[info] Using makefile-style concurrent boot in runlevel 2. [ 26.447302] audit: type=1800 audit(1544758697.985:21): pid=5849 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="bootlogs" dev="sda1" ino=2419 res=0 [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.81' (ECDSA) to the list of known hosts. 2018/12/14 03:39:44 parsed 1 programs 2018/12/14 03:39:47 executed programs: 0 syzkaller login: [ 115.660517] IPVS: ftp: loaded support on port[0] = 21 [ 115.662966] IPVS: ftp: loaded support on port[0] = 21 [ 115.675814] IPVS: ftp: loaded support on port[0] = 21 [ 115.691059] IPVS: ftp: loaded support on port[0] = 21 [ 115.705318] IPVS: ftp: loaded support on port[0] = 21 [ 115.716893] IPVS: ftp: loaded support on port[0] = 21 [ 116.449352] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.455984] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.476872] device bridge_slave_0 entered promiscuous mode [ 116.507233] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.515705] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.527554] device bridge_slave_0 entered promiscuous mode [ 116.535628] bridge0: port 2(bridge_slave_1) entered blocking state [ 116.543168] bridge0: port 2(bridge_slave_1) entered disabled state [ 116.550103] device bridge_slave_1 entered promiscuous mode [ 116.557951] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.564728] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.571863] device bridge_slave_0 entered promiscuous mode [ 116.589779] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 116.596923] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.603545] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.610754] device bridge_slave_0 entered promiscuous mode [ 116.619987] bridge0: port 2(bridge_slave_1) entered blocking state [ 116.626352] bridge0: port 2(bridge_slave_1) entered disabled state [ 116.634716] device bridge_slave_1 entered promiscuous mode [ 116.641708] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.648067] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.656087] device bridge_slave_0 entered promiscuous mode [ 116.666906] bridge0: port 2(bridge_slave_1) entered blocking state [ 116.673714] bridge0: port 2(bridge_slave_1) entered disabled state [ 116.681672] device bridge_slave_1 entered promiscuous mode [ 116.700504] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 116.711371] bridge0: port 2(bridge_slave_1) entered blocking state [ 116.720967] bridge0: port 2(bridge_slave_1) entered disabled state [ 116.728410] device bridge_slave_1 entered promiscuous mode [ 116.738279] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 116.752921] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.760954] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.775229] device bridge_slave_0 entered promiscuous mode [ 116.782613] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 116.794823] bridge0: port 2(bridge_slave_1) entered blocking state [ 116.801629] bridge0: port 2(bridge_slave_1) entered disabled state [ 116.809454] device bridge_slave_1 entered promiscuous mode [ 116.824092] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 116.836153] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 116.854563] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 116.880313] bridge0: port 2(bridge_slave_1) entered blocking state [ 116.886676] bridge0: port 2(bridge_slave_1) entered disabled state [ 116.900294] device bridge_slave_1 entered promiscuous mode [ 116.911058] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 116.920305] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 116.971526] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 117.030324] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 117.046969] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 117.064234] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 117.097101] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 117.116083] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 117.160783] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 117.184035] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 117.214118] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 117.247348] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 117.257351] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 117.266534] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 117.281848] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 117.302812] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 117.318880] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 117.328630] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 117.340987] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 117.351796] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 117.359155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 117.366929] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 117.378175] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 117.389862] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 117.397731] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 117.410857] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 117.419489] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 117.444074] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 117.456113] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 117.481687] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 