[ 40.428298] audit: type=1400 audit(1576092353.794:37): avc: denied { map } for pid=6808 comm="syz-fuzzer" path="/root/syzkaller-shm297524715" dev="sda1" ino=16483 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 [ 40.670918] IPVS: ftp: loaded support on port[0] = 21 [ 41.758557] can: request_module (can-proto-0) failed. [ 41.768017] can: request_module (can-proto-0) failed. [ 41.932401] audit: type=1400 audit(1576092355.304:38): avc: denied { create } for pid=6808 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 [ 41.956109] audit: type=1400 audit(1576092355.304:39): avc: denied { create } for pid=6808 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 41.979953] audit: type=1400 audit(1576092355.304:40): avc: denied { create } for pid=6808 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 42.269857] random: sshd: uninitialized urandom read (32 bytes read) [ 43.021003] random: sshd: uninitialized urandom read (32 bytes read) [ 43.228033] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.217' (ECDSA) to the list of known hosts. 2019/12/11 19:26:03 parsed 1 programs 2019/12/11 19:26:03 executed programs: 0 [ 50.211102] IPVS: ftp: loaded support on port[0] = 21 [ 50.998146] IPVS: ftp: loaded support on port[0] = 21 [ 51.044953] chnl_net:caif_netlink_parms(): no params data found [ 51.085340] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.092295] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.099358] device bridge_slave_0 entered promiscuous mode [ 51.106693] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.113285] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.120536] device bridge_slave_1 entered promiscuous mode [ 51.121277] IPVS: ftp: loaded support on port[0] = 21 [ 51.146293] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 51.157426] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 51.186405] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 51.193902] team0: Port device team_slave_0 added [ 51.209797] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 51.216967] team0: Port device team_slave_1 added [ 51.228972] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 51.236294] chnl_net:caif_netlink_parms(): no params data found [ 51.246416] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 51.322048] device hsr_slave_0 entered promiscuous mode [ 51.360333] device hsr_slave_1 entered promiscuous mode [ 51.407570] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 51.422745] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 51.435171] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.441913] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.449691] device bridge_slave_0 entered promiscuous mode [ 51.450108] IPVS: ftp: loaded support on port[0] = 21 [ 51.462982] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.469405] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.476704] device bridge_slave_1 entered promiscuous mode [ 51.488708] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.495300] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.502121] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.508449] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.557640] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 51.567212] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 51.588678] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 51.596046] team0: Port device team_slave_0 added [ 51.603058] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 51.610159] team0: Port device team_slave_1 added [ 51.615191] chnl_net:caif_netlink_parms(): no params data found [ 51.632504] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 51.655979] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 51.677381] IPVS: ftp: loaded support on port[0] = 21 [ 51.703543] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.709991] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.718882] device bridge_slave_0 entered promiscuous mode [ 51.726416] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.733129] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.740147] device bridge_slave_1 entered promiscuous mode [ 51.762309] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 51.781708] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 51.832801] device hsr_slave_0 entered promiscuous mode [ 51.890384] device hsr_slave_1 entered promiscuous mode [ 51.930866] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 51.967987] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 51.975405] team0: Port device team_slave_0 added [ 51.981817] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 52.006475] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 52.013863] team0: Port device team_slave_1 added [ 52.019403] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 52.029660] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 52.042850] chnl_net:caif_netlink_parms(): no params data found [ 52.056945] IPVS: ftp: loaded support on port[0] = 21 [ 52.112131] device hsr_slave_0 entered promiscuous mode [ 52.150331] device hsr_slave_1 entered promiscuous mode [ 52.190690] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 52.197771] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 52.216071] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 52.222478] 8021q: adding VLAN 0 to HW filter on device bond0 [ 52.229331] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.246797] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.253885] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 52.265962] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.282451] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 52.298174] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.323127] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 52.337673] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.344670] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.351881] device bridge_slave_0 entered promiscuous mode [ 52.358519] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.364945] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.372150] device bridge_slave_1 entered promiscuous mode [ 52.383235] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 52.390505] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 52.399769] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 52.406025] 8021q: adding VLAN 0 to HW filter on device team0 [ 52.419144] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 52.440935] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 52.448703] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 52.457961] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.464354] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.475234] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 52.483609] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 52.495444] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 52.514444] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 52.522323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 52.529831] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.536241] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.547286] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 52.588147] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 52.597157] team0: Port device team_slave_0 added [ 52.602773] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 52.613892] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 52.627788] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 52.634941] team0: Port device team_slave_1 added [ 52.640644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 52.663751] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 