[ 33.990860] IPVS: ftp: loaded support on port[0] = 21 [ 35.355011] can: request_module (can-proto-0) failed. [ 35.363769] can: request_module (can-proto-0) failed. [ 35.372307] can: request_module (can-proto-0) failed. [ 35.512660] audit: type=1400 audit(1583533173.247:37): avc: denied { create } for pid=6794 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 [ 35.536345] audit: type=1400 audit(1583533173.247:38): avc: denied { create } for pid=6794 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 35.561150] audit: type=1400 audit(1583533173.247:39): avc: denied { create } for pid=6794 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 35.707080] random: sshd: uninitialized urandom read (32 bytes read) [ 36.429051] random: sshd: uninitialized urandom read (32 bytes read) [ 36.629086] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.15.199' (ECDSA) to the list of known hosts. 2020/03/06 22:19:40 parsed 1 programs 2020/03/06 22:19:40 executed programs: 0 [ 42.527880] audit: type=1400 audit(1583533180.257:40): avc: denied { map } for pid=6869 comm="syz-execprog" path="/root/syzkaller-shm673488591" dev="sda1" ino=16503 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 [ 42.830887] IPVS: ftp: loaded support on port[0] = 21 [ 43.695510] IPVS: ftp: loaded support on port[0] = 21 [ 43.737781] chnl_net:caif_netlink_parms(): no params data found [ 43.773069] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.779465] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.786650] device bridge_slave_0 entered promiscuous mode [ 43.793532] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.799864] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.807248] device bridge_slave_1 entered promiscuous mode [ 43.807788] IPVS: ftp: loaded support on port[0] = 21 [ 43.840901] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 43.860377] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 43.890238] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 43.897603] team0: Port device team_slave_0 added [ 43.904818] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 43.911881] team0: Port device team_slave_1 added [ 43.922878] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 43.933250] chnl_net:caif_netlink_parms(): no params data found [ 43.941729] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 43.954517] IPVS: ftp: loaded support on port[0] = 21 [ 44.011819] device hsr_slave_0 entered promiscuous mode [ 44.050295] device hsr_slave_1 entered promiscuous mode [ 44.090748] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 44.100814] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 44.123219] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.130433] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.137255] device bridge_slave_0 entered promiscuous mode [ 44.143934] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.150593] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.157455] device bridge_slave_1 entered promiscuous mode [ 44.183263] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.189778] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.196746] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.203138] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.212624] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 44.238707] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 44.265185] chnl_net:caif_netlink_parms(): no params data found [ 44.283885] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 44.291434] team0: Port device team_slave_0 added [ 44.311501] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 44.318486] team0: Port device team_slave_1 added [ 44.323803] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 44.338170] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 44.352798] IPVS: ftp: loaded support on port[0] = 21 [ 44.370846] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.377254] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.384300] device bridge_slave_0 entered promiscuous mode [ 44.422814] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.429188] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.436620] device bridge_slave_1 entered promiscuous mode [ 44.458618] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 44.502393] device hsr_slave_0 entered promiscuous mode [ 44.540314] device hsr_slave_1 entered promiscuous mode [ 44.582393] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 44.589211] chnl_net:caif_netlink_parms(): no params data found [ 44.604804] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 44.619102] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 44.666596] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 44.673990] team0: Port device team_slave_0 added [ 44.680899] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 44.688141] team0: Port device team_slave_1 added [ 44.696946] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 44.704353] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.710737] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.717308] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.723800] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.731527] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.737870] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.745859] device bridge_slave_0 entered promiscuous mode [ 44.755662] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 44.764143] IPVS: ftp: loaded support on port[0] = 21 [ 44.801923] device hsr_slave_0 entered promiscuous mode [ 44.840368] device hsr_slave_1 entered promiscuous mode [ 44.890686] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 44.897776] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 44.904945] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.912793] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.919628] device bridge_slave_1 entered promiscuous mode [ 44.939224] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 44.948101] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.957140] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.964556] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.971253] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.998522] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 45.006184] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 45.028335] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.078153] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 45.088696] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 45.105391] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 45.112887] team0: Port device team_slave_0 added [ 45.118204] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 45.125837] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 45.143747] chnl_net:caif_netlink_parms(): no params data found [ 45.157167] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 45.164725] team0: Port device team_slave_1 added [ 45.170467] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 45.181184] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 45.187278] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.195896] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 45.209015] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 45.216599] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 45.227131] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 45.236120] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 45.243937] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.250436] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.257482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 45.265947] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 45.273923] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.280325] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.305579] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 45.335072] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 45.382026] device hsr_slave_0 entered promiscuous mode [ 45.410336] device hsr_slave_1 entered promiscuous mode [ 45.472286] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 45.491164] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.498442] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.515252] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 45.525396] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.532092] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.538978] device bridge_slave_0 entered promiscuous mode [ 45.547907] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 45.555253] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 45.565012] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 45.589639] chnl_net:caif_netlink_parms(): no params data