[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.62' (ECDSA) to the list of known hosts. 2020/08/09 00:29:27 parsed 1 programs syzkaller login: [ 159.813813][ T3668] kmemleak: Automatic memory scanning thread ended 2020/08/09 00:29:34 executed programs: 0 [ 167.018171][ T24] audit: type=1400 audit(1596932974.617:8): avc: denied { execmem } for pid=6443 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 167.026694][ T6444] IPVS: ftp: loaded support on port[0] = 21 [ 167.067363][ T6444] chnl_net:caif_netlink_parms(): no params data found [ 167.140014][ T6444] bridge0: port 1(bridge_slave_0) entered blocking state [ 167.147247][ T6444] bridge0: port 1(bridge_slave_0) entered disabled state [ 167.154815][ T6444] device bridge_slave_0 entered promiscuous mode [ 167.161905][ T6444] bridge0: port 2(bridge_slave_1) entered blocking state [ 167.170234][ T6444] bridge0: port 2(bridge_slave_1) entered disabled state [ 167.177989][ T6444] device bridge_slave_1 entered promiscuous mode [ 167.188103][ T6444] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 167.197797][ T6444] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 167.210473][ T6444] team0: Port device team_slave_0 added [ 167.216723][ T6444] team0: Port device team_slave_1 added [ 167.225814][ T6444] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 167.233836][ T6444] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 167.260397][ T6444] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 167.271555][ T6444] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 167.278592][ T6444] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 167.304600][ T6444] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 167.319807][ T6444] device hsr_slave_0 entered promiscuous mode [ 167.326134][ T6444] device hsr_slave_1 entered promiscuous mode [ 167.354636][ T6444] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 167.362376][ T6444] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 167.369949][ T6444] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 167.377574][ T6444] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 167.389671][ T6444] bridge0: port 2(bridge_slave_1) entered blocking state [ 167.397530][ T6444] bridge0: port 2(bridge_slave_1) entered forwarding state [ 167.404787][ T6444] bridge0: port 1(bridge_slave_0) entered blocking state [ 167.411862][ T6444] bridge0: port 1(bridge_slave_0) entered forwarding state [ 167.429914][ T6444] 8021q: adding VLAN 0 to HW filter on device bond0 [ 167.438628][ T3437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 167.446944][ T3437] bridge0: port 1(bridge_slave_0) entered disabled state [ 167.454367][ T3437] bridge0: port 2(bridge_slave_1) entered disabled state [ 167.461913][ T3437] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 167.471307][ T6444] 8021q: adding VLAN 0 to HW filter on device team0 [ 167.479227][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 167.487645][ T44] bridge0: port 1(bridge_slave_0) entered blocking state [ 167.494669][ T44] bridge0: port 1(bridge_slave_0) entered forwarding state [ 167.509853][ T6444] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 167.520561][ T6444] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 167.532138][ T6073] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 167.540819][ T6073] bridge0: port 2(bridge_slave_1) entered blocking state [ 167.547998][ T6073] bridge0: port 2(bridge_slave_1) entered forwarding state [ 167.555924][ T6073] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 167.565062][ T6073] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 167.573242][ T6073] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 167.581597][ T6073] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 167.593754][ T6444] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 167.601150][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 167.608645][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 167.616263][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 167.623513][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 167.634908][ T4438] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 167.646718][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 167.654798][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 167.662567][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 167.671061][ T6444] device veth0_vlan entered promiscuous mode [ 167.678938][ T6444] device veth1_vlan entered promiscuous mode [ 167.689782][ T3437] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 167.697737][ T3437] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 167.705707][ T3437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 167.714869][ T6444] device veth0_macvtap entered promiscuous mode [ 167.722365][ T6444] device veth1_macvtap entered promiscuous mode [ 167.732470][ T6444] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 167.740066][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 167.748614][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 167.757851][ T6444] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 167.765096][ T3437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 167.774289][ T6444] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 167.783026][ T6444] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 167.791961][ T6444] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 167.800763][ T6444] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 170.935356][ T44] Bluetooth: hci0: command 0x0409 tx timeout [ 173.015485][ T44] Bluetooth: hci0: command 0x041b tx timeout 2020/08/09 00:29:41 executed programs: 1 [ 175.095323][ T44] Bluetooth: hci0: command 0x040f tx timeout [ 177.175364][ T3437] Bluetooth: hci0: command 0x0419 tx timeout 2020/08/09 00:29:47 executed programs: 3 [ 180.792359][ T6711] kmemleak: 6 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 187.060403][ T6711] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff88811310ea80 (size 96): comm "syz-executor.0", pid 6688, jiffies 4294954707 (age 12.810s) hex dump (first 32 bytes): 01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 30 e0 00 00 c9 ff ff .........0...... backtrace: [<0000000073bb6e7d>] do_seccomp+0x2ec/0xd40 [<00000000658618a4>] do_syscall_64+0x2d/0x70 [<00000000b8258e4d>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffffc90000e03000 (size 4096): comm "syz-executor.0", pid 6688, jiffies 4294954707 (age 12.810s) hex dump (first 32 bytes): 01 00 03 00 00 00 00 00 00 00 00 00 05 00 00 00 ................ 2d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -............... backtrace: [<000000003b6a39af>] __vmalloc_node_range+0x2e1/0x3c0 [<00000000eee59e12>] __vmalloc+0x49/0x50 [<000000006e13ac2a>] bpf_prog_alloc_no_stats+0x32/0x100 [<00000000cff3572c>] bpf_prog_alloc+0x1c/0xb0 [<000000003222ffa9>] bpf_prog_create_from_user+0x5f/0x2a0 [<00000000baa576ae>] do_seccomp+0x32e/0xd40 [<00000000658618a4>] do_syscall_64+0x2d/0x70 [<00000000b8258e4d>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff888113bc1c00 (size 1024): comm "syz-executor.0", pid 6688, jiffies 4294954707 (age 12.810s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<000000000466b245>] bpf_prog_alloc_no_stats+0x73/0x100 [<00000000cff3572c>] bpf_prog_alloc+0x1c/0xb0 [<000000003222ffa9>] bpf_prog_create_from_user+0x5f/0x2a0 [<00000000baa576ae>] do_seccomp+0x32e/0xd40 [<00000000658618a4>] do_syscall_64+0x2d/0x70 [<00000000b8258e4d>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881154cb860 (size 32): comm "syz-executor.0", pid 6688, jiffies 4294954707 (age 12.810s) hex dump (first 32 bytes): 01 00 73 74 65 6d 64 2d 00 5c d6 19 81 88 ff ff ..stemd-.\...... 65 72 76 69 63 65 00 00 00 00 00 00 00 00 00 00 ervice.......... backtrace: [<00000000561d65d4>] bpf_prog_store_orig_filter+0x33/0xa0 [<000000005d9b7cd2>] bpf_prog_create_from_user+0xda/0x2a0 [<00000000baa576ae>] do_seccomp+0x32e/0xd40 [<00000000658618a4>] do_syscall_64+0x2d/0x70 [<00000000b8258e4d>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff888119d65c00 (size 32): comm "syz-executor.0", pid 6688, jiffies 4294954707 (age 12.810s) hex dump (first 32 bytes): 06 00 00 00 fb ff ff 7f 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000ad603142>] kmemdup+0x23/0x50 [<0000000001d3eabf>] bpf_prog_store_orig_filter+0x5e/0xa0 [<000000005d9b7cd2>] bpf_prog_create_from_user+0xda/0x2a0 [<00000000baa576ae>] do_seccomp+0x32e/0xd40 [<00000000658618a4>] do_syscall_64+0x2d/0x70 [<00000000b8258e4d>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881131ecb00 (size 96): comm "syz-executor.0", pid 6688, jiffies 4294954707 (age 12.810s) hex dump (first 32 bytes): 01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 ................ 80 ea 10 13 81 88 ff ff 00 b0 d8 00 00 c9 ff ff ................ backtrace: [<0000000073bb6e7d>] do_seccomp+0x2ec/0xd40 [<00000000658618a4>] do_syscall_64+0x2d/0x70 [<00000000b8258e4d>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff88811310e400 (size 96): comm "syz-executor.0", pid 6702, jiffies 4294955242 (age 7.460s) hex dump (first 32 bytes): 01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 50 e1 00 00 c9 ff ff .........P...... backtrace: [<0000000073bb6e7d>] do_seccomp+0x2ec/0xd40 [<00000000658618a4>] do_syscall_64+0x2d/0x70 [<00000000b8258e4d>] entry_SYSCALL_64_after_hwframe+0x44/0xa9