[ 41.923792] random: cc1: uninitialized urandom read (8 bytes read) [ 42.720897] IPVS: ftp: loaded support on port[0] = 21 [ 43.808310] can: request_module (can-proto-0) failed. [ 43.818019] can: request_module (can-proto-0) failed. [ 43.977762] audit: type=1400 audit(1576293665.165:37): avc: denied { create } for pid=6754 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 [ 44.001643] audit: type=1400 audit(1576293665.165:38): avc: denied { create } for pid=6754 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 44.025228] audit: type=1400 audit(1576293665.165:39): avc: denied { create } for pid=6754 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 44.305439] random: sshd: uninitialized urandom read (32 bytes read) [ 45.000303] random: sshd: uninitialized urandom read (32 bytes read) [ 45.198665] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.124' (ECDSA) to the list of known hosts. 2019/12/14 03:21:13 parsed 1 programs 2019/12/14 03:21:13 executed programs: 0 [ 51.987248] audit: type=1400 audit(1576293673.175:40): avc: denied { map } for pid=6825 comm="syz-execprog" path="/root/syzkaller-shm781443881" dev="sda1" ino=16495 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 [ 52.250956] IPVS: ftp: loaded support on port[0] = 21 [ 53.074604] chnl_net:caif_netlink_parms(): no params data found [ 53.081199] IPVS: ftp: loaded support on port[0] = 21 [ 53.125742] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.132592] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.139614] device bridge_slave_0 entered promiscuous mode [ 53.148252] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.154713] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.161670] device bridge_slave_1 entered promiscuous mode [ 53.174207] IPVS: ftp: loaded support on port[0] = 21 [ 53.186711] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.195661] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 53.216651] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 53.224223] team0: Port device team_slave_0 added [ 53.231649] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 53.238733] team0: Port device team_slave_1 added [ 53.244514] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 53.260262] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 53.341840] device hsr_slave_0 entered promiscuous mode [ 53.380335] device hsr_slave_1 entered promiscuous mode [ 53.422835] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 53.433924] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 53.445596] chnl_net:caif_netlink_parms(): no params data found [ 53.468324] IPVS: ftp: loaded support on port[0] = 21 [ 53.473219] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.480106] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.487137] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.493807] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.554048] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.560868] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.567841] device bridge_slave_0 entered promiscuous mode [ 53.575835] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.582346] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.589239] device bridge_slave_1 entered promiscuous mode [ 53.627331] chnl_net:caif_netlink_parms(): no params data found [ 53.639430] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.648868] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 53.677961] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 53.685450] team0: Port device team_slave_0 added [ 53.692897] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 53.699954] team0: Port device team_slave_1 added [ 53.706576] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 53.724808] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 53.733365] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.739713] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 53.748471] IPVS: ftp: loaded support on port[0] = 21 [ 53.821968] device hsr_slave_0 entered promiscuous mode [ 53.860330] device hsr_slave_1 entered promiscuous mode [ 53.903426] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 53.912557] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 53.921272] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.927925] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.936280] device bridge_slave_0 entered promiscuous mode [ 53.943558] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 53.953513] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 53.960745] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.969934] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.976668] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.984896] device