[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.165' (ECDSA) to the list of known hosts. 2020/04/24 21:58:14 fuzzer started 2020/04/24 21:58:16 dialing manager at 10.128.0.26:33425 2020/04/24 21:58:16 syscalls: 3000 2020/04/24 21:58:16 code coverage: enabled 2020/04/24 21:58:16 comparison tracing: enabled 2020/04/24 21:58:16 extra coverage: enabled 2020/04/24 21:58:16 setuid sandbox: enabled 2020/04/24 21:58:16 namespace sandbox: enabled 2020/04/24 21:58:16 Android sandbox: /sys/fs/selinux/policy does not exist 2020/04/24 21:58:16 fault injection: enabled 2020/04/24 21:58:16 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/04/24 21:58:16 net packet injection: enabled 2020/04/24 21:58:16 net device setup: enabled 2020/04/24 21:58:16 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/04/24 21:58:16 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/04/24 21:58:16 USB emulation: /dev/raw-gadget does not exist 22:00:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x14}, 0x14}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fd2000/0x18000)=nil, 0x0, 0x0, 0x0, &(0x7f0000000300)=[@cr4, @efer], 0x2) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f00000000c0)) ioctl$KVM_RUN(r2, 0xae80, 0x0) syzkaller login: [ 208.381842][ T7097] IPVS: ftp: loaded support on port[0] = 21 22:00:38 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_CPUID2(r2, 0xc008ae91, &(0x7f0000000080)) [ 208.556022][ T7097] chnl_net:caif_netlink_parms(): no params data found [ 208.638967][ T7204] IPVS: ftp: loaded support on port[0] = 21 [ 208.701782][ T7097] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.720488][ T7097] bridge0: port 1(bridge_slave_0) entered disabled state [ 208.732338][ T7097] device bridge_slave_0 entered promiscuous mode [ 208.744323][ T7097] bridge0: port 2(bridge_slave_1) entered blocking state [ 208.770132][ T7097] bridge0: port 2(bridge_slave_1) entered disabled state [ 208.778218][ T7097] device bridge_slave_1 entered promiscuous mode 22:00:39 executing program 2: syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000140)=[{&(0x7f0000000000)="eb28106d6b66732e66617400020401000200027c00f8", 0x16}], 0x0, 0x0) openat$qat_adf_ctl(0xffffff9c, 0x0, 0x0, 0x0) sendmsg$AUDIT_LIST_RULES(0xffffffffffffffff, 0x0, 0x0) r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r1, 0x1000) lseek(r1, 0x1b, 0x2) r2 = open(&(0x7f0000000240)='./bus\x00', 0x105010, 0x0) sendfile(r1, r2, 0x0, 0x8000fffffffe) [ 208.835646][ T7097] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 208.852182][ T7097] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 208.918639][ T7097] team0: Port device team_slave_0 added [ 208.964285][ T7097] team0: Port device team_slave_1 added [ 209.027632][ T7204] chnl_net:caif_netlink_parms(): no params data found [ 209.040065][ T7097] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 209.048173][ T7097] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 209.075384][ T7097] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 209.104720][ T7097] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 209.112303][ T7097] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 209.140226][ T7097] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active 22:00:39 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fd2000/0x18000)=nil, 0x0, 0x0, 0x0, &(0x7f0000000300)=[@cr4, @efer], 0x2) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f00000000c0)) [ 209.253810][ T7097] device hsr_slave_0 entered promiscuous mode [ 209.310320][ T7097] device hsr_slave_1 entered promiscuous mode [ 209.485124][ T7382] IPVS: ftp: loaded support on port[0] = 21 22:00:39 executing program 4: socketpair$tipc(0x1e, 0x801, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) pipe(&(0x7f0000000200)={0xffffffffffffffff}) r2 = dup3(r0, r1, 0x0) recvfrom$phonet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) [ 209.532001][ T7375] IPVS: ftp: loaded support on port[0] = 21 [ 209.542008][ T7204] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.549155][ T7204] bridge0: port 1(bridge_slave_0) entered disabled state [ 209.561104][ T7204] device bridge_slave_0 entered promiscuous mode [ 209.614701][ T7204] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.623380][ T7204] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.636943][ T7204] device bridge_slave_1 entered promiscuous mode [ 209.718953][ T7204] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 209.762887][ T7204] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 209.864658][ T7204] team0: Port device team_slave_0 added [ 209.925348][ T7204] team0: Port device team_slave_1 added [ 209.954438][ T7475] IPVS: ftp: loaded support on port[0] = 21 [ 210.057825][ T7382] chnl_net:caif_netlink_parms(): no params data found [ 210.082343][ T7204] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 210.089323][ T7204] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 210.120276][ T7204] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 210.136854][ T7204] batman_adv: batadv0: Adding interface: batadv_slave_1 22:00:40 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae89, &(0x7f0000000180)=ANY=[@ANYBLOB="0100000000000000004d564b0011400279"]) dup2(0xffffffffffffffff, 0xffffffffffffffff) [ 210.145695][ T7204] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 210.173736][ T7204] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 210.337671][ T7097] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 210.412658][ T7204] device hsr_slave_0 entered promiscuous mode [ 210.460790][ T7204] device hsr_slave_1 entered promiscuous mode [ 210.510101][ T7204] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 210.517954][ T7204] Cannot create hsr debugfs directory [ 210.549182][ T7097] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 210.608977][ T7097] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 210.676234][ T7677] IPVS: ftp: loaded support on port[0] = 21 [ 210.695337][ T7375] chnl_net:caif_netlink_parms(): no params data found [ 210.705815][ T7097] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 210.824698][ T7382] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.832194][ T7382] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.840097][ T7382] device bridge_slave_0 entered promiscuous mode [ 210.880149][ T7382] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.887320][ T7382] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.896950][ T7382] device bridge_slave_1 entered promiscuous mode [ 210.927207][ T7382] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 210.972071][ T7382] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 211.003591][ T7375] bridge0: port 1(bridge_slave_0) entered blocking state [ 211.012531][ T7375] bridge0: port 1(bridge_slave_0) entered disabled state [ 211.024008][ T7375] device bridge_slave_0 entered promiscuous mode [ 211.053213][ T7375] bridge0: port 2(bridge_slave_1) entered blocking state [ 211.060976][ T7375] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.068971][ T7375] device bridge_slave_1 entered promiscuous mode [ 211.094704][ T7382] team0: Port device team_slave_0 added [ 211.139018][ T7375] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 211.161927][ T7382] team0: Port device team_slave_1 added [ 211.173402][ T7375] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 211.278465][ T7382] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 211.286055][ T7382] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.313747][ T7382] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 211.332497][ T7382] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 211.339466][ T7382] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.366247][ T7382] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 211.386373][ T7375] team0: Port device team_slave_0 added [ 211.444785][ T7375] team0: Port device team_slave_1 added [ 211.467200][ T7204] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 211.504375][ T7677] chnl_net:caif_netlink_parms(): no params data found [ 211.524055][ T7475] chnl_net:caif_netlink_parms(): no params data found [ 211.544740][ T7204] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 211.592241][ T7204] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 211.635858][ T7204] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 211.764077][ T7382] device hsr_slave_0 entered promiscuous mode [ 211.810470][ T7382] device hsr_slave_1 entered promiscuous mode [ 211.870064][ T7382] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 211.877741][ T7382] Cannot create hsr debugfs directory [ 211.885198][ T7375] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 211.892261][ T7375] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.918972][ T7375] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 211.932261][ T7375] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 211.939220][ T7375] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.965493][ T7375] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 212.143034][ T7375] device hsr_slave_0 entered promiscuous mode [ 212.200260][ T7375] device hsr_slave_1 entered promiscuous mode [ 212.240987][ T7375] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 212.248609][ T7375] Cannot create hsr debugfs directory [ 212.255956][ T7677] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.264015][ T7677] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.272617][ T7677] device bridge_slave_0 entered promiscuous mode [ 212.284807][ T7475] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.292027][ T7475] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.302402][ T7475] device bridge_slave_0 entered promiscuous mode [ 212.311944][ T7475] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.319020][ T7475] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.328593][ T7475] device bridge_slave_1 entered promiscuous mode [ 212.358577][ T7677] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.366413][ T7677] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.378956][ T7677] device bridge_slave_1 entered promiscuous mode [ 212.403441][ T7475] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 212.438821][ T7677] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 212.450903][ T7475] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 212.494704][ T7677] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 212.527369][ T7475] team0: Port device team_slave_0 added [ 212.559581][ T7097] 8021q: adding VLAN 0 to HW filter on device bond0 [ 212.578439][ T7677] team0: Port device team_slave_0 added [ 212.589454][ T7475] team0: Port device team_slave_1 added [ 212.614255][ T7677] team0: Port device team_slave_1 added [ 212.677462][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 212.686407][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 212.698289][ T7097] 8021q: adding VLAN 0 to HW filter on device team0 [ 212.726085][ T7475] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 212.733536][ T7475] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 212.761132][ T7475] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 212.786254][ T7677] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 212.793478][ T7677] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 212.827673][ T7677] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 212.848726][ T7677] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 212.855729][ T7677] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 212.883720][ T7677] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 212.906607][ T7475] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 212.913936][ T7475] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 212.940893][ T7475] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 212.962699][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 212.972977][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 212.982775][ T3250] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.990586][ T3250] bridge0: port 1(bridge_slave_0) entered forwarding state [ 212.998750][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 213.009364][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 213.018138][ T3250] bridge0: port 2(bridge_slave_1) entered blocking state [ 213.025382][ T3250] bridge0: port 2(bridge_slave_1) entered forwarding state [ 213.033806][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 213.076531][ T3256] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 213.164205][ T7677] device hsr_slave_0 entered promiscuous mode [ 213.211123][ T7677] device hsr_slave_1 entered promiscuous mode [ 213.249976][ T7677] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 213.258079][ T7677] Cannot create hsr debugfs directory [ 213.265742][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 213.276096][ T7382] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 213.342884][ T7382] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 213.402299][ T7382] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 213.493022][ T7475] device hsr_slave_0 entered promiscuous mode [ 213.560405][ T7475] device hsr_slave_1 entered promiscuous mode [ 213.600176][ T7475] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 