syzkaller login: [ 65.440831][ T38] audit: type=1400 audit(1575058240.659:41): avc: denied { map } for pid=7923 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '[localhost]:8088' (ECDSA) to the list of known hosts. [ 67.264547][ T38] audit: type=1400 audit(1575058242.479:42): avc: denied { map } for pid=7933 comm="syz-fuzzer" path="/syz-fuzzer" dev="sda1" ino=16525 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 2019/11/29 20:10:42 fuzzer started 2019/11/29 20:10:43 dialing manager at 10.0.2.10:40921 2019/11/29 20:10:43 syscalls: 2533 2019/11/29 20:10:43 code coverage: enabled 2019/11/29 20:10:43 comparison tracing: enabled 2019/11/29 20:10:43 extra coverage: extra coverage is not supported by the kernel 2019/11/29 20:10:43 setuid sandbox: enabled 2019/11/29 20:10:43 namespace sandbox: enabled 2019/11/29 20:10:43 Android sandbox: /sys/fs/selinux/policy does not exist 2019/11/29 20:10:43 fault injection: enabled 2019/11/29 20:10:43 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/11/29 20:10:43 net packet injection: enabled 2019/11/29 20:10:43 net device setup: enabled 2019/11/29 20:10:43 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2019/11/29 20:10:43 devlink PCI setup: PCI device 0000:00:10.0 is not available 20:10:51 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket(0x200000000000011, 0x803, 0x1000000080081) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'vcan0\x00', 0x0}) bind$packet(r0, &(0x7f0000000000)={0x11, 0x0, r1}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8), 0x71, 0x0) [ 76.231378][ T38] audit: type=1400 audit(1575058251.449:43): avc: denied { map } for pid=7955 comm="syz-executor.0" path="/sys/kernel/debug/kcov" dev="debugfs" ino=1100 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 20:10:51 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) close(r0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000e40)=ANY=[@ANYBLOB], 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuacBt.usage_user\r', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x0, 0x0, 0x3, 0x1}, 0x3c) setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000340)={0x0, 0x0}) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) r4 = socket$kcm(0xa, 0x6, 0x0) setsockopt$sock_attach_bpf(r4, 0x10d, 0x3, 0x0, 0x0) close(r2) setsockopt$sock_attach_bpf(r3, 0x10f, 0x87, &(0x7f0000000180), 0x127) sendmsg$tipc(r3, &(0x7f0000000500)={&(0x7f0000000280), 0x10, &(0x7f00000002c0)=[{&(0x7f0000001580)="276c5bd6f0db828036f59b152925d176a9e51a4722f8fd829657ff48969c3c5f309ceaf42e7b242b7fe4fa128061aec9827004000c31fd9e31cb1c79990c2b89045ea4dc3ad63a775c80850ea10827e8a40a6c8b5fa7cc514639bb99f13c6a3d0825a738a1a53433042c75230d368c95f8a0b5562b58ecf50fd78e5def7375cd62fb5728535bf371b2ffc7d8058398075e1d0a7a4451395c39f79c26b7287cebd130de7737e77714686b9d67d87a3cf8da02cc70fdc99c1a7c916ae542b9d5baaf1f9daa4fb845fd5d5cad2073a61ce51c345150f84b3900997296d55c7d394af17b01d445465ef377508a1a29a5d6b03b0da22c973f22814fb2a802d50fb1f051e7d95d53d598a0599ec79cd27123fa1d13b7996609d4548e81ef7b1e8de8f32593ef46c3081ab55929a3c1cb1fa28a485518391a76b7b80d5941aa42222cb6f25be29ebc938af75971ffffdd4dea114ac37f38e69cb670020a7448d99b7b5e3d09bcf2625c94d6599182ce9edb0bbfea111dae3b1c9d6cd3162ce0aaebcdcf22a8d29dca0d04ebf5944168f398c500915579070586dff7a2ec6d345d1f69a8c749740aea0dbb2d30c9f7e3afd498a886c906fe09a83322d8e94b3ebe288ec1601e6a16122fa44191b6b3f5315eb0b35cb628540438919b906502eeb7cacc7d15753e456b056e6145ab65ac7c01253f3c5663495a74a0598feed07436a72d3ee1185d0fbcf89e8c5d449e0216cab8110efe923be24366dffc65bb386e7f015bb40b6fd9abbf7180b217f88d99f168c113f3ff187c202e2ae32a0238e43af612678a44a3d8373b6dc6bf820f8bf73e6411c51152f51993c66effe25c6e72a3127da6996f13691ded659e1f9d6eab1124435750dfeb60de2b2d59d9196bda3a3c5cd5054b2960481d50ce28ac4159b54f3f26a9decfc8ab36b6110eda741e21c95e3631b3de40fd3c7828fb0e3c85070eb233d4d4b1b75e0167ec62e81f1a12a0cd2e02a7a43edb384e4d0d59744bbe86611575966efe25b4191f14a368a72c13aeb4de7caff7a9439b583d08714fd22a9b1ff08297a562a859e2d21dd4f8ecf6701bcd9a30d28909c52c56a8ef739f0841ae895ad858121b1ec82ae1bbec856730aba8e2f42841c33caa862fdf8b651d90055b6725e5bf0af348ec550ad23c5a3c15c7455fdb13a57a6e452bdebbeb32200ab7dce3fab98b206ec2571e3de8904bea2265288dbaec64359cb5cd926dc025343fff78e7bdab6f541a3d2b569f37b8339d14e706163854d01ba5380d648391740e1fc2e118557692796acf6e0fa8ab21c5657259bf05a8b510eb285f306c8cdd6e185094b0ff46ec71d5a9b8e344176f263730468db893eaba00c32bdafdb1ebdc3ec441abaf4e7b2db744411ae02f33b340a373ea1a485b88073c2da7bd6828bbe4028fef4c30088c9b28daf899741029da8f52d2927