[   38.455928][   T26] audit: type=1800 audit(1564581424.668:22): pid=7340 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="motd" dev="sda1" ino=2447 res=0
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   52.527964][ T7506] IPVS: ftp: loaded support on port[0] = 21
[   52.971159][ T7495] can: request_module (can-proto-0) failed.
[   53.987610][ T7495] can: request_module (can-proto-0) failed.
Warning: Permanently added '10.128.15.220' (ECDSA) to the list of known hosts.
2019/07/31 13:57:27 parsed 1 programs
2019/07/31 13:57:28 executed programs: 0
[   62.411199][ T7580] IPVS: ftp: loaded support on port[0] = 21
[   62.422827][ T7583] IPVS: ftp: loaded support on port[0] = 21
[   62.431955][ T7585] IPVS: ftp: loaded support on port[0] = 21
[   62.498285][ T7589] IPVS: ftp: loaded support on port[0] = 21
[   62.500958][ T7590] IPVS: ftp: loaded support on port[0] = 21
[   62.529556][ T7588] IPVS: ftp: loaded support on port[0] = 21
[   62.621267][ T7583] chnl_net:caif_netlink_parms(): no params data found
[   62.717861][ T7585] chnl_net:caif_netlink_parms(): no params data found
[   62.736159][ T7583] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.744443][ T7583] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.752239][ T7583] device bridge_slave_0 entered promiscuous mode
[   62.791088][ T7585] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.798436][ T7585] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.806283][ T7585] device bridge_slave_0 entered promiscuous mode
[   62.813430][ T7583] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.820918][ T7583] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.829062][ T7583] device bridge_slave_1 entered promiscuous mode
[   62.867552][ T7589] chnl_net:caif_netlink_parms(): no params data found
[   62.875650][ T7585] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.883024][ T7585] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.890602][ T7585] device bridge_slave_1 entered promiscuous mode
[   62.915650][ T7583] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   62.953727][ T7585] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   62.965683][ T7583] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   62.988417][ T7585] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   62.997186][ T7590] chnl_net:caif_netlink_parms(): no params data found
[   63.005314][ T7580] chnl_net:caif_netlink_parms(): no params data found
[   63.030018][ T7583] team0: Port device team_slave_0 added
[   63.056105][ T7589] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.063834][ T7589] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.071340][ T7589] device bridge_slave_0 entered promiscuous mode
[   63.079580][ T7583] team0: Port device team_slave_1 added
[   63.093681][ T7588] chnl_net:caif_netlink_parms(): no params data found
[   63.110160][ T7589] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.117597][ T7589] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.125483][ T7589] device bridge_slave_1 entered promiscuous mode
[   63.133255][ T7585] team0: Port device team_slave_0 added
[   63.160175][ T7590] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.167304][ T7590] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.175122][ T7590] device bridge_slave_0 entered promiscuous mode
[   63.183290][ T7585] team0: Port device team_slave_1 added
[   63.189060][ T7590] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.196232][ T7590] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.203849][ T7590] device bridge_slave_1 entered promiscuous mode
[   63.273919][ T7583] device hsr_slave_0 entered promiscuous mode
[   63.311923][ T7583] device hsr_slave_1 entered promiscuous mode
[   63.365112][ T7589] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   63.374870][ T7589] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   63.391948][ T7588] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.399056][ T7588] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.406939][ T7588] device bridge_slave_0 entered promiscuous mode
[   63.418416][ T7588] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.425595][ T7588] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.433556][ T7588] device bridge_slave_1 entered promiscuous mode
[   63.442339][ T7590] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   63.535162][ T7585] device hsr_slave_0 entered promiscuous mode
[   63.601674][ T7585] device hsr_slave_1 entered promiscuous mode
[   63.645404][ T7590] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   63.654383][ T7580] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.661718][ T7580] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.669223][ T7580] device bridge_slave_0 entered promiscuous mode
[   63.678620][ T7589] team0: Port device team_slave_0 added
[   63.711278][ T7580] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.718489][ T7580] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.726642][ T7580] device bridge_slave_1 entered promiscuous mode
[   63.734893][ T7588] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   63.744393][ T7589] team0: Port device team_slave_1 added
[   63.750957][ T7588] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   63.780891][ T7580] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   63.794648][ T7590] team0: Port device team_slave_0 added
[   63.802850][ T7580] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   63.819416][ T7590] team0: Port device team_slave_1 added
[   63.826098][ T7588] team0: Port device team_slave_0 added
[   63.836955][ T7588] team0: Port device team_slave_1 added
[   63.925201][ T7588] device hsr_slave_0 entered promiscuous mode
[   63.961965][ T7588] device hsr_slave_1 entered promiscuous mode
[   64.043753][ T7589] device hsr_slave_0 entered promiscuous mode
[   64.082767][ T7589] device hsr_slave_1 entered promiscuous mode
[   64.129578][ T7580] team0: Port device team_slave_0 added
[   64.137180][ T7580] team0: Port device team_slave_1 added
[   64.193911][ T7590] device hsr_slave_0 entered promiscuous mode
[   64.251820][ T7590] device hsr_slave_1 entered promiscuous mode
[   64.363879][ T7580] device hsr_slave_0 entered promiscuous mode
[   64.402534][ T7580] device hsr_slave_1 entered promiscuous mode
