[   31.756611] 8021q: adding VLAN 0 to HW filter on device team0
[   32.079221] device bridge_slave_1 left promiscuous mode
[   32.086546] bridge0: port 2(bridge_slave_1) entered disabled state
[   32.102308] device bridge_slave_0 left promiscuous mode
[   32.112448] bridge0: port 1(bridge_slave_0) entered disabled state
[   32.146056] team0 (unregistering): Port device team_slave_1 removed
[   32.159595] team0 (unregistering): Port device team_slave_0 removed
[   32.171009] bond0 (unregistering): Releasing backup interface bond_slave_1
[   32.187354] bond0 (unregistering): Releasing backup interface bond_slave_0
[   32.219270] bond0 (unregistering): Released all slaves
Warning: Permanently added '10.128.10.23' (ECDSA) to the list of known hosts.
2019/11/28 10:12:12 parsed 1 programs
2019/11/28 10:12:12 executed programs: 0
[   38.919707] IPVS: ftp: loaded support on port[0] = 21
[   38.950427] IPVS: ftp: loaded support on port[0] = 21
[   38.979672] IPVS: ftp: loaded support on port[0] = 21
[   39.010745] IPVS: ftp: loaded support on port[0] = 21
[   39.068203] IPVS: ftp: loaded support on port[0] = 21
[   39.209759] IPVS: ftp: loaded support on port[0] = 21
[   39.291783] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.298334] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.305631] device bridge_slave_0 entered promiscuous mode
[   39.340261] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.346819] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.354053] device bridge_slave_1 entered promiscuous mode
[   39.373520] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.380107] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.387325] device bridge_slave_0 entered promiscuous mode
[   39.411432] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   39.429849] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.436661] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.443810] device bridge_slave_1 entered promiscuous mode
[   39.451891] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   39.473933] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   39.511047] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   39.519599] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.529144] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.539733] device bridge_slave_0 entered promiscuous mode
[   39.574399] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.581198] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.589203] device bridge_slave_0 entered promiscuous mode
[   39.602304] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.608806] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.616426] device bridge_slave_1 entered promiscuous mode
[   39.649059] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   39.663131] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   39.672163] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.683674] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.690836] device bridge_slave_1 entered promiscuous mode
[   39.713581] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   39.723761] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   39.760581] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   39.769873] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   39.801711] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   39.845271] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   39.861399] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.870637] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.877947] device bridge_slave_0 entered promiscuous mode
[   39.900094] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   39.916742] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.926182] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.934110] device bridge_slave_1 entered promiscuous mode
[   39.971202] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   39.995555] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   40.020929] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   40.031317] team0: Port device team_slave_0 added
[   40.039869] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   40.047414] team0: Port device team_slave_0 added
[   40.064098] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   40.075205] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   40.088258] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   40.095833] team0: Port device team_slave_1 added
[   40.103655] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.112868] bridge0: port 1(bridge_slave_0) entered disabled state
[   40.120644] device bridge_slave_0 entered promiscuous mode
[   40.131245] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   40.146287] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   40.162332] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   40.169757] team0: Port device team_slave_1 added
[   40.190587] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   40.202955] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.217140] bridge0: port 2(bridge_slave_1) entered disabled state
[   40.224480] device bridge_slave_1 entered promiscuous mode
[   40.258317] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   40.277313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   40.294627] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   40.303467] team0: Port device team_slave_0 added
[   40.316039] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   40.326805] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   40.335823] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   40.345727] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   40.368502] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   40.381312] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   40.389598] team0: Port device team_slave_1 added
[   40.396113] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   40.409069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   40.419979] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   40.430760] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   40.438466] team0: Port device team_slave_0 added
[   40.446052] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   40.470325] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   40.506306] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   40.520081] team0: Port device team_slave_1 added
[   40.530621] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   40.556434] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   40.574505] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   40.586693] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   40.626479] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   40.641733] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   40.676480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   40.705631] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   40.716120] team0: Port device team_slave_0 added
[   40.726808] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   40.793059] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   40.800788] team0: Port device team_slave_1 added
[   40.851683] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.858129] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.864789] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.871234] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.909678] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   40.935582] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   40.956521] team0: Port device team_slave_0 added
[   40.972378] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   41.013911] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.020366] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.027065] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.033471] bridge0: port 1(bridge_slave_0) entered forwarding state
[   41.044594] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   41.051968] team0: Port device team_slave_1 added
[   41.064447] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   41.104483] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   41.128058] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   41.154615] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.161078] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.167759] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.174154] bridge0: port 1(bridge_slave_0) entered forwarding state
[   41.201285] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   41.248844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   41.267587] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.274063] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.280771] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.287173] bridge0: port 1(bridge_slave_0) entered forwarding state
[   41.312877] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   41.630726] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.637164] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.643858] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.650435] bridge0: port 1(bridge_slave_0) entered forwarding state
[   41.790947] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.797418] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.804178] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.810616] bridge0: port 1(bridge_slave_0) entered forwarding state
[   42.766808] 8021q: adding VLAN 0 to HW filter on device bond0
[   42.911220] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   42.987645] 8021q: adding VLAN 0 to HW filter on device bond0
[   43.082834] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   43.139829] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   43.180959] 8021q: adding VLAN 0 to HW filter on device bond0
[   43.238140] 8021q: adding VLAN 0 to HW filter on device bond0
[   43.248695] 8021q: adding VLAN 0 to HW filter on device team0
[   43.315472] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   43.347282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   43.387334] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   43.474303] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   43.487586] 8021q: adding VLAN 0 to HW filter on device bond0
[   43.501238] 8021q: adding VLAN 0 to HW filter on device team0
[   43.562509] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   43.632956] 8021q: adding VLAN 0 to HW filter on device team0
[   43.677507] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   43.707295] 8021q: adding VLAN 0 to HW filter on device bond0
[   43.721133] 8021q: adding VLAN 0 to HW filter on device team0
[   43.817605] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   43.842885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   43.941236] 8021q: adding VLAN 0 to HW filter on device team0
[   43.972413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   44.154221] 8021q: adding VLAN 0 to HW filter on device team0
[   44.395256] FAULT_INJECTION: forcing a failure.
[   44.395256] name failslab, interval 1, probability 0, space 0, times 1
[   44.433059] CPU: 0 PID: 5647 Comm: syz-executor2 Not tainted 4.13.0-rc4-syzkaller #0
[   44.440993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   44.450480] Call Trace:
[   44.453080]  dump_stack+0x145/0x1e7
[   44.456720]  ? arch_local_irq_restore+0x43/0x43
[   44.461408]  ? ip_finish_output2+0x865/0x1400
[   44.465947]  ? trace_hardirqs_on+0xd/0x10
[   44.470117]  ? __local_bh_enable_ip+0x9d/0x160
[   44.474722]  should_fail.cold.4+0xc/0x19
[   44.478845]  ? fault_create_debugfs_attr+0x1a0/0x1a0
[   44.483978]  ? __lock_is_held+0xb5/0x140
[   44.488058]  ? rt_cpu_seq_show+0x2d0/0x2d0
[   44.492311]  ? debug_check_no_locks_freed+0x310/0x310
[   44.497736]  ? trace_hardirqs_off+0x10/0x10
[   44.502191]  should_failslab+0xba/0xf0
[   44.504615] FAULT_INJECTION: forcing a failure.
