[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.249' (ECDSA) to the list of known hosts.
2020/04/10 13:44:32 parsed 1 programs
syzkaller login: [   71.796144][ T3832] kmemleak: Automatic memory scanning thread ended
2020/04/10 13:44:42 executed programs: 0
[   79.571756][   T26] audit: type=1400 audit(1586526282.645:8): avc:  denied  { execmem } for  pid=6628 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[   79.600191][ T6629] IPVS: ftp: loaded support on port[0] = 21
[   79.627969][ T6629] chnl_net:caif_netlink_parms(): no params data found
[   79.720428][ T6629] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.727701][ T6629] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.735006][ T6629] device bridge_slave_0 entered promiscuous mode
[   79.742212][ T6629] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.749628][ T6629] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.757403][ T6629] device bridge_slave_1 entered promiscuous mode
[   79.768204][ T6629] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.777967][ T6629] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.791113][ T6629] team0: Port device team_slave_0 added
[   79.797565][ T6629] team0: Port device team_slave_1 added
[   79.807214][ T6629] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.814336][ T6629] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.840732][ T6629] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.852042][ T6629] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.859233][ T6629] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.885413][ T6629] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.936188][ T6629] device hsr_slave_0 entered promiscuous mode
[   79.985362][ T6629] device hsr_slave_1 entered promiscuous mode
[   80.068469][ T6629] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   80.116080][ T6629] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   80.186047][ T6629] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   80.245967][ T6629] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   80.310293][ T6629] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.317513][ T6629] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.324762][ T6629] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.331808][ T6629] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.348909][ T6629] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.358256][ T6832] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   80.366192][ T6832] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.373439][ T6832] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.381729][ T6832] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   80.390731][ T6629] 8021q: adding VLAN 0 to HW filter on device team0
[   80.398709][ T6228] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   80.406934][ T6228] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.414011][ T6228] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.425374][ T6228] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   80.433770][ T6228] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.440852][ T6228] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.448862][ T6228] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   80.457580][ T6228] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   80.466176][ T3895] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   80.476864][ T6629] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   80.487206][ T6629] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   80.498463][ T6228] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   80.507077][ T6228] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   80.515678][ T6231] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   80.525778][ T3895] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   80.533196][ T3895] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   80.542654][ T6629] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.553347][ T6231] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   80.565355][ T3895] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   80.573326][ T3895] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   80.581388][ T3895] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   80.589807][ T6629] device veth0_vlan entered promiscuous mode
[   80.597813][ T6629] device veth1_vlan entered promiscuous mode
[   80.609010][ T6231] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   80.616801][ T6231] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   80.624463][ T6231] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   80.634030][ T6629] device veth0_macvtap entered promiscuous mode
[   80.641774][ T6629] device veth1_macvtap entered promiscuous mode
[   80.651394][ T6629] batman_adv: batadv0: Interface activated: batadv_slave_0
[   80.658681][ T3895] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   80.667024][ T3895] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   80.676888][ T6629] batman_adv: batadv0: Interface activated: batadv_slave_1
[   80.684100][ T6231] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   80.692741][ T6231] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   80.741002][ T6852] ubi0: attaching mtd0
[   80.746058][ T6852] ubi0: scanning is finished
[   80.750686][ T6852] ubi0: empty MTD device detected
[   80.787341][ T6852] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[   80.794826][ T6852] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[   80.802525][ T6852] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[   80.809595][ T6852] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[   80.817183][ T6852] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[   80.823964][ T6852] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[   80.832121][ T6852] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 987547755
[   80.842117][ T6852] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[   80.852145][ T6856] ubi0: background thread "ubi_bgt0d" started, PID 6856
[   80.859314][ T6852] ubi0: detaching mtd0
[   80.863792][ T6852] ubi0: mtd0 is detached
2020/04/10 13:44:49 executed programs: 1
[   86.813936][ T6863] ubi0: attaching mtd0
[   86.818272][ T6863] ubi0: scanning is finished
[   86.854664][ T6863] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[   86.862179][ T6863] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[   86.869749][ T6863] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[   86.876992][ T6863] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[   86.884644][ T6863] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[   86.891601][ T6863] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[   86.899976][ T6863] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 987547755
[   86.910154][ T6863] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[   86.920276][ T6865] ubi0: background thread "ubi_bgt0d" started, PID 6865
[   86.920350][ T6863] ubi0: detaching mtd0
[   86.931642][ T6863] ubi0: mtd0 is detached
[   86.941124][ T6869] ubi0: attaching mtd0
[   86.945426][ T6869] ubi0: scanning is finished
[   86.964641][ T6869] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[   86.972141][ T6869] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[   86.979775][ T6869] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[   86.987078][ T6869] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[   86.994863][ T6869] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[   87.001935][ T6869] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[   87.010077][ T6869] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 987547755
[   87.019982][ T6869] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[   87.029879][ T6871] ubi0: background thread "ubi_bgt0d" started, PID 6871
[   87.036940][ T6869] ubi0: detaching mtd0
[   87.041385][ T6869] ubi0: mtd0 is detached
[   89.793427][    T0] NOHZ: local_softirq_pending 08
[   92.711923][ T6877] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
BUG: memory leak
unreferenced object 0xffff888127e0f880 (size 32):
  comm "syz-executor.0", pid 6852, jiffies 4294945336 (age 14.530s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00  ................
  backtrace:
    [<000000000561be62>] erase_aeb+0x25/0x110
    [<000000001af9e047>] ubi_wl_init+0x193/0x5c0
    [<00000000a1ae0b67>] ubi_attach+0x611/0x18ba
    [<000000009ad3ebdf>] ubi_attach_mtd_dev+0x665/0xcc0
    [<00000000fe3968f2>] ctrl_cdev_ioctl+0x144/0x1b0
    [<00000000bb574191>] ksys_ioctl+0xa6/0xd0
    [<00000000630d4992>] __x64_sys_ioctl+0x1a/0x20
    [<00000000c6f46799>] do_syscall_64+0x6e/0x220
    [<00000000e825ccdf>] entry_SYSCALL_64_after_hwframe+0x44/0xa9