = 21
[   49.742904][ T7326] IPVS: ftp: loaded support on port[0] = 21
[   49.768032][ T7328] IPVS: ftp: loaded support on port[0] = 21
[   49.830858][ T7322] chnl_net:caif_netlink_parms(): no params data found
[   49.832271][ T7330] IPVS: ftp: loaded support on port[0] = 21
[   49.899699][ T7321] chnl_net:caif_netlink_parms(): no params data found
[   49.964335][ T7321] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.971969][ T7321] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.979924][ T7321] device bridge_slave_0 entered promiscuous mode
[   49.989113][ T7321] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.996493][ T7321] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.004230][ T7321] device bridge_slave_1 entered promiscuous mode
[   50.017894][ T7322] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.025842][ T7322] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.034228][ T7322] device bridge_slave_0 entered promiscuous mode
[   50.042450][ T7322] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.049923][ T7322] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.057590][ T7322] device bridge_slave_1 entered promiscuous mode
[   50.069654][ T7324] chnl_net:caif_netlink_parms(): no params data found
[   50.110928][ T7321] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   50.125479][ T7321] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   50.148921][ T7326] chnl_net:caif_netlink_parms(): no params data found
[   50.183275][ T7321] team0: Port device team_slave_0 added
[   50.190938][ T7322] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   50.200671][ T7324] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.209444][ T7324] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.217665][ T7324] device bridge_slave_0 entered promiscuous mode
[   50.225249][ T7328] chnl_net:caif_netlink_parms(): no params data found
[   50.233365][ T7324] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.240459][ T7324] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.248164][ T7324] device bridge_slave_1 entered promiscuous mode
[   50.259543][ T7321] team0: Port device team_slave_1 added
[   50.270348][ T7322] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   50.299115][ T7324] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   50.312109][ T7324] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   50.333206][ T7322] team0: Port device team_slave_0 added
[   50.405107][ T7321] device hsr_slave_0 entered promiscuous mode
[   50.454090][ T7321] device hsr_slave_1 entered promiscuous mode
[   50.504621][ T7324] team0: Port device team_slave_0 added
[   50.511144][ T7322] team0: Port device team_slave_1 added
[   50.522961][ T7326] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.530985][ T7326] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.539051][ T7326] device bridge_slave_0 entered promiscuous mode
[   50.552539][ T7324] team0: Port device team_slave_1 added
[   50.567414][ T7328] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.574605][ T7328] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.582320][ T7328] device bridge_slave_0 entered promiscuous mode
[   50.589677][ T7328] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.596820][ T7328] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.604542][ T7328] device bridge_slave_1 entered promiscuous mode
[   50.613216][ T7326] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.620522][ T7326] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.628275][ T7326] device bridge_slave_1 entered promiscuous mode
[   50.642751][ T7326] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   50.696548][ T7324] device hsr_slave_0 entered promiscuous mode
[   50.754070][ T7324] device hsr_slave_1 entered promiscuous mode
[   50.821526][ T7330] chnl_net:caif_netlink_parms(): no params data found
[   50.837413][ T7326] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   50.929863][ T7322] device hsr_slave_0 entered promiscuous mode
[   50.974018][ T7322] device hsr_slave_1 entered promiscuous mode
[   51.012648][ T7328] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   51.136020][ T7328] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   51.169341][ T7326] team0: Port device team_slave_0 added
[   51.256339][ T7330] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.263445][ T7330] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.310822][ T7330] device bridge_slave_0 entered promiscuous mode
[   51.350839][ T7326] team0: Port device team_slave_1 added
[   51.408069][ T7328] team0: Port device team_slave_0 added
[   51.447425][ T7330] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.460545][ T7330] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.525939][ T7330] device bridge_slave_1 entered promiscuous mode
[   51.669284][ T7328] team0: Port device team_slave_1 added
[   51.805681][ T7326] device hsr_slave_0 entered promiscuous mode
[   51.865210][ T7326] device hsr_slave_1 entered promiscuous mode
[   51.924635][ T7321] 8021q: adding VLAN 0 to HW filter on device bond0
