[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 31.260696] kauditd_printk_skb: 8 callbacks suppressed [ 31.260709] audit: type=1800 audit(1544557408.304:29): pid=6057 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 31.294047] audit: type=1800 audit(1544557408.304:30): pid=6057 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 [....] startpar: service(s) returned failure: ssh ...[?25l[?1c7[FAIL8[?25h[?0c failed! Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.101' (ECDSA) to the list of known hosts. 2018/12/11 19:43:38 fuzzer started 2018/12/11 19:43:40 dialing manager at 10.128.0.26:34565 syzkaller login: [ 43.679720] ld (6242) used greatest stack depth: 15184 bytes left 2018/12/11 19:43:40 syscalls: 1 2018/12/11 19:43:40 code coverage: enabled 2018/12/11 19:43:40 comparison tracing: enabled 2018/12/11 19:43:40 setuid sandbox: enabled 2018/12/11 19:43:40 namespace sandbox: enabled 2018/12/11 19:43:40 Android sandbox: /sys/fs/selinux/policy does not exist 2018/12/11 19:43:40 fault injection: enabled 2018/12/11 19:43:40 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/12/11 19:43:40 net packet injection: enabled 2018/12/11 19:43:40 net device setup: enabled 19:46:38 executing program 0: capset(&(0x7f0000000280)={0x19980330}, &(0x7f0000804000)) semctl$SETALL(0x0, 0x0, 0x10, 0x0) [ 221.940954] IPVS: ftp: loaded support on port[0] = 21 19:46:39 executing program 1: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="5fb88c750196077aa3214bebc13f7d74ad4d9320611cf5a33f2a3f09e1c926359dcfe20001c781cb67f79cb0c6f5f4bf8ed60dce2176c22a20b22b9b24172b5569ec67906e7df93b05b19ba5360f2eab62812070fc181a2483366595113b240804d882a7dcd7ac4ba53e06d02558968b978122716d1823dcc7d40155c1bc1e8433f5ba15f5ee48c0ca941fce872e497d1377e2a5bde956f003caaf58c7520f82d7346c266e8ea70dab3bb7af6d78602a31ab8d232b07f6e3ef524b552ed88a1b1c02bc89f4f671855d40a2c1c173d4bb121bc86270c32d39c4c0d09a29b8983169914d8df86417a802b772bb638f72ccdcbb46267b5751816c77b6739f484292d5ca5e1bc4efee06f4e07e6a795faee2af27a8f212", 0x115, 0x0, 0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$FS_IOC_GETFSLABEL(r0, 0x400452c8, &(0x7f0000000100)) [ 222.213919] IPVS: ftp: loaded support on port[0] = 21 19:46:39 executing program 2: perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000240)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00') sendfile(r1, r2, 0x0, 0x50000000000443) [ 222.518489] IPVS: ftp: loaded support on port[0] = 21 19:46:39 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(camellia)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f00000008c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_aout(r1, &(0x7f0000002500)={{}, "4cae3f31b6597dc3e7d93f1a6752f84dc1d653f27dc8bb1d56d30c925455a6b0e73bd093b8229877c9e8b3c7cfd275371688d9d4f6170feafc849dda0ff41005c641ca537d6a81acd82c6dd66420b3b261eeb2a320d4ee1169ce363199fe76b8c6b62cbc907578d4ce4310f205ca3d5716cdba041f4f615d1a2ca87bc342553f46c7bb2a06889a1e83e7075505b0c45a7921efaf5379781ed12775480bc4d7b8eba7461d20741340ecfa2dfdff508bbd32e2bdf656f2347169dfe58aba2cfc042a9a2e47de557eaeaf8e596be497b723f1f7fe50dcc65bbce4960e121f0f822d24f736cf8d9ab6219d45ecf6305a00439ebbe09e6263df30ce3288bfd6fdd7a4c7ae9c22b5cb5724327358b004a20e1f4cf32b6b74ac4496094c8c7d8a7745a22083d3b484fd3e10a84863eadd8c7534463ea944499a036ff0d5a174c7c6aa0d0b2b755637aeb75cd52503e894e12840d2b06aaa26e4bfabc3ba15a5b743e4d0fde72051738a24d994e8510b69f76ebb144fe758d800c826c9331efa46ebd57a994b22ce8b7f6ff32292b9a4c72e3f59fdc23433431ecf9d1c3c18623535c8146444d84f5fd0d54d4b1c243f07358c90cd144c659d44ba8b1a60367c53156203238fbfe9b9905128a73b13d726d5ade124d31e793e60f2fa68c0c24df539b4c55fb784ac20fd7e1e2c86b6c692bc0d92ed94aa3cdc98109a1f5505338f1db516b93200a18ad326046fc84eb2db98b52881daba5bc10b5d3e6c49fcf58ce24e2883a9bba7a0fe2afd834b62e392ded9cf26d39adf0f4af76b017bfc1742f53110e65746b6463e8545b0bcfe897275a50a998a79e4cf5252e96eafe66599d66575ee11e12103a4a8a78403d57df8af91a5a750da9d1a2ea87aada07aa66110a755f6e4e29f7b7177910e7cfbedcdbb22eb02732018e59a6a6b77bf6dc999d733069ac815b19ec4caa7ca89137d82e9e82a0317e7f9234de23f1c824dbe3d7ded5246f9d1dcda161988cf2b533b46916c78d0dd94df381bee6b5450b6d6197c15f3a8dffd2401d87f75e26f15c8feba942ee74e66d726981b5046a2cfc28a6975f93933b1cab0efd8fd954c5305831bdbe8f876295694be4590e3555308dfd79ce0c3b02299b140b90dcdc6b5e08c43063f1f81fa986dfbba0f93915e82f2150cfec65ca22779c56c94b0ee722d714238d0cbc6f5a819266f5377397bd5864a196cb936ac2eaf2676845dc660ea08a8f6b2691a7d56cd483ab2f411805ff53d51b1297a045e9b593e51c2108b5832d644ed94a0292c397fe06767b0f1c2b477c92e1778ca57c79df640917aa701aac21806b705723c965d708e61e02ecac066b9e51123695a84472776276d8db7b5ac3902a12e52a9dca23ce3bbed2599271c0b06c3f3ab1f5ea80e10fe0ef57e0459d512b6dc134142d0769bb2fad14bfec7cef972c09ec6a8fce5676d6be2d6f717f9420d85984f0f6a7af35ecbc8a61ae61efe78b75fe2e7e5e7edcbf72c79de8cb9c1b3e12960faa33a21cd8f13aa1a410965f7a32e1a95ec1ae7964a58f03fffa7f99270997ebf8a608beab622014a2758f103cb687f7c402ade1cc6ec566d3c729b4674916d390d65e3ce59bbedcd56d0795b24c11d54f845bdfe56f4133ece0c7884c35a14a892c440ccbf27cd4d64e62a44da56706bbec59123663a6438598262b8905c9aaa198664f077e040d810370718992675e03f04f592375d267a510c6036ebc083882cc2d417a214eec85d0230e784cdce1a53344b5fb7dbf25449070e7ae30b91bac91486cf6bd78e5538606fdacc8eb1060