Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 56.547293] IPVS: Creating netns size=2712 id=1 [ 56.552148] IPVS: ftp: loaded support on port[0] = 21 [ 57.282150] audit_printk_skb: 12 callbacks suppressed [ 57.287544] audit: type=1400 audit(1584052179.336:34): avc: denied { create } for pid=7664 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 [ 57.311712] audit: type=1400 audit(1584052179.366:35): avc: denied { create } for pid=7664 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 57.335946] audit: type=1400 audit(1584052179.396:36): avc: denied { create } for pid=7664 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 57.361410] audit: type=1400 audit(1584052179.416:37): avc: denied { create } for pid=7664 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_rdma_socket permissive=1 Warning: Permanently added '10.128.10.62' (ECDSA) to the list of known hosts. 2020/03/12 22:29:46 parsed 1 programs 2020/03/12 22:29:47 executed programs: 0 [ 65.111819] IPv6: ADDRCONF(NETDEV_CHANGE): nr0: link becomes ready [ 65.134836] IPv6: ADDRCONF(NETDEV_CHANGE): nr2: link becomes ready [ 65.144267] IPv6: ADDRCONF(NETDEV_CHANGE): nr1: link becomes ready [ 65.152318] IPVS: Creating netns size=2712 id=2 [ 65.155487] IPv6: ADDRCONF(NETDEV_CHANGE): nr5: link becomes ready [ 65.160056] IPv6: ADDRCONF(NETDEV_CHANGE): nr3: link becomes ready [ 65.163432] IPv6: ADDRCONF(NETDEV_CHANGE): nr4: link becomes ready [ 65.178279] IPVS: ftp: loaded support on port[0] = 21 [ 65.245216] IPVS: Creating netns size=2712 id=3 [ 65.250152] IPVS: ftp: loaded support on port[0] = 21 [ 65.400102] chnl_net:caif_netlink_parms(): no params data found [ 65.412004] IPVS: Creating netns size=2712 id=4 [ 65.416864] IPVS: ftp: loaded support on port[0] = 21 [ 65.624730] chnl_net:caif_netlink_parms(): no params data found [ 65.655118] IPVS: Creating netns size=2712 id=5 [ 65.669369] IPVS: ftp: loaded support on port[0] = 21 [ 65.824167] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.832016] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.841699] device bridge_slave_0 entered promiscuous mode [ 65.870161] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.876703] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.886418] device bridge_slave_1 entered promiscuous mode [ 65.963278] chnl_net:caif_netlink_parms(): no params data found [ 65.981557] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 66.018189] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 66.130019] IPVS: Creating netns size=2712 id=6 [ 66.135734] IPVS: ftp: loaded support on port[0] = 21 [ 66.195251] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.201760] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.210738] device bridge_slave_0 entered promiscuous mode [ 66.218984] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.225419] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.234593] device bridge_slave_1 entered promiscuous mode [ 66.376236] batman_adv: Unable to register the batman interface 'batadv0': -12 [ 66.445576] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 66.454401] batman_adv: Unable to register the batman interface 'batadv0': -12 [ 66.477026] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 66.505659] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 66.577078] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 66.594729] IPVS: Creating netns size=2712 id=7 [ 66.600301] IPVS: ftp: loaded support on port[0] = 21 [ 66.667123] chnl_net:caif_netlink_parms(): no params data found [ 66.695077] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.702180] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.711234] device bridge_slave_0 entered promiscuous mode [ 66.782217] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.788796] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.798064] device bridge_slave_1 entered promiscuous mode [ 66.902037] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 66.943793] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 66.952511] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 67.010146] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 67.071562] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 67.148929] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 67.325011] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 67.368523] chnl_net:caif_netlink_parms(): no params data found [ 67.384318] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 67.426494] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 67.514666] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 67.585097] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.591667] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.601092] device bridge_slave_0 entered promiscuous mode [ 67.679871] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.686394] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.696900] device bridge_slave_1 entered promiscuous mode [ 67.886569] chnl_net:caif_netlink_parms(): no params data found [ 67.918922] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 