213.607783][ T7475] Cannot create hsr debugfs directory [ 213.641936][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 213.651499][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 213.668902][ T7382] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 213.707310][ T7204] 8021q: adding VLAN 0 to HW filter on device bond0 [ 213.742103][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 213.755690][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 213.765626][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 213.856011][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 213.868651][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 213.878803][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 213.890923][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 213.911966][ T7375] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 213.968120][ T7097] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 213.996753][ T7375] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 214.036182][ T7204] 8021q: adding VLAN 0 to HW filter on device team0 [ 214.062636][ T7375] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 214.103573][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 214.112057][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 214.146578][ T7375] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 214.209212][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 214.219091][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 214.227767][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.234914][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 214.243703][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 214.252698][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 214.261897][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.269048][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 214.277031][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 214.306790][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 214.314417][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 214.343709][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 214.380351][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 214.415321][ T7097] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 214.430708][ T7677] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 214.483355][ T7677] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 214.542419][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 214.551578][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 214.560999][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 214.570467][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 214.604893][ T7677] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 214.666958][ T7677] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 214.727905][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 214.736314][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 214.746176][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 214.800218][ T3256] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 214.809059][ T3256] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 214.819294][ T3256] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 214.828506][ T3256] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 214.844339][ T7475] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 214.893442][ T7475] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 214.954977][ T7475] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 215.012153][ T7475] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 215.105771][ T7204] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 215.127933][ T7097] device veth0_vlan entered promiscuous mode [ 215.143901][ T7382] 8021q: adding VLAN 0 to HW filter on device bond0 [ 215.155684][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 215.164974][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 215.186430][ T7097] device veth1_vlan entered promiscuous mode [ 215.218599][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 215.230897][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 215.238511][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 215.251113][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 215.271603][ T7204] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 215.294888][ T7382] 8021q: adding VLAN 0 to HW filter on device team0 [ 215.313617][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 215.321856][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 215.370321][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 215.379095][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 215.389372][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 215.398609][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 215.407447][ T2980] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.414621][ T2980] bridge0: port 1(bridge_slave_0) entered forwarding state [ 215.422620][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 215.431431][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 215.439935][ T2980] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.447055][ T2980] bridge0: port 2(bridge_slave_1) entered forwarding state [ 215.456548][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 215.472940][ T7097] device veth0_macvtap entered promiscuous mode [ 215.486417][ T7097] device veth1_macvtap entered promiscuous mode [ 215.509810][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 215.518201][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 215.532965][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 215.544756][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 215.574148][ T7375] 8021q: adding VLAN 0 to HW filter on device bond0 [ 215.603899][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 215.614033][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 215.625765][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 215.637269][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 215.648570][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 215.668204][ T7475] 8021q: adding VLAN 0 to HW filter on device bond0 [ 215.698954][ T7097] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 215.706966][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 215.719317][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 215.728399][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 215.737473][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 215.775067][ T7097] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 