[ 41.770504] audit: type=1800 audit(1555824094.244:30): pid=7738 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 46.016556] kauditd_printk_skb: 4 callbacks suppressed [ 46.016570] audit: type=1400 audit(1555824098.544:35): avc: denied { map } for pid=7911 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.1.25' (ECDSA) to the list of known hosts. [ 52.617903] audit: type=1400 audit(1555824105.144:36): avc: denied { map } for pid=7923 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2019/04/21 05:21:45 parsed 1 programs [ 53.426560] audit: type=1400 audit(1555824105.954:37): avc: denied { map } for pid=7923 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=14598 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 2019/04/21 05:21:48 executed programs: 0 [ 55.817833] IPVS: ftp: loaded support on port[0] = 21 [ 55.825393] IPVS: ftp: loaded support on port[0] = 21 [ 55.840747] IPVS: ftp: loaded support on port[0] = 21 [ 55.842109] IPVS: ftp: loaded support on port[0] = 21 [ 55.858760] IPVS: ftp: loaded support on port[0] = 21 [ 55.871145] IPVS: ftp: loaded support on port[0] = 21 [ 56.161723] chnl_net:caif_netlink_parms(): no params data found [ 56.199931] chnl_net:caif_netlink_parms(): no params data found [ 56.258755] chnl_net:caif_netlink_parms(): no params data found [ 56.328290] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.334707] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.342383] device bridge_slave_0 entered promiscuous mode [ 56.350074] chnl_net:caif_netlink_parms(): no params data found [ 56.361361] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.367884] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.374786] device bridge_slave_0 entered promiscuous mode [ 56.385109] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.392616] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.400707] device bridge_slave_1 entered promiscuous mode [ 56.418821] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.425204] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.432230] device bridge_slave_1 entered promiscuous mode [ 56.486263] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.492713] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.501228] device bridge_slave_0 entered promiscuous mode [ 56.510602] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.517582] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.524514] device bridge_slave_1 entered promiscuous mode [ 56.563015] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 56.617723] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 56.626829] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 56.637992] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 56.667973] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 56.675729] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.682149] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.689366] device bridge_slave_0 entered promiscuous mode [ 56.701834] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.708318] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.715239] device bridge_slave_1 entered promiscuous mode [ 56.723118] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 56.745690] chnl_net:caif_netlink_parms(): no params data found [ 56.755567] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 56.763074] team0: Port device team_slave_0 added [ 56.774676] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 56.782100] team0: Port device team_slave_1 added [ 56.794053] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 56.801459] chnl_net:caif_netlink_parms(): no params data found [ 56.819732] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 56.828021] team0: Port device team_slave_0 added [ 56.840008] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 56.869471] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 56.877121] team0: Port device team_slave_0 added [ 56.883102] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 56.890713] team0: Port device team_slave_1 added [ 56.897421] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 56.919791] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 56.928818] team0: Port device team_slave_1 added [ 56.939087] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 56.948527] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 56.956754] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 56.999914] device hsr_slave_0 entered promiscuous mode [ 57.066468] device hsr_slave_1 entered promiscuous mode [ 57.137252] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 57.151004] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 57.165408] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 57.185854] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 57.233072] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 57.241600] team0: Port device team_slave_0 added [ 57.253315] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 57.262058] team0: Port device team_slave_1 added [ 57.329494] device hsr_slave_0 entered promiscuous mode [ 57.366585] device hsr_slave_1 entered promiscuous mode [ 57.406546] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.412927] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.421217] device bridge_slave_0 entered promiscuous mode [ 57.428717] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 57.435856] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.442398] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.449945] device bridge_slave_1 entered promiscuous mode [ 57.518613] device hsr_slave_0 entered promiscuous mode [ 57.556563] device hsr_slave_1 entered promiscuous mode [ 57.596452] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.602916] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.610768] device bridge_slave_0 entered promiscuous mode [ 57.618019] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 57.624702] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.631707] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.639442] device bridge_slave_1 entered promiscuous mode [ 57.653736] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 57.678677] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 57.690785] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 57.706997] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 57.715120] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 57.758124] device hsr_slave_0 entered promiscuous mode [ 57.796410] device hsr_slave_1 entered promiscuous mode [ 57.837967] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 57.845871] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 57.853228] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 57.865181] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 57.874093] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 57.883542] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 57.891831] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 57.945410] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 57.953139] team0: Port device team_slave_0 added [ 57.959052] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 57.966914] team0: Port device team_slave_1 added [ 57.972210] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 57.980264] team0: Port device team_slave_0 added [ 57.988522] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 57.999028] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 58.013542] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 58.021327] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 58.029882] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 58.038294] team0: Port device team_slave_1 added [ 58.043829] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 