Warning: Permanently added '10.128.0.41' (ECDSA) to the list of known hosts. 2020/07/19 17:19:55 fuzzer started 2020/07/19 17:19:55 dialing manager at 10.128.0.26:33695 2020/07/19 17:19:56 syscalls: 3087 2020/07/19 17:19:56 code coverage: enabled 2020/07/19 17:19:56 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2020/07/19 17:19:56 extra coverage: enabled 2020/07/19 17:19:56 setuid sandbox: enabled 2020/07/19 17:19:56 namespace sandbox: enabled 2020/07/19 17:19:56 Android sandbox: enabled 2020/07/19 17:19:56 fault injection: enabled 2020/07/19 17:19:56 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/07/19 17:19:56 net packet injection: enabled 2020/07/19 17:19:56 net device setup: enabled 2020/07/19 17:19:56 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/07/19 17:19:56 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/07/19 17:19:56 USB emulation: /dev/raw-gadget does not exist 17:22:39 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) syzkaller login: [ 295.661796][ T32] audit: type=1400 audit(1595179359.336:8): avc: denied { execmem } for pid=8508 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 295.971862][ T8509] IPVS: ftp: loaded support on port[0] = 21 [ 296.205005][ T8509] chnl_net:caif_netlink_parms(): no params data found [ 296.450667][ T8509] bridge0: port 1(bridge_slave_0) entered blocking state [ 296.458523][ T8509] bridge0: port 1(bridge_slave_0) entered disabled state [ 296.468120][ T8509] device bridge_slave_0 entered promiscuous mode [ 296.482011][ T8509] bridge0: port 2(bridge_slave_1) entered blocking state [ 296.489765][ T8509] bridge0: port 2(bridge_slave_1) entered disabled state [ 296.499148][ T8509] device bridge_slave_1 entered promiscuous mode [ 296.551408][ T8509] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 296.566959][ T8509] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 296.616562][ T8509] team0: Port device team_slave_0 added [ 296.628902][ T8509] team0: Port device team_slave_1 added [ 296.677445][ T8509] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 296.684495][ T8509] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 296.711026][ T8509] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 296.726594][ T8509] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 296.733871][ T8509] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 296.760945][ T8509] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 296.965029][ T8509] device hsr_slave_0 entered promiscuous mode [ 297.058689][ T8509] device hsr_slave_1 entered promiscuous mode [ 297.590392][ T8509] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 297.628302][ T8509] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 297.686147][ T8509] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 297.944072][ T8509] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 298.300914][ T8509] 8021q: adding VLAN 0 to HW filter on device bond0 [ 298.341203][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 298.350356][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 298.381000][ T8509] 8021q: adding VLAN 0 to HW filter on device team0 [ 298.403893][ T2313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 298.413794][ T2313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 298.423207][ T2313] bridge0: port 1(bridge_slave_0) entered blocking state [ 298.430471][ T2313] bridge0: port 1(bridge_slave_0) entered forwarding state [ 298.493334][ T8509] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 298.504322][ T8509] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 298.520173][ T2313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 298.529540][ T2313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 298.539220][ T2313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 298.548586][ T2313] bridge0: port 2(bridge_slave_1) entered blocking state [ 298.555767][ T2313] bridge0: port 2(bridge_slave_1) entered forwarding state [ 298.564743][ T2313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 298.575541][ T2313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 298.586277][ T2313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 298.596648][ T2313] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 298.607086][ T2313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 298.617219][ T2313] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 298.627386][ T2313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 298.636643][ T2313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 298.646682][ T2313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 298.656175][ T2313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 298.670975][ T2313] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 