[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.10' (ECDSA) to the list of known hosts. 2020/04/25 22:35:02 parsed 1 programs syzkaller login: [ 73.966360][ T3830] kmemleak: Automatic memory scanning thread ended 2020/04/25 22:35:12 executed programs: 0 [ 81.531496][ T26] audit: type=1400 audit(1587854112.451:8): avc: denied { execmem } for pid=6621 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 81.553301][ T6622] IPVS: ftp: loaded support on port[0] = 21 [ 81.580274][ T6622] chnl_net:caif_netlink_parms(): no params data found [ 81.626080][ T6622] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.633282][ T6622] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.640843][ T6622] device bridge_slave_0 entered promiscuous mode [ 81.647763][ T6622] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.655571][ T6622] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.663021][ T6622] device bridge_slave_1 entered promiscuous mode [ 81.673052][ T6622] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 81.682655][ T6622] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 81.695070][ T6622] team0: Port device team_slave_0 added [ 81.701380][ T6622] team0: Port device team_slave_1 added [ 81.710231][ T6622] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 81.717153][ T6622] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.743427][ T6622] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 81.754652][ T6622] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 81.761776][ T6622] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.787977][ T6622] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 81.860391][ T6622] device hsr_slave_0 entered promiscuous mode [ 81.899584][ T6622] device hsr_slave_1 entered promiscuous mode [ 81.971328][ T6622] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 82.010639][ T6622] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 82.080463][ T6622] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 82.120328][ T6622] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 82.184587][ T6622] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.191633][ T6622] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.198833][ T6622] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.205860][ T6622] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.223900][ T6622] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.232355][ T3914] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 82.240383][ T3914] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.247645][ T3914] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.255847][ T3914] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 82.264363][ T6622] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.272372][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 82.280685][ T2660] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.288042][ T2660] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.302683][ T6622] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 82.313039][ T6622] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 82.324478][ T6826] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 82.332748][ T6826] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.339796][ T6826] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.347339][ T6826] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 82.355831][ T6826] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 82.363930][ T6826] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 82.371910][ T6826] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 82.380098][ T6826] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 82.387372][ T6826] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 82.397865][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 82.405342][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 82.414533][ T6622] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.425529][ T6826] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 82.439095][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 82.447285][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 82.455089][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 82.463501][ T6622] device veth0_vlan entered promiscuous mode [ 82.471446][ T6622] device veth1_vlan entered promiscuous mode [ 82.482124][ T6826] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 82.489792][ T6826] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 82.497535][ T6826] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 82.506811][ T6622] device veth0_macvtap entered promiscuous mode [ 82.514143][ T6622] device veth1_macvtap entered promiscuous mode [ 82.523725][ T6622] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.530943][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 82.539386][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 82.548305][ T6622] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.555914][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 2020/04/25 22:35:19 executed programs: 1 [ 91.611568][ T0] NOHZ: local_softirq_pending 08 2020/04/25 22:35:25 executed programs: 3 2020/04/25 22:35:30 executed programs: 5 2020/04/25 22:35:36 executed programs: 7 [ 111.259127][ T6871] kmemleak: 5 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff88811094b300 (size 2200): comm "syz-executor.0", pid 6864, jiffies 4294947266 (age 13.790s) hex dump (first 32 bytes): ac 14 14 bb ac 14 14 0a 89 26 f2 70 40 01 00 00 .........&.p@... 02 00 07 40 00 00 00 00 00 00 00 00 00 00 00 00 ...@............ backtrace: [<000000002efa2559>] sk_prot_alloc+0x3c/0x170 [<00000000a5b6b437>] sk_alloc+0x30/0x330 [<00000000494c18b6>] inet_create+0x119/0x450 [<000000001239bbdb>] __sock_create+0x14a/0x220 [<00000000c1f7caa8>] __sys_socket+0x60/0x110 [<00000000d35154cc>] __x64_sys_socket+0x1a/0x20 [<00000000283ef9ec>] do_syscall_64+0x6e/0x220 [<000000004290d57b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff88811b253f60 (size 32): comm "syz-executor.0", pid 6864, jiffies 4294947266 (age 13.790s) hex dump (first 32 bytes): 02 00 00 00 00 00 00 00 c0 3d 3f 15 81 88 ff ff .........=?..... 01 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 ................ backtrace: [<000000007d627037>] selinux_sk_alloc_security+0x43/0xa0 [<0000000076a22383>] security_sk_alloc+0x42/0x70 [<0000000066acd291>] sk_prot_alloc+0x9c/0x170 [<00000000a5b6b437>] sk_alloc+0x30/0x330 [<00000000494c18b6>] inet_create+0x119/0x450 [<000000001239bbdb>] __sock_create+0x14a/0x220 [<00000000c1f7caa8>] __sys_socket+0x60/0x110 [<00000000d35154cc>] __x64_sys_socket+0x1a/0x20 [<00000000283ef9ec>] do_syscall_64+0x6e/0x220 [<000000004290d57b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881153f3dc0 (size 64): comm "syz-executor.0", pid 6864, jiffies 4294947266 (age 13.790s) hex dump (first 32 bytes): 15 00 00 01 00 00 00 00 20 68 e9 1c 81 88 ff ff ........ h...... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000dde82831>] selinux_netlbl_sock_genattr+0x48/0x180 [<00000000438c6346>] selinux_netlbl_socket_post_create+0x41/0xb0 [<00000000b422abf2>] selinux_socket_post_create+0x182/0x390 [<000000005be0d1ac>] security_socket_post_create+0x54/0x80 [<00000000a0ec3d71>] __sock_create+0x1cc/0x220 [<00000000c1f7caa8>] __sys_socket+0x60/0x110 [<00000000d35154cc>] __x64_sys_socket+0x1a/0x20 [<00000000283ef9ec>] do_syscall_64+0x6e/0x220 [<000000004290d57b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff88811ce96820 (size 32): comm "syz-executor.0", pid 6864, jiffies 4294947266 (age 13.790s) hex dump (first 32 bytes): 6b 65 72 6e 65 6c 5f 74 00 73 79 73 74 65 6d 5f kernel_t.system_ 72 3a 6b 65 72 6e 65 6c 5f 74 3a 73 30 00 00 00 r:kernel_t:s0... backtrace: [<000000007edbec14>] kstrdup+0x36/0x70 [<00000000b343d2c4>] security_netlbl_sid_to_secattr+0x97/0x100 [<00000000ddb8495a>] selinux_netlbl_sock_genattr+0x67/0x180 [<00000000438c6346>] selinux_netlbl_socket_post_create+0x41/0xb0 [<00000000b422abf2>] selinux_socket_post_create+0x182/0x390 [<000000005be0d1ac>] security_socket_post_create+0x54/0x80 [<00000000a0ec3d71>] __sock_create+0x1cc/0x220 [<00000000c1f7caa8>] __sys_socket+0x60/0x110 [<00000000d35154cc>] __x64_sys_socket+0x1a/0x20 [<00000000283ef9ec>] do_syscall_64+0x6e/0x220 [<000000004290d57b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881113aa400 (size 512): comm "syz-executor.0", pid 6864, jiffies 4294947266 (age 13.790s) hex dump (first 32 bytes): 00 b3 94 10 81 88 ff ff 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 03 00 00 00 00 00 00 00 ................ backtrace: [<0000000031227790>] sk_psock_init+0x2a/0x180 [<00000000a405c065>] sock_map_link.isra.0+0x469/0x4f0 [<000000003b7d5922>] sock_map_update_common+0xa1/0x3c0 [<00000000f12c515e>] sock_map_update_elem+0x1e9/0x220 [<000000000fedde3d>] bpf_map_update_value.isra.0+0x141/0x2f0 [<000000004deb6133>] __do_sys_bpf+0x16bf/0x1f00 [<00000000283ef9ec>] do_syscall_64+0x6e/0x220 [<000000004290d57b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9