[ 36.934108] audit: type=1400 audit(1575455821.843:37): avc: denied { map } for pid=6684 comm="syz-fuzzer" path="/root/syzkaller-shm619969505" dev="sda1" ino=16483 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 [ 37.180991] IPVS: ftp: loaded support on port[0] = 21 [ 38.339138] can: request_module (can-proto-0) failed. [ 38.348730] can: request_module (can-proto-0) failed. [ 38.502450] audit: type=1400 audit(1575455823.413:38): avc: denied { create } for pid=6684 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 [ 38.526454] audit: type=1400 audit(1575455823.413:39): avc: denied { create } for pid=6684 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 38.550341] audit: type=1400 audit(1575455823.413:40): avc: denied { create } for pid=6684 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 38.811778] random: sshd: uninitialized urandom read (32 bytes read) [ 39.593809] random: sshd: uninitialized urandom read (32 bytes read) [ 39.799344] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.242' (ECDSA) to the list of known hosts. 2019/12/04 10:37:11 parsed 1 programs 2019/12/04 10:37:11 executed programs: 0 [ 46.761131] IPVS: ftp: loaded support on port[0] = 21 [ 47.566095] IPVS: ftp: loaded support on port[0] = 21 [ 47.608931] chnl_net:caif_netlink_parms(): no params data found [ 47.632789] IPVS: ftp: loaded support on port[0] = 21 [ 47.683563] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.689972] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.696832] device bridge_slave_0 entered promiscuous mode [ 47.705306] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.711685] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.718419] device bridge_slave_1 entered promiscuous mode [ 47.735163] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 47.743353] chnl_net:caif_netlink_parms(): no params data found [ 47.755949] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 47.777083] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 47.784307] team0: Port device team_slave_0 added [ 47.794556] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 47.801584] team0: Port device team_slave_1 added [ 47.808291] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 47.817340] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 47.827968] IPVS: ftp: loaded support on port[0] = 21 [ 47.912342] device hsr_slave_0 entered promiscuous mode [ 47.950343] device hsr_slave_1 entered promiscuous mode [ 48.004307] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 48.013341] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 48.026013] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.033624] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.040619] device bridge_slave_0 entered promiscuous mode [ 48.047267] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.053815] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.060761] device bridge_slave_1 entered promiscuous mode [ 48.084440] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 48.095376] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 48.156039] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 48.163245] team0: Port device team_slave_0 added [ 48.170343] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 48.177298] team0: Port device team_slave_1 added [ 48.187047] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 48.194754] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.201226] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.208033] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.214408] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.231365] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 48.238783] chnl_net:caif_netlink_parms(): no params data found [ 48.247359] IPVS: ftp: loaded support on port[0] = 21 [ 48.352009] device hsr_slave_0 entered promiscuous mode [ 48.400626] device hsr_slave_1 entered promiscuous mode [ 48.440683] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 48.447566] chnl_net:caif_netlink_parms(): no params data found [ 48.464846] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 48.479975] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.486443] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.493512] device bridge_slave_0 entered promiscuous mode [ 48.508181] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.515482] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.523535] device bridge_slave_1 entered promiscuous mode [ 48.536999] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.543368] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.550161] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.556522] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.570436] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 48.576608] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.586331] IPVS: ftp: loaded support on port[0] = 21 [ 48.618422] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 48.640521] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 48.652857] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 48.662023] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.679232] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.686271] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 48.695830] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.702464] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.709754] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.716254] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.723161] device bridge_slave_0 entered promiscuous mode [ 48.736087] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 48.747011] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.753653] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.761179] device bridge_slave_1 entered promiscuous mode [ 48.785108] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 48.792860] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 48.807719] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 48.814890] team0: Port device team_slave_0 added [ 48.822611] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 48.829603] team0: Port device team_slave_1 added [ 48.838993] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 48.857880] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 48.864060] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.874680] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 48.884460] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 