Warning: Permanently added '[localhost]:40264' (ECDSA) to the list of known hosts. 2020/07/21 12:42:14 fuzzer started 2020/07/21 12:42:14 dialing manager at 10.0.2.10:40341 2020/07/21 12:42:14 syscalls: 3212 2020/07/21 12:42:14 code coverage: enabled 2020/07/21 12:42:14 comparison tracing: enabled 2020/07/21 12:42:14 extra coverage: enabled 2020/07/21 12:42:14 setuid sandbox: enabled 2020/07/21 12:42:14 namespace sandbox: enabled 2020/07/21 12:42:14 Android sandbox: /sys/fs/selinux/policy does not exist 2020/07/21 12:42:14 fault injection: enabled 2020/07/21 12:42:14 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/07/21 12:42:14 net packet injection: enabled 2020/07/21 12:42:14 net device setup: enabled 2020/07/21 12:42:14 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/07/21 12:42:14 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/07/21 12:42:14 USB emulation: enabled 12:43:02 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) write$tun(r0, &(0x7f0000000240)={@void, @val, @mpls={[], @ipv4=@icmp={{0x8, 0x4, 0x0, 0x0, 0x22, 0x0, 0x0, 0x0, 0x11, 0x0, @dev, @remote={0xac, 0x14, 0x8}}, @timestamp}}}, 0x100c) 12:43:02 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000040)="ab0db4cb8eef996c38fa67c085fe11fa481f3412de7f42469e0e0720b8dc23e7dfae3a70e3327bb15fb0b2a6b02d19aea474da0811aaf3789b0c41", 0x3b}], 0x1) 12:43:02 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x2000}, 0x4) syzkaller login: [ 185.064449][ T8625] IPVS: ftp: loaded support on port[0] = 21 [ 185.064665][ T8626] IPVS: ftp: loaded support on port[0] = 21 12:43:02 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) chroot(&(0x7f0000000380)='./file0/../file0\x00') mount(0x0, &(0x7f000000aff8)='./file0\x00', &(0x7f0000000000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f00000002c0)='./file0\x00') symlink(&(0x7f0000000140)='..', &(0x7f00000000c0)='./file0\x00') umount2(&(0x7f0000000240)='./file0/../file0\x00', 0x2) [ 185.361172][ T8628] IPVS: ftp: loaded support on port[0] = 21 [ 185.682031][ T8625] chnl_net:caif_netlink_parms(): no params data found [ 185.732428][ T8630] IPVS: ftp: loaded support on port[0] = 21 [ 185.757659][ T8626] chnl_net:caif_netlink_parms(): no params data found [ 185.833295][ T8628] chnl_net:caif_netlink_parms(): no params data found [ 185.972668][ T8625] bridge0: port 1(bridge_slave_0) entered blocking state [ 185.987534][ T8625] bridge0: port 1(bridge_slave_0) entered disabled state [ 186.002697][ T8625] device bridge_slave_0 entered promiscuous mode [ 186.029032][ T8626] bridge0: port 1(bridge_slave_0) entered blocking state [ 186.040193][ T8626] bridge0: port 1(bridge_slave_0) entered disabled state [ 186.052225][ T8626] device bridge_slave_0 entered promiscuous mode [ 186.066435][ T8625] bridge0: port 2(bridge_slave_1) entered blocking state [ 186.076795][ T8625] bridge0: port 2(bridge_slave_1) entered disabled state [ 186.087525][ T8625] device bridge_slave_1 entered promiscuous mode [ 186.112335][ T8626] bridge0: port 2(bridge_slave_1) entered blocking state [ 186.125405][ T8626] bridge0: port 2(bridge_slave_1) entered disabled state [ 186.134860][ T8626] device bridge_slave_1 entered promiscuous mode [ 186.173387][ T8626] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 186.196901][ T8626] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 186.227568][ T8625] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 186.247417][ T8628] bridge0: port 1(bridge_slave_0) entered blocking state [ 186.257994][ T8628] bridge0: port 1(bridge_slave_0) entered disabled state [ 186.271675][ T8628] device bridge_slave_0 entered promiscuous mode [ 186.306432][ T8625] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 186.324520][ T8628] bridge0: port 2(bridge_slave_1) entered blocking state [ 186.336899][ T8628] bridge0: port 2(bridge_slave_1) entered disabled state [ 186.351748][ T8628] device bridge_slave_1 entered promiscuous mode [ 186.367053][ T8626] team0: Port device team_slave_0 added [ 186.381120][ T8626] team0: Port device team_slave_1 added [ 186.438201][ T8625] team0: Port device team_slave_0 added [ 186.455907][ T8626] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 186.468289][ T8626] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 186.511602][ T8626] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 186.531256][ T8630] chnl_net:caif_netlink_parms(): no params data found [ 186.548033][ T8625] team0: Port device team_slave_1 added [ 186.565087][ T8628] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 186.579773][ T8626] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 186.589612][ T8626] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 186.627460][ T8626] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 186.664653][ T8628] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 186.692376][ T8625] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 186.703157][ T8625] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 186.735916][ T8625] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 186.777711][ T8628] team0: Port device team_slave_0 added [ 186.785246][ T8625] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 186.794394][ T8625] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 186.876606][ T8625] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 187.003011][ T8628] team0: Port device team_slave_1 added [ 187.105790][ T8626] device hsr_slave_0 entered promiscuous mode [ 187.173596][ T8626] device hsr_slave_1 entered promiscuous mode [ 187.366024][ T8625] device hsr_slave_0 entered promiscuous mode [ 187.432077][ T8625] device hsr_slave_1 entered promiscuous mode [ 187.506096][ T8625] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 187.539449][ T8625] Cannot create hsr debugfs directory [ 187.579034][ T8628] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 187.593448][ T8628] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 187.644628][ T8628] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 187.689789][ T8630] bridge0: port 1(bridge_slave_0) entered blocking state [ 187.706405][ T8630] bridge0: port 1(bridge_slave_0) entered disabled state [ 187.723674][ T8630] device bridge_slave_0 entered promiscuous mode [ 187.747831][ T8628] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 187.758810][ T8628] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 187.810869][ T8628] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 187.878834][ T8630] bridge0: port 2(bridge_slave_1) entered blocking state [ 187.893974][ T8630] bridge0: port 2(bridge_slave_1) entered disabled state [ 187.909320][ T8630] device bridge_slave_1 entered promiscuous mode [ 187.952855][ T8630] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 188.064633][ T8628] device hsr_slave_0 entered promiscuous mode [ 188.134001][ T8628] device hsr_slave_1 entered promiscuous mode [ 188.212809][ T8628] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 188.227214][ T8628] Cannot create hsr debugfs directory [ 188.239863][ T8630] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 188.285800][ T8630] team0: Port device team_slave_0 added [ 188.315593][ T8630] team0: Port device team_slave_1 added [ 188.364669][ T8630] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 188.391937][ T8630] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.474936][ T8630] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 188.536114][ T8630] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 188.559251][ T8630] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.623290][ T8630] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 188.854669][ T8630] device hsr_slave_0 entered promiscuous mode [ 188.902038][ T8630] device hsr_slave_1 entered promiscuous mode [ 188.961730][ T8630] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 188.981873][ T8630] Cannot create hsr debugfs directory [ 189.029954][ T8625] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 189.102691][ T8625] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 189.180507][ T8625] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 189.246332][ T8625] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 189.366505][ T8626] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 189.471432][ T8626] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 189.529395][ T8628] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 189.616915][ T8626] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 189.694818][ T8628] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 189.793788][ T8628] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 189.867371][ T8628] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 189.956435][ T8626] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 190.061936][ T8630] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 190.146805][ T8630] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 190.203805][ T8630] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 190.294004][ T8630] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 190.506498][ T8625] 8021q: adding VLAN 0 to HW filter on device bond0 [ 190.547139][ T8630] 8021q: adding VLAN 0 to HW filter on device bond0 [ 190.563819][ T3229] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 190.577389][ T3229] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 190.597835][ T8625] 8021q: adding VLAN 0 to HW filter on device team0 [ 190.621847][ T8626] 8021q: adding VLAN 0 to HW filter on device bond0 [ 190.637251][ T3229] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 190.652921][ T3229] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 190.666285][ T3229] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.677994][ T3229] bridge0: port 1(bridge_slave_0) entered forwarding state [ 190.699768][ T3229] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 