[ 39.240899] IPVS: ftp: loaded support on port[0] = 21 [ 40.372994] can: request_module (can-proto-0) failed. [ 40.384218] can: request_module (can-proto-0) failed. [ 40.394376] can: request_module (can-proto-0) failed. [ 40.542221] audit: type=1400 audit(1584449364.168:38): avc: denied { create } for pid=6797 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 [ 40.565793] audit: type=1400 audit(1584449364.168:39): avc: denied { create } for pid=6797 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 40.589388] audit: type=1400 audit(1584449364.168:40): avc: denied { create } for pid=6797 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 40.746282] random: sshd: uninitialized urandom read (32 bytes read) [ 41.492576] random: sshd: uninitialized urandom read (32 bytes read) [ 41.688367] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.242' (ECDSA) to the list of known hosts. 2020/03/17 12:49:31 parsed 1 programs 2020/03/17 12:49:31 executed programs: 0 [ 47.900946] IPVS: ftp: loaded support on port[0] = 21 [ 48.687799] IPVS: ftp: loaded support on port[0] = 21 [ 48.731804] chnl_net:caif_netlink_parms(): no params data found [ 48.797857] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.804884] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.812375] device bridge_slave_0 entered promiscuous mode [ 48.819098] IPVS: ftp: loaded support on port[0] = 21 [ 48.819602] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.830867] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.838286] device bridge_slave_1 entered promiscuous mode [ 48.857717] chnl_net:caif_netlink_parms(): no params data found [ 48.871548] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 48.889056] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 48.910759] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 48.918014] team0: Port device team_slave_0 added [ 48.925427] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 48.932574] team0: Port device team_slave_1 added [ 48.939533] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 48.946841] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 48.975753] IPVS: ftp: loaded support on port[0] = 21 [ 49.021897] device hsr_slave_0 entered promiscuous mode [ 49.070394] device hsr_slave_1 entered promiscuous mode [ 49.133028] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.139402] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.146670] device bridge_slave_0 entered promiscuous mode [ 49.155278] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.161713] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.168945] device bridge_slave_1 entered promiscuous mode [ 49.175058] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 49.182062] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 49.211939] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 49.231319] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 49.292907] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 49.299975] team0: Port device team_slave_0 added [ 49.307524] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 49.314824] team0: Port device team_slave_1 added [ 49.320537] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.326945] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.333790] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.340245] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.348446] chnl_net:caif_netlink_parms(): no params data found [ 49.356986] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.365548] IPVS: ftp: loaded support on port[0] = 21 [ 49.379783] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.501964] device hsr_slave_0 entered promiscuous mode [ 49.540318] device hsr_slave_1 entered promiscuous mode [ 49.581423] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.587795] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.594978] device bridge_slave_0 entered promiscuous mode [ 49.601860] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.608208] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.615368] device bridge_slave_1 entered promiscuous mode [ 49.622414] chnl_net:caif_netlink_parms(): no params data found [ 49.642084] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 49.649085] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 49.688432] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 49.697340] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 49.724251] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.730914] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.737828] device bridge_slave_0 entered promiscuous mode [ 49.757373] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.764736] IPVS: ftp: loaded support on port[0] = 21 [ 49.770757] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.778082] device bridge_slave_1 entered promiscuous mode [ 49.790564] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.797861] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.809199] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 49.816359] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 49.823592] team0: Port device team_slave_0 added [ 49.842480] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 49.849710] team0: Port device team_slave_1 added [ 49.857055] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.873140] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 49.888287] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.904788] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 49.960358] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 49.967391] team0: Port device team_slave_0 added [ 50.022075] device hsr_slave_0 entered promiscuous mode [ 50.060301] device hsr_slave_1 entered promiscuous mode [ 50.102643] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 50.110484] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 50.124358] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 50.131563] team0: Port device team_slave_1 added [ 50.137173] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 50.145272] chnl_net:caif_netlink_parms(): no params data found [ 50.168803] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 50.183489] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 50.197209] 8021q: adding VLAN 0 to HW filter on device bond0 [ 50.205897] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 50.214005] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 50.253429] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 50.261858] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 50.271563] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 50.277624] 8021q: adding VLAN 0 to HW filter on device team0 [ 