Warning: Permanently added '[localhost]:9111' (ECDSA) to the list of known hosts. [ 109.362595][ T46] audit: type=1400 audit(1607600192.743:42): avc: denied { map } for pid=9625 comm="syz-fuzzer" path="/syz-fuzzer" dev="sda1" ino=16525 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 2020/12/10 11:36:32 fuzzer started 2020/12/10 11:36:33 dialing manager at 10.0.2.10:42619 2020/12/10 11:36:39 syscalls: 3495 2020/12/10 11:36:39 code coverage: enabled 2020/12/10 11:36:39 comparison tracing: enabled 2020/12/10 11:36:39 extra coverage: enabled 2020/12/10 11:36:39 setuid sandbox: enabled 2020/12/10 11:36:39 namespace sandbox: enabled 2020/12/10 11:36:39 Android sandbox: /sys/fs/selinux/policy does not exist 2020/12/10 11:36:39 fault injection: enabled 2020/12/10 11:36:39 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/12/10 11:36:39 net packet injection: enabled 2020/12/10 11:36:39 net device setup: enabled 2020/12/10 11:36:39 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/12/10 11:36:39 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/12/10 11:36:39 USB emulation: enabled 2020/12/10 11:36:39 hci packet injection: enabled 2020/12/10 11:36:39 wifi device emulation: enabled [ 116.497315][ T46] audit: type=1400 audit(1607600199.883:43): avc: denied { integrity } for pid=9644 comm="syz-executor" lockdown_reason="debugfs access" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=lockdown permissive=1 11:38:05 executing program 0: syz_open_dev$usbmon(&(0x7f0000000180)='/dev/usbmon#\x00', 0x1, 0x0) syz_open_dev$usbmon(&(0x7f0000001200)='/dev/usbmon#\x00', 0x0, 0x1a5c81) [ 201.845330][ T46] audit: type=1400 audit(1607600285.223:44): avc: denied { map } for pid=9647 comm="syz-executor.0" path="/sys/kernel/debug/kcov" dev="debugfs" ino=25602 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 11:38:05 executing program 1: r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000001c0)={r0, 0x10, &(0x7f0000000040)={0x0, 0x0, 0x0}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x3, &(0x7f0000000280)=@framed={{0xffffffb4, 0x6, 0x0, 0x0, 0x0, 0x71, 0x11, 0x1d}, [], {0x95, 0x0, 0x1200}}, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0xff], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r1}, 0x78) 11:38:05 executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7, 0x0, 0x0) 11:38:05 executing program 3: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./bus\x00', 0x0) creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) link(&(0x7f0000000200)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00') mount$overlay(0x400002, &(0x7f0000000200)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000680)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file0'}}]}) chdir(&(0x7f0000000340)='./bus\x00') unlink(&(0x7f0000000000)='./file0\x00') [ 203.090260][ T9648] IPVS: ftp: loaded support on port[0] = 21 [ 203.153736][ T9650] IPVS: ftp: loaded support on port[0] = 21 [ 203.218575][ T9648] chnl_net:caif_netlink_parms(): no params data found [ 203.372998][ T9648] bridge0: port 1(bridge_slave_0) entered blocking state [ 203.384910][ T9648] bridge0: port 1(bridge_slave_0) entered disabled state [ 203.396074][ T9648] device bridge_slave_0 entered promiscuous mode [ 203.419181][ T9648] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.429085][ T9648] bridge0: port 2(bridge_slave_1) entered disabled state [ 203.439334][ T9648] device bridge_slave_1 entered promiscuous mode [ 203.458911][ T9650] chnl_net:caif_netlink_parms(): no params data found [ 203.460051][ T9652] IPVS: ftp: loaded support on port[0] = 21 [ 203.492824][ T9648] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 203.512545][ T9648] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 203.569299][ T9648] team0: Port device team_slave_0 added [ 203.580508][ T9648] team0: Port device team_slave_1 added [ 203.626708][ T9654] IPVS: ftp: loaded support on port[0] = 21 [ 203.643588][ T9648] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 203.656213][ T9648] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.691845][ T9648] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 203.718525][ T9648] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 203.737120][ T9648] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.774277][ T9648] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 203.792325][ T9650] bridge0: port 1(bridge_slave_0) entered blocking state [ 203.803565][ T9650] bridge0: port 1(bridge_slave_0) entered disabled state [ 203.813683][ T9650] device bridge_slave_0 entered promiscuous mode [ 203.830734][ T9650] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.841289][ T9650] bridge0: port 2(bridge_slave_1) entered disabled state [ 203.853403][ T9650] device bridge_slave_1 entered promiscuous mode [ 203.914763][ T9650] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 203.945258][ T9648] device hsr_slave_0 entered promiscuous mode [ 203.957001][ T9648] device hsr_slave_1 entered promiscuous mode [ 203.972821][ T9650] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 204.039014][ T9650] team0: Port device team_slave_0 added [ 204.064423][ T9650] team0: Port device team_slave_1 added [ 204.098910][ T9650] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 204.111698][ T9650] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 204.153630][ T9650] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 204.203664][ T9650] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 204.212870][ T9650] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 204.249089][ T9650] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 204.325830][ T9652] chnl_net:caif_netlink_parms(): no params data found [ 204.344764][ T9650] device hsr_slave_0 entered promiscuous mode [ 204.353500][ T9650] device hsr_slave_1 entered promiscuous mode [ 204.362908][ T9650] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 204.374848][ T9650] Cannot create hsr debugfs directory [ 204.459087][ T9654] chnl_net:caif_netlink_parms(): no params data found [ 204.541427][ T9652] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.551126][ T9652] bridge0: port 1(bridge_slave_0) entered disabled state [ 204.562503][ T9652] device bridge_slave_0 entered promiscuous mode [ 204.576265][ T9652] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.585959][ T9652] bridge0: port 2(bridge_slave_1) entered disabled state [ 204.595672][ T9652] device bridge_slave_1 entered promiscuous mode [ 204.658836][ T9652] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 204.707784][ T46] audit: type=1400 audit(1607600288.093:45): avc: denied { create } for pid=9648 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 204.732680][ T9648] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 204.766951][ T46] audit: type=1400 audit(1607600288.093:46): avc: denied { write } for pid=9648 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 204.823662][ T46] audit: type=1400 audit(1607600288.093:47): avc: denied { read } for pid=9648 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 204.828991][ T9652] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 204.889963][ T9654] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.902312][ T9654] bridge0: port 1(bridge_slave_0) entered disabled state [ 204.912394][ T9654] device bridge_slave_0 entered promiscuous mode [ 204.927531][ T9648] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 204.941588][ T9648] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 204.972970][ T9654] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.017452][ T9654] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.059358][ T9654] device bridge_slave_1 entered promiscuous mode [ 205.089757][ T9648] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 205.117424][ T3071] Bluetooth: hci0: command 0x0409 tx timeout [ 205.153674][ T9652] team0: Port device team_slave_0 added [ 205.187136][ T3071] Bluetooth: hci1: command 0x0409 tx timeout [ 205.190485][ T9652] team0: Port device team_slave_1 added [ 205.234633][ T9654] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 205.269322][ T9652] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 205.294458][ T9652] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 205.394770][ T9652] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 205.426508][ T1712] Bluetooth: hci2: command 0x0409 tx timeout [ 205.428498][ T9654] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 205.469024][ T9652] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 205.481324][ T9652] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 205.525612][ T9652] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 205.580968][ T9654] team0: Port device team_slave_0 added [ 205.588290][ T3071] Bluetooth: hci3: command 0x0409 tx timeout [ 205.591778][ T9654] team0: Port device team_slave_1 added [ 205.624190][ T9652] device hsr_slave_0 entered promiscuous mode [ 205.647264][ T9652] device hsr_slave_1 entered promiscuous mode [ 205.669328][ T9652] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 205.690634][ T9652] Cannot create hsr debugfs directory [ 205.711712][ T9650] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 205.747061][ T9654] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 205.774195][ T9654] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 205.823165][ T9654] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 205.848521][ T9650] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 205.871276][ T9654] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 205.883681][ T9654] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 205.930221][ T9654] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 205.954069][ T9650] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 205.971771][ T9650] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 206.023688][ T9654] device hsr_slave_0 entered promiscuous mode [ 206.037202][ T9654] device hsr_slave_1 entered promiscuous mode [ 206.046756][ T9654] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 206.056829][ T9654] Cannot create hsr debugfs directory [ 206.269231][ T9652] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 206.312988][ T9648] 8021q: adding VLAN 0 to HW filter on device bond0 [ 206.354739][ T9652] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 206.391300][ T9652] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 206.432812][ T9652] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 206.470824][ T9650] 8021q: adding VLAN 0 to HW filter on device bond0 [ 206.520995][ T9654] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 206.544046][ T9654] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 206.556088][ T9654] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 206.571975][ T9654] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 206.590446][ T9650] 8021q: adding VLAN 0 to HW filter on device team0 [ 206.601223][ T9648] 8021q: adding VLAN 0 to HW filter on device team0 [ 206.619282][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 206.632268][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 206.641720][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 206.651193][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 206.679415][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 206.697700][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 206.710539][ T28] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.723503][ T28] bridge0: port 1(bridge_slave_0) entered forwarding state [ 206.734072][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 206.749199][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 206.761193][ T28] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.769713][ T28] bridge0: port 1(bridge_slave_0) entered forwarding state [ 206.787192][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 206.796100][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 206.807184][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 206.820461][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 206.833467][ T28] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.849781][ T28] bridge0: port 2(bridge_slave_1) entered forwarding state [ 206.875758][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 206.888770][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 206.904873][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 206.917875][ T18] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.933070][ T18] bridge0: port 2(bridge_slave_1) entered forwarding state [ 206.947442][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 207.003706][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 207.046827][ T3071] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 207.092431][ T3071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 207.133226][ T3071] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 207.170545][ T3071] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 207.207985][ T3071] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 207.243169][ T3071] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 207.261150][ T7] Bluetooth: hci0: command 0x041b tx timeout [ 207.280243][ T7] Bluetooth: hci1: command 0x041b tx timeout [ 207.292144][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 207.317880][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 207.333833][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 207.347209][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 207.360196][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 207.376199][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 207.389817][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 207.403652][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 207.417036][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 207.433397][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 207.456222][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 207.495894][ T9648] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 207.546198][ T9680] Bluetooth: hci2: command 0x041b tx timeout [ 207.547404][ T9648] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 207.587931][ T9650] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 207.605936][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 207.629298][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 207.644158][ T9654] 8021q: adding VLAN 0 to HW filter on device bond0 [ 207.665543][ T3509] Bluetooth: hci3: command 0x041b tx timeout [ 207.680487][ T9652] 8021q: adding VLAN 0 to HW filter on device bond0 [ 207.698658][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 207.709963][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 207.725193][ T9654] 8021q: adding VLAN 0 to HW filter on device team0 [ 207.736912][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 207.747253][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 207.764715][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 207.779836][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 207.791104][ T3334] bridge0: port 1(bridge_slave_0) entered blocking state [ 207.807445][ T3334] bridge0: port 1(bridge_slave_0) entered forwarding state [ 207.826844][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 207.838073][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 207.848572][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 207.866802][ T9648] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 207.883169][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 207.894127][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 207.904762][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 207.916938][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 207.928752][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.938266][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 207.957830][ T9650] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 207.974828][ T9652] 8021q: adding VLAN 0 to HW filter on device team0 [ 207.993561][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 208.009360][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 208.024471][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 208.037784][ T3509] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.048006][ T3509] bridge0: port 1(bridge_slave_0) entered forwarding state [ 208.067630][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 208.082888][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 208.096876][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 208.108996][ T3509] bridge0: port 2(bridge_slave_1) entered blocking state [ 208.121253][ T3509] bridge0: port 2(bridge_slave_1) entered forwarding state [ 208.134674][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 208.161046][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 208.171939][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 208.185174][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 208.199767][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 208.223306][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 208.258614][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 208.278292][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 208.296698][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 208.314491][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 208.330060][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 208.347490][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 208.362634][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 208.381647][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 208.396310][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 208.407854][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 208.420899][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 208.468461][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 208.483069][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 208.498055][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 208.513787][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 208.543416][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 208.557421][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 