[ 35.965919] audit: type=1800 audit(1549752502.198:27): pid=7507 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[ 35.992933] audit: type=1800 audit(1549752502.208:28): pid=7507 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[ 36.513071] audit: type=1800 audit(1549752502.818:29): pid=7507 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[ 36.540003] audit: type=1800 audit(1549752502.828:30): pid=7507 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.0.214' (ECDSA) to the list of known hosts.
2019/02/09 22:49:45 parsed 1 programs
2019/02/09 22:49:47 executed programs: 0
syzkaller login: [ 121.141070] IPVS: ftp: loaded support on port[0] = 21
[ 121.151631] IPVS: ftp: loaded support on port[0] = 21
[ 121.152135] IPVS: ftp: loaded support on port[0] = 21
[ 121.176987] IPVS: ftp: loaded support on port[0] = 21
[ 121.182398] IPVS: ftp: loaded support on port[0] = 21
[ 121.196696] IPVS: ftp: loaded support on port[0] = 21
[ 121.569136] chnl_net:caif_netlink_parms(): no params data found
[ 121.586107] chnl_net:caif_netlink_parms(): no params data found
[ 121.613641] chnl_net:caif_netlink_parms(): no params data found
[ 121.622111] chnl_net:caif_netlink_parms(): no params data found
[ 121.653226] chnl_net:caif_netlink_parms(): no params data found
[ 121.812200] bridge0: port 1(bridge_slave_0) entered blocking state
[ 121.819260] bridge0: port 1(bridge_slave_0) entered disabled state
[ 121.826868] device bridge_slave_0 entered promiscuous mode
[ 121.837633] bridge0: port 1(bridge_slave_0) entered blocking state
[ 121.843984] bridge0: port 1(bridge_slave_0) entered disabled state
[ 121.851063] device bridge_slave_0 entered promiscuous mode
[ 121.863606] bridge0: port 2(bridge_slave_1) entered blocking state
[ 121.870066] bridge0: port 2(bridge_slave_1) entered disabled state
[ 121.877209] device bridge_slave_1 entered promiscuous mode
[ 121.883440] chnl_net:caif_netlink_parms(): no params data found
[ 121.897315] bridge0: port 1(bridge_slave_0) entered blocking state
[ 121.903663] bridge0: port 1(bridge_slave_0) entered disabled state
[ 121.911638] device bridge_slave_0 entered promiscuous mode
[ 121.918279] bridge0: port 2(bridge_slave_1) entered blocking state
[ 121.924868] bridge0: port 2(bridge_slave_1) entered disabled state
[ 121.931753] device bridge_slave_1 entered promiscuous mode
[ 121.938130] bridge0: port 1(bridge_slave_0) entered blocking state
[ 121.944586] bridge0: port 1(bridge_slave_0) entered disabled state
[ 121.951627] device bridge_slave_0 entered promiscuous mode
[ 121.977058] bridge0: port 2(bridge_slave_1) entered blocking state
[ 121.983409] bridge0: port 2(bridge_slave_1) entered disabled state
[ 121.990425] device bridge_slave_1 entered promiscuous mode
[ 122.001790] bridge0: port 2(bridge_slave_1) entered blocking state
[ 122.008227] bridge0: port 2(bridge_slave_1) entered disabled state
[ 122.015655] device bridge_slave_1 entered promiscuous mode
[ 122.062038] bridge0: port 1(bridge_slave_0) entered blocking state
[ 122.068542] bridge0: port 1(bridge_slave_0) entered disabled state
[ 122.076060] device bridge_slave_0 entered promiscuous mode
[ 122.084521] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 122.092121] bridge0: port 2(bridge_slave_1) entered blocking state
[ 122.098527] bridge0: port 2(bridge_slave_1) entered disabled state
[ 122.105910] device bridge_slave_1 entered promiscuous mode
[ 122.132575] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 122.147046] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 122.158537] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 122.172161] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 122.180621] bridge0: port 1(bridge_slave_0) entered blocking state
[ 122.187210] bridge0: port 1(bridge_slave_0) entered disabled state
[ 122.194099] device bridge_slave_0 entered promiscuous mode
[ 122.203093] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 122.212104] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 122.248899] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 122.256593] bridge0: port 2(bridge_slave_1) entered blocking state
[ 122.262924] bridge0: port 2(bridge_slave_1) entered disabled state
[ 122.270154] device bridge_slave_1 entered promiscuous mode
[ 122.303282] team0: Port device team_slave_0 added
[ 122.310063] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 122.329938] team0: Port device team_slave_0 added
[ 122.336657] team0: Port device team_slave_1 added