58.051968] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 58.138671] device hsr_slave_0 entered promiscuous mode [ 58.186415] device hsr_slave_1 entered promiscuous mode [ 58.244933] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 58.267932] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 58.298307] device hsr_slave_0 entered promiscuous mode [ 58.326707] device hsr_slave_1 entered promiscuous mode [ 58.387000] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 58.409637] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 58.419312] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.443274] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.460038] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 58.484393] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 58.494033] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.509113] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.516565] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 58.523109] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 58.531514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.554997] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.565061] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 58.579332] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.587238] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 58.593320] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.599990] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 58.607410] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.616411] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.624089] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.634850] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 58.641365] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.659677] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 58.667226] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 58.686566] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 58.694208] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 58.702399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.709515] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 58.717574] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.725388] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.731891] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.739632] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 58.748362] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.755883] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.762295] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.769669] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.777433] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.792052] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 58.800915] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 58.812066] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 58.821269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 58.828653] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.835528] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 58.844247] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.851992] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.858351] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.865469] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 58.878014] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 58.884101] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.898842] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 58.911900] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 58.925381] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 58.932048] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.947340] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.953485] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 58.961832] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.969591] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.975927] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.982864] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 58.993947] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 59.005737] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 59.018197] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.027696] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 59.035105] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 59.046847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 59.055668] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 59.064612] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 59.074787] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 59.085142] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 59.092319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 59.101399] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 59.109240] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 59.117217] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 59.124844] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.131254] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.138599] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 59.146897] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 59.154543] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.160956] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.168122] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.175003] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.182739] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 59.190025] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 59.199926] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 59.208275] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 59.217725] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 59.230958] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 59.241590] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 59.251861] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 59.260365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 59.269486] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 59.277504] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.283841] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.290830] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 59.298895] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 59.306833] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 59.314394] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.320800] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.328417] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 59.336093] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 59.344072] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 59.351927] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 59.359274] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 59.368652] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 59.378384] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 59.386794] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 59.392871] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.403323] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 59.413555] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 59.423925] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 59.432041] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 59.440234] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 59.450459] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 59.459519] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 59.471632] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 59.481298] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 