Warning: Permanently added '[localhost]:27228' (ECDSA) to the list of known hosts. 2020/07/15 06:26:25 fuzzer started 2020/07/15 06:26:25 dialing manager at 10.0.2.10:42091 2020/07/15 06:26:26 syscalls: 3178 2020/07/15 06:26:26 code coverage: enabled 2020/07/15 06:26:26 comparison tracing: enabled 2020/07/15 06:26:26 extra coverage: enabled 2020/07/15 06:26:26 setuid sandbox: enabled 2020/07/15 06:26:26 namespace sandbox: enabled 2020/07/15 06:26:26 Android sandbox: /sys/fs/selinux/policy does not exist 2020/07/15 06:26:26 fault injection: enabled 2020/07/15 06:26:26 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/07/15 06:26:26 net packet injection: enabled 2020/07/15 06:26:26 net device setup: enabled 2020/07/15 06:26:26 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/07/15 06:26:26 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/07/15 06:26:26 USB emulation: enabled 06:27:10 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x40}) 06:27:10 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) r1 = socket$unix(0x1, 0x5, 0x0) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x6) syzkaller login: [ 215.600303][ T8466] IPVS: ftp: loaded support on port[0] = 21 [ 216.335801][ T8466] chnl_net:caif_netlink_parms(): no params data found [ 216.369890][ T8468] IPVS: ftp: loaded support on port[0] = 21 06:27:11 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000000180)="eb", 0x1}], 0x1) [ 216.583739][ T8466] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.608156][ T8466] bridge0: port 1(bridge_slave_0) entered disabled state [ 216.642884][ T8466] device bridge_slave_0 entered promiscuous mode [ 216.722153][ T8466] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.746032][ T8466] bridge0: port 2(bridge_slave_1) entered disabled state [ 216.771533][ T8466] device bridge_slave_1 entered promiscuous mode 06:27:12 executing program 3: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000240)=ANY=[@ANYBLOB="e0000001ac1414aa"], 0x38) [ 216.860535][ T8466] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 216.906813][ T8466] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 217.009225][ T8474] IPVS: ftp: loaded support on port[0] = 21 [ 217.071516][ T8466] team0: Port device team_slave_0 added [ 217.100458][ T8466] team0: Port device team_slave_1 added [ 217.148178][ T8468] chnl_net:caif_netlink_parms(): no params data found [ 217.198532][ T8466] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 217.230254][ T8466] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.341230][ T8466] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 217.476772][ T8466] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 217.498498][ T8466] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.590926][ T8466] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 217.652334][ T8478] IPVS: ftp: loaded support on port[0] = 21 [ 217.721682][ T8466] device hsr_slave_0 entered promiscuous mode [ 217.806932][ T8466] device hsr_slave_1 entered promiscuous mode [ 217.940533][ T8468] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.952343][ T8468] bridge0: port 1(bridge_slave_0) entered disabled state [ 217.967511][ T8468] device bridge_slave_0 entered promiscuous mode [ 218.002628][ T8468] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.015519][ T8468] bridge0: port 2(bridge_slave_1) entered disabled state [ 218.029526][ T8468] device bridge_slave_1 entered promiscuous mode [ 218.092283][ T8468] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 218.136744][ T8468] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 218.230055][ T8468] team0: Port device team_slave_0 added [ 218.259145][ T8474] chnl_net:caif_netlink_parms(): no params data found [ 218.356739][ T8468] team0: Port device team_slave_1 added [ 218.421949][ T8468] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 218.442122][ T8468] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.502097][ T8468] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 218.600508][ T8468] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 218.627005][ T8468] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.729309][ T8468] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 218.852714][ T8466] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 218.974025][ T8466] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 219.168681][ T8468] device hsr_slave_0 entered promiscuous mode [ 219.247988][ T8468] device hsr_slave_1 entered promiscuous mode [ 219.335948][ T8468] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 219.371768][ T8468] Cannot create hsr debugfs directory [ 219.394390][ T8466] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 219.486753][ T8466] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 219.563259][ T8474] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.585617][ T8474] bridge0: port 1(bridge_slave_0) entered disabled state [ 