208.569718][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 208.583389][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 208.599274][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 208.612716][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 208.626571][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 208.637586][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 208.648096][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 208.661680][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 208.675833][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 208.686214][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 208.714877][ T9650] device veth0_vlan entered promiscuous mode [ 208.724102][ T9648] device veth0_vlan entered promiscuous mode [ 208.748840][ T9650] device veth1_vlan entered promiscuous mode [ 208.764284][ T9648] device veth1_vlan entered promiscuous mode [ 208.787583][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 208.797496][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 208.812554][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 208.823799][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 208.839572][ T9654] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 208.853946][ T9652] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 208.892437][ T9681] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 208.907711][ T9681] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 208.928179][ T9650] device veth0_macvtap entered promiscuous mode [ 208.939373][ T9681] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 208.956811][ T9681] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 208.978346][ T9681] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 209.027009][ T3071] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 209.057380][ T3071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 209.092226][ T9650] device veth1_macvtap entered promiscuous mode [ 209.114689][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 209.128987][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 209.140437][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 209.154461][ T9648] device veth0_macvtap entered promiscuous mode [ 209.181525][ T9648] device veth1_macvtap entered promiscuous mode [ 209.192237][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 209.214567][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 209.226810][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 209.243217][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 209.261561][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 209.285170][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 209.301584][ T9650] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 209.312917][ T9652] device veth0_vlan entered promiscuous mode [ 209.328100][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 209.343016][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 209.360836][ T9650] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 209.371106][ T49] Bluetooth: hci1: command 0x040f tx timeout [ 209.379045][ T49] Bluetooth: hci0: command 0x040f tx timeout [ 209.382628][ T9652] device veth1_vlan entered promiscuous mode [ 209.405857][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 209.417511][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 209.430430][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 209.455458][ T9650] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.472029][ T9650] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.484091][ T9650] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.496730][ T9650] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.514348][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 209.529103][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 209.542448][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 209.561605][ T9654] device veth0_vlan entered promiscuous mode [ 209.578080][ T9648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 209.586179][ T9681] Bluetooth: hci2: command 0x040f tx timeout [ 209.600986][ T9648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 209.622380][ T9648] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 209.640999][ T9648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 209.656035][ T9648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 209.670796][ T9648] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 209.681107][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 209.690575][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 209.700771][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 209.712386][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 209.729350][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 209.740766][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 209.745674][ T9681] Bluetooth: hci3: command 0x040f tx timeout [ 209.761094][ T9654] device veth1_vlan entered promiscuous mode [ 209.806157][ T9648] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.821785][ T9648] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.837332][ T9648] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.851746][ T9648] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.904180][ T9652] device veth0_macvtap entered promiscuous mode [ 209.939082][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 209.950730][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 209.962560][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 209.978240][ T9652] device veth1_macvtap entered promiscuous mode [ 210.009292][ T2952] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 210.019106][ T2952] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 210.032867][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 210.045674][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 210.083661][ T9654] device veth0_macvtap entered promiscuous mode [ 210.092622][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 