[   44.504615] name failslab, interval 1, probability 0, space 0, times 1
[   44.517257]  kmem_cache_alloc_trace+0x44/0x770
[   44.521826]  ? mod_timer_pending+0x10f0/0x10f0
[   44.526687]  dccp_ackvec_parsed_add+0x96/0x300
[   44.531409]  ? dccp_ackvec_purge_records+0x1d0/0x1d0
[   44.536523]  ccid2_hc_tx_parse_options+0x5b/0x80
[   44.541419]  dccp_parse_options+0x542/0x1050
[   44.545840]  dccp_rcv_established+0x23/0x70
[   44.550154]  dccp_v4_do_rcv+0xfa/0x160
[   44.554377]  __release_sock+0x10b/0x330
[   44.558374]  release_sock+0x9a/0x270
[   44.562087]  ? trace_hardirqs_on+0xd/0x10
[   44.566224]  ? __release_sock+0x330/0x330
[   44.570360]  ? dccp_qpolicy_top+0x67/0x80
[   44.574496]  ? dccp_write_xmit+0x3b/0x180
[   44.578627]  dccp_sendmsg+0x590/0xd10
[   44.582415]  ? lock_release+0x9d0/0x9d0
[   44.586372]  ? trace_event_raw_event_sched_switch+0x680/0x680
[   44.592252]  ? dccp_getsockopt+0xd0/0xd0
[   44.596301]  ? import_iovec+0x99/0x500
[   44.600172]  ? dup_iter+0x250/0x250
[   44.603791]  ? kasan_check_write+0x14/0x20
[   44.608018]  inet_sendmsg+0x148/0x5a0
[   44.611808]  ? copy_msghdr_from_user+0x2f7/0x5c0
[   44.616550]  ? rcu_pm_notify+0xc0/0xc0
[   44.620421]  ? inet_recvmsg+0x790/0x790
[   44.624379]  ? SYSC_sendto+0x6c0/0x6c0
[   44.628288]  ? inet_recvmsg+0x790/0x790
[   44.632254]  sock_sendmsg+0xb5/0xf0
[   44.635870]  ___sys_sendmsg+0x2b9/0x9d0
[   44.639850]  ? preempt_notifier_dec+0x20/0x20
[   44.644350]  ? copy_msghdr_from_user+0x5c0/0x5c0
[   44.649104]  ? __schedule+0x83c/0x1f70
[   44.653005]  ? find_held_lock+0x36/0x1c0
[   44.657058]  ? lock_downgrade+0x830/0x830
[   44.661190]  ? get_pid_task+0x8f/0x100
[   44.665072]  ? trace_event_raw_event_sched_switch+0x680/0x680
[   44.670943]  ? __might_sleep+0x93/0xb0
[   44.674820]  __sys_sendmmsg+0x1b6/0x5c0
[   44.678782]  ? SyS_sendmsg+0x20/0x20
[   44.682488]  ? __lock_is_held+0xb5/0x140
[   44.686542]  ? __sb_end_write+0x8a/0xb0
[   44.690560]  ? mutex_unlock+0xd/0x10
[   44.694285]  ? __f_unlock_pos+0xd/0x10
[   44.698187]  ? entry_SYSCALL_64_fastpath+0x5/0xc2
[   44.703027]  ? trace_hardirqs_on_caller+0x40c/0x580
[   44.708033]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   44.712783]  SyS_sendmmsg+0xd/0x20
[   44.716315]  entry_SYSCALL_64_fastpath+0x23/0xc2
[   44.721059] RIP: 0033:0x455b59
[   44.724231] RSP: 002b:00007f9582ccbc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   44.731924] RAX: ffffffffffffffda RBX: 00007f9582ccc6d4 RCX: 0000000000455b59
[   44.739197] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005
[   44.746464] RBP: 0000000000000082 R08: 0000000000000000 R09: 0000000000000000
[   44.753748] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004ba6fd
[   44.761030] R13: 00007f9582ccbbb8 R14: 00000000004ba6fd R15: 0000000000000000
[   44.768318] CPU: 1 PID: 5682 Comm: syz-executor Not tainted 4.13.0-rc4-syzkaller #0
[   44.771275] dccp_parse_options: DCCP(ffff8801d84c40c0): Option 38 (len=1) error=5
[   44.783756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   44.793120] Call Trace:
[   44.795720]  dump_stack+0x145/0x1e7
[   44.799359]  ? arch_local_irq_restore+0x43/0x43
[   44.804049]  ? ip_finish_output2+0x865/0x1400
[   44.808566]  ? trace_hardirqs_on+0xd/0x10
[   44.812731]  ? __local_bh_enable_ip+0x9d/0x160
[   44.817337]  should_fail.cold.4+0xc/0x19
[   44.821449]  ? fault_create_debugfs_attr+0x1a0/0x1a0
[   44.826582]  ? __lock_is_held+0xb5/0x140
[   44.830657]  ? rt_cpu_seq_show+0x2d0/0x2d0
[   44.834912]  ? debug_check_no_locks_freed+0x310/0x310
[   44.840129]  ? trace_hardirqs_off+0x10/0x10
[   44.844467]  should_failslab+0xba/0xf0
[   44.848370]  kmem_cache_alloc_trace+0x44/0x770
[   44.852965]  ? mod_timer_pending+0x10f0/0x10f0
[   44.857575]  dccp_ackvec_parsed_add+0x96/0x300
[   44.862173]  ? dccp_ackvec_purge_records+0x1d0/0x1d0
[   44.867298]  ccid2_hc_tx_parse_options+0x5b/0x80
[   44.872069]  dccp_parse_options+0x542/0x1050
[   44.876498]  dccp_rcv_established+0x23/0x70
[   44.880898]  dccp_v4_do_rcv+0xfa/0x160
[   44.884809]  __release_sock+0x10b/0x330
[   44.888808]  release_sock+0x9a/0x270
[   44.892717]  ? trace_hardirqs_on+0xd/0x10
[   44.896883]  ? __release_sock+0x330/0x330
[   44.901046]  ? dccp_qpolicy_top+0x67/0x80
[   44.905214]  ? dccp_write_xmit+0x3b/0x180
[   44.909387]  dccp_sendmsg+0x590/0xd10
[   44.913198]  ? lock_release+0x9d0/0x9d0
[   44.917187]  ? trace_event_raw_event_sched_switch+0x680/0x680
[   44.923088]  ? dccp_getsockopt+0xd0/0xd0
[   44.927160]  ? import_iovec+0x99/0x500
[   44.931060]  ? dup_iter+0x250/0x250
[   44.934701]  ? kasan_check_write+0x14/0x20
[   44.938952]  inet_sendmsg+0x148/0x5a0
[   44.942764]  ? copy_msghdr_from_user+0x2f7/0x5c0
[   44.947616]  ? rcu_pm_notify+0xc0/0xc0
[   44.951513]  ? inet_recvmsg+0x790/0x790
[   44.955495]  ? SYSC_sendto+0x6c0/0x6c0
[   44.959396]  ? inet_recvmsg+0x790/0x790
[   44.963377]  sock_sendmsg+0xb5/0xf0
[   44.967050]  ___sys_sendmsg+0x2b9/0x9d0
[   44.971040]  ? expand_files.part.8+0x900/0x900
[   44.975624]  ? trace_hardirqs_off+0x10/0x10
[   44.980092]  ? copy_msghdr_from_user+0x5c0/0x5c0
[   44.984868]  ? __fsnotify_update_child_dentry_flags.part.2+0x290/0x290
[   44.985332] FAULT_INJECTION: forcing a failure.
[   44.985332] name failslab, interval 1, probability 0, space 0, times 0
[   45.002713]  ? find_held_lock+0x36/0x1c0
[   45.006771]  ? lock_downgrade+0x830/0x830
[   45.010905]  ? get_pid_task+0x8f/0x100
[   45.014784]  ? trace_event_raw_event_sched_switch+0x680/0x680
[   45.020656]  ? __might_sleep+0x93/0xb0
[   45.024565]  __sys_sendmmsg+0x1b6/0x5c0
[   45.028544]  ? SyS_sendmsg+0x20/0x20
[   45.032255]  ? __lock_is_held+0xb5/0x140
[   45.036312]  ? __sb_end_write+0x8a/0xb0
[   45.040280]  ? mutex_unlock+0xd/0x10
[   45.043982]  ? __f_unlock_pos+0xd/0x10
[   45.047886]  ? entry_SYSCALL_64_fastpath+0x5/0xc2
[   45.052715]  ? trace_hardirqs_on_caller+0x40c/0x580
[   45.057726]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   45.062474]  SyS_sendmmsg+0xd/0x20
[   45.066004]  entry_SYSCALL_64_fastpath+0x23/0xc2
[   45.070746] RIP: 0033:0x455b59
[   45.073934] RSP: 002b:00007f81cf388c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   45.081649] RAX: ffffffffffffffda RBX: 00007f81cf3896d4 RCX: 0000000000455b59
[   45.088915] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005
[   45.096174] RBP: 0000000000000082 R08: 0000000000000000 R09: 0000000000000000
[   45.103434] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004ba6fd
[   45.110721] R13: 00007f81cf388bb8 R14: 00000000004ba6fd R15: 0000000000000000
[   45.118007] CPU: 0 PID: 5711 Comm: syz-executor3 Not tainted 4.13.0-rc4-syzkaller #0
[   45.120955] dccp_parse_options: DCCP(ffff8801c7356ac0): Option 38 (len=1) error=5
[   45.133704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   45.143070] Call Trace:
2019/11/28 10:12:18 executed programs: 6
[   45.145672]  dump_stack+0x145/0x1e7
[   45.149308]  ? arch_local_irq_restore+0x43/0x43
[   45.153994]  ? __kmalloc_node_track_caller+0x33/0x70
[   45.159116]  ? __kmalloc_node_track_caller+0x33/0x70
[   45.164237]  should_fail.cold.4+0xc/0x19
[   45.168316]  ? fault_create_debugfs_attr+0x1a0/0x1a0
[   45.173441]  ? debug_check_no_locks_freed+0x310/0x310
[   45.178666]  ? debug_check_no_locks_freed+0x310/0x310
[   45.183895]  ? debug_check_no_locks_freed+0x310/0x310
[   45.189100]  ? trace_hardirqs_off+0x10/0x10
[   45.193438]  ? print_usage_bug+0xc0/0xc0
[   45.197511]  ? trace_hardirqs_off+0x10/0x10
[   45.201855]  should_failslab+0xba/0xf0
[   45.205751]  kmem_cache_alloc+0x40/0x760
[   45.209819]  ? print_usage_bug+0xc0/0xc0
[   45.213892]  dccp_ackvec_update_records+0x7a/0x500
[   45.214288] FAULT_INJECTION: forcing a failure.