bridge_slave_1 entered promiscuous mode [ 53.999689] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.009764] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.016916] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.038368] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 54.046630] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.058261] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.066315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 54.076017] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.082713] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.090940] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 54.118058] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 54.127061] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 54.137235] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 54.186973] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 54.196661] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 54.205066] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 54.218913] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 54.226958] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 54.235318] team0: Port device team_slave_0 added [ 54.243710] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 54.255178] team0: Port device team_slave_1 added [ 54.261672] IPVS: ftp: loaded support on port[0] = 21 [ 54.261982] chnl_net:caif_netlink_parms(): no params data found [ 54.293848] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 54.301943] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 54.309111] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 54.334932] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 54.343312] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 54.423177] device hsr_slave_0 entered promiscuous mode [ 54.460466] device hsr_slave_1 entered promiscuous mode [ 54.511126] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 54.529069] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 54.539087] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 54.560458] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 54.573862] chnl_net:caif_netlink_parms(): no params data found [ 54.589533] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 54.597606] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 54.612510] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.622187] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.629430] device bridge_slave_0 entered promiscuous mode [ 54.641358] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.651195] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.658075] device bridge_slave_1 entered promiscuous mode [ 54.671391] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 54.679044] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 54.689845] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 54.696588] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 54.738556] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 54.748111] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 54.778211] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.823127] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 54.837733] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 54.845092] chnl_net:caif_netlink_parms(): no params data found [ 54.853333] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.860654] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.867869] device bridge_slave_0 entered promiscuous mode [ 54.875649] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 54.882730] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 54.890159] team0: Port device team_slave_0 added [ 54.896349] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 54.903800] team0: Port device team_slave_1 added [ 54.909168] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 54.923972] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.932045] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.939390] device bridge_slave_1 entered promiscuous mode [ 54.957896] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 54.966571] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 54.992709] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 55.005868] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 55.017234] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.063498] device hsr_slave_0 entered promiscuous mode [ 55.111155] device hsr_slave_1 entered promiscuous mode [ 55.165396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 55.172922] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.181936] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 