[ 122.343265] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 122.351871] team0: Port device team_slave_1 added
[ 122.359268] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 122.381071] team0: Port device team_slave_0 added
[ 122.394535] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 122.408029] team0: Port device team_slave_0 added
[ 122.425115] team0: Port device team_slave_1 added
[ 122.431085] team0: Port device team_slave_0 added
[ 122.486721] device hsr_slave_0 entered promiscuous mode
[ 122.544797] device hsr_slave_1 entered promiscuous mode
[ 122.615541] team0: Port device team_slave_1 added
[ 122.621820] team0: Port device team_slave_0 added
[ 122.628196] team0: Port device team_slave_1 added
[ 122.638360] team0: Port device team_slave_1 added
[ 122.706150] device hsr_slave_0 entered promiscuous mode
[ 122.744694] device hsr_slave_1 entered promiscuous mode
[ 122.866462] device hsr_slave_0 entered promiscuous mode
[ 122.914649] device hsr_slave_1 entered promiscuous mode
[ 123.026151] device hsr_slave_0 entered promiscuous mode
[ 123.064667] device hsr_slave_1 entered promiscuous mode
[ 123.147440] device hsr_slave_0 entered promiscuous mode
[ 123.194674] device hsr_slave_1 entered promiscuous mode
[ 123.286293] device hsr_slave_0 entered promiscuous mode
[ 123.334732] device hsr_slave_1 entered promiscuous mode
[ 123.557800] 8021q: adding VLAN 0 to HW filter on device bond0
[ 123.571422] 8021q: adding VLAN 0 to HW filter on device bond0
[ 123.588167] 8021q: adding VLAN 0 to HW filter on device bond0
[ 123.618889] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 123.637080] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 123.643905] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 123.651029] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 123.660448] 8021q: adding VLAN 0 to HW filter on device team0
[ 123.681286] 8021q: adding VLAN 0 to HW filter on device bond0
[ 123.692624] 8021q: adding VLAN 0 to HW filter on device team0
[ 123.715812] 8021q: adding VLAN 0 to HW filter on device bond0
[ 123.724645] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 123.732044] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 123.742154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 123.750179] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 123.757995] bridge0: port 1(bridge_slave_0) entered blocking state
[ 123.764427] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 123.771869] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 123.784992] 8021q: adding VLAN 0 to HW filter on device team0
[ 123.791120] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 123.799153] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 123.806947] bridge0: port 1(bridge_slave_0) entered blocking state
[ 123.813266] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 123.820275] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 123.828129] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 123.835757] bridge0: port 2(bridge_slave_1) entered blocking state
[ 123.842096] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 123.850510] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 123.857729] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 123.864793] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 123.877115] 8021q: adding VLAN 0 to HW filter on device bond0
[ 123.898883] 8021q: adding VLAN 0 to HW filter on device team0
[ 123.912827] 8021q: adding VLAN 0 to HW filter on device team0
[ 123.925427] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 123.933381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 123.943136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 123.951072] bridge0: port 1(bridge_slave_0) entered blocking state
[ 123.957456] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 123.964286] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 123.973515] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 123.981271] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 123.988994] bridge0: port 2(bridge_slave_1) entered blocking state
[ 123.995366] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 124.002190] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 124.010143] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 124.017757] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 124.024888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 124.031668] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 124.039691] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 124.047340] bridge0: port 2(bridge_slave_1) entered blocking state
