[ 186.697881][ T40] audit: type=1400 audit(1592330913.084:41): avc: denied { map } for pid=10012 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '[localhost]:3785' (ECDSA) to the list of known hosts. [ 202.670251][ T40] audit: type=1400 audit(1592330929.044:42): avc: denied { map } for pid=10027 comm="syz-execprog" path="/syz-execprog" dev="sda1" ino=16524 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 2020/06/16 18:08:49 parsed 1 programs [ 203.570801][ T40] audit: type=1400 audit(1592330929.954:43): avc: denied { integrity } for pid=10027 comm="syz-execprog" lockdown_reason="debugfs access" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=lockdown permissive=1 [ 203.628700][ T40] audit: type=1400 audit(1592330929.954:44): avc: denied { map } for pid=10027 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=25079 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 2020/06/16 18:08:51 executed programs: 0 [ 205.244929][T10052] IPVS: ftp: loaded support on port[0] = 21 [ 205.245022][T10047] IPVS: ftp: loaded support on port[0] = 21 [ 205.245080][T10051] IPVS: ftp: loaded support on port[0] = 21 [ 205.245293][T10050] IPVS: ftp: loaded support on port[0] = 21 [ 205.574519][T10047] chnl_net:caif_netlink_parms(): no params data found [ 205.661516][T10052] chnl_net:caif_netlink_parms(): no params data found [ 205.710706][T10050] chnl_net:caif_netlink_parms(): no params data found [ 205.793423][T10051] chnl_net:caif_netlink_parms(): no params data found [ 205.834510][T10047] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.845518][T10047] bridge0: port 1(bridge_slave_0) entered disabled state [ 205.858270][T10047] device bridge_slave_0 entered promiscuous mode [ 205.878312][T10047] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.892091][T10047] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.906182][T10047] device bridge_slave_1 entered promiscuous mode [ 205.932515][T10052] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.943632][T10052] bridge0: port 1(bridge_slave_0) entered disabled state [ 205.954329][T10052] device bridge_slave_0 entered promiscuous mode [ 206.002763][T10052] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.012274][T10052] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.022087][T10052] device bridge_slave_1 entered promiscuous mode [ 206.055027][T10050] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.064362][T10050] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.074912][T10050] device bridge_slave_0 entered promiscuous mode [ 206.089398][T10047] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 206.113393][T10047] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 206.136777][T10050] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.147491][T10050] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.157987][T10050] device bridge_slave_1 entered promiscuous mode [ 206.167627][T10051] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.177212][T10051] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.188946][T10051] device bridge_slave_0 entered promiscuous mode [ 206.199811][T10051] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.209458][T10051] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.219422][T10051] device bridge_slave_1 entered promiscuous mode [ 206.238600][T10052] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 206.266967][T10052] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 206.301893][T10047] team0: Port device team_slave_0 added [ 206.312559][T10050] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 206.328326][T10050] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 206.343436][T10051] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 206.360809][T10052] team0: Port device team_slave_0 added [ 206.371628][T10047] team0: Port device team_slave_1 added [ 206.391997][T10051] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 206.407845][T10052] team0: Port device team_slave_1 added [ 206.444095][T10050] team0: Port device team_slave_0 added [ 206.455171][T10047] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 206.465697][T10047] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 206.502885][T10047] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 206.521433][T10051] team0: Port device team_slave_0 added [ 206.533398][T10051] team0: Port device team_slave_1 added [ 206.550388][T10050] team0: Port device team_slave_1 added [ 206.559206][T10047] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 206.568430][T10047] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 206.602315][T10047] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 206.627614][T10052] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 206.637088][T10052] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 206.670688][T10052] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 206.690761][T10052] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 206.700275][T10052] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 206.733585][T10052] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 206.773474][T10051] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 206.783057][T10051] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 206.817775][T10051] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 206.838729][T10051] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 206.847979][T10051] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 206.897278][T10051] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 206.921411][T10050] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 206.932897][T10050] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 206.985282][T10050] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 207.027804][T10050] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 207.047211][T10050] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 207.089789][T10050] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 207.220142][T10047] device hsr_slave_0 entered promiscuous mode [ 207.286536][T10047] device hsr_slave_1 entered promiscuous mode [ 207.457630][T10052] device hsr_slave_0 entered promiscuous mode [ 207.525218][T10052] device hsr_slave_1 entered promiscuous mode [ 207.616102][T10052] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 