219.610551][ T8474] device bridge_slave_0 entered promiscuous mode [ 219.629281][ T8474] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.651460][ T8474] bridge0: port 2(bridge_slave_1) entered disabled state [ 219.669561][ T8474] device bridge_slave_1 entered promiscuous mode [ 219.684408][ T8478] chnl_net:caif_netlink_parms(): no params data found [ 219.770417][ T8474] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 219.830902][ T8474] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 219.966083][ T8474] team0: Port device team_slave_0 added [ 220.026207][ T8474] team0: Port device team_slave_1 added [ 220.086089][ T8478] bridge0: port 1(bridge_slave_0) entered blocking state [ 220.137888][ T8478] bridge0: port 1(bridge_slave_0) entered disabled state [ 220.169764][ T8478] device bridge_slave_0 entered promiscuous mode [ 220.212225][ T8478] bridge0: port 2(bridge_slave_1) entered blocking state [ 220.268133][ T8478] bridge0: port 2(bridge_slave_1) entered disabled state [ 220.326826][ T8478] device bridge_slave_1 entered promiscuous mode [ 220.499382][ T8474] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 220.558338][ T8474] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 220.729436][ T8474] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 220.856261][ T8478] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 220.966961][ T8478] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 221.053805][ T8474] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 221.117316][ T8474] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 221.321871][ T8474] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 221.609826][ T8474] device hsr_slave_0 entered promiscuous mode [ 221.706360][ T8474] device hsr_slave_1 entered promiscuous mode [ 221.806189][ T8474] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 221.874490][ T8474] Cannot create hsr debugfs directory [ 221.933630][ T8478] team0: Port device team_slave_0 added [ 221.972051][ T8478] team0: Port device team_slave_1 added [ 222.044854][ T8478] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 222.088736][ T8478] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 222.242094][ T8478] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 222.296123][ T8478] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 222.330715][ T8478] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 222.456241][ T8478] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 222.659746][ T8478] device hsr_slave_0 entered promiscuous mode [ 222.756306][ T8478] device hsr_slave_1 entered promiscuous mode [ 222.816229][ T8478] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 222.849527][ T8478] Cannot create hsr debugfs directory [ 222.871655][ T8468] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 223.023714][ T8468] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 223.141888][ T8468] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 223.249353][ T8468] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 223.622196][ T8474] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 223.712480][ T8474] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 223.808993][ T8474] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 223.921280][ T8474] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 224.026315][ T8466] 8021q: adding VLAN 0 to HW filter on device bond0 [ 224.064225][ T8478] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 224.139621][ T8478] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 224.248192][ T8478] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 224.357394][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 224.410338][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 224.469762][ T8466] 8021q: adding VLAN 0 to HW filter on device team0 [ 224.519062][ T8478] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 224.720555][ T53] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 224.758037][ T53] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 224.788365][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.810101][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 224.840589][ T53] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 224.866758][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 224.888616][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 224.923393][ T23] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.950462][ T23] bridge0: port 2(bridge_slave_1) entered forwarding state [ 224.997880][ T8468] 8021q: adding VLAN 0 to HW filter on device bond0 [ 225.020979][ T1218] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 225.056580][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 225.075516][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 225.090596][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 225.122392][ T8468] 8021q: adding VLAN 0 to HW filter on device team0 [ 