[ 124.053662] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 124.060956] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 124.068837] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 124.080648] 8021q: adding VLAN 0 to HW filter on device team0
[ 124.088961] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 124.096255] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 124.127467] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 124.139265] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 124.147393] bridge0: port 1(bridge_slave_0) entered blocking state
[ 124.153831] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 124.160849] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 124.168699] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 124.176386] bridge0: port 2(bridge_slave_1) entered blocking state
[ 124.182712] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 124.189722] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 124.197529] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 124.205516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 124.214257] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 124.221922] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 124.229689] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 124.237460] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 124.245510] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 124.252646] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 124.291877] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 124.300111] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 124.310312] bridge0: port 1(bridge_slave_0) entered blocking state
[ 124.316696] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 124.323897] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 124.331995] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 124.340019] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 124.347917] bridge0: port 2(bridge_slave_1) entered blocking state
[ 124.354248] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 124.361139] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 124.369350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 124.377535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 124.385282] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 124.392750] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 124.400818] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 124.408693] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 124.416483] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 124.424260] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 124.432063] bridge0: port 1(bridge_slave_0) entered blocking state
[ 124.438487] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 124.445500] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 124.453140] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 124.461351] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 124.469062] bridge0: port 2(bridge_slave_1) entered blocking state
[ 124.475459] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 124.482177] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 124.489988] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 124.497723] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 124.505748] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 124.513150] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 124.520785] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 124.529131] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 124.536544] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 124.543699] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 124.567411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 124.575530] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 124.583081] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 124.591570] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 124.599266] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 124.607320] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 124.615472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 124.622906] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 124.630458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 124.637920] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 