Warning: Permanently added '[localhost]:61601' (ECDSA) to the list of known hosts. syzkaller login: [ 110.852327][ T47] kauditd_printk_skb: 7 callbacks suppressed [ 110.852338][ T47] audit: type=1400 audit(1604589804.006:42): avc: denied { map } for pid=9811 comm="syz-fuzzer" path="/syz-fuzzer" dev="sda1" ino=16526 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 2020/11/05 15:23:24 fuzzer started 2020/11/05 15:23:24 dialing manager at 10.0.2.10:45409 [ 111.612808][ T47] audit: type=1400 audit(1604589804.766:43): avc: denied { integrity } for pid=9829 comm="syz-executor" lockdown_reason="debugfs access" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=lockdown permissive=1 2020/11/05 15:23:24 syscalls: 3476 2020/11/05 15:23:24 code coverage: enabled 2020/11/05 15:23:24 comparison tracing: enabled 2020/11/05 15:23:24 extra coverage: enabled 2020/11/05 15:23:24 setuid sandbox: enabled 2020/11/05 15:23:24 namespace sandbox: enabled 2020/11/05 15:23:24 Android sandbox: /sys/fs/selinux/policy does not exist 2020/11/05 15:23:24 fault injection: enabled 2020/11/05 15:23:24 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/11/05 15:23:24 net packet injection: enabled 2020/11/05 15:23:24 net device setup: enabled 2020/11/05 15:23:24 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/11/05 15:23:24 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/11/05 15:23:24 USB emulation: enabled 2020/11/05 15:23:24 hci packet injection: enabled 2020/11/05 15:23:24 wifi device emulation: enabled 15:24:29 executing program 0: syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x9, 0x40) [ 176.823475][ T47] audit: type=1400 audit(1604589869.976:44): avc: denied { map } for pid=9833 comm="syz-executor.0" path="/sys/kernel/debug/kcov" dev="debugfs" ino=2055 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 15:24:30 executing program 1: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$sock_ifreq(r0, 0x8918, &(0x7f0000000540)={'vlan0\x00', @ifru_map}) 15:24:30 executing program 2: r0 = socket(0xa, 0x3, 0x8) ioctl$sock_SIOCADDRT(r0, 0x541b, &(0x7f0000007180)={0x0, @llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, @xdp, @l2}) 15:24:30 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x83, 0xc, 0xc, 0x2, [@enum]}}, &(0x7f0000000480)=""/132, 0x26, 0x84, 0x1}, 0x20) [ 178.076122][ T9835] IPVS: ftp: loaded support on port[0] = 21 [ 178.209533][ T9836] IPVS: ftp: loaded support on port[0] = 21 [ 178.244225][ T9835] chnl_net:caif_netlink_parms(): no params data found [ 178.355338][ T9835] bridge0: port 1(bridge_slave_0) entered blocking state [ 178.366063][ T9835] bridge0: port 1(bridge_slave_0) entered disabled state [ 178.377834][ T9835] device bridge_slave_0 entered promiscuous mode [ 178.394466][ T9835] bridge0: port 2(bridge_slave_1) entered blocking state [ 178.408975][ T9835] bridge0: port 2(bridge_slave_1) entered disabled state [ 178.424116][ T9835] device bridge_slave_1 entered promiscuous mode [ 178.460367][ T9838] IPVS: ftp: loaded support on port[0] = 21 [ 178.465358][ T9835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 178.502200][ T9835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 178.556553][ T9835] team0: Port device team_slave_0 added [ 178.612332][ T9835] team0: Port device team_slave_1 added [ 178.630125][ T9836] chnl_net:caif_netlink_parms(): no params data found [ 178.674957][ T9835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 178.684967][ T9835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 178.721831][ T9835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 178.743299][ T9835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 178.751915][ T9840] IPVS: ftp: loaded support on port[0] = 21 [ 178.755348][ T9835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 178.802904][ T9835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 178.872011][ T9835] device hsr_slave_0 entered promiscuous mode [ 178.883524][ T9835] device hsr_slave_1 entered promiscuous mode [ 178.943241][ T9836] bridge0: port 1(bridge_slave_0) entered blocking state [ 178.952191][ T9836] bridge0: port 1(bridge_slave_0) entered disabled state [ 178.966385][ T9836] device bridge_slave_0 entered promiscuous mode [ 179.020387][ T9836] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.030538][ T9836] bridge0: port 2(bridge_slave_1) entered disabled state [ 179.041394][ T9836] device bridge_slave_1 entered promiscuous mode [ 179.064206][ T9838] chnl_net:caif_netlink_parms(): no params data found [ 179.087919][ T9836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 179.105178][ T9836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 179.164211][ T9836] team0: Port device team_slave_0 added [ 179.177860][ T9836] team0: Port device team_slave_1 added [ 179.255771][ T9836] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 179.265282][ T9836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 179.296030][ T9836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 179.312159][ T9836] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 179.320289][ T9836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 179.349646][ T9836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 179.371912][ T9838] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.381173][ T9838] bridge0: port 1(bridge_slave_0) entered disabled state [ 179.390755][ T9838] device bridge_slave_0 entered promiscuous mode [ 179.410104][ T9840] chnl_net:caif_netlink_parms(): no params data found [ 179.424632][ T9838] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.434909][ T9838] bridge0: port 2(bridge_slave_1) entered disabled state [ 179.446033][ T9838] device bridge_slave_1 entered promiscuous mode [ 179.539435][ T9836] device hsr_slave_0 entered promiscuous mode [ 179.547098][ T9836] device hsr_slave_1 entered promiscuous mode [ 179.555869][ T9836] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 179.565209][ T9836] Cannot create hsr debugfs directory [ 179.574774][ T9838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 179.590378][ T9838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 179.591017][ T47] audit: type=1400 audit(1604589872.746:45): avc: denied { create } for pid=9835 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 179.618377][ T9835] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 179.635278][ T47] audit: type=1400 audit(1604589872.766:46): avc: denied { write } for pid=9835 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 179.683034][ T47] audit: type=1400 audit(1604589872.766:47): avc: denied { read } for pid=9835 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 179.704668][ T9840] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.729730][ T9840] bridge0: port 1(bridge_slave_0) entered disabled state [ 179.738227][ T9840] device bridge_slave_0 entered promiscuous mode [ 179.747711][ T9835] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 179.757891][ T9835] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 179.772165][ T9838] team0: Port device team_slave_0 added [ 179.785289][ T9838] team0: Port device team_slave_1 added [ 179.792786][ T9840] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.810503][ T9840] bridge0: port 2(bridge_slave_1) entered disabled state [ 179.826296][ T9840] device bridge_slave_1 entered promiscuous mode [ 179.846118][ T9835] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 179.889435][ T9840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 179.915443][ T9840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 179.955306][ T9840] team0: Port device team_slave_0 added [ 179.969408][ T9838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 179.986156][ T9838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 180.024447][ T9838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 180.042896][ T9838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 180.052220][ T9838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 180.080540][ T3072] Bluetooth: hci0: command 0x0409 tx timeout [ 180.085171][ T9838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 180.108690][ T9840] team0: Port device team_slave_1 added [ 180.152205][ T9840] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 180.162497][ T9840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 180.201697][ T9840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 180.221786][ T9840] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 180.234285][ T9840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 180.240627][ T3334] Bluetooth: hci1: command 0x0409 tx timeout [ 180.274218][ T9840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 180.304871][ T9838] device hsr_slave_0 entered promiscuous mode [ 180.314017][ T9838] device hsr_slave_1 entered promiscuous mode [ 180.322565][ T9838] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 180.331083][ T9838] Cannot create hsr debugfs directory [ 180.368598][ T9840] device hsr_slave_0 entered promiscuous mode [ 180.377617][ T9840] device hsr_slave_1 entered promiscuous mode [ 180.387062][ T9840] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 180.397670][ T9840] Cannot create hsr debugfs directory [ 180.399456][ T3334] Bluetooth: hci2: command 0x0409 tx timeout [ 180.470101][ T9836] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 180.482822][ T9836] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 180.494566][ T9836] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 180.508354][ T9836] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 180.626329][ T9840] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 180.639452][ T3334] Bluetooth: hci3: command 0x0409 tx timeout [ 180.650838][ T9840] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 180.669852][ T9840] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 180.680260][ T9840] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 180.710661][ T9838] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 180.721319][ T9838] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 180.732595][ T9838] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 180.742674][ T9838] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 180.767961][ T9835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 180.808825][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 180.820664][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 180.836769][ T9835] 8021q: adding VLAN 0 to HW filter on device team0 [ 180.863115][ T9836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 180.885455][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 180.897887][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 180.909808][ T34] bridge0: port 1(bridge_slave_0) entered blocking state [ 180.918713][ T34] bridge0: port 1(bridge_slave_0) entered forwarding state [ 180.931662][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 180.950447][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 180.963156][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 180.974315][ T3074] bridge0: port 2(bridge_slave_1) entered blocking state [ 180.982176][ T3074] bridge0: port 2(bridge_slave_1) entered forwarding state [ 180.999622][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 181.013330][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 181.025783][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 181.054177][ T9836] 8021q: adding VLAN 0 to HW filter on device team0 [ 181.081380][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 181.092490][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 181.104380][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 181.114994][ T9865] bridge0: port 1(bridge_slave_0) entered blocking state [ 181.124075][ T9865] bridge0: port 1(bridge_slave_0) entered forwarding state [ 181.149821][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 181.160470][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 181.172726][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 181.185218][ T9867] bridge0: port 2(bridge_slave_1) entered blocking state [ 181.194137][ T9867] bridge0: port 2(bridge_slave_1) entered forwarding state [ 181.204436][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 181.216512][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 181.228564][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 181.238990][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 181.249405][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 181.260803][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 181.271904][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 181.287334][ T9838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 181.304296][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 181.317088][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 181.329471][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 181.345944][ T4029] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 181.356388][ T4029] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 181.366735][ T4029] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 181.379295][ T9835] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 181.395786][ T9838] 8021q: adding VLAN 0 to HW filter on device team0 [ 181.412815][ T9840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 181.422211][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 181.435557][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 181.449734][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 181.462536][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 181.473682][ T9865] bridge0: port 1(bridge_slave_0) entered blocking state [ 181.482943][ T9865] bridge0: port 1(bridge_slave_0) entered forwarding state [ 181.493388][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 181.507161][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 181.529982][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 181.540413][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 