250c582f16ca173c0761ad74364f562f3106a15d17d34ff27abc49b8a7d9aa3d2d2bd5c406c9fe21e59ffad1a85c3d1283f983efaab087a92ce4bc66c934605b658f56857301278b09f5e22ba0034a3944ae27bd20cf9cd4a7d1973d4818716d0bf71d922d74ef68ede2604a98f6db652206e0a34ceed21cb950eebbee9686fc368e2b42f9417b22ab84c1a341630f962560900e02f20cc0ed618e657fe4ede15f9a105620dd2206dbd74ba7f061f2d058a127f5ecb72ad12264d81816d82169d668adf80bbdd279c684e11980f72ba126d0326dbfe6736d2b737069e0c5efb7e76276f10fa915907d91282084fa9a12c5636fd265ef705f49adc9924ffcc68742b17c9212fe8abcc49e4db91ee543a7fd438e59d030d6fa1c31ebe151f9c44af0069df608f0395159c41339aaf31b4c3e67526036c7f4d96fdd5afa5c4c85f2a6648098dccd6a49a8250e26bce3ca0e78976c961432783947e3a8ff5430af9cfebf3d2ee72153b7bd4d7f2cce79da6defba02cc5a73f7fa137c01a2cea52a961d9504d959aec7e2627fc33d07ef45bb8afbded876bee54c7f2feacf548bbab68a782e7bbcb6140d6c6b3fbe1108a6f4dd750c0424a9e1e0b8f239c4739f28463a23fe011cb8c98e25126c5693f19f16ab8a4b6351ff2955a397c3618ae47c78b2d123c334082f9aae0d7f9e7b761d58ef7e1f6dd20a23c7bcc3e84dbc75551573c425e5d56ca84e263b22c2ed5ff1255e500c1810574ff1af28114221fa6e72439d5fc117700bf5a7e01e2ffc0cfeabfddb8ae217a7033c9c8dce5a685ca7a0f4ceeb153ab2ae77652e1d73e9510f868b70270e386664ab4c45ddf353e61aef1ac0c673502b7e7faae557df3eaa5fd0a3a00c54f23723ce6406f616f678b6f789c57e09864895dd8a1e5da9ff0bc7be9f9174af99e157e4c71ed69c71783abb3ad18141d99e49ef32614b8ac29eb50f64b2355f4b599acbdf039877d68275a2ebeb0729791412dfd3194cc2cb4f045a4d2ac74afffec582df03ce4afd2aedc594c6cd34a4cd21d4ea653b04d49a8aa1e942df36b530c90d0c2c62ef8369677ce2ffd4304b0410ff9ef86be8afbf55adc6abca02acf03dcab2fe5339ab0eb9d79dfc4817c5e2c10676904192395d9b8552760b0fa79add2769284a0ef5ebc4d61e64dc9a8b2d4770cdb4be4345026f6d04549140f4bb01e8252eb06d70afd84247f8023a0cc31329499a0efcd8a79e0832992a96b437258ab186c6a9c8f2e55fe7319605453b888d928730a11a11b4f56eec25b4c18b2205aad508a9f6850e6e23103a517cf43af019d54593803b76a3529777a58441d781d2eb509fcb723ba3be91d12c809f0148095e2066e1b0f0656ceeb751ad610e265bd4bc1b67f5e521ef420420e9b7e137f29240d63a42d678c1739f33f39a09a0f4c5249f808f41152a07ce9bfcc94e35683bea83f82a5e34e1fef3f8ea2cf4c9f1c8ccef87d7f58fc1b4ace6cb667e62ed1f54f72b3a156551d96f9a16ff4864ae3a01dc86b5c65e6676493f07d7257b34d8c6c5851334a4542dd2bea4aef4f444b5f26ac89a27e3313a4a66bdad09382357f1adbd61d526a2541022814cc4b2515aec30f74729d1a5826a3206c02ccd6adfb6c2b6c7aee33b7213bdbc5878151b50d1a8fdc1b2b9b44a01606770028723c848e1faf60b89de5a2e72b7d19f7745f7c89989ab2a8174291ad7d0f2b172672aba9f4a1b42df53baf6d353b45d755eff7526efa8a87a2aeaf84d9a434e8844a98eab172fa474b353f19e1231aca846d93eb24e650e015a42c578d23d794c02304ff72e358ea5c75f6709e587951d3900b3b1066ddd4a2fe9186d0cfcfcc7e33e9b882e8c2242ba990face580f94d66bb6a5212190fba3c1f1e046738c422d9e94ed6671157af9145bcfe7fd0d431a7a7c84a3eec802794286e2dc2b59e93fcb09ea22a1e47ee8f0b3cf756fb67bc3676819cbc67396322ea6be61552533b52a2fd258e82dc7c57a09211cce3e785f5b4deacae7b9dcd48080c9edb03d935c9c9a426bb6d3ec71e559af61b796827b5e425c991d3485381e0842b35cb0ad91154f4a13117b35d2a9ebfcf0ef68d73093dd483923f7b3a00e9c04c0eec31effc9f908f38949e1766409fc9c8cc48f95d4d537520159dd794edb56e824d31c67d9c7cbefdb51860a8d1f859baa9bf5c2752d00b6969e94d47a88be798f6df9e6b5977a56206c33a38e74ac5de0b23489c9f5a037e13ae0194beb9f954c6b8ebefa78194a4e891c12ddb43019e60d9b8e7fe78df65a83671b76fd1a9c7be064c6d822bb0749d2162168821484ab78f906cb990167a2f9e19a33be2086dd55e54cb8b6dbcd6d1cc9b4c828472d55db6f175547f73db54d142f290ef99e8e26f2c6ebc7a53bfe31fe1eb2ac6a13dd0081debcc346cc0d3407ff158bc48a314a18b7fa781e32b66f9eaa792031567fa8d5c33fd85ebf85af958ef84c0c69f2bc3f842bff08b4b3112a6ac24a78c9476f15d40de489e50fb5e426167a10739db436cb1a63f5e7b3baf7c21c3506d3021c487ce4625f66a18468c89c3a9c94c7c1c2676e1f21a26bc393cf83e7bdf9bf66c2e9dd080574e1a80fe152124e5191c9367f22b4a712322986165964ccc2b016f0fc52e69d009a2f9fc13f344153f17bcebf937f59714f44dfdc11e69c7216cdb4f4d2143222e41d7415b3ef52e45477f62def841cea29c6258a2a2d8c7895712c51025ed7fd5d68bf8aa5a96fbbba98090dac42ad69522f47288af9f6f7acd2406c42706a940300ab41a59488966dc63f4ce8a6e6e7b18c1cf7b3e5013441ad0d7f201343e4a64da2cd513782877cb35d00f2113147ec4d7410971968daa76b1b9ad115c9ef6e8fe6abeb8b372806dbccb26f504f3fb8fb26c97fc6dcc7091f2f940e76fc121b39f215cb5ee96383b0ad5dcb2f7671e1d75612b3992a8bfd9ef25545b75845991f64a26c87a8abbdde668be3e6fb8ebdc31e73eb4eafda15215e0b545907a86c0fa3d5f1af4cf096cd7ec9c31dd57851203a2ce0c4cfecefe63e43ec9335f00fe3195965d0602bdf0fb36a8b4c6a538f18c002895f4d33968901c0228fbbfd250ae07075c9c3d8e3233027ca1ba82586797b9c3fd5c256c9562789f4393908ecba4bbd26a49672d71098198efe77b3661a2114c3b919330e67cd0ae6e90