225.144895][ T1218] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 225.165191][ T1218] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 225.183719][ T1218] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 225.206846][ T1218] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 225.235996][ T1218] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 225.266209][ T1218] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 225.283367][ T1218] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 225.347824][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 225.369813][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 225.390688][ T18] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.407827][ T18] bridge0: port 1(bridge_slave_0) entered forwarding state [ 225.427603][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 225.443705][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 225.462579][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 225.489981][ T8494] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 225.507739][ T8494] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 225.524670][ T8494] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 225.546767][ T8494] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.567988][ T8494] bridge0: port 2(bridge_slave_1) entered forwarding state [ 225.618309][ T8474] 8021q: adding VLAN 0 to HW filter on device bond0 [ 225.640923][ T3829] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 225.671484][ T8466] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 225.695018][ T3829] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 225.709397][ T3829] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 225.735937][ T8478] 8021q: adding VLAN 0 to HW filter on device bond0 [ 225.762934][ T3829] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 225.782545][ T3829] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 225.806500][ T3829] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 225.833579][ T8474] 8021q: adding VLAN 0 to HW filter on device team0 [ 225.851857][ T8478] 8021q: adding VLAN 0 to HW filter on device team0 [ 225.869756][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 225.893286][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 225.936090][ T8494] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 225.965599][ T8494] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 225.985969][ T8494] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 226.003979][ T8494] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 226.036337][ T8494] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 226.055642][ T8494] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 226.079582][ T8494] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 226.096435][ T8494] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.109228][ T8494] bridge0: port 1(bridge_slave_0) entered forwarding state [ 226.121924][ T8494] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 226.137706][ T8494] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 226.179912][ T8468] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 226.214262][ T8468] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 226.239754][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 226.264125][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 226.291596][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 226.312001][ T18] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.327629][ T18] bridge0: port 1(bridge_slave_0) entered forwarding state [ 226.343456][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 226.361287][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 226.377905][ T18] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.404146][ T18] bridge0: port 2(bridge_slave_1) entered forwarding state [ 226.422704][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 226.438662][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 226.456560][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 226.472219][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 226.488604][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 226.509448][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 226.526678][ T18] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.545711][ T18] bridge0: port 2(bridge_slave_1) entered forwarding state [ 226.568692][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 226.582387][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 226.614402][ T8466] device veth0_vlan entered promiscuous mode [ 226.634265][ T8482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 226.652357][ T8482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 226.667599][ T8482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 226.683251][ T8482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 226.699049][ T8482] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 