50.293241] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.299670] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.308543] device bridge_slave_0 entered promiscuous mode [ 50.315219] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.322971] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.330723] device bridge_slave_1 entered promiscuous mode [ 50.372014] device hsr_slave_0 entered promiscuous mode [ 50.410340] device hsr_slave_1 entered promiscuous mode [ 50.453337] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 50.462338] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 50.480706] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 50.491407] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 50.499281] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 50.506930] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.513285] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.537008] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 50.576360] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 50.585269] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 50.595063] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 50.602852] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 50.610520] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.616862] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.624712] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 50.636907] 8021q: adding VLAN 0 to HW filter on device bond0 [ 50.650645] chnl_net:caif_netlink_parms(): no params data found [ 50.664112] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 50.672431] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 50.682775] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 50.699295] 8021q: adding VLAN 0 to HW filter on device bond0 [ 50.717640] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 50.725022] team0: Port device team_slave_0 added [ 50.742030] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 50.749787] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 50.758961] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 50.765168] 8021q: adding VLAN 0 to HW filter on device team0 [ 50.772809] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 50.780397] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 50.787473] team0: Port device team_slave_1 added [ 50.793393] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 50.801403] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 50.809128] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 50.818131] 8021q: adding VLAN 0 to HW filter on device team0 [ 50.824768] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 50.832709] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 50.839519] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 50.848232] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 50.855935] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 50.880882] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 50.889099] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 50.896994] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 50.906030] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 50.914372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 50.922220] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 50.929756] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 50.937658] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 50.945295] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 50.953098] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 50.960832] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.967171] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.974445] device bridge_slave_0 entered promiscuous mode [ 50.986390] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 50.998201] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 51.006370] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 51.014494] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 51.021439] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 51.029094] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 51.036714] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.043101] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.049942] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 51.058265] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 51.066435] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.075507] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.082931] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 51.090507] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 51.097987] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 51.105056] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 51.116598] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.123504] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.130974] device bridge_slave_1 entered promiscuous mode [ 51.149323] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 51.158325] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 51.167502] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 51.173919] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 51.222125] device hsr_slave_0 entered promiscuous mode [ 51.260344] device hsr_slave_1 entered promiscuous mode [ 51.300737] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 51.307971] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 51.315945] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 51.334034] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 51.341847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 51.349511] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 51.357230] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.364796] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.371798] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 51.379467] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 51.387105] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.393465] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.406495] 8021q: adding VLAN 0 to HW filter on device bond0 [ 51.418047] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 51.432535] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 51.439585] team0: Port device team_slave_0 added [ 51.449610] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 51.458782] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 51.470612] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 51.477959] team0: Port device team_slave_1 added [ 51.484129] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 51.491566] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 