[ 115.606627][ T46] audit: type=1400 audit(1604925583.945:41): avc: denied { map } for pid=9844 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '[localhost]:53870' (ECDSA) to the list of known hosts. [ 119.714907][ T46] audit: type=1400 audit(1604925588.055:42): avc: denied { map } for pid=9858 comm="syz-fuzzer" path="/syz-fuzzer" dev="sda1" ino=16526 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 2020/11/09 12:39:48 fuzzer started 2020/11/09 12:39:48 connecting to host at 10.0.2.10:45349 2020/11/09 12:39:48 checking machine... 2020/11/09 12:39:48 checking revisions... [ 120.095630][ T46] audit: type=1400 audit(1604925588.435:43): avc: denied { integrity } for pid=9858 comm="syz-fuzzer" lockdown_reason="debugfs access" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=lockdown permissive=1 2020/11/09 12:39:48 testing simple program... [ 120.156750][ T46] audit: type=1400 audit(1604925588.435:44): avc: denied { map } for pid=9858 comm="syz-fuzzer" path="/sys/kernel/debug/kcov" dev="debugfs" ino=2055 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 [ 121.731581][ T9878] IPVS: ftp: loaded support on port[0] = 21 [ 121.845473][ T9878] chnl_net:caif_netlink_parms(): no params data found [ 121.906197][ T9878] bridge0: port 1(bridge_slave_0) entered blocking state [ 121.921753][ T9878] bridge0: port 1(bridge_slave_0) entered disabled state [ 121.939045][ T9878] device bridge_slave_0 entered promiscuous mode [ 121.957736][ T9878] bridge0: port 2(bridge_slave_1) entered blocking state [ 121.973537][ T9878] bridge0: port 2(bridge_slave_1) entered disabled state [ 121.989094][ T9878] device bridge_slave_1 entered promiscuous mode [ 122.015679][ T9878] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 122.038968][ T9878] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 122.073278][ T9878] team0: Port device team_slave_0 added [ 122.088638][ T9878] team0: Port device team_slave_1 added [ 122.114166][ T9878] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 122.130512][ T9878] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 122.187827][ T9878] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 122.212662][ T9878] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 122.228166][ T9878] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 122.288650][ T9878] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 122.331436][ T9878] device hsr_slave_0 entered promiscuous mode [ 122.345871][ T9878] device hsr_slave_1 entered promiscuous mode [ 122.469022][ T46] audit: type=1400 audit(1604925590.815:45): avc: denied { create } for pid=9878 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 122.470941][ T9878] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 122.524648][ T46] audit: type=1400 audit(1604925590.815:46): avc: denied { write } for pid=9878 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 122.524674][ T46] audit: type=1400 audit(1604925590.815:47): avc: denied { read } for pid=9878 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 122.647572][ T9878] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 122.755752][ T9878] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 122.779494][ T9878] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 122.822636][ T9878] bridge0: port 2(bridge_slave_1) entered blocking state [ 122.837449][ T9878] bridge0: port 2(bridge_slave_1) entered forwarding state [ 122.853701][ T9878] bridge0: port 1(bridge_slave_0) entered blocking state [ 122.868859][ T9878] bridge0: port 1(bridge_slave_0) entered forwarding state [ 122.903191][ T3069] bridge0: port 1(bridge_slave_0) entered disabled state [ 122.923767][ T3069] bridge0: port 2(bridge_slave_1) entered disabled state [ 122.991610][ T9878] 8021q: adding VLAN 0 to HW filter on device bond0 [ 123.014150][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 