[....] Starting enhanced syslogd: rsyslogd[ 16.129076] audit: type=1400 audit(1519570730.549:5): avc: denied { syslog } for pid=4092 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1
�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Starting mcstransd:
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting file context maintaining daemon: restorecond�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
syzkaller login: [ 18.582726] audit: type=1400 audit(1519570733.003:6): avc: denied { map } for pid=4230 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.0.59' (ECDSA) to the list of known hosts.
executing program
[ 24.881867] audit: type=1400 audit(1519570739.302:7): avc: denied { map } for pid=4244 comm="syzkaller742220" path="/root/syzkaller742220966" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[ 24.911734] ==================================================================
[ 24.919162] BUG: KASAN: slab-out-of-bounds in ip6_route_me_harder+0x9d8/0xc00
[ 24.926408] Read of size 4 at addr ffff8801b0ae61a8 by task syzkaller742220/4244
[ 24.933909]
[ 24.935509] CPU: 0 PID: 4244 Comm: syzkaller742220 Not tainted 4.16.0-rc2+ #328
[ 24.942927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 24.952265] Call Trace:
[ 24.954831]
[ 24.956968] dump_stack+0x194/0x24d
[ 24.960572] ? arch_local_irq_restore+0x53/0x53
[ 24.965215] ? show_regs_print_info+0x18/0x18
[ 24.969691] ? ip6_route_me_harder+0x9d8/0xc00
[ 24.974247] print_address_description+0x73/0x250
[ 24.979064] ? ip6_route_me_harder+0x9d8/0xc00
[ 24.983616] kasan_report+0x23b/0x360
[ 24.987392] __asan_report_load4_noabort+0x14/0x20
[ 24.992292] ip6_route_me_harder+0x9d8/0xc00
[ 24.996676] ? nf_ip6_checksum_partial+0x310/0x310
[ 25.001596] ip6table_mangle_hook+0x636/0x920
[ 25.006069] ? check_noncircular+0x20/0x20
[ 25.010279] ? ip6table_mangle_net_exit+0xa0/0xa0
[ 25.015092] ? ip6_xmit+0xe9d/0x2260
[ 25.018781] ? netlbl_enabled+0x52/0xe0
[ 25.022732] ? lock_release+0xa40/0xa40
[ 25.026689] nf_hook_slow+0xba/0x1a0
[ 25.030372] ? nf_hook_slow+0xba/0x1a0
[ 25.034239] ip6_xmit+0x10ec/0x2260
[ 25.037855] ? ip6_finish_output2+0x23a0/0x23a0
[ 25.042510] ? check_noncircular+0x20/0x20
[ 25.046716] ? lock_acquire+0x1d5/0x580
[ 25.050660] ? lock_acquire+0x1d5/0x580
[ 25.054607] ? tcp_v6_send_synack+0x473/0xaa0
[ 25.059077] ? ip6_forward_finish+0x140/0x140
[ 25.063545] ? lock_release+0xa40/0xa40
[ 25.067495] ? __lock_is_held+0xb6/0x140
[ 25.071541] tcp_v6_send_synack+0x57b/0xaa0
[ 25.075838] ? tcp_v6_conn_request+0x270/0x270
[ 25.080390] ? inet_csk_route_child_sock+0xc50/0xc50
[ 25.085473] tcp_conn_request+0x26fd/0x3660
[ 25.089781] ? tcp_event_data_recv+0xe80/0xe80
[ 25.094340] ? debug_check_no_locks_freed+0x3c0/0x3c0
[ 25.099502] ? tcp_v4_send_synack+0x430/0x430
[ 25.103974] ? check_noncircular+0x20/0x20
[ 25.108181] ? debug_check_no_locks_freed+0x3c0/0x3c0
[ 25.113362] ? netlbl_catmap_setrng+0xb0/0xb0
[ 25.117833] ? __do_once_start+0x8a/0xd0
[ 25.121869] ? selinux_peerlbl_enabled+0x97/0x170
[ 25.126686] ? check_noncircular+0x20/0x20
[ 25.130893] ? check_noncircular+0x20/0x20
[ 25.135105] ? selinux_socket_sock_rcv_skb+0x24e/0x850
[ 25.140352] ? _raw_spin_unlock_irqrestore+0x31/0xba
[ 25.145444] tcp_v6_conn_request+0x212/0x270
[ 25.149825] ? tcp_v6_conn_request+0x212/0x270
[ 25.154381] tcp_rcv_state_process+0x8f5/0x4920
[ 25.159019] ? lock_release+0xa40/0xa40
[ 25.162966] ? __lock_is_held+0xb6/0x140
[ 25.166999] ? tcp_finish_connect+0x420/0x420
[ 25.171474] ? sk_filter_trim_cap+0xe7/0x9c0
[ 25.175853] ? __skb_checksum+0x7e0/0x7e0
[ 25.179970] ? skb_send_sock+0x50/0x50
[ 25.183832] ? bpf_xdp_copy+0x40/0x40
[ 25.187610] ? tcp_v6_inbound_md5_hash+0x155/0x5c0
[ 25.192509] ? inet6_lookup_listener+0x35b/0xd60
[ 25.197271] tcp_v6_do_rcv+0x739/0x1250
[ 25.201216] ? tcp_v6_do_rcv+0x739/0x1250
[ 25.205340] ? tcp_v6_fill_cb+0x390/0x490
[ 25.209463] tcp_v6_rcv+0x24a1/0x2d70
[ 25.213242] ? check_noncircular+0x20/0x20
[ 25.217455] ? rawv6_rcv+0x11fb/0x1200
[ 25.221332] ? tcp_v6_reqsk_send_ack+0x370/0x370
