[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 37.909356] IPVS: ftp: loaded support on port[0] = 21 [ 38.243105] tipc: TX() has been purged, node left! [ 38.401136] can: request_module (can-proto-0) failed. [ 41.145381] can: request_module (can-proto-0) failed. Warning: Permanently added '10.128.1.7' (ECDSA) to the list of known hosts. 2019/12/18 22:39:27 parsed 1 programs 2019/12/18 22:39:27 executed programs: 0 [ 49.412677] IPVS: ftp: loaded support on port[0] = 21 [ 49.432322] IPVS: ftp: loaded support on port[0] = 21 [ 49.448621] IPVS: ftp: loaded support on port[0] = 21 [ 49.465847] IPVS: ftp: loaded support on port[0] = 21 [ 49.486539] IPVS: ftp: loaded support on port[0] = 21 [ 49.511171] IPVS: ftp: loaded support on port[0] = 21 [ 49.711958] chnl_net:caif_netlink_parms(): no params data found [ 49.724359] chnl_net:caif_netlink_parms(): no params data found [ 49.779924] chnl_net:caif_netlink_parms(): no params data found [ 49.792444] chnl_net:caif_netlink_parms(): no params data found [ 49.822514] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.830886] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.838055] device bridge_slave_0 entered promiscuous mode [ 49.896828] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.905407] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.912255] device bridge_slave_1 entered promiscuous mode [ 49.938488] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.944977] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.952028] device bridge_slave_0 entered promiscuous mode [ 49.958843] chnl_net:caif_netlink_parms(): no params data found [ 49.986152] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.992550] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.000280] device bridge_slave_0 entered promiscuous mode [ 50.007078] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.013928] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.020856] device bridge_slave_1 entered promiscuous mode [ 50.044025] chnl_net:caif_netlink_parms(): no params data found [ 50.052904] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 50.062336] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.069101] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.076575] device bridge_slave_1 entered promiscuous mode [ 50.095271] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.101641] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.109370] device bridge_slave_0 entered promiscuous mode [ 50.116932] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 50.131688] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 50.148230] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 50.160232] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.166985] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.173954] device bridge_slave_1 entered promiscuous mode [ 50.189478] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 50.217456] team0: Port device team_slave_0 added [ 50.223591] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 50.247462] team0: Port device team_slave_0 added [ 50.252721] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.259559] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.268214] device bridge_slave_0 entered promiscuous mode [ 50.275871] team0: Port device team_slave_1 added [ 50.280963] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.287413] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.294669] device bridge_slave_1 entered promiscuous mode [ 50.303817] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 50.326409] team0: Port device team_slave_1 added [ 50.331473] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.337964] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.345152] device bridge_slave_0 entered promiscuous mode [ 50.351908] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.358360] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.365195] device bridge_slave_1 entered promiscuous mode [ 50.377072] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 50.386975] team0: Port device team_slave_0 added [ 50.394200] team0: Port device team_slave_1 added [ 50.426408] team0: Port device team_slave_0 added [ 50.464890] device hsr_slave_0 entered promiscuous mode [ 50.503344] device hsr_slave_1 entered promiscuous mode [ 50.564547] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 50.581558] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 50.596086] team0: Port device team_slave_1 added [ 50.646381] device hsr_slave_0 entered promiscuous mode [ 50.713350] device hsr_slave_1 entered promiscuous mode [ 50.763183] debugfs: Directory 'hsr0' with parent '/' already present! [ 50.771181] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 50.784797] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 50.874711] device hsr_slave_0 entered promiscuous mode [ 50.913422] device hsr_slave_1 entered promiscuous mode [ 50.983167] debugfs: Directory 'hsr0' with parent '/' already present! [ 51.035649] device hsr_slave_0 entered promiscuous mode [ 51.073404] device hsr_slave_1 entered promiscuous mode [ 51.143085] debugfs: Directory 'hsr0' with parent '/' already present! [ 51.151612] team0: Port device team_slave_0 