[ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 syzkaller login: [ 31.020833] audit: type=1400 audit(1592158453.831:8): avc: denied { execmem } for pid=6107 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 31.279473] IPVS: ftp: loaded support on port[0] = 21 [ 32.338235] can: request_module (can-proto-0) failed. [ 32.348749] can: request_module (can-proto-0) failed. [ 32.373615] audit: type=1400 audit(1592158455.182:9): avc: denied { create } for pid=6087 comm="syz-fuzzer" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dccp_socket permissive=1 Warning: Permanently added '10.128.15.211' (ECDSA) to the list of known hosts. 2020/06/14 18:14:23 parsed 1 programs 2020/06/14 18:14:23 executed programs: 0 [ 40.879811] audit: type=1400 audit(1592158463.696:10): avc: denied { execmem } for pid=6221 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 40.937786] IPVS: ftp: loaded support on port[0] = 21 [ 41.683250] IPVS: ftp: loaded support on port[0] = 21 [ 41.748079] chnl_net:caif_netlink_parms(): no params data found [ 41.826257] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.833665] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.843028] IPVS: ftp: loaded support on port[0] = 21 [ 41.844557] device bridge_slave_0 entered promiscuous mode [ 41.874819] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.881181] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.889067] device bridge_slave_1 entered promiscuous mode [ 41.898846] chnl_net:caif_netlink_parms(): no params data found [ 41.931045] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 41.949444] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 41.973666] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 41.981381] team0: Port device team_slave_0 added [ 41.993602] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 42.003651] team0: Port device team_slave_1 added [ 42.004624] IPVS: ftp: loaded support on port[0] = 21 [ 42.014962] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.021381] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.028789] device bridge_slave_0 entered promiscuous mode [ 42.036877] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.043220] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.050338] device bridge_slave_1 entered promiscuous mode [ 42.056631] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 42.074711] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 42.085006] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 42.096116] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 42.115305] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 42.122399] team0: Port device team_slave_0 added [ 42.186068] device hsr_slave_0 entered promiscuous mode [ 42.224202] device hsr_slave_1 entered promiscuous mode [ 42.274294] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 42.281378] team0: Port device team_slave_1 added [ 42.287216] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 42.296963] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 42.309662] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 42.326578] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 42.376210] device hsr_slave_0 entered promiscuous mode [ 42.414114] device hsr_slave_1 entered promiscuous mode [ 42.454385] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 42.467565] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 42.496465] IPVS: ftp: loaded support on port[0] = 21 [ 42.563525] chnl_net:caif_netlink_parms(): no params data found [ 42.600465] chnl_net:caif_netlink_parms(): no params data found [ 42.627200] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.633699] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.640606] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.647043] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.682987] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.689655] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.696307] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.702672] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.740965] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.747673] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.755251] device bridge_slave_0 entered promiscuous mode [ 42.762051] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.769087] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.776210] device bridge_slave_1 entered promiscuous mode [ 42.795489] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.802022] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.810846] device bridge_slave_0 entered promiscuous mode [ 42.818207] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.825836] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.832946] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.839673] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.853276] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 42.862806] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.870669] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.878481] IPVS: ftp: loaded support on port[0] = 21 [ 42.880267] device bridge_slave_1 entered promiscuous mode [ 42.901820] 8021q: adding VLAN 0 to HW filter on device bond0 [ 42.915164] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 42.942775] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 42.955763] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 42.965174] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 42.972268] team0: Port device team_slave_0 added [ 42.978885] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 42.986279] team0: Port device team_slave_1 added [ 43.007584] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 43.015785] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 43.023232] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 43.070871] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 43.114676] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 43.122369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.132199] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 43.138648] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.157767] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 43.165258] team0: Port device team_slave_0 added [ 43.172805] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 43.181580] team0: Port device team_slave_1 added [ 43.187502] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 43.236821] device hsr_slave_0 entered promiscuous mode [ 43.273742] device hsr_slave_1 entered promiscuous mode [ 43.333999] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 43.342010] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 43.351654] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 43.367721] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.378615] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 43.386303] chnl_net:caif_netlink_parms(): no params data found [ 43.404326] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 43.412071] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.420573] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.426977] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.434360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 43.442040] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 