UBSAN: object-size-mismatch in wg_xmit IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready ================================================================================ UBSAN: object-size-mismatch in ./include/linux/skbuff.h:2048:28 member access within address ffffc90000187180 with insufficient space for an object of type 'struct sk_buff' CPU: 1 PID: 23 Comm: kworker/1:0 Not tainted 5.15.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 Workqueue: ipv6_addrconf addrconf_dad_work Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x151/0x1b7 lib/dump_stack.c:106 dump_stack+0x15/0x17 lib/dump_stack.c:113 ubsan_epilogue lib/ubsan.c:151 [inline] handle_object_size_mismatch lib/ubsan.c:232 [inline] ubsan_type_mismatch_common+0x1e9/0x390 lib/ubsan.c:245 __ubsan_handle_type_mismatch_v1+0x4b/0x60 lib/ubsan.c:274 __skb_queue_before include/linux/skbuff.h:2048 [inline] __skb_queue_tail include/linux/skbuff.h:2081 [inline] wg_xmit+0x502/0xae0 drivers/net/wireguard/device.c:182 __netdev_start_xmit include/linux/netdevice.h:4988 [inline] netdev_start_xmit+0x8a/0x160 include/linux/netdevice.h:5002 xmit_one net/core/dev.c:3582 [inline] dev_hard_start_xmit+0x18d/0x2f0 net/core/dev.c:3598 __dev_queue_xmit+0x1138/0x1d10 net/core/dev.c:4209 dev_queue_xmit+0x17/0x20 net/core/dev.c:4242 neigh_connected_output+0x288/0x2b0 net/core/neighbour.c:1521 neigh_output include/net/neighbour.h:510 [inline] ip6_finish_output2+0xb03/0x1080 net/ipv6/ip6_output.c:126 __ip6_finish_output+0x3e6/0x530 net/ipv6/ip6_output.c:191 ip6_finish_output+0x20b/0x220 net/ipv6/ip6_output.c:201 NF_HOOK_COND include/linux/netfilter.h:296 [inline] ip6_output+0x1f8/0x4a0 net/ipv6/ip6_output.c:224 dst_output include/net/dst.h:450 [inline] NF_HOOK+0xdd/0x280 include/linux/netfilter.h:307 ndisc_send_skb+0x697/0xa60 net/ipv6/ndisc.c:508 ndisc_send_rs+0x26c/0x360 net/ipv6/ndisc.c:702 addrconf_dad_completed+0x543/0xa70 net/ipv6/addrconf.c:4211 addrconf_dad_work+0xbdf/0x1440 process_one_work+0x405/0x6c0 kernel/workqueue.c:2297 worker_thread+0x6fd/0xa80 kernel/workqueue.c:2444 kthread+0x34c/0x420 kernel/kthread.c:319 ret_from_fork+0x1f/0x30 ================================================================================ ================================================================================ UBSAN: object-size-mismatch in ./include/linux/skbuff.h:1941:2 member access within address ffffc90000187180 with insufficient space for an object of type 'struct sk_buff' CPU: 1 PID: 23 Comm: kworker/1:0 Not tainted 5.15.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 Workqueue: ipv6_addrconf addrconf_dad_work Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x151/0x1b7 lib/dump_stack.c:106 dump_stack+0x15/0x17 lib/dump_stack.c:113 ubsan_epilogue lib/ubsan.c:151 [inline] handle_object_size_mismatch lib/ubsan.c:232 [inline] ubsan_type_mismatch_common+0x1e9/0x390 lib/ubsan.c:245 __ubsan_handle_type_mismatch_v1+0x4b/0x60 lib/ubsan.c:274 __skb_insert include/linux/skbuff.h:1941 [inline] __skb_queue_before include/linux/skbuff.h:2048 [inline] __skb_queue_tail include/linux/skbuff.h:2081 [inline] wg_xmit+0x573/0xae0 drivers/net/wireguard/device.c:182 __netdev_start_xmit include/linux/netdevice.h:4988 [inline] netdev_start_xmit+0x8a/0x160 include/linux/netdevice.h:5002 xmit_one net/core/dev.c:3582 [inline] dev_hard_start_xmit+0x18d/0x2f0 net/core/dev.c:3598 __dev_queue_xmit+0x1138/0x1d10 