51.499021] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 51.508142] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 51.515948] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 51.525516] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 51.545129] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 51.552358] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 51.559039] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 51.566031] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 51.573752] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 51.586178] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 51.596582] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 51.662313] device hsr_slave_0 entered promiscuous mode [ 51.680434] device hsr_slave_1 entered promiscuous mode [ 51.722718] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 51.732177] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 51.738263] 8021q: adding VLAN 0 to HW filter on device team0 [ 51.744657] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 51.752738] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 51.759644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 51.768338] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 51.777649] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 51.786392] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 51.796230] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 51.804426] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 51.812065] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 51.819556] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 51.827397] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 51.834501] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 51.844346] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 51.855250] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 51.872790] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 51.882092] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 51.891864] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 51.901886] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 51.911134] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 51.918835] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.925354] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.932844] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 51.940828] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 51.948401] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.954819] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.962217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 51.970258] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 51.978052] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 51.985648] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 51.993663] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.009212] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 52.019214] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 52.027988] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 52.046918] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 52.054898] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 52.063073] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 52.070978] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 52.078581] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 52.089882] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 52.104583] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 52.119141] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 52.138085] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.147557] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 52.157421] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 52.167423] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 52.175319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 52.185968] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 52.195810] 8021q: adding VLAN 0 to HW filter on device bond0 [ 52.208389] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 52.228413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 52.239667] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 52.253289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 52.261310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 52.274099] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 52.282542] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 52.291081] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 52.298832] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 52.308090] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 52.314688] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 52.330973] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 52.337301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 52.345585] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 52.353964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 52.361616] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 52.369209] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 52.380285] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 52.387445] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 52.399360] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 52.417446] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 52.426280] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 52.433481] 8021q: adding VLAN 0 to HW filter on device team0 [ 52.442802] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 52.451539] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 52.460609] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 52.473175] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 52.482311] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 52.489640] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 52.496443] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 52.504425] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 52.513135] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 52.521046] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 52.528548] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.534926] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.541863] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 52.548514] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 52.556098] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.564890] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 52.571052] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 52.584659] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 