190.733033][ T8630] 8021q: adding VLAN 0 to HW filter on device team0 [ 190.742750][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 190.757098][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 190.768431][ T28] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.777044][ T28] bridge0: port 2(bridge_slave_1) entered forwarding state [ 190.786294][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 190.796066][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 190.805866][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 190.814754][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 190.832667][ T8628] 8021q: adding VLAN 0 to HW filter on device bond0 [ 190.842603][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 190.856477][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 190.870248][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 190.888784][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 190.898142][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 190.906785][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 190.916718][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 190.926497][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 190.937520][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 190.947561][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.955562][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 190.965169][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 190.973945][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 190.983673][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 190.998653][ T8626] 8021q: adding VLAN 0 to HW filter on device team0 [ 191.007645][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 191.018278][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 191.028437][ T18] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.036569][ T18] bridge0: port 2(bridge_slave_1) entered forwarding state [ 191.046951][ T8628] 8021q: adding VLAN 0 to HW filter on device team0 [ 191.061296][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 191.071094][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 191.083629][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 191.094879][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 191.105503][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 191.125674][ T8650] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 191.137094][ T8650] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 191.148056][ T8650] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.156023][ T8650] bridge0: port 1(bridge_slave_0) entered forwarding state [ 191.166872][ T8650] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 191.209915][ T8650] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 191.227517][ T8650] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.235780][ T8650] bridge0: port 1(bridge_slave_0) entered forwarding state [ 191.247221][ T8650] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 191.291305][ T8625] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 191.305059][ T3229] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 191.318407][ T3229] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 191.329809][ T3229] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 191.342453][ T3229] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 191.356501][ T3229] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.367574][ T3229] bridge0: port 2(bridge_slave_1) entered forwarding state [ 191.379843][ T3229] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 191.391850][ T3229] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 191.403714][ T3229] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.414179][ T3229] bridge0: port 2(bridge_slave_1) entered forwarding state [ 191.424591][ T3229] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 191.450699][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 191.470001][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 191.487438][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 191.499765][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 191.511776][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 191.523090][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 191.535433][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 191.554001][ T1222] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 191.577891][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 191.590811][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 191.607551][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 191.622901][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 191.636294][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 191.649748][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 191.663180][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 