

Debian GNU/Linux 9 syzkaller ttyS0

syzkaller login: [   39.157016] audit: type=1400 audit(1597629366.813:8): avc:  denied  { execmem } for  pid=6292 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[   39.190534] IPVS: ftp: loaded support on port[0] = 21
[   39.623959] can: request_module (can-proto-0) failed.
[   39.633172] can: request_module (can-proto-0) failed.
[   39.641225] can: request_module (can-proto-0) failed.
[   39.669853] audit: type=1400 audit(1597629367.323:9): avc:  denied  { create } for  pid=6272 comm="syz-fuzzer" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dccp_socket permissive=1
Warning: Permanently added '10.128.15.202' (ECDSA) to the list of known hosts.
2020/08/17 01:56:14 parsed 1 programs
2020/08/17 01:56:14 executed programs: 0
[   47.245268] audit: type=1400 audit(1597629374.898:10): avc:  denied  { execmem } for  pid=6404 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[   47.311341] IPVS: ftp: loaded support on port[0] = 21
[   47.346058] IPVS: ftp: loaded support on port[0] = 21
[   47.402483] chnl_net:caif_netlink_parms(): no params data found
[   47.455473] IPVS: ftp: loaded support on port[0] = 21
[   47.463046] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.473773] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.486005] device bridge_slave_0 entered promiscuous mode
[   47.502233] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.518625] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.530348] device bridge_slave_1 entered promiscuous mode
[   47.553659] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   47.569343] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   47.591081] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   47.601129] team0: Port device team_slave_0 added
[   47.615116] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   47.623749] team0: Port device team_slave_1 added
[   47.639994] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   47.654150] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   47.716395] device hsr_slave_0 entered promiscuous mode
[   47.726052] device hsr_slave_1 entered promiscuous mode
[   47.742461] chnl_net:caif_netlink_parms(): no params data found
[   47.742799] IPVS: ftp: loaded support on port[0] = 21
[   47.752341] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   47.778361] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   47.823721] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.838937] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.849780] device bridge_slave_0 entered promiscuous mode
[   47.865470] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.873055] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.881544] device bridge_slave_1 entered promiscuous mode
[   47.902019] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   47.919498] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.927851] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.937016] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.945933] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.994403] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   48.015742] IPVS: ftp: loaded support on port[0] = 21
[   48.046314] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   48.058802] team0: Port device team_slave_0 added
[   48.066117] chnl_net:caif_netlink_parms(): no params data found
[   48.091591] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   48.105746] team0: Port device team_slave_1 added
[   48.132962] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   48.164706] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   48.180403] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   48.191621] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.239679] device hsr_slave_0 entered promiscuous mode
[   48.246800] device hsr_slave_1 entered promiscuous mode
[   48.282346] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   48.301942] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   48.344042] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   48.356705] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.370869] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.384727] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   48.411169] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.430123] IPVS: ftp: loaded support on port[0] = 21
[   48.432381] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.452367] device bridge_slave_0 entered promiscuous mode
[   48.466419] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.474928] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.485907] device bridge_slave_1 entered promiscuous mode
[   48.496906] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   48.525105] chnl_net:caif_netlink_parms(): no params data found
[   48.557955] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   48.569779] 8021q: adding VLAN 0 to HW filter on device team0
[   48.604147] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   48.623057] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   48.642055] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   48.727293] chnl_net:caif_netlink_parms(): no params data found
[   48.743530] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   48.761695] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   48.776593] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.783594] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.799609] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   48.832050] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   48.858026] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   48.874285] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   48.885075] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.892643] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.929533] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   48.942671] team0: Port device team_slave_0 added
[   48.956381] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   48.971552] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.980492] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.992264] device bridge_slave_0 entered promiscuous mode
[   49.010689] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   49.021614] team0: Port device team_slave_1 added
[   49.029107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   49.042073] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   49.056947] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.068831] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.081092] device bridge_slave_1 entered promiscuous mode
[   49.092260] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   49.106104] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   49.146502] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   49.173663] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   49.194607] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.208293] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.219526] device bridge_slave_0 entered promiscuous mode
[   49.229692] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.238250] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.249831] device bridge_slave_1 entered promiscuous mode
[   49.257378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   49.271512] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   49.282535] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   49.296946] device hsr_slave_0 entered promiscuous mode
[   49.308585] device hsr_slave_1 entered promiscuous mode
[   49.318317] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   49.336008] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   49.369748] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   49.394505] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   49.428068] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   49.448174] team0: Port device team_slave_0 added
[   49.462858] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   49.482543] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   49.502959] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   49.528733] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   49.550218] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   49.564574] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   49.580996] team0: Port device team_slave_1 added
[   49.643437] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
[   49.664375] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   49.688946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   49.703701] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   49.722699] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
[   49.743612] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   49.758853] team0: Port device team_slave_0 added
[   49.772721] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   49.784811] team0: Port device team_slave_1 added
[   49.795335] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   49.820845] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   49.829963] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   49.842137] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[   49.850136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   49.862337] chnl_net:caif_netlink_parms(): no params data found
[   49.880483] device hsr_slave_0 entered promiscuous mode
[   49.891326] device hsr_slave_1 entered promiscuous mode
[   49.899123] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   49.911296] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   49.933207] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   49.943790] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   49.955711] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   49.971783] 8021q: adding VLAN 0 to HW filter on device bond0
[   49.988317] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready
[   50.003438] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[   50.041277] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   50.052506] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   50.068354] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   50.086269] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.097910] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.106285] device bridge_slave_0 entered promiscuous mode
[   50.118161] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.128223] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.138115] device bridge_slave_1 entered promiscuous mode
[   50.162621] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   50.178573] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   50.190379] device hsr_slave_0 entered promiscuous mode
[   50.201680] device hsr_slave_1 entered promiscuous mode
[   50.212142] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   50.227094] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   50.243655] 8021q: adding VLAN 0 to HW filter on device batadv0
[   50.254929] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   50.270553] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   50.289497] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   50.302974] 8021q: adding VLAN 0 to HW filter on device team0
[   50.320991] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   50.350482] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   50.370967] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   50.379326] team0: Port device team_slave_0 added
[   50.387675] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   50.400017] team0: Port device team_slave_1 added
[   50.418440] 8021q: adding VLAN 0 to HW filter on device bond0
[   50.432945] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   50.449531] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   50.463733] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   50.478657] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   50.491252] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   50.504803] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   50.522191] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.531172] bridge0: port 1(bridge_slave_0) entered forwarding state
[   50.531231] net/hsr/hsr_forward.c:366: Malformed frame (port_src hsr0)
[   50.553185] ------------[ cut here ]------------
[   50.554791] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   50.560176] WARNING: CPU: 1 PID: 7283 at net/hsr/hsr_forward.c:366 hsr_forward_skb.cold.7+0x26/0x10c
[   50.560182] Kernel panic - not syncing: panic_on_warn set ...