210.103772][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 210.118051][ T3334] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 210.138064][ T9666] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 210.147150][ T9654] device veth1_macvtap entered promiscuous mode [ 210.149811][ T9666] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 210.164560][ T9652] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 210.180274][ T9652] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.192463][ T9652] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 210.204997][ T9652] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.220095][ T9652] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 210.230452][ T9666] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 210.241267][ T9666] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 210.242004][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 210.259545][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 210.269019][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 210.280414][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 210.292152][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 210.311746][ T9652] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 210.327145][ T9652] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.339761][ T9652] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 210.354214][ T9652] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.372510][ T9652] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 210.386560][ T46] audit: type=1400 audit(1607600293.773:48): avc: denied { associate } for pid=9650 comm="syz-executor.1" name="syz1" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 210.394678][ T9652] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.456690][ T9652] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.470027][ T9652] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.484240][ T9652] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.520411][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 210.542706][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 210.562637][ T9654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 210.583964][ T9654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.600452][ T9654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 210.619154][ T9654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.646847][ T9654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 210.661569][ T9654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.678166][ T9654] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 210.699867][ T9650] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 210.703138][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 210.703789][ T9683] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 210.706252][ T9683] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 11:38:14 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x40) [ 210.750287][ T46] audit: type=1400 audit(1607600294.133:49): avc: denied { bpf } for pid=9684 comm="syz-executor.1" capability=39 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=capability2 permissive=1 11:38:14 executing program 1: r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000300)={0x0, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000080)=0x90) [ 210.759116][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready 11:38:14 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "3de0a567"}, 0x0, 0x0, @userptr}) [ 210.805056][ T46] audit: type=1400 audit(1607600294.133:50): avc: denied { prog_load } for pid=9684 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 [ 210.816722][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 11:38:14 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "3de0a567"}, 0x0, 0x0, @userptr}) [ 210.850485][ T46] audit: type=1400 audit(1607600294.173:51): avc: denied { map_create } for pid=9688 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 [ 210.924112][ T9654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 210.949304][ T9654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.969398][ T9654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 210.984093][ T9654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 211.001233][ T9654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 211.017582][ T9654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 211.032105][ T9654] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 211.051654][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 211.068966][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 211.085620][ T9654] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 211.097259][ T9654] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 211.110393][ T9654] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 211.124312][ T9654] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 211.169673][ T9666] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 211.185099][ T9666] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 11:38:14 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='bfs\x00', 0x0, 0x0) 11:38:14 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "3de0a567"}, 0x0, 0x0, @userptr}) [ 211.204647][ T9671] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 211.235541][ T3054] block nbd0: Attempted send on invalid socket [ 211.248046][ T3054] blk_update_request: I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 211.253302][ T9666] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 211.264561][ T9676] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 211.282085][ T3680] block nbd0: Attempted send on invalid socket [ 211.286283][ T9666] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 211.293100][ T9676] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 211.308070][ T2952] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 211.308098][ T2952] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 211.308507][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 211.308570][ T3680] blk_update_request: I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 211.309263][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 211.322196][ T9682] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 211.426765][ T42] Bluetooth: hci0: command 0x0419 tx timeout [ 211.433990][ T42] Bluetooth: hci1: command 0x0419 tx timeout 11:38:14 executing program 2: unshare(0x40020200) socket$inet(0x2, 0x0, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0xd, 0x0, 0x1, 0x1, 0x6, @multicast}, 0x14) socketpair(0x29, 0x3, 0x1, &(0x7f0000000040)) [ 211.485877][ T9720] IPVS: ftp: loaded support on port[0] = 21 [ 211.491854][ T9721] overlayfs: './file1' not a directory 11:38:14 executing program 3: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./bus\x00', 0x0) creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) link(&(0x7f0000000200)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00') mount$overlay(0x400002, &(0x7f0000000200)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000680)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file0'}}]}) chdir(&(0x7f0000000340)='./bus\x00') unlink(&(0x7f0000000000)='./file0\x00') 11:38:14 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vim2m\x00', 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "3de0a567"}, 0x0, 0x0, @userptr}) 11:38:14 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='bfs\x00', 0x0, 0x0) [ 211.548915][ T5056] block nbd0: Attempted send on invalid socket [ 211.563851][ T5056] blk_update_request: I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 11:38:14 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'syz_tun\x00', &(0x7f0000002fc0)=@ethtool_link_settings={0x4b}}) 11:38:15 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='bfs\x00', 0x0, 0x0) 11:38:15 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@bridge_setlink={0x2c, 0x11, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x0, [@AF_INET={0x8, 0x2, 0x0, 0x1, {0x4, 0x1, 0x0, 0x0}}]}]}, 0x2c}}, 0x0) [ 211.652264][ T9720] IPVS: ftp: loaded support on port[0] = 21 [ 211.666238][ T42] Bluetooth: hci2: command 0x0419 tx timeout 11:38:15 executing program 1: r0 = socket$inet_sctp(0x2, 0x5, 0x84) ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f0000000240)={0x0, @l2tp={0x2, 0x0, @local}, @phonet, @xdp}) [ 211.681978][ T3054] block nbd0: Attempted send on invalid socket [ 211.689652][ T3054] blk_update_request: I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 11:38:15 executing program 2: unshare(0x40020200) socket$inet(0x2, 0x0, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0xd, 0x0, 0x1, 0x1, 0x6, @multicast}, 0x14) socketpair(0x29, 0x3, 0x1, &(0x7f0000000040)) 11:38:15 executing program 3: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./bus\x00', 0x0) creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) link(&(0x7f0000000200)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00') mount$overlay(0x400002, &(0x7f0000000200)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000680)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file0'}}]}) chdir(&(0x7f0000000340)='./bus\x00') unlink(&(0x7f0000000000)='./file0\x00') 11:38:15 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='bfs\x00', 0x0, 0x0) 11:38:15 executing program 1: r0 = socket$inet6(0xa, 0x806, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c) listen(r0, 0x3) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r1, &(0x7f0000772000)={0x2, 0x4e23}, 0x10) r2 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_SET_NOACK_MAP(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x0, 0x0, 0x0, {{}, {@void, @void}}}, 0x14}}, 0x0) recvmmsg(r1, &(0x7f0000007940), 0x55, 0x0, 0x0) sendmmsg(r2, &(0x7f0000001500), 0x588, 0x0) [ 211.796901][ T3680] block nbd0: Attempted send on invalid socket [ 211.798184][ T46] audit: type=1400 audit(1607600295.183:52): avc: denied { name_bind } for pid=9752 comm="syz-executor.1" src=20003 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:port_t:s0 tclass=dccp_socket permissive=1 [ 211.807942][ T3680] blk_update_request: I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 211.826265][ T9750] Bluetooth: hci3: command 0x0419 tx timeout [ 211.840117][ T9758] IPVS: ftp: loaded support on port[0] = 21 [ 211.896307][ T46] audit: type=1400 audit(1607600295.243:53): avc: denied { node_bind } for pid=9752 comm="syz-executor.1" src=20003 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:node_t:s0 tclass=dccp_socket permissive=1 11:38:15 executing program 3: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./bus\x00', 0x0) creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) link(&(0x7f0000000200)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00') mount$overlay(0x400002, &(0x7f0000000200)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000680)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file0'}}]}) chdir(&(0x7f0000000340)='./bus\x00') unlink(&(0x7f0000000000)='./file0\x00') 11:38:15 executing program 0: unshare(0x40020200) socket$inet(0x2, 0x0, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0xd, 0x0, 0x1, 0x1, 0x6, @multicast}, 0x14) socketpair(0x29, 0x3, 0x1, &(0x7f0000000040)) [ 211.942023][ T46] audit: type=1400 audit(1607600295.263:54): avc: denied { name_connect } for pid=9752 comm="syz-executor.1" dest=20003 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:port_t:s0 tclass=dccp_socket permissive=1 [ 211.992180][ T9769] IPVS: ftp: loaded support on port[0] = 21 11:38:15 executing program 2: unshare(0x40020200) socket$inet(0x2, 0x0, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0xd, 0x0, 0x1, 0x1, 0x6, @multicast}, 0x14) socketpair(0x29, 0x3, 0x1, &(0x7f0000000040)) [ 212.048107][ T9773] IPVS: ftp: loaded support on port[0] = 21 11:38:15 executing program 0: unshare(0x40020200) socket$inet(0x2, 0x0, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0xd, 0x0, 0x1, 0x1, 0x6, @multicast}, 0x14) socketpair(0x29, 0x3, 0x1, &(0x7f0000000040)) 11:38:15 executing program 3: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000340)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000380)={0x40, 