[ 54.094656][ T26] audit: type=1400 audit(1558472818.805:37): avc: denied { create } for pid=7629 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 [ 54.118931][ T26] audit: type=1400 audit(1558472818.805:38): avc: denied { create } for pid=7629 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 54.143182][ T26] audit: type=1400 audit(1558472818.805:39): avc: denied { create } for pid=7629 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 Warning: Permanently added '10.128.0.178' (ECDSA) to the list of known hosts. 2019/05/21 21:07:06 parsed 1 programs 2019/05/21 21:07:06 executed programs: 0 [ 62.235586][ T7721] IPVS: ftp: loaded support on port[0] = 21 [ 62.249188][ T7724] IPVS: ftp: loaded support on port[0] = 21 [ 62.254369][ T7725] IPVS: ftp: loaded support on port[0] = 21 [ 62.306108][ T7728] IPVS: ftp: loaded support on port[0] = 21 [ 62.327411][ T7729] IPVS: ftp: loaded support on port[0] = 21 [ 62.349932][ T7731] IPVS: ftp: loaded support on port[0] = 21 [ 62.459465][ T7721] chnl_net:caif_netlink_parms(): no params data found [ 62.503349][ T7725] chnl_net:caif_netlink_parms(): no params data found [ 62.527891][ T7724] chnl_net:caif_netlink_parms(): no params data found [ 62.551265][ T7721] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.559184][ T7721] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.566985][ T7721] device bridge_slave_0 entered promiscuous mode [ 62.575429][ T7721] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.583093][ T7721] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.590589][ T7721] device bridge_slave_1 entered promiscuous mode [ 62.623980][ T7725] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.631188][ T7725] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.638905][ T7725] device bridge_slave_0 entered promiscuous mode [ 62.648297][ T7725] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.655416][ T7725] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.663326][ T7725] device bridge_slave_1 entered promiscuous mode [ 62.685268][ T7728] chnl_net:caif_netlink_parms(): no params data found [ 62.700321][ T7721] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 62.710048][ T7725] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 62.724652][ T7729] chnl_net:caif_netlink_parms(): no params data found [ 62.744349][ T7721] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 62.754064][ T7725] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 62.778580][ T7725] team0: Port device team_slave_0 added [ 62.810940][ T7721] team0: Port device team_slave_0 added [ 62.820900][ T7725] team0: Port device team_slave_1 added [ 62.838773][ T7728] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.847846][ T7728] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.855366][ T7728] device bridge_slave_0 entered promiscuous mode [ 62.863345][ T7721] team0: Port device team_slave_1 added [ 62.869069][ T7728] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.876663][ T7728] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.884597][ T7728] device bridge_slave_1 entered promiscuous mode [ 62.891387][ T7724] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.899067][ T7724] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.908336][ T7724] device bridge_slave_0 entered promiscuous mode [ 62.917258][ T7724] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.924375][ T7724] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.931997][ T7724] device bridge_slave_1 entered promiscuous mode [ 62.953950][ T7729] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.961011][ T7729] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.968863][ T7729] device bridge_slave_0 entered promiscuous mode [ 62.990364][ T7728] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 63.003251][ T7724] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 63.073677][ T7721] device hsr_slave_0 entered promiscuous mode [ 63.122163][ T7721] device hsr_slave_1 entered promiscuous mode [ 63.162287][ T7729] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.169366][ T7729] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.177184][ T7729] device bridge_slave_1 entered promiscuous mode [ 63.184260][ T7731] chnl_net:caif_netlink_parms(): no params data found [ 63.263218][ T7725] device hsr_slave_0 entered promiscuous mode [ 63.312183][ T7725] device hsr_slave_1 entered promiscuous mode [ 63.353274][ T7728] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 63.362877][ T7724] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 63.400680][ T7721] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.407920][ T7721] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.415682][ T7721] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.422783][ T7721] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.447557][ T7729] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 63.457179][ T7729] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 63.469131][ T7724] team0: Port device team_slave_0 added [ 63.476252][ T7724] team0: Port device team_slave_1 added [ 63.485152][ T7728] team0: Port device team_slave_0 added [ 63.494502][ T7728] team0: Port device team_slave_1 added [ 63.507582][ T2858] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.515352][ T2858] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.536940][ T7731] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.544980][ T7731] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.552609][ T7731] device bridge_slave_0 entered promiscuous mode [ 63.560878][ T7731] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.568016][ T7731] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.575832][ T7731] device bridge_slave_1 entered promiscuous mode [ 63.643218][ T7724] device hsr_slave_0 entered promiscuous mode [ 63.712189][ T7724] device hsr_slave_1 entered promiscuous mode [ 63.763466][ T7729] team0: Port device team_slave_0 added [ 63.770577][ T7731] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 63.814102][ T7728] device hsr_slave_0 entered promiscuous mode [ 63.862192][ T7728] device hsr_slave_1 entered promiscuous mode [ 63.905280][ T7729] team0: Port device team_slave_1 added [ 63.913183][ T7731] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 63.995060][ T7729] device hsr_slave_0 entered promiscuous mode [ 64.042340][ T7729] device hsr_slave_1 entered promiscuous mode [ 64.110662][ T7731] team0: Port device team_slave_0 added [ 64.117929][ T7731] team0: Port device team_slave_1 added [ 64.136492][ T7721] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.158199][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 64.167908][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 64.186630][ T7721] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.199280][ T7725] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.233806][ T7731] device hsr_slave_0 entered promiscuous mode [ 64.272106][ T7731] device hsr_slave_1 entered promiscuous mode [ 64.340320][ T7725] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.349650][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 64.357459][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 64.365563][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 64.374507][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 64.382740][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.389778][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.419700][ T7729] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.429966][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 64.439300][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 64.447720][ T2858] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.454777][ T2858] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.463383][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 64.471683][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 64.480055][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 64.488480][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 64.497087][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 64.510717][ T7724] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.528853][ T7728] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.539584][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 64.548562][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 64.557325][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.564515][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.572020][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 64.580407][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 64.588802][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.595866][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.603502][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 64.611081][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 64.618763][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 64.627139][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 64.636080][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 64.645618][ T7729] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.659325][ T7721] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 64.671173][ T7721] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 64.686821][ T7728] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.697173][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 64.706055][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 64.715157][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 64.725052][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 64.733502][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 64.741011][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 64.748678][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 64.757234][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 64.782781][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 64.791241][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 64.799735][ T3486] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.806816][ T3486] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.815170][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 64.824286][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 64.832653][ T3486] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.839721][ T3486] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.847196][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 64.856038][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 64.867156][ T7721] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.881340][ T7731] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.894004][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 64.907594][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 64.915225][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 64.923999][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 64.932584][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 64.940721][ T2858] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.947897][ T2858] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.955633][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 64.964470][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 64.979298][ T7724] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.987838][ T7737] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 64.996929][ T7737] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 65.006047][ T7737] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 65.014786][ T7737] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 65.023061][ T7737] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 65.031434][ T7737] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 65.039733][ T7737] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 65.047331][ T7737] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 65.061277][ T7725] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 65.072483][ T7725] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 65.090188][ T7729] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 65.101494][ T7729] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 65.115518][ T7740] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 65.126082][ T7740] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 65.134906][ T7740] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.141991][ T7740] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.149495][ T7740] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 65.158122][ T7740] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 65.166347][ T7740] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 65.174632][ T7740] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 65.183120][ T7740] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 65.190716][ T7740] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 65.198353][ T7740] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 65.206871][ T7740] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 65.215123][ T7740] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 65.224097][ T7740] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 65.232474][ T7740] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 65.240587][ T7740] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 65.248775][ T7740] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 65.257317][ T7740] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 65.265553][ T7740] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.272625][ T7740] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.280519][ T7740] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 65.288466][ T7740] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 65.296028][ T7740] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 65.331926][ T26] audit: type=1400 audit(1558472830.035:40): avc: denied { associate } for pid=7721 