[ 25.226068] ip6_input_finish+0x37e/0x17a0
[ 25.230278] ? ip6_input+0x3a7/0x560
[ 25.233977] ? ip6_make_skb+0x5e0/0x5e0
[ 25.237925] ? nf_hook_slow+0xd3/0x1a0
[ 25.241791] ip6_input+0xdb/0x560
[ 25.245220] ? ip6_input_finish+0x17a0/0x17a0
[ 25.249696] ? find_held_lock+0x35/0x1d0
[ 25.253733] ? ip6_make_skb+0x5e0/0x5e0
[ 25.257679] ? ipv6_rcv+0x16cd/0x1fa0
[ 25.261455] ip6_rcv_finish+0x297/0x8c0
[ 25.265401] ? ip6_input+0x560/0x560
[ 25.269096] ? ip6table_nat_in+0x2c/0x40
[ 25.273133] ? nf_hook_slow+0xd3/0x1a0
[ 25.276994] ipv6_rcv+0xf37/0x1fa0
[ 25.280517] ? ip6_rcv_finish+0x8c0/0x8c0
[ 25.284638] ? save_stack_trace+0x1a/0x20
[ 25.288776] ? mark_lock+0xb2c/0x1430
[ 25.292548] ? check_usage_backwards+0x410/0x410
[ 25.297299] ? ip6_input+0x560/0x560
[ 25.300994] ? ip6_rcv_finish+0x8c0/0x8c0
[ 25.305120] __netif_receive_skb_core+0x1a41/0x3460
[ 25.310118] ? nf_ingress+0x9f0/0x9f0
[ 25.313903] ? debug_check_no_locks_freed+0x3c0/0x3c0
[ 25.319066] ? __lock_is_held+0xb6/0x140
[ 25.323108] ? __lock_acquire+0x664/0x3e00
[ 25.327316] ? __lock_acquire+0x664/0x3e00
[ 25.331529] ? fastpath_timer_check+0x7fe/0xad0
[ 25.336170] ? update_cfs_rq_load_avg.part.68+0x2d0/0x2d0
[ 25.341691] ? print_irqtrace_events+0x270/0x270
[ 25.346419] ? check_noncircular+0x20/0x20
[ 25.350641] ? find_held_lock+0x35/0x1d0
[ 25.354680] ? lock_acquire+0x1d5/0x580
[ 25.358626] ? process_backlog+0x45f/0x740
[ 25.362832] ? lock_acquire+0x1d5/0x580
[ 25.366778] ? process_backlog+0x1ab/0x740
[ 25.370992] ? lock_release+0xa40/0xa40
[ 25.374935] ? check_noncircular+0x20/0x20
[ 25.379150] __netif_receive_skb+0x2c/0x1b0
[ 25.383441] ? __netif_receive_skb+0x2c/0x1b0
[ 25.387910] process_backlog+0x203/0x740
[ 25.391948] ? mark_held_locks+0xaf/0x100
[ 25.396080] net_rx_action+0x792/0x1910
[ 25.400039] ? napi_complete_done+0x6c0/0x6c0
[ 25.404516] ? trace_hardirqs_on_caller+0x19e/0x5c0
[ 25.409506] ? trace_hardirqs_on+0xd/0x10
[ 25.413624] ? _raw_spin_unlock_irq+0x27/0x70
[ 25.418092] ? __run_timers+0x16f/0xb70
[ 25.422048] ? trigger_dyntick_cpu.isra.29+0x150/0x150
[ 25.427301] ? timerqueue_add+0x1e9/0x280
[ 25.431425] ? check_noncircular+0x20/0x20
[ 25.435633] ? enqueue_hrtimer+0x177/0x4b0
[ 25.439838] ? lock_release+0xa40/0xa40
[ 25.443786] ? retrigger_next_event+0x1e0/0x1e0
[ 25.448426] ? __lock_is_held+0xb6/0x140
[ 25.452464] ? print_irqtrace_events+0x270/0x270
[ 25.457194] ? check_noncircular+0x20/0x20
[ 25.461411] ? clockevents_program_event+0x163/0x2e0
[ 25.466488] ? lock_downgrade+0x980/0x980
[ 25.470616] ? __lock_is_held+0xb6/0x140
[ 25.474661] ? __local_bh_enable+0x10b/0x130
[ 25.479041] ? print_irqtrace_events+0x270/0x270
[ 25.483770] ? ktime_get+0x26f/0x3a0
[ 25.487455] ? check_noncircular+0x20/0x20
[ 25.491669] ? __irqentry_text_end+0x1f8ad4/0x1f8ad4
[ 25.496753] ? __lock_is_held+0xb6/0x140
[ 25.500800] __do_softirq+0x2d7/0xb85
[ 25.504574] ? task_prio+0x50/0x50
[ 25.508098] ? __irqentry_text_end+0x1f8ad4/0x1f8ad4
[ 25.513180] ? irq_exit+0xbb/0x200
[ 25.516692] ? smp_apic_timer_interrupt+0x16b/0x700
[ 25.521680] ? smp_reschedule_interrupt+0xe6/0x650
[ 25.526582] ? smp_call_function_single_interrupt+0x640/0x640
[ 25.532438] ? _raw_spin_lock+0x32/0x40
[ 25.536386] ? _raw_spin_unlock+0x22/0x30
[ 25.540507] ? handle_edge_irq+0x2b4/0x7c0
[ 25.544717] ? task_prio+0x50/0x50
[ 25.548238] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 25.553070] do_softirq_own_stack+0x2a/0x40
[ 25.557369]
[ 25.559579] do_softirq.part.19+0x14d/0x190
[ 25.563873] ? ip6_finish_output2+0xb6d/0x23a0
[ 25.568428] __local_bh_enable_ip+0x1ee/0x230
[ 25.572909] ip6_finish_output2+0xba0/0x23a0
[ 25.577299] ? ip6_sk_dst_lookup_flow+0x7f0/0x7f0
[ 25.582117] ? ip6_mtu+0x369/0x4d0
[ 25.585635] ? lock_downgrade+0x980/0x980
[ 25.589764] ? __lock_is_held+0xb6/0x140
[ 25.593807] ? ip6_mtu+0x1c7/0x4d0
[ 25.597322] ? ip6_dst_ifdown+0x3d0/0x3d0
[ 25.601442] ? nf_nat_ipv6_out+0x262/0x570
[ 25.605657] ip6_finish_output+0x69b/0xaf0
[ 25.609863] ? ip6_finish_output+0x69b/0xaf0
[ 25.614253] ip6_output+0x1eb/0x840
[ 25.617854] ? ip6_finish_output+0xaf0/0xaf0
