[ OK ] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. [ OK ] Started Getty on tty6. [ OK ] Started Getty on tty5. [ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.46' (ECDSA) to the list of known hosts. 2020/09/22 04:50:24 fuzzer started 2020/09/22 04:50:25 dialing manager at 10.128.0.26:39783 2020/09/22 04:50:25 syscalls: 3353 2020/09/22 04:50:25 code coverage: enabled 2020/09/22 04:50:25 comparison tracing: enabled 2020/09/22 04:50:25 extra coverage: enabled 2020/09/22 04:50:25 setuid sandbox: enabled 2020/09/22 04:50:25 namespace sandbox: enabled 2020/09/22 04:50:25 Android sandbox: enabled 2020/09/22 04:50:25 fault injection: enabled 2020/09/22 04:50:25 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/09/22 04:50:25 net packet injection: enabled 2020/09/22 04:50:25 net device setup: enabled 2020/09/22 04:50:25 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/09/22 04:50:25 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/09/22 04:50:25 USB emulation: enabled 2020/09/22 04:50:25 hci packet injection: enabled syzkaller login: [ 199.797478][ C1] WARNING: can't access registers at asm_sysvec_call_function_single+0x12/0x20 04:52:43 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f000002c000)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x1, 0x0) mkdir(&(0x7f00000001c0)='./bus\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) [ 206.885425][ T28] audit: type=1400 audit(1600750363.199:8): avc: denied { execmem } for pid=6866 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 04:52:43 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0xa, 0xa, 0x301}, 0x14}}, 0x0) 04:52:43 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) 04:52:43 executing program 3: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$int_in(r0, 0x40000000af01, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/net/tun\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = dup(r1) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000240)=ANY=[@ANYRES64=r2, @ANYBLOB]) 04:52:44 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f00000006c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0x2) connect$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r3 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r4) fcntl$setownex(r0, 0xf, &(0x7f0000000600)={0x0, r2}) sendmmsg(r0, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x0) 04:52:44 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) inotify_rm_watch(0xffffffffffffffff, 0x0) [ 208.167448][ T6867] IPVS: ftp: loaded support on port[0] = 21 [ 208.327092][ T6869] IPVS: ftp: loaded support on port[0] = 21 [ 208.585489][ T6871] IPVS: ftp: loaded support on port[0] = 21 [ 208.627169][ T6867] chnl_net:caif_netlink_parms(): no params data found [ 208.910770][ T6873] IPVS: ftp: loaded support on port[0] = 21 [ 208.956784][ T6867] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.967507][ T6867] bridge0: port 1(bridge_slave_0) entered disabled state [ 208.987821][ T6867] device bridge_slave_0 entered promiscuous mode [ 209.106830][ T6867] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.128082][ T6867] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.136308][ T6867] device bridge_slave_1 entered promiscuous mode [ 209.241845][ T6875] IPVS: ftp: loaded support on port[0] = 21 [ 209.281808][ T6869] chnl_net:caif_netlink_parms(): no params data found [ 209.321242][ T6871] chnl_net:caif_netlink_parms(): no params data found [ 209.341255][ T6877] IPVS: ftp: loaded support on port[0] = 21 [ 209.426120][ T6867] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 209.470214][ T6867] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 209.523774][ T6867] team0: Port device team_slave_0 added [ 209.564041][ T6867] team0: Port device team_slave_1 added [ 209.626755][ T6867] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 209.640969][ T6867] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 209.670680][ T6867] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 209.686065][ T6867] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 209.695308][ T6867] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 209.722034][ T6867] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 209.741744][ T6869] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.748891][ T6869] bridge0: port 1(bridge_slave_0) entered disabled state [ 209.756597][ T6869] device bridge_slave_0 entered promiscuous mode