191.676670][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 191.692320][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 191.704812][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 191.721024][ T8630] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 191.745131][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 191.759499][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 191.773632][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 191.784017][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 191.792471][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 191.802772][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 191.825755][ T8625] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 191.841917][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 191.853116][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 191.867701][ T1222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 191.878669][ T1222] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 191.900078][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 191.910865][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 191.928680][ T8628] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 191.943938][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 191.953575][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 191.963065][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 191.973419][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 191.986160][ T8626] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 192.010605][ T8630] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 192.026818][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 192.037988][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 192.059310][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 192.069129][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 192.092419][ T8628] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 192.110296][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 192.120523][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 192.130424][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 192.141156][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 192.168455][ T8625] device veth0_vlan entered promiscuous mode [ 192.181263][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 192.192551][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 192.202459][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 192.214481][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 192.229302][ T8626] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 192.244914][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 192.256548][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 192.268943][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 192.280735][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 192.297596][ T8630] device veth0_vlan entered promiscuous mode [ 192.312809][ T8625] device veth1_vlan entered promiscuous mode [ 192.336754][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 192.349113][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 192.363257][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 192.390323][ T8630] device veth1_vlan entered promiscuous mode [ 192.414483][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 192.426740][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 192.440784][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 192.454842][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 192.468439][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 192.482738][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 192.496726][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 192.509020][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 192.526457][ T8628] device veth0_vlan entered promiscuous mode [ 192.566702][ T8650] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 192.580326][ T8650] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 192.595678][ T8650] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 192.613147][ T8625] device veth0_macvtap entered promiscuous mode [ 192.629706][ T8625] device veth1_macvtap entered promiscuous mode [ 192.647567][ T8628] device veth1_vlan entered promiscuous mode [ 192.664075][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 192.676229][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 192.691116][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 192.705802][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 192.720822][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 192.740862][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 192.756504][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 192.770256][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 192.798966][ T8626] device veth0_vlan entered promiscuous mode [ 