[ 25.622245] ? ip6_fragment+0x3470/0x3470
[ 25.626367] ? nf_hook_slow+0xd3/0x1a0
[ 25.630234] ip6_xmit+0xe1f/0x2260
[ 25.633759] ? __sk_dst_check+0x1a5/0x380
[ 25.637890] ? ip6_finish_output2+0x23a0/0x23a0
[ 25.642534] ? fl6_update_dst+0x127/0x2b0
[ 25.646659] ? inet6_csk_route_socket+0x691/0xe80
[ 25.651488] ? check_noncircular+0x20/0x20
[ 25.655696] ? lock_acquire+0x1d5/0x580
[ 25.659644] ? lock_acquire+0x1d5/0x580
[ 25.663590] ? inet6_csk_xmit+0x114/0x580
[ 25.667713] ? ip6_forward_finish+0x140/0x140
[ 25.672182] ? lock_release+0xa40/0xa40
[ 25.676133] ? __lock_is_held+0xb6/0x140
[ 25.680180] inet6_csk_xmit+0x2fc/0x580
[ 25.684131] ? inet6_csk_update_pmtu+0x160/0x160
[ 25.688867] ? refcount_add_not_zero+0x133/0x200
[ 25.693613] tcp_transmit_skb+0x1b12/0x3960
[ 25.697922] ? __tcp_select_window+0x900/0x900
[ 25.702478] ? tcp_fastopen_cache_get+0x449/0x720
[ 25.707294] ? tcp_peer_is_proven+0xc60/0xc60
[ 25.711760] ? ip6_mtu+0x369/0x4d0
[ 25.715278] ? __lock_is_held+0xb6/0x140
[ 25.719325] ? tcp_try_fastopen+0x1b50/0x1b50
[ 25.723809] ? tcp_init_transfer+0x3e0/0x3e0
[ 25.728205] ? tcp_rbtree_insert+0x135/0x190
[ 25.732593] tcp_connect+0x1f45/0x40f0
[ 25.736467] ? tcp_push_one+0x100/0x100
[ 25.740426] ? lock_downgrade+0x967/0x980
[ 25.744545] ? do_raw_spin_trylock+0x190/0x190
[ 25.749110] ? __inet_hash_connect+0x8d1/0xed0
[ 25.753666] ? pvclock_read_flags+0x160/0x160
[ 25.758132] ? mark_held_locks+0xaf/0x100
[ 25.762256] ? ktime_get_with_offset+0x188/0x420
[ 25.766988] ? kvm_clock_get_cycles+0x25/0x30
[ 25.771456] ? ktime_get_with_offset+0x2c1/0x420
[ 25.776194] ? do_gettimeofday+0x190/0x190
[ 25.780411] ? __siphash_aligned+0x1b9/0x330
[ 25.784790] ? siphash_4u64+0x25/0x3a0
[ 25.788656] ? secure_tcpv6_ts_off+0x1e0/0x420
[ 25.793211] ? secure_tcpv6_seq+0x23c/0x350
[ 25.797505] ? secure_tcpv6_seq+0x350/0x350
[ 25.801801] ? tcp_fastopen_defer_connect+0x163/0x4a0
[ 25.806961] ? secure_dccpv6_sequence_number+0x360/0x360
[ 25.812409] tcp_v6_connect+0x2083/0x26c0
[ 25.816627] ? tcp_v6_syn_recv_sock+0x23f0/0x23f0
[ 25.821439] ? trace_hardirqs_on_caller+0x421/0x5c0
[ 25.826429] ? trace_hardirqs_on+0xd/0x10
[ 25.830553] ? depot_save_stack+0x2ca/0x460
[ 25.834852] ? save_stack+0xa3/0xd0
[ 25.838453] ? save_stack+0x43/0xd0
[ 25.842049] ? kasan_kmalloc+0xad/0xe0
[ 25.845910] ? kmem_cache_alloc_trace+0x136/0x740
[ 25.850723] ? tcp_sendmsg_locked+0x1f71/0x3c70
[ 25.855360] ? tcp_sendmsg+0x2f/0x50
[ 25.859046] ? inet_sendmsg+0x11f/0x5e0
[ 25.862991] ? sock_sendmsg+0xca/0x110
[ 25.866848] ? SYSC_sendto+0x361/0x5c0
[ 25.870707] ? SyS_sendto+0x40/0x50
[ 25.874306] ? do_syscall_64+0x280/0x940
[ 25.878338] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[ 25.883686] ? print_irqtrace_events+0x270/0x270
[ 25.888424] ? check_noncircular+0x20/0x20
[ 25.892630] ? __lock_is_held+0xb6/0x140
[ 25.896669] __inet_stream_connect+0x2d4/0xf00
[ 25.901233] ? __inet_stream_connect+0x2d4/0xf00
[ 25.905966] ? inet_bind+0x930/0x930
[ 25.909661] ? tcp_sendmsg_locked+0x1f71/0x3c70
[ 25.914304] ? rcu_read_lock_sched_held+0x108/0x120
[ 25.919294] ? kmem_cache_alloc_trace+0x459/0x740
[ 25.924118] tcp_sendmsg_locked+0x264e/0x3c70
[ 25.928593] ? avc_has_perm+0x35e/0x680
[ 25.932544] ? lock_downgrade+0x980/0x980
[ 25.936665] ? check_noncircular+0x20/0x20
[ 25.940876] ? lock_release+0xa40/0xa40
[ 25.944832] ? tcp_sendpage+0x60/0x60
[ 25.948618] ? print_irqtrace_events+0x270/0x270
[ 25.953346] ? find_held_lock+0x35/0x1d0
[ 25.957395] ? lock_acquire+0x1d5/0x580
[ 25.961341] ? lock_acquire+0x1d5/0x580
[ 25.965289] ? tcp_sendmsg+0x21/0x50
[ 25.968985] ? mark_held_locks+0xaf/0x100
[ 25.973104] ? do_raw_spin_trylock+0x190/0x190
[ 25.977659] ? __local_bh_enable_ip+0x121/0x230
[ 25.982302] ? trace_hardirqs_on_caller+0x421/0x5c0
[ 25.987290] ? lock_sock_nested+0x91/0x110
[ 25.991496] ? trace_hardirqs_on+0xd/0x10
[ 25.995616] ? __local_bh_enable_ip+0x121/0x230
[ 26.000263] tcp_sendmsg+0x2f/0x50
[ 26.003777] inet_sendmsg+0x11f/0x5e0
[ 26.007550] ? __might_sleep+0x95/0x190
[ 26.011496] ? inet_create+0xf50/0xf50
