syzkaller login: [ 34.162924] kauditd_printk_skb: 9 callbacks suppressed [ 34.162930] audit: type=1400 audit(1577326375.024:35): avc: denied { map } for pid=6988 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [ 40.527662] audit: type=1400 audit(1577326381.394:36): avc: denied { map } for pid=6999 comm="syz-fuzzer" path="/root/syz-fuzzer" dev="sda1" ino=16480 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 42.570503] IPVS: ftp: loaded support on port[0] = 21 [ 42.952496] can: request_module (can-proto-0) failed. [ 43.992377] can: request_module (can-proto-0) failed. [ 44.176454] audit: type=1400 audit(1577326385.044:37): avc: denied { create } for pid=6999 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 [ 44.203663] audit: type=1400 audit(1577326385.064:38): avc: denied { create } for pid=6999 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 44.227325] audit: type=1400 audit(1577326385.064:39): avc: denied { create } for pid=6999 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 Warning: Permanently added '10.128.0.211' (ECDSA) to the list of known hosts. 2019/12/26 02:13:12 parsed 1 programs 2019/12/26 02:13:13 executed programs: 0 [ 52.400707] IPVS: ftp: loaded support on port[0] = 21 [ 52.400716] IPVS: ftp: loaded support on port[0] = 21 [ 52.432952] IPVS: ftp: loaded support on port[0] = 21 [ 52.479050] IPVS: ftp: loaded support on port[0] = 21 [ 52.502612] IPVS: ftp: loaded support on port[0] = 21 [ 52.512641] IPVS: ftp: loaded support on port[0] = 21 [ 52.627426] chnl_net:caif_netlink_parms(): no params data found [ 52.746718] chnl_net:caif_netlink_parms(): no params data found [ 52.755704] chnl_net:caif_netlink_parms(): no params data found [ 52.764089] chnl_net:caif_netlink_parms(): no params data found [ 52.775059] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.781441] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.789199] device bridge_slave_0 entered promiscuous mode [ 52.831816] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.838556] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.846064] device bridge_slave_1 entered promiscuous mode [ 52.903877] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 52.919367] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.928013] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.935056] device bridge_slave_0 entered promiscuous mode [ 52.951998] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.958434] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.965596] device bridge_slave_0 entered promiscuous mode [ 52.972609] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 52.980649] chnl_net:caif_netlink_parms(): no params data found [ 52.989883] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.996359] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.003170] device bridge_slave_1 entered promiscuous mode [ 53.022674] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.029118] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.036625] device bridge_slave_1 entered promiscuous mode [ 53.058487] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.068995] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.076010] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.082945] device bridge_slave_0 entered promiscuous mode [ 53.092900] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.099290] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.106940] device bridge_slave_1 entered promiscuous mode [ 53.119345] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 53.129809] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 53.137578] team0: Port device team_slave_0 added [ 53.146901] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.175165] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 53.182248] team0: Port device team_slave_1 added [ 53.190100] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 53.202237] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.211414] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 53.219343] chnl_net:caif_netlink_parms(): no params data found [ 53.238383] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 53.246331] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 53.260666] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 53.268728] team0: Port device team_slave_0 added [ 53.276466] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 53.283717] team0: Port device team_slave_0 added [ 53.293034] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 53.301436] team0: Port device team_slave_1 added [ 53.318569] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 53.326741] team0: Port device team_slave_1 added [ 53.335084] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.341440] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.348564] device bridge_slave_0 entered promiscuous mode [ 53.355604] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.361952] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.369040] device bridge_slave_1 entered promiscuous mode [ 53.377009] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 53.385355] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 53.392613] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 53.399810] team0: Port device team_slave_0 added [ 53.446515] device hsr_slave_0 entered promiscuous