124.645452] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 124.653074] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 124.660864] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 124.668027] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 124.681169] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 124.689140] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 124.697064] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 124.704946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 124.724245] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 124.734210] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 124.757883] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 124.780653] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 124.788957] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 124.797137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 124.805085] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 124.812567] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 124.820336] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 124.828415] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 124.836087] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 124.843415] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 124.850946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 124.858453] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 124.865602] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 124.883153] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 124.900202] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 124.908619] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 124.917593] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 124.925674] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 124.941430] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 124.951501] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 124.968529] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 124.981603] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 124.989052] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 124.998575] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 125.006664] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 125.014070] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 125.022631] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 125.035629] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 125.062621] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 125.103418] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 125.112792] 8021q: adding VLAN 0 to HW filter on device batadv0
2019/02/09 22:49:52 executed programs: 44
2019/02/09 22:49:57 executed programs: 289
2019/02/09 22:50:02 executed programs: 536
2019/02/09 22:50:07 executed programs: 787
2019/02/09 22:50:12 executed programs: 1027
2019/02/09 22:50:17 executed programs: 1270
2019/02/09 22:50:22 executed programs: 1508
2019/02/09 22:50:27 executed programs: 1747
2019/02/09 22:50:32 executed programs: 1983
2019/02/09 22:50:37 executed programs: 2210
2019/02/09 22:50:42 executed programs: 2455
2019/02/09 22:50:47 executed programs: 2693
2019/02/09 22:50:52 executed programs: 2917
2019/02/09 22:50:57 executed programs: 3144
2019/02/09 22:51:02 executed programs: 3369
2019/02/09 22:51:07 executed programs: 3595
2019/02/09 22:51:12 executed programs: 3831
2019/02/09 22:51:17 executed programs: 4058
2019/02/09 22:51:22 executed programs: 4274
2019/02/09 22:51:27 executed programs: 4489
2019/02/09 22:51:32 executed programs: 4704
2019/02/09 22:51:37 executed programs: 4915
2019/02/09 22:51:42 executed programs: 5140
2019/02/09 22:51:47 executed programs: 5366
2019/02/09 22:51:52 executed programs: 5572
2019/02/09 22:51:57 executed programs: 5774
2019/02/09 22:52:03 executed programs: 5981
2019/02/09 22:52:08 executed programs: 6188
2019/02/09 22:52:13 executed programs: 6413
2019/02/09 22:52:18 executed programs: 6631
2019/02/09 22:52:23 executed programs: 6841
2019/02/09 22:52:28 executed programs: 7046
2019/02/09 22:52:33 executed programs: 7240
2019/02/09 22:52:38 executed programs: 7434
2019/02/09 22:52:43 executed programs: 7653
2019/02/09 22:52:48 executed programs: 7868
2019/02/09 22:52:53 executed programs: 8068
2019/02/09 22:52:58 executed programs: 8259
2019/02/09 22:53:03 executed programs: 8454
[ 320.204661] ==================================================================
[ 320.212343] BUG: KASAN: use-after-free in ccid_hc_tx_delete+0xde/0x100