added [ 51.161420] team0: Port device team_slave_1 added [ 51.168483] team0: Port device team_slave_0 added [ 51.190573] team0: Port device team_slave_1 added [ 51.237762] device hsr_slave_0 entered promiscuous mode [ 51.303402] device hsr_slave_1 entered promiscuous mode [ 51.363089] debugfs: Directory 'hsr0' with parent '/' already present! [ 51.435775] device hsr_slave_0 entered promiscuous mode [ 51.483439] device hsr_slave_1 entered promiscuous mode [ 51.533312] debugfs: Directory 'hsr0' with parent '/' already present! [ 51.614469] 8021q: adding VLAN 0 to HW filter on device bond0 [ 51.637132] 8021q: adding VLAN 0 to HW filter on device bond0 [ 51.652018] 8021q: adding VLAN 0 to HW filter on device bond0 [ 51.660504] 8021q: adding VLAN 0 to HW filter on device bond0 [ 51.687175] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 51.694788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 51.707370] 8021q: adding VLAN 0 to HW filter on device team0 [ 51.717366] 8021q: adding VLAN 0 to HW filter on device bond0 [ 51.727148] 8021q: adding VLAN 0 to HW filter on device team0 [ 51.737180] 8021q: adding VLAN 0 to HW filter on device team0 [ 51.749798] 8021q: adding VLAN 0 to HW filter on device team0 [ 51.758807] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 51.767005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 51.774917] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 51.782015] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 51.789284] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 51.796368] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 51.803794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 51.811598] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 51.819514] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.826063] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.840905] 8021q: adding VLAN 0 to HW filter on device team0 [ 51.865543] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 51.872945] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 51.886057] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 51.894631] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.901206] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.908079] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 51.915744] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 51.922683] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 51.930657] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 51.938306] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.947374] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.954705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 51.962442] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 51.970303] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.976709] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.983712] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 51.992348] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 52.000047] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.006417] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.013345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 52.020999] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 52.029057] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 52.036658] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.043038] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.050921] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.058420] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.065680] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.072644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 52.090611] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 52.099250] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 52.109845] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.116239] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.123799] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 52.131422] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 52.139450] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 52.147039] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 52.154878] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 52.162691] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 52.170302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 52.179046] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.186502] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 52.193841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 52.201505] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 52.209271] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.215684] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.226928] 8021q: adding VLAN 0 to HW filter on device bond0 [ 52.259065] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 52.271999] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 52.281637] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 52.292553] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 52.300872] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 52.308599] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 