117.496041] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 117.505935] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 117.520548] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 117.540431] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 117.548426] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 117.582912] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 117.607257] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 117.631940] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 117.638792] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 117.655139] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 117.668613] team0: Port device team_slave_0 added [ 117.688775] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 117.705694] team0: Port device team_slave_0 added [ 117.746075] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 117.762610] team0: Port device team_slave_0 added [ 117.784394] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 117.792521] team0: Port device team_slave_1 added [ 117.801996] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 117.815280] team0: Port device team_slave_1 added [ 117.829081] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 117.848101] team0: Port device team_slave_0 added [ 117.865718] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 117.875147] team0: Port device team_slave_1 added [ 117.884427] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 117.895817] team0: Port device team_slave_0 added [ 117.918792] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 117.929507] team0: Port device team_slave_1 added [ 117.944816] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 117.967174] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 117.976581] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 117.986476] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 117.994014] team0: Port device team_slave_0 added [ 118.013911] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 118.021761] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 118.038325] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 118.057453] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 118.068181] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 118.075848] team0: Port device team_slave_1 added [ 118.088564] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 118.098797] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 118.109925] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 118.117324] team0: Port device team_slave_1 added [ 118.125142] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 118.141117] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 118.149962] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 118.157879] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 118.169509] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 118.182933] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 118.200190] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 118.219482] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 118.227502] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 118.236007] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 118.243868] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 118.251891] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 118.259871] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 118.271745] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 118.278824] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 118.291046] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 118.298169] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 118.311400] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 118.332366] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 118.340335] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 118.347923] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 118.355725] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 118.363328] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 118.371310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 118.385377] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 118.400036] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 118.407136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 118.417046] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 118.444826] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 118.453034] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 118.461297] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 118.473582] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 118.482299] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 118.495862] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 118.521053] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 118.532558] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 118.547219] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 118.555077] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 118.573138] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 118.589830] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 118.598698] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 118.613387] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 118.628239] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 118.651253] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 