207.639411][T10052] Cannot create hsr debugfs directory [ 207.718579][T10050] device hsr_slave_0 entered promiscuous mode [ 207.835461][T10050] device hsr_slave_1 entered promiscuous mode [ 207.925337][T10050] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 207.940388][T10050] Cannot create hsr debugfs directory [ 208.038724][T10051] device hsr_slave_0 entered promiscuous mode [ 208.116955][T10051] device hsr_slave_1 entered promiscuous mode [ 208.214912][T10051] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 208.224501][T10051] Cannot create hsr debugfs directory [ 208.506747][ T40] audit: type=1400 audit(1592330934.894:45): avc: denied { create } for pid=10047 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 208.511301][T10047] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 208.552331][ T40] audit: type=1400 audit(1592330934.894:46): avc: denied { write } for pid=10047 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 208.603617][ T40] audit: type=1400 audit(1592330934.894:47): avc: denied { read } for pid=10047 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 208.667157][T10047] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 208.761020][T10047] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 208.882880][T10047] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 208.975985][T10050] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 209.050564][T10050] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 209.138949][T10050] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 209.222217][T10050] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 209.331860][T10052] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 209.399892][T10052] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 209.512879][T10052] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 209.581154][T10052] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 209.721143][T10051] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 209.812332][T10051] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 209.903061][T10051] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 209.985757][T10051] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 210.117288][T10047] 8021q: adding VLAN 0 to HW filter on device bond0 [ 210.154428][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 210.170310][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 210.189588][T10050] 8021q: adding VLAN 0 to HW filter on device bond0 [ 210.218196][T10047] 8021q: adding VLAN 0 to HW filter on device team0 [ 210.256233][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 210.266453][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 210.280685][T10050] 8021q: adding VLAN 0 to HW filter on device team0 [ 210.297561][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 210.308807][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 210.319531][ T23] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.328606][ T23] bridge0: port 1(bridge_slave_0) entered forwarding state [ 210.359302][T10052] 8021q: adding VLAN 0 to HW filter on device bond0 [ 210.371071][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 210.382151][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 210.394191][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 210.405077][T10073] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.413836][T10073] bridge0: port 2(bridge_slave_1) entered forwarding state [ 210.425827][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 210.437108][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 210.448201][T10073] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.457495][T10073] bridge0: port 1(bridge_slave_0) entered forwarding state [ 210.468000][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 210.481088][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 210.491978][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 210.502720][T10073] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.511597][T10073] bridge0: port 2(bridge_slave_1) entered forwarding state [ 210.522588][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 210.533354][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 210.544466][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 210.560291][T10051] 8021q: adding VLAN 0 to HW filter on device bond0 [ 210.578852][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 210.591535][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 210.602625][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 210.614054][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 210.629224][ T1214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 210.642384][ T1214] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 210.653868][ T1214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 210.666307][ T1214] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 210.681910][ T1214] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 210.704587][ T1214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 210.729634][ T1214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 210.770174][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 210.788681][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 210.805823][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 210.825564][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 210.845758][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 210.866635][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 210.906550][T10051] 8021q: adding VLAN 0 to HW filter on device team0 [ 210.928781][T10052] 8021q: adding VLAN 0 to HW filter on device team0 [ 210.946495][ T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 210.963845][ T52] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 210.979411][ T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 210.997850][ T52] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 211.023946][T10047] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 211.046988][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 211.061686][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 211.077224][T10053] bridge0: port 1(bridge_slave_0) entered blocking state [ 211.087248][T10053] bridge0: port 