[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 59.553259][ T26] audit: type=1800 audit(1558161716.506:25): pid=8777 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 59.596538][ T26] audit: type=1800 audit(1558161716.516:26): pid=8777 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 59.655657][ T26] audit: type=1800 audit(1558161716.516:27): pid=8777 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.84' (ECDSA) to the list of known hosts. 2019/05/18 06:42:06 fuzzer started 2019/05/18 06:42:08 dialing manager at 10.128.0.26:37669 2019/05/18 06:42:08 syscalls: 1006 2019/05/18 06:42:08 code coverage: enabled 2019/05/18 06:42:08 comparison tracing: enabled 2019/05/18 06:42:08 extra coverage: extra coverage is not supported by the kernel 2019/05/18 06:42:08 setuid sandbox: enabled 2019/05/18 06:42:08 namespace sandbox: enabled 2019/05/18 06:42:08 Android sandbox: /sys/fs/selinux/policy does not exist 2019/05/18 06:42:08 fault injection: enabled 2019/05/18 06:42:08 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/05/18 06:42:08 net packet injection: enabled 2019/05/18 06:42:08 net device setup: enabled 06:42:13 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x6000000, &(0x7f0000000100)={&(0x7f00000001c0)={0x24, 0x23, 0x847, 0x0, 0x0, {0x2804, 0x7b5f7}, [@typed={0x10, 0x11, @str=':%/ime_type\x00'}]}, 0x24}}, 0x0) 06:42:13 executing program 1: r0 = socket$inet(0x2, 0x2000000080002, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@broute={'broute\x00', 0x20, 0x2, 0x1d8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200005c0], 0x0, 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff010000001100000000000000000076657468315f746f5f7465616d000000736974302000000000000400000000006272696467653000000000000000000076657468305f746f5f627269646765000180c2000000000000000000aaaaaaaaaa0000000000000000007000000070000000a80000006d61726b0000000000000000000000000000000000000000000000000000000010000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff01000000110000000000000000007465716c30000000000000000000000073797a5f74757e000000000000000000697036677265300000000000090000007663616e30000000d53fa73b00000000ffffffffffff000000000000aaaaaaaa98aa00000000000000007000000070000000a000000041554449540000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ffffffff00000000"]}, 0x250) syzkaller login: [ 76.878886][ T8943] IPVS: ftp: loaded support on port[0] = 21 [ 76.889791][ T8943] NET: Registered protocol family 30 [ 76.895126][ T8943] Failed to register TIPC socket type [ 77.135484][ T8945] IPVS: ftp: loaded support on port[0] = 21 [ 77.161351][ T8945] NET: Registered protocol family 30 06:42:14 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) r1 = socket(0x800000000000011, 0x2, 0x0) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r1, 0x29, 0xd3, &(0x7f0000000240)={{0xa, 0x4e24, 0x3, @local}, {0xa, 0x4e22, 0x9, @local}, 0x0, [0x81, 0x0, 0x8, 0x3, 0x0, 0x3, 0x17000000000000]}, 0x5c) bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='/\x02roup.stap\x00', 0x2761, 0x0) getsockname$unix(r1, &(0x7f00000001c0), &(0x7f0000000000)=0x6e) getsockname$unix(r2, &(0x7f0000000100), &(0x7f0000000180)=0xffffffffffffff77) r3 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0) write$cgroup_int(r3, &(0x7f00000000c0), 0x4557434d) sendfile(r0, r3, 0x0, 0x20000000006) getsockopt$IPT_SO_GET_REVISION_TARGET(r2, 0x0, 0x43, 0x0, &(0x7f0000000300)) ioctl$SIOCX25GCAUSEDIAG(0xffffffffffffffff, 0x89e6, 0x0) sendmsg$alg(r1, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000002c0)="974788f5d109d7e1157d006cba9dee1a5bf5aca1f930eb04d4c4d809a9ecf772c62117d41805003557cf6d452f6163452fec5768f6462be154", 