Warning: Permanently added '10.128.1.48' (ECDSA) to the list of known hosts.
2019/06/04 05:22:58 fuzzer started
[   55.606636] audit: type=1400 audit(1559625778.126:36): avc:  denied  { map } for  pid=7829 comm="syz-fuzzer" path="/root/syz-fuzzer" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
2019/06/04 05:23:01 dialing manager at 10.128.0.105:38735
2019/06/04 05:23:01 syscalls: 2460
2019/06/04 05:23:01 code coverage: enabled
2019/06/04 05:23:01 comparison tracing: enabled
2019/06/04 05:23:01 extra coverage: extra coverage is not supported by the kernel
2019/06/04 05:23:01 setuid sandbox: enabled
2019/06/04 05:23:01 namespace sandbox: enabled
2019/06/04 05:23:01 Android sandbox: /sys/fs/selinux/policy does not exist
2019/06/04 05:23:01 fault injection: enabled
2019/06/04 05:23:01 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/06/04 05:23:01 net packet injection: enabled
2019/06/04 05:23:01 net device setup: enabled
05:23:04 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r0, &(0x7f0000000140), 0x10)

[   61.992730] audit: type=1400 audit(1559625784.506:37): avc:  denied  { map } for  pid=7847 comm="syz-executor.0" path="/sys/kernel/debug/kcov" dev="debugfs" ino=14341 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1
[   62.088600] IPVS: ftp: loaded support on port[0] = 21
[   62.098697] NET: Registered protocol family 30
[   62.103827] Failed to register TIPC socket type
05:23:04 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0xa)
writev(r0, &(0x7f0000e11ff0)=[{&(0x7f00000001c0)="580000001400add427323b470c458c560a067fffffff81004e22000000050028925aa80000000000000080000efffeffe809000000fff5dd0000001000020000000000000000cfb193e7ee00"/88, 0x58}], 0x1)

[   62.371476] IPVS: ftp: loaded support on port[0] = 21
[   62.381069] NET: Registered protocol family 30
[   62.385802] Failed to register TIPC socket type
05:23:05 executing program 2:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000040)=0x74, 0x4)
bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000680)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='vegas\x00', 0xfdf7)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000080), 0x4)
write$binfmt_elf64(r0, &(0x7f00000006c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}], "", [[]]}, 0x178)

[   62.840920] IPVS: ftp: loaded support on port[0] = 21
[   62.857621] NET: Registered protocol family 30
[   62.862362] Failed to register TIPC socket type
05:23:05 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x80001000008912, &(0x7f0000000000)="0adc1f123c123f319bd070")
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self\x00', 0x0, 0x0)

[   63.398941] IPVS: ftp: loaded support on port[0] = 21
[   63.417711] NET: Registered protocol family 30
[   63.422344] Failed to register TIPC socket type
05:23:06 executing program 4:
bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xb, 0x0, 0x0, 0x5, 0x1}, 0x2c)

[   64.166085] IPVS: ftp: loaded support on port[0] = 21
[   64.186276] NET: Registered protocol family 30
[   64.190904] Failed to register TIPC socket type
[   64.928623] chnl_net:caif_netlink_parms(): no params data found
[   65.354874] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.361693] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.405317] device bridge_slave_0 entered promiscuous mode
[   65.485023] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.491567] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.565008] device bridge_slave_1 entered promiscuous mode
[   66.042093] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   66.340273] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   66.953628] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   67.095450] team0: Port device team_slave_0 added
[   67.266019] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   67.424955] team0: Port device team_slave_1 added
[   67.632289] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   67.836995] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
05:23:11 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
io_setup(0xa7e7, &(0x7f0000000580))

