Warning: Permanently added '10.128.0.141' (ECDSA) to the list of known hosts. 2018/12/12 17:27:43 fuzzer started 2018/12/12 17:27:45 dialing manager at 10.128.0.26:45517 [ 41.507506] ld (6093) used greatest stack depth: 15184 bytes left 2018/12/12 17:27:45 syscalls: 1 2018/12/12 17:27:45 code coverage: enabled 2018/12/12 17:27:45 comparison tracing: enabled 2018/12/12 17:27:45 setuid sandbox: enabled 2018/12/12 17:27:45 namespace sandbox: enabled 2018/12/12 17:27:45 Android sandbox: /sys/fs/selinux/policy does not exist 2018/12/12 17:27:45 fault injection: enabled 2018/12/12 17:27:45 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/12/12 17:27:45 net packet injection: enabled 2018/12/12 17:27:45 net device setup: enabled 17:30:11 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x40000000015, 0x5, 0x0) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000440)=0x1000001, 0x1a6) ppoll(&(0x7f0000000080)=[{r0}], 0x1, &(0x7f0000000100), &(0x7f0000000000), 0x8) [ 187.637435] IPVS: ftp: loaded support on port[0] = 21 17:30:11 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000000)=0x100000001) read(r0, &(0x7f0000000040)=""/11, 0x363) r1 = syz_open_pts(r0, 0x0) dup3(r1, r0, 0x0) ioctl$TCFLSH(r0, 0x540b, 0x1) [ 187.899959] IPVS: ftp: loaded support on port[0] = 21 17:30:11 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'dummy0\x00', &(0x7f0000000000)=@ethtool_drvinfo={0x49, "3e965f00faeaaac90173af1711d427af328f128eda9d19fd4abd2ad0beaa257e", "dc822f963d063e4d150f3957b0163fd21a7965d6c50fbf1ad0929a7579fb53af", "217b07cfe6d5a67a70d3dbb89dc91f562b25b3d68e2b9abd6303101ddcd478f3", "746be38556b63adc945c33eeb049685b8eb38fcb8d4c98ff6e385b80dce94999", "4209a22493f10b1d11b59195ea360d557738c7e14159c677136809c50e25e75f", "8db08633b855f210993b29b6"}}) [ 188.256691] IPVS: ftp: loaded support on port[0] = 21 17:30:12 executing program 3: r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x400c00, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000004640)={0x0, 0x989680}) exit(0x3fc000000000000) getpgid(0xffffffffffffffff) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000007c0)={{{@in6, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@local}}, &(0x7f00000008c0)=0xe8) lstat(&(0x7f0000000900)='./file0\x00', &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000009c0)={0x0, r1, r2}, 0xc) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x5d9d, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000200), 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'sit0\x00', 0x0}) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.net/syz1\x00', 0x200002, 0x0) syz_emit_ethernet(0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000008000500fa1b0000000000009033b41314bbac1414aa00009078ffff"], 0x0) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r3, 0x84, 0x12, &(0x7f0000000140), &(0x7f0000000340)=0x4) r6 = openat$cgroup_int(r5, &(0x7f0000000040)='cpuset.mems\x00', 0x2, 0x0) setsockopt$kcm_KCM_RECV_DISABLE(r3, 0x119, 0x1, &(0x7f0000000000), 0x4) syz_genetlink_get_family_id$team(&(0x7f0000000240)='team\x00') getsockopt$inet_IP_IPSEC_POLICY(r5, 0x0, 0x10, &(0x7f0000000480)={{{@in6, @in6=@mcast1}}, {{@in6=@remote}, 0x0, @in6=@remote}}, &(0x7f0000000280)=0xe8) setsockopt$sock_int(r3, 0x1, 0x3d, &(0x7f00000003c0)=0x401, 0x4) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, &(0x7f0000000300)) bind$packet(r3, &(0x7f0000000040)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @broadcast}, 0x14) fgetxattr(r6, 0x0, &(0x7f0000000580)=""/151, 0x97) openat$audio(0xffffffffffffff9c, &(0x7f0000000440)='/dev/audio\x00', 0x0, 0x0) setsockopt$packet_int(r3, 0x107, 0x14, &(0x7f0000000180)=0x20, 0x4) sendmmsg(r3, &(0x7f0000000d00), 0x400004e, 0x0) [ 188.862234] IPVS: ftp: loaded support on port[0] = 21 [ 188.969250] bridge0: port 1(bridge_slave_0) entered blocking state [ 188.975807] bridge0: port 1(bridge_slave_0) entered disabled state [ 188.991033] device bridge_slave_0 entered promiscuous mode [ 189.091087] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.117570] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.125103] device bridge_slave_1 entered promiscuous mode 17:30:13 executing program 4: clone(0x1000202102001ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) unshare(0x40000000) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r1, &(0x7f0000003e40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x280, 0x0) getsockname$netlink(r2, &(0x7f0000000100), 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) close(r0) ioctl$FIDEDUPERANGE(r3, 0xc0189436, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, [{r1, 0x0, 0x10000}]}) pause() [ 189.242340] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 189.426955] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 189.452287] IPVS: ftp: loaded support on port[0] = 21 [ 189.853479] bond0: Enslaving bond_slave_0 as an active interface with an up link 17:30:13 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x20, 0x0, 0x0, 0xfffffffffffff000}, {0x6}]}, 0x10) sendmmsg(r0, &(0x7f0000006e00)=[{{0x0, 0x0, 0x0}}, {{&(0x7f00000058c0)=@can, 0x80, 0x0}}], 0x2, 0x0) [ 189.900381] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.916990] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.937126] device