[ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 syzkaller login: [ 30.423533] audit: type=1400 audit(1588209466.818:8): avc: denied { execmem } for pid=6114 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 30.690263] IPVS: ftp: loaded support on port[0] = 21 [ 31.868822] can: request_module (can-proto-0) failed. [ 31.877746] can: request_module (can-proto-0) failed. [ 31.904717] audit: type=1400 audit(1588209468.299:9): avc: denied { create } for pid=6093 comm="syz-fuzzer" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dccp_socket permissive=1 Warning: Permanently added '10.128.10.55' (ECDSA) to the list of known hosts. 2020/04/30 01:17:55 parsed 1 programs 2020/04/30 01:17:55 executed programs: 0 [ 39.493420] audit: type=1400 audit(1588209475.893:10): avc: denied { execmem } for pid=6230 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 39.533363] audit: type=1400 audit(1588209475.933:11): avc: denied { execmem } for pid=6237 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 39.557812] IPVS: ftp: loaded support on port[0] = 21 [ 40.416491] IPVS: ftp: loaded support on port[0] = 21 [ 40.500125] chnl_net:caif_netlink_parms(): no params data found [ 40.511553] IPVS: ftp: loaded support on port[0] = 21 [ 40.600021] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.608231] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.616570] device bridge_slave_0 entered promiscuous mode [ 40.623396] chnl_net:caif_netlink_parms(): no params data found [ 40.638931] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.646094] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.652958] device bridge_slave_1 entered promiscuous mode [ 40.687194] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 40.707231] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 40.727338] IPVS: ftp: loaded support on port[0] = 21 [ 40.731915] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.741379] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.748384] device bridge_slave_0 entered promiscuous mode [ 40.756757] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.763166] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.775715] device bridge_slave_1 entered promiscuous mode [ 40.800559] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 40.810970] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 40.821358] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 40.829034] team0: Port device team_slave_0 added [ 40.850744] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 40.858059] team0: Port device team_slave_1 added [ 40.865859] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 40.873195] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 40.880595] team0: Port device team_slave_0 added [ 40.912362] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 40.919610] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 40.927323] team0: Port device team_slave_1 added [ 40.960145] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 40.979789] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 41.001970] IPVS: ftp: loaded support on port[0] = 21 [ 41.046898] device hsr_slave_0 entered promiscuous mode [ 41.085188] device hsr_slave_1 entered promiscuous mode [ 41.114670] chnl_net:caif_netlink_parms(): no params data found [ 41.149379] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 41.156521] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 41.196588] device hsr_slave_0 entered promiscuous mode [ 41.234524] device hsr_slave_1 entered promiscuous mode [ 41.281097] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 41.290557] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 41.340721] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.349973] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.357455] device bridge_slave_0 entered promiscuous mode [ 41.367499] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.374059] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.381186] device bridge_slave_1 entered promiscuous mode [ 41.399710] chnl_net:caif_netlink_parms(): no params data found [ 41.422839] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 41.433747] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 41.446761] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.453151] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.460190] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.466602] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.499785] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.506998] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.527601] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 41.536283] team0: Port device team_slave_0 added [ 41.553589] IPVS: ftp: loaded support on port[0] = 21 [ 41.561173] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 41.569304] team0: Port device team_slave_1 added [ 41.578624] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 41.593684] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 41.623642] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 41.631002] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.638212] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.645658] device bridge_slave_0 entered promiscuous mode [ 41.654378] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.660742] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.667946] device bridge_slave_1 entered promiscuous mode [ 41.686713] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 41.695886] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 41.818685] device hsr_slave_0 entered promiscuous mode [ 