[ 26.015359] ? selinux_socket_sendmsg+0x36/0x40
[ 26.020001] ? security_socket_sendmsg+0x89/0xb0
[ 26.024728] ? inet_create+0xf50/0xf50
[ 26.028592] sock_sendmsg+0xca/0x110
[ 26.032278] SYSC_sendto+0x361/0x5c0
[ 26.035967] ? SYSC_connect+0x4a0/0x4a0
[ 26.039914] ? __local_bh_enable_ip+0x121/0x230
[ 26.044557] ? _raw_spin_unlock_bh+0x30/0x40
[ 26.048936] ? release_sock+0x1d4/0x2a0
[ 26.052884] ? inet6_hash+0x41/0x90
[ 26.056501] ? __release_sock+0x360/0x360
[ 26.060619] ? __local_bh_enable_ip+0x121/0x230
[ 26.065272] ? inet6_hash+0x7f/0x90
[ 26.068887] ? inet_exit_net+0x10/0x10
[ 26.072756] ? SyS_listen+0x207/0x350
[ 26.076530] ? SyS_bind+0x30/0x30
[ 26.079958] ? mm_fault_error+0x2c0/0x2c0
[ 26.084078] ? move_addr_to_kernel+0x60/0x60
[ 26.088465] SyS_sendto+0x40/0x50
[ 26.091892] ? SyS_getpeername+0x30/0x30
[ 26.095925] do_syscall_64+0x280/0x940
[ 26.099783] ? __do_page_fault+0xc90/0xc90
[ 26.103990] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 26.108721] ? syscall_return_slowpath+0x550/0x550
[ 26.113624] ? syscall_return_slowpath+0x2ac/0x550
[ 26.118529] ? prepare_exit_to_usermode+0x350/0x350
[ 26.124276] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[ 26.129624] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 26.134455] entry_SYSCALL_64_after_hwframe+0x42/0xb7
[ 26.139617] RIP: 0033:0x441e79
[ 26.142778] RSP: 002b:00007fff72bb92f8 EFLAGS: 00000212 ORIG_RAX: 000000000000002c
[ 26.150459] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 0000000000441e79
[ 26.157700] RDX: 0000000000000000 RSI: 00000000204e8000 RDI: 0000000000000004
[ 26.164941] RBP: 00000000006cc018 R08: 000000002007f000 R09: 000000000000001c
[ 26.172189] R10: 0000000020000001 R11: 0000000000000212 R12: 00000000004037a0
[ 26.179430] R13: 0000000000403830 R14: 0000000000000000 R15: 0000000000000000
[ 26.186687]
[ 26.188287] Allocated by task 4242:
[ 26.191889] save_stack+0x43/0xd0
[ 26.195314] kasan_kmalloc+0xad/0xe0
[ 26.198998] kasan_slab_alloc+0x12/0x20
[ 26.202942] kmem_cache_alloc+0x12e/0x760
[ 26.207060] getname_flags+0xcb/0x580
[ 26.210831] getname+0x19/0x20
[ 26.213995] do_sys_open+0x2e7/0x6d0
[ 26.217678] SyS_open+0x2d/0x40
[ 26.220929] do_syscall_64+0x280/0x940
[ 26.224788] entry_SYSCALL_64_after_hwframe+0x42/0xb7
[ 26.229945]
[ 26.231541] Freed by task 4242:
[ 26.234800] save_stack+0x43/0xd0
[ 26.238225] __kasan_slab_free+0x11a/0x170
[ 26.242430] kasan_slab_free+0xe/0x10
[ 26.246201] kmem_cache_free+0x83/0x2a0
[ 26.250155] putname+0xee/0x130
[ 26.253403] do_sys_open+0x31b/0x6d0
[ 26.257092] SyS_open+0x2d/0x40
[ 26.260340] do_syscall_64+0x280/0x940
[ 26.264197] entry_SYSCALL_64_after_hwframe+0x42/0xb7
[ 26.269356]
[ 26.270954] The buggy address belongs to the object at ffff8801b0ae6e80
[ 26.270954] which belongs to the cache names_cache of size 4096
[ 26.283667] The buggy address is located 3288 bytes to the left of
[ 26.283667] 4096-byte region [ffff8801b0ae6e80, ffff8801b0ae7e80)
[ 26.296122] The buggy address belongs to the page:
[ 26.301038] page:ffffea0006c2b980 count:1 mapcount:0 mapping:ffff8801b0ae6e80 index:0x0 compound_mapcount: 0
[ 26.310989] flags: 0x2fffc0000008100(slab|head)
[ 26.315630] raw: 02fffc0000008100 ffff8801b0ae6e80 0000000000000000 0000000100000001
[ 26.323483] raw: ffffea0006c2b820 ffffea0006c2dd20 ffff8801da5d6600 0000000000000000
[ 26.331331] page dumped because: kasan: bad access detected
[ 26.337021]
[ 26.338627] Memory state around the buggy address:
[ 26.343528] ffff8801b0ae6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 26.350858] ffff8801b0ae6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 26.358190] >ffff8801b0ae6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 26.365518] ^
[ 26.370156] ffff8801b0ae6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 26.377487] ffff8801b0ae6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 26.384816] ==================================================================
[ 26.392148] Disabling lock debugging due to kernel taint
[ 26.397605] Kernel panic - not syncing: panic_on_warn set ...