bridge_slave_0 entered promiscuous mode [ 190.005246] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 190.075910] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.098638] bridge0: port 2(bridge_slave_1) entered disabled state [ 190.108209] device bridge_slave_1 entered promiscuous mode [ 190.216499] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.225588] bridge0: port 1(bridge_slave_0) entered disabled state [ 190.233645] device bridge_slave_0 entered promiscuous mode [ 190.240069] IPVS: ftp: loaded support on port[0] = 21 [ 190.248890] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 190.348069] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 190.394593] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.406947] bridge0: port 2(bridge_slave_1) entered disabled state [ 190.414425] device bridge_slave_1 entered promiscuous mode [ 190.604231] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 190.706524] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 190.728744] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 190.736554] team0: Port device team_slave_0 added [ 190.852954] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 190.872235] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 190.887513] team0: Port device team_slave_1 added [ 191.028329] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 191.042169] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 191.065129] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 191.088001] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 191.116337] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 191.166668] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 191.184589] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 191.211834] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 191.228080] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 191.247889] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 191.258507] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 191.304532] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 191.336613] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 191.358673] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 191.474608] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 191.495294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 191.513089] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 191.541896] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.549672] bridge0: port 1(bridge_slave_0) entered disabled state [ 191.559545] device bridge_slave_0 entered promiscuous mode [ 191.702999] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.714400] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.722244] device bridge_slave_1 entered promiscuous mode [ 191.754423] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 191.770020] team0: Port device team_slave_0 added [ 191.820352] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 191.889141] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.895642] bridge0: port 1(bridge_slave_0) entered disabled state [ 191.915161] device bridge_slave_0 entered promiscuous mode [ 191.926947] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 191.934551] team0: Port device team_slave_1 added [ 191.951158] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 191.962737] team0: Port device team_slave_0 added [ 191.992750] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 192.065878] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 192.080160] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.086553] bridge0: port 2(bridge_slave_1) entered disabled state [ 192.115192] device bridge_slave_1 entered promiscuous mode [ 192.128038] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 192.142877] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 192.213018] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 192.226385] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 192.237971] team0: Port device team_slave_1 added [ 192.243493] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 192.252703] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 192.315654] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 192.352190] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 192.375534] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 192.387974] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 192.402805] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 192.445856] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 192.482722] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 192.509979] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 192.529563] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 192.545860] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 192.583052] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 192.642581] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 192.677323] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 192.684530] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 192.698235] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 192.748281] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.767026] bridge0: