Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '[localhost]:1569' (ECDSA) to the list of known hosts. syzkaller login: [ 132.798690][ T48] kauditd_printk_skb: 4 callbacks suppressed 2021/01/11 10:34:07 fuzzer started [ 132.798706][ T48] audit: type=1400 audit(1610361247.152:42): avc: denied { map } for pid=10606 comm="syz-fuzzer" path="/syz-fuzzer" dev="sda1" ino=16526 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 2021/01/11 10:34:08 dialing manager at 10.0.2.10:45883 2021/01/11 10:34:08 checking machine... 2021/01/11 10:34:08 checking revisions... [ 133.745241][ T48] audit: type=1400 audit(1610361248.102:43): avc: denied { integrity } for pid=10606 comm="syz-fuzzer" lockdown_reason="debugfs access" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=lockdown permissive=1 2021/01/11 10:34:08 testing simple program... [ 133.802838][ T48] audit: type=1400 audit(1610361248.102:44): avc: denied { map } for pid=10606 comm="syz-fuzzer" path="/sys/kernel/debug/kcov" dev="debugfs" ino=4878 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 [ 135.510406][T10628] IPVS: ftp: loaded support on port[0] = 21 [ 135.686725][T10628] chnl_net:caif_netlink_parms(): no params data found [ 135.786929][T10628] bridge0: port 1(bridge_slave_0) entered blocking state [ 135.806743][T10628] bridge0: port 1(bridge_slave_0) entered disabled state [ 135.834517][T10628] device bridge_slave_0 entered promiscuous mode [ 135.863913][T10628] bridge0: port 2(bridge_slave_1) entered blocking state [ 135.881677][T10628] bridge0: port 2(bridge_slave_1) entered disabled state [ 135.900683][T10628] device bridge_slave_1 entered promiscuous mode [ 135.941028][T10628] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 135.967364][T10628] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 136.012454][T10628] team0: Port device team_slave_0 added [ 136.034816][T10628] team0: Port device team_slave_1 added [ 136.078905][T10628] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 136.101911][T10628] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 136.202165][T10628] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 136.258157][T10628] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 136.300940][T10628] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 136.433568][T10628] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 136.498245][T10628] device hsr_slave_0 entered promiscuous mode [ 136.519175][T10628] device hsr_slave_1 entered promiscuous mode executing program [ 136.692552][ T48] audit: type=1400 audit(1610361251.042:45): avc: denied { create } for pid=10628 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 136.697134][T10628] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 136.795948][ T48] audit: type=1400 audit(1610361251.042:46): avc: denied { write } for pid=10628 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 136.903792][ T48] audit: type=1400 audit(1610361251.052:47): avc: denied { read } for pid=10628 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 136.970052][T10628] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 136.995086][T10628] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 137.020190][T10628] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 137.204679][T10628] 8021q: adding VLAN 0 to HW filter on device bond0 [ 137.236729][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 137.254906][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 137.281710][T10628] 8021q: adding VLAN 0 to HW filter on device team0 [ 137.317282][ T1717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 137.358977][ T1717] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 137.395741][ T1717] bridge0: port 1(bridge_slave_0) entered blocking state [ 137.413161][ T1717] bridge0: port 1(bridge_slave_0) entered forwarding state [ 137.445053][ T1717] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 137.475453][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 137.500699][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 137.506975][ T4775] Bluetooth: hci0: command 0x0409 tx timeout [ 137.531159][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 137.582128][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 137.627273][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 137.671006][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 137.692970][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 137.720313][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 137.751643][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 137.822291][ T1717] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 137.881722][ T1717] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 137.919141][ T4775] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 137.958999][ T4775] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 137.999159][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 138.031034][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 138.065240][T10628] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 138.116832][T10628] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 138.160940][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 138.199901][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 138.233298][ T1717] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 138.267985][ T1717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 138.313327][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 138.336693][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 138.355033][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 138.372016][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 138.392580][T10628] device veth0_vlan entered promiscuous mode [ 138.423597][T10628] device veth1_vlan entered promiscuous mode [ 138.472673][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 138.505526][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 138.535786][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 138.568490][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 138.610117][T10628] device veth0_macvtap entered promiscuous mode [ 138.637914][T10628] device veth1_macvtap entered promiscuous mode [ 138.672413][T10628] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 138.695896][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 138.722420][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 138.742867][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 138.758784][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 138.782392][T10628] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 138.797840][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 138.815148][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 138.845229][T10628] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.874865][T10628] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.907139][T10628] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.943781][T10628] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.099228][T10636] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 139.126864][T10636] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 139.147218][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 139.154626][ T1714] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 139.172096][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 