Warning: Permanently added '10.128.15.192' (ECDSA) to the list of known hosts. 2019/10/27 09:31:44 fuzzer started 2019/10/27 09:31:45 dialing manager at 10.128.0.26:34793 2019/10/27 09:31:46 syscalls: 2534 2019/10/27 09:31:46 code coverage: enabled 2019/10/27 09:31:46 comparison tracing: enabled 2019/10/27 09:31:46 extra coverage: extra coverage is not supported by the kernel 2019/10/27 09:31:46 setuid sandbox: enabled 2019/10/27 09:31:46 namespace sandbox: enabled 2019/10/27 09:31:46 Android sandbox: /sys/fs/selinux/policy does not exist 2019/10/27 09:31:46 fault injection: enabled 2019/10/27 09:31:46 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/10/27 09:31:46 net packet injection: enabled 2019/10/27 09:31:46 net device setup: enabled 2019/10/27 09:31:46 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 09:33:54 executing program 0: modify_ldt$write(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x3}, 0x10) 09:33:54 executing program 1: accept4$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x0, 0x0, @empty}, 0x0, 0x0) open(0x0, 0x100, 0xc2) r0 = getpid() r1 = socket$inet6(0xa, 0x2, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = syz_open_dev$evdev(&(0x7f0000000340)='#\x00', 0x0, 0x0) read(r3, 0x0, 0x0) fspick(0xffffffffffffffff, &(0x7f0000000000)='./bus\x00', 0x0) write(r2, 0x0, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$sock_ifreq(0xffffffffffffffff, 0x8937, 0x0) r4 = getpid() migrate_pages(r4, 0x7, 0x0, &(0x7f0000000140)=0xfffffffffffffffd) r5 = getpid() migrate_pages(r5, 0x0, 0x0, 0x0) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000080)) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) r6 = getpid() migrate_pages(r6, 0x7, 0x0, &(0x7f00000005c0)=0x1) r7 = getpid() migrate_pages(r7, 0x7, 0x0, &(0x7f00000005c0)) r8 = getpid() migrate_pages(r8, 0x7, 0x0, &(0x7f00000005c0)) sched_setattr(r0, 0x0, 0x0) r9 = socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r10 = socket$inet6(0xa, 0x3, 0x2) r11 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$IP_VS_SO_GET_VERSION(r11, 0x0, 0x480, &(0x7f0000000380), &(0x7f0000000340)=0xffa7) socket(0x1000000010, 0x0, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) r12 = socket(0x840000000002, 0x3, 0x200000000000ff) bind$inet6(r12, &(0x7f00000000c0)={0xa, 0x0, 0x40, @dev}, 0x1c) getsockopt$inet6_IPV6_IPSEC_POLICY(r10, 0x29, 0x22, 0x0, 0x0) r13 = socket(0x1000000010, 0x400000400080803, 0x0) write(r13, 0x0, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r9, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x600, 0x3ef, 0x0, 0x3f00000000000000, 0x100000000000000, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}}) ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, &(0x7f0000000040)={0xa925, 0x1}) r14 = dup(0xffffffffffffffff) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r14}) ioctl$DMA_BUF_IOCTL_SYNC(r14, 0x40086201, &(0x7f0000000100)) perf_event_open(0x0, 0x0, 0x40000000, r14, 0x9) ioctl$sock_inet6_SIOCADDRT(r9, 0x89a0, &(0x7f0000000400)={@local={0xfe, 0x80, [0x0, 0xfeff0000]}, @remote, @remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x42}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 200.497544][ T9019] IPVS: ftp: loaded support on port[0] = 21 09:33:54 executing program 2: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000001c0)='tls\x00', 0x4) setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) sendto$inet(r0, &(0x7f0000000080)='\x00', 0xffffffffffffff18, 0x80811, 0x0, 0x0) [ 200.676204][ T9021] IPVS: ftp: loaded support on port[0] = 21 [ 200.725546][ T9019] chnl_net:caif_netlink_parms(): no params data found [ 200.861925][ T9024] IPVS: ftp: loaded support on port[0] = 21 [ 200.875673][ T9019] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.882794][ T9019] bridge0: port 1(bridge_slave_0) entered disabled state [ 200.898010][ T9019] device bridge_slave_0 entered promiscuous mode [ 200.926890][ T9019] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.934013][ T9019] bridge0: port 2(bridge_slave_1) entered disabled state [ 200.942532][ T9019] device bridge_slave_1 entered promiscuous mode 09:33:54 executing program 3: syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x5, 0x0) [ 201.051329][ T9021] chnl_net:caif_netlink_parms(): no params data found [ 201.085070][ T9019] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 201.128596][ T9019] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 201.191557][ T9019] team0: Port device team_slave_0 added [ 201.208540][ T9027] IPVS: ftp: loaded support on port[0] = 21 [ 201.209274][ T9021] bridge0: port 1(bridge_slave_0) entered blocking state [ 201.224755][ T9021] bridge0: port 1(bridge_slave_0) entered disabled state [ 201.232755][ T9021] device bridge_slave_0 entered promiscuous mode [ 201.273660][ T9019] team0: Port device team_slave_1 added [ 201.286419][ T9021] bridge0: port 2(bridge_slave_1) entered blocking state [ 201.293711][ T9021] bridge0: port 2(bridge_slave_1) entered disabled state [ 201.304609][ T9021] device bridge_slave_1 entered promiscuous mode 09:33:55 executing program 4: socket$netlink(0x10, 0x3, 0x0) prctl$PR_SET_THP_DISABLE(0x29, 0x0) syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x2000) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x100000000}, 0x0) syz_open_dev$dmmidi(0x0, 0x6, 0x2c200) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000300)={0x1, 0x0, 0x0, 0x3, 0x13, 0x0, 0x0, 0xc1, 0xfff, 0x0, 0x0, 0x2}) getpid() sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = eventfd2(0x0, 0x0) r3 = dup(r2) read(r3, &(0x7f00000001c0)=""/102, 0x66) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) clock_gettime(0x0, &(0x7f0000000580)={0x0, 0x0}) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0x4000, 0x0) sched_setattr(0x0, &(0x7f0000000400)={0x30, 0x1, 0x0, 0x0, 0x1}, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380)='/dev/snapshot\x00', 0x8000, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f00000003c0), &(0x7f0000000500)=0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b4}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) [ 201.383468][ T9021] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 201.404579][ T9024] chnl_net:caif_netlink_parms(): no params data found [ 201.418366][ T9021] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 201.468789][ T9019] device hsr_slave_0 entered promiscuous mode 09:33:55 executing program 5: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = io_uring_setup(0xf2a, &(0x7f0000002740)) splice(r1, 0x0, r0, 0x0, 0x204, 0x0) [ 201.596835][ T9019] device hsr_slave_1 entered promiscuous mode [ 201.692809][ T9030] IPVS: ftp: loaded support on port[0] = 21 [ 201.771003][ T9021] team0: Port device team_slave_0 added [ 201.803537][ T9024] bridge0: port 1(bridge_slave_0) entered blocking state [ 201.820786][ T9024] bridge0: port 1(bridge_slave_0) entered disabled state [ 201.834446][ T9024] device bridge_slave_0 entered promiscuous mode [ 201.844011][ T9021] team0: Port device team_slave_1 added [ 201.871394][ T9024] bridge0: port 2(bridge_slave_1) entered blocking state [ 201.878721][ T9024] bridge0: port 2(bridge_slave_1) entered disabled state [ 201.886925][ T9024] device bridge_slave_1 entered promiscuous mode [ 201.948547][ T9021] device hsr_slave_0 entered promiscuous mode [ 202.014725][ T9021] device hsr_slave_1 entered promiscuous mode [ 202.094584][ T9021] debugfs: Directory 'hsr0' with parent '/' already present! [ 202.167623][ T9024] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 202.202662][ T9032] IPVS: ftp: loaded support on port[0] = 21 [ 202.219543][ T9024] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 202.270497][ T9027] chnl_net:caif_netlink_parms(): no params data found [ 202.314906][ T9024] team0: Port device team_slave_0 added [ 202.349723][ T9024] team0: Port device team_slave_1 added [ 202.391721][ T9027] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.402148][ T9027] bridge0: port 1(bridge_slave_0) entered disabled state [ 202.410695][ T9027] device bridge_slave_0 entered promiscuous mode [ 202.421128][ T9027] bridge0: port 2(bridge_slave_1) entered blocking state [ 202.431731][ T9027] bridge0: port 2(bridge_slave_1) entered disabled state [ 202.440556][ T9027] device bridge_slave_1 entered promiscuous mode [ 202.526511][ T9024] device hsr_slave_0 entered promiscuous mode [ 202.576313][ T9024] device hsr_slave_1 entered promiscuous mode [ 