52.316555] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 52.324596] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 52.332026] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 52.339628] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 52.347232] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 52.355031] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 52.363272] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 52.370796] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.377216] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.384256] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 52.391973] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 52.399757] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 52.407535] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 52.415242] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 52.425370] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 52.433117] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 52.440650] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 52.448216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 52.455934] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 52.463653] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.470005] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.476815] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 52.484757] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 52.493205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 52.501034] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 52.508041] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 52.517330] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 52.529187] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 52.540348] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 52.560220] 8021q: adding VLAN 0 to HW filter on device team0 [ 52.567896] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 52.577163] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 52.588200] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 52.596381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 52.603861] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 52.632182] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 52.642053] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 52.652890] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 52.666517] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 52.675472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 52.683380] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 52.690892] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 52.699263] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 52.706993] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 52.714868] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 52.722333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 52.730232] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 52.738052] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 52.745870] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 52.753751] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 52.761202] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 52.769495] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 52.777394] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 52.784863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 52.792266] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 52.800816] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 52.811676] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 52.831577] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 52.839268] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 52.852129] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 52.859521] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 52.869349] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 52.877754] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 52.886956] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.893342] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.900790] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.918885] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 52.942886] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 52.968856] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 52.977952] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 52.991453] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.997924] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.008072] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 53.016037] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 53.023852] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 53.031521] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 53.040049] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 53.049125] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 53.069996] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 53.090952] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 53.107091] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 53.116801] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 