[ 26.397605]
[ 26.404964] CPU: 0 PID: 4244 Comm: syzkaller742220 Tainted: G B 4.16.0-rc2+ #328
[ 26.413703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 26.423031] Call Trace:
[ 26.425583]
[ 26.427707] dump_stack+0x194/0x24d
[ 26.431304] ? arch_local_irq_restore+0x53/0x53
[ 26.435942] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 26.440665] ? vsnprintf+0x1ed/0x1900
[ 26.444436] ? ip6_route_me_harder+0x910/0xc00
[ 26.448987] panic+0x1e4/0x41c
[ 26.452152] ? refcount_error_report+0x214/0x214
[ 26.456879] ? add_taint+0x1c/0x50
[ 26.460395] ? add_taint+0x1c/0x50
[ 26.463904] ? ip6_route_me_harder+0x9d8/0xc00
[ 26.468454] kasan_end_report+0x50/0x50
[ 26.472397] kasan_report+0x148/0x360
[ 26.476168] __asan_report_load4_noabort+0x14/0x20
[ 26.481066] ip6_route_me_harder+0x9d8/0xc00
[ 26.485444] ? nf_ip6_checksum_partial+0x310/0x310
[ 26.490352] ip6table_mangle_hook+0x636/0x920
[ 26.494820] ? check_noncircular+0x20/0x20
[ 26.499029] ? ip6table_mangle_net_exit+0xa0/0xa0
[ 26.503840] ? ip6_xmit+0xe9d/0x2260
[ 26.507524] ? netlbl_enabled+0x52/0xe0
[ 26.511469] ? lock_release+0xa40/0xa40
[ 26.515418] nf_hook_slow+0xba/0x1a0
[ 26.519099] ? nf_hook_slow+0xba/0x1a0
[ 26.522957] ip6_xmit+0x10ec/0x2260
[ 26.526560] ? ip6_finish_output2+0x23a0/0x23a0
[ 26.531202] ? check_noncircular+0x20/0x20
[ 26.535416] ? lock_acquire+0x1d5/0x580
[ 26.539357] ? lock_acquire+0x1d5/0x580
[ 26.543299] ? tcp_v6_send_synack+0x473/0xaa0
[ 26.547768] ? ip6_forward_finish+0x140/0x140
[ 26.552234] ? lock_release+0xa40/0xa40
[ 26.556178] ? __lock_is_held+0xb6/0x140
[ 26.560213] tcp_v6_send_synack+0x57b/0xaa0
[ 26.564503] ? tcp_v6_conn_request+0x270/0x270
[ 26.569054] ? inet_csk_route_child_sock+0xc50/0xc50
[ 26.574136] tcp_conn_request+0x26fd/0x3660
[ 26.578435] ? tcp_event_data_recv+0xe80/0xe80
[ 26.582988] ? debug_check_no_locks_freed+0x3c0/0x3c0
[ 26.588150] ? tcp_v4_send_synack+0x430/0x430
[ 26.592616] ? check_noncircular+0x20/0x20
[ 26.596819] ? debug_check_no_locks_freed+0x3c0/0x3c0
[ 26.601985] ? netlbl_catmap_setrng+0xb0/0xb0
[ 26.606456] ? __do_once_start+0x8a/0xd0
[ 26.610500] ? selinux_peerlbl_enabled+0x97/0x170
[ 26.615313] ? check_noncircular+0x20/0x20
[ 26.619518] ? check_noncircular+0x20/0x20
[ 26.623725] ? selinux_socket_sock_rcv_skb+0x24e/0x850
[ 26.628973] ? _raw_spin_unlock_irqrestore+0x31/0xba
[ 26.634054] tcp_v6_conn_request+0x212/0x270
[ 26.638432] ? tcp_v6_conn_request+0x212/0x270
[ 26.642985] tcp_rcv_state_process+0x8f5/0x4920
[ 26.647623] ? lock_release+0xa40/0xa40
[ 26.651566] ? __lock_is_held+0xb6/0x140
[ 26.655596] ? tcp_finish_connect+0x420/0x420
[ 26.660064] ? sk_filter_trim_cap+0xe7/0x9c0
[ 26.664444] ? __skb_checksum+0x7e0/0x7e0
[ 26.668561] ? skb_send_sock+0x50/0x50
[ 26.672417] ? bpf_xdp_copy+0x40/0x40
[ 26.676188] ? tcp_v6_inbound_md5_hash+0x155/0x5c0
[ 26.681085] ? inet6_lookup_listener+0x35b/0xd60
[ 26.685812] tcp_v6_do_rcv+0x739/0x1250
[ 26.689753] ? tcp_v6_do_rcv+0x739/0x1250
[ 26.693869] ? tcp_v6_fill_cb+0x390/0x490
[ 26.698080] tcp_v6_rcv+0x24a1/0x2d70
[ 26.701850] ? check_noncircular+0x20/0x20
[ 26.706052] ? rawv6_rcv+0x11fb/0x1200
[ 26.709921] ? tcp_v6_reqsk_send_ack+0x370/0x370
[ 26.714651] ip6_input_finish+0x37e/0x17a0
[ 26.718855] ? ip6_input+0x3a7/0x560
[ 26.722543] ? ip6_make_skb+0x5e0/0x5e0
[ 26.726491] ? nf_hook_slow+0xd3/0x1a0
