Warning: Permanently added '[localhost]:19307' (ECDSA) to the list of known hosts. 2020/09/06 15:11:05 fuzzer started 2020/09/06 15:11:06 dialing manager at 10.0.2.10:44149 2020/09/06 15:11:06 syscalls: 3323 2020/09/06 15:11:06 code coverage: enabled 2020/09/06 15:11:06 comparison tracing: enabled 2020/09/06 15:11:06 extra coverage: enabled 2020/09/06 15:11:06 setuid sandbox: enabled 2020/09/06 15:11:06 namespace sandbox: enabled 2020/09/06 15:11:06 Android sandbox: /sys/fs/selinux/policy does not exist 2020/09/06 15:11:06 fault injection: enabled 2020/09/06 15:11:06 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/09/06 15:11:06 net packet injection: enabled 2020/09/06 15:11:06 net device setup: enabled 2020/09/06 15:11:06 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/09/06 15:11:06 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/09/06 15:11:06 USB emulation: enabled 2020/09/06 15:11:06 hci packet injection: enabled 15:12:11 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sysvipc/msg\x00', 0x0, 0x0) r2 = socket(0x2, 0x1, 0x0) r3 = dup2(r2, r1) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000540)=ANY=[@ANYBLOB="66696c746572000000800000000000000000f5ffffff000000010001001a00000e000000040000009002000000070000c800000060010000c8000000c8000080f8010000f8010000f8010000f8010000f8010000040000000000009cdfffe37e237e85dcb5823577276fb1c90000000100e60000000000000200000000000000efffffffffffffff0000000000000400e2a883d3000000000003000000000000699f78925ebd00f6000000001d200000000e000000000000a000c800000000000019000800000080df0000000000000030006164647274797065000000000002000000200000000000800000000000007a3c0000000000000000000000000000280052454a4543540000800000cfdcf6e80000df1c0009000000ecff0100000000060000000000f812b61b4aa20c1abb004a0000000400006772653000000000000004000000000000000000000000000000000000000000000091000000000000000000e884c354afa8a803279c0004000c00f500000000f49200000000000070009800000022b800000000000000000000000000100000280052454a45435400000000e0ff1bff7d000000fcffffbfff7fffffffffff00b6122a913c23374e00000000000000000000000000070000000040affe4a8da7fec0ffff17ff00000000ff0001000000000000000000000000000000000000000000000000000000000000000000000000000000000c1a0000000000010000007000980000000008d425000000000000001a0000000000042800534554000000000000000000000000000000000000000000000000000801000004000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000700098000004000000001c6900b2b0ad83346782a700000028000000ff00000000009d000000a60000400020ed0020000000000000000000feffffff"], 0x1) bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x4000000000001a8, 0x0) 15:12:11 executing program 1: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000200)={0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4}) mlock2(&(0x7f00006a1000/0x3000)=nil, 0x3000, 0x0) 15:12:13 executing program 2: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbfs(0x0, 0x0, 0x1) mknod$loop(0x0, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local}, 0x1c) syz_open_dev$tty1(0xc, 0x4, 0x1) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000040)=0x7fff) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "0000000000000000000000000000001d00"}) read(r0, &(0x7f000001a340)=""/102400, 0x19000) r1 = syz_open_pts(r0, 0x0) r2 = dup3(r1, r0, 0x0) ioctl$TCFLSH(r2, 0x540a, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000200)) 15:12:13 executing program 3: pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000080)=ANY=[@ANYBLOB="6d616e676c65000400012000000500000000000000000000f3000000000000001f0000000600000010040000e002000038020000800100003802000038020000780300007803000078030000780300007803000006000000000000000000000000000000000000000000000008000041b0000000000000000000000000000000000000000000deffffff00000000000000000000000000000000000000000000000000000000e70000000000000000000200000400000000c000e80000000000000000000000010000000000000000002800727066696c74657200000000000000000000000000000000000000000000000000000000e70028007365740000000000000000000000000000000000faffffffffffffff00010000000000000000280054544c00e4ffffff0000000000fffffffffffff8f50000000000000000000000000000000000000000000000000000000000000000000000000080f2ff7effffffcb000000359b6811000000000000000000000000000000000000000000000800000000000000000000000000000000000000feffffff0000000000000070009800000093111eea6b0dcc510000000000000000000028004453435000eeffffff000000000000000000000000ae51474821ccc6cd000000000000000000e0000002ec1414aa00000000000000000000000000000000000000000000000065727370616e30000008000000000002000e0000000000000000000000330000000000fffffff900007a00002000040000000000040000007000b8000000000000ffe7000000000000000000d54d00004800544545000000000000f9ffffffff05f4bc8100000000d0001f0700000001fff80000000020000000000000008ecd8eea6a901b2400000000000000000000000000000000000000000000000000000000000000000000000000000000000000001d4964630000000000000000000200000000000000000000000000000000f8000000000000000000000000000000000000100000000000000000000000807000a800000000aa000000000000000000000000000000003800534554000000000000000000ff00000000000001000000400000000000030000040700000000000002e1ff04000000000649000000190000f7bd00000000000000000000000000fc00000000000000000000000000000000000003000000e8000000000000004000000f000000000000000000000000000000000004000000000000000000eaf100000000000400700098000000000000000000000000000000000000000000280054544c000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000700098000000000000000000000000000000000000000000280000000004000700408000000000000000000000000000ffffffe400200000feffffff"], 