[....] Starting enhanced syslogd: rsyslogd[ 11.528276] audit: type=1400 audit(1514618514.817:5): avc: denied { syslog } for pid=3038 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1
�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Starting mcstransd:
[....] Starting file context maintaining daemon: restorecond�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
syzkaller login: [ 17.127526] audit: type=1400 audit(1514618520.416:6): avc: denied { map } for pid=3176 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.15.213' (ECDSA) to the list of known hosts.
executing program
[ 40.449161] audit: type=1400 audit(1514618543.737:7): avc: denied { map } for pid=3195 comm="syzkaller722579" path="/root/syzkaller722579601" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[ 40.456483] device lo entered promiscuous mode
[ 40.475641] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters.
[ 40.496848] ==================================================================
[ 40.504244] BUG: KASAN: slab-out-of-bounds in tcp_v6_syn_recv_sock+0x628/0x23a0
[ 40.511662] Write of size 160 at addr ffff8801c74cdef0 by task syzkaller722579/3197
[ 40.519419]
[ 40.521020] CPU: 0 PID: 3197 Comm: syzkaller722579 Not tainted 4.15.0-rc5+ #170
[ 40.528429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 40.537754] Call Trace:
[ 40.540307]
[ 40.542435] dump_stack+0x194/0x257
[ 40.546036] ? arch_local_irq_restore+0x53/0x53
[ 40.550678] ? show_regs_print_info+0x18/0x18
[ 40.555145] ? tcp_v6_send_synack+0xa90/0xa90
[ 40.559610] ? tcp_v6_syn_recv_sock+0x628/0x23a0
[ 40.564340] print_address_description+0x73/0x250
[ 40.569153] ? tcp_v6_syn_recv_sock+0x628/0x23a0
[ 40.573882] kasan_report+0x25b/0x340
[ 40.577666] check_memory_region+0x137/0x190
[ 40.582054] memcpy+0x37/0x50
[ 40.585134] tcp_v6_syn_recv_sock+0x628/0x23a0
[ 40.589694] ? tcp_v6_conn_request+0x270/0x270
[ 40.594256] ? __local_bh_enable_ip+0x121/0x230
[ 40.598900] ? trace_hardirqs_on_caller+0x19e/0x5c0
[ 40.603887] ? ip6_dst_lookup_tail+0xd90/0x18b0
[ 40.608526] ? trace_hardirqs_on+0xd/0x10
[ 40.612641] ? __local_bh_enable_ip+0x121/0x230
[ 40.617293] ? ip6_dst_lookup_tail+0x3f8/0x18b0
[ 40.621943] ? ip6_copy_metadata+0x890/0x890
[ 40.626327] ? selinux_netlbl_inet_conn_request+0x81/0x3c0
[ 40.631920] ? selinux_netlbl_skbuff_setsid+0x5d0/0x5d0
[ 40.637260] ? __bfs+0x746/0x750
[ 40.640595] ? rcu_read_lock_sched_held+0x108/0x120
[ 40.645589] tcp_get_cookie_sock+0x102/0x540
[ 40.649971] ? selinux_inet_conn_request+0x25b/0x390
[ 40.655046] ? cookie_ecn_ok+0x120/0x120
[ 40.659079] ? xfrm_lookup_route+0x4f/0x1a0
[ 40.663385] ? ip6_dst_lookup_flow+0x1ca/0x270
[ 40.667940] ? ip6_dst_lookup+0x60/0x60
[ 40.671887] ? tcp_select_initial_window+0x30c/0x410
[ 40.676967] cookie_v6_check+0x177d/0x2160
[ 40.681190] ? cookie_v6_init_sequence+0xe0/0xe0
[ 40.685924] ? sk_filter_trim_cap+0x40a/0x9c0
[ 40.690388] ? lock_downgrade+0x980/0x980
[ 40.694507] ? lock_release+0xa40/0xa40
[ 40.698452] ? __lock_is_held+0xb6/0x140
[ 40.702492] ? sk_filter_trim_cap+0xe7/0x9c0
[ 40.706870] ? __local_bh_enable_ip+0x121/0x230
[ 40.711513] ? tcp_v6_inbound_md5_hash+0x155/0x5c0
[ 40.716417] tcp_v6_do_rcv+0xe4d/0x11c0
[ 40.720359] ? tcp_v6_do_rcv+0xe4d/0x11c0
[ 40.724476] ? tcp_v6_fill_cb+0x3d0/0x480
[ 40.728596] tcp_v6_rcv+0x22ee/0x2b40
[ 40.732383] ? tcp_v6_reqsk_send_ack+0x370/0x370
[ 40.737123] ip6_input_finish+0x36f/0x1700
[ 40.741327] ? ip6_input+0x3b4/0x560
[ 40.745020] ? ip6_rcv_finish+0x7a0/0x7a0
[ 40.749145] ? nf_hook_slow+0xd3/0x1a0
[ 40.753008] ip6_input+0xe9/0x560
