Warning: Permanently added '[localhost]:27683' (ECDSA) to the list of known hosts. syzkaller login: [ 160.492415][ T40] kauditd_printk_skb: 7 callbacks suppressed 2020/07/18 17:23:23 fuzzer started [ 160.514443][ T40] audit: type=1400 audit(1595093003.906:42): avc: denied { map } for pid=8967 comm="syz-fuzzer" path="/syz-fuzzer" dev="sda1" ino=16526 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 2020/07/18 17:23:24 dialing manager at 10.0.2.10:45655 2020/07/18 17:23:24 syscalls: 3205 2020/07/18 17:23:24 code coverage: enabled 2020/07/18 17:23:24 comparison tracing: enabled 2020/07/18 17:23:24 extra coverage: enabled 2020/07/18 17:23:24 setuid sandbox: enabled 2020/07/18 17:23:24 namespace sandbox: enabled 2020/07/18 17:23:24 Android sandbox: /sys/fs/selinux/policy does not exist 2020/07/18 17:23:24 fault injection: enabled 2020/07/18 17:23:24 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/07/18 17:23:24 net packet injection: enabled 2020/07/18 17:23:24 net device setup: enabled 2020/07/18 17:23:24 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/07/18 17:23:24 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/07/18 17:23:24 USB emulation: enabled [ 160.987848][ T40] audit: type=1400 audit(1595093004.406:43): avc: denied { integrity } for pid=8984 comm="syz-executor" lockdown_reason="debugfs access" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=lockdown permissive=1 17:24:04 executing program 0: perf_event_open(&(0x7f0000000700)={0x2, 0x70, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socket$inet6(0xa, 0x2, 0x0) [ 201.631653][ T40] audit: type=1400 audit(1595093045.046:44): avc: denied { map } for pid=8989 comm="syz-executor.0" path="/sys/kernel/debug/kcov" dev="debugfs" ino=1042 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 17:24:05 executing program 1: openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS3\x00', 0x4000, 0x0) 17:24:05 executing program 2: mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mknod$loop(&(0x7f00000000c0)='./bus/file1\x00', 0x0, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setxattr$security_capability(&(0x7f00000001c0)='./bus/file1\x00', &(0x7f0000000200)='security.capability\x00', &(0x7f0000000000)=@v2, 0x14, 0x0) setxattr$security_ima(&(0x7f0000000100)='./bus/file1\x00', &(0x7f0000000180)='security.ima\x00', &(0x7f0000000340)=@v2={0x0, 0x0, 0x0, 0x0, 0xc, "c90a3b83593e0ee4baab0500"}, 0x15, 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000140)='./bus\x00', &(0x7f0000000400)='overlay\x00', 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chown(&(0x7f0000000600)='./bus/file1\x00', 0x0, 0x0) [ 202.340359][ T8992] IPVS: ftp: loaded support on port[0] = 21 [ 202.340586][ T8991] IPVS: ftp: loaded support on port[0] = 21 17:24:05 executing program 3: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}) [ 202.497604][ T8994] IPVS: ftp: loaded support on port[0] = 21 [ 202.702511][ T8992] chnl_net:caif_netlink_parms(): no params data found [ 202.725676][ T8996] IPVS: ftp: loaded support on port[0] = 21 [ 202.759687][ T8991] chnl_net:caif_netlink_parms(): no params data found [ 202.810378][ T8994] chnl_net:caif_netlink_parms(): no params data found [ 202.949863][ T8991] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.962061][ T8991] bridge0: port 1(bridge_slave_0) entered disabled state [ 202.975418][ T8991] device bridge_slave_0 entered promiscuous mode [ 202.998172][ T8991] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.007365][ T8991] bridge0: port 2(bridge_slave_1) entered disabled state [ 203.016824][ T8991] device bridge_slave_1 entered promiscuous mode [ 203.053727][ T8992] bridge0: port 1(bridge_slave_0) entered blocking state [ 203.066112][ T8992] bridge0: port 1(bridge_slave_0) entered disabled state [ 203.079088][ T8992] device bridge_slave_0 entered promiscuous mode [ 203.097798][ T8992] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.115274][ T8992] bridge0: port 2(bridge_slave_1) entered disabled state [ 203.129435][ T8992] device bridge_slave_1 entered promiscuous mode [ 203.156174][ T8991] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 203.171955][ T8991] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 203.208631][ T8992] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 203.223202][ T8994] bridge0: port 1(bridge_slave_0) entered blocking state [ 203.232375][ T8994] bridge0: port 1(bridge_slave_0) entered disabled state [ 203.242836][ T8994] device bridge_slave_0 entered promiscuous mode [ 203.269135][ T8992] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 203.287086][ T8994] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.299333][ T8994] bridge0: port 2(bridge_slave_1) entered disabled state [ 203.315143][ T8994] device bridge_slave_1 entered promiscuous mode [ 203.329578][ T8991] team0: Port device team_slave_0 added [ 203.369411][ T8991] team0: Port device team_slave_1 added [ 203.387037][ T8992] team0: Port device team_slave_0 added [ 203.400526][ T8994] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 203.424620][ T8994] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 203.461634][ T8992] team0: Port device team_slave_1 added [ 203.489039][ T8991] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 203.500409][ T8991] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.548589][ T8991] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 203.599120][ T8994] team0: Port device team_slave_0 added [ 203.610186][ T8991] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 203.619909][ T8991] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.664802][ T8991] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 203.683679][ T8996] chnl_net:caif_netlink_parms(): no params data found [ 203.717611][ T8994] team0: Port device team_slave_1 added [ 203.758953][ T8992] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 203.775175][ T8992] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.824453][ T8992] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 203.847476][ T8994] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 203.861648][ T8994] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.894525][ T8994] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 203.917677][ T8992] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 203.928200][ T8992] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.970909][ T8992] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 203.996958][ T8994] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 204.006390][ T8994] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 204.040307][ T8994] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 204.125407][ T8991] device hsr_slave_0 entered promiscuous mode [ 204.183592][ T8991] device hsr_slave_1 entered promiscuous mode [ 204.324801][ T8992] device hsr_slave_0 entered promiscuous mode [ 204.412839][ T8992] device hsr_slave_1 entered promiscuous mode [ 204.452779][ T8992] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 204.465173][ T8992] Cannot create hsr debugfs directory [ 204.505861][ T8996] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.514197][ T8996] bridge0: port 1(bridge_slave_0) entered disabled state [ 204.523904][ T8996] device bridge_slave_0 entered promiscuous mode [ 204.538651][ T8996] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.547228][ T8996] bridge0: port 2(bridge_slave_1) entered disabled state [ 204.556840][ T8996] device bridge_slave_1 entered promiscuous mode [ 204.638749][ T8994] device hsr_slave_0 entered promiscuous mode [ 204.703077][ T8994] device hsr_slave_1 entered promiscuous mode [ 204.772434][ T8994] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 204.783584][ T8994] Cannot create hsr debugfs directory [ 204.828774][ T8996] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 204.872592][ T8996] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 204.916774][ T8996] team0: Port device team_slave_0 added [ 204.937382][ T8996] team0: Port device team_slave_1 added [ 205.020715][ T8996] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 205.034385][ T8996] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 205.069819][ T8996] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 205.101728][ T8996] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 205.114282][ T8996] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 205.152061][ T8996] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 205.304888][ T8996] device hsr_slave_0 entered promiscuous mode [ 205.352930][ T8996] device hsr_slave_1 entered promiscuous mode [ 205.392387][ T8996] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 205.406287][ T8996] Cannot create hsr debugfs directory [ 205.440082][ T40] audit: type=1400 audit(1595093048.856:45): avc: denied { create } for pid=8991 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 205.449043][ T8991] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 205.476950][ T40] audit: type=1400 audit(1595093048.856:46): avc: denied { write } for pid=8991 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 205.526942][ T40] audit: type=1400 audit(1595093048.866:47): avc: denied { read } for pid=8991 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 205.617669][ T8991] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 205.752991][ T8991] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 205.849081][ T8991] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 205.966426][ T8992] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 206.038908][ T8992] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 206.138143][ T8992] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 206.217676][ T8992] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 206.306536][ T8994] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 206.378205][ T8994] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 206.450206][ T8994] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 206.565441][ T8994] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 206.710132][ T8996] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 206.779466][ T8996] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 206.835835][ T8996] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 206.905541][ T8996] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 207.082023][ T8991] 8021q: adding VLAN 0 to HW filter on device bond0 [ 207.128795][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 207.150470][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 207.171991][ T8991] 8021q: adding VLAN 0 to HW filter on device team0 [ 207.216619][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 207.244369][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 207.283204][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 207.300067][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 207.328037][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 207.359687][ T8992] 8021q: adding VLAN 0 to HW filter on device bond0 [ 207.375954][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 207.398542][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 207.412996][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.426083][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 207.443217][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 207.470971][ T8994] 8021q: adding VLAN 0 to HW filter on device bond0 [ 207.504095][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 207.516273][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 207.525760][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 207.541868][ T8996] 8021q: adding VLAN 0 to HW filter on device bond0 [ 207.561659][ T8992] 8021q: adding VLAN 0 to HW filter on device team0 [ 207.586962][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 207.607262][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 207.624377][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 207.637678][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 207.652812][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 207.672734][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 207.689361][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 207.700264][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 207.717724][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 207.739119][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 207.751647][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 207.761851][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 207.775350][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 207.789880][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 207.817716][ T8994] 8021q: adding VLAN 0 to HW filter on device team0 [ 207.833817][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 207.846994][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 207.858910][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 207.882596][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 207.897359][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.912851][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 207.936702][ T8996] 8021q: adding VLAN 0 to HW filter on device team0 [ 207.962128][ T8991] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 207.986222][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 207.999236][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 208.015869][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 208.040658][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 208.058354][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 208.071885][ T2855] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.085225][ T2855] bridge0: port 1(bridge_slave_0) entered forwarding state [ 208.096747][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 208.144170][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 208.156644][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 208.171145][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 208.184068][ T2855] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.193899][ T2855] bridge0: port 1(bridge_slave_0) entered forwarding state [ 208.204891][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 208.219576][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 208.234983][ T2855] bridge0: port 2(bridge_slave_1) entered blocking state [ 208.251812][ T2855] bridge0: port 2(bridge_slave_1) entered forwarding state [ 208.268377][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 208.286236][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 208.301892][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 208.317615][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 208.330707][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 208.349458][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 208.364666][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 208.377704][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 208.395479][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 208.404953][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 208.416766][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 208.427218][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 208.439839][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 208.450450][ T2855] bridge0: port 2(bridge_slave_1) entered blocking state [ 208.460982][ T2855] bridge0: port 2(bridge_slave_1) entered forwarding state [ 208.482507][ T8996] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 