192.817444][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 192.833825][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 192.850634][ T8630] device veth0_macvtap entered promiscuous mode [ 192.870184][ T8626] device veth1_vlan entered promiscuous mode [ 192.892602][ T8630] device veth1_macvtap entered promiscuous mode [ 192.915719][ T8625] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 192.935829][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 192.948940][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 192.961936][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 192.977336][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 192.990140][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 193.003868][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 193.026961][ T8625] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 193.045443][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 193.059906][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 193.076711][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 193.091057][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 193.110338][ T8626] device veth0_macvtap entered promiscuous mode [ 193.123786][ T8628] device veth0_macvtap entered promiscuous mode [ 193.136836][ T8650] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 193.153957][ T8650] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 193.169623][ T8650] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 193.187643][ T8626] device veth1_macvtap entered promiscuous mode [ 193.212419][ T8630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 193.232821][ T8630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.256468][ T8630] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 193.275309][ T8630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 193.294064][ T8630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.312793][ T8630] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 193.330289][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 193.344847][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 193.359958][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 193.375890][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 193.393531][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 193.412824][ T8628] device veth1_macvtap entered promiscuous mode [ 193.753928][ T8626] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 193.777142][ T8626] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.796481][ T8626] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 193.820866][ T8626] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.851016][ T8626] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 193.865483][ T8628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 193.885006][ T8628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.902921][ T8628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 193.921891][ T8628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.939081][ T8628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 193.957479][ T8628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.976678][ T8628] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 194.066073][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 194.083047][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 194.098095][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 194.113503][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 194.140128][ T8626] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 194.159680][ T8626] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.177330][ T8626] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 194.194139][ T8626] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.213427][ T8626] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 194.228383][ T8625] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 194.347089][ T8628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 194.379464][ T8628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.407908][ T8628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 194.453531][ T8628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.485540][ T8628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 194.520322][ T8628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.560894][ T8628] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 194.601961][ T8653] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 194.624681][ T8653] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 194.649008][ T8653] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 194.690063][ T8653] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 12:43:12 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) chroot(&(0x7f0000000380)='./file0/../file0\x00') mount(0x0, &(0x7f000000aff8)='./file0\x00', &(0x7f0000000000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f00000002c0)='./file0\x00') symlink(&(0x7f0000000140)='..', &(0x7f00000000c0)='./file0\x00') umount2(&(0x7f0000000240)='./file0/../file0\x00', 