139.217662][T10637] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 139.250710][ T48] audit: type=1400 audit(1610361253.602:48): avc: denied { associate } for pid=10628 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 139.365778][T10628] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation 2021/01/11 10:34:13 building call list... executing program [ 139.715082][ T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 139.840618][ T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 140.007102][ T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 140.101301][ T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.693286][ T9] device hsr_slave_0 left promiscuous mode [ 141.761063][ T9] device hsr_slave_1 left promiscuous mode [ 141.784948][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 141.804947][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 141.824764][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 141.836643][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 141.850990][ T9] device bridge_slave_1 left promiscuous mode [ 141.862283][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.902754][ T9] device bridge_slave_0 left promiscuous mode [ 141.923556][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.950903][ T9] device veth1_macvtap left promiscuous mode [ 141.976470][ T9] device veth0_macvtap left promiscuous mode [ 142.012093][ T9] device veth1_vlan left promiscuous mode [ 142.043238][ T9] device veth0_vlan left promiscuous mode executing program [ 143.137626][ T9] team0 (unregistering): Port device team_slave_1 removed [ 143.158042][ T9] team0 (unregistering): Port device team_slave_0 removed [ 143.181221][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 143.203349][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 143.264515][ T9] bond0 (unregistering): Released all slaves [ 143.413927][T10643] can: request_module (can-proto-0) failed. [ 144.798971][T10643] can: request_module (can-proto-0) failed. [ 144.845302][T10643] can: request_module (can-proto-0) failed. [ 145.384943][ T48] audit: type=1400 audit(1610361259.732:49): avc: denied { create } for pid=10606 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 [ 145.436738][ T48] audit: type=1400 audit(1610361259.742:50): avc: denied { create } for pid=10606 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 145.497325][ T48] audit: type=1400 audit(1610361259.742:51): avc: denied { create } for pid=10606 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_rdma_socket permissive=1 2021/01/11 10:34:24 syscalls: 3495 2021/01/11 10:34:24 code coverage: enabled 2021/01/11 10:34:24 comparison tracing: enabled 2021/01/11 10:34:24 extra coverage: enabled 2021/01/11 10:34:24 setuid sandbox: enabled 2021/01/11 10:34:24 namespace sandbox: enabled 2021/01/11 10:34:24 Android sandbox: /sys/fs/selinux/policy does not exist 2021/01/11 10:34:24 fault injection: enabled 2021/01/11 10:34:24 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2021/01/11 10:34:24 net packet injection: enabled 2021/01/11 10:34:24 net device setup: enabled 2021/01/11 10:34:24 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2021/01/11 10:34:24 devlink PCI setup: PCI device 0000:00:10.0 is not available 2021/01/11 10:34:24 USB emulation: enabled 2021/01/11 10:34:24 hci packet injection: enabled 2021/01/11 10:34:24 wifi device emulation: enabled 2021/01/11 10:34:24 fetching corpus: 0, signal 0/0 (executing program) 2021/01/11 10:34:24 fetching corpus: 0, signal 0/0 (executing program) 2021/01/11 10:34:27 starting 4 fuzzer processes 10:34:27 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, &(0x7f0000000140)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0xf00, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 10:34:28 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newlink={0x48, 0x10, 0x439, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @gtp={{0x8, 0x1, 'gtp\x00'}, {0x1c, 0x2, 0x0, 0x1, {{0x8}, {0x8}, [@IFLA_GTP_PDP_HASHSIZE={0x8, 0x3, 0x100000}]}}}}]}, 0x48}}, 0x0) 10:34:28 executing program 2: r0 = memfd_create(&(0x7f0000000140)='#! \x13\xdb\xb9\xdaU\xb1\xea\xa3\x8a\x91C\xd6\x9fA\xe9\xfb7\xb6\xe5,\x19\xb2y\x02MO&\xcb*p<\xa4\x84\xfa5\xd7YX]z<\xf3T\xf6\x80\xafm\xcfr\xe6\x17\xe1o\x81G\x1e:\x00}[\xfaY-\x13K0\'s\xe0\xceQ\x8b\xdc 9\xb6\x7f*\xe8\xc6\xff\xe7[\xb4\xb9', 0x0) write$binfmt_script(r0, &(0x7f0000000080)=ANY=[@ANYBLOB='fi\t\n'], 0x17) execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 10:34:29 executing program 3: write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) close(0xffffffffffffffff) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0) r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x3e, &(0x7f00000000c0)=0x7, 0x4) bind$llc(r0, &(0x7f0000000000), 0x10) sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) [ 154.694942][T10723] IPVS: ftp: loaded support on port[0] = 21 [ 154.931490][T10723] chnl_net:caif_netlink_parms(): no params data found [ 155.059421][T10723] bridge0: port 1(bridge_slave_0) entered blocking state [ 155.076538][T10723] bridge0: port 1(bridge_slave_0) entered disabled state [ 155.106310][T10723] device bridge_slave_0 entered promiscuous mode [ 155.134545][T10723] bridge0: port 2(bridge_slave_1) entered blocking state [ 155.153601][T10723] bridge0: port 2(bridge_slave_1) entered disabled state [ 155.175951][T10723] device bridge_slave_1 entered promiscuous mode [ 155.219399][T10723] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 155.250110][T10723] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 155.293483][T10723] team0: Port device team_slave_0 added [ 155.312552][T10723] team0: Port device team_slave_1 added [ 155.338358][T10723] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 155.351293][T10723] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 155.413870][T10723] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 155.455395][T10723] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 155.476553][T10723] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 155.534229][T10723] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 155.573887][T10723] device hsr_slave_0 entered promiscuous mode [ 155.574907][T10726] IPVS: ftp: loaded support on port[0] = 21 [ 155.598536][T10723] device hsr_slave_1 entered promiscuous mode [ 155.776064][T10726] chnl_net:caif_netlink_parms(): no params data found [ 155.840968][T10723] bridge0: port 2(bridge_slave_1) entered blocking state [ 155.858230][T10723] bridge0: port 2(bridge_slave_1) entered forwarding state [ 155.875517][T10723] bridge0: port 1(bridge_slave_0) entered blocking state [ 155.900812][T10723] bridge0: port 1(bridge_slave_0) entered forwarding state [ 155.946470][T10726] bridge0: port 1(bridge_slave_0) entered blocking state [ 155.958750][T10726] bridge0: port 1(bridge_slave_0) entered disabled state [ 155.970463][T10726] device bridge_slave_0 entered promiscuous mode [ 155.986686][T10726] bridge0: port 2(bridge_slave_1) entered blocking state [ 155.999292][T10726] bridge0: port 2(bridge_slave_1) entered disabled state [ 156.012658][T10726] device bridge_slave_1 entered promiscuous mode [ 156.026071][ T20] bridge0: port 1(bridge_slave_0) entered disabled state [ 156.038285][ T20] bridge0: port 2(bridge_slave_1) entered disabled state [ 156.075069][T10726] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 156.079867][T10729] IPVS: ftp: loaded