52.593221] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 52.607476] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 52.615005] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 52.631531] 8021q: adding VLAN 0 to HW filter on device bond0 [ 52.637903] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 52.647909] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 52.655649] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.662128] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.669348] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 52.676369] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 52.685079] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 52.697653] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 52.705969] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 52.712560] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 52.723435] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 52.742662] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 52.752096] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 52.758281] 8021q: adding VLAN 0 to HW filter on device team0 [ 52.777101] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 52.785301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 52.792467] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 52.801924] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 52.811267] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 52.819072] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 52.828522] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 52.836197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 52.843925] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 52.852483] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 52.861430] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 52.869187] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 52.877002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 52.886294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 52.898694] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.905706] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.912960] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 52.920640] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 52.928574] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.938620] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 52.949023] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 52.956114] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 52.964098] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 52.973177] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 52.980915] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 52.988374] bridge0: port 2(bridge_slave_1) entered blocking state 2020/03/17 12:49:36 executed programs: 14 [ 52.994731] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.007640] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 53.015985] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 53.028422] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 53.064836] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 53.071776] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 53.083009] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 53.090810] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 53.098998] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 53.108458] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 53.116593] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 53.124855] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 53.143487] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 53.151997] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 53.159983] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 53.175967] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 53.196935] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 53.205915] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 53.217078] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 53.232179] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 53.239296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 53.254813] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 53.269564] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 53.283685] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 53.291807] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 53.306873] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 53.313769] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 53.335354] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 53.342842] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 53.349149] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 53.356310] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 53.367904] 8021q: adding VLAN 0 to HW filter on device batadv0 2020/03/17 12:49:41 executed programs: 147 2020/03/17 12:49:46 executed programs: 359 2020/03/17 12:49:51 executed programs: 555 2020/03/17 12:49:56 executed programs: 760 2020/03/17 12:50:01 executed programs: 930 2020/03/17 12:50:06 executed programs: 1136 2020/03/17 12:50:12 executed programs: 1297 2020/03/17 12:50:17 executed programs: 1464 2020/03/17 12:50:22 executed programs: 1595 2020/03/17 12:50:27 executed programs: 1730 2020/03/17 12:50:32 executed programs: 1873 2020/03/17 12:50:37 executed programs: 2012 2020/03/17 12:50:42 executed programs: 2149 2020/03/17 12:50:47 executed programs: 2267 2020/03/17 12:50:52 executed programs: 2386 2020/03/17 12:50:57 executed programs: 2502 2020/03/17 12:51:02 executed programs: 2603 2020/03/17 12:51:07 executed programs: 2697 2020/03/17 12:51:12 executed programs: 2800 2020/03/17 12:51:17 executed programs: 2900 2020/03/17 12:51:22 executed programs: 2991 2020/03/17 12:51:27 executed programs: 3085 2020/03/17 12:51:32 executed programs: 3185 2020/03/17 12:51:37 executed programs: 3276 2020/03/17 12:51:42 executed programs: 3388 2020/03/17 12:51:47 executed programs: 3492 2020/03/17 12:51:52 executed programs: 3595 2020/03/17 12:51:57 executed programs: 3702 2020/03/17 12:52:02 executed programs: 3801 2020/03/17 12:52:07 executed programs: 3890 2020/03/17 12:52:13 executed programs: 3992 2020/03/17 12:52:18 executed programs: 4098 2020/03/17 12:52:23 executed programs: 4184 2020/03/17 12:52:28 executed programs: 4273 2020/03/17 12:52:33 executed programs: 4364 2020/03/17 12:52:38 executed programs: 4454 2020/03/17 12:52:43 executed programs: 4543 2020/03/17 12:52:48 executed programs: 4630 2020/03/17 12:52:53 executed programs: 4712 2020/03/17 12:52:58 executed programs: 4796 2020/03/17 12:53:03 executed programs: 4876 2020/03/17 12:53:08 executed