mode [ 53.484749] device hsr_slave_1 entered promiscuous mode [ 53.525342] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 53.548060] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 53.556021] team0: Port device team_slave_1 added [ 53.561314] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 53.568318] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 53.597394] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 53.605121] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 53.611931] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 53.624221] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.667521] device hsr_slave_0 entered promiscuous mode [ 53.704709] device hsr_slave_1 entered promiscuous mode [ 53.778954] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.785579] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.792480] device bridge_slave_0 entered promiscuous mode [ 53.835953] device hsr_slave_0 entered promiscuous mode [ 53.874707] device hsr_slave_1 entered promiscuous mode [ 53.915685] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 53.923687] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 53.930638] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 53.941103] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.947534] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.954566] device bridge_slave_1 entered promiscuous mode [ 53.970702] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 53.977770] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 54.035952] device hsr_slave_0 entered promiscuous mode [ 54.084767] device hsr_slave_1 entered promiscuous mode [ 54.164850] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 54.171818] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 54.189591] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 54.211971] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 54.219028] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 54.226556] team0: Port device team_slave_0 added [ 54.233318] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 54.251574] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 54.260262] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 54.268185] team0: Port device team_slave_1 added [ 54.273955] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 54.281544] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 54.288892] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 54.297121] team0: Port device team_slave_0 added [ 54.302890] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 54.310792] team0: Port device team_slave_1 added [ 54.317107] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 54.331021] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 54.338808] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 54.372072] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 54.418596] device hsr_slave_0 entered promiscuous mode [ 54.455330] device hsr_slave_1 entered promiscuous mode [ 54.536899] device hsr_slave_0 entered promiscuous mode [ 54.584723] device hsr_slave_1 entered promiscuous mode [ 54.625872] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 54.635067] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 54.651207] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 54.658445] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 54.678424] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 54.698968] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 54.718724] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.736123] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.744993] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 54.753290] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 54.765076] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.779971] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 54.787369] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 54.802797] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 54.810809] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.819085] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 54.828206] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 54.834801] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.843548] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 54.851854] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 54.860197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 54.867610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.874903] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 54.882643] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 54.890346] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.896851] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.904021] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 54.911213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.918491] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 54.926770] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 54.932845] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.943953] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 54.952176] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 54.961853] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.976211] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.987142] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.997075] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 