[info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.113' (ECDSA) to the list of known hosts. 2019/09/23 12:32:35 fuzzer started 2019/09/23 12:32:37 dialing manager at 10.128.0.105:39541 2019/09/23 12:32:37 syscalls: 2425 2019/09/23 12:32:37 code coverage: CONFIG_KCOV is not enabled 2019/09/23 12:32:37 comparison tracing: CONFIG_KCOV is not enabled 2019/09/23 12:32:37 extra coverage: CONFIG_KCOV is not enabled 2019/09/23 12:32:37 setuid sandbox: enabled 2019/09/23 12:32:37 namespace sandbox: enabled 2019/09/23 12:32:37 Android sandbox: /sys/fs/selinux/policy does not exist 2019/09/23 12:32:37 fault injection: kernel does not have systematic fault injection support 2019/09/23 12:32:37 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/09/23 12:32:37 net packet injection: enabled 2019/09/23 12:32:37 net device setup: enabled 12:32:38 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x31, 0x31, 0x2, [@func, @volatile, @datasec={0x0, 0x1, 0x0, 0xf, 0x1, [{}], "c2"}]}}, 0x0, 0x4e}, 0x20) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {0x0, @dev}, 0x0, {0x2, 0x0, @broadcast}, 'sit0\x00'}) 12:32:38 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000740)='/gro<#\xfbW\xe6\xc6\x0f\x1fKE\xb7M\x99\x9a\x9a\a\xd2\x8f(.\xf6\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e\xab\x8d\xed\xa6\\\x1c\xc3\x97\x94\xf6\xe0.+\xe3\x89\xde\x139E\xa3\x85\xbd\x81\xe9\xbd\xee\xee\x03\x00\x00\x00\x00\x00\x00\x00[T\x15v$\xc5\xbc\x11N\t\x9ej5)\x00\x00\x009\x8c4\xc4\x88C\xa2B\x8b\x81\v\xea\t\xf0\x8fw\a\f\x15\xe2\xd0q\xbb\t\xbf\x85\x98~\v\xd8D\xab9(\xf6.\x15\xcd2-\xf2\xc4\xd8\x00a\xd5\xd9\xb5Z\xd7\xb4\xac\x1d_+k\xd6\x8ag\xdceHE\xd5\x1c\x8a\xbd#\xcc\x82\xc2\xc2(\xb6\xe1\x99p\x9b\xa3D\xd2\x91\x96\xef\x05\fv\x16\x14\xcc\xea\x9d\x11w\x1e\xb5VG\x9ad\x9a`=^h\x8c8\xc9\"\x1eO\xb5vk\xc9\v\x17\x95\xf7\x19\x99\x99\x92\xc3\xc0\x8a\x18\xc7\"g\xd7B\x8f\x85\x18\xf3\x02\xa7\xb6\x83\x92\xefY\xef\x85\x92\x10E\x18\xbc\xacy\xd6\xa7Wh\xcd\xd0\xfa\xcc\x01\xeb\xdf\xad\xfd\xb0\xee\xfb\xc2(\x8cj\xd0uj{4\xb2\xe1p\x88u6\x9a;\xaa\x9f+J\x9e\xe3\xcc\xc7O\xad\x84\x8c;\x92~,\x15\xb2\x97\f~\xa0W\x16\x8b\a\x88\xaa\xe4C\xaf\x90\xdf\x7f\xe51\x00/n\xb5f\x1a\x8c+\xea<\xe3N@\x9e\xec\xbe{\x90x\xc6\xd7\xeeI\x1d\xcbY\xe1\x01\xd2d\xae\xd1(>\xa3\xa9\x93\x16\xc6G\x94|\x00\x00\x00\x00\x00\x00\x00\x00\x91\x00+/pF\xfa]\xc4\xb3\xfc~\x13\xc3\x8aV\xa5\n\xe9H\xad\xf5\xa7{\x90\b\x9bb\xb8gY\xdb', 0x2761, 0x0) write$cgroup_pid(r0, &(0x7f0000000080), 0xfffffe38) fsetxattr$security_evm(r0, &(0x7f0000000100)='security.evm\x00', 0x0, 0x0, 0x0) sendmsg$unix(0xffffffffffffffff, 0x0, 0x0) setregid(0x0, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x2000) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f00000000c0)=0xc) 12:32:38 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x0, 0x8d}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) ptrace$getenv(0x4201, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000)) ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, &(0x7f0000000080)={0x0}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000180)={r1, 0x80000}) r2 = socket$inet(0x10, 0x3, 0xc) sendmsg(r2, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc000"/76, 0x4c}], 0x1}, 0x0) write(0xffffffffffffffff, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="8feb9a88", @ANYRES16=0x0, @ANYBLOB="000000000000fddbdf250500000004000600300004002c000700080002008000000008000100000000000800020007000000080001000000000008000400010000000800060004000200"], 0x50}, 0x1, 0x0, 0x0, 0x1}, 0x0) ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {0x0, @dev}, 0x0, {0x2, 0x0, @broadcast}, 'sit0\x00'}) shmctl$IPC_RMID(0x0, 0x0) 12:32:38 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x28000200) 12:32:38 executing program 3: setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@local, @in=@multicast1}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1, 0x0, 0x32}, 0x0, @in6}}, 0xe8) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$loop(&(0x7f00000002c0)='/dev/loop#\x00', 0x0, 0x82) accept4(0xffffffffffffffff, &(0x7f0000000200)=@vsock={0x28, 0x0, 0x0, @my}, &(0x7f0000000000)=0x80, 0x80000) r1 = memfd_create(&(0x7f0000000100)='t\bnu\x00\x00\x00\x00\x85nG\x13g\xa6\x05', 0x0) pwritev(r1, &(0x7f0000000340)=[{&(0x7f0000000040)='\'', 0x1}], 0x1, 0x81805) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) syz_open_procfs(0x0, 0x0) sendfile(r1, r0, 0x0, 0x20002000005) ioctl$LOOP_CLR_FD(r0, 0x4c01) 12:32:38 executing program 4: mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000002, 0x10, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000006000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000ff6000/0x4000)=nil) socket$inet_tcp(0x2, 0x1, 0x0) socket$key(0xf, 0x3, 0x2) r0 = perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) bind$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x0, @multicast1}, 0x10) ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, &(0x7f0000000000)={0x0}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={r2, 0xc0000}) r3 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000280)={{}, {}, [], {}, [{0x8, 0x2, r4}, {0x8, 0x0, r4}], {0x10, 0x6}}, 0x34, 0x0) stat(&(0x7f00000000c0)='./file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r6 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000280)={{}, {}, [], {}, [{0x8, 0x2, r7}, {0x8, 0x0, r7}], {0x10, 0x6}}, 0x34, 0x0) setgroups(0x4, &(0x7f0000000100)=[r4, r5, r7, 0xee00]) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) r8 = dup2(0xffffffffffffffff, 0xffffffffffffffff) inotify_init() write$UHID_GET_REPORT_REPLY(r8, &(0x7f0000000080), 0xa) write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x0) getsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, 0x0, &(0x7f0000000340)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) connect$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, {0x0, 