found [ 45.599533] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.606103] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.612985] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.619907] device bridge_slave_1 entered promiscuous mode [ 45.635749] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 45.643482] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 45.665465] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 45.674395] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 45.683775] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 45.693736] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 45.702903] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 45.710182] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 45.717007] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 45.723971] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 45.731594] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 45.739700] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 45.762926] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 45.770454] team0: Port device team_slave_0 added [ 45.776113] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 45.783624] team0: Port device team_slave_1 added [ 45.790542] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 45.796904] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 45.815479] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 45.822040] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.830785] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 45.838414] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 45.845316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 45.852367] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 45.859726] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 45.867817] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 45.875923] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.882593] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.889368] device bridge_slave_0 entered promiscuous mode [ 45.896031] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.902434] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.909220] device bridge_slave_1 entered promiscuous mode [ 45.927982] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 45.942581] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 45.993498] device hsr_slave_0 entered promiscuous mode [ 46.030487] device hsr_slave_1 entered promiscuous mode [ 46.070853] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 46.077955] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 46.085938] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.093698] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.100191] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.108266] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 46.117180] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 46.123403] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.141825] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 46.148968] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 46.159564] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 46.167837] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 46.184381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 46.192074] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 46.199487] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 46.207310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.214889] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.221269] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.229440] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 46.236069] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 46.245301] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.258061] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 46.268303] team0: Port device team_slave_0 added [ 46.276043] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 46.283699] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 46.294376] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.302061] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.308528] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.315492] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 46.324018] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 46.332844] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 46.341199] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 46.352517] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.362558] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 46.369628] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 46.376960] team0: Port device team_slave_1 added [ 46.386457] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.393096] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 46.400903] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.408494] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.414892] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.421800] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 46.429312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 46.436913] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 46.444377] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 46.452070] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 46.459555] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 46.467767] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.476389] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 46.483930] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 46.494132] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 46.502961] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 46.511000] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 46.518398] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 46.534371] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 46.541559] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 46.552454] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 46.570266] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 46.577767] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 46.589654] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 46.596960] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 46.603842] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 46.611650] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 46.619407] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 46.626424] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 46.638651] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 46.648397] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 46.658650] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 46.667152] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.712355] device hsr_slave_0 entered promiscuous mode [ 46.750298] device hsr_slave_1 entered promiscuous mode [ 46.790542] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 46.797469] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 46.805133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 46.812108] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 46.820834] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.828387] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 46.835721] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.844059] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.852826] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 46.865010] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 46.872278] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 46.879699] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 46.889007] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 46.896908] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 46.904055] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 46.911280] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 46.919094] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 46.931279] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 46.939608] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 46.946115] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.955291] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.962585] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 46.970653] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 46.978067] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 46.984921] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 46.991881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 46.999497] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 47.007122] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.013469] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.022415] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 