d88e1922750b6d36bde8926f9c635fbe0b1016f016af69965d762ebcab348ea4fe695007c9e1f91b8f7019a3206627751c8216dae9857569f152888ba8876b51d5d73bffb3c5544500e1121d72a0d2ca9b382bae36c36fdb5680b5973ec3529eefc2077654f5ec0021d473c221d544d6c0b56c48926ece451f01bd3b2746f6ccb0a44a2e934eefbc24c8f4ced796e4941bb6363d2bf0af8834e0dde49632c228477fcbae8d6667c5996aeb14eac620e35a1b3a3b29c4122c91f92a2f9917291c04cfb9ef91215d8b0dffccd082474c9a2ee26ab2139d4428c74efd41f820d671b4255253abad18028b4d19715ba084eaa884dcc975da4c316ac3f8c056a2dc1215bd1db2fd504169e6dab0494bc8e02d4374f061c517d424b0050b678fb240df83d19c0f9a71465541f706cf976f6f653a216dc290698158864c941067577cc0b54c8ccae532de0ec0ddc67d4a22f5c9dcee990b7ae21567991bb1fa1f83d51114f00248735a3b884311b695a65fe6671db499588fd69c79baa8962d6f4331e3dda9b3d7075b2240d58cbe88521c4bfab84066a6b69fbcbc3cb", 0xe7d}], 0x1}, 0x0) [ 76.462675][ T7956] IPVS: ftp: loaded support on port[0] = 21 [ 76.488471][ T7958] IPVS: ftp: loaded support on port[0] = 21 [ 76.572938][ T7956] chnl_net:caif_netlink_parms(): no params data found [ 76.623936][ T7956] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.631599][ T7956] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.639334][ T7956] device bridge_slave_0 entered promiscuous mode [ 76.647231][ T7958] chnl_net:caif_netlink_parms(): no params data found [ 76.655499][ T7956] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.662803][ T7956] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.670586][ T7956] device bridge_slave_1 entered promiscuous mode [ 76.695291][ T7956] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 76.709609][ T7956] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 76.725755][ T7958] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.733199][ T7958] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.740565][ T7958] device bridge_slave_0 entered promiscuous mode [ 76.751481][ T7958] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.758749][ T7958] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.766271][ T7958] device bridge_slave_1 entered promiscuous mode [ 76.778192][ T7956] team0: Port device team_slave_0 added [ 76.788614][ T7956] team0: Port device team_slave_1 added [ 76.795388][ T7958] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 76.806997][ T7958] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 76.831459][ T7958] team0: Port device team_slave_0 added [ 76.898137][ T7956] device hsr_slave_0 entered promiscuous mode [ 76.966718][ T7956] device hsr_slave_1 entered promiscuous mode [ 77.037518][ T7958] team0: Port device team_slave_1 added [ 77.127961][ T7958] device hsr_slave_0 entered promiscuous mode [ 77.206470][ T7958] device hsr_slave_1 entered promiscuous mode [ 77.266376][ T7958] debugfs: Directory 'hsr0' with parent '/' already present! [ 77.288302][ T38] audit: type=1400 audit(1575058252.509:44): avc: denied { create } for pid=7956 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 77.314447][ T38] audit: type=1400 audit(1575058252.509:45): avc: denied { write } for pid=7956 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 77.314480][ T7956] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 77.340523][ T38] audit: type=1400 audit(1575058252.509:46): avc: denied { read } for pid=7956 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 77.430411][ T7956] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 77.551364][ T7956] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 77.650552][ T7956] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 77.774311][ T7958] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 77.858411][ T7958] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 77.928499][ T7958] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 78.020243][ T7958] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 78.116068][ T7956] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.131578][ T1204] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 78.140542][ T1204] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 78.150275][ T7958] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.159504][ T7956] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.171023][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 78.179572][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 78.188017][ T4416] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.194966][ T4416] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.202752][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 