52.671190] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 52.703538] chnl_net:caif_netlink_parms(): no params data found [ 52.721308] 8021q: adding VLAN 0 to HW filter on device bond0 [ 52.727507] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 52.736284] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 52.744322] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 52.752611] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 52.783602] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 52.793025] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 52.800926] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 52.821574] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 52.827671] 8021q: adding VLAN 0 to HW filter on device team0 [ 52.836567] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 52.844188] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 52.851896] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 52.858657] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 52.865936] chnl_net:caif_netlink_parms(): no params data found [ 52.902110] device hsr_slave_0 entered promiscuous mode [ 52.940334] device hsr_slave_1 entered promiscuous mode [ 52.980780] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 52.988322] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 53.009678] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 53.017059] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 53.024718] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 53.035099] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 53.043002] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.049369] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.056373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 53.064252] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 53.076825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.085231] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 53.101064] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 53.115526] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 53.123131] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 53.131810] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 53.140520] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.146861] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.154216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 53.162136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 53.171665] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 53.179549] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 53.186600] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.196025] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.203463] device bridge_slave_0 entered promiscuous mode [ 53.212263] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 53.220202] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 53.226236] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 53.233531] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.241257] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.248132] device bridge_slave_1 entered promiscuous mode [ 53.254861] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 53.262328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 53.269138] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 53.278922] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 53.285309] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.317237] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.324253] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.331344] device bridge_slave_0 entered promiscuous mode [ 53.338608] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 53.349643] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 53.357414] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 53.377112] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.385564] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.394483] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.401983] device bridge_slave_1 entered promiscuous mode [ 53.412465] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 53.420535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 53.428244] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 53.435918] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.442306] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.449313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 53.459509] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 53.471135] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 53.489680] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 53.497770] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 53.514248] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 53.522550] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 53.530265] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.536734] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.545294] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.557616] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 53.566056] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 53.579445] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 53.586972] team0: Port device team_slave_0 added [ 53.593682] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 53.601752] team0: Port device team_slave_1 added [ 53.607447] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 53.615977] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 53.631673] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 53.639648] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 53.647771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 53.666744] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 53.675905] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 53.684152] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 53.699265] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 53.708174] team0: Port device team_slave_0 added [ 53.715878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 53.726146] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 53.735534] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 53.756069] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 53.763653] team0: Port device team_slave_1 added [ 53.769460] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 53.778004] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 53.788053] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 53.833443] device hsr_slave_0 entered promiscuous mode [ 53.890546] device hsr_slave_1 entered promiscuous mode [ 53.920867] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 53.931400] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 53.938845] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 53.953110] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 53.961286] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 53.968755] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 53.976492] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 53.984565] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 54.005015] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 54.016021] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 54.028178] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.063110] device hsr_slave_0 entered promiscuous mode [ 54.100482] device hsr_slave_1 entered promiscuous mode [ 54.141544] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 54.149685] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 54.157665] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 54.165263] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 