[   64.487815][ T7583] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.507433][ T7588] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.531626][ T7585] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.557473][ T7588] 8021q: adding VLAN 0 to HW filter on device team0
[   64.568567][ T7583] 8021q: adding VLAN 0 to HW filter on device team0
[   64.583405][ T7511] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   64.597122][ T7511] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   64.604719][ T7511] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   64.612859][ T7511] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   64.620375][ T7511] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   64.655266][ T7585] 8021q: adding VLAN 0 to HW filter on device team0
[   64.664923][ T7590] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.673095][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   64.682729][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   64.690987][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.698146][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.707106][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   64.715910][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   64.724324][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.731418][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.738843][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   64.747655][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   64.756178][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   64.764631][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   64.773092][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   64.781090][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   64.789723][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   64.798040][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.805081][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.813024][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   64.821545][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   64.829743][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.836848][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.844633][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   64.853174][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   64.861833][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   64.869355][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   64.877633][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   64.885553][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   64.893535][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   64.903905][ T7588] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   64.938620][ T7590] 8021q: adding VLAN 0 to HW filter on device team0
[   64.950537][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   64.959539][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   64.968118][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   64.977311][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   64.985834][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   64.994409][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   65.002927][ T3012] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.009967][ T3012] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.017482][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   65.026029][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   65.034436][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   65.042753][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   65.050814][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   65.058651][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   65.066263][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   65.074596][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   65.082969][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   65.091640][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   65.099869][ T3012] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.106955][ T3012] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.115617][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   65.123377][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   65.131221][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   65.153510][ T7583] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   65.172369][ T7588] 8021q: adding VLAN 0 to HW filter on device batadv0
[   65.179948][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   65.189644][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   65.198611][ T3012] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.205709][ T3012] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.214237][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   65.222625][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   65.230879][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   65.240203][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   65.248414][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   65.256818][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   65.265461][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   65.273967][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   65.282287][ T3012] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.289318][ T3012] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.296879][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   65.305276][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   65.319398][ T7585] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   65.330681][ T7585] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   65.344756][ T7589] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.358846][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   65.366984][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   65.376356][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   65.387781][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   65.396212][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   65.404887][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   65.419028][ T7585] 8021q: adding VLAN 0 to HW filter on device batadv0
