syzkaller login: [ 50.140800] kauditd_printk_skb: 2 callbacks suppressed [ 50.140807] audit: type=1400 audit(1577273098.117:36): avc: denied { map } for pid=7796 comm="syz-fuzzer" path="/root/syz-fuzzer" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 51.480214] IPVS: ftp: loaded support on port[0] = 21 [ 52.113383] can: request_module (can-proto-0) failed. [ 52.124085] can: request_module (can-proto-0) failed. [ 52.134480] can: request_module (can-proto-0) failed. [ 52.352789] audit: type=1400 audit(1577273100.327:37): avc: denied { create } for pid=7796 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 [ 52.376404] audit: type=1400 audit(1577273100.327:38): avc: denied { create } for pid=7796 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 52.400117] audit: type=1400 audit(1577273100.327:39): avc: denied { create } for pid=7796 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 Warning: Permanently added '10.128.1.45' (ECDSA) to the list of known hosts. 2019/12/25 11:25:07 parsed 1 programs 2019/12/25 11:25:07 executed programs: 0 [ 59.960184] audit: type=1400 audit(1577273107.927:40): avc: denied { map } for pid=7869 comm="syz-execprog" path="/root/syzkaller-shm586984936" dev="sda1" ino=16493 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 [ 60.006424] IPv6: ADDRCONF(NETDEV_CHANGE): nr2: link becomes ready [ 60.025307] IPv6: ADDRCONF(NETDEV_CHANGE): nr5: link becomes ready [ 60.026927] IPv6: ADDRCONF(NETDEV_CHANGE): nr0: link becomes ready [ 60.028902] IPv6: ADDRCONF(NETDEV_CHANGE): nr1: link becomes ready [ 60.039896] IPv6: ADDRCONF(NETDEV_CHANGE): nr3: link becomes ready [ 60.042327] IPv6: ADDRCONF(NETDEV_CHANGE): nr4: link becomes ready [ 60.780201] IPVS: ftp: loaded support on port[0] = 21 [ 61.114225] IPVS: ftp: loaded support on port[0] = 21 [ 61.115420] chnl_net:caif_netlink_parms(): no params data found [ 61.200258] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.207044] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.214703] device bridge_slave_0 entered promiscuous mode [ 61.223041] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.229434] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.236481] device bridge_slave_1 entered promiscuous mode [ 61.254730] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 61.267295] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 61.303941] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 61.311396] team0: Port device team_slave_0 added [ 61.319416] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 61.326614] team0: Port device team_slave_1 added [ 61.334511] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 61.344800] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 61.392595] IPVS: ftp: loaded support on port[0] = 21 [ 61.412536] device hsr_slave_0 entered promiscuous mode [ 61.450249] device hsr_slave_1 entered promiscuous mode [ 61.491018] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 61.503092] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 61.575540] chnl_net:caif_netlink_parms(): no params data found [ 61.597696] IPVS: ftp: loaded support on port[0] = 21 [ 61.618635] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.625300] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.632277] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.638643] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.716364] chnl_net:caif_netlink_parms(): no params data found [ 61.775714] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.782894] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.789901] device bridge_slave_0 entered promiscuous mode [ 61.797289] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.806010] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.816138] IPVS: ftp: loaded support on port[0] = 21 [ 61.816295] device bridge_slave_1 entered promiscuous mode [ 61.904316] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.913096] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.920366] device bridge_slave_0 entered promiscuous mode [ 61.934796] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 61.959710] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.966661] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.973664] device bridge_slave_1 entered promiscuous mode [ 61.996638] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 