[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 31.228563] sshd (6021) used greatest stack depth: 15736 bytes left [ 39.692611] IPVS: ftp: loaded support on port[0] = 21 [ 69.471006] can: request_module (can-proto-0) failed. [ 69.482586] can: request_module (can-proto-0) failed. Warning: Permanently added '10.128.0.101' (ECDSA) to the list of known hosts. 2018/12/24 20:30:34 parsed 1 programs 2018/12/24 20:30:35 executed programs: 0 [ 80.033657] IPVS: ftp: loaded support on port[0] = 21 [ 80.046079] IPVS: ftp: loaded support on port[0] = 21 [ 80.067769] IPVS: ftp: loaded support on port[0] = 21 [ 80.074396] IPVS: ftp: loaded support on port[0] = 21 [ 80.114735] IPVS: ftp: loaded support on port[0] = 21 [ 80.131262] IPVS: ftp: loaded support on port[0] = 21 [ 81.397586] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.413034] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.428818] device bridge_slave_0 entered promiscuous mode [ 81.474284] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.484616] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.497896] device bridge_slave_0 entered promiscuous mode [ 81.528350] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.537786] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.545475] device bridge_slave_0 entered promiscuous mode [ 81.566434] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.583433] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.591428] device bridge_slave_1 entered promiscuous mode [ 81.601299] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.607733] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.616130] device bridge_slave_1 entered promiscuous mode [ 81.633734] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.641887] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.655169] device bridge_slave_0 entered promiscuous mode [ 81.663735] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.672248] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.679861] device bridge_slave_1 entered promiscuous mode [ 81.688580] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 81.697534] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 81.709427] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.715791] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.737728] device bridge_slave_0 entered promiscuous mode [ 81.744953] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.752088] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.759737] device bridge_slave_0 entered promiscuous mode [ 81.767672] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.774749] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.782438] device bridge_slave_1 entered promiscuous mode [ 81.791103] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 81.800699] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 81.816340] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.823167] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.837174] device bridge_slave_1 entered promiscuous mode [ 81.846145] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 81.857270] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 81.867278] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 81.895035] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.903213] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.916899] device bridge_slave_1 entered promiscuous mode [ 81.925763] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 81.954455] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 81.986443] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 82.016798] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 82.071874] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 82.084611] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 82.111386] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 82.126565] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 82.164282] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 82.177950] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 82.211586] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 82.222643] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 82.237750] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 82.249565] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 82.269671] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 82.280101] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 82.286956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 82.313422] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 82.340809] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 82.350214] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 82.370825] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 82.386001] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 82.400885] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 82.414998] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 82.430143] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 82.444824] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 82.456522] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 82.472942] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 82.485004] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 82.515315] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 82.540038] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 82.557117] team0: Port device team_slave_0 added [ 82.571806] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 82.633005] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 82.648913] team0: Port device team_slave_1 added [ 82.692691] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 82.712152] team0: Port device team_slave_0 added [ 82.720187] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 82.728767] team0: Port device team_slave_0 added [ 82.739047] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 82.746531] team0: Port device team_slave_0 added [ 82.778428] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 82.819144] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 82.834304] team0: Port device team_slave_1 added [ 82.840845] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 82.851611] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 82.859327] team0: Port device team_slave_1 added [ 82.867217] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 82.875866] team0: Port device team_slave_1 added [ 82.883912] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 82.896931] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 82.907026] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 82.933827] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 82.941694] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 82.952323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 82.966748] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 82.997018] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 83.024358] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 83.034370] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 83.041862] team0: Port device team_slave_0 added [ 83.064848] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 83.077249] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 83.091253] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 83.107865] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 83.121587] team0: Port device team_slave_0 added [ 83.131401] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 83.141437] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 83.156642] team0: Port device team_slave_1 added [ 83.162108] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 83.171224] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 83.181408] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 83.189856] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 83.207294] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 83.216174] team0: Port device team_slave_1 added [ 83.221601] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 83.232841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 83.241161] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 83.249602] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 83.261231] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 83.270399] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 83.281498] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 83.291206] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 83.302786] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 83.315101] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 83.331225] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 83.339494] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 83.347295] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 83.355253] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 83.363037] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 83.370880] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 83.378796] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 83.388702] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 83.396559] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 83.410964] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 83.428391] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 83.436262] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 83.478372] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 83.488686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 83.497561] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 83.511105] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 83.529723] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 83.537703] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 83.573335] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 83.590585] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 83.602767] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 83.622066] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 83.638245] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 83.648447] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 83.656392] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 83.679192] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 83.687139] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 83.992814] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.999399] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.006464] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.012901] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.034674] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 84.125461] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 84.218074] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.224449] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.231179] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.237550] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.262897] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 84.273651] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.280088] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.286758] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.293206] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.302024] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 84.319243] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.325614] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.332327] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.338739] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.363603] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 84.475461] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.481876] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.488651] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.495047] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.508239] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 84.595162] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.601587] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.608310] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.614687] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.629052] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 85.192261] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 85.206858] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 85.222495] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 85.236728] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 85.244004] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 86.965654] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.118694] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.172414] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.241922] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.265527] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.284698] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 87.401522] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 87.423125] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 87.474381] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.498700] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 87.531254] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 87.537496] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 87.545345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 87.589407] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 87.685650] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 87.698885] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 87.705932] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 87.725913] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 87.741940] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 87.752454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 87.769297] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 87.830219] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 87.839766] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 87.855292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 87.876101] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.900158] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 87.914307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 