55.005115] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 55.012676] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.019080] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.031063] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 55.040921] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.048623] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 55.058001] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 55.065683] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.072203] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.079386] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 55.087740] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.094626] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 55.102353] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 55.110704] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 55.119020] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.127867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 55.136118] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 55.143589] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.149981] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.157435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 55.165197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 55.171938] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.179254] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 55.187963] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 55.197401] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 55.205930] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 55.213806] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 55.222365] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.228761] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.235708] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 55.244860] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 55.253081] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 55.261817] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.268969] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 55.277902] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 55.283978] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.292297] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 55.299292] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 55.309086] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.316537] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 55.324218] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 55.333762] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.340172] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.347680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 55.357169] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 55.365914] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.374148] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 55.382733] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 55.390040] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 55.398043] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 55.406128] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.413446] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.420474] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 55.427472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.434270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 55.442179] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 55.450220] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 55.458596] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 55.468683] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 55.475942] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.483770] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 55.491060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 55.499173] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 55.507120] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.513533] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.520473] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 55.528230] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 55.535848] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 55.543491] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 55.551101] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.557509] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.565980] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 55.572815] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 55.579723] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 55.587026] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 55.596784] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 55.604745] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 55.612558] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 55.621610] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 55.629459] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 55.639243] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 55.647559] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 55.656210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 