[   51.969273][ T7324] 8021q: adding VLAN 0 to HW filter on device bond0
[   52.083313][ T7321] 8021q: adding VLAN 0 to HW filter on device team0
[   52.106468][ T7330] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   52.151438][ T7322] 8021q: adding VLAN 0 to HW filter on device bond0
[   52.208298][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   52.248427][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   52.294359][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   52.302224][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   52.366708][ T7328] device hsr_slave_0 entered promiscuous mode
[   52.403920][ T7328] device hsr_slave_1 entered promiscuous mode
[   52.430970][ T7330] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   52.471722][ T7324] 8021q: adding VLAN 0 to HW filter on device team0
[   52.492569][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   52.506986][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   52.537073][   T22] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.544387][   T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.598015][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   52.607607][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   52.627233][   T22] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.634571][   T22] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.668106][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   52.717171][ T2969] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   52.752531][ T7322] 8021q: adding VLAN 0 to HW filter on device team0
[   52.782489][ T7330] team0: Port device team_slave_0 added
[   52.830261][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   52.846493][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   52.914570][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   52.935354][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   52.976312][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   53.008813][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   53.029108][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   53.055308][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   53.074140][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   53.108215][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   53.117197][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   53.148384][ T7448] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.155551][ T7448] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.187909][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   53.208296][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   53.228720][ T7448] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.235938][ T7448] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.268531][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   53.279879][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   53.310174][ T7330] team0: Port device team_slave_1 added
[   53.327982][ T7321] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   53.340828][ T7321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   53.359642][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   53.368011][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   53.378361][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   53.387287][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   53.396176][ T7448] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.403734][ T7448] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.411513][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   53.420744][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   53.429346][ T7448] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.436526][ T7448] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.444528][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   53.452901][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   53.462213][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   53.470562][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   53.479357][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   53.488413][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   53.497734][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   53.505548][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   53.545798][ T7330] device hsr_slave_0 entered promiscuous mode
[   53.594780][ T7330] device hsr_slave_1 entered promiscuous mode
[   53.640920][ T7324] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   53.652866][ T7324] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   53.672346][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   53.681218][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   53.689813][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   53.698617][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   53.707112][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   53.715439][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   53.724280][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   53.732676][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   53.741058][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   53.750540][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   53.761757][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   53.769948][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   53.778496][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   53.786707][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   53.803477][ T7324] 8021q: adding VLAN 0 to HW filter on device batadv0