support on port[0] = 21 [ 156.102549][T10726] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 156.151893][T10726] team0: Port device team_slave_0 added [ 156.182475][T10726] team0: Port device team_slave_1 added [ 156.231900][T10726] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 156.254297][T10726] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 156.297321][T10726] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 156.330780][T10726] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 156.348887][T10726] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 156.422029][T10726] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 156.486269][T10726] device hsr_slave_0 entered promiscuous mode [ 156.498712][T10726] device hsr_slave_1 entered promiscuous mode [ 156.522353][T10726] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 156.543741][T10726] Cannot create hsr debugfs directory [ 156.600774][T10734] IPVS: ftp: loaded support on port[0] = 21 [ 156.714656][ T4775] Bluetooth: hci0: command 0x0409 tx timeout [ 156.750693][T10723] 8021q: adding VLAN 0 to HW filter on device bond0 [ 156.791817][T10729] chnl_net:caif_netlink_parms(): no params data found [ 156.827502][T10723] 8021q: adding VLAN 0 to HW filter on device team0 [ 156.841247][ T4775] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 156.855201][ T4775] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 156.911783][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 156.925090][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 156.938292][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 156.951219][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 156.966495][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 156.996803][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 157.013184][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.027462][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 157.085570][ T1717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 157.104920][ T1717] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 157.147952][T10726] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 157.177868][T10726] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 157.219536][T10729] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.239812][T10729] bridge0: port 1(bridge_slave_0) entered disabled state [ 157.265696][T10729] device bridge_slave_0 entered promiscuous mode [ 157.287965][T10726] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 157.311419][T10726] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 157.337234][T10729] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.354711][T10729] bridge0: port 2(bridge_slave_1) entered disabled state [ 157.375750][T10729] device bridge_slave_1 entered promiscuous mode [ 157.399351][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 157.427172][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 157.451937][T10734] chnl_net:caif_netlink_parms(): no params data found [ 157.483111][T10741] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 157.502003][T10741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 157.504379][T10645] Bluetooth: hci1: command 0x0409 tx timeout [ 157.524901][T10741] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 157.567402][T10729] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 157.591200][T10729] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 157.650346][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 157.668647][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 157.700323][T10723] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 157.722527][T10723] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 157.763814][T10729] team0: Port device team_slave_0 added [ 157.782183][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 157.812149][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 157.857765][T10729] team0: Port device team_slave_1 added [ 157.895057][T10734] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.919009][T10734] bridge0: port 1(bridge_slave_0) entered disabled state [ 157.979422][T10734] device bridge_slave_0 entered promiscuous mode [ 157.995028][T10645] Bluetooth: hci2: command 0x0409 tx timeout [ 158.032622][T10734] bridge0: port 2(bridge_slave_1) entered blocking state [ 158.118407][T10734] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.148560][T10734] device bridge_slave_1 entered promiscuous mode [ 158.168672][T10729] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 158.188333][T10729] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 158.252726][T10729] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 158.278929][T10729] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 158.292485][T10729] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 158.340383][T10729] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 158.401767][T10729] device hsr_slave_0 entered promiscuous mode [ 158.413835][T10729] device hsr_slave_1 entered promiscuous mode [ 158.425530][T10729] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 158.441507][T10729] Cannot create hsr debugfs directory [ 158.464350][T10645] Bluetooth: hci3: command 0x0409 tx timeout [ 158.481944][T10734] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 158.527576][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 158.553671][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 158.578337][T10734] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 158.640142][T10734] team0: Port device team_slave_0 added [ 158.659185][T10734] team0: Port device team_slave_1 added [ 158.675027][T10723] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 158.735042][T10734] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 158.748561][T10734] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 158.801963][ T1717] Bluetooth: hci0: command 0x041b tx timeout [ 158.804237][T10734] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 158.849177][T10734] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 158.870035][T10734] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 158.936055][T10734] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 159.003498][T10734] device hsr_slave_0 entered promiscuous mode [ 159.020192][T10734] device hsr_slave_1 entered promiscuous mode [ 159.034641][T10734] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 159.060222][T10734] Cannot create hsr debugfs directory [ 159.083466][T10726] 8021q: adding VLAN 0 to HW filter on device bond0 [ 159.115595][T10729] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 159.131659][T10729] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 159.147528][T10729] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 159.162883][T10729] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 159.221240][T10741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 159.233232][T10741] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 159.245602][T10741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 159.259064][T10741] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 159.282006][T10726] 8021q: adding VLAN 0 to HW filter on device team0 [ 159.330052][ T1717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 159.365253][ T1717] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 159.388575][ T1717] bridge0: port 1(bridge_slave_0) entered