[ 26.730349] ip6_input+0xdb/0x560
[ 26.733771] ? ip6_input_finish+0x17a0/0x17a0
[ 26.738239] ? find_held_lock+0x35/0x1d0
[ 26.742268] ? ip6_make_skb+0x5e0/0x5e0
[ 26.746213] ? ipv6_rcv+0x16cd/0x1fa0
[ 26.749985] ip6_rcv_finish+0x297/0x8c0
[ 26.753931] ? ip6_input+0x560/0x560
[ 26.757616] ? ip6table_nat_in+0x2c/0x40
[ 26.761645] ? nf_hook_slow+0xd3/0x1a0
[ 26.765502] ipv6_rcv+0xf37/0x1fa0
[ 26.769022] ? ip6_rcv_finish+0x8c0/0x8c0
[ 26.773144] ? save_stack_trace+0x1a/0x20
[ 26.777264] ? mark_lock+0xb2c/0x1430
[ 26.781034] ? check_usage_backwards+0x410/0x410
[ 26.785761] ? ip6_input+0x560/0x560
[ 26.789445] ? ip6_rcv_finish+0x8c0/0x8c0
[ 26.793563] __netif_receive_skb_core+0x1a41/0x3460
[ 26.798553] ? nf_ingress+0x9f0/0x9f0
[ 26.802332] ? debug_check_no_locks_freed+0x3c0/0x3c0
[ 26.807492] ? __lock_is_held+0xb6/0x140
[ 26.811527] ? __lock_acquire+0x664/0x3e00
[ 26.815730] ? __lock_acquire+0x664/0x3e00
[ 26.819937] ? fastpath_timer_check+0x7fe/0xad0
[ 26.824572] ? update_cfs_rq_load_avg.part.68+0x2d0/0x2d0
[ 26.830083] ? print_irqtrace_events+0x270/0x270
[ 26.834819] ? check_noncircular+0x20/0x20
[ 26.839034] ? find_held_lock+0x35/0x1d0
[ 26.843067] ? lock_acquire+0x1d5/0x580
[ 26.847025] ? process_backlog+0x45f/0x740
[ 26.851229] ? lock_acquire+0x1d5/0x580
[ 26.855172] ? process_backlog+0x1ab/0x740
[ 26.859386] ? lock_release+0xa40/0xa40
[ 26.863331] ? check_noncircular+0x20/0x20
[ 26.867544] __netif_receive_skb+0x2c/0x1b0
[ 26.871843] ? __netif_receive_skb+0x2c/0x1b0
[ 26.876309] process_backlog+0x203/0x740
[ 26.880336] ? mark_held_locks+0xaf/0x100
[ 26.884456] net_rx_action+0x792/0x1910
[ 26.888405] ? napi_complete_done+0x6c0/0x6c0
[ 26.892870] ? trace_hardirqs_on_caller+0x19e/0x5c0
[ 26.897854] ? trace_hardirqs_on+0xd/0x10
[ 26.901972] ? _raw_spin_unlock_irq+0x27/0x70
[ 26.906436] ? __run_timers+0x16f/0xb70
[ 26.910384] ? trigger_dyntick_cpu.isra.29+0x150/0x150
[ 26.915630] ? timerqueue_add+0x1e9/0x280
[ 26.919749] ? check_noncircular+0x20/0x20
[ 26.923955] ? enqueue_hrtimer+0x177/0x4b0
[ 26.928160] ? lock_release+0xa40/0xa40
[ 26.932105] ? retrigger_next_event+0x1e0/0x1e0
[ 26.936745] ? __lock_is_held+0xb6/0x140
[ 26.940778] ? print_irqtrace_events+0x270/0x270
[ 26.945516] ? check_noncircular+0x20/0x20
[ 26.949723] ? clockevents_program_event+0x163/0x2e0
[ 26.954793] ? lock_downgrade+0x980/0x980
[ 26.958914] ? __lock_is_held+0xb6/0x140
[ 26.962951] ? __local_bh_enable+0x10b/0x130
[ 26.967331] ? print_irqtrace_events+0x270/0x270
[ 26.972054] ? ktime_get+0x26f/0x3a0
[ 26.975736] ? check_noncircular+0x20/0x20
[ 26.979943] ? __irqentry_text_end+0x1f8ad4/0x1f8ad4
[ 26.985023] ? __lock_is_held+0xb6/0x140
[ 26.989060] __do_softirq+0x2d7/0xb85
[ 26.992830] ? task_prio+0x50/0x50
[ 26.996342] ? __irqentry_text_end+0x1f8ad4/0x1f8ad4
[ 27.001412] ? irq_exit+0xbb/0x200
[ 27.004919] ? smp_apic_timer_interrupt+0x16b/0x700
[ 27.009906] ? smp_reschedule_interrupt+0xe6/0x650
[ 27.014805] ? smp_call_function_single_interrupt+0x640/0x640
[ 27.020658] ? _raw_spin_lock+0x32/0x40
[ 27.024604] ? _raw_spin_unlock+0x22/0x30
[ 27.028723] ? handle_edge_irq+0x2b4/0x7c0
[ 27.032931] ? task_prio+0x50/0x50
[ 27.036446] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 27.041264] do_softirq_own_stack+0x2a/0x40
[ 27.045551]
[ 27.047760] do_softirq.part.19+0x14d/0x190