[ 40.756443] ? print_irqtrace_events+0x270/0x270
[ 40.761170] ? ip6_input_finish+0x1700/0x1700
[ 40.765637] ? find_held_lock+0x35/0x1d0
[ 40.769670] ? ip6_rcv_finish+0x7a0/0x7a0
[ 40.773795] ? ipv6_rcv+0x16b2/0x1f80
[ 40.777568] ip6_rcv_finish+0x1a9/0x7a0
[ 40.781510] ? ip6_make_skb+0x580/0x580
[ 40.785463] ? nf_hook_slow+0xd3/0x1a0
[ 40.789321] ipv6_rcv+0xf1f/0x1f80
[ 40.792838] ? ip6_input+0x560/0x560
[ 40.796524] ? debug_check_no_locks_freed+0x3c0/0x3c0
[ 40.801683] ? __lock_acquire+0x664/0x3e00
[ 40.805892] ? print_irqtrace_events+0x270/0x270
[ 40.810618] ? check_noncircular+0x20/0x20
[ 40.814822] ? check_noncircular+0x20/0x20
[ 40.819041] ? ip6_make_skb+0x580/0x580
[ 40.822988] ? ip6_input+0x560/0x560
[ 40.826679] __netif_receive_skb_core+0x1a3e/0x3450
[ 40.831682] ? nf_ingress+0x9f0/0x9f0
[ 40.835452] ? find_held_lock+0x35/0x1d0
[ 40.839490] ? debug_check_no_locks_freed+0x3c0/0x3c0
[ 40.844659] ? find_held_lock+0x35/0x1d0
[ 40.848710] ? is_bpf_text_address+0x7b/0x120
[ 40.853174] ? lock_downgrade+0x980/0x980
[ 40.857291] ? lock_release+0xa40/0xa40
[ 40.861236] ? __free_insn_slot+0x5c0/0x5c0
[ 40.865531] ? check_noncircular+0x20/0x20
[ 40.869745] ? is_bpf_text_address+0xa4/0x120
[ 40.874212] ? kernel_text_address+0x102/0x140
[ 40.878767] ? __kernel_text_address+0xd/0x40
[ 40.883232] ? unwind_get_return_address+0x61/0xa0
[ 40.888136] ? __save_stack_trace+0x7e/0xd0
[ 40.892430] ? find_held_lock+0x35/0x1d0
[ 40.896477] ? lock_acquire+0x1d5/0x580
[ 40.900422] ? process_backlog+0x45f/0x740
[ 40.904625] ? lock_acquire+0x1d5/0x580
[ 40.908570] ? process_backlog+0x1ab/0x740
[ 40.912780] ? lock_release+0xa40/0xa40
[ 40.916725] ? debug_check_no_obj_freed+0x3da/0xf1f
[ 40.921716] ? __free_pages_ok+0x765/0x31e0
[ 40.926005] ? free_compound_page+0x5e/0x70
[ 40.930311] __netif_receive_skb+0x2c/0x1b0
[ 40.934603] ? __netif_receive_skb+0x2c/0x1b0
[ 40.939074] process_backlog+0x203/0x740
[ 40.943119] ? mark_held_locks+0xaf/0x100
[ 40.947253] net_rx_action+0x792/0x1910
[ 40.951210] ? napi_complete_done+0x6c0/0x6c0
[ 40.955685] ? rcu_read_lock_sched_held+0x108/0x120
[ 40.960682] ? note_gp_changes+0x650/0x650
[ 40.964896] ? timerqueue_add+0x1e9/0x280
[ 40.969021] ? enqueue_hrtimer+0x171/0x4a0
[ 40.973238] ? __remove_hrtimer+0x190/0x190
[ 40.977538] ? find_held_lock+0x35/0x1d0
[ 40.981587] ? lock_downgrade+0x980/0x980
[ 40.985721] ? rcu_pm_notify+0xc0/0xc0
[ 40.989591] ? check_noncircular+0x20/0x20
[ 40.993799] ? print_irqtrace_events+0x270/0x270
[ 40.998530] ? lock_downgrade+0x980/0x980
[ 41.002656] ? __irqentry_text_end+0x4/0x4
[ 41.006863] ? do_timer+0x50/0x50
[ 41.010305] ? __lock_is_held+0xb6/0x140
[ 41.014348] __do_softirq+0x2d7/0xb85
[ 41.018119] ? task_prio+0x40/0x40
[ 41.021635] ? __irqentry_text_end+0x4/0x4
[ 41.025841] ? irq_exit+0xbb/0x200
[ 41.029349] ? smp_apic_timer_interrupt+0x16b/0x700
[ 41.034342] ? smp_reschedule_interrupt+0xe6/0x670
[ 41.039243] ? smp_call_function_single_interrupt+0x640/0x640
[ 41.045098] ? _raw_spin_lock+0x32/0x40
[ 41.049047] ? _raw_spin_unlock+0x22/0x30
[ 41.053167] ? handle_edge_irq+0x2b4/0x7c0
[ 41.057373] ? task_prio+0x40/0x40
[ 41.060892] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 41.065710] do_softirq_own_stack+0x2a/0x40
[ 41.070016]
[ 41.072225] do_softirq.part.21+0x14d/0x190
[ 41.076523] ? ip6_finish_output2+0xb6d/0x2390
[ 41.081076] __local_bh_enable_ip+0x1ee/0x230
[ 41.085553] ip6_finish_output2+0xba0/0x2390
[ 41.089945] ? ip6_sk_dst_lookup_flow+0x7f0/0x7f0
[ 41.094765] ? ip6_mtu+0x369/0x4d0
[ 41.098281] ? check_noncircular+0x20/0x20