blocking state [ 159.405662][ T1717] bridge0: port 1(bridge_slave_0) entered forwarding state [ 159.425522][ T1717] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 159.443387][ T4775] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 159.457696][ T4775] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 159.473397][ T4775] bridge0: port 2(bridge_slave_1) entered blocking state [ 159.485176][ T4775] bridge0: port 2(bridge_slave_1) entered forwarding state [ 159.521885][T10723] device veth0_vlan entered promiscuous mode [ 159.545085][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 159.561448][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 159.579402][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 159.584426][ T1717] Bluetooth: hci1: command 0x041b tx timeout [ 159.601155][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 159.634579][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 159.649976][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 159.686954][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 159.714586][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 159.749654][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 159.775609][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 159.797894][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 159.823212][T10723] device veth1_vlan entered promiscuous mode [ 159.839568][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 159.855037][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 159.868767][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 159.898734][T10726] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 159.913884][T10726] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 159.933520][ T4775] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 159.951750][ T4775] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 159.963192][ T4775] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 159.998988][T10734] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 160.010444][T10741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 160.023502][T10741] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 160.036320][T10741] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 160.047871][T10741] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 160.061243][T10723] device veth0_macvtap entered promiscuous mode [ 160.073873][T10734] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 160.086811][T10734] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 160.105870][T10734] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 160.121899][T10723] device veth1_macvtap entered promiscuous mode [ 160.145139][ T1717] Bluetooth: hci2: command 0x041b tx timeout [ 160.152445][T10729] 8021q: adding VLAN 0 to HW filter on device bond0 [ 160.188070][T10726] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 160.216491][T10645] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 160.227784][T10645] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 160.238966][T10645] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 160.249515][T10645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 160.266577][T10729] 8021q: adding VLAN 0 to HW filter on device team0 [ 160.290155][T10723] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 160.317114][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 160.331050][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 160.342119][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 160.351571][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 160.361906][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 160.373685][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 160.396970][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 160.407896][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 160.418870][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 160.430046][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 160.439548][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 160.450505][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 160.462531][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 160.484458][T10723] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 160.498770][T10637] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 160.510149][T10637] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 160.521099][T10637] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 160.540936][T10741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 160.544249][T10645] Bluetooth: hci3: command 0x041b tx timeout [ 160.580265][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 160.591340][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 160.604654][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 160.625998][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 160.638204][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 160.650823][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 160.665546][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 160.687847][T10741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 160.700563][T10741] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 160.729536][T10726] device veth0_vlan entered promiscuous mode [ 160.751645][T10645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 160.762834][T10645] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 160.782062][T10726] device veth1_vlan entered promiscuous mode [ 160.797688][T10734] 8021q: adding VLAN 0 to HW filter on device bond0 [ 160.812305][T10729] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 160.827007][T10729] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 160.849068][ T1717] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 160.858993][ T1717] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 160.869919][ T1717] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 160.882192][T10747] Bluetooth: hci0: command 0x040f tx timeout [ 160.923772][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 160.924577][T10638] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 160.936317][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 160.946746][T10638] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 160.959745][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 160.981231][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 160.993754][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 161.007937][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 161.027876][T10734] 8021q: adding VLAN 0 to HW filter on device team0 [ 161.063658][ T1717] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 161.078904][ T1717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 161.101197][T10726] device veth0_macvtap entered promiscuous mode [ 161.117618][T10729] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 161.128761][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 161.139568][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 161.150906][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 161.163280][ T20] bridge0: port 1(bridge_slave_0) entered blocking state [ 161.175933][ T20] bridge0: port 1(bridge_slave_0) entered forwarding state [ 161.190745][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 161.218457][T10726] device veth1_macvtap entered promiscuous mode [ 