87.934028] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 87.988951] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.011959] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.061256] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.090203] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 88.102501] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 88.117850] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 88.263290] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.419912] 8021q: adding VLAN 0 to HW filter on device team0 2018/12/24 20:30:45 executed programs: 6 [ 89.649404] CPU: 0 PID: 7653 Comm: syz-executor0 Not tainted 4.20.0-rc7+ #1 [ 89.656656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 89.666038] Call Trace: [ 89.666063] dump_stack+0x1d3/0x2c6 [ 89.666085] ? dump_stack_print_info.cold.1+0x20/0x20 [ 89.666103] ? detach_if_pending+0x6a0/0x6a0 [ 89.666118] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 89.666142] xfrm_policy_destroy.cold.79+0xa/0x22 [ 89.666158] xfrm_policy_kill+0xdd/0x160 [ 89.666175] xfrm_policy_insert+0x4d0/0x850 [ 89.666194] ? xfrm_policy_inexact_insert+0xee0/0xee0 [ 89.666212] ? copy_from_user_policy+0x110/0x2b0 [ 89.666228] ? xfrm_policy_construct+0x470/0x650 [ 89.666245] xfrm_add_policy+0x2a0/0x6f0 [ 89.666263] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 89.666279] ? xfrm_policy_construct+0x650/0x650 [ 89.666303] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 89.666319] ? __nla_parse+0x12c/0x3e0 [ 89.666340] ? nla_parse+0x46/0x60 [ 89.742584] ? xfrm_policy_construct+0x650/0x650 [ 89.747355] xfrm_user_rcv_msg+0x44c/0x8e0 [ 89.751610] ? xfrm_dump_sa_done+0xf0/0xf0 [ 89.755869] ? netlink_deliver_tap+0x32e/0xf40 [ 89.760474] ? lock_downgrade+0x900/0x900 [ 89.764637] ? check_preemption_disabled+0x48/0x280 [ 89.769703] netlink_rcv_skb+0x16c/0x430 [ 89.773783] ? xfrm_dump_sa_done+0xf0/0xf0 [ 89.778039] ? netlink_ack+0xb70/0xb70 [ 89.781941] ? rcu_softirq_qs+0x20/0x20 [ 89.785943] xfrm_netlink_rcv+0x6f/0x90 [ 89.789949] netlink_unicast+0x59f/0x750 [ 89.794053] ? netlink_attachskb+0x9a0/0x9a0 [ 89.798477] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 89.804050] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 89.809089] netlink_sendmsg+0xa18/0xfc0 [ 89.813171] ? netlink_unicast+0x750/0x750 [ 89.817420] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 89.822365] ? apparmor_socket_sendmsg+0x29/0x30 [ 89.827133] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 89.832686] ? security_socket_sendmsg+0x94/0xc0 [ 89.837455] ? netlink_unicast+0x750/0x750 [ 89.841707] sock_sendmsg+0xd5/0x120 [ 89.845433] ___sys_sendmsg+0x7fd/0x930 [ 89.849439] ? find_held_lock+0x36/0x1c0 [ 89.853515] ? copy_msghdr_from_user+0x580/0x580 [ 89.858288] ? __fd_install+0x2b5/0x8f0 [ 89.862294] ? __fget_light+0x2e9/0x430 [ 89.866283] ? fget_raw+0x20/0x20 [ 89.869750] ? __might_fault+0x12b/0x1e0 [ 89.873823] ? lock_downgrade+0x900/0x900 [ 89.878008] ? lock_release+0xa00/0xa00 [ 89.882092] ? arch_local_save_flags+0x40/0x40 [ 89.886689] ? posix_ktime_get_ts+0x15/0x20 [ 89.891047] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 89.896518] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 89.902078] ? sockfd_lookup_light+0xc5/0x160 [ 89.906587] __sys_sendmsg+0x11d/0x280 [ 89.910486] ? __ia32_sys_shutdown+0x80/0x80 [ 89.914910] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 89.920455] ? put_timespec64+0x10f/0x1b0 [ 89.924620] ? do_syscall_64+0x9a/0x820 [ 89.928608] ? do_syscall_64+0x9a/0x820 [ 89.932601] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 89.938068] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 89.943726] __x64_sys_sendmsg+0x78/0xb0 [ 89.947801] do_syscall_64+0x1b9/0x820 [ 89.951703] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 89.957081] ? syscall_return_slowpath+0x5e0/0x5e0 [ 89.962039] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 89.966894] ? trace_hardirqs_on_caller+0x310/0x310 [ 89.971926] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 89.976958] ? prepare_exit_to_usermode+0x291/0x3b0 [ 89.982039] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 89.986900] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 89.992096] RIP: 0033:0x457669 [ 89.995302] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 90.014212] RSP: 002b:00007f71c4ce2c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 90.022040] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 90.029319] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000004 [ 90.036596] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 90.043874] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71c4ce36d4 [ 90.051153] R13: 00000000004c44d8 R14: 00000000004d74e8 R15: 00000000ffffffff [ 90.058456] CPU: 1 PID: 7664 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #1 [ 90.065581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 90.074940] Call Trace: [ 90.077563] dump_stack+0x1d3/0x2c6 [ 90.081215] ? dump_stack_print_info.cold.1+0x20/0x20 [ 90.086424] ? detach_if_pending+0x6a0/0x6a0 [ 90.090855] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 90.096000] xfrm_policy_destroy.cold.79+0xa/0x22 [ 90.100867] xfrm_policy_kill+0xdd/0x160 [ 90.104950] xfrm_policy_insert+0x4d0/0x850 [ 90.109317] ? xfrm_policy_inexact_insert+0xee0/0xee0 [ 90.114532] ? copy_from_user_policy+0x110/0x2b0 [ 90.119308] ? xfrm_policy_construct+0x470/0x650 [ 90.124081] xfrm_add_policy+0x2a0/0x6f0 [ 90.128170] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 90.133729] ? xfrm_policy_construct+0x650/0x650 [ 90.138516] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 90.144078] ? __nla_parse+0x12c/0x3e0 [ 90.148007] ? nla_parse+0x46/0x60 [ 90.151566] ? xfrm_policy_construct+0x650/0x650 [ 90.156354] xfrm_user_rcv_msg+0x44c/0x8e0 [ 90.160611] ? xfrm_dump_sa_done+0xf0/0xf0 [ 90.164872] ? netlink_deliver_tap+0x32e/0xf40 [ 90.169473] ? lock_downgrade+0x900/0x900 [ 90.173652] ? check_preemption_disabled+0x48/0x280 [ 90.178729] netlink_rcv_skb+0x16c/0x430 [ 90.182810] ? xfrm_dump_sa_done+0xf0/0xf0 [ 90.187069] ? netlink_ack+0xb70/0xb70 [ 90.190973] ? rcu_softirq_qs+0x20/0x20 [ 90.195016] xfrm_netlink_rcv+0x6f/0x90 [ 90.199024] netlink_unicast+0x59f/0x750 [ 90.203104] ? netlink_attachskb+0x9a0/0x9a0 [ 90.207530] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 90.213089] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 90.218128] netlink_sendmsg+0xa18/0xfc0 [ 90.222212] ? netlink_unicast+0x750/0x750 [ 90.226460] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 90.231409] ? apparmor_socket_sendmsg+0x29/0x30 [ 90.236183] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 90.241735] ? security_socket_sendmsg+0x94/0xc0 [ 90.246508] ? netlink_unicast+0x750/0x750 [ 90.250757] sock_sendmsg+0xd5/0x120 [ 90.254498] ___sys_sendmsg+0x7fd/0x930 [ 90.258503] ? find_held_lock+0x36/0x1c0 [ 90.262590] ? copy_msghdr_from_user+0x580/0x580 [ 90.267366] ? __fd_install+0x2b5/0x8f0 [ 90.271365] ? __fget_light+0x2e9/0x430 [ 90.275366] ? fget_raw+0x20/0x20 [ 90.278836] ? __might_fault+0x12b/0x1e0 [ 90.282908] ? lock_downgrade+0x900/0x900 [ 90.287071] ? lock_release+0xa00/0xa00 [ 90.291061] ? arch_local_save_flags+0x40/0x40 [ 90.295662] ? posix_ktime_get_ts+0x15/0x20 [ 90.300015] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 90.305496] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 90.311051] ? sockfd_lookup_light+0xc5/0x160 [ 90.315565] __sys_sendmsg+0x11d/0x280 [ 90.319472] ? __ia32_sys_shutdown+0x80/0x80 [ 90.323900] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 90.329452] ? put_timespec64+0x10f/0x1b0 [ 90.333630] ? do_syscall_64+0x9a/0x820 [ 90.337621] ? do_syscall_64+0x9a/0x820 [ 90.341622] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 90.347095] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 90.352653] __x64_sys_sendmsg+0x78/0xb0 [ 90.356739] do_syscall_64+0x1b9/0x820 [ 90.360644] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 90.366040] ? syscall_return_slowpath+0x5e0/0x5e0 [ 90.371007] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 90.375870] ? trace_hardirqs_on_caller+0x310/0x310 [ 90.380903] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 90.385933] ? prepare_exit_to_usermode+0x291/0x3b0 [ 90.390969] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 90.395859] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 90.401062] RIP: 0033:0x457669 [ 90.404271] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 90.423185] RSP: 002b:00007f8ba528ac78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 90.430904] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 90.438183] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000003 [ 90.445459] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 90.452739] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8ba528b6d4 [ 90.460035] R13: 00000000004c44d8 R14: 00000000004d74e8 R15: 00000000ffffffff [ 90.467336] CPU: 0 PID: 7658 Comm: syz-executor2 Not tainted 4.20.0-rc7+ #1 [ 90.474456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 90.483816] Call Trace: [ 90.486423] dump_stack+0x1d3/0x2c6 [ 90.490078] ? dump_stack_print_info.cold.1+0x20/0x20 [ 90.495278] ? detach_if_pending+0x6a0/0x6a0 [ 90.499693] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 90.504815] xfrm_policy_destroy.cold.79+0xa/0x22 [ 90.509672] xfrm_policy_kill+0xdd/0x160 [ 90.513744] xfrm_policy_insert+0x4d0/0x850 [ 90.518076] ? xfrm_policy_inexact_insert+0xee0/0xee0 [ 90.523278] ? copy_from_user_policy+0x110/0x2b0 [ 90.528045] ? xfrm_policy_construct+0x470/0x650 [ 90.532818] xfrm_add_policy+0x2a0/0x6f0 [ 90.536896] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 90.542441] ? xfrm_policy_construct+0x650/0x650 [ 90.547206] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 90.552753] ? __nla_parse+0x12c/0x3e0 [ 90.556675] ? nla_parse+0x46/0x60 [ 90.560224] ? xfrm_policy_construct+0x650/0x650 [ 90.565008] xfrm_user_rcv_msg+0x44c/0x8e0 [ 90.569260] ? xfrm_dump_sa_done+0xf0/0xf0 [ 90.573510] ? netlink_deliver_tap+0x32e/0xf40 [ 90.578101] ? lock_downgrade+0x900/0x900 [ 90.582258] ? check_preemption_disabled+0x48/0x280 [ 90.587322] netlink_rcv_skb+0x16c/0x430 [ 90.591396] ? xfrm_dump_sa_done+0xf0/0xf0 [ 90.595641] ? netlink_ack+0xb70/0xb70 [ 90.599534] ? rcu_softirq_qs+0x20/0x20 [ 90.603533] xfrm_netlink_rcv+0x6f/0x90 [ 90.607515] netlink_unicast+0x59f/0x750 [ 90.611589] ? netlink_attachskb+0x9a0/0x9a0 [ 90.616024] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 90.621576] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 90.626602] netlink_sendmsg+0xa18/0xfc0 [ 90.630683] ? netlink_unicast+0x750/0x750 [ 90.634924] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 90.639864] ? apparmor_socket_sendmsg+0x29/0x30 [ 90.644628] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 90.650174] ? security_socket_sendmsg+0x94/0xc0 [ 90.654938] ? netlink_unicast+0x750/0x750 [ 90.659186] sock_sendmsg+0xd5/0x120 [ 90.662910] ___sys_sendmsg+0x7fd/0x930 [ 90.666893] ? find_held_lock+0x36/0x1c0 [ 90.670969] ? copy_msghdr_from_user+0x580/0x580 [ 90.675757] ? __fd_install+0x2b5/0x8f0 [ 90.679755] ? __fget_light+0x2e9/0x430 [ 90.683739] ? fget_raw+0x20/0x20 [ 90.687205] ? __might_fault+0x12b/0x1e0 [ 90.691279] ? lock_downgrade+0x900/0x900 [ 90.695436] ? lock_release+0xa00/0xa00 [ 90.699419] ? arch_local_save_flags+0x40/0x40 [ 90.704025] ? posix_ktime_get_ts+0x15/0x20 [ 90.708353] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 90.713823] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 90.719417] ? sockfd_lookup_light+0xc5/0x160 [ 90.723922] __sys_sendmsg+0x11d/0x280 [ 90.727818] ? __ia32_sys_shutdown+0x80/0x80 [ 90.732237] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 90.737780] ? put_timespec64+0x10f/0x1b0 [ 90.741944] ? do_syscall_64+0x9a/0x820 [ 90.745934] ? do_syscall_64+0x9a/0x820 [ 90.749925] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 90.755387] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 90.760937] __x64_sys_sendmsg+0x78/0xb0 [ 90.765025] do_syscall_64+0x1b9/0x820 [ 90.768922] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 90.774297] ? syscall_return_slowpath+0x5e0/0x5e0 [ 90.779233] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 90.784085] ? trace_hardirqs_on_caller+0x310/0x310 [ 90.789109] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 90.794143] ? prepare_exit_to_usermode+0x291/0x3b0 [ 90.799175] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 90.804048] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 90.809246] RIP: 0033:0x457669 [ 90.812951] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 90.831876] RSP: 002b:00007f00f1e25c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 90.839594] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 90.846872] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000004 [ 90.854148] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 90.861420] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f00f1e266d4 [ 90.868697] R13: 00000000004c44d8 R14: 00000000004d74e8 R15: 00000000ffffffff [ 90.882407] CPU: 1 PID: 7683 Comm: syz-executor5 Not tainted 4.20.0-rc7+ #1 [ 90.889534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 90.898897] Call Trace: [ 90.901509] dump_stack+0x1d3/0x2c6 [ 90.905175] ? dump_stack_print_info.cold.1+0x20/0x20 [ 90.910387] ? detach_if_pending+0x6a0/0x6a0 [ 90.914808] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 90.919932] xfrm_policy_destroy.cold.79+0xa/0x22 [ 90.924788] xfrm_policy_kill+0xdd/0x160 [ 90.928869] xfrm_policy_insert+0x4d0/0x850 [ 90.933207] ? xfrm_policy_inexact_insert+0xee0/0xee0 [ 90.938412] ? copy_from_user_policy+0x110/0x2b0 [ 90.943564] ? xfrm_policy_construct+0x470/0x650 [ 90.948338] xfrm_add_policy+0x2a0/0x6f0 [ 90.952415] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 90.957967] ? xfrm_policy_construct+0x650/0x650 [ 90.962755] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 90.968309] ? __nla_parse+0x12c/0x3e0 [ 90.972215] ? nla_parse+0x46/0x60 [ 90.975770] ? xfrm_policy_construct+0x650/0x650 [ 90.980539] xfrm_user_rcv_msg+0x44c/0x8e0 [ 90.984788] ? xfrm_dump_sa_done+0xf0/0xf0 [ 90.989049] ? netlink_deliver_tap+0x32e/0xf40 [ 90.993643] ? lock_downgrade+0x900/0x900 [ 90.997804] ? check_preemption_disabled+0x48/0x280 [ 91.002867] netlink_rcv_skb+0x16c/0x430 [ 91.006950] ? xfrm_dump_sa_done+0xf0/0xf0 [ 91.011228] ? netlink_ack+0xb70/0xb70 [ 91.015131] ? rcu_softirq_qs+0x20/0x20 [ 91.019139] xfrm_netlink_rcv+0x6f/0x90 [ 91.023131] netlink_unicast+0x59f/0x750 [ 91.027220] ? netlink_attachskb+0x9a0/0x9a0 [ 91.031665] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 91.037227] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 91.042266] netlink_sendmsg+0xa18/0xfc0 [ 91.046356] ? netlink_unicast+0x750/0x750 [ 91.050613] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 91.055562] ? apparmor_socket_sendmsg+0x29/0x30 [ 91.060338] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 91.065894] ? security_socket_sendmsg+0x94/0xc0 [ 91.070679] ? netlink_unicast+0x750/0x750 [ 91.074934] sock_sendmsg+0xd5/0x120 [ 91.078665] ___sys_sendmsg+0x7fd/0x930 [ 91.082661] ? find_held_lock+0x36/0x1c0 [ 91.086744] ? copy_msghdr_from_user+0x580/0x580 [ 91.091526] ? __fd_install+0x2b5/0x8f0 [ 91.095542] ? __fget_light+0x2e9/0x430 [ 91.099538] ? fget_raw+0x20/0x20 [ 91.103024] ? __might_fault+0x12b/0x1e0 [ 91.107095] ? lock_downgrade+0x900/0x900 [ 91.111261] ? lock_release+0xa00/0xa00 [ 91.115307] ? arch_local_save_flags+0x40/0x40 [ 91.119905] ? posix_ktime_get_ts+0x15/0x20 [ 91.124243] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 91.129720] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 91.135282] ? sockfd_lookup_light+0xc5/0x160 [ 91.139799] __sys_sendmsg+0x11d/0x280 [ 91.143707] ? __ia32_sys_shutdown+0x80/0x80 [ 91.148132] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 91.153687] ? put_timespec64+0x10f/0x1b0 [ 91.157854] ? do_syscall_64+0x9a/0x820 [ 91.161848] ? do_syscall_64+0x9a/0x820 [ 91.165845] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 91.171316] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 91.176871] __x64_sys_sendmsg+0x78/0xb0 [ 91.180943] do_syscall_64+0x1b9/0x820 [ 91.184840] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 91.190215] ? syscall_return_slowpath+0x5e0/0x5e0 [ 91.195152] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 91.200019] ? trace_hardirqs_on_caller+0x310/0x310 [ 91.205048] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 91.210079] ? prepare_exit_to_usermode+0x291/0x3b0 [ 91.215110] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 91.219973] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 91.225192] RIP: 0033:0x457669 [ 91.228391] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 91.247297] RSP: 002b:00007f53cf017c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 91.255026] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 91.262300] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000004 [ 91.269577] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 91.276850] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f53cf0186d4 [ 91.284124] R13: 00000000004c44d8 R14: 00000000004d74e8 R15: 00000000ffffffff [ 91.291583] CPU: 0 PID: 7699 Comm: syz-executor1 Not tainted 4.20.0-rc7+ #1 [ 91.298708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 91.308073] Call Trace: [ 91.310679] dump_stack+0x1d3/0x2c6 [ 91.314329] ? dump_stack_print_info.cold.1+0x20/0x20 [ 91.319536] ? detach_if_pending+0x6a0/0x6a0 [ 91.323958] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 91.329109] xfrm_policy_destroy.cold.79+0xa/0x22 [ 91.333965] xfrm_policy_kill+0xdd/0x160 [ 91.338063] xfrm_policy_insert+0x4d0/0x850 [ 91.342409] ? xfrm_policy_inexact_insert+0xee0/0xee0 [ 91.347613] ? copy_from_user_policy+0x110/0x2b0 [ 91.352382] ? xfrm_policy_construct+0x470/0x650 [ 91.357189] xfrm_add_policy+0x2a0/0x6f0 [ 91.361267] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 91.366817] ? xfrm_policy_construct+0x650/0x650 [ 91.371587] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 91.377142] ? __nla_parse+0x12c/0x3e0 [ 91.381060] ? nla_parse+0x46/0x60 [ 91.384617] ? xfrm_policy_construct+0x650/0x650 [ 91.389389] xfrm_user_rcv_msg+0x44c/0x8e0 [ 91.393640] ? xfrm_dump_sa_done+0xf0/0xf0 [ 91.397897] ? netlink_deliver_tap+0x32e/0xf40 [ 91.402492] ? lock_downgrade+0x900/0x900 [ 91.406664] ? check_preemption_disabled+0x48/0x280 [ 91.411736] netlink_rcv_skb+0x16c/0x430 [ 91.415815] ? xfrm_dump_sa_done+0xf0/0xf0 [ 91.420064] ? netlink_ack+0xb70/0xb70 [ 91.423963] ? rcu_softirq_qs+0x20/0x20 [ 91.428005] xfrm_netlink_rcv+0x6f/0x90 [ 91.432016] netlink_unicast+0x59f/0x750 [ 91.436098] ? netlink_attachskb+0x9a0/0x9a0 [ 91.440524] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 91.446082] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 91.451117] netlink_sendmsg+0xa18/0xfc0 [ 91.455197] ? netlink_unicast+0x750/0x750 [ 91.459449] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 91.464394] ? apparmor_socket_sendmsg+0x29/0x30 [ 91.469165] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 91.474716] ? security_socket_sendmsg+0x94/0xc0 [ 91.479485] ? netlink_unicast+0x750/0x750 [ 91.483731] sock_sendmsg+0xd5/0x120 [ 91.487461] ___sys_sendmsg+0x7fd/0x930 [ 91.491451] ? find_held_lock+0x36/0x1c0 [ 91.495534] ? copy_msghdr_from_user+0x580/0x580 [ 91.500311] ? __fd_install+0x2b5/0x8f0 [ 91.504316] ? __fget_light+0x2e9/0x430 [ 91.508308] ? fget_raw+0x20/0x20 [ 91.511779] ? __might_fault+0x12b/0x1e0 [ 91.515851] ? lock_downgrade+0x900/0x900 [ 91.520032] ? lock_release+0xa00/0xa00 [ 91.524033] ? arch_local_save_flags+0x40/0x40 [ 91.528628] ? posix_ktime_get_ts+0x15/0x20 [ 91.532961] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 91.538455] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 91.544042] ? sockfd_lookup_light+0xc5/0x160 [ 91.548560] __sys_sendmsg+0x11d/0x280 [ 91.552469] ? __ia32_sys_shutdown+0x80/0x80 [ 91.556898] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 91.562449] ? put_timespec64+0x10f/0x1b0 [ 91.566615] ? do_syscall_64+0x9a/0x820 [ 91.570600] ? do_syscall_64+0x9a/0x820 [ 91.574595] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 91.580061] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 91.585619] __x64_sys_sendmsg+0x78/0xb0 [ 91.589703] do_syscall_64+0x1b9/0x820 [ 91.593604] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 91.599002] ? syscall_return_slowpath+0x5e0/0x5e0 [ 91.603948] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 91.608816] ? trace_hardirqs_on_caller+0x310/0x310 [ 91.613847] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 91.618873] ? prepare_exit_to_usermode+0x291/0x3b0 [ 91.623902] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 91.628755] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 91.633950] RIP: 0033:0x457669 [ 91.637162] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 91.656067] RSP: 002b:00007f5f1388dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 91.663774] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 91.671043] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000004 [ 91.678310] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 91.685580] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5f1388e6d4 [ 91.692850] R13: 00000000004c44d8 R14: 00000000004d74e8 R15: 00000000ffffffff [ 91.700145] CPU: 1 PID: 7665 Comm: syz-executor3 Not tainted 4.20.0-rc7+ #1 [ 91.707259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 91.716622] Call Trace: [ 91.719213] dump_stack+0x1d3/0x2c6 [ 91.719234] ? dump_stack_print_info.cold.1+0x20/0x20 [ 91.719251] ? detach_if_pending+0x6a0/0x6a0 [ 91.719269] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 91.737567] xfrm_policy_destroy.cold.79+0xa/0x22 [ 91.742428] xfrm_policy_kill+0xdd/0x160 [ 91.746509] xfrm_policy_insert+0x4d0/0x850 [ 91.750846] ? xfrm_policy_inexact_insert+0xee0/0xee0 [ 91.756061] ? copy_from_user_policy+0x110/0x2b0 [ 91.760860] ? xfrm_policy_construct+0x470/0x650 [ 91.765639] xfrm_add_policy+0x2a0/0x6f0 [ 91.769730] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 91.769747] ? xfrm_policy_construct+0x650/0x650 [ 91.769781] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 91.780071] ? __nla_parse+0x12c/0x3e0 [ 91.780092] ? nla_parse+0x46/0x60 [ 91.780108] ? xfrm_policy_construct+0x650/0x650 [ 91.780125] xfrm_user_rcv_msg+0x44c/0x8e0 [ 91.780145] ? xfrm_dump_sa_done+0xf0/0xf0 [ 91.806295] ? netlink_deliver_tap+0x32e/0xf40 [ 91.810891] ? lock_downgrade+0x900/0x900 [ 91.815064] ? check_preemption_disabled+0x48/0x280 [ 91.820131] netlink_rcv_skb+0x16c/0x430 [ 91.824215] ? xfrm_dump_sa_done+0xf0/0xf0 [ 91.828458] ? netlink_ack+0xb70/0xb70 [ 91.832368] ? rcu_softirq_qs+0x20/0x20 [ 91.836366] xfrm_netlink_rcv+0x6f/0x90 [ 91.840349] netlink_unicast+0x59f/0x750 [ 91.844424] ? netlink_attachskb+0x9a0/0x9a0 [ 91.848857] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 91.854426] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 91.859465] netlink_sendmsg+0xa18/0xfc0 [ 91.863548] ? netlink_unicast+0x750/0x750 [ 91.867787] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 91.872722] ? apparmor_socket_sendmsg+0x29/0x30 [ 91.877489] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 91.883037] ? security_socket_sendmsg+0x94/0xc0 [ 91.887799] ? netlink_unicast+0x750/0x750 [ 91.892045] sock_sendmsg+0xd5/0x120 [ 91.895766] ___sys_sendmsg+0x7fd/0x930 [ 91.899750] ? find_held_lock+0x36/0x1c0 [ 91.903822] ? copy_msghdr_from_user+0x580/0x580 [ 91.908586] ? __fd_install+0x2b5/0x8f0 [ 91.912583] ? __fget_light+0x2e9/0x430 [ 91.916569] ? fget_raw+0x20/0x20 [ 91.920034] ? __might_fault+0x12b/0x1e0 [ 91.924104] ? lock_downgrade+0x900/0x900 [ 91.928257] ? lock_release+0xa00/0xa00 [ 91.932236] ? arch_local_save_flags+0x40/0x40 [ 91.936822] ? posix_ktime_get_ts+0x15/0x20 [ 91.941146] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 91.947080] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 91.952628] ? sockfd_lookup_light+0xc5/0x160 [ 91.957132] __sys_sendmsg+0x11d/0x280 [ 91.961029] ? __ia32_sys_shutdown+0x80/0x80 [ 91.965443] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 91.970993] ? put_timespec64+0x10f/0x1b0 [ 91.975153] ? do_syscall_64+0x9a/0x820 [ 91.979137] ? do_syscall_64+0x9a/0x820 [ 91.983131] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 91.988592] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 91.994141] __x64_sys_sendmsg+0x78/0xb0 [ 91.998208] do_syscall_64+0x1b9/0x820 [ 92.002108] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 92.007480] ? syscall_return_slowpath+0x5e0/0x5e0 [ 92.012424] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 92.017278] ? trace_hardirqs_on_caller+0x310/0x310 [ 92.022319] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 92.027355] ? prepare_exit_to_usermode+0x291/0x3b0 [ 92.032385] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 92.037240] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 92.042430] RIP: 0033:0x457669 [ 92.045640] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 92.064559] RSP: 002b:00007f890744bc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 92.072271] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 92.079545] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000004 [ 92.086813] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 92.094084] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f890744c6d4 [ 92.101356] R13: 00000000004c44d8 R14: 00000000004d74e8 R15: 00000000ffffffff [ 92.108663] CPU: 0 PID: 7710 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #1 [ 92.115775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 92.125138] Call Trace: [ 92.125160] dump_stack+0x1d3/0x2c6 [ 92.125182] ? dump_stack_print_info.cold.1+0x20/0x20 [ 92.125198] ? detach_if_pending+0x6a0/0x6a0 [ 92.125216] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 92.146134] xfrm_policy_destroy.cold.79+0xa/0x22 [ 92.151004] xfrm_policy_kill+0xdd/0x160 [ 92.155075] xfrm_policy_insert+0x4d0/0x850 [ 92.155095] ? xfrm_policy_inexact_insert+0xee0/0xee0 [ 92.155114] ? copy_from_user_policy+0x110/0x2b0 [ 92.164618] ? xfrm_policy_construct+0x470/0x650 [ 92.174106] xfrm_add_policy+0x2a0/0x6f0 [ 92.178177] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 92.183723] ? xfrm_policy_construct+0x650/0x650 [ 92.188484] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 92.194036] ? __nla_parse+0x12c/0x3e0 [ 92.197932] ? nla_parse+0x46/0x60 [ 92.201481] ? xfrm_policy_construct+0x650/0x650 [ 92.206260] xfrm_user_rcv_msg+0x44c/0x8e0 [ 92.210503] ? xfrm_dump_sa_done+0xf0/0xf0 [ 92.214745] ? netlink_deliver_tap+0x32e/0xf40 [ 92.219330] ? lock_downgrade+0x900/0x900 [ 92.223483] ? check_preemption_disabled+0x48/0x280 [ 92.228542] netlink_rcv_skb+0x16c/0x430 [ 92.232611] ? xfrm_dump_sa_done+0xf0/0xf0 [ 92.236850] ? netlink_ack+0xb70/0xb70 [ 92.240740] ? rcu_softirq_qs+0x20/0x20 [ 92.244737] xfrm_netlink_rcv+0x6f/0x90 [ 92.248715] netlink_unicast+0x59f/0x750 [ 92.252791] ? netlink_attachskb+0x9a0/0x9a0 [ 92.257219] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 92.262763] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 92.267791] netlink_sendmsg+0xa18/0xfc0 [ 92.271862] ? netlink_unicast+0x750/0x750 [ 92.276129] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 92.281110] ? apparmor_socket_sendmsg+0x29/0x30 [ 92.285886] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 92.291425] ? security_socket_sendmsg+0x94/0xc0 [ 92.296183] ? netlink_unicast+0x750/0x750 [ 92.300424] sock_sendmsg+0xd5/0x120 [ 92.304160] ___sys_sendmsg+0x7fd/0x930 [ 92.308173] ? find_held_lock+0x36/0x1c0 [ 92.312242] ? copy_msghdr_from_user+0x580/0x580 [ 92.317017] ? __fd_install+0x2b5/0x8f0 [ 92.321046] ? __fget_light+0x2e9/0x430 [ 92.325031] ? fget_raw+0x20/0x20 [ 92.328488] ? __might_fault+0x12b/0x1e0 [ 92.332581] ? lock_downgrade+0x900/0x900 [ 92.336735] ? lock_release+0xa00/0xa00 [ 92.340711] ? arch_local_save_flags+0x40/0x40 [ 92.345298] ? posix_ktime_get_ts+0x15/0x20 [ 92.349629] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 92.355098] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 92.360645] ? sockfd_lookup_light+0xc5/0x160 [ 92.365160] __sys_sendmsg+0x11d/0x280 [ 92.369058] ? __ia32_sys_shutdown+0x80/0x80 [ 92.373473] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 92.379073] ? put_timespec64+0x10f/0x1b0 [ 92.383238] ? do_syscall_64+0x9a/0x820 [ 92.387217] ? do_syscall_64+0x9a/0x820 [ 92.391204] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 92.396658] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 92.402202] __x64_sys_sendmsg+0x78/0xb0 [ 92.406274] do_syscall_64+0x1b9/0x820 [ 92.410167] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 92.415535] ? syscall_return_slowpath+0x5e0/0x5e0 [ 92.420466] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 92.425330] ? trace_hardirqs_on_caller+0x310/0x310 [ 92.430365] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 92.435388] ? prepare_exit_to_usermode+0x291/0x3b0 [ 92.440428] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 92.445280] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 92.450467] RIP: 0033:0x457669 [ 92.453665] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 92.472566] RSP: 002b:00007f8ba52abc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 92.480279] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 92.487582] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000004 [ 92.494848] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 92.502116] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8ba52ac6d4 [ 92.509387] R13: 00000000004c44d8 R14: 00000000004d74e8 R15: 00000000ffffffff [ 92.516691] CPU: 1 PID: 7708 Comm: syz-executor1 Not tainted 4.20.0-rc7+ #1 [ 92.523802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 92.533154] Call Trace: [ 92.535751] dump_stack+0x1d3/0x2c6 [ 92.539399] ? dump_stack_print_info.cold.1+0x20/0x20 [ 92.544600] ? detach_if_pending+0x6a0/0x6a0 [ 92.549028] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 92.554176] xfrm_policy_destroy.cold.79+0xa/0x22 [ 92.559043] xfrm_policy_kill+0xdd/0x160 [ 92.563114] xfrm_policy_insert+0x4d0/0x850 [ 92.567456] ? xfrm_policy_inexact_insert+0xee0/0xee0 [ 92.572671] ? copy_from_user_policy+0x110/0x2b0 [ 92.577429] ? xfrm_policy_construct+0x470/0x650 [ 92.582188] xfrm_add_policy+0x2a0/0x6f0 [ 92.586252] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 92.591797] ? xfrm_policy_construct+0x650/0x650 [ 92.596557] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 92.602120] ? __nla_parse+0x12c/0x3e0 [ 92.606027] ? nla_parse+0x46/0x60 [ 92.609567] ? xfrm_policy_construct+0x650/0x650 [ 92.614323] xfrm_user_rcv_msg+0x44c/0x8e0 [ 92.618565] ? xfrm_dump_sa_done+0xf0/0xf0 [ 92.622802] ? netlink_deliver_tap+0x32e/0xf40 [ 92.627394] ? lock_downgrade+0x900/0x900 [ 92.631538] ? check_preemption_disabled+0x48/0x280 [ 92.636592] netlink_rcv_skb+0x16c/0x430 [ 92.640657] ? xfrm_dump_sa_done+0xf0/0xf0 [ 92.644890] ? netlink_ack+0xb70/0xb70 [ 92.648778] ? rcu_softirq_qs+0x20/0x20 [ 92.652788] xfrm_netlink_rcv+0x6f/0x90 [ 92.656765] netlink_unicast+0x59f/0x750 [ 92.660832] ? netlink_attachskb+0x9a0/0x9a0 [ 92.665243] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 92.670813] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 92.675835] netlink_sendmsg+0xa18/0xfc0 [ 92.679916] ? netlink_unicast+0x750/0x750 [ 92.684177] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 92.689137] ? apparmor_socket_sendmsg+0x29/0x30 [ 92.693895] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 92.699436] ? security_socket_sendmsg+0x94/0xc0 [ 92.704191] ? netlink_unicast+0x750/0x750 [ 92.708425] sock_sendmsg+0xd5/0x120 [ 92.712139] ___sys_sendmsg+0x7fd/0x930 [ 92.716130] ? find_held_lock+0x36/0x1c0 [ 92.720196] ? copy_msghdr_from_user+0x580/0x580 [ 92.724954] ? __fd_install+0x2b5/0x8f0 [ 92.728948] ? __fget_light+0x2e9/0x430 [ 92.732931] ? fget_raw+0x20/0x20 [ 92.736390] ? __might_fault+0x12b/0x1e0 [ 92.740452] ? lock_downgrade+0x900/0x900 [ 92.744602] ? lock_release+0xa00/0xa00 [ 92.748576] ? arch_local_save_flags+0x40/0x40 [ 92.753155] ? posix_ktime_get_ts+0x15/0x20 [ 92.757477] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 92.762941] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 92.768515] ? sockfd_lookup_light+0xc5/0x160 [ 92.773025] __sys_sendmsg+0x11d/0x280 [ 92.776911] ? __ia32_sys_shutdown+0x80/0x80 [ 92.781323] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 92.786858] ? put_timespec64+0x10f/0x1b0 [ 92.791019] ? do_syscall_64+0x9a/0x820 [ 92.795004] ? do_syscall_64+0x9a/0x820 [ 92.799001] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 92.804455] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 92.810004] __x64_sys_sendmsg+0x78/0xb0 [ 92.814193] do_syscall_64+0x1b9/0x820 [ 92.818085] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 92.823451] ? syscall_return_slowpath+0x5e0/0x5e0 [ 92.828380] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 92.833220] ? trace_hardirqs_on_caller+0x310/0x310 [ 92.838243] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 92.843259] ? prepare_exit_to_usermode+0x291/0x3b0 [ 92.848285] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 92.853150] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 92.858334] RIP: 0033:0x457669 [ 92.861539] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 92.880436] RSP: 002b:00007f5f1388dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 92.888141] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 92.895407] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000004 [ 92.902671] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 92.909950] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5f1388e6d4 [ 92.917218] R13: 00000000004c44d8 R14: 00000000004d74e8 R15: 00000000ffffffff [ 92.926868] CPU: 1 PID: 7685 Comm: syz-executor2 Not tainted 4.20.0-rc7+ #1 [ 92.933992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 92.943814] Call Trace: [ 92.946406] dump_stack+0x1d3/0x2c6 [ 92.950099] ? dump_stack_print_info.cold.1+0x20/0x20 [ 92.955301] ? detach_if_pending+0x6a0/0x6a0 [ 92.959721] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 92.964839] xfrm_policy_destroy.cold.79+0xa/0x22 [ 92.969695] xfrm_policy_kill+0xdd/0x160 [ 92.973764] xfrm_policy_insert+0x4d0/0x850 [ 92.978104] ? xfrm_policy_inexact_insert+0xee0/0xee0 [ 92.983309] ? copy_from_user_policy+0x110/0x2b0 [ 92.988072] ? xfrm_policy_construct+0x470/0x650 [ 92.992836] xfrm_add_policy+0x2a0/0x6f0 [ 92.996900] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 93.002445] ? xfrm_policy_construct+0x650/0x650 [ 93.007209] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 93.012751] ? __nla_parse+0x12c/0x3e0 [ 93.016685] ? nla_parse+0x46/0x60 [ 93.020229] ? xfrm_policy_construct+0x650/0x650 [ 93.025000] xfrm_user_rcv_msg+0x44c/0x8e0 [ 93.029250] ? xfrm_dump_sa_done+0xf0/0xf0 [ 93.033530] ? netlink_deliver_tap+0x32e/0xf40 [ 93.038115] ? lock_downgrade+0x900/0x900 [ 93.042306] ? check_preemption_disabled+0x48/0x280 [ 93.047363] netlink_rcv_skb+0x16c/0x430 [ 93.051433] ? xfrm_dump_sa_done+0xf0/0xf0 [ 93.055670] ? netlink_ack+0xb70/0xb70 [ 93.059563] ? rcu_softirq_qs+0x20/0x20 [ 93.063554] xfrm_netlink_rcv+0x6f/0x90 [ 93.067532] netlink_unicast+0x59f/0x750 [ 93.071612] ? netlink_attachskb+0x9a0/0x9a0 [ 93.076057] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 93.081600] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 93.086625] netlink_sendmsg+0xa18/0xfc0 [ 93.090703] ? netlink_unicast+0x750/0x750 [ 93.094939] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 93.099877] ? apparmor_socket_sendmsg+0x29/0x30 [ 93.104635] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 93.110182] ? security_socket_sendmsg+0x94/0xc0 [ 93.114942] ? netlink_unicast+0x750/0x750 [ 93.119184] sock_sendmsg+0xd5/0x120 [ 93.122935] ___sys_sendmsg+0x7fd/0x930 [ 93.126922] ? copy_msghdr_from_user+0x580/0x580 [ 93.131704] ? __fget_light+0x2e9/0x430 [ 93.135693] ? fget_raw+0x20/0x20 [ 93.139182] ? __might_fault+0x12b/0x1e0 [ 93.143264] ? lock_downgrade+0x900/0x900 [ 93.147433] ? lock_release+0xa00/0xa00 [ 93.151407] ? arch_local_save_flags+0x40/0x40 [ 93.155996] ? posix_ktime_get_ts+0x15/0x20 [ 93.160323] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 93.165790] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 93.171335] ? sockfd_lookup_light+0xc5/0x160 [ 93.175835] __sys_sendmsg+0x11d/0x280 [ 93.179726] ? __ia32_sys_shutdown+0x80/0x80 [ 93.184191] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 93.189732] ? put_timespec64+0x10f/0x1b0 [ 93.193889] ? do_syscall_64+0x9a/0x820 [ 93.197868] ? do_syscall_64+0x9a/0x820 [ 93.201855] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 93.207319] __x64_sys_sendmsg+0x78/0xb0 [ 93.211386] do_syscall_64+0x1b9/0x820 [ 93.215278] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 93.220648] ? syscall_return_slowpath+0x5e0/0x5e0 [ 93.225608] ? trace_hardirqs_on_caller+0x310/0x310 [ 93.230640] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 93.235671] ? recalc_sigpending_tsk+0x180/0x180 [ 93.240427] ? __switch_to_asm+0x40/0x70 [ 93.244489] ? __switch_to_asm+0x34/0x70 [ 93.248560] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 93.253419] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 93.258611] RIP: 0033:0x457669 [ 93.261807] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 93.280705] RSP: 002b:00007f00f1e04c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 93.288412] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 93.295679] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000006 [ 93.302961] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 93.310238] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f00f1e056d4 [ 93.317509] R13: 00000000004c44d8 R14: 00000000004d74e8 R15: 00000000ffffffff [ 93.324880] CPU: 0 PID: 7715 Comm: syz-executor5 Not tainted 4.20.0-rc7+ #1 [ 93.332028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 93.341384] Call Trace: [ 93.343979] dump_stack+0x1d3/0x2c6 [ 93.347642] ? dump_stack_print_info.cold.1+0x20/0x20 [ 93.352840] ? detach_if_pending+0x6a0/0x6a0 [ 93.357250] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 93.362363] xfrm_policy_destroy.cold.79+0xa/0x22 [ 93.367218] xfrm_policy_kill+0xdd/0x160 [ 93.371289] xfrm_policy_insert+0x4d0/0x850 [ 93.375638] ? xfrm_policy_inexact_insert+0xee0/0xee0 [ 93.380843] ? copy_from_user_policy+0x110/0x2b0 [ 93.385599] ? xfrm_policy_construct+0x470/0x650 [ 93.390362] xfrm_add_policy+0x2a0/0x6f0 [ 93.394430] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 93.399998] ? xfrm_policy_construct+0x650/0x650 [ 93.404761] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 93.410307] ? __nla_parse+0x12c/0x3e0 [ 93.414202] ? nla_parse+0x46/0x60 [ 93.417752] ? xfrm_policy_construct+0x650/0x650 [ 93.422516] xfrm_user_rcv_msg+0x44c/0x8e0 [ 93.426776] ? xfrm_dump_sa_done+0xf0/0xf0 [ 93.431033] ? netlink_deliver_tap+0x32e/0xf40 [ 93.435616] ? lock_downgrade+0x900/0x900 [ 93.439770] ? check_preemption_disabled+0x48/0x280 [ 93.444823] netlink_rcv_skb+0x16c/0x430 [ 93.448891] ? xfrm_dump_sa_done+0xf0/0xf0 [ 93.453146] ? netlink_ack+0xb70/0xb70 [ 93.457053] ? rcu_softirq_qs+0x20/0x20 [ 93.461048] xfrm_netlink_rcv+0x6f/0x90 [ 93.465048] netlink_unicast+0x59f/0x750 [ 93.469118] ? netlink_attachskb+0x9a0/0x9a0 [ 93.473534] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 93.479090] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 93.484121] netlink_sendmsg+0xa18/0xfc0 [ 93.488190] ? netlink_unicast+0x750/0x750 [ 93.492426] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 93.497355] ? apparmor_socket_sendmsg+0x29/0x30 [ 93.502119] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 93.507659] ? security_socket_sendmsg+0x94/0xc0 [ 93.512415] ? netlink_unicast+0x750/0x750 [ 93.516652] sock_sendmsg+0xd5/0x120 [ 93.520377] ___sys_sendmsg+0x7fd/0x930 [ 93.524364] ? find_held_lock+0x36/0x1c0 [ 93.528434] ? copy_msghdr_from_user+0x580/0x580 [ 93.533197] ? __fd_install+0x2b5/0x8f0 [ 93.537191] ? __fget_light+0x2e9/0x430 [ 93.541189] ? fget_raw+0x20/0x20 [ 93.544665] ? __might_fault+0x12b/0x1e0 [ 93.548752] ? lock_downgrade+0x900/0x900 [ 93.552904] ? lock_release+0xa00/0xa00 [ 93.556883] ? arch_local_save_flags+0x40/0x40 [ 93.561469] ? posix_ktime_get_ts+0x15/0x20 [ 93.565797] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 93.571262] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 93.576808] ? sockfd_lookup_light+0xc5/0x160 [ 93.581310] __sys_sendmsg+0x11d/0x280 [ 93.585206] ? __ia32_sys_shutdown+0x80/0x80 [ 93.589622] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 93.595160] ? put_timespec64+0x10f/0x1b0 [ 93.599316] ? do_syscall_64+0x9a/0x820 [ 93.603296] ? do_syscall_64+0x9a/0x820 [ 93.607281] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 93.612735] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 93.618294] __x64_sys_sendmsg+0x78/0xb0 [ 93.622371] do_syscall_64+0x1b9/0x820 [ 93.626260] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 93.631673] ? syscall_return_slowpath+0x5e0/0x5e0 [ 93.636605] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 93.641451] ? trace_hardirqs_on_caller+0x310/0x310 [ 93.646470] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 93.651495] ? prepare_exit_to_usermode+0x291/0x3b0 [ 93.656522] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 93.661383] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 93.666601] RIP: 0033:0x457669 [ 93.669812] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 93.688739] RSP: 002b:00007f53cf017c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 93.696444] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 93.703714] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000004 [ 93.710999] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 93.718731] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f53cf0186d4 [ 93.726015] R13: 00000000004c44d8 R14: 00000000004d74e8 R15: 00000000ffffffff [ 93.733337] CPU: 1 PID: 7725 Comm: syz-executor2 Not tainted 4.20.0-rc7+ #1 [ 93.740459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 93.749819] Call Trace: [ 93.752418] dump_stack+0x1d3/0x2c6 [ 93.756055] ? dump_stack_print_info.cold.1+0x20/0x20 [ 93.761276] ? detach_if_pending+0x6a0/0x6a0 [ 93.765686] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 93.770817] xfrm_policy_destroy.cold.79+0xa/0x22 [ 93.775667] xfrm_policy_kill+0xdd/0x160 [ 93.779734] xfrm_policy_insert+0x4d0/0x850 [ 93.784122] ? xfrm_policy_inexact_insert+0xee0/0xee0 [ 93.789318] ? copy_from_user_policy+0x110/0x2b0 [ 93.794085] ? xfrm_policy_construct+0x470/0x650 [ 93.798846] xfrm_add_policy+0x2a0/0x6f0 [ 93.802914] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 93.808454] ? xfrm_policy_construct+0x650/0x650 [ 93.813214] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 93.818762] ? __nla_parse+0x12c/0x3e0 [ 