[ 69.355648][ T27] audit: type=1800 audit(1564457762.607:27): pid=10018 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 69.355667][ T27] audit: type=1800 audit(1564457762.607:28): pid=10018 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 70.094927][ T27] audit: type=1800 audit(1564457763.377:29): pid=10018 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 70.115261][ T27] audit: type=1800 audit(1564457763.377:30): pid=10018 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.2' (ECDSA) to the list of known hosts. 2019/07/30 03:36:12 fuzzer started 2019/07/30 03:36:15 dialing manager at 10.128.0.26:36013 2019/07/30 03:36:15 syscalls: 2482 2019/07/30 03:36:15 code coverage: enabled 2019/07/30 03:36:15 comparison tracing: enabled 2019/07/30 03:36:15 extra coverage: extra coverage is not supported by the kernel 2019/07/30 03:36:15 setuid sandbox: enabled 2019/07/30 03:36:15 namespace sandbox: enabled 2019/07/30 03:36:15 Android sandbox: /sys/fs/selinux/policy does not exist 2019/07/30 03:36:15 fault injection: enabled 2019/07/30 03:36:15 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/07/30 03:36:15 net packet injection: enabled 2019/07/30 03:36:15 net device setup: enabled 03:37:42 executing program 0: 03:37:42 executing program 1: syzkaller login: [ 169.606901][T10187] IPVS: ftp: loaded support on port[0] = 21 [ 169.724353][T10187] chnl_net:caif_netlink_parms(): no params data found [ 169.778944][T10187] bridge0: port 1(bridge_slave_0) entered blocking state [ 169.786708][T10187] bridge0: port 1(bridge_slave_0) entered disabled state [ 169.792173][T10190] IPVS: ftp: loaded support on port[0] = 21 [ 169.804125][T10187] device bridge_slave_0 entered promiscuous mode [ 169.822203][T10187] bridge0: port 2(bridge_slave_1) entered blocking state [ 169.829306][T10187] bridge0: port 2(bridge_slave_1) entered disabled state [ 169.837497][T10187] device bridge_slave_1 entered promiscuous mode 03:37:43 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c) listen(r1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendto$inet6(r0, 0x0, 0xfffffffffffffe32, 0x20004004, &(0x7f0000000040)={0xa, 0x20004e22, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000340)='tls\x00', 0x1f0) r3 = dup3(r0, r1, 0x0) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x303}, "d44eb8c7308ec7c4", "442065238929350ade91900b51fc9534", "6bdda720", "7ee51430da3f51b3"}, 0x28) sendmsg$TIPC_CMD_SHOW_PORTS(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c}, 0x2000019c}}, 0x0) [ 169.869991][T10187] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 169.884301][T10187] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 169.932306][T10187] team0: Port device team_slave_0 added [ 169.972685][T10187] team0: Port device team_slave_1 added 03:37:43 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c) listen(r1, 0x0) sendto$inet6(r0, 0x0, 0xfffffffffffffe32, 0x20004004, &(0x7f0000000040)={0xa, 0x20004e22, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000340)='tls\x00', 0x1f0) r2 = dup3(r0, r1, 0x0) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x303}, "d44eb8c7308ec7c4", "442065238929350ade91900b51fc9534", "6bdda720", "7ee51430da3f51b3"}, 0x28) sendmsg$TIPC_CMD_SHOW_PORTS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c}, 0x2000019c}}, 0x0) [ 170.053173][T10187] device hsr_slave_0 entered promiscuous mode [ 170.101234][T10187] device hsr_slave_1 entered promiscuous mode [ 170.163572][T10193] IPVS: ftp: loaded support on port[0] = 21 [ 170.179953][T10195] IPVS: ftp: loaded support on port[0] = 21 [ 170.188660][T10190] chnl_net:caif_netlink_parms(): no params data found [ 170.205211][T10187] bridge0: port 2(bridge_slave_1) entered blocking state [ 170.212313][T10187] bridge0: port 2(bridge_slave_1) entered forwarding state [ 170.219663][T10187] bridge0: port 1(bridge_slave_0) entered blocking state [ 170.226751][T10187] bridge0: port 1(bridge_slave_0) entered forwarding state 03:37:43 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x50d2, 0x400900) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000006c0)='memory.swap.current\x00', 0x0, 0x0) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000700)='tls\x00', 0x4) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000640)='/dev/vga_arbiter\x00', 0x0, 0x0) inotify_add_watch(r2, &(0x7f0000000680)='./bus\x00', 0x80000420) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, 0x0) r3 = socket$inet6(0xa, 