298.681833][ T2313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 298.732065][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 298.739839][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 298.774896][ T8509] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 298.821053][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 298.831240][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 298.874747][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 298.884324][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 298.900380][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 298.909918][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 298.926484][ T8509] device veth0_vlan entered promiscuous mode [ 298.953543][ T8509] device veth1_vlan entered promiscuous mode [ 299.005520][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 299.015301][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 299.024665][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 299.034496][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 299.063468][ T8509] device veth0_macvtap entered promiscuous mode [ 299.083316][ T8509] device veth1_macvtap entered promiscuous mode [ 299.129708][ T8509] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 299.137602][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 299.147127][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 299.156341][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 299.166199][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 299.195346][ T8509] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 299.228477][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 299.238755][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 299.771714][ T8734] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 299.900824][ T8731] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 17:22:43 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000380)={'macvtap0\x00', 0x0}) 17:22:43 executing program 0: r0 = socket(0x22, 0x2, 0x1) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r0, 0x29, 0xd3, 0x0, 0x0) 17:22:44 executing program 0: r0 = socket(0x22, 0x2, 0x1) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r0, 0x29, 0xd3, 0x0, 0x0) 17:22:44 executing program 0: perf_event_open(&(0x7f00000012c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, @perf_bp={0x0}, 0x60}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000001980)={0x9, 0x2, 0x2}) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc044565d, &(0x7f0000000100)={0x0, 0x2, 0x0, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "7aa65ae7"}, 0x0, 0x2, @userptr=0x81a0000, 0x96000}) [ 300.726541][ C0] hrtimer: interrupt took 47722 ns [ 300.742592][ T8755] use of bytesused == 0 is deprecated and will be removed in the future, [ 300.751967][ T8755] use the actual size instead. [ 300.850222][ T8755] ===================================================== [ 300.857207][ T8755] BUG: KMSAN: uninit-value in kmsan_check_memory+0xd/0x10 [ 300.864329][ T8755] CPU: 0 PID: 8755 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 300.872913][ T8755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 300.882975][ T8755] Call Trace: [ 300.886276][ T8755] dump_stack+0x1df/0x240 [ 300.890611][ T8755] kmsan_report+0xf7/0x1e0 [ 300.895044][ T8755] kmsan_internal_check_memory+0x238/0x3d0 [ 300.900850][ T8755] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 300.907019][ T8755] kmsan_check_memory+0xd/0x10 [ 300.911786][ T8755] _copy_to_user+0x100/0x1d0 [ 300.916384][ T8755] video_usercopy+0x248a/0x2c00 [ 300.921280][ T8755] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 300.927444][ T8755] video_ioctl2+0x9f/0xb0 [ 300.931779][ T8755] ? video_usercopy+0x2c00/0x2c00 [ 300.936801][ T8755] v4l2_ioctl+0x23f/0x270 [ 300.941131][ T8755] ? v4l2_poll+0x400/0x400 [ 300.945549][ T8755] do_video_ioctl+0x5eb6/0x10f20 [ 300.950511][ T8755] ? kmsan_get_metadata+0x11d/0x180 [ 300.955711][ T8755] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 300.961514][ T8755] ? __msan_metadata_ptr_for_load_2+0x10/0x20 [ 300.967577][ T8755] ? do_vfs_ioctl+0x10c7/0x2f50 [ 300.972426][ T8755] ? kmsan_get_metadata+0x11d/0x180 [ 300.977626][ T8755] ? kmsan_get_metadata+0x11d/0x180 [ 300.982848][ T8755] ? v4l2_poll+0x340/0x400 [ 300.987261][ T8755] v4l2_compat_ioctl32+0x2b7/0x320 [ 300.992379][ T8755] ? v4l2_fill_pixfmt+0x860/0x860 [ 300.997403][ T8755] __se_compat_sys_ioctl+0x57c/0xed0 [ 301.002691][ T8755] ? kmsan_get_metadata+0x4f/0x180 [ 301.007809][ T8755] ? kmsan_get_metadata+0x11d/0x180 [ 301.013015][ T8755] ? compat_ptr_ioctl+0x150/0x150 [ 301.018041][ T8755] __ia32_compat_sys_ioctl+0x4a/0x70 [ 301.023326][ T8755] __do_fast_syscall_32+0x2aa/0x400 [ 301.028530][ T8755] do_fast_syscall_32+0x6b/0xd0 [ 301.033386][ T8755] do_SYSENTER_32+0x73/0x90 [ 301.037894][ T8755] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 301.044224][ T8755] RIP: 0023:0xf7f68549 [ 301.048284][ T8755] Code: Bad RIP value. [ 301.052343][ T8755] RSP: 002b:00000000f5d630cc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 301.060761][ T8755] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c044565d [ 301.068734][ T8755] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 301.076701][ T8755] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 301.084842][ T8755] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 301.092810][ T8755] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 301.100787][ T8755] [ 301.103107][ T8755] Local variable ----vb32.i@video_usercopy created at: [ 301.109957][ T8755] video_usercopy+0x20bd/0x2c00 [ 301.114802][ T8755] video_usercopy+0x20bd/0x2c00 [ 301.119633][ T8755] [ 301.121954][ T8755] Bytes 52-55 of 80 are uninitialized [ 301.127329][ T8755] Memory access of size 80 starts at ffffb9fd413d3950 [ 301.134073][ T8755] ===================================================== [ 301.141089][ T8755] Disabling lock debugging due to kernel taint [ 301.147228][ T8755] Kernel panic - not syncing: panic_on_warn set ... [ 301.153812][ T8755] CPU: 0 PID: 8755 Comm: syz-executor.0 Tainted: G B 5.8.0-rc5-syzkaller #0 [ 301.163774][ T8755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 301.173821][ T8755] Call Trace: [ 301.177117][ T8755] dump_stack+0x1df/0x240 [ 301.181452][ T8755] panic+0x3d5/0xc3e [ 301.185369][ T8755] kmsan_report+0x1df/0x1e0 [ 301.189881][ T8755] kmsan_internal_check_memory+0x238/0x3d0 [ 301.195705][ T8755] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 301.201877][ T8755] kmsan_check_memory+0xd/0x10 [ 301.206738][ T8755] _copy_to_user+0x100/0x1d0 [ 301.211342][ T8755] video_usercopy+0x248a/0x2c00 [ 301.216239][ T8755] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 301.222401][ T8755] video_ioctl2+0x9f/0xb0 [ 301.226736][ T8755] ? video_usercopy+0x2c00/0x2c00 [ 301.231757][ T8755] v4l2_ioctl+0x23f/0x270 [ 301.236089][ T8755] ? v4l2_poll+0x400/0x400 [ 301.240505][ T8755] do_video_ioctl+0x5eb6/0x10f20 [ 301.245469][ T8755] ? kmsan_get_metadata+0x11d/0x180 [ 301.250692][ T8755] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 301.256786][ T8755] ? __msan_metadata_ptr_for_load_2+0x10/0x20 [ 301.262860][ T8755] ? do_vfs_ioctl+0x10c7/0x2f50 [ 301.267712][ T8755] ? kmsan_get_metadata+0x11d/0x180 [ 301.272917][ T8755] ? kmsan_get_metadata+0x11d/0x180 [ 301.278119][ T8755] ? v4l2_poll+0x340/0x400 [ 301.282538][ T8755] v4l2_compat_ioctl32+0x2b7/0x320 [ 301.287656][ T8755] ? v4l2_fill_pixfmt+0x860/0x860 [ 301.292694][ T8755] __se_compat_sys_ioctl+0x57c/0xed0 [ 301.297988][ T8755] ? kmsan_get_metadata+0x4f/0x180 [ 301.303107][ T8755] ? kmsan_get_metadata+0x11d/0x180 [ 301.308307][ T8755] ? compat_ptr_ioctl+0x150/0x150 [ 301.313338][ T8755] __ia32_compat_sys_ioctl+0x4a/0x70 [ 301.318712][ T8755] __do_fast_syscall_32+0x2aa/0x400 [ 301.323920][ T8755] do_fast_syscall_32+0x6b/0xd0 [ 301.328776][ T8755] do_SYSENTER_32+0x73/0x90 [ 301.333285][ T8755] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 301.339707][ T8755] RIP: 0023:0xf7f68549 [ 301.343769][ T8755] Code: Bad RIP value. [ 301.347834][ T8755] RSP: 002b:00000000f5d630cc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 301.356251][ T8755] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c044565d [ 301.364229][ T8755] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 301.372304][ T8755] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 301.380275][ T8755] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 301.388247][ T8755] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 301.396972][ T8755] ------------[ cut here ]------------ [ 301.402409][ T8755] kernel BUG at mm/kmsan/kmsan.h:87! [ 301.407675][ T8755] invalid opcode: 0000 [#1] SMP [ 301.412504][ T8755] CPU: 0 PID: 8755 Comm: syz-executor.0 Tainted: G B 5.8.0-rc5-syzkaller #0 [ 301.422446][ T8755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 301.432494][ T8755] RIP: 0010:kmsan_internal_check_memory+0x3c0/0x3d0 [ 301.439061][ T8755] Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 0b 48 c7 c7 ea 03 aa b3 31 c0 e8 81 fe 44 ff 0f 0b 0f 0b 0f 0b 0f 0b e8 32 3f 8c 0c 0f 0b <0f> 0b 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 83 ff [ 301.458645][ T8755] RSP: 0018:ffffb9fd413d32c8 EFLAGS: 00010046 [ 301.464683][ T8755] RAX: 0000000000000002 RBX: 0000000007700114 RCX: 0000000007700114 [ 301.472626][ T8755] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffb9fd413d33a4 [ 301.480616][ T8755] RBP: ffffb9fd413d3370 R08: 0000000000000000 R09: ffff9da9efc28210 [ 301.488561][ T8755] R10: 0000000000000000 R11: ffffffffaa802730 R12: 0000000000000000 [ 301.496548][ T8755] R13: 0000000000000001 R14: 0000000000000006 R15: 0000000000000001 [ 301.504526][ T8755] FS: 0000000000000000(0000) GS:ffff9da9efc00000(0063) knlGS:00000000f5d63b40 [ 301.513461][ T8755] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 301.520020][ T8755] CR2: 00007fff7c8e7000 CR3: 000000005f7e2000 CR4: 00000000001406f0 [ 301.527966][ T8755] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 301.535909][ T8755] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 301.543866][ T8755] Call Trace: [ 301.547151][ T8755] kmsan_check_memory+0xd/0x10 [ 301.551975][ T8755] iowrite8+0x99/0x2e0 [ 301.556034][ T8755] pvpanic_panic_notify+0x99/0xc0 [ 301.561031][ T8755] ? pvpanic_mmio_remove+0x60/0x60 [ 301.566141][ T8755] atomic_notifier_call_chain+0x130/0x250 [ 301.571844][ T8755] panic+0x468/0xc3e [ 301.575723][ T8755] kmsan_report+0x1df/0x1e0 [ 301.580232][ T8755] kmsan_internal_check_memory+0x238/0x3d0 [ 301.586011][ T8755] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 301.592140][ T8755] kmsan_check_memory+0xd/0x10 [ 301.596975][ T8755] _copy_to_user+0x100/0x1d0 [ 301.601545][ T8755] video_usercopy+0x248a/0x2c00 [ 301.606404][ T8755] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 301.612528][ T8755] video_ioctl2+0x9f/0xb0 [ 301.616832][ T8755] ? video_usercopy+0x2c00/0x2c00 [ 301.621841][ T8755] v4l2_ioctl+0x23f/0x270 [ 301.626159][ T8755] ? v4l2_poll+0x400/0x400 [ 301.630547][ T8755] do_video_ioctl+0x5eb6/0x10f20 [ 301.635467][ T8755] ? kmsan_get_metadata+0x11d/0x180 [ 301.640639][ T8755] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 301.646417][ T8755] ? __msan_metadata_ptr_for_load_2+0x10/0x20 [ 301.652456][ T8755] ? do_vfs_ioctl+0x10c7/0x2f50 [ 301.657279][ T8755] ? kmsan_get_metadata+0x11d/0x180 [ 301.662449][ T8755] ? kmsan_get_metadata+0x11d/0x180 [ 301.667619][ T8755] ? v4l2_poll+0x340/0x400 [ 301.672015][ T8755] v4l2_compat_ioctl32+0x2b7/0x320 [ 301.677109][ T8755] ? v4l2_fill_pixfmt+0x860/0x860 [ 301.682109][ T8755] __se_compat_sys_ioctl+0x57c/0xed0 [ 301.687368][ T8755] ? kmsan_get_metadata+0x4f/0x180 [ 301.692456][ T8755] ? kmsan_get_metadata+0x11d/0x180 [ 301.697629][ T8755] ? compat_ptr_ioctl+0x150/0x150 [ 301.702628][ T8755] __ia32_compat_sys_ioctl+0x4a/0x70 [ 301.707885][ T8755] __do_fast_syscall_32+0x2aa/0x400 [ 301.713068][ T8755] do_fast_syscall_32+0x6b/0xd0 [ 301.717908][ T8755] do_SYSENTER_32+0x73/0x90 [ 301.722386][ T8755] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 301.728684][ T8755] RIP: 0023:0xf7f68549 [ 301.732721][ T8755] Code: Bad RIP value. [ 301.736758][ T8755] RSP: 002b:00000000f5d630cc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 301.745139][ T8755] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c044565d [ 301.753084][ T8755] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 301.761027][ T8755] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 301.768969][ T8755] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 301.776926][ T8755] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 301.784875][ T8755] Modules linked in: [ 301.788766][ T8755] ---[ end trace 855f98169daa9061 ]--- [ 301.794223][ T8755] RIP: 0010:kmsan_internal_check_memory+0x3c0/0x3d0 [ 301.800808][ T8755] Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 0b 48 c7 c7 ea 03 aa b3 31 c0 e8 81 fe 44 ff 0f 0b 0f 0b 0f 0b 0f 0b e8 32 3f 8c 0c 0f 0b <0f> 0b 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 83 ff [ 301.820385][ T8755] RSP: 0018:ffffb9fd413d32c8 EFLAGS: 00010046 [ 301.826421][ T8755] RAX: 0000000000000002 RBX: 0000000007700114 RCX: 0000000007700114 [ 301.834364][ T8755] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffb9fd413d33a4 [ 301.842308][ T8755] RBP: ffffb9fd413d3370 R08: 0000000000000000 R09: ffff9da9efc28210 [ 301.850253][ T8755] R10: 0000000000000000 R11: ffffffffaa802730 R12: 0000000000000000 [ 301.858195][ T8755] R13: 0000000000000001 R14: 0000000000000006 R15: 0000000000000001 [ 301.866148][ T8755] FS: 0000000000000000(0000) GS:ffff9da9efc00000(0063) knlGS:00000000f5d63b40 [ 301.875049][ T8755] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 301.881606][ T8755] CR2: 00007fff7c8e7000 CR3: 000000005f7e2000 CR4: 00000000001406f0 [ 301.889637][ T8755] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 301.897584][ T8755] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 301.905528][ T8755] Kernel panic - not syncing: Fatal exception [ 301.912177][ T8755] Kernel Offset: 0x24400000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 301.923788][ T8755] Rebooting in 86400 seconds..