[   53.813841][ T7321] 8021q: adding VLAN 0 to HW filter on device batadv0
[   53.829042][ T7322] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   53.841716][ T7322] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   53.878920][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   53.892134][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   53.919787][ T7322] 8021q: adding VLAN 0 to HW filter on device batadv0
[   53.953510][ T7328] 8021q: adding VLAN 0 to HW filter on device bond0
[   53.990981][ T7326] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.067638][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   54.082984][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   54.140188][ T7326] 8021q: adding VLAN 0 to HW filter on device team0
[   54.155766][ T7328] 8021q: adding VLAN 0 to HW filter on device team0
[   54.195766][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   54.214559][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   54.287778][ T7250] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   54.317304][ T7250] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   54.385921][ T7250] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.393235][ T7250] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.423537][ T7250] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   54.442365][ T7250] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   54.477889][ T7250] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.485107][ T7250] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.519609][ T7250] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   54.542045][ T7250] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   54.569400][ T7250] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.576640][ T7250] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.590184][ T7250] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   54.599572][ T7250] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   54.612709][ T7250] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.619868][ T7250] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.628600][ T7250] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   54.637235][ T7250] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   54.645421][ T2565] Bluetooth: Error in BCSP hdr checksum
[   54.651531][ T7250] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   54.660678][ T7250] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   54.672966][ T7330] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.684250][   T21] Bluetooth: Error in BCSP hdr checksum
[   54.692033][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   54.701676][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   54.710524][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   54.718552][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   54.727937][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   54.735583][ T2565] Bluetooth: Error in BCSP hdr checksum
[   54.737402][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   54.750099][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   54.758740][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   54.767142][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   54.783664][ T7326] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   54.795907][ T7326] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   54.810257][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   54.819356][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   54.827615][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   54.836360][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   54.845847][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   54.853410][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   54.869045][ T7326] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.877758][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   54.886093][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   54.901773][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   54.910207][ T2565] Bluetooth: Error in BCSP hdr checksum
[   54.925611][ T7330] 8021q: adding VLAN 0 to HW filter on device team0