programs: 4960 2020/03/17 12:53:13 executed programs: 5040 2020/03/17 12:53:18 executed programs: 5117 2020/03/17 12:53:23 executed programs: 5193 2020/03/17 12:53:28 executed programs: 5269 2020/03/17 12:53:33 executed programs: 5341 2020/03/17 12:53:38 executed programs: 5419 2020/03/17 12:53:44 executed programs: 5495 2020/03/17 12:53:49 executed programs: 5569 2020/03/17 12:53:54 executed programs: 5643 2020/03/17 12:53:59 executed programs: 5713 2020/03/17 12:54:04 executed programs: 5786 2020/03/17 12:54:09 executed programs: 5857 2020/03/17 12:54:14 executed programs: 5923 2020/03/17 12:54:19 executed programs: 5992 2020/03/17 12:54:24 executed programs: 6059 2020/03/17 12:54:29 executed programs: 6126 2020/03/17 12:54:34 executed programs: 6193 2020/03/17 12:54:39 executed programs: 6257 2020/03/17 12:54:44 executed programs: 6323 2020/03/17 12:54:49 executed programs: 6390 2020/03/17 12:54:55 executed programs: 6454 2020/03/17 12:55:00 executed programs: 6515 2020/03/17 12:55:05 executed programs: 6577 [ 381.476517] random: crng init done [ 381.492864] libceph: connect [d::]:6789 error -101 [ 381.498022] libceph: mon0 [d::]:6789 connect error [ 381.615088] libceph: connect [d::]:6789 error -101 [ 381.636426] libceph: mon0 [d::]:6789 connect error [ 382.002830] libceph: connect [d::]:6789 error -101 [ 382.007890] libceph: mon0 [d::]:6789 connect error [ 382.044762] libceph: connect [d::]:6789 error -101 [ 382.068725] libceph: mon0 [d::]:6789 connect error [ 382.088079] libceph: connect [d::]:6789 error -101 [ 382.117615] libceph: mon0 [d::]:6789 connect error [ 382.144521] libceph: connect [d::]:6789 error -101 [ 382.175758] libceph: mon0 [d::]:6789 connect error [ 382.319948] ceph: No mds server is up or the cluster is laggy [ 382.646142] ceph: No mds server is up or the cluster is laggy [ 382.679332] libceph: connect [d::]:6789 error -101 [ 382.694169] libceph: mon0 [d::]:6789 connect error [ 382.715318] ceph: No mds server is up or the cluster is laggy [ 382.755736] libceph: connect [d::]:6789 error -101 [ 382.773564] libceph: mon0 [d::]:6789 connect error [ 382.822922] ceph: No mds server is up or the cluster is laggy [ 383.024401] libceph: connect [d::]:6789 error -101 [ 383.029455] libceph: mon0 [d::]:6789 connect error [ 383.050454] libceph: connect [d::]:6789 error -101 [ 383.064580] libceph: mon0 [d::]:6789 connect error [ 383.361929] libceph: mon1 [::6]:6789 socket closed (con state CONNECTING) [ 383.921014] libceph: mon1 [::6]:6789 socket closed (con state CONNECTING) [ 384.081225] libceph: connect [d::]:6789 error -101 [ 384.098086] libceph: mon0 [d::]:6789 connect error [ 384.116897] libceph: connect [d::]:6789 error -101 [ 384.129666] libceph: mon0 [d::]:6789 connect error [ 384.439752] ceph: No mds server is up or the cluster is laggy [ 384.751951] ceph: No mds server is up or the cluster is laggy [ 384.799364] ceph: No mds server is up or the cluster is laggy [ 384.932293] ceph: No mds server is up or the cluster is laggy [ 385.050820] libceph: connect [d::]:6789 error -101 [ 385.055867] libceph: mon0 [d::]:6789 connect error [ 385.066609] libceph: connect [d::]:6789 error -101 [ 385.072291] libceph: mon0 [d::]:6789 connect error [ 385.123877] libceph: mon1 [::6]:6789 socket closed (con state CONNECTING) [ 386.081594] libceph: connect [d::]:6789 error -101 [ 386.086680] libceph: mon0 [d::]:6789 connect error [ 386.097340] libceph: mon1 [::6]:6789 socket closed (con state CONNECTING) [ 386.104991] libceph: connect [d::]:6789 error -101 [ 386.110600] libceph: mon0 [d::]:6789 connect error [ 386.117736] libceph: connect [d::]:6789 error -101 [ 386.127246] libceph: mon0 [d::]:6789 connect error [ 387.040743] libceph: connect [d::]:6789 error -101 [ 387.046038] libceph: mon0 [d::]:6789 connect error [ 387.057489] libceph: connect [d::]:6789 error -101 [ 387.063387] libceph: mon0 [d::]:6789 connect error [ 387.120930] libceph: mon1 [::6]:6789 socket closed (con state CONNECTING) [ 387.134813] libceph: mon1 [::6]:6789 socket closed (con state CONNECTING) [ 387.360080] libceph: connect [d::]:6789 error -101 [ 387.365250] libceph: mon0 [d::]:6789 connect error [ 388.091244] libceph: connect [d::]:6789 error -101 [ 388.096288] libceph: mon0 [d::]:6789 connect error 2020/03/17 12:55:11 executed programs: 6578 [ 388.249074] libceph: connect [d::]:6789 error -101 [ 388.262226] libceph: mon0 [d::]:6789 connect error [ 388.714585] syz-executor.5: page allocation failure: order:5, mode:0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null) [ 388.737571] syz-executor.1: page allocation failure: order:5, mode:0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null) [ 388.958847] syz-executor.2: page allocation failure: order:5, mode:0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null) [ 389.027955] syz-executor.4: page allocation failure: order:5, mode:0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null) [ 389.041859] libceph: connect [d::]:6789 error -101 [ 389.046883] libceph: mon0 [d::]:6789 connect error [ 389.094439] syz-executor.2: page allocation failure: order:5, mode:0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null) [ 389.117377] syz-executor.3: page allocation failure: order:5, mode:0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null) [ 389.144064] syz-executor.1: page allocation failure: order:5, mode:0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null) [ 389.158766] syz-executor.0: page allocation failure: order:5, mode:0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null) [ 389.718831] syz-executor.5: page allocation failure: order:5, mode:0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null) [ 389.729729] syz-executor.0: page allocation failure: order:5, mode:0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null) [ 389.804436] libceph: connect [d::]:6789 error -101 [ 389.809488] libceph: mon0 [d::]:6789 connect error [ 390.090493] libceph: connect [d::]:6789 error -101 [ 390.095570] libceph: mon0 [d::]:6789 connect error [ 390.480073] syz-executor.0 cpuset=syz0 mems_allowed=0-1 [ 390.485811] CPU: 0 PID: 12241 Comm: syz-executor.0 Not tainted 4.14.173-syzkaller #0 [ 390.493712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 390.503145] Call Trace: [ 390.505876] dump_stack+0xf7/0x13b [ 390.509432] warn_alloc.cold.114+0xa2/0x1be [ 390.513754] ? zone_watermark_ok_safe+0x260/0x260 [ 390.518614] ? __alloc_pages_direct_compact+0xc2/0x330 [ 390.523898] __alloc_pages_slowpath+0x2052/0x2650 [ 390.528768] ? warn_alloc+0x100/0x100 [ 390.532570] ? get_page_from_freelist+0x1046/0x23b0 [ 390.537612] ? __might_sleep+0x93/0xb0 [ 390.541514] __alloc_pages_nodemask+0x60d/0x770 [ 