55.663864] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 55.672216] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.678610] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.685411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 55.692983] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 55.700560] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 55.708092] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 55.715666] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 55.723254] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 55.730859] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 55.738723] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 55.746276] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.752596] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.759681] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 55.766832] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 55.780665] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 55.788743] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 55.797954] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 55.806523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 55.814072] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.820443] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.827961] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 55.836030] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 55.845887] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 55.855264] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 55.862947] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 55.871028] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 55.878948] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 55.887362] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 55.895845] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 55.903895] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 55.911948] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 55.919843] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 55.927708] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 55.935526] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 55.943100] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 55.950869] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 55.958433] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 55.966257] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 55.975740] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 55.985969] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 55.995167] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 56.004053] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 56.015400] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 56.023474] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 56.032057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 56.040959] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 56.048965] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 56.056901] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 56.064502] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 56.072082] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 56.079628] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 56.087436] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 56.095018] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 56.102594] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 56.110242] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 56.118056] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 56.125785] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 56.132681] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 56.139744] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 56.148177] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 56.160395] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 56.168760] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 56.176752] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 56.182757] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 56.193624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 56.201789] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 56.209359] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 56.217078] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 56.224478] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 56.233898] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 56.242676] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 56.251139] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 56.257888] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 56.267415] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 56.280317] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 56.287406] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 56.295659] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 56.303002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 56.310686] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 56.318279] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 56.326446] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 56.335566] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 56.341607] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 