0x1) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) socket$inet(0x2, 0x200000003, 0x84) bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @loopback}, 0x10) connect$inet(r3, &(0x7f0000001280)={0x2, 0x0, @multicast1}, 0x10) splice(r0, 0x0, r3, 0x0, 0x19401, 0x0) syzkaller login: [ 282.622028][ T9617] IPVS: ftp: loaded support on port[0] = 21 [ 282.946200][ T9619] IPVS: ftp: loaded support on port[0] = 21 [ 283.262496][ T9617] chnl_net:caif_netlink_parms(): no params data found [ 283.276904][ T9621] IPVS: ftp: loaded support on port[0] = 21 [ 283.605681][ T9617] bridge0: port 1(bridge_slave_0) entered blocking state [ 283.626266][ T9617] bridge0: port 1(bridge_slave_0) entered disabled state [ 283.664094][ T9617] device bridge_slave_0 entered promiscuous mode [ 283.740827][ T9619] chnl_net:caif_netlink_parms(): no params data found [ 283.797562][ T9617] bridge0: port 2(bridge_slave_1) entered blocking state [ 283.829647][ T9617] bridge0: port 2(bridge_slave_1) entered disabled state [ 283.861882][ T9617] device bridge_slave_1 entered promiscuous mode [ 283.928989][ T9617] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 283.964477][ T9617] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 284.060926][ T9626] IPVS: ftp: loaded support on port[0] = 21 [ 284.107570][ T9617] team0: Port device team_slave_0 added [ 284.141571][ T9621] chnl_net:caif_netlink_parms(): no params data found [ 284.165405][ T9617] team0: Port device team_slave_1 added [ 284.184216][ T9619] bridge0: port 1(bridge_slave_0) entered blocking state [ 284.198153][ T9619] bridge0: port 1(bridge_slave_0) entered disabled state [ 284.214961][ T9619] device bridge_slave_0 entered promiscuous mode [ 284.251632][ T9619] bridge0: port 2(bridge_slave_1) entered blocking state [ 284.262507][ T9619] bridge0: port 2(bridge_slave_1) entered disabled state [ 284.273822][ T9619] device bridge_slave_1 entered promiscuous mode [ 284.302688][ T9617] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 284.318353][ T9617] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 284.373936][ T9617] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 284.407107][ T9617] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 284.426665][ T9617] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 284.443340][ T23] Bluetooth: hci0: command 0x0409 tx timeout [ 284.540345][ T9617] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 284.650291][ T9619] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 284.708808][ T9619] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 284.788127][ T9619] team0: Port device team_slave_0 added [ 284.851820][ T9617] device hsr_slave_0 entered promiscuous mode [ 284.873393][ T9617] device hsr_slave_1 entered promiscuous mode [ 284.895550][ T9619] team0: Port device team_slave_1 added [ 284.922405][ T2788] Bluetooth: hci1: command 0x0409 tx timeout [ 284.966229][ T9619] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 284.991209][ T9619] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 285.059594][ T9619] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 285.101403][ T9621] bridge0: port 1(bridge_slave_0) entered blocking state [ 285.123675][ T9621] bridge0: port 1(bridge_slave_0) entered disabled state [ 285.147431][ T9621] device bridge_slave_0 entered promiscuous mode [ 285.162250][ T23] Bluetooth: hci2: command 0x0409 tx timeout [ 285.178896][ T9619] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 285.212381][ T9619] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 285.290059][ T9619] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 285.321044][ T9621] bridge0: port 2(bridge_slave_1) entered blocking state [ 285.336818][ T9621] bridge0: port 2(bridge_slave_1) entered disabled state [ 285.353840][ T9621] device bridge_slave_1 entered promiscuous mode [ 285.436714][ T9621] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 285.484475][ T9621] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 285.549248][ T9619] device hsr_slave_0 entered promiscuous mode [ 285.563956][ T9619] device hsr_slave_1 entered promiscuous mode [ 285.578317][ T9619] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 285.593238][ T9619] Cannot create hsr debugfs directory [ 285.631467][ T9621] team0: Port device team_slave_0 added [ 285.648224][ T9621] team0: Port device team_slave_1 added [ 285.685356][ T9626] chnl_net:caif_netlink_parms(): no params data found [ 285.727453][ T9621] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 285.747630][ T9621] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 285.819725][ T9621] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 285.882809][ T23] Bluetooth: hci3: command 0x0409 tx timeout [ 285.890661][ T9621] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 285.929501][ T9621] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 286.030586][ T9621] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 286.215571][ T9621] device hsr_slave_0 entered promiscuous mode [ 286.241279][ T9621] device hsr_slave_1 entered promiscuous mode [ 286.268705][ T9621] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 286.313196][ T9621] Cannot create hsr debugfs directory [ 286.399603][ T9626] bridge0: port 1(bridge_slave_0) entered blocking state [ 286.448558][ T9626] bridge0: port 1(bridge_slave_0) entered disabled state [ 286.500546][ T9626] device bridge_slave_0 entered promiscuous mode [ 286.538883][ T9626] bridge0: port 2(bridge_slave_1) entered blocking state [ 286.587086][ T9626] bridge0: port 2(bridge_slave_1) entered disabled state [ 286.621843][ T2546] Bluetooth: hci0: command 0x041b tx timeout [ 286.644488][ T9626] device bridge_slave_1 entered promiscuous mode [ 286.782266][ T9617] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 286.820103][ T9617] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 286.845069][ T9626] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 286.874925][ T9626] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 286.918911][ T9617] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 286.955744][ T9617] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 286.988796][ T9626] team0: Port device team_slave_0 added [ 287.005601][ T2788] Bluetooth: hci1: command 0x041b tx timeout [ 287.059844][ T9626] team0: Port device team_slave_1 added [ 287.116612][ T9626] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 287.135352][ T9626] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 287.211568][ T9626] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 287.241050][ T9619] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 287.267616][ T1239] Bluetooth: hci2: command 0x041b tx timeout [ 287.294622][ T9626] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 287.310361][ T9626] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 287.368461][ T9626] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 287.397121][ T9619] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 287.439316][ T9619] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 287.462969][ T9619] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 287.533752][ T9626] device hsr_slave_0 entered promiscuous mode [ 287.568792][ T9626] device hsr_slave_1 entered promiscuous mode [ 287.597098][ T9626] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 287.632471][ T9626] Cannot create hsr debugfs directory [ 287.733717][ T9621] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 287.786306][ T9621] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 287.820997][ T9621] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 287.869577][ T9621] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 287.962677][ T1239] Bluetooth: hci3: command 0x041b tx timeout [ 288.076134][ T9617] 8021q: adding VLAN 0 to HW filter on device bond0 [ 288.121729][ T9626] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 288.146586][ T9626] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 288.160925][ T9626] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 288.180865][ T9626] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 288.208630][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 288.233303][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 288.256431][ T9617] 8021q: adding VLAN 0 to HW filter on device team0 [ 288.295323][ T1239] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 288.328871][ T1239] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 288.347694][ T1239] bridge0: port 1(bridge_slave_0) entered blocking state [ 288.359637][ T1239] bridge0: port 1(bridge_slave_0) entered forwarding state [ 288.378901][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 288.405796][ T9619] 8021q: adding VLAN 0 to HW filter on device bond0 [ 288.438686][ T9649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 288.457540][ T9649] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 288.481075][ T9649] bridge0: port 2(bridge_slave_1) entered blocking state [ 288.493255][ T9649] bridge0: port 2(bridge_slave_1) entered forwarding state [ 288.507676][ T9649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 288.537528][ T1239] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 288.550391][ T1239] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 288.562354][ T1239] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 288.587615][ T9619] 8021q: adding VLAN 0 to HW filter on device team0 [ 288.600609][ T2788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 288.617078][ T2788] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 288.633786][ T2788] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 288.671237][ T9649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 288.682165][ T23] Bluetooth: hci0: command 0x040f tx timeout [ 288.688183][ T9649] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 288.723895][ T9649] bridge0: port 1(bridge_slave_0) entered blocking state [ 288.749371][ T9649] bridge0: port 1(bridge_slave_0) entered forwarding state [ 288.767383][ T9649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 288.789110][ T9649] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 288.803877][ T9649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 288.820404][ T9649] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 288.833318][ T9649] bridge0: port 2(bridge_slave_1) entered blocking state [ 288.846127][ T9649] bridge0: port 2(bridge_slave_1) entered forwarding state [ 288.859527][ T9649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 288.873980][ T9649] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 288.903145][ T9621] 8021q: adding VLAN 0 to HW filter on device bond0 [ 288.934048][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 288.953529][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 288.968803][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 288.981568][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 289.001811][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 289.018172][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 289.034929][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 289.055212][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 289.082805][ T9649] Bluetooth: hci1: command 0x040f tx timeout [ 289.106065][ T9617] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 289.158044][ T9626] 8021q: adding VLAN 0 to HW filter on device bond0 [ 289.210115][ T2546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 289.269275][ T2546] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 289.315214][ T2546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 289.322810][ T28] Bluetooth: hci2: command 0x040f tx timeout [ 289.369177][ T2546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 289.466383][ T9621] 8021q: adding VLAN 0 to HW filter on device team0 [ 289.522769][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 289.574723][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 289.630584][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 289.686871][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 289.790763][ T9626] 8021q: adding VLAN 0 to HW filter on device team0 [ 289.849915][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 289.898609][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 289.932759][ T18] bridge0: port 1(bridge_slave_0) entered blocking state [ 289.960697][ T18] bridge0: port 1(bridge_slave_0) entered forwarding state [ 290.000589][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 290.042685][ T23] Bluetooth: hci3: command 0x040f tx timeout [ 290.081204][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 290.113786][ T18] bridge0: port 2(bridge_slave_1) entered blocking state [ 290.136615][ T18] bridge0: port 2(bridge_slave_1) entered forwarding state [ 290.160261][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 290.187814][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 290.209863][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 290.229330][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 290.247901][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 290.274761][ T9617] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 290.324041][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 290.347808][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 290.378976][ T18] bridge0: port 1(bridge_slave_0) entered blocking state [ 290.399671][ T18] bridge0: port 1(bridge_slave_0) entered forwarding state [ 290.425612][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 290.444598][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 290.464158][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 290.490015][ T18] bridge0: port 2(bridge_slave_1) entered blocking state [ 290.510948][ T18] bridge0: port 2(bridge_slave_1) entered forwarding state [ 290.538815][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 290.557232][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 290.604370][ T2546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 290.941166][ T2546] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 290.969802][ T23] Bluetooth: hci0: command 0x0419 tx timeout [ 291.028781][ T2546] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 291.194319][ T23] Bluetooth: hci1: command 0x0419 tx timeout [ 291.236943][ T2546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 291.294964][ T2546] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 291.349586][ T2546] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 291.382988][ T2546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 291.383917][ T2546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 291.457061][ T2546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 291.512946][ T23] Bluetooth: hci2: command 0x0419 tx timeout [ 291.514006][ T2546] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 291.588052][ T2546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 