390.546276] ? __alloc_pages_slowpath+0x2650/0x2650 [ 390.551303] ? cache_grow_begin+0x331/0x3f0 [ 390.555634] cache_grow_begin+0x80/0x3f0 [ 390.560006] fallback_alloc+0x203/0x2c0 [ 390.563992] ____cache_alloc_node+0x1c7/0x1e0 [ 390.568516] __kmalloc+0x213/0x7b0 [ 390.572096] ? __lockdep_init_map+0x105/0x550 [ 390.577040] ? mempool_kmalloc+0x10/0x20 [ 390.581107] ? mempool_resize+0x5e0/0x5e0 [ 390.585362] mempool_kmalloc+0x10/0x20 [ 390.589337] mempool_create_node+0x296/0x370 [ 390.593765] mempool_create+0x15/0x20 [ 390.597572] ceph_mount+0x68e/0x1563 [ 390.601392] ? __lockdep_init_map+0x105/0x550 [ 390.606078] mount_fs+0x7f/0x269 [ 390.609439] ? alloc_vfsmnt+0x470/0x750 [ 390.613502] vfs_kern_mount.part.33+0x58/0x3c0 [ 390.618078] do_mount+0x36b/0x26a0 [ 390.621613] ? __might_fault+0xf1/0x1b0 [ 390.625584] ? copy_mount_string+0x20/0x20 [ 390.629816] ? kasan_check_write+0x14/0x20 [ 390.634049] ? _copy_from_user+0x9c/0xd0 [ 390.638112] ? memdup_user+0x4a/0x80 [ 390.641819] SyS_mount+0xb8/0xd0 [ 390.645174] ? copy_mnt_ns+0xae0/0xae0 [ 390.649057] do_syscall_64+0x1c7/0x5b0 [ 390.652930] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 390.657828] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 390.663141] RIP: 0033:0x45a219 [ 390.666324] RSP: 002b:00007f2f5a7fcc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 390.674021] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045a219 [ 390.681284] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000020000500 [ 390.689508] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 390.696943] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2f5a7fd6d4 [ 390.704324] R13: 00000000004c6d95 R14: 00000000004dc508 R15: 00000000ffffffff [ 390.787072] syz-executor.2 cpuset=syz2 mems_allowed=0-1 [ 390.810079] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 390.815599] CPU: 0 PID: 12240 Comm: syz-executor.1 Not tainted 4.14.173-syzkaller #0 [ 390.823465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 390.832912] Call Trace: [ 390.835534] dump_stack+0xf7/0x13b [ 390.839117] warn_alloc.cold.114+0xa2/0x1be [ 390.843434] ? zone_watermark_ok_safe+0x260/0x260 [ 390.848281] ? __alloc_pages_direct_compact+0xc2/0x330 [ 390.853647] __alloc_pages_slowpath+0x2052/0x2650 [ 390.858587] ? warn_alloc+0x100/0x100 [ 390.862403] ? get_page_from_freelist+0x1046/0x23b0 [ 390.867419] ? __might_sleep+0x93/0xb0 [ 390.871310] __alloc_pages_nodemask+0x60d/0x770 [ 390.875977] ? __alloc_pages_slowpath+0x2650/0x2650 [ 390.881012] ? cache_grow_begin+0x331/0x3f0 [ 390.885442] cache_grow_begin+0x80/0x3f0 [ 390.889827] fallback_alloc+0x203/0x2c0 [ 390.893928] ____cache_alloc_node+0x1c7/0x1e0 [ 390.898625] __kmalloc+0x213/0x7b0 [ 390.902265] ? __lockdep_init_map+0x105/0x550 [ 390.906769] ? mempool_kmalloc+0x10/0x20 [ 390.910838] ? mempool_resize+0x5e0/0x5e0 [ 390.915160] mempool_kmalloc+0x10/0x20 [ 390.919063] mempool_create_node+0x296/0x370 [ 390.923480] mempool_create+0x15/0x20 [ 390.927567] ceph_mount+0x68e/0x1563 [ 390.931276] ? __lockdep_init_map+0x105/0x550 [ 390.935782] mount_fs+0x7f/0x269 [ 390.939147] ? alloc_vfsmnt+0x470/0x750 [ 390.943127] vfs_kern_mount.part.33+0x58/0x3c0 [ 390.947698] do_mount+0x36b/0x26a0 [ 390.951223] ? __might_fault+0xf1/0x1b0 [ 390.955448] ? copy_mount_string+0x20/0x20 [ 390.960041] ? kasan_check_write+0x14/0x20 [ 390.964267] ? _copy_from_user+0x9c/0xd0 [ 390.968330] ? memdup_user+0x4a/0x80 [ 390.972035] SyS_mount+0xb8/0xd0 [ 390.975409] ? copy_mnt_ns+0xae0/0xae0 [ 390.979284] do_syscall_64+0x1c7/0x5b0 [ 390.983246] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 390.988100] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 390.993272] RIP: 0033:0x45a219 [ 390.996455] RSP: 002b:00007f6248135c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 391.004151] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045a219 [ 391.011414] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000020000500 [ 391.018670] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 391.025925] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f62481366d4 [ 391.033187] R13: 00000000004c6d95 R14: 00000000004dc508 R15: 00000000ffffffff [ 391.060079] syz-executor.2 cpuset=syz2 mems_allowed=0-1 [ 391.065488] CPU: 0 PID: 12176 Comm: syz-executor.2 Not tainted 4.14.173-syzkaller #0 [ 391.073691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 391.083045] Call Trace: [ 391.085626] dump_stack+0xf7/0x13b [ 391.089240] warn_alloc.cold.114+0xa2/0x1be [ 391.093545] ? zone_watermark_ok_safe+0x260/0x260 [ 391.098384] ? __alloc_pages_direct_compact+0xc2/0x330 [ 391.103658] __alloc_pages_slowpath+0x2052/0x2650 [ 391.108667] ? warn_alloc+0x100/0x100 [ 391.112472] ? get_page_from_freelist+0x1046/0x23b0 [ 391.117496] ? __might_sleep+0x93/0xb0 [ 391.121375] __alloc_pages_nodemask+0x60d/0x770 [ 391.126046] ? __alloc_pages_slowpath+0x2650/0x2650 [ 391.131834] ? cache_grow_begin+0x331/0x3f0 [ 391.136147] cache_grow_begin+0x80/0x3f0 [ 391.140196] fallback_alloc+0x203/0x2c0 [ 391.144259] ____cache_alloc_node+0x1c7/0x1e0 [ 391.148774] __kmalloc+0x213/0x7b0 [ 391.152303] ? __lockdep_init_map+0x105/0x550 [ 391.156782] ? mempool_kmalloc+0x10/0x20 [ 391.160835] ? mempool_resize+0x5e0/0x5e0 [ 391.164986] mempool_kmalloc+0x10/0x20 [ 391.168973] mempool_create_node+0x296/0x370 [ 391.173905] mempool_create+0x15/0x20 [ 391.177890] ceph_mount+0x68e/0x1563 [ 391.181605] ? __lockdep_init_map+0x105/0x550 [ 391.186191] mount_fs+0x7f/0x269 [ 391.189647] ? alloc_vfsmnt+0x470/0x750 [ 391.193632] vfs_kern_mount.part.33+0x58/0x3c0 [ 391.198222] do_mount+0x36b/0x26a0 [ 391.201761] ? __might_fault+0xf1/0x1b0 [ 391.205781] ? copy_mount_string+0x20/0x20 [ 391.210008] ? kasan_check_write+0x14/0x20 [ 391.214233] ? _copy_from_user+0x9c/0xd0 [ 391.218289] ? memdup_user+0x4a/0x80 [ 391.222039] SyS_mount+0xb8/0xd0 [ 391.225535] ? copy_mnt_ns+0xae0/0xae0 [ 391.229603] do_syscall_64+0x1c7/0x5b0 [ 391.233497] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.238347] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 391.243531] RIP: 0033:0x45a219 [ 391.246711] RSP: 002b:00007ff49115dc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 391.254768] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045a219 [ 391.262059] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000020000500 [ 391.269340] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 391.276602] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff49115e6d4 [ 391.283865] R13: 00000000004c6d95 R14: 00000000004dc508 R15: 00000000ffffffff [ 391.325624] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 391.331264] syz-executor.0 cpuset=syz0 mems_allowed=0-1 [ 391.336627] CPU: 0 PID: 12175 Comm: syz-executor.0 Not tainted 