[   65.435927][ T7511] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   65.445489][ T7511] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   65.458247][ T7511] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   65.466930][ T7511] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   65.480983][ T7589] 8021q: adding VLAN 0 to HW filter on device team0
[   65.500858][ T7590] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   65.515891][ T7590] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   65.528749][ T7511] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   65.536989][ T7511] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   65.545051][ T7511] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   65.562274][ T7511] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   65.570622][ T7511] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   65.579476][ T7511] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   65.587789][ T7511] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   65.596609][ T7511] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   65.619067][ T7590] 8021q: adding VLAN 0 to HW filter on device batadv0
[   65.635936][ T7583] 8021q: adding VLAN 0 to HW filter on device batadv0
[   65.661163][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   65.670336][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   65.679984][ T3012] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.687105][ T3012] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.699807][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   65.710074][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   65.718537][ T3012] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.725605][ T3012] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.734630][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   65.752553][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   65.763171][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   65.776998][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   65.795738][ T7614] IPVS: ftp: loaded support on port[0] = 21
[   65.803236][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   65.811612][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   65.820048][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   65.828426][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   65.836901][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   65.846383][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   65.850320][ T7619] IPVS: ftp: loaded support on port[0] = 21
[   65.855108][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   65.869029][ T3012] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   65.879851][ T7580] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.974677][ T7580] 8021q: adding VLAN 0 to HW filter on device team0
[   65.994082][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   66.007750][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   66.023179][ T7589] 8021q: adding VLAN 0 to HW filter on device batadv0
[   66.045495][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   66.060163][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   66.064945][ T7632] IPVS: ftp: loaded support on port[0] = 21
[   66.068945][   T17] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.077873][ T7633] IPVS: ftp: loaded support on port[0] = 21
[   66.081193][   T17] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.117454][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   66.127282][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   66.136138][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   66.144603][   T22] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.151694][   T22] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.177483][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   66.227009][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   66.236447][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   66.246362][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   66.254874][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   66.265997][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   66.275018][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   66.284034][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   66.292837][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   66.301208][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   66.309820][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   66.344714][ T7580] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   66.384373][ T7580] 8021q: adding VLAN 0 to HW filter on device batadv0
[   66.412510][ T7645] IPVS: ftp: loaded support on port[0] = 21
[   66.453684][ T7609] IPVS: ftp: loaded support on port[0] = 21
[   66.548902][ T7655] IPVS: ftp: loaded support on port[0] = 21
[   66.585776][ T7656] IPVS: ftp: loaded support on port[0] = 21
[   66.596837][ T7618] IPVS: ftp: loaded support on port[0] = 21
[   66.730068][ T7661] IPVS: ftp: loaded support on port[0] = 21
[   66.789643][ T7633] IPVS: ftp: loaded support on port[0] = 21
[   66.806278][ T7630] IPVS: ftp: loaded support on port[0] = 21
[   66.926639][ T7668] IPVS: ftp: loaded support on port[0] = 21
[   66.949235][ T7669] IPVS: ftp: loaded support on port[0] = 21
[   67.157534][ T7642] IPVS: ftp: loaded support on port[0] = 21
[   67.299571][ T7673] IPVS: ftp: loaded support on port[0] = 21
[   67.344620][ T7675] IPVS: ftp: loaded support on port[0] = 21
[   67.360611][ T7676] IPVS: ftp: loaded support on port[0] = 21
2019/07/31 13:57:33 executed programs: 11
[   67.484246][ T7678] IPVS: ftp: loaded support on port[0] = 21
[   67.609082][ T7682] IPVS: ftp: loaded support on port[0] = 21
[   67.678618][ T7686] IPVS: ftp: loaded support on port[0] = 21
[   67.705248][ T7688] IPVS: ftp: loaded support on port[0] = 21
[   68.103244][ T7689] IPVS: ftp: loaded support on port[0] = 21
[   68.412834][ T7691] IPVS: ftp: loaded support on port[0] = 21
[   69.870582][ T7714] IPVS: ftp: loaded support on port[0] = 21
[   69.880699][ T7716] IPVS: ftp: loaded support on port[0] = 21
[   69.893341][ T7715] IPVS: ftp: loaded support on port[0] = 21
[   69.986216][ T7675] 
[   69.986702][ T7714] kobject: 'ip6gre0' (0000000076b95d1f): kobject_uevent_env
[   69.988570][ T7675] =========================
[   69.988572][ T7675] WARNING: held lock freed!
