Warning: Permanently added '[localhost]:18299' (ECDSA) to the list of known hosts. 2020/07/19 12:30:40 fuzzer started 2020/07/19 12:30:40 dialing manager at 10.0.2.10:40379 2020/07/19 12:30:40 syscalls: 3183 2020/07/19 12:30:40 code coverage: enabled 2020/07/19 12:30:40 comparison tracing: enabled 2020/07/19 12:30:40 extra coverage: enabled 2020/07/19 12:30:40 setuid sandbox: enabled 2020/07/19 12:30:40 namespace sandbox: enabled 2020/07/19 12:30:40 Android sandbox: /sys/fs/selinux/policy does not exist 2020/07/19 12:30:40 fault injection: enabled 2020/07/19 12:30:40 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/07/19 12:30:40 net packet injection: enabled 2020/07/19 12:30:40 net device setup: enabled 2020/07/19 12:30:40 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/07/19 12:30:40 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/07/19 12:30:40 USB emulation: enabled 12:31:16 executing program 0: 12:31:17 executing program 1: 12:31:17 executing program 2: syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@dev={[], 0xc}, @dev, @val, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) [ 172.781968][ T8451] IPVS: ftp: loaded support on port[0] = 21 [ 172.782081][ T8452] IPVS: ftp: loaded support on port[0] = 21 12:31:17 executing program 3: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) open$dir(&(0x7f0000000000)='./file0\x00', 0x2040, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) syz_open_procfs(0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@aname={'aname', 0x3d, 'version=9p2000.u'}}]}}) [ 172.972107][ T8454] IPVS: ftp: loaded support on port[0] = 21 [ 173.195333][ T8452] chnl_net:caif_netlink_parms(): no params data found [ 173.245874][ T8456] IPVS: ftp: loaded support on port[0] = 21 [ 173.338683][ T8454] chnl_net:caif_netlink_parms(): no params data found [ 173.359764][ T8451] chnl_net:caif_netlink_parms(): no params data found [ 173.455686][ T8452] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.470990][ T8452] bridge0: port 1(bridge_slave_0) entered disabled state [ 173.488146][ T8452] device bridge_slave_0 entered promiscuous mode [ 173.521944][ T8452] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.535352][ T8452] bridge0: port 2(bridge_slave_1) entered disabled state [ 173.549398][ T8452] device bridge_slave_1 entered promiscuous mode [ 173.608403][ T8451] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.623126][ T8451] bridge0: port 1(bridge_slave_0) entered disabled state [ 173.638534][ T8451] device bridge_slave_0 entered promiscuous mode [ 173.654077][ T8451] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.668622][ T8451] bridge0: port 2(bridge_slave_1) entered disabled state [ 173.683710][ T8451] device bridge_slave_1 entered promiscuous mode [ 173.706287][ T8452] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 173.725587][ T8452] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 173.781041][ T8452] team0: Port device team_slave_0 added [ 173.793178][ T8452] team0: Port device team_slave_1 added [ 173.818769][ T8451] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 173.845058][ T8451] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 173.862595][ T8454] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.876277][ T8454] bridge0: port 1(bridge_slave_0) entered disabled state [ 173.895923][ T8454] device bridge_slave_0 entered promiscuous mode [ 173.927974][ T8454] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.943430][ T8454] bridge0: port 2(bridge_slave_1) entered disabled state [ 173.958942][ T8454] device bridge_slave_1 entered promiscuous mode [ 173.995890][ T8451] team0: Port device team_slave_0 added [ 174.012620][ T8452] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 174.032792][ T8452] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 174.094364][ T8452] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 174.145302][ T8452] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 174.171406][ T8452] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 174.281713][ T8452] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 174.314151][ T8451] team0: Port device team_slave_1 added [ 174.339576][ T8454] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 174.406610][ T8454] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 174.437570][ T8451] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 174.454827][ T8451] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 174.516866][ T8451] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 174.580761][ T8454] team0: Port device team_slave_0 added [ 174.598878][ T8451] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 174.613741][ T8451] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 174.689928][ T8451] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 174.812087][ T8452] device hsr_slave_0 entered promiscuous mode [ 174.870027][ T8452] device hsr_slave_1 entered promiscuous mode [ 