port 1(bridge_slave_0) entered disabled state [ 192.774550] device bridge_slave_0 entered promiscuous mode [ 192.838316] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 192.845850] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 192.867789] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 192.876295] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 192.895417] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 192.969289] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 192.984231] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.997022] bridge0: port 2(bridge_slave_1) entered disabled state [ 193.008189] device bridge_slave_1 entered promiscuous mode [ 193.031098] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 193.055922] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 193.108820] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 193.157330] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.163921] bridge0: port 2(bridge_slave_1) entered forwarding state [ 193.171236] bridge0: port 1(bridge_slave_0) entered blocking state [ 193.177727] bridge0: port 1(bridge_slave_0) entered forwarding state [ 193.195729] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 193.217627] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 193.244003] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 193.258145] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 193.352384] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 193.468404] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 193.478140] team0: Port device team_slave_0 added [ 193.628218] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 193.654037] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 193.674866] team0: Port device team_slave_1 added [ 193.753835] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 193.788320] team0: Port device team_slave_0 added [ 193.849217] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 193.856142] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 193.873898] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 193.896070] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 193.923921] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 193.977835] team0: Port device team_slave_1 added [ 193.995810] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 194.039997] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 194.068732] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 194.078110] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 194.137924] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 194.144883] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 194.159509] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 194.173050] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 194.189916] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 194.217392] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.223838] bridge0: port 2(bridge_slave_1) entered forwarding state [ 194.230681] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.237142] bridge0: port 1(bridge_slave_0) entered forwarding state [ 194.246137] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 194.255995] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 194.277771] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 194.296144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 194.322016] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 194.344970] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 194.361984] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 194.432698] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 194.442165] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 194.468016] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 194.534083] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 194.557595] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 194.569213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 194.610357] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.616839] bridge0: port 2(bridge_slave_1) entered forwarding state [ 194.623591] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.630015] bridge0: port 1(bridge_slave_0) entered forwarding state [ 194.638699] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 194.674964] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 194.687991] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 194.736498] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 194.744714] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 194.767798] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 194.821729] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 194.844965] team0: Port device team_slave_0 added [ 194.962383] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 194.997628] team0: Port device team_slave_1 added [ 195.100302] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 195.117622] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 195.138215] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 195.317797] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 195.324727] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 