56.352806] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 56.359144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 56.376158] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 56.385253] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 56.392851] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 56.403040] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 56.411866] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.422763] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 56.431811] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 56.439646] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 56.447728] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 56.455568] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 56.462938] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 56.470908] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 56.478644] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 56.489407] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 56.496037] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 56.508401] audit: type=1400 audit(1577326397.374:40): avc: denied { associate } for pid=7103 comm="syz-executor.5" name="syz5" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 56.532695] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.546250] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 56.560575] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 56.570152] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.577053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 56.587772] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 56.598927] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 56.612710] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.628090] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 56.639234] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.646736] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 56.651921] FAULT_INJECTION: forcing a failure. [ 56.651921] name failslab, interval 1, probability 0, space 0, times 1 [ 56.654581] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 56.670082] CPU: 0 PID: 7119 Comm: syz-executor.5 Not tainted 4.19.91-syzkaller #0 [ 56.680071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 56.689504] Call Trace: [ 56.692078] dump_stack+0x123/0x177 [ 56.695710] should_fail.cold.4+0x5/0x13 [ 56.699881] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 56.704970] ? lock_downgrade+0x860/0x860 [ 56.709114] __should_failslab+0xba/0xf0 [ 56.713400] should_failslab+0x9/0x14 [ 56.717803] kmem_cache_alloc_node_trace+0x26d/0x730 [ 56.722907] __kmalloc_node_track_caller+0x3c/0x70 [ 56.727829] __kmalloc_reserve.isra.39+0x2c/0xc0 [ 56.732590] __alloc_skb+0xd7/0x580 [ 56.736205] ? skb_scrub_packet+0x3c0/0x3c0 [ 56.740549] sk_stream_alloc_skb+0x9c/0x810 [ 56.744858] ? tcp_send_mss+0x1d/0x220 [ 56.748739] do_tcp_sendpages+0x749/0x1da0 [ 56.752956] ? __lock_is_held+0xb5/0x140 [ 56.757009] ? sk_stream_alloc_skb+0x810/0x810 [ 56.761576] ? __local_bh_enable_ip+0x160/0x260 [ 56.766401] ? lock_sock_nested+0xc5/0x100 [ 56.770722] ? lockdep_hardirqs_on+0x421/0x5c0 [ 56.775371] ? __local_bh_enable_ip+0x160/0x260 [ 56.780024] ? kasan_check_read+0x11/0x20 [ 56.784153] tcp_sendpage_locked+0x63/0xa0 [ 56.788371] tcp_sendpage+0x37/0x50 [ 56.792122] inet_sendpage+0x122/0x600 [ 56.796160] ? kernel_sendpage+0xd0/0xd0 [ 56.800213] kernel_sendpage+0x60/0xd0 [ 56.804085] ? lock_downgrade+0x860/0x860 [ 56.808237] ? pipe_lock+0x4f/0x60 [ 56.811783] sock_sendpage+0x6d/0xd0 [ 56.815504] pipe_to_sendpage+0x212/0x430 [ 56.819635] ? generic_pipe_buf_nosteal+0x10/0x10 [ 56.824473] __splice_from_pipe+0x2cb/0x720 [ 56.828781] ? generic_pipe_buf_nosteal+0x10/0x10 [ 56.833618] ? generic_pipe_buf_nosteal+0x10/0x10 [ 56.838448] splice_from_pipe+0xbb/0x120 [ 56.842500] ? splice_shrink_spd+0xa0/0xa0 [ 56.846874] ? rw_verify_area+0xb8/0x2b0 [ 56.850925] generic_splice_sendpage+0x10/0x20 [ 56.855524] do_splice+0x4fd/0x12d0 [ 56.859161] ? ksys_dup3+0x2e0/0x2e0 [ 56.862881] ? opipe_prep.part.13+0x320/0x320 [ 56.867361] ? __fget_light+0x174/0x1e0 [ 56.871349] __x64_sys_splice+0x248/0x300 [ 56.875483] do_syscall_64+0xd0/0x4e0 [ 56.879276] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 56.884454] RIP: 0033:0x459519 [ 56.887640] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 56.906632] RSP: 002b:00007f8322266c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 56.914932] RAX: ffffffffffffffda RBX: 00007f8322266c90 RCX: 0000000000459519 [ 56.922186] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 56.929443] RBP: 000000000075bfc8 R08: 0000000100000300 R09: 0000000000000000 [ 56.936910] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f83222676d4 [ 56.944161] R13: 00000000004c8a66 R14: 00000000004deb70 R15: 0000000000000005 [ 56.960531] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 56.984495] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 56.992051] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.009897] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 57.023285] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 57.041550] FAULT_INJECTION: forcing a failure. [ 57.041550] name failslab, interval 1, probability 0, space 0, times 0 [ 57.070331] FAULT_INJECTION: forcing a failure. [ 