Warning: Permanently added '[localhost]:58258' (ECDSA) to the list of known hosts. 2019/12/19 07:40:34 fuzzer started 2019/12/19 07:40:36 dialing manager at 10.0.2.10:38365 2019/12/19 07:40:36 syscalls: 2698 2019/12/19 07:40:36 code coverage: enabled 2019/12/19 07:40:36 comparison tracing: enabled 2019/12/19 07:40:36 extra coverage: enabled 2019/12/19 07:40:36 setuid sandbox: enabled 2019/12/19 07:40:36 namespace sandbox: enabled 2019/12/19 07:40:36 Android sandbox: /sys/fs/selinux/policy does not exist 2019/12/19 07:40:36 fault injection: enabled 2019/12/19 07:40:36 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/12/19 07:40:36 net packet injection: enabled 2019/12/19 07:40:36 net device setup: enabled 2019/12/19 07:40:36 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2019/12/19 07:40:36 devlink PCI setup: PCI device 0000:00:10.0 is not available 07:41:12 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='lowerdir=.:file0']) mount$overlay(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000240)=ANY=[]) r2 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) getdents64(r2, 0x0, 0x0) r3 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) getdents64(r3, &(0x7f00000001c0)=""/168, 0xa8) 07:41:12 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={0xffffffffffffffff}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = perf_event_open(&(0x7f00000005c0)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8420, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r3) syzkaller login: [ 145.420024][ T8419] IPVS: ftp: loaded support on port[0] = 21 [ 145.451041][ T8421] IPVS: ftp: loaded support on port[0] = 21 07:41:13 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x1ff}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, 0x0, &(0x7f00000003c0)='y\x00', 0x2, 0x0) ioctl$VIDIOC_S_AUDOUT(0xffffffffffffffff, 0x40345632, 0x0) r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000400)={0x19, 0x7, 0x0, {{0xc, '/dev/radio#\x00'}}}, 0x19) listen(r0, 0x5) getresgid(0x0, &(0x7f0000000780), 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(0xffffffffffffffff, 0x10e, 0x8, 0x0, 0x0) getrusage(0xffffffffffffffff, 0x0) r2 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000280)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x1000000000054}, 0x98) 07:41:13 executing program 3: socket$inet6(0xa, 0x2, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000500)='/dev/net/tun\x00', 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/net/tun\x00', 0x0, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ttyS3\x00', 0x80000, 0x0) pipe(&(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) clock_gettime(0x0, &(0x7f0000000380)={0x0, 0x0}) sched_setattr(0x0, &(0x7f0000000400)={0x30, 0x1, 0x0, 0xfffffffc, 0x1}, 0x0) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b4}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) [ 145.983838][ T8423] IPVS: ftp: loaded support on port[0] = 21 [ 146.002461][ T8419] chnl_net:caif_netlink_parms(): no params data found [ 146.045676][ T8421] chnl_net:caif_netlink_parms(): no params data found [ 146.119264][ T8427] IPVS: ftp: loaded support on port[0] = 21 [ 146.131420][ T8419] bridge0: port 1(bridge_slave_0) entered blocking state [ 146.141761][ T8419] bridge0: port 1(bridge_slave_0) entered disabled state [ 146.157845][ T8419] device bridge_slave_0 entered promiscuous mode [ 146.183185][ T8421] bridge0: port 1(bridge_slave_0) entered blocking state [ 146.192948][ T8421] bridge0: port 1(bridge_slave_0) entered disabled state [ 146.203367][ T8421] device bridge_slave_0 entered promiscuous mode [ 146.219546][ T8421] bridge0: port 2(bridge_slave_1) entered blocking state [ 146.229546][ T8421] bridge0: port 2(bridge_slave_1) entered disabled state [ 146.241333][ T8421] device bridge_slave_1 entered promiscuous mode [ 146.257737][ T8419] bridge0: port 2(bridge_slave_1) entered blocking state [ 146.268789][ T8419] bridge0: port 2(bridge_slave_1) entered disabled state [ 146.281869][ T8419] device bridge_slave_1 entered promiscuous mode [ 146.317646][ T8421] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 146.342538][ T8421] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 146.378146][ T8419] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 146.399101][ T8419] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 146.417293][ T8421] team0: Port device team_slave_0 added [ 146.432370][ T8421] team0: Port device team_slave_1 added [ 146.460159][ T8419] team0: Port device team_slave_0 added [ 146.474862][ T8419] team0: Port device team_slave_1 added [ 146.571637][ T8421] device hsr_slave_0 entered promiscuous mode [ 146.656573][ T8421] device hsr_slave_1 entered promiscuous mode [ 146.819200][ T8419] device hsr_slave_0 entered promiscuous mode [ 146.906435][ T8419] device hsr_slave_1 entered promiscuous mode [ 146.957420][ T8419] debugfs: Directory 'hsr0' with parent '/' already present! [ 147.096848][ T8423] chnl_net:caif_netlink_parms(): no params data found [ 147.111135][ T8421] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 147.172294][ T8421] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 147.227841][ T8421] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 147.300677][ T8421] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 147.383242][ T8427] chnl_net:caif_netlink_parms(): no params data found [ 147.431971][ T8419] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 147.499130][ T8419] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 147.579368][ T8419] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 147.648487][ T8419] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 147.728773][ T8423] bridge0: port 1(bridge_slave_0) entered blocking state [ 147.741039][ T8423] bridge0: port 1(bridge_slave_0) entered disabled state [ 147.754441][ T8423] device bridge_slave_0 entered promiscuous mode [ 147.791181][ T8423] bridge0: port 2(bridge_slave_1) entered blocking state [ 147.804193][ T8423] bridge0: port 2(bridge_slave_1) entered disabled state [ 147.816119][ T8423] device bridge_slave_1 entered promiscuous mode [ 147.830780][ T8427] bridge0: port 1(bridge_slave_0) entered blocking state [ 147.849423][ T8427] bridge0: port 1(bridge_slave_0) entered disabled state [ 147.873046][ T8427] device bridge_slave_0 entered promiscuous mode [ 147.898362][ T8427] bridge0: port 2(bridge_slave_1) entered blocking state [ 147.909598][ T8427] bridge0: port 2(bridge_slave_1) entered disabled state [ 147.920786][ T8427] device bridge_slave_1 entered promiscuous mode [ 147.952801][ T8423] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 147.970941][ T8423] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 147.994449][ T8427] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 148.021908][ T8427] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 148.061412][ T8423] team0: Port device team_slave_0 added [ 148.071562][ T8423] team0: Port device team_slave_1 added [ 148.088687][ T8427] team0: Port device team_slave_0 added [ 148.101296][ T8427] team0: Port device team_slave_1 added [ 148.198370][ T8427] device hsr_slave_0 entered promiscuous mode [ 148.259193][ T8427] device hsr_slave_1 entered promiscuous mode [ 148.306264][ T8427] debugfs: Directory 'hsr0' with parent '/' already present! [ 148.368527][ T8423] device hsr_slave_0 entered promiscuous mode [ 148.437778][ T8423] device hsr_slave_1 entered promiscuous mode [ 148.496242][ T8423] debugfs: Directory 'hsr0' with parent '/' already present! [ 148.541960][ T8427] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 148.639553][ T8427] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 148.700323][ T8427] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 148.779651][ T8427] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 148.875845][ T8421] 8021q: adding VLAN 0 to HW filter on device bond0 [ 148.902387][ T8423] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 148.999338][ T8423] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 149.069213][ T8423] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 149.171168][ T8423] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 149.258852][ T8421] 8021q: adding VLAN 0 to HW filter on device team0 [ 149.277671][ T3356] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 149.294631][ T3356] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 149.341124][ T8419] 8021q: adding VLAN 0 to HW filter on device bond0 [ 149.385770][ T3384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 149.423107][ T3384] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 149.445073][ T3384] bridge0: port 1(bridge_slave_0) entered blocking state [ 149.457913][ T3384] bridge0: port 1(bridge_slave_0) entered forwarding state [ 149.497895][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 149.516687][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 149.534699][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 149.567343][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 149.584489][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 149.601863][ T23] bridge0: port 2(bridge_slave_1) entered blocking state [ 149.615824][ T23] bridge0: port 2(bridge_slave_1) entered forwarding state [ 149.637398][ T8419] 8021q: adding VLAN 0 to HW filter on device team0 [ 149.653792][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 149.670112][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 149.691927][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 149.713621][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 149.738547][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 149.768466][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 149.784327][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 149.800475][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 149.811009][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 149.822595][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 149.838587][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 149.851313][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 149.864507][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 149.877688][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 149.891724][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 149.913931][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 