202.614507][ T9024] debugfs: Directory 'hsr0' with parent '/' already present! [ 202.622441][ T9030] chnl_net:caif_netlink_parms(): no params data found [ 202.648428][ T9027] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 202.677981][ T9027] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 202.710875][ T9019] 8021q: adding VLAN 0 to HW filter on device bond0 [ 202.747117][ T9027] team0: Port device team_slave_0 added [ 202.804934][ T9027] team0: Port device team_slave_1 added [ 202.819731][ T9030] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.827158][ T9030] bridge0: port 1(bridge_slave_0) entered disabled state [ 202.835331][ T9030] device bridge_slave_0 entered promiscuous mode [ 202.851904][ T9019] 8021q: adding VLAN 0 to HW filter on device team0 [ 202.861806][ T9030] bridge0: port 2(bridge_slave_1) entered blocking state [ 202.869604][ T9030] bridge0: port 2(bridge_slave_1) entered disabled state [ 202.879149][ T9030] device bridge_slave_1 entered promiscuous mode [ 202.887671][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 202.897377][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 202.906081][ T9032] chnl_net:caif_netlink_parms(): no params data found [ 202.977626][ T9027] device hsr_slave_0 entered promiscuous mode [ 203.034731][ T9027] device hsr_slave_1 entered promiscuous mode [ 203.084452][ T9027] debugfs: Directory 'hsr0' with parent '/' already present! [ 203.133321][ T3022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 203.143128][ T3022] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 203.152568][ T3022] bridge0: port 1(bridge_slave_0) entered blocking state [ 203.159961][ T3022] bridge0: port 1(bridge_slave_0) entered forwarding state [ 203.169591][ T3022] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 203.178671][ T3022] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 203.187649][ T3022] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.194850][ T3022] bridge0: port 2(bridge_slave_1) entered forwarding state [ 203.213895][ T9021] 8021q: adding VLAN 0 to HW filter on device bond0 [ 203.232947][ T9030] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 203.248416][ T3022] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 203.258496][ T3022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 203.293322][ T9032] bridge0: port 1(bridge_slave_0) entered blocking state [ 203.301002][ T9032] bridge0: port 1(bridge_slave_0) entered disabled state [ 203.309212][ T9032] device bridge_slave_0 entered promiscuous mode [ 203.320331][ T9030] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 203.341270][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 203.356378][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 203.365448][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 203.391405][ T9032] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.405196][ T9032] bridge0: port 2(bridge_slave_1) entered disabled state [ 203.413045][ T9032] device bridge_slave_1 entered promiscuous mode [ 203.440007][ T9021] 8021q: adding VLAN 0 to HW filter on device team0 [ 203.452897][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 203.461770][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 203.470295][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 203.481471][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 203.490424][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 203.498883][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 203.507210][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 203.515968][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 203.525352][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 203.535575][ T9019] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 203.556470][ T9030] team0: Port device team_slave_0 added [ 203.564963][ T9030] team0: Port device team_slave_1 added [ 203.580956][ T9032] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 203.592128][ T9032] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 203.622426][ T9024] 8021q: adding VLAN 0 to HW filter on device bond0 [ 203.632279][ T9036] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 203.642530][ T9036] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 