62.027148] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 62.037565] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 62.049245] chnl_net:caif_netlink_parms(): no params data found [ 62.077243] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 62.084482] team0: Port device team_slave_0 added [ 62.095692] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 62.103107] team0: Port device team_slave_1 added [ 62.141174] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 62.148549] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 62.156727] team0: Port device team_slave_0 added [ 62.168412] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.175895] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 62.185965] IPVS: ftp: loaded support on port[0] = 21 [ 62.195901] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.213407] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.222802] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 62.229890] team0: Port device team_slave_1 added [ 62.236426] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 62.272915] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 62.283506] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 62.383960] device hsr_slave_0 entered promiscuous mode [ 62.430243] device hsr_slave_1 entered promiscuous mode [ 62.582576] device hsr_slave_0 entered promiscuous mode [ 62.630384] device hsr_slave_1 entered promiscuous mode [ 62.694924] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 62.705308] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 62.719214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.728154] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 62.734397] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.747598] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 62.757491] chnl_net:caif_netlink_parms(): no params data found [ 62.786865] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 62.806073] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.813070] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.819917] device bridge_slave_0 entered promiscuous mode [ 62.839739] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 62.848767] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 62.865428] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.871839] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.884712] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 62.891889] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.898239] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.905827] device bridge_slave_1 entered promiscuous mode [ 62.927710] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 62.948971] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 62.958036] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 62.965926] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.972325] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.022445] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.028826] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.036461] device bridge_slave_0 entered promiscuous mode [ 63.110748] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.117153] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.124270] device bridge_slave_1 entered promiscuous mode [ 63.143775] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 63.154179] team0: Port device team_slave_0 added [ 63.162144] chnl_net:caif_netlink_parms(): no params data found [ 63.191949] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 63.199020] team0: Port device team_slave_1 added [ 63.204831] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 63.216456] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 63.226764] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 63.236311] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 63.244638] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 63.262850] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 63.272569] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 63.308666] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 63.320275] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 63.331427] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 63.412696] device hsr_slave_0 entered promiscuous mode [ 63.450304] device hsr_slave_1 entered promiscuous mode [ 63.510761] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 