208.496040][ T8996] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 208.511255][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 208.522014][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 208.531496][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 208.542867][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 208.553455][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 208.564441][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 208.575946][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 208.585905][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 208.596777][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 208.611497][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 208.630014][ T8992] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 208.645023][ T8992] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 208.661713][ T2721] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 208.673174][ T2721] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 208.684192][ T2721] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 208.693200][ T2721] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 208.712076][ T8991] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 208.739162][ T8992] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 208.747688][ T2942] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 208.758397][ T2942] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 208.771601][ T2942] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 208.786213][ T2942] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 208.795641][ T2942] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 208.806313][ T2942] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 208.817014][ T2942] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 208.829613][ T2942] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 208.851805][ T8996] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 208.864868][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 208.875347][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 208.894579][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 208.906123][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 208.916365][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 208.928718][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 208.944503][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 208.954050][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 208.968827][ T8994] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 209.009028][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 209.024418][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 209.039170][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 209.051747][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 209.066481][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 209.077440][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 209.093638][ T8991] device veth0_vlan entered promiscuous mode [ 209.114599][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 209.129125][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 209.170765][ T2721] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 209.195505][ T2721] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 209.219697][ T8991] device veth1_vlan entered promiscuous mode [ 209.233600][ T8994] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 209.246784][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 209.258511][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 209.270312][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 209.284631][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 209.309214][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 209.325076][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 209.341441][ T8992] device veth0_vlan entered promiscuous mode [ 209.358303][ T8996] device veth0_vlan entered promiscuous mode [ 209.371508][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 209.387068][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 209.411676][ T8996] device veth1_vlan entered promiscuous mode [ 209.425200][ T8992] device veth1_vlan entered promiscuous mode [ 209.447338][ T2721] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 209.463458][ T2721] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 209.478446][ T2721] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 209.494107][ T2721] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 209.510372][ T2721] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 209.536924][ T8991] device veth0_macvtap entered promiscuous mode [ 209.551559][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 209.567794][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 209.581495][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 209.595405][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 209.618864][ T8991] device veth1_macvtap entered promiscuous mode [ 209.645496][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 209.655036][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 