[   69.988577][ T7675] 5.2.0-rc6+ #1 Not tainted
[   69.988578][ T7675] -------------------------
[   69.988582][ T7675] syz-executor.3/7675 is freeing memory ffff888079256e80-ffff88807925767f, with a lock still held there!
[   69.988585][ T7675] 0000000033702ed4 (sk_lock-AF_NETROM){+.+.}, at: nr_release+0x102/0x360
[   69.988608][ T7675] 2 locks held by syz-executor.3/7675:
[   69.996157][ T7714] kobject: 'ip6gre0' (0000000076b95d1f): fill_kobj_path: path = '/devices/virtual/net/ip6gre0'
[   70.000361][ T7675]  #0: 0000000052cb167e (&sb->s_type->i_mutex_key#11){+.+.}, at: __sock_release+0x7d/0x290
[   70.000379][ T7675]  #1: 0000000033702ed4 (sk_lock-AF_NETROM){+.+.}, at: nr_release+0x102/0x360
[   70.000389][ T7675] 
[   70.000389][ T7675] stack backtrace:
[   70.000396][ T7675] CPU: 0 PID: 7675 Comm: syz-executor.3 Not tainted 5.2.0-rc6+ #1
[   70.000399][ T7675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   70.000418][ T7675] Call Trace:
[   70.005164][ T7714] kobject: 'queues' (0000000021d1c5ee): kobject_add_internal: parent: 'ip6gre0', set: '<NULL>'
[   70.009377][ T7675]  dump_stack+0x113/0x167
[   70.009390][ T7675]  debug_check_no_locks_freed.cold.56+0x9e/0xaa
[   70.009398][ T7675]  ? trace_hardirqs_off+0x41/0x180
[   70.009406][ T7675]  kfree+0xb1/0x220
[   70.009415][ T7675]  __sk_destruct+0x3f1/0x580
[   70.014067][ T7714] kobject: 'queues' (0000000021d1c5ee): kobject_uevent_env
[   70.025067][ T7675]  sk_destruct+0x49/0x60
[   70.025070][ T7675]  __sk_free+0x9e/0x230
[   70.025074][ T7675]  sk_free+0x23/0x30
[   70.025080][ T7675]  nr_destroy_socket+0x362/0x420
[   70.025084][ T7675]  nr_release+0x2c9/0x360
[   70.025091][ T7675]  __sock_release+0xc2/0x290
[   70.025096][ T7675]  sock_close+0x10/0x20
[   70.025103][ T7675]  __fput+0x25a/0x770
[   70.025109][ T7675]  ? _raw_spin_unlock_irq+0x27/0x80
[   70.025114][ T7675]  ____fput+0x9/0x10
[   70.025119][ T7675]  task_work_run+0x108/0x180
[   70.025126][ T7675]  do_exit+0x9ca/0x2e80
[   70.025135][ T7675]  ? do_syscall_64+0xd0/0x530
[   70.025142][ T7675]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   70.033718][ T7714] kobject: 'queues' (0000000021d1c5ee): kobject_uevent_env: filter function caused the event to drop!