78.211219][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 78.219434][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 78.229120][ T7958] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.237807][ T1204] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 78.246463][ T1204] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 78.254894][ T1204] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.261914][ T1204] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.278402][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 78.287073][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 78.295253][ T37] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.302297][ T37] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.309832][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 78.318333][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 78.327314][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 78.335804][ T37] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.343109][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.350977][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 78.359756][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 78.369530][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 78.378311][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 78.390459][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 78.398672][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 78.410697][ T1204] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 78.419800][ T1204] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 78.428536][ T1204] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 78.442195][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 78.450819][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 78.459352][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 78.468045][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 78.478177][ T7956] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 78.489127][ T7963] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 78.498152][ T7963] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 78.506957][ T7965] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 78.520052][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 78.528738][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 78.545243][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 78.553622][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 78.562137][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 78.570057][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 78.577898][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 78.586150][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 78.595072][ T7958] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 78.604906][ T7956] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.618935][ T38] audit: type=1400 audit(1575058253.839:47): avc: denied { associate } for pid=7956 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 78.621831][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 78.649969][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 78.661668][ T7958] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.728803][ T38] audit: type=1400 audit(1575058253.949:48): avc: denied { open } for pid=7969 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=perf_event permissive=1 [ 78.753619][ T38] audit: type=1400 audit(1575058253.949:49): avc: denied { kernel } for pid=7969 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=perf_event permissive=1 [ 78.782442][ T38] audit: type=1400 audit(1575058253.999:50): avc: denied { map_create } for pid=7969 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 [ 78.785155][ T7972] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 78.853551][ C0] hrtimer: interrupt took 27150 ns [ 231.595047][ C2] watchdog: BUG: soft lockup - CPU#2 stuck for 123s! [syz-executor.1:7970] [ 231.596238][ C2] Modules linked in: [ 231.607458][ C2] irq event stamp: 5335851 [ 231.607458][ C2] hardirqs last enabled at (5335850): [] trace_hardirqs_on_thunk+0x1a/0x1c [ 231.616330][ C2] hardirqs last disabled at (5335851): [] trace_hardirqs_off_thunk+0x1a/0x1c [ 231.627399][ C2] softirqs last enabled at (769164): [] __do_softirq+0x6cd/0x98c [ 231.636248][ C2] softirqs last disabled at (769499): [] irq_exit+0x19b/0x1e0 [ 231.647382][ C2] CPU: 2 PID: 7970 Comm: syz-executor.1 Not tainted 5.4.0-syzkaller #0 [ 231.656340][ C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 231.667363][ C2] RIP: 0010:kmem_cache_alloc_node_trace+0x24d/0x750 [ 231.676273][ C2] Code: 7e 0f 85 41 ff ff ff e8 a2 b3 4e ff e9 37 ff ff ff e8 07 b4 c8 ff 48 83 3d 57 80 a1 07 00 0f 84 7d 01 00 00 48 8b 7d c0 57 9d <0f> 1f 44 00 00 e9 c4 fe ff ff 31 d2 be 35 02 00 00 48 c7 c7 9e 9b [ 231.696277][ C2] RSP: 0018:ffff88802d409a18 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13 [ 231.707331][ C2] RAX: 0000000000000007 RBX: 0000000000082a20 RCX: 0000000000000002 [ 231.716357][ C2] RDX: 0000000000000000 RSI: ffff888015fec900 RDI: 0000000000000282 [ 231.716357][ C2] RBP: ffff88802d409a90 R08: 1ffffffff15d29b8 R09: fffffbfff15d29b9 [ 231.727322][ C2] R10: fffffbfff15d29b8 R11: ffffffff8ae94dc7 R12: ffff88802cc00c40 [ 231.736317][ C2] R13: ffff88802cc00c40 R14: ffff88801c0fb800 R15: 0000000000082a20 [ 231.747706][ C2] FS: 00007f2e83ce1700(0000) GS:ffff88802d400000(0000) knlGS:0000000000000000 [ 231.756309][ C2] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.756309][ C2] CR2: ffffffffff600400 CR3: 000000002022a000 CR4: 00000000003406e0 [ 231.768587][ C2] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 231.776494][ C2] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 231.787345][ C2] Call Trace: [ 231.787345][ C2] [ 231.787345][ C2] __kmalloc_node_track_caller+0x3d/0x70 [ 231.796322][ C2] __kmalloc_reserve.isra.0+0x40/0xf0 [ 231.796322][ C2] __alloc_skb+0x10b/0x5e0 [ 231.807435][ C2] ? __kmalloc_reserve.isra.0+0xf0/0xf0 [ 231.816381][ C2] ? __alloc_skb+0x3c3/0x5e0 [ 231.816381][ C2] new_skb+0x28/0x1d0 [ 231.816381][ C2] aoecmd_cfg+0x1b5/0x640 [ 231.827417][ C2] ? aoecmd_ata_rsp+0x13a0/0x13a0 [ 231.827417][ C2] ? mod_timer+0x50c/0xc10 [ 231.836304][ C2] ? timer_reduce+0xde0/0xde0 [ 231.836304][ C2] ? aoedev_by_aoeaddr.cold+0x83/0x83 [ 231.847381][ C2] ? call_timer_fn+0x610/0x780 [ 231.847381][ C2] discover_timer+0x4e/0x60 [ 231.856341][ C2] call_timer_fn+0x1ac/0x780 [ 231.856341][ C2] ? aoedev_by_aoeaddr.cold+0x83/0x83 [ 231.867362][ C2] ? msleep_interruptible+0x150/0x150 [ 231.867362][ C2] ? aoedev_by_aoeaddr.cold+0x83/0x83 [ 231.876313][ C2] run_timer_softirq+0x6c3/0x1790 [ 231.876313][ C2] ? add_timer+0x930/0x930 [ 231.886236][ C2] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 231.887524][ C2] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 231.896319][ C2] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 231.896319][ C2] __do_softirq+0x262/0x98c [ 231.907512][ C2] ? sched_clock_cpu+0x14e/0x1b0 [ 231.907512][ C2] irq_exit+0x19b/0x1e0 [ 231.916306][ C2] smp_apic_timer_interrupt+0x1a3/0x610 [ 231.916306][ C2] apic_timer_interrupt+0xf/0x20 [ 231.927444][ C2] [ 231.927444][ C2] RIP: 0010:_raw_spin_unlock_irq+0x4f/0x80 [ 231.936318][ C2] Code: c0 68 34 53 89 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 33 48 83 3d 12 2a 99 01 00 74 20 fb 66 0f 1f 44 00 00 01 00 00 00 e8 e7 6b 96 f9 65 8b 05 18 14 48 78 85 c0 74 06 41 [ 231.956354][ C2] RSP: 0018:ffff888071fc7530 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13 [ 231.956354][ C2] RAX: 1ffffffff12a668d RBX: ffff888015fec040 RCX: 0000000000000000 [ 231.967370][ C2] RDX: dffffc0000000000 RSI: 0000000000000006 RDI: ffff888015fec8d4 [ 231.976370][ C2] RBP: ffff888071fc7538 R08: ffff888015fec040 R09: 0000000000000000 [ 231.987351][ C2] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88802d437380 [ 231.987351][ C2] R13: ffff8880298e52c0 R14: 0000000000000000 R15: 0000000000000402 [ 231.996347][ C2] finish_task_switch+0x147/0x750 [ 232.006288][ C2] ? finish_task_switch+0x119/0x750 [ 232.007294][ C2] __schedule+0x8e9/0x1f30 [ 232.016237][ C2] ? __sched_text_start+0x8/0x8 [ 232.016328][ C2] ? unmap_page_range+0x10b1/0x2ac0 [ 232.016328][ C2] ? preempt_schedule+0x4b/0x60 [ 232.027375][ C2] preempt_schedule_common+0x4f/0xe0 [ 232.027375][ C2] preempt_schedule+0x4b/0x60 [ 232.036346][ C2] ___preempt_schedule+0x16/0x18 [ 232.036346][ C2] _raw_spin_unlock+0x3c/0x40 [ 232.047398][ C2] unmap_page_range+0x10b1/0x2ac0 [ 232.047398][ C2] ? __kasan_check_read+0x11/0x20 [ 232.056329][ C2] ? vm_normal_page_pmd+0x420/0x420 [ 232.056329][ C2] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 232.067401][ C2] ? uprobe_munmap+0xad/0x320 [ 232.067401][ C2] unmap_single_vma+0x19d/0x300 [ 232.076353][ C2] unmap_vmas+0x184/0x2f0 [ 232.076353][ C2] ? zap_vma_ptes+0x110/0x110 [ 232.087405][ C2] ? __kasan_check_write+0x14/0x20 [ 232.087405][ C2] exit_mmap+0x2ba/0x530 [ 232.096287][ C2] ? __ia32_sys_munmap+0x80/0x80 [ 232.096287][ C2] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 232.107295][ C2] ? __khugepaged_exit+0xcf/0x410 [ 232.107295][ C2] mmput+0x179/0x4d0 [ 232.116356][ C2] do_exit+0x806/0x2ef0 [ 232.116356][ C2] ? mm_update_next_owner+0x7c0/0x7c0 [ 232.116356][ C2] ? lock_downgrade+0x920/0x920 [ 232.127429][ C2] ? _raw_spin_unlock_irq+0x23/0x80 [ 232.127429][ C2] ? get_signal+0x392/0x24f0 [ 232.136277][ C2] ? _raw_spin_unlock_irq+0x23/0x80 [ 232.136277][ C2] do_group_exit+0x135/0x360 [ 232.147375][ C2] get_signal+0x47c/0x24f0 [ 232.147375][ C2] ? __fd_install+0x1fb/0x640 [ 232.156341][ C2] ? fd_install+0x4d/0x60 [ 232.156341][ C2] do_signal+0x87/0x1700 [ 232.156341][ C2] ? perf_event_set_output+0x4e0/0x4e0 [ 232.167358][ C2] ? setup_sigcontext+0x7d0/0x7d0 [ 232.167358][ C2] ? put_timespec64+0xda/0x140 [ 232.176379][ C2] ? exit_to_usermode_loop+0x43/0x380 [ 232.176379][ C2] ? do_syscall_64+0x676/0x790 [ 232.187292][ C2] ? exit_to_usermode_loop+0x43/0x380 [ 232.187292][ C2] ? lockdep_hardirqs_on+0x421/0x5e0 [ 232.196329][ C2] ? trace_hardirqs_on+0x67/0x240 [ 232.196329][ C2] exit_to_usermode_loop+0x286/0x380 [ 232.207380][ C2] do_syscall_64+0x676/0x790 [ 232.207380][ C2] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 232.216331][ C2] RIP: 0033:0x45a759 [ 232.216331][ C2] Code: 8b 6c 24 20 48 83 c4 28 c3 48 8b 1d e1 67 67 01 48 8d 0c 19 48 8d 49 ff 48 ff cb 48 f7 d3 48 21 d9 e9 0c ff ff ff 48 8b 6c 24 <20> 48 83 c4 28 c3 48 89 d8 b9 00 00 40 00 e8 14 4f 00 00 4c 89 c0 [ 232.236357][ C2] RSP: 002b:00007f2e83ce0c88 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 232.247399][ C2] RAX: 0000000000000003 RBX: 000000000071bf00 RCX: 000000000045a759 [ 232.256340][ C2] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [ 232.267463][ C2] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 [ 232.276277][ C2] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f2e83ce16d4 [ 232.276277][ C2] R13: 00000000004aec2b R14: 00000000006f1ca8 R15: 00000000ffffffff [ 232.289179][ C2] Sending NMI from CPU 2 to CPUs 0-1,3: [ 232.299222][ C1] NMI backtrace for cpu 1 skipped: idling at native_safe_halt+0xe/0x10 [ 232.299257][ C3] NMI backtrace for cpu 3 skipped: idling at native_safe_halt+0xe/0x10 [ 232.300321][ C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.054 msecs [ 232.300656][ C2] NMI backtrace for cpu 0 [ 232.300656][ C2] CPU: 0 PID: 7971 Comm: syz-executor.0 Not tainted 5.4.0-syzkaller #0 [ 232.300656][ C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 232.300656][ C2] RIP: 0010:native_write_msr+0x6/0x30 [ 232.300656][ C2] Code: d0 c3 0f 21 d8 c3 0f 21 f0 c3 0f 0b 0f 1f 84 00 00 00 00 00 0f 0b 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 89 f9 89 f0 0f 30 <0f> 1f 44 00 00 c3 55 48 c1 e2 20 89 f6 48 89 e5 48 09 d6 31 d2 e8 [ 232.300656][ C2] RSP: 0018:ffff88802d2091f8 EFLAGS: 00000082 [ 232.300656][ C2] RAX: 000000006a351aba RBX: 0000000000000000 RCX: 00000000000006e0 [ 232.300656][ C2] RDX: 000000000000006e RSI: 000000006a351aba RDI: 00000000000006e0 [ 232.300656][ C2] RBP: ffff88802d209210 R08: ffff88802704c040 R09: ffff88802704c8d0 [ 232.300656][ C2] R10: fffffbfff146dba0 R11: ffffffff8a36dd07 R12: ffff88802d2227c0 [ 232.300656][ C2] R13: 0000000000000759 R14: 0000000000000000 R15: 0000000000000000 [ 232.300656][ C2] FS: 00007f02bf8a2700(0000) GS:ffff88802d200000(0000) knlGS:0000000000000000 [ 232.300656][ C2] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.300656][ C2] CR2: 000000c0003910f8 CR3: 0000000071e47000 CR4: 00000000003406f0 [ 232.300656][ C2] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 232.300656][ C2] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 232.300656][ C2] Call Trace: [ 232.300656][ C2] [ 232.300656][ C2] ? lapic_next_deadline+0x4d/0x80 [ 232.300656][ C2] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 232.300656][ C2] clockevents_program_event+0x25c/0x370 [ 232.300656][ C2] tick_program_event+0xb4/0x130 [ 232.300656][ C2] hrtimer_interrupt+0x369/0x770 [ 232.300656][ C2] smp_apic_timer_interrupt+0x160/0x610 [ 232.300656][ C2] apic_timer_interrupt+0xf/0x20 [ 232.300656][ C2] RIP: 0010:update_stack_state+0x365/0x5f0 [ 232.300656][ C2] Code: 00 0f 85 47 02 00 00 4c 89 f9 4d 89 65 48 48 b8 00 00 00 00 00 fc ff df 48 c1 e9 03 80 3c 01 00 0f 85 04 02 00 00 4d 8b 65 40 <4d> 85 e4 b8 01 00 00 00 75 28 48 b8 00 00 00 00 00 fc ff df 4c 89 [ 232.300656][ C2] RSP: 0018:ffff88802d209420 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 232.300656][ C2] RAX: dffffc0000000000 RBX: ffff888071fcff48 RCX: 1ffff11005a412c2 [ 232.300656][ C2] RDX: 0000000000000010 RSI: 1ffff11005a41200 