203.651932][ T9036] bridge0: port 1(bridge_slave_0) entered blocking state [ 203.659032][ T9036] bridge0: port 1(bridge_slave_0) entered forwarding state [ 203.667928][ T9036] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 203.676621][ T9036] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 203.685116][ T9036] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.692193][ T9036] bridge0: port 2(bridge_slave_1) entered forwarding state [ 203.729701][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 203.737846][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 203.746550][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 203.755408][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 203.763967][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 203.772839][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 203.780650][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 203.788804][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 203.798631][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 203.807675][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 203.820081][ T9019] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 203.835205][ T9032] team0: Port device team_slave_0 added [ 203.845526][ T9024] 8021q: adding VLAN 0 to HW filter on device team0 [ 203.853696][ T9032] team0: Port device team_slave_1 added [ 203.868442][ T9021] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 203.881045][ T9021] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 203.936486][ T9030] device hsr_slave_0 entered promiscuous mode [ 203.984841][ T9030] device hsr_slave_1 entered promiscuous mode [ 204.024543][ T9030] debugfs: Directory 'hsr0' with parent '/' already present! [ 204.048286][ T3022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 204.057210][ T3022] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 204.067482][ T3022] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 204.076335][ T3022] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 204.085082][ T3022] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 204.146541][ T9032] device hsr_slave_0 entered promiscuous mode [ 204.195251][ T9032] device hsr_slave_1 entered promiscuous mode [ 204.244394][ T9032] debugfs: Directory 'hsr0' with parent '/' already present! [ 204.259336][ T3528] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 204.268626][ T3528] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 204.277696][ T3528] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.284781][ T3528] bridge0: port 1(bridge_slave_0) entered forwarding state [ 204.292474][ T3528] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 204.301220][ T3528] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 204.310071][ T3528] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.317164][ T3528] bridge0: port 2(bridge_slave_1) entered forwarding state [ 204.325116][ T3528] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 204.340989][ T9021] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 204.394080][ T3528] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 204.406298][ T3528] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 204.415627][ T3528] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 204.424154][ T3528] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 204.433029][ T3528] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 204.442357][ T3528] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 204.484929][ T9036] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 204.493128][ T9036] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 204.501734][ T9036] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 204.538301][ T9024] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 204.556751][ T9024] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 204.580610][ T9027] 8021q: adding VLAN 0 to HW filter on device bond0 09:33:58 executing program 0: [ 204.608125][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 204.620397][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 204.660784][ T9027] 8021q: adding VLAN 0 to HW filter on device team0 [ 204.680466][ T3022] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 