[   54.939006][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   54.948096][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   54.956852][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   54.966403][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   54.975724][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   54.984350][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   54.992627][ T7448] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.999702][ T7448] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.007179][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   55.015790][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   55.024125][ T7448] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.031163][ T7448] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.039310][ T7448] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   55.047527][   T21] Bluetooth: Error in BCSP hdr checksum
[   55.053681][   T91] Bluetooth: Error in BCSP hdr checksum
[   55.066261][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   55.076258][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   55.085619][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   55.094142][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   55.102443][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   55.112198][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   55.121310][ T7328] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   55.137007][ T7330] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   55.158413][ T7330] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   55.177444][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   55.187452][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   55.196235][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   55.205086][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   55.213266][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   55.222910][ T3467] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   55.258373][ T7330] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.269778][ T7328] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.505622][ T2565] Bluetooth: Error in BCSP hdr checksum
[   55.673901][ T2565] Bluetooth: Error in BCSP hdr checksum
[   55.684214][    T7] Bluetooth: Error in BCSP hdr checksum
[   55.774254][    T7] Bluetooth: Error in BCSP hdr checksum
[   55.937238][    T7] Bluetooth: Error in BCSP hdr checksum
[   55.954439][ T2565] Bluetooth: Error in BCSP hdr checksum
[   56.414881][ T2969] Bluetooth: hci0: command 0x1003 tx timeout
[   56.421538][ T7525] Bluetooth: hci0: sending frame failed (-49)
[   56.494353][ T2969] Bluetooth: hci2: command 0x1003 tx timeout
[   56.500729][ T2969] Bluetooth: hci1: command 0x1003 tx timeout
[   56.500762][ T7525] Bluetooth: hci2: sending frame failed (-49)
[   56.513321][ T7525] Bluetooth: hci1: sending frame failed (-49)
[   57.304264][ T3467] Bluetooth: hci3: command 0x1003 tx timeout
[   57.311313][ T7567] Bluetooth: hci3: sending frame failed (-49)
[   57.454137][ T2969] Bluetooth: hci5: command 0x1003 tx timeout
[   57.461816][ T2969] Bluetooth: hci4: command 0x1003 tx timeout
[   57.461883][ T7567] Bluetooth: hci5: sending frame failed (-49)
[   57.468835][ T7566] Bluetooth: hci4: sending frame failed (-49)
[   58.503877][ T3467] Bluetooth: hci0: command 0x1001 tx timeout
[   58.510032][ T7566] Bluetooth: hci0: sending frame failed (-49)
[   58.574124][ T3467] Bluetooth: hci1: command 0x1001 tx timeout
[   58.580199][ T3467] Bluetooth: hci2: command 0x1001 tx timeout
[   58.580292][ T7566] Bluetooth: hci1: sending frame failed (-49)
[   58.586683][ T7567] Bluetooth: hci2: sending frame failed (-49)
[   59.373977][ T2969] Bluetooth: hci3: command 0x1001 tx timeout
[   59.380766][ T7567] Bluetooth: hci3: sending frame failed (-49)
[   59.533711][ T3467] Bluetooth: hci5: command 0x1001 tx timeout
[   59.533815][ T2969] Bluetooth: hci4: command 0x1001 tx timeout
[   59.539804][ T7567] Bluetooth: hci5: sending frame failed (-49)
[   59.550504][ T7566] Bluetooth: hci4: sending frame failed (-49)
[   60.573750][ T2969] Bluetooth: hci0: command 0x1009 tx timeout
[   60.654059][ T2969] Bluetooth: hci1: command 0x1009 tx timeout
[   60.654140][ T3467] Bluetooth: hci2: command 0x1009 tx timeout
[   61.453863][ T3467] Bluetooth: hci3: command 0x1009 tx timeout
[   61.613687][ T3467] Bluetooth: hci5: command 0x1009 tx timeout
[   61.613689][ T2969] Bluetooth: hci4: command 0x1009 tx timeout
[   64.897678][ T7521] ==================================================================
[   64.905819][ T7521] BUG: KASAN: double-free or invalid-free in skb_free_head+0x6e/0x90
[   64.913866][ T7521] 
[   64.916178][ T7521] CPU: 1 PID: 7521 Comm: syz-executor.4 Not tainted 5.2.0-rc6+ #0
[   64.923951][ T7521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   64.933990][ T7521] Call Trace:
[   64.937255][ T7521]  dump_stack+0x113/0x167
[   64.941648][ T7521]  ? bcsp_close+0xb5/0x120
[   64.946053][ T7521]  print_address_description.cold.5+0x9/0x1ff
[   64.952117][ T7521]  ? skb_free_head+0x6e/0x90
[   64.956694][ T7521]  ? bcsp_close+0xb5/0x120
[   64.961097][ T7521]  kasan_report_invalid_free+0x64/0xa0
[   64.966528][ T7521]  ? skb_free_head+0x6e/0x90
[   64.971089][ T7521]  __kasan_slab_free+0x13a/0x150
[   64.975999][ T7521]  ? skb_free_head+0x6e/0x90
[   64.980573][ T7521]  kasan_slab_free+0xe/0x10
[   64.985061][ T7521]  kfree+0xcf/0x220
