[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.188' (ECDSA) to the list of known hosts. 2020/05/02 18:21:27 parsed 1 programs syzkaller login: [ 85.637751][ T3832] kmemleak: Automatic memory scanning thread ended 2020/05/02 18:21:34 executed programs: 0 [ 93.042632][ T25] audit: type=1400 audit(1588443694.732:8): avc: denied { execmem } for pid=6632 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 93.058162][ T6633] IPVS: ftp: loaded support on port[0] = 21 [ 93.087368][ T6633] chnl_net:caif_netlink_parms(): no params data found [ 93.133991][ T6633] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.141109][ T6633] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.148332][ T6633] device bridge_slave_0 entered promiscuous mode [ 93.155763][ T6633] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.162915][ T6633] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.170133][ T6633] device bridge_slave_1 entered promiscuous mode [ 93.180351][ T6633] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.190142][ T6633] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.202603][ T6633] team0: Port device team_slave_0 added [ 93.208650][ T6633] team0: Port device team_slave_1 added [ 93.217404][ T6633] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.224526][ T6633] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.250416][ T6633] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.261446][ T6633] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.268657][ T6633] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.294602][ T6633] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.351660][ T6633] device hsr_slave_0 entered promiscuous mode [ 93.430956][ T6633] device hsr_slave_1 entered promiscuous mode [ 93.492363][ T6633] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 93.532067][ T6633] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 93.581729][ T6633] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 93.621667][ T6633] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 93.706006][ T6633] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.713091][ T6633] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.720356][ T6633] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.727494][ T6633] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.745109][ T6633] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.754362][ T16] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 93.762339][ T16] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.769512][ T16] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.777804][ T16] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 93.786696][ T6633] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.794747][ T3063] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 93.803140][ T3063] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.810186][ T3063] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.825151][ T6633] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 93.835584][ T6633] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 93.847130][ T6837] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 93.855518][ T6837] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.862541][ T6837] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.870045][ T6837] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 93.878542][ T6837] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 93.886704][ T6837] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 93.894681][ T6837] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 93.902725][ T6837] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 93.910014][ T6837] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 93.920462][ T2778] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 93.927973][ T2778] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 93.937061][ T6633] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.947584][ T6837] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 93.958888][ T2778] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 93.967148][ T2778] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 93.974905][ T2778] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 93.983283][ T6633] device veth0_vlan entered promiscuous mode [ 93.990755][ T6633] device veth1_vlan entered promiscuous mode [ 94.001404][ T6837] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 94.009039][ T6837] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 94.016840][ T6837] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 94.025926][ T6633] device veth0_macvtap entered promiscuous mode [ 94.033277][ T6633] device veth1_macvtap entered promiscuous mode [ 94.043020][ T6633] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.050263][ T2778] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 94.058775][ T2778] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 94.067664][ T6633] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.075000][ T6837] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 2020/05/02 18:21:41 executed programs: 1 2020/05/02 18:21:46 executed programs: 3 2020/05/02 18:21:52 executed programs: 5 2020/05/02 18:21:58 executed programs: 7 [ 121.879132][ T6882] kmemleak: 5 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 124.226939][ T6882] kmemleak: 5 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff888116f9b300 (size 2200): comm "syz-executor.0", pid 6875, jiffies 4294948354 (age 13.510s) hex dump (first 32 bytes): ac 14 14 bb ac 14 14 0a 43 e8 5c 77 40 01 00 00 ........C.\w@... 02 00 07 40 00 00 00 00 00 00 00 00 00 00 00 00 ...@............ backtrace: [<00000000de1e60f9>] sk_prot_alloc+0x3c/0x170 [<00000000c8458e0c>] sk_alloc+0x30/0x330 [<000000001f57dced>] inet_create+0x119/0x450 [<00000000b0a2fd12>] __sock_create+0x14a/0x220 [<00000000565d242c>] __sys_socket+0x60/0x110 [<0000000097a6a25b>] __x64_sys_socket+0x1a/0x20 [<000000002620daa5>] do_syscall_64+0x6e/0x220 [<00000000300caeb3>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff88812b39b700 (size 32): comm "syz-executor.0", pid 6875, jiffies 4294948354 (age 13.510s) hex dump (first 32 bytes): 02 00 00 00 00 00 00 00 80 57 f7 16 81 88 ff ff .........W...... 01 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 ................ backtrace: [<00000000f5ab10ab>] selinux_sk_alloc_security+0x43/0xa0 [<00000000586ffa93>] security_sk_alloc+0x42/0x70 [<00000000f9994692>] sk_prot_alloc+0x9c/0x170 [<00000000c8458e0c>] sk_alloc+0x30/0x330 [<000000001f57dced>] inet_create+0x119/0x450 [<00000000b0a2fd12>] __sock_create+0x14a/0x220 [<00000000565d242c>] __sys_socket+0x60/0x110 [<0000000097a6a25b>] __x64_sys_socket+0x1a/0x20 [<000000002620daa5>] do_syscall_64+0x6e/0x220 [<00000000300caeb3>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff888116f75780 (size 64): comm "syz-executor.0", pid 6875, jiffies 4294948354 (age 13.510s) hex dump (first 32 bytes): 15 00 00 01 00 00 00 00 00 f7 cc 1a 81 88 ff ff ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<0000000040aa5062>] selinux_netlbl_sock_genattr+0x48/0x180 [<000000007670b08b>] selinux_netlbl_socket_post_create+0x41/0xb0 [<00000000e41dc743>] selinux_socket_post_create+0x182/0x390 [<00000000773ae8ea>] security_socket_post_create+0x54/0x80 [<00000000b715972f>] __sock_create+0x1cc/0x220 [<00000000565d242c>] __sys_socket+0x60/0x110 [<0000000097a6a25b>] __x64_sys_socket+0x1a/0x20 [<000000002620daa5>] do_syscall_64+0x6e/0x220 [<00000000300caeb3>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff88811accf700 (size 32): comm "syz-executor.0", pid 6875, jiffies 4294948354 (age 13.510s) hex dump (first 32 bytes): 6b 65 72 6e 65 6c 5f 74 00 73 79 73 74 65 6d 5f kernel_t.system_ 72 3a 6b 65 72 6e 65 6c 5f 74 3a 73 30 00 00 00 r:kernel_t:s0... backtrace: [<00000000787a9fae>] kstrdup+0x36/0x70 [<00000000b6a1c627>] security_netlbl_sid_to_secattr+0x97/0x100 [<00000000ca69de5d>] selinux_netlbl_sock_genattr+0x67/0x180 [<000000007670b08b>] selinux_netlbl_socket_post_create+0x41/0xb0 [<00000000e41dc743>] selinux_socket_post_create+0x182/0x390 [<00000000773ae8ea>] security_socket_post_create+0x54/0x80 [<00000000b715972f>] __sock_create+0x1cc/0x220 [<00000000565d242c>] __sys_socket+0x60/0x110 [<0000000097a6a25b>] __x64_sys_socket+0x1a/0x20 [<000000002620daa5>] do_syscall_64+0x6e/0x220 [<00000000300caeb3>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff888113e83c00 (size 512): comm "syz-executor.0", pid 6875, jiffies 4294948354 (age 13.510s) hex dump (first 32 bytes): 00 b3 f9 16 81 88 ff ff 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 03 00 00 00 00 00 00 00 ................ backtrace: [<0000000079c9d61f>] sk_psock_init+0x2a/0x180 [<0000000019437ce4>] sock_map_link.isra.0+0x469/0x4f0 [<000000002c9ce728>] sock_map_update_common+0xa1/0x3c0 [<000000002008fbe6>] sock_map_update_elem+0x1e9/0x220 [<0000000029de1581>] bpf_map_update_value.isra.0+0x141/0x2f0 [<00000000f3ed97ba>] __do_sys_bpf+0x15e0/0x1f60 [<000000002620daa5>] do_syscall_64+0x6e/0x220 [<00000000300caeb3>] entry_SYSCALL_64_after_hwframe+0x44/0xa9