[ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 syzkaller login: [ 30.118138] audit: type=1400 audit(1585844531.847:8): avc: denied { execmem } for pid=5974 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 30.368668] IPVS: ftp: loaded support on port[0] = 21 [ 31.541904] can: request_module (can-proto-0) failed. [ 31.550558] can: request_module (can-proto-0) failed. [ 31.575929] audit: type=1400 audit(1585844533.308:9): avc: denied { create } for pid=5952 comm="syz-fuzzer" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dccp_socket permissive=1 Warning: Permanently added '10.128.15.203' (ECDSA) to the list of known hosts. 2020/04/02 16:22:21 parsed 1 programs 2020/04/02 16:22:21 executed programs: 0 [ 39.813029] audit: type=1400 audit(1585844541.551:10): avc: denied { execmem } for pid=6091 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 40.104350] IPVS: ftp: loaded support on port[0] = 21 [ 40.871626] IPVS: ftp: loaded support on port[0] = 21 [ 40.938017] chnl_net:caif_netlink_parms(): no params data found [ 40.984643] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.991441] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.999623] device bridge_slave_0 entered promiscuous mode [ 41.007274] IPVS: ftp: loaded support on port[0] = 21 [ 41.007647] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.019700] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.027428] device bridge_slave_1 entered promiscuous mode [ 41.048402] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 41.060153] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 41.097281] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 41.104695] team0: Port device team_slave_0 added [ 41.128444] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 41.135834] team0: Port device team_slave_1 added [ 41.143006] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 41.159815] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 41.170404] chnl_net:caif_netlink_parms(): no params data found [ 41.202196] IPVS: ftp: loaded support on port[0] = 21 [ 41.265336] device hsr_slave_0 entered promiscuous mode [ 41.283483] device hsr_slave_1 entered promiscuous mode [ 41.352410] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 41.361495] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.369056] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.376390] device bridge_slave_0 entered promiscuous mode [ 41.384304] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 41.406736] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.414097] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.421462] device bridge_slave_1 entered promiscuous mode [ 41.444659] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 41.462921] IPVS: ftp: loaded support on port[0] = 21 [ 41.470497] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 41.491215] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.497693] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.504796] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.511156] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.618871] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 41.626261] team0: Port device team_slave_0 added [ 41.638587] chnl_net:caif_netlink_parms(): no params data found [ 41.652545] chnl_net:caif_netlink_parms(): no params data found [ 41.662158] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 41.670354] team0: Port device team_slave_1 added [ 41.707585] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 41.728992] IPVS: ftp: loaded support on port[0] = 21 [ 41.740881] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 41.758185] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.764779] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.771742] device bridge_slave_0 entered promiscuous mode [ 41.827822] device hsr_slave_0 entered promiscuous mode [ 41.883483] device hsr_slave_1 entered promiscuous mode [ 41.936746] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 41.943649] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.950034] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.958783] device bridge_slave_1 entered promiscuous mode [ 41.971641] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.978932] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.986163] device bridge_slave_0 entered promiscuous mode [ 41.992529] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.999595] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.006825] device bridge_slave_1 entered promiscuous mode [ 42.018055] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.025839] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.035847] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 42.055678] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 42.082849] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 42.099195] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 42.153846] 8021q: adding VLAN 0 to HW filter on device bond0 [ 42.168183] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 42.191933] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 42.199068] team0: Port device team_slave_0 added [ 42.207819] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 42.216105] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 42.223650] team0: Port device team_slave_0 added [ 42.231591] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 42.239727] team0: Port device team_slave_1 added [ 42.250726] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 42.258460] team0: Port device team_slave_1 added [ 42.263914] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 42.272811] chnl_net:caif_netlink_parms(): no params data found [ 42.281792] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 42.293428] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 42.301093] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 42.312297] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 42.318720] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 42.376116] device hsr_slave_0 entered promiscuous mode [ 42.425154] device hsr_slave_1 entered promiscuous mode [ 42.464826] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 42.472401] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 42.525495] device hsr_slave_0 entered promiscuous mode [ 42.543331] device hsr_slave_1 entered promiscuous mode [ 42.603464] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 42.610606] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 42.641730] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 42.649202] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 42.655751] 8021q: adding VLAN 0 to HW filter on device team0 [ 42.702198] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.709266] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.718924] device bridge_slave_0 entered promiscuous mode [ 42.727144] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 42.735117] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.741475] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.749597] device bridge_slave_1 entered promiscuous mode [ 42.767895] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 42.780176] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 42.791417] chnl_net:caif_netlink_parms(): no params data found [ 42.804233] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 42.811969] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 42.820648] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.827071] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.842841] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 