[ 35.470991] audit: type=1800 audit(1550584333.668:28): pid=7416 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 36.366649] audit: type=1800 audit(1550584334.628:29): pid=7416 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 36.386038] audit: type=1800 audit(1550584334.628:30): pid=7416 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 [....] startpar: service(s) returned failure: ssh ...[?25l[?1c7[FAIL8[?25h[?0c failed! Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.211' (ECDSA) to the list of known hosts. 2019/02/19 14:04:58 parsed 1 programs 2019/02/19 14:05:01 executed programs: 0 syzkaller login: [ 803.636461] IPVS: ftp: loaded support on port[0] = 21 [ 803.636467] IPVS: ftp: loaded support on port[0] = 21 [ 803.651028] IPVS: ftp: loaded support on port[0] = 21 [ 803.652768] IPVS: ftp: loaded support on port[0] = 21 [ 803.663541] IPVS: ftp: loaded support on port[0] = 21 [ 803.666971] IPVS: ftp: loaded support on port[0] = 21 [ 803.877459] chnl_net:caif_netlink_parms(): no params data found [ 803.911415] chnl_net:caif_netlink_parms(): no params data found [ 803.980019] chnl_net:caif_netlink_parms(): no params data found [ 804.019312] bridge0: port 1(bridge_slave_0) entered blocking state [ 804.026275] bridge0: port 1(bridge_slave_0) entered disabled state [ 804.033894] device bridge_slave_0 entered promiscuous mode [ 804.042299] bridge0: port 2(bridge_slave_1) entered blocking state [ 804.048743] bridge0: port 2(bridge_slave_1) entered disabled state [ 804.055512] device bridge_slave_1 entered promiscuous mode [ 804.081983] bridge0: port 1(bridge_slave_0) entered blocking state [ 804.089157] bridge0: port 1(bridge_slave_0) entered disabled state [ 804.095971] device bridge_slave_0 entered promiscuous mode [ 804.126614] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 804.140434] chnl_net:caif_netlink_parms(): no params data found [ 804.150951] bridge0: port 2(bridge_slave_1) entered blocking state [ 804.157326] bridge0: port 2(bridge_slave_1) entered disabled state [ 804.164276] device bridge_slave_1 entered promiscuous mode [ 804.181059] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 804.214824] chnl_net:caif_netlink_parms(): no params data found [ 804.247167] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 804.256161] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 804.274356] team0: Port device team_slave_0 added [ 804.283939] bridge0: port 1(bridge_slave_0) entered blocking state [ 804.290363] bridge0: port 1(bridge_slave_0) entered disabled state [ 804.297369] device bridge_slave_0 entered promiscuous mode [ 804.307470] bridge0: port 2(bridge_slave_1) entered blocking state [ 804.313976] bridge0: port 2(bridge_slave_1) entered disabled state [ 804.321067] device bridge_slave_1 entered promiscuous mode [ 804.332545] chnl_net:caif_netlink_parms(): no params data found [ 804.341082] team0: Port device team_slave_1 added [ 804.366005] team0: Port device team_slave_0 added [ 804.394188] bridge0: port 1(bridge_slave_0) entered blocking state [ 804.400643] bridge0: port 1(bridge_slave_0) entered disabled state [ 804.407480] device bridge_slave_0 entered promiscuous mode [ 804.417782] bridge0: port 2(bridge_slave_1) entered blocking state [ 804.424153] bridge0: port 2(bridge_slave_1) entered disabled state [ 804.431325] device bridge_slave_1 entered promiscuous mode [ 804.438427] team0: Port device team_slave_1 added [ 804.491071] device hsr_slave_0 entered promiscuous mode [ 804.528598] device hsr_slave_1 entered promiscuous mode [ 804.602822] bridge0: port 1(bridge_slave_0) entered blocking state [ 804.610259] bridge0: port 1(bridge_slave_0) entered disabled state [ 804.617213] device bridge_slave_0 entered promiscuous mode [ 804.624784] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 804.639462] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 804.663156] team0: Port device team_slave_0 added [ 804.675991] bridge0: port 2(bridge_slave_1) entered blocking state [ 804.682704] bridge0: port 2(bridge_slave_1) entered disabled state [ 804.690251] device bridge_slave_1 entered promiscuous mode [ 804.705659] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 804.719977] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 804.734431] team0: Port device team_slave_1 added [ 804.790858] device hsr_slave_0 entered promiscuous mode [ 804.858525] device hsr_slave_1 entered promiscuous mode [ 804.942898] bridge0: port 2(bridge_slave_1) entered blocking state [ 804.949380] bridge0: port 2(bridge_slave_1) entered forwarding state [ 804.956245] bridge0: port 1(bridge_slave_0) entered blocking state [ 804.962619] bridge0: port 1(bridge_slave_0) entered forwarding state [ 804.980193] bridge0: port 1(bridge_slave_0) entered blocking state [ 804.986639] bridge0: port 1(bridge_slave_0) entered disabled state [ 804.993962] device bridge_slave_0 entered promiscuous mode [ 805.004986] bridge0: port 2(bridge_slave_1) entered blocking state [ 805.013274] bridge0: port 2(bridge_slave_1) entered disabled state [ 805.020701] device bridge_slave_1 