55.188126] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.196438] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 55.204191] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 55.213993] team0: Port device team_slave_0 added [ 55.219483] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 55.227003] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.234944] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.242503] device bridge_slave_0 entered promiscuous mode [ 55.249225] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.256062] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.263119] device bridge_slave_1 entered promiscuous mode [ 55.278902] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 55.289823] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 55.297345] team0: Port device team_slave_1 added [ 55.305725] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 55.314594] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 55.323473] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 55.332545] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 55.342651] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 55.351313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 55.359049] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.365586] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.374521] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 55.391175] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 55.408136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 55.415381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 55.423676] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 55.431335] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.437783] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.446391] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 55.465195] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 55.473561] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 55.480847] team0: Port device team_slave_0 added [ 55.486370] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 55.493831] team0: Port device team_slave_1 added [ 55.542245] device hsr_slave_0 entered promiscuous mode [ 55.554742] FAULT_INJECTION: forcing a failure. [ 55.554742] name failslab, interval 1, probability 0, space 0, times 1 [ 55.566418] CPU: 0 PID: 6882 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0 [ 55.574221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 55.583565] Call Trace: [ 55.586146] dump_stack+0xf7/0x13b [ 55.589683] should_fail.cold.3+0x105/0x14b [ 55.593988] should_failslab+0xba/0xf0 [ 55.597874] __kmalloc+0x2e8/0x7b0 [ 55.601431] ? __list_lru_init+0x69/0x5f0 [ 55.605558] __list_lru_init+0x69/0x5f0 [ 55.609574] sget_userns+0x3e0/0xb40 [ 55.613273] ? set_anon_super+0x10/0x10 [ 55.617228] ? get_empty_filp.cold.4+0x3a/0x3a [ 55.622043] ? nfsd_mount+0xf0/0xf0 [ 55.625725] mount_ns+0x5d/0x170 [ 55.629082] nfsd_mount+0x93/0xf0 [ 55.632523] ? lockdep_init_map+0x9/0x10 [ 55.636570] mount_fs+0x7f/0x269 [ 55.639932] ? alloc_vfsmnt+0x470/0x750 [ 55.643916] vfs_kern_mount.part.33+0x58/0x3c0 [ 55.648493] do_mount+0x36b/0x26a0 [ 55.652041] ? __might_fault+0xf1/0x1b0 [ 55.656141] ? copy_mount_string+0x20/0x20 [ 55.660383] ? kasan_check_write+0x14/0x20 [ 55.664601] ? _copy_from_user+0x9c/0xd0 [ 55.668737] ? memdup_user+0x4a/0x80 [ 55.672542] SyS_mount+0xb8/0xd0 [ 55.675914] ? copy_mnt_ns+0xae0/0xae0 [ 55.679781] do_syscall_64+0x1c7/0x5b0 [ 55.683656] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 55.688480] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 55.693650] RIP: 0033:0x459279 [ 55.696828] RSP: 002b:00007f891fffec78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 55.704541] RAX: ffffffffffffffda RBX: 00007f891fffec90 RCX: 0000000000459279 [ 55.712093] RDX: 0000000020000240 RSI: 0000000020000000 RDI: 0000000000000000 [ 55.719345] RBP: 000000000075bfc0 R08: 0000000000000000 R09: 0000000000000000 [ 55.726608] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f891ffff6d4 [ 55.733862] R13: 00000000004c56a3 R14: 00000000004d9a20 R15: 0000000000000004 [ 55.742252] device hsr_slave_1 entered promiscuous mode [ 55.800951] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 55.810963] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 55.818524] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 55.829394] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 55.847091] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 55.854689] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 55.867126] FAULT_INJECTION: forcing a failure. [ 55.867126] name failslab, interval 1, probability 0, space 0, times 