0x400000000001, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYPTR=&(0x7f00000000c0)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000cc0b1ff5956ed02c7dfc159c7475809a883cbbbf570115d3458adc8aadfbcf18fbd2f3543bb66cbbed1cfbe20c47a966dd95d749cf535da2d8ba0eda187f0000004fe319f0c1ece661e89ec76f2c023a11e7068edb7274ad90739f20dbb212d909051f5a6ec341bd"], @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c8000c01000000000000000000000000000000000000000000000000440049444c4554494d45520000000000000000000000000000000000000000000000000073797a310000000000000000000000000000000000000000000000000000000000000000000000000000ffffe0000001fe8000000000000000000000000000aa000000000000000000000000000000000000000000000000000000000000000076657468315f746f5f626f6e64000000687773696d3000000000000000000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000ff000000000000000000000000000000000000800000000000000000000000000000000000c800ec000000000000000000000000000000000000000000000000002400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010015401000000000000000000000000000000000000000000000000240069707636686561646572000000000000000000000000000000000000000022000000240069636d70360000000000000000000000000000000000000000000000000000016000440049444c4554494d45520000000000000000000000000000000000000000000000000073797a30000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800cc000000000000000000000000000000000000000000000000002400"/1026], 0x3) unshare(0x8000400) r4 = mq_open(&(0x7f0000000740)='mime_type\x00', 0x6e93ebbbcc0884f2, 0x4, 0x0) bind$inet6(r3, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r3, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r3, r4, &(0x7f0000000900), 0x8000fffffffe) [ 170.351136][T10190] bridge0: port 1(bridge_slave_0) entered blocking state [ 170.358253][T10190] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.371290][T10190] device bridge_slave_0 entered promiscuous mode [ 170.388345][T10190] bridge0: port 2(bridge_slave_1) entered blocking state [ 170.402488][T10190] bridge0: port 2(bridge_slave_1) entered disabled state [ 170.421332][T10190] device bridge_slave_1 entered promiscuous mode [ 170.464638][T10187] 8021q: adding VLAN 0 to HW filter on device bond0 [ 170.487718][T10197] IPVS: ftp: loaded support on port[0] = 21 [ 170.539561][T10190] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 170.563110][T10187] 8021q: adding VLAN 0 to HW filter on device team0 03:37:43 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x50d2, 0x400900) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000006c0)='memory.swap.current\x00', 0x0, 0x0) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000700)='tls\x00', 0x4) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000640)='/dev/vga_arbiter\x00', 0x0, 0x0) inotify_add_watch(r2, &(0x7f0000000680)='./bus\x00', 0x80000420) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, 0x0) r3 = socket$inet6(0xa, 0x400000000001, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYPTR=&(0x7f00000000c0)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000cc0b1ff5956ed02c7dfc159c7475809a883cbbbf570115d3458adc8aadfbcf18fbd2f3543bb66cbbed1cfbe20c47a966dd95d749cf535da2d8ba0eda187f0000004fe319f0c1ece661e89ec76f2c023a11e7068edb7274ad90739f20dbb212d909051f5a6ec341bd"], @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c8000c01000000000000000000000000000000000000000000000000440049444c4554494d45520000000000000000000000000000000000000000000000000073797a310000000000000000000000000000000000000000000000000000000000000000000000000000ffffe0000001fe8000000000000000000000000000aa000000000000000000000000000000000000000000000000000000000000000076657468315f746f5f626f6e64000000687773696d3000000000000000000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000ff000000000000000000000000000000000000800000000000000000000000000000000000c800ec000000000000000000000000000000000000000000000000002400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010015401000000000000000000000000000000000000000000000000240069707636686561646572000000000000000000000000000000000000000022000000240069636d70360000000000000000000000000000000000000000000000000000016000440049444c4554494d45520000000000000000000000000000000000000000000000000073797a30000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800cc000000000000000000000000000000000000000000000000002400"/1024], 0x3) unshare(0x8000400) r4 = mq_open(&(0x7f0000000740)='mime_type\x00', 0x6e93ebbbcc0884f2, 0x4, 0x0) bind$inet6(r3, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r3, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r3, r4, &(0x7f0000000900), 0x8000fffffffe) [ 170.598963][ T2821] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 170.610265][ T2821] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.628401][ T2821] bridge0: port 2(bridge_slave_1) entered disabled state [ 170.636983][ T2821] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 170.653815][T10190] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 170.685273][ T2821] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 170.693652][ T2821] bridge0: port 1(bridge_slave_0) entered blocking state [ 170.700864][ T2821] bridge0: port 1(bridge_slave_0) entered forwarding state [ 170.708867][ T2821] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 170.717686][ T2821] bridge0: port 2(bridge_slave_1) entered blocking state [ 170.724755][ T2821] bridge0: port 2(bridge_slave_1) entered forwarding state [ 170.755504][T10195] chnl_net:caif_netlink_parms(): no params data found [ 