[ 41.102492] ? __lock_is_held+0xb6/0x140
[ 41.106534] ? __lock_is_held+0xb6/0x140
[ 41.110576] ip6_finish_output+0x689/0xae0
[ 41.114782] ? ip6_finish_output+0x689/0xae0
[ 41.119165] ip6_output+0x1eb/0x840
[ 41.122766] ? ip6_finish_output+0xae0/0xae0
[ 41.127142] ? lock_release+0xa40/0xa40
[ 41.131095] ? ip6_fragment+0x3420/0x3420
[ 41.135219] ip6_xmit+0xd75/0x2080
[ 41.138730] ? __sk_dst_check+0x1a5/0x380
[ 41.142866] ? ip6_finish_output2+0x2390/0x2390
[ 41.147510] ? fl6_update_dst+0x127/0x2b0
[ 41.151631] ? check_noncircular+0x20/0x20
[ 41.155836] ? inet6_csk_route_socket+0x691/0xe80
[ 41.160656] ? lock_acquire+0x1d5/0x580
[ 41.164618] ? memcpy+0x45/0x50
[ 41.167864] ? lock_acquire+0x1d5/0x580
[ 41.171807] ? inet6_csk_xmit+0x114/0x580
[ 41.175927] ? ip6_forward_finish+0x140/0x140
[ 41.180393] ? lock_release+0xa40/0xa40
[ 41.184340] ? __lock_is_held+0xb6/0x140
[ 41.188390] inet6_csk_xmit+0x2fc/0x580
[ 41.192335] ? inet6_csk_update_pmtu+0x160/0x160
[ 41.197069] ? skb_clone+0x20d/0x480
[ 41.200756] ? tcp_schedule_loss_probe+0x490/0x490
[ 41.205671] tcp_transmit_skb+0x1b12/0x38b0
[ 41.209977] ? __tcp_select_window+0x900/0x900
[ 41.214532] ? _raw_spin_unlock_irqrestore+0x31/0xba
[ 41.219606] ? trace_hardirqs_on_caller+0x421/0x5c0
[ 41.224591] ? trace_hardirqs_on+0xd/0x10
[ 41.228714] ? depot_save_stack+0x3b5/0x490
[ 41.233010] ? check_noncircular+0x20/0x20
[ 41.237217] ? tcp_small_queue_check.isra.26+0x31c/0x450
[ 41.242639] ? tcp_tso_segs+0x240/0x240
[ 41.246585] ? pvclock_read_flags+0x160/0x160
[ 41.251062] ? sock_release+0x8d/0x1e0
[ 41.254916] ? sock_close+0x16/0x20
[ 41.258512] ? __fput+0x327/0x7e0
[ 41.261934] ? ____fput+0x15/0x20
[ 41.265365] ? task_work_run+0x199/0x270
[ 41.269397] ? do_exit+0x9bb/0x1ad0
[ 41.273001] ? do_group_exit+0x149/0x400
[ 41.277034] ? do_signal+0x94/0x1ee0
[ 41.280726] ? sched_clock_cpu+0x1b/0x170
[ 41.284841] ? tcp_init_tso_segs+0x114/0x1f0
[ 41.289219] tcp_write_xmit+0x680/0x5190
[ 41.293262] ? tcp_md5_do_lookup+0x256/0x730
[ 41.297645] ? tcp_md5_do_lookup+0x1/0x730
[ 41.301853] ? tcp_transmit_skb+0x38b0/0x38b0
[ 41.306323] ? ip6_mtu+0x1c7/0x4d0
[ 41.309833] ? tcp_v6_md5_lookup+0x23/0x30
[ 41.314038] ? tcp_established_options+0x2c5/0x420
[ 41.318948] ? tcp_current_mss+0x254/0x380
[ 41.323167] ? tcp_mtu_to_mss+0x460/0x460
[ 41.327287] ? __lock_is_held+0xb6/0x140
[ 41.331328] __tcp_push_pending_frames+0xa0/0x250
[ 41.336141] tcp_send_fin+0x1b0/0xd20
[ 41.339910] ? inet_sendpage+0x660/0x660
[ 41.343953] ? sk_forced_mem_schedule+0x150/0x150
[ 41.348766] ? __sk_dst_check+0x380/0x380
[ 41.352885] ? mark_held_locks+0xaf/0x100
[ 41.357003] ? do_raw_spin_trylock+0x190/0x190
[ 41.361560] ? trace_hardirqs_on_caller+0x421/0x5c0
[ 41.366546] ? lock_sock_nested+0x91/0x110
[ 41.370750] ? trace_hardirqs_on+0xd/0x10
[ 41.374877] tcp_close+0xbe0/0xfc0
[ 41.378389] ? ip_mc_drop_socket+0x1ce/0x230
[ 41.382772] inet_release+0xed/0x1c0
[ 41.386460] inet6_release+0x50/0x70
[ 41.390157] sock_release+0x8d/0x1e0
[ 41.393844] ? sock_alloc_file+0x560/0x560
[ 41.398048] sock_close+0x16/0x20
[ 41.401475] __fput+0x327/0x7e0
[ 41.404732] ? fput+0x140/0x140
[ 41.407983] ? trace_event_raw_event_sched_switch+0x800/0x800
[ 41.413836] ? _raw_spin_unlock_irq+0x27/0x70
[ 41.418308] ____fput+0x15/0x20
[ 41.421559] task_work_run+0x199/0x270
[ 41.425433] ? task_work_cancel+0x210/0x210
[ 41.429736] ? _raw_spin_unlock+0x22/0x30
[ 41.433855] ? switch_task_namespaces+0x87/0xc0
[ 41.438500] do_exit+0x9bb/0x1ad0
[ 41.441925] ? check_noncircular+0x20/0x20