47.029871] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 47.037613] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 47.045276] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 47.054807] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 47.065361] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 47.075063] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 47.085910] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 47.094098] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 47.102188] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.108547] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.115843] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.124201] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.131771] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.138213] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.145622] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.153520] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.161182] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.167547] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.177940] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.189652] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 47.203983] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 47.211728] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 47.218794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 47.223381] FAULT_INJECTION: forcing a failure. [ 47.223381] name failslab, interval 1, probability 0, space 0, times 1 [ 47.226189] audit: type=1400 audit(1583533184.947:41): avc: denied { name_bind } for pid=6924 comm="syz-executor.2" src=20003 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:port_t:s0 tclass=dccp_socket permissive=1 [ 47.242142] CPU: 0 PID: 6925 Comm: syz-executor.2 Not tainted 4.14.172-syzkaller #0 [ 47.262439] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 47.267574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 47.275585] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 47.284002] Call Trace: [ 47.284019] dump_stack+0xf7/0x13b [ 47.284029] should_fail.cold.3+0x105/0x14b [ 47.284038] should_failslab+0xba/0xf0 [ 47.284045] kmem_cache_alloc_trace+0x4b/0x7a0 [ 47.284052] ? trace_hardirqs_off+0x10/0x10 [ 47.284060] dccp_ackvec_parsed_add+0x51/0x220 [ 47.284069] ccid2_hc_tx_parse_options+0x5b/0x80 [ 47.291246] audit: type=1400 audit(1583533184.947:42): avc: denied { node_bind } for pid=6924 comm="syz-executor.2" src=20003 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:node_t:s0 tclass=dccp_socket permissive=1 [ 47.293645] dccp_parse_options+0x532/0xf20 [ 47.297174] audit: type=1400 audit(1583533184.947:43): avc: denied { name_connect } for pid=6924 comm="syz-executor.2" dest=20003 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:port_t:s0 tclass=dccp_socket permissive=1 [ 47.301473] dccp_rcv_established+0x23/0x70 [ 47.301478] dccp_v4_do_rcv+0xfa/0x160 [ 47.301486] __release_sock+0x10b/0x340 [ 47.301496] release_sock+0x4f/0x180 [ 47.301502] dccp_sendmsg+0x4ab/0xc70 [ 47.301508] ? sock_has_perm+0x1d6/0x2c0 [ 47.396719] ? dccp_getsockopt+0xd0/0xd0 [ 47.400774] ? copy_msghdr_from_user+0x201/0x3f0 [ 47.405509] inet_sendmsg+0x108/0x440 [ 47.409300] ? security_socket_sendmsg+0x6a/0xa0 [ 47.414473] ? inet_recvmsg+0x640/0x640 [ 47.418435] sock_sendmsg+0xb5/0xf0 [ 47.422057] ___sys_sendmsg+0x282/0x920 [ 47.426016] ? trace_hardirqs_off+0x10/0x10 [ 47.430322] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 47.435069] ? trace_hardirqs_on+0x10/0x10 [ 47.439295] ? trace_hardirqs_off+0x10/0x10 [ 47.443616] ? __fget+0x1ad/0x2f0 [ 47.447055] ? lock_downgrade+0x7f0/0x7f0 [ 47.451189] ? find_held_lock+0x36/0x1d0 [ 47.455236] ? __might_fault+0xf1/0x1b0 [ 47.459203] __sys_sendmmsg+0x126/0x300 [ 47.463161] ? SyS_sendmsg+0x20/0x20 [ 47.466867] ? __sb_end_write+0xa4/0xd0 [ 47.470829] ? mutex_unlock+0xd/0x10 [ 47.474724] ? SyS_write+0x1c5/0x250 [ 47.478435] ? do_syscall_64+0x4c/0x5b0 [ 47.482397] ? __sys_sendmmsg+0x300/0x300 [ 47.486526] SyS_sendmmsg+0xd/0x20 [ 47.490053] do_syscall_64+0x1c7/0x5b0 [ 47.493990] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 47.498874] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 47.504044] RIP: 0033:0x45a219 [ 47.507225] RSP: 002b:00007f560344ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 47.514915] RAX: ffffffffffffffda RBX: 00007f560344ac90 RCX: 000000000045a219 [ 47.522250] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000006 [ 47.529513] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 47.536851] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f560344b6d4 2020/03/06 22:19:45 executed programs: 6 [ 47.544111] R13: 00000000004c7f9d R14: 00000000004de3c8 R15: 0000000000000007 [ 47.558428] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 47.560457] dccp_parse_options: DCCP(ffff8880a023c100): Option 38 (len=1) error=5 [ 47.566365] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 47.588394] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 47.599013] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 47.613008] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 47.624650] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 47.631528] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 47.642023] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 47.650554] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 47.658796] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 47.673455] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 47.685941] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 47.699139] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 47.707217] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 47.715752] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 47.723476] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 47.731671] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 47.739484] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 47.751443] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 47.761020] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 47.773215] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 47.776605] FAULT_INJECTION: forcing a failure. [ 47.776605] name failslab, interval 1, probability 0, space 0, times 0 [ 47.782096] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 47.794146] CPU: 1 PID: 6937 Comm: syz-executor.3 Not tainted 4.14.172-syzkaller #0 [ 47.799164] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 47.806448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 47.806452] Call Trace: [ 47.806466] dump_stack+0xf7/0x13b [ 47.806477] should_fail.cold.3+0x105/0x14b [ 47.806487] should_failslab+0xba/0xf0 [ 47.806494] kmem_cache_alloc_trace+0x4b/0x7a0 [ 47.806503] ? trace_hardirqs_off+0x10/0x10 [ 47.806511] dccp_ackvec_parsed_add+0x51/0x220 [ 47.806518] ccid2_hc_tx_parse_options+0x5b/0x80 [ 47.806525] dccp_parse_options+0x532/0xf20 [ 47.806537] dccp_rcv_established+0x23/0x70 [ 47.806542] dccp_v4_do_rcv+0xfa/0x160 [ 47.806550] __release_sock+0x10b/0x340 [ 47.806561] release_sock+0x4f/0x180 [ 47.806566] dccp_sendmsg+0x4ab/0xc70 [ 47.806572] ? sock_has_perm+0x1d6/0x2c0 [ 47.815213] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 47.822765] ? dccp_getsockopt+0xd0/0xd0 [ 47.822775] ? copy_msghdr_from_user+0x201/0x3f0 [ 47.822782] ? find_held_lock+0x36/0x1d0 [ 47.822791] inet_sendmsg+0x108/0x440 [ 47.822798] ? security_socket_sendmsg+0x6a/0xa0 [ 47.822803] ? inet_recvmsg+0x640/0x640 [ 47.828026] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 47.828901] sock_sendmsg+0xb5/0xf0 [ 47.835952] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 47.837078] ___sys_sendmsg+0x282/0x920 [ 47.837086] ? trace_hardirqs_off+0x10/0x10 [ 47.837094] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 47.837104] ? trace_hardirqs_on+0x10/0x10 [ 47.844672] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 47.846104] ? trace_hardirqs_off+0x10/0x10 [ 47.846113] ? __fget+0x1ad/0x2f0 [ 47.846119] ? lock_downgrade+0x7f0/0x7f0 [ 47.846126] ? find_held_lock+0x36/0x1d0 [ 47.846139] ? __might_fault+0xf1/0x1b0 [ 47.853293] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 47.855465] __sys_sendmmsg+0x126/0x300 [ 47.855473] ? SyS_sendmsg+0x20/0x20 [ 47.855491] ? __sb_end_write+0xa4/0xd0 [ 47.861799] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 47.864120] ? mutex_unlock+0xd/0x10 [ 47.864129] ? SyS_write+0x1c5/0x250 [ 47.864140] ? do_syscall_64+0x4c/0x5b0 [ 47.864147] ? __sys_sendmmsg+0x300/0x300 [ 47.864151] SyS_sendmmsg+0xd/0x20 [ 47.864157] do_syscall_64+0x1c7/0x5b0 [ 47.864161] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 