[   70.038992][ T7675]  ? mm_update_next_owner+0x650/0x650
[   70.038998][ T7675]  ? find_held_lock+0x36/0x1d0
[   70.039005][ T7675]  ? get_signal+0x2bd/0x1cf0
[   70.039011][ T7675]  ? _raw_spin_unlock_irq+0x27/0x80
[   70.039015][ T7675]  ? get_signal+0x2bd/0x1cf0
[   70.039020][ T7675]  do_group_exit+0xf4/0x2f0
[   70.039027][ T7675]  get_signal+0x362/0x1cf0
[   70.039035][ T7675]  ? create_new_namespaces+0x113/0x760
[   70.049542][ T7714] kobject: 'rx-0' (00000000560913e0): kobject_add_internal: parent: 'queues', set: 'queues'
[   70.059313][ T7675]  do_signal+0x87/0x1940
[   70.059322][ T7675]  ? unshare_nsproxy_namespaces+0x87/0x1a0
[   70.059328][ T7675]  ? setup_sigcontext+0x7d0/0x7d0
[   70.059335][ T7675]  ? walk_process_tree+0x310/0x310
[   70.059343][ T7675]  ? exit_to_usermode_loop+0x3a/0x200
[   70.059347][ T7675]  ? do_syscall_64+0x447/0x530
[   70.059352][ T7675]  ? lockdep_hardirqs_on+0x424/0x5c0
[   70.059355][ T7675]  ? exit_to_usermode_loop+0x3a/0x200
[   70.059362][ T7675]  ? trace_hardirqs_on+0x28/0x190
[   70.059367][ T7675]  exit_to_usermode_loop+0x114/0x200
[   70.059375][ T7675]  do_syscall_64+0x447/0x530
[   70.068437][ T7714] kobject: 'rx-0' (00000000560913e0): kobject_uevent_env
[   70.074115][ T7675]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   70.074134][ T7675] RIP: 0033:0x459829
[   70.074151][ T7675] Code: Bad RIP value.
[   70.074153][ T7675] RSP: 002b:00007f502b76ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[   70.074165][ T7675] RAX: fffffffffffffffc RBX: 0000000000000001 RCX: 0000000000459829
[   70.074167][ T7675] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
[   70.074170][ T7675] RBP: 000000000075c118 R08: 0000000000000000 R09: 0000000000000000
[   70.074172][ T7675] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f502b76f6d4
[   70.074178][ T7675] R13: 00000000004c8f3a R14: 00000000004dfff0 R15: 00000000ffffffff
[   70.082178][ T7714] kobject: 'rx-0' (00000000560913e0): fill_kobj_path: path = '/devices/virtual/net/ip6gre0/queues/rx-0'
[   70.093848][ T7675] ==================================================================
[   70.417645][ T7675] BUG: KASAN: use-after-free in do_raw_spin_lock+0x282/0x2d0
[   70.424993][ T7675] Read of size 4 at addr ffff888079256f0c by task syz-executor.3/7675
[   70.433160][ T7675] 
[   70.435493][ T7675] CPU: 0 PID: 7675 Comm: syz-executor.3 Not tainted 5.2.0-rc6+ #1
[   70.443274][ T7675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   70.453319][ T7675] Call Trace:
[   70.456607][ T7675]  dump_stack+0x113/0x167
[   70.460928][ T7675]  print_address_description.cold.5+0x9/0x1ff
[   70.466988][ T7675]  ? do_raw_spin_lock+0x282/0x2d0
[   70.472021][ T7675]  __kasan_report.cold.6+0x1b/0x39
[   70.477118][ T7675]  ? do_raw_spin_lock+0x282/0x2d0
[   70.482130][ T7675]  ? do_raw_spin_lock+0x282/0x2d0
[   70.487681][ T7675]  kasan_report+0x12/0x20
[   70.492001][ T7675]  __asan_report_load4_noabort+0x14/0x20