226.712742][ T8482] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 226.746076][ T8468] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 226.768205][ T53] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 226.782703][ T53] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 226.796054][ T53] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 226.811902][ T53] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 226.827970][ T53] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 226.843843][ T53] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 226.859371][ T53] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 226.877782][ T8466] device veth1_vlan entered promiscuous mode [ 226.902140][ T53] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 226.916181][ T53] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 226.929961][ T53] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 226.945399][ T53] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 226.967349][ T53] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 226.982745][ T53] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 227.014752][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 227.033248][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 227.072245][ T3829] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 227.092757][ T3829] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 227.111956][ T3829] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 227.132341][ T3829] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 227.150436][ T3829] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 227.168898][ T3829] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 227.196395][ T3829] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 227.218717][ T3829] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 227.238091][ T8474] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 227.266783][ T8478] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 227.291578][ T8466] device veth0_macvtap entered promiscuous mode [ 227.310504][ T8496] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 227.326652][ T8496] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 227.343342][ T8496] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 227.368293][ T8466] device veth1_macvtap entered promiscuous mode [ 227.387467][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 227.408313][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 227.438452][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 227.455637][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 227.470068][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 227.484182][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 227.497689][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 227.525532][ T2847] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 227.543152][ T2847] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 227.561109][ T8468] device veth0_vlan entered promiscuous mode [ 227.586817][ T8478] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 227.623596][ T8474] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 227.645962][ T8468] device veth1_vlan entered promiscuous mode [ 227.664398][ T8466] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 227.684804][ T8496] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 227.707560][ T8496] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 227.725792][ T8496] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 227.748884][ T8466] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 227.777476][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 227.793458][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 227.811674][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 227.867260][ T3829] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 227.886245][ T3829] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 227.933602][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 227.956823][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 227.993119][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 228.022862][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 228.141223][ T8478] device veth0_vlan entered promiscuous mode [ 228.161252][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 228.185028][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 228.262925][ T8482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 228.283928][ T8482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 228.311162][ T8478] device veth1_vlan entered promiscuous mode [ 228.451647][ T8468] device veth0_macvtap entered promiscuous mode [ 228.493792][ T2847] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 228.520331][ T2847] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 228.540943][ T2847] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 