0x8}) [ 212.152347][ T9785] IPVS: ftp: loaded support on port[0] = 21 11:38:16 executing program 1: r0 = socket$inet6(0xa, 0x806, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c) listen(r0, 0x3) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r1, &(0x7f0000772000)={0x2, 0x4e23}, 0x10) r2 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_SET_NOACK_MAP(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x0, 0x0, 0x0, {{}, {@void, @void}}}, 0x14}}, 0x0) recvmmsg(r1, &(0x7f0000007940), 0x55, 0x0, 0x0) sendmmsg(r2, &(0x7f0000001500), 0x588, 0x0) 11:38:16 executing program 0: unshare(0x40020200) socket$inet(0x2, 0x0, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0xd, 0x0, 0x1, 0x1, 0x6, @multicast}, 0x14) socketpair(0x29, 0x3, 0x1, &(0x7f0000000040)) 11:38:16 executing program 2: unshare(0x40020200) socket$inet(0x2, 0x0, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0xd, 0x0, 0x1, 0x1, 0x6, @multicast}, 0x14) socketpair(0x29, 0x3, 0x1, &(0x7f0000000040)) 11:38:16 executing program 3: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000340)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000380)={0x40, 0x8}) [ 212.692554][ T9798] IPVS: ftp: loaded support on port[0] = 21 [ 212.708146][ T9801] IPVS: ftp: loaded support on port[0] = 21 [ 212.741789][ T9802] ================================================================== [ 212.743839][ T9802] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x117f/0x1290 [ 212.744007][ T9802] Write of size 4 at addr ffffc9000b911000 by task syz-executor.3/9802 [ 212.744011][ T9802] [ 212.744126][ T9802] CPU: 1 PID: 9802 Comm: syz-executor.3 Not tainted 5.10.0-rc7-syzkaller #0 [ 212.744133][ T9802] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 212.744157][ T9802] Call Trace: [ 212.744314][ T9802] dump_stack+0x107/0x163 [ 212.744326][ T9802] ? sys_imageblit+0x117f/0x1290 [ 212.744335][ T9802] ? sys_imageblit+0x117f/0x1290 [ 212.744349][ T9802] print_address_description.constprop.0.cold+0x5/0x497 [ 212.744363][ T9802] ? _raw_spin_lock_irqsave+0x4e/0x50 [ 212.744376][ T9802] ? vprintk_func+0x95/0x1e0 [ 212.744387][ T9802] ? sys_imageblit+0x117f/0x1290 [ 212.744396][ T9802] ? sys_imageblit+0x117f/0x1290 [ 212.744405][ T9802] kasan_report.cold+0x1f/0x37 [ 212.744416][ T9802] ? sys_imageblit+0x117f/0x1290 [ 212.744427][ T9802] sys_imageblit+0x117f/0x1290 [ 212.744482][ T9802] drm_fb_helper_sys_imageblit+0x1c/0x180 [ 212.744493][ T9802] bit_putcs+0x6e1/0xd20 [ 212.744515][ T9802] ? bit_cursor+0x1720/0x1720 [ 212.744525][ T9802] ? wait_for_completion+0x260/0x260 [ 212.744538][ T9802] ? fb_get_color_depth+0x51/0x240 [ 212.744551][ T9802] ? fb_get_color_depth+0x11a/0x240 [ 212.744562][ T9802] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 212.744574][ T9802] ? bit_cursor+0x1720/0x1720 [ 212.744583][ T9802] fbcon_putcs+0x35a/0x450 [ 212.744599][ T9802] do_update_region+0x399/0x630 [ 212.744619][ T9802] ? con_get_trans_old+0x2a0/0x2a0 [ 212.744628][ T9802] ? fb_get_color_depth+0x11a/0x240 [ 212.744643][ T9802] ? fbcon_set_palette+0x422/0x620 [ 212.744653][ T9802] ? var_to_display+0x7f0/0x7f0 [ 212.744671][ T9802] redraw_screen+0x658/0x790 [ 212.744683][ T9802] ? vc_init+0x5a0/0x5a0 [ 212.744694][ T9802] ? fbcon_set_palette+0x422/0x620 [ 212.744706][ T9802] fbcon_modechanged+0x593/0x6d0 [ 212.744719][ T9802] fbcon_update_vcs+0x3a/0x50 [ 212.744730][ T9802] do_fb_ioctl+0x62e/0x690 [ 212.744741][ T9802] ? fb_set_suspend+0x1a0/0x1a0 [ 212.744751][ T9802] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 212.744778][ T9802] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 212.744789][ T9802] ? do_vfs_ioctl+0x27d/0x1090 [ 212.744814][ T9802] ? __fget_files+0x294/0x400 [ 212.744829][ T9802] fb_ioctl+0xe7/0x150 [ 212.744838][ T9802] ? do_fb_ioctl+0x690/0x690 [ 212.744847][ T9802] __x64_sys_ioctl+0x193/0x200 [ 212.744861][ T9802] do_syscall_64+0x2d/0x70 [ 212.744871][ T9802] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 212.744920][ T9802] RIP: 0033:0x45dcd9 [ 212.744954][ T9802] Code: bd b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 212.744960][ T9802] RSP: 002b:00007fded268ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 212.744982][ T9802] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045dcd9 [ 212.744988][ T9802] RDX: 0000000020000380 RSI: 0000000000004601 RDI: 0000000000000003 [ 212.744994][ T9802] RBP: 00000000004aae00 R08: 0000000000000000 R09: 0000000000000000 [ 212.745000][ T9802] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000075bf40 [ 212.745007][ T9802] R13: 00007fff460b3a7f R14: 00007fded266f000 R15: 0000000000000003 [ 212.745021][ T9802] [ 212.745024][ T9802] [ 212.745028][ T9802] Memory state around the buggy address: [ 212.745038][ T9802] ffffc9000b910f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 212.745055][ T9802] ffffc9000b910f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 212.745063][ T9802] >ffffc9000b911000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 212.745067][ T9802] ^ [ 212.745074][ T9802] ffffc9000b911080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 212.745081][ T9802] ffffc9000b911100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 212.745088][ T9802] ================================================================== [ 212.745105][ T9802] Disabling lock debugging due to kernel taint [ 212.745128][ T9802] Kernel panic - not syncing: panic_on_warn set ... [ 212.745137][ T9802] CPU: 1 PID: 9802 Comm: syz-executor.3 Tainted: G B 5.10.0-rc7-syzkaller #0 [ 212.745145][ T9802] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 212.745147][ T9802] Call Trace: [ 212.745155][ T9802] dump_stack+0x107/0x163 [ 212.745164][ T9802] ? sys_imageblit+0x1170/0x1290 [ 212.745172][ T9802] panic+0x306/0x73d [ 212.745179][ T9802] ? __warn_printk+0xf3/0xf3 [ 212.745189][ T9802] ? trace_hardirqs_on+0x51/0x1c0 [ 212.745197][ T9802] ? sys_imageblit+0x117f/0x1290 [ 212.745204][ T9802] ? sys_imageblit+0x117f/0x1290 [ 212.745212][ T9802] end_report+0x58/0x5e [ 212.745220][ T9802] kasan_report.cold+0xd/0x37 [ 212.745228][ T9802] ? sys_imageblit+0x117f/0x1290 [ 212.745235][ T9802] sys_imageblit+0x117f/0x1290 [ 212.745250][ T9802] drm_fb_helper_sys_imageblit+0x1c/0x180 [ 212.745258][ T9802] bit_putcs+0x6e1/0xd20 [ 212.745269][ T9802] ? bit_cursor+0x1720/0x1720 [ 212.745357][ T9802] ? wait_for_completion+0x260/0x260 [ 212.745357][ T9802] ? fb_get_color_depth+0x51/0x240 [ 212.745357][ T9802] ? fb_get_color_depth+0x11a/0x240 [ 212.745357][ T9802] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 212.745357][ T9802] ? bit_cursor+0x1720/0x1720 [ 212.745357][ T9802] fbcon_putcs+0x35a/0x450 [ 212.745357][ T9802] do_update_region+0x399/0x630 [ 212.745357][ T9802] ? con_get_trans_old+0x2a0/0x2a0 [ 212.745357][ T9802] ? fb_get_color_depth+0x11a/0x240 [ 212.745357][ T9802] ? fbcon_set_palette+0x422/0x620 [ 212.745357][ T9802] ? var_to_display+0x7f0/0x7f0 [ 212.745357][ T9802] redraw_screen+0x658/0x790 [ 212.745357][ T9802] ? vc_init+0x5a0/0x5a0 [ 212.745357][ T9802] ? fbcon_set_palette+0x422/0x620 [ 212.745357][ T9802] fbcon_modechanged+0x593/0x6d0 [ 212.745357][ T9802] fbcon_update_vcs+0x3a/0x50 [ 212.745357][ T9802] do_fb_ioctl+0x62e/0x690 [ 212.745357][ T9802] ? fb_set_suspend+0x1a0/0x1a0 [ 212.745357][ T9802] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 212.745357][ T9802] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 212.745357][ T9802] ? do_vfs_ioctl+0x27d/0x1090 [ 212.745357][ T9802] ? __fget_files+0x294/0x400 [ 212.745357][ T9802] fb_ioctl+0xe7/0x150 [ 212.745357][ T9802] ? do_fb_ioctl+0x690/0x690 [ 212.745357][ T9802] __x64_sys_ioctl+0x193/0x200 [ 212.745357][ T9802] do_syscall_64+0x2d/0x70 [ 212.745357][ T9802] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 212.745357][ T9802] RIP: 0033:0x45dcd9 [ 212.745357][ T9802] Code: bd b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 212.745357][ T9802] RSP: 002b:00007fded268ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 212.745357][ T9802] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045dcd9 [ 212.745357][ T9802] RDX: 0000000020000380 RSI: 0000000000004601 RDI: 0000000000000003 [ 212.745357][ T9802] RBP: 00000000004aae00 R08: 0000000000000000 R09: 0000000000000000 [ 212.745357][ T9802] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000075bf40 [ 212.745357][ T9802] R13: 00007fff460b3a7f R14: 00007fded266f000 R15: 0000000000000003 [ 212.745357][ T9802] Kernel Offset: disabled [ 212.745357][ T9802] Rebooting in 86400 seconds.. VM DIAGNOSIS: 11:38:16 Registers: info registers vcpu 0 RAX=ae03000200000121 RBX=ffff88802ca19460 RCX=ffffffff8127d138 RDX=dffffc0000000000 RSI=0000000000000008 RDI=ffffffff8cecb838 RBP=0000000000000000 RSP=ffffc90000007f68 R8 =0000000000000000 R9 =ffffffff8cecb83f R10=fffffbfff19d9707 R11=0000000000000000 R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff8127d170 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802ca00000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f728eef0db8 CR3=000000005e71a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000bc0000000000000003 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=00000000000000000000000000000000 XMM05=00000000000000bc0000000000000003 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff840f339c RDI=ffffffff8faee940 RBP=ffffffff8faee900 RSP=ffffc900012472a0 R8 =0000000000000000 R9 =ffffffff8cecd04f R10=000000000000000a R11=0000000074697257 R12=0000000000000020 R13=fffffbfff1f5dd73 R14=fffffbfff1f5dd2a R15=dffffc0000000000 RIP=ffffffff840f33f0 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fded268f700 ffffffff 00c00000 GS =0000 ffff88802cb00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe000003e000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000003c000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000020007970 CR3=000000006ba3d000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000007369680000000000736980 XMM02=00000000007369600000000000736968 XMM03=00000000007369800000000000736960 XMM04=0000000000000000000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 2 RAX=ae03000200000121 RBX=ffff88802cc19460 RCX=ffffffff8127d138 RDX=dffffc0000000000 RSI=0000000000000008 RDI=ffffffff8cecb838 RBP=0000000000000002 RSP=ffffc90000540cf8 R8 =0000000000000000 R9 =ffffffff8cecb83f R10=fffffbfff19d9707 R11=0000000000000000 R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff8127d170 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f728ef12700 ffffffff 00c00000 GS =0000 ffff88802cc00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe0000079000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000077000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000001964e60 CR3=000000006dd5a000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ff0000000000ff0000ff000000000000 XMM01=ffffffff00000000ffff00ff00000000 XMM02=00000000000000000000000000000000 XMM03=000000ff0000000000000000ff000000 XMM04=acffff7bacffff7bacffff7eb9002f2f XMM05=2a5d392d305b64746d7c2a5d392d305b XMM06=70736e497c30313131206e6f72697073 XMM07=2d63707276633a3174633a554d45516e XMM08=ffffffffffffffffffffffffffffffff XMM09=00000020202020202020202020202000 XMM10=ffffffffffffffffffffffffffffffff XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 3 RAX=ae03000200000121 RBX=ffff88802cd19460 RCX=ffffffff8127d138 RDX=dffffc0000000000 RSI=0000000000000008 RDI=ffffffff8cecb838 RBP=0000000000000003 RSP=ffffc90001067ea8 R8 =0000000000000000 R9 =ffffffff8cecb83f R10=fffffbfff19d9707 R11=0000000000000000 R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff8127d170 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00000000028fe940 ffffffff 00c00000 GS =0000 ffff88802cd00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe00000b4000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000b2000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fb350aef4c0 CR3=00000000687d3000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000500000000000000001 XMM02=00000000000000000000000000000000 XMM03=00000000000000500000000000000001 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000