[   45.214288] name failslab, interval 1, probability 0, space 0, times 0
[   45.230080]  ? dccp_ackvec_free+0x30/0x30
[   45.234218]  ? lock_release+0x9d0/0x9d0
[   45.238182]  dccp_insert_options+0x67a/0xb20
[   45.242927]  dccp_transmit_skb+0x194/0x1250
[   45.247234]  ? skb_unlink+0xeb/0x160
[   45.250938]  dccp_xmit_packet+0x1e5/0x6a0
[   45.255073]  ? _raw_spin_unlock_irqrestore+0x74/0xc0
[   45.260158]  ? dccp_send_sync+0x2a0/0x2a0
[   45.264302]  ? trace_hardirqs_on+0xd/0x10
[   45.268439]  dccp_write_xmit+0x125/0x180
[   45.272498]  dccp_sendmsg+0x871/0xd10
[   45.276284]  ? lock_release+0x9d0/0x9d0
[   45.280242]  ? trace_event_raw_event_sched_switch+0x680/0x680
[   45.286113]  ? dccp_getsockopt+0xd0/0xd0
[   45.290161]  ? import_iovec+0x99/0x500
[   45.294063]  ? dup_iter+0x250/0x250
[   45.297693]  ? kasan_check_write+0x14/0x20
[   45.301930]  inet_sendmsg+0x148/0x5a0
[   45.305720]  ? copy_msghdr_from_user+0x2f7/0x5c0
[   45.310461]  ? rcu_pm_notify+0xc0/0xc0
[   45.314338]  ? inet_recvmsg+0x790/0x790
[   45.318294]  ? SYSC_sendto+0x6c0/0x6c0
[   45.322196]  ? inet_recvmsg+0x790/0x790
[   45.326169]  sock_sendmsg+0xb5/0xf0
[   45.329795]  ___sys_sendmsg+0x2b9/0x9d0
[   45.333760]  ? preempt_notifier_dec+0x20/0x20
[   45.338249]  ? copy_msghdr_from_user+0x5c0/0x5c0
[   45.342993]  ? __schedule+0x83c/0x1f70
[   45.346884]  ? find_held_lock+0x36/0x1c0
[   45.350949]  ? lock_downgrade+0x830/0x830
[   45.355080]  ? get_pid_task+0x8f/0x100
[   45.358957]  ? trace_event_raw_event_sched_switch+0x680/0x680
[   45.364830]  ? __might_sleep+0x93/0xb0
[   45.368708]  __sys_sendmmsg+0x1b6/0x5c0
[   45.372674]  ? SyS_sendmsg+0x20/0x20
[   45.376376]  ? __lock_is_held+0xb5/0x140
[   45.380473]  ? __sb_end_write+0x8a/0xb0
[   45.384458]  ? mutex_unlock+0xd/0x10
[   45.388168]  ? __f_unlock_pos+0xd/0x10
[   45.392047]  ? entry_SYSCALL_64_fastpath+0x5/0xc2
[   45.396880]  ? trace_hardirqs_on_caller+0x40c/0x580
[   45.401880]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   45.406624]  SyS_sendmmsg+0xd/0x20
[   45.410153]  entry_SYSCALL_64_fastpath+0x23/0xc2
[   45.414891] RIP: 0033:0x455b59
[   45.418067] RSP: 002b:00007fca557ccc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   45.425772] RAX: ffffffffffffffda RBX: 00007fca557cd6d4 RCX: 0000000000455b59
[   45.433026] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005
[   45.440283] RBP: 0000000000000082 R08: 0000000000000000 R09: 0000000000000000
[   45.447541] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004ba6fd
[   45.454795] R13: 00007fca557ccbb8 R14: 00000000004ba6fd R15: 0000000000000000
[   45.462151] CPU: 1 PID: 5716 Comm: syz-executor1 Not tainted 4.13.0-rc4-syzkaller #0
[   45.470052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   45.479411] Call Trace:
[   45.482010]  dump_stack+0x145/0x1e7
[   45.485645]  ? arch_local_irq_restore+0x43/0x43
[   45.490345]  ? ip_finish_output2+0x865/0x1400
[   45.494858]  ? trace_hardirqs_on+0xd/0x10
[   45.499016]  ? __local_bh_enable_ip+0x9d/0x160
[   45.503613]  should_fail.cold.4+0xc/0x19
[   45.507686]  ? fault_create_debugfs_attr+0x1a0/0x1a0
[   45.512816]  ? __lock_is_held+0xb5/0x140
[   45.516889]  ? rt_cpu_seq_show+0x2d0/0x2d0
[   45.521137]  ? debug_check_no_locks_freed+0x310/0x310
[   45.526342]  ? trace_hardirqs_off+0x10/0x10
[   45.530679]  should_failslab+0xba/0xf0
[   45.534588]  kmem_cache_alloc_trace+0x44/0x770
[   45.539178]  ? mod_timer_pending+0x10f0/0x10f0
[   45.543779]  dccp_ackvec_parsed_add+0x96/0x300
[   45.548486]  ? dccp_ackvec_purge_records+0x1d0/0x1d0
[   45.553622]  ccid2_hc_tx_parse_options+0x5b/0x80
[   45.558392]  dccp_parse_options+0x542/0x1050
[   45.562826]  dccp_rcv_established+0x23/0x70
[   45.567177]  dccp_v4_do_rcv+0xfa/0x160
[   45.571091]  __release_sock+0x10b/0x330
[   45.575079]  release_sock+0x9a/0x270
[   45.578815]  ? trace_hardirqs_on+0xd/0x10
[   45.582961] FAULT_INJECTION: forcing a failure.
[   45.582961] name failslab, interval 1, probability 0, space 0, times 0
[   45.582978]  ? __release_sock+0x330/0x330
[   45.582988]  ? dccp_qpolicy_top+0x67/0x80
[   45.582992]  ? dccp_write_xmit+0x3b/0x180
[   45.582998]  dccp_sendmsg+0x590/0xd10
[   45.583006]  ? lock_release+0x9d0/0x9d0
[   45.583012]  ? trace_event_raw_event_sched_switch+0x680/0x680
[   45.583019]  ? dccp_getsockopt+0xd0/0xd0
[   45.583029]  ? import_iovec+0x99/0x500
[   45.583034]  ? dup_iter+0x250/0x250
[   45.583043]  ? kasan_check_write+0x14/0x20
[   45.583052]  inet_sendmsg+0x148/0x5a0
[   45.583056]  ? copy_msghdr_from_user+0x2f7/0x5c0
[   45.583064]  ? rcu_pm_notify+0xc0/0xc0
[   45.583068]  ? inet_recvmsg+0x790/0x790
[   45.583071]  ? SYSC_sendto+0x6c0/0x6c0
[   45.583078]  ? inet_recvmsg+0x790/0x790
[   45.583081]  sock_sendmsg+0xb5/0xf0
[   45.583086]  ___sys_sendmsg+0x2b9/0x9d0
[   45.583093]  ? expand_files.part.8+0x900/0x900
[   45.583097]  ? trace_hardirqs_off+0x10/0x10
[   45.583102]  ? copy_msghdr_from_user+0x5c0/0x5c0
[   45.583108]  ? __fsnotify_update_child_dentry_flags.part.2+0x290/0x290
[   45.583116]  ? find_held_lock+0x36/0x1c0
[   45.583125]  ? lock_downgrade+0x830/0x830
[   45.583133]  ? get_pid_task+0x8f/0x100
[   45.583145]  ? trace_event_raw_event_sched_switch+0x680/0x680
[   45.583148]  ? __might_sleep+0x93/0xb0
[   45.583156]  __sys_sendmmsg+0x1b6/0x5c0
[   45.583164]  ? SyS_sendmsg+0x20/0x20
[   45.583170]  ? __lock_is_held+0xb5/0x140
[   45.583185]  ? __sb_end_write+0x8a/0xb0
[   45.583195]  ? mutex_unlock+0xd/0x10
[   45.583199]  ? __f_unlock_pos+0xd/0x10
[   45.583206]  ? entry_SYSCALL_64_fastpath+0x5/0xc2
[   45.583211]  ? trace_hardirqs_on_caller+0x40c/0x580
[   45.583219]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   45.583225]  SyS_sendmmsg+0xd/0x20
[   45.583228]  entry_SYSCALL_64_fastpath+0x23/0xc2
[   45.583234] RIP: 0033:0x455b59
[   45.583237] RSP: 002b:00007f017ae77c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   45.583242] RAX: ffffffffffffffda RBX: 00007f017ae786d4 RCX: 0000000000455b59
[   45.583244] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005
[   45.583246] RBP: 0000000000000082 R08: 0000000000000000 R09: 0000000000000000
[   45.583249] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004ba6fd
[   45.583251] R13: 00007f017ae77bb8 R14: 00000000004ba6fd R15: 0000000000000000
[   45.584710] dccp_parse_options: DCCP(ffff8801c7356100): Option 38 (len=1) error=5
[   45.694657] FAULT_INJECTION: forcing a failure.