174.935407][ T8454] team0: Port device team_slave_1 added [ 174.965270][ T8456] chnl_net:caif_netlink_parms(): no params data found [ 174.996573][ T8454] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 175.009985][ T8454] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 175.060857][ T8454] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 175.089068][ T8454] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 175.105101][ T8454] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 175.148682][ T8454] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 175.281157][ T8451] device hsr_slave_0 entered promiscuous mode [ 175.328403][ T8451] device hsr_slave_1 entered promiscuous mode [ 175.408511][ T8451] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 175.429877][ T8451] Cannot create hsr debugfs directory [ 175.550565][ T8454] device hsr_slave_0 entered promiscuous mode [ 175.618726][ T8454] device hsr_slave_1 entered promiscuous mode [ 175.668217][ T8454] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 175.681084][ T8454] Cannot create hsr debugfs directory [ 175.754160][ T8456] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.769149][ T8456] bridge0: port 1(bridge_slave_0) entered disabled state [ 175.781524][ T8456] device bridge_slave_0 entered promiscuous mode [ 175.798957][ T8456] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.810568][ T8456] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.824480][ T8456] device bridge_slave_1 entered promiscuous mode [ 175.893449][ T8456] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 176.032465][ T8456] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 176.164658][ T8456] team0: Port device team_slave_0 added [ 176.204969][ T8456] team0: Port device team_slave_1 added [ 176.261769][ T8456] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 176.274598][ T8456] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 176.321839][ T8456] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 176.346121][ T8456] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 176.358484][ T8456] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 176.403060][ T8456] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 176.440621][ T8452] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 176.599151][ T8452] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 176.716053][ T8452] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 176.860671][ T8456] device hsr_slave_0 entered promiscuous mode [ 176.938660][ T8456] device hsr_slave_1 entered promiscuous mode [ 177.011332][ T8456] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 177.024709][ T8456] Cannot create hsr debugfs directory [ 177.038708][ T8452] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 177.195278][ T8454] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 177.282084][ T8454] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 177.345570][ T8454] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 177.441094][ T8454] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 177.546109][ T8451] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 177.636979][ T8451] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 177.693055][ T8451] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 177.792247][ T8451] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 177.886149][ T8456] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 177.971895][ T8456] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 178.052603][ T8456] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 178.126161][ T8456] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 178.269402][ T8452] 8021q: adding VLAN 0 to HW filter on device bond0 [ 178.382563][ T8467] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 178.396373][ T8467] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 178.411888][ T8452] 8021q: adding VLAN 0 to HW filter on device team0 [ 178.452222][ T8454] 8021q: adding VLAN 0 to HW filter on device bond0 [ 178.471540][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 178.487207][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 178.501379][ T3225] bridge0: port 1(bridge_slave_0) entered blocking state [ 178.513149][ T3225] bridge0: port 1(bridge_slave_0) entered forwarding state [ 178.535086][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 178.549516][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 178.563243][ T3225] bridge0: port 2(bridge_slave_1) entered blocking state [ 178.578454][ T3225] bridge0: port 2(bridge_slave_1) entered forwarding state [ 178.605900][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 178.620205][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 178.650529][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 178.663907][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 178.677079][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 178.702916][ T8458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 178.716806][ T8458] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 178.732722][ T8458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 178.747495][ T8458] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 178.767478][ T8454] 8021q: adding VLAN 0 to HW filter on device team0 [ 178.782451][ T8451] 8021q: adding VLAN 0 to HW filter on device bond0 [ 178.803463][ T8458] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 178.825732][ T8458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 178.841973][ T8458] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 178.864862][ T8467] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 178.879835][ T8467] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 178.896827][ T8467] bridge0: port 1(bridge_slave_0) entered blocking state [ 178.910588][ T8467] bridge0: port 1(bridge_slave_0) entered forwarding state [ 178.929850][ T8467] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 178.954799][ T8467] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 178.979947][ T8451] 8021q: adding VLAN 0 to HW filter on device team0 [ 178.997964][ T8478] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 179.012851][ T8478] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 179.032425][ T8478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 179.047575][ T8478] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 179.063999][ T8478] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 179.080001][ T8478] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.094913][ T8478] bridge0: port 2(bridge_slave_1) entered forwarding state [ 179.111692][ T8478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 179.129398][ T8452] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 179.156656][ T8458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 179.172665][ T8458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 179.190528][ T8458] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 179.208846][ T8458] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.222692][ T8458] bridge0: port 1(bridge_slave_0) entered forwarding state [ 179.236911][ T8458] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 179.270161][ T8456] 8021q: adding VLAN 0 to HW filter on device bond0 [ 179.297062][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 179.316088][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 179.338887][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.361338][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 179.386659][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 179.416396][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 179.444300][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 179.476105][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 179.497600][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 179.511969][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 179.535674][ T8452] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 179.556632][ T8456] 8021q: adding VLAN 0 to HW filter on device team0 [ 179.571703][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 179.583802][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 179.594564][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 179.606117][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 179.617104][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 179.628846][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 179.641665][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 179.661466][ T8454] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 179.683098][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 179.710630][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 179.728727][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 179.754190][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 179.771247][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 179.786114][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 179.800671][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 179.817077][ T3225] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.831676][ T3225] bridge0: port 1(bridge_slave_0) entered forwarding state [ 179.853054][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 179.897371][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 179.916251][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 179.932150][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 179.953117][ T3225] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.970575][ T3225] bridge0: port 2(bridge_slave_1) entered forwarding state [ 179.988868][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 180.006291][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 180.050225][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 180.069834][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 