d784025c5775334e6f1d11059b9c1148a3b01e9bb291f54e569403bde62736528f34a1eb1070f38875eefdb0c9698fed6513b3d82ce45f5f48061a0b0062a397a191c91e3571265ae6ff0b45e7b54b2b13c608a650ce25ab4f8e02d433b4a6d9887f6d83dbba51c260f51672c22fc3ec1d00e336fcfcb2e0a1c354b690e43adf31a33a9833a4731d496effb56bd2e180f07d94e5dd8e6284accd3d527ebd4da1527752e3eec99108534b1f13a827096da123dca9f3bc1ae51c53c9864be0cc1219ee32b5062e8e8cfc2a02195f0f3bd1bf2f80612975263cb0235db3b495cddc77d85e5a3fa46c50c4b96d010b0074efbbb9cfc51798f6a1e781e87443bd22eb009a501776d81516e3e17754c08250e769cda20538f37baeecb02f579b33d093b00626f7772dfcc8ee70b6e8d883e16a20baf38444a2e2b448e22e2872bf5400ce64f493300d29fca06363eb3f149fbaf16cb16632e55d933a8e1b0522423509818aacc6c3c04f954f60666c6934ab5e88be6c1a0e4d68b3b248809c70f0ae225ae9c0660e9ae58e7cbcf1774ca08e6e715e8c2bd2e55893a398d922970521a33f79d23a64d18e6cf445f446ea5ab5e3ba0112c503f37c16977377d59bafeb1c1b92e03b7f5a9fd20ed0cb02ad2f81927046d3de63e2f3fb8481ec5e2b345ec03d8f04ffa26d521704387f9364ff2eea20749440d7047abab378f7027811cc5138cde0236b5b1e8ec8030afe4dfe6ecb515f91ce1b74692887557b19bc2e964136c2e117e7a0988c74f01eeb6fd3c6acb10180483663a3dcebece903c5ca3924aed6b6613379f7833520806ee18e5be5493b6bb21c1560b003ae102cc64f85774ef3b918db6633bcb05b83a6a1439ad8b9a0165f58c91e9639432e5c83af873a933a997c9b01c5dea2b00949f600de03361ec1fd4a6dea2d9496b801e9f03830004a6cb1acf9303f82bedec0d7e2204579481023089a8ccdfb072a37fb91343e631784fe7f65c5dd1bbdf64a055f9bf81d0ed9ed28224b319563875be6d80eb345aaef1782e6f03d5a744748311cb54f3dd274d28e14f1fee4418afe40a29081617368730a681ccdf5c28caf39818f6d850577d3ef76303ae2819"}, 0x840) recvmsg(r1, &(0x7f00000024c0)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f00000014c0)=""/4096, 0x1000}], 0x1}, 0x0) [ 222.982633] IPVS: ftp: loaded support on port[0] = 21 19:46:40 executing program 4: setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000480)={'filter\x00', 0x7, 0x4, 0x478, 0x0, 0x250, 0x0, 0x390, 0x390, 0x390, 0x4, &(0x7f0000000180), {[{{@arp={@dev={0xac, 0x14, 0x14, 0x1f}, @empty, 0xff, 0x0, @empty, {}, @mac=@remote, {[0x0, 0x0, 0x0, 0x0, 0xff]}, 0x0, 0x0, 0xde7, 0x0, 0x38e, 0x2, 'syz_tun\x00', 'ip6_vti0\x00', {}, {0xff}, 0x0, 0x18}, 0xf0, 0x138}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00', 0x1, 0x0, 0x9}}}, {{@arp={@broadcast, @local, 0xffffffff, 0xff0000ff, @empty, {[0xff, 0xff]}, @empty, {[0xff, 0x0, 0x0, 0x0, 0xff]}, 0x0, 0x4, 0x9, 0x0, 0x76, 0x3ff, 'syzkaller1\x00', 'veth1_to_bond\x00', {}, {}, 0x0, 0x80}, 0xf0, 0x118}, @unspec=@NFQUEUE0={0x28, 'NFQUEUE\x00', 0x0, {0x6}}}, {{@arp={@empty, @multicast2, 0x0, 0x0, @mac=@random="cdc7aac253ac", {[0xff]}, @mac=@link_local, {[0x0, 0xff, 0xff]}, 0x0, 0x0, 0x0, 0x3ff, 0x80000001, 0x0, 'bcsf0\x00', 'veth1\x00', {}, {}, 0x0, 0xc}, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@link_local, @remote, @empty}}}], {{[], 0xc0, 0xe8}, {0x28}}}}, 0x4c8) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r0 = memfd_create(&(0x7f0000000e40)="0000000000007225f78380807dde5053601841a0d0f82b74374852b01f125997622dc4a5e71d2ce5ac32ff90824fa25e59073487cf36ad576e32926b04894da740f7e9c0ffb42c356a1f285bfc8f0b8c6f72ef151dab4c5c2a5a751f04bfc69ac5c3b5168a6d13d826b1ed0c7527d58f54adc12fca1f25c8fc2586ea4d90f84dabcdec291fb780a39a117d12b0893b182098dceed33b222a1d413709ae355d4d297fe42c5d4e9d8bbd9d0c709cae47e88f8aa22a505b3e995b501f0d3753cd3510e87436612b401305f316177f6d4d4c70fd9d2621c3707ad88da7852596d89a59cb74505e675ac6ebc03faa3ee99889176b571135031afc973c52c5f6437b8143002b30d8fb92011c4994cc024e40497b2daeb06ad5308af486d0178a418f6bdb6940f07dc6e5cf1a3c852b401e3ecec45d22fd687928411b83f68bf7be4b21fdf0033cf949b8a76aa65d68ad885967c2cc3c2d60ec74fcf5de162c94ffe3e15775c1a1cfd9818d4c17a2f8d0a7302538f079e7b128ef123c8bb909000000000000003814c2aea86c35fbf4244a64635d32ff12e4dcb3df56e5d5d3882a9984993f8a7fef72d875d21c1e3bb2bc3e6e79a2b6d322f710f0378abc2095d32139e39f3223db9961309295e4c3c8e1b0001dd757aa000000000000000000000000000008eca80c7b0c", 0x0) execveat(r0, &(0x7f0000000000)='\x00', &(0x7f00000001c0), &(0x7f00000001c0), 0x1000) getpgrp(0x0) r1 = getpgid(0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r1, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f0000000000)=0x90, 0x4) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) [ 223.548596] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.574170] bridge0: port 1(bridge_slave_0) entered disabled state [ 223.583016] device bridge_slave_0 entered promiscuous mode [ 223.706042] IPVS: ftp: loaded support on port[0] = 21 [ 223.706309] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.734841] bridge0: port 2(bridge_slave_1) entered disabled state [ 223.742405] device bridge_slave_1 entered promiscuous mode [ 223.856736] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 223.972004] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 19:46:41 executing program 5: r0 = socket(0x1e, 0x805, 0x0) connect$llc(r0, &(0x7f00000000c0)={0x1e, 0x302}, 0x10) [ 224.244835] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.251345] bridge0: port 1(bridge_slave_0) entered disabled state [ 224.275110] device bridge_slave_0 entered promiscuous mode [ 224.334638] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.363939] IPVS: ftp: loaded support on port[0] = 21 [ 