0x39}], 0x1}, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r2, 0x40286608, &(0x7f00000015c0)={0x6, 0x5, 0x8001, 0x3f, 0x4, 0x627e}) getsockname$netrom(0xffffffffffffffff, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x2a, 0x0, 0x0) [ 77.186257][ T8945] Failed to register TIPC socket type [ 77.421819][ T8947] IPVS: ftp: loaded support on port[0] = 21 [ 77.441333][ T8947] NET: Registered protocol family 30 [ 77.456283][ T8947] Failed to register TIPC socket type 06:42:14 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000540)={&(0x7f0000000000), 0xc, &(0x7f0000000500)={&(0x7f0000000180)=@updsa={0x140, 0x1a, 0x401, 0x0, 0x0, {{@in6, @in6=@mcast2}, {@in=@multicast2, 0x0, 0x6c}, @in6=@remote, {}, {}, {}, 0x0, 0x0, 0xa}, [@tfcpad={0x8}, @algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x140}}, 0x0) [ 77.864748][ T8949] IPVS: ftp: loaded support on port[0] = 21 [ 77.890635][ T8949] NET: Registered protocol family 30 [ 77.895969][ T8949] Failed to register TIPC socket type 06:42:15 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xfffffcbe) mmap$xdp(&(0x7f0000ffc000/0x1000)=nil, 0x1070, 0xc, 0x10, r0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.events\x00', 0x60e, 0x68) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040)='SEG6\x00') [ 78.472029][ T8951] IPVS: ftp: loaded support on port[0] = 21 [ 78.500496][ T8951] NET: Registered protocol family 30 [ 78.505832][ T8951] Failed to register TIPC socket type 06:42:15 executing program 5: r0 = socket$inet6(0xa, 0x1000000000006, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8970, &(0x7f0000000080)={'bridge0\x00', 0x0}) [ 79.172437][ T8953] IPVS: ftp: loaded support on port[0] = 21 [ 79.190518][ T8953] NET: Registered protocol family 30 [ 79.195859][ T8953] Failed to register TIPC socket type [ 79.727898][ T8943] chnl_net:caif_netlink_parms(): no params data found [ 80.139221][ T8943] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.217325][ T8943] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.289814][ T8943] device bridge_slave_0 entered promiscuous mode [ 80.377674][ T8943] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.384895][ T8943] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.527323][ T8943] device bridge_slave_1 entered promiscuous mode [ 80.880645][ T8943] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 81.415042][ T8943] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 82.016378][ T8943] team0: Port device team_slave_0 added [ 82.308352][ T8943] team0: Port device team_slave_1 added [ 83.762070][ T8943] device hsr_slave_0 entered promiscuous mode [ 84.080567][ T8943] device hsr_slave_1 entered promiscuous mode [ 86.567367][ T8943] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.059055][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 87.127945][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 87.270073][ T8943] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.619866][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 87.687146][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 87.695709][ T23] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.703000][ T23] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.176653][ T9145] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 88.184785][ T9145] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 88.337055][ T9145] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 88.427763][ T9145] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.434900][ T9145] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.696756][ T9255] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 88.809774][ T9145] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 89.013698][ T9255] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 89.057346][ T9255] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 89.341939][ T9324] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 89.388312][ T9324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 89.537226][ T9324] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 89.717560][ T9255] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 89.787690][ T9255] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 89.998379][ T9255] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 90.139960][ T9255] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 90.334718][ T8943] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 90.829504][ T8943] 8021q: adding VLAN 0 to HW filter on device batadv0 06:42:48 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x6000000, &(0x7f0000000100)={&(0x7f00000001c0)={0x24, 0x23, 0x847, 0x0, 0x0, {0x2804, 0x7b5f7}, [@typed={0x10, 0x11, @str=':%/ime_type\x00'}]}, 0x24}}, 0x0) [ 111.467138][ T9506] sysfs: cannot create duplicate filename '/class/ieee80211/:%!ime_type' [ 111.686362][ T9506] CPU: 0 PID: 9506 Comm: syz-executor.0 Not tainted 5.1.0+ #18 [ 111.693957][ T9506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 111.704027][ T9506] Call Trace: [ 111.707344][ T9506] dump_stack+0x172/0x1f0 [ 111.711737][ T9506] sysfs_warn_dup.cold+0x1c/0x31 [ 111.716700][ T9506] sysfs_do_create_link_sd.isra.0+0x120/0x140 [ 111.722787][ T9506] sysfs_create_link+0x65/0xc0 [ 111.727569][ T9506] device_add+0x75c/0x17a0 [ 111.732022][ T9506] ? get_device_parent.isra.0+0x560/0x560 [ 111.737759][ T9506] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 111.744030][ T9506] wiphy_register+0x1ab0/0x25f0 [ 111.748912][ T9506] ? wiphy_unregister+0xfe0/0xfe0 [ 111.754131][ T9506] ? rcu_read_lock_sched_held+0x110/0x130 [ 111.759879][ T9506] ? __kmalloc+0x5d5/0x740 [ 111.764305][ T9506] ? mark_held_locks+0xa4/0xf0 [ 111.769081][ T9506] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 111.774902][ T9506] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 111.781981][ T9506] ieee80211_register_hw+0x177b/0x3e50 [ 111.787466][ T9506] ? ieee80211_ifa_changed+0xc70/0xc70 [ 111.792944][ T9506] ? memset+0x32/0x40 [ 111.796938][ T9506] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 111.803191][ T9506] ? __hrtimer_init+0xe1/0x250 [ 111.807980][ T9506] mac80211_hwsim_new_radio+0x2026/0x42a0 [ 111.813714][ T9506] ? __lock_acquire+0x54f/0x5490 [ 111.818675][ T9506] ? hwsim_cloned_frame_received_nl+0x1590/0x1590 [ 111.825101][ T9506] ? refcount_dec_not_one+0x1f0/0x1f0 [ 111.830490][ T9506] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 111.836399][ T9506] hwsim_new_radio_nl+0x9e3/0x1070 [ 111.841530][ T9506] ? mac80211_hwsim_new_radio+0x42a0/0x42a0 [ 111.847437][ T9506] ? nla_memcpy+0xb0/0xb0 [ 111.851796][ T9506] ? __nla_parse+0x43/0x60 [ 111.856272][ T9506] genl_family_rcv_msg+0x753/0xf90 [ 111.861403][ T9506] ? genl_unregister_family+0x790/0x790 [ 111.866957][ T9506] ? __lock_acquire+0x54f/0x5490 [ 111.871916][ T9506] ? __local_bh_enable_ip+0x15a/0x270 [ 111.877339][ T9506] ? __dev_queue_xmit+0xb9c/0x36f0 [ 111.882488][ T9506] genl_rcv_msg+0xca/0x16c [ 111.886934][ T9506] netlink_rcv_skb+0x17a/0x460 [ 111.891714][ T9506] ? genl_family_rcv_msg+0xf90/0xf90 [ 111.897022][ T9506] ? netlink_ack+0xb50/0xb50 [ 111.901627][ T9506] ? lock_acquire+0x16f/0x3f0 [ 111.906329][ T9506] ? kasan_check_write+0x14/0x20 [ 111.911295][ T9506] genl_rcv+0x29/0x40 [ 111.915302][ T9506] netlink_unicast+0x536/0x720 [ 111.920097][ T9506] ? netlink_attachskb+0x770/0x770 [ 111.925233][ T9506] ? _copy_from_iter_full+0x25d/0x8c0 [ 111.930628][ T9506] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 111.936370][ T9506] ? __check_object_size+0x3d/0x42f [ 111.941594][ T9506] netlink_sendmsg+0x8ae/0xd70 [ 111.946378][ T9506] ? netlink_unicast+0x720/0x720 [ 111.951333][ T9506] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 111.956905][ T9506] ? apparmor_socket_sendmsg+0x2a/0x30 [ 111.962381][ T9506] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 111.968905][ T9506] ? security_socket_sendmsg+0x93/0xc0 [ 111.974377][ T9506] ? netlink_unicast+0x720/0x720 [ 111.979334][ T9506] sock_sendmsg+0x12e/0x170 [ 111.983863][ T9506] ___sys_sendmsg+0x81d/0x960 [ 111.988561][ T9506] ? copy_msghdr_from_user+0x430/0x430 [ 111.994039][ T9506] ? kasan_check_read+0x11/0x20 [ 111.998908][ T9506] ? __fget+0x381/0x550 [ 112.003086][ T9506] ? ksys_dup3+0x3e0/0x3e0 [ 112.007518][ T9506] ? lock_downgrade+0x880/0x880 [ 112.012388][ T9506] ? __fget_light+0x1a9/0x230 [ 112.017079][ T9506] ? __fdget+0x1b/0x20 [ 112.021160][ T9506] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 112.027415][ T9506] __sys_sendmsg+0x105/0x1d0 [ 112.032014][ T9506] ? __ia32_sys_shutdown+0x80/0x80 [ 112.037153][ T9506] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 112.042634][ T9506] ? do_syscall_64+0x26/0x680 [ 112.047323][ T9506] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 112.053399][ T9506] ? do_syscall_64+0x26/0x680 [ 112.058095][ T9506] __x64_sys_sendmsg+0x78/0xb0 [ 112.062889][ T9506] do_syscall_64+0x103/0x680 [ 112.067592][ T9506] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 112.073495][ T9506] RIP: 0033:0x458da9 [ 112.077419][ T9506] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 112.097034][ T9506] RSP: 002b:00007f667d232c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 112.105462][ T9506] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000458da9 [ 112.113450][ T9506] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 112.121438][ T9506] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 112.129424][ T9506] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f667d2336d4 [ 112.137432][ T9506] R13: 00000000004c6790 R14: 00000000004db3e8 R15: 00000000ffffffff 06:42:50 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x6000000, &(0x7f0000000100)={&(0x7f00000001c0)={0x24, 0x23, 0x847, 0x0, 0x0, {0x2804, 0x7b5f7}, [@typed={0x10, 0x11, @str=':%/ime_type\x00'}]}, 0x24}}, 0x0) [ 113.823511][ T9528] IPVS: ftp: loaded support on port[0] = 21 [ 113.900072][ T9533] sysfs: cannot create duplicate filename '/class/ieee80211/:%!ime_type' [ 113.960002][ T9531] IPVS: ftp: loaded support on port[0] = 21 [ 114.071735][ T9533] CPU: 1 PID: 9533 Comm: syz-executor.0 Not tainted 5.1.0+ #18 [ 114.079353][ T9533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 114.089432][ T9533] Call Trace: [ 114.092744][ T9533] dump_stack+0x172/0x1f0 [ 114.097129][ T9533] sysfs_warn_dup.cold+0x1c/0x31 [ 114.102087][ T9533] sysfs_do_create_link_sd.isra.0+0x120/0x140 [ 114.108179][ T9533] sysfs_create_link+0x65/0xc0 [ 114.112961][ T9533] device_add+0x75c/0x17a0 [ 114.117402][ T9533] ? get_device_parent.isra.0+0x560/0x560 [ 114.123144][ T9533] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 114.129415][ T9533] wiphy_register+0x1ab0/0x25f0 [ 114.134289][ T9533] ? wiphy_unregister+0xfe0/0xfe0 [ 114.139332][ T9533] ? rcu_read_lock_sched_held+0x110/0x130 [ 114.145070][ T9533] ? __kmalloc+0x5d5/0x740 [ 114.149496][ T9533] ? mark_held_locks+0xa4/0xf0 [ 114.154274][ T9533] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 114.160090][ T9533] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 114.166349][ T9533] ieee80211_register_hw+0x177b/0x3e50 [ 114.171845][ T9533] ? ieee80211_ifa_changed+0xc70/0xc70 [ 114.177314][ T9533] ? memset+0x32/0x40 [ 114.181306][ T9533] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 114.187560][ T9533] ? __hrtimer_init+0xe1/0x250 [ 114.192343][ T9533] mac80211_hwsim_new_radio+0x2026/0x42a0 [ 114.198079][ T9533] ? __lock_acquire+0x54f/0x5490 [ 114.203041][ T9533] ? hwsim_cloned_frame_received_nl+0x1590/0x1590 [ 114.209473][ T9533] ? refcount_dec_not_one+0x1f0/0x1f0 [ 114.214875][ T9533] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 114.220787][ T9533] hwsim_new_radio_nl+0x9e3/0x1070 [ 114.225918][ T9533] ? mac80211_hwsim_new_radio+0x42a0/0x42a0 [ 114.231817][ T9533] ? nla_memcpy+0xb0/0xb0 [ 114.236170][ T9533] ? __nla_parse+0x43/0x60 [ 114.240697][ T9533] genl_family_rcv_msg+0x753/0xf90 [ 114.245824][ T9533] ? genl_unregister_family+0x790/0x790 [ 114.251488][ T9533] ? __lock_acquire+0x54f/0x5490 [ 114.256435][ T9533] ? __local_bh_enable_ip+0x15a/0x270 [ 114.261814][ T9533] ? __dev_queue_xmit+0xb9c/0x36f0 [ 114.266989][ T9533] genl_rcv_msg+0xca/0x16c [ 114.271421][ T9533] netlink_rcv_skb+0x17a/0x460 [ 114.276200][ T9533] ? genl_family_rcv_msg+0xf90/0xf90 [ 114.281506][ T9533] ? netlink_ack+0xb50/0xb50 [ 114.286105][ T9533] ? lock_acquire+0x16f/0x3f0 [ 114.290863][ T9533] ? kasan_check_write+0x14/0x20 [ 114.295814][ T9533] genl_rcv+0x29/0x40 [ 114.299811][ T9533] netlink_unicast+0x536/0x720 [ 114.304598][ T9533] ? netlink_attachskb+0x770/0x770 [ 114.309714][ T9533] ? _copy_from_iter_full+0x25d/0x8c0 [ 114.315102][ T9533] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 114.320846][ T9533] ? __check_object_size+0x3d/0x42f [ 114.326067][ T9533] netlink_sendmsg+0x8ae/0xd70 [ 114.330861][ T9533] ? netlink_unicast+0x720/0x720 [ 114.335810][ T9533] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 114.341560][ T9533] ? apparmor_socket_sendmsg+0x2a/0x30 [ 114.347035][ T9533] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 114.353289][ T9533] ? security_socket_sendmsg+0x93/0xc0 [ 114.358776][ T9533] ? netlink_unicast+0x720/0x720 [ 114.363747][ T9533] sock_sendmsg+0x12e/0x170 [ 114.368279][ T9533] ___sys_sendmsg+0x81d/0x960 [ 114.372982][ T9533] ? copy_msghdr_from_user+0x430/0x430 [ 114.378470][ T9533] ? kasan_check_read+0x11/0x20 [ 114.383343][ T9533] ? __fget+0x381/0x550 [ 114.387545][ T9533] ? ksys_dup3+0x3e0/0x3e0 [ 114.391981][ T9533] ? lock_downgrade+0x880/0x880 [ 114.396863][ T9533] ? __fget_light+0x1a9/0x230 [ 114.401555][ T9533] ? __fdget+0x1b/0x20 [ 114.405632][ T9533] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 114.411888][ T9533] __sys_sendmsg+0x105/0x1d0 [ 114.416491][ T9533] ? __ia32_sys_shutdown+0x80/0x80 [ 114.421627][ T9533] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 114.427103][ T9533] ? do_syscall_64+0x26/0x680 [ 114.431795][ T9533] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 114.437884][ T9533] ? do_syscall_64+0x26/0x680 [ 114.442582][ T9533] __x64_sys_sendmsg+0x78/0xb0 [ 114.447358][ T9533] do_syscall_64+0x103/0x680 [ 114.451977][ T9533] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 114.457876][ T9533] RIP: 0033:0x458da9 [ 114.461800][ T9533] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 114.481424][ T9533] RSP: 002b:00007f667d232c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 114.489858][ T9533] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000458da9 [ 114.497859][ T9533] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 