RDI: ffff88802d209618 [ 232.300656][ C2] RBP: ffff88802d2094e8 R08: ffff88802704c040 R09: ffff88802d209628 [ 232.300656][ C2] R10: ffff88802d2095f8 R11: ffff88802d209608 R12: ffff88802d2095c0 [ 232.300656][ C2] R13: ffff88802d2095d0 R14: 1ffff11005a4128c R15: ffff88802d209610 [ 232.300656][ C2] ? apic_timer_interrupt+0xa/0x20 [ 232.300656][ C2] ? __read_once_size_nocheck.constprop.0+0x10/0x10 [ 232.300656][ C2] unwind_next_frame.part.0+0x1a9/0xa20 [ 232.300656][ C2] ? unwind_dump+0x100/0x100 [ 232.300656][ C2] ? unwind_dump+0x100/0x100 [ 232.300656][ C2] ? profile_setup.cold+0xbb/0xbb [ 232.300656][ C2] unwind_next_frame+0x3b/0x50 [ 232.300656][ C2] arch_stack_walk+0x81/0xf0 [ 232.300656][ C2] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 232.300656][ C2] stack_trace_save+0xac/0xe0 [ 232.300656][ C2] ? stack_trace_consume_entry+0x190/0x190 [ 232.300656][ C2] ? find_held_lock+0x35/0x130 [ 232.300656][ C2] ? clockevents_program_event+0x15a/0x370 [ 232.300656][ C2] save_stack+0x23/0x90 [ 232.300656][ C2] ? save_stack+0x23/0x90 [ 232.300656][ C2] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 232.300656][ C2] ? kasan_slab_alloc+0xf/0x20 [ 232.300656][ C2] ? kmem_cache_alloc+0x121/0x710 [ 232.300656][ C2] ? dst_alloc+0x10e/0x200 [ 232.300656][ C2] ? ip6_dst_alloc+0x34/0xa0 [ 232.300656][ C2] ? icmp6_dst_alloc+0x69/0x4a0 [ 232.300656][ C2] ? ndisc_send_skb+0xfb7/0x1490 [ 232.300656][ C2] ? ndisc_send_rs+0x134/0x720 [ 232.300656][ C2] ? addrconf_rs_timer+0x30f/0x6e0 [ 232.300656][ C2] ? call_timer_fn+0x1ac/0x780 [ 232.300656][ C2] ? run_timer_softirq+0x6c3/0x1790 [ 232.300656][ C2] ? __do_softirq+0x262/0x98c [ 232.300656][ C2] ? irq_exit+0x19b/0x1e0 [ 232.300656][ C2] ? smp_apic_timer_interrupt+0x1a3/0x610 [ 232.300656][ C2] ? apic_timer_interrupt+0xf/0x20 [ 232.300656][ C2] ? _raw_spin_unlock_irq+0x4f/0x80 [ 232.300656][ C2] ? finish_task_switch+0x147/0x750 [ 232.300656][ C2] ? __schedule+0x8e9/0x1f30 [ 232.300656][ C2] ? preempt_schedule_common+0x4f/0xe0 [ 232.300656][ C2] ? preempt_schedule+0x4b/0x60 [ 232.300656][ C2] ? ___preempt_schedule+0x16/0x18 [ 232.300656][ C2] ? smp_call_function_single+0x410/0x480 [ 232.300656][ C2] ? task_function_call+0xe9/0x180 [ 232.300656][ C2] ? perf_install_in_context+0x308/0x5a0 [ 232.300656][ C2] ? __do_sys_perf_event_open+0x1cbc/0x2c70 [ 232.300656][ C2] ? __x64_sys_perf_event_open+0xbe/0x150 [ 232.300656][ C2] ? do_syscall_64+0xfa/0x790 [ 232.300656][ C2] ? __kasan_check_read+0x11/0x20 [ 232.300656][ C2] ? mark_lock+0xc2/0x1220 [ 232.300656][ C2] ? __kasan_check_write+0x14/0x20 [ 232.300656][ C2] ? sched_clock_local+0xdf/0x150 [ 232.300656][ C2] ? __kasan_check_read+0x11/0x20 [ 232.300656][ C2] ? mark_lock+0xc2/0x1220 [ 232.300656][ C2] ? should_fail+0x1de/0x852 [ 232.300656][ C2] ? mark_held_locks+0xa4/0xf0 [ 232.300656][ C2] ? kmem_cache_alloc+0x26f/0x710 [ 232.300656][ C2] ? dst_alloc+0x10e/0x200 [ 232.300656][ C2] ? kmem_cache_alloc+0x26f/0x710 [ 232.300656][ C2] ? kasan_unpoison_shadow+0x35/0x50 [ 232.300656][ C2] __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 232.300656][ C2] kasan_slab_alloc+0xf/0x20 [ 232.300656][ C2] kmem_cache_alloc+0x121/0x710 [ 232.300656][ C2] ? retint_kernel+0x2b/0x2b [ 232.300656][ C2] dst_alloc+0x10e/0x200 [ 232.300656][ C2] ip6_dst_alloc+0x34/0xa0 [ 232.300656][ C2] icmp6_dst_alloc+0x69/0x4a0 [ 232.300656][ C2] ndisc_send_skb+0xfb7/0x1490 [ 232.300656][ C2] ? rxe_responder+0x31c5/0x9758 [ 232.300656][ C2] ? nf_hook.constprop.0+0x560/0x560 [ 232.300656][ C2] ? memset+0x32/0x40 [ 232.300656][ C2] ndisc_send_rs+0x134/0x720 [ 232.300656][ C2] addrconf_rs_timer+0x30f/0x6e0 [ 232.300656][ C2] ? ipv6_get_lladdr+0x490/0x490 [ 232.300656][ C2] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 232.300656][ C2] call_timer_fn+0x1ac/0x780 [ 232.300656][ C2] ? ipv6_get_lladdr+0x490/0x490 [ 232.300656][ C2] ? msleep_interruptible+0x150/0x150 [ 232.300656][ C2] ? run_timer_softirq+0x6b1/0x1790 [ 232.300656][ C2] ? trace_hardirqs_on+0x67/0x240 [ 232.300656][ C2] ? ipv6_get_lladdr+0x490/0x490 [ 232.300656][ C2] ? ipv6_get_lladdr+0x490/0x490 [ 232.300656][ C2] run_timer_softirq+0x6c3/0x1790 [ 232.300656][ C2] ? add_timer+0x930/0x930 [ 232.300656][ C2] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 232.300656][ C2] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 232.300656][ C2] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 232.300656][ C2] __do_softirq+0x262/0x98c [ 232.300656][ C2] ? sched_clock_cpu+0x14e/0x1b0 [ 232.300656][ C2] irq_exit+0x19b/0x1e0 [ 