291.651622][ T9619] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 291.694257][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 291.732650][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 291.775334][ T9621] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 291.811688][ T9621] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 291.846868][ T1239] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 291.868319][ T1239] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 291.889658][ T1239] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 291.918608][ T1239] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 291.946218][ T1239] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 291.980231][ T1239] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 292.006690][ T1239] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 292.050252][ T9617] device veth0_vlan entered promiscuous mode [ 292.078203][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 292.101575][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 292.122344][ T1239] Bluetooth: hci3: command 0x0419 tx timeout [ 292.124228][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 292.152493][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 292.166836][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 292.182623][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 292.216626][ T9626] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 292.244961][ T9626] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 292.268826][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 292.301795][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 292.332485][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 292.356900][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 292.382659][ T9621] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 292.417009][ T9617] device veth1_vlan entered promiscuous mode [ 292.457262][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 292.486361][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 292.507456][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 292.558890][ T9649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 292.583639][ T9649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 292.623802][ T9619] device veth0_vlan entered promiscuous mode [ 292.646069][ T9649] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 292.669502][ T9649] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 292.692351][ T9649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 292.719473][ T9649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 292.744823][ T9649] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 292.775819][ T9649] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 292.836524][ T9626] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 292.858837][ T9650] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 292.877629][ T9650] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 292.898202][ T9617] device veth0_macvtap entered promiscuous mode [ 292.914461][ T9619] device veth1_vlan entered promiscuous mode [ 292.938911][ T9621] device veth0_vlan entered promiscuous mode [ 292.958588][ T9650] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 292.977701][ T9650] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 292.994977][ T9650] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 293.018110][ T9650] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 293.037841][ T9650] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 293.063607][ T9650] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 293.119109][ T9617] device veth1_macvtap entered promiscuous mode [ 293.162823][ T9621] device veth1_vlan entered promiscuous mode [ 293.193987][ T9617] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 293.239103][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 293.272922][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 293.303974][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 293.328805][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 293.424297][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 293.453753][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 293.470391][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 293.494105][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 293.528417][ T9619] device veth0_macvtap entered promiscuous mode [ 293.548438][ T2546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 293.570929][ T2546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 293.588418][ T2546] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 293.637265][ T9617] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 293.652796][ T9619] device veth1_macvtap entered promiscuous mode [ 293.669752][ T2788] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 293.694895][ T2788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 293.717938][ T2788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 293.755035][ T2788] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 293.787399][ T2788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 293.814688][ T2788] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 293.831891][ T2788] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 293.852807][ T9626] device veth0_vlan entered promiscuous mode [ 293.874082][ T9617] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 293.904553][ T9617] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 293.938252][ T9617] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 293.968944][ T9617] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.024438][ T9621] device veth0_macvtap entered promiscuous mode [ 294.058305][ T9621] device veth1_macvtap entered promiscuous mode [ 294.079384][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 294.098929][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 294.120415][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 294.146690][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 294.217738][ T9619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 294.243337][ T9619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 294.270133][ T9619] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 294.307938][ T9626] device veth1_vlan entered promiscuous mode [ 294.323504][ T2546] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 294.345888][ T2546] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 294.366339][ T2546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 294.428258][ T9619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 294.466203][ T9619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 294.508226][ T9619] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 294.548548][ T9621] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 294.584120][ T9621] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 294.606389][ T9621] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 294.625406][ T9621] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 294.646123][ T9621] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 294.662440][ T9650] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 294.679313][ T9650] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 294.698827][ T9650] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 294.713073][ T9650] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 294.729617][ T9650] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 294.753807][ T9619] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.794427][ T9619] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.840234][ T9619] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.879328][ T9619] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.921829][ T9617] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 294.927530][ T9621] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 295.015995][ T9621] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.057111][ T9621] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 295.113824][ T9621] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.183109][ T9621] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 295.261247][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 295.316843][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 15:12:27 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x8000, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) write$binfmt_elf64(r0, &(0x7f00000006c0)=ANY=[], 0x45) [ 295.416641][ T9621] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.481181][ T9621] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.530396][ T9621] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.542841][ T9658] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 295.575953][ T9621] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 15:12:27 executing program 0: r0 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f0000000300)={'syz', 0x0}, &(0x7f00000002c0)="f5", 0x1, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000240)="db", 0x1) [ 295.714611][ T9649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready 15:12:27 executing program 0: r0 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f0000000300)={'syz', 0x0}, &(0x7f00000002c0)="f5", 0x1, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000240)="db", 0x1) [ 295.749127][ T9649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready 15:12:27 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x2}, [@NDA_DST_MAC={0xa, 0x1, @multicast}]}, 0x28}}, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) [ 295.821775][ T9626] device veth0_macvtap entered promiscuous mode [ 295.870585][ T9626] device veth1_macvtap entered promiscuous mode 15:12:27 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x10, 0x803, 0x0) sendto(r2, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r2, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x374, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x5eb}, {&(0x7f0000000140)=""/85, 0x202}, {&(0x7f0000000fc0)=""/4096, 0x21}, {&(0x7f0000000400)=""/106, 0x2ce}, {&(0x7f0000000740)=""/73, 0x3dd}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x40d}, {&(0x7f0000000000)=""/22, 