42.858992] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 42.868606] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 42.887095] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 42.895075] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 42.903862] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.910232] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.919835] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 42.929005] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 42.950890] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 42.958602] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 42.996165] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 43.003611] team0: Port device team_slave_0 added [ 43.009593] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 43.024885] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.032275] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 43.042771] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 43.050018] team0: Port device team_slave_1 added [ 43.055436] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 43.062815] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.069260] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.076423] device bridge_slave_0 entered promiscuous mode [ 43.082515] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 43.091614] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 43.099921] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 43.114339] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.121171] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 43.128896] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 43.141726] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.148595] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.156229] device bridge_slave_1 entered promiscuous mode [ 43.163481] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 43.179903] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 43.188754] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 43.196564] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 43.206458] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 43.221478] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 43.236390] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 43.243856] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 43.250750] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 43.258688] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 43.267425] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 43.274707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.283762] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 43.292219] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 43.303154] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 43.309169] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 43.355871] device hsr_slave_0 entered promiscuous mode [ 43.393124] device hsr_slave_1 entered promiscuous mode [ 43.438104] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 43.447802] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 43.456469] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 43.464838] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 43.472116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 43.479392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.493886] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 43.500396] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 43.507791] team0: Port device team_slave_0 added [ 43.513270] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 43.521681] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 43.528120] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.545921] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 43.553161] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 43.560373] team0: Port device team_slave_1 added [ 43.567882] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 43.577606] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.587480] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.594872] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 43.602082] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 43.610298] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.618065] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.624592] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.631476] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 43.639283] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 43.645982] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.655385] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 43.664647] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 43.672306] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 43.683111] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.689479] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.723341] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.785536] device hsr_slave_0 entered promiscuous mode [ 43.813473] device hsr_slave_1 entered promiscuous mode [ 43.853888] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 43.864480] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 43.873831] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 43.881306] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 43.891039] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.899063] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.905444] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.912703] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 43.921141] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 43.929610] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 43.937274] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 43.945394] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 43.953662] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 43.989052] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 43.997035] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 44.005026] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 44.013712] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 44.014531] vivid-000: kernel_thread() failed [ 44.022183] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 44.046377] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 44.060917] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.070390] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.076807] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.085350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 44.092348] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 44.104296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 44.112033] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 44.124100] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.131676] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 44.140096] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 44.147964] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 44.156703] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.166829] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 44.173418] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.181001] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 44.195116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 44.202567] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.211908] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 44.222280] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 44.230628] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 44.241152] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 