1(bridge_slave_0) entered forwarding state [ 211.099111][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 211.111779][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 211.125671][T10053] bridge0: port 1(bridge_slave_0) entered blocking state [ 211.139383][T10053] bridge0: port 1(bridge_slave_0) entered forwarding state [ 211.152334][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 211.164198][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 211.177481][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 211.189797][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 211.206780][T10050] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 211.237886][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 211.251555][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 211.266040][T10073] bridge0: port 2(bridge_slave_1) entered blocking state [ 211.275752][T10073] bridge0: port 2(bridge_slave_1) entered forwarding state [ 211.288402][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 211.301498][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 211.313862][T10073] bridge0: port 2(bridge_slave_1) entered blocking state [ 211.324272][T10073] bridge0: port 2(bridge_slave_1) entered forwarding state [ 211.337002][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 211.349565][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 211.359814][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 211.372080][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 211.403805][T10047] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 211.418720][ T1214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 211.430531][ T1214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 211.444612][ T1214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 211.457545][ T1214] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 211.468916][ T1214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 211.480583][ T1214] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 211.495165][ T1214] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 211.507299][ T1214] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 211.530375][ T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 211.542579][ T52] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 211.555519][ T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 211.569212][ T52] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 211.595344][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 211.608168][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 211.623005][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 211.635152][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 211.651231][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 211.667352][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 211.679598][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 211.691813][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 211.731122][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 211.749200][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 211.768796][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 211.783606][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 211.800861][T10051] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 211.819989][T10050] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 211.847984][T10052] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 211.900265][ T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 211.924004][ T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 211.970021][ T52] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 211.982524][ T52] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 211.999939][ T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 212.017030][ T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 212.036472][T10047] device veth0_vlan entered promiscuous mode [ 212.065957][T10051] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 212.083691][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 212.093927][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 212.111783][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 212.121184][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 212.131001][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 212.141345][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 212.153319][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 212.163184][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 212.175511][T10047] device veth1_vlan entered promiscuous mode [ 212.191327][T10050] device veth0_vlan entered promiscuous mode [ 212.204478][T10052] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 212.231048][T10050] device veth1_vlan entered promiscuous mode [ 212.253978][ T52] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 212.269768][ T52] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 212.283926][ T52] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 212.307277][ T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 212.322473][ T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 212.337380][ T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 212.352137][ T52] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 212.391566][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 212.406151][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 212.421188][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 212.446110][T10051] device veth0_vlan entered promiscuous mode [ 212.457198][ T1214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 212.468022][ T1214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 212.480421][ T1214] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 212.493573][ T1214] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 212.514757][T10047] device veth0_macvtap entered promiscuous mode [ 212.543953][T10047] device veth1_macvtap entered promiscuous mode [ 212.572156][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 212.592295][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 212.610976][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 212.628628][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 212.645174][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 