48.892532] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 48.914440] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 48.973133] device hsr_slave_0 entered promiscuous mode [ 49.010599] device hsr_slave_1 entered promiscuous mode [ 49.071415] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.079235] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.087208] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.093581] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.108960] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 49.117826] chnl_net:caif_netlink_parms(): no params data found [ 49.132445] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 49.139334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.147663] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.155291] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.161674] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.168845] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 49.176420] team0: Port device team_slave_0 added [ 49.183899] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 49.191362] team0: Port device team_slave_1 added [ 49.198686] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 49.209891] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 49.223087] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.234803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 49.247121] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.262862] 8021q: adding VLAN 0 to HW filter on device bond0 [ 49.284291] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 49.306156] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.313945] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.321421] device bridge_slave_0 entered promiscuous mode [ 49.327888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 49.393292] device hsr_slave_0 entered promiscuous mode [ 49.432164] device hsr_slave_1 entered promiscuous mode [ 49.490732] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 49.498164] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 49.507231] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.514080] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.521083] device bridge_slave_1 entered promiscuous mode [ 49.534015] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 49.563194] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 49.583556] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 49.596772] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 49.615383] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 49.623332] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 49.631412] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 49.639381] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 49.647832] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 49.657016] chnl_net:caif_netlink_parms(): no params data found [ 49.674642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 49.681601] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 49.695434] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 49.701858] 8021q: adding VLAN 0 to HW filter on device team0 [ 49.711325] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 49.738307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 49.746125] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 49.754405] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 49.762629] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 49.769661] team0: Port device team_slave_0 added [ 49.777028] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 49.785111] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 49.792650] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.799017] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.805908] device bridge_slave_0 entered promiscuous mode [ 49.812487] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.820819] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.828331] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.834695] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.842061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 49.849411] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 49.857506] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 49.864565] team0: Port device team_slave_1 added [ 49.869890] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.881698] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.888091] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.896874] device bridge_slave_1 entered promiscuous mode [ 49.904122] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 49.917925] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 49.924945] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.941516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.949209] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.956931] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.963281] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.970090] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 49.977480] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 49.994868] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 50.004703] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 50.012590] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 50.062005] device hsr_slave_0 entered promiscuous mode [ 50.100565] device hsr_slave_1 entered promiscuous mode [ 50.160947] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 50.168314] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 50.178552] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 50.198104] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 50.206608] team0: Port device team_slave_0 added [ 50.212293] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 50.219373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 50.229064] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 50.242492] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 50.249501] team0: Port device team_slave_1 added [ 50.255671] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 50.263790] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 50.281211] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 50.288717] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 50.297359] 8021q: adding VLAN 0 to HW filter on device bond0 [ 50.307515] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 