0 [ 55.881035] CPU: 0 PID: 6885 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0 [ 55.883756] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 55.888872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 55.903600] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 55.905216] Call Trace: [ 55.905233] dump_stack+0xf7/0x13b [ 55.905246] should_fail.cold.3+0x105/0x14b [ 55.921926] should_failslab+0xba/0xf0 [ 55.925831] __kmalloc+0x2e8/0x7b0 [ 55.929383] ? __list_lru_init+0x69/0x5f0 [ 55.933544] __list_lru_init+0x69/0x5f0 [ 55.936097] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.937522] sget_userns+0x3e0/0xb40 [ 55.937527] ? set_anon_super+0x10/0x10 [ 55.937535] ? get_empty_filp.cold.4+0x3a/0x3a [ 55.947164] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.951115] ? nfsd_mount+0xf0/0xf0 [ 55.951123] mount_ns+0x5d/0x170 [ 55.951130] nfsd_mount+0x93/0xf0 [ 55.951137] ? lockdep_init_map+0x9/0x10 [ 55.951142] mount_fs+0x7f/0x269 [ 55.951147] ? alloc_vfsmnt+0x470/0x750 [ 55.951154] vfs_kern_mount.part.33+0x58/0x3c0 [ 55.958130] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 55.961787] do_mount+0x36b/0x26a0 [ 55.961795] ? __might_fault+0xf1/0x1b0 [ 55.961802] ? copy_mount_string+0x20/0x20 [ 55.961812] ? kasan_check_write+0x14/0x20 [ 55.961821] ? _copy_from_user+0x9c/0xd0 [ 55.968019] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 55.968818] ? memdup_user+0x4a/0x80 [ 55.968831] SyS_mount+0xb8/0xd0 [ 55.968838] ? copy_mnt_ns+0xae0/0xae0 [ 55.968845] do_syscall_64+0x1c7/0x5b0 [ 55.968851] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 55.972429] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.976548] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 55.976555] RIP: 0033:0x459279 [ 55.976558] RSP: 002b:00007f892001fc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 55.976564] RAX: ffffffffffffffda RBX: 00007f892001fc90 RCX: 0000000000459279 [ 55.976569] RDX: 0000000020000240 RSI: 0000000020000000 RDI: 0000000000000000 [ 55.982619] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 55.983880] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 55.983884] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f89200206d4 [ 55.983887] R13: 00000000004c56a3 R14: 00000000004d9a20 R15: 0000000000000004 [ 56.128644] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.146840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 56.154909] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 56.162864] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.169689] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.176771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 56.184647] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 56.186387] FAULT_INJECTION: forcing a failure. [ 56.186387] name failslab, interval 1, probability 0, space 0, times 0 [ 56.192322] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.207510] CPU: 0 PID: 6890 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0 [ 56.209896] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.217665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 56.217668] Call Trace: [ 56.217682] dump_stack+0xf7/0x13b [ 56.217692] should_fail.cold.3+0x105/0x14b [ 56.217701] should_failslab+0xba/0xf0 [ 56.217708] __kmalloc+0x2e8/0x7b0 [ 56.217712] ? sget_userns+0x8c2/0xb40 [ 56.217726] ? lock_downgrade+0x7f0/0x7f0 [ 56.226503] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 56.233569] ? register_shrinker+0xb5/0x1e0 [ 56.233577] register_shrinker+0xb5/0x1e0 [ 56.233585] sget_userns+0x8d6/0xb40 [ 56.233588] ? set_anon_super+0x10/0x10 [ 56.233594] ? get_empty_filp.cold.4+0x3a/0x3a [ 56.233600] ? nfsd_mount+0xf0/0xf0 [ 56.233608] mount_ns+0x5d/0x170 [ 56.238743] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 56.239734] nfsd_mount+0x93/0xf0 [ 56.246444] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 56.247995] ? lockdep_init_map+0x9/0x10 [ 56.253043] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 56.255398] mount_fs+0x7f/0x269 [ 56.255405] ? alloc_vfsmnt+0x470/0x750 [ 56.255413] vfs_kern_mount.part.33+0x58/0x3c0 [ 56.255420] do_mount+0x36b/0x26a0 [ 56.255427] ? __might_fault+0xf1/0x1b0 [ 56.259704] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 56.267446] ? copy_mount_string+0x20/0x20 [ 56.267458] ? kasan_check_write+0x14/0x20 [ 56.267464] ? _copy_from_user+0x9c/0xd0 [ 56.267471] ? memdup_user+0x4a/0x80 [ 56.267478] SyS_mount+0xb8/0xd0 [ 56.267488] ? copy_mnt_ns+0xae0/0xae0 [ 56.272531] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 56.276149] do_syscall_64+0x1c7/0x5b0 [ 56.285143] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 56.288381] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 