4.14.173-syzkaller #0 [ 391.344582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 391.353928] Call Trace: [ 391.356632] dump_stack+0xf7/0x13b [ 391.360162] warn_alloc.cold.114+0xa2/0x1be [ 391.364467] ? zone_watermark_ok_safe+0x260/0x260 [ 391.369387] ? __alloc_pages_direct_compact+0xc2/0x330 [ 391.374676] __alloc_pages_slowpath+0x2052/0x2650 [ 391.379617] ? warn_alloc+0x100/0x100 [ 391.383404] ? get_page_from_freelist+0x1046/0x23b0 [ 391.388436] ? __might_sleep+0x93/0xb0 [ 391.392317] __alloc_pages_nodemask+0x60d/0x770 [ 391.396989] ? __alloc_pages_slowpath+0x2650/0x2650 [ 391.402352] ? cache_grow_begin+0x331/0x3f0 [ 391.407471] cache_grow_begin+0x80/0x3f0 [ 391.411552] fallback_alloc+0x203/0x2c0 [ 391.415554] ____cache_alloc_node+0x1c7/0x1e0 [ 391.420050] __kmalloc+0x213/0x7b0 [ 391.423583] ? __lockdep_init_map+0x105/0x550 [ 391.428071] ? mempool_kmalloc+0x10/0x20 [ 391.432128] ? mempool_resize+0x5e0/0x5e0 [ 391.436278] mempool_kmalloc+0x10/0x20 [ 391.440165] mempool_create_node+0x296/0x370 [ 391.444574] mempool_create+0x15/0x20 [ 391.448476] ceph_mount+0x68e/0x1563 [ 391.452186] ? __lockdep_init_map+0x105/0x550 [ 391.456681] mount_fs+0x7f/0x269 [ 391.460070] ? alloc_vfsmnt+0x470/0x750 [ 391.464038] vfs_kern_mount.part.33+0x58/0x3c0 [ 391.468614] do_mount+0x36b/0x26a0 [ 391.472146] ? __might_fault+0xf1/0x1b0 [ 391.476112] ? copy_mount_string+0x20/0x20 [ 391.480337] ? kasan_check_write+0x14/0x20 [ 391.484580] ? _copy_from_user+0x9c/0xd0 [ 391.488628] ? memdup_user+0x4a/0x80 [ 391.492354] SyS_mount+0xb8/0xd0 [ 391.495717] ? copy_mnt_ns+0xae0/0xae0 [ 391.499696] do_syscall_64+0x1c7/0x5b0 [ 391.503574] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.508487] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 391.513668] RIP: 0033:0x45a219 [ 391.516913] RSP: 002b:00007f2f5a7fcc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 391.524795] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045a219 [ 391.532399] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000020000500 [ 391.539725] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 391.547014] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2f5a7fd6d4 [ 391.554274] R13: 00000000004c6d95 R14: 00000000004dc508 R15: 00000000ffffffff [ 391.590208] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 391.621620] libceph: mon1 [::6]:6789 socket closed (con state CONNECTING) [ 391.634280] libceph: connect [d::]:6789 error -101 [ 391.639315] libceph: mon0 [d::]:6789 connect error [ 391.645105] ================================================================== [ 391.652704] BUG: KASAN: use-after-free in ceph_destroy_options+0xc6/0xf0 [ 391.659554] Read of size 8 at addr ffff8880a8521b50 by task syz-executor.3/10888 [ 391.667082] [ 391.668711] CPU: 0 PID: 10888 Comm: syz-executor.3 Not tainted 4.14.173-syzkaller #0 [ 391.676582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 391.685935] Call Trace: [ 391.688558] dump_stack+0xf7/0x13b [ 391.692885] ? ceph_destroy_options+0xc6/0xf0 [ 391.697503] print_address_description.cold.7+0x9/0x1c9 [ 391.702986] ? ceph_destroy_options+0xc6/0xf0 [ 391.707502] kasan_report.cold.8+0x11a/0x2d3 [ 391.712102] __asan_report_load8_noabort+0x14/0x20 [ 391.717468] ceph_destroy_options+0xc6/0xf0 [ 391.721790] ceph_mount+0xa98/0x1563 [ 391.725505] ? __lockdep_init_map+0x105/0x550 [ 391.730094] mount_fs+0x7f/0x269 [ 391.733463] ? alloc_vfsmnt+0x470/0x750 [ 391.737430] vfs_kern_mount.part.33+0x58/0x3c0 [ 391.742019] do_mount+0x36b/0x26a0 [ 391.745549] ? __might_fault+0xf1/0x1b0 [ 391.749516] ? copy_mount_string+0x20/0x20 [ 391.753851] ? kasan_check_write+0x14/0x20 [ 391.758076] ? _copy_from_user+0x9c/0xd0 [ 391.762123] ? memdup_user+0x4a/0x80 [ 391.765851] SyS_mount+0xb8/0xd0 [ 391.769211] ? copy_mnt_ns+0xae0/0xae0 [ 391.773184] do_syscall_64+0x1c7/0x5b0 [ 391.777066] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.782609] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 391.787787] RIP: 0033:0x45a219 [ 391.790961] RSP: 002b:00007f7bbc47ac78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 391.798722] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045a219 [ 391.806005] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000020000500 [ 391.813261] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 391.820529] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bbc47b6d4 [ 391.828234] R13: 00000000004c6d95 R14: 00000000004dc508 R15: 00000000ffffffff [ 391.835509] [ 391.837181] Allocated by task 10888: [ 391.840894] save_stack_trace+0x16/0x20 [ 391.844868] save_stack+0x43/0xd0 [ 391.848309] kasan_kmalloc+0xc7/0xe0 [ 391.852032] kmem_cache_alloc_trace+0x152/0x7a0 [ 391.856884] ceph_parse_options+0xe3/0xc60 [ 391.861219] ceph_mount+0x390/0x1563 [ 391.865012] mount_fs+0x7f/0x269 [ 391.868372] vfs_kern_mount.part.33+0x58/0x3c0 [ 391.872957] do_mount+0x36b/0x26a0 [ 391.876496] SyS_mount+0xb8/0xd0 [ 391.880063] do_syscall_64+0x1c7/0x5b0 [ 391.883960] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 391.889423] [ 391.891044] Freed by task 10888: [ 391.894408] save_stack_trace+0x16/0x20 [ 391.898366] save_stack+0x43/0xd0 [ 391.901908] kasan_slab_free+0x71/0xc0 [ 391.905778] kfree+0xcc/0x270 [ 391.908997] ceph_destroy_options+0xbc/0xf0 [ 391.913330] ceph_destroy_client+0x8f/0xb0 [ 391.917554] ceph_mount+0xb2c/0x1563 [ 391.921259] mount_fs+0x7f/0x269 [ 391.924629] vfs_kern_mount.part.33+0x58/0x3c0 [ 391.929209] do_mount+0x36b/0x26a0 [ 391.932733] SyS_mount+0xb8/0xd0 [ 391.936081] do_syscall_64+0x1c7/0x5b0 [ 391.940913] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 391.946155] [ 391.947771] The buggy address belongs to the object at ffff8880a8521a80 [ 391.947771] which belongs to the cache kmalloc-256 of size 256 [ 391.960422] The buggy address is located 208 bytes inside of [ 391.960422] 256-byte region [ffff8880a8521a80, ffff8880a8521b80) [ 391.972296] The buggy address belongs to the page: [ 391.977352] page:ffffea0002a14840 count:1 mapcount:0 mapping:ffff8880a8521080 index:0x0 [ 391.985488] flags: 0x1fffc0000000100(slab) [ 391.989726] raw: 01fffc0000000100 ffff8880a8521080 0000000000000000 000000010000000c [ 391.997662] raw: ffffea00022982a0 ffffea0002a0e8a0 ffff8880aa8007c0 0000000000000000 [ 392.005694] page dumped because: kasan: bad access detected [ 392.012197] [ 392.013831] Memory state around the buggy address: [ 392.018770] ffff8880a8521a00: 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc [ 392.026117] ffff8880a8521a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 392.033482] >ffff8880a8521b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 392.040840] ^ [ 392.047193] ffff8880a8521b80: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 