195.337790] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 195.479496] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 195.486685] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 195.507850] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 195.667493] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 195.674733] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 195.687861] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 196.219950] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.226383] bridge0: port 2(bridge_slave_1) entered forwarding state [ 196.233199] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.239653] bridge0: port 1(bridge_slave_0) entered forwarding state [ 196.255631] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 196.263431] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.269897] bridge0: port 2(bridge_slave_1) entered forwarding state [ 196.276598] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.283059] bridge0: port 1(bridge_slave_0) entered forwarding state [ 196.291040] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 196.679088] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 196.697685] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 197.256112] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.262570] bridge0: port 2(bridge_slave_1) entered forwarding state [ 197.269315] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.275690] bridge0: port 1(bridge_slave_0) entered forwarding state [ 197.301822] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 197.686971] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 198.537311] 8021q: adding VLAN 0 to HW filter on device bond0 [ 198.978734] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 199.201488] 8021q: adding VLAN 0 to HW filter on device bond0 [ 199.466296] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 199.484202] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 199.500171] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 199.612485] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 199.948218] 8021q: adding VLAN 0 to HW filter on device team0 [ 200.106818] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 200.114998] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 200.130925] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 200.407369] 8021q: adding VLAN 0 to HW filter on device bond0 [ 200.586632] 8021q: adding VLAN 0 to HW filter on device team0 [ 200.851210] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 201.350045] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 201.356239] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 201.377011] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 201.511564] 8021q: adding VLAN 0 to HW filter on device bond0 [ 201.525282] 8021q: adding VLAN 0 to HW filter on device bond0 [ 201.908003] 8021q: adding VLAN 0 to HW filter on device team0 [ 201.947631] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 201.979759] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 202.438435] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 202.444683] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 202.453891] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 202.518694] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 202.547217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 202.554464] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 202.659023] 8021q: adding VLAN 0 to HW filter on device bond0 [ 202.960028] 8021q: adding VLAN 0 to HW filter on device team0 [ 203.086913] 8021q: adding VLAN 0 to HW filter on device team0 [ 203.097636] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready 17:30:27 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x40000000015, 0x5, 0x0) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000440)=0x1000001, 0x1a6) ppoll(&(0x7f0000000080)=[{r0}], 0x1, &(0x7f0000000100), &(0x7f0000000000), 0x8) 17:30:27 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x40000000015, 0x5, 0x0) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000440)=0x1000001, 0x1a6) ppoll(&(0x7f0000000080)=[{r0}], 0x1, &(0x7f0000000100), &(0x7f0000000000), 0x8) 17:30:27 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x40000000015, 0x5, 0x0) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000440)=0x1000001, 0x1a6) ppoll(&(0x7f0000000080)=[{r0}], 0x1, &(0x7f0000000100), &(0x7f0000000000), 0x8) 17:30:27 executing program 1: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$KDGKBLED(r0, 0xc0045405, &(0x7f0000a07fff)) [ 203.690798] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 203.711199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 203.723275] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 17:30:27 executing program 0: r0 = syz_open_dev$sndpcmp(&(0x7f0000000280)='/dev/snd/pcmC#D#p\x00', 0x8, 0x20300) getsockopt$inet_tcp_buf(r0, 0x6, 0x16, &(0x7f0000000480)=""/4096, &(0x7f0000001480)=0x1000) syz_mount_image$ceph(&(0x7f0000001580)='ceph\x00', &(0x7f00000015c0)='./file0\x00', 0x200, 0x1, &(0x7f0000001680)=[{&(0x7f0000001600)="ce7d6b0da8f8caa6b0036baead28596e234cb34ec20c", 0x16, 0x7ff}], 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket(0x2, 0x1000000000000803, 0x1) ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000001700)="ea00d1c7a44d55800e510a8f4fdbfc68db24c4c23ea73ac402b93d5cd8738de2dcecf28277cb1e4f4709e288ae70c03a66303cc0a74d757ab91058bd4f9b0e7a03e70302a835cb6b2d87d0473ba53f94a437b1f0e4aeba262cf3f00c4d085f0b4ee84411e5f582bcda42f5692c0257ae1007b29185246d3f6f770e188dadb4ee19945fc8f6ec58fd5b77b0672259500d799d82e69af33a6e1b09d70d71308fa532d2f481e567f2a9a173e0207599bd38c75e0c8f6679ea73ec5a367e931c6385a292e26273e5154bdd446563013bfbfc14bb74c5f15f8ad8d275722b600bb877107e3cd113a7a66f21e1c51824ebb4cf14167200c6437a9d0aeb96492dc33ece") syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00') sendmsg$IPVS_CMD_DEL_SERVICE(r1, &(0x7f0000000300)={&(0x7f0000000200), 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[]}, 0x1, 0x0, 0x0, 0x20000000}, 0x4) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f00000014c0)=ANY=[@ANYBLOB='\t L\x00', @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], 0x0) connect$inet(r1, &(0x7f0000390000)={0x2, 0x0, @loopback}, 0x10) r2 = open(&(0x7f0000000000)='./file0\x00', 0x40042, 0x0) ftruncate(r2, 0x10004) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x7a, &(0x7f0000000040)={@link_local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, '>![', 0x44, 0x0, 0x0, @remote, @empty={[0x89ffffff]}, {[], @gre}}}}}, 0x0) sendfile(r1, r2, 0x0, 0xea19) semget$private(0x0, 0x4, 0x0) write$P9_RREADDIR(r2, 0x0, 0x0) setsockopt$inet6_dccp_int(r2, 0x21, 0x0, &(0x7f0000001540)=0x7fff, 0x4) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(0xffffffffffffffff, 0xc0605345, &(0x7f0000000180)={0x0, 0x0, {0xffffffffffffffff, 0x0, 0x3e, 0x3, 0x1f}}) semctl$SEM_STAT(0x0, 0x6, 0x12, 0x0) getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f00000000c0)=@assoc_id=0x0, &(0x7f0000000100)=0x4) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000140)={r3, 0x4, 0x921}, &(0x7f0000000340)=0x8) 17:30:27 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x10, 0x80002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'veth1\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000), 0xc, &(0x7f0000000440)={&(0x7f0000000040)=@ipv4_deladdr={0x20, 0x15, 0x825, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r2}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0) sendmmsg$alg(r1, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)}], 0x492492492492805, 0x0) [ 203.881435] ceph: device name is missing path (no : separator in /dev/loop0) [ 203.917730] hrtimer: interrupt took 63751 ns [ 204.031791] ceph: device name is missing path (no : separator in /dev/loop0) 17:30:27 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000000)={0x80000000011, @dev, 0x0, 0x0, 'Lblcr\x00'}, 0x2c) [ 204.217555] IPVS: Scheduler module ip_vs_Lblcr not found 17:30:28 executing program 1: r0 = socket$nl_xfrm(0x11, 0x3, 0x6) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', 0x0}) bind$packet(r0, &(0x7f0000000240)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local}, 0x14) syz_emit_ethernet(0xe, &(0x7f0000000080)={@link_local, @random="11a015f5a9a6", [], {@generic={0x600}}}, 0x0) [ 204.399817] 8021q: adding VLAN 0 to HW filter on device team0 [ 204.609239] ================================================================== [ 204.616825] BUG: KASAN: use-after-free in __list_del_entry_valid+0xf1/0x100 [ 204.623934] Read of size 8 at addr ffff8881bbf7b030 by task ip/7581 [ 204.630331] [ 204.631964] CPU: 0 PID: 7581 Comm: ip Not tainted 4.20.0-rc6-next-20181210+ #164 [ 204.639496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 204.649385] Call Trace: [ 204.651990] dump_stack+0x244/0x39d [ 204.655647] ? dump_stack_print_info.cold.1+0x20/0x20 [ 204.660854] ? printk+0xa7/0xcf [ 204.664145] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 204.668928] print_address_description.cold.4+0x9/0x1ff [ 204.674323] ? __list_del_entry_valid+0xf1/0x100 [ 204.679094] kasan_report.cold.5+0x1b/0x39 [ 204.683338] ? __list_del_entry_valid+0xf1/0x100 [ 204.688151] ? refcount_sub_and_test_checked+0x180/0x310 [ 204.693617] ? __list_del_entry_valid+0xf1/0x100 [ 204.698386] __asan_report_load8_noabort+0x14/0x20 [ 204.703358] __list_del_entry_valid+0xf1/0x100 [ 204.707958] neigh_mark_dead+0x13b/0x410 [ 204.712029] ? neigh_change_state+0x680/0x680 [ 204.716548] ? kasan_check_write+0x14/0x20 [ 204.720796] ? do_raw_write_lock+0x14f/0x310 [ 204.725214] ? do_raw_read_unlock+0x70/0x70 [ 204.729553] ? __lock_is_held+0xb5/0x140 [ 204.733649] neigh_flush_dev+0x3a1/0x960 [ 204.737726] ? neigh_changeaddr+0x24/0x40 [ 204.741900] ? __neigh_for_each_release+0x4f0/0x4f0 [ 204.746929] ? do_raw_read_unlock+0x70/0x70 [ 204.751252] ? net_to_rxe+0xe1/0x110 [ 204.755045] neigh_changeaddr+0x31/0x40 [ 204.759010] ndisc_netdev_event+0xe6/0x5b0 [ 204.763231] ? ndisc_send_unsol_na+0x500/0x500 [ 204.767806] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 204.773332] ? netconsole_netdev_event+0x7d/0x280 [ 204.778271] notifier_call_chain+0x17e/0x380 [ 204.782743] ? unregister_die_notifier+0x20/0x20 [ 204.787489] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 204.793015] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 204.798635] ? rtnl_is_locked+0xb5/0xf0 [ 204.802595] ? rtnl_trylock+0x20/0x20 [ 