123.030640][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 123.049572][ T9878] 8021q: adding VLAN 0 to HW filter on device team0 executing program [ 123.069174][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 123.087584][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 123.106856][ T18] bridge0: port 1(bridge_slave_0) entered blocking state [ 123.122165][ T18] bridge0: port 1(bridge_slave_0) entered forwarding state [ 123.142914][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 123.159348][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 123.177917][ T3334] bridge0: port 2(bridge_slave_1) entered blocking state [ 123.192075][ T3334] bridge0: port 2(bridge_slave_1) entered forwarding state [ 123.227529][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 123.250777][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 123.270792][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 123.295181][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 123.323778][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 123.352328][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 123.378048][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 123.403202][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 123.424992][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 123.452873][ T9878] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 123.479410][ T9878] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 123.534435][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 123.589653][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 123.638936][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 123.650794][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 123.678656][ T9878] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 123.706280][ T18] Bluetooth: hci0: command 0x0409 tx timeout [ 123.720093][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 123.734393][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 123.763435][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 123.774540][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 123.791813][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 123.802301][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 123.818426][ T9878] device veth0_vlan entered promiscuous mode [ 123.834673][ T9878] device veth1_vlan entered promiscuous mode [ 123.866137][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 123.878872][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 123.892583][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 123.906626][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 123.926184][ T9878] device veth0_macvtap entered promiscuous mode [ 123.943334][ T9878] device veth1_macvtap entered promiscuous mode [ 123.964789][ T9878] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 123.975967][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 123.988642][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 124.004340][ T9878] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 124.013290][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 124.024079][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 124.039744][ T9878] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.057568][ T9878] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.074767][ T9878] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.094900][ T9878] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.213946][ T9887] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.224422][ T9887] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.253731][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 124.272867][ T2956] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.289956][ T2956] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.306267][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 124.324195][ T46] audit: type=1400 audit(1604925592.665:48): avc: denied { associate } for pid=9878 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 124.384265][ T2956] BUG: sleeping function called from invalid context at net/mac80211/sta_info.c:1962 [ 124.407999][ T2956] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 2956, name: kworker/u16:1 [ 124.433846][ T2956] 4 locks held by kworker/u16:1/2956: [ 124.446213][ T2956] #0: ffff888012207138 ((wq_completion)phy3){+.