[ 41.446135] ? mm_update_next_owner+0x930/0x930
[ 41.450776] ? debug_check_no_locks_freed+0x3c0/0x3c0
[ 41.455966] ? __might_sleep+0x95/0x190
[ 41.459924] ? find_held_lock+0x35/0x1d0
[ 41.463962] ? futex_wait+0x402/0x9a0
[ 41.467741] ? lock_downgrade+0x980/0x980
[ 41.471875] ? __unqueue_futex+0x1c0/0x290
[ 41.476082] ? lock_release+0xa40/0xa40
[ 41.480038] ? fault_in_user_writeable+0x90/0x90
[ 41.484777] ? do_raw_spin_trylock+0x190/0x190
[ 41.489335] ? check_noncircular+0x20/0x20
[ 41.493547] ? drop_futex_key_refs.isra.12+0x63/0xb0
[ 41.498635] ? futex_wait+0x6a9/0x9a0
[ 41.502429] ? find_held_lock+0x35/0x1d0
[ 41.506471] ? get_signal+0x7ae/0x16c0
[ 41.510339] ? lock_downgrade+0x980/0x980
[ 41.514471] do_group_exit+0x149/0x400
[ 41.518329] ? do_raw_spin_trylock+0x190/0x190
[ 41.522879] ? SyS_exit+0x30/0x30
[ 41.526302] ? _raw_spin_unlock_irq+0x27/0x70
[ 41.530766] ? trace_hardirqs_on_caller+0x421/0x5c0
[ 41.535757] get_signal+0x73f/0x16c0
[ 41.539458] ? ptrace_notify+0x130/0x130
[ 41.543490] ? release_sock+0x1d4/0x2a0
[ 41.547440] ? exit_robust_list+0x240/0x240
[ 41.551730] ? _raw_spin_unlock_bh+0x30/0x40
[ 41.556106] ? release_sock+0x1d4/0x2a0
[ 41.560049] ? __release_sock+0x360/0x360
[ 41.564163] ? lock_sock_nested+0x91/0x110
[ 41.568369] ? trace_hardirqs_on+0xd/0x10
[ 41.572499] do_signal+0x94/0x1ee0
[ 41.576009] ? inet_sendmsg+0x126/0x5e0
[ 41.579955] ? __might_sleep+0x95/0x190
[ 41.583897] ? inet_recvmsg+0x5f0/0x5f0
[ 41.587845] ? selinux_socket_sendmsg+0x36/0x40
[ 41.592483] ? setup_sigcontext+0x7d0/0x7d0
[ 41.596774] ? inet_recvmsg+0x5f0/0x5f0
[ 41.600721] ? sock_sendmsg+0x4f/0x110
[ 41.604580] ? fput+0xd2/0x140
[ 41.607744] ? SYSC_sendto+0x41c/0x5c0
[ 41.611603] ? SYSC_connect+0x4a0/0x4a0
[ 41.615546] ? up_read+0x1a/0x40
[ 41.618884] ? __do_page_fault+0x3d6/0xc90
[ 41.623093] ? exit_to_usermode_loop+0x8c/0x310
[ 41.627738] exit_to_usermode_loop+0x214/0x310
[ 41.632294] ? trace_event_raw_event_sys_exit+0x260/0x260
[ 41.637810] syscall_return_slowpath+0x490/0x550
[ 41.642539] ? prepare_exit_to_usermode+0x340/0x340
[ 41.647527] ? entry_SYSCALL_64_fastpath+0x69/0x96
[ 41.652427] ? trace_hardirqs_on_caller+0x421/0x5c0
[ 41.657413] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 41.662143] entry_SYSCALL_64_fastpath+0x94/0x96
[ 41.666869] RIP: 0033:0x4456e9
[ 41.670028] RSP: 002b:00007fb482c9eda8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 41.677706] RAX: fffffffffffffe00 RBX: 00000000006dac3c RCX: 00000000004456e9
[ 41.684946] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000006dac3c
[ 41.692186] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 41.699427] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dac38
[ 41.706668] R13: 0100000000000000 R14: 00007fb482c9f9c0 R15: 0000000000000009
[ 41.713949]
[ 41.715558] Allocated by task 3197:
[ 41.719173] save_stack+0x43/0xd0
[ 41.722604] kasan_kmalloc+0xad/0xe0
[ 41.726292] kasan_slab_alloc+0x12/0x20
[ 41.730242] kmem_cache_alloc+0x12e/0x760
[ 41.734362] sk_prot_alloc+0x65/0x2a0
[ 41.738141] sk_clone_lock+0x152/0x1630
[ 41.742086] inet_csk_clone_lock+0x91/0x4c0
[ 41.746381] tcp_create_openreq_child+0x9b/0x1b70
[ 41.751193] tcp_v6_syn_recv_sock+0x22d/0x23a0
[ 41.755744] tcp_get_cookie_sock+0x102/0x540
[ 41.760116] cookie_v6_check+0x177d/0x2160
[ 41.764326] tcp_v6_do_rcv+0xe4d/0x11c0
[ 41.768267] tcp_v6_rcv+0x22ee/0x2b40
[ 41.772034] ip6_input_finish+0x36f/0x1700
[ 41.776236] ip6_input+0xe9/0x560
[ 41.779664] ip6_rcv_finish+0x1a9/0x7a0
[ 41.783614] ipv6_rcv+0xf1f/0x1f80
[ 41.787121] __netif_receive_skb_core+0x1a3e/0x3450