93.822664] ? nla_parse+0x46/0x60 [ 93.826240] ? xfrm_policy_construct+0x650/0x650 [ 93.831019] xfrm_user_rcv_msg+0x44c/0x8e0 [ 93.835283] ? xfrm_dump_sa_done+0xf0/0xf0 [ 93.839530] ? netlink_deliver_tap+0x32e/0xf40 [ 93.844116] ? lock_downgrade+0x900/0x900 [ 93.848278] ? check_preemption_disabled+0x48/0x280 [ 93.853337] netlink_rcv_skb+0x16c/0x430 [ 93.857405] ? xfrm_dump_sa_done+0xf0/0xf0 [ 93.861647] ? netlink_ack+0xb70/0xb70 [ 93.865547] ? rcu_softirq_qs+0x20/0x20 [ 93.869554] xfrm_netlink_rcv+0x6f/0x90 [ 93.873540] netlink_unicast+0x59f/0x750 [ 93.877610] ? netlink_attachskb+0x9a0/0x9a0 [ 93.882100] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 93.887643] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 93.892767] netlink_sendmsg+0xa18/0xfc0 [ 93.896866] ? netlink_unicast+0x750/0x750 [ 93.901135] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 93.906077] ? apparmor_socket_sendmsg+0x29/0x30 [ 93.910843] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 93.916416] ? security_socket_sendmsg+0x94/0xc0 [ 93.921176] ? netlink_unicast+0x750/0x750 [ 93.925417] sock_sendmsg+0xd5/0x120 [ 93.929149] ___sys_sendmsg+0x7fd/0x930 [ 93.933133] ? find_held_lock+0x36/0x1c0 [ 93.937202] ? copy_msghdr_from_user+0x580/0x580 [ 93.941962] ? __fd_install+0x2b5/0x8f0 [ 93.946479] ? __fget_light+0x2e9/0x430 [ 93.950463] ? fget_raw+0x20/0x20 [ 93.953931] ? __might_fault+0x12b/0x1e0 [ 93.958023] ? lock_downgrade+0x900/0x900 [ 93.962196] ? lock_release+0xa00/0xa00 [ 93.966205] ? arch_local_save_flags+0x40/0x40 [ 93.970792] ? posix_ktime_get_ts+0x15/0x20 [ 93.975127] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 93.980597] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 93.986140] ? sockfd_lookup_light+0xc5/0x160 [ 93.990640] __sys_sendmsg+0x11d/0x280 [ 93.994552] ? __ia32_sys_shutdown+0x80/0x80 [ 93.998992] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 94.004532] ? put_timespec64+0x10f/0x1b0 [ 94.008691] ? do_syscall_64+0x9a/0x820 [ 94.012676] ? do_syscall_64+0x9a/0x820 [ 94.016662] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 94.022118] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 94.027669] __x64_sys_sendmsg+0x78/0xb0 [ 94.031736] do_syscall_64+0x1b9/0x820 [ 94.035641] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 94.041058] ? syscall_return_slowpath+0x5e0/0x5e0 [ 94.046009] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 94.050859] ? trace_hardirqs_on_caller+0x310/0x310 [ 94.055878] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 94.060904] ? prepare_exit_to_usermode+0x291/0x3b0 [ 94.065931] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 94.070785] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 94.075972] RIP: 0033:0x457669 [ 94.079176] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 94.099053] RSP: 002b:00007f00f1e25c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 94.106761] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 94.114032] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000004 [ 94.121305] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 94.128575] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f00f1e266d4 [ 94.135846] R13: 00000000004c44d8 R14: 00000000004d74e8 R15: 00000000ffffffff [ 94.139382] CPU: 1 PID: 7717 Comm: syz-executor0 Not tainted 4.20.0-rc7+ #1 [ 94.150267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 94.159621] Call Trace: [ 94.159643] dump_stack+0x1d3/0x2c6 [ 94.159664] ? dump_stack_print_info.cold.1+0x20/0x20 [ 94.159682] ? detach_if_pending+0x6a0/0x6a0 [ 94.159697] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 94.159720] xfrm_policy_destroy.cold.79+0xa/0x22 [ 94.159736] xfrm_policy_kill+0xdd/0x160 [ 94.159752] xfrm_policy_insert+0x4d0/0x850 [ 94.159773] ? xfrm_policy_inexact_insert+0xee0/0xee0 [ 94.199035] ? copy_from_user_policy+0x110/0x2b0 [ 94.203797] ? xfrm_policy_construct+0x470/0x650 [ 94.208564] xfrm_add_policy+0x2a0/0x6f0 [ 94.212639] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 94.218180] ? xfrm_policy_construct+0x650/0x650 [ 94.218199] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 94.218215] ? __nla_parse+0x12c/0x3e0 [ 94.218235] ? nla_parse+0x46/0x60 [ 94.218252] ? xfrm_policy_construct+0x650/0x650 [ 94.240764] xfrm_user_rcv_msg+0x44c/0x8e0 [ 94.245036] ? xfrm_dump_sa_done+0xf0/0xf0 [ 94.249303] ? netlink_deliver_tap+0x32e/0xf40 [ 94.253895] ? lock_downgrade+0x900/0x900 [ 94.258080] ? check_preemption_disabled+0x48/0x280 [ 94.263147] netlink_rcv_skb+0x16c/0x430 [ 94.267217] ? xfrm_dump_sa_done+0xf0/0xf0 [ 94.271462] ? netlink_ack+0xb70/0xb70 [ 94.275353] ? rcu_softirq_qs+0x20/0x20 [ 94.279348] xfrm_netlink_rcv+0x6f/0x90 [ 94.283325] netlink_unicast+0x59f/0x750 [ 94.287398] ? netlink_attachskb+0x9a0/0x9a0 [ 94.291815] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 94.297359] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 94.302388] netlink_sendmsg+0xa18/0xfc0 [ 94.306460] ? netlink_unicast+0x750/0x750 [ 94.310720] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 94.315663] ? apparmor_socket_sendmsg+0x29/0x30 [ 94.320422] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 94.325962] ? security_socket_sendmsg+0x94/0xc0 [ 94.330734] ? netlink_unicast+0x750/0x750 [ 94.334999] sock_sendmsg+0xd5/0x120 [ 94.338752] ___sys_sendmsg+0x7fd/0x930 [ 94.342734] ? find_held_lock+0x36/0x1c0 [ 94.346807] ? copy_msghdr_from_user+0x580/0x580 [ 94.351577] ? __fd_install+0x2b5/0x8f0 [ 94.355567] ? __fget_light+0x2e9/0x430 [ 94.359550] ? fget_raw+0x20/0x20 [ 94.363023] ? __might_fault+0x12b/0x1e0 [ 94.367109] ? lock_downgrade+0x900/0x900 [ 94.371263] ? lock_release+0xa00/0xa00 [ 94.375238] ? arch_local_save_flags+0x40/0x40 [ 94.379827] ? posix_ktime_get_ts+0x15/0x20 [ 94.384155] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 94.389625] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 94.395173] ? sockfd_lookup_light+0xc5/0x160 [ 94.399676] __sys_sendmsg+0x11d/0x280 [ 94.403566] ? __ia32_sys_shutdown+0x80/0x80 [ 94.407991] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 94.413533] ? put_timespec64+0x10f/0x1b0 [ 94.417691] ? do_syscall_64+0x9a/0x820 [ 94.421671] ? do_syscall_64+0x9a/0x820 [ 94.425654] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 94.431109] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 94.436661] __x64_sys_sendmsg+0x78/0xb0 [ 94.440745] do_syscall_64+0x1b9/0x820 [ 94.444650] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 94.450054] ? syscall_return_slowpath+0x5e0/0x5e0 [ 94.455007] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 94.459855] ? trace_hardirqs_on_caller+0x310/0x310 [ 94.464875] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 94.469896] ? prepare_exit_to_usermode+0x291/0x3b0 [ 94.474920] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 94.479775] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 94.485010] RIP: 0033:0x457669 [ 94.488230] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 94.507130] RSP: 002b:00007f71c4ce2c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 94.514859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 94.522144] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000004 [ 94.529413] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 94.536682] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71c4ce36d4 [ 94.543948] R13: 00000000004c44d8 R14: 00000000004d74e8 R15: 00000000ffffffff [ 94.551269] CPU: 0 PID: 7720 Comm: syz-executor3 Not tainted 4.20.0-rc7+ #1 [ 94.558378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 94.567751] Call Trace: [ 94.570346] dump_stack+0x1d3/0x2c6 [ 94.573991] ? dump_stack_print_info.cold.1+0x20/0x20 [ 94.579206] ? detach_if_pending+0x6a0/0x6a0 [ 94.583611] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 94.588723] xfrm_policy_destroy.cold.79+0xa/0x22 [ 94.593565] xfrm_policy_kill+0xdd/0x160 [ 94.597632] xfrm_policy_insert+0x4d0/0x850 [ 94.601960] ? xfrm_policy_inexact_insert+0xee0/0xee0 [ 94.607165] ? copy_from_user_policy+0x110/0x2b0 [ 94.611938] ? xfrm_policy_construct+0x470/0x650 [ 94.616726] xfrm_add_policy+0x2a0/0x6f0 [ 94.620789] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 94.626330] ? xfrm_policy_construct+0x650/0x650 [ 94.631096] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 94.636636] ? __nla_parse+0x12c/0x3e0 [ 94.640533] ? nla_parse+0x46/0x60 [ 94.644093] ? xfrm_policy_construct+0x650/0x650 [ 94.648853] xfrm_user_rcv_msg+0x44c/0x8e0 [ 94.653098] ? xfrm_dump_sa_done+0xf0/0xf0 [ 94.657340] ? netlink_deliver_tap+0x32e/0xf40 [ 94.661924] ? lock_downgrade+0x900/0x900 [ 94.666073] ? check_preemption_disabled+0x48/0x280 [ 94.671129] netlink_rcv_skb+0x16c/0x430 [ 94.675193] ? xfrm_dump_sa_done+0xf0/0xf0 [ 94.679433] ? netlink_ack+0xb70/0xb70 [ 94.683324] ? rcu_softirq_qs+0x20/0x20 [ 94.687329] xfrm_netlink_rcv+0x6f/0x90 [ 94.691319] netlink_unicast+0x59f/0x750 [ 94.695388] ? netlink_attachskb+0x9a0/0x9a0 [ 94.699806] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 94.705395] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 94.710435] netlink_sendmsg+0xa18/0xfc0 [ 94.714505] ? netlink_unicast+0x750/0x750 [ 94.718739] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 94.723687] ? apparmor_socket_sendmsg+0x29/0x30 [ 94.728449] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 94.734004] ? security_socket_sendmsg+0x94/0xc0 [ 94.738776] ? netlink_unicast+0x750/0x750 [ 94.743021] sock_sendmsg+0xd5/0x120 [ 94.746756] ___sys_sendmsg+0x7fd/0x930 [ 94.750734] ? find_held_lock+0x36/0x1c0 [ 94.754802] ? copy_msghdr_from_user+0x580/0x580 [ 94.759563] ? __fd_install+0x2b5/0x8f0 [ 94.763555] ? __fget_light+0x2e9/0x430 [ 94.767534] ? fget_raw+0x20/0x20 [ 94.771005] ? __might_fault+0x12b/0x1e0 [ 94.775098] ? lock_downgrade+0x900/0x900 [ 94.779249] ? lock_release+0xa00/0xa00 [ 94.783226] ? arch_local_save_flags+0x40/0x40 [ 94.787807] ? posix_ktime_get_ts+0x15/0x20 [ 94.792131] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 94.797593] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 94.803137] ? sockfd_lookup_light+0xc5/0x160 [ 94.807681] __sys_sendmsg+0x11d/0x280 [ 94.812052] ? __ia32_sys_shutdown+0x80/0x80 [ 94.816496] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 94.822066] ? put_timespec64+0x10f/0x1b0 [ 94.826224] ? do_syscall_64+0x9a/0x820 [ 94.830205] ? do_syscall_64+0x9a/0x820 [ 94.834190] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 94.839647] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 94.845188] __x64_sys_sendmsg+0x78/0xb0 [ 94.849252] do_syscall_64+0x1b9/0x820 [ 94.853157] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 94.858523] ? syscall_return_slowpath+0x5e0/0x5e0 [ 94.863471] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 94.868317] ? trace_hardirqs_on_caller+0x310/0x310 [ 94.873335] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 94.878356] ? prepare_exit_to_usermode+0x291/0x3b0 [ 94.883394] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 94.888259] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 94.893446] RIP: 0033:0x457669 [ 94.896639] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 2018/12/24 20:30:50 executed programs: 20 [ 94.915537] RSP: 002b:00007f890744bc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 94.923242] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 94.930510] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000004 [ 94.937775] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 94.945198] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f890744c6d4 [ 94.952468] R13: 00000000004c44d8 R14: 00000000004d74e8 R15: 00000000ffffffff [ 94.959759] CPU: 1 PID: 7741 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #1 [ 94.966869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 94.976252] Call Trace: [ 94.978850] dump_stack+0x1d3/0x2c6 [ 94.982485] ? dump_stack_print_info.cold.1+0x20/0x20 [ 94.987682] ? detach_if_pending+0x6a0/0x6a0 [ 94.992092] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 94.997231] xfrm_policy_destroy.cold.79+0xa/0x22 [ 95.002087] xfrm_policy_kill+0xdd/0x160 [ 95.006156] xfrm_policy_insert+0x4d0/0x850 [ 95.010502] ? xfrm_policy_inexact_insert+0xee0/0xee0 [ 95.015702] ? copy_from_user_policy+0x110/0x2b0 [ 95.020471] ? xfrm_policy_construct+0x470/0x650 [ 95.025242] xfrm_add_policy+0x2a0/0x6f0 [ 95.029310] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 95.034860] ? xfrm_policy_construct+0x650/0x650 [ 95.039624] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 95.045167] ? __nla_parse+0x12c/0x3e0 [ 95.049072] ? nla_parse+0x46/0x60 [ 95.052618] ? xfrm_policy_construct+0x650/0x650 [ 95.057384] xfrm_user_rcv_msg+0x44c/0x8e0 [ 95.061639] ? xfrm_dump_sa_done+0xf0/0xf0 [ 95.065881] ? netlink_deliver_tap+0x32e/0xf40 [ 95.070470] ? lock_downgrade+0x900/0x900 [ 95.074629] ? check_preemption_disabled+0x48/0x280 [ 95.079705] netlink_rcv_skb+0x16c/0x430 [ 95.083797] ? xfrm_dump_sa_done+0xf0/0xf0 [ 95.088034] ? netlink_ack+0xb70/0xb70 [ 95.091925] ? rcu_softirq_qs+0x20/0x20 [ 95.095920] xfrm_netlink_rcv+0x6f/0x90 [ 95.099935] netlink_unicast+0x59f/0x750 [ 95.104049] ? netlink_attachskb+0x9a0/0x9a0 [ 95.108469] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 95.114025] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 95.119051] netlink_sendmsg+0xa18/0xfc0 [ 95.123123] ? netlink_unicast+0x750/0x750 [ 95.127366] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 95.132306] ? apparmor_socket_sendmsg+0x29/0x30 [ 95.137077] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 95.142625] ? security_socket_sendmsg+0x94/0xc0 [ 95.147398] ? netlink_unicast+0x750/0x750 [ 95.151641] sock_sendmsg+0xd5/0x120 [ 95.155361] ___sys_sendmsg+0x7fd/0x930 [ 95.159341] ? find_held_lock+0x36/0x1c0 [ 95.163410] ? copy_msghdr_from_user+0x580/0x580 [ 95.168185] ? __fd_install+0x2b5/0x8f0 [ 95.172195] ? __fget_light+0x2e9/0x430 [ 95.176176] ? fget_raw+0x20/0x20 [ 95.179640] ? __might_fault+0x12b/0x1e0 [ 95.183712] ? lock_downgrade+0x900/0x900 [ 95.187872] ? lock_release+0xa00/0xa00 [ 95.191855] ? arch_local_save_flags+0x40/0x40 [ 95.196445] ? posix_ktime_get_ts+0x15/0x20 [ 95.200775] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 95.206242] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 95.211785] ? sockfd_lookup_light+0xc5/0x160 [ 95.216286] __sys_sendmsg+0x11d/0x280 [ 