180.092573][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 180.113741][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 180.135381][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 180.156829][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 180.191372][ T8456] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 180.217248][ T8456] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 180.251036][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 180.269931][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 180.288236][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 180.304228][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 180.323104][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 180.338330][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 180.353201][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 180.369846][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 180.387602][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 180.402982][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 180.420817][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 180.436654][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 180.454926][ T8454] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 180.478454][ T8478] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 180.497105][ T8478] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 180.532944][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 180.548628][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 180.565303][ T8451] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 180.587491][ T8452] device veth0_vlan entered promiscuous mode [ 180.602580][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 180.617520][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 180.633034][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 180.646536][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 180.676219][ T8456] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 180.711138][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 180.727441][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 180.758350][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 180.771401][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 180.786571][ T8452] device veth1_vlan entered promiscuous mode [ 180.810552][ T8451] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 180.825642][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 180.842980][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 180.862354][ T8454] device veth0_vlan entered promiscuous mode [ 180.876571][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 180.890842][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 180.921616][ T8454] device veth1_vlan entered promiscuous mode [ 180.937087][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 180.961375][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 180.988521][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 181.024004][ T8456] device veth0_vlan entered promiscuous mode [ 181.052695][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 181.069382][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 181.096367][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 181.112965][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 181.136531][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 181.152014][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 181.169516][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 181.185094][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 181.210779][ T8452] device veth0_macvtap entered promiscuous mode [ 181.236831][ T8452] device veth1_macvtap entered promiscuous mode [ 181.254891][ T8456] device veth1_vlan entered promiscuous mode [ 181.290763][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 181.304996][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 181.323177][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 181.349966][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 181.367862][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 181.384034][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 181.404613][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 181.421392][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 181.441407][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 181.474279][ T8452] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 181.493068][ T8451] device veth0_vlan entered promiscuous mode [ 181.507848][ T8478] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 181.525926][ T8478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 181.544190][ T8452] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 181.565347][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 181.577842][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 181.591127][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 