[   45.694657] name failslab, interval 1, probability 0, space 0, times 0
[   45.694665] CPU: 1 PID: 5744 Comm: syz-executor5 Not tainted 4.13.0-rc4-syzkaller #0
[   45.694668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   45.694671] Call Trace:
[   45.694682]  dump_stack+0x145/0x1e7
[   45.694688]  ? arch_local_irq_restore+0x43/0x43
[   45.694697]  ? ip_finish_output2+0x865/0x1400
[   45.694704]  ? trace_hardirqs_on+0xd/0x10
[   45.694711]  ? __local_bh_enable_ip+0x9d/0x160
[   45.694723]  should_fail.cold.4+0xc/0x19
[   45.694729]  ? fault_create_debugfs_attr+0x1a0/0x1a0
[   45.694745]  ? __lock_is_held+0xb5/0x140
[   45.694749]  ? rt_cpu_seq_show+0x2d0/0x2d0
[   45.694757]  ? debug_check_no_locks_freed+0x310/0x310
[   45.694767]  ? trace_hardirqs_off+0x10/0x10
[   45.694777]  should_failslab+0xba/0xf0
[   45.694783]  kmem_cache_alloc_trace+0x44/0x770
[   45.694788]  ? mod_timer_pending+0x10f0/0x10f0
[   45.694800]  dccp_ackvec_parsed_add+0x96/0x300
[   45.694804]  ? dccp_ackvec_purge_records+0x1d0/0x1d0
[   45.694813]  ccid2_hc_tx_parse_options+0x5b/0x80
[   45.694818]  dccp_parse_options+0x542/0x1050
[   45.694828]  dccp_rcv_established+0x23/0x70
[   45.694833]  dccp_v4_do_rcv+0xfa/0x160
[   45.694840]  __release_sock+0x10b/0x330
[   45.694848]  release_sock+0x9a/0x270
[   45.694852]  ? trace_hardirqs_on+0xd/0x10
[   45.694856]  ? __release_sock+0x330/0x330
[   45.694861]  ? dccp_qpolicy_top+0x67/0x80
[   45.694865]  ? dccp_write_xmit+0x3b/0x180
[   45.694870]  dccp_sendmsg+0x590/0xd10
[   45.694874]  ? lock_release+0x9d0/0x9d0
[   45.694880]  ? trace_event_raw_event_sched_switch+0x680/0x680
[   45.694886]  ? dccp_getsockopt+0xd0/0xd0
[   45.694892]  ? import_iovec+0x99/0x500
[   45.694903]  ? dup_iter+0x250/0x250
[   45.694908]  ? kasan_check_write+0x14/0x20
[   45.694915]  inet_sendmsg+0x148/0x5a0
[   45.694919]  ? copy_msghdr_from_user+0x2f7/0x5c0
[   45.694924]  ? rcu_pm_notify+0xc0/0xc0
[   45.694928]  ? inet_recvmsg+0x790/0x790
[   45.694932]  ? SYSC_sendto+0x6c0/0x6c0
[   45.694939]  ? inet_recvmsg+0x790/0x790
[   45.694942]  sock_sendmsg+0xb5/0xf0
[   45.694947]  ___sys_sendmsg+0x2b9/0x9d0
[   45.694953]  ? expand_files.part.8+0x900/0x900
[   45.694957]  ? trace_hardirqs_off+0x10/0x10
[   45.694962]  ? copy_msghdr_from_user+0x5c0/0x5c0
[   45.694968]  ? __fsnotify_update_child_dentry_flags.part.2+0x290/0x290
[   45.694975]  ? find_held_lock+0x36/0x1c0
[   45.694985]  ? lock_downgrade+0x830/0x830
[   45.694993]  ? get_pid_task+0x8f/0x100
[   45.695008]  ? trace_event_raw_event_sched_switch+0x680/0x680
[   45.695011]  ? __might_sleep+0x93/0xb0
[   45.695019]  __sys_sendmmsg+0x1b6/0x5c0
[   45.695026]  ? SyS_sendmsg+0x20/0x20
[   45.695032]  ? __lock_is_held+0xb5/0x140
[   45.695047]  ? __sb_end_write+0x8a/0xb0
[   45.695055]  ? mutex_unlock+0xd/0x10
[   45.695059]  ? __f_unlock_pos+0xd/0x10
[   45.695066]  ? entry_SYSCALL_64_fastpath+0x5/0xc2
[   45.695071]  ? trace_hardirqs_on_caller+0x40c/0x580
[   45.695079]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   45.695085]  SyS_sendmmsg+0xd/0x20
[   45.695088]  entry_SYSCALL_64_fastpath+0x23/0xc2
[   45.695094] RIP: 0033:0x455b59
[   45.695097] RSP: 002b:00007efc43e3ec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   45.695102] RAX: ffffffffffffffda RBX: 00007efc43e3f6d4 RCX: 0000000000455b59
[   45.695105] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005
[   45.695107] RBP: 0000000000000082 R08: 0000000000000000 R09: 0000000000000000
[   45.695109] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004ba6fd
[   45.695112] R13: 00007efc43e3ebb8 R14: 00000000004ba6fd R15: 0000000000000000
[   45.695169] dccp_parse_options: DCCP(ffff8801c7356100): Option 38 (len=1) error=5
[   45.898923] FAULT_INJECTION: forcing a failure.
[   45.898923] name failslab, interval 1, probability 0, space 0, times 0
[   45.898932] CPU: 1 PID: 5776 Comm: syz-executor4 Not tainted 4.13.0-rc4-syzkaller #0
[   45.898934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   45.898937] Call Trace:
[   45.898948]  dump_stack+0x145/0x1e7
[   45.898954]  ? arch_local_irq_restore+0x43/0x43
[   45.898963]  ? ip_finish_output2+0x865/0x1400
[   45.898970]  ? trace_hardirqs_on+0xd/0x10
[   45.898977]  ? __local_bh_enable_ip+0x9d/0x160
[   45.898989]  should_fail.cold.4+0xc/0x19
[   45.898995]  ? fault_create_debugfs_attr+0x1a0/0x1a0
[   45.899020]  ? __lock_is_held+0xb5/0x140
[   45.899025]  ? rt_cpu_seq_show+0x2d0/0x2d0
[   45.899032]  ? debug_check_no_locks_freed+0x310/0x310
[   45.899043]  ? trace_hardirqs_off+0x10/0x10
[   45.899053]  should_failslab+0xba/0xf0
[   45.899059]  kmem_cache_alloc_trace+0x44/0x770
[   45.899066]  ? mod_timer_pending+0x10f0/0x10f0
[   45.899079]  dccp_ackvec_parsed_add+0x96/0x300
[   45.899084]  ? dccp_ackvec_purge_records+0x1d0/0x1d0
[   45.899093]  ccid2_hc_tx_parse_options+0x5b/0x80
[   45.899098]  dccp_parse_options+0x542/0x1050
[   45.899108]  dccp_rcv_established+0x23/0x70
[   45.899113]  dccp_v4_do_rcv+0xfa/0x160
[   45.899122]  __release_sock+0x10b/0x330
[   45.899131]  release_sock+0x9a/0x270
[   45.899134]  ? trace_hardirqs_on+0xd/0x10
[   45.899139]  ? __release_sock+0x330/0x330
[   45.899143]  ? dccp_qpolicy_top+0x67/0x80
[   45.899147]  ? dccp_write_xmit+0x3b/0x180
[   45.899153]  dccp_sendmsg+0x590/0xd10
[   45.899157]  ? lock_release+0x9d0/0x9d0
[   45.899162]  ? trace_event_raw_event_sched_switch+0x680/0x680
[   45.899168]  ? dccp_getsockopt+0xd0/0xd0
[   45.899174]  ? import_iovec+0x99/0x500
[   45.899180]  ? dup_iter+0x250/0x250
[   45.899185]  ? kasan_check_write+0x14/0x20
[   45.899192]  inet_sendmsg+0x148/0x5a0
[   45.899196]  ? copy_msghdr_from_user+0x2f7/0x5c0
[   45.899200]  ? rcu_pm_notify+0xc0/0xc0
[   45.899204]  ? inet_recvmsg+0x790/0x790
[   45.899207]  ? SYSC_sendto+0x6c0/0x6c0
[   45.899215]  ? inet_recvmsg+0x790/0x790
[   45.899218]  sock_sendmsg+0xb5/0xf0
[   45.899223]  ___sys_sendmsg+0x2b9/0x9d0
[   45.899228]  ? expand_files.part.8+0x900/0x900
[   45.899232]  ? trace_hardirqs_off+0x10/0x10
[   45.899237]  ? copy_msghdr_from_user+0x5c0/0x5c0
[   45.899243]  ? __fsnotify_update_child_dentry_flags.part.2+0x290/0x290
[   45.899251]  ? find_held_lock+0x36/0x1c0
[   45.899260]  ? lock_downgrade+0x830/0x830
[   45.899265]  ? get_pid_task+0x8f/0x100
[   45.899276]  ? trace_event_raw_event_sched_switch+0x680/0x680
[   45.899279]  ? __might_sleep+0x93/0xb0
[   45.899287]  __sys_sendmmsg+0x1b6/0x5c0
[   45.899294]  ? SyS_sendmsg+0x20/0x20
[   45.899300]  ? __lock_is_held+0xb5/0x140
[   45.899313]  ? __sb_end_write+0x8a/0xb0
[   45.899320]  ? mutex_unlock+0xd/0x10
[   45.899325]  ? __f_unlock_pos+0xd/0x10
[   45.899330]  ? entry_SYSCALL_64_fastpath+0x5/0xc2
[   45.899336]  ? trace_hardirqs_on_caller+0x40c/0x580
[   45.899342]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   45.899348]  SyS_sendmmsg+0xd/0x20
[   45.899352]  entry_SYSCALL_64_fastpath+0x23/0xc2
[   45.899357] RIP: 0033:0x455b59
[   45.899360] RSP: 002b:00007f0082bc6c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   45.899365] RAX: ffffffffffffffda RBX: 00007f0082bc76d4 RCX: 0000000000455b59
[   45.899367] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005
[   45.899370] RBP: 0000000000000082 R08: 0000000000000000 R09: 0000000000000000