59.488846] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.499522] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.507318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 59.515364] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 59.523534] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 59.531927] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 59.539809] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 59.547513] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 59.554925] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 59.564206] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 59.574745] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 59.583944] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 59.594550] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 59.604238] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 59.613577] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 59.622245] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 59.630090] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.636939] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.644150] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 59.652027] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 59.659636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 59.667625] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 59.675143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 59.682801] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 59.690430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 59.698516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 59.708879] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 59.717835] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 59.728062] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 59.743339] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 59.750075] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 59.759644] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 59.765759] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.772028] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 59.780272] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 59.787391] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 59.795108] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 59.803106] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.809519] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.817778] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 59.825289] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 59.833155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 59.840875] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 59.851235] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 59.860374] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 59.867749] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 59.875819] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 59.889892] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 59.896822] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 59.904998] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 59.912806] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 59.921019] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 59.928615] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 59.937465] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 59.949714] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 59.965577] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 59.976386] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 59.984775] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 59.997116] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 60.004534] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 60.012916] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 60.021026] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 60.029253] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.035755] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.043442] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 60.054022] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 60.063581] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 60.075364] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 60.083110] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 60.091205] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 60.099007] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 60.107315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 60.114845] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.121256] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.130960] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 60.140988] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 60.151528] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 60.160620] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 60.169725] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 60.175758] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 60.184612] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 60.191764] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 60.199747] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 60.207568] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 60.214987] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 60.222731] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 60.230477] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 60.238124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 60.245563] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 60.256621] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 60.266085] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 60.277102] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.289275] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 60.298207] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 60.304240] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 60.316098] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 60.324659] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 60.332590] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 60.340364] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 60.351267] audit: type=1400 audit(1555824112.874:38): avc: denied { associate } for pid=7953 comm="syz-executor.1" name="syz1" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 60.356424] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 60.403153] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 60.411516] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 60.417772] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 60.430461] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 60.441999] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 60.462647] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 60.475539] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.492486] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 60.505931] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 60.521401] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.538033] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 60.545734] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 60.564111] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.573531] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 60.588316] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 60.622170] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 60.638648] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 60.649046] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 60.655065] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready 2019/04/21 05:21:53 executed programs: 7 [ 60.728481] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.739593] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 