170.781708][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 170.790331][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 170.799499][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 170.808048][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 170.817071][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 170.825592][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 170.834036][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 170.842307][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 170.851568][T10190] team0: Port device team_slave_0 added [ 170.860625][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 170.884599][T10190] team0: Port device team_slave_1 added [ 170.894223][T10187] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 170.906829][T10187] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 170.907955][T10202] IPVS: ftp: loaded support on port[0] = 21 [ 170.927029][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 170.935760][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 170.944343][T10193] chnl_net:caif_netlink_parms(): no params data found [ 171.009937][T10197] chnl_net:caif_netlink_parms(): no params data found [ 171.043706][T10195] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.051017][T10195] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.058498][T10195] device bridge_slave_0 entered promiscuous mode [ 171.142012][T10190] device hsr_slave_0 entered promiscuous mode [ 171.180784][T10190] device hsr_slave_1 entered promiscuous mode [ 171.230986][T10190] debugfs: Directory 'hsr0' with parent '/' already present! [ 171.245140][T10195] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.252468][T10195] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.259942][T10195] device bridge_slave_1 entered promiscuous mode [ 171.277998][T10193] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.285229][T10193] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.293082][T10193] device bridge_slave_0 entered promiscuous mode [ 171.302541][T10193] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.309589][T10193] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.317382][T10193] device bridge_slave_1 entered promiscuous mode [ 171.337325][T10187] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 171.369888][T10193] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 171.396245][T10195] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 171.414611][T10193] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 171.431639][T10197] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.438715][T10197] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.448842][T10197] device bridge_slave_0 entered promiscuous mode [ 171.457981][T10195] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 171.479621][T10195] team0: Port device team_slave_0 added [ 171.494135][T10193] team0: Port device team_slave_0 added [ 171.501183][T10193] team0: Port device team_slave_1 added [ 171.513146][T10197] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.520211][T10197] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.528787][T10197] device bridge_slave_1 entered promiscuous mode [ 171.542663][T10195] team0: Port device team_slave_1 added 03:37:44 executing program 0: 03:37:44 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$dupfd(r0, 0xa, r0) [ 171.584141][T10197] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link 03:37:44 executing program 0: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000006000), 0x8, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)) 03:37:44 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071") r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='veth1\x00\x00\a\x00', 0x10) connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10) [ 171.644356][T10193] device hsr_slave_0 entered promiscuous mode [ 171.681194][T10193] device hsr_slave_1 entered promiscuous mode [ 171.720626][T10193] debugfs: Directory 'hsr0' with parent '/' already present! [ 171.729213][T10197] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 171.792193][T10195] device hsr_slave_0 entered promiscuous mode [ 171.830746][T10195] device hsr_slave_1 entered promiscuous mode 03:37:45 executing program 0: unshare(0x8020400) r0 = syz_open_dev$sndctrl(&(0x7f0000000280)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r0, 0xc1105518, &(0x7f0000000000)) [ 171.870529][T10195] debugfs: Directory 'hsr0' with parent '/' already present! 