0xa}], 0x81, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) [ 295.956019][ T9626] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 295.998306][ T9626] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 296.035831][ T9626] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 296.066942][ T9626] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 296.096476][ T9626] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 296.131724][ T9626] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 296.163736][ T9626] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 296.198594][ T1239] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 296.219103][ T1239] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 296.241613][ T1239] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 296.270625][ T9626] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 296.306594][ T9626] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 296.336164][ T9626] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 296.377139][ T9626] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 296.377477][ T9626] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 296.377481][ T9626] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 296.389019][ T9626] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 296.401025][ T9640] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 296.403039][ T9640] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 296.415418][ T9626] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 296.415436][ T9626] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 296.415449][ T9626] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 296.415512][ T9626] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 296.637814][ T9677] ================================================================== [ 296.640337][ T9677] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x117f/0x1290 [ 296.640346][ T9677] Write of size 4 at addr ffffc90009611000 by task syz-executor.1/9677 [ 296.640349][ T9677] [ 296.640703][ T9677] CPU: 1 PID: 9677 Comm: syz-executor.1 Not tainted 5.9.0-rc3-syzkaller #0 [ 296.640709][ T9677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 296.641689][ T9677] Call Trace: [ 296.642245][ T9677] dump_stack+0x198/0x1fd [ 296.642245][ T9677] ? sys_imageblit+0x117f/0x1290 [ 296.642245][ T9677] ? sys_imageblit+0x117f/0x1290 [ 296.642245][ T9677] print_address_description.constprop.0.cold+0x5/0x497 [ 296.642245][ T9677] ? sys_imageblit+0x117f/0x1290 [ 296.642245][ T9677] ? lockdep_hardirqs_off+0x96/0xd0 [ 296.642245][ T9677] ? vprintk_func+0x97/0x1a6 [ 296.642245][ T9677] ? sys_imageblit+0x117f/0x1290 [ 296.642245][ T9677] ? sys_imageblit+0x117f/0x1290 [ 296.642245][ T9677] kasan_report.cold+0x1f/0x37 [ 296.642245][ T9677] ? sys_imageblit+0x117f/0x1290 [ 296.642245][ T9677] sys_imageblit+0x117f/0x1290 [ 296.642245][ T9677] drm_fb_helper_sys_imageblit+0x1c/0x180 [ 296.642245][ T9677] bit_putcs+0x6e1/0xd20 [ 296.642245][ T9677] ? bit_cursor+0x17d0/0x17d0 [ 296.642245][ T9677] ? fb_get_color_depth+0x11a/0x240 [ 296.642245][ T9677] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 296.642245][ T9677] ? bit_cursor+0x17d0/0x17d0 [ 296.642245][ T9677] fbcon_putcs+0x33c/0x3f0 [ 296.642245][ T9677] do_update_region+0x399/0x630 [ 296.642245][ T9677] ? con_get_trans_old+0x280/0x280 [ 296.642245][ T9677] ? fb_get_color_depth+0x11a/0x240 [ 296.642245][ T9677] ? fbcon_set_palette+0x3a8/0x490 [ 296.642245][ T9677] ? var_to_display+0x7f0/0x7f0 [ 296.642245][ T9677] redraw_screen+0x64e/0x770 [ 296.642245][ T9677] ? vc_init+0x430/0x430 [ 296.642245][ T9677] ? fb_get_color_depth+0x11a/0x240 [ 296.642245][ T9677] ? fbcon_set_palette+0x3a8/0x490 [ 296.642245][ T9677] fbcon_modechanged+0x575/0x710 [ 296.642245][ T9677] fbcon_update_vcs+0x3a/0x50 [ 296.642245][ T9677] do_fb_ioctl+0x62e/0x690 [ 296.642245][ T9677] ? fb_set_suspend+0x1a0/0x1a0 [ 296.642245][ T9677] ? lock_downgrade+0x830/0x830 [ 296.642245][ T9677] ? kfree+0x221/0x2b0 [ 296.642245][ T9677] ? check_preemption_disabled+0x50/0x130 [ 296.642245][ T9677] ? kfree+0x221/0x2b0 [ 296.642245][ T9677] ? tomoyo_path_number_perm+0x415/0x4d0 [ 296.642245][ T9677] ? lockdep_hardirqs_on+0x53/0x100 [ 296.642245][ T9677] ? tomoyo_path_number_perm+0x244/0x4d0 [ 296.642245][ T9677] ? tomoyo_execute_permission+0x470/0x470 [ 296.642245][ T9677] ? lock_is_held_type+0xbb/0xf0 [ 296.642245][ T9677] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 296.642245][ T9677] ? do_vfs_ioctl+0x27d/0x1090 [ 296.642245][ T9677] ? generic_block_fiemap+0x60/0x60 [ 296.642245][ T9677] fb_compat_ioctl+0x175/0xc10 [ 296.642245][ T9677] ? fb_open+0x430/0x430 [ 296.642245][ T9677] ? __fget_files+0x294/0x400 [ 296.642245][ T9677] ? bpf_lsm_file_ioctl+0x5/0x10 [ 296.642245][ T9677] ? fb_open+0x430/0x430 [ 296.642245][ T9677] __do_compat_sys_ioctl+0x1d3/0x230 [ 296.642245][ T9677] __do_fast_syscall_32+0x57/0x80 [ 296.642245][ T9677] do_fast_syscall_32+0x2f/0x70 [ 296.642245][ T9677] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 296.655086][ T9677] RIP: 0023:0xf7f6b549 [ 