entered promiscuous mode [ 805.027801] bridge0: port 1(bridge_slave_0) entered disabled state [ 805.035912] bridge0: port 2(bridge_slave_1) entered disabled state [ 805.049059] team0: Port device team_slave_0 added [ 805.055562] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 805.110226] device hsr_slave_0 entered promiscuous mode [ 805.148715] device hsr_slave_1 entered promiscuous mode [ 805.192972] team0: Port device team_slave_1 added [ 805.199079] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 805.222232] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 805.240150] team0: Port device team_slave_0 added [ 805.246298] team0: Port device team_slave_1 added [ 805.261761] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 805.341073] device hsr_slave_0 entered promiscuous mode [ 805.408463] device hsr_slave_1 entered promiscuous mode [ 805.521177] device hsr_slave_0 entered promiscuous mode [ 805.578554] device hsr_slave_1 entered promiscuous mode [ 805.649764] team0: Port device team_slave_0 added [ 805.656802] team0: Port device team_slave_1 added [ 805.730348] device hsr_slave_0 entered promiscuous mode [ 805.768472] device hsr_slave_1 entered promiscuous mode [ 805.827158] 8021q: adding VLAN 0 to HW filter on device bond0 [ 805.861877] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 805.869682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 805.879159] 8021q: adding VLAN 0 to HW filter on device bond0 [ 805.894577] 8021q: adding VLAN 0 to HW filter on device team0 [ 805.906686] 8021q: adding VLAN 0 to HW filter on device team0 [ 805.913110] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 805.920796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 805.930487] 8021q: adding VLAN 0 to HW filter on device bond0 [ 805.941500] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 805.952700] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 805.960339] bridge0: port 1(bridge_slave_0) entered blocking state [ 805.966663] bridge0: port 1(bridge_slave_0) entered forwarding state [ 805.985774] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 805.994328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 806.004271] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 806.012159] bridge0: port 1(bridge_slave_0) entered blocking state [ 806.018539] bridge0: port 1(bridge_slave_0) entered forwarding state [ 806.025441] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 806.033758] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 806.043068] bridge0: port 2(bridge_slave_1) entered blocking state [ 806.049433] bridge0: port 2(bridge_slave_1) entered forwarding state [ 806.056209] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 806.064644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 806.072382] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 806.080006] bridge0: port 2(bridge_slave_1) entered blocking state [ 806.086415] bridge0: port 2(bridge_slave_1) entered forwarding state [ 806.093497] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 806.100461] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 806.125601] 8021q: adding VLAN 0 to HW filter on device team0 [ 806.143137] 8021q: adding VLAN 0 to HW filter on device bond0 [ 806.159037] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 806.167221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 806.179149] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 806.187035] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 806.194871] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 806.202723] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 806.211368] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 806.225003] 8021q: adding VLAN 0 to HW filter on device bond0 [ 806.236841] 8021q: adding VLAN 0 to HW filter on device team0 [ 806.251662] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 806.259938] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 806.266706] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 806.274147] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 806.281909] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 806.290123] bridge0: port 1(bridge_slave_0) entered blocking state [ 806.296456] bridge0: port 1(bridge_slave_0) entered forwarding state [ 806.303551] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 806.311331] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 806.319255] bridge0: port 1(bridge_slave_0) entered blocking state [ 806.325586] bridge0: port 1(bridge_slave_0) entered forwarding state [ 806.333110] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 806.340673] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 806.351757] 8021q: adding VLAN 0 to HW filter on device bond0 [ 806.367455] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 806.377439] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 806.393808] 8021q: adding VLAN 0 to HW filter on device team0 [ 806.403524] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 806.411385] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 