Warning: Permanently added '10.128.0.172' (ECDSA) to the list of known hosts. syzkaller login: [ 63.442512][ T24] kauditd_printk_skb: 5 callbacks suppressed [ 63.442518][ T24] audit: type=1400 audit(1562842381.087:36): avc: denied { map } for pid=7417 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=2339 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2019/07/11 10:53:02 parsed 1 programs [ 64.623339][ T24] audit: type=1400 audit(1562842382.267:37): avc: denied { map } for pid=7417 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=16134 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 [ 64.625082][ T3783] kmemleak: Automatic memory scanning thread ended 2019/07/11 10:53:11 executed programs: 0 [ 73.486075][ T7432] IPVS: ftp: loaded support on port[0] = 21 [ 73.506760][ T7432] chnl_net:caif_netlink_parms(): no params data found [ 73.519011][ T7432] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.526667][ T7432] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.534269][ T7432] device bridge_slave_0 entered promiscuous mode [ 73.542467][ T7432] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.549547][ T7432] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.556959][ T7432] device bridge_slave_1 entered promiscuous mode [ 73.566687][ T7432] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 73.575876][ T7432] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 73.587618][ T7432] team0: Port device team_slave_0 added [ 73.593926][ T7432] team0: Port device team_slave_1 added [ 73.636003][ T7432] device hsr_slave_0 entered promiscuous mode [ 73.695485][ T7432] device hsr_slave_1 entered promiscuous mode [ 73.757579][ T7432] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.765540][ T7432] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.772772][ T7432] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.781063][ T7432] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.797319][ T7432] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.806369][ T16] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 73.824507][ T16] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.833080][ T16] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.840837][ T16] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 73.850055][ T7432] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.863631][ T1067] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 73.874663][ T1067] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.884863][ T1067] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.897815][ T7432] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 73.908402][ T7432] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 73.919766][ T16] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 73.928346][ T16] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.935519][ T16] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.943325][ T16] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 73.952082][ T16] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 73.960167][ T16] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 73.968235][ T16] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 73.985621][ T16] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 73.993974][ T16] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 74.003928][ T7432] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.026672][ T24] audit: type=1400 audit(1562842391.677:38): avc: denied { associate } for pid=7432 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 75.185732][ T20] device bridge_slave_1 left promiscuous mode [ 75.192634][ T20] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.235570][ T20] device bridge_slave_0 left promiscuous mode [ 75.242344][ T20] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.455872][ T20] device hsr_slave_1 left promiscuous mode [ 75.506163][ T20] device hsr_slave_0 left promiscuous mode [ 75.546178][ T20] team0 (unregistering): Port device team_slave_1 removed [ 75.555784][ T20] team0 (unregistering): Port device team_slave_0 removed [ 75.563829][ T20] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 75.616379][ T20] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 75.679308][ T20] bond0 (unregistering): Released all slaves 2019/07/11 10:53:16 executed programs: 1 2019/07/11 10:53:16 result: hanged=false err=executor 0: failed to write control pipe: write |1: broken pipe umount(./0/file0) failed (errno 22) loop exited with status 0 [ 79.264923][ T7446] IPVS: ftp: loaded support on port[0] = 21 [ 79.287559][ T7446] chnl_net:caif_netlink_parms(): no params data found [ 79.300896][ T7446] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.308296][ T7446] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.316077][ T7446] device bridge_slave_0 entered promiscuous mode [ 79.322898][ T7446] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.330909][ T7446] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.338448][ T7446] device bridge_slave_1 entered promiscuous mode [ 79.348572][ T7446] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 79.358689][ T7446] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 79.370170][ T7446] team0: Port device team_slave_0 added [ 79.376283][ T7446] team0: Port device team_slave_1 added [ 79.416081][ T7446] device hsr_slave_0 entered promiscuous mode [ 79.445388][ T7446] device hsr_slave_1 entered promiscuous mode [ 79.507689][ T7446] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.514751][ T7446] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.522053][ T7446] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.529533][ T7446] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.544351][ T7446] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.553258][ T1067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 79.561030][ T1067] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.568630][ T1067] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.576766][ T1067] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 79.585448][ T7446] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.595991][ T16] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 79.604713][ T16] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.614268][ T16] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.628531][ T7446] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 79.639365][ T7446] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 79.652364][ T16] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 79.662531][ T16] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.670104][ T16] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.680105][ T16] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 79.689918][ T16] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 79.706449][ T16] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 79.714692][ T16] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 79.723213][ T16] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 79.730981][ T16] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 79.742267][ T7446] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.832708][ T7454] kmemleak: 6 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 81.015675][ T43] device bridge_slave_1 left promiscuous mode [ 81.021869][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.075534][ T43] device bridge_slave_0 left promiscuous mode [ 81.082423][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.276095][ T43] device hsr_slave_1 left promiscuous mode [ 81.316021][ T43] device hsr_slave_0 left promiscuous mode [ 81.376176][ T43] team0 (unregistering): Port device team_slave_1 removed [ 81.384133][ T43] team0 (unregistering): Port device team_slave_0 removed [ 81.392077][ T43] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 81.436065][ T43] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 81.509601][ T43] bond0 (unregistering): Released all slaves [ 86.878113][ T7454] kmemleak: 6 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff888107957b00 (size 64): comm "softirq", pid 0, jiffies 4294944615 (age 13.440s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 e0 8c 4b 07 81 88 ff ff ..........K..... 00 00 00 00 00 00 00 00 50 a1 16 83 ff ff ff ff ........P....... backtrace: [<00000000e6459107>] kmem_cache_alloc_trace+0x13d/0x280 [<00000000c24eaf85>] batadv_tvlv_handler_register+0xa3/0x170 [<000000008aaaf551>] batadv_tt_init+0x78/0x180 [<0000000017643b0e>] batadv_mesh_init+0x196/0x230 [<0000000047ebe2c0>] batadv_softif_init_late+0x1ca/0x220 [<00000000aa99cfe7>] register_netdevice+0xbf/0x600 [<000000000a17404e>] __rtnl_newlink+0xaca/0xb30 [<00000000954ad6d6>] rtnl_newlink+0x4e/0x80 [<00000000235a1485>] rtnetlink_rcv_msg+0x178/0x4b0 [<000000002c07d2fe>] netlink_rcv_skb+0x61/0x170 [<00000000b1211f10>] rtnetlink_rcv+0x1d/0x30 [<000000006ac8ce54>] netlink_unicast+0x1ec/0x2d0 [<000000007fc1010d>] netlink_sendmsg+0x26a/0x480 [<000000000d358353>] sock_sendmsg+0x54/0x70 [<0000000056d6e356>] __sys_sendto+0x148/0x1f0 [<000000006c2fd55c>] __x64_sys_sendto+0x2a/0x30 BUG: memory leak unreferenced object 0xffff888124302700 (size 128): comm "syz-executor.0", pid 7432, jiffies 4294944624 (age 13.350s) hex dump (first 32 bytes): f0 28 4a 15 81 88 ff ff f0 28 4a 15 81 88 ff ff .(J......(J..... 76 79 40 17 a2 99 de 35 80 99 ae 53 81 88 ff ff vy@....5...S.... backtrace: [<00000000e6459107>] kmem_cache_alloc_trace+0x13d/0x280 [<00000000896e450d>] hsr_create_self_node+0x42/0x150 [<00000000dec250c7>] hsr_dev_finalize+0xa4/0x233 [<000000001821e687>] hsr_newlink+0xf3/0x140 [<000000000d7192bb>] __rtnl_newlink+0x892/0xb30 [<00000000954ad6d6>] rtnl_newlink+0x4e/0x80 [<00000000235a1485>] rtnetlink_rcv_msg+0x178/0x4b0 [<000000002c07d2fe>] netlink_rcv_skb+0x61/0x170 [<00000000b1211f10>] rtnetlink_rcv+0x1d/0x30 [<000000006ac8ce54>] netlink_unicast+0x1ec/0x2d0 [<000000007fc1010d>] netlink_sendmsg+0x26a/0x480 [<000000000d358353>] sock_sendmsg+0x54/0x70 [<0000000056d6e356>] __sys_sendto+0x148/0x1f0 [<000000006c2fd55c>] __x64_sys_sendto+0x2a/0x30 [<000000005285e8de>] do_syscall_64+0x76/0x1a0 [<000000007a961377>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff88810602c740 (size 64): comm "syz-executor.0", pid 7432, jiffies 4294944624 (age 13.350s) hex dump (first 32 bytes): 80 eb 5e 21 81 88 ff ff 00 02 00 00 00 00 ad de ..^!............ 00 20 4a 15 81 88 ff ff c0 28 4a 15 81 88 ff ff . J......(J..... backtrace: [<00000000e6459107>] kmem_cache_alloc_trace+0x13d/0x280 [<000000000953d119>] hsr_add_port+0xe7/0x220 [<00000000944cf360>] hsr_dev_finalize+0x14f/0x233 [<000000001821e687>] hsr_newlink+0xf3/0x140 [<000000000d7192bb>] __rtnl_newlink+0x892/0xb30 [<00000000954ad6d6>] rtnl_newlink+0x4e/0x80 [<00000000235a1485>] rtnetlink_rcv_msg+0x178/0x4b0 [<000000002c07d2fe>] netlink_rcv_skb+0x61/0x170 [<00000000b1211f10>] rtnetlink_rcv+0x1d/0x30 [<000000006ac8ce54>] netlink_unicast+0x1ec/0x2d0 [<000000007fc1010d>] netlink_sendmsg+0x26a/0x480 [<000000000d358353>] sock_sendmsg+0x54/0x70 [<0000000056d6e356>] __sys_sendto+0x148/0x1f0 [<000000006c2fd55c>] __x64_sys_sendto+0x2a/0x30 [<000000005285e8de>] do_syscall_64+0x76/0x1a0 [<000000007a961377>] entry_SYSCALL_64_after_hwframe+0x44/0xa9