181.602890][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 181.622771][ T8454] device veth0_macvtap entered promiscuous mode [ 181.644928][ T8454] device veth1_macvtap entered promiscuous mode [ 181.670713][ T8451] device veth1_vlan entered promiscuous mode [ 181.695080][ T1221] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 181.708672][ T1221] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 181.722161][ T1221] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 181.740510][ T1221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 181.772758][ T1221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 181.910648][ T8456] device veth0_macvtap entered promiscuous mode [ 181.930785][ T1221] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 182.072271][ T8456] device veth1_macvtap entered promiscuous mode [ 182.180884][ T8454] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 182.206960][ T8454] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.240267][ T8454] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 182.267453][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 182.290374][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 182.319909][ T8454] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 182.342620][ T8454] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.362660][ T8454] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 182.409334][ T8456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 182.433152][ T8456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.451976][ T8456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 182.477839][ T8456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.509285][ T8456] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 182.526869][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 182.546822][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 182.564799][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 182.585275][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 182.602362][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 182.617318][ T3225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 182.636826][ T8452] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 182.676679][ T8451] device veth0_macvtap entered promiscuous mode [ 182.745397][ T8456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 182.790101][ T8456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.835894][ T8456] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 12:31:27 executing program 1: [ 182.896500][ T8456] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! 12:31:27 executing program 1: [ 182.933244][ T8456] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 182.960193][ T8451] device veth1_macvtap entered promiscuous mode 12:31:27 executing program 1: [ 182.999852][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready 12:31:27 executing program 1: [ 183.030195][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 183.048709][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 183.068899][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 183.197864][ T8451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 183.226652][ T8451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.246160][ T8451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 183.267390][ T8451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.287582][ T8451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 183.312166][ T8451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.336188][ T8451] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 183.421228][ T8480] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 183.439541][ T8480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 183.502152][ T8451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 183.522574][ T8451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.540208][ T8451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 183.563271][ T8451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.583216][ T8451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 183.603981][ T8451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.608963][ T0] NOHZ: local_softirq_pending 08 [ 183.624860][ T8451] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 183.791051][ T1221] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 183.806208][ T1221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 12:31:28 executing program 0: 12:31:28 executing program 1: 12:31:28 executing program 2: 12:31:29 executing program 1: 12:31:29 executing program 2: 12:31:29 executing program 0: 12:31:29 executing program 0: 12:31:29 executing program 2: 12:31:29 executing program 1: 12:31:29 executing program 0: 12:31:29 executing program 1: 12:31:29 executing program 3: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) open$dir(&(0x7f0000000000)='./file0\x00', 