0x1000000000002, 0x100, 0x7ff, 0x5}, 0x0, 0x4}, 0xe) inotify_init1(0x80000) get_robust_list(0x0, 0x0, &(0x7f0000000200)) syzkaller login: [ 36.297860] IPv6: ADDRCONF(NETDEV_CHANGE): nr0: link becomes ready [ 36.307868] IPv6: ADDRCONF(NETDEV_CHANGE): nr2: link becomes ready [ 36.308946] IPVS: Creating netns size=2712 id=1 [ 36.308958] IPVS: ftp: loaded support on port[0] = 21 [ 36.324465] IPv6: ADDRCONF(NETDEV_CHANGE): nr5: link becomes ready [ 36.334604] IPv6: ADDRCONF(NETDEV_CHANGE): nr3: link becomes ready [ 36.341766] IPv6: ADDRCONF(NETDEV_CHANGE): nr1: link becomes ready [ 36.348203] IPv6: ADDRCONF(NETDEV_CHANGE): nr4: link becomes ready [ 36.356418] IPVS: Creating netns size=2712 id=2 [ 36.361170] IPVS: ftp: loaded support on port[0] = 21 [ 36.378169] chnl_net:caif_netlink_parms(): no params data found [ 36.385132] ------------[ cut here ]------------ [ 36.389950] WARNING: CPU: 1 PID: 5683 at net/batman-adv/main.c:750 batadv_tvlv_container_remove+0x7b/0x80() [ 36.399883] Kernel panic - not syncing: panic_on_warn set ... [ 36.399883] [ 36.407303] CPU: 1 PID: 5683 Comm: syz-executor.0 Not tainted 4.4.194 #0 [ 36.414111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 36.423437] 0000000000000082 ffff8800ac8a3870 ffffffff818a6f22 0000000000000000 [ 36.431446] ffffffff82e96378 ffffffff8300ac2f ffff8800ac8a38e8 ffffffff8126f9bc [ 36.439443] ffff880000000008 ffff8800ac8a38f8 ffff8800ac8a3898 ffffffff81274e1f [ 36.447424] Call Trace: [ 36.449998] [] dump_stack+0xa1/0xdf [ 36.455245] [] panic+0xd2/0x225 [ 36.460143] [] ? printk+0x48/0x4a [ 36.465217] [] warn_slowpath_common.cold+0x16/0x16 [ 36.471767] [] warn_slowpath_null+0x15/0x20 [ 36.477711] [] batadv_tvlv_container_remove+0x7b/0x80 [ 36.484520] [] batadv_tvlv_container_register+0xb3/0x120 [ 36.491588] [] batadv_dat_tvlv_container_update+0x26/0x40 [ 36.498744] [] batadv_dat_init+0x6a/0x80 [ 36.504425] [] batadv_mesh_init+0x239/0x290 [ 36.510365] [] batadv_softif_init_late+0x271/0x2c0 [ 36.516924] [] register_netdevice+0xfa/0x450 [ 36.522953] [] rtnl_newlink+0x8a5/0x910 [ 36.528559] [] ? rtnl_newlink+0x17d/0x910 [ 36.534332] [] rtnetlink_rcv_msg+0x170/0x1e0 [ 36.540404] [] ? trace_hardirqs_on+0xd/0x10 [ 36.546368] [] ? mutex_lock_nested+0x30a/0x5a0 [ 36.552571] [] ? rtnetlink_rcv+0x17/0x30 [ 36.558252] [] ? rtnetlink_rcv+0x30/0x30 [ 36.563934] [] netlink_rcv_skb+0x31/0xc0 [ 36.569612] [] rtnetlink_rcv+0x26/0x30 [ 36.575121] [] netlink_unicast+0x168/0x210 [ 36.580997] [] netlink_sendmsg+0x1f1/0x390 [ 36.586852] [] sock_sendmsg+0x35/0x40 [ 36.592285] [] SYSC_sendto+0xed/0x160 [ 36.597719] [] ? sock_alloc_file+0x8c/0x120 [ 36.603663] [] ? fd_install+0x22/0x30 [ 36.609083] [] ? lockdep_sys_exit_thunk+0x12/0x14 [ 36.615544] [] SyS_sendto+0x9/0x10 [ 36.620705] [] entry_SYSCALL_64_fastpath+0x1c/0x7c [ 36.628766] Kernel Offset: disabled [ 36.632402] Rebooting in 86400 seconds..