209.664544][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 209.676409][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 209.685263][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 209.696364][ T8994] device veth0_vlan entered promiscuous mode [ 209.718954][ T8991] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 209.735461][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 209.746735][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 209.758853][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 209.768761][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 209.779345][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 209.790384][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 209.804465][ T8992] device veth0_macvtap entered promiscuous mode [ 209.820284][ T8996] device veth0_macvtap entered promiscuous mode [ 209.829616][ T8994] device veth1_vlan entered promiscuous mode [ 209.842641][ T8992] device veth1_macvtap entered promiscuous mode [ 209.856234][ T8991] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 209.871183][ T8996] device veth1_macvtap entered promiscuous mode [ 209.885208][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 209.895965][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 209.905986][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 209.915867][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 209.925408][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 209.934518][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 209.945182][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 209.981730][ T8992] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 210.000962][ T8992] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.018707][ T8992] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 210.036655][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 210.050119][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 210.064259][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 210.079915][ T8992] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 210.095912][ T8992] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.111006][ T8992] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 210.129797][ T8996] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 210.147149][ T8996] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.166834][ T8996] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 210.191327][ T8996] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.213362][ T8996] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 210.226687][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 210.239214][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 210.251602][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 210.267526][ T2855] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 210.390032][ T8996] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 210.415476][ T8996] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.435786][ T8996] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 210.469525][ T8996] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.527316][ T8996] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 210.567061][ T8994] device veth0_macvtap entered promiscuous mode [ 210.629637][ T2942] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 210.658538][ T2942] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 210.679528][ T2942] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 210.710173][ T2942] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 210.829290][ T2942] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 210.875717][ T8994] device veth1_macvtap entered promiscuous mode [ 210.980950][ T40] audit: type=1400 audit(1595093054.396:48): avc: denied { associate } for pid=8991 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 211.299868][ T2942] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 211.354363][ T8991] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 211.531353][ T40] audit: type=1400 audit(1595093054.946:49): avc: denied { open } for pid=9020 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=perf_event permissive=1 [ 211.613200][ T40] audit: type=1400 audit(1595093054.946:50): avc: denied { perfmon } for pid=9020 comm="syz-executor.0" capability=38 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=capability2 permissive=1 [ 211.709807][ T40] audit: type=1400 audit(1595093054.946:51): avc: denied { kernel } for pid=9020 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=perf_event permissive=1 [ 211.824001][ T8994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 17:24:15 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=@newlink={0x44, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ipip6={{0xb, 0x1, 'ip6tnl\x00'}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_TYPE={0x6, 0xf, 0xd000}, @IFLA_IPTUN_ENCAP_SPORT={0x6}]}}}]}, 0x44}}, 0x0) [ 211.824011][ T40] audit: type=1400 audit(1595093054.946:52): avc: denied { confidentiality } for pid=9020 comm="syz-executor.0" lockdown_reason="unsafe use of perf" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=lockdown permissive=1 [ 211.992955][ T8994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.031578][ T8994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 212.058118][ T8994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.082578][ T8994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 212.103290][ T8994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.127408][ T8994] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 212.154901][ T8994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 17:24:15 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=@newlink={0x44, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ipip6={{0xb, 0x1, 'ip6tnl\x00'}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_TYPE={0x6, 0xf, 0xd000}, @IFLA_IPTUN_ENCAP_SPORT={0x6}]}}}]}, 0x44}}, 0x0) [ 212.171675][ T8994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.254910][ T8994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 212.293671][ T8994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.320973][ T8994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 212.366132][ T8994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.416529][ T8994] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 212.443950][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 212.471905][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 212.497377][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 212.521441][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 17:24:15 executing program 3: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}) 17:24:16 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=@newlink={0x44, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ipip6={{0xb, 0x1, 'ip6tnl\x00'}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_TYPE={0x6, 0xf, 0xd000}, @IFLA_IPTUN_ENCAP_SPORT={0x6}]}}}]}, 0x44}}, 0x0) 17:24:16 executing program 3: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}) 17:24:16 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}) [ 212.820425][ T9043] ================================================================== [ 212.822265][ T9043] BUG: KASAN: vmalloc-out-of-bounds in bitfill_aligned+0x34a/0x400 [ 212.822265][ T9043] Write of size 8 at addr ffffc90009681000 by task syz-executor.0/9043 [ 212.822265][ T9043] [ 212.822265][ T9043] CPU: 1 PID: 9043 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 212.822265][ T9043] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 212.822265][ T9043] Call Trace: [ 212.822265][ T9043] dump_stack+0x18f/0x20d [ 212.822265][ T9043] ? bitfill_aligned+0x34a/0x400 [ 212.822265][ T9043] ? bitfill_aligned+0x34a/0x400 [ 212.822265][ T9043] print_address_description.constprop.0.cold+0x5/0x436 [ 212.822265][ T9043] ? lockdep_hardirqs_off+0x66/0xa0 [ 212.822265][ T9043] ? vprintk_func+0x97/0x1a6 [ 212.822265][ T9043] ? bitfill_aligned+0x34a/0x400 [ 212.822265][ T9043] kasan_report.cold+0x1f/0x37 [ 212.822265][ T9043] ? bitfill_aligned+0x34a/0x400 [ 212.822265][ T9043] bitfill_aligned+0x34a/0x400 [ 212.822265][ T9043] sys_fillrect+0x408/0x7a0 [ 212.822265][ T9043] ? sys_fillrect+0x7a0/0x7a0 [ 212.822265][ T9043] drm_fb_helper_sys_fillrect+0x1e/0x190 [ 212.822265][ T9043] bit_clear_margins+0x2d5/0x4a0 [ 212.822265][ T9043] ? bit_bmove+0x210/0x210 [ 212.822265][ T9043] ? fb_get_color_depth+0x11a/0x240 [ 212.822265][ T9043] fbcon_clear_margins+0x1d5/0x230 [ 212.822265][ T9043] fbcon_switch+0xb6e/0x16c0 [ 212.822265][ T9043] ? fbcon_scroll+0x3600/0x3600 [ 212.822265][ T9043] ? fbcon_cursor+0x52b/0x650 [ 212.822265][ T9043] ? kmalloc_array.constprop.0+0x20/0x20 [ 212.822265][ T9043] ? is_console_locked+0x5/0x10 [ 212.822265][ T9043] ? fbcon_set_origin+0x26/0x50 [ 212.822265][ T9043] redraw_screen+0x2ae/0x770 [ 212.822265][ T9043] ? vc_init+0x440/0x440 [ 212.822265][ T9043] ? fb_get_color_depth+0x11a/0x240 [ 212.822265][ T9043] ? fbcon_set_palette+0x3a8/0x490 [ 212.822265][ T9043] fbcon_modechanged+0x575/0x710 [ 212.822265][ T9043] fbcon_update_vcs+0x3a/0x50 [ 212.822265][ T9043] fb_set_var+0xae8/0xd60 [ 212.822265][ T9043] ? fb_blank+0x190/0x190 [ 212.822265][ T9043] ? lock_release+0x8d0/0x8d0 [ 212.822265][ T9043] ? lock_is_held_type+0xb0/0xe0 [ 212.822265][ T9043] ? do_fb_ioctl+0x2f2/0x6c0 [ 212.822265][ T9043] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 212.822265][ T9043] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 212.822265][ T9043] ? trace_hardirqs_on+0x5f/0x220 [ 212.822265][ T9043] do_fb_ioctl+0x33f/0x6c0 [ 212.822265][ T9043] ? fb_set_suspend+0x1a0/0x1a0 [ 212.822265][ T9043] ? tomoyo_execute_permission+0x470/0x470 [ 212.822265][ T9043] ? lock_is_held_type+0xb0/0xe0 [ 212.822265][ T9043] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 212.822265][ T9043] ? do_vfs_ioctl+0x27d/0x1090 [ 212.822265][ T9043] ? __fget_files+0x294/0x400 [ 212.822265][ T9043] fb_ioctl+0xdd/0x130 [ 212.822265][ T9043] ? do_fb_ioctl+0x6c0/0x6c0 [ 212.822265][ T9043] ksys_ioctl+0x11a/0x180 [ 212.822265][ T9043] __x64_sys_ioctl+0x6f/0xb0 [ 212.822265][ T9043] ? lockdep_hardirqs_on+0x6a/0xe0 [ 212.822265][ T9043] do_syscall_64+0x60/0xe0 [ 212.822265][ T9043] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 212.822265][ T9043] RIP: 