0x2040, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) syz_open_procfs(0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@aname={'aname', 0x3d, 'version=9p2000.u'}}]}}) 12:31:29 executing program 1: 12:31:29 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x320f) 12:31:29 executing program 0: 12:31:29 executing program 1: 12:31:29 executing program 0: 12:31:29 executing program 3: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) open$dir(&(0x7f0000000000)='./file0\x00', 0x2040, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) syz_open_procfs(0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@aname={'aname', 0x3d, 'version=9p2000.u'}}]}}) 12:31:29 executing program 1: 12:31:29 executing program 0: [ 185.510811][ T0] NOHZ: local_softirq_pending 08 12:31:30 executing program 0: 12:31:30 executing program 1: 12:31:30 executing program 3: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) open$dir(&(0x7f0000000000)='./file0\x00', 0x2040, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) syz_open_procfs(0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@aname={'aname', 0x3d, 'version=9p2000.u'}}]}}) 12:31:30 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x320f) 12:31:30 executing program 1: r0 = syz_open_dev$usbfs(&(0x7f0000000840)='/dev/bus/usb/00#/00#\x00', 0x40000000909, 0x1) ioctl$sock_ipv6_tunnel_SIOCADD6RD(r0, 0x80045505, 0x0) 12:31:30 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x320f) 12:31:30 executing program 3: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) open$dir(&(0x7f0000000000)='./file0\x00', 0x2040, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@aname={'aname', 0x3d, 'version=9p2000.u'}}]}}) 12:31:30 executing program 1: r0 = syz_open_dev$usbfs(&(0x7f0000000840)='/dev/bus/usb/00#/00#\x00', 0x40000000909, 0x1) ioctl$sock_ipv6_tunnel_SIOCADD6RD(r0, 0x80045505, 0x0) 12:31:30 executing program 3: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) open$dir(&(0x7f0000000000)='./file0\x00', 0x2040, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@aname={'aname', 0x3d, 'version=9p2000.u'}}]}}) [ 185.881617][ T8576] 9pnet: Insufficient options for proto=fd 12:31:30 executing program 3: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) open$dir(&(0x7f0000000000)='./file0\x00', 0x2040, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@aname={'aname', 0x3d, 'version=9p2000.u'}}]}}) 12:31:30 executing program 1: sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="380100001a000108cf4dac26306b6835397c1e7fac00008000000000007485ac5fb0e3daef21b27aa924bab3619673862f5de0c1326313960000000000000000", @ANYRES32, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000006c000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000001ffffff0000000000000000000000000000000800000000000000000000000000000000f5ffffffffffffff0000050500000000000000000007715e1b3d0f6d2d4b00000000000000000000000000000000000000000800020001001a00000000000000480003006465666c617465"], 0x138}}, 0x0) [ 185.960772][ T8583] 9pnet: Insufficient options for proto=fd 12:31:31 executing program 2: r0 = syz_open_dev$usbfs(&(0x7f0000000840)='/dev/bus/usb/00#/00#\x00', 0x40000000909, 0x1) ioctl$sock_ipv6_tunnel_SIOCADD6RD(r0, 0x8008551c, 0x0) 12:31:31 executing program 3: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) open$dir(&(0x7f0000000000)='./file0\x00', 0x2040, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@aname={'aname', 0x3d, 'version=9p2000.u'}}]}}) [ 186.521585][ T8588] 9pnet: Insufficient options for proto=fd 12:31:31 executing program 0: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x65, 0x0, 0x0) 12:31:31 executing program 1: r0 = syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109023b00000904"], 0x0) syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000040)={0x14, 0x0, &(0x7f0000002100)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0) 12:31:31 executing program 3: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@aname={'aname', 0x3d, 'version=9p2000.u'}}]}}) 12:31:31 executing program 3: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@aname={'aname', 0x3d, 'version=9p2000.u'}}]}}) 12:31:31 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x8000000000000, 0x40, 0x0, 0x2a8) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) setxattr$system_posix_acl(0x0, 0x0, 0x0, 0x74, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0) creat(0x0, 0x0) io_setup(0x0, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) io_submit(0x0, 0x0, 0x0) lstat(0x0, 0x0) 12:31:31 executing program 2: perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="380100001a000108cf4dac26306b6835397c1e7fac00008000000000007485ac5fb0e3daef21b27aa924bab3619673862f5de0c1326313960000000000000000", @ANYRES32, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000006c000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000001ffffff0000000000000000000000000000000800000000000000000000000000000000f5ffffffffffffff0000050500000000000000000007715e1b3d0f6d2d4b00000000000000000000000000000000000000000800020001001a00000000000000480003006465666c617465"], 0x138}}, 0x0) 12:31:31 executing program 3: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@aname={'aname', 0x3d, 'version=9p2000.u'}}]}}) 12:31:31 executing program 3: open$dir(&(0x7f0000000000)='./file0\x00', 0x2040, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@aname={'aname', 0x3d, 'version=9p2000.u'}}]}}) [ 186.859078][ T8458] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 187.278555][ T8458] usb 6-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config [ 187.318586][ T8458] usb 6-1: config 9 has no interfaces? 