Warning: Permanently added '10.128.0.5' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   60.028657][ T6833] IPVS: ftp: loaded support on port[0] = 21
[   60.065962][ T6833] ==================================================================
[   60.074126][ T6833] BUG: KASAN: slab-out-of-bounds in __xfrm6_tunnel_spi_lookup+0x3a9/0x3b0
[   60.082602][ T6833] Read of size 8 at addr ffff888094e43628 by task syz-executor155/6833
[   60.090821][ T6833] CPU: 1 PID: 6833 Comm: syz-executor155 Not tainted 5.8.0-rc5-next-20200714-syzkaller #0
[   60.100681][ T6833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   60.110719][ T6833] Call Trace:
[   60.113997][ T6833]  dump_stack+0x18f/0x20d
[   60.118308][ T6833]  ? __xfrm6_tunnel_spi_lookup+0x3a9/0x3b0
[   60.124097][ T6833]  ? __xfrm6_tunnel_spi_lookup+0x3a9/0x3b0
[   60.129901][ T6833]  print_address_description.constprop.0.cold+0xae/0x497
[   60.136913][ T6833]  ? __xfrm6_tunnel_spi_lookup+0x142/0x3b0
[   60.142725][ T6833]  ? lockdep_hardirqs_off+0x66/0xa0
[   60.147905][ T6833]  ? vprintk_func+0x97/0x1a6
[   60.152487][ T6833]  ? __xfrm6_tunnel_spi_lookup+0x3a9/0x3b0
[   60.158274][ T6833]  ? __xfrm6_tunnel_spi_lookup+0x3a9/0x3b0
[   60.164057][ T6833]  kasan_report.cold+0x1f/0x37
[   60.168802][ T6833]  ? __xfrm6_tunnel_spi_lookup+0x3a9/0x3b0
[   60.174588][ T6833]  __xfrm6_tunnel_spi_lookup+0x3a9/0x3b0
[   60.180200][ T6833]  xfrm6_tunnel_spi_lookup+0x8a/0x1d0
[   60.185551][ T6833]  xfrmi6_rcv_tunnel+0xb9/0x100
[   60.190379][ T6833]  tunnel46_rcv+0xef/0x2b0
[   60.194773][ T6833]  ip6_protocol_deliver_rcu+0x2e8/0x1670
[   60.200389][ T6833]  ip6_input_finish+0x7f/0x160
[   60.205126][ T6833]  ip6_input+0x9c/0xd0
[   60.209173][ T6833]  ipv6_rcv+0x28e/0x3c0
[   60.213307][ T6833]  ? ip6_rcv_core+0x1bb0/0x1bb0
[   60.218136][ T6833]  __netif_receive_skb_one_core+0x114/0x180
[   60.224016][ T6833]  ? __netif_receive_skb_core+0x3690/0x3690
[   60.229886][ T6833]  ? lockdep_hardirqs_on+0x6a/0xe0
[   60.234977][ T6833]  ? read_seqcount_begin.constprop.0+0x139/0x1f0
[   60.241280][ T6833]  ? ktime_get_with_offset+0x130/0x1a0
[   60.246719][ T6833]  __netif_receive_skb+0x27/0x1c0
[   60.251826][ T6833]  netif_receive_skb+0x159/0x990
[   60.256741][ T6833]  ? __netif_receive_skb+0x1c0/0x1c0
[   60.262005][ T6833]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[   60.267958][ T6833]  ? skb_set_owner_w+0x24e/0x400
[   60.273568][ T6833]  ? __tun_build_skb+0x1cd/0x260
[   60.278483][ T6833]  tun_rx_batched.isra.0+0x460/0x720
[   60.283752][ T6833]  ? tun_get_user+0x197f/0x35b0
[   60.288580][ T6833]  ? tun_sock_write_space+0x1d0/0x1d0
[   60.293927][ T6833]  ? lock_release+0x8d0/0x8d0
[   60.298580][ T6833]  ? lock_downgrade+0x820/0x820
[   60.303407][ T6833]  ? eth_type_trans+0x360/0x690
[   60.308233][ T6833]  ? __local_bh_enable_ip+0x159/0x250
[   60.313582][ T6833]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[   60.319535][ T6833]  ? tun_get_user+0x231f/0x35b0
[   60.324376][ T6833]  ? trace_hardirqs_on+0x5f/0x220
[   60.329390][ T6833]  tun_get_user+0x23b2/0x35b0
[   60.334049][ T6833]  ? lock_acquire+0x1f1/0xad0
[   60.338699][ T6833]  ? tun_build_skb+0xf30/0xf30
[   60.343440][ T6833]  ? tun_get+0x160/0x280
[   60.347681][ T6833]  ? aa_file_perm+0x5e2/0x1100
[   60.352439][ T6833]  tun_chr_write_iter+0xba/0x151
[   60.357354][ T6833]  new_sync_write+0x422/0x650
[   60.362010][ T6833]  ? new_sync_read+0x6e0/0x6e0
[   60.366769][ T6833]  ? apparmor_file_permission+0x26e/0x4e0
[   60.372468][ T6833]  ? __up_read+0x1a1/0x7b0
[   60.376870][ T6833]  vfs_write+0x59d/0x6b0
[   60.381094][ T6833]  ksys_write+0x12d/0x250
[   60.385424][ T6833]  ? __ia32_sys_read+0xb0/0xb0
[   60.390166][ T6833]  ? lock_is_held_type+0xb0/0xe0
[   60.395083][ T6833]  ? do_syscall_64+0x1c/0xe0
[   60.399657][ T6833]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[   60.405620][ T6833]  do_syscall_64+0x60/0xe0
[   60.410019][ T6833]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   60.415892][ T6833] RIP: 0033:0x401650
[   60.419757][ T6833] Code: Bad RIP value.