53.128951] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 53.138281] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 53.146061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 53.153843] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 53.161597] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 53.196146] 8021q: adding VLAN 0 to HW filter on device batadv0 2019/12/18 22:39:32 executed programs: 57 2019/12/18 22:39:37 executed programs: 326 2019/12/18 22:39:42 executed programs: 580 2019/12/18 22:39:47 executed programs: 853 2019/12/18 22:39:52 executed programs: 1124 2019/12/18 22:39:57 executed programs: 1390 2019/12/18 22:40:02 executed programs: 1656 2019/12/18 22:40:07 executed programs: 1914 2019/12/18 22:40:12 executed programs: 2178 2019/12/18 22:40:17 executed programs: 2447 2019/12/18 22:40:22 executed programs: 2716 2019/12/18 22:40:27 executed programs: 2977 2019/12/18 22:40:32 executed programs: 3238 2019/12/18 22:40:37 executed programs: 3510 2019/12/18 22:40:42 executed programs: 3778 2019/12/18 22:40:47 executed programs: 4047 2019/12/18 22:40:53 executed programs: 4309 2019/12/18 22:40:58 executed programs: 4572 2019/12/18 22:41:03 executed programs: 4829 2019/12/18 22:41:08 executed programs: 5092 2019/12/18 22:41:13 executed programs: 5353 2019/12/18 22:41:18 executed programs: 5612 2019/12/18 22:41:23 executed programs: 5865 2019/12/18 22:41:28 executed programs: 6127 2019/12/18 22:41:33 executed programs: 6383 2019/12/18 22:41:38 executed programs: 6642 2019/12/18 22:41:43 executed programs: 6899 2019/12/18 22:41:48 executed programs: 7164 2019/12/18 22:41:53 executed programs: 7421 2019/12/18 22:41:58 executed programs: 7676 2019/12/18 22:42:03 executed programs: 7938 2019/12/18 22:42:08 executed programs: 8198 2019/12/18 22:42:13 executed programs: 8464 2019/12/18 22:42:18 executed programs: 8725 2019/12/18 22:42:23 executed programs: 8992 2019/12/18 22:42:28 executed programs: 9248 2019/12/18 22:42:33 executed programs: 9499 2019/12/18 22:42:38 executed programs: 9758 2019/12/18 22:42:43 executed programs: 10016 2019/12/18 22:42:48 executed programs: 10275 2019/12/18 22:42:53 executed programs: 10523 2019/12/18 22:42:58 executed programs: 10787 2019/12/18 22:43:03 executed programs: 11038 2019/12/18 22:43:08 executed programs: 11297 2019/12/18 22:43:13 executed programs: 11558 2019/12/18 22:43:18 executed programs: 11811 2019/12/18 22:43:23 executed programs: 12069 2019/12/18 22:43:28 executed programs: 12321 2019/12/18 22:43:33 executed programs: 12566 2019/12/18 22:43:38 executed programs: 12823 2019/12/18 22:43:43 executed programs: 13087 2019/12/18 22:43:48 executed programs: 13352 2019/12/18 22:43:53 executed programs: 13610 2019/12/18 22:43:58 executed programs: 13859 2019/12/18 22:44:03 executed programs: 14105 2019/12/18 22:44:08 executed programs: 14363 2019/12/18 22:44:13 executed programs: 14632 2019/12/18 22:44:18 executed programs: 14888 2019/12/18 22:44:23 executed programs: 15151 2019/12/18 22:44:28 executed programs: 15400 2019/12/18 22:44:33 executed programs: 15654 2019/12/18 22:44:38 executed programs: 15931 2019/12/18 22:44:43 executed programs: 16204 2019/12/18 22:44:48 executed programs: 16471 2019/12/18 22:44:53 executed programs: 16737 2019/12/18 22:44:58 executed programs: 16999 2019/12/18 22:45:03 executed programs: 17268 2019/12/18 22:45:08 executed programs: 17536 2019/12/18 22:45:13 executed programs: 17804 [ 398.166065] ================================================================== [ 398.173675] BUG: KASAN: use-after-free in __mutex_lock+0x108f/0x1410 [ 398.180161] Read of size 8 at addr ffff88808a926388 by task kworker/u4:1/21 [ 398.180165] [ 398.180173] CPU: 0 PID: 21 Comm: kworker/u4:1 Not tainted 5.5.0-rc2-syzkaller #0 [ 398.196741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 398.206134] Workqueue: ib_addr process_one_req [ 398.210715] Call Trace: [ 398.213384] dump_stack+0x12d/0x187 [ 398.217050] print_address_description.constprop.8.cold.10+0x9/0x31d [ 398.217059] ? __mutex_lock+0x108f/0x1410 [ 398.227690] __kasan_report.cold.11+0x1b/0x3a [ 398.232203] ? __mutex_lock+0x108f/0x1410 [ 398.236351] ? __mutex_lock+0x108f/0x1410 [ 398.240508] kasan_report+0x12/0x20 [ 398.244145] __asan_report_load8_noabort+0x14/0x20 [ 398.249077] __mutex_lock+0x108f/0x1410 [ 398.253114] ? addr_handler+0xac/0x300 [ 398.257004] ? mutex_lock_io_nested+0x1280/0x1280 [ 398.261894] ? __kasan_check_read+0x11/0x20 [ 398.261939] ? mark_lock+0xc5/0x11d0 [ 398.269930] ? __kasan_check_read+0x11/0x20 [ 398.274251] ? __kasan_check_read+0x11/0x20 [ 398.278581] ? __lock_acquire+0x100f/0x4ef0 [ 398.282901] ? __kasan_check_read+0x11/0x20 [ 398.287229] mutex_lock_nested+0x16/0x20 [ 398.291278] ? mutex_lock_nested+0x16/0x20 [ 398.291286] addr_handler+0xac/0x300 [ 398.291294] ? cma_work_handler+0x1c0/0x1c0 [ 398.291326] ? cma_work_handler+0x1c0/0x1c0 [ 398.291332] process_one_req+0xdf/0x610 [ 398.291400] process_one_work+0x85b/0x1630 [ 398.291411] ? pwq_dec_nr_in_flight+0x2c0/0x2c0 [ 398.299341] ? lock_acquire+0x194/0x410 [ 398.299357] worker_thread+0x85/0xb60 [ 398.299368] ? __kthread_parkme+0x47/0x1a0 [ 398.299429] kthread+0x334/0x3f0 [ 398.299435] ? process_one_work+0x1630/0x1630 [ 