118.669493] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 119.125269] bridge0: port 2(bridge_slave_1) entered blocking state [ 119.131820] bridge0: port 2(bridge_slave_1) entered forwarding state [ 119.138818] bridge0: port 1(bridge_slave_0) entered blocking state [ 119.145239] bridge0: port 1(bridge_slave_0) entered forwarding state [ 119.153028] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 119.171576] bridge0: port 2(bridge_slave_1) entered blocking state [ 119.177954] bridge0: port 2(bridge_slave_1) entered forwarding state [ 119.184702] bridge0: port 1(bridge_slave_0) entered blocking state [ 119.191134] bridge0: port 1(bridge_slave_0) entered forwarding state [ 119.213178] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 119.269090] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 119.279709] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 119.376287] bridge0: port 2(bridge_slave_1) entered blocking state [ 119.382822] bridge0: port 2(bridge_slave_1) entered forwarding state [ 119.389551] bridge0: port 1(bridge_slave_0) entered blocking state [ 119.395908] bridge0: port 1(bridge_slave_0) entered forwarding state [ 119.404929] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 119.411794] bridge0: port 2(bridge_slave_1) entered blocking state [ 119.418153] bridge0: port 2(bridge_slave_1) entered forwarding state [ 119.424825] bridge0: port 1(bridge_slave_0) entered blocking state [ 119.431247] bridge0: port 1(bridge_slave_0) entered forwarding state [ 119.440528] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 119.515752] bridge0: port 2(bridge_slave_1) entered blocking state [ 119.522169] bridge0: port 2(bridge_slave_1) entered forwarding state [ 119.528808] bridge0: port 1(bridge_slave_0) entered blocking state [ 119.535238] bridge0: port 1(bridge_slave_0) entered forwarding state [ 119.551760] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 119.564339] bridge0: port 2(bridge_slave_1) entered blocking state [ 119.570763] bridge0: port 2(bridge_slave_1) entered forwarding state [ 119.577417] bridge0: port 1(bridge_slave_0) entered blocking state [ 119.583873] bridge0: port 1(bridge_slave_0) entered forwarding state [ 119.593482] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 120.339538] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 120.346850] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 120.365090] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 120.372863] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 122.045100] 8021q: adding VLAN 0 to HW filter on device bond0 [ 122.056228] 8021q: adding VLAN 0 to HW filter on device bond0 [ 122.224828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 122.237510] 8021q: adding VLAN 0 to HW filter on device bond0 [ 122.259243] 8021q: adding VLAN 0 to HW filter on device bond0 [ 122.321200] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 122.349011] 8021q: adding VLAN 0 to HW filter on device bond0 [ 122.356108] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 122.440217] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 122.492212] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 122.529204] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 122.568807] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 122.590422] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 122.597474] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 122.610128] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 122.622856] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 122.636249] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 122.650959] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 122.757379] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 122.766238] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 122.776989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 122.788769] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 122.837675] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 122.846997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 122.864859] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 122.876879] 8021q: adding VLAN 0 to HW filter on device team0 [ 122.884195] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 122.897665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 122.924231] 8021q: adding VLAN 0 to HW filter on device team0 [ 122.940234] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 122.949765] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 122.956809] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 123.068250] 8021q: adding VLAN 0 to HW filter on device team0 [ 123.134887] 8021q: adding VLAN 0 to HW filter on device team0 [ 123.158427] 8021q: adding VLAN 0 to HW filter on device team0 [ 123.190456] 8021q: adding VLAN 0 to HW filter on device team0 2018/12/14 03:39:56 executed programs: 6 2018/12/14 03:40:01 executed programs: 291 2018/12/14 03:40:06 executed programs: 556 2018/12/14 03:40:11 executed programs: 818 2018/12/14 03:40:16 executed programs: 1077 2018/12/14 03:40:21 executed programs: 1331 2018/12/14 03:40:26 executed programs: 1581 2018/12/14 03:40:31 executed programs: 1836 2018/12/14 03:40:36 executed programs: 2090 2018/12/14 03:40:41 executed programs: 2325 2018/12/14 03:40:46 executed programs: 2554 2018/12/14 03:40:51 executed programs: 2782 2018/12/14 03:40:56 executed programs: 