[ 320.219066] Read of size 8 at addr ffff888094f35a00 by task syz-executor.5/10701
[ 320.226615]
[ 320.228271] CPU: 0 PID: 10701 Comm: syz-executor.5 Not tainted 5.0.0-rc5+ #65
[ 320.235566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 320.244974] Call Trace:
[ 320.247560]
[ 320.249785] dump_stack+0x172/0x1f0
[ 320.253421] ? ccid_hc_tx_delete+0xde/0x100
[ 320.258264] print_address_description.cold+0x7c/0x20d
[ 320.263550] ? ccid_hc_tx_delete+0xde/0x100
[ 320.267875] ? ccid_hc_tx_delete+0xde/0x100
[ 320.272221] kasan_report.cold+0x1b/0x40
[ 320.276293] ? ccid_hc_tx_delete+0xde/0x100
[ 320.280643] __asan_report_load8_noabort+0x14/0x20
[ 320.285575] ccid_hc_tx_delete+0xde/0x100
[ 320.289732] dccp_sk_destruct+0x3f/0x90
[ 320.293713] ? dccp_init_sock+0x3f0/0x3f0
[ 320.298039] __sk_destruct+0x55/0x6d0
[ 320.301871] ? sock_no_getname+0x10/0x10
[ 320.306008] rcu_process_callbacks+0x928/0x1390
[ 320.310694] ? rcu_check_gp_start_stall+0x240/0x240
[ 320.315755] ? rcu_lockdep_current_cpu_online+0xe3/0x130
[ 320.321218] __do_softirq+0x266/0x95a
[ 320.325084] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 320.330628] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 320.336213] irq_exit+0x180/0x1d0
[ 320.339681] smp_apic_timer_interrupt+0x14a/0x570
[ 320.344529] apic_timer_interrupt+0xf/0x20
[ 320.348769]
[ 320.351048] RIP: 0010:unwind_next_frame.part.0+0x26/0x9a0
[ 320.356592] Code: 12 00 66 90 55 4c 8d 4f 50 48 b8 00 00 00 00 00 fc ff df 48 89 e5 41 57 41 56 41 55 41 54 4c 8d a5 78 ff ff ff 49 c1 ec 03 53 <48> 89 fb 49 8d 14 04 48 81 ec 88 00 00 00 48 c7 85 78 ff ff ff b3
[ 320.375500] RSP: 0018:ffff88809782f740 EFLAGS: 00000a02 ORIG_RAX: ffffffffffffff13
[ 320.383217] RAX: dffffc0000000000 RBX: ffff88809782f830 RCX: 0000000000000008
[ 320.390485] RDX: 0000000000000001 RSI: ffffffff866fc17b RDI: ffff88809782f790
[ 320.397787] RBP: ffff88809782f768 R08: 0000000000000001 R09: ffff88809782f7e0
[ 320.405067] R10: ffff88809782f7b8 R11: ffff88809782f7c8 R12: 1ffff11012f05edc
[ 320.412340] R13: 0000000000000000 R14: ffff8880a46800c0 R15: ffff88812c3f01c0
[ 320.419628] ? dccp_feat_init+0x16b/0x310
[ 320.423789] unwind_next_frame+0x3b/0x50
[ 320.427877] __save_stack_trace+0x7a/0xf0
[ 320.432050] ? dccp_feat_init+0x16b/0x310
[ 320.436206] save_stack_trace+0x1a/0x20
[ 320.440188] save_stack+0x45/0xd0
[ 320.443650] ? save_stack+0x45/0xd0
[ 320.447281] ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 320.452403] ? kasan_kmalloc+0x9/0x10
[ 320.456219] ? __kmalloc_track_caller+0x158/0x740
[ 320.461125] ? kmemdup+0x27/0x60
[ 320.464499] ? dccp_feat_clone_sp_val.part.0+0x5d/0xe0
[ 320.469781] ? __feat_register_sp+0x1df/0x330
[ 320.474277] ? dccp_feat_init+0x16b/0x310
[ 320.478443] ? dccp_init_sock+0x320/0x3f0
[ 320.478497] ? dccp_v6_init_sock+0x20/0xa0
[ 320.478549] ? inet6_create+0x9cd/0xf90
[ 320.487063] ? __sock_create+0x3e6/0x750
[ 320.487076] ? __sys_socket+0x103/0x220
[ 320.487089] ? __x64_sys_socket+0x73/0xb0
[ 320.487118] ? do_syscall_64+0x103/0x610
[ 320.487132] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 320.487181] ? mark_held_locks+0x100/0x100
[ 320.495204] ? fs_reclaim_acquire+0x20/0x20
[ 320.495219] ? fs_reclaim_acquire+0x20/0x20
[ 320.495248] ? find_held_lock+0x35/0x130
[ 320.495276] ? fs_reclaim_acquire+0x20/0x20
[ 320.495289] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 320.495353] ? should_fail+0x14d/0x85c
[ 320.503414] ? lock_downgrade+0x810/0x810
[ 320.503431] ? kasan_unpoison_shadow+0x35/0x50
[ 320.503447] __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 320.503464] kasan_kmalloc+0x9/0x10
[ 320.512870] __kmalloc_track_caller+0x158/0x740
[ 320.512890] ? dccp_feat_clone_sp_val.part.0+0x5d/0xe0
[ 320.512936] kmemdup+0x27/0x60
[ 320.512967] dccp_feat_clone_sp_val.part.0+0x5d/0xe0
[ 320.512983] __feat_register_sp+0x1df/0x330
[ 320.521520] ? dccp_feat_clone_sp_val.part.0+0xe0/0xe0
[ 320.521536] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 320.521582] ? check_preemption_disabled+0x48/0x290
[ 320.521600] dccp_feat_init+0x16b/0x310
[ 320.529973] ? dccp_feat_parse_options+0x1bc0/0x1bc0
[ 320.529987] ? dccp_timestamp+0x21/0x50
[ 320.530033] ? init_timer_key+0x122/0x370
[ 320.530049] ? dccp_init_xmit_timers+0x6a/0x6a
[ 320.539883] ? dccp_init_xmit_timers+0x6a/0x6a
[ 320.539897] ? dccp_timestamp+0x50/0x50
[ 320.539954] ? dccp_write_xmit_timer+0x20/0x20
[ 320.540016] ? inet_csk_init_xmit_timers+0x79/0xf0
[ 320.540034] dccp_init_sock+0x320/0x3f0