204.806395] raw_notifier_call_chain+0x2d/0x40 [ 204.810984] call_netdevice_notifiers_info+0x3f/0x90 [ 204.816073] dev_set_mac_address+0x293/0x3b0 [ 204.820467] ? netdev_state_change+0x1a0/0x1a0 [ 204.825034] ? lru_cache_add+0xa50/0xa50 [ 204.829084] ? cpumask_any_but+0xb1/0xe0 [ 204.833134] do_setlink+0x7c7/0x3f30 [ 204.836843] ? print_usage_bug+0xc0/0xc0 [ 204.840907] ? find_held_lock+0x36/0x1c0 [ 204.844956] ? validate_linkmsg+0xa50/0xa50 [ 204.849267] ? wp_page_copy+0x1a0e/0x2720 [ 204.853403] ? lock_downgrade+0x900/0x900 [ 204.857545] ? mark_held_locks+0x130/0x130 [ 204.861788] ? mark_held_locks+0x130/0x130 [ 204.866012] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 204.871197] ? validate_nla+0x29a/0x1650 [ 204.875244] ? nla_memcmp+0x90/0x90 [ 204.878861] ? mark_held_locks+0x130/0x130 [ 204.883107] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 204.888637] ? rtnl_is_locked+0xb5/0xf0 [ 204.892601] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 204.897616] ? validate_linkmsg+0x271/0xa50 [ 204.901927] ? rtnl_stats_dump+0xd70/0xd70 [ 204.906149] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 204.911677] ? netdev_master_upper_dev_get+0x173/0x250 [ 204.916978] ? __nla_parse+0x12c/0x3e0 [ 204.920870] ? netdev_has_any_upper_dev+0x170/0x170 [ 204.925905] __rtnl_newlink+0xcde/0x19e0 [ 204.930006] ? rtnl_link_unregister+0x390/0x390 [ 204.934673] ? rcu_read_unlock_special+0x370/0x370 [ 204.939599] ? rcu_softirq_qs+0x20/0x20 [ 204.943583] ? unwind_dump+0x190/0x190 [ 204.947503] ? is_bpf_text_address+0xd3/0x170 [ 204.951999] ? kernel_text_address+0x79/0xf0 [ 204.956423] ? __kernel_text_address+0xd/0x40 [ 204.960925] ? unwind_get_return_address+0x61/0xa0 [ 204.965860] ? __save_stack_trace+0x8d/0xf0 [ 204.970375] ? save_stack+0xa9/0xd0 [ 204.974004] ? save_stack+0x43/0xd0 [ 204.977641] ? kasan_kmalloc+0xcb/0xd0 [ 204.981528] ? kmem_cache_alloc_trace+0x154/0x740 [ 204.986371] ? rtnl_newlink+0x4d/0xa0 [ 204.990167] ? rtnetlink_rcv_msg+0x46a/0xc20 [ 204.994575] ? netlink_rcv_skb+0x172/0x440 [ 204.998811] ? rtnetlink_rcv+0x1c/0x20 [ 205.002698] ? netlink_unicast+0x5a5/0x760 [ 205.006929] ? netlink_sendmsg+0xa18/0xfc0 [ 205.011209] ? rtnl_newlink+0x4d/0xa0 [ 205.015013] ? rcu_read_lock_sched_held+0x14f/0x180 [ 205.020033] ? kmem_cache_alloc_trace+0x356/0x740 [ 205.024877] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 205.030169] ? ns_capable_common+0x13f/0x170 [ 205.034584] ? rcu_read_unlock_special+0x370/0x370 [ 205.039535] rtnl_newlink+0x6b/0xa0 [ 205.043165] ? __rtnl_newlink+0x19e0/0x19e0 [ 205.047488] rtnetlink_rcv_msg+0x46a/0xc20 [ 205.051743] ? rtnl_fdb_dump+0xd00/0xd00 [ 205.055819] netlink_rcv_skb+0x172/0x440 [ 205.059885] ? rtnl_fdb_dump+0xd00/0xd00 [ 205.063951] ? netlink_ack+0xb80/0xb80 [ 205.067836] ? rcu_read_unlock_special+0x370/0x370 [ 205.072782] rtnetlink_rcv+0x1c/0x20 [ 205.076497] netlink_unicast+0x5a5/0x760 [ 205.080564] ? netlink_attachskb+0x9a0/0x9a0 [ 205.084976] ? aa_sk_perm+0x22b/0x8e0 [ 205.088777] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 205.093804] netlink_sendmsg+0xa18/0xfc0 [ 205.097875] ? netlink_unicast+0x760/0x760 [ 205.102122] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 205.107061] ? apparmor_socket_sendmsg+0x29/0x30 [ 205.111821] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 205.117365] ? security_socket_sendmsg+0x94/0xc0 [ 205.122125] ? netlink_unicast+0x760/0x760 [ 205.126365] sock_sendmsg+0xd5/0x120 [ 205.130085] ___sys_sendmsg+0x7fd/0x930 [ 205.134070] ? copy_msghdr_from_user+0x580/0x580 [ 205.138862] ? graph_lock+0x270/0x270 [ 205.142673] ? graph_lock+0x270/0x270 [ 205.146480] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 205.152023] ? __fget_light+0x2e9/0x430 [ 205.156001] ? fget_raw+0x20/0x20 [ 205.159454] ? find_held_lock+0x36/0x1c0 [ 205.163525] ? __do_page_fault+0x62e/0xd70 [ 205.167795] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 205.173335] ? sockfd_lookup_light+0xc5/0x160 [ 205.177835] __sys_sendmsg+0x11d/0x280 [ 205.181727] ? __ia32_sys_shutdown+0x80/0x80 [ 205.186137] ? kasan_check_write+0x14/0x20 [ 205.190373] ? up_read+0x225/0x2c0 [ 205.193916] ? up_read_non_owner+0x100/0x100 [ 205.198332] ? do_syscall_64+0x9a/0x820 [ 205.202335] ? do_syscall_64+0x9a/0x820 [ 205.206319] ? trace_hardirqs_off_caller+0x310/0x310 [ 205.211440] __x64_sys_sendmsg+0x78/0xb0 [ 205.215505] do_syscall_64+0x1b9/0x820 [ 205.219394] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 205.224765] ? syscall_return_slowpath+0x5e0/0x5e0 [ 205.229697] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 205.234549] ? trace_hardirqs_on_caller+0x310/0x310 [ 205.239570] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 205.244669] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 205.250217] ? prepare_exit_to_usermode+0x291/0x3b0 [ 205.255245] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 205.260153] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 205.265345] RIP: 0033:0x7f2b80f6f320 [ 205.269065] Code: 02 48 83 c8 ff eb 8d 48 8b 05 14 7b 2a 00 f7 da 64 89 10 48 83 c8 ff eb c9 90 83 3d d5 d2 2a 00 00 75 10 b8 2e 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 5e ba 00 00 48 89 04 24 [ 205.287973] RSP: 002b:00007ffdf187adf8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 