[   64.988854][ T7521]  skb_free_head+0x6e/0x90
[   64.993244][ T7521]  skb_release_data+0x376/0x6a0
[   64.998070][ T7521]  ? bcsp_close+0xb5/0x120
[   65.002474][ T7521]  skb_release_all+0x3d/0x50
[   65.007038][ T7521]  kfree_skb+0x97/0x270
[   65.011179][ T7521]  bcsp_close+0xb5/0x120
[   65.015400][ T7521]  hci_uart_tty_close+0x18f/0x1f0
[   65.020400][ T7521]  tty_ldisc_close.isra.3+0xc8/0x120
[   65.025657][ T7521]  tty_ldisc_kill+0x7f/0x120
[   65.030217][ T7521]  tty_ldisc_release+0xb8/0x1a0
[   65.035056][ T7521]  tty_release_struct+0x12/0x50
[   65.039878][ T7521]  tty_release+0x97e/0xc60
[   65.044291][ T7521]  ? ___might_sleep+0x16b/0x270
[   65.049132][ T7521]  __fput+0x25a/0x770
[   65.053088][ T7521]  ? _raw_spin_unlock_irq+0x27/0x80
[   65.058260][ T7521]  ____fput+0x9/0x10
[   65.062139][ T7521]  task_work_run+0x108/0x180
[   65.067360][ T7521]  exit_to_usermode_loop+0x1a9/0x200
[   65.072619][ T7521]  do_syscall_64+0x447/0x530
[   65.077198][ T7521]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   65.083077][ T7521] RIP: 0033:0x413ae1
[   65.086948][ T7521] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[   65.106629][ T7521] RSP: 002b:00007ffc4057d0e0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   65.115023][ T7521] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 0000000000413ae1
[   65.122982][ T7521] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[   65.130943][ T7521] RBP: 0000000000000001 R08: ffffffffffffffff R09: ffffffffffffffff
[   65.138894][ T7521] R10: 00007ffc4057d1c0 R11: 0000000000000293 R12: 000000000075c9a0
[   65.146854][ T7521] R13: 000000000075c9a0 R14: 00000000007602d8 R15: 000000000075bfd4
[   65.154812][ T7521] 
[   65.157138][ T7521] Allocated by task 91:
[   65.161268][ T7521]  save_stack+0x21/0x90
[   65.165401][ T7521]  __kasan_kmalloc.constprop.8+0xc7/0xd0
[   65.171001][ T7521]  kasan_kmalloc+0x9/0x10
[   65.175314][ T7521]  __kmalloc_node_track_caller+0x4d/0x70
[   65.181021][ T7521]  __kmalloc_reserve.isra.38+0x2c/0xc0
[   65.186559][ T7521]  __alloc_skb+0xd7/0x570
[   65.190862][ T7521]  bcsp_recv+0x351/0x1480
[   65.195162][ T7521]  hci_uart_tty_receive+0x1ce/0x460
[   65.200331][ T7521]  tty_ldisc_receive_buf+0xff/0x1b0
[   65.205501][ T7521]  tty_port_default_receive_buf+0x5f/0x90
[   65.211223][ T7521]  flush_to_ldisc+0x1aa/0x3a0
[   65.215881][ T7521]  process_one_work+0x830/0x16a0
[   65.220788][ T7521]  worker_thread+0x85/0xb60
[   65.225276][ T7521]  kthread+0x324/0x3e0
[   65.229331][ T7521]  ret_from_fork+0x24/0x30
[   65.233725][ T7521] 
[   65.236025][ T7521] Freed by task 91:
[   65.239805][ T7521]  save_stack+0x21/0x90
[   65.243931][ T7521]  __kasan_slab_free+0x102/0x150
[   65.248842][ T7521]  kasan_slab_free+0xe/0x10
[   65.253315][ T7521]  kfree+0xcf/0x220
[   65.257095][ T7521]  skb_free_head+0x6e/0x90
[   65.261483][ T7521]  skb_release_data+0x376/0x6a0
[   65.266318][ T7521]  skb_release_all+0x3d/0x50
[   65.270881][ T7521]  kfree_skb+0x97/0x270
[   65.275010][ T7521]  bcsp_recv+0x260/0x1480
[   65.279321][ T7521]  hci_uart_tty_receive+0x1ce/0x460
[   65.284490][ T7521]  tty_ldisc_receive_buf+0xff/0x1b0
[   65.289659][ T7521]  tty_port_default_receive_buf+0x5f/0x90
[   65.295353][ T7521]  flush_to_ldisc+0x1aa/0x3a0
[   65.300002][ T7521]  process_one_work+0x830/0x16a0
[   65.304923][ T7521]  worker_thread+0x85/0xb60
[   65.309415][ T7521]  kthread+0x324/0x3e0
[   65.313454][ T7521]  ret_from_fork+0x24/0x30
[   65.317840][ T7521] 
[   65.320144][ T7521] The buggy address belongs to the object at ffff8880a0015100
[   65.320144][ T7521]  which belongs to the cache kmalloc-8k of size 8192
[   65.334255][ T7521] The buggy address is located 0 bytes inside of
[   65.334255][ T7521]  8192-byte region [ffff8880a0015100, ffff8880a0017100)
[   65.347432][ T7521] The buggy address belongs to the page:
[   65.353052][ T7521] page:ffffea0002800500 refcount:1 mapcount:0 mapping:ffff8880aa402080 index:0x0 compound_mapcount: 0
[   65.364047][ T7521] flags: 0x1fffc0000010200(slab|head)
[   65.369611][ T7521] raw: 01fffc0000010200 ffffea000224cb08 ffffea00022aa508 ffff8880aa402080
[   65.378168][ T7521] raw: 0000000000000000 ffff8880a0015100 0000000100000001 0000000000000000
[   65.387069][ T7521] page dumped because: kasan: bad access detected
[   65.393455][ T7521] 
[   65.395771][ T7521] Memory state around the buggy address:
[   65.401376][ T7521]  ffff8880a0015000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   65.409440][ T7521]  ffff8880a0015080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   65.417474][ T7521] >ffff8880a0015100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   65.425591][ T7521]                    ^
[   65.429648][ T7521]  ffff8880a0015180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   65.437878][ T7521]  ffff8880a0015200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   65.445930][ T7521] ==================================================================
[   65.453998][ T7521] Disabling lock debugging due to kernel taint
[   65.460124][ T7521] Kernel panic - not syncing: panic_on_warn set ...