[ 41.792102] __netif_receive_skb+0x2c/0x1b0
[ 41.796399] process_backlog+0x203/0x740
[ 41.800435] net_rx_action+0x792/0x1910
[ 41.804386] __do_softirq+0x2d7/0xb85
[ 41.808156]
[ 41.809753] Freed by task 0:
[ 41.812735] (stack is not available)
[ 41.816413]
[ 41.818013] The buggy address belongs to the object at ffff8801c74cd500
[ 41.818013] which belongs to the cache TCP of size 2544
[ 41.830039] The buggy address is located 0 bytes to the right of
[ 41.830039] 2544-byte region [ffff8801c74cd500, ffff8801c74cdef0)
[ 41.842323] The buggy address belongs to the page:
[ 41.847223] page:00000000fb1f66c9 count:1 mapcount:0 mapping:00000000843caecd index:0xffff8801c74cdffd compound_mapcount: 0
[ 41.858473] flags: 0x2fffc0000008100(slab|head)
[ 41.863110] raw: 02fffc0000008100 ffff8801c74cc000 ffff8801c74cdffd 0000000100000003
[ 41.870961] raw: ffffea00074b06a0 ffffea00071d33a0 ffff8801d7d9f640 0000000000000000
[ 41.878813] page dumped because: kasan: bad access detected
[ 41.884490]
[ 41.886084] Memory state around the buggy address:
[ 41.890984] ffff8801c74cdd80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 41.898316] ffff8801c74cde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 41.905663] >ffff8801c74cde80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc
[ 41.913006] ^
[ 41.919993] ffff8801c74cdf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 41.927319] ffff8801c74cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 41.934645] ==================================================================
[ 41.941970] Disabling lock debugging due to kernel taint
[ 41.947433] Kernel panic - not syncing: panic_on_warn set ...
[ 41.947433]
[ 41.954769] CPU: 0 PID: 3197 Comm: syzkaller722579 Tainted: G B 4.15.0-rc5+ #170
[ 41.963488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 41.972810] Call Trace:
[ 41.975356]
[ 41.977484] dump_stack+0x194/0x257
[ 41.981086] ? arch_local_irq_restore+0x53/0x53
[ 41.985726] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 41.990569] ? vsnprintf+0x1ed/0x1900
[ 41.994340] ? tcp_v6_syn_recv_sock+0x5e0/0x23a0
[ 41.999063] panic+0x1e4/0x41c
[ 42.002219] ? refcount_error_report+0x214/0x214
[ 42.006941] ? add_taint+0x1c/0x50
[ 42.010459] ? add_taint+0x1c/0x50
[ 42.013966] ? tcp_v6_syn_recv_sock+0x628/0x23a0
[ 42.018693] kasan_end_report+0x50/0x50
[ 42.022641] kasan_report+0x144/0x340
[ 42.026422] check_memory_region+0x137/0x190
[ 42.030805] memcpy+0x37/0x50
[ 42.033880] tcp_v6_syn_recv_sock+0x628/0x23a0
[ 42.038430] ? tcp_v6_conn_request+0x270/0x270
[ 42.042993] ? __local_bh_enable_ip+0x121/0x230
[ 42.047629] ? trace_hardirqs_on_caller+0x19e/0x5c0
[ 42.052613] ? ip6_dst_lookup_tail+0xd90/0x18b0
[ 42.057247] ? trace_hardirqs_on+0xd/0x10
[ 42.061358] ? __local_bh_enable_ip+0x121/0x230
[ 42.065993] ? ip6_dst_lookup_tail+0x3f8/0x18b0
[ 42.070642] ? ip6_copy_metadata+0x890/0x890
[ 42.075022] ? selinux_netlbl_inet_conn_request+0x81/0x3c0
[ 42.080622] ? selinux_netlbl_skbuff_setsid+0x5d0/0x5d0
[ 42.085955] ? __bfs+0x746/0x750
[ 42.089289] ? rcu_read_lock_sched_held+0x108/0x120
[ 42.094286] tcp_get_cookie_sock+0x102/0x540
[ 42.098673] ? selinux_inet_conn_request+0x25b/0x390
[ 42.103745] ? cookie_ecn_ok+0x120/0x120
[ 42.107776] ? xfrm_lookup_route+0x4f/0x1a0
[ 42.112586] ? ip6_dst_lookup_flow+0x1ca/0x270
[ 42.117135] ? ip6_dst_lookup+0x60/0x60
[ 42.121081] ? tcp_select_initial_window+0x30c/0x410
[ 42.126156] cookie_v6_check+0x177d/0x2160
[ 42.130363] ? cookie_v6_init_sequence+0xe0/0xe0
[ 42.135089] ? sk_filter_trim_cap+0x40a/0x9c0