[   68.600186] device hsr_slave_0 entered promiscuous mode
[   69.128301] device hsr_slave_1 entered promiscuous mode
[   69.699149] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   70.269407] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   70.531711] IPVS: ftp: loaded support on port[0] = 21
[   70.888232] NET: Registered protocol family 30
[   70.892871] Failed to register TIPC socket type
[   70.923641] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   71.679117] IPVS: ftp: loaded support on port[0] = 21
[   71.904212] NET: Registered protocol family 30
[   71.908900] Failed to register TIPC socket type
[   71.944261] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.170794] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   72.421228] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   72.573127] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   72.625744] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   72.735698] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   72.884665] 8021q: adding VLAN 0 to HW filter on device team0
[   73.065741] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   73.072837] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   73.124600] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   73.185737] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.192306] bridge0: port 1(bridge_slave_0) entered forwarding state
[   73.399217] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   73.520200] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   73.533727] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   73.713778] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   73.793247] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.800018] bridge0: port 2(bridge_slave_1) entered forwarding state
[   73.989902] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   74.133685] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   74.264604] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   74.271654] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   74.521266] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   74.634099] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   74.642486] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   74.808504] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   74.925714] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   74.935026] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   75.041336] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   75.164273] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
[   75.310362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   75.348817] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   75.445370] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
[   75.598256] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   75.614609] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   75.638118] IPVS: ftp: loaded support on port[0] = 21
[   75.684577] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[   75.690883] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   75.804987] NET: Registered protocol family 30
[   75.809633] Failed to register TIPC socket type
[   75.964172] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[   76.215101] 8021q: adding VLAN 0 to HW filter on device batadv0
[   76.425590] audit: type=1400 audit(1559625798.946:38): avc:  denied  { associate } for  pid=7848 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1
[   76.953489] hrtimer: interrupt took 34183 ns
[   81.750806] IPVS: ftp: loaded support on port[0] = 21
[   81.758142] IPVS: ftp: loaded support on port[0] = 21
[   81.775657] NET: Registered protocol family 30
[   81.775819] list_add double add: new=ffffffff892e7630, prev=ffffffff890f3140, next=ffffffff892e7630.
[   81.781517] Failed to register TIPC socket type
[   81.790232] ------------[ cut here ]------------
[   81.799625] kernel BUG at lib/list_debug.c:29!
[   81.804338] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[   81.809692] CPU: 0 PID: 8500 Comm: syz-executor.3 Not tainted 4.19.47 #19
[   81.816610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   81.826509] RIP: 0010:__list_add_valid.cold+0x26/0x3c
[   81.832034] Code: 56 ff ff ff 4c 89 e1 48 c7 c7 a0 ae 81 87 e8 d0 f3 30 fe 0f 0b 48 89 f2 4c 89 e1 4c 89 ee 48 c7 c7 e0 af 81 87 e8 b9 f3 30 fe <0f> 0b 48 89 f1 48 c7 c7 60 af 81 87 4c 89 e6 e8 a5 f3 30 fe 0f 0b
[   81.850936] RSP: 0018:ffff888072f67b88 EFLAGS: 00010282
[   81.856638] RAX: 0000000000000058 RBX: ffffffff892e74a0 RCX: 0000000000000000
[   81.863981] RDX: 0000000000000000 RSI: ffffffff81559f66 RDI: ffffed100e5ecf63
[   81.871379] RBP: ffff888072f67ba0 R08: 0000000000000058 R09: ffff8880983baa08
[   81.878642] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff892e7630
[   81.885918] R13: ffffffff892e7630 R14: ffffffff892e7630 R15: ffffffff892e75d0
[   81.893188] FS:  0000000001ca2940(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
[   81.901530] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   81.907415] CR2: 000000c4202bfe80 CR3: 00000000a658a000 CR4: 00000000001406f0
[   81.914782] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   81.922040] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   81.929308] Call Trace:
[   81.931914]  ? mutex_lock_nested+0x16/0x20
[   81.936425]  proto_register+0x459/0x8e0
[   81.940403]  tipc_socket_init+0x1c/0x70
[   81.944392]  tipc_init_net+0x2ed/0x570
[   81.948285]  ? tipc_exit_net+0x40/0x40
[   81.952159]  ops_init+0xb3/0x410
[   81.955513]  setup_net+0x2d3/0x740
[   81.959056]  ? ops_init+0x410/0x410
[   81.962682]  ? call_rwsem_down_read_failed_killable+0x18/0x30
[   81.968553]  copy_net_ns+0x1df/0x340
[   81.972277]  create_new_namespaces+0x400/0x7b0
[   81.976886]  unshare_nsproxy_namespaces+0xc2/0x200
[   81.981825]  ksys_unshare+0x440/0x980
[   81.985630]  ? walk_process_tree+0x2c0/0x2c0
[   81.990040]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   81.994804]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   82.000158]  ? do_syscall_64+0x26/0x620
[   82.016484]  ? lockdep_hardirqs_on+0x415/0x5d0
[   82.021064]  __x64_sys_unshare+0x31/0x40
[   82.025129]  do_syscall_64+0xfd/0x620
[   82.028917]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   82.034090] RIP: 0033:0x45bd47
[   82.037284] Code: 00 00 00 b8 63 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 1d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 10 01 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 fd 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00
[   82.056369] RSP: 002b:00007fff5f2da798 EFLAGS: 00000206 ORIG_RAX: 0000000000000110
[   82.064066] RAX: ffffffffffffffda RBX: 000000000075c9a8 RCX: 000000000045bd47
[   82.071350] RDX: 0000000000000000 RSI: 00007fff5f2da740 RDI: 0000000040000000
[   82.078692] RBP: 00000000000000f8 R08: 0000000000000000 R09: 0000000000000005
[   82.086078] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000075c9a8
[   82.093435] R13: 00007fff5f2daa08 R14: 0000000000000000 R15: 0000000000000000
[   82.100711] Modules linked in:
[   82.104426] ---[ end trace b750900fd1ef95c1 ]---
[   82.109591] RIP: 0010:__list_add_valid.cold+0x26/0x3c
[   82.114806] Code: 56 ff ff ff 4c 89 e1 48 c7 c7 a0 ae 81 87 e8 d0 f3 30 fe 0f 0b 48 89 f2 4c 89 e1 4c 89 ee 48 c7 c7 e0 af 81 87 e8 b9 f3 30 fe <0f> 0b 48 89 f1 48 c7 c7 60 af 81 87 4c 89 e6 e8 a5 f3 30 fe 0f 0b
[   82.133931] RSP: 0018:ffff888072f67b88 EFLAGS: 00010282
[   82.139408] RAX: 0000000000000058 RBX: ffffffff892e74a0 RCX: 0000000000000000
[   82.146721] RDX: 0000000000000000 RSI: ffffffff81559f66 RDI: ffffed100e5ecf63
[   82.154050] RBP: ffff888072f67ba0 R08: 0000000000000058 R09: ffff8880983baa08
[   82.161447] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff892e7630
[   82.168778] R13: ffffffff892e7630 R14: ffffffff892e7630 R15: ffffffff892e75d0
[   82.176204] FS:  0000000001ca2940(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
[   82.184511] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   82.190405] CR2: 000000c4202bfe80 CR3: 00000000a658a000 CR4: 00000000001406f0
[   82.197981] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   82.205322] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   82.212755] Kernel panic - not syncing: Fatal exception
[   82.219524] Kernel Offset: disabled
[   82.223672] Rebooting in 86400 seconds..