[   60.423811][ T6833] RSP: 002b:00007fffa8ce24f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   60.432207][ T6833] RAX: ffffffffffffffda RBX: 00007fffa8ce2500 RCX: 0000000000401650
[   60.440162][ T6833] RDX: 000000000000004a RSI: 0000000020000340 RDI: 00000000000000f0
[   60.448140][ T6833] RBP: 00007fffa8ce2510 R08: 0000000000000000 R09: 0000000000000000
[   60.456090][ T6833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[   60.464038][ T6833] R13: 00007fffa8ce2508 R14: 0000000000000000 R15: 0000000000000000
[   60.472007][ T6833] Allocated by task 6833:
[   60.476314][ T6833]  kasan_save_stack+0x1b/0x40
[   60.480964][ T6833]  __kasan_kmalloc.constprop.0+0xbf/0xd0
[   60.486600][ T6833]  kvmalloc_node+0x61/0xf0
[   60.490991][ T6833]  alloc_netdev_mqs+0x6eb/0xdc0
[   60.495818][ T6833]  ip6gre_init_net+0x1e3/0x610
[   60.500777][ T6833]  ops_init+0xaf/0x470
[   60.504822][ T6833]  setup_net+0x2d8/0x850
[   60.509063][ T6833]  copy_net_ns+0x2cf/0x5e0
[   60.513464][ T6833]  create_new_namespaces+0x3f6/0xb10
[   60.518735][ T6833]  unshare_nsproxy_namespaces+0xbd/0x1f0
[   60.524344][ T6833]  ksys_unshare+0x445/0x8e0
[   60.528834][ T6833]  __x64_sys_unshare+0x2d/0x40
[   60.533574][ T6833]  do_syscall_64+0x60/0xe0
[   60.537965][ T6833]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   60.543851][ T6833] The buggy address belongs to the object at ffff888094e43400
[   60.543851][ T6833]  which belongs to the cache kmalloc-512 of size 512
[   60.557891][ T6833] The buggy address is located 40 bytes to the right of
[   60.557891][ T6833]  512-byte region [ffff888094e43400, ffff888094e43600)
[   60.571569][ T6833] The buggy address belongs to the page:
[   60.577179][ T6833] page:000000001d3e0bbb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x94e43
[   60.587306][ T6833] flags: 0xfffe0000000200(slab)
[   60.592137][ T6833] raw: 00fffe0000000200 ffffea000289b448 ffffea00028d4b48 ffff8880aa000600
[   60.600699][ T6833] raw: 0000000000000000 ffff888094e43000 0000000100000004 0000000000000000
[   60.609250][ T6833] page dumped because: kasan: bad access detected
[   60.615635][ T6833] Memory state around the buggy address:
[   60.621240][ T6833]  ffff888094e43500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   60.629285][ T6833]  ffff888094e43580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   60.637320][ T6833] >ffff888094e43600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   60.645352][ T6833]                                   ^
[   60.650713][ T6833]  ffff888094e43680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   60.658747][ T6833]  ffff888094e43700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   60.666779][ T6833] ==================================================================
[   60.674824][ T6833] Disabling lock debugging due to kernel taint
[   60.681029][ T6833] Kernel panic - not syncing: panic_on_warn set ...