41.864265] device hsr_slave_1 entered promiscuous mode [ 41.918911] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 41.932979] chnl_net:caif_netlink_parms(): no params data found [ 41.950010] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 41.957159] team0: Port device team_slave_0 added [ 41.962335] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 41.975382] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 41.982856] team0: Port device team_slave_1 added [ 42.018365] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 42.029103] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 42.041440] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.048447] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.055682] device bridge_slave_0 entered promiscuous mode [ 42.062172] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.068874] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.076017] device bridge_slave_1 entered promiscuous mode [ 42.122750] 8021q: adding VLAN 0 to HW filter on device bond0 [ 42.149038] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 42.158203] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 42.189374] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 42.205274] 8021q: adding VLAN 0 to HW filter on device bond0 [ 42.238211] device hsr_slave_0 entered promiscuous mode [ 42.274192] device hsr_slave_1 entered promiscuous mode [ 42.315017] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 42.322732] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 42.330608] chnl_net:caif_netlink_parms(): no params data found [ 42.346964] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 42.354637] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 42.378709] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 42.390413] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 42.399405] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 42.407611] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 42.414740] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 42.421492] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 42.429169] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 42.436732] team0: Port device team_slave_0 added [ 42.444158] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 42.451208] team0: Port device team_slave_1 added [ 42.456543] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 42.472964] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 42.479272] 8021q: adding VLAN 0 to HW filter on device team0 [ 42.487018] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 42.536354] device hsr_slave_0 entered promiscuous mode [ 42.574074] device hsr_slave_1 entered promiscuous mode [ 42.614488] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 42.622483] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 42.636390] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.642767] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.650277] device bridge_slave_0 entered promiscuous mode [ 42.657685] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 42.666271] 8021q: adding VLAN 0 to HW filter on device team0 [ 42.675053] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 42.682012] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 42.689995] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 42.697753] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.704143] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.712886] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 42.720361] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.727241] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.734357] device bridge_slave_1 entered promiscuous mode [ 42.754605] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 42.762024] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 42.770807] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 42.778897] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.785280] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.792457] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 42.800249] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 42.808005] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.814386] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.823529] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 42.838168] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 42.848137] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 42.855897] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 42.863152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 42.874904] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 42.885643] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 42.894703] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 42.902888] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 42.914393] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 42.922196] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 42.932466] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.938876] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.946915] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 42.954863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 42.967388] 8021q: adding VLAN 0 to HW filter on device bond0 [ 42.990547] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 43.000042] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 43.015610] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 43.022649] team0: Port device team_slave_0 added [ 43.030071] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 43.037757] team0: Port device team_slave_1 