44.250396] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 44.259181] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 44.269161] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.277387] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 44.286216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 44.294410] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.301809] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 44.310134] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.318152] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.324532] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.332181] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 44.339784] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 44.347964] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 44.364460] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 44.371685] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.384049] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 44.390093] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 44.405414] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 44.422106] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 44.429783] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 44.443299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 44.451180] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.459527] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.465927] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.473074] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 44.480639] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 44.490413] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 44.499608] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.514124] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 44.522069] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 44.530024] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 44.545476] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 44.557207] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 44.565095] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.572473] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 44.583283] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.590601] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 44.600433] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 44.607316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 44.617581] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 44.629559] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.637606] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 44.647737] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.655851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 44.664534] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.673626] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.680131] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.693432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 44.701513] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 44.734024] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 44.742416] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 44.753732] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 44.761270] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.771112] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 44.779873] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 44.788815] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.796982] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 44.806565] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 44.816147] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 44.824963] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 44.832628] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.840813] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.847206] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.857663] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 44.868825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.877598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 44.884644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 44.904061] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 44.913915] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 44.919990] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.928020] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready 2020/04/02 16:22:26 executed programs: 13 [ 44.936582] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 44.954349] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.975965] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 44.993221] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 45.001596] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 45.015742] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 45.028247] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.038856] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 45.047426] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 45.056735] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.063148] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.071041] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 45.079432] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 45.087469] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.093848] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.101264] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 45.109248] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 45.117249] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 45.128136] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 45.134945] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 45.148103] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 45.158159] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 45.166234] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 45.179393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 45.188073] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 45.214445] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 45.225592] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 45.236276] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.248306] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 45.259134] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 45.273422] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 45.299811] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 45.310375] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 45.320687] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 45.330259] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 45.339623] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 45.347797] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 45.355603] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 45.363472] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 45.373093] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 45.380639] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 45.391173] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 45.398371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 45.406147] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 45.413913] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 45.421382] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 45.431078] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 45.439511] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 45.447668] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 