[   70.497620][ T7675]  do_raw_spin_lock+0x282/0x2d0
[   70.502453][ T7675]  ? rwlock_bug.part.2+0x90/0x90
[   70.507374][ T7675]  ? lock_acquire+0x173/0x3d0
[   70.512032][ T7675]  ? release_sock+0x1b/0x180
[   70.516602][ T7675]  ? sk_destruct+0x49/0x60
[   70.520997][ T7675]  _raw_spin_lock_bh+0x39/0x40
[   70.525759][ T7675]  ? release_sock+0x1b/0x180
[   70.530339][ T7675]  release_sock+0x1b/0x180
[   70.534739][ T7675]  nr_release+0x168/0x360
[   70.539053][ T7675]  __sock_release+0xc2/0x290
[   70.543626][ T7675]  sock_close+0x10/0x20
[   70.547768][ T7675]  __fput+0x25a/0x770
[   70.551732][ T7675]  ? _raw_spin_unlock_irq+0x27/0x80
[   70.556915][ T7675]  ____fput+0x9/0x10
[   70.560813][ T7675]  task_work_run+0x108/0x180
[   70.565395][ T7675]  do_exit+0x9ca/0x2e80
[   70.569535][ T7675]  ? do_syscall_64+0xd0/0x530
[   70.574195][ T7675]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   70.580254][ T7675]  ? mm_update_next_owner+0x650/0x650
[   70.585622][ T7675]  ? find_held_lock+0x36/0x1d0
[   70.590380][ T7675]  ? get_signal+0x2bd/0x1cf0
[   70.594963][ T7675]  ? _raw_spin_unlock_irq+0x27/0x80
[   70.600156][ T7675]  ? get_signal+0x2bd/0x1cf0
[   70.604739][ T7675]  do_group_exit+0xf4/0x2f0
[   70.609240][ T7675]  get_signal+0x362/0x1cf0
[   70.613651][ T7675]  ? create_new_namespaces+0x113/0x760
[   70.619119][ T7675]  do_signal+0x87/0x1940
[   70.623358][ T7675]  ? unshare_nsproxy_namespaces+0x87/0x1a0
[   70.629161][ T7675]  ? setup_sigcontext+0x7d0/0x7d0
[   70.634188][ T7675]  ? walk_process_tree+0x310/0x310
[   70.639297][ T7675]  ? exit_to_usermode_loop+0x3a/0x200
[   70.644678][ T7675]  ? do_syscall_64+0x447/0x530
[   70.649455][ T7675]  ? lockdep_hardirqs_on+0x424/0x5c0
[   70.654736][ T7675]  ? exit_to_usermode_loop+0x3a/0x200
[   70.660112][ T7675]  ? trace_hardirqs_on+0x28/0x190
[   70.665136][ T7675]  exit_to_usermode_loop+0x114/0x200
[   70.670421][ T7675]  do_syscall_64+0x447/0x530
[   70.675007][ T7675]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   70.680919][ T7675] RIP: 0033:0x459829
[   70.684826][ T7675] Code: Bad RIP value.
[   70.688877][ T7675] RSP: 002b:00007f502b76ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[   70.697283][ T7675] RAX: fffffffffffffffc RBX: 0000000000000001 RCX: 0000000000459829
[   70.705251][ T7675] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
[   70.713314][ T7675] RBP: 000000000075c118 R08: 0000000000000000 R09: 0000000000000000
[   70.721281][ T7675] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f502b76f6d4
[   70.729251][ T7675] R13: 00000000004c8f3a R14: 00000000004dfff0 R15: 00000000ffffffff
[   70.737228][ T7675] 
[   70.739570][ T7675] Allocated by task 7656:
[   70.743891][ T7675]  save_stack+0x21/0x90
[   70.748037][ T7675]  __kasan_kmalloc.constprop.8+0xc7/0xd0
[   70.753665][ T7675]  kasan_kmalloc+0x9/0x10
[   70.758003][ T7675]  __kmalloc+0x15d/0x760
[   70.762291][ T7675]  sk_prot_alloc+0x148/0x240
[   70.766880][ T7675]  sk_alloc+0x30/0xc70