added [ 43.043033] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 43.053105] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 43.071328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 43.079332] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 43.088664] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 43.096828] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 43.107305] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 43.114781] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 43.125248] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 43.148708] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 43.158140] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 43.171176] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.178318] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 43.187493] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 43.195284] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 43.235899] device hsr_slave_0 entered promiscuous mode [ 43.273909] device hsr_slave_1 entered promiscuous mode [ 43.313810] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 43.320714] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 43.329398] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 43.337263] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 43.345145] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 43.352639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 43.360768] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 43.370602] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 43.379973] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 43.389017] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 43.396146] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 43.403450] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 43.411386] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 43.419148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 43.426706] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 43.433433] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.440293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 43.447776] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 43.457390] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 43.466454] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 43.478106] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 43.484492] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.491748] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 43.498057] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 43.505386] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 43.513208] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.523814] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 43.532129] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 43.544297] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 43.550301] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 43.558785] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 43.565381] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.576620] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 43.586361] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.595255] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 43.602760] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 43.610863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 43.619290] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.627283] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.633674] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.641220] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 43.656918] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.667983] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 43.677228] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 43.685408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.692945] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.699343] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.706691] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 43.714621] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 43.722255] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.729470] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.737813] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 43.751038] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 43.760709] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 43.769131] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 43.776677] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 43.785059] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 43.792736] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 43.800495] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.806887] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.821781] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.832159] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 43.840451] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 43.852789] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 43.868820] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 43.879139] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 43.889313] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 43.900539] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 43.909993] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 43.921981] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 43.933931] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 43.944556] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 