12:31:32 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000040)) [ 187.519026][ T8458] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 187.539571][ T8458] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 187.557404][ T8458] usb 6-1: Product: syz [ 187.557413][ T8458] usb 6-1: Manufacturer: syz [ 187.557420][ T8458] usb 6-1: SerialNumber: syz [ 187.600332][ T8624] ================================================================== [ 187.601049][ T8624] BUG: KASAN: vmalloc-out-of-bounds in bitfill_aligned+0x34a/0x400 [ 187.601058][ T8624] Write of size 8 at addr ffffc900095e1000 by task syz-executor.2/8624 [ 187.601061][ T8624] [ 187.601117][ T8624] CPU: 1 PID: 8624 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 187.601122][ T8624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 187.601126][ T8624] Call Trace: [ 187.601295][ T8624] dump_stack+0x18f/0x20d [ 187.601306][ T8624] ? bitfill_aligned+0x34a/0x400 [ 187.601315][ T8624] ? bitfill_aligned+0x34a/0x400 [ 187.601483][ T8624] print_address_description.constprop.0.cold+0x5/0x436 [ 187.602931][ T8624] ? lockdep_hardirqs_off+0x66/0xa0 [ 187.603158][ T8624] ? vprintk_func+0x97/0x1a6 [ 187.603171][ T8624] ? bitfill_aligned+0x34a/0x400 [ 187.603179][ T8624] kasan_report.cold+0x1f/0x37 [ 187.603391][ T8624] ? bitfill_aligned+0x34a/0x400 [ 187.603459][ T8624] bitfill_aligned+0x34a/0x400 [ 187.603498][ T8624] sys_fillrect+0x408/0x7a0 [ 187.603507][ T8624] ? sys_fillrect+0x7a0/0x7a0 [ 187.603746][ T8624] drm_fb_helper_sys_fillrect+0x1e/0x190 [ 187.603757][ T8624] bit_clear_margins+0x2d5/0x4a0 [ 187.603767][ T8624] ? bit_bmove+0x210/0x210 [ 187.603844][ T8624] ? fb_get_color_depth+0x11a/0x240 [ 187.603863][ T8624] fbcon_clear_margins+0x1d5/0x230 [ 187.603879][ T8624] fbcon_switch+0xb6e/0x16c0 [ 187.603891][ T8624] ? fbcon_scroll+0x3600/0x3600 [ 187.603907][ T8624] ? fbcon_cursor+0x52b/0x650 [ 187.603916][ T8624] ? kmalloc_array.constprop.0+0x20/0x20 [ 187.603962][ T8624] ? is_console_locked+0x5/0x10 [ 187.603969][ T8624] ? fbcon_set_origin+0x26/0x50 [ 187.604139][ T8624] redraw_screen+0x2ae/0x770 [ 187.604151][ T8624] ? vc_init+0x440/0x440 [ 187.604159][ T8624] ? fb_get_color_depth+0x11a/0x240 [ 187.604170][ T8624] ? fbcon_set_palette+0x3a8/0x490 [ 187.604180][ T8624] fbcon_modechanged+0x575/0x710 [ 187.604191][ T8624] fbcon_update_vcs+0x3a/0x50 [ 187.604200][ T8624] fb_set_var+0xae8/0xd60 [ 187.604210][ T8624] ? fb_blank+0x190/0x190 [ 187.604257][ T8624] ? lock_release+0x8d0/0x8d0 [ 187.604272][ T8624] ? preempt_schedule_common+0x59/0xc0 [ 187.604491][ T8624] ? preempt_schedule_thunk+0x16/0x18 [ 187.604506][ T8624] ? do_fb_ioctl+0x2f2/0x6c0 [ 187.604524][ T8624] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 187.604533][ T8624] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 187.604669][ T8624] ? trace_hardirqs_on+0x5f/0x220 [ 187.604686][ T8624] do_fb_ioctl+0x33f/0x6c0 [ 187.604697][ T8624] ? fb_set_suspend+0x1a0/0x1a0 [ 187.604709][ T8624] ? lockdep_hardirqs_on+0x6a/0xe0 [ 187.604718][ T8624] ? _raw_spin_unlock_irq+0x55/0x80 [ 187.604773][ T8624] ? finish_task_switch+0x147/0x750 [ 187.604781][ T8624] ? finish_task_switch+0x119/0x750 [ 187.604859][ T8624] ? __switch_to+0x4fb/0xe80 [ 187.604871][ T8624] ? __schedule+0x8e9/0x1eb0 [ 187.604884][ T8624] ? io_schedule_timeout+0x140/0x140 [ 187.604894][ T8624] ? preempt_schedule_irq+0x88/0x150 [ 187.604902][ T8624] ? lockdep_hardirqs_off+0x66/0xa0 [ 187.604929][ T8624] fb_compat_ioctl+0x175/0xc10 [ 187.604943][ T8624] ? fb_open+0x430/0x430 [ 187.605114][ T8624] ? __fget_files+0x294/0x400 [ 187.605126][ T8624] ? fb_open+0x430/0x430 [ 187.605160][ T8624] __do_compat_sys_ioctl+0x1d3/0x230 [ 187.605232][ T8624] do_syscall_32_irqs_on+0x3f/0x60 [ 187.605244][ T8624] do_fast_syscall_32+0x7f/0x120 [ 187.605257][ T8624] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 187.606434][ T8624] RIP: 0023:0xf7ff3569 [ 187.606468][ T8624] Code: Bad RIP value. [ 187.606472][ T8624] RSP: 002b:00000000f5dee0bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 187.606541][ T8624] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004601 [ 187.606546][ T8624] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 187.606551][ T8624] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 187.606556][ T8624] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 187.606561][ T8624] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 187.606629][ T8624] [ 187.606632][ T8624] [ 187.606635][ T8624] Memory state around the buggy address: [ 187.606998][ T8624] ffffc900095e0f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 187.607006][ T8624] ffffc900095e0f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 187.607012][ T8624] >ffffc900095e1000: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 187.607016][ T8624] ^ [ 187.607022][ T8624] ffffc900095e1080: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 187.607032][ T8624] ffffc900095e1100: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 187.607036][ T8624] ================================================================== [ 187.607842][ T8624] Disabling lock debugging due to kernel taint [ 187.615314][ T8624] Kernel panic - not syncing: panic_on_warn set ... [ 187.615342][ T8624] CPU: 1 PID: 8624 Comm: syz-executor.2 Tainted: G B 5.8.0-rc5-syzkaller #0 [ 187.615347][ T8624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 187.615355][ T8624] Call Trace: [ 187.615445][ T8624] dump_stack+0x18f/0x20d [ 187.615456][ T8624] ? bitfill_aligned+0x290/0x400 [ 187.615506][ T8624] panic+0x2e3/0x75c [ 187.615514][ T8624] ? __warn_printk+0xf3/0xf3 [ 187.615525][ T8624] ? preempt_schedule_common+0x59/0xc0 [ 187.615554][ T8624] ? bitfill_aligned+0x34a/0x400 [ 187.615564][ T8624] ? preempt_schedule_thunk+0x16/0x18 [ 187.615572][ T8624] ? trace_hardirqs_on+0x55/0x220 [ 187.615581][ T8624] ? bitfill_aligned+0x34a/0x400 [ 187.615588][ T8624] ? bitfill_aligned+0x34a/0x400 [ 187.615595][ T8624] end_report+0x4d/0x53 [ 187.615603][ T8624] kasan_report.cold+0xd/0x37 [ 187.615612][ T8624] ? bitfill_aligned+0x34a/0x400 [ 187.615620][ T8624] bitfill_aligned+0x34a/0x400 [ 187.615629][ T8624] sys_fillrect+0x408/0x7a0 [ 187.615636][ T8624] ? sys_fillrect+0x7a0/0x7a0 [ 187.615646][ T8624] drm_fb_helper_sys_fillrect+0x1e/0x190 [ 187.615655][ T8624] bit_clear_margins+0x2d5/0x4a0 [ 187.615663][ T8624] ? bit_bmove+0x210/0x210 [ 187.615672][ T8624] ? fb_get_color_depth+0x11a/0x240 [ 187.615680][ T8624] fbcon_clear_margins+0x1d5/0x230 [ 187.615688][ T8624] fbcon_switch+0xb6e/0x16c0 [ 187.615696][ T8624] ? fbcon_scroll+0x3600/0x3600 [ 187.615706][ T8624] ? fbcon_cursor+0x52b/0x650 [ 187.615714][ T8624] ? kmalloc_array.constprop.0+0x20/0x20 [ 187.615722][ T8624] ? is_console_locked+0x5/0x10 [ 187.615729][ T8624] ? fbcon_set_origin+0x26/0x50 [ 187.615738][ T8624] redraw_screen+0x2ae/0x770 [ 187.615746][ T8624] ? vc_init+0x440/0x440 [ 187.615753][ T8624] ? fb_get_color_depth+0x11a/0x240 [ 187.615761][ T8624] ? fbcon_set_palette+0x3a8/0x490 [ 187.615769][ T8624] fbcon_modechanged+0x575/0x710 [ 187.615777][ T8624] fbcon_update_vcs+0x3a/0x50 [ 187.615784][ T8624] fb_set_var+0xae8/0xd60 [ 187.615792][ T8624] ? fb_blank+0x190/0x190 [ 187.615799][ T8624] ? lock_release+0x8d0/0x8d0 [ 187.615808][ T8624] ? preempt_schedule_common+0x59/0xc0 [ 187.615816][ T8624] ? preempt_schedule_thunk+0x16/0x18 [ 187.615825][ T8624] ? do_fb_ioctl+0x2f2/0x6c0 [ 187.615836][ T8624] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 187.615844][ T8624] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 187.615851][ T8624] ? trace_hardirqs_on+0x5f/0x220 [ 187.615859][ T8624] do_fb_ioctl+0x33f/0x6c0 [ 187.615867][ T8624] ? fb_set_suspend+0x1a0/0x1a0 [ 187.615874][ T8624] ? lockdep_hardirqs_on+0x6a/0xe0 [ 187.615881][ T8624] ? _raw_spin_unlock_irq+0x55/0x80 [ 187.615888][ T8624] ? finish_task_switch+0x147/0x750 [ 187.615895][ T8624] ? finish_task_switch+0x119/0x750 [ 187.615902][ T8624] ? __switch_to+0x4fb/0xe80 [ 187.615910][ T8624] ? __schedule+0x8e9/0x1eb0 [ 187.615981][ T8624] ? io_schedule_timeout+0x140/0x140 [ 187.615997][ T8624] ? preempt_schedule_irq+0x88/0x150 [ 187.616011][ T8624] ? lockdep_hardirqs_off+0x66/0xa0 [ 187.616028][ T8624] fb_compat_ioctl+0x175/0xc10 [ 187.616039][ T8624] ? fb_open+0x430/0x430 [ 187.616050][ T8624] ? __fget_files+0x294/0x400 [ 187.616061][ T8624] ? fb_open+0x430/0x430 [ 187.616072][ T8624] __do_compat_sys_ioctl+0x1d3/0x230 [ 187.616088][ T8624] do_syscall_32_irqs_on+0x3f/0x60 [ 187.616101][ T8624] do_fast_syscall_32+0x7f/0x120 [ 187.616113][ T8624] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 187.616145][ T8624] RIP: 0023:0xf7ff3569 [ 187.616151][ T8624] Code: Bad RIP value. [ 187.616159][ T8624] RSP: 002b:00000000f5dee0bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 187.616175][ T8624] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004601 [ 187.616184][ T8624] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 187.616192][ T8624] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 187.616201][ T8624] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 187.616209][ T8624] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 187.619421][ T8624] Kernel Offset: disabled [ 187.619812][ T8624] Rebooting in 86400 seconds..