[ 136.966645][ T47] audit: type=1400 audit(1604748492.943:41): avc: denied { map } for pid=9919 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '[localhost]:53518' (ECDSA) to the list of known hosts. [ 141.653272][ T47] audit: type=1400 audit(1604748497.623:42): avc: denied { map } for pid=9933 comm="syz-fuzzer" path="/syz-fuzzer" dev="sda1" ino=16526 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 2020/11/07 11:28:17 fuzzer started 2020/11/07 11:28:18 connecting to host at 10.0.2.10:38467 2020/11/07 11:28:18 checking machine... 2020/11/07 11:28:18 checking revisions... 2020/11/07 11:28:18 testing simple program... [ 142.235251][ T47] audit: type=1400 audit(1604748498.203:43): avc: denied { integrity } for pid=9933 comm="syz-fuzzer" lockdown_reason="debugfs access" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=lockdown permissive=1 [ 142.315808][ T47] audit: type=1400 audit(1604748498.213:44): avc: denied { map } for pid=9933 comm="syz-fuzzer" path="/sys/kernel/debug/kcov" dev="debugfs" ino=3101 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 [ 143.965204][ T9953] IPVS: ftp: loaded support on port[0] = 21 [ 144.082380][ T9953] chnl_net:caif_netlink_parms(): no params data found [ 144.147200][ T9953] bridge0: port 1(bridge_slave_0) entered blocking state [ 144.165863][ T9953] bridge0: port 1(bridge_slave_0) entered disabled state [ 144.181718][ T9953] device bridge_slave_0 entered promiscuous mode [ 144.197249][ T9953] bridge0: port 2(bridge_slave_1) entered blocking state [ 144.211481][ T9953] bridge0: port 2(bridge_slave_1) entered disabled state [ 144.225101][ T9953] device bridge_slave_1 entered promiscuous mode [ 144.251622][ T9953] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 144.272349][ T9953] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 144.306981][ T9953] team0: Port device team_slave_0 added [ 144.325884][ T9953] team0: Port device team_slave_1 added [ 144.351502][ T9953] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 144.371887][ T9953] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 144.456268][ T9953] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 144.502616][ T9953] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 144.530329][ T9953] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 144.622143][ T9953] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 144.662313][ T9953] device hsr_slave_0 entered promiscuous mode [ 144.687825][ T9953] device hsr_slave_1 entered promiscuous mode [ 144.832049][ T47] audit: type=1400 audit(1604748500.803:45): avc: denied { create } for pid=9953 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 144.839338][ T9953] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 144.926570][ T47] audit: type=1400 audit(1604748500.803:46): avc: denied { write } for pid=9953 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 144.926590][ T47] audit: type=1400 audit(1604748500.803:47): avc: denied { read } for pid=9953 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 145.133951][ T9953] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 145.152517][ T9953] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 145.189326][ T9953] netdevsim netdevsim0 netdevsim3: renamed from eth3 executing program [ 145.294080][ T9953] 8021q: adding VLAN 0 to HW filter on device bond0 [ 145.331135][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 145.356589][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 145.400210][ T9953] 8021q: adding VLAN 0 to HW filter on device team0 [ 145.439356][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 145.473228][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 145.512695][ T23] bridge0: port 1(bridge_slave_0) entered blocking state [ 145.594349][ T23] bridge0: port 1(bridge_slave_0) entered forwarding state [ 