149.941032][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 149.961520][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 149.991892][ T3356] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 150.022413][ T8423] 8021q: adding VLAN 0 to HW filter on device bond0 [ 150.041229][ T3384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 150.062381][ T3384] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 150.080849][ T3384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 150.099109][ T8421] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 150.120544][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 150.133485][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 150.147325][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 150.167565][ T1218] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 150.179645][ T1218] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 150.192769][ T1218] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 150.202186][ T1218] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 150.217216][ T8419] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 150.237230][ T8419] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 150.260859][ T8427] 8021q: adding VLAN 0 to HW filter on device bond0 [ 150.272539][ T8423] 8021q: adding VLAN 0 to HW filter on device team0 [ 150.288956][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 150.299675][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 150.311703][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 150.322822][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 150.333958][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 150.345386][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 150.355507][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 150.374812][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 150.391241][ T28] bridge0: port 1(bridge_slave_0) entered blocking state [ 150.401776][ T28] bridge0: port 1(bridge_slave_0) entered forwarding state [ 150.416657][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 150.427350][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 150.440648][ T8421] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 150.461717][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 150.473735][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 150.484521][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 150.493489][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 150.504414][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 150.513973][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 150.530871][ T8427] 8021q: adding VLAN 0 to HW filter on device team0 [ 150.552379][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 150.572945][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 150.594582][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 150.605586][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 150.616521][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 150.628626][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 150.640559][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 150.653069][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 150.663915][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 150.680144][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 150.690839][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 150.700844][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 150.713808][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 150.741170][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 150.764419][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 150.788078][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 150.814232][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 150.854637][ T8419] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 150.874572][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 150.889611][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 150.904753][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 150.924823][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 150.948426][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 150.966835][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 150.979385][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 150.991571][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 151.007067][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 151.021843][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 151.034425][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 151.046595][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 151.064896][ T8427] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 151.082377][ T8427] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 151.102401][ T8423] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 151.114848][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready 07:41:18 executing program 1: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000200)={0x80033d, 0x20000000209, 0x0, 0xffffffffffffffff}) perf_event_open(&(0x7f00000003c0)={0x2, 