806.419379] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 806.427004] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 806.434708] bridge0: port 2(bridge_slave_1) entered blocking state [ 806.441065] bridge0: port 2(bridge_slave_1) entered forwarding state [ 806.447961] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 806.455475] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 806.463002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 806.470876] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 806.477716] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 806.484560] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 806.492140] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 806.499874] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 806.507445] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 806.515304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 806.522894] bridge0: port 1(bridge_slave_0) entered blocking state [ 806.529257] bridge0: port 1(bridge_slave_0) entered forwarding state [ 806.536440] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 806.543327] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 806.550308] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 806.559166] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 806.566792] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 806.574462] bridge0: port 2(bridge_slave_1) entered blocking state [ 806.580822] bridge0: port 2(bridge_slave_1) entered forwarding state [ 806.592384] 8021q: adding VLAN 0 to HW filter on device team0 [ 806.604570] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 806.614714] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 806.639237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 806.646082] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 806.653015] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 806.660826] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 806.668774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 806.676143] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 806.683728] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 806.691477] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 806.699112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 806.706772] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 806.714442] bridge0: port 2(bridge_slave_1) entered blocking state [ 806.720771] bridge0: port 2(bridge_slave_1) entered forwarding state [ 806.727671] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 806.735539] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 806.743199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 806.751453] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 806.768956] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 806.775669] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 806.784121] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 806.792036] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 806.799677] bridge0: port 1(bridge_slave_0) entered blocking state [ 806.805998] bridge0: port 1(bridge_slave_0) entered forwarding state [ 806.812910] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 806.820696] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 806.828216] bridge0: port 2(bridge_slave_1) entered blocking state [ 806.834711] bridge0: port 2(bridge_slave_1) entered forwarding state [ 806.841692] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 806.849387] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 806.856993] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 806.864836] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 806.872500] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 806.880302] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 806.887755] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 806.895228] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 806.903200] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 806.910174] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 806.922935] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 806.943538] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 806.951430] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 806.959413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 806.967153] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 806.975272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 806.983418] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 806.991147] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 806.998922] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 807.006330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 807.013769] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 807.021169] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 807.031730] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 807.042463] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 807.051478] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 