Warning: Permanently added '10.128.10.21' (ECDSA) to the list of known hosts. syzkaller login: [ 109.910852] audit: type=1400 audit(1596135730.858:8): avc: denied { execmem } for pid=6348 comm="syz-executor472" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 110.134310] IPVS: ftp: loaded support on port[0] = 21 [ 110.988373] chnl_net:caif_netlink_parms(): no params data found [ 111.053532] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.060327] bridge0: port 1(bridge_slave_0) entered disabled state [ 111.068135] device bridge_slave_0 entered promiscuous mode [ 111.077100] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.083828] bridge0: port 2(bridge_slave_1) entered disabled state [ 111.090988] device bridge_slave_1 entered promiscuous mode [ 111.108772] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 111.117722] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 111.135945] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 111.143199] team0: Port device team_slave_0 added [ 111.149217] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 111.156756] team0: Port device team_slave_1 added [ 111.171935] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 111.178360] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 111.204115] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 111.215646] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 111.221902] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 111.247297] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 111.258068] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 111.265906] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 111.305673] device hsr_slave_0 entered promiscuous mode [ 111.344405] device hsr_slave_1 entered promiscuous mode [ 111.394124] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 111.401343] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 111.465249] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.471750] bridge0: port 2(bridge_slave_1) entered forwarding state [ 111.480210] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.486677] bridge0: port 1(bridge_slave_0) entered forwarding state [ 111.517324] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 111.524949] 8021q: adding VLAN 0 to HW filter on device bond0 [ 111.533140] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 111.544402] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 111.563071] bridge0: port 1(bridge_slave_0) entered disabled state [ 111.570450] bridge0: port 2(bridge_slave_1) entered disabled state [ 111.581679] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 111.588270] 8021q: adding VLAN 0 to HW filter on device team0 [ 111.596825] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 111.604831] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.611237] bridge0: port 1(bridge_slave_0) entered forwarding state [ 111.625617] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 111.633949] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.640762] bridge0: port 2(bridge_slave_1) entered forwarding state [ 111.652133] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 111.660647] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 111.670183] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 111.681025] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 111.691937] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 111.702457] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 111.709429] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 111.716523] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 111.729159] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 111.737487] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 111.744366] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 111.755046] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 111.807000] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 111.817388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 111.849278] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 111.856822] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 111.864491] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 111.874094] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 111.881521] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 111.888657] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 111.898429] device veth0_vlan entered promiscuous mode [ 111.907959] device veth1_vlan entered promiscuous mode [ 111.914384] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 111.924569] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 111.936897] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 111.946184] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 111.954803] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 111.962017] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 111.971260] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 111.980606] device veth0_macvtap entered promiscuous mode [ 111.989667] device veth1_macvtap entered promiscuous mode [ 111.999134] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 112.008585] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 112.018558] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 112.026792] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 