215.796093][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 215.806387][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 215.815574][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 215.824741][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 215.833925][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 215.843114][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 215.853940][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 215.862508][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 215.877111][ T7475] 8021q: adding VLAN 0 to HW filter on device team0 [ 215.901025][ T7204] device veth0_vlan entered promiscuous mode [ 215.916519][ T7677] 8021q: adding VLAN 0 to HW filter on device bond0 [ 215.934435][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 215.942626][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 215.955291][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 215.963995][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 215.972628][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 215.981677][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 215.990531][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 215.999143][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 216.008722][ T2980] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.015882][ T2980] bridge0: port 1(bridge_slave_0) entered forwarding state [ 216.023967][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 216.032937][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 216.042614][ T2980] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.049677][ T2980] bridge0: port 2(bridge_slave_1) entered forwarding state [ 216.059155][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 216.071332][ T7382] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 216.095072][ T7375] 8021q: adding VLAN 0 to HW filter on device team0 [ 216.110771][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 216.120516][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 216.208257][ T7204] device veth1_vlan entered promiscuous mode [ 216.231047][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 216.239120][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 216.248416][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 216.261773][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 216.271388][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 216.280770][ T2980] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.287818][ T2980] bridge0: port 1(bridge_slave_0) entered forwarding state [ 216.296390][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 216.306735][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 216.316393][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 216.325062][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 216.388990][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 216.398373][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 216.408933][ T3250] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.416132][ T3250] bridge0: port 2(bridge_slave_1) entered forwarding state [ 216.447121][ T7677] 8021q: adding VLAN 0 to HW filter on device team0 [ 216.511803][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 216.526139][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 216.548516][ T8351] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 216.556546][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready 22:00:46 executing program 0: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x69, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000080)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f0000000200)={'syz', 0x3}, 0x0, 0x0, r0) keyctl$link(0x8, r1, 0xffffffffffffffff) [ 216.605958][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 216.666333][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 216.686366][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 216.706614][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 216.718048][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 216.736114][ T23] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.743332][ T23] bridge0: port 1(bridge_slave_0) entered forwarding state [ 216.781725][ T3256] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 216.844416][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 216.855694][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 216.864801][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 216.874922][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 216.884102][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 216.898831][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 216.907935][ T2980] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.915140][ T2980] bridge0: port 2(bridge_slave_1) entered forwarding state [ 216.937828][ T7475] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 216.951301][ T7475] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 216.995049][ T7204] device veth0_macvtap entered promiscuous mode [ 217.010280][ T2714] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 217.018429][ T2714] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 217.031446][ T2714] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready 22:00:47 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000040)={0x0, 0x7ff}, 0x14) [ 217.042312][ T2714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 217.052560][ T2714] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 217.063575][ T2714] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 217.073284][ T2714] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 217.082859][ T2714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 217.092022][ T2714] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 217.104751][ T2714] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 217.114232][ T2714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 217.128548][ T7204] device veth1_macvtap entered promiscuous mode [ 217.157044][ T7375] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 217.171094][ T7375] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 217.194563][ T7382] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 217.218385][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 217.229059][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 217.249416][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 217.269220][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 217.335759][ T2714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 217.348430][ T2714] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 217.366698][ T2714] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 217.379453][ T2714] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 217.389192][ T2714] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 217.397346][ T2714] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 217.408853][ T7204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 217.430574][ T7204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 217.456816][ T7204] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 217.493665][ T7475] 8021q: adding VLAN 0 to HW filter on device batadv0 22:00:47 executing program 0: syz_emit_ethernet(0x64, &(0x7f0000000000)={@random="5302016b8d96", @local, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x56, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @empty}, {0x11, 0x0, 0x0, @loopback, "a956fd1dd404fda0083582b32030a690e6d9b8c4615a2771050a0eead394be35424d9d87962ec8082e12b1d76455a40b8fab850da29be9f1b005"}}}}}, 0x0) [ 217.525316][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 217.538900][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 217.552675][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 217.569111][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 217.578333][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 217.587414][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 217.596729][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 217.606494][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 217.615487][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready 22:00:47 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) socket$packet(0x11, 0x0, 0x300) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000100)={'syzkaller1\x00', 0xa732}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', {0x7, 0x0, @empty}}) write$tun(r1, &(0x7f0000000140)={@void, @void, @eth={@broadcast, @random="0767cdaf3a39", @val, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @local}}}}}}, 0x2a) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x10005, 0x0) [ 217.670099][ T7677] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 217.723598][ T7375] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 217.737939][ T7204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 217.750705][ T7204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 217.765454][ T7204] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 217.782389][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 217.791349][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 217.798879][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 217.811668][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 217.836769][ T7382] device veth0_vlan entered promiscuous mode [ 217.881846][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 217.895491][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 217.999953][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 218.010935][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 218.027147][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 218.035441][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 218.053086][ T7382] device veth1_vlan entered promiscuous mode [ 218.075897][ T7677] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 218.152909][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 218.162907][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 218.173005][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 218.182573][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 218.192117][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 218.279976][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 218.288222][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 218.297172][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 218.307506][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 218.316318][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 218.373194][ T7475] device veth0_vlan entered promiscuous mode [ 218.394962][ T7375] device veth0_vlan entered promiscuous mode [ 218.420274][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 218.433285][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 218.469028][ T7475] device veth1_vlan entered promiscuous mode 22:00:48 executing program 1: r0 = socket$inet6(0xa, 0x5, 0x0) shutdown(r0, 0x0) listen(r0, 0x100000000000012) sendmmsg$inet(r0, &(0x7f0000000380)=[{{&(0x7f0000000100)={0x2, 0x0, @local}, 0x10, &(0x7f0000002640)=[{&(0x7f0000000200)="a2", 0x1}], 0x1}}], 0x1, 0x0) [ 218.521251][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 218.550811][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 218.565814][ T7375] device veth1_vlan entered promiscuous mode 22:00:48 executing program 1: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) 22:00:49 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x5, 0x1, 0x800, 0x8, 0x0, 0x1}, 0x40) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001180)={r0, &(0x7f0000000040), &(0x7f00000021c0)=""/4096}, 0x18) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001080)={r0, &(0x7f0000000040), &(0x7f0000000080)=""/4096}, 0x20) 22:00:49 executing program 1: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(0xffffffffffffffff, &(0x7f0000000000)="fc0000001d000724ab09254ec100070007ab08001b", 0x15) r2 = socket$inet_udp(0x2, 0x2, 0x0) pipe(&(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r4, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r3, 0x0, r1, 0x0, 0xffffffffffff8001, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) r6 = socket$packet(0x11, 0x2, 0x300) r7 = fcntl$dupfd(r5, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) splice(r0, 0x0, r2, 0x0, 0x4ffdc, 0x0) [ 219.038131][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 219.053265][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 219.081817][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 219.098203][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 219.108287][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 219.189200][ T7382] device veth0_macvtap entered promiscuous mode [ 219.213633][ T8429] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.1'. [ 219.256700][ T7677] device veth0_vlan entered promiscuous mode [ 219.264030][ T3256] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 219.273709][ T3256] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 219.283101][ T3256] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 219.292440][ T3256] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 219.310012][ T7382] device