[   65.460126][ T7523] ==================================================================
[   65.460140][ T7523] BUG: KASAN: use-after-free in kfree_skb+0x2d/0x270
[   65.466690][ T7521] CPU: 1 PID: 7521 Comm: syz-executor.4 Tainted: G    B             5.2.0-rc6+ #0
[   65.474743][ T7523] Read of size 4 at addr ffff8880997ecd94 by task syz-executor.0/7523
[   65.481407][ T7521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   65.490562][ T7523] 
[   65.498702][ T7521] Call Trace:
[   65.514749][ T7521]  dump_stack+0x113/0x167
[   65.519053][ T7521]  ? skb_push+0x90/0xe0
[   65.523219][ T7521]  ? bcsp_close+0xb5/0x120
[   65.527609][ T7521]  panic+0x212/0x4cb
[   65.531499][ T7521]  ? __warn_printk+0xd6/0xd6
[   65.536234][ T7521]  ? lock_downgrade+0x860/0x860
[   65.541060][ T7521]  ? _raw_spin_unlock_irqrestore+0x63/0xd0
[   65.546840][ T7521]  ? kasan_check_read+0x11/0x20
[   65.551682][ T7521]  ? skb_free_head+0x6e/0x90
[   65.556285][ T7521]  end_report+0x47/0x4f
[   65.560422][ T7521]  kasan_report_invalid_free+0x81/0xa0
[   65.565867][ T7521]  ? skb_free_head+0x6e/0x90
[   65.570463][ T7521]  __kasan_slab_free+0x13a/0x150
[   65.576358][ T7521]  ? skb_free_head+0x6e/0x90
[   65.580935][ T7521]  kasan_slab_free+0xe/0x10
[   65.585451][ T7521]  kfree+0xcf/0x220
[   65.589231][ T7521]  skb_free_head+0x6e/0x90
[   65.593620][ T7521]  skb_release_data+0x376/0x6a0
[   65.598451][ T7521]  ? bcsp_close+0xb5/0x120
[   65.602839][ T7521]  skb_release_all+0x3d/0x50
[   65.607508][ T7521]  kfree_skb+0x97/0x270
[   65.611651][ T7521]  bcsp_close+0xb5/0x120
[   65.615884][ T7521]  hci_uart_tty_close+0x18f/0x1f0
[   65.620973][ T7521]  tty_ldisc_close.isra.3+0xc8/0x120
[   65.626230][ T7521]  tty_ldisc_kill+0x7f/0x120
[   65.630806][ T7521]  tty_ldisc_release+0xb8/0x1a0
[   65.635631][ T7521]  tty_release_struct+0x12/0x50
[   65.640453][ T7521]  tty_release+0x97e/0xc60
[   65.644935][ T7521]  ? ___might_sleep+0x16b/0x270
[   65.649786][ T7521]  __fput+0x25a/0x770
[   65.653742][ T7521]  ? _raw_spin_unlock_irq+0x27/0x80
[   65.658945][ T7521]  ____fput+0x9/0x10
[   65.662913][ T7521]  task_work_run+0x108/0x180
[   65.667529][ T7521]  exit_to_usermode_loop+0x1a9/0x200
[   65.672801][ T7521]  do_syscall_64+0x447/0x530
[   65.677376][ T7521]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   65.683278][ T7521] RIP: 0033:0x413ae1
[   65.687181][ T7521] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[   65.707283][ T7521] RSP: 002b:00007ffc4057d0e0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   65.715760][ T7521] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 0000000000413ae1
[   65.723969][ T7521] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[   65.732014][ T7521] RBP: 0000000000000001 R08: ffffffffffffffff R09: ffffffffffffffff