161.236678][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 161.236777][ T2960] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 161.251597][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 161.266433][ T2960] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 161.282443][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 161.310263][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 161.325094][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 161.351695][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 161.366632][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 161.405251][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 161.455534][T10637] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 161.477606][T10637] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 161.502221][T10637] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 161.532379][T10637] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 161.563161][ T48] audit: type=1400 audit(1610361275.912:52): avc: denied { prog_load } for pid=10761 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 [ 161.599183][T10637] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 161.646716][ T48] audit: type=1400 audit(1610361275.912:53): avc: denied { bpf } for pid=10761 comm="syz-executor.0" capability=39 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=capability2 permissive=1 [ 161.665550][ T1717] Bluetooth: hci1: command 0x040f tx timeout [ 161.707527][T10726] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 161.707785][T10726] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.708866][T10726] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 161.718642][ T48] audit: type=1400 audit(1610361275.912:54): avc: denied { perfmon } for pid=10761 comm="syz-executor.0" capability=38 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=capability2 permissive=1 [ 161.852785][T10637] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 161.872695][ T48] audit: type=1400 audit(1610361276.222:55): avc: denied { prog_run } for pid=10761 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 [ 161.873786][T10637] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 161.952283][T10637] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready 10:34:36 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, &(0x7f0000000140)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0xf00, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 161.973939][T10637] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 161.992885][T10637] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 162.006402][T10637] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 162.023888][T10729] device veth0_vlan entered promiscuous mode [ 162.037568][T10726] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 162.052677][T10726] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 162.068738][T10726] batman_adv: batadv0: Interface activated: batadv_slave_1 10:34:36 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, &(0x7f0000000140)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0xf00, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 162.090547][T10726] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.110852][T10726] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.130260][T10726] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.151535][T10726] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.195581][ T4775] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 162.232359][T10747] Bluetooth: hci2: command 0x040f tx timeout [ 162.267858][ T4775] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready 10:34:36 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, &(0x7f0000000140)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0xf00, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 162.300724][ T4775] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 162.338615][ T4775] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 162.379698][ T4775] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 162.404799][ T4775] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 162.422045][ T4775] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 162.439095][ T4775] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready 10:34:36 executing program 0: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x3, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0) [ 162.485263][T10729] device veth1_vlan entered promiscuous mode [ 162.488104][T10774] mmap: syz-executor.0 (10774) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 162.500742][T10734] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 162.555852][ T48] audit: type=1400 audit(1610361276.902:56): avc: denied { open } for pid=10773 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=perf_event permissive=1 [ 162.604712][ T48] audit: type=1400 audit(1610361276.912:57): avc: denied { confidentiality } for pid=10773 comm="syz-executor.0" lockdown_reason="unsafe use of perf" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=lockdown permissive=1 [ 162.632953][T10734] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 162.655773][ T1717] Bluetooth: hci3: command 0x040f tx timeout [ 162.685202][T10729] device veth0_macvtap entered promiscuous mode [ 162.707760][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 162.727926][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 162.743004][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 162.757219][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 162.778000][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 162.808938][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 162.842335][T10729] device veth1_macvtap entered promiscuous mode [ 162.861626][ T4775] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready 10:34:37 executing program 0: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x3, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0) [ 162.911812][ T2960] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 162.931022][T10741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 162.931678][ T2960] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 162.955416][T10645] Bluetooth: hci0: command 0x0419 tx timeout [ 162.956719][T10741] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 162.976084][T10741] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 163.026662][T10729] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 163.048118][T10729] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 163.065240][T10729] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 163.080810][T10729] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 163.098215][T10729] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 163.117655][T10729] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 163.138442][T10729] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 163.161772][T10729] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 163.182730][T10729] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 163.207907][T10729] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 163.228661][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 163.266593][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 163.290538][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 163.321637][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 