57.070331] name failslab, interval 1, probability 0, space 0, times 0 [ 57.100419] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 57.111584] FAULT_INJECTION: forcing a failure. [ 57.111584] name failslab, interval 1, probability 0, space 0, times 0 [ 57.122171] CPU: 1 PID: 7124 Comm: syz-executor.3 Not tainted 4.19.91-syzkaller #0 [ 57.130498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 57.139870] Call Trace: [ 57.142447] dump_stack+0x123/0x177 [ 57.146059] should_fail.cold.4+0x5/0x13 [ 57.150116] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 57.155200] ? lock_downgrade+0x860/0x860 [ 57.159331] __should_failslab+0xba/0xf0 [ 57.163372] should_failslab+0x9/0x14 [ 57.167158] __kmalloc+0x2dd/0x770 [ 57.170681] ? tls_push_record+0xf3/0x1720 [ 57.175039] ? __sk_mem_schedule+0x5f/0xc0 [ 57.179259] tls_push_record+0xf3/0x1720 [ 57.183317] ? lockdep_hardirqs_on+0x421/0x5c0 [ 57.187907] ? alloc_encrypted_sg+0x81/0x100 [ 57.192315] tls_sw_sendpage+0x458/0xc00 [ 57.196369] ? tls_sw_sendmsg+0x1020/0x1020 [ 57.200697] ? pipe_lock+0x4f/0x60 [ 57.204249] inet_sendpage+0x122/0x600 [ 57.208123] ? kernel_sendpage+0xd0/0xd0 [ 57.212169] kernel_sendpage+0x60/0xd0 [ 57.216035] ? lock_downgrade+0x860/0x860 [ 57.220175] ? pipe_lock+0x4f/0x60 [ 57.223694] sock_sendpage+0x6d/0xd0 [ 57.227389] pipe_to_sendpage+0x212/0x430 [ 57.231520] ? generic_pipe_buf_nosteal+0x10/0x10 [ 57.236342] __splice_from_pipe+0x2cb/0x720 [ 57.240643] ? generic_pipe_buf_nosteal+0x10/0x10 [ 57.245466] ? generic_pipe_buf_nosteal+0x10/0x10 [ 57.250311] splice_from_pipe+0xbb/0x120 [ 57.254898] ? splice_shrink_spd+0xa0/0xa0 [ 57.259123] ? rw_verify_area+0xb8/0x2b0 [ 57.263168] generic_splice_sendpage+0x10/0x20 [ 57.267736] do_splice+0x4fd/0x12d0 [ 57.271348] ? ksys_dup3+0x2e0/0x2e0 [ 57.275055] ? opipe_prep.part.13+0x320/0x320 [ 57.279544] ? __fget_light+0x174/0x1e0 [ 57.283508] __x64_sys_splice+0x248/0x300 [ 57.287655] do_syscall_64+0xd0/0x4e0 [ 57.291438] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 57.296606] RIP: 0033:0x459519 [ 57.299778] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 57.318662] RSP: 002b:00007f12a6e72c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 57.326365] RAX: ffffffffffffffda RBX: 00007f12a6e72c90 RCX: 0000000000459519 [ 57.333616] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 57.340871] RBP: 000000000075bf20 R08: 0000000100000300 R09: 0000000000000000 [ 57.348217] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f12a6e736d4 [ 57.355485] R13: 00000000004c8a66 R14: 00000000004deb70 R15: 0000000000000005 [ 57.371788] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.378262] CPU: 0 PID: 7133 Comm: syz-executor.1 Not tainted 4.19.91-syzkaller #0 [ 57.385983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 57.395563] Call Trace: [ 57.398140] dump_stack+0x123/0x177 [ 57.401748] should_fail.cold.4+0x5/0x13 [ 57.405790] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 57.411006] ? lock_downgrade+0x860/0x860 [ 57.415163] __should_failslab+0xba/0xf0 [ 57.419226] should_failslab+0x9/0x14 [ 57.423018] __kmalloc+0x2dd/0x770 [ 57.426552] ? tls_push_record+0xf3/0x1720 [ 57.430777] ? __sk_mem_schedule+0x5f/0xc0 [ 57.434994] tls_push_record+0xf3/0x1720 [ 57.439126] ? lockdep_hardirqs_on+0x421/0x5c0 [ 57.443691] ? alloc_encrypted_sg+0x81/0x100 [ 57.448082] tls_sw_sendpage+0x458/0xc00 [ 57.452138] ? tls_sw_sendmsg+0x1020/0x1020 [ 57.456439] ? pipe_lock+0x4f/0x60 [ 57.459964] inet_sendpage+0x122/0x600 [ 57.463844] ? kernel_sendpage+0xd0/0xd0 [ 57.467884] kernel_sendpage+0x60/0xd0 [ 57.471751] ? pipe_lock+0x4f/0x60 [ 57.475273] sock_sendpage+0x6d/0xd0 [ 57.478967] pipe_to_sendpage+0x212/0x430 [ 57.483094] ? generic_pipe_buf_nosteal+0x10/0x10 [ 57.487921] __splice_from_pipe+0x2cb/0x720 [ 57.492223] ? generic_pipe_buf_nosteal+0x10/0x10 [ 57.497046] ? generic_pipe_buf_nosteal+0x10/0x10 [ 57.501866] splice_from_pipe+0xbb/0x120 [ 57.505908] ? splice_shrink_spd+0xa0/0xa0 [ 57.510125] ? rw_verify_area+0xb8/0x2b0 [ 57.514183] generic_splice_sendpage+0x10/0x20 [ 57.518758] do_splice+0x4fd/0x12d0 [ 57.522371] ? opipe_prep.part.13+0x320/0x320 [ 57.526855] __x64_sys_splice+0x248/0x300 [ 57.531005] do_syscall_64+0xd0/0x4e0 [ 57.534802] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 57.539979] RIP: 0033:0x459519 [ 57.543186] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 57.562091] RSP: 002b:00007f5564918c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 57.569789] RAX: ffffffffffffffda RBX: 00007f5564918c90 RCX: 0000000000459519 [ 57.577055] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 57.584310] RBP: 000000000075bf20 R08: 0000000100000300 R09: 0000000000000000 [ 57.591582] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f55649196d4 [ 57.598835] R13: 00000000004c8a66 R14: 00000000004deb70 R15: 0000000000000005 [ 57.614686] FAULT_INJECTION: forcing a failure. [ 57.614686] name failslab, interval 1, probability 0, space 0, times 0 [ 57.635745] kasan: CONFIG_KASAN_INLINE enabled [ 57.640508] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 57.647988] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 57.653957] CPU: 0 PID: 7127 Comm: syz-executor.5 Not tainted 4.19.91-syzkaller #0 [ 57.654217] CPU: 1 PID: 7124 Comm: syz-executor.3 Not tainted 4.19.91-syzkaller #0 [ 57.661917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 