+.}-{0:0}, at: process_one_work+0x821/0x15a0 [ 124.471191][ T2956] #1: ffffc9000a28fda8 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x15a0 [ 124.491741][ T2956] #2: ffff8880233a8d00 (&wdev->mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0x93/0xe80 [ 124.529281][ T2956] #3: ffffffff8b337060 (rcu_read_lock){....}-{1:2}, at: sta_info_insert_rcu+0x680/0x2ba0 [ 124.564921][ T2956] Preemption disabled at: [ 124.564982][ T2956] [] __mutex_lock+0x10f/0x10e0 [ 124.609753][ T2956] CPU: 2 PID: 2956 Comm: kworker/u16:1 Not tainted 5.10.0-rc3-syzkaller #0 [ 124.619676][ T2956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 124.619676][ T2956] Workqueue: phy3 ieee80211_iface_work [ 124.619676][ T2956] Call Trace: [ 124.619676][ T2956] dump_stack+0x107/0x163 [ 124.619676][ T2956] ? __mutex_lock+0x10f/0x10e0 [ 124.619676][ T2956] ___might_sleep.cold+0x1e8/0x22e [ 124.619676][ T2956] sta_info_move_state+0x32/0x8d0 [ 124.619676][ T2956] sta_info_free+0x65/0x3b0 [ 124.619676][ T2956] sta_info_insert_rcu+0x303/0x2ba0 [ 124.619676][ T2956] ? find_held_lock+0x2d/0x110 [ 124.619676][ T2956] ? rate_control_rate_init+0x32c/0x6a0 [ 124.619676][ T2956] ? sta_info_free+0x3b0/0x3b0 [ 124.619676][ T2956] ? __local_bh_enable_ip+0x9c/0x110 [ 124.619676][ T2956] ? rate_control_rate_init+0x35f/0x6a0 [ 124.619676][ T2956] ieee80211_ibss_finish_sta+0x212/0x390 [ 124.619676][ T2956] ? ieee80211_ibss_build_presp+0x15f0/0x15f0 [ 124.619676][ T2956] ? __local_bh_enable_ip+0x9c/0x110 [ 124.619676][ T2956] ieee80211_ibss_work+0x2c7/0xe80 [ 124.619676][ T2956] ? ieee80211_ibss_rx_queued_mgmt+0x1870/0x1870 [ 124.619676][ T2956] ? mark_held_locks+0x9f/0xe0 [ 124.619676][ T2956] ? _raw_spin_unlock_irqrestore+0x42/0x50 [ 124.619676][ T2956] ? lockdep_hardirqs_on+0x79/0x100 [ 124.619676][ T2956] ? _raw_spin_unlock_irqrestore+0x2f/0x50 [ 124.619676][ T2956] ieee80211_iface_work+0x82e/0x970 [ 124.619676][ T2956] process_one_work+0x933/0x15a0 [ 124.619676][ T2956] ? lock_release+0x710/0x710 [ 124.619676][ T2956] ? pwq_dec_nr_in_flight+0x320/0x320 [ 124.619676][ T2956] ? rwlock_bug.part.0+0x90/0x90 [ 124.619676][ T2956] ? _raw_spin_lock_irq+0x41/0x50 [ 124.619676][ T2956] worker_thread+0x64c/0x1120 [ 124.619676][ T2956] ? process_one_work+0x15a0/0x15a0 [ 124.619676][ T2956] kthread+0x3af/0x4a0 [ 124.619676][ T2956] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 124.619676][ T2956] ret_from_fork+0x1f/0x30 [ 125.300742][ T2956] [ 125.306856][ T2956] ============================= [ 125.307445][ T2956] [ BUG: Invalid wait context ] [ 125.307445][ T2956] 5.10.0-rc3-syzkaller #0 Tainted: G W [ 125.307445][ T2956] ----------------------------- [ 125.307445][ T2956] kworker/u16:1/2956 is trying to lock: [ 125.307445][ T2956] ffff8880233429d0 (&local->chanctx_mtx){+.+.}-{3:3}, at: ieee80211_recalc_min_chandef+0x49/0x140 [ 125.307445][ T2956] other info that might help us debug this: [ 125.307445][ T2956] context-{4:4} [ 125.307445][ T2956] 4 locks held by kworker/u16:1/2956: [ 125.307445][ T2956] #0: ffff888012207138 ((wq_completion)phy3){+.+.}-{0:0}, at: process_one_work+0x821/0x15a0 [ 125.307445][ T2956] #1: ffffc9000a28fda8 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x15a0 [ 125.307445][ T2956] #2: ffff8880233a8d00 (&wdev->mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0x93/0xe80 [ 125.307445][ T2956] #3: ffffffff8b337060 (rcu_read_lock){....