67.927573] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 67.956886] audit: type=1400 audit(1584052190.006:38): avc: denied { write } for pid=7767 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 67.986822] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 67.991777] audit: type=1400 audit(1584052190.046:39): avc: denied { read } for pid=7767 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 68.019973] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 68.415542] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 68.432310] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.440182] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.449870] device bridge_slave_0 entered promiscuous mode [ 68.460520] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 68.484391] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 68.492368] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.499646] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.517683] device bridge_slave_1 entered promiscuous mode [ 68.525337] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 68.722136] ------------[ cut here ]------------ [ 68.727111] WARNING: CPU: 0 PID: 7766 at fs/sysfs/dir.c:31 sysfs_warn_dup+0x7b/0xa0 [ 68.735766] sysfs: cannot create duplicate filename '/class/macvtap/tap50' [ 68.742812] Kernel panic - not syncing: panic_on_warn set ... [ 68.742812] [ 68.750230] CPU: 0 PID: 7766 Comm: syz-executor.3 Not tainted 4.6.0-syzkaller #0 [ 68.757759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.767097] 1ffffffff0d95756 ffff8800b163efb0 ffffffff82c74fc6 ffffffff85c81040 [ 68.775227] ffff8800b163f088 ffffffff85d2bac0 ffffffff81922ccb ffff8800b163f078 [ 68.783602] ffffffff8160cf4e 0000000041b58ab3 ffffffff868f1f61 ffffffff8160cd9f [ 68.791651] Call Trace: [ 68.794260] [] dump_stack+0xe6/0x120 [ 68.799608] [] ? sysfs_warn_dup+0x7b/0xa0 [ 68.805389] [] panic+0x1af/0x348 [ 68.810514] [] ? set_ti_thread_flag+0xf/0xf [ 68.816464] [] ? sysfs_warn_dup+0x7b/0xa0 [ 68.822249] [] __warn+0x18d/0x1b0 [ 68.827346] [] warn_slowpath_fmt+0x92/0xb0 [ 68.833397] [] ? __warn+0x1b0/0x1b0 [ 68.838659] [] ? kernfs_path_from_node+0x4a/0x60 [ 68.845051] [] sysfs_warn_dup+0x7b/0xa0 [ 68.850742] [] sysfs_do_create_link_sd.isra.2+0xd1/0xf0 [ 68.857932] [] sysfs_create_link+0x43/0xb0 [ 68.863822] [] device_add+0x689/0x1360 [ 68.869341] [] ? kfree_const+0x1d/0x20 [ 68.874858] [] ? device_private_init+0x180/0x180 [ 68.881246] [] ? kfree_const+0x1d/0x20 [ 68.886765] [] ? kobject_set_name_vargs+0xb4/0x130 [ 68.893341] [] device_create_groups_vargs+0x1c8/0x220 [ 68.900174] [] device_create+0x88/0xa0 [ 68.906044] [] ? device_create_vargs+0x20/0x20 [ 68.912261] [] ? macvlan_set_mac_address+0x150/0x150 [ 68.918998] [] macvtap_device_event+0x1c4/0x2a0 [ 68.925553] [] notifier_call_chain+0x8b/0x170 [ 68.931696] [] raw_notifier_call_chain+0x11/0x20 [ 68.938094] [] call_netdevice_notifiers_info+0x47/0x80 [ 68.945167] [] register_netdevice+0x88a/0xce0 [ 68.951296] [] ? netdev_change_features+0x80/0x80 [ 68.957951] [] ? dev_get_nest_level+0x10c/0x1a0 [ 68.964270] [] macvlan_common_newlink+0x8b9/0x1090 [ 68.970969] [] macvtap_newlink+0xbf/0x110 [ 68.976748] [] ? __netlink_ns_capable+0xc7/0xf0 [ 68.983062] [] rtnl_newlink+0xd4b/0x1230 [ 68.988752] [] ? rtnl_link_ops_get+0x5d/0x90 [ 68.994874] [] ? rtnl_newlink+0x319/0x1230 [ 69.000830] [] ? rtnl_setlink+0x2f0/0x2f0 [ 69.006616] [] ? avc_has_perm_noaudit+0x232/0x3f0 [ 69.013093] [] ? avc_has_perm_noaudit+0x24f/0x3f0 [ 69.019563] [] ? avc_has_perm_noaudit+0x8c/0x3f0 [ 69.025944] [] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 69.032936] [] ? cred_has_capability+0x112/0x220 [ 69.039338] [] ? __netlink_ns_capable+0xc7/0xf0 [ 69.045630] [] rtnetlink_rcv_msg+0x222/0x680 [ 69.051677] [] ? trace_hardirqs_on_caller+0x44c/0x5e0 [ 69.058494] [] ? rtnetlink_rcv+0x30/0x30 [ 69.064186] [] ? mutex_lock_nested+0x638/0xb30 [ 69.070391] [] ? rtnetlink_rcv+0x16/0x30 [ 69.076077] [] ? netlink_lookup+0xd4/0x630 [ 69.081939] [] netlink_rcv_skb+0x242/0x350 [ 69.087796] [] ? rtnetlink_rcv+0x30/0x30 [ 69.093479] [] rtnetlink_rcv+0x25/0x30 [ 69.098991] [] netlink_unicast+0x455/0x660 [ 69.104862] [] ? netlink_unicast+0x3b5/0x660 [ 69.110904] [] ? netlink_attachskb+0x730/0x730 [ 69.117114] [] netlink_sendmsg+0x893/0xb40 [ 69.123029] [] ? netlink_unicast+0x660/0x660 [ 69.129072] [] ? selinux_socket_sendmsg+0x3a/0x50 [ 69.135544] [] ? security_socket_sendmsg+0x6a/0xa0 [ 69.142115] [] ? netlink_unicast+0x660/0x660 [ 69.148163] [] sock_sendmsg+0xb5/0xf0 [ 69.153633] [] SYSC_sendto+0x1c9/0x300 [ 69.159168] [] ? SYSC_connect+0x2a0/0x2a0 [ 69.165023] [] ? mntput_no_expire+0xb1/0x600 [ 69.171076] [] ? mntput_no_expire+0xce/0x600 [ 69.177123] [] ? mnt_get_count+0x1c0/0x1c0 [ 69.183046] [] ? mntput+0x52/0x70 [ 69.188135] [] ? ___might_sleep+0x331/0x440 [ 69.194287] [] ? trace_hardirqs_on_caller+0x44c/0x5e0 [ 69.201127] [] ? trace_hardirqs_on_thunk+0x1b/0x1d [ 69.207687] [] SyS_sendto+0x9/0x10 [ 69.212863] [] entry_SYSCALL_64_fastpath+0x23/0xc1 [ 69.221142] Kernel Offset: disabled