47.864170] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 47.864176] RIP: 0033:0x45a219 [ 47.864179] RSP: 002b:00007fcdbe813c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 47.864187] RAX: ffffffffffffffda RBX: 00007fcdbe813c90 RCX: 000000000045a219 [ 47.864190] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000006 [ 47.864193] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 47.868194] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 47.872079] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcdbe8146d4 [ 47.872082] R13: 00000000004c7f9d R14: 00000000004de3c8 R15: 0000000000000007 [ 47.934503] dccp_parse_options: DCCP(ffff8880a023cac0): Option 38 (len=1) error=5 [ 47.938586] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 48.116870] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.130604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 48.138093] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 48.147158] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 48.155254] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 48.163203] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 48.170975] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 48.178382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 48.186067] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 48.193647] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 48.201284] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 48.208879] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 48.215851] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 48.228853] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 48.236892] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 48.244387] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 48.251619] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 48.269640] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 48.276809] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 48.288557] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.308182] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.322916] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 48.331235] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 48.338621] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 48.349045] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 48.356530] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 48.365276] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 48.376775] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.383500] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 48.391141] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 48.398931] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 48.406732] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.434212] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 48.456840] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 48.464921] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 48.473393] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 48.477680] FAULT_INJECTION: forcing a failure. [ 48.477680] name failslab, interval 1, probability 0, space 0, times 0 [ 48.482512] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.499213] CPU: 1 PID: 6959 Comm: syz-executor.1 Not tainted 4.14.172-syzkaller #0 [ 48.499366] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.507103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 48.507106] Call Trace: [ 48.507118] dump_stack+0xf7/0x13b [ 48.507128] should_fail.cold.3+0x105/0x14b [ 48.507138] should_failslab+0xba/0xf0 [ 48.507144] kmem_cache_alloc_trace+0x4b/0x7a0 [ 48.507154] ? trace_hardirqs_off+0x10/0x10 [ 48.516416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 48.523672] dccp_ackvec_parsed_add+0x51/0x220 [ 48.523682] ccid2_hc_tx_parse_options+0x5b/0x80 [ 48.523689] dccp_parse_options+0x532/0xf20 [ 48.523701] dccp_rcv_established+0x23/0x70 [ 48.523706] dccp_v4_do_rcv+0xfa/0x160 [ 48.523713] __release_sock+0x10b/0x340 [ 48.523724] release_sock+0x4f/0x180 [ 48.526714] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 48.529840] dccp_sendmsg+0x4ab/0xc70 [ 48.529851] ? sock_has_perm+0x1d6/0x2c0 [ 48.529860] ? dccp_getsockopt+0xd0/0xd0 [ 48.529869] ? copy_msghdr_from_user+0x201/0x3f0 [ 48.529877] ? find_held_lock+0x36/0x1d0 [ 48.534506] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.538071] inet_sendmsg+0x108/0x440 [ 48.538078] ? security_socket_sendmsg+0x6a/0xa0 [ 48.538083] ? inet_recvmsg+0x640/0x640 [ 48.538089] sock_sendmsg+0xb5/0xf0 [ 48.538095] ___sys_sendmsg+0x282/0x920 [ 48.538100] ? trace_hardirqs_off+0x10/0x10 [ 48.538107] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 48.542866] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.547126] ? trace_hardirqs_on+0x10/0x10 [ 48.555073] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 48.559047] ? trace_hardirqs_off+0x10/0x10 [ 48.559055] ? __fget+0x1ad/0x2f0 [ 48.559061] ? lock_downgrade+0x7f0/0x7f0 [ 48.559068] ? find_held_lock+0x36/0x1d0 [ 48.559081] ? __might_fault+0xf1/0x1b0 [ 48.684786] __sys_sendmmsg+0x126/0x300 [ 48.688752] ? SyS_sendmsg+0x20/0x20 [ 48.692461] ? __sb_end_write+0xa4/0xd0 [ 48.696451] ? mutex_unlock+0xd/0x10 [ 48.700149] ? SyS_write+0x1c5/0x250 [ 48.703845] ? do_syscall_64+0x4c/0x5b0 [ 48.707847] ? __sys_sendmmsg+0x300/0x300 [ 48.711978] SyS_sendmmsg+0xd/0x20 [ 48.715511] do_syscall_64+0x1c7/0x5b0 [ 48.719502] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 48.724336] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 48.729560] RIP: 0033:0x45a219 [ 48.732736] RSP: 002b:00007f51eda07c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 48.740432] RAX: ffffffffffffffda RBX: 00007f51eda07c90 RCX: 000000000045a219 [ 48.747858] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000006 [ 48.755128] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 48.762393] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f51eda086d4 [ 48.769762] R13: 00000000004c7f9d R14: 00000000004de3c8 R15: 0000000000000007 [ 48.788746] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 48.792849] dccp_parse_options: DCCP(ffff8880a023cac0): Option 38 (len=1) error=5 [ 48.798500] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 48.818345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 48.839874] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 48.856349] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 48.877275] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 48.885953] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 48.889822] FAULT_INJECTION: forcing a failure. [ 48.889822] name failslab, interval 1, probability 0, space 0, times 0 [ 48.898640] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 48.913900] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 48.920958] CPU: 0 PID: 6969 Comm: syz-executor.4 Not tainted 4.14.172-syzkaller #0 [ 48.928886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 48.938231] Call Trace: [ 48.940877] dump_stack+0xf7/0x13b [ 48.944405] should_fail.cold.3+0x105/0x14b [ 48.948719] should_failslab+0xba/0xf0 [ 48.952593] kmem_cache_alloc+0x47/0x790 [ 48.956634] ? dccp_feat_clone_list+0x3c0/0x3c0 [ 48.961281] dccp_ackvec_update_records+0x25/0x3e0 [ 48.966206] dccp_insert_options+0x68e/0xb70 [ 48.970611] dccp_transmit_skb+0x194/0x1250 [ 48.974923] ? skb_unlink+0xeb/0x160 [ 48.978628] dccp_xmit_packet+0x1a6/0x580 [ 48.982857] dccp_write_xmit+0x125/0x180 [ 48.986922] dccp_sendmsg+0x556/0xc70 [ 48.990717] ? sock_has_perm+0x1d6/0x2c0 [ 48.994759] ? dccp_getsockopt+0xd0/0xd0 [ 48.998807] ? copy_msghdr_from_user+0x201/0x3f0 [ 49.003541] ? find_held_lock+0x36/0x1d0 [ 49.007586] inet_sendmsg+0x108/0x440 [ 49.011368] ? security_socket_sendmsg+0x6a/0xa0 [ 49.016244] ? inet_recvmsg+0x640/0x640 [ 49.020201] sock_sendmsg+0xb5/0xf0 [ 49.023813] ___sys_sendmsg+0x282/0x920 [ 49.028033] ? trace_hardirqs_off+0x10/0x10 [ 49.032340] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 49.037077] ? trace_hardirqs_on+0x10/0x10 [ 49.041287] ? trace_hardirqs_off+0x10/0x10 [ 49.045597] ? __fget+0x1ad/0x2f0 [ 49.049028] ? lock_downgrade+0x7f0/0x7f0 [ 49.053182] ? find_held_lock+0x36/0x1d0 [ 49.057223] ? __might_fault+0xf1/0x1b0 [ 49.061179] __sys_sendmmsg+0x126/0x300 [ 49.065129] ? SyS_sendmsg+0x20/0x20 [ 49.068834] ? __sb_end_write+0xa4/0xd0 [ 49.072785] ? mutex_unlock+0xd/0x10 [ 49.076605] ? SyS_write+0x1c5/0x250 [ 49.080298] ? do_syscall_64+0x4c/0x5b0 [ 49.084271] ? __sys_sendmmsg+0x300/0x300 [ 49.088404] SyS_sendmmsg+0xd/0x20 [ 49.091922] do_syscall_64+0x1c7/0x5b0 [ 49.095793] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 49.100615] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 49.105833] RIP: 0033:0x45a219 [ 49.109054] RSP: 002b:00007f14c5c15c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 