veth1_macvtap entered promiscuous mode [ 219.326332][ T7475] device veth0_macvtap entered promiscuous mode [ 219.344568][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 219.364253][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 219.375203][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 219.400882][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 219.419805][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 219.436783][ T7375] device veth0_macvtap entered promiscuous mode [ 219.458253][ T7475] device veth1_macvtap entered promiscuous mode [ 219.486065][ T7677] device veth1_vlan entered promiscuous mode [ 219.500911][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 219.509227][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 219.519250][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 219.538571][ T7375] device veth1_macvtap entered promiscuous mode [ 219.551602][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 219.561673][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 219.610773][ T7475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 219.622191][ T7475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.634355][ T7475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 219.645411][ T7475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.657367][ T7475] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 219.671901][ T7475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 219.685344][ T7475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.696169][ T7475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 219.707191][ T7475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.719006][ T7475] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 219.727400][ T7382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 219.739823][ T7382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.749951][ T7382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 219.761705][ T7382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.772584][ T7382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 219.783542][ T7382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.795069][ T7382] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 219.803490][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 219.815150][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 219.826507][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 219.838609][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 219.854934][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 219.867790][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 219.882722][ T7375] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 219.909607][ T7375] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.919465][ T7375] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 219.939608][ T7375] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.959631][ T7375] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 219.971833][ T7375] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.982178][ T7375] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 219.992865][ T7375] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.006719][ T7375] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 220.034066][ T7382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 220.052775][ T7382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.065039][ T7382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 220.077138][ T7382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.089730][ T7382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 220.101371][ T7382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.113364][ T7382] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 220.131608][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 220.140498][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 220.149174][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 220.158094][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 220.167701][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 220.177370][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 220.203850][ T7677] device veth0_macvtap entered promiscuous mode [ 220.213386][ T7375] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 220.225101][ T7375] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.236443][ T7375] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 220.247406][ T7375] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.257366][ T7375] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 220.268129][ T7375] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.278115][ T7375] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 220.288645][ T7375] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.300672][ T7375] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 220.362873][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 220.371274][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 220.380102][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 220.409247][ T7677] device veth1_macvtap entered promiscuous mode [ 220.766994][ T7677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 220.788823][ T7677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.807915][ T7677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 220.818988][ T7677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.836924][ T7677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 220.861100][ T7677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.884584][ T7677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 220.907084][ T7677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.918051][ T7677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 220.935981][ T7677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.956302][ T7677] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 220.993000][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 221.026993][ T3250] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 221.083662][ T7677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 221.100873][ T7677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.149425][ T7677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 22:00:51 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000740)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)) 22:00:51 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) socket$packet(0x11, 0x0, 0x300) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000100)={'syzkaller1\x00', 0xa732}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', {0x7, 