54.173023] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 54.182464] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 54.188820] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 54.199840] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 54.207642] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 54.219087] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 54.228230] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 54.238005] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 54.247816] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 54.256674] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 54.264359] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 54.272252] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 54.281982] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 54.289650] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 54.299310] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.322134] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 54.345397] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 54.354427] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 54.361901] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.370961] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 54.380385] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 54.393153] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 54.405864] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 54.414631] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 54.422356] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.428759] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.436006] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 54.444468] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 54.452118] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.458662] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.466340] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 54.475908] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.504812] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 54.526377] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 54.546089] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.564917] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 54.576526] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 54.589617] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.606058] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 54.618797] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 54.634318] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 54.664409] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 54.672231] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 54.680904] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 54.689816] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 54.699304] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 54.705685] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.713090] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 54.720484] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.729162] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 54.741765] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.749989] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 54.758045] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 54.770652] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 54.779204] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 54.787780] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 54.795735] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.802262] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.814188] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 54.824138] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 54.831996] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 54.839656] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 54.849641] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 54.861369] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 54.881453] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 54.898383] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 54.907662] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.914209] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.926666] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 54.935246] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 54.946604] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 54.953955] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 54.961178] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 54.968855] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 54.978042] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 54.988441] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 54.999003] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 55.007811] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 55.015993] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.026248] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 55.039242] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 55.047671] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.054144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 2019/12/11 19:26:08 executed programs: 13 [ 55.064005] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 55.075676] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 55.083667] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 55.093686] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 55.105644] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 55.137116] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 55.153840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 55.167765] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 55.175612] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 55.183758] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 55.191523] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.198400] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.205855] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 55.220383] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 55.228565] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 55.237401] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 55.245983] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 55.253969] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.260333] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.269258] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 55.279596] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 55.288531] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 55.297282] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 55.305011] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 55.313433] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 55.322388] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 55.332102] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 55.338301] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 55.345478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 55.355258] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.366888] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 55.380001] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 55.391964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 55.406142] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.415470] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 55.423217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 55.432136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 55.439976] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 55.455830] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 