n GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '[localhost]:37103' (ECDSA) to the list of known hosts. syzkaller login: [ 155.421742][ T40] audit: type=1400 audit(1595278856.060:42): avc: denied { map } for pid=9192 comm="syz-fuzzer" path="/syz-fuzzer" dev="sda1" ino=16526 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 2020/07/20 21:00:56 fuzzer started 2020/07/20 21:00:56 dialing manager at 10.0.2.10:36075 2020/07/20 21:00:56 syscalls: 3205 2020/07/20 21:00:56 code coverage: enabled 2020/07/20 21:00:56 comparison tracing: enabled 2020/07/20 21:00:56 extra coverage: enabled 2020/07/20 21:00:56 setuid sandbox: enabled 2020/07/20 21:00:56 namespace sandbox: enabled 2020/07/20 21:00:56 Android sandbox: /sys/fs/selinux/policy does not exist 2020/07/20 21:00:56 fault injection: enabled 2020/07/20 21:00:56 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/07/20 21:00:56 net packet injection: enabled 2020/07/20 21:00:56 net device setup: enabled 2020/07/20 21:00:56 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/07/20 21:00:56 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/07/20 21:00:56 USB emulation: enabled [ 156.191053][ T40] audit: type=1400 audit(1595278856.840:43): avc: denied { integrity } for pid=9211 comm="syz-executor" lockdown_reason="debugfs access" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=lockdown permissive=1 21:01:37 executing program 0: r0 = semget$private(0x0, 0x2, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) semop(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1) semctl$IPC_RMID(r0, 0x0, 0x0) [ 197.632540][ T40] audit: type=1400 audit(1595278898.270:44): avc: denied { map } for pid=9214 comm="syz-executor.0" path="/sys/kernel/debug/kcov" dev="debugfs" ino=79 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 21:01:38 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000140)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000400)={0x44, 0x0, &(0x7f0000000080)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 21:01:38 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0xfffffeff, 0x0, 0x4}) 21:01:38 executing program 3: r0 = socket$l2tp(0x2, 0x2, 0x73) recvfrom$inet(r0, 0x0, 0x0, 0x10040, 0x0, 0x0) [ 198.391217][ T9218] IPVS: ftp: loaded support on port[0] = 21 [ 198.391276][ T9215] IPVS: ftp: loaded support on port[0] = 21 [ 198.610380][ T9219] IPVS: ftp: loaded support on port[0] = 21 [ 198.776694][ T9221] IPVS: ftp: loaded support on port[0] = 21 [ 199.006338][ T9215] chnl_net:caif_netlink_parms(): no params data found [ 199.029239][ T9218] chnl_net:caif_netlink_parms(): no params data found [ 199.183662][ T9219] chnl_net:caif_netlink_parms(): no params data found [ 199.293335][ T9215] bridge0: port 1(bridge_slave_0) entered blocking state [ 199.310934][ T9215] bridge0: port 1(bridge_slave_0) entered disabled state [ 199.335490][ T9215] device bridge_slave_0 entered promiscuous mode [ 199.373622][ T9215] bridge0: port 2(bridge_slave_1) entered blocking state [ 199.390756][ T9215] bridge0: port 2(bridge_slave_1) entered disabled state [ 199.408958][ T9215] device bridge_slave_1 entered promiscuous mode [ 199.466695][ T9218] bridge0: port 1(bridge_slave_0) entered blocking state [ 199.484417][ T9218] bridge0: port 1(bridge_slave_0) entered disabled state [ 199.503266][ T9218] device bridge_slave_0 entered promiscuous mode [ 199.542716][ T9215] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 199.573868][ T9215] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 199.595050][ T9218] bridge0: port 2(bridge_slave_1) entered blocking state [ 199.611793][ T9218] bridge0: port 2(bridge_slave_1) entered disabled state [ 199.630032][ T9218] device bridge_slave_1 entered promiscuous mode [ 199.652967][ T9221] chnl_net:caif_netlink_parms(): no params data found [ 199.696218][ T9219] bridge0: port 1(bridge_slave_0) entered blocking state [ 199.710654][ T9219] bridge0: port 1(bridge_slave_0) entered disabled state [ 199.724486][ T9219] device bridge_slave_0 entered promiscuous mode [ 199.744864][ T9219] bridge0: port 2(bridge_slave_1) entered blocking state [ 199.762404][ T9219] bridge0: port 2(bridge_slave_1) entered disabled state [ 199.781177][ T9219] device bridge_slave_1 entered promiscuous mode [ 199.810943][ T9215] team0: Port device team_slave_0 added [ 199.843065][ T9218] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 199.871038][ T9218] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 199.906870][ T9215] team0: Port device team_slave_1 added [ 199.968130][ T9219] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 200.018704][ T9218] team0: Port device team_slave_0 added [ 200.042655][ T9215] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 200.061227][ T9215] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 200.112378][ T9215] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 200.139975][ T9219] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 200.169694][ T9218] team0: Port device team_slave_1 added [ 200.191432][ T9215] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 200.205728][ T9215] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 200.257779][ T9215] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 200.319567][ T9219] team0: Port device team_slave_0 added [ 200.334386][ T9219] team0: Port device team_slave_1 added [ 200.357880][ T9218] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 200.374848][ T9218] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 200.430303][ T9218] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 200.453897][ T9218] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 200.470441][ T9218] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 200.525563][ T9218] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 200.552048][ T9221] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.567502][ T9221] bridge0: port 1(bridge_slave_0) entered disabled state [ 200.582793][ T9221] device bridge_slave_0 entered promiscuous mode [ 200.602360][ T9221] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.616905][ T9221] bridge0: port 2(bridge_slave_1) entered disabled state [ 200.635522][ T9221] device bridge_slave_1 entered promiscuous mode [ 200.751303][ T9215] device hsr_slave_0 entered promiscuous mode [ 200.840205][ T9215] device hsr_slave_1 entered promiscuous mode [ 200.906453][ T9219] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 200.927067][ T9219] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 200.990419][ T9219] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 201.030926][ T9221] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 201.056016][ T9219] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 201.074563][ T9219] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 201.141103][ T9219] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 201.268038][ T9221] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 201.380061][ T9218] device hsr_slave_0 entered promiscuous mode [ 201.437712][ T9218] device hsr_slave_1 entered promiscuous mode [ 201.508128][ T9218] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 201.525264][ T9218] Cannot create hsr debugfs directory [ 201.574577][ T9221] team0: Port device team_slave_0 added [ 201.604358][ T9221] team0: Port device team_slave_1 added [ 201.680588][ T9219] device hsr_slave_0 entered promiscuous mode [ 201.737799][ T9219] device hsr_slave_1 entered promiscuous mode [ 201.797326][ T9219] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 201.810321][ T9219] Cannot create hsr debugfs directory [ 201.858782][ T9221] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 201.871224][ T9221] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 201.925109][ T9221] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 201.970020][ T9221] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 201.983119][ T9221] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 202.031424][ T9221] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 202.221467][ T9221] device hsr_slave_0 entered promiscuous mode [ 202.308469][ T9221] device hsr_slave_1 entered promiscuous mode [ 202.387564][ T9221] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 202.401547][ T9221] Cannot create hsr debugfs directory [ 202.524157][ T40] audit: type=1400 audit(1595278903.170:45): avc: denied { create } for pid=9218 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 202.537035][ T9218] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 202.574641][ T40] audit: type=1400 audit(1595278903.180:46): avc: denied { write } for pid=9218 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 202.631992][ T40] audit: type=1400 audit(1595278903.180:47): avc: denied { read } for pid=9218 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 202.688049][ T9218] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 202.762155][ T9218] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 202.814911][ T9218] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 202.898972][ T9215] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 203.008335][ T9215] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 203.082678][ T9215] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 203.154958][ T9215] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 203.332546][ T9219] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 203.431305][ T9219] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 203.555430][ T9219] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 203.641659][ T9219] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 203.711572][ T9221] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 203.760555][ T9221] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 203.844663][ T9221] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 203.932653][ T9221] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 204.207761][ T9218] 8021q: adding VLAN 0 to HW filter on device bond0 [ 204.242968][ T9215] 8021q: adding VLAN 0 to HW filter on device bond0 [ 204.289697][ T9242] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 204.304919][ T9242] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 204.319018][ T9242] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 204.337711][ T9242] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 204.358138][ T9218] 8021q: adding VLAN 0 to HW filter on device team0 [ 204.374317][ T9215] 8021q: adding VLAN 0 to HW filter on device team0 [ 204.393063][ T9242] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 204.409899][ T9242] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 204.422097][ T9242] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.435185][ T9242] bridge0: port 1(bridge_slave_0) entered forwarding state [ 204.447904][ T9238] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 204.475266][ T9219] 8021q: adding VLAN 0 to HW filter on device bond0 [ 204.520633][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 204.539060][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 204.553049][ T18] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.572067][ T18] bridge0: port 1(bridge_slave_0) entered forwarding state [ 204.601675][ T9221] 8021q: adding VLAN 0 to HW filter on device bond0 [ 204.612773][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 204.623991][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 204.635797][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 204.649236][ T9222] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.662111][ T9222] bridge0: port 2(bridge_slave_1) entered forwarding state [ 204.681184][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 204.710689][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 204.731472][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 204.746840][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.763657][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 204.791812][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 204.822430][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 204.838543][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 204.853213][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 204.868083][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 204.885387][ T9219] 8021q: adding VLAN 0 to HW filter on device team0 [ 204.903336][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 204.917826][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 204.942518][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 204.955294][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 204.966459][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 204.979713][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 205.000945][ T9221] 8021q: adding VLAN 0 to HW filter on device team0 [ 205.019931][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 205.040094][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 205.054886][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 205.073617][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 205.095638][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 205.114007][ T79] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.128029][ T79] bridge0: port 1(bridge_slave_0) entered forwarding state [ 205.150260][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 205.181056][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 205.208799][ T79] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.225274][ T79] bridge0: port 1(bridge_slave_0) entered forwarding state [ 205.244155][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 205.262198][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 205.296286][ T9242] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 205.318152][ T9242] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 205.356922][ T9242] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.385507][ T9242] bridge0: port 2(bridge_slave_1) entered forwarding state [ 205.412077][ T9242] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 205.436377][ T9242] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 205.468070][ T9242] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 205.496982][ T9242] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 205.520658][ T9242] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.544260][ T9242] bridge0: port 2(bridge_slave_1) entered forwarding state [ 205.625922][ T9242] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 205.659408][ T9242] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 205.679929][ T9242] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 205.696637][ T9242] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 205.711854][ T9242] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 205.734160][ T9242] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 205.751712][ T9242] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 205.789518][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 205.806676][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 205.825996][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 205.841069][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 205.860152][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 205.878775][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 205.893470][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 205.910028][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 205.932060][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 205.953774][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 205.994622][ T9215] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 206.033533][ T3059] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 206.061222][ T3059] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 206.083003][ T3059] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 206.107728][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 206.125508][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 206.144489][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 206.166256][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 206.184221][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 206.222109][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 206.241436][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 206.259109][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 206.277050][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 206.303465][ T9221] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 206.326318][ T9219] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 206.346426][ T9219] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 206.367642][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 206.382490][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 206.402366][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 206.424748][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 206.463911][ T9218] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 206.501921][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 206.520724][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 206.539566][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 206.558587][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 206.577556][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 206.596083][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 206.625665][ T9215] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 206.651544][ T9221] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 206.696185][ T3059] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 206.715370][ T3059] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 206.749213][ T9218] device veth0_vlan entered promiscuous mode [ 206.778573][ T9219] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 206.801131][ T3059] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 206.819784][ T3059] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 206.835587][ T3059] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 206.852992][ T3059] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 206.889473][ T9218] device veth1_vlan entered promiscuous mode [ 206.906546][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 206.935365][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 206.963309][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 206.985574][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 207.045380][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 207.075248][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 207.109629][ T9219] device veth0_vlan entered promiscuous mode [ 207.131719][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 207.155013][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 207.175077][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 207.193277][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 207.212634][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 207.228306][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 207.243244][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 207.263042][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 207.295098][ T2856] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 207.317631][ T2856] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 207.344344][ T2856] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 207.368938][ T2856] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 207.386345][ T9215] device veth0_vlan entered promiscuous mode [ 207.402055][ T9221] device veth0_vlan entered promiscuous mode [ 207.425430][ T9219] device veth1_vlan entered promiscuous mode [ 207.440615][ T9238] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 207.458696][ T9238] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 207.474776][ T9238] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 207.493156][ T9218] device veth0_macvtap entered promiscuous mode [ 207.516617][ T9218] device veth1_macvtap entered promiscuous mode [ 207.542388][ T9221] device veth1_vlan entered promiscuous mode [ 207.560224][ T9215] device veth1_vlan entered promiscuous mode [ 207.640624][ T9218] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 207.664934][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 207.684536][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 207.705195][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 207.731101][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 207.751779][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 207.769830][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 207.789692][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 207.812828][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 207.835907][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 207.857188][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 207.878309][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 207.911514][ T9219] device veth0_macvtap entered promiscuous mode [ 207.946945][ T9218] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 207.976752][ T9215] device veth0_macvtap entered promiscuous mode [ 207.998253][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 208.019195][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 208.041032][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 208.067781][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 208.090330][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 208.115961][ T79] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 208.144829][ T9219] device veth1_macvtap entered promiscuous mode [ 208.170766][ T3059] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 208.191682][ T9221] device veth0_macvtap entered promiscuous mode [ 208.209633][ T9215] device veth1_macvtap entered promiscuous mode [ 208.244316][ T9221] device veth1_macvtap entered promiscuous mode [ 208.260545][ T9219] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 208.285433][ T9219] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 208.312949][ T9219] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 208.335107][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 208.346303][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 208.357485][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 208.369738][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 208.382845][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 208.403387][ T9219] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 208.419735][ T9219] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 208.437904][ T9219] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 208.559226][ T9215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 208.579930][ T9215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 208.599990][ T9215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 208.621105][ T9215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 208.643105][ T9215] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 208.656764][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 208.671396][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 208.687152][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 208.701627][ T9222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 208.810447][ T9221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 208.834833][ T9221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 208.852718][ T9221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 208.869528][ T9221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 208.885542][ T9221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 208.909277][ T9221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 208.927990][ T9221] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 209.041745][ T3059] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 209.058883][ T3059] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 209.078869][ T9215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 209.105255][ T9215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 209.124874][ T9215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 209.142763][ T9215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 209.162850][ T9215] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 209.223821][ T40] audit: type=1400 audit(1595278909.870:48): avc: denied { associate } for pid=9218 comm="syz-executor.1" name="syz1" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 209.288883][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 209.303137][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 209.321336][ T9221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 209.341291][ T9221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 209.358552][ T9221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 209.383782][ T9221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 209.423778][ T9221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 209.453157][ T9221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 209.474974][ T9221] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 209.494814][ T9243] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 209.511598][ T9243] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 209.542624][ T9218] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 209.912593][ T9249] ================================================================== [ 209.915427][ T9249] BUG: KASAN: vmalloc-out-of-bounds in bitfill_aligned+0x34a/0x400 [ 209.915514][ T9249] Write of size 8 at addr ffffc900095f1000 by task syz-executor.2/9249 [ 209.915517][ T9249] [ 209.917037][ T9249] CPU: 3 PID: 9249 Comm: syz-executor.2 Not tainted 5.8.0-rc6-syzkaller #0 [ 209.917335][ T9249] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 209.917473][ T9249] Call Trace: [ 209.917473][ T9249] dump_stack+0x18f/0x20d [ 209.917473][ T9249] ? bitfill_aligned+0x34a/0x400 [ 209.917473][ T9249] ? bitfill_aligned+0x34a/0x400 [ 209.917473][ T9249] print_address_description.constprop.0.cold+0x5/0x436 [ 209.917473][ T9249] ? lockdep_hardirqs_off+0x66/0xa0 [ 209.917473][ T9249] ? vprintk_func+0x97/0x1a6 [ 209.917473][ T9249] ? bitfill_aligned+0x34a/0x400 [ 209.917473][ T9249] kasan_report.cold+0x1f/0x37 [ 209.917473][ T9249] ? bitfill_aligned+0x34a/0x400 [ 209.917473][ T9249] bitfill_aligned+0x34a/0x400 [ 209.917473][ T9249] sys_fillrect+0x408/0x7a0 [ 209.917473][ T9249] ? sys_fillrect+0x7a0/0x7a0 [ 209.917473][ T9249] drm_fb_helper_sys_fillrect+0x1e/0x190 [ 209.917473][ T9249] bit_clear_margins+0x2d5/0x4a0 [ 209.917473][ T9249] ? bit_bmove+0x210/0x210 [ 209.917473][ T9249] ? fb_get_color_depth+0x11a/0x240 [ 209.917473][ T9249] fbcon_clear_margins+0x1d5/0x230 [ 209.917473][ T9249] fbcon_switch+0xb6e/0x16c0 [ 209.917473][ T9249] ? fbcon_scroll+0x3600/0x3600 [ 209.917473][ T9249] ? fbcon_cursor+0x52b/0x650 [ 209.917473][ T9249] ? kmalloc_array.constprop.0+0x20/0x20 [ 209.917473][ T9249] ? is_console_locked+0x5/0x10 [ 209.917473][ T9249] ? fbcon_set_origin+0x26/0x50 [ 209.917473][ T9249] redraw_screen+0x2ae/0x770 [ 209.917473][ T9249] ? vc_init+0x440/0x440 [ 209.917473][ T9249] ? fb_get_color_depth+0x11a/0x240 [ 209.917473][ T9249] ? fbcon_set_palette+0x3a8/0x490 [ 209.917473][ T9249] fbcon_modechanged+0x575/0x710 [ 209.917473][ T9249] fbcon_update_vcs+0x3a/0x50 [ 209.917473][ T9249] fb_set_var+0xae8/0xd60 [ 209.917473][ T9249] ? fb_blank+0x190/0x190 [ 209.917473][ T9249] ? sched_clock_local+0xd8/0x150 [ 209.917473][ T9249] do_fb_ioctl+0x33f/0x6c0 [ 209.917473][ T9249] ? fb_set_suspend+0x1a0/0x1a0 [ 209.917473][ T9249] ? tomoyo_execute_permission+0x470/0x470 [ 209.917473][ T9249] ? lock_is_held_type+0xb0/0xe0 [ 209.917473][ T9249] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 209.917473][ T9249] ? do_vfs_ioctl+0x27d/0x1090 [ 209.917473][ T9249] ? __fget_files+0x294/0x400 [ 209.917473][ T9249] fb_ioctl+0xdd/0x130 [ 209.917473][ T9249] ? do_fb_ioctl+0x6c0/0x6c0 [ 209.917473][ T9249] ksys_ioctl+0x11a/0x180 [ 209.917473][ T9249] __x64_sys_ioctl+0x6f/0xb0 [ 209.917473][ T9249] ? lockdep_hardirqs_on+0x6a/0xe0 [ 209.917473][ T9249] do_syscall_64+0x60/0xe0 [ 209.917473][ T9249] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 209.917473][ T9249] RIP: 0033:0x45c049 [ 209.917473][ T9249] Code: Bad RIP value. [ 209.917473][ T9249] RSP: 002b:00007f1a3a496c88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 209.917473][ T9249] RAX: ffffffffffffffda RBX: 00000000006fb3c0 RCX: 000000000045c049 [ 209.917473][ T9249] RDX: 00000000200001c0 RSI: 0000000000004601 RDI: 0000000000000003 [ 209.917473][ T9249] RBP: 00000000004a906e R08: 0000000000000000 R09: 0000000000000000 [ 209.917473][ T9249] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000074bf00 [ 209.917473][ T9249] R13: 00007ffd68d3fd9f R14: 00007f1a3a477000 R15: 0000000000000003 [ 209.917473][ T9249] [ 209.917473][ T9249] [ 209.917473][ T9249] Memory state around the buggy address: [ 209.917473][ T9249] ffffc900095f0f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 209.917473][ T9249] ffffc900095f0f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 209.917473][ T9249] >ffffc900095f1000: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 209.917473][ T9249] ^ [ 209.917473][ T9249] ffffc900095f1080: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 209.917473][ T9249] ffffc900095f1100: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 209.917473][ T9249] ================================================================== [ 209.917473][ T9249] Disabling lock debugging due to kernel taint [ 209.992949][ T9249] Kernel panic - not syncing: panic_on_warn set ... [ 209.993140][ T9249] CPU: 3 PID: 9249 Comm: syz-executor.2 Tainted: G B 5.8.0-rc6-syzkaller #0 [ 209.993146][ T9249] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 209.993178][ T9249] Call Trace: [ 209.993571][ T9249] dump_stack+0x18f/0x20d [ 209.993618][ T9249] ? bitfill_aligned+0x310/0x400 [ 209.993689][ T9249] panic+0x2e3/0x75c [ 209.993699][ T9249] ? __warn_printk+0xf3/0xf3 [ 209.993711][ T9249] ? preempt_schedule_common+0x59/0xc0 [ 209.993720][ T9249] ? bitfill_aligned+0x34a/0x400 [ 209.993927][ T9249] ? preempt_schedule_thunk+0x16/0x18 [ 209.993966][ T9249] ? trace_hardirqs_on+0x55/0x220 [ 209.993975][ T9249] ? bitfill_aligned+0x34a/0x400 [ 209.993983][ T9249] ? bitfill_aligned+0x34a/0x400 [ 209.993991][ T9249] end_report+0x4d/0x53 [ 209.993999][ T9249] kasan_report.cold+0xd/0x37 [ 209.994009][ T9249] ? bitfill_aligned+0x34a/0x400 [ 209.994018][ T9249] bitfill_aligned+0x34a/0x400 [ 209.994057][ T9249] sys_fillrect+0x408/0x7a0 [ 209.994066][ T9249] ? sys_fillrect+0x7a0/0x7a0 [ 209.994079][ T9249] drm_fb_helper_sys_fillrect+0x1e/0x190 [ 209.994138][ T9249] bit_clear_margins+0x2d5/0x4a0 [ 209.994147][ T9249] ? bit_bmove+0x210/0x210 [ 209.994158][ T9249] ? fb_get_color_depth+0x11a/0x240 [ 209.994166][ T9249] fbcon_clear_margins+0x1d5/0x230 [ 209.994175][ T9249] fbcon_switch+0xb6e/0x16c0 [ 209.994185][ T9249] ? fbcon_scroll+0x3600/0x3600 [ 209.994197][ T9249] ? fbcon_cursor+0x52b/0x650 [ 209.994205][ T9249] ? kmalloc_array.constprop.0+0x20/0x20 [ 209.994215][ T9249] ? is_console_locked+0x5/0x10 [ 209.994222][ T9249] ? fbcon_set_origin+0x26/0x50 [ 209.994232][ T9249] redraw_screen+0x2ae/0x770 [ 209.994294][ T9249] ? vc_init+0x440/0x440 [ 209.994303][ T9249] ? fb_get_color_depth+0x11a/0x240 [ 209.994312][ T9249] ? fbcon_set_palette+0x3a8/0x490 [ 209.994321][ T9249] fbcon_modechanged+0x575/0x710 [ 209.994330][ T9249] fbcon_update_vcs+0x3a/0x50 [ 209.994339][ T9249] fb_set_var+0xae8/0xd60 [ 209.994373][ T9249] ? fb_blank+0x190/0x190 [ 209.994385][ T9249] ? sched_clock_local+0xd8/0x150 [ 209.994402][ T9249] do_fb_ioctl+0x33f/0x6c0 [ 209.994411][ T9249] ? fb_set_suspend+0x1a0/0x1a0 [ 209.994422][ T9249] ? tomoyo_execute_permission+0x470/0x470 [ 209.994432][ T9249] ? lock_is_held_type+0xb0/0xe0 [ 209.994445][ T9249] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 209.994453][ T9249] ? do_vfs_ioctl+0x27d/0x1090 [ 209.994464][ T9249] ? __fget_files+0x294/0x400 [ 209.994473][ T9249] fb_ioctl+0xdd/0x130 [ 209.994482][ T9249] ? do_fb_ioctl+0x6c0/0x6c0 [ 209.994492][ T9249] ksys_ioctl+0x11a/0x180 [ 209.994504][ T9249] __x64_sys_ioctl+0x6f/0xb0 [ 209.994512][ T9249] ? lockdep_hardirqs_on+0x6a/0xe0 [ 209.994520][ T9249] do_syscall_64+0x60/0xe0 [ 209.994529][ T9249] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 209.994579][ T9249] RIP: 0033:0x45c049 [ 209.994598][ T9249] Code: Bad RIP value. [ 209.994603][ T9249] RSP: 002b:00007f1a3a496c88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 209.994622][ T9249] RAX: ffffffffffffffda RBX: 00000000006fb3c0 RCX: 000000000045c049 [ 209.994627][ T9249] RDX: 00000000200001c0 RSI: 0000000000004601 RDI: 0000000000000003 [ 209.994631][ T9249] RBP: 00000000004a906e R08: 0000000000000000 R09: 0000000000000000 [ 209.994636][ T9249] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000074bf00 [ 209.994641][ T9249] R13: 00007ffd68d3fd9f R14: 00007f1a3a477000 R15: 0000000000000003 [ 209.997488][ T9249] Kernel Offset: disabled [ 209.997488][ T9249] Rebooting in 86400 seconds..