0x0, @empty}}) write$tun(r1, &(0x7f0000000140)={@void, @void, @eth={@broadcast, @random="0767cdaf3a39", @val, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @local}}}}}}, 0x2a) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x10005, 0x0) 22:00:51 executing program 1: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) unshare(0x8000400) socket$alg(0x26, 0x5, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='net/igmp6\x00') mq_open(&(0x7f0000000000)='-$\x00', 0x6e93ebbbcc0884ee, 0x0, 0x0) ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300)) openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ttyprintk\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0) [ 221.188037][ T27] audit: type=1804 audit(1587765651.339:2): pid=8451 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir012377128/syzkaller.Qv4FIW/0/file0/bus" dev="loop2" ino=22 res=1 [ 221.219398][ T7677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.229252][ T7677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 221.282488][ T27] audit: type=1800 audit(1587765651.339:3): pid=8451 uid=0 auid=0 ses=4 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=22 res=0 [ 221.309376][ T7677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.333858][ T7677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 221.349607][ T27] audit: type=1804 audit(1587765651.359:4): pid=8455 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir012377128/syzkaller.Qv4FIW/0/file0/bus" dev="loop2" ino=22 res=1 [ 221.359419][ T7677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.380180][ T27] audit: type=1800 audit(1587765651.359:5): pid=8455 uid=0 auid=0 ses=4 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=22 res=0 [ 221.426269][ T7677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 221.437312][ T7677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.463287][ T7677] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 221.492879][ C0] hrtimer: interrupt took 73159 ns [ 221.665714][ T3256] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 221.703453][ T3256] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 222.095660][ T8479] ================================================================== [ 222.104119][ T8479] BUG: KASAN: slab-out-of-bounds in kvm_read_guest_page+0x4b5/0x4d0 [ 222.112106][ T8479] Read of size 8 at addr ffff88809125b468 by task syz-executor.5/8479 [ 222.120252][ T8479] [ 222.122591][ T8479] CPU: 1 PID: 8479 Comm: syz-executor.5 Not tainted 5.7.0-rc1-next-20200415-syzkaller #0 [ 222.132389][ T8479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 222.142639][ T8479] Call Trace: [ 222.145952][ T8479] dump_stack+0x188/0x20d [ 222.150303][ T8479] print_address_description.constprop.0.cold+0xd3/0x315 [ 222.157341][ T8479] ? kvm_read_guest_page+0x4b5/0x4d0 [ 222.162644][ T8479] __kasan_report.cold+0x35/0x4d [ 222.167596][ T8479] ? kvm_read_guest_page+0x4b5/0x4d0 [ 222.172898][ T8479] ? kvm_read_guest_page+0x4b5/0x4d0 [ 222.178192][ T8479] kasan_report+0x33/0x50 [ 222.182536][ T8479] kvm_read_guest_page+0x4b5/0x4d0 [ 222.187669][ T8479] kvm_read_guest+0x51/0xd0 [ 222.192191][ T8479] kvm_set_msr_common+0xdf3/0x27c0 [ 222.197313][ T8479] ? get_kvmclock_ns+0x370/0x370 [ 222.202266][ T8479] vmx_set_msr+0xa83/0x26a0 [ 222.206770][ T8479] ? pt_update_intercept_for_msr+0x960/0x960 [ 222.212889][ T8479] ? lock_downgrade+0x840/0x840 [ 222.217775][ T8479] __kvm_set_msr+0x15f/0x2d0 [ 222.222377][ T8479] ? kvm_enable_efer_bits+0x20/0x20 [ 222.227575][ T8479] ? __might_fault+0x190/0x1d0 [ 222.232339][ T8479] ? _copy_from_user+0x13c/0x1a0 [ 222.237276][ T8479] ? do_get_msr+0x100/0x100 [ 222.241777][ T8479] msr_io+0x173/0x290 [ 222.245762][ T8479] ? emulator_write_std+0xb0/0xb0 [ 222.250794][ T8479] ? save_stack+0x32/0x40 [ 222.255126][ T8479] ? __kasan_slab_free+0xf7/0x140 [ 222.260155][ T8479] kvm_arch_vcpu_ioctl+0x1004/0x2c00 [ 222.265619][ T8479] ? kvm_arch_vcpu_ioctl+0xfb5/0x2c00 [ 222.271002][ T8479] ? kvm_arch_vcpu_put+0x530/0x530 [ 222.276114][ T8479] ? lock_acquire+0x1f2/0x8f0 [ 222.280808][ T8479] ? kvm_vcpu_ioctl+0x175/0xe60 [ 222.285667][ T8479] ? lock_release+0x800/0x800 [ 222.290343][ T8479] ? find_held_lock+0x2d/0x110 [ 222.295119][ T8479] ? __mutex_lock+0x458/0x13c0 [ 222.299883][ T8479] ? kfree+0x1eb/0x2b0 [ 222.303955][ T8479] ? kvm_vcpu_ioctl+0x175/0xe60 [ 222.308807][ T8479] ? mutex_trylock+0x2c0/0x2c0 [ 222.313570][ T8479] ? tomoyo_execute_permission+0x470/0x470 [ 222.319386][ T8479] ? __fget_files+0x30d/0x500 [ 222.324066][ T8479] kvm_vcpu_ioctl+0x866/0xe60 [ 222.328747][ T8479] ? kvm_get_dirty_log_protect.isra.0+0x670/0x670 [ 222.335162][ T8479] ? ioctl_file_clone+0x180/0x180 [ 222.340189][ T8479] ? __fget_files+0x32f/0x500 [ 222.344892][ T8479] ? do_dup2+0x520/0x520 [ 222.349125][ T8479] ? __x64_sys_futex+0x380/0x4f0 [ 222.354045][ T8479] ? kvm_get_dirty_log_protect.isra.0+0x670/0x670 [ 222.360468][ T8479] ksys_ioctl+0x11a/0x180 [ 222.365251][ T8479] __x64_sys_ioctl+0x6f/0xb0 [ 222.369818][ T8479] ? lockdep_hardirqs_on+0x463/0x620 [ 222.375080][ T8479] do_syscall_64+0xf6/0x7d0 [ 222.379562][ T8479] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 222.385428][ T8479] RIP: 0033:0x45c829 [ 222.389301][ T8479] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 222.408999][ T8479] RSP: 002b:00007f8902421c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 222.417387][ T8479] RAX: ffffffffffffffda RBX: 00000000004e7c80 RCX: 000000000045c829 [ 222.425356][ T8479] RDX: 0000000020000180 RSI: 000000004008ae89 RDI: 0000000000000005 [ 222.433315][ T8479] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 222.441273][ T8479] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 222.449228][ T8479] R13: 00000000000003c7 R14: 00000000004c653e R15: 00007f89024226d4 [ 222.457277][ T8479] [ 222.459584][ T8479] Allocated by task 8479: [ 222.463903][ T8479] save_stack+0x1b/0x40 [ 222.468043][ T8479] __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 222.474269][ T8479] kvmalloc_node+0x61/0xf0 [ 222.478672][ T8479] kvm_set_memslot+0x115/0x1530 [ 222.483505][ T8479] __kvm_set_memory_region+0xcf7/0x1320 [ 222.489052][ T8479] __x86_set_memory_region+0x2a3/0x5a0 [ 222.494486][ T8479] vmx_create_vcpu+0x2107/0x2b40 [ 222.499400][ T8479] kvm_arch_vcpu_create+0x6ef/0xb80 [ 222.504574][ T8479] kvm_vm_ioctl+0x1614/0x2400 [ 222.509241][ T8479] ksys_ioctl+0x11a/0x180 [ 222.513547][ T8479] __x64_sys_ioctl+0x6f/0xb0 [ 222.518129][ T8479] do_syscall_64+0xf6/0x7d0 [ 222.522620][ T8479] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 222.528533][ T8479] [ 222.530857][ T8479] Freed by task 7097: [ 