224.370291] bridge0: port 1(bridge_slave_0) entered disabled state [ 224.392526] device bridge_slave_0 entered promiscuous mode [ 224.429332] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.442243] bridge0: port 2(bridge_slave_1) entered disabled state [ 224.455816] device bridge_slave_1 entered promiscuous mode [ 224.479957] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 224.509566] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.525865] bridge0: port 2(bridge_slave_1) entered disabled state [ 224.533286] device bridge_slave_1 entered promiscuous mode [ 224.592692] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 224.615759] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 224.711813] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 224.723669] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 224.846276] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 225.142629] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 225.262313] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 225.307193] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 225.326094] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 225.333709] team0: Port device team_slave_0 added [ 225.358179] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 225.410538] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 225.447841] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.454205] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.469009] device bridge_slave_0 entered promiscuous mode [ 225.484226] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 225.506325] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 225.513733] team0: Port device team_slave_1 added [ 225.591119] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.605329] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.615963] device bridge_slave_1 entered promiscuous mode [ 225.631637] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 225.653233] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 225.678191] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 225.709270] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 225.768909] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 225.878899] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 225.896104] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 225.907395] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 225.920263] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 225.951700] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 225.976251] team0: Port device team_slave_0 added [ 226.056361] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 226.064141] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 226.075507] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 226.092831] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.109633] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.119015] device bridge_slave_0 entered promiscuous mode [ 226.180667] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 226.201138] team0: Port device team_slave_1 added [ 226.232407] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.239904] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.265916] device bridge_slave_1 entered promiscuous mode [ 226.292434] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 226.305679] team0: Port device team_slave_0 added [ 226.337372] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 226.361957] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 226.372930] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 226.383024] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 226.405844] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 226.461414] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 226.479476] team0: Port device team_slave_1 added [ 226.495790] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 226.505952] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 226.520284] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 226.545901] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 226.558074] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 226.669141] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 226.682498] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 226.698624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 226.709080] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 226.735385] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 226.749497] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 226.817051] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 226.847334] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 226.854609] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 226.875568] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 226.896495] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.907802] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.924200] device bridge_slave_0 entered promiscuous mode [ 226.956521] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 226.964412] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 226.974513] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 227.005910] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 