95.220180] ? __ia32_sys_shutdown+0x80/0x80 [ 95.224611] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 95.230150] ? put_timespec64+0x10f/0x1b0 [ 95.234307] ? do_syscall_64+0x9a/0x820 [ 95.238286] ? do_syscall_64+0x9a/0x820 [ 95.242269] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 95.247720] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 95.253266] __x64_sys_sendmsg+0x78/0xb0 [ 95.257333] do_syscall_64+0x1b9/0x820 [ 95.261223] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 95.266595] ? syscall_return_slowpath+0x5e0/0x5e0 [ 95.271550] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 95.276395] ? trace_hardirqs_on_caller+0x310/0x310 [ 95.281421] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 95.286450] ? prepare_exit_to_usermode+0x291/0x3b0 [ 95.291501] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 95.296366] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 95.301559] RIP: 0033:0x457669 [ 95.304748] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 95.323649] RSP: 002b:00007f8ba528ac78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 95.331361] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 95.338634] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000003 [ 95.345904] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 95.353170] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8ba528b6d4 [ 95.360468] R13: 00000000004c44d8 R14: 00000000004d74e8 R15: 00000000ffffffff [ 95.367772] CPU: 0 PID: 7713 Comm: syz-executor1 Not tainted 4.20.0-rc7+ #1 [ 95.374886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 95.374896] Call Trace: [ 95.386827] dump_stack+0x1d3/0x2c6 [ 95.390461] ? dump_stack_print_info.cold.1+0x20/0x20 [ 95.395650] ? detach_if_pending+0x6a0/0x6a0 [ 95.400057] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 95.400094] xfrm_policy_destroy.cold.79+0xa/0x22 [ 95.400109] xfrm_policy_kill+0xdd/0x160 [ 95.414115] xfrm_policy_insert+0x4d0/0x850 [ 95.418448] ? xfrm_policy_inexact_insert+0xee0/0xee0 [ 95.423661] ? copy_from_user_policy+0x110/0x2b0 [ 95.428428] ? xfrm_policy_construct+0x470/0x650 [ 95.433211] xfrm_add_policy+0x2a0/0x6f0 [ 95.437278] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 95.442824] ? xfrm_policy_construct+0x650/0x650 [ 95.447584] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 95.453146] ? __nla_parse+0x12c/0x3e0 [ 95.457057] ? nla_parse+0x46/0x60 [ 95.460604] ? xfrm_policy_construct+0x650/0x650 [ 95.465373] xfrm_user_rcv_msg+0x44c/0x8e0 [ 95.469644] ? xfrm_dump_sa_done+0xf0/0xf0 [ 95.473908] ? netlink_deliver_tap+0x32e/0xf40 [ 95.478497] ? lock_downgrade+0x900/0x900 [ 95.482653] ? check_preemption_disabled+0x48/0x280 [ 95.487742] netlink_rcv_skb+0x16c/0x430 [ 95.491809] ? xfrm_dump_sa_done+0xf0/0xf0 [ 95.496099] ? netlink_ack+0xb70/0xb70 [ 95.500014] ? rcu_softirq_qs+0x20/0x20 [ 95.504024] xfrm_netlink_rcv+0x6f/0x90 [ 95.508035] netlink_unicast+0x59f/0x750 [ 95.512126] ? netlink_attachskb+0x9a0/0x9a0 [ 95.516535] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 95.522073] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 95.527094] netlink_sendmsg+0xa18/0xfc0 [ 95.531163] ? netlink_unicast+0x750/0x750 [ 95.535401] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 95.540335] ? apparmor_socket_sendmsg+0x29/0x30 [ 95.545115] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 95.550655] ? security_socket_sendmsg+0x94/0xc0 [ 95.555416] ? netlink_unicast+0x750/0x750 [ 95.559653] sock_sendmsg+0xd5/0x120 [ 95.563398] ___sys_sendmsg+0x7fd/0x930 [ 95.567378] ? find_held_lock+0x36/0x1c0 [ 95.571474] ? copy_msghdr_from_user+0x580/0x580 [ 95.576237] ? __fd_install+0x2b5/0x8f0 [ 95.580244] ? __fget_light+0x2e9/0x430 [ 95.584229] ? fget_raw+0x20/0x20 [ 95.587689] ? __might_fault+0x12b/0x1e0 [ 95.591758] ? lock_downgrade+0x900/0x900 [ 95.595913] ? lock_release+0xa00/0xa00 [ 95.599920] ? arch_local_save_flags+0x40/0x40 [ 95.604508] ? posix_ktime_get_ts+0x15/0x20 [ 95.608828] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 95.614305] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 95.619845] ? sockfd_lookup_light+0xc5/0x160 [ 95.624344] __sys_sendmsg+0x11d/0x280 [ 95.628236] ? __ia32_sys_shutdown+0x80/0x80 [ 95.632649] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 95.638211] ? put_timespec64+0x10f/0x1b0 [ 95.642372] ? do_syscall_64+0x9a/0x820 [ 95.646352] ? do_syscall_64+0x9a/0x820 [ 95.650341] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 95.655841] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 95.661384] __x64_sys_sendmsg+0x78/0xb0 [ 95.665450] do_syscall_64+0x1b9/0x820 [ 95.669339] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 95.674719] ? syscall_return_slowpath+0x5e0/0x5e0 [ 95.679653] ? trace_hardirqs_on_caller+0x310/0x310 [ 95.684691] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 95.689709] ? recalc_sigpending_tsk+0x180/0x180 [ 95.694470] ? __switch_to_asm+0x40/0x70 [ 95.698534] ? __switch_to_asm+0x34/0x70 [ 95.702603] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 95.707454] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 95.712643] RIP: 0033:0x457669 [ 95.715853] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 95.734785] RSP: 002b:00007f5f1386cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 95.742488] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 95.749766] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000006 [ 95.757034] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 95.764327] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5f1386d6d4 [ 95.771595] R13: 00000000004c44d8 R14: 00000000004d74e8 R15: 00000000ffffffff [ 95.778893] CPU: 1 PID: 7769 Comm: syz-executor3 Not tainted 4.20.0-rc7+ #1 [ 95.786015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 95.795370] Call Trace: [ 95.797965] dump_stack+0x1d3/0x2c6 [ 95.801617] ? dump_stack_print_info.cold.1+0x20/0x20 [ 95.806811] ? detach_if_pending+0x6a0/0x6a0 [ 95.811245] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 95.816357] xfrm_policy_destroy.cold.79+0xa/0x22 [ 95.821207] xfrm_policy_kill+0xdd/0x160 [ 95.825268] xfrm_policy_insert+0x4d0/0x850 [ 95.829601] ? xfrm_policy_inexact_insert+0xee0/0xee0 [ 95.834795] ? copy_from_user_policy+0x110/0x2b0 [ 95.839553] ? xfrm_policy_construct+0x470/0x650 [ 95.844329] xfrm_add_policy+0x2a0/0x6f0 [ 95.848392] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 95.853959] ? xfrm_policy_construct+0x650/0x650 [ 95.858733] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 95.864289] ? __nla_parse+0x12c/0x3e0 [ 95.868186] ? nla_parse+0x46/0x60 [ 95.871751] ? xfrm_policy_construct+0x650/0x650 [ 95.876560] xfrm_user_rcv_msg+0x44c/0x8e0 [ 95.880808] ? xfrm_dump_sa_done+0xf0/0xf0 [ 95.885056] ? netlink_deliver_tap+0x32e/0xf40 [ 95.889657] ? lock_downgrade+0x900/0x900 [ 95.893807] ? check_preemption_disabled+0x48/0x280 [ 95.898862] netlink_rcv_skb+0x16c/0x430 [ 95.902931] ? xfrm_dump_sa_done+0xf0/0xf0 [ 95.907168] ? netlink_ack+0xb70/0xb70 [ 95.911091] ? rcu_softirq_qs+0x20/0x20 [ 95.915097] xfrm_netlink_rcv+0x6f/0x90 [ 95.919105] netlink_unicast+0x59f/0x750 [ 95.923208] ? netlink_attachskb+0x9a0/0x9a0 [ 95.927624] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 95.933195] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 95.938219] netlink_sendmsg+0xa18/0xfc0 [ 95.942293] ? netlink_unicast+0x750/0x750 [ 95.946550] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 95.951506] ? apparmor_socket_sendmsg+0x29/0x30 [ 95.956271] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 95.961814] ? security_socket_sendmsg+0x94/0xc0 [ 95.966571] ? netlink_unicast+0x750/0x750 [ 95.970813] sock_sendmsg+0xd5/0x120 [ 95.974532] ___sys_sendmsg+0x7fd/0x930 [ 95.978517] ? find_held_lock+0x36/0x1c0 [ 95.982587] ? copy_msghdr_from_user+0x580/0x580 [ 95.987351] ? __fd_install+0x2b5/0x8f0 [ 95.991361] ? __fget_light+0x2e9/0x430 [ 95.995357] ? fget_raw+0x20/0x20 [ 95.998824] ? __might_fault+0x12b/0x1e0 [ 96.002888] ? lock_downgrade+0x900/0x900 [ 96.007040] ? lock_release+0xa00/0xa00 [ 96.011026] ? arch_local_save_flags+0x40/0x40 [ 96.015612] ? posix_ktime_get_ts+0x15/0x20 [ 96.019940] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 96.025408] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 96.030956] ? sockfd_lookup_light+0xc5/0x160 [ 96.035466] __sys_sendmsg+0x11d/0x280 [ 96.039377] ? __ia32_sys_shutdown+0x80/0x80 [ 96.043785] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 96.049323] ? put_timespec64+0x10f/0x1b0 [ 96.053489] ? do_syscall_64+0x9a/0x820 [ 96.057502] ? do_syscall_64+0x9a/0x820 [ 96.061493] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 96.066962] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 96.072532] __x64_sys_sendmsg+0x78/0xb0 [ 96.076602] do_syscall_64+0x1b9/0x820 [ 96.080515] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 96.085900] ? syscall_return_slowpath+0x5e0/0x5e0 [ 96.090865] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 96.095717] ? trace_hardirqs_on_caller+0x310/0x310 [ 96.100735] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 96.105754] ? prepare_exit_to_usermode+0x291/0x3b0 [ 96.110775] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 96.115627] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 96.120833] RIP: 0033:0x457669 [ 96.124033] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 96.142934] RSP: 002b:00007f890744bc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 96.150645] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 96.157919] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000004 [ 96.165204] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 96.172491] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f890744c6d4 [ 96.179781] R13: 00000000004c44d8 R14: 00000000004d74e8 R15: 00000000ffffffff [ 96.187107] CPU: 0 PID: 7748 Comm: syz-executor2 Not tainted 4.20.0-rc7+ #1 [ 96.194220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 96.203571] Call Trace: [ 96.206171] dump_stack+0x1d3/0x2c6 [ 96.209813] ? dump_stack_print_info.cold.1+0x20/0x20 [ 96.215029] ? detach_if_pending+0x6a0/0x6a0 [ 96.219447] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 96.224574] xfrm_policy_destroy.cold.79+0xa/0x22 [ 96.229437] xfrm_policy_kill+0xdd/0x160 [ 96.233510] xfrm_policy_insert+0x4d0/0x850 [ 96.237842] ? xfrm_policy_inexact_insert+0xee0/0xee0 [ 96.243035] ? copy_from_user_policy+0x110/0x2b0 [ 96.247790] ? xfrm_policy_construct+0x470/0x650 [ 96.252565] xfrm_add_policy+0x2a0/0x6f0 [ 96.256628] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 96.262170] ? xfrm_policy_construct+0x650/0x650 [ 96.266933] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 96.272477] ? __nla_parse+0x12c/0x3e0 [ 96.276378] ? nla_parse+0x46/0x60 [ 96.279924] ? xfrm_policy_construct+0x650/0x650 [ 96.284683] xfrm_user_rcv_msg+0x44c/0x8e0 [ 96.288939] ? xfrm_dump_sa_done+0xf0/0xf0 [ 96.293185] ? netlink_deliver_tap+0x32e/0xf40 [ 96.297782] ? lock_downgrade+0x900/0x900 [ 96.301951] ? check_preemption_disabled+0x48/0x280 [ 96.307026] netlink_rcv_skb+0x16c/0x430 [ 96.311101] ? xfrm_dump_sa_done+0xf0/0xf0 [ 96.315338] ? netlink_ack+0xb70/0xb70 [ 96.319229] ? rcu_softirq_qs+0x20/0x20 [ 96.323218] xfrm_netlink_rcv+0x6f/0x90 [ 96.327212] netlink_unicast+0x59f/0x750 [ 96.331283] ? netlink_attachskb+0x9a0/0x9a0 [ 96.335695] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 96.341233] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 96.346258] netlink_sendmsg+0xa18/0xfc0 [ 96.350356] ? netlink_unicast+0x750/0x750 [ 96.354592] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 96.359528] ? apparmor_socket_sendmsg+0x29/0x30 [ 96.364291] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 96.369830] ? security_socket_sendmsg+0x94/0xc0 [ 96.374583] ? netlink_unicast+0x750/0x750 [ 96.378818] sock_sendmsg+0xd5/0x120 [ 96.382568] ___sys_sendmsg+0x7fd/0x930 [ 96.386546] ? find_held_lock+0x36/0x1c0 [ 96.390615] ? copy_msghdr_from_user+0x580/0x580 [ 96.395421] ? __fd_install+0x2b5/0x8f0 [ 96.399419] ? __fget_light+0x2e9/0x430 [ 96.403396] ? fget_raw+0x20/0x20 [ 96.406865] ? __might_fault+0x12b/0x1e0 [ 96.410933] ? lock_downgrade+0x900/0x900 [ 96.415091] ? lock_release+0xa00/0xa00 [ 96.419071] ? arch_local_save_flags+0x40/0x40 [ 96.423656] ? posix_ktime_get_ts+0x15/0x20 [ 96.428000] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 96.433466] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 96.439036] ? sockfd_lookup_light+0xc5/0x160 [ 96.443569] __sys_sendmsg+0x11d/0x280 [ 96.447463] ? __ia32_sys_shutdown+0x80/0x80 [ 96.451881] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 96.457417] ? put_timespec64+0x10f/0x1b0 [ 96.461571] ? do_syscall_64+0x9a/0x820 [ 96.465547] ? do_syscall_64+0x9a/0x820 [ 96.469529] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 96.474991] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 96.480544] __x64_sys_sendmsg+0x78/0xb0 [ 96.484614] do_syscall_64+0x1b9/0x820 [ 96.488501] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 96.493868] ? syscall_return_slowpath+0x5e0/0x5e0 [ 96.498800] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 96.503644] ? trace_hardirqs_on_caller+0x310/0x310 [ 96.508667] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 96.513688] ? prepare_exit_to_usermode+0x291/0x3b0 [ 96.518714] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 96.523566] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 96.528787] RIP: 0033:0x457669 [ 96.531993] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 96.550896] RSP: 002b:00007f00f1e04c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 96.558616] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 96.565901] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000003 [ 96.573187] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 96.580471] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f00f1e056d4 [ 96.587741] R13: 00000000004c44d8 R14: 00000000004d74e8 R15: 00000000ffffffff [ 96.595044] CPU: 1 PID: 7776 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #1 [ 96.602154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 96.611508] Call Trace: [ 96.614122] dump_stack+0x1d3/0x2c6 [ 96.617760] ? dump_stack_print_info.cold.1+0x20/0x20 [ 96.622952] ? detach_if_pending+0x6a0/0x6a0 [ 96.627384] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 