[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.54' (ECDSA) to the list of known hosts. 2020/04/23 13:34:43 parsed 1 programs syzkaller login: [ 132.688459][ T3832] kmemleak: Automatic memory scanning thread ended 2020/04/23 13:34:53 executed programs: 0 [ 140.240524][ T25] audit: type=1400 audit(1587648893.237:8): avc: denied { execmem } for pid=6627 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 140.257682][ T6628] IPVS: ftp: loaded support on port[0] = 21 [ 140.285512][ T6628] chnl_net:caif_netlink_parms(): no params data found [ 140.344947][ T6628] bridge0: port 1(bridge_slave_0) entered blocking state [ 140.352066][ T6628] bridge0: port 1(bridge_slave_0) entered disabled state [ 140.359483][ T6628] device bridge_slave_0 entered promiscuous mode [ 140.367366][ T6628] bridge0: port 2(bridge_slave_1) entered blocking state [ 140.374619][ T6628] bridge0: port 2(bridge_slave_1) entered disabled state [ 140.382230][ T6628] device bridge_slave_1 entered promiscuous mode [ 140.392211][ T6628] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 140.401869][ T6628] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 140.414114][ T6628] team0: Port device team_slave_0 added [ 140.420106][ T6628] team0: Port device team_slave_1 added [ 140.428836][ T6628] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 140.435859][ T6628] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 140.462049][ T6628] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 140.473126][ T6628] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 140.480062][ T6628] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 140.506111][ T6628] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 140.571334][ T6628] device hsr_slave_0 entered promiscuous mode [ 140.610666][ T6628] device hsr_slave_1 entered promiscuous mode [ 140.670336][ T6628] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 140.711498][ T6628] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 140.761353][ T6628] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 140.811406][ T6628] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 140.855250][ T6628] bridge0: port 2(bridge_slave_1) entered blocking state [ 140.862316][ T6628] bridge0: port 2(bridge_slave_1) entered forwarding state [ 140.869517][ T6628] bridge0: port 1(bridge_slave_0) entered blocking state [ 140.876557][ T6628] bridge0: port 1(bridge_slave_0) entered forwarding state [ 140.893234][ T6628] 8021q: adding VLAN 0 to HW filter on device bond0 [ 140.901862][ T3073] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 140.909400][ T3073] bridge0: port 1(bridge_slave_0) entered disabled state [ 140.917687][ T3073] bridge0: port 2(bridge_slave_1) entered disabled state [ 140.925350][ T3073] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 140.934498][ T6628] 8021q: adding VLAN 0 to HW filter on device team0 [ 140.942665][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 140.950896][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 140.957907][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 140.966445][ T3073] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 140.975126][ T3073] bridge0: port 2(bridge_slave_1) entered blocking state [ 140.982893][ T3073] bridge0: port 2(bridge_slave_1) entered forwarding state [ 140.993707][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 141.001805][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 141.010186][ T3073] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 141.020753][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 141.028714][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 141.037917][ T6628] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 141.048051][ T3073] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 141.055611][ T3073] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 141.064640][ T6628] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 141.074973][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 141.087707][ T3073] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 141.095976][ T3073] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 141.103742][ T3073] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 141.112403][ T6628] device veth0_vlan entered promiscuous mode [ 141.120263][ T6628] device veth1_vlan entered promiscuous mode [ 141.130576][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 141.138197][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 