syzkaller login: [ 16.709303] cfg80211: Calling CRDA to update world regulatory domain [ 19.869329] cfg80211: Calling CRDA to update world regulatory domain [ 23.029517] cfg80211: Calling CRDA to update world regulatory domain [ 26.189329] cfg80211: Calling CRDA to update world regulatory domain [ 29.349328] cfg80211: Calling CRDA to update world regulatory domain [ 32.509346] cfg80211: Calling CRDA to update world regulatory domain [ 35.669361] cfg80211: Calling CRDA to update world regulatory domain [ 38.829353] cfg80211: Exceeded CRDA call max attempts. Not calling CRDA [ 50.585116] IPVS: Creating netns size=2688 id=1 [ 50.590009] IPVS: ftp: loaded support on port[0] = 21 Warning: Permanently added '10.128.10.23' (ECDSA) to the list of known hosts. 2019/10/05 00:50:39 parsed 1 programs 2019/10/05 00:50:39 executed programs: 0 [ 57.184521] IPv6: ADDRCONF(NETDEV_CHANGE): nr4: link becomes ready [ 57.192440] IPv6: ADDRCONF(NETDEV_CHANGE): nr1: link becomes ready [ 57.199292] IPv6: ADDRCONF(NETDEV_CHANGE): nr3: link becomes ready [ 57.199582] IPVS: Creating netns size=2688 id=2 [ 57.199598] IPVS: ftp: loaded support on port[0] = 21 [ 57.217138] IPv6: ADDRCONF(NETDEV_CHANGE): nr0: link becomes ready [ 57.227851] IPv6: ADDRCONF(NETDEV_CHANGE): nr5: link becomes ready [ 57.236028] IPv6: ADDRCONF(NETDEV_CHANGE): nr2: link becomes ready [ 57.236646] IPVS: Creating netns size=2688 id=3 [ 57.236658] IPVS: ftp: loaded support on port[0] = 21 [ 57.259167] IPVS: Creating netns size=2688 id=4 [ 57.264387] IPVS: ftp: loaded support on port[0] = 21 [ 57.273793] chnl_net:caif_netlink_parms(): no params data found [ 57.287705] IPVS: Creating netns size=2688 id=5 [ 57.292932] IPVS: ftp: loaded support on port[0] = 21 [ 57.297241] chnl_net:caif_netlink_parms(): no params data found [ 57.308057] device bridge_slave_0 entered promiscuous mode [ 57.314817] device bridge_slave_1 entered promiscuous mode [ 57.327316] IPVS: Creating netns size=2688 id=6 [ 57.332567] IPVS: ftp: loaded support on port[0] = 21 [ 57.338902] chnl_net:caif_netlink_parms(): no params data found [ 57.346464] IPv6: ADDRCONF(NETDEV_UP): bond_slave_0: link is not ready [ 57.354886] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 57.369148] IPv6: ADDRCONF(NETDEV_UP): bond_slave_1: link is not ready [ 57.376338] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 57.387872] chnl_net:caif_netlink_parms(): no params data found [ 57.398464] device bridge_slave_0 entered promiscuous mode [ 57.409122] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 57.409130] IPVS: Creating netns size=2688 id=7 [ 57.409140] IPVS: ftp: loaded support on port[0] = 21 [ 57.426059] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 57.435108] device bridge_slave_1 entered promiscuous mode [ 57.453258] IPv6: ADDRCONF(NETDEV_UP): bond_slave_0: link is not ready [ 57.460117] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 57.473270] device bridge_slave_0 entered promiscuous mode [ 57.479535] device bridge_slave_1 entered promiscuous mode [ 57.487089] IPv6: ADDRCONF(NETDEV_UP): bond_slave_0: link is not ready [ 57.494431] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 57.502121] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 57.508788] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 57.515599] IPv6: ADDRCONF(NETDEV_UP): bond_slave_1: link is not ready [ 57.522485] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 57.538690] chnl_net:caif_netlink_parms(): no params data found [ 57.545401] IPv6: ADDRCONF(NETDEV_UP): bond_slave_1: link is not ready [ 57.552259] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 57.563130] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 57.570323] device bridge_slave_0 entered promiscuous mode [ 57.579065] chnl_net:caif_netlink_parms(): no params data found [ 57.590014] device bridge_slave_1 entered promiscuous mode [ 57.597837] IPv6: ADDRCONF(NETDEV_UP): bond_slave_0: link is not ready [ 57.604841] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 57.612803] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 57.619911] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 57.628878] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 57.635975] IPv6: ADDRCONF(NETDEV_UP): bond_slave_1: link is not ready [ 57.643414] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 57.651290] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 57.658032] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 57.665437] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 57.676964] device bridge_slave_0 entered promiscuous mode [ 57.683063] device bridge_slave_1 entered promiscuous mode [ 57.693854] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.700498] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.707270] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.713922] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.724910] device bridge_slave_0 entered promiscuous mode [ 57.731548] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.737806] IPv6: ADDRCONF(NETDEV_UP): bond_slave_0: link is not ready [ 57.744827] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 57.752986] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.760334] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.770124] device bridge_slave_1 entered promiscuous mode [ 57.778140] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 57.784796] IPv6: ADDRCONF(NETDEV_UP): bond_slave_1: link is not ready [ 57.791956] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 57.800099] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 57.807267] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 57.814351] IPv6: ADDRCONF(NETDEV_UP): bond_slave_0: link is not ready [ 57.821412] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 57.829318] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 57.836388] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 57.848876] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 57.856345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.863773] IPv6: ADDRCONF(NETDEV_UP): bond_slave_1: link is not ready [ 57.870762] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 57.884455] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 57.893067] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 57.900322] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 57.906973] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 57.917193] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 57.926723] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 57.934284] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.942037] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.948735] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.956002] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.963708] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.970316] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.977075] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.984977] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.991458] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 