Warning: Permanently added '10.128.0.151' (ECDSA) to the list of known hosts. 2020/07/30 00:36:17 parsed 1 programs 2020/07/30 00:36:17 executed programs: 0 syzkaller login: [ 1048.325466] audit: type=1400 audit(1596069377.473:8): avc: denied { execmem } for pid=6483 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 1048.363800] IPVS: ftp: loaded support on port[0] = 21 [ 1048.448536] chnl_net:caif_netlink_parms(): no params data found [ 1048.526158] bridge0: port 1(bridge_slave_0) entered blocking state [ 1048.532930] bridge0: port 1(bridge_slave_0) entered disabled state [ 1048.541368] device bridge_slave_0 entered promiscuous mode [ 1048.549212] bridge0: port 2(bridge_slave_1) entered blocking state [ 1048.555598] bridge0: port 2(bridge_slave_1) entered disabled state [ 1048.562920] device bridge_slave_1 entered promiscuous mode [ 1048.580370] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 1048.589318] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 1048.607844] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 1048.616571] team0: Port device team_slave_0 added [ 1048.622460] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 1048.630081] team0: Port device team_slave_1 added [ 1048.646195] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1048.652555] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1048.677913] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1048.690007] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1048.696237] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1048.721521] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1048.732188] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 1048.739875] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 1048.800324] device hsr_slave_0 entered promiscuous mode [ 1048.838088] device hsr_slave_1 entered promiscuous mode [ 1048.908370] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 1048.915569] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 1048.983743] bridge0: port 2(bridge_slave_1) entered blocking state [ 1048.990188] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1048.996968] bridge0: port 1(bridge_slave_0) entered blocking state [ 1049.003400] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1049.036509] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 1049.043768] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1049.052627] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 1049.062818] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1049.081777] bridge0: port 1(bridge_slave_0) entered disabled state [ 1049.089068] bridge0: port 2(bridge_slave_1) entered disabled state [ 1049.096061] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 1049.107207] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 1049.113681] 8021q: adding VLAN 0 to HW filter on device team0 [ 1049.122795] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1049.131074] bridge0: port 1(bridge_slave_0) entered blocking state [ 1049.137418] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1049.159750] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1049.167465] bridge0: port 2(bridge_slave_1) entered blocking state [ 1049.173894] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1049.182195] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1049.190188] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1049.198797] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1049.206223] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1049.214149] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1049.223580] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 1049.229757] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1049.242437] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 1049.249755] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1049.256417] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1049.269073] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1049.281847] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 1049.291725] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1049.329201] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 1049.336184] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 1049.343475] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 