[   70.770979][ T7675]  nr_rx_frame+0x645/0x1f00
[   70.775522][ T7675]  nr_loopback_timer+0x64/0x120
[   70.780431][ T7675]  call_timer_fn+0x14d/0x510
[   70.785031][ T7675]  run_timer_softirq+0xc6f/0x1330
[   70.790074][ T7675]  __do_softirq+0x260/0x958
[   70.794587][ T7675] 
[   70.796958][ T7675] Freed by task 7675:
[   70.800942][ T7675]  save_stack+0x21/0x90
[   70.805279][ T7675]  __kasan_slab_free+0x102/0x150
[   70.810230][ T7675]  kasan_slab_free+0xe/0x10
[   70.814780][ T7675]  kfree+0xcf/0x220
[   70.818598][ T7675]  __sk_destruct+0x3f1/0x580
[   70.823168][ T7675]  sk_destruct+0x49/0x60
[   70.827394][ T7675]  __sk_free+0x9e/0x230
[   70.831530][ T7675]  sk_free+0x23/0x30
[   70.835410][ T7675]  nr_destroy_socket+0x362/0x420
[   70.840335][ T7675]  nr_release+0x2c9/0x360
[   70.844673][ T7675]  __sock_release+0xc2/0x290
[   70.849316][ T7675]  sock_close+0x10/0x20
[   70.853515][ T7675]  __fput+0x25a/0x770
[   70.857483][ T7675]  ____fput+0x9/0x10
[   70.861369][ T7675]  task_work_run+0x108/0x180
[   70.865950][ T7675]  do_exit+0x9ca/0x2e80
[   70.870099][ T7675]  do_group_exit+0xf4/0x2f0
[   70.874600][ T7675]  get_signal+0x362/0x1cf0
[   70.879038][ T7675]  do_signal+0x87/0x1940
[   70.883331][ T7675]  exit_to_usermode_loop+0x114/0x200
[   70.888680][ T7675]  do_syscall_64+0x447/0x530
[   70.893293][ T7675]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   70.899216][ T7675] 
[   70.901577][ T7675] The buggy address belongs to the object at ffff888079256e80
[   70.901577][ T7675]  which belongs to the cache kmalloc-2k of size 2048
[   70.915653][ T7675] The buggy address is located 140 bytes inside of
[   70.915653][ T7675]  2048-byte region [ffff888079256e80, ffff888079257680)
[   70.929091][ T7675] The buggy address belongs to the page:
[   70.934825][ T7675] page:ffffea0001e49580 refcount:1 mapcount:0 mapping:ffff8880aa400c40 index:0x0 compound_mapcount: 0
[   70.945866][ T7675] flags: 0x1fffc0000010200(slab|head)
[   70.951282][ T7675] raw: 01fffc0000010200 ffffea0001e49188 ffffea0001e49708 ffff8880aa400c40
[   70.959904][ T7675] raw: 0000000000000000 ffff888079256600 0000000100000003 0000000000000000
[   70.968558][ T7675] page dumped because: kasan: bad access detected
[   70.975024][ T7675] 
[   70.977384][ T7675] Memory state around the buggy address:
[   70.983101][ T7675]  ffff888079256e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   70.991202][ T7675]  ffff888079256e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   70.999295][ T7675] >ffff888079256f00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   71.007360][ T7675]                       ^
[   71.011676][ T7675]  ffff888079256f80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   71.019744][ T7675]  ffff888079257000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   71.028012][ T7675] ==================================================================
[   71.036212][ T7675] Kernel panic - not syncing: panic_on_warn set ...