50.314743] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 50.322310] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 50.329677] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 50.337516] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 50.345115] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 50.354334] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 50.367377] 8021q: adding VLAN 0 to HW filter on device bond0 [ 50.375626] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 50.384585] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 50.395187] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 50.444036] device hsr_slave_0 entered promiscuous mode [ 50.480624] device hsr_slave_1 entered promiscuous mode [ 50.542938] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 50.549493] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 50.556859] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 50.564810] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 50.571944] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 50.578736] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 50.588115] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 50.595780] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 50.605590] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 50.612370] 8021q: adding VLAN 0 to HW filter on device team0 [ 50.619428] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 50.633390] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 50.641962] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 50.649605] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 50.656772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 50.664133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 50.671832] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 50.680993] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 50.689278] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 50.697931] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 50.706597] 8021q: adding VLAN 0 to HW filter on device team0 [ 50.721830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 50.733327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 50.742172] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 50.749728] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.756087] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.763537] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 50.772280] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 50.779732] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.786096] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.795048] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 50.803669] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 50.812552] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 50.824209] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.831574] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 50.839077] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 50.848886] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 50.856438] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.863575] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.881043] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 50.892549] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 50.904724] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 50.912952] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.919958] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 50.932208] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 50.939849] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 50.947593] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.953958] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.962752] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 50.976622] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 50.984603] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 50.995466] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 51.003468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 51.013512] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 51.022866] 8021q: adding VLAN 0 to HW filter on device bond0 [ 51.037176] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 51.044386] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 51.055824] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 51.064155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 51.072008] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 51.080760] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 51.093896] 8021q: adding VLAN 0 to HW filter on device bond0 [ 51.102346] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 51.114949] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 51.121455] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 51.128977] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 51.137484] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 51.144339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 51.151779] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 51.159205] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 51.166987] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 51.176977] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 51.184674] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 51.192025] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 51.199452] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 51.208972] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 51.216854] 8021q: adding VLAN 0 to HW filter on device team0 [ 51.224344] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 51.238918] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 51.247010] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 51.263382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 51.271300] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 51.279292] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 51.288820] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 51.304625] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 51.313428] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 51.323342] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 51.329358] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 51.338958] ================================================================== [ 51.341291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 51.346482] BUG: KASAN: slab-out-of-bounds in bpf_skb_change_tail+0xa77/0xd50 [ 51.354342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 51.360809] Read of size 8 at addr ffff888094d6e490 by task syz-executor.2/6820 [ 51.360811] [ 51.360817] CPU: 1 PID: 6820 Comm: syz-executor.2 Not tainted 4.14.157-syzkaller #0 [ 51.360820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 51.360823] Call Trace: [ 51.360842] dump_stack+0xf7/0x13b [ 51.360850] ? bpf_skb_change_tail+0xa77/0xd50 [ 51.368371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 51.375299] print_address_description.cold.7+0x9/0x1c9 [ 51.375306] ? bpf_skb_change_tail+0xa77/0xd50 [ 51.375310] kasan_report.cold.8+0x11a/0x2d3 [ 51.375318] __asan_report_load8_noabort+0x14/0x20 [ 51.375323] bpf_skb_change_tail+0xa77/0xd50 [ 51.379805] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 51.384758] ? __lock_acquire+0x6a4/0x4500 [ 51.384765] ? __build_skb+0x2a/0x2b0 [ 51.384780] bpf_prog_6b83fbf63565f5a7+0x531/0x1000 [ 51.384791] ? trace_hardirqs_on+0x10/0x10 [ 51.397739] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 51.400225] ? trace_hardirqs_off+0x10/0x10 [ 51.400233] ? find_held_lock+0x36/0x1d0 [ 51.400246] ? bpf_test_run+0x32/0x2d0 [ 51.400251] ? lock_downgrade+0x7f0/0x7f0 [ 51.400328] ? lock_acquire+0x173/0x400 [ 51.406795] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 51.411430] ? bpf_test_run+0x159/0x2d0 [ 51.411440] ? bpf_test_run+0x8a/0x2d0 [ 51.411447] ? eth_gro_receive+0x880/0x880 [ 51.411457] ? bpf_prog_test_run_skb+0x58a/0xbc0 [ 51.417330] kasan: CONFIG_KASAN_INLINE enabled [ 51.421372] ? bpf_test_init.isra.6+0xa0/0xa0 [ 51.421383] ? __bpf_prog_get+0x128/0x170 [ 51.421389] ? SyS_bpf+0x97e/0x28c3 [ 51.421396] ? bpf_prog_get+0x10/0x10 [ 51.421403] ? kasan_check_read+0x11/0x20 [ 51.421411] ? _copy_to_user+0x91/0xb0 [ 51.421419] ? put_timespec64+0xa4/0xf0 [ 51.421425] ? nsecs_to_jiffies+0x20/0x20 [ 51.421434] ? SyS_clock_gettime+0x115/0x160 [ 51.425893] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 51.430806] ? do_syscall_64+0x4c/0x5b0 [ 51.430813] ? bpf_prog_get+0x10/0x10 [ 51.430818] ? do_syscall_64+0x1c7/0x5b0 [ 51.430822] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 51.435208] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 51.441687] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 51.446597] Modules linked in: [ 51.450398] [ 51.459702] Allocated by task 0: [ 51.466606] CPU: 0 PID: 6818 Comm: syz-executor.1 Not tainted 4.14.157-syzkaller #0 [ 51.470899] (stack is not available) [ 51.474941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 51.478800] [ 51.482932] task: ffff8880963c0080 task.stack: ffff88807d4e0000 [ 51.486884] Freed by task 0: [ 51.486886] (stack is not available) [ 51.492848] RIP: 0010:bpf_skb_change_tail+0x53/0xd50 [ 51.496788] [ 51.500657] RSP: 0018:ffff88807d4e7928 EFLAGS: 00010206 [ 51.504867] The buggy address belongs to the object at ffff888094d6e400 [ 51.504867] which belongs to the cache skbuff_head_cache of size 232 [ 51.514147] The buggy address is located 144 bytes inside of [ 51.514147] 232-byte region [ffff888094d6e400, ffff888094d6e4e8) [ 51.514149] The buggy address belongs to the page: [ 51.518617] RAX: dffffc0000000000 RBX: ffff8880a95dc340 RCX: 0000000000000048 [ 51.518620] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000241 [ 51.522830] page:ffffea0002535b80 count:1 mapcount:0 mapping:ffff888094d6e040 index:0x0 [ 51.526602] RBP: ffff88807d4e7980 R08: ffff8880963c0920 R09: 0000000000000000 [ 51.534506] R10: 0000000000000000 R11: ffff8880963c0080 R12: 0000000000000019 [ 51.538368] flags: 0x1fffc0000000100(slab) [ 51.542328] R13: 0000000000000018 R14: ffffc90005ed4000 R15: ffff8880a95dc540 [ 51.546459] raw: 01fffc0000000100 ffff888094d6e040 0000000000000000 000000010000000c [ 51.550998] FS: 00007f80dabec700(0000) GS:ffff8880aee00000(0000) knlGS:0000000000000000 [ 51.558342] raw: ffffea0001f52a60 ffffea000257a1a0 ffff8880a9e19a80 0000000000000000 [ 51.562284] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 51.566055] page dumped because: kasan: bad access detected [ 51.570095] CR2: 000000000075c091 CR3: 0000000097591000 CR4: 00000000001406f0 [ 51.574911] [ 51.581122] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 51.586454] Memory state around the buggy address: [ 51.586459] ffff888094d6e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.589624] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 51.591224] ffff888094d6e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.594563] Call Trace: [ 51.602326] >ffff888094d6e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.606041] ? __lock_acquire+0x6a4/0x4500 [ 51.615358] ^ [ 51.616968] ? __build_skb+0x2a/0x2b0 [ 51.623179] ffff888094d6e500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.626183] bpf_prog_6b83fbf63565f5a7+0x5e6/0x1000 [ 51.629859] ffff888094d6e580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.634942] ? trace_hardirqs_on+0x10/0x10 [ 51.636537] ================================================================== [ 51.641890] ? trace_hardirqs_off+0x10/0x10 [ 51.656269] Kernel panic - not syncing: panic_on_warn set ... [ 51.656269] [ 51.667400] ? find_held_lock+0x36/0x1d0 [ 51.868002] ? bpf_test_run+0x32/0x2d0 [ 51.871897] ? lock_downgrade+0x7f0/0x7f0 [ 51.876022] ? lock_acquire+0x173/0x400 [ 51.879975] ? bpf_test_run+0x159/0x2d0 [ 51.883933] ? bpf_test_run+0x8a/0x2d0 [ 51.887814] ? eth_gro_receive+0x880/0x880 [ 51.892055] ? bpf_prog_test_run_skb+0x58a/0xbc0 [ 51.896803] ? bpf_test_init.isra.6+0xa0/0xa0 [ 51.901391] ? __bpf_prog_get+0x128/0x170 [ 51.905540] ? SyS_bpf+0x97e/0x28c3 [ 51.909151] ? bpf_prog_get+0x10/0x10 [ 51.912948] ? kasan_check_read+0x11/0x20 [ 51.917193] ? _copy_to_user+0x91/0xb0 [ 51.921188] ? put_timespec64+0xa4/0xf0 [ 51.925287] ? nsecs_to_jiffies+0x20/0x20 [ 51.929425] ? SyS_clock_gettime+0x115/0x160 [ 51.933824] ? do_syscall_64+0x4c/0x5b0 [ 51.937803] ? bpf_prog_get+0x10/0x10 [ 51.941592] ? do_syscall_64+0x1c7/0x5b0 [ 51.945789] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 51.950630] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 51.956098] Code: 48 c1 e9 03 80 3c 01 00 0f 85 38 0a 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b 63 10 49 8d bc 24 28 02 00 00 48 89 f9 48 c1 e9 03 <0f> b6 04 01 84 c0 74 08 3c 03 0f 8e b9 08 00 00 49 8d bc 24 36 [ 51.975236] RIP: bpf_skb_change_tail+0x53/0xd50 RSP: ffff88807d4e7928 [ 51.983611] Kernel Offset: disabled [ 51.987310] Rebooting in 86400 seconds..