63.519410] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 63.527855] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 63.535637] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 63.543192] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 63.551969] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.577616] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 63.587997] team0: Port device team_slave_0 added [ 63.599359] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 63.623779] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.637848] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 63.650753] team0: Port device team_slave_1 added [ 63.656578] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 63.666996] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 63.676693] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 63.688252] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 63.754720] device hsr_slave_0 entered promiscuous mode [ 63.810458] device hsr_slave_1 entered promiscuous mode [ 63.866818] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 63.878044] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.887727] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 63.900671] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.922893] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 63.939256] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.948540] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 63.954918] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.974297] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.981421] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.988299] device bridge_slave_0 entered promiscuous mode [ 63.996798] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.003297] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.011180] device bridge_slave_1 entered promiscuous mode [ 64.019215] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 64.027585] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.034007] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.041342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 64.049043] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.055433] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.062442] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 64.094158] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 64.104087] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.112469] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 64.120742] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 64.128335] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.134980] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.174772] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 64.184339] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 64.192014] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 64.199573] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 64.207493] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 64.215287] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.221683] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.251502] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.259161] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 64.291235] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 64.297897] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 64.306412] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 64.316376] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 64.335777] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 64.354107] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 64.360960] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.367113] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 64.374233] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 64.382422] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 64.399148] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 64.407149] team0: Port device team_slave_0 added [ 64.429269] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 64.447741] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 64.456258] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.462723] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.471020] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 