205.295695] RAX: ffffffffffffffda RBX: 00007ffdf187eef0 RCX: 00007f2b80f6f320 [ 205.302974] RDX: 0000000000000000 RSI: 00007ffdf187ae30 RDI: 0000000000000003 [ 205.310248] RBP: 00007ffdf187ae30 R08: 0000000000000000 R09: 0000000000000000 [ 205.317519] R10: 0000000000000000 R11: 0000000000000246 R12: 000000005c1145b6 [ 205.324795] R13: 0000000000000000 R14: 00000000006395c0 R15: 00007ffdf187f6d0 [ 205.332076] [ 205.333706] Allocated by task 5: [ 205.337079] save_stack+0x43/0xd0 [ 205.340528] kasan_kmalloc+0xcb/0xd0 [ 205.344239] __kmalloc+0x15d/0x760 [ 205.347778] ___neigh_create+0x13fc/0x2600 [ 205.352012] __neigh_create+0x30/0x40 [ 205.355809] ip6_finish_output2+0xa64/0x2940 [ 205.360212] ip6_finish_output+0x58c/0xc60 [ 205.364441] ip6_output+0x232/0x9d0 [ 205.368064] ndisc_send_skb+0x1005/0x1560 [ 205.372215] ndisc_send_rs+0x134/0x6e0 [ 205.376106] addrconf_dad_completed+0x331/0xbf0 [ 205.380774] addrconf_dad_work+0x77b/0x1310 [ 205.385104] process_one_work+0xc90/0x1c40 [ 205.389353] worker_thread+0x17f/0x1390 [ 205.393329] kthread+0x35a/0x440 [ 205.396698] ret_from_fork+0x3a/0x50 [ 205.400400] [ 205.402024] Freed by task 7458: [ 205.405305] save_stack+0x43/0xd0 [ 205.408757] __kasan_slab_free+0x102/0x150 [ 205.412991] kasan_slab_free+0xe/0x10 [ 205.416785] kfree+0xcf/0x230 [ 205.419894] rcu_process_callbacks+0xd91/0x15f0 [ 205.424563] __do_softirq+0x308/0xb7e [ 205.428349] [ 205.429972] The buggy address belongs to the object at ffff8881bbf7adc0 [ 205.429972] which belongs to the cache kmalloc-1k of size 1024 [ 205.442693] The buggy address is located 624 bytes inside of [ 205.442693] 1024-byte region [ffff8881bbf7adc0, ffff8881bbf7b1c0) [ 205.454665] The buggy address belongs to the page: [ 205.459604] page:ffffea0006efde80 count:1 mapcount:0 mapping:ffff8881da800ac0 index:0x0 compound_mapcount: 0 [ 205.469590] flags: 0x2fffc0000010200(slab|head) [ 205.474294] raw: 02fffc0000010200 ffffea0006f81908 ffffea0006ee8688 ffff8881da800ac0 [ 205.482198] raw: 0000000000000000 ffff8881bbf7a040 0000000100000007 0000000000000000 [ 205.490076] page dumped because: kasan: bad access detected [ 205.495783] [ 205.497401] Memory state around the buggy address: [ 205.502329] ffff8881bbf7af00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 205.509692] ffff8881bbf7af80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 205.517052] >ffff8881bbf7b000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 205.524408] ^ [ 205.529350] ffff8881bbf7b080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 205.536757] ffff8881bbf7b100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 205.544115] ================================================================== [ 205.551469] Disabling lock debugging due to kernel taint [ 205.557005] Kernel panic - not syncing: panic_on_warn set ... [ 205.562903] CPU: 0 PID: 7581 Comm: ip Tainted: G B 4.20.0-rc6-next-20181210+ #164 [ 205.571819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 205.581167] Call Trace: [ 205.583762] dump_stack+0x244/0x39d [ 205.587396] ? dump_stack_print_info.cold.1+0x20/0x20 [ 205.592592] ? __list_del_entry_valid+0x10/0x100 [ 205.597353] panic+0x2ad/0x632 [ 205.600543] ? add_taint.cold.5+0x16/0x16 [ 205.604696] ? trace_hardirqs_on+0xb4/0x310 [ 205.609023] ? __list_del_entry_valid+0xf1/0x100 [ 205.613776] end_report+0x47/0x4f [ 205.617230] kasan_report.cold.5+0xe/0x39 [ 205.621405] ? __list_del_entry_valid+0xf1/0x100 [ 205.626194] ? refcount_sub_and_test_checked+0x180/0x310 [ 205.631652] ? __list_del_entry_valid+0xf1/0x100 [ 205.636426] __asan_report_load8_noabort+0x14/0x20 [ 205.641362] __list_del_entry_valid+0xf1/0x100 [ 205.645969] neigh_mark_dead+0x13b/0x410 [ 205.650222] ? neigh_change_state+0x680/0x680 [ 205.654720] ? kasan_check_write+0x14/0x20 [ 205.658950] ? do_raw_write_lock+0x14f/0x310 [ 205.663382] ? do_raw_read_unlock+0x70/0x70 [ 205.667726] ? __lock_is_held+0xb5/0x140 [ 205.671792] neigh_flush_dev+0x3a1/0x960 [ 205.675854] ? neigh_changeaddr+0x24/0x40 [ 205.680014] ? __neigh_for_each_release+0x4f0/0x4f0 [ 205.685028] ? do_raw_read_unlock+0x70/0x70 [ 205.689363] ? net_to_rxe+0xe1/0x110 [ 205.693083] neigh_changeaddr+0x31/0x40 [ 205.697059] ndisc_netdev_event+0xe6/0x5b0 [ 205.701289] ? ndisc_send_unsol_na+0x500/0x500 [ 205.705884] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 205.711426] ? netconsole_netdev_event+0x7d/0x280 [ 205.716284] notifier_call_chain+0x17e/0x380 [ 205.720699] ? unregister_die_notifier+0x20/0x20 [ 205.725459] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 205.731001] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 205.736539] ? rtnl_is_locked+0xb5/0xf0 [ 205.740526] ? rtnl_trylock+0x20/0x20 [ 205.744332] raw_notifier_call_chain+0x2d/0x40 [ 205.748929] call_netdevice_notifiers_info+0x3f/0x90 [ 205.754042] dev_set_mac_address+0x293/0x3b0 [ 205.758445] ? netdev_state_change+0x1a0/0x1a0 [ 205.763022] ? lru_cache_add+0xa50/0xa50 [ 205.767083] ? cpumask_any_but+0xb1/0xe0 [ 205.771150] do_setlink+0x7c7/0x3f30 [ 205.774863] ? print_usage_bug+0xc0/0xc0 [ 205.778958] ? find_held_lock+0x36/0x1c0 [ 205.783051] ? validate_linkmsg+0xa50/0xa50 [ 205.787369] ? wp_page_copy+0x1a0e/0x2720 [ 205.791522] ? lock_downgrade+0x900/0x900 [ 205.795672] ? mark_held_locks+0x130/0x130 [ 205.799927] ? mark_held_locks+0x130/0x130 [ 205.804169] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 205.809366] ? validate_nla+0x29a/0x1650 [ 205.813425] ? nla_memcmp+0x90/0x90 [ 205.817050] ? mark_held_locks+0x130/0x130 [ 205.821290] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 205.826829] ? rtnl_is_locked+0xb5/0xf0 [ 205.830804] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 205.835825] ? validate_linkmsg+0x271/0xa50 [ 205.840147] ? rtnl_stats_dump+0xd70/0xd70 [ 205.844383] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 205.849920] ? netdev_master_upper_dev_get+0x173/0x250 [ 205.855201] ? __nla_parse+0x12c/0x3e0 [ 205.859088] ? netdev_has_any_upper_dev+0x170/0x170 [ 205.864106] __rtnl_newlink+0xcde/0x19e0 [ 205.868175] ? rtnl_link_unregister+0x390/0x390 [ 205.872841] ? rcu_read_unlock_special+0x370/0x370 [ 205.877768] ? rcu_softirq_qs+0x20/0x20 [ 205.881738] ? unwind_dump+0x190/0x190 [ 205.885636] ? is_bpf_text_address+0xd3/0x170 [ 205.890133] ? kernel_text_address+0x79/0xf0 [ 205.894539] ? __kernel_text_address+0xd/0x40 [ 205.899035] ? unwind_get_return_address+0x61/0xa0 [ 205.903965] ? __save_stack_trace+0x8d/0xf0 [ 205.908296] ? save_stack+0xa9/0xd0 [ 205.911918] ? save_stack+0x43/0xd0 [ 205.915549] ? kasan_kmalloc+0xcb/0xd0 [ 205.919432] ? kmem_cache_alloc_trace+0x154/0x740 [ 205.924269] ? rtnl_newlink+0x4d/0xa0 [ 205.928061] ? rtnetlink_rcv_msg+0x46a/0xc20 [ 205.932478] ? netlink_rcv_skb+0x172/0x440 [ 205.936722] ? rtnetlink_rcv+0x1c/0x20 [ 205.940615] ? netlink_unicast+0x5a5/0x760 [ 205.944844] ? netlink_sendmsg+0xa18/0xfc0 [ 205.949100] ? rtnl_newlink+0x4d/0xa0 [ 205.952906] ? rcu_read_lock_sched_held+0x14f/0x180 [ 205.957929] ? kmem_cache_alloc_trace+0x356/0x740 [ 205.962769] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 205.968042] ? ns_capable_common+0x13f/0x170 [ 205.972453] ? rcu_read_unlock_special+0x370/0x370 [ 205.977384] rtnl_newlink+0x6b/0xa0 [ 205.981011] ? __rtnl_newlink+0x19e0/0x19e0 [ 205.985330] rtnetlink_rcv_msg+0x46a/0xc20 [ 205.989581] ? rtnl_fdb_dump+0xd00/0xd00 [ 205.993660] netlink_rcv_skb+0x172/0x440 [ 205.997719] ? rtnl_fdb_dump+0xd00/0xd00 [ 206.001782] ? netlink_ack+0xb80/0xb80 [ 206.005665] ? rcu_read_unlock_special+0x370/0x370 [ 206.010601] rtnetlink_rcv+0x1c/0x20 [ 206.014325] netlink_unicast+0x5a5/0x760 [ 206.018387] ? netlink_attachskb+0x9a0/0x9a0 [ 206.022799] ? aa_sk_perm+0x22b/0x8e0 [ 206.026599] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 206.031639] netlink_sendmsg+0xa18/0xfc0 [ 206.035702] ? netlink_unicast+0x760/0x760 [ 206.039949] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 206.044889] ? apparmor_socket_sendmsg+0x29/0x30 [ 206.049653] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 206.055208] ? security_socket_sendmsg+0x94/0xc0 [ 206.059962] ? netlink_unicast+0x760/0x760 [ 206.064195] sock_sendmsg+0xd5/0x120 [ 206.067911] ___sys_sendmsg+0x7fd/0x930 [ 206.071889] ? copy_msghdr_from_user+0x580/0x580 [ 206.076647] ? graph_lock+0x270/0x270 [ 206.080449] ? graph_lock+0x270/0x270 [ 206.084254] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 206.089790] ? __fget_light+0x2e9/0x430 [ 206.093767] ? fget_raw+0x20/0x20 [ 206.097218] ? find_held_lock+0x36/0x1c0 [ 206.101281] ? __do_page_fault+0x62e/0xd70 [ 206.105523] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 206.111061] ? sockfd_lookup_light+0xc5/0x160 [ 206.115557] __sys_sendmsg+0x11d/0x280 [ 206.119441] ? __ia32_sys_shutdown+0x80/0x80 [ 206.123851] ? kasan_check_write+0x14/0x20 [ 206.128085] ? up_read+0x225/0x2c0 [ 206.131631] ? up_read_non_owner+0x100/0x100 [ 206.136043] ? do_syscall_64+0x9a/0x820 [ 206.140019] ? do_syscall_64+0x9a/0x820 [ 206.143999] ? trace_hardirqs_off_caller+0x310/0x310 [ 206.149107] __x64_sys_sendmsg+0x78/0xb0 [ 206.153170] do_syscall_64+0x1b9/0x820 [ 206.157058] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 206.162429] ? syscall_return_slowpath+0x5e0/0x5e0 [ 206.167357] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 206.172206] ? trace_hardirqs_on_caller+0x310/0x310 [ 206.177223] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 206.182244] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 206.187783] ? prepare_exit_to_usermode+0x291/0x3b0 [ 206.192804] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 206.197656] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 206.202844] RIP: 0033:0x7f2b80f6f320 [ 206.206564] Code: 02 48 83 c8 ff eb 8d 48 8b 05 14 7b 2a 00 f7 da 64 89 10 48 83 c8 ff eb c9 90 83 3d d5 d2 2a 00 00 75 10 b8 2e 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 5e ba 00 00 48 89 04 24 [ 206.225473] RSP: 002b:00007ffdf187adf8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 206.233190] RAX: ffffffffffffffda RBX: 00007ffdf187eef0 RCX: 00007f2b80f6f320 [ 206.240456] RDX: 0000000000000000 RSI: 00007ffdf187ae30 RDI: 0000000000000003 [ 206.247725] RBP: 00007ffdf187ae30 R08: 0000000000000000 R09: 0000000000000000 [ 206.254991] R10: 0000000000000000 R11: 0000000000000246 R12: 000000005c1145b6 [ 206.262261] R13: 0000000000000000 R14: 00000000006395c0 R15: 00007ffdf187f6d0 [ 206.270481] Kernel Offset: disabled [ 206.274110] Rebooting in 86400 seconds..