[ 320.548086] dccp_v6_init_sock+0x20/0xa0
[ 320.548097] ? dccp_v6_init_net+0x80/0x80
[ 320.548110] inet6_create+0x9cd/0xf90
[ 320.548131] __sock_create+0x3e6/0x750
[ 320.548151] __sys_socket+0x103/0x220
[ 320.548166] ? move_addr_to_kernel+0x80/0x80
[ 320.548196] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 320.557680] ? do_syscall_64+0x26/0x610
[ 320.557694] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 320.557707] ? do_syscall_64+0x26/0x610
[ 320.557725] __x64_sys_socket+0x73/0xb0
[ 320.557755] do_syscall_64+0x103/0x610
[ 320.557771] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 320.566040] RIP: 0033:0x457e39
[ 320.566056] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 320.566064] RSP: 002b:00007feb3fe92c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 320.566077] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39
[ 320.566085] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 000000000000000a
[ 320.566094] RBP: 000000000073c040 R08: 0000000000000000 R09: 0000000000000000
[ 320.566102] R10: 0000000000000000 R11: 0000000000000246 R12: 00007feb3fe936d4
[ 320.566111] R13: 00000000004c6188 R14: 00000000004db320 R15: 00000000ffffffff
[ 320.566132]
[ 320.659375] Allocated by task 10683:
[ 320.667572] save_stack+0x45/0xd0
[ 320.667586] __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 320.667598] kasan_slab_alloc+0xf/0x20
[ 320.667609] kmem_cache_alloc+0x12d/0x710
[ 320.667623] ccid_new+0x256/0x3f0
[ 320.789804] dccp_hdlr_ccid+0x27/0x150
[ 320.793675] __dccp_feat_activate+0x17a/0x270
[ 320.798154] dccp_feat_activate_values+0x33a/0x766
[ 320.803067] dccp_rcv_state_process+0x116f/0x1931
[ 320.807890] dccp_v6_do_rcv+0x269/0xbf0
[ 320.811856] __release_sock+0x12e/0x3a0
[ 320.815811] release_sock+0x59/0x1c0
[ 320.819545] __inet_stream_connect+0x59f/0xea0
[ 320.824113] inet_stream_connect+0x58/0xa0
[ 320.828331] __sys_connect+0x266/0x330
[ 320.832206] __x64_sys_connect+0x73/0xb0
[ 320.836273] do_syscall_64+0x103/0x610
[ 320.840147] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 320.845332]
[ 320.846948] Freed by task 10691:
[ 320.850298] save_stack+0x45/0xd0
[ 320.853735] __kasan_slab_free+0x102/0x150
[ 320.857951] kasan_slab_free+0xe/0x10
[ 320.861733] kmem_cache_free+0x86/0x260
[ 320.865701] ccid_hc_tx_delete+0xc1/0x100
[ 320.869830] dccp_hdlr_ccid+0x7d/0x150
[ 320.873708] __dccp_feat_activate+0x17a/0x270
[ 320.878214] dccp_feat_activate_values+0x33a/0x766
[ 320.883127] dccp_create_openreq_child+0x40c/0x570
[ 320.888040] dccp_v6_request_recv_sock+0x214/0x1da0
[ 320.893058] dccp_check_req+0x35c/0x6f0
[ 320.897015] dccp_v6_rcv+0x6d7/0x191e
[ 320.900801] ip6_protocol_deliver_rcu+0x303/0x16c0
[ 320.905710] ip6_input_finish+0x84/0x170
[ 320.909752] ip6_input+0xe4/0x3f0
[ 320.913187] ip6_rcv_finish+0x1e7/0x320
[ 320.917156] ipv6_rcv+0x10e/0x420
[ 320.920623] __netif_receive_skb_one_core+0x115/0x1a0
[ 320.925796] __netif_receive_skb+0x2c/0x1c0
[ 320.930113] process_backlog+0x206/0x750
[ 320.934157] net_rx_action+0x4fa/0x1070
[ 320.938115] __do_softirq+0x266/0x95a
[ 320.941891]
[ 320.943510] The buggy address belongs to the object at ffff888094f35a00
[ 320.943510] which belongs to the cache ccid2_hc_tx_sock of size 1240
[ 320.956669] The buggy address is located 0 bytes inside of
[ 320.956669] 1240-byte region [ffff888094f35a00, ffff888094f35ed8)
[ 320.968453] The buggy address belongs to the page:
[ 320.973364] page:ffffea000253cd00 count:1 mapcount:0 mapping:ffff88821669d180 index:0x0 compound_mapcount: 0
[ 320.983337] flags: 0x1fffc0000010200(slab|head)
[ 320.988011] raw: 01fffc0000010200 ffffea00024ed088 ffffea00029e4408 ffff88821669d180
[ 320.995879] raw: 0000000000000000 ffff888094f34400 0000000100000005 0000000000000000
[ 321.003735] page dumped because: kasan: bad access detected
[ 321.009419]
[ 321.011036] Memory state around the buggy address:
[ 321.015950] ffff888094f35900: fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc
[ 321.023292] ffff888094f35980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 321.030634] >ffff888094f35a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 321.037970] ^
[ 321.041321] ffff888094f35a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 321.048664] ffff888094f35b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 321.056001] ==================================================================
[ 321.063337] Disabling lock debugging due to kernel taint
[ 321.068832] Kernel panic - not syncing: panic_on_warn set ...