net/core/dev.c:4209 dev_queue_xmit+0x17/0x20 net/core/dev.c:4242 neigh_connected_output+0x288/0x2b0 net/core/neighbour.c:1521 neigh_output include/net/neighbour.h:510 [inline] ip6_finish_output2+0xb03/0x1080 net/ipv6/ip6_output.c:126 __ip6_finish_output+0x3e6/0x530 net/ipv6/ip6_output.c:191 ip6_finish_output+0x20b/0x220 net/ipv6/ip6_output.c:201 NF_HOOK_COND include/linux/netfilter.h:296 [inline] ip6_output+0x1f8/0x4a0 net/ipv6/ip6_output.c:224 dst_output include/net/dst.h:450 [inline] NF_HOOK+0xdd/0x280 include/linux/netfilter.h:307 ndisc_send_skb+0x697/0xa60 net/ipv6/ndisc.c:508 ndisc_send_rs+0x26c/0x360 net/ipv6/ndisc.c:702 addrconf_dad_completed+0x543/0xa70 net/ipv6/addrconf.c:4211 addrconf_dad_work+0xbdf/0x1440 process_one_work+0x405/0x6c0 kernel/workqueue.c:2297 worker_thread+0x6fd/0xa80 kernel/workqueue.c:2444 kthread+0x34c/0x420 kernel/kthread.c:319 ret_from_fork+0x1f/0x30 ================================================================================ [ 2.848344][ T28] audit: type=1400 audit(1669604259.070:10): avc: denied { getattr } for pid=164 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 2.941142][ T181] udevd[181]: starting version 3.2.10 [ 2.968531][ T182] udevd[182]: starting eudev-3.2.10 [ 2.970460][ T181] udevd (181) used greatest stack depth: 24008 bytes left [ 3.909228][ T286] sshd (286) used greatest stack depth: 23816 bytes left [ 15.731490][ T28] kauditd_printk_skb: 49 callbacks suppressed [ 15.731500][ T28] audit: type=1400 audit(1669604271.990:60): avc: denied { transition } for pid=378 comm="sshd" path="/bin/sh" dev="sda1" ino=73 scontext=system_u:system_r:initrc_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 15.739310][ T28] audit: type=1400 audit(1669604272.000:61): avc: denied { write } for pid=378 comm="sh" path="pipe:[12355]" dev="pipefs" ino=12355 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1 [ 16.075027][ T383] dhcpcd-run-hook (383) used greatest stack depth: 23592 bytes left [ 16.814876][ T381] scp (381) used greatest stack depth: 23304 bytes left Warning: Permanently added '10.128.0.204' (ECDSA) to the list of known hosts. 2022/11/28 02:57:58 fuzzer started 2022/11/28 02:57:58 connecting to host at 10.128.0.163:43787 2022/11/28 02:57:58 checking machine... 2022/11/28 02:57:58 checking revisions... 2022/11/28 02:57:58 testing simple program... [ 22.610522][ T28] audit: type=1400 audit(1669604278.870:62): avc: denied { integrity } for pid=415 comm="syz-fuzzer" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1 [ 22.632717][ T28] audit: type=1400 audit(1669604278.870:63): avc: denied { getattr } for pid=415 comm="syz-fuzzer" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 22.637675][ T423] cgroup: Unknown subsys name 'net' [ 22.655900][ T28] audit: type=1400 audit(1669604278.870:64): avc: denied { read } for pid=415 comm="syz-fuzzer" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 22.681518][ T28] audit: type=1400 audit(1669604278.870:65): avc: denied { open } for pid=415 comm="syz-fuzzer" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 22.681676][ T423] cgroup: Unknown subsys name 'devices' [ 22.704351][ T28] audit: type=1400 audit(1669604278.880:66): avc: denied { read } for pid=415 comm="syz-fuzzer" name="raw-gadget" dev="devtmpfs" ino=161 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 22.732208][ T28] audit: type=1400 audit(1669604278.880:67): avc: denied { open } for pid=415 comm="syz-fuzzer" path="/dev/raw-gadget" dev="devtmpfs" ino=161 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 22.755684][ T28] audit: type=1400 audit(1669604278.890:68): avc: denied { mounton } for pid=423 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1136 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 22.778299][ T28] audit: type=1400 audit(1669604278.890:69): avc: denied { mount } for pid=423 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 22.800264][ T28] audit: type=1400 audit(1669604278.920:70): avc: denied { unmount } for pid=423 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 22.919711][ T423] cgroup: Unknown subsys name 'hugetlb' [ 22.925209][ T423] cgroup: Unknown subsys name 'rlimit' [ 22.998959][ T28] audit: type=1400 audit(1669604279.260:71): avc: denied { setattr } for pid=423 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=161 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 23.065634][ T426] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.072605][ T426] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.079806][ T426] device bridge_slave_0 entered promiscuous mode [ 23.086443][ T426] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.093833][ T426] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.101044][ T426] device bridge_slave_1 entered promiscuous mode [ 23.133962][ T426] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.140828][ T426] bridge0: port 2(bridge_slave_1) entered forwarding state [ 23.147932][ T426] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.154713][ T426] bridge0: port 1(bridge_slave_0) entered forwarding state [ 23.169999][ T211] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.176981][ T211] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.184105][ T211] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 23.191662][ T211] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 23.200624][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 23.208682][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.215533][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 23.223996][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 23.231962][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.238823][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 23.249741][ T211] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 23.263580][ T426] device veth0_vlan entered promiscuous mode [ 23.269695][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 23.277793][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 23.285565][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 23.292731][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 23.300033][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 23.311156][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 23.319646][ T426] device veth1_macvtap entered promiscuous mode [ 23.327775][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 23.337282][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 23.347222][ T23] ================================================================================ [ 23.356339][ T23] UBSAN: object-size-mismatch in ./include/linux/skbuff.h:2048:28 [ 23.365459][ T23] member access within address ffffc90000187180 with insufficient space [ 23.373597][ T23] for an object of type 'struct sk_buff' [ 