[   45.899372] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004ba6fd
[   45.899374] R13: 00007f0082bc6bb8 R14: 00000000004ba6fd R15: 0000000000000000
[   45.899442] dccp_parse_options: DCCP(ffff8801c7357480): Option 38 (len=1) error=5
[   46.649630] CPU: 0 PID: 5731 Comm: syz-executor3 Not tainted 4.13.0-rc4-syzkaller #0
[   46.657494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   46.666830] Call Trace:
[   46.669407]  dump_stack+0x145/0x1e7
[   46.673027]  ? arch_local_irq_restore+0x43/0x43
[   46.677678]  ? ip_finish_output2+0x865/0x1400
[   46.682163]  ? trace_hardirqs_on+0xd/0x10
[   46.686296]  ? __local_bh_enable_ip+0x9d/0x160
[   46.690860]  should_fail.cold.4+0xc/0x19
[   46.694908]  ? fault_create_debugfs_attr+0x1a0/0x1a0
[   46.699999]  ? __lock_is_held+0xb5/0x140
[   46.704054]  ? rt_cpu_seq_show+0x2d0/0x2d0
[   46.708272]  ? debug_check_no_locks_freed+0x310/0x310
[   46.713447]  ? trace_hardirqs_off+0x10/0x10
[   46.717752]  should_failslab+0xba/0xf0
[   46.721623]  kmem_cache_alloc_trace+0x44/0x770
[   46.726184]  ? mod_timer_pending+0x10f0/0x10f0
[   46.730751]  dccp_ackvec_parsed_add+0x96/0x300
[   46.735312]  ? dccp_ackvec_purge_records+0x1d0/0x1d0
[   46.740399]  ccid2_hc_tx_parse_options+0x5b/0x80
[   46.745151]  dccp_parse_options+0x542/0x1050
[   46.749546]  dccp_rcv_established+0x23/0x70
[   46.753868]  dccp_v4_do_rcv+0xfa/0x160
[   46.757771]  __release_sock+0x10b/0x330
[   46.761742]  release_sock+0x9a/0x270
[   46.765437]  ? trace_hardirqs_on+0xd/0x10
[   46.769564]  ? __release_sock+0x330/0x330
[   46.773687]  ? dccp_qpolicy_top+0x67/0x80
[   46.777816]  ? dccp_write_xmit+0x3b/0x180
[   46.781952]  dccp_sendmsg+0x590/0xd10
[   46.785746]  ? lock_release+0x9d0/0x9d0
[   46.789708]  ? trace_event_raw_event_sched_switch+0x680/0x680
[   46.795575]  ? dccp_getsockopt+0xd0/0xd0
[   46.799627]  ? import_iovec+0x99/0x500
[   46.803508]  ? dup_iter+0x250/0x250
[   46.807114]  ? kasan_check_write+0x14/0x20
[   46.811349]  inet_sendmsg+0x148/0x5a0
[   46.815130]  ? copy_msghdr_from_user+0x2f7/0x5c0
[   46.819863]  ? rcu_pm_notify+0xc0/0xc0
[   46.823732]  ? inet_recvmsg+0x790/0x790
[   46.827696]  ? SYSC_sendto+0x6c0/0x6c0
[   46.831577]  ? inet_recvmsg+0x790/0x790
[   46.835545]  sock_sendmsg+0xb5/0xf0
[   46.839163]  ___sys_sendmsg+0x2b9/0x9d0
[   46.843133]  ? expand_files.part.8+0x900/0x900
[   46.847866]  ? trace_hardirqs_off+0x10/0x10
[   46.852189]  ? copy_msghdr_from_user+0x5c0/0x5c0
[   46.856931]  ? __fsnotify_update_child_dentry_flags.part.2+0x290/0x290
[   46.863577]  ? find_held_lock+0x36/0x1c0
[   46.867618]  ? lock_downgrade+0x830/0x830
[   46.871750]  ? get_pid_task+0x8f/0x100
[   46.875621]  ? trace_event_raw_event_sched_switch+0x680/0x680
[   46.881485]  ? __might_sleep+0x93/0xb0
[   46.885355]  __sys_sendmmsg+0x1b6/0x5c0
[   46.889321]  ? SyS_sendmsg+0x20/0x20
[   46.893036]  ? __lock_is_held+0xb5/0x140
[   46.897102]  ? __sb_end_write+0x8a/0xb0
[   46.901065]  ? mutex_unlock+0xd/0x10
[   46.904765]  ? __f_unlock_pos+0xd/0x10
[   46.908633]  ? entry_SYSCALL_64_fastpath+0x5/0xc2
[   46.913465]  ? trace_hardirqs_on_caller+0x40c/0x580
[   46.918478]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   46.923327]  SyS_sendmmsg+0xd/0x20
[   46.926855]  entry_SYSCALL_64_fastpath+0x23/0xc2
[   46.931595] RIP: 0033:0x455b59
[   46.935808] RSP: 002b:00007fca557ccc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   46.943509] RAX: ffffffffffffffda RBX: 00007fca557cd6d4 RCX: 0000000000455b59
[   46.950768] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005
[   46.958021] RBP: 0000000000000082 R08: 0000000000000000 R09: 0000000000000000
[   46.965277] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004ba6fd
[   46.972525] R13: 00007fca557ccbb8 R14: 00000000004ba6fd R15: 0000000000000000
[   46.980386] dccp_parse_options: DCCP(ffff8801c93b4140): Option 38 (len=1) error=5
2019/11/28 10:12:23 executed programs: 38
2019/11/28 10:12:28 executed programs: 70
2019/11/28 10:12:34 executed programs: 104
2019/11/28 10:12:39 executed programs: 136
2019/11/28 10:12:44 executed programs: 170
2019/11/28 10:12:49 executed programs: 202
2019/11/28 10:12:54 executed programs: 236
2019/11/28 10:12:59 executed programs: 269
2019/11/28 10:13:04 executed programs: 302
2019/11/28 10:13:09 executed programs: 335
2019/11/28 10:13:14 executed programs: 368
2019/11/28 10:13:19 executed programs: 401
[  107.517195] FAULT_INJECTION: forcing a failure.
[  107.517195] name failslab, interval 1, probability 0, space 0, times 0
[  107.528443] CPU: 1 PID: 7384 Comm: syz-executor4 Not tainted 4.13.0-rc4-syzkaller #0
[  107.536324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  107.545674] Call Trace:
[  107.548258]  dump_stack+0x145/0x1e7
[  107.551881]  ? arch_local_irq_restore+0x43/0x43
[  107.556545]  ? find_held_lock+0x36/0x1c0
[  107.560605]  should_fail.cold.4+0xc/0x19
[  107.564659]  ? fault_create_debugfs_attr+0x1a0/0x1a0
[  107.569164] FAULT_INJECTION: forcing a failure.
[  107.569164] name failslab, interval 1, probability 0, space 0, times 0
[  107.580912]  ? lock_release+0x9d0/0x9d0
[  107.584872]  ? update_stack_state+0x670/0x670
[  107.589352]  ? update_stack_state+0x670/0x670
[  107.593830]  ? print_usage_bug+0xc0/0xc0
[  107.597874]  ? __lock_is_held+0xb5/0x140
[  107.601944]  ? trace_event_raw_event_sched_switch+0x680/0x680
[  107.607812]  ? mark_held_locks+0xc9/0x160
[  107.611951]  should_failslab+0xba/0xf0
[  107.615827]  kmem_cache_alloc_trace+0x2c1/0x770
[  107.620478]  ? dccp_sendmsg+0x590/0xd10
[  107.624432]  ? inet_sendmsg+0x148/0x5a0
[  107.628389]  ? sock_sendmsg+0xb5/0xf0
[  107.632166]  ? ___sys_sendmsg+0x2b9/0x9d0
[  107.636295]  ? __sys_sendmmsg+0x1b6/0x5c0
[  107.640420]  ? SyS_sendmmsg+0xd/0x20
[  107.644115]  ? entry_SYSCALL_64_fastpath+0x23/0xc2
[  107.649029]  dccp_feat_entry_new+0x1a4/0x4f0
[  107.653418]  ? dccp_feat_nn_get+0x310/0x310
[  107.657725]  dccp_feat_push_confirm+0x26/0x280
[  107.662286]  dccp_feat_parse_options+0x1079/0x1c80
[  107.667196]  ? __lock_is_held+0xb5/0x140
[  107.671254]  ? dccp_feat_server_ccid_dependencies+0x1f0/0x1f0
[  107.677125]  ? dccp_ackvec_parsed_add+0x96/0x300
[  107.681864]  ? rcu_read_lock_sched_held+0x108/0x120
[  107.686876]  ? kmem_cache_alloc_trace+0x60c/0x770
[  107.691701]  ? mod_timer_pending+0x10f0/0x10f0
[  107.696271]  ? dccp_ackvec_parsed_add+0x168/0x300
[  107.701102]  ? dccp_ackvec_purge_records+0x1d0/0x1d0
[  107.706210]  dccp_parse_options+0x857/0x1050
[  107.710604]  dccp_rcv_established+0x23/0x70
[  107.714918]  dccp_v4_do_rcv+0xfa/0x160
[  107.718792]  __release_sock+0x10b/0x330
[  107.722751]  release_sock+0x9a/0x270
[  107.726448]  ? trace_hardirqs_on+0xd/0x10
[  107.730592]  ? __release_sock+0x330/0x330
[  107.734720]  ? dccp_qpolicy_top+0x67/0x80
[  107.738848]  ? dccp_write_xmit+0x3b/0x180
[  107.742979]  dccp_sendmsg+0x590/0xd10
[  107.746762]  ? lock_release+0x9d0/0x9d0
[  107.750751]  ? trace_event_raw_event_sched_switch+0x680/0x680
[  107.756644]  ? dccp_getsockopt+0xd0/0xd0
[  107.760689]  ? import_iovec+0x99/0x500
[  107.764556]  ? dup_iter+0x250/0x250
[  107.768167]  ? kasan_check_write+0x14/0x20
[  107.772385]  inet_sendmsg+0x148/0x5a0
