[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.198' (ECDSA) to the list of known hosts. 2020/09/06 17:27:08 parsed 1 programs syzkaller login: [ 547.359842][ T3677] kmemleak: Automatic memory scanning thread ended 2020/09/06 17:27:15 executed programs: 0 [ 554.874880][ T24] audit: type=1400 audit(1599413235.992:8): avc: denied { execmem } for pid=6452 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 555.965007][ T6453] IPVS: ftp: loaded support on port[0] = 21 [ 556.017187][ T6453] chnl_net:caif_netlink_parms(): no params data found [ 556.047890][ T6453] bridge0: port 1(bridge_slave_0) entered blocking state [ 556.055886][ T6453] bridge0: port 1(bridge_slave_0) entered disabled state [ 556.063738][ T6453] device bridge_slave_0 entered promiscuous mode [ 556.070902][ T6453] bridge0: port 2(bridge_slave_1) entered blocking state [ 556.078128][ T6453] bridge0: port 2(bridge_slave_1) entered disabled state [ 556.085656][ T6453] device bridge_slave_1 entered promiscuous mode [ 556.095917][ T6453] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 556.105696][ T6453] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 556.118065][ T6453] team0: Port device team_slave_0 added [ 556.124293][ T6453] team0: Port device team_slave_1 added [ 556.133067][ T6453] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 556.140117][ T6453] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 556.166339][ T6453] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 556.178568][ T6453] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 556.185503][ T6453] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 556.211443][ T6453] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 556.226951][ T6453] device hsr_slave_0 entered promiscuous mode [ 556.233495][ T6453] device hsr_slave_1 entered promiscuous mode [ 556.261807][ T6453] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 556.269429][ T6453] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 556.278075][ T6453] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 556.286462][ T6453] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 556.299387][ T6453] bridge0: port 2(bridge_slave_1) entered blocking state [ 556.306666][ T6453] bridge0: port 2(bridge_slave_1) entered forwarding state [ 556.314021][ T6453] bridge0: port 1(bridge_slave_0) entered blocking state [ 556.321062][ T6453] bridge0: port 1(bridge_slave_0) entered forwarding state [ 556.337955][ T6453] 8021q: adding VLAN 0 to HW filter on device bond0 [ 556.347093][ T6431] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 556.355951][ T6431] bridge0: port 1(bridge_slave_0) entered disabled state [ 556.364069][ T6431] bridge0: port 2(bridge_slave_1) entered disabled state [ 556.371506][ T6431] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 556.380177][ T6453] 8021q: adding VLAN 0 to HW filter on device team0 [ 556.388611][ T6588] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 556.396931][ T6588] bridge0: port 1(bridge_slave_0) entered blocking state [ 556.403985][ T6588] bridge0: port 1(bridge_slave_0) entered forwarding state [ 556.418486][ T6588] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 556.426753][ T6588] bridge0: port 2(bridge_slave_1) entered blocking state [ 556.433794][ T6588] bridge0: port 2(bridge_slave_1) entered forwarding state [ 556.442172][ T6588] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 556.450753][ T6588] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 556.458932][ T6588] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 556.467755][ T6588] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 556.477897][ T6453] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 556.486279][ T6669] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 556.496777][ T6670] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 556.504434][ T6670] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 556.514040][ T6453] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 556.525458][ T6672] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 556.537277][ T6670] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 556.546365][ T6670] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 556.554277][ T6670] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 556.562830][ T6453] device veth0_vlan entered promiscuous mode [ 556.570629][ T6453] device veth1_vlan entered promiscuous mode [ 556.581289][ T6672] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 556.589305][ T6672] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 556.596933][ T6672] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 556.606303][ T6453] device veth0_macvtap entered promiscuous mode [ 556.614066][ T6453] device veth1_macvtap entered promiscuous mode [ 556.624334][ T6453] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 556.631832][ T6670] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 556.640467][ T6670] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 556.649659][ T6453] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 556.658461][ T6672] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 556.667705][ T6453] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 556.676655][ T6453] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 556.685613][ T6453] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 556.694301][ T6453] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 558.028329][ T6672] Bluetooth: hci0: command 0x0409 tx timeout [ 560.107943][ T6672] Bluetooth: hci0: command 0x041b tx timeout [ 562.187820][ T6672] Bluetooth: hci0: command 0x040f tx timeout 2020/09/06 17:27:23 executed programs: 1 [ 564.267594][ T6431] Bluetooth: hci0: command 0x0419 tx timeout 2020/09/06 17:27:29 executed programs: 3 2020/09/06 17:27:34 executed programs: 5 [ 575.108624][ T6742] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff8881136fee00 (size 224): comm "syz-executor.0", pid 6721, jiffies 4294994095 (age 13.510s) hex dump (first 32 bytes): a0 84 f4 1a 81 88 ff ff a0 84 f4 1a 81 88 ff ff ................ 00 80 0f 13 81 88 ff ff 00 00 00 00 00 00 00 00 ................ backtrace: [<0000000063a1d675>] __build_skb+0x1f/0x100 [<0000000068529f94>] __napi_alloc_skb+0xe5/0x140 [<00000000eddbc4bd>] napi_get_frags+0x3a/0x70 [<00000000953adbfb>] tun_get_user+0xa43/0x1660 [<000000000fdff495>] tun_chr_write_iter+0x66/0xa0 [<0000000038f827a1>] new_sync_write+0x173/0x210 [<0000000007c02947>] vfs_write+0x21d/0x280 [<00000000783b3b9e>] ksys_write+0x72/0x120 [<0000000075244a79>] do_syscall_64+0x2d/0x70 [<00000000a29bf1f7>] entry_SYSCALL_64_after_hwframe+0x44/0xa9