212.668268][T10052] device veth0_vlan entered promiscuous mode [ 212.696273][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 212.715597][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 212.736494][T10051] device veth1_vlan entered promiscuous mode [ 212.755997][T10052] device veth1_vlan entered promiscuous mode [ 212.782770][T10050] device veth0_macvtap entered promiscuous mode [ 212.801050][T10050] device veth1_macvtap entered promiscuous mode [ 212.844243][T10047] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 212.871212][T10050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 212.909683][T10050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.928595][T10050] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 212.941940][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 212.958532][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 212.974535][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 212.989808][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 213.002993][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 213.016760][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 213.028653][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 213.042689][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 213.057572][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 213.070684][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 213.098212][ T1214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 213.115603][ T1214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 213.133926][T10047] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 213.156268][T10051] device veth0_macvtap entered promiscuous mode [ 213.167598][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 213.181157][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 213.194942][T10073] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 213.218070][T10051] device veth1_macvtap entered promiscuous mode [ 213.230469][T10050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 213.244286][T10050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 213.271058][T10050] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 213.294444][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 213.305140][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 213.425045][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 213.569054][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 213.583572][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 213.730078][T10052] device veth0_macvtap entered promiscuous mode [ 213.753650][T10052] device veth1_macvtap entered promiscuous mode [ 213.831586][T10051] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 213.846737][T10051] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 213.859426][T10051] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 213.873898][T10051] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 213.889710][T10051] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 213.908042][T10051] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 213.928004][T10051] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 213.940757][T10051] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 213.955112][T10051] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 213.970228][T10051] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 214.049328][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 214.065885][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 214.080657][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 214.094703][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 214.110859][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 214.127827][ T3242] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 214.228557][ T40] audit: type=1400 audit(1592330940.604:48): avc: denied { associate } for pid=10047 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 214.477983][T10047] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 214.577826][T10052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 214.645463][T10052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.713933][T10052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 214.772532][T10052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.816803][T10052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 214.863397][T10052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.911073][T10052] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 215.042684][ T3061] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 215.062239][ T3061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 215.090073][T10052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 215.106810][T10052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.122881][T10052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 215.138515][T10052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.153920][T10052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 215.170281][T10052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.192668][T10052] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 215.208662][ T3061] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 215.317262][ T3061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 216.194565][ T0] NOHZ: local_softirq_pending 08 [ 217.065518][ T1569] Bluetooth: hci0: Entering manufacturer mode failed (-110) [ 217.076198][ T3242] Bluetooth: hci1: command 0xfc11 tx timeout [ 217.125550][T10083] Bluetooth: hci1: Entering manufacturer mode failed (-110) [ 217.216159][ T1569] Bluetooth: hci0: sending frame failed (-49) [ 217.465985][ T3242] Bluetooth: hci2: command 0xfc11 tx timeout [ 217.466067][T10087] Bluetooth: hci2: Entering manufacturer mode failed (-110) 2020/06/16 18:09:03 executed programs: 4 [ 217.623853][ T256] Bluetooth: hci2: Frame reassembly failed (-84) [ 217.626180][ T3061] Bluetooth: hci3: command 0xfc11 tx timeout [ 217.635159][T10086] Bluetooth: hci3: Entering manufacturer mode failed (-110) [ 219.225094][T10096] Bluetooth: hci1: Entering manufacturer mode failed (-110) [ 219.235262][T10083] Bluetooth: hci0: Entering manufacturer mode failed (-110) [ 219.322339][ T52] ================================================================== [ 