181.550688][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 181.560993][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 181.580813][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 181.595260][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 181.619919][ T9867] bridge0: port 2(bridge_slave_1) entered blocking state [ 181.632230][ T9867] bridge0: port 2(bridge_slave_1) entered forwarding state [ 181.647191][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 181.659396][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 181.676329][ T9836] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 181.687623][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 181.696962][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 181.707744][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 181.724712][ T9840] 8021q: adding VLAN 0 to HW filter on device team0 [ 181.746188][ T9835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 181.755819][ T9868] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 181.768100][ T9868] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 181.794152][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 181.808470][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 181.819475][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 181.834977][ T9836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 181.849725][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 181.861555][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 181.873041][ T9865] bridge0: port 1(bridge_slave_0) entered blocking state [ 181.881992][ T9865] bridge0: port 1(bridge_slave_0) entered forwarding state [ 181.892200][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 181.906788][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 181.917329][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 181.932588][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 181.946426][ T9865] bridge0: port 2(bridge_slave_1) entered blocking state [ 181.956663][ T9865] bridge0: port 2(bridge_slave_1) entered forwarding state [ 181.972737][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 181.983866][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 182.001646][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 182.012002][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 182.035394][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 182.045586][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 182.064159][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 182.075862][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 182.088268][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 182.099759][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 182.110972][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 182.134618][ T9838] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 182.144336][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 182.159556][ T9868] Bluetooth: hci0: command 0x041b tx timeout [ 182.166708][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 182.200117][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 182.239542][ T9868] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 182.251320][ T9868] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 182.264184][ T9868] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 182.275107][ T9868] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 182.286886][ T9868] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 182.299789][ T9868] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 182.311191][ T9868] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 182.322857][ T9868] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 182.329505][ T18] Bluetooth: hci1: command 0x041b tx timeout [ 182.333071][ T9868] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 182.356769][ T9835] device veth0_vlan entered promiscuous mode [ 182.371565][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 182.385516][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 182.398340][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 182.413447][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 182.440185][ T9840] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 182.471045][ T9840] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 182.487093][ T18] Bluetooth: hci2: command 0x041b tx timeout [ 182.495711][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 182.512151][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 182.525718][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 182.538042][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 182.560503][ T9836] device veth0_vlan entered promiscuous mode [ 182.585559][ T9838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 182.601190][ T9835] device veth1_vlan entered promiscuous mode [ 182.614951][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 182.629881][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 182.650671][ T9836] device veth1_vlan entered promiscuous mode [ 182.664881][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 182.673850][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 182.699852][ T9840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 182.714485][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 182.719363][ T18] Bluetooth: hci3: command 0x041b tx timeout [ 182.724457][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 182.758715][ T9838] device veth0_vlan entered promiscuous mode [ 182.771761][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 182.781187][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 182.793479][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 182.803536][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 182.813255][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 182.823811][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 182.851685][ T9835] device veth0_macvtap entered promiscuous mode [ 182.864205][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 182.874283][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 182.887278][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 182.897299][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 182.908154][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 182.918195][ T9838] device veth1_vlan entered promiscuous mode [ 182.931475][ T9835] device veth1_macvtap entered promiscuous mode [ 182.948332][ T9836] device veth0_macvtap entered promiscuous mode [ 182.966538][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 182.975681][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 182.985197][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 182.994976][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 183.005511][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 183.018826][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 183.031230][ T9836] device veth1_macvtap entered promiscuous mode [ 183.045896][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 