}-{1:2}, at: sta_info_insert_rcu+0x680/0x2ba0 [ 125.307445][ T2956] stack backtrace: [ 125.307445][ T2956] CPU: 2 PID: 2956 Comm: kworker/u16:1 Tainted: G W 5.10.0-rc3-syzkaller #0 [ 125.307445][ T2956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 125.307445][ T2956] Workqueue: phy3 ieee80211_iface_work [ 125.307445][ T2956] Call Trace: [ 125.307445][ T2956] dump_stack+0x107/0x163 [ 125.307445][ T2956] __lock_acquire.cold+0x310/0x3a2 [ 125.307445][ T2956] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 125.307445][ T2956] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 125.307445][ T2956] lock_acquire+0x2a3/0x8c0 [ 125.307445][ T2956] ? ieee80211_recalc_min_chandef+0x49/0x140 [ 125.307445][ T2956] ? lock_release+0x710/0x710 [ 125.307445][ T2956] __mutex_lock+0x134/0x10e0 [ 125.307445][ T2956] ? ieee80211_recalc_min_chandef+0x49/0x140 [ 125.307445][ T2956] ? ieee80211_recalc_min_chandef+0x49/0x140 [ 125.307445][ T2956] ? mutex_lock_io_nested+0xf60/0xf60 [ 125.307445][ T2956] ? ieee80211_clear_fast_rx+0x58/0x80 [ 125.307445][ T2956] ? mark_held_locks+0x9f/0xe0 [ 125.307445][ T2956] ieee80211_recalc_min_chandef+0x49/0x140 [ 125.762369][ T2956] sta_info_move_state+0x3cf/0x8d0 [ 125.762369][ T2956] sta_info_free+0x65/0x3b0 [ 125.762369][ T2956] sta_info_insert_rcu+0x303/0x2ba0 [ 125.762369][ T2956] ? find_held_lock+0x2d/0x110 [ 125.762369][ T2956] ? rate_control_rate_init+0x32c/0x6a0 [ 125.762369][ T2956] ? sta_info_free+0x3b0/0x3b0 [ 125.762369][ T2956] ? __local_bh_enable_ip+0x9c/0x110 [ 125.762369][ T2956] ? rate_control_rate_init+0x35f/0x6a0 [ 125.762369][ T2956] ieee80211_ibss_finish_sta+0x212/0x390 [ 125.762369][ T2956] ? ieee80211_ibss_build_presp+0x15f0/0x15f0 [ 125.762369][ T2956] ? __local_bh_enable_ip+0x9c/0x110 [ 125.762369][ T2956] ieee80211_ibss_work+0x2c7/0xe80 [ 125.762369][ T2956] ? ieee80211_ibss_rx_queued_mgmt+0x1870/0x1870 [ 125.762369][ T2956] ? mark_held_locks+0x9f/0xe0 [ 125.762369][ T2956] ? _raw_spin_unlock_irqrestore+0x42/0x50 [ 125.762369][ T2956] ? lockdep_hardirqs_on+0x79/0x100 [ 125.762369][ T2956] ? _raw_spin_unlock_irqrestore+0x2f/0x50 [ 125.762369][ T2956] ieee80211_iface_work+0x82e/0x970 [ 125.762369][ T2956] process_one_work+0x933/0x15a0 [ 125.762369][ T2956] ? lock_release+0x710/0x710 [ 125.762369][ T2956] ? pwq_dec_nr_in_flight+0x320/0x320 [ 125.762369][ T2956] ? rwlock_bug.part.0+0x90/0x90 [ 125.762369][ T2956] ? _raw_spin_lock_irq+0x41/0x50 [ 125.762369][ T2956] worker_thread+0x64c/0x1120 [ 125.762369][ T2956] ? process_one_work+0x15a0/0x15a0 executing program [ 125.762369][ T2956] kthread+0x3af/0x4a0 [ 126.068368][ T2956] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 126.068368][ T2956] ret_from_fork+0x1f/0x30 [ 126.098391][ T9890] Bluetooth: hci0: command 0x041b tx timeout [ 126.103987][ T2956] BUG: sleeping function called from invalid context at net/mac80211/sta_info.c:1962 [ 126.152610][ T2956] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 2956, name: kworker/u16:1 [ 126.178961][ T2956] INFO: lockdep is turned off. [ 126.191162][ T2956] Preemption disabled at: [ 126.191180][ T2956] [] preempt_schedule_thunk+0x16/0x18 [ 126.211057][ T2956] CPU: 0 PID: 2956 Comm: kworker/u16:1 Tainted: G W 5.10.0-rc3-syzkaller #0 [ 126.220234][ T2956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 126.220234][ T2956] Workqueue: phy3 ieee80211_iface_work [ 126.220234][ T2956] Call Trace: [ 126.220234][ T2956] dump_stack+0x107/0x163 [ 126.220234][ T2956] ? preempt_schedule_thunk+0x16/0x18 [ 126.220234][ T2956] ___might_sleep.cold+0x1e8/0x22e [ 126.220234][ T2956] sta_info_move_state+0x32/0x8d0 [ 126.220234][ T2956] sta_info_free+0x65/0x3b0 [ 126.220234][ T2956] sta_info_insert_rcu+0x303/0x2ba0 [ 126.220234][ T2956] ? find_held_lock+0x2d/0x110 [ 126.220234][ T2956] ? rate_control_rate_init+0x32c/0x6a0 [ 126.220234][ T2956] ? sta_info_free+0x3b0/0x3b0 [ 126.220234][ T2956] ? __local_bh_enable_ip+0x9c/0x110 [ 126.220234][ T2956] ? rate_control_rate_init+0x35f/0x6a0 [ 126.220234][ T2956] ieee80211_ibss_finish_sta+0x212/0x390 [ 126.220234][ T2956] ? ieee80211_ibss_build_presp+0x15f0/0x15f0 [ 126.220234][ T2956] ? __local_bh_enable_ip+0x9c/0x110 [ 126.220234][ T2956] ieee80211_ibss_work+0x2c7/0xe80 [ 126.220234][ T2956] ? ieee80211_ibss_rx_queued_mgmt+0x1870/0x1870 [ 126.220234][ T2956] ? mark_held_locks+0x9f/0xe0 [ 126.220234][ T2956] ? _raw_spin_unlock_irqrestore+0x42/0x50 [ 126.220234][ T2956] ? lockdep_hardirqs_on+0x79/0x100 [ 126.220234][ T2956] ? _raw_spin_unlock_irqrestore+0x2f/0x50 [ 126.220234][ T2956] ieee80211_iface_work+0x82e/0x970 [ 126.220234][ T2956] process_one_work+0x933/0x15a0 [ 126.220234][ T2956] ? lock_release+0x710/0x710 [ 126.220234][ T2956] ? pwq_dec_nr_in_flight+0x320/0x320 [ 126.220234][ T2956] ? rwlock_bug.part.0+0x90/0x90 [ 126.220234][ T2956] ? _raw_spin_lock_irq+0x41/0x50 [ 126.220234][ T2956] worker_thread+0x64c/0x1120 [ 126.220234][ T2956] ? process_one_work+0x15a0/0x15a0 [ 126.220234][ T2956] kthread+0x3af/0x4a0 [ 126.220234][ T2956] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 126.220234][ T2956] ret_from_fork+0x1f/0x30 [ 126.674785][ T9878] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation 2020/11/09 12:39:55 building call list... [ 126.883191][ T2956] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.033115][ T2956] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.158382][ T2956] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.236729][ T2956] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.278733][ T2956] device hsr_slave_0 left promiscuous mode [ 128.291419][ T2956] device hsr_slave_1 left promiscuous mode [ 128.307989][ T2956] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 128.324915][ T2956] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 128.338618][ T2956] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 128.351996][ T2956] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 128.368490][ T2956] device bridge_slave_1 left promiscuous mode [ 128.378970][ T2956] bridge0: port 2(bridge_slave_1) entered disabled state [ 128.409789][ T2956] device bridge_slave_0 left promiscuous mode [ 128.422635][ T2956] bridge0: port 1(bridge_slave_0) entered disabled state [ 128.440752][ T2956] device veth1_macvtap left promiscuous mode [ 128.451216][ T2956] device veth0_macvtap left promiscuous mode [ 128.461278][ T2956] device veth1_vlan left promiscuous mode [ 128.470938][ T2956] device veth0_vlan left promiscuous mode [ 128.779748][ T2956] team0 (unregistering): Port device team_slave_1 removed [ 128.799243][ T2956] team0 (unregistering): Port device team_slave_0 removed [ 128.814284][ T2956] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 128.835752][ T2956] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 128.880294][ T2956] bond0 (unregistering): Released all slaves [ 128.984432][ T9861] can: request_module (can-proto-0) failed. executing program [ 129.543347][ T9861] can: request_module (can-proto-0) failed. [ 129.566036][ T9861] can: request_module (can-proto-0) failed. [ 129.816545][ T9861] base_sock_release(00000000f354a72f) sk=0000000086351da3 [ 129.856921][ T46] audit: type=1400 audit(1604925598.195:49): avc: denied { create } for pid=9858 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 [ 129.900446][ T46] audit: type=1400 audit(1604925598.205:50): avc: denied { create } for pid=9858 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 129.949528][ T46] audit: type=1400 audit(1604925598.205:51): avc: denied { create } for pid=9858 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_rdma_socket permissive=1 VM DIAGNOSIS: 12:39:54 Registers: info registers vcpu 0 RAX=000000000004abef RBX=ffffffff8b09af80 RCX=1ffffffff19d8e19 RDX=0000000000000000 RSI=0000000000000001 RDI=0000000000000000 