[ 27.052050] ? ip6_finish_output2+0xb6d/0x23a0
[ 27.056600] __local_bh_enable_ip+0x1ee/0x230
[ 27.061064] ip6_finish_output2+0xba0/0x23a0
[ 27.065451] ? ip6_sk_dst_lookup_flow+0x7f0/0x7f0
[ 27.070266] ? ip6_mtu+0x369/0x4d0
[ 27.073776] ? lock_downgrade+0x980/0x980
[ 27.077897] ? __lock_is_held+0xb6/0x140
[ 27.081931] ? ip6_mtu+0x1c7/0x4d0
[ 27.085442] ? ip6_dst_ifdown+0x3d0/0x3d0
[ 27.089561] ? nf_nat_ipv6_out+0x262/0x570
[ 27.093767] ip6_finish_output+0x69b/0xaf0
[ 27.097972] ? ip6_finish_output+0x69b/0xaf0
[ 27.102351] ip6_output+0x1eb/0x840
[ 27.105948] ? ip6_finish_output+0xaf0/0xaf0
[ 27.110330] ? ip6_fragment+0x3470/0x3470
[ 27.114447] ? nf_hook_slow+0xd3/0x1a0
[ 27.118307] ip6_xmit+0xe1f/0x2260
[ 27.121815] ? __sk_dst_check+0x1a5/0x380
[ 27.125937] ? ip6_finish_output2+0x23a0/0x23a0
[ 27.130578] ? fl6_update_dst+0x127/0x2b0
[ 27.134696] ? inet6_csk_route_socket+0x691/0xe80
[ 27.139510] ? check_noncircular+0x20/0x20
[ 27.143711] ? lock_acquire+0x1d5/0x580
[ 27.147655] ? lock_acquire+0x1d5/0x580
[ 27.151599] ? inet6_csk_xmit+0x114/0x580
[ 27.155717] ? ip6_forward_finish+0x140/0x140
[ 27.160190] ? lock_release+0xa40/0xa40
[ 27.164144] ? __lock_is_held+0xb6/0x140
[ 27.168180] inet6_csk_xmit+0x2fc/0x580
[ 27.172135] ? inet6_csk_update_pmtu+0x160/0x160
[ 27.176865] ? refcount_add_not_zero+0x133/0x200
[ 27.181598] tcp_transmit_skb+0x1b12/0x3960
[ 27.185896] ? __tcp_select_window+0x900/0x900
[ 27.190447] ? tcp_fastopen_cache_get+0x449/0x720
[ 27.195261] ? tcp_peer_is_proven+0xc60/0xc60
[ 27.199724] ? ip6_mtu+0x369/0x4d0
[ 27.203236] ? __lock_is_held+0xb6/0x140
[ 27.207273] ? tcp_try_fastopen+0x1b50/0x1b50
[ 27.211738] ? tcp_init_transfer+0x3e0/0x3e0
[ 27.216134] ? tcp_rbtree_insert+0x135/0x190
[ 27.220513] tcp_connect+0x1f45/0x40f0
[ 27.224375] ? tcp_push_one+0x100/0x100
[ 27.228318] ? lock_downgrade+0x967/0x980
[ 27.232434] ? do_raw_spin_trylock+0x190/0x190
[ 27.236988] ? __inet_hash_connect+0x8d1/0xed0
[ 27.241543] ? pvclock_read_flags+0x160/0x160
[ 27.246009] ? mark_held_locks+0xaf/0x100
[ 27.250133] ? ktime_get_with_offset+0x188/0x420
[ 27.254860] ? kvm_clock_get_cycles+0x25/0x30
[ 27.259324] ? ktime_get_with_offset+0x2c1/0x420
[ 27.264050] ? do_gettimeofday+0x190/0x190
[ 27.268270] ? __siphash_aligned+0x1b9/0x330
[ 27.272648] ? siphash_4u64+0x25/0x3a0
[ 27.276507] ? secure_tcpv6_ts_off+0x1e0/0x420
[ 27.281055] ? secure_tcpv6_seq+0x23c/0x350
[ 27.285346] ? secure_tcpv6_seq+0x350/0x350
[ 27.289636] ? tcp_fastopen_defer_connect+0x163/0x4a0
[ 27.294793] ? secure_dccpv6_sequence_number+0x360/0x360
[ 27.300223] tcp_v6_connect+0x2083/0x26c0
[ 27.304346] ? tcp_v6_syn_recv_sock+0x23f0/0x23f0
[ 27.309157] ? trace_hardirqs_on_caller+0x421/0x5c0
[ 27.314141] ? trace_hardirqs_on+0xd/0x10
[ 27.318258] ? depot_save_stack+0x2ca/0x460
[ 27.322557] ? save_stack+0xa3/0xd0
[ 27.326153] ? save_stack+0x43/0xd0
[ 27.329748] ? kasan_kmalloc+0xad/0xe0
[ 27.333603] ? kmem_cache_alloc_trace+0x136/0x740
[ 27.338421] ? tcp_sendmsg_locked+0x1f71/0x3c70
[ 27.343074] ? tcp_sendmsg+0x2f/0x50
[ 27.346756] ? inet_sendmsg+0x11f/0x5e0
[ 27.350698] ? sock_sendmsg+0xca/0x110
[ 27.354551] ? SYSC_sendto+0x361/0x5c0
[ 27.358404] ? SyS_sendto+0x40/0x50
[ 27.362001] ? do_syscall_64+0x280/0x940
[ 27.366035] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[ 27.371373] ? print_irqtrace_events+0x270/0x270