[  107.776167]  ? copy_msghdr_from_user+0x2f7/0x5c0
[  107.780904]  ? rcu_pm_notify+0xc0/0xc0
[  107.784775]  ? inet_recvmsg+0x790/0x790
[  107.788729]  ? SYSC_sendto+0x6c0/0x6c0
[  107.792597]  ? inet_recvmsg+0x790/0x790
[  107.796552]  sock_sendmsg+0xb5/0xf0
[  107.800160]  ___sys_sendmsg+0x2b9/0x9d0
[  107.804125]  ? expand_files.part.8+0x900/0x900
[  107.808685]  ? trace_hardirqs_off+0x10/0x10
[  107.812987]  ? copy_msghdr_from_user+0x5c0/0x5c0
[  107.817725]  ? __fsnotify_update_child_dentry_flags.part.2+0x290/0x290
[  107.824389]  ? find_held_lock+0x36/0x1c0
[  107.828440]  ? lock_downgrade+0x830/0x830
[  107.832571]  ? get_pid_task+0x8f/0x100
[  107.836449]  ? trace_event_raw_event_sched_switch+0x680/0x680
[  107.842326]  ? __might_sleep+0x93/0xb0
[  107.846214]  __sys_sendmmsg+0x1b6/0x5c0
[  107.850172]  ? SyS_sendmsg+0x20/0x20
[  107.853871]  ? __lock_is_held+0xb5/0x140
[  107.857921]  ? __sb_end_write+0x8a/0xb0
[  107.861880]  ? mutex_unlock+0xd/0x10
[  107.865571]  ? __f_unlock_pos+0xd/0x10
[  107.869438]  ? entry_SYSCALL_64_fastpath+0x5/0xc2
[  107.874262]  ? trace_hardirqs_on_caller+0x40c/0x580
[  107.879259]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  107.883996]  SyS_sendmmsg+0xd/0x20
[  107.887605]  entry_SYSCALL_64_fastpath+0x23/0xc2
[  107.892351] RIP: 0033:0x455b59
[  107.895524] RSP: 002b:00007f0082bc6c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  107.903213] RAX: ffffffffffffffda RBX: 00007f0082bc76d4 RCX: 0000000000455b59
[  107.910461] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005
[  107.917725] RBP: 0000000000000082 R08: 0000000000000000 R09: 0000000000000000
[  107.924976] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004ba6fd
[  107.932225] R13: 00007f0082bc6bb8 R14: 00000000004ba6fd R15: 0000000000000000
[  107.939497] CPU: 0 PID: 7388 Comm: syz-executor3 Not tainted 4.13.0-rc4-syzkaller #0
[  107.939652] dccp_parse_options: DCCP(ffff8801d9786bc0): Option 32 (len=7) error=9
[  107.946146] ==================================================================
[  107.946164] BUG: KASAN: use-after-free in ccid2_hc_tx_packet_recv+0x2920/0x2991
[  107.946168] Read of size 1 at addr ffff8801c1662642 by task syz-executor4/7384
[  107.946169] 
[  107.978678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  107.988013] Call Trace:
[  107.990593]  dump_stack+0x145/0x1e7
[  107.994206]  ? arch_local_irq_restore+0x43/0x43
[  107.998867]  ? find_held_lock+0x36/0x1c0
[  108.002922]  should_fail.cold.4+0xc/0x19
[  108.006969]  ? fault_create_debugfs_attr+0x1a0/0x1a0
[  108.012058]  ? lock_release+0x9d0/0x9d0
[  108.016028]  ? update_stack_state+0x670/0x670
[  108.020678]  ? update_stack_state+0x670/0x670
[  108.025302]  ? print_usage_bug+0xc0/0xc0
[  108.029358]  ? __lock_is_held+0xb5/0x140
[  108.033416]  ? trace_event_raw_event_sched_switch+0x680/0x680
[  108.039283]  ? mark_held_locks+0xc9/0x160
[  108.043418]  should_failslab+0xba/0xf0
[  108.047295]  kmem_cache_alloc_trace+0x2c1/0x770
[  108.051967]  ? dccp_sendmsg+0x590/0xd10
[  108.055925]  ? inet_sendmsg+0x148/0x5a0
[  108.059906]  ? sock_sendmsg+0xb5/0xf0
[  108.063692]  ? ___sys_sendmsg+0x2b9/0x9d0
[  108.067818]  ? __sys_sendmmsg+0x1b6/0x5c0
[  108.071939]  ? SyS_sendmmsg+0xd/0x20
[  108.076499]  ? entry_SYSCALL_64_fastpath+0x23/0xc2
[  108.081410]  dccp_feat_entry_new+0x1a4/0x4f0
[  108.085799]  ? dccp_feat_nn_get+0x310/0x310
[  108.090103]  dccp_feat_push_confirm+0x26/0x280
[  108.094683]  dccp_feat_parse_options+0x1079/0x1c80
[  108.099600]  ? __lock_is_held+0xb5/0x140
[  108.103661]  ? dccp_feat_server_ccid_dependencies+0x1f0/0x1f0
[  108.109627]  ? dccp_ackvec_parsed_add+0x96/0x300
[  108.114366]  ? rcu_read_lock_sched_held+0x108/0x120
[  108.119358]  ? kmem_cache_alloc_trace+0x60c/0x770
[  108.124178]  ? mod_timer_pending+0x10f0/0x10f0
[  108.128745]  ? dccp_ackvec_parsed_add+0x168/0x300
[  108.133566]  ? dccp_ackvec_purge_records+0x1d0/0x1d0
[  108.138650]  dccp_parse_options+0x857/0x1050
[  108.143060]  dccp_rcv_established+0x23/0x70
[  108.147361]  dccp_v4_do_rcv+0xfa/0x160
[  108.151230]  __release_sock+0x10b/0x330
[  108.155189]  release_sock+0x9a/0x270
[  108.158881]  ? trace_hardirqs_on+0xd/0x10
[  108.163086]  ? __release_sock+0x330/0x330
[  108.167246]  ? dccp_qpolicy_top+0x67/0x80
[  108.171388]  ? dccp_write_xmit+0x3b/0x180
[  108.175536]  dccp_sendmsg+0x590/0xd10
[  108.179321]  ? lock_release+0x9d0/0x9d0
[  108.183300]  ? trace_event_raw_event_sched_switch+0x680/0x680
[  108.189176]  ? dccp_getsockopt+0xd0/0xd0
[  108.193219]  ? import_iovec+0x99/0x500
[  108.197090]  ? dup_iter+0x250/0x250
[  108.200700]  ? kasan_check_write+0x14/0x20
[  108.204940]  inet_sendmsg+0x148/0x5a0
[  108.208745]  ? copy_msghdr_from_user+0x2f7/0x5c0
[  108.213491]  ? rcu_pm_notify+0xc0/0xc0
[  108.217380]  ? inet_recvmsg+0x790/0x790
[  108.221336]  ? SYSC_sendto+0x6c0/0x6c0
[  108.225221]  ? inet_recvmsg+0x790/0x790
[  108.229178]  sock_sendmsg+0xb5/0xf0
[  108.232787]  ___sys_sendmsg+0x2b9/0x9d0
[  108.236748]  ? expand_files.part.8+0x900/0x900
[  108.241312]  ? trace_hardirqs_off+0x10/0x10
[  108.245620]  ? copy_msghdr_from_user+0x5c0/0x5c0
[  108.250355]  ? __fsnotify_update_child_dentry_flags.part.2+0x290/0x290
[  108.257001]  ? find_held_lock+0x36/0x1c0
[  108.261048]  ? lock_downgrade+0x830/0x830
[  108.265176]  ? get_pid_task+0x8f/0x100
[  108.269047]  ? trace_event_raw_event_sched_switch+0x680/0x680
[  108.274911]  ? __might_sleep+0x93/0xb0
[  108.278785]  __sys_sendmmsg+0x1b6/0x5c0
[  108.282738]  ? SyS_sendmsg+0x20/0x20
[  108.286430]  ? __lock_is_held+0xb5/0x140
[  108.290477]  ? __sb_end_write+0x8a/0xb0
[  108.294431]  ? mutex_unlock+0xd/0x10
[  108.298121]  ? __f_unlock_pos+0xd/0x10
[  108.301994]  ? entry_SYSCALL_64_fastpath+0x5/0xc2
[  108.306816]  ? trace_hardirqs_on_caller+0x40c/0x580
[  108.311811]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  108.316548]  SyS_sendmmsg+0xd/0x20
[  108.320066]  entry_SYSCALL_64_fastpath+0x23/0xc2
[  108.324797] RIP: 0033:0x455b59
[  108.327967] RSP: 002b:00007fca557ccc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  108.335652] RAX: ffffffffffffffda RBX: 00007fca557cd6d4 RCX: 0000000000455b59
[  108.342900] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005
[  108.350146] RBP: 0000000000000082 R08: 0000000000000000 R09: 0000000000000000
[  108.357394] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004ba6fd
[  108.364643] R13: 00007fca557ccbb8 R14: 00000000004ba6fd R15: 0000000000000000
[  108.371918] CPU: 1 PID: 7384 Comm: syz-executor4 Not tainted 4.13.0-rc4-syzkaller #0
[  108.372076] dccp_parse_options: DCCP(ffff8801c6b96b40): Option 32 (len=7) error=9
[  108.387565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  108.396899] Call Trace:
[  108.399506]  dump_stack+0x145/0x1e7
[  108.403111]  ? arch_local_irq_restore+0x43/0x43
[  108.407762]  ? printk+0x91/0xab
[  108.411045]  ? log_store.cold.32+0x22/0x22
[  108.415326]  ? inet_sendmsg+0x148/0x5a0
[  108.419284]  print_address_description+0x6c/0x20b
[  108.424113]  ? ccid2_hc_tx_packet_recv+0x2920/0x2991
[  108.429196]  kasan_report.cold.7+0x121/0x2da
[  108.433584]  __asan_report_load1_noabort+0x14/0x20
[  108.438495]  ccid2_hc_tx_packet_recv+0x2920/0x2991