183.057260][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 183.066285][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 183.080518][ T9840] device veth0_vlan entered promiscuous mode [ 183.095105][ T9835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 183.106375][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 183.118891][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 183.137689][ T9835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 183.152519][ T9836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 183.164918][ T9836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.177251][ T9836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 183.189951][ T9868] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 183.205748][ T9868] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 183.219778][ T9868] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 183.253629][ T9868] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 183.278654][ T9835] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.293997][ T9835] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.305292][ T9835] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.317975][ T9835] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.337911][ T9840] device veth1_vlan entered promiscuous mode [ 183.348152][ T9836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 183.361988][ T9836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.377859][ T9836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 183.400371][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 183.411103][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 183.425506][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 183.437840][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 183.450061][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 183.467774][ T9838] device veth0_macvtap entered promiscuous mode [ 183.480047][ T9836] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.490142][ T9836] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.499727][ T9836] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.509451][ T9836] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.551313][ T9838] device veth1_macvtap entered promiscuous mode [ 183.559490][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 183.572313][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 183.582625][ T9865] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 183.631462][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 183.641346][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 183.662448][ T9846] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 183.670426][ T9840] device veth0_macvtap entered promiscuous mode [ 183.671731][ T9846] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 183.690244][ T9840] device veth1_macvtap entered promiscuous mode [ 183.710986][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 183.724870][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 183.735342][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 183.755071][ T9838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 183.769507][ T9838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.781462][ T9838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 183.794122][ T9838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.808203][ T9838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 183.832190][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 183.843142][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 183.857524][ T9838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 183.871707][ T9838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.884316][ T9838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 183.898656][ T9838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.914386][ T9838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 183.935906][ T9846] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 183.937198][ T9840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 183.946724][ T9846] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 183.958106][ T9840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.958120][ T9840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 183.958124][ T9840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.958134][ T9840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 183.958138][ T9840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.960580][ T9840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 184.044284][ T4029] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 184.054934][ T4029] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 184.065426][ T4029] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 184.075310][ T4029] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 184.085942][ T4029] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 184.100974][ T9838] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.111442][ T9838] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.122001][ T9838] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.131698][ T9838] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.158366][ T9840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 184.173388][ T9840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 184.188500][ T9840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 184.202778][ T9840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 184.217152][ T9840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 184.230543][ T9840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 184.249702][ T9840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 184.250631][ T3074] Bluetooth: hci0: command 0x040f tx timeout [ 184.272402][ T9840] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.275315][ T47] audit: type=1400 audit(1604589877.426:48): avc: denied { associate } for pid=9835 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 184.287765][ T9840] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.287852][ T9840] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.379830][ T9840] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.400155][ T3334] Bluetooth: hci1: command 0x040f tx timeout [ 184.414974][ T9861] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 184.432529][ T9866] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 184.433355][ T9861] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 184.450058][ T9866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 184.483246][ T9866] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 184.504319][ T9835] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 184.561651][ T9866] Bluetooth: hci2: command 0x040f tx timeout [ 184.575285][ T9861] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 184.587463][ T9861] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 184.610243][ T9867] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 15:24:37 executing