145.668995][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 145.756535][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 145.787091][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 145.808195][ T23] bridge0: port 2(bridge_slave_1) entered blocking state [ 145.827662][ T23] bridge0: port 2(bridge_slave_1) entered forwarding state [ 145.847752][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 145.864250][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 145.893958][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 145.914338][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 145.934762][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 145.956783][ T3832] Bluetooth: hci0: command 0x0409 tx timeout [ 145.964730][ T9953] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 145.998012][ T9953] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 146.026458][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 146.044944][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 146.062308][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 146.080944][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 146.098983][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 146.116804][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 146.139427][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 146.182938][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 146.214514][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 146.250875][ T9953] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 146.289903][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 146.319224][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 146.368586][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 146.391635][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 146.431017][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 146.447599][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 146.478004][ T9953] device veth0_vlan entered promiscuous mode [ 146.516568][ T9953] device veth1_vlan entered promiscuous mode [ 146.572660][ T3832] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 146.597797][ T3832] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 146.626702][ T3832] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 146.654552][ T3832] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 146.693127][ T9953] device veth0_macvtap entered promiscuous mode [ 146.730530][ T9953] device veth1_macvtap entered promiscuous mode [ 146.777266][ T9953] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 146.794551][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 146.812440][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 146.828753][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 146.851096][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 146.873609][ T9953] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 146.890592][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 146.908718][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 146.942469][ T9953] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.966641][ T9953] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.991555][ T9953] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.020310][ T9953] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.126859][ T9961] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 147.140287][ T9961] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 147.155149][ T68] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 147.200968][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 147.212881][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 147.226727][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 147.240244][ T47] audit: type=1400 audit(1604748503.213:48): avc: denied { associate } for pid=9953 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 147.272683][ T9] BUG: sleeping function called from invalid context at net/mac80211/sta_info.c:1962 [ 147.304276][ T9] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 9, name: kworker/u16:0 [ 147.330594][ T9] 4 locks held by kworker/u16:0/9: [ 147.339655][ T9] #0: ffff888014194138 ((wq_completion)phy3){+.