141.146283][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 141.155435][ T6628] device veth0_macvtap entered promiscuous mode [ 141.162963][ T6628] device veth1_macvtap entered promiscuous mode [ 141.172893][ T6628] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 141.180146][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 141.188853][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 141.197898][ T6628] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 141.205509][ T3073] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 2020/04/23 13:35:00 executed programs: 1 [ 150.450296][ T0] NOHZ: local_softirq_pending 08 2020/04/23 13:35:05 executed programs: 3 2020/04/23 13:35:11 executed programs: 5 [ 159.803844][ T6869] kmemleak: 5 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff888110b652c0 (size 2200): comm "syz-executor.0", pid 6862, jiffies 4294952551 (age 13.780s) hex dump (first 32 bytes): ac 14 14 bb ac 14 14 0a b5 68 a8 41 40 01 00 00 .........h.A@... 02 00 07 40 00 00 00 00 00 00 00 00 00 00 00 00 ...@............ backtrace: [<0000000002e39df6>] sk_prot_alloc+0x3c/0x170 [<00000000cf0594f8>] sk_alloc+0x30/0x330 [<000000004fe3f2e8>] inet_create+0x119/0x450 [<0000000096770c28>] __sock_create+0x14a/0x220 [<000000009c9cb81a>] __sys_socket+0x60/0x110 [<00000000772dd2d0>] __x64_sys_socket+0x1a/0x20 [<0000000026472d4a>] do_syscall_64+0x6e/0x220 [<00000000f51ee0f2>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff888115778a80 (size 32): comm "syz-executor.0", pid 6862, jiffies 4294952551 (age 13.780s) hex dump (first 32 bytes): 02 00 00 00 00 00 00 00 00 af 91 10 81 88 ff ff ................ 01 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 ................ backtrace: [<0000000082039da5>] selinux_sk_alloc_security+0x43/0xa0 [<00000000ca81b640>] security_sk_alloc+0x42/0x70 [<000000009072798a>] sk_prot_alloc+0x9c/0x170 [<00000000cf0594f8>] sk_alloc+0x30/0x330 [<000000004fe3f2e8>] inet_create+0x119/0x450 [<0000000096770c28>] __sock_create+0x14a/0x220 [<000000009c9cb81a>] __sys_socket+0x60/0x110 [<00000000772dd2d0>] __x64_sys_socket+0x1a/0x20 [<0000000026472d4a>] do_syscall_64+0x6e/0x220 [<00000000f51ee0f2>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff88811091af00 (size 64): comm "syz-executor.0", pid 6862, jiffies 4294952551 (age 13.780s) hex dump (first 32 bytes): 15 00 00 01 00 00 00 00 a0 8a 77 15 81 88 ff ff ..........w..... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000ce286181>] selinux_netlbl_sock_genattr+0x48/0x180 [<0000000044305b3d>] selinux_netlbl_socket_post_create+0x41/0xb0 [<00000000e0c06d20>] selinux_socket_post_create+0x182/0x390 [<0000000082aa1a03>] security_socket_post_create+0x54/0x80 [<00000000fb0f5f58>] __sock_create+0x1cc/0x220 [<000000009c9cb81a>] __sys_socket+0x60/0x110 [<00000000772dd2d0>] __x64_sys_socket+0x1a/0x20 [<0000000026472d4a>] do_syscall_64+0x6e/0x220 [<00000000f51ee0f2>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff888115778aa0 (size 32): comm "syz-executor.0", pid 6862, jiffies 4294952551 (age 13.780s) hex dump (first 32 bytes): 6b 65 72 6e 65 6c 5f 74 00 73 79 73 74 65 6d 5f kernel_t.system_ 72 3a 6b 65 72 6e 65 6c 5f 74 3a 73 30 00 00 00 r:kernel_t:s0... backtrace: [<0000000079161059>] kstrdup+0x36/0x70 [<000000003ac48af0>] security_netlbl_sid_to_secattr+0x97/0x100 [<000000006676f292>] selinux_netlbl_sock_genattr+0x67/0x180 [<0000000044305b3d>] selinux_netlbl_socket_post_create+0x41/0xb0 [<00000000e0c06d20>] selinux_socket_post_create+0x182/0x390 [<0000000082aa1a03>] security_socket_post_create+0x54/0x80 [<00000000fb0f5f58>] __sock_create+0x1cc/0x220 [<000000009c9cb81a>] __sys_socket+0x60/0x110 [<00000000772dd2d0>] __x64_sys_socket+0x1a/0x20 [<0000000026472d4a>] do_syscall_64+0x6e/0x220 [<00000000f51ee0f2>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff888110aa5600 (size 512): comm "syz-executor.0", pid 6862, jiffies 4294952551 (age 13.780s) hex dump (first 32 bytes): c0 52 b6 10 81 88 ff ff 00 00 00 00 00 00 00 00 .R.............. 00 00 00 00 00 00 00 00 03 00 00 00 00 00 00 00 ................ backtrace: [<00000000b4886027>] sk_psock_init+0x2a/0x180 [<0000000038c4f3ed>] sock_map_link.isra.0+0x469/0x4f0 [<0000000070aec5f8>] sock_map_update_common+0xa1/0x3c0 [<00000000aca782af>] sock_map_update_elem+0x1e9/0x220 [<0000000098c678e5>] bpf_map_update_value.isra.0+0x141/0x2f0 [<0000000029892ba4>] __do_sys_bpf+0x16bf/0x1f00 [<0000000026472d4a>] do_syscall_64+0x6e/0x220 [<00000000f51ee0f2>] entry_SYSCALL_64_after_hwframe+0x44/0xa9