[   65.739965][ T7521] R10: 00007ffc4057d1c0 R11: 0000000000000293 R12: 000000000075c9a0
[   65.747964][ T7521] R13: 000000000075c9a0 R14: 00000000007602d8 R15: 000000000075bfd4
[   65.755929][ T7523] CPU: 0 PID: 7523 Comm: syz-executor.0 Tainted: G    B             5.2.0-rc6+ #0
[   65.765110][ T7523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   65.775150][ T7523] Call Trace:
[   65.778593][ T7523]  dump_stack+0x113/0x167
[   65.783088][ T7523]  print_address_description.cold.5+0x9/0x1ff
[   65.789146][ T7523]  ? kfree_skb+0x2d/0x270
[   65.793452][ T7523]  __kasan_report.cold.6+0x1b/0x39
[   65.798879][ T7523]  ? kfree_skb+0x2d/0x270
[   65.803202][ T7523]  ? kfree_skb+0x2d/0x270
[   65.807763][ T7523]  kasan_report+0x12/0x20
[   65.812065][ T7523]  check_memory_region+0x13e/0x1b0
[   65.817148][ T7523]  kasan_check_read+0x11/0x20
[   65.821799][ T7523]  kfree_skb+0x2d/0x270
[   65.825938][ T7523]  bcsp_close+0xb5/0x120
[   65.830191][ T7523]  hci_uart_tty_close+0x18f/0x1f0
[   65.835293][ T7523]  tty_ldisc_close.isra.3+0xc8/0x120
[   65.840570][ T7523]  tty_ldisc_kill+0x7f/0x120
[   65.845220][ T7523]  tty_ldisc_release+0xb8/0x1a0
[   65.850045][ T7523]  tty_release_struct+0x12/0x50
[   65.854885][ T7523]  tty_release+0x97e/0xc60
[   65.859288][ T7523]  ? ___might_sleep+0x16b/0x270
[   65.864126][ T7523]  __fput+0x25a/0x770
[   65.868182][ T7523]  ? _raw_spin_unlock_irq+0x27/0x80
[   65.873351][ T7523]  ____fput+0x9/0x10
[   65.877217][ T7523]  task_work_run+0x108/0x180
[   65.882405][ T7523]  exit_to_usermode_loop+0x1a9/0x200
[   65.887664][ T7523]  do_syscall_64+0x447/0x530
[   65.892227][ T7523]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   65.898090][ T7523] RIP: 0033:0x413ae1
[   65.901962][ T7523] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[   65.921540][ T7523] RSP: 002b:00007fffb7c9c800 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   65.930037][ T7523] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 0000000000413ae1
[   65.937982][ T7523] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[   65.945939][ T7523] RBP: 0000000000000001 R08: ffffffffffffffff R09: ffffffffffffffff
[   65.953883][ T7523] R10: 00007fffb7c9c8e0 R11: 0000000000000293 R12: 000000000075c9a0
[   65.961826][ T7523] R13: 000000000075c9a0 R14: 00000000007602d8 R15: 000000000075bfd4
[   65.969776][ T7523] 
[   65.972082][ T7523] Allocated by task 21:
[   65.976217][ T7523]  save_stack+0x21/0x90
[   65.980343][ T7523]  __kasan_kmalloc.constprop.8+0xc7/0xd0
[   65.985945][ T7523]  kasan_slab_alloc+0x12/0x20
[   65.990593][ T7523]  kmem_cache_alloc_node+0x131/0x720
[   65.995861][ T7523]  __alloc_skb+0xa7/0x570
[   66.000162][ T7523]  bcsp_recv+0x351/0x1480
[   66.004462][ T7523]  hci_uart_tty_receive+0x1ce/0x460