56.297152] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.302111] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 56.302118] RIP: 0033:0x459279 [ 56.302120] RSP: 002b:00007f891fffec78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 56.302126] RAX: ffffffffffffffda RBX: 00007f891fffec90 RCX: 0000000000459279 [ 56.302129] RDX: 0000000020000240 RSI: 0000000020000000 RDI: 0000000000000000 [ 56.302131] RBP: 000000000075bfc0 R08: 0000000000000000 R09: 0000000000000000 [ 56.302134] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f891ffff6d4 [ 56.302139] R13: 00000000004c56a3 R14: 00000000004d9a20 R15: 0000000000000004 [ 56.465372] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 56.475377] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 56.489245] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.502942] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 56.510204] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 56.515515] FAULT_INJECTION: forcing a failure. [ 56.515515] name failslab, interval 1, probability 0, space 0, times 0 [ 56.517374] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 56.529699] CPU: 0 PID: 6896 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0 [ 56.537668] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 56.544833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 56.544838] Call Trace: [ 56.544858] dump_stack+0xf7/0x13b [ 56.544870] should_fail.cold.3+0x105/0x14b [ 56.544880] should_failslab+0xba/0xf0 [ 56.544887] __kmalloc+0x2e8/0x7b0 [ 56.544897] ? __list_lru_init+0x69/0x5f0 [ 56.544906] __list_lru_init+0x69/0x5f0 [ 56.553412] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 56.563050] sget_userns+0x3e0/0xb40 [ 56.563055] ? set_anon_super+0x10/0x10 [ 56.563062] ? get_empty_filp.cold.4+0x3a/0x3a [ 56.563069] ? nfsd_mount+0xf0/0xf0 [ 56.563073] mount_ns+0x5d/0x170 [ 56.563079] nfsd_mount+0x93/0xf0 [ 56.563088] ? lockdep_init_map+0x9/0x10 [ 56.566192] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 56.569720] mount_fs+0x7f/0x269 [ 56.574691] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 56.578102] ? alloc_vfsmnt+0x470/0x750 [ 56.582987] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 56.586826] vfs_kern_mount.part.33+0x58/0x3c0 [ 56.591335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 56.598074] do_mount+0x36b/0x26a0 [ 56.602322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 56.605826] ? __might_fault+0xf1/0x1b0 [ 56.610737] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.614128] ? copy_mount_string+0x20/0x20 [ 56.617590] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.621020] ? kasan_check_write+0x14/0x20 [ 56.621028] ? _copy_from_user+0x9c/0xd0 [ 56.621036] ? memdup_user+0x4a/0x80 [ 56.621044] SyS_mount+0xb8/0xd0 [ 56.621052] ? copy_mnt_ns+0xae0/0xae0 [ 56.625634] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 56.632841] do_syscall_64+0x1c7/0x5b0 [ 56.632847] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 56.632859] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 56.632865] RIP: 0033:0x459279 [ 56.632868] RSP: 002b:00007f891fffec78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 56.752978] RAX: ffffffffffffffda RBX: 00007f891fffec90 RCX: 0000000000459279 [ 56.760266] RDX: 0000000020000240 RSI: 0000000020000000 RDI: 0000000000000000 [ 56.767690] RBP: 000000000075bfc0 R08: 0000000000000000 R09: 0000000000000000 [ 56.775337] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f891ffff6d4 [ 56.782700] R13: 00000000004c56a3 R14: 00000000004d9a20 R15: 0000000000000004 [ 56.796733] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 56.825914] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.852548] FAULT_INJECTION: forcing a failure. [ 56.852548] name failslab, interval 1, probability 0, space 0, times 0 [ 56.864786] CPU: 1 PID: 6902 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0 [ 56.872891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 56.882343] Call Trace: [ 56.882357] dump_stack+0xf7/0x13b [ 56.882368] should_fail.cold.3+0x105/0x14b [ 56.882377] should_failslab+0xba/0xf0 [ 56.882383] __kmalloc+0x2e8/0x7b0 [ 56.882388] ? sget_userns+0x8c2/0xb40 [ 56.882396] ? lock_downgrade+0x7f0/0x7f0 [ 56.882403] ? register_shrinker+0xb5/0x1e0 [ 56.882409] register_shrinker+0xb5/0x1e0 [ 56.882414] sget_userns+0x8d6/0xb40 [ 56.882418] ? set_anon_super+0x10/0x10 [ 56.882423] ? get_empty_filp.cold.4+0x3a/0x3a [ 56.882430] ? nfsd_mount+0xf0/0xf0 [ 56.882435] mount_ns+0x5d/0x170 [ 56.882441] nfsd_mount+0x93/0xf0 [ 56.882445] ? lockdep_init_map+0x9/0x10 [ 56.882450] mount_fs+0x7f/0x269 [ 56.882456] ? alloc_vfsmnt+0x470/0x750 [ 56.882462] vfs_kern_mount.part.33+0x58/0x3c0 [ 