227.048326] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.057765] bridge0: port 2(bridge_slave_1) entered disabled state [ 227.072249] device bridge_slave_1 entered promiscuous mode [ 227.104915] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 227.112078] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 227.125708] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 227.154549] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 227.192190] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 227.218025] team0: Port device team_slave_0 added [ 227.243851] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 227.253073] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 227.283708] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 227.372517] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 227.382886] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 227.410684] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 227.425872] team0: Port device team_slave_1 added [ 227.431838] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 227.569210] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 227.592530] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 227.602350] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 227.644233] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.650754] bridge0: port 2(bridge_slave_1) entered forwarding state [ 227.657805] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.664180] bridge0: port 1(bridge_slave_0) entered forwarding state [ 227.689379] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 227.759504] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 227.865087] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 227.872206] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 227.880399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 227.902918] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 227.924016] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 227.932649] team0: Port device team_slave_0 added [ 227.947718] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 227.964573] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 228.018398] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 228.039567] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 228.055624] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 228.079514] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 228.087251] team0: Port device team_slave_1 added [ 228.193796] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 228.211668] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 228.263025] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 228.297197] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 228.304038] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 228.315880] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 228.351602] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 228.376588] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.382954] bridge0: port 2(bridge_slave_1) entered forwarding state [ 228.389670] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.396080] bridge0: port 1(bridge_slave_0) entered forwarding state [ 228.416235] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 228.443877] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 228.474917] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 228.486040] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 228.587695] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 228.605647] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 228.625652] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 228.691173] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.697598] bridge0: port 2(bridge_slave_1) entered forwarding state [ 228.704241] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.710656] bridge0: port 1(bridge_slave_0) entered forwarding state [ 228.733689] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 228.743306] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 228.758857] team0: Port device team_slave_0 added [ 228.768357] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 228.790657] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 228.806004] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 228.859896] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 228.895943] team0: Port device team_slave_1 added [ 229.035611] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 229.045592] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 229.052996] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 229.165178] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 229.172017] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 229.183590] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 229.321938] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 229.355165] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 229.369578] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 229.413026] bridge0: port 2(bridge_slave_1) entered blocking state [ 229.419444] bridge0: port 2(bridge_slave_1) entered forwarding state [ 229.426160] bridge0: port 1(bridge_slave_0) entered blocking state [ 229.432527] bridge0: port 1(bridge_slave_0) entered forwarding state [ 229.478610] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 229.505634] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 229.513138] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 229.535569] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 230.047688] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 230.211935] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.218344] bridge0: port 2(bridge_slave_1) entered forwarding state [ 230.225140] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.231514] bridge0: port 1(bridge_slave_0) entered forwarding state [ 230.275626] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 230.960574] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.967102] bridge0: port 2(bridge_slave_1) entered forwarding state [ 230.973769] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.980209] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.008015] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 231.087938] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 231.107851] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 232.908265] 8021q: adding VLAN 0 to HW filter on device bond0 [ 233.365604] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 233.666000] 8021q: adding VLAN 0 to HW filter on device bond0 [ 233.710993] 8021q: adding VLAN 0 to HW filter on device bond0 [ 233.856436] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 233.862598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 233.880259] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 234.154463] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 234.180682] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 234.309460] 8021q: adding VLAN 0 to HW filter on device team0 [ 234.618911] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 234.625198] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 234.634028] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 234.665638] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 234.682038] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 234.705859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 234.828819] 8021q: adding VLAN 0 to HW filter on device bond0 [ 235.086485] 8021q: adding VLAN 0 to HW filter on device team0 [ 235.145507] 8021q: adding VLAN 0 to HW filter on device team0 [ 235.251198] 8021q: adding VLAN 0 to HW filter on device bond0 [ 235.316401] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 235.688055] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 235.752162] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 235.781144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 235.790448] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 236.121929] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 236.150707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 236.165446] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 236.197095] 8021q: adding VLAN 0 to HW filter on device bond0 [ 236.245948] 8021q: adding VLAN 0 to HW filter on device team0 [ 236.592557] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 236.699473] 8021q: adding VLAN 0 to HW filter on device team0 [ 236.774580] ================================================================== [ 236.782221] BUG: KASAN: use-after-free in __list_del_entry_valid+0xf1/0x100 [ 236.789345] Read of size 8 at addr ffff8881c2b578f0 by task ip/7586 [ 236.795760] [ 236.797404] CPU: 0 PID: 7586 Comm: ip Not tainted 4.20.0-rc6-next-20181210+ #164 [ 236.804936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 236.814287] Call Trace: [ 236.816944] dump_stack+0x244/0x39d [ 236.820591] ? dump_stack_print_info.cold.1+0x20/0x20 [ 236.825838] ? printk+0xa7/0xcf [ 236.829148] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 236.833951] print_address_description.cold.4+0x9/0x1ff [ 236.839324] ? __list_del_entry_valid+0xf1/0x100 [ 236.844083] kasan_report.cold.5+0x1b/0x39 [ 236.848320] ? __list_del_entry_valid+0xf1/0x100 [ 236.853109] ? refcount_sub_and_test_checked+0x180/0x310 [ 236.858566] ? __list_del_entry_valid+0xf1/0x100 [ 236.863330] __asan_report_load8_noabort+0x14/0x20 [ 236.868266] __list_del_entry_valid+0xf1/0x100 [ 236.872885] neigh_mark_dead+0x13b/0x410 [ 236.876957] ? neigh_change_state+0x680/0x680 [ 236.881482] ? kasan_check_write+0x14/0x20 [ 236.885750] ? do_raw_write_lock+0x14f/0x310 [ 236.890163] ? do_raw_read_unlock+0x70/0x70 [ 236.894529] ? __lock_is_held+0xb5/0x140 [ 236.898606] neigh_flush_dev+0x3a1/0x960 [ 236.902674] ? neigh_changeaddr+0x24/0x40 [ 236.906865] ? __neigh_for_each_release+0x4f0/0x4f0 [ 236.911881] ? do_raw_read_unlock+0x70/0x70 [ 236.916247] ? net_to_rxe+0xe1/0x110 [ 236.919974] neigh_changeaddr+0x31/0x40 [ 236.923991] ndisc_netdev_event+0xe6/0x5b0 [ 236.928276] ? ndisc_send_unsol_na+0x500/0x500 [ 236.932898] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 236.938462] ? netconsole_netdev_event+0x7d/0x280 [ 236.943341] notifier_call_chain+0x17e/0x380 [ 236.947797] ? unregister_die_notifier+0x20/0x20 [ 236.952556] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 236.958112] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 236.963651] ? rtnl_is_locked+0xb5/0xf0 [ 