0x70, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) dup2(r0, r1) [ 151.125431][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 151.140033][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 151.152153][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 151.170006][ T8427] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 151.182683][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 151.197101][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 151.209200][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 151.210782][ T3854] BUG: unable to handle page fault for address: fffff52005180000 [ 151.228415][ T3854] #PF: supervisor read access in kernel mode [ 151.229156][ T8423] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 151.238592][ T3854] #PF: error_code(0x0000) - not-present page [ 151.238592][ T3854] PGD 7ffcd067 P4D 7ffcd067 PUD 2cd1c067 PMD 2330d067 PTE 0 [ 151.238592][ T3854] Oops: 0000 [#1] PREEMPT SMP KASAN [ 151.238592][ T3854] CPU: 2 PID: 3854 Comm: ion_system_heap Not tainted 5.5.0-rc2-syzkaller #0 [ 151.238592][ T3854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 151.238592][ T3854] RIP: 0010:check_memory_region+0x9c/0x1a0 [ 151.251685][ T8423] kobject: 'vlan0' (00000000003e0cd2): kobject_add_internal: parent: 'mesh', set: '' [ 151.256029][ T3854] Code: c9 4d 0f 49 c1 49 c1 f8 03 45 85 c0 0f 84 10 01 00 00 41 83 e8 01 4e 8d 44 c0 08 eb 0d 48 83 c0 08 4c 39 c0 0f 84 a7 00 00 00 <48> 83 38 00 74 ed 4c 8d 40 08 eb 09 48 83 c0 01 49 39 c0 74 53 80 [ 151.256029][ T3854] RSP: 0018:ffffc90004dc7ab8 EFLAGS: 00010216 [ 151.256029][ T3854] RAX: fffff52005180000 RBX: fffff52005184000 RCX: ffffffff85ded8c9 [ 151.256029][ T3854] RDX: 0000000000000001 RSI: 0000000000020000 RDI: ffffc90028c00000 [ 151.256029][ T3854] RBP: ffffc90004dc7ad0 R08: fffff52005184000 R09: 0000000000004000 [ 151.256029][ T3854] R10: fffff52005183fff R11: ffffc90028c1ffff R12: fffff52005180000 [ 151.256029][ T3854] R13: 0000000000020000 R14: 0000000000000000 R15: ffffc90004dc7d08 [ 151.256029][ T3854] FS: 0000000000000000(0000) GS:ffff88802d200000(0000) knlGS:0000000000000000 [ 151.256029][ T3854] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.256029][ T3854] CR2: fffff52005180000 CR3: 0000000029ebf000 CR4: 0000000000340ee0 [ 151.256029][ T3854] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 151.496818][ T3854] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 151.527182][ T3854] Call Trace: [ 151.527182][ T3854] memset+0x24/0x40 [ 151.536083][ T3854] ion_heap_clear_pages+0x49/0x70 [ 151.547179][ T3854] ion_heap_sglist_zero+0x210/0x270 [ 151.556299][ T3854] ? ion_heap_deferred_free+0x630/0x630 [ 151.576902][ T3854] ? _raw_spin_unlock_irq+0x59/0x80 [ 151.587239][ T3854] ? pgprot_writecombine+0x5e/0xf0 [ 151.607485][ T3854] ? pagerange_is_ram_callback+0x130/0x130 [ 151.624082][ T3854] ? preempt_schedule_irq+0xf3/0x160 [ 151.629912][ T3854] ion_heap_buffer_zero+0xf5/0x150 [ 151.636073][ T3854] ion_system_heap_free+0x1eb/0x250 [ 151.647164][ T3854] ? ion_buffer_destroy+0x52/0x2d0 [ 151.647164][ T3854] ion_buffer_destroy+0x159/0x2d0 [ 151.663473][ T3854] ion_heap_deferred_free+0x29d/0x630 [ 151.666224][ T3854] ? ion_heap_shrink_scan+0x1d0/0x1d0 [ 151.676214][ T3854] ? trace_hardirqs_on+0x67/0x240 [ 151.687014][ T3854] ? finish_wait+0x260/0x260 [ 151.696195][ T3854] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 151.707141][ T3854] ? __kthread_parkme+0x108/0x1c0 [ 151.716699][ T3854] ? __kasan_check_read+0x11/0x20 [ 151.727206][ T3854] kthread+0x361/0x430 [ 151.736149][ T3854] ? ion_heap_shrink_scan+0x1d0/0x1d0 [ 151.736149][ T3854] ? kthread_mod_delayed_work+0x1f0/0x1f0 [ 151.746994][ T3854] ret_from_fork+0x24/0x30 [ 151.756183][ T3854] Modules linked in: [ 151.756183][ T3854] CR2: fffff52005180000 [ 151.768164][ T3854] ---[ end trace 15b183df79e4a5d4 ]--- [ 151.776264][ T3854] RIP: 0010:check_memory_region+0x9c/0x1a0 [ 151.787118][ T3854] Code: c9 4d 0f 49 c1 49 c1 f8 03 45 85 c0 0f 84 10 01 00 00 41 83 e8 01 4e 8d 44 c0 08 eb 0d 48 83 c0 08 4c 39 c0 0f 84 a7 00 00 00 <48> 83 38 00 74 ed 4c 8d 40 08 eb 09 48 83 c0 01 49 39 c0 74 53 80 [ 151.816177][ T3854] RSP: 0018:ffffc90004dc7ab8 EFLAGS: 00010216 [ 151.833877][ T3854] RAX: fffff52005180000 RBX: fffff52005184000 RCX: ffffffff85ded8c9 [ 151.844390][ T3854] RDX: 0000000000000001 RSI: 0000000000020000 RDI: ffffc90028c00000 [ 151.856101][ T3854] RBP: ffffc90004dc7ad0 R08: fffff52005184000 R09: 0000000000004000 [ 151.876166][ T3854] R10: fffff52005183fff R11: ffffc90028c1ffff R12: fffff52005180000 [ 151.887086][ T3854] R13: 0000000000020000 R14: 0000000000000000 R15: ffffc90004dc7d08 [ 151.907040][ T3854] FS: 0000000000000000(0000) GS:ffff88802d200000(0000) knlGS:0000000000000000 [ 151.926213][ T3854] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.946333][ T3854] CR2: fffff52005180000 CR3: 0000000029ebf000 CR4: 0000000000340ee0 [ 151.966276][ T3854] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 152.006191][ T3854] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 152.036272][ T3854] Kernel panic - not syncing: Fatal exception [ 152.046522][ T3854] Kernel Offset: disabled [ 152.046522][ T3854] Rebooting in 86400 seconds..