+.}-{0:0}, at: process_one_work+0x821/0x15a0 [ 147.370903][ T9] #1: ffffc900003cfda8 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x15a0 [ 147.394336][ T9] #2: ffff888026cb8d00 (&wdev->mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0x93/0xe80 [ 147.416092][ T9] #3: ffffffff8b337060 (rcu_read_lock){....}-{1:2}, at: sta_info_insert_rcu+0x680/0x2ba0 [ 147.433546][ T9] Preemption disabled at: [ 147.433691][ T9] [] __mutex_lock+0x10f/0x10e0 [ 147.455812][ T9] CPU: 0 PID: 9 Comm: kworker/u16:0 Not tainted 5.10.0-rc2-syzkaller #0 [ 147.465630][ T9] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 147.465630][ T9] Workqueue: phy3 ieee80211_iface_work [ 147.465630][ T9] Call Trace: [ 147.465630][ T9] dump_stack+0x107/0x163 [ 147.465630][ T9] ? __mutex_lock+0x10f/0x10e0 [ 147.465630][ T9] ___might_sleep.cold+0x1e8/0x22e [ 147.465630][ T9] sta_info_move_state+0x32/0x8d0 [ 147.465630][ T9] sta_info_free+0x65/0x3b0 [ 147.465630][ T9] sta_info_insert_rcu+0x303/0x2ba0 [ 147.565807][ T9] ? find_held_lock+0x2d/0x110 [ 147.565807][ T9] ? rate_control_rate_init+0x32c/0x6a0 [ 147.565807][ T9] ? sta_info_free+0x3b0/0x3b0 [ 147.565807][ T9] ? __local_bh_enable_ip+0x9c/0x110 [ 147.565807][ T9] ? rate_control_rate_init+0x35f/0x6a0 [ 147.565807][ T9] ieee80211_ibss_finish_sta+0x212/0x390 [ 147.565807][ T9] ? ieee80211_ibss_build_presp+0x15f0/0x15f0 [ 147.565807][ T9] ? __local_bh_enable_ip+0x9c/0x110 [ 147.565807][ T9] ieee80211_ibss_work+0x2c7/0xe80 [ 147.565807][ T9] ? ieee80211_ibss_rx_queued_mgmt+0x1870/0x1870 [ 147.565807][ T9] ? mark_held_locks+0x9f/0xe0 [ 147.565807][ T9] ? _raw_spin_unlock_irqrestore+0x42/0x50 [ 147.565807][ T9] ? lockdep_hardirqs_on+0x79/0x100 [ 147.565807][ T9] ? _raw_spin_unlock_irqrestore+0x2f/0x50 [ 147.565807][ T9] ieee80211_iface_work+0x82e/0x970 [ 147.565807][ T9] process_one_work+0x933/0x15a0 [ 147.565807][ T9] ? lock_release+0x710/0x710 [ 147.565807][ T9] ? pwq_dec_nr_in_flight+0x320/0x320 [ 147.565807][ T9] ? rwlock_bug.part.0+0x90/0x90 [ 147.565807][ T9] ? _raw_spin_lock_irq+0x41/0x50 [ 147.565807][ T9] worker_thread+0x64c/0x1120 [ 147.565807][ T9] ? process_one_work+0x15a0/0x15a0 [ 147.565807][ T9] kthread+0x3af/0x4a0 [ 147.565807][ T9] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 147.565807][ T9] ret_from_fork+0x1f/0x30 [ 147.828693][ T9] [ 147.831927][ T9] ============================= [ 147.835441][ T9] [ BUG: Invalid wait context ] [ 147.835441][ T9] 5.10.0-rc2-syzkaller #0 Tainted: G W [ 147.835441][ T9] ----------------------------- [ 147.835441][ T9] kworker/u16:0/9 is trying to lock: [ 147.835441][ T9] ffff88801f5629d0 (&local->chanctx_mtx){+.+.}-{3:3}, at: ieee80211_recalc_min_chandef+0x49/0x140 [ 147.835441][ T9] other info that might help us debug this: [ 147.835441][ T9] context-{4:4} [ 147.835441][ T9] 4 locks held by kworker/u16:0/9: [ 147.835441][ T9] #0: ffff888014194138 ((wq_completion)phy3){+.+.}-{0:0}, at: process_one_work+0x821/0x15a0 [ 147.835441][ T9] #1: ffffc900003cfda8 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x15a0 [ 147.835441][ T9] #2: ffff888026cb8d00 (&wdev->mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0x93/0xe80 [ 147.835441][ T9] #3: ffffffff8b337060 (rcu_read_lock){....