96.632509] xfrm_policy_destroy.cold.79+0xa/0x22 [ 96.637354] xfrm_policy_kill+0xdd/0x160 [ 96.641418] xfrm_policy_insert+0x4d0/0x850 [ 96.645773] ? xfrm_policy_inexact_insert+0xee0/0xee0 [ 96.650975] ? copy_from_user_policy+0x110/0x2b0 [ 96.655747] ? xfrm_policy_construct+0x470/0x650 [ 96.660521] xfrm_add_policy+0x2a0/0x6f0 [ 96.664591] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 96.670133] ? xfrm_policy_construct+0x650/0x650 [ 96.674896] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 96.680435] ? __nla_parse+0x12c/0x3e0 [ 96.684335] ? nla_parse+0x46/0x60 [ 96.687878] ? xfrm_policy_construct+0x650/0x650 [ 96.692638] xfrm_user_rcv_msg+0x44c/0x8e0 [ 96.696881] ? xfrm_dump_sa_done+0xf0/0xf0 [ 96.701123] ? netlink_deliver_tap+0x32e/0xf40 [ 96.705734] ? lock_downgrade+0x900/0x900 [ 96.709881] ? check_preemption_disabled+0x48/0x280 [ 96.714936] netlink_rcv_skb+0x16c/0x430 [ 96.719030] ? xfrm_dump_sa_done+0xf0/0xf0 [ 96.723288] ? netlink_ack+0xb70/0xb70 [ 96.727183] ? rcu_softirq_qs+0x20/0x20 [ 96.731176] xfrm_netlink_rcv+0x6f/0x90 [ 96.735174] netlink_unicast+0x59f/0x750 [ 96.739248] ? netlink_attachskb+0x9a0/0x9a0 [ 96.743661] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 96.749200] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 96.754227] netlink_sendmsg+0xa18/0xfc0 [ 96.758300] ? netlink_unicast+0x750/0x750 [ 96.762534] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 96.767483] ? apparmor_socket_sendmsg+0x29/0x30 [ 96.772264] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 96.777806] ? security_socket_sendmsg+0x94/0xc0 [ 96.782563] ? netlink_unicast+0x750/0x750 [ 96.786800] sock_sendmsg+0xd5/0x120 [ 96.790560] ___sys_sendmsg+0x7fd/0x930 [ 96.794554] ? find_held_lock+0x36/0x1c0 [ 96.798621] ? copy_msghdr_from_user+0x580/0x580 [ 96.803385] ? __fd_install+0x2b5/0x8f0 [ 96.807378] ? __fget_light+0x2e9/0x430 [ 96.811359] ? fget_raw+0x20/0x20 [ 96.814974] ? __might_fault+0x12b/0x1e0 [ 96.819052] ? lock_downgrade+0x900/0x900 [ 96.823209] ? lock_release+0xa00/0xa00 [ 96.827185] ? arch_local_save_flags+0x40/0x40 [ 96.831770] ? posix_ktime_get_ts+0x15/0x20 [ 96.836101] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 96.841602] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 96.847150] ? sockfd_lookup_light+0xc5/0x160 [ 96.851650] __sys_sendmsg+0x11d/0x280 [ 96.855545] ? __ia32_sys_shutdown+0x80/0x80 [ 96.859962] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 96.865528] ? put_timespec64+0x10f/0x1b0 [ 96.869685] ? do_syscall_64+0x9a/0x820 [ 96.873661] ? do_syscall_64+0x9a/0x820 [ 96.877644] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 96.883115] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 96.888663] __x64_sys_sendmsg+0x78/0xb0 [ 96.892749] do_syscall_64+0x1b9/0x820 [ 96.896639] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 96.902043] ? syscall_return_slowpath+0x5e0/0x5e0 [ 96.906974] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 96.911847] ? trace_hardirqs_on_caller+0x310/0x310 [ 96.916870] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 96.921896] ? prepare_exit_to_usermode+0x291/0x3b0 [ 96.926922] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 96.926946] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 96.926961] RIP: 0033:0x457669 [ 96.940193] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 96.959588] RSP: 002b:00007f8ba52abc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 96.967300] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 96.974585] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000004 [ 96.981859] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 96.989131] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8ba52ac6d4 [ 96.996405] R13: 00000000004c44d8 R14: 00000000004d74e8 R15: 00000000ffffffff [ 97.003700] CPU: 0 PID: 7763 Comm: syz-executor0 Not tainted 4.20.0-rc7+ #1 [ 97.010827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 97.020183] Call Trace: [ 97.022779] dump_stack+0x1d3/0x2c6 [ 97.026419] ? dump_stack_print_info.cold.1+0x20/0x20 [ 97.031612] ? detach_if_pending+0x6a0/0x6a0 [ 97.036046] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 97.041162] xfrm_policy_destroy.cold.79+0xa/0x22 [ 97.046050] xfrm_policy_kill+0xdd/0x160 [ 97.050117] xfrm_policy_insert+0x4d0/0x850 [ 97.054448] ? xfrm_policy_inexact_insert+0xee0/0xee0 [ 97.055244] ================================================================== [ 97.059650] ? copy_from_user_policy+0x110/0x2b0 [ 97.059668] ? xfrm_policy_construct+0x470/0x650 [ 97.067107] BUG: KASAN: use-after-free in __xfrm_policy_unlink+0xa09/0xa20 [ 97.071843] xfrm_add_policy+0x2a0/0x6f0 [ 97.076583] Write of size 8 at addr ffff8881b50d6dd0 by task syz-executor1/7790 [ 97.083584] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 97.087615] [ 97.095059] ? xfrm_policy_construct+0x650/0x650 [ 97.106934] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 97.112472] ? __nla_parse+0x12c/0x3e0 [ 97.116362] ? nla_parse+0x46/0x60 [ 97.119901] ? xfrm_policy_construct+0x650/0x650 [ 97.124659] xfrm_user_rcv_msg+0x44c/0x8e0 [ 97.128904] ? xfrm_dump_sa_done+0xf0/0xf0 [ 97.133142] ? netlink_deliver_tap+0x32e/0xf40 [ 97.137726] ? lock_downgrade+0x900/0x900 [ 97.141876] ? check_preemption_disabled+0x48/0x280 [ 97.146931] netlink_rcv_skb+0x16c/0x430 [ 97.151019] ? xfrm_dump_sa_done+0xf0/0xf0 [ 97.155255] ? netlink_ack+0xb70/0xb70 [ 97.159145] ? rcu_softirq_qs+0x20/0x20 [ 97.163137] xfrm_netlink_rcv+0x6f/0x90 [ 97.167111] netlink_unicast+0x59f/0x750 [ 97.171181] ? netlink_attachskb+0x9a0/0x9a0 [ 97.175597] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 97.181140] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 97.186163] netlink_sendmsg+0xa18/0xfc0 [ 97.190244] ? netlink_unicast+0x750/0x750 [ 97.194481] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 97.199412] ? apparmor_socket_sendmsg+0x29/0x30 [ 97.204167] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 97.209704] ? security_socket_sendmsg+0x94/0xc0 [ 97.214456] ? netlink_unicast+0x750/0x750 [ 97.218690] sock_sendmsg+0xd5/0x120 [ 97.222403] ___sys_sendmsg+0x7fd/0x930 [ 97.226393] ? find_held_lock+0x36/0x1c0 [ 97.230456] ? copy_msghdr_from_user+0x580/0x580 [ 97.235211] ? __fd_install+0x2b5/0x8f0 [ 97.239213] ? __fget_light+0x2e9/0x430 [ 97.243191] ? fget_raw+0x20/0x20 [ 97.246648] ? __might_fault+0x12b/0x1e0 [ 97.250707] ? lock_downgrade+0x900/0x900 [ 97.254858] ? lock_release+0xa00/0xa00 [ 97.258827] ? arch_local_save_flags+0x40/0x40 [ 97.263405] ? posix_ktime_get_ts+0x15/0x20 [ 97.267724] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 97.273186] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 97.278740] ? sockfd_lookup_light+0xc5/0x160 [ 97.283239] __sys_sendmsg+0x11d/0x280 [ 97.287132] ? __ia32_sys_shutdown+0x80/0x80 [ 97.291559] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 97.297095] ? put_timespec64+0x10f/0x1b0 [ 97.301246] ? do_syscall_64+0x9a/0x820 [ 97.305232] ? do_syscall_64+0x9a/0x820 [ 97.309205] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 97.314652] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 97.320193] __x64_sys_sendmsg+0x78/0xb0 [ 97.324269] do_syscall_64+0x1b9/0x820 [ 97.328153] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 97.333531] ? syscall_return_slowpath+0x5e0/0x5e0 [ 97.338474] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 97.343316] ? trace_hardirqs_on_caller+0x310/0x310 [ 97.348352] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 97.353369] ? prepare_exit_to_usermode+0x291/0x3b0 [ 97.358385] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 97.363231] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 97.368418] RIP: 0033:0x457669 [ 97.371621] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 97.390519] RSP: 002b:00007f71c4c5ec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 97.398242] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 97.405508] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000003 [ 97.412791] RBP: 000000000072c180 R08: 0000000000000000 R09: 0000000000000000 [ 97.420069] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71c4c5f6d4 [ 97.427332] R13: 00000000004c44d8 R14: 00000000004d74e8 R15: 00000000ffffffff [ 97.434633] CPU: 1 PID: 7790 Comm: syz-executor1 Not tainted 4.20.0-rc7+ #1 [ 97.441732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 97.451079] Call Trace: [ 97.451104] dump_stack+0x1d3/0x2c6 [ 97.451129] ? dump_stack_print_info.cold.1+0x20/0x20 [ 97.451142] ? printk+0xa7/0xcf [ 97.451159] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 97.470603] print_address_description.cold.8+0x9/0x1ff [ 97.475977] kasan_report.cold.9+0x242/0x309 [ 97.476001] ? __xfrm_policy_unlink+0xa09/0xa20 [ 97.476022] __asan_report_store8_noabort+0x17/0x20 [ 97.476037] __xfrm_policy_unlink+0xa09/0xa20 [ 97.476051] ? kasan_check_read+0x11/0x20 [ 97.476074] ? xfrm_policy_walk_done+0x340/0x340 [ 97.485149] ? __fib6_clean_all+0x30c/0x440 [ 97.485185] ? xfrm_policy_requeue+0x550/0x960 [ 97.485205] ? xfrm_policy_byid+0x490/0x490 [ 97.485223] ? ipv6_route_yield+0x220/0x220 [ 97.485241] ? xfrm_pol_inexact_addr_use_any_list+0x1a0/0x1a0 [ 97.516869] ? __fib6_clean_all+0x440/0x440 [ 97.516884] xfrm_policy_insert+0x20a/0x850 [ 97.516902] ? xfrm_policy_inexact_insert+0xee0/0xee0 [ 97.516919] ? copy_from_user_policy+0x110/0x2b0 [ 97.516934] ? xfrm_policy_construct+0x470/0x650 [ 97.531428] xfrm_add_policy+0x2a0/0x6f0 [ 97.531446] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 97.531464] ? xfrm_policy_construct+0x650/0x650 [ 97.531481] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 97.531507] ? __nla_parse+0x12c/0x3e0 [ 97.574239] ? nla_parse+0x46/0x60 [ 97.577818] ? xfrm_policy_construct+0x650/0x650 [ 97.582624] xfrm_user_rcv_msg+0x44c/0x8e0 [ 97.586879] ? xfrm_dump_sa_done+0xf0/0xf0 [ 97.591130] ? netlink_deliver_tap+0x32e/0xf40 [ 97.595715] ? lock_downgrade+0x900/0x900 [ 97.599869] ? check_preemption_disabled+0x48/0x280 [ 97.604923] netlink_rcv_skb+0x16c/0x430 [ 97.609004] ? xfrm_dump_sa_done+0xf0/0xf0 [ 97.613248] ? netlink_ack+0xb70/0xb70 [ 97.617138] ? rcu_softirq_qs+0x20/0x20 [ 97.621131] xfrm_netlink_rcv+0x6f/0x90 [ 97.625111] netlink_unicast+0x59f/0x750 [ 97.629186] ? netlink_attachskb+0x9a0/0x9a0 [ 97.633604] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 97.639149] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 97.644174] netlink_sendmsg+0xa18/0xfc0 [ 97.648251] ? netlink_unicast+0x750/0x750 [ 97.652490] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 97.657450] ? apparmor_socket_sendmsg+0x29/0x30 [ 97.662211] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 97.667753] ? security_socket_sendmsg+0x94/0xc0 [ 97.672517] ? netlink_unicast+0x750/0x750 [ 97.676758] sock_sendmsg+0xd5/0x120 [ 97.680511] ___sys_sendmsg+0x7fd/0x930 [ 97.684540] ? find_held_lock+0x36/0x1c0 [ 97.688624] ? copy_msghdr_from_user+0x580/0x580 [ 97.693399] ? __fd_install+0x2b5/0x8f0 [ 97.697424] ? __fget_light+0x2e9/0x430 [ 97.701405] ? fget_raw+0x20/0x20 [ 97.704869] ? __might_fault+0x12b/0x1e0 [ 97.708931] ? lock_downgrade+0x900/0x900 [ 97.713086] ? lock_release+0xa00/0xa00 [ 97.717084] ? arch_local_save_flags+0x40/0x40 [ 97.721667] ? posix_ktime_get_ts+0x15/0x20 [ 97.726002] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 97.731484] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 97.737046] ? sockfd_lookup_light+0xc5/0x160 [ 97.741542] __sys_sendmsg+0x11d/0x280 [ 97.745444] ? __ia32_sys_shutdown+0x80/0x80 [ 97.749889] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 97.755443] ? put_timespec64+0x10f/0x1b0 [ 97.759599] ? do_syscall_64+0x9a/0x820 [ 97.763581] ? do_syscall_64+0x9a/0x820 [ 97.767571] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 97.773036] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 97.778583] __x64_sys_sendmsg+0x78/0xb0 [ 97.782648] do_syscall_64+0x1b9/0x820 [ 97.786541] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 97.791915] ? syscall_return_slowpath+0x5e0/0x5e0 [ 97.796847] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 97.801782] ? trace_hardirqs_on_caller+0x310/0x310 [ 97.806808] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 97.811835] ? prepare_exit_to_usermode+0x291/0x3b0 [ 97.816860] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 97.821709] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 97.826898] RIP: 0033:0x457669 [ 97.830101] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 97.849011] RSP: 002b:00007f5f1386cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 97.856720] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 97.864040] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000003 [ 97.871314] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 97.878583] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5f1386d6d4 [ 97.885850] R13: 00000000004c44d8 R14: 00000000004d74e8 R15: 00000000ffffffff [ 97.893135] [ 97.893154] CPU: 0 PID: 7771 Comm: syz-executor5 Not tainted 4.20.0-rc7+ #1 [ 97.893167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 97.894782] Allocated by task 7699: [ 97.901874] Call Trace: [ 97.911223] save_stack+0x43/0xd0 [ 97.914838] dump_stack+0x1d3/0x2c6 [ 97.917404] kasan_kmalloc+0xc7/0xe0 [ 97.920843] ? dump_stack_print_info.cold.1+0x20/0x20 [ 97.924449] kmem_cache_alloc_trace+0x152/0x750 [ 97.928151] ? detach_if_pending+0x6a0/0x6a0 [ 97.933325] xfrm_policy_alloc+0xfa/0x4f0 [ 97.937980] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 97.942372] xfrm_policy_construct+0x2f/0x650 [ 97.946525] xfrm_policy_destroy.cold.79+0xa/0x22 [ 97.951606] xfrm_add_policy+0x203/0x6f0 [ 97.956084] xfrm_policy_kill+0xdd/0x160 [ 97.960914] xfrm_user_rcv_msg+0x44c/0x8e0 [ 97.964971] xfrm_policy_insert+0x4d0/0x850 [ 97.969043] netlink_rcv_skb+0x16c/0x430 [ 97.973263] ? xfrm_policy_inexact_insert+0xee0/0xee0 [ 97.977566] xfrm_netlink_rcv+0x6f/0x90 [ 97.981614] ? copy_from_user_policy+0x110/0x2b0 [ 97.986782] netlink_unicast+0x59f/0x750 [ 97.990740] ? xfrm_policy_construct+0x470/0x650 [ 97.995481] netlink_sendmsg+0xa18/0xfc0 [ 97.999524] xfrm_add_policy+0x2a0/0x6f0 [ 98.004275] sock_sendmsg+0xd5/0x120 [ 98.008321] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 98.012361] ___sys_sendmsg+0x7fd/0x930 [ 98.016058] ? xfrm_policy_construct+0x650/0x650 [ 98.021592] __sys_sendmsg+0x11d/0x280 [ 