204.691835][ T3022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 204.717036][ T9024] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 204.744720][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready 09:33:58 executing program 0: [ 204.770520][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 204.797224][ T128] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.804356][ T128] bridge0: port 1(bridge_slave_0) entered forwarding state [ 204.831681][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready 09:33:58 executing program 0: [ 204.873935][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 204.889541][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 204.919386][ C0] hrtimer: interrupt took 25621 ns [ 204.932601][ T128] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.939749][ T128] bridge0: port 2(bridge_slave_1) entered forwarding state [ 204.952692][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready 09:33:58 executing program 0: [ 204.962375][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 204.980154][ T9030] 8021q: adding VLAN 0 to HW filter on device bond0 [ 205.031858][ T3022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 205.048702][ T3022] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 205.063154][ T3022] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready 09:33:58 executing program 0: [ 205.079714][ T3022] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 205.112418][ T9030] 8021q: adding VLAN 0 to HW filter on device team0 [ 205.133995][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 205.181656][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 205.205308][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 205.213742][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready 09:33:59 executing program 0: [ 205.248463][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 205.272186][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready 09:33:59 executing program 1: [ 205.299627][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 205.320283][ T9027] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready 09:33:59 executing program 0: [ 205.350009][ T9032] 8021q: adding VLAN 0 to HW filter on device bond0 [ 205.359562][ T9033] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 205.397627][ T9033] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 205.432869][ T9033] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.440061][ T9033] bridge0: port 1(bridge_slave_0) entered forwarding state [ 205.510730][ T9033] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 205.524049][ T9033] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 205.540075][ T9033] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.547294][ T9033] bridge0: port 2(bridge_slave_1) entered forwarding state [ 205.560385][ T9033] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 205.573265][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 205.623519][ T9030] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 205.640278][ T9030] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 205.660174][ T9032] 8021q: adding VLAN 0 to HW filter on device team0 [ 205.668175][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 205.679489][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 205.688582][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 205.697662][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 205.707403][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 205.716364][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 205.725644][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 205.734153][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 205.742871][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 205.751541][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 205.760469][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 205.769786][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 205.778003][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 205.801555][ T9027] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 205.832920][ T9030] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 