296.655086][ T9677] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 296.655086][ T9677] RSP: 002b:00000000f55650bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 296.655086][ T9677] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004601 [ 296.655086][ T9677] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000 [ 296.655086][ T9677] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 296.655086][ T9677] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 296.655086][ T9677] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 296.655086][ T9677] [ 296.655086][ T9677] [ 296.655086][ T9677] Memory state around the buggy address: [ 296.655086][ T9677] ffffc90009610f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 296.655086][ T9677] ffffc90009610f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 296.655086][ T9677] >ffffc90009611000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 296.655086][ T9677] ^ [ 296.655086][ T9677] ffffc90009611080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 296.655086][ T9677] ffffc90009611100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 296.655086][ T9677] ================================================================== [ 296.655086][ T9677] Disabling lock debugging due to kernel taint [ 296.697714][ T9677] Kernel panic - not syncing: panic_on_warn set ... [ 296.697922][ T9677] CPU: 1 PID: 9677 Comm: syz-executor.1 Tainted: G B 5.9.0-rc3-syzkaller #0 [ 296.697928][ T9677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 296.697988][ T9677] Call Trace: [ 296.698664][ T9677] dump_stack+0x198/0x1fd [ 296.698677][ T9677] ? sys_imageblit+0x1110/0x1290 [ 296.699042][ T9677] panic+0x347/0x7c0 [ 296.699051][ T9677] ? __warn_printk+0xf3/0xf3 [ 296.699062][ T9677] ? preempt_schedule_common+0x59/0xc0 [ 296.699070][ T9677] ? sys_imageblit+0x117f/0x1290 [ 296.699343][ T9677] ? preempt_schedule_thunk+0x16/0x18 [ 296.699417][ T9677] ? trace_hardirqs_on+0x55/0x220 [ 296.699426][ T9677] ? sys_imageblit+0x117f/0x1290 [ 296.699433][ T9677] ? sys_imageblit+0x117f/0x1290 [ 296.699441][ T9677] end_report+0x4d/0x53 [ 296.699448][ T9677] kasan_report.cold+0xd/0x37 [ 296.699456][ T9677] ? sys_imageblit+0x117f/0x1290 [ 296.699464][ T9677] sys_imageblit+0x117f/0x1290 [ 296.699480][ T9677] drm_fb_helper_sys_imageblit+0x1c/0x180 [ 296.699488][ T9677] bit_putcs+0x6e1/0xd20 [ 296.699498][ T9677] ? bit_cursor+0x17d0/0x17d0 [ 296.699513][ T9677] ? fb_get_color_depth+0x11a/0x240 [ 296.699526][ T9677] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 296.699535][ T9677] ? bit_cursor+0x17d0/0x17d0 [ 296.699541][ T9677] fbcon_putcs+0x33c/0x3f0 [ 296.699600][ T9677] do_update_region+0x399/0x630 [ 296.699609][ T9677] ? con_get_trans_old+0x280/0x280 [ 296.699617][ T9677] ? fb_get_color_depth+0x11a/0x240 [ 296.699625][ T9677] ? fbcon_set_palette+0x3a8/0x490 [ 296.699631][ T9677] ? var_to_display+0x7f0/0x7f0 [ 296.699640][ T9677] redraw_screen+0x64e/0x770 [ 296.699652][ T9677] ? vc_init+0x430/0x430 [ 296.699664][ T9677] ? fb_get_color_depth+0x11a/0x240 [ 296.699672][ T9677] ? fbcon_set_palette+0x3a8/0x490 [ 296.699680][ T9677] fbcon_modechanged+0x575/0x710 [ 296.699688][ T9677] fbcon_update_vcs+0x3a/0x50 [ 296.699696][ T9677] do_fb_ioctl+0x62e/0x690 [ 296.699704][ T9677] ? fb_set_suspend+0x1a0/0x1a0 [ 296.699715][ T9677] ? lock_downgrade+0x830/0x830 [ 296.699721][ T9677] ? kfree+0x221/0x2b0 [ 296.699732][ T9677] ? check_preemption_disabled+0x50/0x130 [ 296.699738][ T9677] ? kfree+0x221/0x2b0 [ 296.699749][ T9677] ? tomoyo_path_number_perm+0x415/0x4d0 [ 296.699761][ T9677] ? lockdep_hardirqs_on+0x53/0x100 [ 296.699770][ T9677] ? tomoyo_path_number_perm+0x244/0x4d0 [ 296.699782][ T9677] ? tomoyo_execute_permission+0x470/0x470 [ 296.699791][ T9677] ? lock_is_held_type+0xbb/0xf0 [ 296.699801][ T9677] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 296.699812][ T9677] ? do_vfs_ioctl+0x27d/0x1090 [ 296.699819][ T9677] ? generic_block_fiemap+0x60/0x60 [ 296.699828][ T9677] fb_compat_ioctl+0x175/0xc10 [ 296.699835][ T9677] ? fb_open+0x430/0x430 [ 296.699844][ T9677] ? __fget_files+0x294/0x400 [ 296.699854][ T9677] ? bpf_lsm_file_ioctl+0x5/0x10 [ 296.699861][ T9677] ? fb_open+0x430/0x430 [ 296.699873][ T9677] __do_compat_sys_ioctl+0x1d3/0x230 [ 296.699882][ T9677] __do_fast_syscall_32+0x57/0x80 [ 296.699890][ T9677] do_fast_syscall_32+0x2f/0x70 [ 296.699899][ T9677] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 296.700052][ T9677] RIP: 0023:0xf7f6b549 [ 296.700124][ T9677] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 296.700129][ T9677] RSP: 002b:00000000f55650bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 296.700136][ T9677] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004601 [ 296.700141][ T9677] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000 [ 296.700145][ T9677] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 296.700149][ T9677] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 296.700154][ T9677] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 296.702302][ T9677] Kernel Offset: disabled [ 296.702302][ T9677] Rebooting in 86400 seconds..