program 0: mount$fuseblk(&(0x7f00000000c0)='/dev/loop0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000006240)={{'fd'}, 0x2c, {'rootmode'}, 0x2c, {'user_id', 0x3d, 0xffffffffffffffff}, 0x2c, {'group_id'}}) 15:24:37 executing program 0: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_GET_FEATURES(r0, 0x8008af00, &(0x7f00000001c0)) [ 184.675166][ T2958] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 184.688902][ T9861] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 184.697643][ T2958] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 184.726527][ T9861] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 184.741245][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 184.742215][ T9861] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 15:24:37 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000280)={0x0, 0xc, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "9b49889e"}}) [ 184.762978][ T9861] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 184.771529][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 184.795113][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 184.809814][ T3334] Bluetooth: hci3: command 0x040f tx timeout 15:24:37 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockname(r0, 0x0, &(0x7f0000000080)) [ 184.815690][ T2958] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 15:24:38 executing program 1: keyctl$dh_compute(0x17, &(0x7f0000000000), &(0x7f0000000980)=""/4096, 0x1000, &(0x7f0000000180)={0x0}) [ 184.855469][ T2958] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 15:24:38 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x14, 0x2, [@enum={0x0, 0x2, 0x0, 0x6, 0x4, [{}]}]}}, &(0x7f0000000480)=""/132, 0x2e, 0x84, 0x1}, 0x20) [ 184.867543][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 184.904660][ T47] audit: type=1400 audit(1604589878.056:49): avc: denied { bpf } for pid=9890 comm="syz-executor.0" capability=39 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=capability2 permissive=1 15:24:38 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x17, 0x0, 0xb25, 0x40, 0x1800}, 0x40) 15:24:38 executing program 3: r0 = socket(0xa, 0x3, 0x8) ioctl$sock_SIOCADDRT(r0, 0x890c, &(0x7f0000007180)={0x0, @llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, @xdp, @l2}) 15:24:38 executing program 1: ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000680)={'batadv0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)=@getchain={0x34, 0x66, 0x100, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r0, {0xf, 0xfff3}, {0xe, 0xd}, {0xfff1}}, [{0x8}, {0x8, 0xb, 0x2c1}]}, 0x34}, 0x1, 0x0, 0x0, 0xc010}, 0x0) r1 = syz_open_dev$video4linux(&(0x7f00000000c0)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_SUBDEV_G_FRAME_INTERVAL(r1, 0x5452, &(0x7f0000000080)) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x4, 0x9}]}) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000100)) 15:24:38 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x541b, 0x0) 15:24:38 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet6_mreq(r0, 0x29, 0x1d, 0x0, &(0x7f00000004c0)) [ 184.994911][ T47] audit: type=1400 audit(1604589878.146:50): avc: denied { map_create } for pid=9906 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 15:24:38 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x17, 0x0, 0xb25, 0x40, 0x1800}, 0x40) 15:24:38 executing program 3: r0 = socket(0x25, 0x1, 0x0) recvfrom$rxrpc(r0, 0x0, 0x0, 0x40000122, 0x0, 0x46) 15:24:38 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000022002d"], 0x14}}, 0x0) [ 185.074201][ T47] audit: type=1326 audit(1604589878.226:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=9904 comm="syz-executor.1" exe="/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f06a code=0x0 15:24:38 executing program 0: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$sock_ifreq(r0, 0x541b, 0x0) 15:24:38 executing program 3: r0 = socket$tipc(0x1e, 0x2, 0x0) ioctl$NBD_SET_SOCK(r0, 0x5421, 0xffffffffffffffff) [ 185.813435][ T47] audit: type=1326 audit(1604589878.966:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=9904 comm="syz-executor.1" exe="/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f06a code=0x0 15:24:39 executing program 1: ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000680)={'batadv0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)=@getchain={0x34, 0x66, 0x100, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r0, {0xf, 0xfff3}, {0xe, 0xd}, {0xfff1}}, [{0x8}, {0x8, 0xb, 0x2c1}]}, 0x34}, 0x1, 0x0, 0x0, 0xc010}, 0x0) r1 = syz_open_dev$video4linux(&(0x7f00000000c0)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_SUBDEV_G_FRAME_INTERVAL(r1, 0x5452, &(0x7f0000000080)) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x4, 0x9}]}) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000100)) 15:24:39 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080)='ethtool\x00') r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x34, r1, 0x1, 0x0, 0x0, {}, [@HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}]}]}, 0x34}}, 0x0) 15:24:39 executing program 0: r0 = socket(0xa, 0x3, 0x8) getsockopt$SO_J1939_SEND_PRIO(r0, 0x6b, 0x3, 0x0, 0x0) 15:24:39 executing program 3: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @remote, 0xa75}], 0x1c) [ 185.883982][ T47] audit: type=1400 audit(1604589879.036:53): avc: denied { ioctl } for pid=9934 comm="syz-executor.2" path="socket:[41176]" dev="sockfs" ino=41176 ioctlcmd=0x8933 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 15:24:39 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000006240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@can_delroute={0x14, 0x19, 0x1}, 0x14}}, 0x0) 15:24:39 executing program 3: r0 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc) keyctl$assume_authority(0x10, r0) 15:24:39 executing program 2: r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x2, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], &(0x7f0000000100)=[0x0], 0x0, 0x1, 0x1, 0x1}) 15:24:39 executing program 3: syz_mount_image$vfat(&(0x7f0000000040)='vfat\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x2, &(0x7f0000001240)=[{0x0, 0x0, 0x1ff}, {&(0x7f00000001c0)="42508b4d66c70468403ec8c169ca39", 0xf}], 0x0, &(0x7f0000000140)) [ 185.954651][ T47] audit: type=1326 audit(1604589879.106:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=9944 comm="syz-executor.1" exe="/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45f06a code=0x0 [ 186.006972][ T9956] FAT-fs (loop3): bogus number of FAT structure [ 186.017813][ T9956] FAT-fs (loop3): Can't find a valid FAT filesystem [ 186.100791][ T9956] FAT-fs (loop3): bogus number of FAT structure [ 186.109666][ T9956] FAT-fs (loop3): Can't find a valid FAT filesystem [ 186.399944][ T9865] Bluetooth: hci0: command 0x0419 tx timeout [ 186.490094][ T3334] Bluetooth: hci1: command 0x0419 tx timeout [ 186.639842][ T3334] Bluetooth: hci2: command 0x0419 tx timeout 15:24:39 executing program 2: r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, 