398.308143] ? kthread_mod_delayed_work+0x190/0x190 [ 398.308153] ret_from_fork+0x3a/0x50 [ 398.308168] [ 398.308172] Allocated by task 2006: [ 398.308181] save_stack+0x21/0x90 [ 398.308186] __kasan_kmalloc.constprop.9+0xc7/0xd0 [ 398.308191] kasan_kmalloc+0x9/0x10 [ 398.308196] kmem_cache_alloc_trace+0x15b/0x780 [ 398.308202] __rdma_create_id+0x5d/0x510 [ 398.308253] ucma_create_id+0x199/0x550 [ 398.308258] ucma_write+0x206/0x2e0 [ 398.316721] kobject: 'loop3' (00000000f7f45b48): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 398.321177] __vfs_write+0x61/0x110 [ 398.321183] vfs_write+0x18a/0x520 [ 398.321188] ksys_write+0x197/0x220 [ 398.321193] __x64_sys_write+0x6e/0xb0 [ 398.321226] do_syscall_64+0xd0/0x600 [ 398.321233] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 398.327853] kobject: 'loop4' (00000000e827ab93): kobject_uevent_env [ 398.328983] [ 398.328987] Freed by task 2005: [ 398.328996] save_stack+0x21/0x90 [ 398.329002] __kasan_slab_free+0x102/0x150 [ 398.329006] kasan_slab_free+0xe/0x10 [ 398.329010] kfree+0x108/0x2c0 [ 398.329018] rdma_destroy_id+0x612/0xa00 [ 398.329023] ucma_close+0x101/0x2d0 [ 398.329027] __fput+0x25d/0x780 [ 398.329031] ____fput+0x9/0x10 [ 398.329038] task_work_run+0x10e/0x190 [ 398.329045] exit_to_usermode_loop+0x1be/0x210 [ 398.329050] do_syscall_64+0x50b/0x600 [ 398.329056] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 398.329058] [ 398.329063] The buggy address belongs to the object at ffff88808a926000 [ 398.329063] which belongs to the cache kmalloc-2k of size 2048 [ 398.329068] The buggy address is located 904 bytes inside of [ 398.329068] 2048-byte region [ffff88808a926000, ffff88808a926800) [ 398.329071] The buggy address belongs to the page: [ 398.329076] page:ffffea00022a4980 refcount:1 mapcount:0 mapping:ffff8880aa800e00 index:0x0 [ 398.329083] raw: 01fffc0000000200 ffffea00025b2808 ffffea00024f6888 ffff8880aa800e00 [ 398.333592] kobject: 'loop4' (00000000e827ab93): fill_kobj_path: path = '/devices/virtual/block/loop4' [ 398.336688] raw: 0000000000000000 ffff88808a926000 0000000100000001 0000000000000000 [ 398.336692] page dumped because: kasan: bad access detected [ 398.336695] [ 398.336698] Memory state around the buggy address: [ 398.336703] ffff88808a926280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 398.336707] ffff88808a926300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 398.336711] >ffff88808a926380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 398.336715] ^ [ 398.336719] ffff88808a926400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 398.336723] ffff88808a926480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 398.336726] ================================================================== [ 398.336729] Disabling lock debugging due to kernel taint [ 398.344519] Kernel panic - not syncing: panic_on_warn set ... [ 398.350574] kobject: 'loop3' (00000000f7f45b48): kobject_uevent_env [ 398.351578] CPU: 0 PID: 21 Comm: kworker/u4:1 Tainted: G B 5.5.0-rc2-syzkaller #0 [ 398.351581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 398.351590] Workqueue: ib_addr process_one_req [ 398.351594] Call Trace: [ 398.351602] dump_stack+0x12d/0x187 [ 398.351610] ? __mutex_lock+0xff0/0x1410 [ 398.351695] panic+0x22a/0x4f5 [ 398.385985] kobject: 'loop3' (00000000f7f45b48): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 398.394176] ? add_taint.cold.7+0x11/0x11 [ 398.394184] ? ___preempt_schedule+0x16/0x18 [ 398.394193] ? __mutex_lock+0x108f/0x1410 [ 398.394198] end_report+0x47/0x4f [ 398.394202] __kasan_report.cold.11+0xe/0x3a [ 398.394206] ? __mutex_lock+0x108f/0x1410 [ 398.394210] ? __mutex_lock+0x108f/0x1410 [ 398.394214] kasan_report+0x12/0x20 [ 398.394218] __asan_report_load8_noabort+0x14/0x20 [ 398.394221] __mutex_lock+0x108f/0x1410 [ 398.394229] ? addr_handler+0xac/0x300 [ 398.406067] kobject: 'loop5' (00000000eee5159e): kobject_uevent_env [ 398.408914] ? mutex_lock_io_nested+0x1280/0x1280 [ 398.408922] ? __kasan_check_read+0x11/0x20 [ 398.408928] ? mark_lock+0xc5/0x11d0 [ 398.408933] ? __kasan_check_read+0x11/0x20 [ 398.408937] ? __kasan_check_read+0x11/0x20 [ 398.408943] ? __lock_acquire+0x100f/0x4ef0 [ 398.415547] kobject: 'loop5' (00000000eee5159e): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 398.417942] ? __kasan_check_read+0x11/0x20 [ 398.417953] mutex_lock_nested+0x16/0x20 [ 398.417957] ? mutex_lock_nested+0x16/0x20 [ 398.417963] addr_handler+0xac/0x300 [ 398.417968] ? cma_work_handler+0x1c0/0x1c0 [ 398.417983] ? cma_work_handler+0x1c0/0x1c0 [ 398.439566] kobject: 'loop2' (0000000097ce1821): kobject_uevent_env [ 398.440700] process_one_req+0xdf/0x610 [ 398.440709] process_one_work+0x85b/0x1630 [ 398.440717] ? pwq_dec_nr_in_flight+0x2c0/0x2c0 [ 398.440721] ? lock_acquire+0x194/0x410 [ 398.440730] worker_thread+0x85/0xb60 [ 398.440735] ? __kthread_parkme+0x47/0x1a0 [ 398.440742] kthread+0x334/0x3f0 [ 398.448880] kobject: 'loop2' (0000000097ce1821): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 398.451773] ? process_one_work+0x1630/0x1630 [ 398.451779] ? kthread_mod_delayed_work+0x190/0x190 [ 398.451786] ret_from_fork+0x3a/0x50 [ 398.453352] Kernel Offset: disabled [ 398.839731] Rebooting in 86400 seconds..