03:37:45 executing program 0: [ 171.981993][T10197] team0: Port device team_slave_0 added [ 171.988686][T10197] team0: Port device team_slave_1 added [ 172.009433][T10190] 8021q: adding VLAN 0 to HW filter on device bond0 [ 172.018557][T10202] chnl_net:caif_netlink_parms(): no params data found 03:37:45 executing program 0: [ 172.079642][T10190] 8021q: adding VLAN 0 to HW filter on device team0 [ 172.132690][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 172.147147][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 172.158493][T10195] 8021q: adding VLAN 0 to HW filter on device bond0 [ 172.182765][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 172.191695][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 172.200053][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.207184][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 172.215056][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 172.224129][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 172.232613][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.239676][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 172.247258][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 172.261884][T10202] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.268957][T10202] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.276939][T10202] device bridge_slave_0 entered promiscuous mode [ 172.286052][T10202] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.293248][T10202] bridge0: port 2(bridge_slave_1) entered disabled state [ 172.301167][T10202] device bridge_slave_1 entered promiscuous mode [ 172.363805][T10197] device hsr_slave_0 entered promiscuous mode [ 172.400872][T10197] device hsr_slave_1 entered promiscuous mode [ 172.440622][T10197] debugfs: Directory 'hsr0' with parent '/' already present! [ 172.450223][T10204] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 172.473361][T10195] 8021q: adding VLAN 0 to HW filter on device team0 [ 172.482432][T10204] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 172.499200][T10204] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 172.514650][T10202] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 172.525545][T10202] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 172.551829][T10193] 8021q: adding VLAN 0 to HW filter on device bond0 [ 172.564442][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 172.573610][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 172.583773][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 172.592596][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 172.611608][T10204] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 172.620172][T10204] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 172.628933][T10204] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.636023][T10204] bridge0: port 1(bridge_slave_0) entered forwarding state [ 172.643891][T10204] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 172.652538][T10204] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 172.660966][T10204] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 172.671886][T10202] team0: Port device team_slave_0 added [ 172.682456][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 172.691776][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 172.699979][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.707057][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 172.724229][T10202] team0: Port device team_slave_1 added [ 172.733618][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 172.742808][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 172.751544][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 172.759661][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 172.772963][T10190] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 172.783916][T10190] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 172.799581][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 172.807965][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 172.817276][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 172.825982][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 172.834440][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 172.903327][T10202] device hsr_slave_0 entered promiscuous mode [ 172.950893][T10202] device hsr_slave_1 entered promiscuous mode [ 172.990776][T10202] debugfs: Directory 'hsr0' with parent '/' already present! [ 173.005051][T10193] 8021q: adding VLAN 0 to HW filter on device team0 [ 173.013635][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 173.022524][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 173.031235][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 173.038752][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 173.049741][T10195] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 173.061100][T10195] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 173.082716][T10190] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 173.092557][T10204] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 173.102188][T10204] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 173.112879][T10204] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 173.121216][T10204] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 173.129237][T10204] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 173.137883][T10204] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 173.146188][T10204] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.153258][T10204] bridge0: port 1(bridge_slave_0) entered forwarding state [ 173.161100][T10204] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 173.168768][T10204] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 173.196876][T10197] 8021q: adding VLAN 0 to HW filter on device bond0 [ 173.206494][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 173.215383][T10199] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 173.224366][T10199] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.231449][T10199] bridge0: port 2(bridge_slave_1) entered forwarding state [ 173.250363][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 173.259067][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 173.267636][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 173.276819][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 173.285572][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 173.294194][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 173.302532][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 173.311010][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 173.324168][T10195] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 173.342438][T10193] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 173.353951][T10193] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 173.361797][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 173.369485][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 173.378507][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 173.397812][T10197] 8021q: adding VLAN 0 to HW filter on device team0 03:37:46 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000200)={'lo\x00@\x00', 0x101}) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) writev(r1, &(0x7f00000001c0)=[{&(0x7f00000003c0)="89d94772eb54649ff5a1e7e8e7cc91445a1580d73ec35cf0e270c2d277e7fc96a0b494b989340f0a218d9df716315ff2e5b8b314c4c66cf3e6184d4d96bfb6977077b4158efa1291799f7d539f3e2f7a9d49d5258c70870fac488c024a4c31bde213181c58ea88af9e478271f6025bcc840e6100d2d2345732492cc7a8e5b05cc091eabd7fc9a63b2eb599713e", 0x8d}], 0x1) pipe(0x0) sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x4, 0x0, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) setsockopt$bt_BT_SECURITY(0xffffffffffffffff, 0x112, 0x4, &(0x7f0000000140)={0x7f, 0x797}, 0x2) prctl$PR_GET_NO_NEW_PRIVS(0x27) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000001, &(0x7f0000000040)={0xa, 0x2, 0x0, @rand_addr, 0x83500}, 0x1c) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$RNDGETENTCNT(0xffffffffffffffff, 0x80045200, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000180)={@loopback, 0x5, 0x0, 0xf03ed694c33dfcac, 0x9fed829f90101356, 0x9dc, 0x3f}, &(0x7f0000000240)=0x20) pselect6(0x40, &(0x7f0000000280)={0x7f, 0x8, 0x1f, 0x0, 0x7f, 0x8, 0x1, 0x400}, &(0x7f00000002c0)={0x91, 0x7, 0x3bb2dd77, 0x2, 0x0, 0xff, 0x8, 0x5}, &(0x7f0000000300)={0xdc6, 0x80000000, 0x6, 0x7ff, 0x6, 0x5, 0xfffffffffffffffb, 0x4}, &(0x7f0000000340)={0x77359400}, &(0x7f0000000480)={&(0x7f0000000380)={0x3}, 0x8}) getpgid(0xffffffffffffffff) r2 = getpgrp(0xffffffffffffffff) ioprio_get$pid(0x20000, r2) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x80000) openat$zero(0xffffffffffffff9c, &(0x7f0000000100)='/dev/zero\x00', 0x40, 0x0) ioctl$sock_inet6_SIOCDIFADDR(0xffffffffffffffff, 0x8936, 0x0) ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000080)={0x0, 0x0, 0xa627, 0x6}) sendto$packet(0xffffffffffffffff, &(0x7f0000000340), 0xffffff55, 0x57, 0x0, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00'}) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, &(0x7f0000000000)={0xf, 0x0, 0x7}) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x1}, 0x4) [ 173.422333][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 173.444557][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 173.476283][T10193] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 173.485100][T10245] device lo entered promiscuous mode [ 173.509491][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 173.518465][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 173.527025][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.534117][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 173.542334][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 173.547130][ C0] hrtimer: interrupt took 23752 ns [ 173.551458][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 173.564263][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.571353][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 173.579570][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 173.588142][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 173.596948][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 173.613922][T10245] device lo left promiscuous mode [ 173.678000][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 173.836023][ T2821] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 173.849329][ T2821] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 173.869482][ T2821] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 173.895276][ T2821] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 173.912732][ T2821] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 173.931215][T10245] device lo entered promiscuous mode [ 173.948055][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 173.965016][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 173.975792][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 173.984520][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 173.995304][T10197] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 174.029881][T10202] 8021q: adding VLAN 0 to HW filter on device bond0 [ 174.056799][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 174.060991][T10197] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 174.085140][T10202] 8021q: adding VLAN 0 to HW filter on device team0 [ 174.098065][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 174.106046][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 174.128542][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 174.137947][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 174.146539][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.153616][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 174.161693][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 174.170144][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 174.178687][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.185762][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 174.193355][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 174.201988][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 174.210599][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 174.228519][T10202] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 174.243066][T10202] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 174.257398][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 174.266457][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 174.275120][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 174.285047][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 174.293967][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 174.302751][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 174.311237][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 174.319364][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 174.337417][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 174.356964][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 174.374576][T10202] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 174.455222][T10272] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 174.478163][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 174.545367][T10278] kasan: CONFIG_KASAN_INLINE enabled [ 174.547756][T10253] kasan: CONFIG_KASAN_INLINE enabled [ 174.552032][T10278] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 174.573120][T10278] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 174.581565][T10278] CPU: 1 PID: 10278 Comm: syz-executor.3 Not tainted 5.3.0-rc2-next-20190729 #54 [ 174.587748][T10253] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 174.590682][T10278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 174.590704][T10278] RIP: 0010:tls_trim_both_msgs+0x54/0x130 [ 174.590720][T10278] Code: 48 c1 ea 03 80 3c 02 00 0f 85 e3 00 00 00 4d 8b b5 b0 06 00 00 48 b8 00 00 00 00 00 fc ff df 49 8d 7e 28 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 b3 00 00 00 48 b8 00 00 00 00 00 fc ff df 49 8b [ 174.590727][T10278] RSP: 0018:ffff88805e6ef950 EFLAGS: 00010206 [ 174.600300][T10281] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 174.608844][T10278] RAX: dffffc0000000000 RBX: ffff88805deb8180 RCX: ffffc9000c98a000 [ 174.608852][T10278] RDX: 0000000000000005 RSI: ffffffff862d5276 RDI: 0000000000000028 [ 174.608860][T10278] RBP: ffff88805e6ef970 R08: ffff88809c9220c0 R09: ffffed10129a2d59 [ 174.608867][T10278] R10: ffffed10129a2d58 R11: ffff888094d16ac3 R12: 0000000000000000 [ 174.608875][T10278] R13: ffff88808b594c80 R14: 0000000000000000 R15: 00000000ffffffe0 [ 174.608887][T10278] FS: 00007f7f937ac700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 174.608903][T10278] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.713706][T10278] CR2: 00007fc88c482db8 CR3: 000000009c4c1000 CR4: 00000000001406e0 [ 174.721671][T10278] Call Trace: [ 174.724965][T10278] tls_sw_sendmsg+0xe38/0x17b0 [ 174.729727][T10278] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 174.735985][T10278] ? tx_work_handler+0x180/0x180 [ 174.740922][T10278] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 174.746466][T10278] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 174.752705][T10278] inet6_sendmsg+0x9e/0xe0 [ 174.757117][T10278] ? inet6_ioctl+0x1c0/0x1c0 [ 174.761708][T10278] sock_sendmsg+0xd7/0x130 [ 174.766204][T10278] ___sys_sendmsg+0x803/0x920 [ 174.770874][T10278] ? copy_msghdr_from_user+0x440/0x440 [ 