0x0, 0x1) 15:24:39 executing program 1: mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x300000a, 0x2314f77d6c88ccb2, 0xffffffffffffffff, 0x10000000) 15:24:39 executing program 3: r0 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x7ff, 0x0) ioctl$VIDIOC_G_FMT(r0, 0xc0285629, &(0x7f0000000080)={0x3, @sliced}) 15:24:39 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x18, 0x4, &(0x7f0000000080)=@framed={{}, [@generic={0xbc, 0x7}]}, &(0x7f00000000c0)='syzkaller\x00', 0x5, 0xb8, &(0x7f0000000300)=""/184, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 186.773138][ T47] audit: type=1400 audit(1604589879.926:55): avc: denied { prog_load } for pid=9967 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 15:24:39 executing program 3: pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) read$midi(r0, &(0x7f0000000040)=""/80, 0x50) [ 186.818629][ T47] audit: type=1400 audit(1604589879.926:56): avc: denied { perfmon } for pid=9967 comm="syz-executor.0" capability=38 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=capability2 permissive=1 15:24:40 executing program 1: pipe(&(0x7f0000000100)={0xffffffffffffffff}) read$fb(r0, 0x0, 0x0) 15:24:40 executing program 2: r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, 0x0, 0x1) [ 186.878611][ T47] audit: type=1400 audit(1604589879.966:57): avc: denied { prog_run } for pid=9967 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 15:24:40 executing program 0: bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000480)=@bpf_lsm={0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r0 = socket$l2tp(0x2, 0x2, 0x73) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000000)) 15:24:40 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc0505611, &(0x7f0000000280)={0x0, 0x0, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "9b49889e"}}) 15:24:40 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'team_slave_1\x00', @ifru_mtu}) [ 186.919473][ T3334] Bluetooth: hci3: command 0x0419 tx timeout 15:24:40 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') sendmsg$NL80211_CMD_SET_QOS_MAP(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000080000000068"], 0x28}}, 0x0) 15:24:40 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x63, 0x14, 0x2, [@enum={0x0, 0x1, 0x0, 0x6, 0x4, [{}]}]}}, &(0x7f0000000480)=""/132, 0x2e, 0x84, 0x1}, 0x20) [ 187.005444][ T9995] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 187.025317][T10000] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 15:24:40 executing program 2: io_setup(0x80000001, &(0x7f0000000340)) 15:24:40 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xb, 0x0, 0x0, 0x2, 0x0, 0x1}, 0x40) 15:24:40 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x0, 0x101b00) read$fb(r0, 0x0, 0x0) 15:24:40 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_PRI(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x68, r1, 0x1, 0x0, 0x0, {{}, {}, {0x4c, 0x18, {0x0, @link='broadcast-link\x00'}}}}, 0x68}}, 0x0) 15:24:40 executing program 0: msgctl$MSG_INFO(0x0, 0xc, &(0x7f0000000700)=""/4096) 15:24:40 executing program 2: openat$vfio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vfio/vfio\x00', 0x0, 0x0) 15:24:40 executing program 1: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x5, 0xb8, &(0x7f0000000300)=""/184, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x6, &(0x7f0000000100)={&(0x7f0000000140)='mlxsw_sp_acl_tcam_vregion_rehash_rollback_failed\x00', r0}, 0x10) 15:24:40 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x0, 0x101b00) read$fb(r0, 0x0, 0x0) 15:24:40 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000006240)={0x0, 0x0, &(0x7f0000006200)={&(0x7f0000006100)=@ipv6_delroute={0x1c, 0x19, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0xc}}, 0x1c}}, 0x0) 15:24:40 executing program 0: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/bus/input/handlers\x00', 0x0, 0x0) read$fb(r0, 0x0, 0x0) 15:24:40 executing program 1: syz_genetlink_get_family_id$l2tp(&(0x7f0000000400)='l2tp\x00') openat$vmci(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vmci\x00', 0x2, 0x0) 15:24:41 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x0, 0x101b00) read$fb(r0, 0x0, 0x0) 15:24:41 executing program 2: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000e00)='/dev/sequencer2\x00', 0x0, 0x0) read$sequencer(r0, &(0x7f0000000e40)=""/4096, 0x1000) 15:24:41 executing program 1: syz_genetlink_get_family_id$l2tp(&(0x7f0000000400)='l2tp\x00') openat$vmci(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vmci\x00', 0x2, 0x0) 15:24:41 executing program 3: clock_gettime(0x4496fb7ff5582898, 0x0) 15:24:41 executing program 0: bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000480)=@bpf_lsm={0x2, 0x3, &(0x7f0000000000)=@framed={{0x2f, 0x0, 0x0, 0x0, 0x0, 0x5}}, &(0x7f0000000080)='syzkaller\x00', 0x3, 0xce, &(0x7f0000000300)=""/206, 0x0, 0x0, [], 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 15:24:41 executing program 1: socketpair(0xa, 0x2, 0x88, &(0x7f0000000440)) 15:24:41 executing program 0: r0 = socket(0x2, 0xa, 0x0) recvmsg(r0, &(0x7f0000001300)={0x0, 0x0, 0x0}, 0x2000) 15:24:41 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x7000000, 0xc, 0xc, 0x2, [@enum]}}, &(0x7f0000000480)=""/132, 0x26, 0x84, 0x1}, 0x20) 15:24:41 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$sock_SIOCINQ(r0, 0x8906, 0x0) [ 187.973544][T10055] syz-executor.0 uses obsolete (PF_INET,SOCK_PACKET) 15:24:41 executing program 1: socketpair(0x2, 0x3, 0x0, &(0x7f0000000040)) 15:24:41 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180)='batadv\x00') sendmsg$BATADV_CMD_GET_ORIGINATORS(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000015c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="410b00dd00000000000008000000080003003d92"], 0x1c}}, 0x0) 15:24:41 executing program 0: socketpair(0x0, 0x0, 0x0, &(0x7f0000000040)) r0 = syz_open_dev$binderN(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x6000, 0x4, 0x11, r0, 0x0) 15:24:41 executing program 2: r0 = socket(0x29, 0x2, 0x0) sendmsg$AUDIT_SIGNAL_INFO(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x10}, 0x10}}, 0x0) sendmsg$AUDIT_DEL_RULE(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x4044000) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) 15:24:41 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180)='batadv\x00') sendmsg$BATADV_CMD_GET_ORIGINATORS(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000015c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="410b00dd00000000000008000000080003003d92"], 0x1c}}, 0x0) [ 188.111274][T10072] modprobe (10072) used greatest stack depth: 22928 bytes left 15:24:41 executing program 2: add_key$user(0x0, 0x0, &(0x7f0000000080), 0x0, 0xfffffffffffffffa) add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000100)="c452", 0x2, 0xfffffffffffffffb) 15:24:41 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180)='batadv\x00') sendmsg$BATADV_CMD_GET_ORIGINATORS(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000015c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="410b00dd00000000000008000000080003003d92"], 