0x2) 12:43:12 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000000)={0x280, 0x480, 0x0, 0x0, 0x0, 0x0, 0x4}) 12:43:13 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) chroot(&(0x7f0000000380)='./file0/../file0\x00') mount(0x0, &(0x7f000000aff8)='./file0\x00', &(0x7f0000000000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f00000002c0)='./file0\x00') symlink(&(0x7f0000000140)='..', &(0x7f00000000c0)='./file0\x00') umount2(&(0x7f0000000240)='./file0/../file0\x00', 0x2) 12:43:13 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000000)={0x280, 0x480, 0x0, 0x0, 0x0, 0x0, 0x4}) 12:43:13 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000000)={0x280, 0x480, 0x0, 0x0, 0x0, 0x0, 0x4}) 12:43:13 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) chroot(&(0x7f0000000380)='./file0/../file0\x00') mount(0x0, &(0x7f000000aff8)='./file0\x00', &(0x7f0000000000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f00000002c0)='./file0\x00') symlink(&(0x7f0000000140)='..', &(0x7f00000000c0)='./file0\x00') umount2(&(0x7f0000000240)='./file0/../file0\x00', 0x2) 12:43:13 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000040)="ab0db4cb8eef996c38fa67c085fe11fa481f3412de7f42469e0e0720b8dc23e7dfae3a70e3327bb15fb0b2a6b02d19aea474da0811aaf3789b0c41", 0x3b}], 0x1) 12:43:13 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) chroot(&(0x7f0000000380)='./file0/../file0\x00') mount(0x0, &(0x7f000000aff8)='./file0\x00', &(0x7f0000000000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f00000002c0)='./file0\x00') umount2(&(0x7f0000000240)='./file0/../file0\x00', 0x2) 12:43:13 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000000)={0x280, 0x480, 0x0, 0x0, 0x0, 0x0, 0x4}) 12:43:13 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x2000}, 0x4) 12:43:13 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) chroot(&(0x7f0000000380)='./file0/../file0\x00') mount(0x0, &(0x7f000000aff8)='./file0\x00', &(0x7f0000000000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f00000002c0)='./file0\x00') umount2(&(0x7f0000000240)='./file0/../file0\x00', 0x2) 12:43:13 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000040)="ab0db4cb8eef996c38fa67c085fe11fa481f3412de7f42469e0e0720b8dc23e7dfae3a70e3327bb15fb0b2a6b02d19aea474da0811aaf3789b0c41", 0x3b}], 0x1) 12:43:13 executing program 0: ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000000)={0x280, 0x480, 0x0, 0x0, 0x0, 0x0, 0x4}) 12:43:13 executing program 0: ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000000)={0x280, 0x480, 0x0, 0x0, 0x0, 0x0, 0x4}) 12:43:13 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000000)={0x280, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) 12:43:13 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) chroot(&(0x7f0000000380)='./file0/../file0\x00') mount(0x0, &(0x7f000000aff8)='./file0\x00', &(0x7f0000000000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f00000002c0)='./file0\x00') umount2(&(0x7f0000000240)='./file0/../file0\x00', 0x2) 12:43:13 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000040)="ab0db4cb8eef996c38fa67c085fe11fa481f3412de7f42469e0e0720b8dc23e7dfae3a70e3327bb15fb0b2a6b02d19aea474da0811aaf3789b0c41", 0x3b}], 0x1) 12:43:13 executing program 0: ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000000)={0x280, 0x480, 0x0, 0x0, 0x0, 0x0, 0x4}) 12:43:13 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) chroot(&(0x7f0000000380)='./file0/../file0\x00') mount(0x0, &(0x7f000000aff8)='./file0\x00', &(0x7f0000000000)='ramfs\x00', 0x0, 0x0) symlink(&(0x7f0000000140)='..', &(0x7f00000000c0)='./file0\x00') umount2(&(0x7f0000000240)='./file0/../file0\x00', 0x2) 12:43:13 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000000)={0x280, 0x480, 0x0, 0x0, 0x0, 0x0, 0x4}) 12:43:13 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) chroot(&(0x7f0000000380)='./file0/../file0\x00') mount(0x0, &(0x7f000000aff8)='./file0\x00', &(0x7f0000000000)='ramfs\x00', 0x0, 0x0) symlink(&(0x7f0000000140)='..', &(0x7f00000000c0)='./file0\x00') umount2(&(0x7f0000000240)='./file0/../file0\x00', 0x2) 12:43:13 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000000)={0x280, 0x480, 0x0, 0x0, 0x0, 0x0, 0x4}) 12:43:13 executing program 1: writev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000040)="ab0db4cb8eef996c38fa67c085fe11fa481f3412de7f42469e0e0720b8dc23e7dfae3a70e3327bb15fb0b2a6b02d19aea474da0811aaf3789b0c41", 0x3b}], 0x1) 12:43:13 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000000)={0x280, 0x480, 0x0, 0x0, 0x0, 0x0, 0x4}) 12:43:13 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) chroot(&(0x7f0000000380)='./file0/../file0\x00') mount(0x0, &(0x7f000000aff8)='./file0\x00', &(0x7f0000000000)='ramfs\x00', 0x0, 