Warning: Permanently added '10.128.1.38' (ECDSA) to the list of known hosts. executing program executing program syzkaller login: [ 57.725282][ T7041] ================================================================== [ 57.734323][ T7041] BUG: KASAN: null-ptr-deref in choke_reset+0x208/0x340 [ 57.741361][ T7041] Write of size 8 at addr 0000000000000000 by task syz-executor839/7041 [ 57.750058][ T7041] [ 57.752517][ T7041] CPU: 0 PID: 7041 Comm: syz-executor839 Not tainted 5.7.0-rc1-syzkaller #0 [ 57.761431][ T7041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 57.772226][ T7041] Call Trace: [ 57.775513][ T7041] dump_stack+0x188/0x20d [ 57.779846][ T7041] ? choke_reset+0x208/0x340 [ 57.784435][ T7041] __kasan_report.cold+0x5/0x4d [ 57.789498][ T7041] ? choke_reset+0x208/0x340 [ 57.794079][ T7041] ? choke_reset+0x208/0x340 [ 57.798803][ T7041] kasan_report+0x33/0x50 [ 57.803158][ T7041] check_memory_region+0x141/0x190 [ 57.808278][ T7041] memset+0x20/0x40 [ 57.812077][ T7041] choke_reset+0x208/0x340 [ 57.816750][ T7041] ? choke_destroy+0x40/0x40 [ 57.821333][ T7041] qdisc_reset+0x6b/0x520 [ 57.825654][ T7041] dev_deactivate_queue.constprop.0+0x13c/0x240 [ 57.831883][ T7041] dev_deactivate_many+0xe2/0xba0 [ 57.836893][ T7041] ? __is_module_percpu_address+0x257/0x350 [ 57.842796][ T7041] dev_deactivate+0xf8/0x1c0 [ 57.847382][ T7041] ? dev_deactivate_many+0xba0/0xba0 [ 57.852653][ T7041] ? is_dynamic_key+0x12a/0x1a0 [ 57.857616][ T7041] ? choke_dequeue+0x4b0/0x4b0 [ 57.862396][ T7041] qdisc_graft+0xd25/0x1120 [ 57.867335][ T7041] ? tc_dump_tclass+0x480/0x480 [ 57.872192][ T7041] ? tc_get_qdisc+0xaf0/0xaf0 [ 57.876895][ T7041] ? nla_memcpy+0xa0/0xa0 [ 57.881220][ T7041] ? ns_capable_common+0xe2/0x100 [ 57.886294][ T7041] tc_modify_qdisc+0xbab/0x1a00 [ 57.891158][ T7041] ? qdisc_create+0x1140/0x1140 [ 57.896153][ T7041] ? mutex_trylock+0x2c0/0x2c0 [ 57.901030][ T7041] ? find_held_lock+0x2d/0x110 [ 57.905804][ T7041] ? qdisc_create+0x1140/0x1140 [ 57.910641][ T7041] rtnetlink_rcv_msg+0x44e/0xad0 [ 57.915603][ T7041] ? rtnl_bridge_getlink+0x870/0x870 [ 57.920895][ T7041] ? lock_acquire+0x1f2/0x8f0 [ 57.925559][ T7041] ? netlink_deliver_tap+0x146/0xb50 [ 57.930834][ T7041] netlink_rcv_skb+0x15a/0x410 [ 57.935585][ T7041] ? rtnl_bridge_getlink+0x870/0x870 [ 57.940886][ T7041] ? netlink_ack+0xa10/0xa10 [ 57.945471][ T7041] netlink_unicast+0x537/0x740 [ 57.950241][ T7041] ? netlink_attachskb+0x810/0x810 [ 57.955357][ T7041] ? _copy_from_iter_full+0x25c/0x870 [ 57.960730][ T7041] ? __phys_addr_symbol+0x2c/0x70 [ 57.967670][ T7041] ? __check_object_size+0x171/0x437 [ 57.972985][ T7041] netlink_sendmsg+0x882/0xe10 [ 57.977762][ T7041] ? aa_af_perm+0x260/0x260 [ 57.982268][ T7041] ? netlink_unicast+0x740/0x740 [ 57.987419][ T7041] ? netlink_unicast+0x740/0x740 [ 57.992433][ T7041] sock_sendmsg+0xcf/0x120 [ 57.996848][ T7041] ____sys_sendmsg+0x6bf/0x7e0 [ 58.001716][ T7041] ? print_usage_bug+0x240/0x240 [ 58.006659][ T7041] ? kernel_sendmsg+0x50/0x50 [ 58.011524][ T7041] ___sys_sendmsg+0x100/0x170 [ 58.016290][ T7041] ? sendmsg_copy_msghdr+0x70/0x70 [ 58.021480][ T7041] ? mark_held_locks+0xe0/0xe0 [ 58.026323][ T7041] ? __this_cpu_preempt_check+0x28/0x190 [ 58.031990][ T7041] ? percpu_counter_add_batch+0x123/0x180 [ 58.038051][ T7041] ? find_held_lock+0x2d/0x110 [ 58.042804][ T7041] ? __fd_install+0x1b4/0x600 [ 58.047993][ T7041] ? lock_downgrade+0x840/0x840 [ 58.052857][ T7041] ? __fget_light+0x1ab/0x270 [ 58.057519][ T7041] __sys_sendmsg+0xec/0x1b0 [ 58.062005][ T7041] ? __sys_sendmsg_sock+0xb0/0xb0 [ 58.067019][ T7041] ? trace_hardirqs_off_caller+0x55/0x230 [ 58.072722][ T7041] ? do_syscall_64+0x21/0x7d0 [ 58.077400][ T7041] do_syscall_64+0xf6/0x7d0 [ 58.081901][ T7041] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 58.087809][ T7041] RIP: 0033:0x441499 [ 58.091693][ T7041] Code: e8 fc ab 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 58.111456][ T7041] RSP: 002b:00007fff433f71a8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 58.119850][ T7041] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441499 [ 58.127805][ T7041] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000004 [ 58.135846][ T7041] RBP: 000000000000e14c R08: 00000000004002c8 R09: 00000000004002c8 [ 58.144095][ T7041] R10: 00000000004002c8 R11: 0000000000000246 R12: 00000000004022c0 [ 58.152067][ T7041] R13: 0000000000402350 R14: 0000000000000000 R15: 0000000000000000 [ 58.160053][ T7041] ================================================================== [ 58.168109][ T7041] Disabling lock debugging due to kernel taint [ 58.174480][ T7041] Kernel panic - not syncing: panic_on_warn set ... [ 58.181181][ T7041] CPU: 0 PID: 7041 Comm: syz-executor839 Tainted: G B 5.7.0-rc1-syzkaller #0 [ 58.191328][ T7041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 58.201379][ T7041] Call Trace: [ 58.204776][ T7041] dump_stack+0x188/0x20d [ 58.209087][ T7041] panic+0x2e3/0x75c [ 58.213112][ T7041] ? add_taint.cold+0x16/0x16 [ 58.217891][ T7041] ? retint_kernel+0x2b/0x2b [ 58.223574][ T7041] ? choke_reset+0x208/0x340 [ 58.228220][ T7041] ? trace_hardirqs_on+0x55/0x220 [ 58.233335][ T7041] ? choke_reset+0x208/0x340 [ 58.238097][ T7041] end_report+0x4d/0x53 [ 58.242370][ T7041] __kasan_report.cold+0xd/0x4d [ 58.247211][ T7041] ? choke_reset+0x208/0x340 [ 58.251784][ T7041] ? choke_reset+0x208/0x340 [ 58.256360][ T7041] kasan_report+0x33/0x50 [ 58.260781][ T7041] check_memory_region+0x141/0x190 [ 58.265987][ T7041] memset+0x20/0x40 [ 58.269776][ T7041] choke_reset+0x208/0x340 [ 58.274190][ T7041] ? choke_destroy+0x40/0x40 [ 58.279040][ T7041] qdisc_reset+0x6b/0x520 [ 58.283364][ T7041] dev_deactivate_queue.constprop.0+0x13c/0x240 [ 58.289601][ T7041] dev_deactivate_many+0xe2/0xba0 [ 58.295082][ T7041] ? __is_module_percpu_address+0x257/0x350 [ 58.301149][ T7041] dev_deactivate+0xf8/0x1c0 [ 58.305733][ T7041] ? dev_deactivate_many+0xba0/0xba0 [ 58.311177][ T7041] ? is_dynamic_key+0x12a/0x1a0 [ 58.316020][ T7041] ? choke_dequeue+0x4b0/0x4b0 [ 58.320806][ T7041] qdisc_graft+0xd25/0x1120 [ 58.325299][ T7041] ? tc_dump_tclass+0x480/0x480 [ 58.330128][ T7041] ? tc_get_qdisc+0xaf0/0xaf0 [ 58.334815][ T7041] ? nla_memcpy+0xa0/0xa0 [ 58.339126][ T7041] ? ns_capable_common+0xe2/0x100 [ 58.344139][ T7041] tc_modify_qdisc+0xbab/0x1a00 [ 58.348971][ T7041] ? qdisc_create+0x1140/0x1140 [ 58.353850][ T7041] ? mutex_trylock+0x2c0/0x2c0 [ 58.358600][ T7041] ? find_held_lock+0x2d/0x110 [ 58.363358][ T7041] ? qdisc_create+0x1140/0x1140 [ 58.368192][ T7041] rtnetlink_rcv_msg+0x44e/0xad0 [ 58.373289][ T7041] ? rtnl_bridge_getlink+0x870/0x870 [ 58.378561][ T7041] ? lock_acquire+0x1f2/0x8f0 [ 58.383304][ T7041] ? netlink_deliver_tap+0x146/0xb50 [ 58.388597][ T7041] netlink_rcv_skb+0x15a/0x410 [ 58.393360][ T7041] ? rtnl_bridge_getlink+0x870/0x870 [ 58.398994][ T7041] ? netlink_ack+0xa10/0xa10 [ 58.403573][ T7041] netlink_unicast+0x537/0x740 [ 58.408334][ T7041] ? netlink_attachskb+0x810/0x810 [ 58.413426][ T7041] ? _copy_from_iter_full+0x25c/0x870 [ 58.418788][ T7041] ? __phys_addr_symbol+0x2c/0x70 [ 58.423805][ T7041] ? __check_object_size+0x171/0x437 [ 58.429069][ T7041] netlink_sendmsg+0x882/0xe10 [ 58.433826][ T7041] ? aa_af_perm+0x260/0x260 [ 58.438316][ T7041] ? netlink_unicast+0x740/0x740 [ 58.443236][ T7041] ? netlink_unicast+0x740/0x740 [ 58.448278][ T7041] sock_sendmsg+0xcf/0x120 [ 58.452678][ T7041] ____sys_sendmsg+0x6bf/0x7e0 [ 58.457437][ T7041] ? print_usage_bug+0x240/0x240 [ 58.462370][ T7041] ? kernel_sendmsg+0x50/0x50 [ 58.467318][ T7041] ___sys_sendmsg+0x100/0x170 [ 58.472094][ T7041] ? sendmsg_copy_msghdr+0x70/0x70 [ 58.477301][ T7041] ? mark_held_locks+0xe0/0xe0 [ 58.482068][ T7041] ? __this_cpu_preempt_check+0x28/0x190 [ 58.487680][ T7041] ? percpu_counter_add_batch+0x123/0x180 [ 58.493562][ T7041] ? find_held_lock+0x2d/0x110 [ 58.498306][ T7041] ? __fd_install+0x1b4/0x600 [ 58.503050][ T7041] ? lock_downgrade+0x840/0x840 [ 58.507926][ T7041] ? __fget_light+0x1ab/0x270 [ 58.512593][ T7041] __sys_sendmsg+0xec/0x1b0 [ 58.517081][ T7041] ? __sys_sendmsg_sock+0xb0/0xb0 [ 58.522095][ T7041] ? trace_hardirqs_off_caller+0x55/0x230 [ 58.527812][ T7041] ? do_syscall_64+0x21/0x7d0 [ 58.532469][ T7041] do_syscall_64+0xf6/0x7d0 [ 58.536966][ T7041] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 58.542958][ T7041] RIP: 0033:0x441499 [ 58.546915][ T7041] Code: e8 fc ab 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 58.566861][ T7041] RSP: 002b:00007fff433f71a8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 58.575255][ T7041] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441499 [ 58.583530][ T7041] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000004 [ 58.591528][ T7041] RBP: 000000000000e14c R08: 00000000004002c8 R09: 00000000004002c8 [ 58.599605][ T7041] R10: 00000000004002c8 R11: 0000000000000246 R12: 00000000004022c0 [ 58.607705][ T7041] R13: 0000000000402350 R14: 0000000000000000 R15: 0000000000000000 [ 58.619261][ T7041] Kernel Offset: disabled [ 58.623790][ T7041] Rebooting in 86400 seconds..