112.033838] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 112.041583] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 112.052491] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 112.060222] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 112.067326] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 112.075642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program [ 113.205469] FAULT_INJECTION: forcing a failure. [ 113.205469] name failslab, interval 1, probability 0, space 0, times 1 [ 113.233331] CPU: 1 PID: 6349 Comm: syz-executor472 Not tainted 4.14.190-syzkaller #0 [ 113.241244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 113.250604] Call Trace: [ 113.253206] dump_stack+0x1b2/0x283 [ 113.257718] should_fail.cold+0x10a/0x154 [ 113.262580] should_failslab+0xd6/0x130 [ 113.266599] __kmalloc+0x2c1/0x400 [ 113.270145] ? register_shrinker+0x1ab/0x220 [ 113.274705] register_shrinker+0x1ab/0x220 [ 113.278960] sget_userns+0x9aa/0xc10 [ 113.282850] ? set_bdev_super+0x110/0x110 [ 113.286996] ? ns_test_super+0x50/0x50 [ 113.290878] ? set_bdev_super+0x110/0x110 [ 113.295016] ? ns_test_super+0x50/0x50 [ 113.298908] sget+0xd1/0x110 [ 113.301924] mount_bdev+0xcd/0x360 [ 113.305459] ? hfs_remount+0x1b0/0x1b0 [ 113.309347] mount_fs+0x92/0x2a0 [ 113.312989] vfs_kern_mount.part.0+0x5b/0x470 [ 113.317509] do_mount+0xe53/0x2a00 [ 113.321063] ? do_raw_spin_unlock+0x164/0x220 [ 113.325572] ? copy_mount_string+0x40/0x40 [ 113.329822] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 113.334849] ? copy_mnt_ns+0xa30/0xa30 [ 113.338741] ? copy_mount_options+0x1fa/0x2f0 [ 113.344111] ? copy_mnt_ns+0xa30/0xa30 [ 113.348000] SyS_mount+0xa8/0x120 [ 113.351451] ? copy_mnt_ns+0xa30/0xa30 [ 113.355502] do_syscall_64+0x1d5/0x640 [ 113.359381] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 113.364624] RIP: 0033:0x4500da [ 113.367825] RSP: 002b:00007ffce9f83258 EFLAGS: 00000287 ORIG_RAX: 00000000000000a5 [ 113.375529] RAX: ffffffffffffffda RBX: 00007ffce9f832c0 RCX: 00000000004500da [ 113.382794] RDX: 00007ffce9f83260 RSI: 0000000020000080 RDI: 00007ffce9f83280 [ 113.390163] RBP: 00007ffce9f83260 R08: 00007ffce9f832c0 R09: 000000000000000a [ 113.397428] R10: 0000000000000000 R11: 0000000000000287 R12: 0000000000000006 [ 113.404709] R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 [ 113.416880] ------------[ cut here ]------------ [ 113.421799] WARNING: CPU: 1 PID: 6349 at fs/super.c:1163 kill_block_super+0xbe/0xe0 [ 113.429600] Kernel panic - not syncing: panic_on_warn set ... [ 113.429600] [ 113.437004] CPU: 1 PID: 6349 Comm: syz-executor472 Not tainted 4.14.190-syzkaller #0 [ 113.444886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 113.454233] Call Trace: [ 113.456822] dump_stack+0x1b2/0x283 [ 113.460439] panic+0x1f9/0x42d [ 113.463644] ? add_taint.cold+0x16/0x16 [ 113.467632] ? kill_block_super+0xbe/0xe0 [ 113.471783] ? kill_block_super+0xbe/0xe0 [ 113.475943] __warn.cold+0x20/0x4b [ 113.479476] ? ist_end_non_atomic+0x10/0x10 [ 113.483820] ? kill_block_super+0xbe/0xe0 [ 113.488021] report_bug+0x208/0x249 [ 113.491643] do_error_trap+0x195/0x2d0 [ 113.495506] ? math_error+0x2d0/0x2d0 [ 113.499300] ? retint_kernel+0x2d/0x2d [ 113.503180] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 113.508007] invalid_op+0x1b/0x40 [ 113.511452] RIP: 0010:kill_block_super+0xbe/0xe0 [ 113.516225] RSP: 0018:ffff888099e97bc8 EFLAGS: 00010297 [ 113.521601] RAX: ffff888097726000 RBX: 0000000000000000 RCX: 1ffff11012ee4d16 [ 113.528860] RDX: 0000000000000000 RSI: 0000000000000002 RDI: ffff8880a6993bb0 [ 113.536115] RBP: ffff888094d38580 R08: ffffffff8a09ba68 R09: 0000000000000001 [ 113.543382] R10: 0000000000000000 R11: ffff888097726000 R12: ffff8880a6993700 [ 113.550647] R13: ffffffff87ec1c50 R14: ffffffff87d536a0 R15: dffffc0000000000 [ 113.557926] ? kill_block_super+0xbe/0xe0 [ 113.562261] deactivate_locked_super+0x6c/0xd0 [ 113.566835] sget_userns+0x9c4/0xc10 [ 113.570671] ? set_bdev_super+0x110/0x110 [ 113.574808] ? ns_test_super+0x50/0x50 [ 113.578693] ? set_bdev_super+0x110/0x110 [ 113.582826] ? ns_test_super+0x50/0x50 [ 113.586703] sget+0xd1/0x110 [ 113.589708] mount_bdev+0xcd/0x360 [ 113.593257] ? hfs_remount+0x1b0/0x1b0 [ 113.597142] mount_fs+0x92/0x2a0 [ 113.600511] vfs_kern_mount.part.0+0x5b/0x470 [ 113.605020] do_mount+0xe53/0x2a00 [ 113.608566] ? do_raw_spin_unlock+0x164/0x220 [ 113.613071] ? copy_mount_string+0x40/0x40 [ 113.617321] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 113.622328] ? copy_mnt_ns+0xa30/0xa30 [ 113.626218] ? copy_mount_options+0x1fa/0x2f0 [ 113.630721] ? copy_mnt_ns+0xa30/0xa30 [ 113.634604] SyS_mount+0xa8/0x120 [ 113.638056] ? copy_mnt_ns+0xa30/0xa30 [ 113.641957] do_syscall_64+0x1d5/0x640 [ 113.645837] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 113.651116] RIP: 0033:0x4500da [ 113.654309] RSP: 002b:00007ffce9f83258 EFLAGS: 00000287 ORIG_RAX: 00000000000000a5 [ 113.662013] RAX: ffffffffffffffda RBX: 00007ffce9f832c0 RCX: 00000000004500da [ 113.669278] RDX: 00007ffce9f83260 RSI: 0000000020000080 RDI: 00007ffce9f83280 [ 113.676531] RBP: 00007ffce9f83260 R08: 00007ffce9f832c0 R09: 000000000000000a [ 113.683809] R10: 0000000000000000 R11: 0000000000000287 R12: 0000000000000006 [ 113.691329] R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 [ 113.700074] Kernel Offset: disabled [ 113.703752] Rebooting in 86400 seconds..