[ 27.376103] ? check_noncircular+0x20/0x20
[ 27.380305] ? __lock_is_held+0xb6/0x140
[ 27.384336] __inet_stream_connect+0x2d4/0xf00
[ 27.388885] ? __inet_stream_connect+0x2d4/0xf00
[ 27.393614] ? inet_bind+0x930/0x930
[ 27.397308] ? tcp_sendmsg_locked+0x1f71/0x3c70
[ 27.401946] ? rcu_read_lock_sched_held+0x108/0x120
[ 27.406933] ? kmem_cache_alloc_trace+0x459/0x740
[ 27.411751] tcp_sendmsg_locked+0x264e/0x3c70
[ 27.416220] ? avc_has_perm+0x35e/0x680
[ 27.420163] ? lock_downgrade+0x980/0x980
[ 27.424280] ? check_noncircular+0x20/0x20
[ 27.428483] ? lock_release+0xa40/0xa40
[ 27.432433] ? tcp_sendpage+0x60/0x60
[ 27.436210] ? print_irqtrace_events+0x270/0x270
[ 27.440934] ? find_held_lock+0x35/0x1d0
[ 27.444969] ? lock_acquire+0x1d5/0x580
[ 27.448911] ? lock_acquire+0x1d5/0x580
[ 27.452852] ? tcp_sendmsg+0x21/0x50
[ 27.456539] ? mark_held_locks+0xaf/0x100
[ 27.460655] ? do_raw_spin_trylock+0x190/0x190
[ 27.465205] ? __local_bh_enable_ip+0x121/0x230
[ 27.469844] ? trace_hardirqs_on_caller+0x421/0x5c0
[ 27.474829] ? lock_sock_nested+0x91/0x110
[ 27.479036] ? trace_hardirqs_on+0xd/0x10
[ 27.483158] ? __local_bh_enable_ip+0x121/0x230
[ 27.487801] tcp_sendmsg+0x2f/0x50
[ 27.491314] inet_sendmsg+0x11f/0x5e0
[ 27.495087] ? __might_sleep+0x95/0x190
[ 27.499048] ? inet_create+0xf50/0xf50
[ 27.502912] ? selinux_socket_sendmsg+0x36/0x40
[ 27.507550] ? security_socket_sendmsg+0x89/0xb0
[ 27.512275] ? inet_create+0xf50/0xf50
[ 27.516134] sock_sendmsg+0xca/0x110
[ 27.519817] SYSC_sendto+0x361/0x5c0
[ 27.523500] ? SYSC_connect+0x4a0/0x4a0
[ 27.527446] ? __local_bh_enable_ip+0x121/0x230
[ 27.532086] ? _raw_spin_unlock_bh+0x30/0x40
[ 27.536463] ? release_sock+0x1d4/0x2a0
[ 27.540407] ? inet6_hash+0x41/0x90
[ 27.544017] ? __release_sock+0x360/0x360
[ 27.548145] ? __local_bh_enable_ip+0x121/0x230
[ 27.552784] ? inet6_hash+0x7f/0x90
[ 27.556385] ? inet_exit_net+0x10/0x10
[ 27.560248] ? SyS_listen+0x207/0x350
[ 27.564022] ? SyS_bind+0x30/0x30
[ 27.567450] ? mm_fault_error+0x2c0/0x2c0
[ 27.571570] ? move_addr_to_kernel+0x60/0x60
[ 27.575948] SyS_sendto+0x40/0x50
[ 27.579374] ? SyS_getpeername+0x30/0x30
[ 27.583407] do_syscall_64+0x280/0x940
[ 27.587271] ? __do_page_fault+0xc90/0xc90
[ 27.591480] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 27.596206] ? syscall_return_slowpath+0x550/0x550
[ 27.601106] ? syscall_return_slowpath+0x2ac/0x550
[ 27.606006] ? prepare_exit_to_usermode+0x350/0x350
[ 27.611001] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[ 27.616343] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 27.621155] entry_SYSCALL_64_after_hwframe+0x42/0xb7
[ 27.626314] RIP: 0033:0x441e79
[ 27.629471] RSP: 002b:00007fff72bb92f8 EFLAGS: 00000212 ORIG_RAX: 000000000000002c
[ 27.637151] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 0000000000441e79
[ 27.644389] RDX: 0000000000000000 RSI: 00000000204e8000 RDI: 0000000000000004
[ 27.651627] RBP: 00000000006cc018 R08: 000000002007f000 R09: 000000000000001c
[ 27.658875] R10: 0000000020000001 R11: 0000000000000212 R12: 00000000004037a0
[ 27.666114] R13: 0000000000403830 R14: 0000000000000000 R15: 0000000000000000
[ 27.673829] Dumping ftrace buffer:
[ 27.677344] (ftrace buffer empty)
[ 27.681025] Kernel Offset: disabled
[ 27.684625] Rebooting in 86400 seconds..