43.449659] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.456069] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.464262] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.480517] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 43.516002] device hsr_slave_0 entered promiscuous mode [ 43.553667] device hsr_slave_1 entered promiscuous mode [ 43.584074] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 43.591207] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 43.604399] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 43.612192] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 43.628037] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 43.634339] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.641842] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 43.649908] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 43.656987] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.664327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 43.682059] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 43.694380] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.707336] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 43.724052] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 43.731837] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.739729] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.746139] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.753102] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 43.763043] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 43.776773] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.783835] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.790660] device bridge_slave_0 entered promiscuous mode [ 43.807238] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 43.815345] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 43.824177] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.830710] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.844136] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 43.852087] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 43.862030] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 43.869181] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.876536] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.884335] device bridge_slave_1 entered promiscuous mode [ 43.900476] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 43.908161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 43.916481] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 43.924631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 43.932154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 43.940223] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 43.952554] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 43.961640] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 43.979159] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 43.990616] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.997930] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 44.006685] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 44.014317] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.024755] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 44.036267] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 44.071861] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 44.083806] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 44.091416] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 44.098739] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 44.107215] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.115235] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 44.122920] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.130558] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 44.137457] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 44.145661] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 44.154870] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.161363] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 44.168373] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 44.202564] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 44.208944] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.216108] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 44.222992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 44.232107] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 44.241436] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 44.251677] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 44.264628] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 44.272108] team0: Port device team_slave_0 added [ 44.281836] chnl_net:caif_netlink_parms(): no params data found [ 44.290876] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 44.299035] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.309562] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 44.318896] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 44.326013] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 44.333062] team0: Port device team_slave_1 added [ 44.338769] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 44.347364] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 44.358770] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 44.365704] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 44.374580] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.384143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 44.390937] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 44.398284] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 44.406055] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.413736] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.420070] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.427076] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 44.435222] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 44.442665] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 44.449040] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 44.461776] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.488016] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 44.496034] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.506505] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.512832] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.525289] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.533800] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 44.539864] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.587008] device hsr_slave_0 entered promiscuous mode [ 44.643409] device hsr_slave_1 entered promiscuous mode [ 44.683862] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 44.691147] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 44.700281] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 44.708133] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.714618] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.721687] device bridge_slave_0 entered promiscuous mode [ 44.731482] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.737986] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.745451] device bridge_slave_1 entered promiscuous mode [ 44.765661] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 44.781847] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 