Warning: Permanently added '10.128.1.0' (ECDSA) to the list of known hosts. [ 91.139209][ T27] audit: type=1400 audit(1578486154.059:42): avc: denied { map } for pid=10696 comm="syz-executor749" path="/root/syz-executor749708424" dev="sda1" ino=16483 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 91.169349][T10697] IPVS: ftp: loaded support on port[0] = 21 [ 91.230285][T10697] chnl_net:caif_netlink_parms(): no params data found [ 91.263579][T10697] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.271172][T10697] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.279295][T10697] device bridge_slave_0 entered promiscuous mode [ 91.288735][T10697] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.296183][T10697] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.304759][T10697] device bridge_slave_1 entered promiscuous mode [ 91.323579][T10697] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.335054][T10697] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.355987][T10697] team0: Port device team_slave_0 added [ 91.364193][T10697] team0: Port device team_slave_1 added [ 91.420372][T10697] device hsr_slave_0 entered promiscuous mode [ 91.487808][T10697] device hsr_slave_1 entered promiscuous mode [ 91.626887][ T27] audit: type=1400 audit(1578486154.539:43): avc: denied { create } for pid=10697 comm="syz-executor749" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 91.630273][T10697] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 91.660942][ T27] audit: type=1400 audit(1578486154.539:44): avc: denied { write } for pid=10697 comm="syz-executor749" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 91.687566][ T27] audit: type=1400 audit(1578486154.549:45): avc: denied { read } for pid=10697 comm="syz-executor749" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 91.715580][T10697] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 91.769903][T10697] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 91.830646][T10697] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 91.911835][T10697] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.919715][T10697] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.928308][T10697] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.935719][T10697] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.984166][T10697] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.997985][ T2849] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 92.009117][ T2849] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.017036][ T2849] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.026440][ T2849] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 92.041412][T10697] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.052133][ T2967] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 92.061315][ T2967] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.068587][ T2967] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.080467][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 92.089184][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.096236][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.117529][ T2957] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 92.126204][ T2957] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 92.139963][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 92.157186][T10697] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 92.169144][T10697] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 92.181816][ T2957] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 92.191103][ T2957] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 92.200470][ T2957] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 92.224415][T10697] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.234263][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 92.242480][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 92.262930][ T2957] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 92.272464][ T2957] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 92.292256][T10697] device veth0_vlan entered promiscuous mode [ 92.299564][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 92.309056][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 92.318076][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 92.325738][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready executing program [ 92.339341][T10697] device veth1_vlan entered promiscuous mode [ 92.355856][T10697] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 92.363844][T10697] #PF: supervisor instruction fetch in kernel mode [ 92.370571][T10697] #PF: error_code(0x0010) - not-present page [ 92.376537][T10697] PGD 985cd067 P4D 985cd067 PUD a21fd067 PMD 0 [ 92.382999][T10697] Oops: 0010 [#1] PREEMPT SMP KASAN [ 92.388188][T10697] CPU: 0 PID: 10697 Comm: syz-executor749 Not tainted 5.5.0-rc5-syzkaller #0 [ 92.397116][T10697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 92.407328][T10697] RIP: 0010:0x0 [ 92.410952][T10697] Code: Bad RIP value. [ 92.415130][T10697] RSP: 0018:ffffc90001aefa78 EFLAGS: 00010246 [ 92.421189][T10697] RAX: dffffc0000000000 RBX: ffff888218104540 RCX: ffffffff876a0fd1 [ 92.429526][T10697] RDX: 1ffffffff114870c RSI: 0000000000000004 RDI: ffff888218104540 [ 92.437494][T10697] RBP: ffffc90001aefab8 R08: ffff8880a258a200 R09: ffffed1015d0703d [ 92.445596][T10697] R10: ffffed1015d0703c R11: ffff8880ae8381e3 R12: ffffffff88a436e0 [ 92.453594][T10697] R13: ffff888085299000 R14: ffffc90001aefbb0 R15: 0000000000000000 [ 92.461757][T10697] FS: 0000000002395880(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 92.470714][T10697] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.477529][T10697] CR2: ffffffffffffffd6 CR3: 00000000915b4000 CR4: 00000000001406f0 [ 92.485655][T10697] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 92.493624][T10697] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 92.501593][T10697] Call Trace: [ 92.505328][T10697] cfg80211_wext_siwfrag+0x279/0x910 [ 92.510755][T10697] ioctl_standard_call+0xca/0x1d0 [ 92.515771][T10697] ? cfg80211_wext_siwrts+0x8f0/0x8f0 [ 92.521144][T10697] ? cfg80211_wext_siwrts+0x8f0/0x8f0 [ 92.526511][T10697] wireless_process_ioctl.constprop.0+0x236/0x2b0 [ 92.532927][T10697] ? ioctl_standard_iw_point+0xc20/0xc20 [ 92.538635][T10697] wext_handle_ioctl+0x106/0x1c0 [ 92.543565][T10697] ? call_commit_handler+0x10/0x10 [ 92.548666][T10697] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 92.555530][T10697] ? tomoyo_path_number_perm+0x25e/0x520 [ 92.561158][T10697] sock_ioctl+0x47d/0x790 [ 92.565508][T10697] ? dlci_ioctl_set+0x40/0x40 [ 92.570176][T10697] ? ___might_sleep+0x163/0x2c0 [ 92.575140][T10697] ? dlci_ioctl_set+0x40/0x40 [ 92.579806][T10697] do_vfs_ioctl+0x977/0x14e0 [ 92.584518][T10697] ? compat_ioctl_preallocate+0x220/0x220 [ 92.590511][T10697] ? selinux_file_mprotect+0x620/0x620 [ 92.595974][T10697] ? __kasan_check_write+0x14/0x20 [ 92.601218][T10697] ? tomoyo_file_ioctl+0x23/0x30 [ 92.606166][T10697] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 92.612617][T10697] ? security_file_ioctl+0x8d/0xc0 [ 92.617727][T10697] ksys_ioctl+0xab/0xd0 [ 92.622073][T10697] __x64_sys_ioctl+0x73/0xb0 [ 92.626653][T10697] do_syscall_64+0xfa/0x790 [ 92.631147][T10697] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 92.637158][T10697] RIP: 0033:0x4421f9 [ 92.641134][T10697] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 92.660906][T10697] RSP: 002b:00007ffdd1fec338 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 92.669311][T10697] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004421f9 [ 92.677533][T10697] RDX: 0000000020000040 RSI: 0800000000008b24 RDI: 0000000000000003 [ 92.685494][T10697] RBP: 00007ffdd1fec350 R08: 0000000001bbbbbb R09: 0000000001bbbbbb [ 92.693453][T10697] R10: 0000000001bbbbbb R11: 0000000000000246 R12: 0000000000000000 [ 92.701455][T10697] R13: 0000000000403790 R14: 0000000000000000 R15: 0000000000000000 [ 92.709416][T10697] Modules linked in: [ 92.713297][T10697] CR2: 0000000000000000 [ 92.719183][T10697] ---[ end trace 6a1f2e36d4f92a1a ]--- [ 92.724649][T10697] RIP: 0010:0x0 [ 92.728369][T10697] Code: Bad RIP value. [ 92.732443][T10697] RSP: 0018:ffffc90001aefa78 EFLAGS: 00010246 [ 92.738614][T10697] RAX: dffffc0000000000 RBX: ffff888218104540 RCX: ffffffff876a0fd1 [ 92.746821][T10697] RDX: 1ffffffff114870c RSI: 0000000000000004 RDI: ffff888218104540 [ 92.755212][T10697] RBP: ffffc90001aefab8 R08: ffff8880a258a200 R09: ffffed1015d0703d [ 92.763267][T10697] R10: ffffed1015d0703c R11: ffff8880ae8381e3 R12: ffffffff88a436e0 [ 92.771294][T10697] R13: ffff888085299000 R14: ffffc90001aefbb0 R15: 0000000000000000 [ 92.779636][T10697] FS: 0000000002395880(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 92.789003][T10697] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.795803][T10697] CR2: ffffffffffffffd6 CR3: 00000000915b4000 CR4: 00000000001406f0 [ 92.803934][T10697] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 92.811949][T10697] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 92.820003][T10697] Kernel panic - not syncing: Fatal exception [ 92.828124][T10697] Kernel Offset: disabled [ 92.832580][T10697] Rebooting in 86400 seconds..