163.356262][T10734] device veth0_vlan entered promiscuous mode [ 163.392792][ T2960] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 163.392932][T10729] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 163.419611][ T2960] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 163.441093][T10729] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 163.471227][T10729] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 163.503058][T10729] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 163.543500][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 163.567109][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 163.588570][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 163.604887][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 163.621284][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 163.639992][T10734] device veth1_vlan entered promiscuous mode [ 163.707373][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 163.721131][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 163.734475][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 163.750142][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 163.754263][T10645] Bluetooth: hci1: command 0x0419 tx timeout [ 163.786409][T10734] device veth0_macvtap entered promiscuous mode [ 163.803448][ T2960] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 163.832358][ T2960] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 10:34:38 executing program 0: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x3, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0) [ 163.859959][ T1717] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 163.889050][ T1717] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 163.910716][T10734] device veth1_macvtap entered promiscuous mode [ 163.947940][T10638] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 163.961698][T10734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 163.970612][T10638] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 163.983889][T10734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 163.983922][T10734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 163.983940][T10734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 163.983960][T10734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 163.983974][T10734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 163.986279][T10734] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 164.103156][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 164.118270][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 164.132006][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 164.151061][T10734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 164.167868][T10734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 164.184871][T10734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 164.211646][T10734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 164.211677][T10734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 164.211689][T10734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 164.217146][T10734] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 164.311422][T10747] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 164.327832][T10747] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 164.349586][T10734] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 164.349647][T10747] Bluetooth: hci2: command 0x0419 tx timeout [ 164.367136][T10734] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 164.367166][T10734] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 164.367189][T10734] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 164.502624][ T2960] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 10:34:38 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newlink={0x48, 0x10, 0x439, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @gtp={{0x8, 0x1, 'gtp\x00'}, {0x1c, 0x2, 0x0, 0x1, {{0x8}, {0x8}, [@IFLA_GTP_PDP_HASHSIZE={0x8, 0x3, 0x100000}]}}}}]}, 0x48}}, 0x0) [ 164.516076][ T2960] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 164.560371][T10645] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 164.596761][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 164.614950][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 164.633445][T10776] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 164.706236][T10776] Bluetooth: hci3: command 0x0419 tx timeout 10:34:39 executing program 3: write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) close(0xffffffffffffffff) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0) r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x3e, &(0x7f00000000c0)=0x7, 0x4) bind$llc(r0, &(0x7f0000000000), 0x10) sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) 10:34:39 executing program 0: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x3, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0) 10:34:39 executing program 2: r0 = memfd_create(&(0x7f0000000140)='#! \x13\xdb\xb9\xdaU\xb1\xea\xa3\x8a\x91C\xd6\x9fA\xe9\xfb7\xb6\xe5,\x19\xb2y\x02MO&\xcb*p<\xa4\x84\xfa5\xd7YX]z<\xf3T\xf6\x80\xafm\xcfr\xe6\x17\xe1o\x81G\x1e:\x00}[\xfaY-\x13K0\'s\xe0\xceQ\x8b\xdc 9\xb6\x7f*\xe8\xc6\xff\xe7[\xb4\xb9', 0x0) write$binfmt_script(r0, &(0x7f0000000080)=ANY=[@ANYBLOB='fi\t\n'], 0x17) execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 10:34:39 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newlink={0x48, 0x10, 0x439, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @gtp={{0x8, 0x1, 'gtp\x00'}, {0x1c, 0x2, 0x0, 0x1, {{0x8}, {0x8}, [@IFLA_GTP_PDP_HASHSIZE={0x8, 0x3, 0x100000}]}}}}]}, 0x48}}, 0x0) 10:34:39 executing program 2: r0 = memfd_create(&(0x7f0000000140)='#! \x13\xdb\xb9\xdaU\xb1\xea\xa3\x8a\x91C\xd6\x9fA\xe9\xfb7\xb6\xe5,\x19\xb2y\x02MO&\xcb*p<\xa4\x84\xfa5\xd7YX]z<\xf3T\xf6\x80\xafm\xcfr\xe6\x17\xe1o\x81G\x1e:\x00}[\xfaY-\x13K0\'s\xe0\xceQ\x8b\xdc 9\xb6\x7f*\xe8\xc6\xff\xe7[\xb4\xb9', 0x0) write$binfmt_script(r0, &(0x7f0000000080)=ANY=[@ANYBLOB='fi\t\n'], 0x17) execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 10:34:39 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newlink={0x48, 0x10, 0x439, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @gtp={{0x8, 0x1, 'gtp\x00'}, {0x1c, 0x2, 0x0, 0x1, {{0x8}, {0x8}, [@IFLA_GTP_PDP_HASHSIZE={0x8, 0x3, 0x100000}]}}}}]}, 0x48}}, 0x0) 10:34:39 executing program 2: r0 = memfd_create(&(0x7f0000000140)='#! \x13\xdb\xb9\xdaU\xb1\xea\xa3\x8a\x91C\xd6\x9fA\xe9\xfb7\xb6\xe5,\x19\xb2y\x02MO&\xcb*p<\xa4\x84\xfa5\xd7YX]z<\xf3T\xf6\x80\xafm\xcfr\xe6\x17\xe1o\x81G\x1e:\x00}[\xfaY-\x13K0\'s\xe0\xceQ\x8b\xdc 9\xb6\x7f*\xe8\xc6\xff\xe7[\xb4\xb9', 0x0) write$binfmt_script(r0, &(0x7f0000000080)=ANY=[@ANYBLOB='fi\t\n'], 0x17) execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 10:34:39 executing program 0: write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) close(0xffffffffffffffff) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0) r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x3e, &(0x7f00000000c0)=0x7, 0x4) bind$llc(r0, &(0x7f0000000000), 0x10) sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) 10:34:39 executing program 1: write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) close(0xffffffffffffffff) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0) r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x3e, &(0x7f00000000c0)=0x7, 