57.661920] Call Trace: [ 57.669604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 57.678946] dump_stack+0x123/0x177 [ 57.681504] RIP: 0010:gcmaes_crypt_by_sg.constprop.16+0xf8b/0x14c0 [ 57.690837] should_fail.cold.4+0x5/0x13 [ 57.694437] Code: 85 c9 89 84 24 90 00 00 00 0f 85 de f7 ff ff e9 3d f8 ff ff 4c 89 e7 e8 d3 23 bf 01 48 8d 78 08 49 89 c4 48 89 f8 48 c1 e8 03 <42> 0f b6 04 30 84 c0 74 08 3c 03 0f 8e fb 04 00 00 41 8b 44 24 08 [ 57.700838] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 57.704874] RSP: 0018:ffff888087c972f0 EFLAGS: 00010202 [ 57.723761] ? lock_downgrade+0x860/0x860 [ 57.728838] RAX: 0000000000000001 RBX: 0000000000000034 RCX: 0000000000000007 [ 57.734184] __should_failslab+0xba/0xf0 [ 57.738305] RDX: 1ffff11011f3bedc RSI: ffff88808f9df6ec RDI: 0000000000000008 [ 57.746248] should_failslab+0x9/0x14 [ 57.750285] RBP: ffff888087c97620 R08: 0000000000000007 R09: 000000000000000d [ 57.757556] __kmalloc+0x2dd/0x770 [ 57.761345] R10: ffff8880a838e020 R11: 0000000000000010 R12: 0000000000000000 [ 57.768604] ? tls_push_record+0xf3/0x1720 [ 57.772203] R13: ffff88808f9df4d8 R14: dffffc0000000000 R15: 0000000000000007 [ 57.779455] ? __sk_mem_schedule+0x5f/0xc0 [ 57.783663] FS: 00007f12a6e73700(0000) GS:ffff8880aeb00000(0000) knlGS:0000000000000000 [ 57.790914] tls_push_record+0xf3/0x1720 [ 57.795144] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 57.803352] ? lockdep_hardirqs_on+0x421/0x5c0 [ 57.807398] CR2: 000000000075c000 CR3: 000000008e415000 CR4: 00000000001406e0 [ 57.813263] ? alloc_encrypted_sg+0x81/0x100 [ 57.817924] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 57.825173] tls_sw_sendpage+0x458/0xc00 [ 57.829555] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 57.836896] ? tls_sw_sendmsg+0x1020/0x1020 [ 57.840946] Call Trace: [ 57.848219] ? pipe_lock+0x4f/0x60 [ 57.852532] ? aesni_gcm_enc_avx2+0x130/0x130 [ 57.855113] inet_sendpage+0x122/0x600 [ 57.858748] ? mark_held_locks+0x130/0x130 [ 57.863226] ? kernel_sendpage+0xd0/0xd0 [ 57.867091] ? find_held_lock+0x36/0x1d0 [ 57.871320] kernel_sendpage+0x60/0xd0 [ 57.875360] ? is_bpf_text_address+0x60/0xe0 [ 57.879394] ? lock_downgrade+0x860/0x860 [ 57.883262] ? trace_hardirqs_on+0x28/0x190 [ 57.887643] ? pipe_lock+0x4f/0x60 [ 57.891783] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 57.896100] sock_sendpage+0x6d/0xd0 [ 57.899623] ? depot_save_stack+0x292/0x466 [ 57.904705] pipe_to_sendpage+0x212/0x430 [ 57.908410] gcmaes_encrypt.constprop.15+0x59f/0xda0 [ 57.912714] ? generic_pipe_buf_nosteal+0x10/0x10 [ 57.916850] ? tls_push_record+0xf3/0x1720 [ 57.921953] __splice_from_pipe+0x2cb/0x720 [ 57.926955] ? tls_sw_sendpage+0x458/0xc00 [ 57.931194] ? generic_pipe_buf_nosteal+0x10/0x10 [ 57.935509] ? inet_sendpage+0x122/0x600 [ 57.939720] ? generic_pipe_buf_nosteal+0x10/0x10 [ 57.944566] ? kernel_sendpage+0x60/0xd0 [ 57.948611] splice_from_pipe+0xbb/0x120 [ 57.953429] ? sock_sendpage+0x6d/0xd0 [ 57.957473] ? splice_shrink_spd+0xa0/0xa0 [ 57.961511] ? pipe_to_sendpage+0x212/0x430 [ 57.965394] ? rw_verify_area+0xb8/0x2b0 [ 57.969689] ? __splice_from_pipe+0x2cb/0x720 [ 57.973987] generic_splice_sendpage+0x10/0x20 [ 57.978041] ? splice_from_pipe+0xbb/0x120 [ 57.982514] do_splice+0x4fd/0x12d0 [ 57.987085] ? generic_splice_sendpage+0x10/0x20 [ 57.991315] ? ksys_dup3+0x2e0/0x2e0 [ 57.994914] ? do_splice+0x4fd/0x12d0 [ 57.999658] ? opipe_prep.part.13+0x320/0x320 [ 58.003348] ? __x64_sys_splice+0x248/0x300 [ 58.007125] ? __fget_light+0x174/0x1e0 [ 58.011630] ? gcmaes_crypt_by_sg.constprop.16+0x14c0/0x14c0 [ 58.015926] __x64_sys_splice+0x248/0x300 [ 58.019899] ? find_held_lock+0x36/0x1d0 [ 58.025683] do_syscall_64+0xd0/0x4e0 [ 58.029809] ? quarantine_reduce+0x14a/0x1a0 [ 58.033857] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 58.037630] ? lock_downgrade+0x860/0x860 [ 58.042015] RIP: 0033:0x459519 [ 58.047544] generic_gcmaes_encrypt+0xfd/0x150 [ 58.051680] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 58.054862] ? generic_gcmaes_encrypt+0xfd/0x150 [ 58.059418] RSP: 002b:00007f8322287c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 58.078299] ? helper_rfc4106_encrypt+0x450/0x450 [ 58.083035] RAX: ffffffffffffffda RBX: 00007f8322287c90 RCX: 0000000000459519 [ 58.090720] ? __kmalloc+0x5f1/0x770 [ 58.095537] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 58.102876] gcmaes_wrapper_encrypt+0x109/0x180 2019/12/26 02:13:19 executed programs: 7 [ 58.106585] RBP: 000000000075bf20 R08: 0000000100000300 R09: 0000000000000000 [ 58.113839] tls_push_record+0x966/0x1720 [ 58.118483] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f83222886d4 [ 58.125733] ? sk_stream_kill_queues+0x510/0x510 [ 58.129859] R13: 00000000004c8a66 R14: 00000000004deb70 R15: 0000000000000005 [ 58.137115] tls_sw_sendpage+0x458/0xc00 [ 58.153176] ? tls_sw_sendmsg+0x1020/0x1020 [ 58.157494] ? pipe_lock+0x4f/0x60 [ 58.161031] inet_sendpage+0x122/0x600 [ 58.164900] ? kernel_sendpage+0xd0/0xd0 [ 58.168952] kernel_sendpage+0x60/0xd0 [ 58.172818] ? lock_downgrade+0x860/0x860 [ 58.176948] ? pipe_lock+0x4f/0x60 [ 58.180463] sock_sendpage+0x6d/0xd0 [ 58.184152] pipe_to_sendpage+0x212/0x430 [ 58.188308] ? generic_pipe_buf_nosteal+0x10/0x10 [ 58.193154] __splice_from_pipe+0x2cb/0x720 [ 58.197482] ? generic_pipe_buf_nosteal+0x10/0x10 [ 58.202334] ? generic_pipe_buf_nosteal+0x10/0x10 [ 58.207162] splice_from_pipe+0xbb/0x120 [ 58.211225] ? splice_shrink_spd+0xa0/0xa0 [ 58.215459] ? rw_verify_area+0xb8/0x2b0 [ 58.219504] generic_splice_sendpage+0x10/0x20 [ 58.224069] do_splice+0x4fd/0x12d0 [ 58.227690] ? ksys_dup3+0x2e0/0x2e0 [ 58.231382] ? opipe_prep.part.13+0x320/0x320 [ 58.235858] ? __fget_light+0x174/0x1e0 [ 58.239824] __x64_sys_splice+0x248/0x300 [ 58.243958] do_syscall_64+0xd0/0x4e0 [ 58.247760] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 58.252948] RIP: 0033:0x459519 [ 58.256136] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 58.275044] RSP: 002b:00007f12a6e72c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 58.282747] RAX: ffffffffffffffda RBX: 00007f12a6e72c90 RCX: 0000000000459519 [ 58.289997] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 58.297260] RBP: 000000000075bf20 R08: 0000000100000300 R09: 0000000000000000 [ 58.304597] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f12a6e736d4 [ 58.311955] R13: 00000000004c8a66 R14: 00000000004deb70 R15: 0000000000000005 [ 58.319211] Modules linked in: [ 58.323179] FAULT_INJECTION: forcing a failure. [ 58.323179] name failslab, interval 1, probability 0, space 0, times 0 [ 58.323818] ---[ end trace 0dc2c269ecf1629f ]--- [ 58.337917] CPU: 0 PID: 7139 Comm: syz-executor.0 Tainted: G D 4.19.91-syzkaller #0 [ 58.339194] RIP: 0010:gcmaes_crypt_by_sg.constprop.16+0xf8b/0x14c0 [ 58.348273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 58.348276] Call Trace: [ 58.348290] dump_stack+0x123/0x177 [ 58.348298] should_fail.cold.4+0x5/0x13 [ 58.348303] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 58.348308] ? lock_downgrade+0x860/0x860 [ 58.348318] __should_failslab+0xba/0xf0 [ 58.354638] Code: 85 c9 89 84 24 90 00 00 00 0f 85 de f7 ff ff e9 3d f8 ff ff 4c 89 e7 e8 d3 23 bf 01 48 8d 78 08 49 89 c4 48 89 f8 48 c1 e8 03 <42> 0f b6 04 30 84 c0 74 08 3c 03 0f 8e fb 04 00 00 41 8b 44 24 08 [ 58.363962] should_failslab+0x9/0x14 [ 58.366547] RSP: 0018:ffff888087c972f0 EFLAGS: 00010202 [ 58.370143] kmem_cache_alloc_node_trace+0x26d/0x730 [ 58.374182] RAX: 0000000000000001 RBX: 0000000000000034 RCX: 0000000000000007 [ 58.374186] RDX: 1ffff11011f3bedc RSI: ffff88808f9df6ec RDI: 0000000000000008 [ 58.379270] __kmalloc_node_track_caller+0x3c/0x70 [ 58.379276] __kmalloc_reserve.isra.39+0x2c/0xc0 [ 58.379281] __alloc_skb+0xd7/0x580 [ 58.379286] ? skb_scrub_packet+0x3c0/0x3c0 [ 58.379292] ? __ww_mutex_lock.constprop.15+0x620/0x2fd0 [ 58.383412] RBP: ffff888087c97620 R08: 0000000000000007 R09: 000000000000000d [ 58.383415] R10: ffff8880a838e020 R11: 0000000000000010 R12: 0000000000000000 [ 58.383418] R13: ffff88808f9df4d8 R14: dffffc0000000000 R15: 0000000000000007 [ 58.387459] ? finish_task_switch+0x14a/0x720 [ 58.387463] ? finish_task_switch+0x11c/0x720 [ 58.387470] sk_stream_alloc_skb+0x9c/0x810 [ 58.387474] ? tcp_send_mss+0x1d/0x220 [ 58.406420] FS: 00007f12a6e73700(0000) GS:ffff8880aeb00000(0000) knlGS:0000000000000000 [ 58.410180] do_tcp_sendpages+0x749/0x1da0 [ 58.415577] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 58.420648] ? __lock_is_held+0xb5/0x140 [ 58.427961] CR2: 000000000075c000 CR3: 000000008e415000 CR4: 00000000001406e0 [ 58.435187] ? sk_stream_alloc_skb+0x810/0x810 [ 58.435194] ? __local_bh_enable_ip+0x160/0x260 [ 58.435199] ? lock_sock_nested+0xc5/0x100 [ 58.435204] ? lockdep_hardirqs_on+0x421/0x5c0 [ 58.435207] ? __local_bh_enable_ip+0x160/0x260 [ 58.435214] ? kasan_check_read+0x11/0x20 [ 58.435218] tcp_sendpage_locked+0x63/0xa0 [ 58.435224] tcp_sendpage+0x37/0x50 [ 58.440142] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 58.444887] inet_sendpage+0x122/0x600 [ 58.444894] ? kernel_sendpage+0xd0/0xd0 [ 58.444898] kernel_sendpage+0x60/0xd0 [ 58.444902] ? lock_downgrade+0x860/0x860 [ 58.444908] ? pipe_lock+0x4f/0x60 [ 58.448510] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 58.452811] sock_sendpage+0x6d/0xd0 [ 58.458257] Kernel panic - not syncing: Fatal exception [ 58.465496] pipe_to_sendpage+0x212/0x430 [ 58.608892] ? generic_pipe_buf_nosteal+0x10/0x10 [ 58.613738] __splice_from_pipe+0x2cb/0x720 [ 58.618051] ? generic_pipe_buf_nosteal+0x10/0x10 [ 58.622891] ? generic_pipe_buf_nosteal+0x10/0x10 [ 58.627818] splice_from_pipe+0xbb/0x120 [ 58.631863] ? splice_shrink_spd+0xa0/0xa0 [ 58.636087] ? rw_verify_area+0xb8/0x2b0 [ 58.640129] generic_splice_sendpage+0x10/0x20 [ 58.644693] do_splice+0x4fd/0x12d0 [ 58.648303] ? ksys_dup3+0x2e0/0x2e0 [ 58.651998] ? opipe_prep.part.13+0x320/0x320 [ 58.656473] ? __fget_light+0x174/0x1e0 [ 58.660427] __x64_sys_splice+0x248/0x300 [ 58.664573] do_syscall_64+0xd0/0x4e0 [ 58.668360] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 58.673533] RIP: 0033:0x459519 [ 58.676710] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 58.695605] RSP: 002b:00007f51b096bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 58.703302] RAX: ffffffffffffffda RBX: 00007f51b096bc90 RCX: 0000000000459519 [ 58.710639] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 58.717996] RBP: 000000000075bfc8 R08: 0000000100000300 R09: 0000000000000000 [ 58.725248] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f51b096c6d4 [ 58.732501] R13: 00000000004c8a66 R14: 00000000004deb70 R15: 0000000000000005 [ 58.741213] Kernel Offset: disabled [ 58.744836] Rebooting in 86400 seconds..