114.505870][ T9533] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 114.513867][ T9533] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f667d2336d4 [ 114.521857][ T9533] R13: 00000000004c6790 R14: 00000000004db3e8 R15: 00000000ffffffff [ 114.569136][ T9528] NET: Registered protocol family 30 [ 114.569334][ T9531] list_add double add: new=ffffffff89544ab0, prev=ffffffff89334ac0, next=ffffffff89544ab0. [ 114.574473][ T9528] Failed to register TIPC socket type [ 114.886588][ T9531] ------------[ cut here ]------------ [ 114.892227][ T9531] kernel BUG at lib/list_debug.c:29! [ 115.108187][ T9531] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 115.114297][ T9531] CPU: 1 PID: 9531 Comm: syz-executor.2 Not tainted 5.1.0+ #18 [ 115.121844][ T9531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 115.131942][ T9531] RIP: 0010:__list_add_valid.cold+0x26/0x3c [ 115.137852][ T9531] Code: 56 ff ff ff 4c 89 e1 48 c7 c7 20 4c a3 87 e8 00 60 25 fe 0f 0b 48 89 f2 4c 89 e1 4c 89 ee 48 c7 c7 60 4d a3 87 e8 e9 5f 25 fe <0f> 0b 48 89 f1 48 c7 c7 e0 4c a3 87 4c 89 e6 e8 d5 5f 25 fe 0f 0b [ 115.157463][ T9531] RSP: 0018:ffff88806f91fb88 EFLAGS: 00010282 [ 115.163538][ T9531] RAX: 0000000000000058 RBX: ffffffff89544920 RCX: 0000000000000000 [ 115.171514][ T9531] RDX: 0000000000000000 RSI: ffffffff815afbe6 RDI: ffffed100df23f63 [ 115.179491][ T9531] RBP: ffff88806f91fba0 R08: 0000000000000058 R09: ffffed1015d26011 [ 115.187464][ T9531] R10: ffffed1015d26010 R11: ffff8880ae930087 R12: ffffffff89544ab0 [ 115.195442][ T9531] R13: ffffffff89544ab0 R14: ffffffff89544ab0 R15: ffffffff89544a50 [ 115.203420][ T9531] FS: 0000000002155940(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 115.212350][ T9531] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.218939][ T9531] CR2: 00007f88db13f000 CR3: 000000008d180000 CR4: 00000000001406e0 [ 115.226917][ T9531] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 115.234888][ T9531] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 115.242861][ T9531] Call Trace: [ 115.246159][ T9531] ? mutex_lock_nested+0x16/0x20 [ 115.251099][ T9531] proto_register+0x459/0x8e0 [ 115.255813][ T9531] ? lockdep_init_map+0x1be/0x6d0 [ 115.260861][ T9531] tipc_socket_init+0x1c/0x70 [ 115.265543][ T9531] tipc_init_net+0x32a/0x5b0 [ 115.270147][ T9531] ? tipc_exit_net+0x40/0x40 [ 115.274769][ T9531] ops_init+0xb6/0x410 [ 115.278876][ T9531] setup_net+0x2d3/0x740 [ 115.283117][ T9531] ? copy_net_ns+0x1c0/0x340 [ 115.287715][ T9531] ? ops_init+0x410/0x410 [ 115.292236][ T9531] ? kasan_check_write+0x14/0x20 [ 115.297187][ T9531] ? down_read_killable+0x51/0x220 [ 115.302304][ T9531] copy_net_ns+0x1df/0x340 [ 115.306726][ T9531] create_new_namespaces+0x400/0x7b0 [ 115.312015][ T9531] unshare_nsproxy_namespaces+0xc2/0x200 [ 115.317651][ T9531] ksys_unshare+0x440/0x980 [ 115.322163][ T9531] ? trace_hardirqs_on+0x67/0x230 [ 115.327199][ T9531] ? walk_process_tree+0x2d0/0x2d0 [ 115.332330][ T9531] ? blkcg_exit_queue+0x30/0x30 [ 115.337241][ T9531] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 115.342714][ T9531] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 115.348793][ T9531] ? do_syscall_64+0x26/0x680 [ 115.353489][ T9531] ? lockdep_hardirqs_on+0x418/0x5d0 [ 115.358780][ T9531] __x64_sys_unshare+0x31/0x40 [ 115.363549][ T9531] do_syscall_64+0x103/0x680 [ 115.368152][ T9531] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 115.374044][ T9531] RIP: 0033:0x45b897 [ 115.377941][ T9531] Code: 00 00 00 b8 63 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 10 01 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 115.397553][ T9531] RSP: 