222.534818][ T8479] save_stack+0x1b/0x40 [ 222.538949][ T8479] __kasan_slab_free+0xf7/0x140 [ 222.543780][ T8479] kfree+0x109/0x2b0 [ 222.547650][ T8479] skb_free_head+0x8b/0xa0 [ 222.552043][ T8479] skb_release_data+0x617/0x8a0 [ 222.556866][ T8479] skb_release_all+0x46/0x60 [ 222.561446][ T8479] consume_skb+0xf3/0x400 [ 222.565765][ T8479] netlink_broadcast_filtered+0x34f/0xd40 [ 222.571457][ T8479] nlmsg_notify+0x90/0x250 [ 222.575864][ T8479] rtmsg_ifinfo_event.part.0+0xb6/0xe0 [ 222.581300][ T8479] rtnetlink_event+0x11e/0x150 [ 222.586040][ T8479] notifier_call_chain+0xc0/0x230 [ 222.591040][ T8479] call_netdevice_notifiers_info+0xb5/0x130 [ 222.596921][ T8479] dev_set_mac_address+0x2ef/0x3f0 [ 222.602027][ T8479] do_setlink+0x5d2/0x3680 [ 222.606432][ T8479] __rtnl_newlink+0xad5/0x1590 [ 222.611179][ T8479] rtnl_newlink+0x64/0xa0 [ 222.615486][ T8479] rtnetlink_rcv_msg+0x44e/0xad0 [ 222.620416][ T8479] netlink_rcv_skb+0x15a/0x410 [ 222.625154][ T8479] netlink_unicast+0x537/0x740 [ 222.629893][ T8479] netlink_sendmsg+0x882/0xe10 [ 222.634637][ T8479] sock_sendmsg+0xcf/0x120 [ 222.639040][ T8479] __sys_sendto+0x220/0x330 [ 222.643526][ T8479] __x64_sys_sendto+0xdd/0x1b0 [ 222.648284][ T8479] do_syscall_64+0xf6/0x7d0 [ 222.652765][ T8479] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 222.658638][ T8479] [ 222.660943][ T8479] The buggy address belongs to the object at ffff88809125b000 [ 222.660943][ T8479] which belongs to the cache kmalloc-2k of size 2048 [ 222.674987][ T8479] The buggy address is located 1128 bytes inside of [ 222.674987][ T8479] 2048-byte region [ffff88809125b000, ffff88809125b800) [ 222.688419][ T8479] The buggy address belongs to the page: [ 222.694030][ T8479] page:ffffea00024496c0 refcount:1 mapcount:0 mapping:000000004424c828 index:0x0 [ 222.703107][ T8479] flags: 0xfffe0000000200(slab) [ 222.707950][ T8479] raw: 00fffe0000000200 ffffea00025e6688 ffffea0002a3f3c8 ffff8880aa000e00 [ 222.716608][ T8479] raw: 0000000000000000 ffff88809125b000 0000000100000001 0000000000000000 [ 222.725177][ T8479] page dumped because: kasan: bad access detected [ 222.731579][ T8479] [ 222.733882][ T8479] Memory state around the buggy address: [ 222.739583][ T8479] ffff88809125b300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 222.747638][ T8479] ffff88809125b380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 222.755684][ T8479] >ffff88809125b400: 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc [ 222.763718][ T8479] ^ [ 222.771147][ T8479] ffff88809125b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 222.779309][ T8479] ffff88809125b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 222.787350][ T8479] ================================================================== [ 222.795396][ T8479] Disabling lock debugging due to kernel taint [ 222.842313][ T8479] Kernel panic - not syncing: panic_on_warn set ... [ 222.848940][ T8479] CPU: 0 PID: 8479 Comm: syz-executor.5 Tainted: G B 5.7.0-rc1-next-20200415-syzkaller #0 [ 222.860123][ T8479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 222.870166][ T8479] Call Trace: [ 222.873510][ T8479] dump_stack+0x188/0x20d [ 222.877818][ T8479] panic+0x2e3/0x75c [ 222.881694][ T8479] ? add_taint.cold+0x16/0x16 [ 222.886344][ T8479] ? preempt_schedule_common+0x5e/0xc0 [ 222.891777][ T8479] ? kvm_read_guest_page+0x4b5/0x4d0 [ 222.897122][ T8479] ? preempt_schedule_thunk+0x16/0x18 [ 222.902469][ T8479] ? trace_hardirqs_on+0x55/0x220 [ 222.907468][ T8479] ? kvm_read_guest_page+0x4b5/0x4d0 [ 222.912739][ T8479] end_report+0x4d/0x53 [ 222.916878][ T8479] __kasan_report.cold+0xd/0x4d [ 222.921717][ T8479] ? kvm_read_guest_page+0x4b5/0x4d0 [ 222.926978][ T8479] ? kvm_read_guest_page+0x4b5/0x4d0 [ 222.932248][ T8479] kasan_report+0x33/0x50 [ 222.936558][ T8479] kvm_read_guest_page+0x4b5/0x4d0 [ 222.941650][ T8479] kvm_read_guest+0x51/0xd0 [ 222.946138][ T8479] kvm_set_msr_common+0xdf3/0x27c0 [ 222.951234][ T8479] ? get_kvmclock_ns+0x370/0x370 [ 222.956144][ T8479] vmx_set_msr+0xa83/0x26a0 [ 222.960628][ T8479] ? pt_update_intercept_for_msr+0x960/0x960 [ 222.966585][ T8479] ? lock_downgrade+0x840/0x840 [ 222.971415][ T8479] __kvm_set_msr+0x15f/0x2d0 [ 222.975992][ T8479] ? kvm_enable_efer_bits+0x20/0x20 [ 222.981163][ T8479] ? __might_fault+0x190/0x1d0 [ 222.985899][ T8479] ? _copy_from_user+0x13c/0x1a0 [ 222.990821][ T8479] ? do_get_msr+0x100/0x100 [ 222.995303][ T8479] msr_io+0x173/0x290 [ 222.999279][ T8479] ? emulator_write_std+0xb0/0xb0 [ 223.004285][ T8479] ? save_stack+0x32/0x40 [ 223.008601][ T8479] ? __kasan_slab_free+0xf7/0x140 [ 223.013604][ T8479] kvm_arch_vcpu_ioctl+0x1004/0x2c00 [ 223.018862][ T8479] ? kvm_arch_vcpu_ioctl+0xfb5/0x2c00 [ 223.024210][ T8479] ? kvm_arch_vcpu_put+0x530/0x530 [ 223.029494][ T8479] ? lock_acquire+0x1f2/0x8f0 [ 223.034157][ T8479] ? kvm_vcpu_ioctl+0x175/0xe60 [ 223.039072][ T8479] ? lock_release+0x800/0x800 [ 223.043738][ T8479] ? find_held_lock+0x2d/0x110 [ 223.048480][ T8479] ? __mutex_lock+0x458/0x13c0 [ 223.053220][ T8479] ? kfree+0x1eb/0x2b0 [ 223.057274][ T8479] ? kvm_vcpu_ioctl+0x175/0xe60 [ 223.062116][ T8479] ? mutex_trylock+0x2c0/0x2c0 [ 223.066853][ T8479] ? tomoyo_execute_permission+0x470/0x470 [ 223.072646][ T8479] ? __fget_files+0x30d/0x500 [ 223.077309][ T8479] kvm_vcpu_ioctl+0x866/0xe60 [ 223.081962][ T8479] ? kvm_get_dirty_log_protect.isra.0+0x670/0x670 [ 223.088362][ T8479] ? ioctl_file_clone+0x180/0x180 [ 223.093372][ T8479] ? __fget_files+0x32f/0x500 [ 223.098464][ T8479] ? do_dup2+0x520/0x520 [ 223.102695][ T8479] ? __x64_sys_futex+0x380/0x4f0 [ 223.107609][ T8479] ? kvm_get_dirty_log_protect.isra.0+0x670/0x670 [ 223.113998][ T8479] ksys_ioctl+0x11a/0x180 [ 223.118301][ T8479] __x64_sys_ioctl+0x6f/0xb0 [ 223.122875][ T8479] ? lockdep_hardirqs_on+0x463/0x620 [ 223.128146][ T8479] do_syscall_64+0xf6/0x7d0 [ 223.132625][ T8479] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 223.138500][ T8479] RIP: 0033:0x45c829 [ 223.142370][ T8479] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 223.161950][ T8479] RSP: 002b:00007f8902421c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 223.170398][ T8479] RAX: ffffffffffffffda RBX: 00000000004e7c80 RCX: 000000000045c829 [ 223.178345][ T8479] RDX: 0000000020000180 RSI: 000000004008ae89 RDI: 0000000000000005 [ 223.186350][ T8479] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 223.194296][ T8479] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 223.202247][ T8479] R13: 00000000000003c7 R14: 00000000004c653e R15: 00007f89024226d4 [ 223.211603][ T8479] Kernel Offset: disabled [ 223.215939][ T8479] Rebooting in 86400 seconds..