RBP=fffffbfff16135f0 RSP=ffffffff8b007e40 R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000000 R14=ffffffff8cecaa88 R15=0000000000000000 RIP=ffffffff88e7b183 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802ca00000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=ffffffffff600400 CR3=0000000014de8000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=32323232323232323232323232323232 XMM02=ffffffffffffffffffffff00ffffffff XMM03=000000ff0000000000ff000000000000 XMM04=40404040404040404040404040404040 XMM05=5b5b5b5b5b5b5b5b5b5b5b5b5b5b5b5b XMM06=20202020202020202020202020202020 XMM07=00200000000000000000000000000000 XMM08=ffffffff0000000000ff00000000ffff XMM09=00000000000000000000000000000000 XMM10=00ff0000000000000000ff00000000ff XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000044523 RBX=ffff888010ac4380 RCX=1ffffffff19d8e19 RDX=0000000000000000 RSI=0000000000000001 RDI=0000000000000000 RBP=ffffed1002158870 RSP=ffffc9000041fdf8 R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000000 R11=0000000000000000 R12=0000000000000001 R13=0000000000000001 R14=ffffffff8cecaa88 R15=0000000000000000 RIP=ffffffff88e7b183 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802cb00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe000003e000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000003c000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fdeb98c5000 CR3=000000002b428000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=000000000000000000000000000000ff XMM01=25252525252525252525252525252525 XMM02=ffffffffff000000ffffffff00000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=ffffffffffffffffffffffffffffffff XMM06=ffffffffffffffffffffffffffffffff XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 2 RAX=000000000003e9d5 RBX=ffff888010acc3c0 RCX=1ffffffff19d8e19 RDX=0000000000000000 RSI=0000000000000001 RDI=0000000000000000 RBP=ffffed1002159878 RSP=ffffc9000042fdf8 R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000000 R11=0000000000000000 R12=0000000000000002 R13=0000000000000002 R14=ffffffff8cecaa88 R15=0000000000000000 RIP=ffffffff88e7b183 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802cc00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe0000079000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000077000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fdeb98c5000 CR3=000000001e756000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=7269762f736563697665642f7379732f XMM01=00000000ff00000000000000000000ff XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=2064657a696e676f6365726e75002f40 XMM05=614d6c65766172547c2a323932362a65 XMM06=3d2b4e5552202c002a3030355d55755b XMM07=2d63707276633a3174633a554d45516e XMM08=ffffffffffffffffffffffffffffffff XMM09=00000020202020202020202020202000 XMM10=ffffffffffffffffffffffffffffffff XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 3 RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff840e5511 RDI=ffffffff8faec8c0 RBP=ffffffff8faec880 RSP=ffffc9000a28f478 R8 =0000000000000001 R9 =0000000000000003 R10=0000000000000000 R11=0000000000000000 R12=0000000000000032 R13=0000000000000032 R14=ffffffff8faec880 R15=dffffc0000000000 RIP=ffffffff840e5568 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802cd00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe00000b4000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000b2000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000000aa6a78 CR3=000000002b428000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=0000ffffff00ffff0000ff0000000000 XMM01=3614000000010000096c00316e616c77 XMM02=000600007ffc8def360e00007ffc8def XMM03=ff000000000000000000000000ff0000 XMM04=0000000000000000000000000000ff00 XMM05=ffffffffffffffffffffffffffffffff XMM06=ffffffffffffffffffffffffffffffff XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000