23.379074][ T23] CPU: 1 PID: 23 Comm: kworker/1:0 Not tainted 5.15.0-syzkaller #0 [ 23.386776][ T23] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 23.396768][ T23] Workqueue: ipv6_addrconf addrconf_dad_work [ 23.402573][ T23] Call Trace: [ 23.405704][ T23] dump_stack_lvl+0x151/0x1b7 [ 23.410217][ T23] ? bfq_pos_tree_add_move+0x439/0x439 [ 23.415514][ T23] ? lookup+0x388/0x3d0 [ 23.419502][ T23] dump_stack+0x15/0x17 [ 23.423491][ T23] ubsan_type_mismatch_common+0x1e9/0x390 [ 23.429109][ T23] __ubsan_handle_type_mismatch_v1+0x4b/0x60 [ 23.435122][ T23] wg_xmit+0x502/0xae0 [ 23.439028][ T23] ? wg_stop+0x140/0x140 [ 23.443107][ T23] netdev_start_xmit+0x8a/0x160 [ 23.447792][ T23] dev_hard_start_xmit+0x18d/0x2f0 [ 23.452752][ T23] __dev_queue_xmit+0x1138/0x1d10 [ 23.457614][ T23] ? dev_queue_xmit+0x20/0x20 [ 23.462118][ T23] ? __kasan_check_write+0x14/0x20 [ 23.467084][ T23] ? _raw_write_lock_bh+0xa3/0x170 [ 23.472019][ T23] ? _raw_write_lock_irq+0x170/0x170 [ 23.477137][ T23] ? __kasan_check_write+0x14/0x20 [ 23.482084][ T23] ? ndisc_constructor+0x653/0x850 [ 23.487027][ T23] ? __local_bh_enable_ip+0x58/0x80 [ 23.492061][ T23] ? _raw_write_unlock_bh+0x31/0x47 [ 23.497099][ T23] ? dev_hard_header+0xdb/0xf0 [ 23.501708][ T23] dev_queue_xmit+0x17/0x20 [ 23.506042][ T23] neigh_connected_output+0x288/0x2b0 [ 23.511265][ T23] ip6_finish_output2+0xb03/0x1080 [ 23.516197][ T23] ? __ip6_finish_output+0x530/0x530 [ 23.521315][ T23] ? ip6_mtu+0xd8/0x120 [ 23.525315][ T23] ? ip6_skb_dst_mtu+0xaf/0x260 [ 23.529999][ T23] __ip6_finish_output+0x3e6/0x530 [ 23.534945][ T23] ip6_finish_output+0x20b/0x220 [ 23.539718][ T23] ? ip6_output+0x1d3/0x4a0 [ 23.544056][ T23] ip6_output+0x1f8/0x4a0 [ 23.548222][ T23] ? xfrm_pols_put+0x102/0x110 [ 23.552827][ T23] ? ac6_get_next+0x2a0/0x2a0 [ 23.557336][ T23] ? ip6_dst_idev+0x40/0x40 [ 23.561677][ T23] ? selinux_ipv6_forward+0x50/0x50 [ 23.566713][ T23] NF_HOOK+0xdd/0x280 [ 23.570533][ T23] ? addrconf_addr_solict_mult+0xe0/0xe0 [ 23.576308][ T23] ? NF_HOOK+0x280/0x280 [ 23.580454][ T23] ? xfrm_lookup+0x38/0x50 [ 23.584710][ T23] ? ndisc_send_skb+0x598/0xa60 [ 23.589396][ T23] ? memcpy+0x56/0x70 [ 23.593212][ T23] ndisc_send_skb+0x697/0xa60 [ 23.597726][ T23] ? ndisc_fill_addr_option+0x320/0x320 [ 23.603109][ T23] ? __kasan_check_write+0x14/0x20 [ 23.608067][ T23] ? skb_set_owner_w+0x1b8/0x330 [ 23.612830][ T23] ? skb_put+0x119/0x200 [ 23.616913][ T23] ndisc_send_rs+0x26c/0x360 [ 23.621431][ T23] addrconf_dad_completed+0x543/0xa70 [ 23.626628][ T23] ? addrconf_dad_stop+0x480/0x480 [ 23.631577][ T23] addrconf_dad_work+0xbdf/0x1440 [ 23.636440][ T23] ? INIT_LIST_HEAD+0x60/0x60 [ 23.640953][ T23] ? do_raw_spin_lock+0x99/0x170 [ 23.645724][ T23] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 23.650847][ T23] ? check_lifetime+0xa73/0xa90 [ 23.655533][ T23] ? __kasan_check_write+0x14/0x20 [ 23.660485][ T23] process_one_work+0x405/0x6c0 [ 23.665187][ T23] worker_thread+0x6fd/0xa80 [ 23.669600][ T23] kthread+0x34c/0x420 [ 23.673501][ T23] ? pr_cont_work+0x110/0x110 [ 23.678109][ T23] ? __list_add+0xc0/0xc0 [ 23.682268][ T23] ret_from_fork+0x1f/0x30 [ 23.686550][ T23] ================================================================================ [ 23.695655][ T23] ================================================================================ [ 23.704771][ T23] UBSAN: object-size-mismatch in ./include/linux/skbuff.h:1941:2 [ 23.712508][ T23] member access within address ffffc90000187180 with insufficient space [ 23.720679][ T23] for an object of type 'struct sk_buff' [ 23.726122][ T23] CPU: 1 PID: 23 Comm: kworker/1:0 Not tainted 5.15.0-syzkaller #0 [ 23.733855][ T23] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 23.743747][ T23] Workqueue: ipv6_addrconf addrconf_dad_work [ 23.749559][ T23] Call Trace: [ 23.752692][ T23] dump_stack_lvl+0x151/0x1b7 [ 23.757197][ T23] ? bfq_pos_tree_add_move+0x439/0x439 [ 23.762491][ T23] ? lookup+0x388/0x3d0 [ 23.766486][ T23] dump_stack+0x15/0x17 [ 23.770478][ T23] ubsan_type_mismatch_common+0x1e9/0x390 [ 23.776053][ T23] __ubsan_handle_type_mismatch_v1+0x4b/0x60 [ 23.781868][ T23] wg_xmit+0x573/0xae0 [ 23.785755][ T23] ? wg_stop+0x140/0x140 [ 23.789837][ T23] netdev_start_xmit+0x8a/0x160 [ 23.794579][ T23] dev_hard_start_xmit+0x18d/0x2f0 [ 23.799562][ T23] __dev_queue_xmit+0x1138/0x1d10 [ 23.804418][ T23] ? dev_queue_xmit+0x20/0x20 [ 23.808938][ T23] ? __kasan_check_write+0x14/0x20 [ 23.813895][ T23] ? _raw_write_lock_bh+0xa3/0x170 [ 23.818834][ T23] ? _raw_write_lock_irq+0x170/0x170 [ 23.823946][ T23] ? __kasan_check_write+0x14/0x20 [ 23.828894][ T23] ? ndisc_constructor+0x653/0x850 [ 23.833936][ T23] ? __local_bh_enable_ip+0x58/0x80 [ 23.838964][ T23] ? _raw_write_unlock_bh+0x31/0x47 [ 23.844007][ T23] ? dev_hard_header+0xdb/0xf0 [ 23.848614][ T23] dev_queue_xmit+0x17/0x20 [ 23.852940][ T23] neigh_connected_output+0x288/0x2b0 [ 23.858294][ T23] ip6_finish_output2+0xb03/0x1080 [ 23.863239][ T23] ? __ip6_finish_output+0x530/0x530 [ 23.868358][ T23] ? ip6_mtu+0xd8/0x120 [ 23.872347][ T23] ? ip6_skb_dst_mtu+0xaf/0x260 [ 23.877035][ T23] __ip6_finish_output+0x3e6/0x530 [ 23.882133][ T23] ip6_finish_output+0x20b/0x220 [ 23.886912][ T23] ? ip6_output+0x1d3/0x4a0 [ 23.891242][ T23] ip6_output+0x1f8/0x4a0 [ 23.895502][ T23] ? xfrm_pols_put+0x102/0x110 [ 23.900099][ T23] ? ac6_get_next+0x2a0/0x2a0 [ 23.904698][ T23] ? ip6_dst_idev+0x40/0x40 [ 23.909038][ T23] ? selinux_ipv6_forward+0x50/0x50 [ 23.914090][ T23] NF_HOOK+0xdd/0x280 [ 23.917905][ T23] ? addrconf_addr_solict_mult+0xe0/0xe0 [ 23.923373][ T23] ? NF_HOOK+0x280/0x280 [ 23.927437][ T23] ? xfrm_lookup+0x38/0x50 [ 23.931689][ T23] ? ndisc_send_skb+0x598/0xa60 [ 23.936378][ T23] ? memcpy+0x56/0x70 [ 23.940197][ T23] ndisc_send_skb+0x697/0xa60 [ 23.944718][ T23] ? ndisc_fill_addr_option+0x320/0x320 [ 23.950144][ T23] ? __kasan_check_write+0x14/0x20 [ 23.955042][ T23] ? skb_set_owner_w+0x1b8/0x330 [ 23.959819][ T23] ? skb_put+0x119/0x200 [ 23.963892][ T23] ndisc_send_rs+0x26c/0x360 [ 23.968350][ T23] addrconf_dad_completed+0x543/0xa70 [ 23.973531][ T23] ? addrconf_dad_stop+0x480/0x480 [ 23.978485][ T23] addrconf_dad_work+0xbdf/0x1440 [ 23.983466][ T23] ? INIT_LIST_HEAD+0x60/0x60 [ 23.987967][ T23] ? do_raw_spin_lock+0x99/0x170 [ 23.992748][ T23] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 23.997857][ T23] ? check_lifetime+0xa73/0xa90 [ 24.002546][ T23] ? __kasan_check_write+0x14/0x20 [ 24.007491][ T23] process_one_work+0x405/0x6c0 [ 24.012180][ T23] worker_thread+0x6fd/0xa80 [ 24.016605][ T23] kthread+0x34c/0x420 [ 24.020525][ T23] ? pr_cont_work+0x110/0x110 [ 24.025027][ T23] ? __list_add+0xc0/0xc0 [ 24.029194][ T23] ret_from_fork+0x1f/0x30 2022/11/28 02:58:00 building call list... [ 24.033492][ T23] ================================================================================ [ 24.105357][ T426] syz-executor.0 (426) used greatest stack depth: 21544 bytes left [ 24.548644][ T212] device bridge_slave_1 left promiscuous mode [ 24.554683][ T212] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.562555][ T212] device bridge_slave_0 left promiscuous mode [ 24.568762][ T212] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.579257][ T212] device veth1_macvtap left promiscuous mode [ 24.585098][ T212] device veth0_vlan left promiscuous mode syzkaller build log: go env (err=) GO111MODULE="auto" GOARCH="amd64" GOBIN="" GOCACHE="/syzkaller/.cache/go-build" GOENV="/syzkaller/.config/go/env" GOEXE="" GOEXPERIMENT="" GOFLAGS="" GOHOSTARCH="amd64" GOHOSTOS="linux" GOINSECURE="" GOMODCACHE="/syzkaller/jobs/linux/gopath/pkg/mod" GONOPROXY="" GONOSUMDB="" GOOS="linux" GOPATH="/syzkaller/jobs/linux/gopath" GOPRIVATE="" GOPROXY="https://proxy.golang.org,direct" GOROOT="/usr/local/go" GOSUMDB="sum.golang.org" GOTMPDIR="" GOTOOLDIR="/usr/local/go/pkg/tool/linux_amd64" GOVCS="" GOVERSION="go1.17" GCCGO="gccgo" AR="ar" CC="gcc" CXX="g++" CGO_ENABLED="1" GOMOD="/syzkaller/jobs/linux/gopath/src/github.com/google/syzkaller/go.mod" CGO_CFLAGS="-g -O2" CGO_CPPFLAGS="" CGO_CXXFLAGS="-g -O2" CGO_FFLAGS="-g -O2" CGO_LDFLAGS="-g -O2" PKG_CONFIG="pkg-config" GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build2562808356=/tmp/go-build -gno-record-gcc-switches" git status (err=) HEAD detached at 9da37ae85 nothing to commit, working tree clean tput: No value for $TERM and no -T specified tput: No value for $TERM and no -T specified Makefile:32: run command via tools/syz-env for best compatibility, see: Makefile:33: https://github.com/google/syzkaller/blob/master/docs/contributing.md#using-syz-env go list -f '{{.Stale}}' ./sys/syz-sysgen | grep -q false || go install ./sys/syz-sysgen make .descriptions tput: No value for $TERM and no -T specified tput: No value for $TERM and no -T specified bin/syz-sysgen touch .descriptions GOOS=linux GOARCH=amd64 go build "-ldflags=-s -w -X github.com/google/syzkaller/prog.GitRevision=9da37ae85383e0dda5fc114ec808909f72fe038d -X 'github.com/google/syzkaller/prog.gitRevisionDate=20221122-120757'" "-tags=syz_target syz_os_linux syz_arch_amd64 " -o ./bin/linux_amd64/syz-fuzzer github.com/google/syzkaller/syz-fuzzer GOOS=linux GOARCH=amd64 go build "-ldflags=-s -w -X github.com/google/syzkaller/prog.GitRevision=9da37ae85383e0dda5fc114ec808909f72fe038d -X 'github.com/google/syzkaller/prog.gitRevisionDate=20221122-120757'" "-tags=syz_target syz_os_linux syz_arch_amd64 " -o ./bin/linux_amd64/syz-execprog github.com/google/syzkaller/tools/syz-execprog GOOS=linux GOARCH=amd64 go build "-ldflags=-s -w -X github.com/google/syzkaller/prog.GitRevision=9da37ae85383e0dda5fc114ec808909f72fe038d -X 'github.com/google/syzkaller/prog.gitRevisionDate=20221122-120757'" "-tags=syz_target syz_os_linux syz_arch_amd64 " -o ./bin/linux_amd64/syz-stress github.com/google/syzkaller/tools/syz-stress mkdir -p ./bin/linux_amd64 gcc -o ./bin/linux_amd64/syz-executor executor/executor.cc \ -m64 -O2 -pthread -Wall -Werror -Wparentheses -Wunused-const-variable -Wframe-larger-than=16384 -Wno-stringop-overflow -Wno-array-bounds -Wno-format-overflow -static-pie -fpermissive -w -DGOOS_linux=1 -DGOARCH_amd64=1 \ -DHOSTGOOS_linux=1 -DGIT_REVISION=\"9da37ae85383e0dda5fc114ec808909f72fe038d\"