807.061465] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 807.071774] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 807.091766] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 807.115806] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 807.131453] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 807.146685] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 807.158566] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 807.166197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 807.174988] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 807.183338] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 807.194544] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 807.207536] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 807.233257] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 807.243566] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 807.266777] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 807.275221] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 807.290570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 807.306896] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 807.317685] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 807.325568] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 807.333293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 807.340802] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 807.351318] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 807.383037] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 807.402376] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 807.421893] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 807.450843] 8021q: adding VLAN 0 to HW filter on device batadv0 2019/02/19 14:05:06 executed programs: 64 2019/02/19 14:05:11 executed programs: 322 2019/02/19 14:05:16 executed programs: 586 2019/02/19 14:05:21 executed programs: 841 2019/02/19 14:05:26 executed programs: 1109 2019/02/19 14:05:31 executed programs: 1378 2019/02/19 14:05:36 executed programs: 1641 2019/02/19 14:05:41 executed programs: 1898 2019/02/19 14:05:46 executed programs: 2157 2019/02/19 14:05:51 executed programs: 2419 2019/02/19 14:05:56 executed programs: 2684 2019/02/19 14:06:01 executed programs: 2941 2019/02/19 14:06:07 executed programs: 3200 2019/02/19 14:06:12 executed programs: 3444 2019/02/19 14:06:17 executed programs: 3686 2019/02/19 14:06:22 executed programs: 3938 2019/02/19 14:06:27 executed programs: 4199 2019/02/19 14:06:32 executed programs: 4449 2019/02/19 14:06:37 executed programs: 4697 2019/02/19 14:06:42 executed programs: 4951 2019/02/19 14:06:47 executed programs: 5201 2019/02/19 14:06:52 executed programs: 5451 2019/02/19 14:06:57 executed programs: 5701 [ 920.867754] ================================================================== [ 920.875295] BUG: KASAN: use-after-free in __lock_acquire+0x30e0/0x4700 [ 920.881972] Read of size 8 at addr ffff8880887be650 by task kworker/u4:0/7 [ 920.888980] [ 920.891052] CPU: 1 PID: 7 Comm: kworker/u4:0 Not tainted 5.0.0-rc7+ #79 [ 920.897793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 920.907233] Workqueue: ib_addr process_one_req [ 920.911808] Call Trace: [ 920.914404] dump_stack+0x172/0x1f0 [ 920.918008] ? __lock_acquire+0x30e0/0x4700 [ 920.922372] print_address_description.cold+0x7c/0x20d [ 920.927640] ? __lock_acquire+0x30e0/0x4700 [ 920.931954] ? __lock_acquire+0x30e0/0x4700 [ 920.936278] kasan_report.cold+0x1b/0x40 [ 920.940332] ? __lock_acquire+0x30e0/0x4700 [ 920.944646] __asan_report_load8_noabort+0x14/0x20 [ 920.949562] __lock_acquire+0x30e0/0x4700 [ 920.953691] ? mark_held_locks+0x100/0x100 [ 920.957908] ? mark_held_locks+0x100/0x100 [ 920.962128] ? __lock_acquire+0x53b/0x4700 [ 920.966349] ? __lock_is_held+0xb6/0x140 [ 920.970388] ? __lock_is_held+0xb6/0x140 [ 920.974510] ? addr_handler+0xa5/0x300 [ 920.978387] lock_acquire+0x16f/0x3f0 [ 920.982165] ? addr_handler+0xa5/0x300 [ 920.986036] ? addr_handler+0xa5/0x300 [ 920.989903] __mutex_lock+0xf7/0x1310 [ 920.993681] ? addr_handler+0xa5/0x300 [ 920.997551] ? check_noncircular+0x20/0x20 [ 921.001765] ? addr_handler+0xa5/0x300 [ 921.005628] ? lockdep_hardirqs_on+0x415/0x5d0 [ 921.010194] ? mutex_trylock+0x1e0/0x1e0 [ 921.014235] ? __lock_acquire+0x53b/0x4700 [ 921.018516] ? debug_object_deactivate+0x1e4/0x360 [ 921.023425] ? find_held_lock+0x35/0x130 [ 921.027467] ? debug_object_deactivate+0x1e4/0x360 [ 921.032380] mutex_lock_nested+0x16/0x20 [ 921.036418] ? mutex_lock_nested+0x16/0x20 [ 921.040635] addr_handler+0xa5/0x300 [ 921.044363] ? cma_work_handler+0x1f0/0x1f0 [ 921.048668] ? find_held_lock+0x35/0x130 [ 921.052713] ? __lock_is_held+0xb6/0x140 [ 921.056754] ? check_preemption_disabled+0x48/0x290 [ 921.061767] process_one_req+0x109/0x680 [ 921.065872] process_one_work+0x98e/0x1790 [ 921.070105] ? pwq_dec_nr_in_flight+0x320/0x320 [ 921.074752] ? lock_acquire+0x16f/0x3f0 [ 921.078845] worker_thread+0x98/0xe40 [ 921.082650] kthread+0x357/0x430 [ 921.085995] ? process_one_work+0x1790/0x1790 [ 