1049.353681] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1049.361787] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1049.368894] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1049.377888] device veth0_vlan entered promiscuous mode [ 1049.386714] device veth1_vlan entered promiscuous mode [ 1049.393936] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 1049.403776] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 1049.415449] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 1049.425388] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1049.432979] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1049.440593] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1049.450403] device veth0_macvtap entered promiscuous mode [ 1049.459501] device veth1_macvtap entered promiscuous mode [ 1049.469224] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 1049.479481] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 1049.489626] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 1049.496754] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1049.504694] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1049.512579] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1049.523024] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 1049.530143] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1049.536686] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1049.544655] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1049.651058] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1049.659841] tunl0: Master is either lo or non-ether device [ 1049.682013] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1049.716897] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1049.726754] sit0: Master is either lo or non-ether device [ 1049.749119] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1049.964700] syz-executor.0 (6723) used greatest stack depth: 23016 bytes left [ 1049.994280] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1050.008584] vcan0: Master is either lo or non-ether device [ 1050.192221] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1050.227019] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1050.269558] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1050.510351] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1050.519103] xfrm0: Master is either lo or non-ether device [ 1050.639608] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1050.656364] bridge_slave_1: Device is already in use. [ 1050.805987] bridge0: port 2(bridge_slave_1) entered disabled state [ 1050.815030] device bridge_slave_1 left promiscuous mode [ 1050.820560] bridge0: port 2(bridge_slave_1) entered disabled state [ 1051.161407] team_slave_0: Device is already in use. [ 1051.361947] team0: Port device team_slave_0 removed [ 1051.696627] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 1051.708349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1051.721019] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1051.870607] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1052.540502] ------------[ cut here ]------------ [ 1052.548603] WARNING: CPU: 0 PID: 6884 at drivers/net/ipvlan/ipvlan_main.c:65 ipvlan_unregister_nf_hook.cold+0x11/0x25 [ 1052.559382] Kernel panic - not syncing: panic_on_warn set ... [ 1052.559382] [ 1052.566755] CPU: 0 PID: 6884 Comm: syz-executor.0 Not tainted 4.19.135-syzkaller #0 [ 1052.574553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1052.583907] Call Trace: [ 1052.586570] dump_stack+0x1fc/0x2fe [ 1052.590189] panic+0x26a/0x50e [ 1052.593364] ? __warn_printk+0xf3/0xf3 [ 1052.597443] ? ipvlan_unregister_nf_hook.cold+0x11/0x25 [ 1052.602789] ? __probe_kernel_read+0x16c/0x1b0 [ 1052.607352] ? __warn.cold+0x5/0x61 [ 1052.610963] ? __warn+0xe4/0x200 [ 1052.614314] ? ipvlan_unregister_nf_hook.cold+0x11/0x25 [ 1052.619678] __warn.cold+0x20/0x61 [ 1052.623223] ? io_schedule_timeout+0x140/0x140 [ 1052.627789] ? ipvlan_unregister_nf_hook.cold+0x11/0x25 [ 1052.633136] report_bug+0x262/0x2b0 [ 1052.636760] do_error_trap+0x1d7/0x310 [ 1052.640631] ? math_error+0x310/0x310 [ 1052.644425] ? __irq_work_queue_local+0x101/0x160 [ 1052.649255] ? irq_work_queue+0x29/0x80 [ 1052.653212] ? wake_up_klogd.part.0+0x8c/0xc0 [ 1052.657690] ? trace_hardirqs_off_caller+0x69/0x210 [ 1052.662689] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1052.667566] invalid_op+0x14/0x20 [ 1052.671006] RIP: 0010:ipvlan_unregister_nf_hook.cold+0x11/0x25 [ 1052.676964] Code: 03 46 fd e9 1b ff ff ff 48 89 df e8 fe 05 46 fd eb b9 e8 27 03 46 fd eb 83 e8 c0 e5 0f fd 48 c7 c7 60 b4 f4 87 e8 63 f3 fa fc <0f> 0b e9 80 a2 ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 53 48 [ 1052.695846] RSP: 0018:ffff88809dda6ff8 EFLAGS: 00010286 [ 1052.701190] RAX: 0000000000000024 RBX: 0000000000000000 RCX: 0000000000000000 [ 1052.708441] RDX: 0000000000000000 RSI: ffffffff8154cf01 RDI: ffffed1013bb4df1 [ 1052.715705] RBP: ffff8880a0384040 R08: 0000000000000024 R09: 0000000000000000 [ 1052.722955] R10: 0000000000000005 R11: 0000000000000000 R12: ffff8880a423ad00 [ 1052.730298] R13: ffff888086e59200 R14: 0000000000000000 R15: 0000000000000001 [ 1052.737575] ? vprintk_func+0x81/0x17e [ 1052.741449] ? ipvlan_unregister_nf_hook.cold+0x11/0x25 [ 1052.746795] ipvlan_set_port_mode+0x53a/0x650 [ 1052.751293] ipvlan_link_new+0x68d/0xc40 [ 1052.755346] ? ipvlan_add_addr+0x320/0x320 [ 1052.759615] rtnl_newlink+0x1027/0x15a0 [ 1052.763581] ? rtnl_getlink+0x620/0x620 [ 1052.767545] ? deref_stack_reg+0x134/0x1d0 [ 1052.771765] ? mark_held_locks+0xf0/0xf0 [ 1052.775837] ? unwind_next_frame+0x10a9/0x1c60 [ 1052.780402] ? __save_stack_trace+0x72/0x190 [ 1052.784796] ? deref_stack_reg+0x134/0x1d0 [ 1052.789016] ? __read_once_size_nocheck.constprop.0+0x10/0x10 [ 1052.794884] ? is_bpf_text_address+0xd5/0x1b0 [ 1052.799366] ? __lock_acquire+0x6de/0x3ff0 [ 1052.803591] ? is_bpf_text_address+0xfc/0x1b0 [ 1052.808069] ? mark_held_locks+0xf0/0xf0 [ 1052.812124] ? mark_held_locks+0xf0/0xf0 [ 1052.816167] ? __kernel_text_address+0x9/0x30 [ 1052.820656] ? unwind_get_return_address+0x51/0x90 [ 1052.825582] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1052.830929] ? __lock_acquire+0x6de/0x3ff0 [ 1052.835227] ? avc_has_perm_noaudit+0x1c5/0x390 [ 1052.839885] ? mark_held_locks+0xf0/0xf0 [ 1052.843927] ? lock_acquire+0x170/0x3c0 [ 1052.847884] ? avc_has_perm_noaudit+0x9c/0x390 [ 1052.852519] ? check_preemption_disabled+0x41/0x280 [ 1052.857544] ? __mutex_add_waiter+0x160/0x160 [ 1052.862306] ? check_preemption_disabled+0x41/0x280 [ 1052.867313] ? rtnetlink_rcv_msg+0x320/0xb80 [ 1052.871712] ? rtnl_getlink+0x620/0x620 [ 1052.875669] rtnetlink_rcv_msg+0x453/0xb80 [ 1052.879892] ? rtnl_calcit.isra.0+0x430/0x430 [ 1052.884371] ? memcpy+0x35/0x50 [ 1052.887675] ? netdev_pick_tx+0x2f0/0x2f0 [ 1052.891851] ? __copy_skb_header+0x414/0x500 [ 1052.896417] ? kfree_skbmem+0x140/0x140 [ 1052.900420] netlink_rcv_skb+0x160/0x440 [ 1052.904464] ? rtnl_calcit.isra.0+0x430/0x430 [ 1052.908946] ? netlink_ack+0xae0/0xae0 [ 1052.912825] netlink_unicast+0x4d5/0x690 [ 1052.916872] ? netlink_sendskb+0x110/0x110 [ 1052.921181] netlink_sendmsg+0x6bb/0xc40 [ 1052.925250] ? nlmsg_notify+0x1a0/0x1a0 [ 1052.929211] ? kernel_recvmsg+0x220/0x220 [ 1052.933346] ? nlmsg_notify+0x1a0/0x1a0 [ 1052.937308] sock_sendmsg+0xc3/0x120 [ 1052.941028] ___sys_sendmsg+0x7bb/0x8e0 [ 1052.944987] ? __lock_acquire+0x6de/0x3ff0 [ 1052.949205] ? copy_msghdr_from_user+0x440/0x440 [ 1052.953944] ? __fget+0x32f/0x510 [ 1052.957382] ? lock_downgrade+0x720/0x720 [ 1052.961511] ? check_preemption_disabled+0x41/0x280 [ 1052.966532] ? check_preemption_disabled+0x41/0x280 [ 1052.971534] ? __fget+0x356/0x510 [ 1052.974974] ? do_dup2+0x450/0x450 [ 1052.978502] ? __fdget+0x1d0/0x230 [ 1052.982028] __x64_sys_sendmsg+0x132/0x220 [ 1052.986243] ? __sys_sendmsg+0x1b0/0x1b0 [ 1052.990397] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1052.995176] ? trace_hardirqs_off_caller+0x69/0x210 [ 1053.000186] ? do_syscall_64+0x21/0x620 [ 1053.004149] do_syscall_64+0xf9/0x620 [ 1053.007940] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1053.013112] RIP: 0033:0x45c429 [ 1053.016291] Code: 8d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 5b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1053.035190] RSP: 002b:00007ff6ba33dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1053.042967] RAX: ffffffffffffffda RBX: 000000000002c0c0 RCX: 000000000045c429 [ 1053.050221] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000004 [ 1053.057821] RBP: 000000000078bf40 R08: 0000000000000000 R09: 0000000000000000 [ 1053.065075] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1053.072326] R13: 00007fffaee58aef R14: 00007ff6ba33e9c0 R15: 000000000078bf0c [ 1053.081210] Kernel Offset: disabled [ 1053.084848] Rebooting in 86400 seconds..