}-{1:2}, at: sta_info_insert_rcu+0x680/0x2ba0 [ 147.835441][ T9] stack backtrace: [ 147.835441][ T9] CPU: 0 PID: 9 Comm: kworker/u16:0 Tainted: G W 5.10.0-rc2-syzkaller #0 [ 147.835441][ T9] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 147.835441][ T9] Workqueue: phy3 ieee80211_iface_work [ 147.835441][ T9] Call Trace: [ 147.835441][ T9] dump_stack+0x107/0x163 [ 147.835441][ T9] __lock_acquire.cold+0x310/0x3a2 [ 147.835441][ T9] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 147.835441][ T9] ? find_held_lock+0x2d/0x110 [ 147.835441][ T9] lock_acquire+0x2a3/0x8c0 [ 147.835441][ T9] ? ieee80211_recalc_min_chandef+0x49/0x140 [ 147.835441][ T9] ? lock_release+0x710/0x710 [ 147.835441][ T9] __mutex_lock+0x134/0x10e0 [ 147.835441][ T9] ? ieee80211_recalc_min_chandef+0x49/0x140 [ 147.835441][ T9] ? ieee80211_recalc_min_chandef+0x49/0x140 [ 147.835441][ T9] ? mutex_lock_io_nested+0xf60/0xf60 [ 147.835441][ T9] ? ieee80211_clear_fast_rx+0x58/0x80 [ 147.835441][ T9] ? mark_held_locks+0x9f/0xe0 [ 147.835441][ T9] ieee80211_recalc_min_chandef+0x49/0x140 [ 147.835441][ T9] sta_info_move_state+0x3cf/0x8d0 [ 147.835441][ T9] sta_info_free+0x65/0x3b0 [ 147.835441][ T9] sta_info_insert_rcu+0x303/0x2ba0 [ 147.835441][ T9] ? find_held_lock+0x2d/0x110 [ 147.835441][ T9] ? rate_control_rate_init+0x32c/0x6a0 [ 147.835441][ T9] ? sta_info_free+0x3b0/0x3b0 executing program [ 147.835441][ T9] ? __local_bh_enable_ip+0x9c/0x110 [ 148.211180][ T9] ? rate_control_rate_init+0x35f/0x6a0 [ 148.211180][ T9] ieee80211_ibss_finish_sta+0x212/0x390 [ 148.211180][ T9] ? ieee80211_ibss_build_presp+0x15f0/0x15f0 [ 148.211180][ T9] ? __local_bh_enable_ip+0x9c/0x110 [ 148.211180][ T9] ieee80211_ibss_work+0x2c7/0xe80 [ 148.211180][ T9] ? ieee80211_ibss_rx_queued_mgmt+0x1870/0x1870 [ 148.211180][ T9] ? mark_held_locks+0x9f/0xe0 [ 148.211180][ T9] ? _raw_spin_unlock_irqrestore+0x42/0x50 [ 148.211180][ T9] ? lockdep_hardirqs_on+0x79/0x100 [ 148.211180][ T9] ? _raw_spin_unlock_irqrestore+0x2f/0x50 [ 148.211180][ T9] ieee80211_iface_work+0x82e/0x970 [ 148.211180][ T9] process_one_work+0x933/0x15a0 [ 148.211180][ T9] ? lock_release+0x710/0x710 [ 148.211180][ T9] ? pwq_dec_nr_in_flight+0x320/0x320 [ 148.211180][ T9] ? rwlock_bug.part.0+0x90/0x90 [ 148.211180][ T9] ? _raw_spin_lock_irq+0x41/0x50 [ 148.211180][ T9] worker_thread+0x64c/0x1120 [ 148.211180][ T9] ? process_one_work+0x15a0/0x15a0 [ 148.211180][ T9] kthread+0x3af/0x4a0 [ 148.211180][ T9] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 148.211180][ T9] ret_from_fork+0x1f/0x30 [ 148.390213][ T3832] Bluetooth: hci0: command 0x041b tx timeout [ 148.412493][ T9] BUG: sleeping function called from invalid context at net/mac80211/sta_info.c:1962 [ 148.432447][ T9] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 9, name: kworker/u16:0 [ 148.449290][ T9] INFO: lockdep is turned off. [ 148.458060][ T9] Preemption disabled at: [ 148.458122][ T9] [] preempt_schedule_thunk+0x16/0x18 [ 148.478332][ T9] CPU: 0 PID: 9 Comm: kworker/u16:0 Tainted: G W 5.10.0-rc2-syzkaller #0 [ 148.488217][ T9] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 148.488217][ T9] Workqueue: phy3 ieee80211_iface_work [ 148.488217][ T9] Call Trace: [ 148.488217][ T9] dump_stack+0x107/0x163 [ 148.488217][ T9] ? preempt_schedule_thunk+0x16/0x18 [ 148.488217][ T9] ___might_sleep.cold+0x1e8/0x22e [ 148.488217][ T9] sta_info_move_state+0x32/0x8d0 [ 148.488217][ T9] sta_info_free+0x65/0x3b0 [ 148.488217][ T9] sta_info_insert_rcu+0x303/0x2ba0 [ 148.488217][ T9] ? find_held_lock+0x2d/0x110 [ 148.606089][ T9] ? rate_control_rate_init+0x32c/0x6a0 [ 148.606089][ T9] ? sta_info_free+0x3b0/0x3b0 [ 148.625742][ T9] ? __local_bh_enable_ip+0x9c/0x110 [ 148.635621][ T9] ? rate_control_rate_init+0x35f/0x6a0 [ 148.645640][ T9] ieee80211_ibss_finish_sta+0x212/0x390 [ 148.655887][ T9] ? ieee80211_ibss_build_presp+0x15f0/0x15f0 [ 148.655887][ T9] ? __local_bh_enable_ip+0x9c/0x110 [ 148.655887][ T9] ieee80211_ibss_work+0x2c7/0xe80 [ 148.695704][ T9] ? ieee80211_ibss_rx_queued_mgmt+0x1870/0x1870 [ 148.698814][ T9] ? mark_held_locks+0x9f/0xe0 [ 148.715498][ T9] ? _raw_spin_unlock_irqrestore+0x42/0x50 [ 148.725714][ T9] ? lockdep_hardirqs_on+0x79/0x100 [ 148.730590][ T9] ? _raw_spin_unlock_irqrestore+0x2f/0x50 [ 148.735468][ T9] ieee80211_iface_work+0x82e/0x970 [ 148.745751][ T9] process_one_work+0x933/0x15a0 [ 148.755973][ T9] ? lock_release+0x710/0x710 [ 148.755973][ T9] ? pwq_dec_nr_in_flight+0x320/0x320 [ 148.766295][ T9] ? rwlock_bug.part.0+0x90/0x90 [ 148.766295][ T9] ? _raw_spin_lock_irq+0x41/0x50 [ 148.785847][ T9] worker_thread+0x64c/0x1120 [ 148.795517][ T9] ? process_one_work+0x15a0/0x15a0 [ 148.805511][ T9] kthread+0x3af/0x4a0 [ 148.805511][ T9] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 148.815800][ T9] ret_from_fork+0x1f/0x30 [ 148.837150][ T9953] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation 2020/11/07 11:28:24 building call list... [ 148.987344][ T9965] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.102838][ T9965] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.173364][ T9965] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.256809][ T9965] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.391911][ T9965] device hsr_slave_0 left promiscuous mode [ 150.402244][ T9965] device hsr_slave_1 left promiscuous mode [ 150.412919][ T9965] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 150.426026][ T9965] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 150.441775][ T9965] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 150.454605][ T9965] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 150.468027][ T9965] device bridge_slave_1 left promiscuous mode [ 150.480714][ T9965] bridge0: port 2(bridge_slave_1) entered disabled state [ 150.495212][ T9965] device bridge_slave_0 left promiscuous mode [ 150.506289][ T9965] bridge0: port 1(bridge_slave_0) entered disabled state [ 150.523852][ T9965] device veth1_macvtap left promiscuous mode [ 150.535277][ T9965] device veth0_macvtap left promiscuous mode [ 150.546532][ T9965] device veth1_vlan left promiscuous mode [ 150.556401][ T9965] device veth0_vlan left promiscuous mode [ 150.833679][ T9965] team0 (unregistering): Port device team_slave_1 removed [ 150.846280][ T9965] team0 (unregistering): Port device team_slave_0 removed [ 150.870577][ T9965] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 150.891164][ T9965] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 150.921725][ T9965] bond0 (unregistering): Released all slaves [ 151.044721][ T9936] can: request_module (can-proto-0) failed. executing program [ 151.571200][ T9936] can: request_module (can-proto-0) failed. [ 151.588059][ T9936] can: request_module (can-proto-0) failed. [ 151.816692][ T9936] base_sock_release(00000000bcaa428f) sk=00000000fc6f2e14 [ 151.854219][ T47] audit: type=1400 audit(1604748507.823:49): avc: denied { create } for pid=9933 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 [ 151.890880][ T47] audit: type=1400 audit(1604748507.823:50): avc: denied { create } for pid=9933 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 151.925710][ T47] audit: type=1400 audit(1604748507.823:51): avc: denied { create } for pid=9933 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_rdma_socket permissive=1 VM DIAGNOSIS: 11:28:24 Registers: info registers vcpu 0 RAX=000000000004c1dd RBX=ffffffff8b09af80 RCX=1ffffffff19d8e49 RDX=0000000000000000 RSI=0000000000000001 RDI=0000000000000000 RBP=fffffbfff16135f0 RSP=ffffffff8b007e40 R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000000 R14=ffffffff8cecac08 R15=0000000000000000 RIP=ffffffff88e79243 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802ca00000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=ffffffffff600400 CR3=00000000293b8000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=911b00bd1bb6da1387f422c6c178e785 XMM01=26c60d06be910e749b59587aada56ba9 