[ 42.139551] ? lock_downgrade+0x980/0x980
[ 42.143667] ? lock_release+0xa40/0xa40
[ 42.147609] ? __lock_is_held+0xb6/0x140
[ 42.151640] ? sk_filter_trim_cap+0xe7/0x9c0
[ 42.156015] ? __local_bh_enable_ip+0x121/0x230
[ 42.160654] ? tcp_v6_inbound_md5_hash+0x155/0x5c0
[ 42.165554] tcp_v6_do_rcv+0xe4d/0x11c0
[ 42.169493] ? tcp_v6_do_rcv+0xe4d/0x11c0
[ 42.173629] ? tcp_v6_fill_cb+0x3d0/0x480
[ 42.177744] tcp_v6_rcv+0x22ee/0x2b40
[ 42.181539] ? tcp_v6_reqsk_send_ack+0x370/0x370
[ 42.186266] ip6_input_finish+0x36f/0x1700
[ 42.190464] ? ip6_input+0x3b4/0x560
[ 42.194149] ? ip6_rcv_finish+0x7a0/0x7a0
[ 42.198268] ? nf_hook_slow+0xd3/0x1a0
[ 42.202124] ip6_input+0xe9/0x560
[ 42.205546] ? print_irqtrace_events+0x270/0x270
[ 42.210269] ? ip6_input_finish+0x1700/0x1700
[ 42.214735] ? find_held_lock+0x35/0x1d0
[ 42.218762] ? ip6_rcv_finish+0x7a0/0x7a0
[ 42.222889] ? ipv6_rcv+0x16b2/0x1f80
[ 42.226670] ip6_rcv_finish+0x1a9/0x7a0
[ 42.230613] ? ip6_make_skb+0x580/0x580
[ 42.234559] ? nf_hook_slow+0xd3/0x1a0
[ 42.238417] ipv6_rcv+0xf1f/0x1f80
[ 42.241937] ? ip6_input+0x560/0x560
[ 42.245620] ? debug_check_no_locks_freed+0x3c0/0x3c0
[ 42.250776] ? __lock_acquire+0x664/0x3e00
[ 42.254980] ? print_irqtrace_events+0x270/0x270
[ 42.259701] ? check_noncircular+0x20/0x20
[ 42.263904] ? check_noncircular+0x20/0x20
[ 42.268124] ? ip6_make_skb+0x580/0x580
[ 42.272077] ? ip6_input+0x560/0x560
[ 42.275763] __netif_receive_skb_core+0x1a3e/0x3450
[ 42.280754] ? nf_ingress+0x9f0/0x9f0
[ 42.284522] ? find_held_lock+0x35/0x1d0
[ 42.288554] ? debug_check_no_locks_freed+0x3c0/0x3c0
[ 42.293713] ? find_held_lock+0x35/0x1d0
[ 42.297755] ? is_bpf_text_address+0x7b/0x120
[ 42.302218] ? lock_downgrade+0x980/0x980
[ 42.306334] ? lock_release+0xa40/0xa40
[ 42.310285] ? __free_insn_slot+0x5c0/0x5c0
[ 42.314577] ? check_noncircular+0x20/0x20
[ 42.318781] ? is_bpf_text_address+0xa4/0x120
[ 42.323251] ? kernel_text_address+0x102/0x140
[ 42.327802] ? __kernel_text_address+0xd/0x40
[ 42.332279] ? unwind_get_return_address+0x61/0xa0
[ 42.337178] ? __save_stack_trace+0x7e/0xd0
[ 42.341470] ? find_held_lock+0x35/0x1d0
[ 42.345497] ? lock_acquire+0x1d5/0x580
[ 42.349439] ? process_backlog+0x45f/0x740
[ 42.353640] ? lock_acquire+0x1d5/0x580
[ 42.357581] ? process_backlog+0x1ab/0x740
[ 42.361786] ? lock_release+0xa40/0xa40
[ 42.365731] ? debug_check_no_obj_freed+0x3da/0xf1f
[ 42.370714] ? __free_pages_ok+0x765/0x31e0
[ 42.375000] ? free_compound_page+0x5e/0x70
[ 42.379294] __netif_receive_skb+0x2c/0x1b0
[ 42.383583] ? __netif_receive_skb+0x2c/0x1b0
[ 42.388044] process_backlog+0x203/0x740
[ 42.392078] ? mark_held_locks+0xaf/0x100
[ 42.396196] net_rx_action+0x792/0x1910
[ 42.400140] ? napi_complete_done+0x6c0/0x6c0
[ 42.404605] ? rcu_read_lock_sched_held+0x108/0x120
[ 42.409594] ? note_gp_changes+0x650/0x650
[ 42.413798] ? timerqueue_add+0x1e9/0x280
[ 42.417917] ? enqueue_hrtimer+0x171/0x4a0
[ 42.422116] ? __remove_hrtimer+0x190/0x190
[ 42.426407] ? find_held_lock+0x35/0x1d0
[ 42.430441] ? lock_downgrade+0x980/0x980
[ 42.434557] ? rcu_pm_notify+0xc0/0xc0
[ 42.438416] ? check_noncircular+0x20/0x20
[ 42.442618] ? print_irqtrace_events+0x270/0x270
[ 42.447342] ? lock_downgrade+0x980/0x980
[ 42.451460] ? __irqentry_text_end+0x4/0x4
[ 42.455661] ? do_timer+0x50/0x50
[ 42.459081] ? __lock_is_held+0xb6/0x140
[ 42.463115] __do_softirq+0x2d7/0xb85
[ 42.466891] ? task_prio+0x40/0x40
[ 42.470403] ? __irqentry_text_end+0x4/0x4
[ 42.474606] ? irq_exit+0xbb/0x200
[ 42.478114] ? smp_apic_timer_interrupt+0x16b/0x700
[ 42.483098] ? smp_reschedule_interrupt+0xe6/0x670