921.090470] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 921.095981] ret_from_fork+0x3a/0x50 [ 921.099668] [ 921.101269] Allocated by task 15541: [ 921.105081] save_stack+0x45/0xd0 [ 921.108512] __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 921.113433] kasan_kmalloc+0x9/0x10 [ 921.117039] kmem_cache_alloc_trace+0x151/0x760 [ 921.121684] __rdma_create_id+0x5f/0x4e0 [ 921.125744] ucma_create_id+0x1de/0x640 [ 921.129697] ucma_write+0x2da/0x3c0 [ 921.133328] __vfs_write+0x116/0x8e0 [ 921.137025] vfs_write+0x20c/0x580 [ 921.140552] ksys_write+0xea/0x1f0 [ 921.144068] __ia32_sys_write+0x71/0xb0 [ 921.148042] do_fast_syscall_32+0x281/0xc98 [ 921.152344] entry_SYSENTER_compat+0x70/0x7f [ 921.156741] [ 921.158343] Freed by task 15539: [ 921.161696] save_stack+0x45/0xd0 [ 921.165131] __kasan_slab_free+0x102/0x150 [ 921.169342] kasan_slab_free+0xe/0x10 [ 921.173128] kfree+0xcf/0x230 [ 921.176210] rdma_destroy_id+0x723/0xab0 [ 921.180254] ucma_close+0x115/0x320 [ 921.183858] __fput+0x2df/0x8d0 [ 921.187113] ____fput+0x16/0x20 [ 921.190370] task_work_run+0x14a/0x1c0 [ 921.194261] exit_to_usermode_loop+0x273/0x2c0 [ 921.198823] do_fast_syscall_32+0xa9d/0xc98 [ 921.203120] entry_SYSENTER_compat+0x70/0x7f [ 921.207509] [ 921.209116] The buggy address belongs to the object at ffff8880887be2c0 [ 921.209116] which belongs to the cache kmalloc-2k of size 2048 [ 921.221747] The buggy address is located 912 bytes inside of [ 921.221747] 2048-byte region [ffff8880887be2c0, ffff8880887beac0) [ 921.233775] The buggy address belongs to the page: [ 921.238680] page:ffffea000221ef80 count:1 mapcount:0 mapping:ffff88812c3f0c40 index:0x0 compound_mapcount: 0 [ 921.248622] flags: 0x1fffc0000010200(slab|head) [ 921.253274] raw: 01fffc0000010200 ffffea000256f208 ffffea000263b588 ffff88812c3f0c40 [ 921.261157] raw: 0000000000000000 ffff8880887be2c0 0000000100000003 0000000000000000 [ 921.269029] page dumped because: kasan: bad access detected [ 921.274708] [ 921.276324] Memory state around the buggy address: [ 921.281254] ffff8880887be500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 921.288587] ffff8880887be580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 921.295919] >ffff8880887be600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 921.303252] ^ [ 921.309202] ffff8880887be680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 921.316535] ffff8880887be700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 921.323877] ================================================================== [ 921.331208] Disabling lock debugging due to kernel taint [ 921.336638] Kernel panic - not syncing: panic_on_warn set ... [ 921.342503] CPU: 1 PID: 7 Comm: kworker/u4:0 Tainted: G B 5.0.0-rc7+ #79 [ 921.350630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 921.359969] Workqueue: ib_addr process_one_req [ 921.364631] Call Trace: [ 921.367211] dump_stack+0x172/0x1f0 [ 921.370979] panic+0x2cb/0x65c [ 921.374153] ? __warn_printk+0xf3/0xf3 [ 921.378018] ? lock_downgrade+0x810/0x810 [ 921.382142] ? __lock_acquire+0x30e0/0x4700 [ 921.386455] ? trace_hardirqs_off+0x62/0x220 [ 921.390856] ? trace_hardirqs_off+0x59/0x220 [ 921.395245] ? __lock_acquire+0x30e0/0x4700 [ 921.399544] end_report+0x47/0x4f [ 921.402988] ? __lock_acquire+0x30e0/0x4700 [ 921.407286] kasan_report.cold+0xe/0x40 [ 921.411365] ? __lock_acquire+0x30e0/0x4700 [ 921.415667] __asan_report_load8_noabort+0x14/0x20 [ 921.420661] __lock_acquire+0x30e0/0x4700 [ 921.424788] ? mark_held_locks+0x100/0x100 [ 921.429099] ? mark_held_locks+0x100/0x100 [ 921.433327] ? __lock_acquire+0x53b/0x4700 [ 921.437541] ? __lock_is_held+0xb6/0x140 [ 921.441609] ? __lock_is_held+0xb6/0x140 [ 921.445656] ? addr_handler+0xa5/0x300 [ 921.449521] lock_acquire+0x16f/0x3f0 [ 921.453300] ? addr_handler+0xa5/0x300 [ 921.457164] ? addr_handler+0xa5/0x300 [ 921.461029] __mutex_lock+0xf7/0x1310 [ 921.464804] ? addr_handler+0xa5/0x300 [ 921.468668] ? check_noncircular+0x20/0x20 [ 921.472879] ? addr_handler+0xa5/0x300 [ 921.476754] ? lockdep_hardirqs_on+0x415/0x5d0 [ 921.481312] ? mutex_trylock+0x1e0/0x1e0 [ 921.485347] ? __lock_acquire+0x53b/0x4700 [ 921.489565] ? debug_object_deactivate+0x1e4/0x360 [ 921.494478] ? find_held_lock+0x35/0x130 [ 921.498520] ? debug_object_deactivate+0x1e4/0x360 [ 921.503432] mutex_lock_nested+0x16/0x20 [ 921.507472] ? mutex_lock_nested+0x16/0x20 [ 921.511689] addr_handler+0xa5/0x300 [ 921.515383] ? cma_work_handler+0x1f0/0x1f0 [ 921.519681] ? find_held_lock+0x35/0x130 [ 921.523723] ? __lock_is_held+0xb6/0x140 [ 921.527759] ? check_preemption_disabled+0x48/0x290 [ 921.532753] process_one_req+0x109/0x680 [ 921.536798] process_one_work+0x98e/0x1790 [ 921.541019] ? pwq_dec_nr_in_flight+0x320/0x320 [ 921.545669] ? lock_acquire+0x16f/0x3f0 [ 921.549627] worker_thread+0x98/0xe40 [ 921.553409] kthread+0x357/0x430 [ 921.556777] ? process_one_work+0x1790/0x1790 [ 921.561354] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 921.566871] ret_from_fork+0x3a/0x50 [ 921.571791] Kernel Offset: disabled [ 921.575410] Rebooting in 86400 seconds..