228.564369][ T2847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 228.587984][ T2847] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 228.609370][ T2847] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 228.626669][ T2847] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 228.653467][ T8468] device veth1_macvtap entered promiscuous mode [ 228.654286][ T8466] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 228.682648][ T8468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 228.731235][ T8468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.776958][ T8468] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 228.828615][ T8474] device veth0_vlan entered promiscuous mode [ 228.866569][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 228.889322][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 228.918001][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 228.923589][ T8468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 228.923594][ T8468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.924754][ T8468] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 228.936780][ T8478] device veth0_macvtap entered promiscuous mode [ 228.953516][ T8482] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 228.955000][ T8482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 228.955937][ T8482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 228.956324][ T8482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 228.975884][ T8478] device veth1_macvtap entered promiscuous mode [ 228.977182][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 228.977730][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 228.983744][ T8474] device veth1_vlan entered promiscuous mode [ 229.009021][ T8500] ================================================================== [ 229.010629][ T8500] BUG: KASAN: vmalloc-out-of-bounds in bitfill_aligned+0x34a/0x400 [ 229.010717][ T8500] Write of size 8 at addr ffffc900099f1000 by task syz-executor.0/8500 [ 229.010720][ T8500] [ 229.010859][ T8500] CPU: 2 PID: 8500 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 229.011009][ T8500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 229.011057][ T8500] Call Trace: [ 229.011891][ T8500] dump_stack+0x18f/0x20d [ 229.013167][ T8500] ? bitfill_aligned+0x34a/0x400 [ 229.014190][ T8500] ? bitfill_aligned+0x34a/0x400 [ 229.014368][ T8500] print_address_description.constprop.0.cold+0x5/0x436 [ 229.015937][ T8500] ? lockdep_hardirqs_off+0x66/0xa0 [ 229.015937][ T8500] ? vprintk_func+0x97/0x1a6 [ 229.015937][ T8500] ? bitfill_aligned+0x34a/0x400 [ 229.015937][ T8500] kasan_report.cold+0x1f/0x37 [ 229.015937][ T8500] ? bitfill_aligned+0x34a/0x400 [ 229.015937][ T8500] bitfill_aligned+0x34a/0x400 [ 229.015937][ T8500] sys_fillrect+0x408/0x7a0 [ 229.015937][ T8500] ? sys_fillrect+0x7a0/0x7a0 [ 229.015937][ T8500] drm_fb_helper_sys_fillrect+0x1e/0x190 [ 229.015937][ T8500] bit_clear_margins+0x2d5/0x4a0 [ 229.015937][ T8500] ? bit_bmove+0x210/0x210 [ 229.015937][ T8500] fbcon_clear_margins+0x1d5/0x230 [ 229.015937][ T8500] fbcon_switch+0xb6e/0x16c0 [ 229.015937][ T8500] ? fbcon_scroll+0x3600/0x3600 [ 229.015937][ T8500] ? fbcon_cursor+0x52b/0x650 [ 229.015937][ T8500] ? kmalloc_array.constprop.0+0x20/0x20 [ 229.015937][ T8500] ? is_console_locked+0x5/0x10 [ 229.015937][ T8500] ? fbcon_set_origin+0x26/0x50 [ 229.015937][ T8500] redraw_screen+0x2ae/0x770 [ 229.015937][ T8500] ? vc_init+0x440/0x440 [ 229.015937][ T8500] fbcon_modechanged+0x575/0x710 [ 229.015937][ T8500] fbcon_set_all_vcs+0x3b6/0x470 [ 229.015937][ T8500] fbcon_update_vcs+0x26/0x50 [ 229.015937][ T8500] fb_set_var+0xae8/0xd60 [ 229.015937][ T8500] ? fb_blank+0x190/0x190 [ 229.015937][ T8500] ? finish_task_switch+0x1dc/0x750 [ 229.015937][ T8500] ? __schedule+0x8e9/0x1eb0 [ 229.015937][ T8500] do_fb_ioctl+0x33f/0x6c0 [ 229.015937][ T8500] ? fb_set_suspend+0x1a0/0x1a0 [ 229.015937][ T8500] ? lock_downgrade+0x820/0x820 [ 229.015937][ T8500] ? trace_hardirqs_on+0x5f/0x220 [ 229.015937][ T8500] ? lockdep_hardirqs_on+0x6a/0xe0 [ 229.015937][ T8500] ? tomoyo_path_number_perm+0x244/0x4d0 [ 229.015937][ T8500] ? tomoyo_execute_permission+0x470/0x470 [ 229.015937][ T8500] ? __might_fault+0xef/0x1d0 [ 229.015937][ T8500] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 229.015937][ T8500] ? do_vfs_ioctl+0x27d/0x1090 [ 229.015937][ T8500] ? generic_block_fiemap+0x60/0x60 [ 229.015937][ T8500] fb_compat_ioctl+0x175/0xc10 [ 229.015937][ T8500] ? fb_open+0x430/0x430 [ 229.015937][ T8500] ? __fget_files+0x294/0x400 [ 229.015937][ T8500] ? fb_open+0x430/0x430 [ 229.015937][ T8500] __do_compat_sys_ioctl+0x1d3/0x230 [ 229.015937][ T8500] do_syscall_32_irqs_on+0x3f/0x60 [ 229.015937][ T8500] do_fast_syscall_32+0x7f/0x120 [ 229.015937][ T8500] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 229.015937][ T8500] RIP: 0023:0xf7f7e569 [ 229.019566][ T8500] Code: Bad RIP value. [ 