45.456431] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 45.462433] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 45.471631] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 45.482021] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 45.489526] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 45.501999] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 45.513969] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 45.522524] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 45.533770] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 45.539904] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 45.567348] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 45.579234] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.929346] ================================================================== [ 47.936928] BUG: KASAN: use-after-free in __vb2_perform_fileio+0x10fd/0x12b0 [ 47.944119] Read of size 4 at addr ffff88808f53b9dc by task syz-executor.4/7176 [ 47.951561] [ 47.953178] CPU: 1 PID: 7176 Comm: syz-executor.4 Not tainted 4.14.175-syzkaller #0 [ 47.961091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 47.970445] Call Trace: [ 47.973030] dump_stack+0xf7/0x13b [ 47.976566] ? __vb2_perform_fileio+0x10fd/0x12b0 [ 47.981402] print_address_description.cold.7+0x9/0x1c9 [ 47.986748] ? __vb2_perform_fileio+0x10fd/0x12b0 [ 47.991574] kasan_report.cold.8+0x11a/0x2d3 [ 47.995963] __asan_report_load4_noabort+0x14/0x20 [ 48.000875] __vb2_perform_fileio+0x10fd/0x12b0 [ 48.005547] ? vb2_core_poll+0x730/0x730 [ 48.009592] vb2_read+0xf/0x20 [ 48.012765] vb2_fop_read+0x1b6/0x390 [ 48.016574] ? vb2_fop_write+0x390/0x390 [ 48.020634] v4l2_read+0x135/0x240 [ 48.024165] __vfs_read+0xde/0x840 [ 48.027690] ? vfs_copy_file_range+0xb50/0xb50 [ 48.032256] ? fsnotify+0x1160/0x1160 [ 48.036046] ? __inode_security_revalidate+0xd3/0x100 [ 48.041234] ? selinux_file_permission+0x31f/0x3e0 [ 48.046164] ? security_file_permission+0x14f/0x1c0 [ 48.051164] ? rw_verify_area+0xb8/0x2b0 [ 48.055210] vfs_read+0xf5/0x300 [ 48.058565] SyS_read+0x100/0x250 [ 48.062007] ? kernel_write+0x130/0x130 [ 48.065971] ? do_syscall_64+0x4c/0x5b0 [ 48.070731] ? kernel_write+0x130/0x130 [ 48.074866] do_syscall_64+0x1c9/0x5b0 [ 48.078734] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 48.083558] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 48.088739] RIP: 0033:0x458da9 [ 48.091914] RSP: 002b:00007f7ac7c4dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 48.099611] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000458da9 [ 48.106873] RDX: 0000000000000052 RSI: 0000000020000540 RDI: 0000000000000003 [ 48.114134] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 48.121405] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7ac7c4e6d4 [ 48.128656] R13: 00000000004c4ac8 R14: 00000000004da088 R15: 00000000ffffffff [ 48.135928] [ 48.137535] Allocated by task 7176: [ 48.141170] save_stack_trace+0x16/0x20 [ 48.145134] save_stack+0x43/0xd0 [ 48.148571] kasan_kmalloc+0xc7/0xe0 [ 48.152282] kmem_cache_alloc_trace+0x152/0x7b0 [ 48.156931] __vb2_init_fileio+0x160/0xaf0 [ 48.161150] __vb2_perform_fileio+0xa9f/0x12b0 [ 48.165716] vb2_read+0xf/0x20 [ 48.169020] vb2_fop_read+0x1b6/0x390 [ 48.172812] v4l2_read+0x135/0x240 [ 48.176338] __vfs_read+0xde/0x840 [ 48.179898] vfs_read+0xf5/0x300 [ 48.183258] SyS_read+0x100/0x250 [ 48.186698] do_syscall_64+0x1c9/0x5b0 [ 48.190571] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 48.195741] [ 48.197357] Freed by task 7173: [ 48.200630] save_stack_trace+0x16/0x20 [ 48.204601] save_stack+0x43/0xd0 [ 48.208046] kasan_slab_free+0x71/0xc0 [ 48.211921] kfree+0xcc/0x270 [ 48.215009] __vb2_cleanup_fileio+0xee/0x140 [ 48.219395] vb2_core_queue_release+0xf/0x70 [ 48.223781] _vb2_fop_release+0x1ac/0x280 [ 48.227927] vb2_fop_release+0x66/0xd0 [ 48.231809] vivid_fop_release+0x15f/0x3a0 [ 48.236026] v4l2_release+0xee/0x1a0 [ 48.239725] __fput+0x235/0x750 [ 48.242986] ____fput+0x9/0x10 [ 48.246158] task_work_run+0xeb/0x180 [ 48.249937] exit_to_usermode_loop+0x16a/0x1b0 [ 48.254564] do_syscall_64+0x418/0x5b0 [ 48.258439] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 48.263629] [ 48.265244] The buggy address belongs to the object at ffff88808f53b6c0 [ 48.265244] which belongs to the cache kmalloc-1024 of size 1024 [ 48.278060] The buggy address is located 796 bytes inside of [ 48.278060] 1024-byte region [ffff88808f53b6c0, ffff88808f53bac0) [ 48.290007] The buggy address belongs to the page: [ 48.295080] page:ffffea00023d4e80 count:1 mapcount:0 mapping:ffff88808f53a040 index:0x0 compound_mapcount: 0 [ 48.305152] flags: 0x1fffc0000008100(slab|head) [ 48.309829] raw: 01fffc0000008100 ffff88808f53a040 0000000000000000 0000000100000007 [ 48.317700] raw: ffffea00023e7e20 ffffea00023dbba0 ffff8880aa800ac0 0000000000000000 [ 48.325559] page dumped because: kasan: bad access detected [ 48.331253] [ 48.332861] Memory state around the buggy address: [ 48.337841] ffff88808f53b880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 48.345316] ffff88808f53b900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 48.352666] >ffff88808f53b980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 48.360007] ^ [ 48.366224] ffff88808f53ba00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 48.373564] ffff88808f53ba80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 48.380905] ================================================================== [ 48.388251] Disabling lock debugging due to kernel taint [ 48.442438] Kernel panic - not syncing: panic_on_warn set ... [ 48.442438] [ 48.449914] CPU: 1 PID: 7176 Comm: syz-executor.4 Tainted: G B 4.14.175-syzkaller #0 [ 48.458912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 48.468262] Call Trace: [ 48.470847] dump_stack+0xf7/0x13b [ 48.474540] ? __vb2_perform_fileio+0x10fd/0x12b0 [ 48.479365] panic+0x1b0/0x36a [ 48.482537] ? add_taint.cold.5+0x11/0x11 [ 48.486664] ? ___preempt_schedule+0x16/0x18 [ 48.491054] ? __vb2_perform_fileio+0x10fd/0x12b0 [ 48.495886] kasan_end_report+0x47/0x4f [ 48.499840] kasan_report.cold.8+0x76/0x2d3 [ 48.504149] __asan_report_load4_noabort+0x14/0x20 [ 48.509056] __vb2_perform_fileio+0x10fd/0x12b0 [ 48.513714] ? vb2_core_poll+0x730/0x730 [ 48.517754] vb2_read+0xf/0x20 [ 48.520922] vb2_fop_read+0x1b6/0x390 [ 48.524698] ? vb2_fop_write+0x390/0x390 [ 48.528733] v4l2_read+0x135/0x240 [ 48.532251] __vfs_read+0xde/0x840 [ 48.535769] ? vfs_copy_file_range+0xb50/0xb50 [ 48.540325] ? fsnotify+0x1160/0x1160 [ 48.544128] ? __inode_security_revalidate+0xd3/0x100 [ 48.549292] ? selinux_file_permission+0x31f/0x3e0 [ 48.554201] ? security_file_permission+0x14f/0x1c0 [ 48.559207] ? rw_verify_area+0xb8/0x2b0 [ 48.563253] vfs_read+0xf5/0x300 [ 48.566616] SyS_read+0x100/0x250 [ 48.570048] ? kernel_write+0x130/0x130 [ 48.574005] ? do_syscall_64+0x4c/0x5b0 [ 48.577969] ? kernel_write+0x130/0x130 [ 48.581922] do_syscall_64+0x1c9/0x5b0 [ 48.585785] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 48.590607] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 48.595773] RIP: 0033:0x458da9 [ 48.598939] RSP: 002b:00007f7ac7c4dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 48.606629] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000458da9 [ 48.613962] RDX: 0000000000000052 RSI: 0000000020000540 RDI: 0000000000000003 [ 48.621817] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 48.629062] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7ac7c4e6d4 [ 48.636318] R13: 00000000004c4ac8 R14: 00000000004da088 R15: 00000000ffffffff [ 48.645134] Kernel Offset: disabled [ 48.648755] Rebooting in 86400 seconds..