43.954315] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 43.962656] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 43.975065] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 43.981148] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.992147] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 44.001414] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.009470] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 44.017446] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 44.025377] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 44.032650] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 44.039630] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 44.065955] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 44.076412] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 44.087909] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.101419] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 44.109748] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 44.119878] FAULT_INJECTION: forcing a failure. [ 44.119878] name failslab, interval 1, probability 0, space 0, times 1 [ 44.123102] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.132001] CPU: 1 PID: 7127 Comm: syz-executor.2 Not tainted 4.14.177-syzkaller #0 [ 44.144774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 44.146635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.157289] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.163327] Call Trace: [ 44.163343] dump_stack+0xf7/0x13b [ 44.163355] should_fail.cold.3+0x105/0x14b [ 44.163364] should_failslab+0xba/0xf0 [ 44.163373] __kmalloc+0x2e8/0x7b0 [ 44.163383] ? tls_push_record+0xf6/0x14c0 [ 44.163390] tls_push_record+0xf6/0x14c0 [ 44.163404] tls_sw_sendpage+0x443/0xc50 [ 44.163417] ? tls_sw_sendmsg+0x10a0/0x10a0 [ 44.163424] ? pipe_lock+0x4f/0x60 [ 44.163433] inet_sendpage+0x122/0x600 [ 44.163443] ? kernel_sendpage+0xd0/0xd0 [ 44.179645] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.181107] kernel_sendpage+0x60/0xd0 [ 44.181118] ? pipe_lock+0x4f/0x60 [ 44.185039] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.188498] sock_sendpage+0x6d/0xd0 [ 44.193096] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 44.196781] pipe_to_sendpage+0x206/0x420 [ 44.196788] ? mid8250_dma_filter+0x158/0x180 [ 44.196793] ? generic_pipe_buf_nosteal+0x10/0x10 [ 44.196803] __splice_from_pipe+0x2cb/0x720 [ 44.196808] ? generic_pipe_buf_nosteal+0x10/0x10 [ 44.196816] ? generic_pipe_buf_nosteal+0x10/0x10 [ 44.196820] splice_from_pipe+0xb5/0x110 [ 44.196828] ? selinux_file_permission+0x2d1/0x3e0 [ 44.196833] ? splice_shrink_spd+0xa0/0xa0 [ 44.196843] ? rw_verify_area+0xb8/0x2b0 [ 44.196849] generic_splice_sendpage+0x10/0x20 [ 44.196853] SyS_splice+0x6e9/0x1580 [ 44.196858] ? __sb_end_write+0xa4/0xd0 [ 44.196868] ? compat_SyS_vmsplice+0x1e0/0x1e0 [ 44.196877] ? do_syscall_64+0x4c/0x5b0 [ 44.196883] ? compat_SyS_vmsplice+0x1e0/0x1e0 [ 44.196888] do_syscall_64+0x1c7/0x5b0 [ 44.196892] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 44.196904] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 44.196909] RIP: 0033:0x459a29 [ 44.196912] RSP: 002b:00007f86e2400c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 44.196919] RAX: ffffffffffffffda RBX: 00007f86e2400c90 RCX: 0000000000459a29 [ 44.196922] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 44.196925] RBP: 000000000075bf20 R08: 0000000100000000 R09: 0000000000000000 [ 44.196928] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f86e24016d4 [ 44.196930] R13: 00000000004c9222 R14: 00000000004df820 R15: 0000000000000005 [ 44.227786] ================================================================== [ 44.231670] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.237302] BUG: KASAN: use-after-free in scatterwalk_copychunks+0x207/0x690 [ 44.237308] Read of size 4096 at addr ffff888083246000 by task syz-executor.2/7127 [ 44.237309] [ 44.237316] CPU: 1 PID: 7127 Comm: syz-executor.2 Not tainted 4.14.177-syzkaller #0 [ 44.237319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.237322] Call Trace: [ 44.237331] dump_stack+0xf7/0x13b [ 44.237337] ? scatterwalk_copychunks+0x207/0x690 [ 44.237346] print_address_description.cold.7+0x9/0x1c9 [ 44.237350] ? scatterwalk_copychunks+0x207/0x690 [ 44.237354] kasan_report.cold.8+0x11a/0x2d3 [ 44.237361] check_memory_region+0x13e/0x1b0 [ 44.237367] memcpy+0x23/0x50 [ 44.237374] scatterwalk_copychunks+0x207/0x690 [ 44.237384] scatterwalk_map_and_copy+0x10d/0x1a0 [ 44.237392] ? __lock_is_held+0xb5/0x140 [ 44.237397] ? scatterwalk_copychunks+0x690/0x690 [ 44.237410] ? rcu_read_lock_sched_held+0x108/0x120 [ 44.237418] ? __kmalloc+0x36d/0x7b0 [ 44.237428] ? gcmaes_encrypt.constprop.14+0x130/0xae0 [ 44.237434] gcmaes_encrypt.constprop.14+0x1c0/0xae0 [ 44.237444] generic_gcmaes_encrypt+0xf8/0x13d [ 44.237448] ? helper_rfc4106_encrypt+0x430/0x430 [ 44.237453] ? __kmalloc+0x36d/0x7b0 [ 44.237460] ? sk_stream_wait_memory+0x840/0xd00 [ 44.237466] gcmaes_wrapper_encrypt+0xe0/0x140 [ 44.237476] tls_push_record+0x8e6/0x14c0 [ 44.237490] tls_sw_sendpage+0x443/0xc50 [ 44.237503] ? tls_sw_sendmsg+0x10a0/0x10a0 [ 44.237511] ? pipe_lock+0x4f/0x60 [ 44.237522] inet_sendpage+0x122/0x600 [ 44.237531] ? kernel_sendpage+0xd0/0xd0 [ 44.241803] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.248606] kernel_sendpage+0x60/0xd0 [ 44.248617] ? pipe_lock+0x4f/0x60 [ 44.248621] sock_sendpage+0x6d/0xd0 [ 44.248628] pipe_to_sendpage+0x206/0x420 [ 44.248636] ? mid8250_dma_filter+0x158/0x180 [ 44.248641] ? generic_pipe_buf_nosteal+0x10/0x10 [ 44.248650] __splice_from_pipe+0x2cb/0x720 [ 44.248656] ? generic_pipe_buf_nosteal+0x10/0x10 [ 44.252814] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.257269] ? generic_pipe_buf_nosteal+0x10/0x10 [ 44.257274] splice_from_pipe+0xb5/0x110 [ 44.257282] ? selinux_file_permission+0x2d1/0x3e0 [ 44.257286] ? splice_shrink_spd+0xa0/0xa0 [ 44.257296] ? rw_verify_area+0xb8/0x2b0 [ 44.257302] generic_splice_sendpage+0x10/0x20 [ 44.262696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 44.266414] SyS_splice+0x6e9/0x1580 [ 44.266420] ? __sb_end_write+0xa4/0xd0 [ 44.266431] ? compat_SyS_vmsplice+0x1e0/0x1e0 [ 44.266440] ? do_syscall_64+0x4c/0x5b0 [ 44.266447] ? compat_SyS_vmsplice+0x1e0/0x1e0 [ 44.266451] do_syscall_64+0x1c7/0x5b0 [ 44.266455] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 44.266467] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 44.266472] RIP: 0033:0x459a29 [ 44.266475] RSP: 002b:00007f86e2400c78 EFLAGS: 00000246 [ 44.271811] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.276111] ORIG_RAX: 0000000000000113 [ 44.276114] RAX: ffffffffffffffda RBX: 00007f86e2400c90 RCX: 0000000000459a29 [ 44.276117] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 44.276119] RBP: 000000000075bf20 R08: 0000000100000000 R09: 0000000000000000 [ 44.276122] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f86e24016d4 [ 44.276124] R13: 00000000004c9222 R14: 00000000004df820 R15: 0000000000000005 [ 44.276135] [ 44.276138] The buggy address belongs to the page: [ 44.276145] page:ffffea00020c9180 count:0 mapcount:-127 mapping: (null) index:0xffff888083246900 [ 44.276150] flags: 0x1fffc0000000000() [ 44.276156] raw: 01fffc0000000000 0000000000000000 ffff888083246900 00000000ffffff80 [ 44.276160] raw: ffffea0002415b20 ffffea00020c8ea0 0000000000000001 0000000000000000 [ 44.276162] page dumped because: kasan: bad access detected [ 44.276166] [ 44.280820] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 44.285107] Memory state around the buggy address: [ 44.285113] ffff888083245f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 44.285116] ffff888083245f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 44.285119] >ffff888083246000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 44.285122] ^ [ 44.285124] ffff888083246080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 44.285127] ffff888083246100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 44.285129] ================================================================== [ 44.285131] Disabling lock debugging due to kernel taint [ 44.285235] Kernel panic - not syncing: panic_on_warn set ... [ 44.285235] [ 44.285241] CPU: 1 PID: 7127 Comm: syz-executor.2 Tainted: G B 4.14.177-syzkaller #0 [ 44.285244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.285246] Call Trace: [ 44.285256] dump_stack+0xf7/0x13b [ 44.285265] ? scatterwalk_copychunks+0x207/0x690 [ 44.285271] panic+0x1b0/0x358 [ 44.285275] ? add_taint.cold.5+0x11/0x11 [ 44.285283] ? scatterwalk_copychunks+0x207/0x690 [ 44.285289] kasan_end_report+0x47/0x4f [ 44.285292] kasan_report.cold.8+0x76/0x2d3 [ 44.285297] check_memory_region+0x13e/0x1b0 [ 44.285300] memcpy+0x23/0x50 [ 44.285304] scatterwalk_copychunks+0x207/0x690 [ 44.285310] scatterwalk_map_and_copy+0x10d/0x1a0 [ 44.285317] ? __lock_is_held+0xb5/0x140 [ 44.285322] ? scatterwalk_copychunks+0x690/0x690 [ 44.291598] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 44.293580] ? rcu_read_lock_sched_held+0x108/0x120 [ 44.293588] ? __kmalloc+0x36d/0x7b0 [ 44.293597] ? gcmaes_encrypt.constprop.14+0x130/0xae0 [ 44.293601] gcmaes_encrypt.constprop.14+0x1c0/0xae0 [ 44.293607] generic_gcmaes_encrypt+0xf8/0x13d [ 44.293616] ? helper_rfc4106_encrypt+0x430/0x430 [ 44.293620] ? __kmalloc+0x36d/0x7b0 [ 44.293627] ? sk_stream_wait_memory+0x840/0xd00 [ 44.293632] gcmaes_wrapper_encrypt+0xe0/0x140 [ 44.952794] tls_push_record+0x8e6/0x14c0 [ 44.956925] tls_sw_sendpage+0x443/0xc50 [ 44.960976] ? tls_sw_sendmsg+0x10a0/0x10a0 [ 44.965274] ? pipe_lock+0x4f/0x60 [ 44.968797] inet_sendpage+0x122/0x600 [ 44.972662] ? kernel_sendpage+0xd0/0xd0 [ 44.976696] kernel_sendpage+0x60/0xd0 [ 44.980558] ? pipe_lock+0x4f/0x60 [ 44.984074] sock_sendpage+0x6d/0xd0 [ 44.987772] pipe_to_sendpage+0x206/0x420 [ 44.991893] ? mid8250_dma_filter+0x158/0x180 [ 44.996363] ? generic_pipe_buf_nosteal+0x10/0x10 [ 45.001195] __splice_from_pipe+0x2cb/0x720 [ 45.005500] ? generic_pipe_buf_nosteal+0x10/0x10 [ 45.010322] ? generic_pipe_buf_nosteal+0x10/0x10 [ 45.015136] splice_from_pipe+0xb5/0x110 [ 45.019188] ? selinux_file_permission+0x2d1/0x3e0 [ 45.024092] ? splice_shrink_spd+0xa0/0xa0 [ 45.028325] ? rw_verify_area+0xb8/0x2b0 [ 45.032377] generic_splice_sendpage+0x10/0x20 [ 45.036938] SyS_splice+0x6e9/0x1580 [ 45.040638] ? __sb_end_write+0xa4/0xd0 [ 45.044603] ? compat_SyS_vmsplice+0x1e0/0x1e0 [ 45.049162] ? do_syscall_64+0x4c/0x5b0 [ 45.053111] ? compat_SyS_vmsplice+0x1e0/0x1e0 [ 45.057673] do_syscall_64+0x1c7/0x5b0 [ 45.061534] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 45.066353] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 45.071533] RIP: 0033:0x459a29 [ 45.074695] RSP: 002b:00007f86e2400c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 45.082375] RAX: ffffffffffffffda RBX: 00007f86e2400c90 RCX: 0000000000459a29 [ 45.089625] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 45.096870] RBP: 000000000075bf20 R08: 0000000100000000 R09: 0000000000000000 [ 45.104986] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f86e24016d4 [ 45.112245] R13: 00000000004c9222 R14: 00000000004df820 R15: 0000000000000005 [ 45.120921] Kernel Offset: disabled [ 45.124535] Rebooting in 86400 seconds..