0033:0x45c049 [ 212.822265][ T9043] Code: Bad RIP value. [ 212.822265][ T9043] RSP: 002b:00007f593141fc88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 212.822265][ T9043] RAX: ffffffffffffffda RBX: 00000000006fb3c0 RCX: 000000000045c049 [ 212.822265][ T9043] RDX: 0000000020000000 RSI: 0000000000004601 RDI: 0000000000000003 [ 212.822265][ T9043] RBP: 00000000004a906e R08: 0000000000000000 R09: 0000000000000000 [ 212.822265][ T9043] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000074bf00 [ 212.822265][ T9043] R13: 00007fff4c819fcf R14: 00007f5931400000 R15: 0000000000000003 [ 212.822265][ T9043] [ 212.822265][ T9043] [ 212.822265][ T9043] Memory state around the buggy address: [ 212.822265][ T9043] ffffc90009680f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 212.822265][ T9043] ffffc90009680f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 212.822265][ T9043] >ffffc90009681000: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 212.822265][ T9043] ^ [ 212.822265][ T9043] ffffc90009681080: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 212.822265][ T9043] ffffc90009681100: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 212.822265][ T9043] ================================================================== [ 212.822265][ T9043] Disabling lock debugging due to kernel taint [ 212.830988][ T9043] Kernel panic - not syncing: panic_on_warn set ... [ 212.831089][ T9043] CPU: 1 PID: 9043 Comm: syz-executor.0 Tainted: G B 5.8.0-rc5-syzkaller #0 [ 212.831094][ T9043] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 212.831170][ T9043] Call Trace: [ 212.831312][ T9043] dump_stack+0x18f/0x20d [ 212.831327][ T9043] ? bitfill_aligned+0x290/0x400 [ 212.831429][ T9043] panic+0x2e3/0x75c [ 212.831441][ T9043] ? __warn_printk+0xf3/0xf3 [ 212.831457][ T9043] ? preempt_schedule_common+0x59/0xc0 [ 212.831468][ T9043] ? bitfill_aligned+0x34a/0x400 [ 212.831486][ T9043] ? preempt_schedule_thunk+0x16/0x18 [ 212.831498][ T9043] ? trace_hardirqs_on+0x55/0x220 [ 212.831514][ T9043] ? bitfill_aligned+0x34a/0x400 [ 212.831525][ T9043] ? bitfill_aligned+0x34a/0x400 [ 212.831537][ T9043] end_report+0x4d/0x53 [ 212.831547][ T9043] kasan_report.cold+0xd/0x37 [ 212.831562][ T9043] ? bitfill_aligned+0x34a/0x400 [ 212.831578][ T9043] bitfill_aligned+0x34a/0x400 [ 212.831589][ T9043] sys_fillrect+0x408/0x7a0 [ 212.831600][ T9043] ? sys_fillrect+0x7a0/0x7a0 [ 212.831616][ T9043] drm_fb_helper_sys_fillrect+0x1e/0x190 [ 212.831627][ T9043] bit_clear_margins+0x2d5/0x4a0 [ 212.831638][ T9043] ? bit_bmove+0x210/0x210 [ 212.831654][ T9043] ? fb_get_color_depth+0x11a/0x240 [ 212.831665][ T9043] fbcon_clear_margins+0x1d5/0x230 [ 212.831676][ T9043] fbcon_switch+0xb6e/0x16c0 [ 212.831687][ T9043] ? fbcon_scroll+0x3600/0x3600 [ 212.831697][ T9043] ? fbcon_cursor+0x52b/0x650 [ 212.831705][ T9043] ? kmalloc_array.constprop.0+0x20/0x20 [ 212.831714][ T9043] ? is_console_locked+0x5/0x10 [ 212.831725][ T9043] ? fbcon_set_origin+0x26/0x50 [ 212.831736][ T9043] redraw_screen+0x2ae/0x770 [ 212.831749][ T9043] ? vc_init+0x440/0x440 [ 212.831756][ T9043] ? fb_get_color_depth+0x11a/0x240 [ 212.831768][ T9043] ? fbcon_set_palette+0x3a8/0x490 [ 212.831776][ T9043] fbcon_modechanged+0x575/0x710 [ 212.831785][ T9043] fbcon_update_vcs+0x3a/0x50 [ 212.831796][ T9043] fb_set_var+0xae8/0xd60 [ 212.831807][ T9043] ? fb_blank+0x190/0x190 [ 212.831824][ T9043] ? lock_release+0x8d0/0x8d0 [ 212.831837][ T9043] ? lock_is_held_type+0xb0/0xe0 [ 212.831852][ T9043] ? do_fb_ioctl+0x2f2/0x6c0 [ 212.831865][ T9043] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 212.831880][ T9043] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 212.831892][ T9043] ? trace_hardirqs_on+0x5f/0x220 [ 212.831903][ T9043] do_fb_ioctl+0x33f/0x6c0 [ 212.831914][ T9043] ? fb_set_suspend+0x1a0/0x1a0 [ 212.831926][ T9043] ? tomoyo_execute_permission+0x470/0x470 [ 212.831940][ T9043] ? lock_is_held_type+0xb0/0xe0 [ 212.831953][ T9043] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 212.831965][ T9043] ? do_vfs_ioctl+0x27d/0x1090 [ 212.831977][ T9043] ? __fget_files+0x294/0x400 [ 212.831988][ T9043] fb_ioctl+0xdd/0x130 [ 212.831999][ T9043] ? do_fb_ioctl+0x6c0/0x6c0 [ 212.832009][ T9043] ksys_ioctl+0x11a/0x180 [ 212.832019][ T9043] __x64_sys_ioctl+0x6f/0xb0 [ 212.832029][ T9043] ? lockdep_hardirqs_on+0x6a/0xe0 [ 212.832041][ T9043] do_syscall_64+0x60/0xe0 [ 212.832052][ T9043] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 212.832119][ T9043] RIP: 0033:0x45c049 [ 212.832122][ T9043] Code: Bad RIP value. [ 212.832127][ T9043] RSP: 002b:00007f593141fc88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 212.832134][ T9043] RAX: ffffffffffffffda RBX: 00000000006fb3c0 RCX: 000000000045c049 [ 212.832361][ T9043] RDX: 0000000020000000 RSI: 0000000000004601 RDI: 0000000000000003 [ 212.832366][ T9043] RBP: 00000000004a906e R08: 0000000000000000 R09: 0000000000000000 [ 212.832371][ T9043] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000074bf00 [ 212.832376][ T9043] R13: 00007fff4c819fcf R14: 00007f5931400000 R15: 0000000000000003 [ 212.840384][ T9043] Kernel Offset: disabled [ 212.840384][ T9043] Rebooting in 86400 seconds..