[ 14.702346][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #80!!! [ 15.261372][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!! Warning: Permanently added '10.128.0.41' (ECDSA) to the list of known hosts. 2021/11/08 09:11:32 fuzzer started 2021/11/08 09:11:32 connecting to host at 10.128.0.163:43175 2021/11/08 09:11:32 checking machine... 2021/11/08 09:11:32 checking revisions... 2021/11/08 09:11:32 testing simple program... [ 21.230027][ T23] audit: type=1400 audit(1636362692.629:73): avc: denied { getattr } for pid=362 comm="syz-fuzzer" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 21.251419][ T370] cgroup: Unknown subsys name 'net' [ 21.253427][ T23] audit: type=1400 audit(1636362692.639:74): avc: denied { read } for pid=362 comm="syz-fuzzer" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 21.279375][ T23] audit: type=1400 audit(1636362692.639:75): avc: denied { open } for pid=362 comm="syz-fuzzer" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 21.279536][ T370] cgroup: Unknown subsys name 'devices' [ 21.302552][ T23] audit: type=1400 audit(1636362692.649:76): avc: denied { read } for pid=362 comm="syz-fuzzer" name="raw-gadget" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 21.330832][ T23] audit: type=1400 audit(1636362692.649:77): avc: denied { open } for pid=362 comm="syz-fuzzer" path="/dev/raw-gadget" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 21.354374][ T23] audit: type=1400 audit(1636362692.649:78): avc: denied { mounton } for pid=370 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1136 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 21.377257][ T23] audit: type=1400 audit(1636362692.649:79): avc: denied { mount } for pid=370 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 21.399399][ T23] audit: type=1400 audit(1636362692.659:80): avc: denied { unmount } for pid=370 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 21.492930][ T370] cgroup: Unknown subsys name 'hugetlb' [ 21.498746][ T370] cgroup: Unknown subsys name 'rlimit' [ 21.602421][ T23] audit: type=1400 audit(1636362693.009:81): avc: denied { setattr } for pid=370 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 21.625736][ T23] audit: type=1400 audit(1636362693.029:82): avc: denied { execmem } for pid=372 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 21.696904][ T373] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.704071][ T373] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.711411][ T373] device bridge_slave_0 entered promiscuous mode [ 21.718235][ T373] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.725483][ T373] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.732772][ T373] device bridge_slave_1 entered promiscuous mode [ 21.762739][ T373] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.769773][ T373] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.777146][ T373] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.784176][ T373] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.802399][ T74] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.809891][ T74] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.817476][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 21.825251][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 21.842154][ T109] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.850278][ T109] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.857316][ T109] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.865272][ T109] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.874110][ T109] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.881121][ T109] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.888505][ T109] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.896406][ T109] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.906554][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.916940][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.928053][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.943046][ T24] ================================================================================ [ 21.952417][ T24] UBSAN: object-size-mismatch in ./include/linux/skbuff.h:2023:28 [ 21.960193][ T24] member access within address ffffc9000019f1c0 with insufficient space [ 21.968509][ T24] for an object of type 'struct sk_buff' [ 21.974129][ T24] CPU: 1 PID: 24 Comm: kworker/1:1 Not tainted 5.10.78-syzkaller-01155-gbb235e8cc2b6 #0 [ 21.983851][ T24] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 21.993895][ T24] Workqueue: ipv6_addrconf addrconf_dad_work [ 21.999847][ T24] Call Trace: [ 22.003111][ T24] dump_stack_lvl+0x1e2/0x24b [ 22.007757][ T24] ? show_regs_print_info+0x18/0x18 [ 22.012976][ T24] ? wg_allowedips_lookup_dst+0x190/0x190 [ 22.018970][ T24] dump_stack+0x15/0x1d [ 22.023099][ T24] ubsan_type_mismatch_common+0x1ed/0x3a0 [ 22.028806][ T24] ? __sanitizer_cov_trace_switch+0x74/0x90 [ 22.034676][ T24] __ubsan_handle_type_mismatch_v1+0x5b/0x70 [ 22.040630][ T24] wg_xmit+0x4a2/0xae0 [ 22.044671][ T24] ? wg_stop+0x140/0x140 [ 22.048896][ T24] ? __sanitizer_cov_trace_const_cmp2+0x19/0x20 [ 22.055119][ T24] netdev_start_xmit+0x8a/0x160 [ 22.059959][ T24] dev_hard_start_xmit+0x18d/0x2f0 [ 22.065044][ T24] __dev_queue_xmit+0xfbe/0x1bb0 [ 22.069965][ T24] ? dev_queue_xmit+0x20/0x20 [ 22.074615][ T24] ? __local_bh_enable_ip+0xa8/0x170 [ 22.079876][ T24] ? do_raw_spin_unlock+0x50/0x50 [ 22.084873][ T24] ? _local_bh_enable+0x30/0x30 [ 22.089693][ T24] ? __sanitizer_cov_trace_const_cmp4+0x19/0x20 [ 22.095905][ T24] ? ndisc_constructor+0x690/0x8a0 [ 22.100988][ T24] ? _raw_write_unlock_bh+0x31/0x47 [ 22.106211][ T24] ? dev_hard_header+0xdb/0xf0 [ 22.110969][ T24] dev_queue_xmit+0x17/0x20 [ 22.115451][ T24] neigh_connected_output+0x288/0x2b0 [ 22.120810][ T24] ip6_finish_output2+0xde2/0x1440 [ 22.125961][ T24] ? __rcu_read_lock+0x50/0x50 [ 22.130701][ T24] ? __ip6_finish_output+0x520/0x520 [ 22.135957][ T24] ? dst_cow_metrics_generic+0x55/0x1d0 [ 22.141474][ T24] ? __sanitizer_cov_trace_const_cmp4+0x19/0x20 [ 22.147682][ T24] ? ip6_skb_dst_mtu+0xaf/0x260 [ 22.152506][ T24] __ip6_finish_output+0x3e4/0x520 [ 22.157591][ T24] ip6_finish_output+0x3f/0x220 [ 22.162500][ T24] ? ip6_output+0x1d3/0x4b0 [ 22.166997][ T24] ip6_output+0x1f8/0x4b0 [ 22.171304][ T24] ? asan.module_dtor+0x20/0x20 [ 22.176747][ T24] ? skb_dst+0x40/0x40 [ 22.180791][ T24] ? __rcu_read_lock+0x50/0x50 [ 22.185531][ T24] ? selinux_ipv6_forward+0x50/0x50 [ 22.190701][ T24] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 22.196425][ T24] ? nf_hook_slow+0x150/0x1b0 [ 22.201076][ T24] NF_HOOK+0xdd/0x280 [ 22.205029][ T24] ? addrconf_addr_solict_mult+0xe0/0xe0 [ 22.210631][ T24] ? NF_HOOK+0x280/0x280 [ 22.214857][ T24] ? __rcu_read_lock+0x50/0x50 [ 22.219606][ T24] ? __sanitizer_cov_trace_const_cmp4+0x19/0x20 [ 22.225833][ T24] ? ndisc_send_skb+0x547/0x9f0 [ 22.230686][ T24] ? memcpy+0x56/0x70 [ 22.234647][ T24] ndisc_send_skb+0x646/0x9f0 [ 22.239300][ T24] ? slab_post_alloc_hook+0x90/0xa0 [ 22.244488][ T24] ? ndisc_fill_addr_option+0x2f0/0x2f0 [ 22.250005][ T24] ? skb_set_owner_w+0x1a8/0x310 [ 22.254914][ T24] ? __sanitizer_cov_trace_cmp4+0x19/0x20 [ 22.260602][ T24] ? skb_put+0x11d/0x200 [ 22.264818][ T24] ndisc_send_rs+0x26c/0x360 [ 22.269380][ T24] addrconf_dad_completed+0x4f3/0x9f0 [ 22.274722][ T24] ? addrconf_dad_stop+0x430/0x430 [ 22.279813][ T24] addrconf_dad_work+0x9c1/0x1520 [ 22.284819][ T24] ? move_linked_works+0x118/0x130 [ 22.289904][ T24] ? ipv6_use_optimistic_addr+0x1d0/0x1d0 [ 22.295647][ T24] ? __kasan_check_write+0x14/0x20 [ 22.300740][ T24] process_one_work+0x3ca/0x660 [ 22.305575][ T24] worker_thread+0x709/0xa20 [ 22.310180][ T24] ? __kthread_parkme+0x11b/0x150 [ 22.315184][ T24] kthread+0x371/0x390 [ 22.319226][ T24] ? pr_cont_work+0x110/0x110 [ 22.323872][ T24] ? __list_add+0xc0/0xc0 [ 22.328224][ T24] ret_from_fork+0x1f/0x30 [ 22.332643][ T24] ================================================================================ [ 22.341934][ T24] ================================================================================ [ 22.351198][ T24] UBSAN: object-size-mismatch in ./include/linux/skbuff.h:1916:2 [ 22.358924][ T24] member access within address ffffc9000019f1c0 with insufficient space [ 22.367250][ T24] for an object of type 'struct sk_buff' [ 22.372903][ T24] CPU: 1 PID: 24 Comm: kworker/1:1 Not tainted 5.10.78-syzkaller-01155-gbb235e8cc2b6 #0 [ 22.382653][ T24] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 22.392693][ T24] Workqueue: ipv6_addrconf addrconf_dad_work [ 22.398642][ T24] Call Trace: [ 22.401940][ T24] dump_stack_lvl+0x1e2/0x24b [ 22.406590][ T24] ? show_regs_print_info+0x18/0x18 [ 22.411761][ T24] ? wg_allowedips_lookup_dst+0x190/0x190 [ 22.417451][ T24] dump_stack+0x15/0x1d [ 22.421576][ T24] ubsan_type_mismatch_common+0x1ed/0x3a0 [ 22.427282][ T24] __ubsan_handle_type_mismatch_v1+0x5b/0x70 [ 22.433244][ T24] wg_xmit+0x513/0xae0 [ 22.437284][ T24] ? wg_stop+0x140/0x140 [ 22.441502][ T24] ? __sanitizer_cov_trace_const_cmp2+0x19/0x20 [ 22.447716][ T24] netdev_start_xmit+0x8a/0x160 [ 22.452540][ T24] dev_hard_start_xmit+0x18d/0x2f0 [ 22.457623][ T24] __dev_queue_xmit+0xfbe/0x1bb0 [ 22.462530][ T24] ? dev_queue_xmit+0x20/0x20 [ 22.467180][ T24] ? __local_bh_enable_ip+0xa8/0x170 [ 22.472436][ T24] ? do_raw_spin_unlock+0x50/0x50 [ 22.477430][ T24] ? _local_bh_enable+0x30/0x30 [ 22.482265][ T24] ? __sanitizer_cov_trace_const_cmp4+0x19/0x20 [ 22.488475][ T24] ? ndisc_constructor+0x690/0x8a0 [ 22.493564][ T24] ? _raw_write_unlock_bh+0x31/0x47 [ 22.498733][ T24] ? dev_hard_header+0xdb/0xf0 [ 22.503475][ T24] dev_queue_xmit+0x17/0x20 [ 22.507950][ T24] neigh_connected_output+0x288/0x2b0 [ 22.513292][ T24] ip6_finish_output2+0xde2/0x1440 [ 22.518377][ T24] ? __rcu_read_lock+0x50/0x50 [ 22.523112][ T24] ? __ip6_finish_output+0x520/0x520 [ 22.528378][ T24] ? dst_cow_metrics_generic+0x55/0x1d0 [ 22.533898][ T24] ? __sanitizer_cov_trace_const_cmp4+0x19/0x20 [ 22.540121][ T24] ? ip6_skb_dst_mtu+0xaf/0x260 [ 22.544942][ T24] __ip6_finish_output+0x3e4/0x520 [ 22.550038][ T24] ip6_finish_output+0x3f/0x220 [ 22.554859][ T24] ? ip6_output+0x1d3/0x4b0 [ 22.559344][ T24] ip6_output+0x1f8/0x4b0 [ 22.563643][ T24] ? asan.module_dtor+0x20/0x20 [ 22.568723][ T24] ? skb_dst+0x40/0x40 [ 22.572763][ T24] ? __rcu_read_lock+0x50/0x50 [ 22.577497][ T24] ? selinux_ipv6_forward+0x50/0x50 [ 22.582664][ T24] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 22.588355][ T24] ? nf_hook_slow+0x150/0x1b0 [ 22.593014][ T24] NF_HOOK+0xdd/0x280 [ 22.596968][ T24] ? addrconf_addr_solict_mult+0xe0/0xe0 [ 22.602572][ T24] ? NF_HOOK+0x280/0x280 [ 22.606785][ T24] ? __rcu_read_lock+0x50/0x50 [ 22.611536][ T24] ? __sanitizer_cov_trace_const_cmp4+0x19/0x20 [ 22.617745][ T24] ? ndisc_send_skb+0x547/0x9f0 [ 22.622566][ T24] ? memcpy+0x56/0x70 [ 22.626518][ T24] ndisc_send_skb+0x646/0x9f0 [ 22.631166][ T24] ? slab_post_alloc_hook+0x90/0xa0 [ 22.636335][ T24] ? ndisc_fill_addr_option+0x2f0/0x2f0 [ 22.641851][ T24] ? skb_set_owner_w+0x1a8/0x310 [ 22.646762][ T24] ? __sanitizer_cov_trace_cmp4+0x19/0x20 [ 22.652450][ T24] ? skb_put+0x11d/0x200 [ 22.656675][ T24] ndisc_send_rs+0x26c/0x360 [ 22.661249][ T24] addrconf_dad_completed+0x4f3/0x9f0 [ 22.666600][ T24] ? addrconf_dad_stop+0x430/0x430 [ 22.671683][ T24] addrconf_dad_work+0x9c1/0x1520 [ 22.676805][ T24] ? move_linked_works+0x118/0x130 [ 22.681904][ T24] ? ipv6_use_optimistic_addr+0x1d0/0x1d0 [ 22.687606][ T24] ? __kasan_check_write+0x14/0x20 [ 22.692690][ T24] process_one_work+0x3ca/0x660 [ 22.697528][ T24] worker_thread+0x709/0xa20 [ 22.702098][ T24] ? __kthread_parkme+0x11b/0x150 [ 22.707090][ T24] kthread+0x371/0x390 [ 22.711128][ T24] ? pr_cont_work+0x110/0x110 [ 22.715773][ T24] ? __list_add+0xc0/0xc0 [ 22.720073][ T24] ret_from_fork+0x1f/0x30 [ 22.724556][ T24] ================================================================================ [ 22.735398][ T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 22.743744][ T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 2021/11/08 09:11:34 building call list... [ 22.759912][ T373] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 23.361609][ T7] device bridge_slave_1 left promiscuous mode [ 23.367766][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.375562][ T7] device bridge_slave_0 left promiscuous mode [ 23.381931][ T7] bridge0: port 1(bridge_slave_0) entered disabled state