64.478801] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.485215] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.493834] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 64.501965] team0: Port device team_slave_1 added [ 64.511821] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 64.533656] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 64.543653] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 64.558514] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 64.654934] device hsr_slave_0 entered promiscuous mode [ 64.720247] device hsr_slave_1 entered promiscuous mode [ 64.763206] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 64.795631] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 64.807127] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 64.845635] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.894315] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 64.905920] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 64.923620] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 64.941065] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 64.969895] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 64.982768] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 65.018028] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.058516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 65.076463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 65.103104] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 65.113832] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.153572] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.181043] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 65.189876] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.196312] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.248538] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 65.262336] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 65.280231] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.286594] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.326282] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.371591] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 65.408688] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 65.421110] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 65.448439] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 65.470723] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.492325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 65.499345] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 65.530619] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 65.538054] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 65.559110] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.565572] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.574199] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 65.585264] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.591690] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.605079] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 65.624319] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 65.653385] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 65.689967] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.718968] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 65.728362] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 65.740815] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 65.777522] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 65.811943] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 65.833884] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 66.037174] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.187086] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 284.640416] INFO: task syz-executor.0:7972 blocked for more than 140 seconds. [ 284.648174] Not tainted 4.14.0-rc4-syzkaller #0 [ 284.656876] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 284.665262] syz-executor.0 D25080 7972 7893 0x00000004 [ 284.675240] Call Trace: [ 284.677890] __schedule+0x821/0x1fe0 [ 284.682236] ? find_held_lock+0x3a/0x1d0 [ 284.686316] ? __sched_text_start+0x8/0x8 [ 284.690786] ? lock_downgrade+0x830/0x830 [ 284.694935] ? lock_acquire+0x1e5/0x540 [ 284.698906] ? __mutex_init+0x280/0x280 [ 284.703201] ? copy_trace+0x140/0x140 [ 284.707009] ? rcu_read_lock_bh_held+0xc0/0xc0 [ 