0x1c}}, 0x0) 15:24:41 executing program 0: socketpair(0x0, 0x0, 0x0, &(0x7f0000000040)) r0 = syz_open_dev$binderN(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x6000, 0x4, 0x11, r0, 0x0) 15:24:41 executing program 1: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOGETCMAP(r0, 0x4601, &(0x7f0000000600)={0x14, 0xd, 0x0, 0x0, 0x0, 0x0}) 15:24:41 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00') sendmsg$TEAM_CMD_PORT_LIST_GET(r0, &(0x7f0000009080)={0x0, 0x0, &(0x7f0000009040)={&(0x7f0000000440)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01"], 0x60}}, 0x0) 15:24:41 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180)='batadv\x00') sendmsg$BATADV_CMD_GET_ORIGINATORS(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000015c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="410b00dd00000000000008000000080003003d92"], 0x1c}}, 0x0) 15:24:41 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180)='batadv\x00') sendmsg$BATADV_CMD_GET_ORIGINATORS(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r1, 0xb41, 0x0, 0x0, {0xd}}, 0x14}}, 0x0) 15:24:41 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ORIGINATORS(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000015c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="410b00dd00000000000008000000080003003d92"], 0x1c}}, 0x0) 15:24:41 executing program 2: r0 = socket(0xa, 0x3, 0x8) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000007180)={0x0, @llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, @xdp, @l2, 0x0, 0x0, 0x0, 0x1000000}) [ 188.254157][T10098] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.2'. [ 188.261511][T10105] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.2'. 15:24:41 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$sock_ifreq(r0, 0x8947, &(0x7f0000000540)={'vlan0\x00', @ifru_map}) 15:24:41 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ORIGINATORS(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000015c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="410b00dd00000000000008000000080003003d92"], 0x1c}}, 0x0) 15:24:41 executing program 1: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOGETCMAP(r0, 0x4601, &(0x7f0000000600)={0x14, 0xd, 0x0, 0x0, 0x0, 0x0}) 15:24:41 executing program 0: r0 = msgget(0x3, 0x0) msgctl$MSG_STAT_ANY(r0, 0xd, &(0x7f00000003c0)=""/71) 15:24:41 executing program 2: timer_create(0x2, 0x0, &(0x7f0000000180)) timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}}, 0x0) 15:24:41 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ORIGINATORS(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000015c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="410b00dd00000000000008000000080003003d92"], 0x1c}}, 0x0) [ 188.393567][T10126] ================================================================== [ 188.395007][T10126] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x117f/0x1290 [ 188.395086][T10126] Write of size 4 at addr ffffc9000b621000 by task syz-executor.1/10126 [ 188.395089][T10126] [ 188.395212][T10126] CPU: 1 PID: 10126 Comm: syz-executor.1 Not tainted 5.10.0-rc2-syzkaller #0 [ 188.395236][T10126] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 188.395255][T10126] Call Trace: [ 188.395344][T10126] dump_stack+0x107/0x163 [ 188.395355][T10126] ? sys_imageblit+0x117f/0x1290 [ 188.395363][T10126] ? sys_imageblit+0x117f/0x1290 [ 188.395379][T10126] print_address_description.constprop.0.cold+0x5/0x497 [ 188.395390][T10126] ? _raw_spin_lock_irqsave+0x4e/0x50 [ 188.395404][T10126] ? vprintk_func+0x95/0x1e0 [ 188.395416][T10126] ? sys_imageblit+0x117f/0x1290 [ 188.395423][T10126] ? sys_imageblit+0x117f/0x1290 [ 188.395431][T10126] kasan_report.cold+0x1f/0x37 [ 188.395442][T10126] ? sys_imageblit+0x117f/0x1290 [ 188.395453][T10126] sys_imageblit+0x117f/0x1290 [ 188.395474][T10126] drm_fb_helper_sys_imageblit+0x1c/0x180 [ 188.395483][T10126] bit_putcs+0x6e1/0xd20 [ 188.395502][T10126] ? bit_cursor+0x1720/0x1720 [ 188.395510][T10126] ? wait_for_completion+0x260/0x260 [ 188.395520][T10126] ? fb_get_color_depth+0xa1/0x240 [ 188.395531][T10126] ? fb_get_color_depth+0x11a/0x240 [ 188.395540][T10126] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 188.395550][T10126] ? bit_cursor+0x1720/0x1720 [ 188.395562][T10126] fbcon_putcs+0x35a/0x450 [ 188.395576][T10126] do_update_region+0x399/0x630 [ 188.395593][T10126] ? con_get_trans_old+0x2a0/0x2a0 [ 188.395601][T10126] ? fb_get_color_depth+0x11a/0x240 [ 188.395611][T10126] ? fbcon_set_palette+0x422/0x620 [ 188.395619][T10126] ? var_to_display+0x7f0/0x7f0 [ 188.395630][T10126] redraw_screen+0x658/0x790 [ 188.395640][T10126] ? vc_init+0x5a0/0x5a0 [ 188.395650][T10126] ? fbcon_set_palette+0x422/0x620 [ 188.395661][T10126] fbcon_modechanged+0x593/0x6d0 [ 188.395672][T10126] fbcon_update_vcs+0x3a/0x50 [ 188.395681][T10126] do_fb_ioctl+0x62e/0x690 [ 188.395690][T10126] ? fb_set_suspend+0x1a0/0x1a0 [ 188.395704][T10126] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 188.395749][T10126] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 188.395759][T10126] ? do_vfs_ioctl+0x27d/0x1090 [ 188.395783][T10126] ? __fget_files+0x294/0x400 [ 188.395816][T10126] fb_ioctl+0xe7/0x150 [ 188.395825][T10126] ? do_fb_ioctl+0x690/0x690 [ 188.395834][T10126] __x64_sys_ioctl+0x193/0x200 [ 188.395852][T10126] do_syscall_64+0x2d/0x70 [ 188.395864][T10126] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 188.395924][T10126] RIP: 0033:0x45da59 [ 188.395986][T10126] Code: bd b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 188.396006][T10126] RSP: 002b:00007ff5b0409c88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 188.396075][T10126] RAX: ffffffffffffffda RBX: 00000000007004e0 RCX: 000000000045da59 [ 188.396081][T10126] RDX: 0000000020000600 RSI: 0000000000004601 RDI: 0000000000000003 [ 188.396088][T10126] RBP: 00000000004aab8b R08: 0000000000000000 R09: 0000000000000000 [ 188.396126][T10126] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000075bf00 [ 188.396133][T10126] R13: 00007ffe7480444f R14: 00007ff5b03ea000 R15: 0000000000000003 [ 188.396151][T10126] [ 188.396154][T10126] [ 188.396158][T10126] Memory state around the buggy address: [ 188.396194][T10126] ffffc9000b620f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 188.396213][T10126] ffffc9000b620f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 188.396284][T10126] >ffffc9000b621000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 188.396289][T10126] ^ [ 188.396296][T10126] ffffc9000b621080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 188.396304][T10126] ffffc9000b621100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 188.396307][T10126] ================================================================== [ 188.396311][T10126] Disabling lock debugging due to kernel taint [ 188.397942][T10126] Kernel panic - not syncing: panic_on_warn set ... [ 188.397952][T10126] CPU: 1 PID: 