[ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 syzkaller login: [ 31.505897] audit: type=1400 audit(1591015303.487:8): avc: denied { execmem } for pid=5960 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 31.782375] IPVS: ftp: loaded support on port[0] = 21 [ 32.931513] can: request_module (can-proto-0) failed. [ 32.940083] can: request_module (can-proto-0) failed. [ 32.966052] audit: type=1400 audit(1591015304.948:9): avc: denied { create } for pid=5942 comm="syz-fuzzer" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dccp_socket permissive=1 Warning: Permanently added '10.128.0.118' (ECDSA) to the list of known hosts. 2020/06/01 12:41:53 parsed 1 programs 2020/06/01 12:41:53 executed programs: 0 [ 41.497377] audit: type=1400 audit(1591015313.471:10): avc: denied { execmem } for pid=6073 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 41.579902] IPVS: ftp: loaded support on port[0] = 21 [ 42.460796] IPVS: ftp: loaded support on port[0] = 21 [ 42.465618] chnl_net:caif_netlink_parms(): no params data found [ 42.503001] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.509879] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.516915] device bridge_slave_0 entered promiscuous mode [ 42.525159] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.531799] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.540031] device bridge_slave_1 entered promiscuous mode [ 42.560405] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 42.574311] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 42.599045] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 42.606451] team0: Port device team_slave_0 added [ 42.620821] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 42.629231] team0: Port device team_slave_1 added [ 42.634688] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 42.645137] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 42.689414] IPVS: ftp: loaded support on port[0] = 21 [ 42.700683] device hsr_slave_0 entered promiscuous mode [ 42.737614] device hsr_slave_1 entered promiscuous mode [ 42.800048] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 42.808144] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 42.847183] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.853782] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.861124] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.867817] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.899585] chnl_net:caif_netlink_parms(): no params data found [ 42.962237] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.969421] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.976697] device bridge_slave_0 entered promiscuous mode [ 42.984663] IPVS: ftp: loaded support on port[0] = 21 [ 42.996155] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.003080] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.012331] device bridge_slave_1 entered promiscuous mode [ 43.070297] chnl_net:caif_netlink_parms(): no params data found [ 43.093703] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 43.113087] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 43.153709] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 43.162614] team0: Port device team_slave_0 added [ 43.170518] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 43.179465] team0: Port device team_slave_1 added [ 43.187975] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.194813] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.204165] device bridge_slave_0 entered promiscuous mode [ 43.212573] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.220733] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.229286] device bridge_slave_1 entered promiscuous mode [ 43.242966] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 43.254045] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 43.279787] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 43.321297] device hsr_slave_0 entered promiscuous mode [ 43.368908] device hsr_slave_1 entered promiscuous mode [ 43.408256] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 43.430013] IPVS: ftp: loaded support on port[0] = 21 [ 43.445529] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 43.455431] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 43.470326] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 43.478687] team0: Port device team_slave_0 added [ 43.488769] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 43.496125] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.522603] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 43.532333] team0: Port device team_slave_1 added [ 43.541526] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.561007] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.568583] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 43.616590] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 43.625147] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 43.636325] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 43.661451] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 43.673129] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 43.681166] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.690225] chnl_net:caif_netlink_parms(): no params data found [ 43.739453] device hsr_slave_0 entered promiscuous mode [ 43.777211] device hsr_slave_1 entered promiscuous mode [ 43.817609] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 43.825122] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 43.831349] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.842149] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 43.850734] IPVS: ftp: loaded support on port[0] = 21 [ 43.853102] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 43.895496] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.942442] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 43.952279] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.962915] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.969347] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.979160] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 43.990855] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 44.008929] chnl_net:caif_netlink_parms(): no params data found [ 44.019636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 44.029068] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.038470] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.045377] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.054765] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 44.069376] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.075836] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.084126] device bridge_slave_0 entered promiscuous mode [ 44.094068] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.101587] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.109205] device bridge_slave_1 entered promiscuous mode [ 44.115797] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 44.129502] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 44.157715] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 44.172698] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 44.182166] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 44.210083] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.216636] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.224882] device