284.711895] ? find_held_lock+0x3a/0x1d0 [ 284.715975] schedule+0xf6/0x440 [ 284.719344] ? __mutex_lock+0xf2d/0x19c0 [ 284.723821] ? __schedule+0x1fe0/0x1fe0 [ 284.728323] ? lock_release+0xdc0/0xdc0 [ 284.733352] ? do_raw_spin_unlock+0x1ec/0x2d0 [ 284.737853] ? do_raw_spin_trylock+0x190/0x190 [ 284.742731] ? debug_mutex_free_waiter+0x190/0x190 [ 284.747661] ? mutex_destroy+0x1c0/0x1c0 [ 284.752034] schedule_preempt_disabled+0x13/0x20 [ 284.756791] __mutex_lock+0xe0e/0x19c0 [ 284.760965] ? __lock_acquire+0x1511/0x41b0 [ 284.765345] ? hashlimit_mt_check_common.isra.10+0x296/0x12b0 [ 284.771523] ? mutex_trylock+0x2b0/0x2b0 [ 284.775582] ? copy_trace+0x140/0x140 [ 284.779382] ? copy_trace+0x140/0x140 [ 284.783467] ? debug_check_no_locks_freed+0x310/0x310 [ 284.788662] ? pcpu_alloc+0x868/0x1180 [ 284.793345] ? __lock_is_held+0xb8/0x140 [ 284.797408] ? lock_acquire+0x1e5/0x540 [ 284.801765] ? xt_find_match+0x39/0x190 [ 284.805746] ? lock_release+0xdc0/0xdc0 [ 284.809723] ? check_same_owner+0x320/0x320 [ 284.814348] ? copy_trace+0x140/0x140 [ 284.818148] ? __unwind_start+0x16b/0x340 [ 284.822657] ? xt_find_match+0x39/0x190 [ 284.826634] ? xt_find_match+0x39/0x190 [ 284.830897] ? __mutex_lock+0x90b/0x19c0 [ 284.834961] ? copy_trace+0x140/0x140 [ 284.838759] ? xt_find_match+0x39/0x190 [ 284.843170] ? mutex_trylock+0x2b0/0x2b0 [ 284.847237] ? pcpu_alloc+0x169/0x1180 [ 284.851393] mutex_lock_nested+0x16/0x20 [ 284.855452] ? mutex_lock_nested+0x16/0x20 [ 284.859681] hashlimit_mt_check_common.isra.10+0x296/0x12b0 [ 284.866491] ? hashlimit_net_exit+0x3c0/0x3c0 [ 284.871338] ? rcu_read_lock_sched_held+0x108/0x120 [ 284.876356] ? pcpu_alloc+0xdf9/0x1180 [ 284.880560] ? rcu_is_watching+0x61/0x170 [ 284.884851] ? pcpu_balance_workfn+0x1400/0x1400 [ 284.889613] hashlimit_mt_check_v2+0x48e/0x6f0 [ 284.894572] ? __kernel_text_address+0xd/0x40 [ 284.899095] ? hashlimit_mt_check+0xf0/0xf0 [ 284.903832] ? wait_for_completion+0x7f0/0x7f0 [ 284.908507] ? depot_save_stack+0x12b/0x423 [ 284.913218] xt_check_match+0x200/0x5d0 [ 284.917242] ? save_stack+0xa9/0xd0 [ 284.921207] ? xt_check_target+0x5a0/0x5a0 [ 284.925449] ? kasan_slab_free+0x71/0xc0 [ 284.929520] ? kfree+0xcc/0x270 [ 284.933617] ? kvfree+0x2c/0x30 [ 284.936902] ? mutex_unlock+0xd/0x10 [ 284.940956] ? xt_find_match+0x119/0x190 [ 284.945074] find_check_entry.isra.8+0x3fc/0xe90 [ 284.949844] ? ipt_do_table+0x17d0/0x17d0 [ 284.954378] ? trace_hardirqs_off+0xd/0x10 [ 284.958621] ? kfree+0x104/0x270 [ 284.962333] ? kvfree+0x2c/0x30 [ 284.965616] ? trace_hardirqs_on_caller+0x40c/0x580 [ 284.970902] ? trace_hardirqs_on+0xd/0x10 [ 284.975055] translate_table+0xc5c/0x1bd0 [ 284.979212] ? do_add_counters+0x870/0x870 [ 284.983812] ? kasan_check_write+0x14/0x20 [ 284.988113] do_ipt_set_ctl+0x2d7/0x52d [ 284.994087] ? compat_do_ipt_set_ctl+0x130/0x130 [ 284.998860] ? mutex_unlock+0xd/0x10 [ 285.002958] ? nf_sockopt_find.constprop.0+0x17a/0x1f0 [ 285.008241] nf_setsockopt+0x5c/0xb0 [ 285.012293] ip_setsockopt+0x6b/0xa0 [ 285.016038] udp_setsockopt+0x16/0x30 [ 285.019872] sock_common_setsockopt+0x73/0xf0 [ 285.031351] SyS_setsockopt+0x167/0x320 [ 285.035348] ? SyS_recv+0x20/0x20 [ 285.038855] ? entry_SYSCALL_64_fastpath+0x5/0xc2 [ 285.049511] ? trace_hardirqs_on_caller+0x40c/0x580 [ 285.055795] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 285.066424] entry_SYSCALL_64_fastpath+0x23/0xc2 [ 285.072420] RIP: 0033:0x45a919 [ 285.075621] RSP: 002b:00007f82108dfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 285.089133] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045a919 [ 285.097640] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000005 [ 285.111721] RBP: 0000000000000082 R08: 0000000000000001 R09: 0000000000000000 [ 285.119007] R10: 0000000020000500 R11: 0000000000000246 R12: 0000000000000000 [ 285.133125] R13: 00007ffffb2f62ef R14: 00007f82108e09c0 R15: 000000000075bf2c [ 285.143811] [ 285.143811] Showing all locks held in the system: [ 285.153566] 2 locks held by khungtaskd/1036: [ 285.158001] #0: (rcu_read_lock){....}, at: [] watchdog+0x19d/0xba0 [ 285.166241] #1: (tasklist_lock){.+.+}, at: [] debug_show_all_locks+0xde/0x340 [ 285.175400] 1 lock held by rsyslogd/7653: [ 285.179541] #0: (&f->f_pos_lock){+.+.