174.776328][T10278] ? __fget+0xa3/0x560 [ 174.780395][T10278] ? __fget+0x384/0x560 [ 174.784545][T10278] ? ksys_dup3+0x3e0/0x3e0 [ 174.788953][T10278] ? __might_fault+0xfb/0x1e0 [ 174.793621][T10278] ? __fget_light+0x1a9/0x230 [ 174.798289][T10278] ? __fdget+0x1b/0x20 [ 174.802350][T10278] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 174.808586][T10278] __sys_sendmsg+0x105/0x1d0 [ 174.813177][T10278] ? __sys_sendmsg_sock+0xd0/0xd0 [ 174.818229][T10278] ? __x64_sys_clock_gettime+0x16d/0x240 [ 174.823855][T10278] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 174.829917][T10278] __x64_sys_sendmsg+0x78/0xb0 [ 174.834677][T10278] do_syscall_64+0xfa/0x760 [ 174.839177][T10278] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 174.845059][T10278] RIP: 0033:0x459829 [ 174.848948][T10278] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 174.868553][T10278] RSP: 002b:00007f7f937abc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 174.876967][T10278] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 174.884954][T10278] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004 [ 174.892921][T10278] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 174.900900][T10278] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7f937ac6d4 [ 174.908865][T10278] R13: 00000000004c7463 R14: 00000000004dcab8 R15: 00000000ffffffff [ 174.916834][T10278] Modules linked in: [ 174.920743][T10253] general protection fault: 0000 [#2] PREEMPT SMP KASAN [ 174.927695][T10253] CPU: 0 PID: 10253 Comm: syz-executor.3 Tainted: G D 5.3.0-rc2-next-20190729 #54 [ 174.934425][T10278] ---[ end trace b51547f3f8f17597 ]--- [ 174.938182][T10253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 174.938204][T10253] RIP: 0010:tls_trim_both_msgs+0x54/0x130 [ 174.938219][T10253] Code: 48 c1 ea 03 80 3c 02 00 0f 85 e3 00 00 00 4d 8b b5 b0 06 00 00 48 b8 00 00 00 00 00 fc ff df 49 8d 7e 28 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 b3 00 00 00 48 b8 00 00 00 00 00 fc ff df 49 8b [ 174.938235][T10253] RSP: 0018:ffff88805f1ff950 EFLAGS: 00010206 [ 174.944002][T10278] RIP: 0010:tls_trim_both_msgs+0x54/0x130 [ 174.953906][T10253] RAX: dffffc0000000000 RBX: ffff88805e9c7280 RCX: ffffc9000c588000 [ 174.953914][T10253] RDX: 0000000000000005 RSI: ffffffff862d5276 RDI: 0000000000000028 [ 174.953922][T10253] RBP: ffff88805f1ff970 R08: ffff88805f1f2040 R09: ffffed10129afab1 [ 174.953930][T10253] R10: ffffed10129afab0 R11: ffff888094d7d583 R12: 0000000000000000 [ 174.953938][T10253] R13: ffff88805f19cc40 R14: 0000000000000000 R15: 00000000ffffffe0 [ 174.953948][T10253] FS: 00007f7f937ee700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 174.953957][T10253] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.953964][T10253] CR2: 00000000208d4fe4 CR3: 000000009c4c1000 CR4: 00000000001406f0 [ 174.953972][T10253] Call Trace: [ 174.953997][T10253] tls_sw_sendmsg+0xe38/0x17b0 [ 174.961026][T10278] Code: 48 c1 ea 03 80 3c 02 00 0f 85 e3 00 00 00 4d 8b b5 b0 06 00 00 48 b8 00 00 00 00 00 fc ff df 49 8d 7e 28 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 b3 00 00 00 48 b8 00 00 00 00 00 fc ff df 49 8b [ 174.979307][T10253] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 174.979334][T10253] ? tx_work_handler+0x180/0x180 [ 174.979350][T10253] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 174.979365][T10253] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 174.979380][T10253] inet6_sendmsg+0x9e/0xe0 [ 174.979391][T10253] ? inet6_ioctl+0x1c0/0x1c0 [ 174.979405][T10253] sock_sendmsg+0xd7/0x130 [ 174.979418][T10253] ___sys_sendmsg+0x803/0x920 [ 174.979431][T10253] ? copy_msghdr_from_user+0x440/0x440 [ 174.979447][T10253] ? __fget+0xa3/0x560 [ 174.979462][T10253] ? __fget+0x384/0x560 [ 174.979476][T10253] ? ksys_dup3+0x3e0/0x3e0 [ 174.979491][T10253] ? __might_fault+0xfb/0x1e0 [ 174.979504][T10253] ? __fget_light+0x1a9/0x230 [ 174.979515][T10253] ? __fdget+0x1b/0x20 [ 174.979527][T10253] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 174.979542][T10253] __sys_sendmsg+0x105/0x1d0 [ 174.979554][T10253] ? __sys_sendmsg_sock+0xd0/0xd0 [ 174.979575][T10253] ? __x64_sys_clock_gettime+0x16d/0x240 [ 174.979589][T10253] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 174.979616][T10253] __x64_sys_sendmsg+0x78/0xb0 [ 174.979634][T10253] do_syscall_64+0xfa/0x760 [ 174.979649][T10253] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 174.979659][T10253] RIP: 0033:0x459829 [ 174.979674][T10253] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 174.979681][T10253] RSP: 002b:00007f7f937edc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 174.979693][T10253] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 174.979701][T10253] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004 [ 174.979709][T10253] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 174.979718][T10253] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7f937ee6d4 [ 174.979726][T10253] R13: 00000000004c7463 R14: 00000000004dcab8 R15: 00000000ffffffff [ 