0x4) bind$llc(r0, &(0x7f0000000000), 0x10) sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) 10:34:39 executing program 2: write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) close(0xffffffffffffffff) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0) r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x3e, &(0x7f00000000c0)=0x7, 0x4) bind$llc(r0, &(0x7f0000000000), 0x10) sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) 10:34:39 executing program 0: write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) close(0xffffffffffffffff) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0) r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x3e, &(0x7f00000000c0)=0x7, 0x4) bind$llc(r0, &(0x7f0000000000), 0x10) sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) 10:34:39 executing program 3: write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) close(0xffffffffffffffff) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0) r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x3e, &(0x7f00000000c0)=0x7, 0x4) bind$llc(r0, &(0x7f0000000000), 0x10) sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) 10:34:39 executing program 0: write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) close(0xffffffffffffffff) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0) r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x3e, &(0x7f00000000c0)=0x7, 0x4) bind$llc(r0, &(0x7f0000000000), 0x10) sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) 10:34:39 executing program 2: write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) close(0xffffffffffffffff) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0) r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x3e, &(0x7f00000000c0)=0x7, 0x4) bind$llc(r0, &(0x7f0000000000), 0x10) sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) 10:34:39 executing program 1: write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) close(0xffffffffffffffff) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0) r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x3e, &(0x7f00000000c0)=0x7, 0x4) bind$llc(r0, &(0x7f0000000000), 0x10) sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) 10:34:40 executing program 3: write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) close(0xffffffffffffffff) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0) r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x3e, &(0x7f00000000c0)=0x7, 0x4) bind$llc(r0, &(0x7f0000000000), 0x10) sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) [ 165.861168][ C3] ================================================================== [ 165.877758][ C3] BUG: KASAN: use-after-free in sock_def_write_space+0x609/0x630 [ 165.877758][ C3] Read of size 8 at addr ffff88802409f5c0 by task ksoftirqd/3/29 [ 165.877758][ C3] [ 165.877758][ C3] CPU: 3 PID: 29 Comm: ksoftirqd/3 Not tainted 5.11.0-rc3-syzkaller #0 [ 165.877758][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 165.971513][ C3] Call Trace: [ 165.977527][ C3] dump_stack+0x107/0x163 [ 165.985867][ C3] ? sock_def_write_space+0x609/0x630 [ 165.995912][ C3] ? sock_def_write_space+0x609/0x630 [ 166.005866][ C3] print_address_description.constprop.0.cold+0x5b/0x2c6 [ 166.022583][ C3] ? sock_def_write_space+0x609/0x630 [ 166.031096][ C3] ? sock_def_write_space+0x609/0x630 [ 166.040721][ C3] kasan_report.cold+0x79/0xd5 [ 166.049908][ C3] ? sock_def_write_space+0x609/0x630 [ 166.049908][ C3] sock_def_write_space+0x609/0x630 [ 166.049908][ C3] sock_wfree+0x1cc/0x240 [ 166.049908][ C3] ? __sk_receive_skb+0x830/0x830 [ 166.049908][ C3] skb_release_head_state+0x9f/0x250 [ 166.093927][ C3] consume_skb+0x89/0x160 [ 166.101158][ C3] __dev_kfree_skb_any+0x6b/0x80 [ 166.107374][ C3] e1000_unmap_and_free_tx_resource+0x141/0x200 [ 166.109856][ C3] e1000_clean+0x4a8/0x1c30 [ 166.130959][ C3] ? e1000_configure+0xd90/0xd90 [ 166.139569][ C3] ? find_held_lock+0x2d/0x110 [ 166.145752][ C3] net_rx_action+0x461/0xe10 [ 166.157314][ C3] ? napi_complete_done+0x830/0x830 [ 166.165865][ C3] __do_softirq+0x2bc/0xa29 [ 166.173230][ C3] ? __local_bh_enable_ip+0x110/0x110 [ 166.182200][ C3] run_ksoftirqd+0x2d/0x50 [ 166.189620][ C3] smpboot_thread_fn+0x655/0x9e0 [ 166.199727][ C3] ? __smpboot_create_thread.part.0+0x360/0x360 [ 166.209496][ C3] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 166.215713][ C3] ? __kthread_parkme+0x13f/0x1e0 [ 166.228033][ C3] ? __smpboot_create_thread.part.0+0x360/0x360 [ 166.239148][ C3] kthread+0x3b1/0x4a0 [ 166.246364][ C3] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 166.259968][ C3] ret_from_fork+0x1f/0x30 [ 166.267652][ C3] [ 166.271508][ C3] Allocated by task 10835: [ 166.279121][ C3] kasan_save_stack+0x1b/0x40 [ 166.288300][ C3] ____kasan_kmalloc.constprop.0+0x7f/0xa0 [ 166.297627][ C3] kmem_cache_alloc+0x1ab/0x4c0 [ 166.312566][ C3] sock_alloc_inode+0x18/0x1c0 [ 166.323867][ C3] alloc_inode+0x61/0x230 [ 166.333822][ C3] new_inode_pseudo+0x14/0xe0 [ 166.348500][ C3] sock_alloc+0x3c/0x260 [ 166.357290][ C3] __sock_create+0xb9/0x780 [ 166.369611][ C3] __sys_socket+0xef/0x200 [ 166.379390][ C3] __x64_sys_socket+0x6f/0xb0 [ 166.379390][ C3] do_syscall_64+0x2d/0x70 [ 166.399721][ C3] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 166.408755][ C3] [ 166.419289][ C3] Freed by task 0: [ 166.425763][ C3] kasan_save_stack+0x1b/0x40 [ 166.435968][ C3] kasan_set_track+0x1c/0x30 [ 166.449002][ C3] kasan_set_free_info+0x20/0x30 [ 166.467380][ C3] ____kasan_slab_free+0xb0/0xe0 [ 166.479431][ C3] kmem_cache_free+0x58/0x1c0 [ 166.490279][ C3] i_callback+0x3f/0x70 [ 166.506646][ C3] rcu_core+0x5eb/0xf00 [ 166.519125][ C3] __do_softirq+0x2bc/0xa29 [ 166.528075][ C3] [ 166.534206][ C3] Last potentially related work creation: [ 166.545540][ C3] kasan_save_stack+0x1b/0x40 [ 166.553660][ C3] kasan_record_aux_stack+0x87/0xb0 [ 166.565462][ C3] call_rcu+0xbb/0x700 [ 166.565915][ C3] destroy_inode+0x129/0x1b0 [ 166.580496][ C3] iput.part.0+0x57e/0x810 [ 166.588099][ C3] iput+0x58/0x70 [ 166.597092][ C3] dentry_unlink_inode+0x2b1/0x3d0 [ 166.605690][ C3] __dentry_kill+0x3c0/0x640 [ 166.617239][ C3] dput+0x725/0xbc0 [ 166.624666][ C3] __fput+0x3a9/0x920 [ 166.631019][ C3] task_work_run+0xdd/0x190 [ 166.639452][ C3] exit_to_user_mode_prepare+0x249/0x250 [ 166.649523][ C3] syscall_exit_to_user_mode+0x19/0x50 [ 166.658290][ C3] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 166.668674][ C3] [ 166.673714][ C3] Second to last potentially related work creation: [ 166.684971][ C3] kasan_save_stack+0x1b/0x40 [ 166.693452][ C3] kasan_record_aux_stack+0x87/0xb0 [ 166.703304][ C3] call_rcu+0xbb/0x700 [ 166.710640][ C3] destroy_inode+0x129/0x1b0 [ 166.718159][ C3] iput.part.0+0x57e/0x810 [ 166.725557][ C3] iput+0x58/0x70 [ 166.731698][ C3] dentry_unlink_inode+0x2b1/0x3d0 [ 166.743158][ C3] __dentry_kill+0x3c0/0x640 [ 166.750571][ C3] dput+0x725/0xbc0 [ 166.756725][ C3] __fput+0x3a9/0x920 [ 166.762770][ C3] task_work_run+0xdd/0x190 [ 166.770954][ C3] exit_to_user_mode_prepare+0x249/0x250 [ 166.779566][ C3] syscall_exit_to_user_mode+0x19/0x50 [ 166.788022][ C3] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 166.797668][ C3] [ 166.801243][ C3] The buggy address belongs to the object at ffff88802409f540 [ 166.801243][ C3] which belongs to the cache sock_inode_cache of size 1216 [ 166.829022][ C3] The buggy address is located 128 bytes inside of [ 166.829022][ C3] 