236.967659] ? rtnl_trylock+0x20/0x20 [ 236.971485] raw_notifier_call_chain+0x2d/0x40 [ 236.976113] call_netdevice_notifiers_info+0x3f/0x90 [ 236.981234] dev_set_mac_address+0x293/0x3b0 [ 236.985644] ? netdev_state_change+0x1a0/0x1a0 [ 236.990250] ? lru_cache_add+0xa50/0xa50 [ 236.994316] ? cpumask_any_but+0xb1/0xe0 [ 236.998413] do_setlink+0x7c7/0x3f30 [ 237.002128] ? print_usage_bug+0xc0/0xc0 [ 237.006206] ? find_held_lock+0x36/0x1c0 [ 237.010272] ? validate_linkmsg+0xa50/0xa50 [ 237.014642] ? wp_page_copy+0x1a0e/0x2720 [ 237.018798] ? lock_downgrade+0x900/0x900 [ 237.022985] ? mark_held_locks+0x130/0x130 [ 237.027236] ? mark_held_locks+0x130/0x130 [ 237.031477] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 237.036716] ? validate_nla+0x29a/0x1650 [ 237.040819] ? nla_memcmp+0x90/0x90 [ 237.044455] ? mark_held_locks+0x130/0x130 [ 237.048694] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 237.054265] ? rtnl_is_locked+0xb5/0xf0 [ 237.058293] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 237.063317] ? validate_linkmsg+0x271/0xa50 [ 237.067645] ? rtnl_stats_dump+0xd70/0xd70 [ 237.071883] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 237.077881] ? netdev_master_upper_dev_get+0x173/0x250 [ 237.083164] ? __nla_parse+0x12c/0x3e0 [ 237.087084] ? netdev_has_any_upper_dev+0x170/0x170 [ 237.092119] __rtnl_newlink+0xcde/0x19e0 [ 237.096204] ? rtnl_link_unregister+0x390/0x390 [ 237.100937] ? rcu_read_unlock_special+0x370/0x370 [ 237.105874] ? rcu_softirq_qs+0x20/0x20 [ 237.109885] ? unwind_dump+0x190/0x190 [ 237.113873] ? is_bpf_text_address+0xd3/0x170 [ 237.118436] ? kernel_text_address+0x79/0xf0 [ 237.122871] ? __kernel_text_address+0xd/0x40 [ 237.127372] ? unwind_get_return_address+0x61/0xa0 [ 237.132317] ? __save_stack_trace+0x8d/0xf0 [ 237.136658] ? save_stack+0xa9/0xd0 [ 237.140289] ? save_stack+0x43/0xd0 [ 237.143929] ? kasan_kmalloc+0xcb/0xd0 [ 237.147819] ? kmem_cache_alloc_trace+0x154/0x740 [ 237.152673] ? rtnl_newlink+0x4d/0xa0 [ 237.156481] ? rtnetlink_rcv_msg+0x46a/0xc20 [ 237.160920] ? netlink_rcv_skb+0x172/0x440 [ 237.165161] ? rtnetlink_rcv+0x1c/0x20 [ 237.169046] ? netlink_unicast+0x5a5/0x760 [ 237.173281] ? netlink_sendmsg+0xa18/0xfc0 [ 237.177560] ? rtnl_newlink+0x4d/0xa0 [ 237.181389] ? rcu_read_lock_sched_held+0x14f/0x180 [ 237.186404] ? kmem_cache_alloc_trace+0x356/0x740 [ 237.191242] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 237.196548] ? ns_capable_common+0x13f/0x170 [ 237.200982] ? rcu_read_unlock_special+0x370/0x370 [ 237.205921] rtnl_newlink+0x6b/0xa0 [ 237.209549] ? __rtnl_newlink+0x19e0/0x19e0 [ 237.213876] rtnetlink_rcv_msg+0x46a/0xc20 [ 237.218112] ? rtnl_fdb_dump+0xd00/0xd00 [ 237.222183] netlink_rcv_skb+0x172/0x440 [ 237.226248] ? rtnl_fdb_dump+0xd00/0xd00 [ 237.230328] ? netlink_ack+0xb80/0xb80 [ 237.234211] ? rcu_read_unlock_special+0x370/0x370 [ 237.239192] rtnetlink_rcv+0x1c/0x20 [ 237.242902] netlink_unicast+0x5a5/0x760 [ 237.246987] ? netlink_attachskb+0x9a0/0x9a0 [ 237.251441] ? aa_sk_perm+0x22b/0x8e0 [ 237.255245] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 237.260283] netlink_sendmsg+0xa18/0xfc0 [ 237.264348] ? netlink_unicast+0x760/0x760 [ 237.268613] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 237.273586] ? apparmor_socket_sendmsg+0x29/0x30 [ 237.278358] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 237.283963] ? security_socket_sendmsg+0x94/0xc0 [ 237.288733] ? netlink_unicast+0x760/0x760 [ 237.293021] sock_sendmsg+0xd5/0x120 [ 237.296756] ___sys_sendmsg+0x7fd/0x930 [ 237.300751] ? copy_msghdr_from_user+0x580/0x580 [ 237.305515] ? graph_lock+0x270/0x270 [ 237.309349] ? graph_lock+0x270/0x270 [ 237.313153] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 237.318730] ? __fget_light+0x2e9/0x430 [ 237.322717] ? fget_raw+0x20/0x20 [ 237.326181] ? find_held_lock+0x36/0x1c0 [ 237.330247] ? __do_page_fault+0x62e/0xd70 [ 237.334498] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 237.340035] ? sockfd_lookup_light+0xc5/0x160 [ 237.344539] __sys_sendmsg+0x11d/0x280 [ 237.348428] ? __ia32_sys_shutdown+0x80/0x80 [ 237.352842] ? kasan_check_write+0x14/0x20 [ 237.357077] ? up_read+0x225/0x2c0 [ 237.360623] ? up_read_non_owner+0x100/0x100 [ 237.365047] ? do_syscall_64+0x9a/0x820 [ 237.369043] ? do_syscall_64+0x9a/0x820 [ 237.373073] ? trace_hardirqs_off_caller+0x310/0x310 [ 237.378184] __x64_sys_sendmsg+0x78/0xb0 [ 237.382249] do_syscall_64+0x1b9/0x820 [ 237.386176] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 237.391543] ? syscall_return_slowpath+0x5e0/0x5e0 [ 237.396475] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 237.401338] ? trace_hardirqs_on_caller+0x310/0x310 [ 237.406355] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 237.411373] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 237.416926] ? prepare_exit_to_usermode+0x291/0x3b0 [ 237.421976] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 237.426828] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 237.432026] RIP: 0033:0x7fdc9fc01320 [ 237.435764] Code: 02 48 83 c8 ff eb 8d 48 8b 05 14 7b 2a 00 f7 da 64 89 10 48 83 c8 ff eb c9 90 83 3d d5 d2 2a 00 00 75 10 b8 2e 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 5e ba 00 00 48 89 04 24 [ 237.454680] RSP: 