57.998707] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 58.005742] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.015117] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 58.021989] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 58.028496] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.035297] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.041812] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 58.049466] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.057421] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.067087] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.076192] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 58.083499] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.091341] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 58.098046] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 58.105807] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.113723] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 58.122560] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.130045] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.136680] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.143835] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.151394] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.157879] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.165317] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 58.173047] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.180134] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 58.186824] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.198255] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 58.205464] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.213610] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.220205] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.226890] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.234117] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.241368] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.248078] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.255452] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.262082] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.270662] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 58.278800] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.286180] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.297046] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 58.306365] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.313666] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.322248] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.328909] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.335922] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.343596] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.350273] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.357905] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 58.366300] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.374242] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.381754] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.388955] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.397980] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.407347] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.414955] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.423540] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.443043] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 58.453844] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.462885] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.470160] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.477034] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.484785] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.492066] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.499670] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 58.507917] BUG: unable to handle kernel NULL pointer dereference at 0000000000000004 [ 58.516714] IP: [] dsmark_init+0x46/0x170 [ 58.523851] PGD b405c067 PUD b5617067 PMD 0 [ 58.528872] Oops: 0000 [#1] PREEMPT SMP [ 58.533393] Modules linked in: [ 58.536848] CPU: 1 PID: 5702 Comm: syz-executor.3 Not tainted 4.1.0 #0 [ 58.543998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 58.553807] task: ffff8800b544c310 ti: ffff8800b35cc000 task.ti: ffff8800b35cc000 [ 58.561531] RIP: 0010:[] [] dsmark_init+0x46/0x170 [ 58.570012] RSP: 0018:ffff8800b35cf9c8 EFLAGS: 00010246 [ 58.575651] RAX: 0000000000000000 RBX: ffff8800b3bbb600 RCX: 0000000000000002 [ 58.583374] RDX: 0000000000000000 RSI: 0000000000000005 RDI: ffff8800b3bbba34 [ 58.591128] RBP: ffff8800b35cfa18 R08: ffffffff82a5b4b0 R09: ffff8800b35cf9c8 [ 58.598728] R10: 0000000000000000 R11: 0000000000000001 R12: ffff8800b7a54000 [ 58.606168] R13: 00000000fffffff4 R14: ffffffff83421c60 R15: ffff8800b35cfad0 [ 58.613849] FS: 00007fcecafd8700(0000) GS:ffff88012c100000(0000) knlGS:0000000000000000 [ 58.622646] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 58.628744] CR2: 0000000000000004 CR3: 0000000128a1b000 CR4: 00000000001407e0 [ 58.638092] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 58.645525] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 58.652985] Stack: [ 58.655133] 0000000000000000 0000000000000000 ffff8800b3bbba34 0000000000000000 [ 58.663353] 0000000000000000 0000000000000000 ffff8800b3bbb600 ffff8800b7a54000 [ 58.671688] 00000000fffffff4 ffffffff83421c60 ffff8800b35cfa88 ffffffff82130759 [ 58.679994] Call Trace: [ 58.682660] [] qdisc_create+0xc9/0x4d0 [ 58.688179] [] tc_modify_qdisc+0x18e/0x660 [ 58.694086] [] rtnetlink_rcv_msg+0x83/0x230 [ 58.700039] [] ? mutex_lock_nested+0x32e/0x610 [ 58.706271] [] ? rtnetlink_rcv+0x1a/0x40 [ 58.711963] [] ? rtnetlink_rcv+0x40/0x40 [ 58.717690] [] netlink_rcv_skb+0xa9/0xd0 [ 58.724854] [] rtnetlink_rcv+0x29/0x40 [ 58.730556] [] netlink_unicast+0x1ca/0x2e0 [ 58.736476] [] ? netlink_unicast+0x148/0x2e0 [ 58.742713] [] netlink_sendmsg+0x310/0x3d0 [ 58.748598] [] ? import_iovec+0x2b/0xd0 [ 58.754406] [] sock_sendmsg+0x35/0x40 [ 58.760536] [] ___sys_sendmsg+0x2c3/0x2d0 [ 58.767450] [] ? debug_lockdep_rcu_enabled+0x1d/0x20 [ 58.774278] [] ? __fget+0x10b/0x210 [ 58.779754] [] ? expand_files+0x270/0x270 [ 58.785578] [] ? __fget_light+0x25/0x90 [ 58.791187] [] __sys_sendmsg+0x3d/0x80 [ 58.796706] [] SyS_sendmsg+0xd/0x20 [ 58.801999] [] system_call_fastpath+0x16/0x7a [ 58.808266] Code: 55 41 54 53 48 89 fb 48 8d 7d b0 48 83 ec 30 0f b7 0e be 05 00 00 00 83 e9 04 e8 c6 85 7c ff 85 c0 0f 88 bc 00 00 00 48 8b 45 b8 <0f> b7 78 04 f3 40 0f b8 c7 83 f8 01 41 89 fc 0f 85 e5 00 00 00 [ 58.837444] RIP [] dsmark_init+0x46/0x170 [ 58.843781] RSP [ 58.847402] CR2: 0000000000000004 [ 58.852107] ---[ end trace 31859ac8c26cdced ]--- [ 58.857062] Kernel panic - not syncing: Fatal exception [ 58.864363] Kernel Offset: disabled