[   60.687620][ T6833] CPU: 1 PID: 6833 Comm: syz-executor155 Tainted: G    B             5.8.0-rc5-next-20200714-syzkaller #0
[   60.698885][ T6833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   60.709024][ T6833] Call Trace:
[   60.712316][ T6833]  dump_stack+0x18f/0x20d
[   60.716642][ T6833]  ? __xfrm6_tunnel_spi_lookup+0x330/0x3b0
[   60.722425][ T6833]  panic+0x2e3/0x75c
[   60.726295][ T6833]  ? __warn_printk+0xf3/0xf3
[   60.730859][ T6833]  ? asm_common_interrupt+0x1e/0x40
[   60.736052][ T6833]  ? trace_hardirqs_on+0x55/0x220
[   60.741053][ T6833]  ? __xfrm6_tunnel_spi_lookup+0x3a9/0x3b0
[   60.746845][ T6833]  ? __xfrm6_tunnel_spi_lookup+0x3a9/0x3b0
[   60.752625][ T6833]  end_report+0x4d/0x53
[   60.756754][ T6833]  kasan_report.cold+0xd/0x37
[   60.761408][ T6833]  ? __xfrm6_tunnel_spi_lookup+0x3a9/0x3b0
[   60.767188][ T6833]  __xfrm6_tunnel_spi_lookup+0x3a9/0x3b0
[   60.772801][ T6833]  xfrm6_tunnel_spi_lookup+0x8a/0x1d0
[   60.778144][ T6833]  xfrmi6_rcv_tunnel+0xb9/0x100
[   60.782968][ T6833]  tunnel46_rcv+0xef/0x2b0
[   60.787355][ T6833]  ip6_protocol_deliver_rcu+0x2e8/0x1670
[   60.792961][ T6833]  ip6_input_finish+0x7f/0x160
[   60.797695][ T6833]  ip6_input+0x9c/0xd0
[   60.801739][ T6833]  ipv6_rcv+0x28e/0x3c0
[   60.805869][ T6833]  ? ip6_rcv_core+0x1bb0/0x1bb0
[   60.810693][ T6833]  __netif_receive_skb_one_core+0x114/0x180
[   60.816559][ T6833]  ? __netif_receive_skb_core+0x3690/0x3690
[   60.822425][ T6833]  ? lockdep_hardirqs_on+0x6a/0xe0
[   60.827512][ T6833]  ? read_seqcount_begin.constprop.0+0x139/0x1f0
[   60.833809][ T6833]  ? ktime_get_with_offset+0x130/0x1a0
[   60.839239][ T6833]  __netif_receive_skb+0x27/0x1c0
[   60.844249][ T6833]  netif_receive_skb+0x159/0x990
[   60.849159][ T6833]  ? __netif_receive_skb+0x1c0/0x1c0
[   60.854592][ T6833]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[   60.860544][ T6833]  ? skb_set_owner_w+0x24e/0x400
[   60.865453][ T6833]  ? __tun_build_skb+0x1cd/0x260
[   60.870364][ T6833]  tun_rx_batched.isra.0+0x460/0x720
[   60.875622][ T6833]  ? tun_get_user+0x197f/0x35b0
[   60.880441][ T6833]  ? tun_sock_write_space+0x1d0/0x1d0
[   60.885785][ T6833]  ? lock_release+0x8d0/0x8d0
[   60.890437][ T6833]  ? lock_downgrade+0x820/0x820
[   60.895259][ T6833]  ? eth_type_trans+0x360/0x690
[   60.900169][ T6833]  ? __local_bh_enable_ip+0x159/0x250
[   60.905601][ T6833]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[   60.911553][ T6833]  ? tun_get_user+0x231f/0x35b0
[   60.916375][ T6833]  ? trace_hardirqs_on+0x5f/0x220
[   60.921373][ T6833]  tun_get_user+0x23b2/0x35b0
[   60.926031][ T6833]  ? lock_acquire+0x1f1/0xad0
[   60.930699][ T6833]  ? tun_build_skb+0xf30/0xf30
[   60.935433][ T6833]  ? tun_get+0x160/0x280
[   60.939648][ T6833]  ? aa_file_perm+0x5e2/0x1100
[   60.944387][ T6833]  tun_chr_write_iter+0xba/0x151
[   60.949298][ T6833]  new_sync_write+0x422/0x650
[   60.954053][ T6833]  ? new_sync_read+0x6e0/0x6e0
[   60.958792][ T6833]  ? apparmor_file_permission+0x26e/0x4e0
[   60.964485][ T6833]  ? __up_read+0x1a1/0x7b0
[   60.968874][ T6833]  vfs_write+0x59d/0x6b0
[   60.973091][ T6833]  ksys_write+0x12d/0x250
[   60.977406][ T6833]  ? __ia32_sys_read+0xb0/0xb0
[   60.982141][ T6833]  ? lock_is_held_type+0xb0/0xe0
[   60.987070][ T6833]  ? do_syscall_64+0x1c/0xe0
[   60.991633][ T6833]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[   60.997586][ T6833]  do_syscall_64+0x60/0xe0
[   61.001976][ T6833]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   61.007840][ T6833] RIP: 0033:0x401650
[   61.011701][ T6833] Code: Bad RIP value.
[   61.015737][ T6833] RSP: 002b:00007fffa8ce24f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   61.024124][ T6833] RAX: ffffffffffffffda RBX: 00007fffa8ce2500 RCX: 0000000000401650
[   61.032069][ T6833] RDX: 000000000000004a RSI: 0000000020000340 RDI: 00000000000000f0
[   61.040013][ T6833] RBP: 00007fffa8ce2510 R08: 0000000000000000 R09: 0000000000000000
[   61.047957][ T6833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[   61.055901][ T6833] R13: 00007fffa8ce2508 R14: 0000000000000000 R15: 0000000000000000
[   61.065150][ T6833] Kernel Offset: disabled
[   61.069468][ T6833] Rebooting in 86400 seconds..