0x0) symlink(&(0x7f0000000140)='..', &(0x7f00000000c0)='./file0\x00') umount2(&(0x7f0000000240)='./file0/../file0\x00', 0x2) 12:43:13 executing program 1: writev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000040)="ab0db4cb8eef996c38fa67c085fe11fa481f3412de7f42469e0e0720b8dc23e7dfae3a70e3327bb15fb0b2a6b02d19aea474da0811aaf3789b0c41", 0x3b}], 0x1) 12:43:13 executing program 0: openat$fb0(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000000)={0x280, 0x480, 0x0, 0x0, 0x0, 0x0, 0x4}) 12:43:13 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000000)={0x280, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) 12:43:13 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) chroot(&(0x7f0000000380)='./file0/../file0\x00') chdir(&(0x7f00000002c0)='./file0\x00') symlink(&(0x7f0000000140)='..', &(0x7f00000000c0)='./file0\x00') umount2(&(0x7f0000000240)='./file0/../file0\x00', 0x2) [ 196.037614][ T8754] ================================================================== [ 196.038860][ T8754] BUG: KASAN: vmalloc-out-of-bounds in bitfill_aligned+0x34a/0x400 [ 196.038904][ T8754] Write of size 8 at addr ffffc90009d71000 by task syz-executor.2/8754 [ 196.038907][ T8754] [ 196.039422][ T8754] CPU: 2 PID: 8754 Comm: syz-executor.2 Not tainted 5.8.0-rc6-syzkaller #0 [ 196.039469][ T8754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 196.039489][ T8754] Call Trace: [ 196.039554][ T8754] dump_stack+0x18f/0x20d [ 196.039565][ T8754] ? bitfill_aligned+0x34a/0x400 [ 196.039574][ T8754] ? bitfill_aligned+0x34a/0x400 [ 196.039585][ T8754] print_address_description.constprop.0.cold+0x5/0x436 [ 196.040735][ T8754] ? lockdep_hardirqs_off+0x66/0xa0 [ 196.040827][ T8754] ? vprintk_func+0x97/0x1a6 [ 196.040840][ T8754] ? bitfill_aligned+0x34a/0x400 [ 196.040849][ T8754] kasan_report.cold+0x1f/0x37 [ 196.040941][ T8754] ? bitfill_aligned+0x111/0x400 [ 196.040950][ T8754] ? bitfill_aligned+0x34a/0x400 [ 196.040961][ T8754] bitfill_aligned+0x34a/0x400 [ 196.041168][ T8754] sys_fillrect+0x408/0x7a0 [ 196.041178][ T8754] ? sys_fillrect+0x7a0/0x7a0 [ 196.041195][ T8754] drm_fb_helper_sys_fillrect+0x1e/0x190 [ 196.041206][ T8754] bit_clear_margins+0x2d5/0x4a0 [ 196.041216][ T8754] ? bit_bmove+0x210/0x210 [ 196.041230][ T8754] ? fb_get_color_depth+0x11a/0x240 [ 196.041241][ T8754] fbcon_clear_margins+0x1d5/0x230 [ 196.041252][ T8754] fbcon_switch+0xb6e/0x16c0 [ 196.041264][ T8754] ? fbcon_scroll+0x3600/0x3600 [ 196.041281][ T8754] ? fbcon_cursor+0x52b/0x650 [ 196.041290][ T8754] ? kmalloc_array.constprop.0+0x20/0x20 [ 196.041303][ T8754] ? is_console_locked+0x5/0x10 [ 196.041312][ T8754] ? fbcon_set_origin+0x26/0x50 [ 196.041325][ T8754] redraw_screen+0x2ae/0x770 [ 196.041336][ T8754] ? vc_init+0x440/0x440 [ 196.041345][ T8754] ? fb_get_color_depth+0x11a/0x240 [ 196.041356][ T8754] ? fbcon_set_palette+0x3a8/0x490 [ 196.041367][ T8754] fbcon_modechanged+0x575/0x710 [ 196.041378][ T8754] fbcon_update_vcs+0x3a/0x50 [ 196.041388][ T8754] fb_set_var+0xae8/0xd60 [ 196.041390][ T8754] ? fb_blank+0x190/0x190 [ 196.041390][ T8754] ? lock_release+0x8d0/0x8d0 [ 196.041390][ T8754] ? lock_is_held_type+0xb0/0xe0 [ 196.041390][ T8754] ? do_fb_ioctl+0x2f2/0x6c0 [ 196.041390][ T8754] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 196.041390][ T8754] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 196.041390][ T8754] ? trace_hardirqs_on+0x5f/0x220 [ 196.041390][ T8754] do_fb_ioctl+0x33f/0x6c0 [ 196.041390][ T8754] ? fb_set_suspend+0x1a0/0x1a0 [ 196.041390][ T8754] ? lock_downgrade+0x820/0x820 [ 196.041390][ T8754] ? trace_hardirqs_on+0x5f/0x220 [ 196.041390][ T8754] ? lockdep_hardirqs_on+0x6a/0xe0 [ 196.041390][ T8754] ? tomoyo_path_number_perm+0x244/0x4d0 [ 196.041390][ T8754] ? tomoyo_execute_permission+0x470/0x470 [ 196.041390][ T8754] ? __might_fault+0xef/0x1d0 [ 196.041390][ T8754] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 196.041390][ T8754] ? do_vfs_ioctl+0x27d/0x1090 [ 196.041390][ T8754] ? generic_block_fiemap+0x60/0x60 [ 196.041390][ T8754] fb_compat_ioctl+0x175/0xc10 [ 196.041390][ T8754] ? fb_open+0x430/0x430 [ 196.041390][ T8754] ? __fget_files+0x294/0x400 [ 196.041390][ T8754] ? fb_open+0x430/0x430 [ 196.041390][ T8754] __do_compat_sys_ioctl+0x1d3/0x230 [ 196.041390][ T8754] do_syscall_32_irqs_on+0x3f/0x60 [ 196.041390][ T8754] do_fast_syscall_32+0x7f/0x120 [ 196.041390][ T8754] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 196.041390][ T8754] RIP: 0023:0xf7f86569 [ 196.041390][ T8754] Code: Bad RIP value. [ 196.041390][ T8754] RSP: 002b:00000000f5d810bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 196.041390][ T8754] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004601 [ 196.041390][ T8754] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 196.041390][ T8754] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 196.041390][ T8754] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 196.041390][ T8754] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 196.041390][ T8754] [ 196.041390][ T8754] [ 196.041390][ T8754] Memory state around the buggy address: [ 196.041390][ T8754] ffffc90009d70f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 196.041390][ T8754] ffffc90009d70f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 196.041390][ T8754] >ffffc90009d71000: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 196.041390][ T8754] ^ [ 196.041390][ T8754] ffffc90009d71080: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 196.041390][ T8754] ffffc90009d71100: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 196.041390][ T8754] ================================================================== [ 196.041390][ T8754] Disabling lock debugging due to kernel taint [ 196.049893][ T8754] Kernel panic - not syncing: panic_on_warn set ... [ 196.049905][ T8754] CPU: 2 PID: 8754 Comm: syz-executor.2 Tainted: G B 5.8.0-rc6-syzkaller #0 [ 196.049911][ T8754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 196.049925][ T8754] Call Trace: [ 196.050036][ T8754] dump_stack+0x18f/0x20d [ 196.050048][ T8754] ? bitfill_aligned+0x310/0x400 [ 196.050058][ T8754] panic+0x2e3/0x75c [ 196.050067][ T8754] ? __warn_printk+0xf3/0xf3 [ 196.050078][ T8754] ? preempt_schedule_common+0x59/0xc0 [ 196.050086][ T8754] ? bitfill_aligned+0x34a/0x400 [ 196.050096][ T8754] ? preempt_schedule_thunk+0x16/0x18 [ 196.050105][ T8754] ? trace_hardirqs_on+0x55/0x220 [ 196.050114][ T8754] ? bitfill_aligned+0x34a/0x400 [ 196.050127][ T8754] ? bitfill_aligned+0x34a/0x400 [ 196.050134][ T8754] end_report+0x4d/0x53 [ 196.050150][ T8754] kasan_report.cold+0xd/0x37 [ 196.050159][ T8754] ? bitfill_aligned+0x111/0x400 [ 196.050168][ T8754] ? bitfill_aligned+0x34a/0x400 [ 196.050177][ T8754] bitfill_aligned+0x34a/0x400 [ 196.050187][ T8754] sys_fillrect+0x408/0x7a0 [ 196.050195][ T8754] ? sys_fillrect+0x7a0/0x7a0 [ 196.050208][ T8754] drm_fb_helper_sys_fillrect+0x1e/0x190 [ 196.050217][ T8754] bit_clear_margins+0x2d5/0x4a0 [ 196.050225][ T8754] ? bit_bmove+0x210/0x210 [ 196.050236][ T8754] ? fb_get_color_depth+0x11a/0x240 [ 196.050244][ T8754] fbcon_clear_margins+0x1d5/0x230 [ 196.050253][ T8754] fbcon_switch+0xb6e/0x16c0 [ 196.050264][ T8754] ? fbcon_scroll+0x3600/0x3600 [ 196.050279][ T8754] ? fbcon_cursor+0x52b/0x650 [ 196.050291][ T8754] ? kmalloc_array.constprop.0+0x20/0x20 [ 196.050302][ T8754] ? is_console_locked+0x5/0x10 [ 196.050309][ T8754] ? fbcon_set_origin+0x26/0x50 [ 196.050318][ T8754] redraw_screen+0x2ae/0x770 [ 196.050327][ T8754] ? vc_init+0x440/0x440 [ 196.050336][ T8754] ? fb_get_color_depth+0x11a/0x240 [ 196.050360][ T8754] ? fbcon_set_palette+0x3a8/0x490 [ 196.050370][ T8754] fbcon_modechanged+0x575/0x710 [ 196.050380][ T8754] fbcon_update_vcs+0x3a/0x50 [ 196.050389][ T8754] fb_set_var+0xae8/0xd60 [ 196.050403][ T8754] ? fb_blank+0x190/0x190 [ 196.050412][ T8754] ? lock_release+0x8d0/0x8d0 [ 196.050424][ T8754] ? lock_is_held_type+0xb0/0xe0 [ 196.050437][ T8754] ? do_fb_ioctl+0x2f2/0x6c0 [ 196.050451][ T8754] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 196.050460][ T8754] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 196.050467][ T8754] ? trace_hardirqs_on+0x5f/0x220 [ 196.050476][ T8754] do_fb_ioctl+0x33f/0x6c0 [ 196.050485][ T8754] ? fb_set_suspend+0x1a0/0x1a0 [ 196.050493][ T8754] ? lock_downgrade+0x820/0x820 [ 196.050501][ T8754] ? trace_hardirqs_on+0x5f/0x220 [ 196.050509][ T8754] ? lockdep_hardirqs_on+0x6a/0xe0 [ 196.050519][ T8754] ? tomoyo_path_number_perm+0x244/0x4d0 [ 196.050528][ T8754] ? tomoyo_execute_permission+0x470/0x470 [ 196.050535][ T8754] ? __might_fault+0xef/0x1d0 [ 196.050548][ T8754] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 196.050556][ T8754] ? do_vfs_ioctl+0x27d/0x1090 [ 196.050563][ T8754] ? generic_block_fiemap+0x60/0x60 [ 196.050573][ T8754] fb_compat_ioctl+0x175/0xc10 [ 196.050581][ T8754] ? fb_open+0x430/0x430 [ 196.050590][ T8754] ? __fget_files+0x294/0x400 [ 196.050602][ T8754] ? fb_open+0x430/0x430 [ 196.050611][ T8754] __do_compat_sys_ioctl+0x1d3/0x230 [ 196.050624][ T8754] do_syscall_32_irqs_on+0x3f/0x60 [ 196.050634][ T8754] do_fast_syscall_32+0x7f/0x120 [ 196.050644][ T8754] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 196.050650][ T8754] RIP: 0023:0xf7f86569 [ 196.050653][ T8754] Code: Bad RIP value. [ 196.050657][ T8754] RSP: 002b:00000000f5d810bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 196.050665][ T8754] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004601 [ 196.050669][ T8754] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 196.050673][ T8754] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 196.050678][ T8754] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 196.050682][ T8754] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 196.054695][ T8754] Kernel Offset: disabled [ 196.054695][ T8754] Rebooting in 86400 seconds..