3006 2018/12/14 03:41:01 executed programs: 3224 2018/12/14 03:41:06 executed programs: 3432 2018/12/14 03:41:11 executed programs: 3655 2018/12/14 03:41:16 executed programs: 3869 2018/12/14 03:41:21 executed programs: 4107 2018/12/14 03:41:26 executed programs: 4356 2018/12/14 03:41:31 executed programs: 4579 2018/12/14 03:41:36 executed programs: 4787 2018/12/14 03:41:41 executed programs: 4990 2018/12/14 03:41:46 executed programs: 5176 2018/12/14 03:41:51 executed programs: 5390 2018/12/14 03:41:56 executed programs: 5628 2018/12/14 03:42:01 executed programs: 5838 2018/12/14 03:42:06 executed programs: 6047 2018/12/14 03:42:11 executed programs: 6249 2018/12/14 03:42:16 executed programs: 6440 2018/12/14 03:42:21 executed programs: 6652 2018/12/14 03:42:26 executed programs: 6890 2018/12/14 03:42:32 executed programs: 7105 2018/12/14 03:42:37 executed programs: 7301 2018/12/14 03:42:42 executed programs: 7496 2018/12/14 03:42:47 executed programs: 7683 2018/12/14 03:42:52 executed programs: 7889 2018/12/14 03:42:57 executed programs: 8101 [ 309.123291] ================================================================== [ 309.130964] BUG: KASAN: use-after-free in link_path_walk.part.40+0x12e6/0x1530 [ 309.138345] Read of size 1 at addr ffff8881bb687c40 by task syz-executor0/9818 [ 309.145707] [ 309.147359] CPU: 0 PID: 9818 Comm: syz-executor0 Not tainted 4.20.0-rc6-next-20181213+ #170 [ 309.155857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 309.165218] Call Trace: [ 309.167882] dump_stack+0x244/0x39d [ 309.171771] ? dump_stack_print_info.cold.1+0x20/0x20 [ 309.177024] ? printk+0xa7/0xcf [ 309.180328] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 309.185141] print_address_description.cold.4+0x9/0x1ff [ 309.190551] ? link_path_walk.part.40+0x12e6/0x1530 [ 309.195591] kasan_report.cold.5+0x1b/0x39 [ 309.199849] ? link_path_walk.part.40+0x12e6/0x1530 [ 309.204883] ? inode_permission+0xa0/0x560 [ 309.209135] ? link_path_walk.part.40+0x12e6/0x1530 [ 309.214173] __asan_report_load1_noabort+0x14/0x20 [ 309.219112] link_path_walk.part.40+0x12e6/0x1530 [ 309.223949] ? pick_link+0xaf0/0xaf0 [ 309.227657] ? walk_component+0x2590/0x2590 [ 309.232052] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 309.237075] ? atime_needs_update+0x507/0x710 [ 309.241564] ? new_inode+0x40/0x40 [ 309.245101] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 309.250772] ? security_inode_follow_link+0xe8/0x120 [ 309.255874] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 309.261406] ? trailing_symlink+0x2ac/0x970 [ 309.265830] path_lookupat.isra.43+0xf7/0xc00 [ 309.270324] ? path_parentat.isra.41+0x160/0x160 [ 309.275166] ? __check_object_size+0xb1/0x782 [ 309.279664] ? usercopy_warn+0x110/0x110 [ 309.283751] ? check_preemption_disabled+0x48/0x280 [ 309.288771] filename_lookup+0x26a/0x520 [ 309.292826] ? nd_jump_link+0x1d0/0x1d0 [ 309.296833] ? digsig_verify+0x1530/0x1530 [ 309.301231] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 309.306893] ? getname_flags+0x26e/0x590 [ 309.310952] user_path_at_empty+0x40/0x50 [ 309.315138] do_mount+0x180/0x1ff0 [ 309.318795] ? lock_release+0xa00/0xa00 [ 309.322799] ? perf_trace_sched_process_exec+0x860/0x860 [ 309.328248] ? copy_mount_string+0x40/0x40 [ 309.332503] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 309.338037] ? _copy_from_user+0xdf/0x150 [ 309.342181] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 309.347757] ? copy_mount_options+0x315/0x430 [ 309.352250] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 309.357790] ksys_mount+0x12d/0x140 [ 309.361447] __x64_sys_mount+0xbe/0x150 [ 309.365436] do_syscall_64+0x1b9/0x820 [ 309.369354] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 309.374713] ? syscall_return_slowpath+0x5e0/0x5e0 [ 309.379637] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 309.384530] ? trace_hardirqs_on_caller+0x310/0x310 [ 309.389555] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 309.394602] ? prepare_exit_to_usermode+0x291/0x3b0 [ 309.399617] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 309.404458] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 309.409656] RIP: 0033:0x457679 [ 309.412846] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 309.431748] RSP: 002b:00007f8a2ae04c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 309.439448] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000457679 [ 309.446713] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 309.454012] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 309.461310] R10: 0000000000200000 R11: 0000000000000246 R12: 00007f8a2ae056d4 [ 309.468576] R13: 00000000004c2e25 R14: 00000000004d5200 R15: 00000000ffffffff [ 309.475848] [ 309.477519] Allocated by task 9819: [ 309.481201] save_stack+0x43/0xd0 [ 309.484650] kasan_kmalloc+0xcb/0xd0 [ 309.488355] __kmalloc_track_caller+0x159/0x750 [ 309.493073] kstrdup+0x39/0x70 [ 309.496297] bpf_symlink+0x26/0x140 [ 309.499917] vfs_symlink+0x37a/0x5d0 [ 309.503625] do_symlinkat+0x242/0x2d0 [ 309.507417] __x64_sys_symlink+0x59/0x80 [ 309.511470] do_syscall_64+0x1b9/0x820 [ 309.515366] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 309.520540] [ 309.522156] Freed by task 9820: [ 309.525426] save_stack+0x43/0xd0 [ 309.528916] __kasan_slab_free+0x102/0x150 [ 309.533157] kasan_slab_free+0xe/0x10 [ 309.536946] kfree+0xcf/0x230 [ 309.540046] bpf_evict_inode+0x11f/0x150 [ 309.544099] evict+0x4b9/0x980 [ 309.547280] iput+0x679/0xa90 [ 309.550378] do_unlinkat+0x733/0xa30 [ 309.554081] __x64_sys_unlink+0x42/0x50 [ 309.558046] do_syscall_64+0x1b9/0x820 [ 309.561926] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 309.567100] [ 309.568716] The buggy address belongs to the object at ffff8881bb687c40 [ 309.568716] which belongs to the cache kmalloc-32 of size 32 [ 309.581232] The buggy address is located 0 bytes inside of [ 309.581232] 32-byte region [ffff8881bb687c40, ffff8881bb687c60) [ 309.592839] The buggy address belongs to the page: [ 309.597764] page:ffffea0006eda1c0 count:1 mapcount:0 mapping:ffff8881da8001c0 index:0xffff8881bb687fc1 [ 309.607201] flags: 0x2fffc0000000200(slab) [ 309.611433] raw: 02fffc0000000200 ffffea00071a6f48 ffffea0006e708c8 ffff8881da8001c0 [ 309.619347] raw: ffff8881bb687fc1 ffff8881bb687000 0000000100000036 0000000000000000 [ 309.627327] page dumped because: kasan: bad access detected [ 309.633024] [ 309.634678] Memory state around the buggy address: [ 309.639602] ffff8881bb687b00: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc [ 309.646986] ffff8881bb687b80: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc [ 309.654373] >ffff8881bb687c00: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc [ 309.661720] ^ [ 309.667165] ffff8881bb687c80: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc [ 309.674536] ffff8881bb687d00: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc [ 309.681883] ================================================================== [ 309.689228] Disabling lock debugging due to kernel taint [ 309.694980] Kernel panic - not syncing: panic_on_warn set ... [ 309.700898] CPU: 0 PID: 9818 Comm: syz-executor0 Tainted: G B 4.20.0-rc6-next-20181213+ #170 [ 309.703300] kobject: 'loop5' (0000000075753169): kobject_uevent_env [ 309.710785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 309.710791] Call Trace: [ 309.710812] dump_stack+0x244/0x39d [ 309.710834] ? dump_stack_print_info.cold.1+0x20/0x20 [ 309.718042] kobject: 'loop5' (0000000075753169): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 309.726617] ? link_path_walk.part.40+0x1200/0x1530 [ 309.726721] panic+0x2ad/0x632 [ 309.726746] ? add_taint.cold.5+0x16/0x16 [ 309.759981] ? preempt_schedule+0x4d/0x60 [ 309.764134] ? ___preempt_schedule+0x16/0x18 [ 309.768541] ? trace_hardirqs_on+0xb4/0x310 [ 309.772868] ? link_path_walk.part.40+0x12e6/0x1530 [ 309.777883] end_report+0x47/0x4f [ 309.781333] kasan_report.cold.5+0xe/0x39 [ 309.785475] ? link_path_walk.part.40+0x12e6/0x1530 [ 309.790516] ? inode_permission+0xa0/0x560 [ 309.794752] ? link_path_walk.part.40+0x12e6/0x1530 [ 309.799769] __asan_report_load1_noabort+0x14/0x20 [ 309.804690] link_path_walk.part.40+0x12e6/0x1530 [ 309.809532] ? pick_link+0xaf0/0xaf0 [ 309.813240] ? walk_component+0x2590/0x2590 [ 309.817560] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 309.822627] ? atime_needs_update+0x507/0x710 [ 309.827116] ? new_inode+0x40/0x40 [ 309.830787] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 309.836320] ? security_inode_follow_link+0xe8/0x120 [ 309.841421] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 309.846997] ? trailing_symlink+0x2ac/0x970 [ 309.851318] path_lookupat.isra.43+0xf7/0xc00 [ 309.855812] ? path_parentat.isra.41+0x160/0x160 [ 309.860565] ? __check_object_size+0xb1/0x782 [ 309.865054] ? usercopy_warn+0x110/0x110 [ 309.869114] ? check_preemption_disabled+0x48/0x280 [ 309.874127] filename_lookup+0x26a/0x520 [ 309.878185] ? nd_jump_link+0x1d0/0x1d0 [ 309.882160] ? digsig_verify+0x1530/0x1530 [ 309.886392] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 309.891925] ? getname_flags+0x26e/0x590 [ 309.896022] user_path_at_empty+0x40/0x50 [ 309.900206] do_mount+0x180/0x1ff0 [ 309.903751] ? lock_release+0xa00/0xa00 [ 309.907719] ? perf_trace_sched_process_exec+0x860/0x860 [ 309.913168] ? copy_mount_string+0x40/0x40 [ 309.917404] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 309.922934] ? _copy_from_user+0xdf/0x150 [ 309.927203] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 309.932734] ? copy_mount_options+0x315/0x430 [ 309.937228] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 309.942778] ksys_mount+0x12d/0x140 [ 309.946400] __x64_sys_mount+0xbe/0x150 [ 309.950412] do_syscall_64+0x1b9/0x820 [ 309.954296] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 309.959654] ? syscall_return_slowpath+0x5e0/0x5e0 [ 309.964585] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 309.969431] ? trace_hardirqs_on_caller+0x310/0x310 [ 309.974442] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 309.979451] ? prepare_exit_to_usermode+0x291/0x3b0 [ 309.984460] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 309.989320] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 309.994514] RIP: 0033:0x457679 [ 309.997836] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 310.016731] RSP: 002b:00007f8a2ae04c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 310.024438] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000457679 [ 310.031746] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 310.039009] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 310.046271] R10: 0000000000200000 R11: 0000000000000246 R12: 00007f8a2ae056d4 [ 310.053535] R13: 00000000004c2e25 R14: 00000000004d5200 R15: 00000000ffffffff [ 310.062087] Kernel Offset: disabled [ 310.065721] Rebooting in 86400 seconds..