[  108.443406]  ? __lock_is_held+0xb5/0x140
[  108.447454]  ? ccid2_hc_tx_rto_expire+0x630/0x630
[  108.452292]  ? kmem_cache_free+0x256/0x2c0
[  108.456505]  ? dccp_ackvec_clear_state+0x3c3/0x8e0
[  108.461469]  ? memset+0x31/0x40
[  108.464728]  ? dccp_ackvec_input+0x2d2/0x4a0
[  108.469115]  dccp_deliver_input_to_ccids+0x19f/0x210
[  108.474192]  dccp_rcv_established+0x49/0x70
[  108.478490]  dccp_v4_do_rcv+0xfa/0x160
[  108.482357]  __release_sock+0x10b/0x330
[  108.486320]  release_sock+0x9a/0x270
[  108.490025]  ? trace_hardirqs_on+0xd/0x10
[  108.494162]  ? __release_sock+0x330/0x330
[  108.498286]  ? dccp_qpolicy_top+0x67/0x80
[  108.502409]  ? dccp_write_xmit+0x3b/0x180
[  108.506550]  dccp_sendmsg+0x590/0xd10
[  108.510351]  ? lock_release+0x9d0/0x9d0
[  108.514299]  ? trace_event_raw_event_sched_switch+0x680/0x680
[  108.520166]  ? dccp_getsockopt+0xd0/0xd0
[  108.524212]  ? import_iovec+0x99/0x500
[  108.528078]  ? dup_iter+0x250/0x250
[  108.531680]  ? kasan_check_write+0x14/0x20
[  108.535890]  inet_sendmsg+0x148/0x5a0
[  108.539664]  ? copy_msghdr_from_user+0x2f7/0x5c0
[  108.544409]  ? rcu_pm_notify+0xc0/0xc0
[  108.548270]  ? inet_recvmsg+0x790/0x790
[  108.552217]  ? SYSC_sendto+0x6c0/0x6c0
[  108.556603]  ? inet_recvmsg+0x790/0x790
[  108.560550]  sock_sendmsg+0xb5/0xf0
[  108.564151]  ___sys_sendmsg+0x2b9/0x9d0
[  108.568099]  ? expand_files.part.8+0x900/0x900
[  108.572653]  ? trace_hardirqs_off+0x10/0x10
[  108.576949]  ? copy_msghdr_from_user+0x5c0/0x5c0
[  108.581686]  ? __fsnotify_update_child_dentry_flags.part.2+0x290/0x290
[  108.588326]  ? find_held_lock+0x36/0x1c0
[  108.592501]  ? lock_downgrade+0x830/0x830
[  108.597328]  ? get_pid_task+0x8f/0x100
[  108.601200]  ? trace_event_raw_event_sched_switch+0x680/0x680
[  108.607062]  ? __might_sleep+0x93/0xb0
[  108.610930]  __sys_sendmmsg+0x1b6/0x5c0
[  108.614910]  ? SyS_sendmsg+0x20/0x20
[  108.618616]  ? __lock_is_held+0xb5/0x140
[  108.622683]  ? __sb_end_write+0x8a/0xb0
[  108.626634]  ? mutex_unlock+0xd/0x10
[  108.630323]  ? __f_unlock_pos+0xd/0x10
[  108.634188]  ? entry_SYSCALL_64_fastpath+0x5/0xc2
[  108.639011]  ? trace_hardirqs_on_caller+0x40c/0x580
[  108.644021]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  108.648776]  SyS_sendmmsg+0xd/0x20
[  108.652304]  entry_SYSCALL_64_fastpath+0x23/0xc2
[  108.657040] RIP: 0033:0x455b59
[  108.660205] RSP: 002b:00007f0082bc6c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  108.667888] RAX: ffffffffffffffda RBX: 00007f0082bc76d4 RCX: 0000000000455b59
[  108.675134] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005
[  108.682377] RBP: 0000000000000082 R08: 0000000000000000 R09: 0000000000000000
[  108.689622] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004ba6fd
[  108.696866] R13: 00007f0082bc6bb8 R14: 00000000004ba6fd R15: 0000000000000000
[  108.704116] 
[  108.705720] Allocated by task 7384:
[  108.709327]  save_stack_trace+0x16/0x20
[  108.713274]  save_stack+0x43/0xd0
[  108.716700]  kasan_kmalloc+0xc4/0xe0
[  108.720400]  __kmalloc_node_track_caller+0x47/0x70
[  108.725301]  __kmalloc_reserve.isra.39+0x2c/0xb0
[  108.730031]  __alloc_skb+0x10c/0x6f0
[  108.733731]  dccp_send_ack+0xb3/0x340
[  108.737505]  ccid2_hc_rx_packet_recv+0xf9/0x170
[  108.742146]  dccp_deliver_input_to_ccids+0xc5/0x210
[  108.747133]  dccp_rcv_established+0x49/0x70
[  108.751427]  dccp_v4_do_rcv+0xfa/0x160
[  108.755289]  __sk_receive_skb+0x2dc/0xd50
[  108.759411]  dccp_v4_rcv+0xddb/0x215d
[  108.763187]  ip_local_deliver_finish+0x28a/0xa60
[  108.767928]  ip_local_deliver+0x1ac/0x650
[  108.772062]  ip_rcv_finish+0x896/0x20d0
[  108.776019]  ip_rcv+0xd4c/0x19d6
[  108.779368]  __netif_receive_skb_core+0x2094/0x35b0
[  108.784372]  __netif_receive_skb+0x1f/0x1a0
[  108.788669]  process_backlog+0x1fd/0x710
[  108.792714]  net_rx_action+0x6d9/0x1770
[  108.796666]  __do_softirq+0x2f8/0xb0d
[  108.800438] 
[  108.802052] Freed by task 7384:
[  108.805306]  save_stack_trace+0x16/0x20
[  108.809274]  save_stack+0x43/0xd0
[  108.812701]  kasan_slab_free+0x71/0xc0
[  108.816561]  kfree+0xd6/0x250
[  108.819669]  skb_free_head+0x74/0x90
[  108.823358]  skb_release_data+0x548/0x830
[  108.827479]  skb_release_all+0x3d/0x50
[  108.831363]  kfree_skb+0x13b/0x430
[  108.834877]  dccp_v4_do_rcv+0x111/0x160
[  108.838825]  __release_sock+0x10b/0x330
[  108.842773]  release_sock+0x9a/0x270
[  108.846480]  dccp_sendmsg+0x590/0xd10
[  108.850255]  inet_sendmsg+0x148/0x5a0
[  108.854036]  sock_sendmsg+0xb5/0xf0
[  108.857637]  ___sys_sendmsg+0x2b9/0x9d0
[  108.861582]  __sys_sendmmsg+0x1b6/0x5c0
[  108.865530]  SyS_sendmmsg+0xd/0x20
[  108.869044]  entry_SYSCALL_64_fastpath+0x23/0xc2
[  108.873769] 
[  108.875372] The buggy address belongs to the object at ffff8801c16621c0
[  108.875372]  which belongs to the cache kmalloc-2048 of size 2048
[  108.888179] The buggy address is located 1154 bytes inside of
[  108.888179]  2048-byte region [ffff8801c16621c0, ffff8801c16629c0)
[  108.900213] The buggy address belongs to the page:
[  108.905144] page:ffffea0007059880 count:1 mapcount:0 mapping:ffff8801c16621c0 index:0x0 compound_mapcount: 0
[  108.915087] flags: 0x2fffc0000008100(slab|head)
[  108.919730] raw: 02fffc0000008100 ffff8801c16621c0 0000000000000000 0000000100000003
[  108.927584] raw: ffffea000707a820 ffffea000706d0a0 ffff8801da800c40 0000000000000000
[  108.935451] page dumped because: kasan: bad access detected
[  108.941135] 
[  108.942736] Memory state around the buggy address:
[  108.947641]  ffff8801c1662500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  108.954987]  ffff8801c1662580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  108.962319] >ffff8801c1662600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  108.969652]                                            ^
[  108.975075]  ffff8801c1662680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  108.982423]  ffff8801c1662700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  108.989770] ==================================================================
[  108.997113] Disabling lock debugging due to kernel taint
[  109.002694] Kernel panic - not syncing: panic_on_warn set ...
[  109.002694] 
[  109.010051] CPU: 1 PID: 7384 Comm: syz-executor4 Tainted: G    B           4.13.0-rc4-syzkaller #0
[  109.019136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  109.028482] Call Trace:
[  109.031059]  dump_stack+0x145/0x1e7
[  109.034704]  ? arch_local_irq_restore+0x43/0x43
[  109.039375]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  109.044136]  ? ccid2_hc_tx_packet_recv+0x2920/0x2991
[  109.049240]  panic+0x1a9/0x34e
[  109.052432]  ? add_taint.cold.5+0x11/0x11
[  109.056580]  ? ccid2_hc_tx_packet_recv+0x2920/0x2991
[  109.061682]  kasan_end_report+0x47/0x4f
[  109.065651]  kasan_report.cold.7+0x76/0x2da
[  109.069976]  __asan_report_load1_noabort+0x14/0x20
[  109.074901]  ccid2_hc_tx_packet_recv+0x2920/0x2991
[  109.079835]  ? __lock_is_held+0xb5/0x140
[  109.083898]  ? ccid2_hc_tx_rto_expire+0x630/0x630
[  109.088741]  ? kmem_cache_free+0x256/0x2c0
[  109.092966]  ? dccp_ackvec_clear_state+0x3c3/0x8e0
[  109.095481] FAULT_INJECTION: forcing a failure.