49.116749] RAX: ffffffffffffffda RBX: 00007f14c5c15c90 RCX: 000000000045a219 [ 49.123998] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000006 [ 49.131250] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 49.138497] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f14c5c166d4 [ 49.145745] R13: 00000000004c7f9d R14: 00000000004de3c8 R15: 0000000000000007 [ 49.159346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 49.168296] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 49.183283] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 49.192028] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 49.199926] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 49.212762] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 49.223516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 49.233054] FAULT_INJECTION: forcing a failure. [ 49.233054] name failslab, interval 1, probability 0, space 0, times 0 [ 49.234522] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 49.255362] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 49.258835] CPU: 0 PID: 6986 Comm: syz-executor.5 Not tainted 4.14.172-syzkaller #0 [ 49.265057] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 49.269139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 49.284871] Call Trace: [ 49.287456] dump_stack+0xf7/0x13b [ 49.290992] should_fail.cold.3+0x105/0x14b [ 49.295304] should_failslab+0xba/0xf0 [ 49.299193] kmem_cache_alloc+0x47/0x790 [ 49.303243] ? dccp_feat_clone_list+0x3c0/0x3c0 [ 49.307913] dccp_ackvec_update_records+0x25/0x3e0 [ 49.312422] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 49.312838] dccp_insert_options+0x68e/0xb70 [ 49.323392] dccp_transmit_skb+0x194/0x1250 [ 49.324260] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 49.327702] ? skb_unlink+0xeb/0x160 [ 49.334478] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 49.337530] dccp_xmit_packet+0x1a6/0x580 [ 49.344906] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 49.348237] dccp_write_xmit+0x125/0x180 [ 49.348244] dccp_sendmsg+0x556/0xc70 [ 49.348250] ? sock_has_perm+0x1d6/0x2c0 [ 49.348259] ? dccp_getsockopt+0xd0/0xd0 [ 49.358973] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 49.362667] ? copy_msghdr_from_user+0x201/0x3f0 [ 49.362674] ? find_held_lock+0x36/0x1d0 [ 49.362683] inet_sendmsg+0x108/0x440 [ 49.362689] ? security_socket_sendmsg+0x6a/0xa0 [ 49.362694] ? inet_recvmsg+0x640/0x640 [ 49.362698] sock_sendmsg+0xb5/0xf0 [ 49.362703] ___sys_sendmsg+0x282/0x920 [ 49.362708] ? trace_hardirqs_off+0x10/0x10 [ 49.362714] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 49.362723] ? trace_hardirqs_on+0x10/0x10 [ 49.362728] ? trace_hardirqs_off+0x10/0x10 [ 49.362736] ? __fget+0x1ad/0x2f0 [ 49.403144] FAULT_INJECTION: forcing a failure. [ 49.403144] name failslab, interval 1, probability 0, space 0, times 0 [ 49.405781] ? lock_downgrade+0x7f0/0x7f0 [ 49.405788] ? find_held_lock+0x36/0x1d0 [ 49.405800] ? __might_fault+0xf1/0x1b0 [ 49.450094] __sys_sendmmsg+0x126/0x300 [ 49.454069] ? SyS_sendmsg+0x20/0x20 [ 49.457806] ? __sb_end_write+0xa4/0xd0 [ 49.461773] ? mutex_unlock+0xd/0x10 [ 49.465468] ? SyS_write+0x1c5/0x250 [ 49.469166] ? do_syscall_64+0x4c/0x5b0 [ 49.473128] ? __sys_sendmmsg+0x300/0x300 [ 49.477357] SyS_sendmmsg+0xd/0x20 [ 49.480885] do_syscall_64+0x1c7/0x5b0 [ 49.484768] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 49.489614] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 49.494788] RIP: 0033:0x45a219 [ 49.497959] RSP: 002b:00007f49ea122c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 49.505650] RAX: ffffffffffffffda RBX: 00007f49ea122c90 RCX: 000000000045a219 [ 49.512919] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000006 [ 49.520347] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 49.527598] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f49ea1236d4 [ 49.534849] R13: 00000000004c7f9d R14: 00000000004de3c8 R15: 0000000000000007 [ 49.542113] CPU: 1 PID: 6985 Comm: syz-executor.4 Not tainted 4.14.172-syzkaller #0 [ 49.549917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 49.560334] Call Trace: [ 49.562920] dump_stack+0xf7/0x13b [ 49.566464] should_fail.cold.3+0x105/0x14b [ 49.570789] should_failslab+0xba/0xf0 [ 49.574682] kmem_cache_alloc_trace+0x4b/0x7a0 [ 49.579270] ? trace_hardirqs_off+0x10/0x10 [ 49.583598] dccp_ackvec_parsed_add+0x51/0x220 [ 49.588183] ccid2_hc_tx_parse_options+0x5b/0x80 [ 49.592949] dccp_parse_options+0x532/0xf20 [ 49.597465] dccp_rcv_established+0x23/0x70 [ 49.601785] dccp_v4_do_rcv+0xfa/0x160 [ 49.605836] __release_sock+0x10b/0x340 [ 49.610316] release_sock+0x4f/0x180 [ 49.614027] dccp_sendmsg+0x4ab/0xc70 [ 49.617881] ? sock_has_perm+0x1d6/0x2c0 [ 49.621991] ? dccp_getsockopt+0xd0/0xd0 [ 49.626142] ? copy_msghdr_from_user+0x201/0x3f0 [ 49.630880] ? find_held_lock+0x36/0x1d0 [ 49.634927] inet_sendmsg+0x108/0x440 [ 49.638715] ? security_socket_sendmsg+0x6a/0xa0 [ 49.643459] ? inet_recvmsg+0x640/0x640 [ 49.647421] sock_sendmsg+0xb5/0xf0 [ 49.651049] ___sys_sendmsg+0x282/0x920 [ 49.655020] ? trace_hardirqs_off+0x10/0x10 [ 49.659345] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 49.664101] ? trace_hardirqs_on+0x10/0x10 [ 49.668328] ? trace_hardirqs_off+0x10/0x10 [ 49.672631] ? __fget+0x1ad/0x2f0 [ 49.676081] ? lock_downgrade+0x7f0/0x7f0 [ 49.680213] ? find_held_lock+0x36/0x1d0 [ 49.684268] ? __might_fault+0xf1/0x1b0 [ 49.688338] __sys_sendmmsg+0x126/0x300 [ 49.692310] ? SyS_sendmsg+0x20/0x20 [ 49.696030] ? __sb_end_write+0xa4/0xd0 [ 49.700002] ? mutex_unlock+0xd/0x10 [ 49.703706] ? SyS_write+0x1c5/0x250 [ 49.707405] ? do_syscall_64+0x4c/0x5b0 [ 49.711365] ? __sys_sendmmsg+0x300/0x300 [ 49.715489] SyS_sendmmsg+0xd/0x20 [ 49.719007] do_syscall_64+0x1c7/0x5b0 [ 49.722871] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 49.727697] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 49.732861] RIP: 0033:0x45a219 [ 49.736025] RSP: 002b:00007f14c5c15c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 49.743712] RAX: ffffffffffffffda RBX: 00007f14c5c15c90 RCX: 000000000045a219 [ 49.751060] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000006 [ 49.758437] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 49.765695] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f14c5c166d4 [ 49.772964] R13: 00000000004c7f9d R14: 00000000004de3c8 R15: 0000000000000007 [ 49.784005] dccp_parse_options: DCCP(ffff888096adb540): Option 38 (len=1) error=5 [ 50.568748] FAULT_INJECTION: forcing a failure. [ 50.568748] name failslab, interval 1, probability 0, space 0, times 0 [ 50.580064] CPU: 1 PID: 7004 Comm: syz-executor.0 Not tainted 4.14.172-syzkaller #0 [ 50.588020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.597409] Call Trace: [ 50.600677] dump_stack+0xf7/0x13b [ 50.604254] should_fail.cold.3+0x105/0x14b [ 50.608559] should_failslab+0xba/0xf0 [ 50.612465] kmem_cache_alloc_trace+0x4b/0x7a0 [ 50.617038] ? trace_hardirqs_off+0x10/0x10 [ 50.621345] dccp_ackvec_parsed_add+0x51/0x220 [ 50.625916] ccid2_hc_tx_parse_options+0x5b/0x80 [ 50.630654] dccp_parse_options+0x532/0xf20 [ 50.635003] dccp_rcv_established+0x23/0x70 [ 50.639302] dccp_v4_do_rcv+0xfa/0x160 [ 50.643211] __release_sock+0x10b/0x340 [ 50.647172] release_sock+0x4f/0x180 [ 50.650869] dccp_sendmsg+0x4ab/0xc70 [ 50.654654] ? sock_has_perm+0x1d6/0x2c0 [ 50.658762] ? dccp_getsockopt+0xd0/0xd0 [ 50.662803] ? copy_msghdr_from_user+0x201/0x3f0 [ 50.667555] ? find_held_lock+0x36/0x1d0 [ 50.671709] inet_sendmsg+0x108/0x440 [ 50.675492] ? security_socket_sendmsg+0x6a/0xa0 [ 50.680234] ? inet_recvmsg+0x640/0x640 [ 50.684190] sock_sendmsg+0xb5/0xf0 [ 50.687796] ___sys_sendmsg+0x282/0x920 [ 50.691797] ? trace_hardirqs_off+0x10/0x10 [ 50.696101] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 50.700841] ? trace_hardirqs_on+0x10/0x10 [ 50.705061] ? trace_hardirqs_off+0x10/0x10 [ 50.709438] ? __fget+0x1ad/0x2f0 [ 50.712967] ? lock_downgrade+0x7f0/0x7f0 [ 50.717099] ? find_held_lock+0x36/0x1d0 [ 50.721347] ? __might_fault+0xf1/0x1b0 [ 50.725304] __sys_sendmmsg+0x126/0x300 [ 50.729265] ? SyS_sendmsg+0x20/0x20 [ 50.732967] ? __sb_end_write+0xa4/0xd0 [ 50.736952] ? mutex_unlock+0xd/0x10 [ 50.740646] ? SyS_write+0x1c5/0x250 [ 50.744352] ? do_syscall_64+0x4c/0x5b0 [ 50.748306] ? __sys_sendmmsg+0x300/0x300 [ 50.752429] SyS_sendmmsg+0xd/0x20 [ 50.755953] do_syscall_64+0x1c7/0x5b0 [ 50.759817] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 50.764639] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 50.769803] RIP: 0033:0x45a219 [ 50.772969] RSP: 002b:00007fa10a50bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 50.780654] RAX: ffffffffffffffda RBX: 00007fa10a50bc90 RCX: 000000000045a219 [ 50.788003] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000006 [ 