[ 42.488019] ? smp_call_function_single_interrupt+0x640/0x640
[ 42.493870] ? _raw_spin_lock+0x32/0x40
[ 42.497812] ? _raw_spin_unlock+0x22/0x30
[ 42.501928] ? handle_edge_irq+0x2b4/0x7c0
[ 42.506133] ? task_prio+0x40/0x40
[ 42.509646] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 42.514459] do_softirq_own_stack+0x2a/0x40
[ 42.518747]
[ 42.520963] do_softirq.part.21+0x14d/0x190
[ 42.525254] ? ip6_finish_output2+0xb6d/0x2390
[ 42.529801] __local_bh_enable_ip+0x1ee/0x230
[ 42.534272] ip6_finish_output2+0xba0/0x2390
[ 42.538653] ? ip6_sk_dst_lookup_flow+0x7f0/0x7f0
[ 42.543463] ? ip6_mtu+0x369/0x4d0
[ 42.546968] ? check_noncircular+0x20/0x20
[ 42.551170] ? __lock_is_held+0xb6/0x140
[ 42.555204] ? __lock_is_held+0xb6/0x140
[ 42.559234] ip6_finish_output+0x689/0xae0
[ 42.563434] ? ip6_finish_output+0x689/0xae0
[ 42.567817] ip6_output+0x1eb/0x840
[ 42.571420] ? ip6_finish_output+0xae0/0xae0
[ 42.575802] ? lock_release+0xa40/0xa40
[ 42.579753] ? ip6_fragment+0x3420/0x3420
[ 42.583872] ip6_xmit+0xd75/0x2080
[ 42.587402] ? __sk_dst_check+0x1a5/0x380
[ 42.591545] ? ip6_finish_output2+0x2390/0x2390
[ 42.596184] ? fl6_update_dst+0x127/0x2b0
[ 42.600302] ? check_noncircular+0x20/0x20
[ 42.604502] ? inet6_csk_route_socket+0x691/0xe80
[ 42.609314] ? lock_acquire+0x1d5/0x580
[ 42.613255] ? memcpy+0x45/0x50
[ 42.616501] ? lock_acquire+0x1d5/0x580
[ 42.620442] ? inet6_csk_xmit+0x114/0x580
[ 42.624557] ? ip6_forward_finish+0x140/0x140
[ 42.629018] ? lock_release+0xa40/0xa40
[ 42.632961] ? __lock_is_held+0xb6/0x140
[ 42.636993] inet6_csk_xmit+0x2fc/0x580
[ 42.640937] ? inet6_csk_update_pmtu+0x160/0x160
[ 42.645669] ? skb_clone+0x20d/0x480
[ 42.649351] ? tcp_schedule_loss_probe+0x490/0x490
[ 42.654253] tcp_transmit_skb+0x1b12/0x38b0
[ 42.658547] ? __tcp_select_window+0x900/0x900
[ 42.663106] ? _raw_spin_unlock_irqrestore+0x31/0xba
[ 42.668192] ? trace_hardirqs_on_caller+0x421/0x5c0
[ 42.673174] ? trace_hardirqs_on+0xd/0x10
[ 42.677292] ? depot_save_stack+0x3b5/0x490
[ 42.681587] ? check_noncircular+0x20/0x20
[ 42.685793] ? tcp_small_queue_check.isra.26+0x31c/0x450
[ 42.691211] ? tcp_tso_segs+0x240/0x240
[ 42.695155] ? pvclock_read_flags+0x160/0x160
[ 42.699620] ? sock_release+0x8d/0x1e0
[ 42.703474] ? sock_close+0x16/0x20
[ 42.707070] ? __fput+0x327/0x7e0
[ 42.710490] ? ____fput+0x15/0x20
[ 42.713916] ? task_work_run+0x199/0x270
[ 42.717963] ? do_exit+0x9bb/0x1ad0
[ 42.721736] ? do_group_exit+0x149/0x400
[ 42.725781] ? do_signal+0x94/0x1ee0
[ 42.729482] ? sched_clock_cpu+0x1b/0x170
[ 42.733602] ? tcp_init_tso_segs+0x114/0x1f0
[ 42.737980] tcp_write_xmit+0x680/0x5190
[ 42.742011] ? tcp_md5_do_lookup+0x256/0x730
[ 42.746389] ? tcp_md5_do_lookup+0x1/0x730
[ 42.750608] ? tcp_transmit_skb+0x38b0/0x38b0
[ 42.755086] ? ip6_mtu+0x1c7/0x4d0
[ 42.758601] ? tcp_v6_md5_lookup+0x23/0x30
[ 42.762802] ? tcp_established_options+0x2c5/0x420
[ 42.767701] ? tcp_current_mss+0x254/0x380
[ 42.771912] ? tcp_mtu_to_mss+0x460/0x460
[ 42.776037] ? __lock_is_held+0xb6/0x140
[ 42.780071] __tcp_push_pending_frames+0xa0/0x250
[ 42.784883] tcp_send_fin+0x1b0/0xd20
[ 42.788650] ? inet_sendpage+0x660/0x660
[ 42.792678] ? sk_forced_mem_schedule+0x150/0x150
[ 42.797489] ? __sk_dst_check+0x380/0x380
[ 42.801604] ? mark_held_locks+0xaf/0x100
[ 42.805727] ? do_raw_spin_trylock+0x190/0x190
[ 42.810279] ? trace_hardirqs_on_caller+0x421/0x5c0
[ 42.815260] ? lock_sock_nested+0x91/0x110
[ 42.819547] ? trace_hardirqs_on+0xd/0x10
[ 42.823668] tcp_close+0xbe0/0xfc0
[ 42.827178] ? ip_mc_drop_socket+0x1ce/0x230