10126 Comm: syz-executor.1 Tainted: G B 5.10.0-rc2-syzkaller #0 [ 188.397957][T10126] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 188.397960][T10126] Call Trace: [ 188.397973][T10126] dump_stack+0x107/0x163 [ 188.397984][T10126] ? sys_imageblit+0x10c0/0x1290 [ 188.397990][T10126] panic+0x306/0x73d [ 188.397998][T10126] ? __warn_printk+0xf3/0xf3 [ 188.398009][T10126] ? preempt_schedule_common+0x59/0xc0 [ 188.398016][T10126] ? sys_imageblit+0x117f/0x1290 [ 188.398026][T10126] ? preempt_schedule_thunk+0x16/0x18 [ 188.398034][T10126] ? trace_hardirqs_on+0x51/0x1c0 [ 188.398041][T10126] ? sys_imageblit+0x117f/0x1290 [ 188.398048][T10126] ? sys_imageblit+0x117f/0x1290 [ 188.398055][T10126] end_report+0x58/0x5e [ 188.398063][T10126] kasan_report.cold+0xd/0x37 [ 188.398070][T10126] ? sys_imageblit+0x117f/0x1290 [ 188.398077][T10126] sys_imageblit+0x117f/0x1290 [ 188.398088][T10126] drm_fb_helper_sys_imageblit+0x1c/0x180 [ 188.398095][T10126] bit_putcs+0x6e1/0xd20 [ 188.398104][T10126] ? bit_cursor+0x1720/0x1720 [ 188.398111][T10126] ? wait_for_completion+0x260/0x260 [ 188.398119][T10126] ? fb_get_color_depth+0xa1/0x240 [ 188.398126][T10126] ? fb_get_color_depth+0x11a/0x240 [ 188.398134][T10126] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 188.398142][T10126] ? bit_cursor+0x1720/0x1720 [ 188.398149][T10126] fbcon_putcs+0x35a/0x450 [ 188.398158][T10126] do_update_region+0x399/0x630 [ 188.398167][T10126] ? con_get_trans_old+0x2a0/0x2a0 [ 188.398174][T10126] ? fb_get_color_depth+0x11a/0x240 [ 188.398181][T10126] ? fbcon_set_palette+0x422/0x620 [ 188.398187][T10126] ? var_to_display+0x7f0/0x7f0 [ 188.398195][T10126] redraw_screen+0x658/0x790 [ 188.398202][T10126] ? vc_init+0x5a0/0x5a0 [ 188.398209][T10126] ? fbcon_set_palette+0x422/0x620 [ 188.398216][T10126] fbcon_modechanged+0x593/0x6d0 [ 188.398224][T10126] fbcon_update_vcs+0x3a/0x50 [ 188.398231][T10126] do_fb_ioctl+0x62e/0x690 [ 188.398238][T10126] ? fb_set_suspend+0x1a0/0x1a0 [ 188.398252][T10126] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 188.398263][T10126] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 188.398270][T10126] ? do_vfs_ioctl+0x27d/0x1090 [ 188.398280][T10126] ? __fget_files+0x294/0x400 [ 188.398288][T10126] fb_ioctl+0xe7/0x150 [ 188.398295][T10126] ? do_fb_ioctl+0x690/0x690 [ 188.398301][T10126] __x64_sys_ioctl+0x193/0x200 [ 188.398311][T10126] do_syscall_64+0x2d/0x70 [ 188.398319][T10126] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 188.398325][T10126] RIP: 0033:0x45da59 [ 188.398333][T10126] Code: bd b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 188.398337][T10126] RSP: 002b:00007ff5b0409c88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 188.398345][T10126] RAX: ffffffffffffffda RBX: 00000000007004e0 RCX: 000000000045da59 [ 188.398349][T10126] RDX: 0000000020000600 RSI: 0000000000004601 RDI: 0000000000000003 [ 188.398354][T10126] RBP: 00000000004aab8b R08: 0000000000000000 R09: 0000000000000000 [ 188.398359][T10126] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000075bf00 [ 188.398364][T10126] R13: 00007ffe7480444f R14: 00007ff5b03ea000 R15: 0000000000000003 [ 188.399119][T10126] Kernel Offset: disabled [ 188.399119][T10126] Rebooting in 86400 seconds.. VM DIAGNOSIS: 15:24:42 Registers: info registers vcpu 0 RAX=ae03000200000121 RBX=ffff88802ca19460 RCX=ffffffff8127b738 RDX=dffffc0000000000 RSI=0000000000000008 RDI=ffffffff8ceca9f8 RBP=0000000000000000 RSP=ffffc90002517ea8 R8 =0000000000000000 R9 =ffffffff8ceca9ff R10=fffffbfff19d953f R11=0000000000000000 R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff8127b770 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007ff0af0967a0 ffffffff 00c00000 GS =0000 ffff88802ca00000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000000b60004 CR3=0000000013e76000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ffff0000000000ff0000000000000000 XMM01=00007ffc55ed25003234343836373537 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=acffff7bacffff7bacffff7eb9002f2f XMM05=2a5d392d305b64746d7c2a5d392d305b XMM06=3d2b4e5552202c002a3030355d55755b XMM07=2d63707276633a3174633a554d45516e XMM08=ffffffffffffffffffffffffffffffff XMM09=00000020202020202020202020202000 XMM10=ffffffffffffffffffffffffffffffff XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000072 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff840e4191 RDI=ffffffff8faed8c0 RBP=ffffffff8faed880 RSP=ffffc90000e772f8 R8 =0000000000000000 R9 =ffffffff8cecc20f R10=0000000000000000 R11=0000000074697257 R12=0000000000000072 R13=0000000000000072 R14=ffffffff8faed880 R15=dffffc0000000000 RIP=ffffffff840e41e8 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007ff5b040a700 ffffffff 00c00000 GS =0000 ffff88802cb00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe000003e000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000003c000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b32621000 CR3=000000006b05f000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000a80000000000000003 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=00000000000000000000000000000000 XMM05=00000000000000a80000000000000003 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 2 RAX=ae03000200000121 RBX=ffff88802cc19460 RCX=ffffffff8127b738 RDX=dffffc0000000000 RSI=0000000000000008 RDI=ffffffff8ceca9f8 RBP=0000000000000002 RSP=ffffc90002527ea8 R8 =0000000000000000 R9 =ffffffff8ceca9ff R10=fffffbfff19d953f R11=0000000000000000 R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff8127b770 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007ff0af0967a0 ffffffff 00c00000 GS =0000 ffff88802cc00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe0000079000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000077000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ff0af09c000 CR3=00000000166a4000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffff0000000000ffffffffff00000000 XMM02=00000000000000000000000000000000 XMM03=000000ff0000000000000000ff000000 XMM04=acffff7bacffff7bacffff7eb9002f2f XMM05=2a5d392d305b64746d7c2a5d392d305b XMM06=3d2b4e5552202c002a3030355d55755b XMM07=2d63707276633a3174633a554d45516e XMM08=ffffffffffffffffffffffffffffffff XMM09=00000020202020202020202020202000 XMM10=ffffffffffffffffffffffffffffffff XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 3 RAX=ae03000200000121 RBX=ffff88802cd19460 RCX=ffffffff8127b738 RDX=dffffc0000000000 RSI=0000000000000008 RDI=ffffffff8ceca9f8 RBP=0000000000000003 RSP=ffffc90000598f68 R8 =0000000000000000 R9 =ffffffff8ceca9ff R10=fffffbfff19d953f R11=0000000000000000 R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff8127b770 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000001fcd940 ffffffff 00c00000 GS =0000 ffff88802cd00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe00000b4000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000b2000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000001695394 CR3=0000000063291000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000