comm="syz-executor.2" name="syz2" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 65.363641][ T7731] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.370464][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 65.381581][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 65.390424][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 65.399289][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 65.408050][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 65.416794][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 65.425334][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 65.433674][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 65.441942][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 65.450215][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 65.458835][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 65.467805][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 65.476380][ T3486] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.483467][ T3486] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.491094][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 65.499803][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 65.508331][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 65.516798][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 65.525338][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 65.534330][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 65.542852][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 65.551028][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 65.559462][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 65.567076][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 65.577319][ T7725] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.590653][ T7729] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.601206][ T7724] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 65.639400][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 65.652867][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 65.665377][ T7751] ================================================================== [ 65.673467][ T7751] BUG: KASAN: slab-out-of-bounds in __lock_acquire+0x3c15/0x55b0 [ 65.681172][ T7751] Read of size 8 at addr ffff8880a52b5f40 by task syz-executor.2/7751 [ 65.689319][ T7751] [ 65.691628][ T7751] CPU: 0 PID: 7751 Comm: syz-executor.2 Not tainted 5.1.0+ #1 [ 65.699156][ T7751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 65.709187][ T7751] Call Trace: [ 65.712457][ T7751] dump_stack+0x113/0x167 [ 65.716787][ T7751] print_address_description.cold.5+0x9/0x1ff [ 65.722830][ T7751] ? __lock_acquire+0x3c15/0x55b0 [ 65.727831][ T7751] __kasan_report.cold.6+0x1b/0x39 [ 65.732925][ T7751] ? __lock_acquire+0x3c15/0x55b0 [ 65.737924][ T7751] ? __lock_acquire+0x3c15/0x55b0 [ 65.742917][ T7751] kasan_report+0x12/0x20 [ 65.747212][ T7751] __asan_report_load8_noabort+0x14/0x20 [ 65.752819][ T7751] __lock_acquire+0x3c15/0x55b0 [ 65.757647][ T7751] ? netlink_rcv_skb+0x13c/0x380 [ 65.762575][ T7751] ? sock_diag_rcv+0x25/0x40 [ 65.767167][ T7751] ? netlink_unicast+0x43f/0x630 [ 65.772074][ T7751] ? netlink_sendmsg+0x765/0xc50 [ 65.777097][ T7751] ? sock_sendmsg+0xb5/0xf0 [ 65.781689][ T7751] ? ___sys_sendmsg+0x647/0x950 [ 65.786511][ T7751] ? __sys_sendmsg+0xd9/0x180 [ 65.791153][ T7751] ? __x64_sys_sendmsg+0x73/0xb0 [ 65.796072][ T7751] ? do_syscall_64+0xd0/0x530 [ 65.800720][ T7751] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 65.806765][ T7751] ? mark_held_locks+0x130/0x130 [ 65.811674][ T7751] ? find_held_lock+0x36/0x1d0 [ 65.816410][ T7751] ? mark_held_locks+0xb8/0x130 [ 65.821231][ T7751] lock_acquire+0x173/0x3d0 [ 65.825705][ T7751] ? rhashtable_walk_enter+0xf4/0x300 [ 65.831055][ T7751] _raw_spin_lock+0x2d/0x40 [ 65.835533][ T7751] ? rhashtable_walk_enter+0xf4/0x300 [ 65.840875][ T7751] rhashtable_walk_enter+0xf4/0x300 [ 65.846045][ T7751] __tipc_dump_start+0x1bb/0x2c0 [ 65.850957][ T7751] tipc_dump_start+0x6e/0x90 [ 65.855518][ T7751] __netlink_dump_start+0x482/0x810 [ 65.860688][ T7751] tipc_sock_diag_handler_dump+0x186/0x260 [ 65.866468][ T7751] ? __tipc_diag_gen_cookie+0x90/0x90 [ 65.871817][ T7751] ? __tipc_dump_start+0x2c0/0x2c0 [ 65.876903][ T7751] ? tipc_unregister_sysctl+0x20/0x20 [ 65.882247][ T7751] ? tipc_ioctl+0x230/0x230 [ 65.886721][ T7751] sock_diag_rcv_msg+0x289/0x370 [ 65.891626][ T7751] netlink_rcv_skb+0x13c/0x380 [ 65.896366][ T7751] ? sock_diag_bind+0x50/0x50 [ 65.901028][ T7751] ? netlink_ack+0x970/0x970 [ 65.905590][ T7751] sock_diag_rcv+0x25/0x40 [ 65.909973][ T7751] netlink_unicast+0x43f/0x630 [ 65.914713][ T7751] ? netlink_attachskb+0x6d0/0x6d0 [ 65.919798][ T7751] ? _copy_from_iter_full+0x19e/0x7f0 [ 65.925155][ T7751] netlink_sendmsg+0x765/0xc50 [ 65.929890][ T7751] ? netlink_unicast+0x630/0x630 [ 65.934801][ T7751] ? copy_msghdr_from_user+0x20b/0x3e0 [ 65.940245][ T7751] ? tomoyo_socket_sendmsg+0x9/0x10 [ 65.945413][ T7751] ? netlink_unicast+0x630/0x630 [ 65.950317][ T7751] sock_sendmsg+0xb5/0xf0 [ 65.954620][ T7751] ___sys_sendmsg+0x647/0x950 [ 65.959275][ T7751] ? find_held_lock+0x36/0x1d0 [ 65.964036][ T7751] ? copy_msghdr_from_user+0x3e0/0x3e0 [ 65.969482][ T7751] ? __fget+0x292/0x420 [ 65.973622][ T7751] ? lock_downgrade+0x860/0x860 [ 65.978446][ T7751] ? kasan_check_read+0x11/0x20 [ 65.983269][ T7751] ? __fget+0x2af/0x420 [ 65.987404][ T7751] ? ksys_dup3+0x2e0/0x2e0 [ 65.991792][ T7751] ? find_held_lock+0x36/0x1d0 [ 65.996634][ T7751] ? __fget_light+0x179/0x1f0 [ 66.001289][ T7751] ? lock_downgrade+0x860/0x860 [ 66.006108][ T7751] ? __fdget+0xe/0x10 [ 66.010063][ T7751] __sys_sendmsg+0xd9/0x180 [ 66.014545][ T7751] ? __ia32_sys_shutdown+0x70/0x70 [ 66.019635][ T7751] ? kasan_check_read+0x11/0x20 [ 66.024457][ T7751] ? _copy_to_user+0x91/0xb0 [ 66.029018][ T7751] ? put_timespec64+0xa9/0x100 [ 66.033756][ T7751] ? nsecs_to_jiffies+0x20/0x20 [ 66.038581][ T7751] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 66.044615][ T7751] __x64_sys_sendmsg+0x73/0xb0 [ 66.049346][ T7751] do_syscall_64+0xd0/0x530 [ 66.053823][ T7751] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 66.059689][ T7751] RIP: 0033:0x459279 [ 66.063551][ T7751] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 66.083133][ T7751] RSP: 002b:00007fab0ddb9c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 66.091519][ T7751] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459279 [ 66.099466][ T7751] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003 [ 66.107433][ T7751] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 66.115485][ T7751] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab0ddba6d4 [ 66.123434][ T7751] R13: 00000000004c6cdf R14: 00000000004dbb08 R15: 00000000ffffffff [ 66.131463][ T7751] [ 66.133767][ T7751] Allocated by task 19: [ 66.137900][ T7751] save_stack+0x21/0x90 [ 66.142021][ T7751] __kasan_kmalloc.constprop.8+0xc7/0xd0 [ 66.147617][ T7751] kasan_slab_alloc+0x12/0x20 [ 66.152263][ T7751] kmem_cache_alloc+0x11a/0x720 [ 66.157093][ T7751] shmem_alloc_inode+0x15/0x30 [ 66.161836][ T7751] alloc_inode+0x5c/0x1a0 [ 66.166136][ T7751] new_inode_pseudo+0xc/0xd0 [ 66.170692][ T7751] new_inode+0x14/0x30 [ 66.174735][ T7751] shmem_get_inode+0x67/0x790 [ 66.179385][ T7751] shmem_mknod+0x49/0x1a0 [ 66.183711][ T7751] vfs_mknod+0x3ba/0x630 [ 66.187928][ T7751] handle_create+0x1a7/0x4d0 [ 66.192589][ T7751] devtmpfsd+0x1ed/0x490 [ 66.196819][ T7751] kthread+0x324/0x3e0 [ 66.200854][ T7751] ret_from_fork+0x24/0x30 [ 66.205252][ T7751] [ 66.207603][ T7751] Freed by task 0: [ 66.211288][ T7751] (stack is not available) [ 66.215668][ T7751] [ 66.217988][ T7751] The buggy address belongs to the object at ffff8880a52b5a50 [ 66.217988][ T7751] which belongs to the cache shmem_inode_cache of size 1192 [ 66.232731][ T7751] The buggy address is located 72 bytes to the right of [ 66.232731][ T7751] 1192-byte region [ffff8880a52b5a50, ffff8880a52b5ef8) [ 66.246497][ T7751] The buggy address belongs to the page: [ 66.252104][ T7751] page:ffffea000294ad40 count:1 mapcount:0 mapping:ffff88821baa96c0 index:0xffff8880a52b5ffd [ 66.262244][ T7751] flags: 0x1fffc0000000200(slab) [ 66.267185][ T7751] raw: 01fffc0000000200 ffffea000294ac48 ffffea000294ae48 ffff88821baa96c0 [ 66.275751][ T7751] raw: ffff8880a52b5ffd ffff8880a52b5000 0000000100000003 0000000000000000 [ 66.284298][ T7751] page dumped because: kasan: bad access detected [ 66.290675][ T7751] [ 66.292991][ T7751] Memory state around the buggy address: [ 66.298594][ T7751] ffff8880a52b5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 66.306708][ T7751] ffff8880a52b5e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 66.314737][ T7751] >ffff8880a52b5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.322770][ T7751] ^ [ 66.328886][ T7751] ffff8880a52b5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.337455][ T7751] ffff8880a52b6000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc [ 66.345486][ T7751] ================================================================== [ 66.353518][ T7751] Disabling lock debugging due to kernel taint [ 66.359643][ T7751] Kernel panic - not syncing: panic_on_warn set ... [ 66.366195][ T7751] CPU: 0 PID: 7751 Comm: syz-executor.2 Tainted: G B 5.1.0+ #1 [ 66.375017][ T7751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 