205.844136][ T9033] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 205.859889][ T9033] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 205.870316][ T9033] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.877506][ T9033] bridge0: port 1(bridge_slave_0) entered forwarding state [ 205.885888][ T9033] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 205.894917][ T9033] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 205.903331][ T9033] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.910464][ T9033] bridge0: port 2(bridge_slave_1) entered forwarding state [ 205.918603][ T9033] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 205.928123][ T9033] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 205.941155][ T9036] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 205.970582][ T9036] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 205.986411][ T9036] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 206.002706][ T9036] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 206.011834][ T9036] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 206.020867][ T9036] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready 09:33:59 executing program 2: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000001c0)='tls\x00', 0x4) setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) sendto$inet(r0, &(0x7f0000000080)='\x00', 0xffffffffffffff18, 0x80811, 0x0, 0x0) [ 206.049447][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 206.059406][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 206.068752][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 206.088767][ T128] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 206.117349][ T9032] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 206.187883][ T9032] 8021q: adding VLAN 0 to HW filter on device batadv0 09:34:00 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000001c0)='tls\x00', 0x4) setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) sendto$inet(r0, &(0x7f0000000080)='\x00', 0xffffffffffffff18, 0x80811, 0x0, 0x0) [ 206.514057][ T9124] ================================================================== [ 206.522417][ T9124] BUG: KASAN: null-ptr-deref in io_wq_cancel_all+0x28/0x2a0 [ 206.529720][ T9124] Write of size 8 at addr 0000000000000004 by task syz-executor.5/9124 [ 206.538093][ T9124] [ 206.540451][ T9124] CPU: 1 PID: 9124 Comm: syz-executor.5 Not tainted 5.4.0-rc4-next-20191025 #0 [ 206.549514][ T9124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 206.559596][ T9124] Call Trace: [ 206.562946][ T9124] dump_stack+0x172/0x1f0 [ 206.567326][ T9124] ? io_wq_cancel_all+0x28/0x2a0 [ 206.572306][ T9124] ? io_wq_cancel_all+0x28/0x2a0 [ 206.577268][ T9124] __kasan_report.cold+0x5/0x41 [ 206.582823][ T9124] ? io_wq_cancel_all+0x28/0x2a0 [ 206.587886][ T9124] kasan_report+0x12/0x20 [ 206.592353][ T9124] check_memory_region+0x134/0x1a0 [ 206.598205][ T9124] __kasan_check_write+0x14/0x20 [ 206.603185][ T9124] io_wq_cancel_all+0x28/0x2a0 [ 206.608004][ T9124] io_ring_ctx_wait_and_kill+0x1e2/0x710 [ 206.614181][ T9124] io_uring_release+0x42/0x50 [ 206.618892][ T9124] __fput+0x2ff/0x890 [ 206.622923][ T9124] ? io_ring_ctx_wait_and_kill+0x710/0x710 [ 206.628810][ T9124] ____fput+0x16/0x20 [ 206.632832][ T9124] task_work_run+0x145/0x1c0 [ 206.637503][ T9124] do_exit+0x904/0x2e60 [ 206.641692][ T9124] ? mm_update_next_owner+0x640/0x640 [ 206.647121][ T9124] ? lock_downgrade+0x920/0x920 [ 206.651993][ T9124] ? _raw_spin_unlock_irq+0x23/0x80 [ 206.657205][ T9124] ? get_signal+0x392/0x24f0 [ 206.661811][ T9124] ? _raw_spin_unlock_irq+0x23/0x80 [ 206.667033][ T9124] do_group_exit+0x135/0x360 [ 206.671645][ T9124] get_signal+0x47c/0x24f0 [ 206.676083][ T9124] ? lock_downgrade+0x920/0x920 [ 206.680953][ T9124] do_signal+0x87/0x1700 [ 206.685224][ T9124] ? __kasan_check_read+0x11/0x20 [ 206.690283][ T9124] ? _copy_to_user+0x118/0x160 [ 206.695108][ T9124] ? setup_sigcontext+0x7d0/0x7d0 [ 206.700179][ T9124] ? exit_to_usermode_loop+0x43/0x380 [ 206.705594][ T9124] ? do_syscall_64+0x65f/0x760 [ 206.710375][ T9124] ? exit_to_usermode_loop+0x43/0x380 [ 206.715962][ T9124] ? lockdep_hardirqs_on+0x421/0x5e0 [ 206.721273][ T9124] ? trace_hardirqs_on+0x67/0x240 [ 206.726411][ T9124] exit_to_usermode_loop+0x286/0x380 [ 206.731736][ T9124] do_syscall_64+0x65f/0x760 [ 206.736490][ T9124] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 206.742402][ T9124] RIP: 0033:0x459f39 [ 206.746314][ T9124] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 206.765941][ T9124] RSP: 002b:00007f9b31a60cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 206.774393][ T9124] RAX: 0000000000000001 RBX: 000000000075bfd0 RCX: 0000000000459f39 [ 206.782475][ T9124] RDX: 00000000004c9c73 RSI: 0000000000000081 RDI: 000000000075bfd4 [ 206.790478][ T9124] RBP: 000000000075bfc8 R08: 0000000000000009 R09: 0000000000000000 [ 206.798562][ T9124] R10: ffffffffffffffff R11: 0000000000000246 R12: 000000000075bfd4 [ 206.806558][ T9124] R13: 00007ffc2bbc8a7f R14: 00007f9b31a619c0 R15: 000000000075bfd4 [ 206.814573][ T9124] ================================================================== [ 206.822646][ T9124] Disabling lock debugging due to kernel taint [ 206.843122][ T9124] Kernel panic - not syncing: panic_on_warn set ... [ 206.849783][ T9124] CPU: 1 PID: 9124 Comm: syz-executor.5 Tainted: G B 5.4.0-rc4-next-20191025 #0 [ 206.860114][ T9124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 206.870355][ T9124] Call Trace: [ 206.873666][ T9124] dump_stack+0x172/0x1f0 [ 206.878019][ T9124] panic+0x2e3/0x75c [ 206.881933][ T9124] ? add_taint.cold+0x16/0x16 [ 206.886628][ T9124] ? io_wq_cancel_all+0x28/0x2a0 [ 206.891584][ T9124] ? preempt_schedule+0x4b/0x60 [ 206.896470][ T9124] ? ___preempt_schedule+0x16/0x18 [ 206.901632][ T9124] ? trace_hardirqs_on+0x5e/0x240 [ 206.906667][ T9124] ? io_wq_cancel_all+0x28/0x2a0 [ 206.911589][ T9124] end_report+0x47/0x4f [ 206.915741][ T9124] ? io_wq_cancel_all+0x28/0x2a0 [ 206.920791][ T9124] __kasan_report.cold+0xe/0x41 [ 206.926534][ T9124] ? io_wq_cancel_all+0x28/0x2a0 [ 206.931480][ T9124] kasan_report+0x12/0x20 [ 206.935813][ T9124] check_memory_region+0x134/0x1a0 [ 206.940923][ T9124] __kasan_check_write+0x14/0x20 [ 206.945849][ T9124] io_wq_cancel_all+0x28/0x2a0 [ 206.950733][ T9124] io_ring_ctx_wait_and_kill+0x1e2/0x710 [ 206.956385][ T9124] io_uring_release+0x42/0x50 [ 206.961058][ T9124] __fput+0x2ff/0x890 [ 206.965078][ T9124] ? io_ring_ctx_wait_and_kill+0x710/0x710 [ 206.970880][ T9124] ____fput+0x16/0x20 [ 206.974868][ T9124] task_work_run+0x145/0x1c0 [ 206.979457][ T9124] do_exit+0x904/0x2e60 [ 206.983676][ T9124] ? mm_update_next_owner+0x640/0x640 [ 206.989087][ T9124] ? lock_downgrade+0x920/0x920 [ 206.994080][ T9124] ? _raw_spin_unlock_irq+0x23/0x80 [ 206.999308][ T9124] ? get_signal+0x392/0x24f0 [ 207.003918][ T9124] ? _raw_spin_unlock_irq+0x23/0x80 [ 207.009252][ T9124] do_group_exit+0x135/0x360 [ 207.013858][ T9124] get_signal+0x47c/0x24f0 [ 207.018283][ T9124] ? lock_downgrade+0x920/0x920 [ 207.023236][ T9124] do_signal+0x87/0x1700 [ 207.027497][ T9124] ? __kasan_check_read+0x11/0x20 [ 207.032653][ T9124] ? _copy_to_user+0x118/0x160 [ 207.037519][ T9124] ? setup_sigcontext+0x7d0/0x7d0 [ 207.042557][ T9124] ? exit_to_usermode_loop+0x43/0x380 [ 207.048091][ T9124] ? do_syscall_64+0x65f/0x760 [ 207.052870][ T9124] ? exit_to_usermode_loop+0x43/0x380 [ 207.058248][ T9124] ? lockdep_hardirqs_on+0x421/0x5e0 [ 207.063522][ T9124] ? trace_hardirqs_on+0x67/0x240 [ 207.068559][ T9124] exit_to_usermode_loop+0x286/0x380 [ 207.073859][ T9124] do_syscall_64+0x65f/0x760 [ 207.078716][ T9124] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 207.084617][ T9124] RIP: 0033:0x459f39 [ 207.088524][ T9124] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 207.108132][ T9124] RSP: 002b:00007f9b31a60cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 207.116555][ T9124] RAX: 0000000000000001 RBX: 000000000075bfd0 RCX: 0000000000459f39 [ 207.124518][ T9124] RDX: 00000000004c9c73 RSI: 0000000000000081 RDI: 000000000075bfd4 [ 207.132752][ T9124] RBP: 000000000075bfc8 R08: 0000000000000009 R09: 0000000000000000 [ 207.140933][ T9124] R10: ffffffffffffffff R11: 0000000000000246 R12: 000000000075bfd4 [ 207.148903][ T9124] R13: 00007ffc2bbc8a7f R14: 00007f9b31a619c0 R15: 000000000075bfd4 [ 207.158967][ T9124] Kernel Offset: disabled [ 207.163370][ T9124] Rebooting in 86400 seconds..