[ 321.074731] CPU: 0 PID: 10701 Comm: syz-executor.5 Tainted: G B 5.0.0-rc5+ #65
[ 321.083385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 321.092734] Call Trace:
[ 321.095317]
[ 321.097491] dump_stack+0x172/0x1f0
[ 321.101154] panic+0x2cb/0x65c
[ 321.104343] ? __warn_printk+0xf3/0xf3
[ 321.108215] ? retint_kernel+0x2d/0x2d
[ 321.112108] ? trace_hardirqs_on+0x5e/0x230
[ 321.116414] ? ccid_hc_tx_delete+0xde/0x100
[ 321.120726] end_report+0x47/0x4f
[ 321.124163] ? ccid_hc_tx_delete+0xde/0x100
[ 321.128581] kasan_report.cold+0xe/0x40
[ 321.132538] ? ccid_hc_tx_delete+0xde/0x100
[ 321.136842] __asan_report_load8_noabort+0x14/0x20
[ 321.141754] ccid_hc_tx_delete+0xde/0x100
[ 321.145886] dccp_sk_destruct+0x3f/0x90
[ 321.149850] ? dccp_init_sock+0x3f0/0x3f0
[ 321.153984] __sk_destruct+0x55/0x6d0
[ 321.157765] ? sock_no_getname+0x10/0x10
[ 321.161812] rcu_process_callbacks+0x928/0x1390
[ 321.166483] ? rcu_check_gp_start_stall+0x240/0x240
[ 321.171488] ? rcu_lockdep_current_cpu_online+0xe3/0x130
[ 321.176948] __do_softirq+0x266/0x95a
[ 321.180737] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 321.186253] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 321.191776] irq_exit+0x180/0x1d0
[ 321.195299] smp_apic_timer_interrupt+0x14a/0x570
[ 321.200125] apic_timer_interrupt+0xf/0x20
[ 321.204340]
[ 321.206568] RIP: 0010:unwind_next_frame.part.0+0x26/0x9a0
[ 321.212090] Code: 12 00 66 90 55 4c 8d 4f 50 48 b8 00 00 00 00 00 fc ff df 48 89 e5 41 57 41 56 41 55 41 54 4c 8d a5 78 ff ff ff 49 c1 ec 03 53 <48> 89 fb 49 8d 14 04 48 81 ec 88 00 00 00 48 c7 85 78 ff ff ff b3
[ 321.230973] RSP: 0018:ffff88809782f740 EFLAGS: 00000a02 ORIG_RAX: ffffffffffffff13
[ 321.238658] RAX: dffffc0000000000 RBX: ffff88809782f830 RCX: 0000000000000008
[ 321.245919] RDX: 0000000000000001 RSI: ffffffff866fc17b RDI: ffff88809782f790
[ 321.253188] RBP: ffff88809782f768 R08: 0000000000000001 R09: ffff88809782f7e0
[ 321.260441] R10: ffff88809782f7b8 R11: ffff88809782f7c8 R12: 1ffff11012f05edc
[ 321.267712] R13: 0000000000000000 R14: ffff8880a46800c0 R15: ffff88812c3f01c0
[ 321.275104] ? dccp_feat_init+0x16b/0x310
[ 321.279239] unwind_next_frame+0x3b/0x50
[ 321.283281] __save_stack_trace+0x7a/0xf0
[ 321.287431] ? dccp_feat_init+0x16b/0x310
[ 321.291563] save_stack_trace+0x1a/0x20
[ 321.295520] save_stack+0x45/0xd0
[ 321.298975] ? save_stack+0x45/0xd0
[ 321.302586] ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 321.307671] ? kasan_kmalloc+0x9/0x10
[ 321.311455] ? __kmalloc_track_caller+0x158/0x740
[ 321.316281] ? kmemdup+0x27/0x60
[ 321.319629] ? dccp_feat_clone_sp_val.part.0+0x5d/0xe0
[ 321.324900] ? __feat_register_sp+0x1df/0x330
[ 321.329414] ? dccp_feat_init+0x16b/0x310
[ 321.333554] ? dccp_init_sock+0x320/0x3f0
[ 321.337682] ? dccp_v6_init_sock+0x20/0xa0
[ 321.341899] ? inet6_create+0x9cd/0xf90
[ 321.345876] ? __sock_create+0x3e6/0x750