[   50.560182] 
[   50.560188] CPU: 1 PID: 7283 Comm: syz-executor.1 Not tainted 4.14.193-syzkaller #0
[   50.560191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   50.560193] Call Trace:
[   50.560203]  dump_stack+0xf7/0x13b
[   50.560208]  ? hsr_forward_skb.cold.7+0x26/0x10c
[   50.560214]  panic+0x1b0/0x358
[   50.560218]  ? add_taint.cold.5+0x11/0x11
[   50.560227]  ? hsr_forward_skb.cold.7+0x26/0x10c
[   50.560231]  __warn.cold.8+0x25/0x2c
[   50.560236]  ? hsr_forward_skb.cold.7+0x26/0x10c
[   50.560242]  report_bug+0x1a4/0x1f3
[   50.560250]  do_error_trap+0x1bd/0x310
[   50.560256]  ? math_error+0x300/0x300
[   50.560265]  ? vprintk_emit+0x1be/0x4e0
[   50.560274]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   50.560282]  do_invalid_op+0x1b/0x20
[   50.560287]  invalid_op+0x1b/0x40
[   50.560292] RIP: 0010:hsr_forward_skb.cold.7+0x26/0x10c
[   50.560295] RSP: 0018:ffff8880942678b0 EFLAGS: 00010282
[   50.560300] RAX: 000000000000003a RBX: ffff888095c2aec0 RCX: 0000000000000000
[   50.560303] RDX: 000000000000003a RSI: ffffffff86cc3100 RDI: ffffed101284cf0d
[   50.560306] RBP: ffff888094267950 R08: 0000000000000001 R09: 0000000000000000
[   50.560309] R10: 0000000000000000 R11: dffffc0000000000 R12: ffff88809035a440
[   50.560312] R13: ffff8880860dee10 R14: 0000000000000000 R15: 000000000000ffff
[   50.560327]  ? validate_xmit_skb+0x587/0x910
[   50.560336]  hsr_dev_xmit+0x68/0xa0
[   50.575038] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   50.579846]  packet_direct_xmit+0x3ed/0x630
[   50.579854]  packet_sendmsg+0x32b6/0x6520
[   50.579864]  ? trace_hardirqs_on+0x10/0x10
[   50.579869]  ? trace_hardirqs_off+0x10/0x10
[   50.579882]  ? packet_notifier+0x6c0/0x6c0
[   50.579889]  ? __fget+0x1ad/0x2f0
[   50.579895]  ? selinux_tun_dev_create+0xc0/0xc0
[   50.579908]  ? selinux_socket_sendmsg+0x31/0x40
[   50.579914]  ? security_socket_sendmsg+0x6a/0xa0
[   50.579919]  ? packet_notifier+0x6c0/0x6c0
[   50.579924]  sock_sendmsg+0xb5/0xf0
[   50.579930]  SYSC_sendto+0x1e3/0x2c0
[   50.579935]  ? SYSC_connect+0x2a0/0x2a0
[   50.579941]  ? __might_fault+0xf1/0x1b0
[   50.579946]  ? lock_downgrade+0x7f0/0x7f0
[   50.579965]  ? nsecs_to_jiffies+0x20/0x20
[   50.579976]  ? SyS_clock_gettime+0x115/0x160
[   50.579980]  ? SyS_clock_settime+0x1a0/0x1a0
[   50.579985]  ? security_file_ioctl+0x6a/0xa0
[   50.579992]  ? do_syscall_64+0x4c/0x5b0
[   50.580016]  ? SyS_getpeername+0x10/0x10
[   50.580020]  SyS_sendto+0x9/0x10
[   50.580025]  do_syscall_64+0x1c7/0x5b0
[   50.580030]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   50.580044]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   50.615452] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   50.620093] RIP: 0033:0x45a999
[   50.620098] RSP: 002b:00007f6404c49c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   50.620104] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045a999
[   50.620106] RDX: 000000000000000e RSI: 0000000020000100 RDI: 0000000000000003
[   50.620108] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[   50.620110] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6404c4a6d4
[   50.620112] R13: 00000000004c9b34 R14: 00000000004e1a80 R15: 00000000ffffffff
[   50.621693] Kernel Offset: disabled
[   51.067942] Rebooting in 86400 seconds..