44.792781] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 44.801884] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 44.810261] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 44.821063] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 44.829692] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.838256] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.844704] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.851769] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 44.860175] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 44.872130] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 44.887510] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 44.894861] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 44.901878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 44.909792] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.919014] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.950645] ================================================================== [ 44.958202] BUG: KASAN: use-after-free in _copy_to_user+0x84/0xb0 [ 44.960937] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 44.964516] Read of size 931 at addr ffff88807a3ffff3 by task syz-executor.2/7096 [ 44.964521] [ 44.964527] CPU: 1 PID: 7096 Comm: syz-executor.2 Not tainted 4.14.184-syzkaller #0 [ 44.964530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.964532] Call Trace: [ 44.964543] dump_stack+0xf7/0x13b [ 44.964553] ? _copy_to_user+0x84/0xb0 [ 44.986611] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 44.989051] print_address_description.cold.7+0x9/0x1c9 [ 44.989060] ? _copy_to_user+0x84/0xb0 [ 45.007339] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 45.008384] kasan_report.cold.8+0x11a/0x2d3 [ 45.008392] check_memory_region+0x13e/0x1b0 [ 45.016566] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 45.020505] kasan_check_read+0x11/0x20 [ 45.020512] _copy_to_user+0x84/0xb0 [ 45.020520] bpf_test_finish.isra.5+0xd5/0x170 [ 45.020526] ? bpf_test_run+0x2d0/0x2d0 [ 45.020535] ? kvm_clock_read+0x23/0x40 [ 45.020539] ? kvm_clock_get_cycles+0x9/0x10 [ 45.020546] ? ktime_get+0x13c/0x240 [ 45.027834] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 45.031163] ? bpf_test_run+0x210/0x2d0 [ 45.031170] ? eth_gro_receive+0x880/0x880 [ 45.031181] bpf_prog_test_run_skb+0x66d/0xbc0 [ 45.038559] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 45.040056] ? bpf_test_init.isra.6+0xa0/0xa0 [ 45.040067] ? __bpf_prog_get+0x128/0x170 [ 45.056723] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 45.057347] SyS_bpf+0x4d7/0x288a [ 45.067569] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 45.070301] ? bpf_prog_get+0x10/0x10 [ 45.070309] ? kasan_check_read+0x11/0x20 [ 45.070317] ? _copy_to_user+0x91/0xb0 [ 45.143008] ? put_timespec64+0xa4/0xf0 [ 45.146960] ? nsecs_to_jiffies+0x20/0x20 [ 45.151127] ? SyS_clock_gettime+0x115/0x160 [ 45.155525] ? do_syscall_64+0x4c/0x5b0 [ 45.159486] ? bpf_prog_get+0x10/0x10 [ 45.163266] do_syscall_64+0x1c7/0x5b0 [ 45.167132] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 45.172003] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 45.177222] RIP: 0033:0x459829 [ 45.180390] RSP: 002b:00007fe60772bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 45.188078] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 45.195327] RDX: 0000000000000028 RSI: 0000000020000140 RDI: 000000000000000a [ 45.202586] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 45.209837] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe60772c6d4 [ 45.217085] R13: 00000000004bfb92 R14: 00000000004d1758 R15: 00000000ffffffff [ 45.224343] [ 45.225948] The buggy address belongs to the page: [ 45.230852] page:ffffea0001e8ffc0 count:0 mapcount:0 mapping: (null) index:0x0 [ 45.238989] flags: 0x1fffc0000000000() [ 45.242852] raw: 01fffc0000000000 0000000000000000 0000000000000000 00000000ffffffff [ 45.250710] raw: ffffea0001e8ffe0 ffffea0001e8ffe0 0000000000000000 0000000000000000 [ 45.258650] page dumped because: kasan: bad access detected [ 45.264335] [ 45.265967] Memory state around the buggy address: [ 45.270872] ffff88807a3ffe80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 45.278222] ffff88807a3fff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 45.285565] >ffff88807a3fff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 45.292936] ^ [ 45.299937] ffff88807a400000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 45.307281] ffff88807a400080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 45.314616] ================================================================== [ 45.321948] Disabling lock debugging due to kernel taint [ 45.328767] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 45.335766] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 45.340861] Kernel panic - not syncing: panic_on_warn set ... [ 45.340861] [ 45.344029] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 45.350497] CPU: 0 PID: 7096 Comm: syz-executor.2 Tainted: G B 4.14.184-syzkaller #0 [ 45.358054] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.366752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 45.366754] Call Trace: [ 45.366767] dump_stack+0xf7/0x13b [ 45.366773] ? _copy_to_user+0x84/0xb0 [ 45.366778] panic+0x1b0/0x358 [ 45.366783] ? add_taint.cold.5+0x11/0x11 [ 45.373112] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.382429] ? ___preempt_schedule+0x16/0x18 [ 45.385407] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 45.388509] ? _copy_to_user+0x84/0xb0 [ 45.392704] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 45.395552] kasan_end_report+0x47/0x4f [ 45.395558] kasan_report.cold.8+0x76/0x2d3 [ 45.395562] check_memory_region+0x13e/0x1b0 [ 45.395565] kasan_check_read+0x11/0x20 [ 45.395570] _copy_to_user+0x84/0xb0 [ 45.395577] bpf_test_finish.isra.5+0xd5/0x170 [ 45.395581] ? bpf_test_run+0x2d0/0x2d0 [ 45.395585] ? kvm_clock_read+0x23/0x40 [ 45.395588] ? kvm_clock_get_cycles+0x9/0x10 [ 45.395593] ? ktime_get+0x13c/0x240 [ 45.395600] ? bpf_test_run+0x210/0x2d0 [ 45.400157] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 45.406237] ? eth_gro_receive+0x880/0x880 [ 45.406252] bpf_prog_test_run_skb+0x66d/0xbc0 [ 45.406259] ? bpf_test_init.isra.6+0xa0/0xa0 [ 45.406266] ? __bpf_prog_get+0x128/0x170 [ 45.406271] SyS_bpf+0x4d7/0x288a [ 45.406275] ? bpf_prog_get+0x10/0x10 [ 45.406280] ? kasan_check_read+0x11/0x20 [ 45.406286] ? _copy_to_user+0x91/0xb0 [ 45.406293] ? put_timespec64+0xa4/0xf0 [ 45.406296] ? nsecs_to_jiffies+0x20/0x20 [ 45.406303] ? SyS_clock_gettime+0x115/0x160 [ 45.406310] ? do_syscall_64+0x4c/0x5b0 [ 45.406315] ? bpf_prog_get+0x10/0x10 [ 45.406319] do_syscall_64+0x1c7/0x5b0 [ 45.406322] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 45.406329] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 45.406332] RIP: 0033:0x459829 [ 45.406334] RSP: 002b:00007fe60772bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 45.406339] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 45.406341] RDX: 0000000000000028 RSI: 0000000020000140 RDI: 000000000000000a [ 45.406342] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 45.406344] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe60772c6d4 [ 45.406346] R13: 00000000004bfb92 R14: 00000000004d1758 R15: 00000000ffffffff [ 45.407555] Kernel Offset: disabled [ 45.599200] Rebooting in 86400 seconds..