XMM02=e31c165e8e60deab4ccd387ce63bac4a XMM03=93c579b5bf42115529301beaa41c7e26 XMM04=00000000ffffffff0000000000000060 XMM05=00000000000000000000000000000020 XMM06=6bbc2e759aa67cb10000000000000000 XMM07=97b6c761000000000000000000000000 XMM08=1dd30ce1a6a1700bc521f997539360d8 XMM09=0000000000000000000000004eda3364 XMM10=ab5d2a25cabedde6a9e2290f4487dc5d XMM11=41c13d5f7b55b77237d1ab72424e3b40 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=a54ff53a3c6ef372bb67ae856a09e667 XMM15=5be0cd191f83d9ab9b05688c510e527f info registers vcpu 1 RAX=0000000000000000 RBX=ffffe8ffadc09bc0 RCX=ffffffff8164e270 RDX=ffff88801ad48180 RSI=ffffffff8164e24a RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900015f7a70 R8 =0000000000000000 R9 =ffffffff8cecabf3 R10=0000000000000000 R11=0000000000000000 R12=fffff91ff5b81379 R13=0000000000000002 R14=ffffe8ffadc09bc8 R15=0000000000000001 RIP=ffffffff8164e24c RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00000000034d6940 ffffffff 00c00000 GS =0000 ffff88802cb00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe000003e000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000003c000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000016932c0 CR3=00000000293b8000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=0000000000000000ff000000000000ff XMM01=25252525252525252525252525252525 XMM02=000600007fffc09276fe00007fffc092 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=ffffffffffffffffffffffffffffffff XMM06=ffffffffffffffffffffffffffffffff XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 2 RAX=000000000000005d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff840e4231 RDI=ffffffff8faeb8c0 RBP=ffffffff8faeb880 RSP=ffffc900003cf478 R8 =0000000000000001 R9 =0000000000000003 R10=0000000000000000 R11=0000000000000000 R12=000000000000005d R13=000000000000005d R14=ffffffff8faeb880 R15=dffffc0000000000 RIP=ffffffff840e4288 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802cc00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe0000079000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000077000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f400d5ec000 CR3=00000000194d0000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=205b5d3738323034312e37343120205b XMM01=007964616572200030353a30353a3035 XMM02=203a306e616c77205d3136393954205b XMM03=5342492077656e20676e697461657243 XMM04=4449535342202c6b726f7774656e2053 XMM05=3a30353a30353a30353a30353a303520 XMM06=007964616572200030353a30353a3035 XMM07=5d3039353632392e34343120205b203a XMM08=ffffff0000000000ff000000000000ff XMM09=00000000000000000000000000000000 XMM10=ffffff00000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 3 RAX=0000000000051ff3 RBX=ffff888010ad0400 RCX=1ffffffff19d8e49 RDX=0000000000000000 RSI=0000000000000001 RDI=0000000000000000 RBP=ffffed100215a080 RSP=ffffc9000043fdf8 R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000000 R11=0000000000000000 R12=0000000000000003 R13=0000000000000003 R14=ffffffff8cecac08 R15=0000000000000000 RIP=ffffffff88e79243 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802cd00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe00000b4000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000b2000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f400d5ec000 CR3=00000000194d0000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=6e20746120747865746e6f632064696c XMM01=61766e69206d6f72662064656c6c6163 XMM02=206e6f6974636e756620676e69706565 XMM03=6c73203a475542205d3954202020205b XMM04=61766e69206d6f72662064656c6c6163 XMM05=6e20746120747865746e6f632064696c XMM06=74656e20746120747865746e6f632064 XMM07=5d3039353632392e34343120205b203a XMM08=ffffff0000000000ff000000000000ff XMM09=00000000000000000000000000000000 XMM10=ffffff00000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000