60.837007] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.101642] ================================================================== [ 61.109147] BUG: KASAN: use-after-free in __vb2_perform_fileio+0x105d/0x1140 [ 61.116361] Read of size 4 at addr ffff88809b45751c by task syz-executor.1/8025 [ 61.123812] [ 61.125448] CPU: 0 PID: 8025 Comm: syz-executor.1 Not tainted 4.19.36 #4 [ 61.132285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 61.141625] Call Trace: [ 61.144219] dump_stack+0x172/0x1f0 [ 61.147918] ? __vb2_perform_fileio+0x105d/0x1140 [ 61.152749] print_address_description.cold+0x7c/0x20d [ 61.158009] ? __vb2_perform_fileio+0x105d/0x1140 [ 61.162841] kasan_report.cold+0x8c/0x2ba [ 61.166975] __asan_report_load4_noabort+0x14/0x20 [ 61.171894] __vb2_perform_fileio+0x105d/0x1140 [ 61.176556] ? vb2_thread_start+0x370/0x370 [ 61.180897] ? mark_held_locks+0x100/0x100 [ 61.185127] vb2_read+0x3b/0x50 [ 61.188388] vb2_fop_read+0x212/0x410 [ 61.192183] ? vb2_fop_write+0x410/0x410 [ 61.196243] v4l2_read+0x1ce/0x230 [ 61.199800] __vfs_read+0x116/0x800 [ 61.203446] ? v4l2_write+0x230/0x230 [ 61.207243] ? vfs_copy_file_range+0xba0/0xba0 [ 61.211836] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 61.217384] ? __inode_security_revalidate+0xda/0x120 [ 61.222594] ? avc_policy_seqno+0xd/0x70 [ 61.226651] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 61.231671] ? security_file_permission+0x1ce/0x230 [ 61.236708] ? security_file_permission+0x8f/0x230 [ 61.241639] ? rw_verify_area+0x118/0x360 [ 61.245788] vfs_read+0x194/0x3d0 [ 61.249255] ksys_read+0xea/0x1f0 [ 61.252699] ? kernel_write+0x120/0x120 [ 61.256664] ? do_syscall_64+0x26/0x610 [ 61.260623] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 61.265971] ? do_syscall_64+0x26/0x610 [ 61.269932] __x64_sys_read+0x73/0xb0 [ 61.273719] do_syscall_64+0x103/0x610 [ 61.277639] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 61.282834] RIP: 0033:0x458c29 [ 61.286008] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 61.304934] RSP: 002b:00007f418d784c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 61.312650] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000458c29 [ 61.319927] RDX: 000000000000004b RSI: 0000000020000400 RDI: 0000000000000003 [ 61.327214] RBP: 000000000073c040 R08: 0000000000000000 R09: 0000000000000000 [ 61.334480] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f418d7856d4 [ 61.341736] R13: 00000000004c4935 R14: 00000000004d9f08 R15: 00000000ffffffff [ 61.349019] [ 61.350648] Allocated by task 8025: [ 61.354305] save_stack+0x45/0xd0 [ 61.357776] kasan_kmalloc+0xce/0xf0 [ 61.361484] kmem_cache_alloc_trace+0x152/0x760 [ 61.366147] __vb2_init_fileio+0x1cb/0xbe0 [ 61.370375] __vb2_perform_fileio+0xbff/0x1140 [ 61.374938] vb2_read+0x3b/0x50 [ 61.378213] vb2_fop_read+0x212/0x410 [ 61.382000] v4l2_read+0x1ce/0x230 [ 61.385552] __vfs_read+0x116/0x800 [ 61.389163] vfs_read+0x194/0x3d0 [ 61.392603] ksys_read+0xea/0x1f0 [ 61.396039] __x64_sys_read+0x73/0xb0 [ 61.399825] do_syscall_64+0x103/0x610 [ 61.403701] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 61.408876] [ 61.410512] Freed by task 8029: [ 61.413769] save_stack+0x45/0xd0 [ 61.417233] __kasan_slab_free+0x102/0x150 [ 61.421451] kasan_slab_free+0xe/0x10 [ 61.425243] kfree+0xcf/0x230 [ 61.428339] __vb2_cleanup_fileio+0x100/0x170 [ 61.432840] vb2_core_queue_release+0x20/0x80 [ 61.437320] _vb2_fop_release+0x1cf/0x2a0 [ 61.441490] vb2_fop_release+0x75/0xc0 [ 61.445374] vivid_fop_release+0x18e/0x430 [ 61.449630] v4l2_release+0xfb/0x1a0 [ 61.453324] __fput+0x2df/0x8b0 [ 61.456606] ____fput+0x16/0x20 [ 61.459875] task_work_run+0x14a/0x1c0 [ 61.463746] exit_to_usermode_loop+0x273/0x2c0 [ 61.468323] do_syscall_64+0x52d/0x610 [ 61.472214] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 61.477383] [ 61.478994] The buggy address belongs to the object at ffff88809b457200 [ 61.478994] which belongs to the cache kmalloc-1024 of size 1024 [ 61.491804] The buggy address is located 796 bytes inside of [ 61.491804] 1024-byte region [ffff88809b457200, ffff88809b457600) [ 61.503793] The buggy address belongs to the page: [ 61.508732] page:ffffea00026d1580 count:1 mapcount:0 mapping:ffff88812c3f0ac0 index:0x0 compound_mapcount: 0 [ 61.518776] flags: 0x1fffc0000008100(slab|head) [ 61.523438] raw: 01fffc0000008100 ffffea000202fc88 ffffea00022cdf88 ffff88812c3f0ac0 [ 61.531304] raw: 0000000000000000 ffff88809b456000 0000000100000007 0000000000000000 [ 61.539173] page dumped because: kasan: bad access detected [ 61.544921] [ 61.546532] Memory state around the buggy address: [ 61.551475] ffff88809b457400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 61.558929] ffff88809b457480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 61.566281] >ffff88809b457500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 61.573626] ^ [ 61.577761] ffff88809b457580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 61.585110] ffff88809b457600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 61.592461] ================================================================== [ 61.599819] Disabling lock debugging due to kernel taint [ 61.624412] Kernel panic - not syncing: panic_on_warn set ... [ 61.624412] [ 61.631820] CPU: 0 PID: 8025 Comm: syz-executor.1 Tainted: G B 4.19.36 #4 [ 61.640054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 61.649411] Call Trace: [ 61.652055] dump_stack+0x172/0x1f0 [ 61.655697] ? __vb2_perform_fileio+0x105d/0x1140 [ 61.660534] panic+0x263/0x51d [ 61.663710] ? __warn_printk+0xf3/0xf3 [ 61.667579] ? __vb2_perform_fileio+0x105d/0x1140 [ 61.672441] ? preempt_schedule+0x4b/0x60 [ 61.676584] ? ___preempt_schedule+0x16/0x18 [ 61.681000] ? trace_hardirqs_on+0x5e/0x230 [ 61.685312] ? __vb2_perform_fileio+0x105d/0x1140 [ 61.690153] kasan_end_report+0x47/0x4f [ 61.694113] kasan_report.cold+0xa9/0x2ba [ 61.698246] __asan_report_load4_noabort+0x14/0x20 [ 61.703159] __vb2_perform_fileio+0x105d/0x1140 [ 61.707822] ? vb2_thread_start+0x370/0x370 [ 61.712131] ? mark_held_locks+0x100/0x100 [ 61.716383] vb2_read+0x3b/0x50 [ 61.719647] vb2_fop_read+0x212/0x410 [ 61.723453] ? vb2_fop_write+0x410/0x410 [ 61.727506] v4l2_read+0x1ce/0x230 [ 61.731031] __vfs_read+0x116/0x800 [ 61.734639] ? v4l2_write+0x230/0x230 [ 61.738432] ? vfs_copy_file_range+0xba0/0xba0 [ 61.743034] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 61.748575] ? __inode_security_revalidate+0xda/0x120 [ 61.753781] ? avc_policy_seqno+0xd/0x70 [ 61.757824] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 61.762824] ? security_file_permission+0x1ce/0x230 [ 61.767825] ? security_file_permission+0x8f/0x230 [ 61.772769] ? rw_verify_area+0x118/0x360 [ 61.776927] vfs_read+0x194/0x3d0 [ 61.780382] ksys_read+0xea/0x1f0 [ 61.783815] ? kernel_write+0x120/0x120 [ 61.787794] ? do_syscall_64+0x26/0x610 [ 61.791760] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 61.797114] ? do_syscall_64+0x26/0x610 [ 61.801093] __x64_sys_read+0x73/0xb0 [ 61.804888] do_syscall_64+0x103/0x610 [ 61.808759] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 61.813934] RIP: 0033:0x458c29 [ 61.817114] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 61.835995] RSP: 002b:00007f418d784c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 61.843684] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000458c29 [ 61.850938] RDX: 000000000000004b RSI: 0000000020000400 RDI: 0000000000000003 [ 61.858193] RBP: 000000000073c040 R08: 0000000000000000 R09: 0000000000000000 [ 61.865447] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f418d7856d4 [ 61.872715] R13: 00000000004c4935 R14: 00000000004d9f08 R15: 00000000ffffffff [ 61.880653] Kernel Offset: disabled [ 61.884271] Rebooting in 86400 seconds..