[   66.009638][ T7523]  tty_ldisc_receive_buf+0xff/0x1b0
[   66.014819][ T7523]  tty_port_default_receive_buf+0x5f/0x90
[   66.020521][ T7523]  flush_to_ldisc+0x1aa/0x3a0
[   66.025168][ T7523]  process_one_work+0x830/0x16a0
[   66.030095][ T7523]  worker_thread+0x85/0xb60
[   66.034585][ T7523]  kthread+0x324/0x3e0
[   66.038625][ T7523]  ret_from_fork+0x24/0x30
[   66.043013][ T7523] 
[   66.045393][ T7523] Freed by task 21:
[   66.049173][ T7523]  save_stack+0x21/0x90
[   66.053298][ T7523]  __kasan_slab_free+0x102/0x150
[   66.058205][ T7523]  kasan_slab_free+0xe/0x10
[   66.062677][ T7523]  kmem_cache_free+0x83/0x290
[   66.067324][ T7523]  kfree_skbmem+0x82/0xf0
[   66.071625][ T7523]  kfree_skb+0x9f/0x270
[   66.075762][ T7523]  bcsp_recv+0x260/0x1480
[   66.080061][ T7523]  hci_uart_tty_receive+0x1ce/0x460
[   66.085234][ T7523]  tty_ldisc_receive_buf+0xff/0x1b0
[   66.090404][ T7523]  tty_port_default_receive_buf+0x5f/0x90
[   66.096106][ T7523]  flush_to_ldisc+0x1aa/0x3a0
[   66.100768][ T7523]  process_one_work+0x830/0x16a0
[   66.105675][ T7523]  worker_thread+0x85/0xb60
[   66.110162][ T7523]  kthread+0x324/0x3e0
[   66.114205][ T7523]  ret_from_fork+0x24/0x30
[   66.118590][ T7523] 
[   66.120893][ T7523] The buggy address belongs to the object at ffff8880997eccc0
[   66.120893][ T7523]  which belongs to the cache skbuff_head_cache of size 224
[   66.135902][ T7523] The buggy address is located 212 bytes inside of
[   66.135902][ T7523]  224-byte region [ffff8880997eccc0, ffff8880997ecda0)
[   66.149144][ T7523] The buggy address belongs to the page:
[   66.155104][ T7523] page:ffffea000265fb00 refcount:1 mapcount:0 mapping:ffff88821b6f6540 index:0x0
[   66.164181][ T7523] flags: 0x1fffc0000000200(slab)
[   66.169091][ T7523] raw: 01fffc0000000200 ffffea0002193848 ffffea0002338a48 ffff88821b6f6540
[   66.177642][ T7523] raw: 0000000000000000 ffff8880997ec040 000000010000000c 0000000000000000
[   66.186191][ T7523] page dumped because: kasan: bad access detected
[   66.192570][ T7523] 
[   66.194876][ T7523] Memory state around the buggy address:
[   66.200486][ T7523]  ffff8880997ecc80: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
[   66.208864][ T7523]  ffff8880997ecd00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   66.216903][ T7523] >ffff8880997ecd80: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc
[   66.225193][ T7523]                          ^
[   66.229749][ T7523]  ffff8880997ece00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   66.237788][ T7523]  ffff8880997ece80: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[   66.245825][ T7523] ==================================================================
[   66.255481][ T7521] Kernel Offset: disabled
[   66.259801][ T7521] Rebooting in 86400 seconds..