}, at: [] __fdget_pos+0x14d/0x1b0 [ 285.188116] 2 locks held by getty/7775: [ 285.192146] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x2d/0x40 [ 285.200948] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x2ec/0x1b00 [ 285.210710] 2 locks held by getty/7776: [ 285.214695] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x2d/0x40 [ 285.223535] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x2ec/0x1b00 [ 285.232922] 2 locks held by getty/7777: [ 285.236893] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x2d/0x40 [ 285.245727] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x2ec/0x1b00 [ 285.255100] 2 locks held by getty/7778: [ 285.259076] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x2d/0x40 [ 285.267870] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x2ec/0x1b00 [ 285.277225] 2 locks held by getty/7779: [ 285.281275] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x2d/0x40 [ 285.291150] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x2ec/0x1b00 [ 285.300594] 2 locks held by getty/7780: [ 285.304630] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x2d/0x40 [ 285.313408] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x2ec/0x1b00 [ 285.322825] 2 locks held by getty/7781: [ 285.326798] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x2d/0x40 [ 285.335715] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x2ec/0x1b00 [ 285.345158] 2 locks held by syz-executor.0/7972: [ 285.349912] #0: (sk_lock-AF_INET){+.+.}, at: [] ip_setsockopt+0x56/0xa0 [ 285.358598] #1: (hashlimit_mutex){+.+.}, at: [] hashlimit_mt_check_common.isra.10+0x296/0x12b0 [ 285.369306] 2 locks held by syz-executor.0/8015: [ 285.374113] #0: (sk_lock-AF_INET){+.+.}, at: [] ip_setsockopt+0x56/0xa0 [ 285.382742] #1: (hashlimit_mutex){+.+.}, at: [] hashlimit_mt_check_common.isra.10+0x296/0x12b0 [ 285.393320] 2 locks held by syz-executor.5/7981: [ 285.398073] #0: (sk_lock-AF_INET){+.+.}, at: [] ip_setsockopt+0x56/0xa0 [ 285.406702] #1: (hashlimit_mutex){+.+.}, at: [] hashlimit_mt_check_common.isra.10+0x296/0x12b0 [ 285.417284] 2 locks held by syz-executor.5/8019: [ 285.422120] #0: (sk_lock-AF_INET){+.+.}, at: [] ip_setsockopt+0x56/0xa0 [ 285.430726] #1: (hashlimit_mutex){+.+.}, at: [] hashlimit_mt_check_common.isra.10+0x296/0x12b0 [ 285.441793] 2 locks held by syz-executor.4/8023: [ 285.446551] #0: (sk_lock-AF_INET){+.+.}, at: [] ip_setsockopt+0x56/0xa0 [ 285.455159] #1: (hashlimit_mutex){+.+.}, at: [] hashlimit_mt_check_common.isra.10+0x296/0x12b0 [ 285.465782] 2 locks held by syz-executor.4/8032: [ 285.470602] #0: (sk_lock-AF_INET){+.+.}, at: [] ip_setsockopt+0x56/0xa0 [ 285.479141] #1: (hashlimit_mutex){+.+.}, at: [] hashlimit_mt_check_common.isra.10+0x296/0x12b0 [ 285.495167] 2 locks held by syz-executor.3/8028: [ 285.499922] #0: (sk_lock-AF_INET){+.+.}, at: [] ip_setsockopt+0x56/0xa0 [ 285.508714] #1: (hashlimit_mutex){+.+.}, at: [] hashlimit_mt_check_common.isra.10+0x296/0x12b0 [ 285.519340] 2 locks held by syz-executor.1/8031: [ 285.524166] #0: (sk_lock-AF_INET){+.+.}, at: [] ip_setsockopt+0x56/0xa0 [ 285.532780] #1: (hashlimit_mutex){+.+.}, at: [] hashlimit_mt_check_common.isra.10+0x296/0x12b0 [ 285.543377] [ 285.545008] ============================================= [ 285.545008] [ 285.552322] NMI backtrace for cpu 1 [ 285.555953] CPU: 1 PID: 1036 Comm: khungtaskd Not tainted 4.14.0-rc4-syzkaller #0 [ 285.563569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 285.572921] Call Trace: [ 285.575572] dump_stack+0x145/0x1e1 [ 285.579198] ? arch_local_irq_restore+0x43/0x43 [ 285.583875] nmi_cpu_backtrace.cold.5+0x13/0xb2 [ 285.588542] ? irq_force_complete_move.cold.13+0x64/0x64 [ 285.593996] nmi_trigger_cpumask_backtrace+0xf4/0x118 [ 285.599210] arch_trigger_cpumask_backtrace+0x14/0x20 [ 285.604396] watchdog+0x74d/0xba0 [ 285.607854] ? reset_hung_task_detector+0xa0/0xa0 [ 285.612727] ? __schedule+0x1fe0/0x1fe0 [ 285.616700] ? preempt_schedule_common+0x1f/0xd0 [ 285.621464] ? preempt_schedule+0x4d/0x60 [ 285.625611] ? ___preempt_schedule+0x16/0x18 [ 285.630022] ? _raw_spin_unlock_irqrestore+0xbb/0xd0 [ 285.635127] kthread+0x376/0x440 [ 285.638500] ? reset_hung_task_detector+0xa0/0xa0 [ 285.643344] ? kthread_create_on_node+0xa0/0xa0 [ 285.648012] ret_from_fork+0x2a/0x40 [ 285.651904] Sending NMI from CPU 1 to CPUs 0: [ 285.656411] NMI backtrace for cpu 0 [ 285.656416] CPU: 0 PID: 7963 Comm: syz-executor.2 Not tainted 4.14.0-rc4-syzkaller #0 [ 285.656418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 285.656420] task: ffff8800a892c400 task.stack: ffff8800a8930000 [ 285.656427] RIP: 0010:trace_hardirqs_off_caller+0x198/0x2b0 [ 285.656429] RSP: 0018:ffff8800a8937740 EFLAGS: 00000807 [ 285.656432] RAX: dffffc0000000000 RBX: ffff8800a892c400 RCX: 0000000000000000 [ 285.656433] RDX: 1ffff10015125993 RSI: 0000000000000000 RDI: ffff8800a892cc9c [ 285.656435] RBP: ffff8800a8937758 R08: 1ffff10015126ecc R09: ffff8800a892c400 [ 285.656436] R10: e3abaf4c495a6d20 R11: 1ffff10015125b2b R12: 0000000024ebda55 [ 285.656438] R13: ffffffff813fcb7c R14: ffffffff8618f780 R15: 0000000000000000 [ 285.656440] FS: 00007f4fc330b700(0000) GS:ffff88012c000000(0000) knlGS:0000000000000000 [ 285.656442] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 285.656443] CR2: 00007f30de94a020 CR3: 0000000128efb000 CR4: 00000000001406f0 [ 285.656448] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 285.656449] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 285.656450] Call Trace: [ 285.656457] ? htable_selective_cleanup+0x231/0x3a0 [ 285.656460] trace_hardirqs_off+0xd/0x10 [ 285.656464] __local_bh_enable_ip+0x5c/0x170 [ 285.656468] _raw_spin_unlock_bh+0x30/0x40 [ 285.656471] htable_selective_cleanup+0x231/0x3a0 [ 285.656475] ? hashlimit_ipv6_mask+0x340/0x340 [ 285.656479] htable_put+0x1c0/0x310 [ 285.656482] ? htable_remove_proc_entry+0x380/0x380 [ 285.656486] ? xt_check_target+0x1fb/0x5a0 [ 285.656491] ? __symbol_get+0x2a0/0x2a0 [ 285.656494] hashlimit_mt_destroy_v2+0x51/0x70 [ 285.656499] cleanup_match+0x13b/0x210 [ 285.656502] ? icmp_checkentry+0x70/0x70 [ 285.656504] ? xt_find_target+0x14d/0x190 [ 285.656509] find_check_entry.isra.8+0x4fd/0xe90 [ 285.656514] ? ipt_do_table+0x17d0/0x17d0 [ 285.656517] ? trace_hardirqs_off+0xd/0x10 [ 285.656522] ? kfree+0x104/0x270 [ 285.656526] ? trace_hardirqs_on+0xd/0x10 [ 285.656530] translate_table+0xc5c/0x1bd0 [ 285.656536] ? do_add_counters+0x870/0x870 [ 285.656540] ? kasan_check_write+0x14/0x20 [ 285.656544] do_ipt_set_ctl+0x2d7/0x52d [ 285.656547] ? compat_do_ipt_set_ctl+0x130/0x130 [ 285.656551] ? mutex_unlock+0xd/0x10 [ 285.656554] ? nf_sockopt_find.constprop.0+0x17a/0x1f0 [ 285.656557] nf_setsockopt+0x5c/0xb0 [ 285.656562] ip_setsockopt+0x6b/0xa0 [ 285.656567] udp_setsockopt+0x16/0x30 [ 285.656571] sock_common_setsockopt+0x73/0xf0 [ 285.656575] SyS_setsockopt+0x167/0x320 [ 285.656579] ? SyS_recv+0x20/0x20 [ 285.656582] ? entry_SYSCALL_64_fastpath+0x5/0xc2 [ 285.656585] ? trace_hardirqs_on_caller+0x40c/0x580 [ 285.656589] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 285.656593] entry_SYSCALL_64_fastpath+0x23/0xc2 [ 285.656595] RIP: 0033:0x45a919 [ 285.656597] RSP: 002b:00007f4fc330ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 285.656599] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045a919 [ 285.656600] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000005 [ 285.656601] RBP: 0000000000000082 R08: 0000000000000001 R09: 0000000000000000 [ 285.656603] R10: 0000000020000500 R11: 0000000000000246 R12: 0000000000000000 [ 285.656604] R13: 00007ffd1479102f R14: 00007f4fc330b9c0 R15: 000000000075bfd4 [ 285.656608] Code: 00 00 8b 83 80 08 00 00 48 8d bb 9c 08 00 00 48 89 fa 48 c1 ea 03 44 8d 60 01 48 b8 00 00 00 00 00 fc ff df 44 89 a3 80 08 00 00 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 [ 285.657421] Kernel panic - not syncing: hung_task: blocked tasks [ 285.997293] CPU: 1 PID: 1036 Comm: khungtaskd Not tainted 4.14.0-rc4-syzkaller #0 [ 286.004905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 286.014253] Call Trace: [ 286.016839] dump_stack+0x145/0x1e1 [ 286.020462] ? arch_local_irq_restore+0x43/0x43 [ 286.025138] ? printk_safe_log_store+0x1a0/0x1a0 [ 286.029894] panic+0x1a9/0x34e [ 286.033082] ? add_taint.cold.5+0x11/0x11 [ 286.037231] ? irq_force_complete_move.cold.13+0x64/0x64 [ 286.042803] watchdog+0x75e/0xba0 [ 286.046269] ? reset_hung_task_detector+0xa0/0xa0 [ 286.051125] ? __schedule+0x1fe0/0x1fe0 [ 286.055100] ? preempt_schedule_common+0x1f/0xd0 [ 286.059851] ? preempt_schedule+0x4d/0x60 [ 286.063995] ? ___preempt_schedule+0x16/0x18 [ 286.069445] ? _raw_spin_unlock_irqrestore+0xbb/0xd0 [ 286.074547] kthread+0x376/0x440 [ 286.077913] ? reset_hung_task_detector+0xa0/0xa0 [ 286.082752] ? kthread_create_on_node+0xa0/0xa0 [ 286.087421] ret_from_fork+0x2a/0x40 [ 286.094400] Kernel Offset: disabled [ 286.098074] Rebooting in 86400 seconds..