392.054849] ffff8880a8521c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 392.062207] ================================================================== [ 392.070171] Disabling lock debugging due to kernel taint [ 392.076021] ================================================================== [ 392.083391] BUG: KASAN: double-free or invalid-free in ceph_destroy_options+0xb4/0xf0 [ 392.091337] [ 392.092954] CPU: 0 PID: 11632 Comm: syz-executor.4 Tainted: G B 4.14.173-syzkaller #0 [ 392.102040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 392.111622] Call Trace: [ 392.114202] dump_stack+0xf7/0x13b [ 392.117745] ? ceph_destroy_options+0xb4/0xf0 [ 392.122231] print_address_description.cold.7+0x9/0x1c9 [ 392.127588] ? ceph_destroy_options+0xb4/0xf0 [ 392.132112] ? ceph_destroy_options+0xb4/0xf0 [ 392.136604] kasan_report_double_free+0x55/0x80 [ 392.141618] kasan_slab_free+0xa3/0xc0 [ 392.145496] kfree+0xcc/0x270 [ 392.148958] ceph_destroy_options+0xb4/0xf0 [ 392.153269] ceph_mount+0xa98/0x1563 [ 392.156969] ? __lockdep_init_map+0x105/0x550 [ 392.161451] mount_fs+0x7f/0x269 [ 392.164801] ? alloc_vfsmnt+0x470/0x750 [ 392.168780] vfs_kern_mount.part.33+0x58/0x3c0 [ 392.173356] do_mount+0x36b/0x26a0 [ 392.176892] ? __might_fault+0xf1/0x1b0 [ 392.180850] ? copy_mount_string+0x20/0x20 [ 392.185068] ? kasan_check_write+0x14/0x20 [ 392.189292] ? _copy_from_user+0x9c/0xd0 [ 392.193354] ? memdup_user+0x4a/0x80 [ 392.197052] SyS_mount+0xb8/0xd0 [ 392.200404] ? copy_mnt_ns+0xae0/0xae0 [ 392.204292] do_syscall_64+0x1c7/0x5b0 [ 392.208179] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.213623] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 392.218800] RIP: 0033:0x45a219 [ 392.221976] RSP: 002b:00007f1ba4d27c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 392.229694] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045a219 [ 392.236950] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000020000500 [ 392.244203] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 392.252245] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1ba4d286d4 [ 392.259500] R13: 00000000004c6d95 R14: 00000000004dc508 R15: 00000000ffffffff [ 392.266880] [ 392.268518] Allocated by task 11632: [ 392.272216] save_stack_trace+0x16/0x20 [ 392.276182] save_stack+0x43/0xd0 [ 392.279649] kasan_kmalloc+0xc7/0xe0 [ 392.283457] kmem_cache_alloc_trace+0x152/0x7a0 [ 392.288109] ceph_parse_options+0x127/0xc60 [ 392.292690] ceph_mount+0x390/0x1563 [ 392.296393] mount_fs+0x7f/0x269 [ 392.299757] vfs_kern_mount.part.33+0x58/0x3c0 [ 392.304342] do_mount+0x36b/0x26a0 [ 392.307875] SyS_mount+0xb8/0xd0 [ 392.311223] do_syscall_64+0x1c7/0x5b0 [ 392.315100] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 392.320269] [ 392.321879] Freed by task 11632: [ 392.327299] save_stack_trace+0x16/0x20 [ 392.331269] save_stack+0x43/0xd0 [ 392.334708] kasan_slab_free+0x71/0xc0 [ 392.338579] kfree+0xcc/0x270 [ 392.341673] ceph_destroy_options+0xb4/0xf0 [ 392.345981] ceph_destroy_client+0x8f/0xb0 [ 392.350197] ceph_mount+0xb2c/0x1563 [ 392.353893] mount_fs+0x7f/0x269 [ 392.357241] vfs_kern_mount.part.33+0x58/0x3c0 [ 392.361805] do_mount+0x36b/0x26a0 [ 392.365328] SyS_mount+0xb8/0xd0 [ 392.368689] do_syscall_64+0x1c7/0x5b0 [ 392.372908] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 392.378091] [ 392.379710] The buggy address belongs to the object at ffff8880818d49c0 [ 392.379710] which belongs to the cache kmalloc-8192 of size 8192 [ 392.392518] The buggy address is located 0 bytes inside of [ 392.392518] 8192-byte region [ffff8880818d49c0, ffff8880818d69c0) [ 392.404485] The buggy address belongs to the page: [ 392.409403] page:ffffea0002063500 count:1 mapcount:0 mapping:ffff8880818d49c0 index:0x0 compound_mapcount: 0 [ 392.419347] flags: 0x1fffc0000008100(slab|head) [ 392.423995] raw: 01fffc0000008100 ffff8880818d49c0 0000000000000000 0000000100000001 [ 392.431857] raw: ffffea000221b320 ffffea0001162620 ffff8880aa802080 0000000000000000 [ 392.439898] page dumped because: kasan: bad access detected [ 392.445592] [ 392.447215] Memory state around the buggy address: [ 392.452132] ffff8880818d4880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 392.459579] ffff8880818d4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 392.466922] >ffff8880818d4980: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb [ 392.474280] ^ [ 392.479717] ffff8880818d4a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 392.487058] ffff8880818d4a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 392.494398] ================================================================== [ 392.501770] Kernel panic - not syncing: panic_on_warn set ... [ 392.501770] [ 392.509143] CPU: 0 PID: 11632 Comm: syz-executor.4 Tainted: G B 4.14.173-syzkaller #0 [ 392.518222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 392.527573] Call Trace: [ 392.530216] dump_stack+0xf7/0x13b [ 392.533760] ? ceph_destroy_options+0x10/0xf0 [ 392.538247] ? ceph_destroy_options+0xb4/0xf0 [ 392.542739] panic+0x1b0/0x358 [ 392.545915] ? add_taint.cold.5+0x11/0x11 [ 392.550051] ? lock_downgrade+0x7f0/0x7f0 [ 392.554202] ? ceph_destroy_options+0xb4/0xf0 [ 392.558705] ? ceph_destroy_options+0xb4/0xf0 [ 392.563185] kasan_end_report+0x47/0x4f [ 392.567147] kasan_report_double_free+0x72/0x80 [ 392.571874] kasan_slab_free+0xa3/0xc0 [ 392.575760] kfree+0xcc/0x270 [ 392.578858] ceph_destroy_options+0xb4/0xf0 [ 392.583170] ceph_mount+0xa98/0x1563 [ 392.586872] ? __lockdep_init_map+0x105/0x550 [ 392.591360] mount_fs+0x7f/0x269 [ 392.594714] ? alloc_vfsmnt+0x470/0x750 [ 392.598778] vfs_kern_mount.part.33+0x58/0x3c0 [ 392.603344] do_mount+0x36b/0x26a0 [ 392.606865] ? __might_fault+0xf1/0x1b0 [ 392.610822] ? copy_mount_string+0x20/0x20 [ 392.615065] ? kasan_check_write+0x14/0x20 [ 392.619287] ? _copy_from_user+0x9c/0xd0 [ 392.623383] ? memdup_user+0x4a/0x80 [ 392.627094] SyS_mount+0xb8/0xd0 [ 392.630452] ? copy_mnt_ns+0xae0/0xae0 [ 392.634336] do_syscall_64+0x1c7/0x5b0 [ 392.638337] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.643207] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 392.648393] RIP: 0033:0x45a219 [ 392.651573] RSP: 002b:00007f1ba4d27c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 392.659271] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045a219 [ 392.666631] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000020000500 [ 392.673892] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 392.681319] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1ba4d286d4 [ 392.688575] R13: 00000000004c6d95 R14: 00000000004dc508 R15: 00000000ffffffff [ 392.697808] Kernel Offset: disabled [ 392.701461] Rebooting in 86400 seconds..