232.300656][ C2] smp_apic_timer_interrupt+0x1a3/0x610 [ 232.300656][ C2] apic_timer_interrupt+0xf/0x20 [ 232.300656][ C2] [ 232.300656][ C2] RIP: 0010:_raw_spin_unlock_irq+0x4f/0x80 [ 232.300656][ C2] Code: c0 68 34 53 89 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 33 48 83 3d 12 2a 99 01 00 74 20 fb 66 0f 1f 44 00 00 01 00 00 00 e8 e7 6b 96 f9 65 8b 05 18 14 48 78 85 c0 74 06 41 [ 232.300656][ C2] RSP: 0018:ffff888071fcf8d8 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13 [ 232.300656][ C2] RAX: 1ffffffff12a668d RBX: ffff88802704c040 RCX: 0000000000000006 [ 232.300656][ C2] RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88802704c8d4 [ 232.300656][ C2] RBP: ffff888071fcf8e0 R08: 1ffffffff15d29b8 R09: fffffbfff15d29b9 [ 232.300656][ C2] R10: fffffbfff15d29b8 R11: ffffffff8ae94dc7 R12: ffff88802d237380 [ 232.300656][ C2] R13: ffffffff8947a1c0 R14: ffff8880252f27c0 R15: 0000000000000000 [ 232.300656][ C2] ? _raw_spin_unlock_irq+0x23/0x80 [ 232.300656][ C2] finish_task_switch+0x147/0x750 [ 232.300656][ C2] ? finish_task_switch+0x119/0x750 [ 232.300656][ C2] __schedule+0x8e9/0x1f30 [ 232.300656][ C2] ? __sched_text_start+0x8/0x8 [ 232.300656][ C2] ? __this_cpu_preempt_check+0x35/0x190 [ 232.300656][ C2] ? retint_kernel+0x2b/0x2b [ 232.300656][ C2] ? perf_duration_warn+0x40/0x40 [ 232.300656][ C2] ? preempt_schedule+0x4b/0x60 [ 232.300656][ C2] preempt_schedule_common+0x4f/0xe0 [ 232.300656][ C2] ? __perf_event_enable+0x930/0x930 [ 232.300656][ C2] preempt_schedule+0x4b/0x60 [ 232.300656][ C2] ___preempt_schedule+0x16/0x18 [ 232.300656][ C2] ? smp_call_function_single+0x40b/0x480 [ 232.300656][ C2] smp_call_function_single+0x410/0x480 [ 232.300656][ C2] ? perf_duration_warn+0x40/0x40 [ 232.300656][ C2] ? generic_exec_single+0x4c0/0x4c0 [ 232.300656][ C2] ? __do_sys_perf_event_open+0x174c/0x2c70 [ 232.300656][ C2] ? __perf_event_enable+0x930/0x930 [ 232.300656][ C2] task_function_call+0xe9/0x180 [ 232.300656][ C2] ? perf_event_addr_filters_exec+0x310/0x310 [ 232.300656][ C2] ? __do_sys_perf_event_open+0x174c/0x2c70 [ 232.300656][ C2] ? __perf_event_enable+0x930/0x930 [ 232.300656][ C2] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 232.300656][ C2] ? exclusive_event_installable+0x257/0x320 [ 232.300656][ C2] perf_install_in_context+0x308/0x5a0 [ 232.300656][ C2] ? list_add_event+0xed0/0xed0 [ 232.300656][ C2] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 232.300656][ C2] ? __perf_event_header_size.isra.0+0x166/0x1c0 [ 232.300656][ C2] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 232.300656][ C2] __do_sys_perf_event_open+0x1cbc/0x2c70 [ 232.300656][ C2] ? perf_event_set_output+0x4e0/0x4e0 [ 232.300656][ C2] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 232.300656][ C2] ? put_timespec64+0xda/0x140 [ 232.300656][ C2] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 232.300656][ C2] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 232.300656][ C2] ? do_syscall_64+0x26/0x790 [ 232.300656][ C2] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 232.300656][ C2] ? do_syscall_64+0x26/0x790 [ 232.300656][ C2] __x64_sys_perf_event_open+0xbe/0x150 [ 232.300656][ C2] do_syscall_64+0xfa/0x790 [ 232.300656][ C2] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 232.300656][ C2] RIP: 0033:0x45a759 [ 232.300656][ C2] Code: bd b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 232.300656][ C2] RSP: 002b:00007f02bf8a1c88 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 232.300656][ C2] RAX: ffffffffffffffda RBX: 000000000071bf00 RCX: 000000000045a759 [ 232.300656][ C2] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 000000002001d000 [ 232.300656][ C2] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 [ 232.300656][ C2] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f02bf8a26d4 [ 232.300656][ C2] R13: 00000000004aec2b R14: 00000000006f1ca8 R15: 00000000ffffffff [ 232.300656][ C2] Kernel panic - not syncing: softlockup: hung tasks [ 232.300656][ C2] CPU: 2 PID: 7970 Comm: syz-executor.1 Tainted: G L 5.4.0-syzkaller #0 [ 232.300656][ C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 232.300656][ C2] Call Trace: [ 232.300656][ C2] [ 232.300656][ C2] dump_stack+0x197/0x210 [ 232.300656][ C2] panic+0x2e3/0x75c [ 232.300656][ C2] ? add_taint.cold+0x16/0x16 [ 232.300656][ C2] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 232.300656][ C2] ? printk_safe_flush+0xf2/0x140 [ 232.300656][ C2] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 232.300656][ C2] ? watchdog_timer_fn.cold+0x5/0x33