002b:00007ffd0d8ec528 EFLAGS: 00000202 ORIG_RAX: 0000000000000110 [ 115.405975][ T9531] RAX: ffffffffffffffda RBX: 000000000073c988 RCX: 000000000045b897 [ 115.413952][ T9531] RDX: 0000000000000000 RSI: 00007ffd0d8ec4d0 RDI: 0000000040000000 [ 115.421924][ T9531] RBP: 00000000000000f8 R08: 0000000000000000 R09: 0000000000000005 [ 115.429908][ T9531] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000414ab0 [ 115.437892][ T9531] R13: 0000000000414b40 R14: 0000000000000000 R15: 0000000000000000 [ 115.445876][ T9531] Modules linked in: [ 116.640582][ T9531] ---[ end trace e174fbb2bf3b3bf4 ]--- [ 116.649089][ T9531] RIP: 0010:__list_add_valid.cold+0x26/0x3c [ 116.657073][ T9533] kobject: ':%!ime_type' (000000006440658e): kobject_uevent_env [ 116.662873][ T9531] Code: 56 ff ff ff 4c 89 e1 48 c7 c7 20 4c a3 87 e8 00 60 25 fe 0f 0b 48 89 f2 4c 89 e1 4c 89 ee 48 c7 c7 60 4d a3 87 e8 e9 5f 25 fe <0f> 0b 48 89 f1 48 c7 c7 e0 4c a3 87 4c 89 e6 e8 d5 5f 25 fe 0f 0b [ 116.675712][ T9533] kobject: ':%!ime_type' (000000006440658e): fill_kobj_path: path = '/devices/virtual/mac80211_hwsim/hwsim4/ieee80211/:%!ime_type' [ 116.690418][ T9531] RSP: 0018:ffff88806f91fb88 EFLAGS: 00010282 [ 116.708583][ T9531] RAX: 0000000000000058 RBX: ffffffff89544920 RCX: 0000000000000000 [ 116.710500][ T9533] kobject: 'ieee80211' (000000006a2feb9a): kobject_cleanup, parent 00000000d047fedf [ 116.717562][ T9531] RDX: 0000000000000000 RSI: ffffffff815afbe6 RDI: ffffed100df23f63 [ 116.727522][ T9533] kobject: 'ieee80211' (000000006a2feb9a): calling ktype release [ 116.741674][ T9531] RBP: ffff88806f91fba0 R08: 0000000000000058 R09: ffffed1015d26011 [ 116.749588][ T9533] kobject: 'ieee80211': free name [ 116.757597][ T9531] R10: ffffed1015d26010 R11: ffff8880ae930087 R12: ffffffff89544ab0 [ 116.763087][ T9533] kobject: 'hwsim4' (0000000062621198): kobject_uevent_env [ 116.775544][ T9532] IPVS: ftp: loaded support on port[0] = 21 [ 116.778627][ T9533] kobject: 'hwsim4' (0000000062621198): fill_kobj_path: path = '/devices/virtual/mac80211_hwsim/hwsim4' [ 116.789297][ T9537] IPVS: ftp: loaded support on port[0] = 21 [ 116.797462][ T9533] kobject: 'hwsim4' (0000000062621198): kobject_uevent_env [ 116.806510][ T9534] IPVS: ftp: loaded support on port[0] = 21 [ 116.809013][ T9533] kobject: 'hwsim4' (0000000062621198): fill_kobj_path: path = '/devices/virtual/mac80211_hwsim/hwsim4' [ 116.820429][ T9531] R13: ffffffff89544ab0 R14: ffffffff89544ab0 R15: ffffffff89544a50 [ 116.826300][ T9533] kobject: 'hwsim4' (0000000062621198): kobject_cleanup, parent 00000000d047fedf [ 116.837155][ T9531] FS: 0000000002155940(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 116.843598][ T9533] kobject: 'hwsim4' (0000000062621198): calling ktype release [ 116.851676][ T9531] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.859262][ T9533] kobject: 'hwsim4': free name [ 116.865458][ T9531] CR2: 0000000000cb8060 CR3: 000000008d180000 CR4: 00000000001406e0 [ 116.870309][ T9533] kobject: ':%!ime_type' (000000006440658e): kobject_cleanup, parent 00000000d047fedf [ 116.878377][ T9531] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 116.889176][ T9533] kobject: ':%!ime_type' (000000006440658e): calling ktype release [ 116.896109][ T9531] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 116.904118][ T9533] kobject: '(null)' (000000006d646bf4): kobject_cleanup, parent 00000000d047fedf [ 116.912246][ T9531] Kernel panic - not syncing: Fatal exception [ 116.921794][ T9533] kobject: '(null)' (000000006d646bf4): calling ktype release [ 116.928170][ T9531] Kernel Offset: disabled [ 116.939969][ T9531] Rebooting in 86400 seconds..