bridge_slave_0 entered promiscuous mode [ 44.232631] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.239168] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.246374] device bridge_slave_1 entered promiscuous mode [ 44.253127] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 44.261674] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.272750] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 44.283060] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 44.306213] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 44.314713] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 44.327663] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 44.339675] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 44.361996] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 44.370179] team0: Port device team_slave_0 added [ 44.382910] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 44.391861] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.404199] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 44.418440] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 44.429726] team0: Port device team_slave_1 added [ 44.438894] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 44.448748] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 44.459002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 44.468597] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.482319] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 44.505084] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 44.512882] team0: Port device team_slave_0 added [ 44.521327] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 44.530927] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 44.542738] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 44.589241] device hsr_slave_0 entered promiscuous mode [ 44.637237] device hsr_slave_1 entered promiscuous mode [ 44.677317] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 44.684969] team0: Port device team_slave_1 added [ 44.693640] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 44.718383] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 44.728630] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 44.739337] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 44.753546] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 44.794044] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.806104] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.818254] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.858354] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 44.867723] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 44.918998] device hsr_slave_0 entered promiscuous mode [ 44.956847] device hsr_slave_1 entered promiscuous mode [ 44.997279] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 45.006349] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 45.025905] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 45.036983] chnl_net:caif_netlink_parms(): no params data found [ 45.050078] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 45.061810] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 45.073804] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 45.083502] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 45.090237] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.102790] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 45.114880] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 45.124258] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 45.133801] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 45.142617] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.151783] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 45.170354] ------------[ cut here ]------------ [ 45.177194] WARNING: CPU: 1 PID: 6917 at drivers/dma-buf/dma-buf.c:1039 dma_buf_vunmap+0x154/0x1b0 [ 45.187918] Kernel panic - not syncing: panic_on_warn set ... [ 45.187918] [ 45.196101] CPU: 1 PID: 6917 Comm: syz-executor.1 Not tainted 4.14.182-syzkaller #0 [ 45.201345] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 45.204728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 45.224591] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 45.227194] Call Trace: [ 45.227208] dump_stack+0xf7/0x13b [ 45.227215] ? dma_buf_vunmap+0x154/0x1b0 [ 45.227220] panic+0x1b0/0x36a [ 45.227225] ? add_taint.cold.5+0x11/0x11 [ 45.227233] ? __lock_acquire+0x24af/0x4500 [ 45.227240] ? dma_buf_vunmap+0x154/0x1b0 [ 45.237642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 45.239758] __warn.cold.8+0x25/0x2a [ 45.244635] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 45.248121] ? dma_buf_vunmap+0x154/0x1b0 [ 45.248129] report_bug+0x1a4/0x1f3 [ 45.248137] do_error_trap+0x1bd/0x310 [ 45.248143] ? math_error+0x300/0x300 [ 45.248149] ? __lock_is_held+0xb5/0x140 [ 45.248159] ? vb2_core_queue_release+0x25/0x70 [ 45.248167] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 45.248176] do_invalid_op+0x1b/0x20 [ 45.253151] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.256210] invalid_op+0x1b/0x40 [ 45.260598] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.264924] RIP: 0010:dma_buf_vunmap+0x154/0x1b0 [ 45.273773] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 45.278042] RSP: 0018:ffff88809623fbd0 EFLAGS: 00010246 [ 45.278048] RAX: dffffc0000000000 RBX: ffff888096ee4a80 RCX: 1ffff11013cc8caf [ 45.278051] RDX: 1ffff11012ddc958 RSI: ffffc90005a31000 RDI: 0000000000000000 [ 45.278053] RBP: ffff88809623fbf8 R08: ffff888096c5af90 R09: 0000000000000a19 [ 45.278056] R10: ffff88809623fce8 R11: ffff888096c5a6c0 R12: ffffffff842694d0 [ 45.278058] R13: ffff88809688aa80 R14: ffff88809688aaa8 R15: ffff888096ee4a80 [ 45.278069] ? vb2_vmalloc_map_dmabuf+0x80/0x80 [ 45.278080] ? vb2_vmalloc_map_dmabuf+0x80/0x80 [ 45.278085] vb2_vmalloc_detach_dmabuf+0x4f/0x80 [ 45.278092] __vb2_plane_dmabuf_put.isra.6+0xff/0x2d0 [ 45.278098] __vb2_queue_free+0x55c/0x770 [ 45.286315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 45.289899] ? __vb2_queue_cancel+0x232/0x880 [ 45.289908] vb2_core_queue_release+0x57/0x70 [ 45.289913] _vb2_fop_release+0x1ac/0x280 [ 45.289918] vb2_fop_release+0x66/0xd0 [ 45.289924] vivid_fop_release+0x15f/0x3a0 [ 45.289932] v4l2_release+0xee/0x1a0 [ 45.296069] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.298257] __fput+0x235/0x750 [ 45.298266] ? _raw_spin_unlock_irq+0x27/0x80 [ 45.298274] ____fput+0x9/0x10 [ 45.298279] task_work_run+0xeb/0x180 [ 45.298288] exit_to_usermode_loop+0x16a/0x1b0 [ 45.298295] do_syscall_64+0x418/0x5b0 [ 45.298299] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 45.298307] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 45.304251] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.309456] RIP: 0033:0x4129e1 [ 45.309460] RSP: 002b:00007fff589bffe0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 45.309465] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00000000004129e1 [ 45.309468] RDX: 0000001b2f820000 RSI: 0000000000000000 RDI: 0000000000000003 [ 45.309470] RBP: 0000000000740518 R08: 000000000000b084 R09: 000000000000b084 [ 45.309472] R10: 00007fff589c00b0 R11: 0000000000000293 R12: 0000000000000001 [ 45.309475] R13: 000000000000b085 R14: 000000000000b0b2 R15: 000000000073bf0c [ 45.317785] Kernel Offset: disabled [ 45.564298] Rebooting in 86400 seconds..