219.343933][ T52] BUG: KASAN: use-after-free in hci_cmd_timeout+0x203/0x210 [ 219.368429][ T52] Read of size 2 at addr ffff88801a653808 by task kworker/1:1/52 [ 219.368429][ T52] [ 219.402933][ T52] CPU: 1 PID: 52 Comm: kworker/1:1 Not tainted 5.7.0-syzkaller #0 [ 219.426221][ T52] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 219.454896][ T52] Workqueue: events hci_cmd_timeout [ 219.454896][ T52] Call Trace: [ 219.454896][ T52] dump_stack+0x188/0x20d [ 219.454896][ T52] ? hci_cmd_timeout+0x203/0x210 [ 219.454896][ T52] ? hci_cmd_timeout+0x203/0x210 [ 219.454896][ T52] print_address_description.constprop.0.cold+0xd3/0x413 [ 219.544932][ T52] ? vprintk_func+0x97/0x1a6 [ 219.544932][ T52] ? hci_cmd_timeout+0x203/0x210 [ 219.544932][ T52] kasan_report.cold+0x1f/0x37 [ 219.544932][ T52] ? hci_cmd_timeout+0x203/0x210 [ 219.544932][ T52] hci_cmd_timeout+0x203/0x210 [ 219.544932][ T52] process_one_work+0x965/0x16a0 [ 219.544932][ T52] ? lock_release+0x800/0x800 [ 219.544932][ T52] ? pwq_dec_nr_in_flight+0x310/0x310 [ 219.544932][ T52] ? rwlock_bug.part.0+0x90/0x90 [ 219.544932][ T52] worker_thread+0x96/0xe20 [ 219.635007][T10087] Bluetooth: hci2: Entering manufacturer mode failed (-110) [ 219.544932][ T52] ? process_one_work+0x16a0/0x16a0 [ 219.544932][ T52] kthread+0x388/0x470 [ 219.544932][ T52] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 219.544932][ T52] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 219.544932][ T52] ret_from_fork+0x24/0x30 [ 219.544932][ T52] [ 219.544932][ T52] Allocated by task 10083: [ 219.715803][T10086] Bluetooth: hci3: Entering manufacturer mode failed (-110) [ 219.544932][ T52] save_stack+0x1b/0x40 [ 219.544932][ T52] __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 219.733262][ T23] Bluetooth: hci3: command tx timeout [ 219.544932][ T52] __kmalloc_reserve.isra.0+0x39/0xe0 [ 219.544932][ T52] __alloc_skb+0xef/0x5a0 [ 219.544932][ T52] hci_prepare_cmd+0x2a/0x220 [ 219.778166][ T32] Bluetooth: hci3: Frame reassembly failed (-84) [ 219.769209][ T52] hci_req_add_ev+0xa2/0x1f0 [ 219.769209][ T52] __hci_cmd_sync_ev+0xec/0x1b0 [ 219.769209][ T52] btintel_enter_mfg+0x2a/0x90 [ 219.769209][ T52] ag6xx_setup+0xfc/0x790 [ 219.769209][ T52] hci_uart_setup+0x1b1/0x480 [ 219.769209][ T52] hci_dev_do_open+0x3c5/0x1840 [ 219.769209][ T52] hci_power_on+0x11d/0x610 [ 219.769209][ T52] process_one_work+0x965/0x16a0 [ 219.769209][ T52] worker_thread+0x96/0xe20 [ 219.769209][ T52] kthread+0x388/0x470 [ 219.769209][ T52] ret_from_fork+0x24/0x30 [ 219.769209][ T52] [ 219.769209][ T52] Freed by task 10083: [ 219.769209][ T52] save_stack+0x1b/0x40 [ 219.769209][ T52] __kasan_slab_free+0xf7/0x140 [ 219.769209][ T52] kfree+0x109/0x2b0 [ 219.769209][ T52] skb_free_head+0x8b/0xa0 [ 219.769209][ T52] skb_release_data+0x42e/0x8b0 [ 219.769209][ T52] skb_release_all+0x46/0x60 [ 219.769209][ T52] kfree_skb+0xfa/0x410 [ 219.769209][ T52] hci_dev_do_open+0x9ef/0x1840 [ 219.769209][ T52] hci_power_on+0x11d/0x610 [ 219.769209][ T52] process_one_work+0x965/0x16a0 [ 219.814314][ T52] worker_thread+0x96/0xe20 [ 219.814314][ T52] kthread+0x388/0x470 [ 219.814314][ T52] ret_from_fork+0x24/0x30 [ 219.814314][ T52] [ 219.814314][ T52] The buggy address belongs to the object at ffff88801a653800 [ 219.814314][ T52] which belongs to the cache kmalloc-512 of size 512 [ 219.814314][ T52] The buggy address is located 8 bytes inside of [ 219.814314][ T52] 512-byte region [ffff88801a653800, ffff88801a653a00) [ 219.814314][ T52] The buggy address belongs to the page: [ 219.814314][ T52] page:ffffea00006994c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88801a653400 [ 219.814314][ T52] flags: 0xfffe0000000200(slab) [ 219.814314][ T52] raw: 00fffe0000000200 ffffea00009fc1c8 ffffea0000a30dc8 ffff88802c800a80 [ 219.814314][ T52] raw: ffff88801a653400 ffff88801a653000 0000000100000003 0000000000000000 [ 219.814314][ T52] page dumped because: kasan: bad access detected [ 219.814314][ T52] [ 219.814314][ T52] Memory state around the buggy address: [ 219.814314][ T52] ffff88801a653700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 219.814314][ T52] ffff88801a653780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 219.814314][ T52] >ffff88801a653800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 219.814314][ T52] ^ [ 219.814314][ T52] ffff88801a653880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 219.814314][ T52] ffff88801a653900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 219.814314][ T52] ================================================================== [ 219.814314][ T52] Disabling lock debugging due to kernel taint [ 220.238567][ T52] Kernel panic - not syncing: panic_on_warn set ... [ 220.245065][ T52] CPU: 1 PID: 52 Comm: kworker/1:1 Tainted: G B 5.7.0-syzkaller #0 [ 220.245065][ T52] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 220.245065][ T52] Workqueue: events hci_cmd_timeout [ 220.245065][ T52] Call Trace: [ 220.245065][ T52] dump_stack+0x188/0x20d [ 220.245065][ T52] ? hci_cmd_timeout+0x150/0x210 [ 220.245065][ T52] panic+0x2e3/0x75c [ 220.245065][ T52] ? add_taint.cold+0x16/0x16 [ 220.245065][ T52] ? preempt_schedule_common+0x5e/0xc0 [ 220.245065][ T52] ? hci_cmd_timeout+0x203/0x210 [ 220.245065][ T52] ? hci_cmd_timeout+0x203/0x210 [ 220.345297][ T52] ? preempt_schedule_thunk+0x16/0x18 [ 220.345297][ T52] ? trace_hardirqs_on+0x55/0x230 [ 220.345297][ T52] ? hci_cmd_timeout+0x203/0x210 [ 220.345297][ T52] ? hci_cmd_timeout+0x203/0x210 [ 220.345297][ T52] end_report+0x4d/0x53 [ 220.345297][ T52] kasan_report.cold+0xd/0x37 [ 220.345297][ T52] ? hci_cmd_timeout+0x203/0x210 [ 220.345297][ T52] hci_cmd_timeout+0x203/0x210 [ 220.345297][ T52] process_one_work+0x965/0x16a0 [ 220.345297][ T52] ? lock_release+0x800/0x800 [ 220.345297][ T52] ? pwq_dec_nr_in_flight+0x310/0x310 [ 220.345297][ T52] ? rwlock_bug.part.0+0x90/0x90 [ 220.345297][ T52] worker_thread+0x96/0xe20 [ 220.345297][ T52] ? process_one_work+0x16a0/0x16a0 [ 220.345297][ T52] kthread+0x388/0x470 [ 220.345297][ T52] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 220.345297][ T52] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 220.345297][ T52] ret_from_fork+0x24/0x30 [ 220.345297][ T52] Kernel Offset: disabled [ 220.345297][ T52] Rebooting in 86400 seconds..