66.385063][ T7751] Call Trace: [ 66.388328][ T7751] dump_stack+0x113/0x167 [ 66.392634][ T7751] ? __lock_acquire+0x3b50/0x55b0 [ 66.397633][ T7751] panic+0x212/0x40b [ 66.401490][ T7751] ? __warn_printk+0xd6/0xd6 [ 66.406058][ T7751] ? lock_downgrade+0x860/0x860 [ 66.410878][ T7751] ? _raw_spin_unlock_irqrestore+0x63/0xd0 [ 66.416652][ T7751] ? kasan_check_read+0x11/0x20 [ 66.421480][ T7751] ? __lock_acquire+0x3c15/0x55b0 [ 66.426501][ T7751] end_report+0x47/0x4f [ 66.430626][ T7751] __kasan_report.cold.6+0xe/0x39 [ 66.435616][ T7751] ? __lock_acquire+0x3c15/0x55b0 [ 66.440603][ T7751] ? __lock_acquire+0x3c15/0x55b0 [ 66.445608][ T7751] kasan_report+0x12/0x20 [ 66.449900][ T7751] __asan_report_load8_noabort+0x14/0x20 [ 66.455497][ T7751] __lock_acquire+0x3c15/0x55b0 [ 66.460310][ T7751] ? netlink_rcv_skb+0x13c/0x380 [ 66.465214][ T7751] ? sock_diag_rcv+0x25/0x40 [ 66.469778][ T7751] ? netlink_unicast+0x43f/0x630 [ 66.474688][ T7751] ? netlink_sendmsg+0x765/0xc50 [ 66.479589][ T7751] ? sock_sendmsg+0xb5/0xf0 [ 66.484058][ T7751] ? ___sys_sendmsg+0x647/0x950 [ 66.488870][ T7751] ? __sys_sendmsg+0xd9/0x180 [ 66.493511][ T7751] ? __x64_sys_sendmsg+0x73/0xb0 [ 66.498418][ T7751] ? do_syscall_64+0xd0/0x530 [ 66.503061][ T7751] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 66.509097][ T7751] ? mark_held_locks+0x130/0x130 [ 66.514009][ T7751] ? find_held_lock+0x36/0x1d0 [ 66.518740][ T7751] ? mark_held_locks+0xb8/0x130 [ 66.523558][ T7751] lock_acquire+0x173/0x3d0 [ 66.528038][ T7751] ? rhashtable_walk_enter+0xf4/0x300 [ 66.533380][ T7751] _raw_spin_lock+0x2d/0x40 [ 66.537846][ T7751] ? rhashtable_walk_enter+0xf4/0x300 [ 66.543178][ T7751] rhashtable_walk_enter+0xf4/0x300 [ 66.548339][ T7751] __tipc_dump_start+0x1bb/0x2c0 [ 66.553250][ T7751] tipc_dump_start+0x6e/0x90 [ 66.557806][ T7751] __netlink_dump_start+0x482/0x810 [ 66.562968][ T7751] tipc_sock_diag_handler_dump+0x186/0x260 [ 66.568736][ T7751] ? __tipc_diag_gen_cookie+0x90/0x90 [ 66.574087][ T7751] ? __tipc_dump_start+0x2c0/0x2c0 [ 66.579163][ T7751] ? tipc_unregister_sysctl+0x20/0x20 [ 66.584512][ T7751] ? tipc_ioctl+0x230/0x230 [ 66.589001][ T7751] sock_diag_rcv_msg+0x289/0x370 [ 66.593906][ T7751] netlink_rcv_skb+0x13c/0x380 [ 66.598635][ T7751] ? sock_diag_bind+0x50/0x50 [ 66.603274][ T7751] ? netlink_ack+0x970/0x970 [ 66.607825][ T7751] sock_diag_rcv+0x25/0x40 [ 66.612212][ T7751] netlink_unicast+0x43f/0x630 [ 66.616966][ T7751] ? netlink_attachskb+0x6d0/0x6d0 [ 66.622043][ T7751] ? _copy_from_iter_full+0x19e/0x7f0 [ 66.627378][ T7751] netlink_sendmsg+0x765/0xc50 [ 66.632117][ T7751] ? netlink_unicast+0x630/0x630 [ 66.637042][ T7751] ? copy_msghdr_from_user+0x20b/0x3e0 [ 66.642477][ T7751] ? tomoyo_socket_sendmsg+0x9/0x10 [ 66.647645][ T7751] ? netlink_unicast+0x630/0x630 [ 66.652556][ T7751] sock_sendmsg+0xb5/0xf0 [ 66.656858][ T7751] ___sys_sendmsg+0x647/0x950 [ 66.661498][ T7751] ? find_held_lock+0x36/0x1d0 [ 66.666239][ T7751] ? copy_msghdr_from_user+0x3e0/0x3e0 [ 66.671663][ T7751] ? __fget+0x292/0x420 [ 66.675782][ T7751] ? lock_downgrade+0x860/0x860 [ 66.680595][ T7751] ? kasan_check_read+0x11/0x20 [ 66.685410][ T7751] ? __fget+0x2af/0x420 [ 66.689531][ T7751] ? ksys_dup3+0x2e0/0x2e0 [ 66.693910][ T7751] ? find_held_lock+0x36/0x1d0 [ 66.698639][ T7751] ? __fget_light+0x179/0x1f0 [ 66.703277][ T7751] ? lock_downgrade+0x860/0x860 [ 66.708092][ T7751] ? __fdget+0xe/0x10 [ 66.712048][ T7751] __sys_sendmsg+0xd9/0x180 [ 66.716572][ T7751] ? __ia32_sys_shutdown+0x70/0x70 [ 66.721650][ T7751] ? kasan_check_read+0x11/0x20 [ 66.726467][ T7751] ? _copy_to_user+0x91/0xb0 [ 66.731025][ T7751] ? put_timespec64+0xa9/0x100 [ 66.735757][ T7751] ? nsecs_to_jiffies+0x20/0x20 [ 66.740571][ T7751] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 66.746603][ T7751] __x64_sys_sendmsg+0x73/0xb0 [ 66.751349][ T7751] do_syscall_64+0xd0/0x530 [ 66.755850][ T7751] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 66.761719][ T7751] RIP: 0033:0x459279 [ 66.765581][ T7751] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 66.785152][ T7751] RSP: 002b:00007fab0ddb9c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 66.793528][ T7751] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459279 [ 66.801478][ T7751] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003 [ 66.809535][ T7751] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 66.817562][ T7751] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab0ddba6d4 [ 66.825527][ T7751] R13: 00000000004c6cdf R14: 00000000004dbb08 R15: 00000000ffffffff [ 66.834621][ T7751] Kernel Offset: disabled [ 66.838932][ T7751] Rebooting in 86400 seconds..