174.979739][T10253] Modules linked in: [ 175.052363][T10253] ---[ end trace b51547f3f8f17598 ]--- [ 175.067170][T10278] RSP: 0018:ffff88805e6ef950 EFLAGS: 00010206 [ 175.091803][T10253] RIP: 0010:tls_trim_both_msgs+0x54/0x130 [ 175.111670][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 175.119051][T10253] Code: 48 c1 ea 03 80 3c 02 00 0f 85 e3 00 00 00 4d 8b b5 b0 06 00 00 48 b8 00 00 00 00 00 fc ff df 49 8d 7e 28 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 b3 00 00 00 48 b8 00 00 00 00 00 fc ff df 49 8b [ 175.346503][ T3877] kobject: 'loop5' (0000000095f2ca12): kobject_uevent_env [ 175.360331][ T3877] kobject: 'loop5' (0000000095f2ca12): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 175.410398][T10278] RAX: dffffc0000000000 RBX: ffff88805deb8180 RCX: ffffc9000c98a000 [ 175.419409][T10278] RDX: 0000000000000005 RSI: ffffffff862d5276 RDI: 0000000000000028 [ 175.429233][T10278] RBP: ffff88805e6ef970 R08: ffff88809c9220c0 R09: ffffed10129a2d59 [ 175.438495][T10278] R10: ffffed10129a2d58 R11: ffff888094d16ac3 R12: 0000000000000000 [ 175.448233][T10278] R13: ffff88808b594c80 R14: 0000000000000000 R15: 00000000ffffffe0 [ 175.459184][T10265] kasan: CONFIG_KASAN_INLINE enabled [ 175.482372][T10265] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 175.498302][T10278] FS: 00007f7f937ac700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 175.517327][T10265] general protection fault: 0000 [#3] PREEMPT SMP KASAN [ 175.524296][T10265] CPU: 0 PID: 10265 Comm: syz-executor.2 Tainted: G D 5.3.0-rc2-next-20190729 #54 [ 175.534781][T10265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 175.544870][T10265] RIP: 0010:tls_trim_both_msgs+0x54/0x130 [ 175.550585][T10265] Code: 48 c1 ea 03 80 3c 02 00 0f 85 e3 00 00 00 4d 8b b5 b0 06 00 00 48 b8 00 00 00 00 00 fc ff df 49 8d 7e 28 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 b3 00 00 00 48 b8 00 00 00 00 00 fc ff df 49 8b [ 175.570190][T10265] RSP: 0018:ffff88805f35f950 EFLAGS: 00010206 [ 175.576262][T10265] RAX: dffffc0000000000 RBX: ffff88805e5ea8c0 RCX: ffffc9000a377000 [ 175.584234][T10265] RDX: 0000000000000005 RSI: ffffffff862d5276 RDI: 0000000000000028 [ 175.592198][T10265] RBP: ffff88805f35f970 R08: ffff88805f356040 R09: ffffed10129da949 [ 175.600166][T10265] R10: ffffed10129da948 R11: ffff888094ed4a43 R12: 0000000000000000 [ 175.608220][T10265] R13: ffff888089b08c80 R14: 0000000000000000 R15: 00000000ffffffe0 [ 175.616188][T10265] FS: 00007f893c49d700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 175.625128][T10265] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.631703][T10265] CR2: 00007f83902b6000 CR3: 000000008bb72000 CR4: 00000000001406f0 [ 175.639673][T10265] Call Trace: [ 175.642965][T10265] tls_sw_sendmsg+0xe38/0x17b0 [ 175.647723][T10265] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 175.653965][T10265] ? tx_work_handler+0x180/0x180 [ 175.658902][T10265] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 175.664443][T10265] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 175.670677][T10265] inet6_sendmsg+0x9e/0xe0 [ 175.675087][T10265] ? inet6_ioctl+0x1c0/0x1c0 [ 175.679669][T10265] sock_sendmsg+0xd7/0x130 [ 175.684077][T10265] ___sys_sendmsg+0x803/0x920 [ 175.688752][T10265] ? copy_msghdr_from_user+0x440/0x440 [ 175.694203][T10265] ? __fget+0xa3/0x560 [ 175.698264][T10265] ? __fget+0x384/0x560 [ 175.702412][T10265] ? ksys_dup3+0x3e0/0x3e0 [ 175.706823][T10265] ? __might_fault+0xfb/0x1e0 [ 175.711494][T10265] ? __fget_light+0x1a9/0x230 [ 175.716165][T10265] ? __fdget+0x1b/0x20 [ 175.720234][T10265] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 175.726473][T10265] __sys_sendmsg+0x105/0x1d0 [ 175.731056][T10265] ? __sys_sendmsg_sock+0xd0/0xd0 [ 175.736083][T10265] ? __x64_sys_clock_gettime+0x16d/0x240 [ 175.741711][T10265] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 175.747871][T10265] __x64_sys_sendmsg+0x78/0xb0 [ 175.752636][T10265] do_syscall_64+0xfa/0x760 [ 175.757137][T10265] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 175.763020][T10265] RIP: 0033:0x459829 [ 175.766909][T10265] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 175.786510][T10265] RSP: 002b:00007f893c49cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 175.794920][T10265] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 175.802889][T10265] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004 [ 175.810855][T10265] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 175.818819][T10265] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f893c49d6d4 [ 175.826783][T10265] R13: 00000000004c7463 R14: 00000000004dcab8 R15: 00000000ffffffff [ 175.834753][T10265] Modules linked in: [ 175.850287][T10278] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.857802][T10278] CR2: 00007f83902b6000 CR3: 000000009c4c1000 CR4: 00000000001406f0 [ 175.868931][T10278] Kernel panic - not syncing: Fatal exception [ 175.876057][T10278] Kernel Offset: disabled [ 175.880432][T10278] Rebooting in 86400 seconds..