98.025550] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 98.030286] __x64_sys_sendmsg+0x78/0xb0 [ 98.034160] ? __nla_parse+0x12c/0x3e0 [ 98.039709] do_syscall_64+0x1b9/0x820 [ 98.043751] ? nla_parse+0x46/0x60 [ 98.047620] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 98.051504] ? xfrm_policy_construct+0x650/0x650 [ 98.055022] [ 98.060218] xfrm_user_rcv_msg+0x44c/0x8e0 [ 98.064947] Freed by task 16: [ 98.066567] ? xfrm_dump_sa_done+0xf0/0xf0 [ 98.071316] save_stack+0x43/0xd0 [ 98.074411] ? netlink_deliver_tap+0x32e/0xf40 [ 98.078629] __kasan_slab_free+0x102/0x150 [ 98.082079] ? lock_downgrade+0x900/0x900 [ 98.086644] kasan_slab_free+0xe/0x10 [ 98.090899] ? check_preemption_disabled+0x48/0x280 [ 98.095025] kfree+0xcf/0x230 [ 98.098845] netlink_rcv_skb+0x16c/0x430 [ 98.103828] xfrm_policy_destroy_rcu+0x4a/0x60 [ 98.106923] ? xfrm_dump_sa_done+0xf0/0xf0 [ 98.110963] rcu_process_callbacks+0x100a/0x1ac0 [ 98.115548] ? netlink_ack+0xb70/0xb70 [ 98.119769] __do_softirq+0x30c/0xb2e [ 98.124514] ? rcu_softirq_qs+0x20/0x20 [ 98.128375] [ 98.132177] xfrm_netlink_rcv+0x6f/0x90 [ 98.136120] The buggy address belongs to the object at ffff8881b50d6dc0 [ 98.136120] which belongs to the cache kmalloc-1k of size 1024 [ 98.137734] netlink_unicast+0x59f/0x750 [ 98.141696] The buggy address is located 16 bytes inside of [ 98.141696] 1024-byte region [ffff8881b50d6dc0, ffff8881b50d71c0) [ 98.154341] ? netlink_attachskb+0x9a0/0x9a0 [ 98.158384] The buggy address belongs to the page: [ 98.170253] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 98.174636] page:ffffea0006d43580 count:1 mapcount:0 mapping:ffff8881da800ac0 index:0x0 compound_mapcount: 0 [ 98.179556] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 98.185084] flags: 0x2fffc0000010200(slab|head) [ 98.195060] netlink_sendmsg+0xa18/0xfc0 [ 98.200061] raw: 02fffc0000010200 ffffea00075f6088 ffffea0007174808 ffff8881da800ac0 [ 98.204734] ? netlink_unicast+0x750/0x750 [ 98.208770] raw: 0000000000000000 ffff8881b50d6040 0000000100000007 0000000000000000 [ 98.216638] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 98.220847] page dumped because: kasan: bad access detected [ 98.228716] ? apparmor_socket_sendmsg+0x29/0x30 [ 98.233649] [ 98.239355] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 98.244082] Memory state around the buggy address: [ 98.245709] ? security_socket_sendmsg+0x94/0xc0 [ 98.251222] ffff8881b50d6c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 98.256138] ? netlink_unicast+0x750/0x750 [ 98.260873] ffff8881b50d6d00: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 98.268221] sock_sendmsg+0xd5/0x120 [ 98.272435] >ffff8881b50d6d80: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb [ 98.279784] ___sys_sendmsg+0x7fd/0x930 [ 98.283477] ^ [ 98.290826] ? find_held_lock+0x36/0x1c0 [ 98.294775] ffff8881b50d6e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 98.300733] ? copy_msghdr_from_user+0x580/0x580 [ 98.304771] ffff8881b50d6e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 98.312120] ? __fd_install+0x2b5/0x8f0 [ 98.316848] ================================================================== [ 98.324208] ? __fget_light+0x2e9/0x430 [ 98.328149] Disabling lock debugging due to kernel taint [ 98.335503] ? fget_raw+0x20/0x20 [ 98.339587] Kernel panic - not syncing: panic_on_warn set ... [ 98.344896] ? __might_fault+0x12b/0x1e0 [ 98.358234] ? lock_downgrade+0x900/0x900 [ 98.362396] ? lock_release+0xa00/0xa00 [ 98.366368] ? arch_local_save_flags+0x40/0x40 [ 98.370946] ? posix_ktime_get_ts+0x15/0x20 [ 98.375264] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 98.380714] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 98.386261] ? sockfd_lookup_light+0xc5/0x160 [ 98.390756] __sys_sendmsg+0x11d/0x280 [ 98.394644] ? __ia32_sys_shutdown+0x80/0x80 [ 98.399052] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 98.404583] ? put_timespec64+0x10f/0x1b0 [ 98.408731] ? do_syscall_64+0x9a/0x820 [ 98.412708] ? do_syscall_64+0x9a/0x820 [ 98.416685] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 98.422133] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 98.427671] __x64_sys_sendmsg+0x78/0xb0 [ 98.431732] do_syscall_64+0x1b9/0x820 [ 98.435630] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 98.441020] ? syscall_return_slowpath+0x5e0/0x5e0 [ 98.445970] ? trace_hardirqs_on_caller+0x310/0x310 [ 98.451065] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 98.456087] ? recalc_sigpending_tsk+0x180/0x180 [ 98.460842] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 98.465689] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 98.470901] RIP: 0033:0x457669 [ 98.474107] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 98.493009] RSP: 002b:00007f53cefd5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 98.500723] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 98.507982] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000004 [ 98.515259] RBP: 000000000072c040 R08: 0000000000000000 R09: 0000000000000000 [ 98.522537] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f53cefd66d4 [ 98.529802] R13: 00000000004c44d8 R14: 00000000004d74e8 R15: 00000000ffffffff [ 98.537096] CPU: 1 PID: 7790 Comm: syz-executor1 Tainted: G B 4.20.0-rc7+ #1 [ 98.545608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 98.554998] Call Trace: [ 98.557590] dump_stack+0x1d3/0x2c6 [ 98.561228] ? dump_stack_print_info.cold.1+0x20/0x20 [ 98.566428] panic+0x2ad/0x55c [ 98.569627] ? add_taint.cold.5+0x16/0x16 [ 98.573784] ? trace_hardirqs_on+0x9a/0x310 [ 98.578123] ? trace_hardirqs_on+0xb4/0x310 [ 98.582458] ? trace_hardirqs_on+0xb4/0x310 [ 98.586786] kasan_end_report+0x47/0x4f [ 98.590760] kasan_report.cold.9+0x76/0x309 [ 98.595081] ? __xfrm_policy_unlink+0xa09/0xa20 [ 98.599750] __asan_report_store8_noabort+0x17/0x20 [ 98.604765] __xfrm_policy_unlink+0xa09/0xa20 [ 98.609255] ? kasan_check_read+0x11/0x20 [ 98.613414] ? xfrm_policy_walk_done+0x340/0x340 [ 98.618182] ? __fib6_clean_all+0x30c/0x440 [ 98.622507] ? xfrm_policy_requeue+0x550/0x960 [ 98.627109] ? xfrm_policy_byid+0x490/0x490 [ 98.631432] ? ipv6_route_yield+0x220/0x220 [ 98.635756] ? xfrm_pol_inexact_addr_use_any_list+0x1a0/0x1a0 [ 98.641646] ? __fib6_clean_all+0x440/0x440 [ 98.645963] xfrm_policy_insert+0x20a/0x850 [ 98.650313] ? xfrm_policy_inexact_insert+0xee0/0xee0 [ 98.655512] ? copy_from_user_policy+0x110/0x2b0 [ 98.660271] ? xfrm_policy_construct+0x470/0x650 [ 98.665029] xfrm_add_policy+0x2a0/0x6f0 [ 98.669093] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 98.674633] ? xfrm_policy_construct+0x650/0x650 [ 98.679423] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 98.684963] ? __nla_parse+0x12c/0x3e0 [ 98.688864] ? nla_parse+0x46/0x60 [ 98.692420] ? xfrm_policy_construct+0x650/0x650 [ 98.697179] xfrm_user_rcv_msg+0x44c/0x8e0 [ 98.701444] ? xfrm_dump_sa_done+0xf0/0xf0 [ 98.705683] ? netlink_deliver_tap+0x32e/0xf40 [ 98.710269] ? lock_downgrade+0x900/0x900 [ 98.714424] ? check_preemption_disabled+0x48/0x280 [ 98.719494] netlink_rcv_skb+0x16c/0x430 [ 98.723562] ? xfrm_dump_sa_done+0xf0/0xf0 [ 98.727826] ? netlink_ack+0xb70/0xb70 [ 98.731715] ? rcu_softirq_qs+0x20/0x20 [ 98.735698] xfrm_netlink_rcv+0x6f/0x90 [ 98.739675] netlink_unicast+0x59f/0x750 [ 98.742785] kobject: 'loop2' (0000000072b28713): kobject_uevent_env [ 98.743775] ? netlink_attachskb+0x9a0/0x9a0 [ 98.754575] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 98.760129] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 98.762473] kobject: 'loop2' (0000000072b28713): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 98.765164] netlink_sendmsg+0xa18/0xfc0 [ 98.765181] ? netlink_unicast+0x750/0x750 [ 98.765199] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 98.787807] ? apparmor_socket_sendmsg+0x29/0x30 [ 98.792566] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 98.798111] ? security_socket_sendmsg+0x94/0xc0 [ 98.802872] ? netlink_unicast+0x750/0x750 [ 98.807109] sock_sendmsg+0xd5/0x120 [ 98.810829] ___sys_sendmsg+0x7fd/0x930 [ 98.814930] ? find_held_lock+0x36/0x1c0 [ 98.819004] ? copy_msghdr_from_user+0x580/0x580 [ 98.823767] ? __fd_install+0x2b5/0x8f0 [ 98.827778] ? __fget_light+0x2e9/0x430 [ 98.831757] ? fget_raw+0x20/0x20 [ 98.835212] ? __might_fault+0x12b/0x1e0 [ 98.839276] ? lock_downgrade+0x900/0x900 [ 98.843420] ? lock_release+0xa00/0xa00 [ 98.847388] ? arch_local_save_flags+0x40/0x40 [ 98.851963] ? posix_ktime_get_ts+0x15/0x20 [ 98.856288] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 98.861745] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 98.867294] ? sockfd_lookup_light+0xc5/0x160 [ 98.871786] __sys_sendmsg+0x11d/0x280 [ 98.875676] ? __ia32_sys_shutdown+0x80/0x80 [ 98.880100] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 98.885638] ? put_timespec64+0x10f/0x1b0 [ 98.889808] ? do_syscall_64+0x9a/0x820 [ 98.893786] ? do_syscall_64+0x9a/0x820 [ 98.897764] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 98.903215] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 98.908768] __x64_sys_sendmsg+0x78/0xb0 [ 98.912833] do_syscall_64+0x1b9/0x820 [ 98.916722] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 98.922095] ? syscall_return_slowpath+0x5e0/0x5e0 [ 98.927030] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 98.931869] ? trace_hardirqs_on_caller+0x310/0x310 [ 98.936893] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 98.941919] ? prepare_exit_to_usermode+0x291/0x3b0 [ 98.947398] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 98.952245] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 98.957433] RIP: 0033:0x457669 [ 98.960660] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 98.979556] RSP: 002b:00007f5f1386cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 98.987282] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 98.994568] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000003 [ 99.001836] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 99.009102] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5f1386d6d4 [ 99.016384] R13: 00000000004c44d8 R14: 00000000004d74e8 R15: 00000000ffffffff [ 99.023672] CPU: 0 PID: 7797 Comm: syz-executor3 Tainted: G B 4.20.0-rc7+ #1 [ 99.032171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 99.041531] Call Trace: [ 99.044118] dump_stack+0x1d3/0x2c6 [ 99.047747] ? dump_stack_print_info.cold.1+0x20/0x20 [ 99.052933] ? detach_if_pending+0x6a0/0x6a0 [ 99.057351] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 99.062456] xfrm_policy_destroy.cold.79+0xa/0x22 [ 99.067294] xfrm_policy_kill+0xdd/0x160 [ 99.071367] xfrm_policy_insert+0x4d0/0x850 [ 99.075706] ? xfrm_policy_inexact_insert+0xee0/0xee0 [ 99.080910] ? copy_from_user_policy+0x110/0x2b0 [ 99.085663] ? xfrm_policy_construct+0x470/0x650 [ 99.090417] xfrm_add_policy+0x2a0/0x6f0 [ 99.094494] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 99.100029] ? xfrm_policy_construct+0x650/0x650 [ 99.104788] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 99.110322] ? __nla_parse+0x12c/0x3e0 [ 99.114214] ? nla_parse+0x46/0x60 [ 99.117755] ? xfrm_policy_construct+0x650/0x650 [ 99.122508] xfrm_user_rcv_msg+0x44c/0x8e0 [ 99.126759] ? xfrm_dump_sa_done+0xf0/0xf0 [ 99.131005] ? netlink_deliver_tap+0x32e/0xf40 [ 99.135596] ? lock_downgrade+0x900/0x900 [ 99.139743] ? check_preemption_disabled+0x48/0x280 [ 99.144774] netlink_rcv_skb+0x16c/0x430 [ 99.148831] ? xfrm_dump_sa_done+0xf0/0xf0 [ 99.153061] ? netlink_ack+0xb70/0xb70 [ 99.156940] ? rcu_softirq_qs+0x20/0x20 [ 99.160922] xfrm_netlink_rcv+0x6f/0x90 [ 99.164895] netlink_unicast+0x59f/0x750 [ 99.168954] ? netlink_attachskb+0x9a0/0x9a0 [ 99.173371] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 99.178907] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 99.183921] netlink_sendmsg+0xa18/0xfc0 [ 99.188025] ? netlink_unicast+0x750/0x750 [ 99.192259] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 99.197189] ? apparmor_socket_sendmsg+0x29/0x30 [ 99.201942] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 99.207495] ? security_socket_sendmsg+0x94/0xc0 [ 99.212246] ? netlink_unicast+0x750/0x750 [ 99.216481] sock_sendmsg+0xd5/0x120 [ 99.220209] ___sys_sendmsg+0x7fd/0x930 [ 99.224180] ? find_held_lock+0x36/0x1c0 [ 99.228245] ? copy_msghdr_from_user+0x580/0x580 [ 99.233027] ? __fd_install+0x2b5/0x8f0 [ 99.237022] ? __fget_light+0x2e9/0x430 [ 99.241008] ? fget_raw+0x20/0x20 [ 99.244483] ? __might_fault+0x12b/0x1e0 [ 99.248542] ? lock_downgrade+0x900/0x900 [ 99.252686] ? lock_release+0xa00/0xa00 [ 99.256663] ? arch_local_save_flags+0x40/0x40 [ 99.261240] ? posix_ktime_get_ts+0x15/0x20 [ 99.265556] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 99.271017] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 99.276554] ? sockfd_lookup_light+0xc5/0x160 [ 99.281044] __sys_sendmsg+0x11d/0x280 [ 99.284924] ? __ia32_sys_shutdown+0x80/0x80 [ 99.289328] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 99.294854] ? put_timespec64+0x10f/0x1b0 [ 99.299015] ? do_syscall_64+0x9a/0x820 [ 99.302996] ? do_syscall_64+0x9a/0x820 [ 99.306977] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 99.312433] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 99.317966] __x64_sys_sendmsg+0x78/0xb0 [ 99.322050] do_syscall_64+0x1b9/0x820 [ 99.325947] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 99.331308] ? syscall_return_slowpath+0x5e0/0x5e0 [ 99.336233] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 99.341073] ? trace_hardirqs_on_caller+0x310/0x310 [ 99.346086] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 99.351101] ? prepare_exit_to_usermode+0x291/0x3b0 [ 99.356118] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 99.360960] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 99.366155] RIP: 0033:0x457669 [ 99.369356] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 99.388249] RSP: 002b:00007f890742ac78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 99.395960] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 99.403229] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000003 [ 99.410494] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 99.417832] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f890742b6d4 [ 99.425109] R13: 00000000004c44d8 R14: 00000000004d74e8 R15: 00000000ffffffff [ 99.433392] Kernel Offset: disabled [ 99.437019] Rebooting in 86400 seconds..