55.463928] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 55.473964] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 55.484344] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 55.493586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 55.501858] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 55.514514] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 55.522998] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 55.530975] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 55.540312] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 55.546408] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 55.563372] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 55.574197] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.382015] ================================================================== [ 57.389883] BUG: KASAN: use-after-free in __vb2_perform_fileio+0x10fd/0x12b0 [ 57.397074] Read of size 4 at addr ffff8880a98d19dc by task syz-executor.4/7089 [ 57.404507] [ 57.406122] CPU: 0 PID: 7089 Comm: syz-executor.4 Not tainted 4.14.158-syzkaller #0 [ 57.413903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 57.423269] Call Trace: [ 57.425862] dump_stack+0xf7/0x13b [ 57.429395] ? __vb2_perform_fileio+0x10fd/0x12b0 [ 57.434263] print_address_description.cold.7+0x9/0x1c9 [ 57.439646] ? __vb2_perform_fileio+0x10fd/0x12b0 [ 57.444848] kasan_report.cold.8+0x11a/0x2d3 [ 57.449275] __asan_report_load4_noabort+0x14/0x20 [ 57.454214] __vb2_perform_fileio+0x10fd/0x12b0 [ 57.459098] ? vb2_core_poll+0x730/0x730 [ 57.463251] vb2_read+0xf/0x20 [ 57.466472] vb2_fop_read+0x1b6/0x390 [ 57.470276] ? vb2_fop_write+0x390/0x390 [ 57.474362] v4l2_read+0x133/0x240 [ 57.477901] do_iter_read+0x35e/0x570 [ 57.481697] ? dup_iter+0x250/0x250 [ 57.485480] vfs_readv+0xb6/0x110 [ 57.488955] ? compat_rw_copy_check_uvector+0x310/0x310 [ 57.494336] ? __fget+0x1ad/0x2f0 [ 57.498169] ? lock_downgrade+0x7f0/0x7f0 [ 57.502330] ? __fget+0x1ca/0x2f0 [ 57.505816] ? do_preadv+0x250/0x250 [ 57.509550] ? __fget_light+0x166/0x200 [ 57.513563] do_readv+0x10d/0x320 [ 57.517039] ? vfs_readv+0x110/0x110 [ 57.520746] ? do_syscall_64+0x4c/0x5b0 [ 57.524730] ? do_preadv+0x250/0x250 [ 57.528458] SyS_readv+0xb/0x10 [ 57.531741] do_syscall_64+0x1c7/0x5b0 [ 57.535633] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 57.540491] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 57.546132] RIP: 0033:0x459829 [ 57.549330] RSP: 002b:00007fa6c8f42c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 57.557071] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 57.564334] RDX: 0000000000000001 RSI: 0000000020000180 RDI: 0000000000000003 [ 57.571779] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 57.579047] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa6c8f436d4 [ 57.586309] R13: 00000000004c6b54 R14: 00000000004dc048 R15: 00000000ffffffff [ 57.594468] [ 57.596097] Allocated by task 7089: [ 57.599718] save_stack_trace+0x16/0x20 [ 57.603744] save_stack+0x43/0xd0 [ 57.607214] kasan_kmalloc+0xc7/0xe0 [ 57.610928] kmem_cache_alloc_trace+0x152/0x7a0 [ 57.615594] __vb2_init_fileio+0x160/0xaf0 [ 57.619869] __vb2_perform_fileio+0xa9f/0x12b0 [ 57.625431] vb2_read+0xf/0x20 [ 57.628616] vb2_fop_read+0x1b6/0x390 [ 57.632427] v4l2_read+0x133/0x240 [ 57.635960] do_iter_read+0x35e/0x570 [ 57.639762] vfs_readv+0xb6/0x110 [ 57.643202] do_readv+0x10d/0x320 [ 57.646647] SyS_readv+0xb/0x10 [ 57.649918] do_syscall_64+0x1c7/0x5b0 [ 57.653799] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 57.658978] [ 57.660591] Freed by task 7078: [ 57.664004] save_stack_trace+0x16/0x20 [ 57.667989] save_stack+0x43/0xd0 [ 57.671503] kasan_slab_free+0x71/0xc0 [ 57.675471] kfree+0xcc/0x270 [ 57.678597] __vb2_cleanup_fileio+0xee/0x140 [ 57.683014] vb2_core_queue_release+0xf/0x70 [ 57.687605] _vb2_fop_release+0x1ac/0x280 [ 57.691743] vb2_fop_release+0x66/0xd0 [ 57.695626] vivid_fop_release+0x15f/0x3a0 [ 57.699852] v4l2_release+0xeb/0x1a0 [ 57.703551] __fput+0x232/0x750 [ 57.706824] ____fput+0x9/0x10 [ 57.709997] task_work_run+0xe5/0x170 [ 57.713912] exit_to_usermode_loop+0x16a/0x1b0 [ 57.718611] do_syscall_64+0x416/0x5b0 [ 57.722509] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 57.727682] [ 57.729293] The buggy address belongs to the object at ffff8880a98d16c0 [ 57.729293] which belongs to the cache kmalloc-1024 of size 1024 [ 57.742112] The buggy address is located 796 bytes inside of [ 57.742112] 1024-byte region [ffff8880a98d16c0, ffff8880a98d1ac0) [ 57.754342] The buggy address belongs to the page: [ 57.759319] page:ffffea0002a63400 count:1 mapcount:0 mapping:ffff8880a98d0040 index:0x0 compound_mapcount: 0 [ 57.769461] flags: 0x1fffc0000008100(slab|head) [ 57.775079] raw: 01fffc0000008100 ffff8880a98d0040 0000000000000000 0000000100000007 [ 57.782957] raw: ffffea000229f3a0 ffffea0002a5f620 ffff8880aa800ac0 0000000000000000 [ 57.790833] page dumped because: kasan: bad access detected [ 57.796531] [ 57.798139] Memory state around the buggy address: [ 57.803064] ffff8880a98d1880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 57.810408] ffff8880a98d1900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 57.817777] >ffff8880a98d1980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 57.825128] ^ [ 57.831354] ffff8880a98d1a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 57.838734] ffff8880a98d1a80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 57.846104] ================================================================== [ 57.853453] Disabling lock debugging due to kernel taint [ 57.860446] Kernel panic - not syncing: panic_on_warn set ... [ 57.860446] [ 57.867838] CPU: 0 PID: 7089 Comm: syz-executor.4 Tainted: G B 4.14.158-syzkaller #0 [ 57.877056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 57.886411] Call Trace: [ 57.888992] dump_stack+0xf7/0x13b [ 57.892533] ? __vb2_perform_fileio+0x10fd/0x12b0 [ 57.897381] panic+0x1b0/0x358 [ 57.900573] ? add_taint.cold.5+0x11/0x11 [ 57.905308] ? ___preempt_schedule+0x16/0x18 [ 57.909705] ? __vb2_perform_fileio+0x10fd/0x12b0 [ 57.914541] kasan_end_report+0x47/0x4f [ 57.918494] kasan_report.cold.8+0x76/0x2d3 [ 57.922801] __asan_report_load4_noabort+0x14/0x20 [ 57.927723] __vb2_perform_fileio+0x10fd/0x12b0 [ 57.932389] ? vb2_core_poll+0x730/0x730 [ 57.936440] vb2_read+0xf/0x20 [ 57.939714] vb2_fop_read+0x1b6/0x390 [ 57.943504] ? vb2_fop_write+0x390/0x390 [ 57.947548] v4l2_read+0x133/0x240 [ 57.951076] do_iter_read+0x35e/0x570 [ 57.954885] ? dup_iter+0x250/0x250 [ 57.958495] vfs_readv+0xb6/0x110 [ 57.961926] ? compat_rw_copy_check_uvector+0x310/0x310 [ 57.967275] ? __fget+0x1ad/0x2f0 [ 57.970716] ? lock_downgrade+0x7f0/0x7f0 [ 57.974848] ? __fget+0x1ca/0x2f0 [ 57.978301] ? do_preadv+0x250/0x250 [ 57.981996] ? __fget_light+0x166/0x200 [ 57.986041] do_readv+0x10d/0x320 [ 57.989510] ? vfs_readv+0x110/0x110 [ 57.993296] ? do_syscall_64+0x4c/0x5b0 [ 57.997249] ? do_preadv+0x250/0x250 [ 58.000957] SyS_readv+0xb/0x10 [ 58.004393] do_syscall_64+0x1c7/0x5b0 [ 58.008272] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 58.013107] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 58.018287] RIP: 0033:0x459829 [ 58.021457] RSP: 002b:00007fa6c8f42c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 58.029155] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 58.036435] RDX: 0000000000000001 RSI: 0000000020000180 RDI: 0000000000000003 [ 58.043711] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 58.050991] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa6c8f436d4 [ 58.058302] R13: 00000000004c6b54 R14: 00000000004dc048 R15: 00000000ffffffff [ 58.066999] Kernel Offset: disabled [ 58.070627] Rebooting in 86400 seconds..