56.882470] do_mount+0x36b/0x26a0 [ 56.882476] ? __might_fault+0xf1/0x1b0 [ 56.882483] ? copy_mount_string+0x20/0x20 [ 56.882492] ? kasan_check_write+0x14/0x20 [ 56.882498] ? _copy_from_user+0x9c/0xd0 [ 56.882505] ? memdup_user+0x4a/0x80 [ 56.882515] SyS_mount+0xb8/0xd0 [ 56.888631] ? copy_mnt_ns+0xae0/0xae0 [ 56.896809] do_syscall_64+0x1c7/0x5b0 [ 56.896814] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 56.896826] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 56.896831] RIP: 0033:0x459279 [ 56.904216] RSP: 002b:00007f891fffec78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 56.912650] RAX: ffffffffffffffda RBX: 00007f891fffec90 RCX: 0000000000459279 [ 56.912653] RDX: 0000000020000240 RSI: 0000000020000000 RDI: 0000000000000000 [ 56.912656] RBP: 000000000075bfc0 R08: 0000000000000000 R09: 0000000000000000 [ 56.912658] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f891ffff6d4 [ 56.912661] R13: 00000000004c56a3 R14: 00000000004d9a20 R15: 0000000000000004 [ 57.055385] device hsr_slave_0 entered promiscuous mode [ 57.100380] device hsr_slave_1 entered promiscuous mode [ 57.140801] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 57.149773] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 57.152836] list_add double add: new=ffff88807bb000e0, prev=ffffffff8821f240, next=ffff88807bb000e0. [ 57.158603] kobject: 'loop3' (ffff8880a4a30660): kobject_uevent_env [ 57.168162] ------------[ cut here ]------------ [ 57.168168] kernel BUG at lib/list_debug.c:31! [ 57.168183] invalid opcode: 0000 [#1] PREEMPT SMP KASAN 2019/12/14 03:21:18 executed programs: 10 [ 57.168185] Modules linked in: [ 57.176739] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.180817] CPU: 0 PID: 6847 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0 [ 57.180819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 57.180823] task: ffff8880a48ba0c0 task.stack: ffff888099b70000 [ 57.180837] RIP: 0010:__list_add_valid+0xaa/0xb0 [ 57.180840] RSP: 0018:ffff888099b77c08 EFLAGS: 00010086 [ 57.180844] RAX: 0000000000000058 RBX: ffff88807bb000e0 RCX: 0000000000000000 [ 57.180846] RDX: 0000000000000058 RSI: ffffffff868cf060 RDI: ffffed101336ef78 [ 57.180848] RBP: ffff888099b77c20 R08: 0000000000000001 R09: 0000000000000000 [ 57.180852] R10: ffff888099b777c0 R11: ffff8880a48ba0c0 R12: ffff88807bb000e0 [ 57.185657] kobject: 'loop3' (ffff8880a4a30660): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 57.190825] R13: ffff88807bb000e0 R14: 0000000000000286 R15: ffff8880a1358a80 [ 57.190830] FS: 0000000001f4b940(0000) GS:ffff8880aee00000(0000) knlGS:0000000000000000 [ 57.190832] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 57.190834] CR2: 000000000070e158 CR3: 00000000892fb000 CR4: 00000000001406f0 [ 57.190839] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 57.190841] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 57.190843] Call Trace: [ 57.190854] ? __put_net+0x1f/0x100 [ 57.190859] __put_net+0x3b/0x100 [ 57.190864] __sk_destruct+0x3eb/0x4e0 [ 57.190868] sk_destruct+0x83/0xb0 [ 57.190874] __sk_free+0x47/0x1f0 [ 57.195117] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.201767] sk_free+0x23/0x30 [ 57.201773] tcp_close+0x94a/0xf00 [ 57.201779] ? __sock_release+0x7d/0x2a0 [ 57.201786] inet_release+0xd9/0x1c0 [ 57.201792] __sock_release+0xc2/0x2a0 [ 57.375991] sock_close+0x10/0x20 [ 57.379663] __fput+0x232/0x750 [ 57.383074] ? _raw_spin_unlock_irq+0x27/0x80 [ 57.387836] ____fput+0x9/0x10 [ 57.391024] task_work_run+0xe5/0x170 [ 57.395351] exit_to_usermode_loop+0x16a/0x1b0 [ 57.401582] do_syscall_64+0x416/0x5b0 [ 57.405494] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 57.410557] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 57.416243] RIP: 0033:0x412f40 [ 57.419532] RSP: 002b:00007fff94437cd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 57.427677] RAX: 0000000000000000 RBX: 00007fff94437de0 RCX: 0000000000412f40 [ 57.435733] RDX: 00000000000000e0 RSI: 00007fff944381c0 RDI: 0000000000000003 [ 57.444013] RBP: 0000000000000003 R08: 0000000000006000 R09: 0000000000004000 [ 57.451681] R10: 00007fff94437de0 R11: 0000000000000246 R12: 0000000000000000 [ 57.459370] R13: 00007fff94438460 R14: 000000000000dde3 R15: 00007fff94438470 [ 57.467561] Code: 75 e8 eb a9 48 89 f7 48 89 75 e8 e8 61 c7 af fe 48 8b 75 e8 eb bb 48 89 f2 48 89 d9 4c 89 e6 48 c7 c7 80 d6 bc 86 e8 63 2b 76 fe <0f> 0b 0f 1f 40 00 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 41 [ 57.488165] RIP: __list_add_valid+0xaa/0xb0 RSP: ffff888099b77c08 [ 57.494383] ---[ end trace 8f5716b45273febe ]--- [ 57.499144] Kernel panic - not syncing: Fatal exception [ 57.505925] Kernel Offset: disabled [ 57.509754] Rebooting in 86400 seconds..