[   71.042844][ T7675] CPU: 0 PID: 7675 Comm: syz-executor.3 Tainted: G    B             5.2.0-rc6+ #1
[   71.052159][ T7675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   71.062417][ T7675] Call Trace:
[   71.065807][ T7675]  dump_stack+0x113/0x167
[   71.070188][ T7675]  ? do_raw_spin_lock+0x200/0x2d0
[   71.075232][ T7675]  panic+0x212/0x4cb
[   71.079127][ T7675]  ? __warn_printk+0xd6/0xd6
[   71.083706][ T7675]  ? do_raw_spin_unlock+0x54/0x260
[   71.088816][ T7675]  ? do_raw_spin_lock+0x282/0x2d0
[   71.093866][ T7675]  end_report+0x47/0x4f
[   71.098034][ T7675]  __kasan_report.cold.6+0xe/0x39
[   71.103046][ T7675]  ? do_raw_spin_lock+0x282/0x2d0
[   71.108143][ T7675]  ? do_raw_spin_lock+0x282/0x2d0
[   71.113202][ T7675]  kasan_report+0x12/0x20
[   71.117523][ T7675]  __asan_report_load4_noabort+0x14/0x20
[   71.123143][ T7675]  do_raw_spin_lock+0x282/0x2d0
[   71.127976][ T7675]  ? rwlock_bug.part.2+0x90/0x90
[   71.132891][ T7675]  ? lock_acquire+0x173/0x3d0
[   71.137546][ T7675]  ? release_sock+0x1b/0x180
[   71.142112][ T7675]  ? sk_destruct+0x49/0x60
[   71.146508][ T7675]  _raw_spin_lock_bh+0x39/0x40
[   71.151250][ T7675]  ? release_sock+0x1b/0x180
[   71.155841][ T7675]  release_sock+0x1b/0x180
[   71.160235][ T7675]  nr_release+0x168/0x360
[   71.164546][ T7675]  __sock_release+0xc2/0x290
[   71.169113][ T7675]  sock_close+0x10/0x20
[   71.173247][ T7675]  __fput+0x25a/0x770
[   71.177207][ T7675]  ? _raw_spin_unlock_irq+0x27/0x80
[   71.182397][ T7675]  ____fput+0x9/0x10
[   71.186268][ T7675]  task_work_run+0x108/0x180
[   71.190834][ T7675]  do_exit+0x9ca/0x2e80
[   71.194966][ T7675]  ? do_syscall_64+0xd0/0x530
[   71.199618][ T7675]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   71.205661][ T7675]  ? mm_update_next_owner+0x650/0x650
[   71.211008][ T7675]  ? find_held_lock+0x36/0x1d0
[   71.215764][ T7675]  ? get_signal+0x2bd/0x1cf0
[   71.220344][ T7675]  ? _raw_spin_unlock_irq+0x27/0x80
[   71.225545][ T7675]  ? get_signal+0x2bd/0x1cf0
[   71.230111][ T7675]  do_group_exit+0xf4/0x2f0
[   71.234590][ T7675]  get_signal+0x362/0x1cf0
[   71.238983][ T7675]  ? create_new_namespaces+0x113/0x760
[   71.244425][ T7675]  do_signal+0x87/0x1940
[   71.248649][ T7675]  ? unshare_nsproxy_namespaces+0x87/0x1a0
[   71.254436][ T7675]  ? setup_sigcontext+0x7d0/0x7d0
[   71.259442][ T7675]  ? walk_process_tree+0x310/0x310
[   71.264534][ T7675]  ? exit_to_usermode_loop+0x3a/0x200
[   71.269895][ T7675]  ? do_syscall_64+0x447/0x530
[   71.274654][ T7675]  ? lockdep_hardirqs_on+0x424/0x5c0
[   71.279930][ T7675]  ? exit_to_usermode_loop+0x3a/0x200
[   71.285281][ T7675]  ? trace_hardirqs_on+0x28/0x190
[   71.290284][ T7675]  exit_to_usermode_loop+0x114/0x200
[   71.295548][ T7675]  do_syscall_64+0x447/0x530
[   71.300118][ T7675]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   71.306005][ T7675] RIP: 0033:0x459829
[   71.309890][ T7675] Code: Bad RIP value.
[   71.313932][ T7675] RSP: 002b:00007f502b76ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[   71.322320][ T7675] RAX: fffffffffffffffc RBX: 0000000000000001 RCX: 0000000000459829
[   71.330271][ T7675] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
[   71.338222][ T7675] RBP: 000000000075c118 R08: 0000000000000000 R09: 0000000000000000
[   71.346175][ T7675] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f502b76f6d4
[   71.354594][ T7675] R13: 00000000004c8f3a R14: 00000000004dfff0 R15: 00000000ffffffff
[   71.363673][ T7675] Kernel Offset: disabled
[   71.367990][ T7675] Rebooting in 86400 seconds..