[  109.095481] name failslab, interval 1, probability 0, space 0, times 0
[  109.109042]  ? memset+0x31/0x40
[  109.112307]  ? dccp_ackvec_input+0x2d2/0x4a0
[  109.116695]  dccp_deliver_input_to_ccids+0x19f/0x210
[  109.121776]  dccp_rcv_established+0x49/0x70
[  109.126111]  dccp_v4_do_rcv+0xfa/0x160
[  109.129988]  __release_sock+0x10b/0x330
[  109.133960]  release_sock+0x9a/0x270
[  109.137648]  ? trace_hardirqs_on+0xd/0x10
[  109.141771]  ? __release_sock+0x330/0x330
[  109.145892]  ? dccp_qpolicy_top+0x67/0x80
[  109.150035]  ? dccp_write_xmit+0x3b/0x180
[  109.154159]  dccp_sendmsg+0x590/0xd10
[  109.157952]  ? lock_release+0x9d0/0x9d0
[  109.161920]  ? trace_event_raw_event_sched_switch+0x680/0x680
[  109.167801]  ? dccp_getsockopt+0xd0/0xd0
[  109.171843]  ? import_iovec+0x99/0x500
[  109.175711]  ? dup_iter+0x250/0x250
[  109.179328]  ? kasan_check_write+0x14/0x20
[  109.183550]  inet_sendmsg+0x148/0x5a0
[  109.187344]  ? copy_msghdr_from_user+0x2f7/0x5c0
[  109.192076]  ? rcu_pm_notify+0xc0/0xc0
[  109.195940]  ? inet_recvmsg+0x790/0x790
[  109.199891]  ? SYSC_sendto+0x6c0/0x6c0
[  109.203757]  ? inet_recvmsg+0x790/0x790
[  109.207704]  sock_sendmsg+0xb5/0xf0
[  109.211304]  ___sys_sendmsg+0x2b9/0x9d0
[  109.215259]  ? expand_files.part.8+0x900/0x900
[  109.219830]  ? trace_hardirqs_off+0x10/0x10
[  109.224126]  ? copy_msghdr_from_user+0x5c0/0x5c0
[  109.228878]  ? __fsnotify_update_child_dentry_flags.part.2+0x290/0x290
[  109.235534]  ? find_held_lock+0x36/0x1c0
[  109.239596]  ? lock_downgrade+0x830/0x830
[  109.243737]  ? get_pid_task+0x8f/0x100
[  109.247607]  ? trace_event_raw_event_sched_switch+0x680/0x680
[  109.253467]  ? __might_sleep+0x93/0xb0
[  109.257334]  __sys_sendmmsg+0x1b6/0x5c0
[  109.261308]  ? SyS_sendmsg+0x20/0x20
[  109.265014]  ? __lock_is_held+0xb5/0x140
[  109.269055]  ? __sb_end_write+0x8a/0xb0
[  109.273007]  ? mutex_unlock+0xd/0x10
[  109.276695]  ? __f_unlock_pos+0xd/0x10
[  109.280572]  ? entry_SYSCALL_64_fastpath+0x5/0xc2
[  109.285400]  ? trace_hardirqs_on_caller+0x40c/0x580
[  109.290402]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  109.295153]  SyS_sendmmsg+0xd/0x20
[  109.298681]  entry_SYSCALL_64_fastpath+0x23/0xc2
[  109.303417] RIP: 0033:0x455b59
[  109.306587] RSP: 002b:00007f0082bc6c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  109.314273] RAX: ffffffffffffffda RBX: 00007f0082bc76d4 RCX: 0000000000455b59
[  109.321523] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005
[  109.328768] RBP: 0000000000000082 R08: 0000000000000000 R09: 0000000000000000
[  109.336015] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004ba6fd
[  109.343261] R13: 00007f0082bc6bb8 R14: 00000000004ba6fd R15: 0000000000000000
[  109.350521] CPU: 0 PID: 7403 Comm: syz-executor1 Tainted: G    B           4.13.0-rc4-syzkaller #0
[  109.359604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  109.368934] Call Trace:
[  109.371592]  dump_stack+0x145/0x1e7
[  109.375191]  ? arch_local_irq_restore+0x43/0x43
[  109.379833]  ? unwind_dump+0x180/0x180
[  109.383696]  ? entry_SYSCALL_64_fastpath+0x23/0xc2
[  109.388602]  should_fail.cold.4+0xc/0x19
[  109.392638]  ? fault_create_debugfs_attr+0x1a0/0x1a0
[  109.397715]  ? lock_downgrade+0x830/0x830
[  109.401836]  ? lock_release+0x9d0/0x9d0
[  109.405783]  ? update_stack_state+0x670/0x670
[  109.410253]  ? update_stack_state+0x670/0x670
[  109.414727]  ? is_bpf_text_address+0x81/0xe0
[  109.419121]  ? __kernel_text_address+0x70/0xc0
[  109.423678]  ? unwind_get_return_address+0x61/0xa0
[  109.428583]  ? __save_stack_trace+0x7e/0xd0
[  109.432879]  ? trace_event_raw_event_sched_switch+0x680/0x680
[  109.438741]  ? save_stack+0xa9/0xd0
[  109.442340]  should_failslab+0xba/0xf0
[  109.446213]  kmem_cache_alloc_trace+0x2c1/0x770
[  109.450856]  ? dccp_sendmsg+0x590/0xd10
[  109.454803]  ? inet_sendmsg+0x148/0x5a0
[  109.458751]  ? sock_sendmsg+0xb5/0xf0
[  109.462527]  ? ___sys_sendmsg+0x2b9/0x9d0
[  109.466649]  ? __sys_sendmmsg+0x1b6/0x5c0
[  109.470782]  ? SyS_sendmmsg+0xd/0x20
[  109.474480]  ? entry_SYSCALL_64_fastpath+0x23/0xc2
[  109.479388]  dccp_feat_entry_new+0x1a4/0x4f0
[  109.483772]  ? dccp_feat_nn_get+0x310/0x310
[  109.488085]  ? skb_to_sgvec_nomark+0x10/0x10
[  109.492480]  dccp_feat_push_confirm+0x26/0x280
[  109.497049]  dccp_feat_parse_options+0x1079/0x1c80
[  109.501961]  ? kasan_unpoison_shadow+0x35/0x50
[  109.506523]  ? dccp_feat_server_ccid_dependencies+0x1f0/0x1f0
[  109.512383]  ? kmem_cache_alloc_trace+0x30e/0x770
[  109.517214]  ? mod_timer_pending+0x10f0/0x10f0
[  109.521771]  ? ip_fragment.constprop.49+0x210/0x210
[  109.526777]  ? skb_send_sock+0x50/0x50
[  109.530683]  ? dccp_ackvec_parsed_add+0x168/0x300
[  109.535508]  ? dccp_ackvec_purge_records+0x1d0/0x1d0
[  109.540591]  ? dccp_ackvec_update_records+0x2ef/0x500
[  109.545768]  dccp_parse_options+0x857/0x1050
[  109.550161]  dccp_rcv_established+0x23/0x70
[  109.554459]  dccp_v4_do_rcv+0xfa/0x160
[  109.558333]  __release_sock+0x10b/0x330
[  109.562288]  release_sock+0x9a/0x270
[  109.565976]  ? trace_hardirqs_on+0xd/0x10
[  109.570100]  ? __release_sock+0x330/0x330
[  109.574223]  ? dccp_qpolicy_top+0x67/0x80
[  109.578346]  ? dccp_write_xmit+0x3b/0x180
[  109.582470]  dccp_sendmsg+0x590/0xd10
[  109.586245]  ? lock_release+0x9d0/0x9d0
[  109.590194]  ? trace_event_raw_event_sched_switch+0x680/0x680
[  109.596053]  ? dccp_getsockopt+0xd0/0xd0
[  109.600088]  ? import_iovec+0x99/0x500
[  109.603952]  ? dup_iter+0x250/0x250
[  109.607555]  ? kasan_check_write+0x14/0x20
[  109.611766]  inet_sendmsg+0x148/0x5a0
[  109.615543]  ? copy_msghdr_from_user+0x2f7/0x5c0
[  109.620284]  ? inet_recvmsg+0x790/0x790
[  109.624238]  ? SYSC_sendto+0x6c0/0x6c0
[  109.628105]  ? inet_recvmsg+0x790/0x790
[  109.632056]  sock_sendmsg+0xb5/0xf0
[  109.635659]  ___sys_sendmsg+0x2b9/0x9d0
[  109.639613]  ? expand_files.part.8+0x900/0x900
[  109.644168]  ? copy_msghdr_from_user+0x5c0/0x5c0
[  109.648898]  ? __fsnotify_update_child_dentry_flags.part.2+0x290/0x290
[  109.655542]  ? pid_task+0xbe/0x160
[  109.659059]  ? lock_acquire+0x1dc/0x520
[  109.663008]  ? __might_fault+0xf1/0x1b0
[  109.666956]  ? lock_downgrade+0x830/0x830
[  109.671079]  ? get_pid_task+0x8f/0x100
[  109.674945]  ? lock_release+0x9d0/0x9d0
[  109.678896]  ? trace_event_raw_event_sched_switch+0x680/0x680
[  109.684762]  ? vm_insert_mixed+0x270/0x270
[  109.688976]  ? trace_event_raw_event_sched_switch+0x680/0x680
[  109.694834]  ? __might_sleep+0x93/0xb0
[  109.698698]  __sys_sendmmsg+0x1b6/0x5c0
[  109.702648]  ? SyS_sendmsg+0x20/0x20
[  109.706337]  ? fsnotify+0x1b30/0x1b30
[  109.710115]  ? __might_sleep+0x93/0xb0
[  109.713978]  ? __sb_end_write+0x8a/0xb0
[  109.717931]  ? mutex_unlock+0xd/0x10
[  109.721622]  ? __f_unlock_pos+0xd/0x10
[  109.725484]  ? SyS_write+0x199/0x240
[  109.729179]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  109.733908]  SyS_sendmmsg+0xd/0x20
[  109.737437]  entry_SYSCALL_64_fastpath+0x23/0xc2
[  109.742171] RIP: 0033:0x455b59
[  109.745347] RSP: 002b:00007f017ae77c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  109.753041] RAX: ffffffffffffffda RBX: 00007f017ae786d4 RCX: 0000000000455b59
[  109.760287] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005
[  109.767534] RBP: 00007f017ae77a80 R08: 0000000000000000 R09: 0000000000000000
[  109.774781] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004ba6fd
[  109.782026] R13: 00007f017ae77bb8 R14: 00000000004ba6fd R15: 0000000000000000
[  109.789988] Kernel Offset: disabled
[  109.793722] Rebooting in 86400 seconds..