1216-byte region [ffff88802409f540, ffff88802409fa00) [ 166.850813][ C3] The buggy address belongs to the page: [ 166.860548][ C3] page:0000000035968fef refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88802409fffd pfn:0x2409f [ 166.879808][ C3] flags: 0xfff00000000200(slab) [ 166.888249][ C3] raw: 00fff00000000200 ffffea000085c6c8 ffffea00007ea548 ffff888010f99d00 [ 166.902963][ C3] raw: ffff88802409fffd ffff88802409f000 0000000100000003 ffff8880109889c1 [ 166.918101][ C3] page dumped because: kasan: bad access detected [ 166.929230][ C3] pages's memcg:ffff8880109889c1 [ 166.939468][ C3] [ 166.944415][ C3] Memory state around the buggy address: [ 166.954399][ C3] ffff88802409f480: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 166.967808][ C3] ffff88802409f500: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 166.981700][ C3] >ffff88802409f580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 167.001482][ C3] ^ [ 167.011111][ C3] ffff88802409f600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 167.024774][ C3] ffff88802409f680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 167.041030][ C3] ================================================================== [ 167.053271][ C3] Disabling lock debugging due to kernel taint [ 167.064295][ C3] Kernel panic - not syncing: panic_on_warn set ... [ 167.075563][ C3] CPU: 3 PID: 29 Comm: ksoftirqd/3 Tainted: G B 5.11.0-rc3-syzkaller #0 [ 167.086488][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 167.107305][ C3] Call Trace: [ 167.107305][ C3] dump_stack+0x107/0x163 [ 167.107305][ C3] ? sock_def_write_space+0x540/0x630 [ 167.107305][ C3] panic+0x306/0x73d [ 167.107305][ C3] ? __warn_printk+0xf3/0xf3 [ 167.107305][ C3] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 167.107305][ C3] ? trace_hardirqs_on+0x38/0x1c0 [ 167.107305][ C3] ? trace_hardirqs_on+0x51/0x1c0 [ 167.107305][ C3] ? sock_def_write_space+0x609/0x630 [ 167.176433][ C3] ? sock_def_write_space+0x609/0x630 [ 167.184421][ C3] end_report+0x58/0x5e [ 167.184421][ C3] kasan_report.cold+0x67/0xd5 [ 167.184421][ C3] ? sock_def_write_space+0x609/0x630 [ 167.184421][ C3] sock_def_write_space+0x609/0x630 [ 167.184421][ C3] sock_wfree+0x1cc/0x240 [ 167.184421][ C3] ? __sk_receive_skb+0x830/0x830 [ 167.184421][ C3] skb_release_head_state+0x9f/0x250 [ 167.184421][ C3] consume_skb+0x89/0x160 [ 167.184421][ C3] __dev_kfree_skb_any+0x6b/0x80 [ 167.184421][ C3] e1000_unmap_and_free_tx_resource+0x141/0x200 [ 167.278800][ C3] e1000_clean+0x4a8/0x1c30 [ 167.278800][ C3] ? e1000_configure+0xd90/0xd90 [ 167.278800][ C3] ? find_held_lock+0x2d/0x110 [ 167.278800][ C3] net_rx_action+0x461/0xe10 [ 167.278800][ C3] ? napi_complete_done+0x830/0x830 [ 167.278800][ C3] __do_softirq+0x2bc/0xa29 [ 167.278800][ C3] ? __local_bh_enable_ip+0x110/0x110 [ 167.278800][ C3] run_ksoftirqd+0x2d/0x50 [ 167.278800][ C3] smpboot_thread_fn+0x655/0x9e0 [ 167.278800][ C3] ? __smpboot_create_thread.part.0+0x360/0x360 [ 167.381064][ C3] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 167.381064][ C3] ? __kthread_parkme+0x13f/0x1e0 [ 167.381064][ C3] ? __smpboot_create_thread.part.0+0x360/0x360 [ 167.381064][ C3] kthread+0x3b1/0x4a0 [ 167.381064][ C3] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 167.381064][ C3] ret_from_fork+0x1f/0x30 [ 167.381064][ C3] Kernel Offset: disabled [ 167.381064][ C3] Rebooting in 86400 seconds.. VM DIAGNOSIS: 10:34:40 Registers: info registers vcpu 0 RAX=00000000000534b5 RBX=ffffffff8b0bc340 RCX=ffffffff88fa4330 RDX=0000000000000000 RSI=0000000000000001 RDI=0000000000000000 RBP=fffffbfff1617868 RSP=ffffffff8b007e40 R8 =0000000000000001 R9 =ffff88802ca35c6b R10=ffffed1005946b8d R11=0000000000000000 R12=0000000000000000 R13=0000000000000000 R14=ffffffff8d03a048 R15=0000000000000000 RIP=ffffffff88fc984e RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802ca00000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fe74f860000 CR3=000000002c437000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=0000000000000000c1162e42fefa39ef XMM03=0000000000000000414fffffe0000000 XMM04=61636f6c2f7273752f3a6e6962732f6c XMM05=3a6e6962732f7273752f3a6e69622f6c XMM06=2f3a6e6962732f3a6e69622f7273752f XMM07=3131582f6e69622f7273752f3a6e6962 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000001 RBX=1ffff920000a11a7 RCX=ffffffff8158cd48 RDX=0000000000000001 RSI=0000000000000008 RDI=ffffffff8d03a048 RBP=0000000000000001 RSP=ffffc90000508d28 R8 =0000000000000000 R9 =ffffffff8d03a04f R10=fffffbfff1a07409 R11=0000000000000000 R12=0000000000000000 R13=ffff88802cb26a18 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff8158cf73 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802cb00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe000003e000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000003c000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fddffa74000 CR3=0000000053636000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=000000000000026c000000000000000a XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=00000000000000000000000000000000 XMM05=000000000000026c000000000000000a XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 2 RAX=000000517de2d86e RBX=0000000000000000 RCX=00000000000006e0 RDX=0000000000000051 RSI=ffff88802cc1fa00 RDI=000000000025a6ca RBP=ffff88802cc1fa00 RSP=ffffc90000560eb8 R8 =000000000000003f R9 =0000000000000000 R10=ffffffff8165bea7 R11=0000000000000000 R12=000000000025a6ca R13=0000000000000019 R14=0000000000000000 R15=ffff88802cc26a00 RIP=ffffffff812fb55b RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802cc00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe0000079000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000077000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000000212e668 CR3=000000002c437000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=0000000001ad3d40000000003e0b252f XMM02=0000000000000000408f400000000000 XMM03=000000c000044260000000c000044250 XMM04=000000c0000446b0000000c000044460 XMM05=000000c0000446c0000000c0000446a0 XMM06=000000c000044150000000c000044110 XMM07=000000c000044130000000c000044120 XMM08=000000c000044a30000000c0000449f0 XMM09=000000c000044ac0000000c000044a40 XMM10=000000c000044a80000000c000044aa0 XMM11=000000c000044a00000000c000044a90 XMM12=000000c000044a50000000c000044a70 XMM13=000000c000045cf0000000c000045d20 XMM14=000000c000045d10000000c000045d00 XMM15=000000c000045cb0000000c000045ce0 info registers vcpu 3 RAX=000000000000006f RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84182a21 RDI=ffffffff8fc7f800 RBP=ffffffff8fc7f7c0 RSP=ffffc9000058f620 R8 =0000000000000000 R9 =0000000000000000 R10=ffffffff84182a12 R11=000000000000001f R12=0000000000000000 R13=000000000000006f R14=ffffffff8fc7f7c0 R15=dffffc0000000000 RIP=ffffffff84182a4a RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802cd00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe00000b4000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000b2000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000002000c038 CR3=000000005cc61000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000ff0000000000000000 XMM01=00000000ff00000100000000000000ff XMM02=7463656a6e695f31313230385f7a7973 XMM03=ffffffff8161304effffffff814480b3 XMM04=0000000000000000000000ff00000000 XMM05=000000000000026c000000000000000a XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000