002b:00007ffd5cd0dc98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 237.462392] RAX: ffffffffffffffda RBX: 00007ffd5cd11d90 RCX: 00007fdc9fc01320 [ 237.469671] RDX: 0000000000000000 RSI: 00007ffd5cd0dcd0 RDI: 0000000000000003 [ 237.476937] RBP: 00007ffd5cd0dcd0 R08: 0000000000000000 R09: 0000000000000000 [ 237.484204] R10: 0000000000000000 R11: 0000000000000246 R12: 000000005c10142f [ 237.491469] R13: 0000000000000000 R14: 00000000006395c0 R15: 00007ffd5cd12570 [ 237.498762] [ 237.500385] Allocated by task 6348: [ 237.504016] save_stack+0x43/0xd0 [ 237.507483] kasan_kmalloc+0xcb/0xd0 [ 237.511199] __kmalloc+0x15d/0x760 [ 237.514754] ___neigh_create+0x13fc/0x2600 [ 237.519013] __neigh_create+0x30/0x40 [ 237.522861] ip6_finish_output2+0xa64/0x2940 [ 237.527270] ip6_finish_output+0x58c/0xc60 [ 237.531500] ip6_output+0x232/0x9d0 [ 237.535127] ndisc_send_skb+0x1005/0x1560 [ 237.539277] ndisc_send_ns+0x3c6/0x8e0 [ 237.543169] addrconf_dad_work+0xbf2/0x1310 [ 237.547491] process_one_work+0xc90/0x1c40 [ 237.551737] worker_thread+0x17f/0x1390 [ 237.555761] kthread+0x35a/0x440 [ 237.559129] ret_from_fork+0x3a/0x50 [ 237.562830] [ 237.564464] Freed by task 16: [ 237.567614] save_stack+0x43/0xd0 [ 237.571070] __kasan_slab_free+0x102/0x150 [ 237.575303] kasan_slab_free+0xe/0x10 [ 237.579106] kfree+0xcf/0x230 [ 237.582218] rcu_process_callbacks+0xd91/0x15f0 [ 237.586889] __do_softirq+0x308/0xb7e [ 237.590675] [ 237.592299] The buggy address belongs to the object at ffff8881c2b57680 [ 237.592299] which belongs to the cache kmalloc-1k of size 1024 [ 237.604959] The buggy address is located 624 bytes inside of [ 237.604959] 1024-byte region [ffff8881c2b57680, ffff8881c2b57a80) [ 237.616915] The buggy address belongs to the page: [ 237.621867] page:ffffea00070ad580 count:1 mapcount:0 mapping:ffff8881da800ac0 index:0xffff8881c2b56480 compound_mapcount: 0 [ 237.633136] flags: 0x2fffc0000010200(slab|head) [ 237.637808] raw: 02fffc0000010200 ffffea0006e6ba08 ffffea00072b9408 ffff8881da800ac0 [ 237.645739] raw: ffff8881c2b56480 ffff8881c2b56000 0000000100000003 0000000000000000 [ 237.653615] page dumped because: kasan: bad access detected [ 237.659328] [ 237.660964] Memory state around the buggy address: [ 237.665895] ffff8881c2b57780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 237.673266] ffff8881c2b57800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 237.680627] >ffff8881c2b57880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 237.687990] ^ [ 237.695009] ffff8881c2b57900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 237.702364] ffff8881c2b57980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 237.709713] ================================================================== [ 237.717077] Disabling lock debugging due to kernel taint [ 237.722578] Kernel panic - not syncing: panic_on_warn set ... [ 237.728479] CPU: 0 PID: 7586 Comm: ip Tainted: G B 4.20.0-rc6-next-20181210+ #164 [ 237.737390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 237.746752] Call Trace: [ 237.749337] dump_stack+0x244/0x39d [ 237.752965] ? dump_stack_print_info.cold.1+0x20/0x20 [ 237.758156] ? __list_del_entry_valid+0x10/0x100 [ 237.762947] panic+0x2ad/0x632 [ 237.766141] ? add_taint.cold.5+0x16/0x16 [ 237.770288] ? trace_hardirqs_on+0xb4/0x310 [ 237.774602] ? __list_del_entry_valid+0xf1/0x100 [ 237.779369] end_report+0x47/0x4f [ 237.782817] kasan_report.cold.5+0xe/0x39 [ 237.786962] ? __list_del_entry_valid+0xf1/0x100 [ 237.791712] ? refcount_sub_and_test_checked+0x180/0x310 [ 237.797167] ? __list_del_entry_valid+0xf1/0x100 [ 237.801916] __asan_report_load8_noabort+0x14/0x20 [ 237.806842] __list_del_entry_valid+0xf1/0x100 [ 237.811425] neigh_mark_dead+0x13b/0x410 [ 237.815482] ? neigh_change_state+0x680/0x680 [ 237.819977] ? kasan_check_write+0x14/0x20 [ 237.824205] ? do_raw_write_lock+0x14f/0x310 [ 237.828607] ? do_raw_read_unlock+0x70/0x70 [ 237.832926] ? __lock_is_held+0xb5/0x140 [ 237.837003] neigh_flush_dev+0x3a1/0x960 [ 237.841058] ? neigh_changeaddr+0x24/0x40 [ 237.845207] ? __neigh_for_each_release+0x4f0/0x4f0 [ 237.850228] ? do_raw_read_unlock+0x70/0x70 [ 237.854546] ? net_to_rxe+0xe1/0x110 [ 237.858264] neigh_changeaddr+0x31/0x40 [ 237.862233] ndisc_netdev_event+0xe6/0x5b0 [ 237.866463] ? ndisc_send_unsol_na+0x500/0x500 [ 237.871042] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 237.876573] ? netconsole_netdev_event+0x7d/0x280 [ 237.881410] notifier_call_chain+0x17e/0x380 [ 237.885816] ? unregister_die_notifier+0x20/0x20 [ 237.890568] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 237.896100] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 237.901647] ? rtnl_is_locked+0xb5/0xf0 [ 237.905615] ? rtnl_trylock+0x20/0x20 [ 237.909418] raw_notifier_call_chain+0x2d/0x40 [ 237.913994] call_netdevice_notifiers_info+0x3f/0x90 [ 237.919108] dev_set_mac_address+0x293/0x3b0 [ 237.923516] ? netdev_state_change+0x1a0/0x1a0 [ 237.928104] ? lru_cache_add+0xa50/0xa50 [ 237.932160] ? cpumask_any_but+0xb1/0xe0 [ 237.936220] do_setlink+0x7c7/0x3f30 [ 237.939958] ? print_usage_bug+0xc0/0xc0 [ 237.944011] ? find_held_lock+0x36/0x1c0 [ 237.948068] ? validate_linkmsg+0xa50/0xa50 [ 237.952382] ? wp_page_copy+0x1a0e/0x2720 [ 237.956524] ? lock_downgrade+0x900/0x900 [ 237.960668] ? mark_held_locks+0x130/0x130 [ 237.964921] ? mark_held_locks+0x130/0x130 [ 237.969153] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 237.974340] ? validate_nla+0x29a/0x1650 [ 237.978402] ? nla_memcmp+0x90/0x90 [ 237.982024] ? mark_held_locks+0x130/0x130 [ 237.986256] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 237.991805] ? rtnl_is_locked+0xb5/0xf0 [ 237.995775] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 238.000788] ? validate_linkmsg+0x271/0xa50 [ 238.005107] ? rtnl_stats_dump+0xd70/0xd70 [ 238.009337] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 238.014884] ? netdev_master_upper_dev_get+0x173/0x250 [ 238.020154] ? __nla_parse+0x12c/0x3e0 [ 238.024042] ? netdev_has_any_upper_dev+0x170/0x170 [ 238.029070] __rtnl_newlink+0xcde/0x19e0 [ 238.033135] ? rtnl_link_unregister+0x390/0x390 [ 238.037825] ? rcu_read_unlock_special+0x370/0x370 [ 238.042760] ? rcu_softirq_qs+0x20/0x20 [ 238.046736] ? unwind_dump+0x190/0x190 [ 238.050647] ? is_bpf_text_address+0xd3/0x170 [ 238.055140] ? kernel_text_address+0x79/0xf0 [ 238.059544] ? __kernel_text_address+0xd/0x40 [ 238.064035] ? unwind_get_return_address+0x61/0xa0 [ 238.068964] ? __save_stack_trace+0x8d/0xf0 [ 238.073294] ? save_stack+0xa9/0xd0 [ 238.077364] ? save_stack+0x43/0xd0 [ 238.080985] ? kasan_kmalloc+0xcb/0xd0 [ 238.084871] ? kmem_cache_alloc_trace+0x154/0x740 [ 238.089707] ? rtnl_newlink+0x4d/0xa0 [ 238.093511] ? rtnetlink_rcv_msg+0x46a/0xc20 [ 238.097917] ? netlink_rcv_skb+0x172/0x440 [ 238.102148] ? rtnetlink_rcv+0x1c/0x20 [ 238.106027] ? netlink_unicast+0x5a5/0x760 [ 238.110263] ? netlink_sendmsg+0xa18/0xfc0 [ 238.114513] ? rtnl_newlink+0x4d/0xa0 [ 238.118312] ? rcu_read_lock_sched_held+0x14f/0x180 [ 238.123320] ? kmem_cache_alloc_trace+0x356/0x740 [ 238.128157] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 238.133454] ? ns_capable_common+0x13f/0x170 [ 238.137856] ? rcu_read_unlock_special+0x370/0x370 [ 238.142824] rtnl_newlink+0x6b/0xa0 [ 238.146448] ? __rtnl_newlink+0x19e0/0x19e0 [ 238.150766] rtnetlink_rcv_msg+0x46a/0xc20 [ 238.154996] ? rtnl_fdb_dump+0xd00/0xd00 [ 238.159060] netlink_rcv_skb+0x172/0x440 [ 238.163111] ? rtnl_fdb_dump+0xd00/0xd00 [ 238.167184] ? netlink_ack+0xb80/0xb80 [ 238.171068] ? rcu_read_unlock_special+0x370/0x370 [ 238.175998] rtnetlink_rcv+0x1c/0x20 [ 238.179729] netlink_unicast+0x5a5/0x760 [ 238.183869] ? netlink_attachskb+0x9a0/0x9a0 [ 238.188272] ? aa_sk_perm+0x22b/0x8e0 [ 238.192068] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 238.197080] netlink_sendmsg+0xa18/0xfc0 [ 238.201138] ? netlink_unicast+0x760/0x760 [ 238.205371] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 238.210425] ? apparmor_socket_sendmsg+0x29/0x30 [ 238.215178] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 238.220730] ? security_socket_sendmsg+0x94/0xc0 [ 238.225483] ? netlink_unicast+0x760/0x760 [ 238.229710] sock_sendmsg+0xd5/0x120 [ 238.233434] ___sys_sendmsg+0x7fd/0x930 [ 238.237420] ? copy_msghdr_from_user+0x580/0x580 [ 238.242169] ? graph_lock+0x270/0x270 [ 238.245972] ? graph_lock+0x270/0x270 [ 238.249801] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 238.255347] ? __fget_light+0x2e9/0x430 [ 238.259332] ? fget_raw+0x20/0x20 [ 238.262792] ? find_held_lock+0x36/0x1c0 [ 238.266851] ? __do_page_fault+0x62e/0xd70 [ 238.271091] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 238.276620] ? sockfd_lookup_light+0xc5/0x160 [ 238.281108] __sys_sendmsg+0x11d/0x280 [ 238.285010] ? __ia32_sys_shutdown+0x80/0x80 [ 238.289411] ? kasan_check_write+0x14/0x20 [ 238.293641] ? up_read+0x225/0x2c0 [ 238.297176] ? up_read_non_owner+0x100/0x100 [ 238.301585] ? do_syscall_64+0x9a/0x820 [ 238.305552] ? do_syscall_64+0x9a/0x820 [ 238.309526] ? trace_hardirqs_off_caller+0x310/0x310 [ 238.314625] __x64_sys_sendmsg+0x78/0xb0 [ 238.318686] do_syscall_64+0x1b9/0x820 [ 238.322569] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 238.327947] ? syscall_return_slowpath+0x5e0/0x5e0 [ 238.332876] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 238.337725] ? trace_hardirqs_on_caller+0x310/0x310 [ 238.342761] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 238.347790] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 238.353335] ? prepare_exit_to_usermode+0x291/0x3b0 [ 238.358375] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 238.363233] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 238.368445] RIP: 0033:0x7fdc9fc01320 [ 238.372152] Code: 02 48 83 c8 ff eb 8d 48 8b 05 14 7b 2a 00 f7 da 64 89 10 48 83 c8 ff eb c9 90 83 3d d5 d2 2a 00 00 75 10 b8 2e 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 5e ba 00 00 48 89 04 24 [ 238.391059] RSP: 002b:00007ffd5cd0dc98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 238.398783] RAX: ffffffffffffffda RBX: 00007ffd5cd11d90 RCX: 00007fdc9fc01320 [ 238.406056] RDX: 0000000000000000 RSI: 00007ffd5cd0dcd0 RDI: 0000000000000003 [ 238.413315] RBP: 00007ffd5cd0dcd0 R08: 0000000000000000 R09: 0000000000000000 [ 238.420574] R10: 0000000000000000 R11: 0000000000000246 R12: 000000005c10142f [ 238.427833] R13: 0000000000000000 R14: 00000000006395c0 R15: 00007ffd5cd12570 [ 238.436197] Kernel Offset: disabled [ 238.439819] Rebooting in 86400 seconds..