229.019566][ T8500] RSP: 002b:00000000f5d580bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 229.019566][ T8500] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000004601 [ 229.019566][ T8500] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 229.019566][ T8500] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 229.019566][ T8500] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 229.019566][ T8500] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 229.019566][ T8500] [ 229.019566][ T8500] [ 229.019566][ T8500] Memory state around the buggy address: [ 229.019566][ T8500] ffffc900099f0f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 229.019566][ T8500] ffffc900099f0f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 229.019566][ T8500] >ffffc900099f1000: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 229.019566][ T8500] ^ [ 229.019566][ T8500] ffffc900099f1080: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 229.019566][ T8500] ffffc900099f1100: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 229.019566][ T8500] ================================================================== [ 229.019566][ T8500] Disabling lock debugging due to kernel taint [ 229.035085][ T8500] Kernel panic - not syncing: panic_on_warn set ... [ 229.035260][ T8500] CPU: 2 PID: 8500 Comm: syz-executor.0 Tainted: G B 5.8.0-rc5-syzkaller #0 [ 229.035260][ T8500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 229.035260][ T8500] Call Trace: [ 229.035260][ T8500] dump_stack+0x18f/0x20d [ 229.035260][ T8500] ? bitfill_aligned+0x300/0x400 [ 229.035260][ T8500] panic+0x2e3/0x75c [ 229.035260][ T8500] ? __warn_printk+0xf3/0xf3 [ 229.035260][ T8500] ? preempt_schedule_common+0x59/0xc0 [ 229.035260][ T8500] ? bitfill_aligned+0x34a/0x400 [ 229.035260][ T8500] ? preempt_schedule_thunk+0x16/0x18 [ 229.035260][ T8500] ? trace_hardirqs_on+0x55/0x220 [ 229.035260][ T8500] ? bitfill_aligned+0x34a/0x400 [ 229.035260][ T8500] ? bitfill_aligned+0x34a/0x400 [ 229.035260][ T8500] end_report+0x4d/0x53 [ 229.035260][ T8500] kasan_report.cold+0xd/0x37 [ 229.035260][ T8500] ? bitfill_aligned+0x34a/0x400 [ 229.035260][ T8500] bitfill_aligned+0x34a/0x400 [ 229.035260][ T8500] sys_fillrect+0x408/0x7a0 [ 229.035260][ T8500] ? sys_fillrect+0x7a0/0x7a0 [ 229.035260][ T8500] drm_fb_helper_sys_fillrect+0x1e/0x190 [ 229.035260][ T8500] bit_clear_margins+0x2d5/0x4a0 [ 229.035260][ T8500] ? bit_bmove+0x210/0x210 [ 229.035260][ T8500] fbcon_clear_margins+0x1d5/0x230 [ 229.035260][ T8500] fbcon_switch+0xb6e/0x16c0 [ 229.035260][ T8500] ? fbcon_scroll+0x3600/0x3600 [ 229.035260][ T8500] ? fbcon_cursor+0x52b/0x650 [ 229.035260][ T8500] ? kmalloc_array.constprop.0+0x20/0x20 [ 229.035260][ T8500] ? is_console_locked+0x5/0x10 [ 229.035260][ T8500] ? fbcon_set_origin+0x26/0x50 [ 229.035260][ T8500] redraw_screen+0x2ae/0x770 [ 229.035260][ T8500] ? vc_init+0x440/0x440 [ 229.035260][ T8500] fbcon_modechanged+0x575/0x710 [ 229.035260][ T8500] fbcon_set_all_vcs+0x3b6/0x470 [ 229.035260][ T8500] fbcon_update_vcs+0x26/0x50 [ 229.035260][ T8500] fb_set_var+0xae8/0xd60 [ 229.035260][ T8500] ? fb_blank+0x190/0x190 [ 229.035260][ T8500] ? finish_task_switch+0x1dc/0x750 [ 229.035260][ T8500] ? __schedule+0x8e9/0x1eb0 [ 229.035260][ T8500] do_fb_ioctl+0x33f/0x6c0 [ 229.035260][ T8500] ? fb_set_suspend+0x1a0/0x1a0 [ 229.035260][ T8500] ? lock_downgrade+0x820/0x820 [ 229.035260][ T8500] ? trace_hardirqs_on+0x5f/0x220 [ 229.035260][ T8500] ? lockdep_hardirqs_on+0x6a/0xe0 [ 229.035260][ T8500] ? tomoyo_path_number_perm+0x244/0x4d0 [ 229.035260][ T8500] ? tomoyo_execute_permission+0x470/0x470 [ 229.035260][ T8500] ? __might_fault+0xef/0x1d0 [ 229.035260][ T8500] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 229.035260][ T8500] ? do_vfs_ioctl+0x27d/0x1090 [ 229.035260][ T8500] ? generic_block_fiemap+0x60/0x60 [ 229.035260][ T8500] fb_compat_ioctl+0x175/0xc10 [ 229.035260][ T8500] ? fb_open+0x430/0x430 [ 229.035260][ T8500] ? __fget_files+0x294/0x400 [ 229.035260][ T8500] ? fb_open+0x430/0x430 [ 229.035260][ T8500] __do_compat_sys_ioctl+0x1d3/0x230 [ 229.035260][ T8500] do_syscall_32_irqs_on+0x3f/0x60 [ 229.035260][ T8500] do_fast_syscall_32+0x7f/0x120 [ 229.035260][ T8500] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 229.035260][ T8500] RIP: 0023:0xf7f7e569 [ 229.035260][ T8500] Code: Bad RIP value. [ 229.035260][ T8500] RSP: 002b:00000000f5d580bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 229.035260][ T8500] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000004601 [ 229.035260][ T8500] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 229.035260][ T8500] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 229.035260][ T8500] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 229.035260][ T8500] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 229.035260][ T8500] Kernel Offset: disabled [ 229.035260][ T8500] Rebooting in 86400 seconds..