[ 321.349924] ? __sys_socket+0x103/0x220
[ 321.353885] ? __x64_sys_socket+0x73/0xb0
[ 321.358026] ? do_syscall_64+0x103/0x610
[ 321.362155] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 321.367515] ? mark_held_locks+0x100/0x100
[ 321.371733] ? fs_reclaim_acquire+0x20/0x20
[ 321.376038] ? fs_reclaim_acquire+0x20/0x20
[ 321.380339] ? find_held_lock+0x35/0x130
[ 321.384382] ? fs_reclaim_acquire+0x20/0x20
[ 321.388863] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 321.394379] ? should_fail+0x14d/0x85c
[ 321.398249] ? lock_downgrade+0x810/0x810
[ 321.402378] ? kasan_unpoison_shadow+0x35/0x50
[ 321.406945] __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 321.411856] kasan_kmalloc+0x9/0x10
[ 321.415465] __kmalloc_track_caller+0x158/0x740
[ 321.420120] ? dccp_feat_clone_sp_val.part.0+0x5d/0xe0
[ 321.425379] kmemdup+0x27/0x60
[ 321.428554] dccp_feat_clone_sp_val.part.0+0x5d/0xe0
[ 321.433642] __feat_register_sp+0x1df/0x330
[ 321.437956] ? dccp_feat_clone_sp_val.part.0+0xe0/0xe0
[ 321.443222] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 321.448757] ? check_preemption_disabled+0x48/0x290
[ 321.453759] dccp_feat_init+0x16b/0x310
[ 321.457712] ? dccp_feat_parse_options+0x1bc0/0x1bc0
[ 321.462796] ? dccp_timestamp+0x21/0x50
[ 321.466754] ? init_timer_key+0x122/0x370
[ 321.470884] ? dccp_init_xmit_timers+0x6a/0x6a
[ 321.475458] ? dccp_init_xmit_timers+0x6a/0x6a
[ 321.480023] ? dccp_timestamp+0x50/0x50
[ 321.483989] ? dccp_write_xmit_timer+0x20/0x20
[ 321.488564] ? inet_csk_init_xmit_timers+0x79/0xf0
[ 321.493493] dccp_init_sock+0x320/0x3f0
[ 321.497450] dccp_v6_init_sock+0x20/0xa0
[ 321.501499] ? dccp_v6_init_net+0x80/0x80
[ 321.505639] inet6_create+0x9cd/0xf90
[ 321.509445] __sock_create+0x3e6/0x750
[ 321.513317] __sys_socket+0x103/0x220
[ 321.517100] ? move_addr_to_kernel+0x80/0x80
[ 321.521489] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 321.526225] ? do_syscall_64+0x26/0x610
[ 321.530183] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 321.535532] ? do_syscall_64+0x26/0x610
[ 321.539502] __x64_sys_socket+0x73/0xb0
[ 321.543459] do_syscall_64+0x103/0x610
[ 321.547328] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 321.552515] RIP: 0033:0x457e39
[ 321.555692] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 321.574574] RSP: 002b:00007feb3fe92c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 321.582263] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39
[ 321.589541] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 000000000000000a
[ 321.596988] RBP: 000000000073c040 R08: 0000000000000000 R09: 0000000000000000
[ 321.604239] R10: 0000000000000000 R11: 0000000000000246 R12: 00007feb3fe936d4
[ 321.611487] R13: 00000000004c6188 R14: 00000000004db320 R15: 00000000ffffffff
[ 321.619734] Kernel Offset: disabled
[ 321.623360] Rebooting in 86400 seconds..