[ 42.831555] inet_release+0xed/0x1c0
[ 42.835249] inet6_release+0x50/0x70
[ 42.838937] sock_release+0x8d/0x1e0
[ 42.842619] ? sock_alloc_file+0x560/0x560
[ 42.846819] sock_close+0x16/0x20
[ 42.850250] __fput+0x327/0x7e0
[ 42.853509] ? fput+0x140/0x140
[ 42.856765] ? trace_event_raw_event_sched_switch+0x800/0x800
[ 42.862619] ? _raw_spin_unlock_irq+0x27/0x70
[ 42.867085] ____fput+0x15/0x20
[ 42.870332] task_work_run+0x199/0x270
[ 42.874186] ? task_work_cancel+0x210/0x210
[ 42.878474] ? _raw_spin_unlock+0x22/0x30
[ 42.882591] ? switch_task_namespaces+0x87/0xc0
[ 42.887233] do_exit+0x9bb/0x1ad0
[ 42.890655] ? check_noncircular+0x20/0x20
[ 42.894860] ? mm_update_next_owner+0x930/0x930
[ 42.899494] ? debug_check_no_locks_freed+0x3c0/0x3c0
[ 42.904653] ? __might_sleep+0x95/0x190
[ 42.908597] ? find_held_lock+0x35/0x1d0
[ 42.912630] ? futex_wait+0x402/0x9a0
[ 42.916398] ? lock_downgrade+0x980/0x980
[ 42.920515] ? __unqueue_futex+0x1c0/0x290
[ 42.924716] ? lock_release+0xa40/0xa40
[ 42.928660] ? fault_in_user_writeable+0x90/0x90
[ 42.933384] ? do_raw_spin_trylock+0x190/0x190
[ 42.937935] ? check_noncircular+0x20/0x20
[ 42.942151] ? drop_futex_key_refs.isra.12+0x63/0xb0
[ 42.947229] ? futex_wait+0x6a9/0x9a0
[ 42.951003] ? find_held_lock+0x35/0x1d0
[ 42.955038] ? get_signal+0x7ae/0x16c0
[ 42.958891] ? lock_downgrade+0x980/0x980
[ 42.963010] do_group_exit+0x149/0x400
[ 42.966868] ? do_raw_spin_trylock+0x190/0x190
[ 42.971414] ? SyS_exit+0x30/0x30
[ 42.974834] ? _raw_spin_unlock_irq+0x27/0x70
[ 42.979298] ? trace_hardirqs_on_caller+0x421/0x5c0
[ 42.984285] get_signal+0x73f/0x16c0
[ 42.987983] ? ptrace_notify+0x130/0x130
[ 42.992014] ? release_sock+0x1d4/0x2a0
[ 42.995956] ? exit_robust_list+0x240/0x240
[ 43.000251] ? _raw_spin_unlock_bh+0x30/0x40
[ 43.004632] ? release_sock+0x1d4/0x2a0
[ 43.008575] ? __release_sock+0x360/0x360
[ 43.012687] ? lock_sock_nested+0x91/0x110
[ 43.016889] ? trace_hardirqs_on+0xd/0x10
[ 43.021014] do_signal+0x94/0x1ee0
[ 43.024521] ? inet_sendmsg+0x126/0x5e0
[ 43.028461] ? __might_sleep+0x95/0x190
[ 43.032414] ? inet_recvmsg+0x5f0/0x5f0
[ 43.036358] ? selinux_socket_sendmsg+0x36/0x40
[ 43.040997] ? setup_sigcontext+0x7d0/0x7d0
[ 43.045282] ? inet_recvmsg+0x5f0/0x5f0
[ 43.049225] ? sock_sendmsg+0x4f/0x110
[ 43.053093] ? fput+0xd2/0x140
[ 43.056256] ? SYSC_sendto+0x41c/0x5c0
[ 43.060114] ? SYSC_connect+0x4a0/0x4a0
[ 43.064054] ? up_read+0x1a/0x40
[ 43.067392] ? __do_page_fault+0x3d6/0xc90
[ 43.071608] ? exit_to_usermode_loop+0x8c/0x310
[ 43.076258] exit_to_usermode_loop+0x214/0x310
[ 43.080811] ? trace_event_raw_event_sys_exit+0x260/0x260
[ 43.086329] syscall_return_slowpath+0x490/0x550
[ 43.091054] ? prepare_exit_to_usermode+0x340/0x340
[ 43.096037] ? entry_SYSCALL_64_fastpath+0x69/0x96
[ 43.100934] ? trace_hardirqs_on_caller+0x421/0x5c0
[ 43.105918] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 43.110645] entry_SYSCALL_64_fastpath+0x94/0x96
[ 43.115367] RIP: 0033:0x4456e9
[ 43.118527] RSP: 002b:00007fb482c9eda8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 43.126203] RAX: fffffffffffffe00 RBX: 00000000006dac3c RCX: 00000000004456e9
[ 43.133443] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000006dac3c
[ 43.140682] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 43.147927] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dac38
[ 43.155167] R13: 0100000000000000 R14: 00007fb482c9f9c0 R15: 0000000000000009
[ 43.162455] Dumping ftrace buffer:
[ 43.165965] (ftrace buffer empty)
[ 43.169656] Kernel Offset: disabled
[ 43.173255] Rebooting in 86400 seconds..