50.795378] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 50.802630] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa10a50c6d4 [ 50.810060] R13: 00000000004c7f9d R14: 00000000004de3c8 R15: 0000000000000007 [ 50.822283] dccp_parse_options: DCCP(ffff888099a04180): Option 38 (len=1) error=5 [ 50.861860] FAULT_INJECTION: forcing a failure. [ 50.861860] name failslab, interval 1, probability 0, space 0, times 0 [ 50.873716] CPU: 1 PID: 7013 Comm: syz-executor.5 Not tainted 4.14.172-syzkaller #0 [ 50.881667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.891013] Call Trace: [ 50.893591] dump_stack+0xf7/0x13b [ 50.897118] should_fail.cold.3+0x105/0x14b [ 50.901433] should_failslab+0xba/0xf0 [ 50.905312] kmem_cache_alloc+0x47/0x790 [ 50.909357] ? dccp_feat_clone_list+0x3c0/0x3c0 [ 50.914010] dccp_ackvec_update_records+0x25/0x3e0 [ 50.918932] dccp_insert_options+0x68e/0xb70 [ 50.923332] dccp_transmit_skb+0x194/0x1250 [ 50.927643] ? skb_unlink+0xeb/0x160 [ 50.931343] dccp_xmit_packet+0x1a6/0x580 [ 50.935479] dccp_write_xmit+0x125/0x180 [ 50.939531] dccp_sendmsg+0x556/0xc70 [ 50.943426] ? sock_has_perm+0x1d6/0x2c0 [ 50.947475] ? dccp_getsockopt+0xd0/0xd0 [ 50.951525] ? copy_msghdr_from_user+0x201/0x3f0 [ 50.956259] ? find_held_lock+0x36/0x1d0 [ 50.960303] inet_sendmsg+0x108/0x440 [ 50.964232] ? security_socket_sendmsg+0x6a/0xa0 [ 50.968976] ? inet_recvmsg+0x640/0x640 [ 50.972952] sock_sendmsg+0xb5/0xf0 [ 50.976592] ___sys_sendmsg+0x282/0x920 [ 50.980556] ? trace_hardirqs_off+0x10/0x10 [ 50.984859] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 50.989645] ? trace_hardirqs_on+0x10/0x10 [ 50.993871] ? trace_hardirqs_off+0x10/0x10 [ 50.998209] ? __fget+0x1ad/0x2f0 [ 51.001641] ? lock_downgrade+0x7f0/0x7f0 [ 51.005778] ? find_held_lock+0x36/0x1d0 [ 51.009838] ? __might_fault+0xf1/0x1b0 [ 51.013813] __sys_sendmmsg+0x126/0x300 [ 51.017776] ? SyS_sendmsg+0x20/0x20 [ 51.021494] ? __sb_end_write+0xa4/0xd0 [ 51.025458] ? mutex_unlock+0xd/0x10 [ 51.029166] ? SyS_write+0x1c5/0x250 [ 51.032957] ? do_syscall_64+0x4c/0x5b0 [ 51.036922] ? __sys_sendmmsg+0x300/0x300 [ 51.041056] SyS_sendmmsg+0xd/0x20 [ 51.044672] do_syscall_64+0x1c7/0x5b0 [ 51.048564] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 51.053396] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 51.058710] RIP: 0033:0x45a219 [ 51.061880] RSP: 002b:00007f49ea122c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 51.069580] RAX: ffffffffffffffda RBX: 00007f49ea122c90 RCX: 000000000045a219 [ 51.076834] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000006 [ 51.084094] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 51.091343] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f49ea1236d4 [ 51.098610] R13: 00000000004c7f9d R14: 00000000004de3c8 R15: 0000000000000007 [ 51.147991] FAULT_INJECTION: forcing a failure. [ 51.147991] name failslab, interval 1, probability 0, space 0, times 0 [ 51.159688] CPU: 0 PID: 7025 Comm: syz-executor.5 Not tainted 4.14.172-syzkaller #0 [ 51.167568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 51.176926] Call Trace: [ 51.179504] dump_stack+0xf7/0x13b [ 51.183043] should_fail.cold.3+0x105/0x14b [ 51.187363] should_failslab+0xba/0xf0 [ 51.191270] kmem_cache_alloc_trace+0x4b/0x7a0 [ 51.195857] ? trace_hardirqs_off+0x10/0x10 [ 51.200162] dccp_ackvec_parsed_add+0x51/0x220 [ 51.204750] ccid2_hc_tx_parse_options+0x5b/0x80 [ 51.209487] dccp_parse_options+0x532/0xf20 [ 51.213806] dccp_rcv_established+0x23/0x70 [ 51.218115] dccp_v4_do_rcv+0xfa/0x160 [ 51.221992] __release_sock+0x10b/0x340 [ 51.225952] release_sock+0x4f/0x180 [ 51.229656] dccp_sendmsg+0x4ab/0xc70 [ 51.233451] ? sock_has_perm+0x1d6/0x2c0 [ 51.237511] ? dccp_getsockopt+0xd0/0xd0 [ 51.241557] ? copy_msghdr_from_user+0x201/0x3f0 [ 51.246300] ? find_held_lock+0x36/0x1d0 [ 51.250375] inet_sendmsg+0x108/0x440 [ 51.254171] ? security_socket_sendmsg+0x6a/0xa0 [ 51.259027] ? inet_recvmsg+0x640/0x640 [ 51.262980] sock_sendmsg+0xb5/0xf0 [ 51.266588] ___sys_sendmsg+0x282/0x920 [ 51.270552] ? trace_hardirqs_off+0x10/0x10 [ 51.274871] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 51.279733] ? trace_hardirqs_on+0x10/0x10 [ 51.283955] ? trace_hardirqs_off+0x10/0x10 [ 51.288256] ? __fget+0x1ad/0x2f0 [ 51.291879] ? lock_downgrade+0x7f0/0x7f0 [ 51.296023] ? find_held_lock+0x36/0x1d0 [ 51.300086] ? __might_fault+0xf1/0x1b0 [ 51.304065] __sys_sendmmsg+0x126/0x300 [ 51.308032] ? SyS_sendmsg+0x20/0x20 [ 51.311744] ? __sb_end_write+0xa4/0xd0 [ 51.315710] ? mutex_unlock+0xd/0x10 [ 51.319447] ? SyS_write+0x1c5/0x250 [ 51.323150] ? do_syscall_64+0x4c/0x5b0 [ 51.327130] ? __sys_sendmmsg+0x300/0x300 [ 51.331262] SyS_sendmmsg+0xd/0x20 [ 51.334799] do_syscall_64+0x1c7/0x5b0 [ 51.338662] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 51.343488] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 51.348662] RIP: 0033:0x45a219 [ 51.351839] RSP: 002b:00007f49ea122c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 51.359541] RAX: ffffffffffffffda RBX: 00007f49ea122c90 RCX: 000000000045a219 [ 51.366799] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000006 [ 51.374056] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 51.381315] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f49ea1236d4 [ 51.388669] R13: 00000000004c7f9d R14: 00000000004de3c8 R15: 0000000000000007 [ 51.396671] dccp_parse_options: DCCP(ffff8880a023cac0): Option 38 (len=1) error=5 2020/03/06 22:19:50 executed programs: 32 2020/03/06 22:19:55 executed programs: 69 2020/03/06 22:20:01 executed programs: 110 2020/03/06 22:20:06 executed programs: 147 2020/03/06 22:20:11 executed programs: 188 2020/03/06 22:20:17 executed programs: 225 2020/03/06 22:20:22 executed programs: 266 2020/03/06 22:20:27 executed programs: 303 2020/03/06 22:20:32 executed programs: 344 2020/03/06 22:20:38 executed programs: 381 2020/03/06 22:20:43 executed programs: 422 2020/03/06 22:20:48 executed programs: 459 [ 110.987454] FAULT_INJECTION: forcing a failure. [ 110.987454] name failslab, interval 1, probability 0, space 0, times 0 [ 111.011657] CPU: 1 PID: 8787 Comm: syz-executor.3 Not tainted 4.14.172-syzkaller #0 [ 111.013864] FAULT_INJECTION: forcing a failure. [ 111.013864] name failslab, interval 1, probability 0, space 0, times 0 [ 111.019497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 111.019501] Call Trace: [ 111.019514] dump_stack+0xf7/0x13b [ 111.019525] should_fail.cold.3+0x105/0x14b [ 111.019536] should_failslab+0xba/0xf0 [ 111.019544] kmem_cache_alloc_trace+0x2ea/0x7a0 [ 111.019550] ? trace_hardirqs_off+0x10/0x10 [ 111.019560] dccp_feat_entry_new+0x140/0x360 [ 111.067806] dccp_feat_push_confirm+0x26/0x280 [ 111.072376] dccp_feat_parse_options+0xfe3/0x1a10 [ 111.077247] ? dccp_ackvec_parsed_add+0x51/0x220 [ 111.082090] ? dccp_feat_server_ccid_dependencies+0x1f0/0x1f0 [ 111.087970] ? trace_hardirqs_off+0x10/0x10 [ 111.092315] ? dccp_ackvec_parsed_add+0x115/0x220 [ 111.097152] dccp_parse_options+0x840/0xf20 [ 111.101473] dccp_rcv_established+0x23/0x70 [ 111.105790] dccp_v4_do_rcv+0xfa/0x160 [ 111.109665] __release_sock+0x10b/0x340 [ 111.113631] release_sock+0x4f/0x180 [ 111.117334] dccp_sendmsg+0x4ab/0xc70 [ 111.118134] FAULT_INJECTION: forcing a failure. [ 111.118134] name failslab, interval 1, probability 0, space 0, times 0 [ 111.121128] ? sock_has_perm+0x1d6/0x2c0 [ 111.121138] ? dccp_getsockopt+0xd0/0xd0 [ 111.121149] ? copy_msghdr_from_user+0x201/0x3f0 [ 111.121156] ? find_held_lock+0x36/0x1d0 [ 111.121166] inet_sendmsg+0x108/0x440 [ 111.121173] ? security_socket_sendmsg+0x6a/0xa0 [ 111.121178] ? inet_recvmsg+0x640/0x640 [ 111.121182] sock_sendmsg+0xb5/0xf0 [ 111.121187] ___sys_sendmsg+0x282/0x920 [ 111.121191] ? trace_hardirqs_off+0x10/0x10 [ 111.121197] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 111.121206] ? trace_hardirqs_on+0x10/0x10 [ 111.121214] ? trace_hardirqs_off+0x10/0x10 [ 111.145356] FAULT_INJECTION: forcing a failure. [ 111.145356] name failslab, interval 1, probability 0, space 0, times 0 [ 111.149285] ? __fget+0x1ad/0x2f0 [ 111.149294] ? lock_downgrade+0x7f0/0x7f0 [ 111.149301] ? find_held_lock+0x36/0x1d0 [ 111.149315] ? __might_fault+0xf1/0x1b0 [ 111.149331] __sys_sendmmsg+0x126/0x300 [ 111.149337] ? SyS_sendmsg+0x20/0x20 [ 111.221498] ? __sb_end_write+0xa4/0xd0 [ 111.225482] ? mutex_unlock+0xd/0x10 [ 111.229179] ? SyS_write+0x1c5/0x250 [ 111.232875] ? do_syscall_64+0x4c/0x5b0 [ 111.236829] ? __sys_sendmmsg+0x300/0x300 [ 111.240960] SyS_sendmmsg+0xd/0x20 [ 111.244487] do_syscall_64+0x1c7/0x5b0 [ 111.248356] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 111.253185] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 111.258359] RIP: 0033:0x45a219 [ 111.261533] RSP: 002b:00007fcdbe813c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 111.269232] RAX: ffffffffffffffda RBX: 00007fcdbe813c90 RCX: 000000000045a219 [ 111.276493] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000006 [ 111.283752] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 111.291004] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcdbe8146d4 [ 111.298252] R13: 00000000004c7f9d R14: 00000000004de3c8 R15: 0000000000000007 [ 111.305514] CPU: 0 PID: 8790 Comm: syz-executor.2 Not tainted 4.14.172-syzkaller #0 [ 111.313313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 111.322667] Call Trace: [ 111.325252] dump_stack+0xf7/0x13b [ 111.326094] dccp_parse_options: DCCP(ffff888089b9ca00): Option 32 (len=7) error=9 [ 111.328787] should_fail.cold.3+0x105/0x14b [ 111.328798] should_failslab+0xba/0xf0 [ 111.328805] kmem_cache_alloc_trace+0x2ea/0x7a0 [ 111.328813] ? trace_hardirqs_off+0x10/0x10 [ 111.337023] ================================================================== [ 111.340734] dccp_feat_entry_new+0x140/0x360 [ 111.340743] dccp_feat_push_confirm+0x26/0x280 [ 111.344667] BUG: KASAN: use-after-free in ccid2_hc_tx_packet_recv+0x1edd/0x21d3 [ 111.344672] Read of size 1 at addr ffff8880a81ed65d by task syz-executor.3/8787 [ 111.349320] dccp_feat_parse_options+0xfe3/0x1a10 [ 111.354135] [ 111.392218] ? dccp_ackvec_parsed_add+0x51/0x220 [ 111.396959] ? dccp_feat_server_ccid_dependencies+0x1f0/0x1f0 [ 111.402823] ? trace_hardirqs_off+0x10/0x10 [ 111.407140] ? dccp_ackvec_parsed_add+0x115/0x220 [ 111.411965] dccp_parse_options+0x840/0xf20 [ 111.416272] dccp_rcv_established+0x23/0x70 [ 111.420572] dccp_v4_do_rcv+0xfa/0x160 [ 111.424439] __release_sock+0x10b/0x340 [ 111.428404] release_sock+0x4f/0x180 [ 111.432097] dccp_sendmsg+0x4ab/0xc70 [ 111.435875] ? sock_has_perm+0x1d6/0x2c0 [ 111.439918] ? dccp_getsockopt+0xd0/0xd0 [ 111.443978] ? copy_msghdr_from_user+0x201/0x3f0 [ 111.448718] ? find_held_lock+0x36/0x1d0 [ 111.452777] inet_sendmsg+0x108/0x440 [ 111.456561] ? security_socket_sendmsg+0x6a/0xa0 [ 111.461325] ? inet_recvmsg+0x640/0x640 [ 111.465284] sock_sendmsg+0xb5/0xf0 [ 111.468894] ___sys_sendmsg+0x282/0x920 [ 111.472843] ? trace_hardirqs_off+0x10/0x10 [ 111.477143] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 111.481882] ? trace_hardirqs_on+0x10/0x10 [ 111.486099] ? trace_hardirqs_off+0x10/0x10 [ 111.490399] ? __fget+0x1ad/0x2f0 [ 111.493845] ? lock_downgrade+0x7f0/0x7f0 [ 111.497975] ? find_held_lock+0x36/0x1d0 [ 111.502035] ? __might_fault+0xf1/0x1b0 [ 111.506011] __sys_sendmmsg+0x126/0x300 [ 111.509966] ? SyS_sendmsg+0x20/0x20 [ 111.513666] ? __sb_end_write+0xa4/0xd0 [ 111.517622] ? mutex_unlock+0xd/0x10 [ 111.521314] ? SyS_write+0x1c5/0x250 [ 111.525012] ? do_syscall_64+0x4c/0x5b0 [ 111.528981] ? __sys_sendmmsg+0x300/0x300 [ 111.533115] SyS_sendmmsg+0xd/0x20 [ 111.536647] do_syscall_64+0x1c7/0x5b0 [ 111.540526] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 111.545493] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 111.550662] RIP: 0033:0x45a219 [ 111.553828] RSP: 002b:00007f560344ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 111.561611] RAX: ffffffffffffffda RBX: 00007f560344ac90 RCX: 000000000045a219 [ 111.568860] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000006 [ 111.576118] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 111.583378] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f560344b6d4 [ 111.590630] R13: 00000000004c7f9d R14: 00000000004de3c8 R15: 0000000000000007 [ 111.597896] CPU: 1 PID: 8787 Comm: syz-executor.3 Not tainted 4.14.172-syzkaller #0 [ 111.605787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 111.615142] Call Trace: [ 111.618948] dump_stack+0xf7/0x13b [ 111.622486] ? ccid2_hc_tx_packet_recv+0x1edd/0x21d3 [ 111.627585] print_address_description.cold.7+0x9/0x1c9 [ 111.632937] ? ccid2_hc_tx_packet_recv+0x1edd/0x21d3 [ 111.638028] kasan_report.cold.8+0x11a/0x2d3 [ 111.642945] __asan_report_load1_noabort+0x14/0x20 [ 111.647858] ccid2_hc_tx_packet_recv+0x1edd/0x21d3 [ 111.652788] ? dccp_ackvec_clear_state+0x33e/0x7e0 [ 111.657700] ? rcu_read_lock_sched_held+0x108/0x120 [ 111.662699] dccp_deliver_input_to_ccids+0x19f/0x210 [ 111.667785] dccp_rcv_established+0x49/0x70 [ 111.672097] dccp_v4_do_rcv+0xfa/0x160 [ 111.675972] __release_sock+0x10b/0x340 [ 111.679936] release_sock+0x4f/0x180 [ 111.683636] dccp_sendmsg+0x4ab/0xc70 [ 111.687416] ? sock_has_perm+0x1d6/0x2c0 [ 111.691462] ? dccp_getsockopt+0xd0/0xd0 [ 111.695510] ? copy_msghdr_from_user+0x201/0x3f0 [ 111.700423] ? find_held_lock+0x36/0x1d0 [ 111.704477] inet_sendmsg+0x108/0x440 [ 111.708262] ? security_socket_sendmsg+0x6a/0xa0 [ 111.713002] ? inet_recvmsg+0x640/0x640 [ 111.716971] sock_sendmsg+0xb5/0xf0 [ 111.720589] ___sys_sendmsg+0x282/0x920 [ 111.724559] ? trace_hardirqs_off+0x10/0x10 [ 111.728866] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 111.733627] ? trace_hardirqs_on+0x10/0x10 [ 111.737858] ? trace_hardirqs_off+0x10/0x10 [ 111.742175] ? __fget+0x1ad/0x2f0 [ 111.745623] ? lock_downgrade+0x7f0/0x7f0 [ 111.749763] ? find_held_lock+0x36/0x1d0 [ 111.753813] ? __might_fault+0xf1/0x1b0 [ 111.757777] __sys_sendmmsg+0x126/0x300 [ 111.761739] ? SyS_sendmsg+0x20/0x20 [ 111.765451] ? __sb_end_write+0xa4/0xd0 [ 111.769413] ? mutex_unlock+0xd/0x10 [ 111.773117] ? SyS_write+0x1c5/0x250 [ 111.776814] ? do_syscall_64+0x4c/0x5b0 [ 111.780775] ? __sys_sendmmsg+0x300/0x300 [ 111.784909] SyS_sendmmsg+0xd/0x20 [ 111.788433] do_syscall_64+0x1c7/0x5b0 [ 111.792312] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 111.797165] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 111.802516] RIP: 0033:0x45a219 [ 111.805701] RSP: 002b:00007fcdbe813c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 111.813396] RAX: ffffffffffffffda RBX: 00007fcdbe813c90 RCX: 000000000045a219 [ 111.820666] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000006 [ 111.827943] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 111.835205] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcdbe8146d4 [ 111.842462] R13: 00000000004c7f9d R14: 00000000004de3c8 R15: 0000000000000007 [ 111.849848] [ 111.849911] CPU: 0 PID: 8792 Comm: syz-executor.1 Not tainted 4.14.172-syzkaller #0 [ 111.851472] Allocated by task 8787: [ 111.851484] save_stack_trace+0x16/0x20 [ 111.859354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 111.862967] save_stack+0x43/0xd0 [ 111.866917] Call Trace: [ 111.876261] kasan_kmalloc+0xc7/0xe0 [ 111.876269] __kmalloc_node_track_caller+0x50/0x70 [ 111.879709] dump_stack+0xf7/0x13b [ 111.882277] __kmalloc_reserve.isra.36+0x2c/0xc0 [ 111.885970] should_fail.cold.3+0x105/0x14b [ 111.890872] __alloc_skb+0xc1/0x500 [ 111.894399] should_failslab+0xba/0xf0 [ 111.899910] dccp_send_ack+0xb3/0x340 [ 111.904218] kmem_cache_alloc_trace+0x2ea/0x7a0 [ 111.907819] ccid2_hc_rx_packet_recv+0xf9/0x170 [ 111.911689] ? trace_hardirqs_off+0x10/0x10 [ 111.915466] dccp_deliver_input_to_ccids+0xc5/0x210 [ 111.920148] dccp_feat_entry_new+0x140/0x360 [ 111.924791] dccp_rcv_established+0x49/0x70 [ 111.929099] dccp_feat_push_confirm+0x26/0x280 [ 111.934090] dccp_v4_do_rcv+0xfa/0x160 [ 111.934095] __sk_receive_skb+0x1d5/0x820 [ 111.938489] dccp_feat_parse_options+0xfe3/0x1a10 [ 111.942792] dccp_v4_rcv+0xc26/0x1bbf [ 111.947356] ? dccp_ackvec_parsed_add+0x51/0x220 [ 111.951217] ip_local_deliver_finish+0x230/0x9a0 [ 111.951221] ip_local_deliver+0x1a0/0x410 [ 111.955484] ? dccp_feat_server_ccid_dependencies+0x1f0/0x1f0 [ 111.960322] ip_rcv_finish+0x70d/0x1950 [ 111.960328] ip_rcv+0xb43/0x133d [ 111.964123] ? trace_hardirqs_off+0x10/0x10 [ 111.968866] __netif_receive_skb_core+0x1d1a/0x2e40 [ 111.973624] ? dccp_ackvec_parsed_add+0x115/0x220 [ 111.977766] __netif_receive_skb+0x1f/0x1b0 [ 111.977771] process_backlog+0x1fc/0x710 [ 111.983643] dccp_parse_options+0x840/0xf20 [ 111.987600] net_rx_action+0x458/0xed0 [ 111.990950] dccp_rcv_established+0x23/0x70 [ 111.995247] __do_softirq+0x246/0x9b0 [ 112.000339] dccp_v4_do_rcv+0xfa/0x160 [ 112.005164] [ 112.009467] __release_sock+0x10b/0x340 [ 112.013508] Freed by task 8787: [ 112.017812] release_sock+0x4f/0x180 [ 112.021675] save_stack_trace+0x16/0x20 [ 112.025974] dccp_sendmsg+0x4ab/0xc70 [ 112.029766] save_stack+0x43/0xd0 [ 112.029772] kasan_slab_free+0x71/0xc0 [ 112.033652] ? sock_has_perm+0x1d6/0x2c0 [ 112.035253] kfree+0xcc/0x270 [ 112.039210] ? dccp_getsockopt+0xd0/0xd0 [ 112.042473] skb_free_head+0x74/0x90 [ 112.042479] skb_release_data+0x43b/0x790 [ 112.046198] ? copy_msghdr_from_user+0x201/0x3f0 [ 112.050162] skb_release_all+0x3d/0x50 [ 112.053935] ? find_held_lock+0x36/0x1d0 [ 112.057381] kfree_skb+0x8a/0x2b0 [ 112.061253] inet_sendmsg+0x108/0x440 [ 112.065297] dccp_v4_do_rcv+0x111/0x160 [ 112.068382] ? security_socket_sendmsg+0x6a/0xa0 [ 112.072418] __release_sock+0x10b/0x340 [ 112.072422] release_sock+0x4f/0x180 [ 112.076111] ? inet_recvmsg+0x640/0x640 [ 112.080237] dccp_sendmsg+0x4ab/0xc70 [ 112.084979] sock_sendmsg+0xb5/0xf0 [ 112.088851] inet_sendmsg+0x108/0x440 [ 112.088854] sock_sendmsg+0xb5/0xf0 [ 112.092899] ___sys_sendmsg+0x282/0x920 [ 112.096325] ___sys_sendmsg+0x282/0x920 [ 112.096329] __sys_sendmmsg+0x126/0x300 [ 112.100110] ? trace_hardirqs_off+0x10/0x10 [ 112.104057] SyS_sendmmsg+0xd/0x20 [ 112.104062] do_syscall_64+0x1c7/0x5b0 [ 112.108799] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 112.112753] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 112.116446] ? trace_hardirqs_on+0x10/0x10 [ 112.120736] [ 112.124543] ? trace_hardirqs_off+0x10/0x10 [ 112.128156] The buggy address belongs to the object at ffff8880a81ed1c0 [ 112.128156] which belongs to the cache kmalloc-2048 of size 2048 [ 112.131945] ? __fget+0x1ad/0x2f0 [ 112.135570] The buggy address is located 1181 bytes inside of [ 112.135570] 2048-byte region [ffff8880a81ed1c0, ffff8880a81ed9c0) [ 112.139522] ? lock_downgrade+0x7f0/0x7f0 [ 112.143653] The buggy address belongs to the page: [ 112.147778] ? find_held_lock+0x36/0x1d0 [ 112.152076] page:ffffea0002a07b00 count:1 mapcount:0 mapping:ffff8880a81ec0c0 index:0x0 [ 112.155713] ? __might_fault+0xf1/0x1b0 [ 112.159585] compound_mapcount: 0 [ 112.164346] __sys_sendmmsg+0x126/0x300 [ 112.169527] flags: 0x1fffc0000008100(slab|head) [ 112.173747] ? SyS_sendmsg+0x20/0x20 [ 112.175375] raw: 01fffc0000008100 ffff8880a81ec0c0 0000000000000000 0000000100000003 [ 112.179692] ? __sb_end_write+0xa4/0xd0 [ 112.192487] raw: ffffea00028667a0 ffffea0002844a20 ffff8880aa800c40 0000000000000000 [ 112.195972] ? mutex_unlock+0xd/0x10 [ 112.208008] page dumped because: kasan: bad access detected [ 112.212155] ? SyS_write+0x1c5/0x250 [ 112.217048] [ 112.221104] ? do_syscall_64+0x4c/0x5b0 [ 112.229214] Memory state around the buggy address: [ 112.229219] ffff8880a81ed500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 112.233174] ? __sys_sendmmsg+0x300/0x300 [ 112.236603] ffff8880a81ed580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 112.240557] SyS_sendmmsg+0xd/0x20 [ 112.245202] >ffff8880a81ed600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 112.248894] do_syscall_64+0x1c7/0x5b0 [ 112.256766] ^ [ 112.256772] ffff8880a81ed680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 112.256775] ffff8880a81ed700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 112.256777] ================================================================== [ 112.256779] Disabling lock debugging due to kernel taint [ 112.268654] Kernel panic - not syncing: panic_on_warn set ... [ 112.268654] [ 112.268726] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 112.372097] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 112.377264] RIP: 0033:0x45a219 [ 112.380433] RSP: 002b:00007f51eda07c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 112.388123] RAX: ffffffffffffffda RBX: 00007f51eda07c90 RCX: 000000000045a219 [ 112.395368] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000006 [ 112.402615] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 112.410568] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f51eda086d4 [ 112.417816] R13: 00000000004c7f9d R14: 00000000004de3c8 R15: 0000000000000007 [ 112.425087] CPU: 1 PID: 8787 Comm: syz-executor.3 Tainted: G B 4.14.172-syzkaller #0 [ 112.434094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 112.443466] Call Trace: [ 112.446042] dump_stack+0xf7/0x13b [ 112.449728] ? ccid2_hc_tx_packet_recv+0x1edd/0x21d3 [ 112.454816] panic+0x1b0/0x358 [ 112.457988] ? add_taint.cold.5+0x11/0x11 [ 112.462117] ? ___preempt_schedule+0x16/0x18 [ 112.466517] ? ccid2_hc_tx_packet_recv+0x1edd/0x21d3 [ 112.471606] kasan_end_report+0x47/0x4f [ 112.475567] kasan_report.cold.8+0x76/0x2d3 [ 112.479869] __asan_report_load1_noabort+0x14/0x20 [ 112.484784] ccid2_hc_tx_packet_recv+0x1edd/0x21d3 [ 112.489703] ? dccp_ackvec_clear_state+0x33e/0x7e0 [ 112.494619] ? rcu_read_lock_sched_held+0x108/0x120 [ 112.499620] dccp_deliver_input_to_ccids+0x19f/0x210 [ 112.504707] dccp_rcv_established+0x49/0x70 [ 112.509017] dccp_v4_do_rcv+0xfa/0x160 [ 112.512883] __release_sock+0x10b/0x340 [ 112.516833] release_sock+0x4f/0x180 [ 112.520540] dccp_sendmsg+0x4ab/0xc70 [ 112.524355] ? sock_has_perm+0x1d6/0x2c0 [ 112.528416] ? dccp_getsockopt+0xd0/0xd0 [ 112.532470] ? copy_msghdr_from_user+0x201/0x3f0 [ 112.537213] ? find_held_lock+0x36/0x1d0 [ 112.541277] inet_sendmsg+0x108/0x440 [ 112.545063] ? security_socket_sendmsg+0x6a/0xa0 [ 112.549799] ? inet_recvmsg+0x640/0x640 [ 112.554184] sock_sendmsg+0xb5/0xf0 [ 112.557788] ___sys_sendmsg+0x282/0x920 [ 112.561748] ? trace_hardirqs_off+0x10/0x10 [ 112.566046] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 112.570783] ? trace_hardirqs_on+0x10/0x10 [ 112.575002] ? trace_hardirqs_off+0x10/0x10 [ 112.579303] ? __fget+0x1ad/0x2f0 [ 112.582749] ? lock_downgrade+0x7f0/0x7f0 [ 112.586880] ? find_held_lock+0x36/0x1d0 [ 112.590921] ? __might_fault+0xf1/0x1b0 [ 112.594877] __sys_sendmmsg+0x126/0x300 [ 112.598828] ? SyS_sendmsg+0x20/0x20 [ 112.602531] ? __sb_end_write+0xa4/0xd0 [ 112.606489] ? mutex_unlock+0xd/0x10 [ 112.610325] ? SyS_write+0x1c5/0x250 [ 112.614026] ? do_syscall_64+0x4c/0x5b0 [ 112.617988] ? __sys_sendmmsg+0x300/0x300 [ 112.622125] SyS_sendmmsg+0xd/0x20 [ 112.625647] do_syscall_64+0x1c7/0x5b0 [ 112.629511] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 112.634337] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 112.639505] RIP: 0033:0x45a219 [ 112.642678] RSP: 002b:00007fcdbe813c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 112.650368] RAX: ffffffffffffffda RBX: 00007fcdbe813c90 RCX: 000000000045a219 [ 112.657707] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000006 [ 112.664959] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 112.672230] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcdbe8146d4 [ 112.679480] R13: 00000000004c7f9d R14: 00000000004de3c8 R15: 0000000000000007 [ 112.686761] CPU: 0 PID: 8796 Comm: syz-executor.4 Tainted: G B 4.14.172-syzkaller #0 [ 112.695764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 112.705097] Call Trace: [ 112.707670] dump_stack+0xf7/0x13b [ 112.711227] should_fail.cold.3+0x105/0x14b [ 112.715528] should_failslab+0xba/0xf0 [ 112.719393] kmem_cache_alloc_trace+0x2ea/0x7a0 [ 112.724042] ? trace_hardirqs_off+0x10/0x10 [ 112.728344] dccp_feat_entry_new+0x140/0x360 [ 112.732729] dccp_feat_push_confirm+0x26/0x280 [ 112.737298] dccp_feat_parse_options+0xfe3/0x1a10 [ 112.742136] ? dccp_ackvec_parsed_add+0x51/0x220 [ 112.746870] ? dccp_feat_server_ccid_dependencies+0x1f0/0x1f0 [ 112.752730] ? trace_hardirqs_off+0x10/0x10 [ 112.757032] ? dccp_ackvec_parsed_add+0x115/0x220 [ 112.761856] dccp_parse_options+0x840/0xf20 [ 112.766157] dccp_rcv_established+0x23/0x70 [ 112.770477] dccp_v4_do_rcv+0xfa/0x160 [ 112.774344] __release_sock+0x10b/0x340 [ 112.778299] release_sock+0x4f/0x180 [ 112.781993] dccp_sendmsg+0x4ab/0xc70 [ 112.785774] ? sock_has_perm+0x1d6/0x2c0 [ 112.789815] ? dccp_getsockopt+0xd0/0xd0 [ 112.793871] ? copy_msghdr_from_user+0x201/0x3f0 [ 112.798612] ? find_held_lock+0x36/0x1d0 [ 112.802684] inet_sendmsg+0x108/0x440 [ 112.806668] ? security_socket_sendmsg+0x6a/0xa0 [ 112.811420] ? inet_recvmsg+0x640/0x640 [ 112.815379] sock_sendmsg+0xb5/0xf0 [ 112.818993] ___sys_sendmsg+0x282/0x920 [ 112.822954] ? trace_hardirqs_off+0x10/0x10 [ 112.827258] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 112.832010] ? trace_hardirqs_on+0x10/0x10 [ 112.836222] ? trace_hardirqs_off+0x10/0x10 [ 112.840524] ? __fget+0x1ad/0x2f0 [ 112.843954] ? lock_downgrade+0x7f0/0x7f0 [ 112.848083] ? find_held_lock+0x36/0x1d0 [ 112.852123] ? __might_fault+0xf1/0x1b0 [ 112.856094] __sys_sendmmsg+0x126/0x300 [ 112.860068] ? SyS_sendmsg+0x20/0x20 [ 112.863765] ? __sb_end_write+0xa4/0xd0 [ 112.867722] ? mutex_unlock+0xd/0x10 [ 112.871415] ? SyS_write+0x1c5/0x250 [ 112.875108] ? do_syscall_64+0x4c/0x5b0 [ 112.879059] ? __sys_sendmmsg+0x300/0x300 [ 112.883183] SyS_sendmmsg+0xd/0x20 [ 112.886699] do_syscall_64+0x1c7/0x5b0 [ 112.890564] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 112.895390] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 112.900560] RIP: 0033:0x45a219 [ 112.903734] RSP: 002b:00007f14c5c15c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 112.911548] RAX: ffffffffffffffda RBX: 00007f14c5c15c90 RCX: 000000000045a219 [ 112.918925] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000006 [ 112.926192] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 112.933538] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f14c5c166d4 [ 112.940793] R13: 00000000004c7f9d R14: 00000000004de3c8 R15: 0000000000000007 [ 112.949738] Kernel Offset: disabled [ 112.953360] Rebooting in 86400 seconds..