[ 136.364445][ T46] audit: type=1400 audit(1605209801.620:41): avc: denied { map } for pid=10098 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '[localhost]:47762' (ECDSA) to the list of known hosts. [ 141.972147][ T46] audit: type=1400 audit(1605209807.230:42): avc: denied { map } for pid=10112 comm="syz-fuzzer" path="/syz-fuzzer" dev="sda1" ino=16526 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 2020/11/12 19:36:47 fuzzer started 2020/11/12 19:36:47 connecting to host at 10.0.2.10:37223 2020/11/12 19:36:47 checking machine... 2020/11/12 19:36:47 checking revisions... 2020/11/12 19:36:47 testing simple program... [ 142.550198][ T46] audit: type=1400 audit(1605209807.810:43): avc: denied { integrity } for pid=10112 comm="syz-fuzzer" lockdown_reason="debugfs access" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=lockdown permissive=1 [ 142.633002][ T46] audit: type=1400 audit(1605209807.810:44): avc: denied { map } for pid=10112 comm="syz-fuzzer" path="/sys/kernel/debug/kcov" dev="debugfs" ino=24586 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 [ 144.146482][T10131] IPVS: ftp: loaded support on port[0] = 21 [ 144.272927][T10131] chnl_net:caif_netlink_parms(): no params data found [ 144.362897][T10131] bridge0: port 1(bridge_slave_0) entered blocking state [ 144.381639][T10131] bridge0: port 1(bridge_slave_0) entered disabled state [ 144.399838][T10131] device bridge_slave_0 entered promiscuous mode [ 144.425757][T10131] bridge0: port 2(bridge_slave_1) entered blocking state [ 144.448437][T10131] bridge0: port 2(bridge_slave_1) entered disabled state [ 144.467333][T10131] device bridge_slave_1 entered promiscuous mode [ 144.505395][T10131] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 144.529581][T10131] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 144.564489][T10131] team0: Port device team_slave_0 added [ 144.579526][T10131] team0: Port device team_slave_1 added [ 144.602006][T10131] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 144.616870][T10131] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 144.676123][T10131] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 144.703454][T10131] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 144.724438][T10131] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 144.799720][T10131] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 144.847338][T10131] device hsr_slave_0 entered promiscuous mode [ 144.870286][T10131] device hsr_slave_1 entered promiscuous mode [ 144.989992][ T46] audit: type=1400 audit(1605209810.250:45): avc: denied { create } for pid=10131 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 144.992796][T10131] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 145.064226][ T46] audit: type=1400 audit(1605209810.250:46): avc: denied { write } for pid=10131 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 145.148775][ T46] audit: type=1400 audit(1605209810.250:47): avc: denied { read } for pid=10131 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 145.153809][T10131] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 145.232786][T10131] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 145.253376][T10131] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 145.303027][T10131] bridge0: port 2(bridge_slave_1) entered blocking state [ 145.327272][T10131] bridge0: port 2(bridge_slave_1) entered forwarding state [ 145.355786][T10131] bridge0: port 1(bridge_slave_0) entered blocking state [ 145.386627][T10131] bridge0: port 1(bridge_slave_0) entered forwarding state [ 145.423858][ T3071] bridge0: port 1(bridge_slave_0) entered disabled state [ 145.454008][ T3071] bridge0: port 2(bridge_slave_1) entered disabled state executing program [ 145.523268][T10131] 8021q: adding VLAN 0 to HW filter on device bond0 [ 145.551087][ T68] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 145.572489][ T68] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 145.595399][T10131] 8021q: adding VLAN 0 to HW filter on device team0 [ 145.623416][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 145.645995][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 145.663451][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 145.679616][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 145.718652][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 145.740102][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 145.759740][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 145.775575][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 145.790897][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 145.809980][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 145.830247][ T68] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 145.848831][ T68] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 145.867354][ T68] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 145.900237][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 145.919650][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 145.935650][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 145.952363][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 145.976665][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 145.993803][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 146.015836][T10131] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 146.048524][T10142] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 146.067395][T10142] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 146.093479][T10131] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 146.128672][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 146.128954][T10142] Bluetooth: hci0: command 0x0409 tx timeout [ 146.145243][ T66] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 146.196371][T10131] device veth0_vlan entered promiscuous mode [ 146.211348][ T4777] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 146.229496][ T4777] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 146.252860][ T4777] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 146.268171][ T4777] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 146.294788][T10131] device veth1_vlan entered promiscuous mode [ 146.336685][ T4777] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 146.353932][ T4777] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 146.371570][ T4777] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 146.389500][ T4777] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 146.412932][T10131] device veth0_macvtap entered promiscuous mode [ 146.433396][ T4777] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 146.458955][T10131] device veth1_macvtap entered promiscuous mode [ 146.511302][T10131] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 146.555789][ T4777] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 146.586862][ T4777] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 146.630484][T10131] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 146.660921][T10144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 146.702763][T10144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 146.755185][T10131] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.785061][T10131] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.814120][T10131] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.835977][T10131] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.962884][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 146.999915][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 147.017045][ T2955] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 147.030498][T10142] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 147.045384][ T2955] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 147.090287][ T3071] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 147.120008][T10139] BUG: sleeping function called from invalid context at net/mac80211/sta_info.c:1962 [ 147.143423][ T46] audit: type=1400 audit(1605209812.380:48): avc: denied { associate } for pid=10131 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 147.198968][T10139] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 10139, name: kworker/u16:2 [ 147.219321][T10139] 4 locks held by kworker/u16:2/10139: [ 147.230225][T10139] #0: ffff88801b51d938 ((wq_completion)phy4){+.+.}-{0:0}, at: process_one_work+0x821/0x15a0 [ 147.257030][T10139] #1: ffffc90001107da8 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x15a0 [ 147.283100][T10139] #2: ffff88802c628d00 (&wdev->mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0x93/0xe80 [ 147.321395][T10139] #3: ffffffff8b337060 (rcu_read_lock){....}-{1:2}, at: sta_info_insert_rcu+0x680/0x2ba0 [ 147.371484][T10139] Preemption disabled at: [ 147.371794][T10139] [] __mutex_lock+0x10f/0x10e0 [ 147.420804][T10139] CPU: 0 PID: 10139 Comm: kworker/u16:2 Not tainted 5.10.0-rc3-syzkaller #0 [ 147.448647][T10139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 147.493157][T10139] Workqueue: phy4 ieee80211_iface_work [ 147.508410][T10139] Call Trace: [ 147.508410][T10139] dump_stack+0x107/0x163 [ 147.522829][T10139] ? __mutex_lock+0x10f/0x10e0 [ 147.537710][T10139] ___might_sleep.cold+0x1e8/0x22e [ 147.548435][T10139] sta_info_move_state+0x32/0x8d0 [ 147.557718][T10139] sta_info_free+0x65/0x3b0 [ 147.578719][T10139] sta_info_insert_rcu+0x303/0x2ba0 [ 147.598920][T10139] ? find_held_lock+0x2d/0x110 [ 147.618568][T10139] ? rate_control_rate_init+0x32c/0x6a0 [ 147.638569][T10139] ? sta_info_free+0x3b0/0x3b0 [ 147.650638][T10139] ? __local_bh_enable_ip+0x9c/0x110 [ 147.667711][T10139] ? rate_control_rate_init+0x35f/0x6a0 [ 147.687676][T10139] ieee80211_ibss_finish_sta+0x212/0x390 [ 147.697698][T10139] ? ieee80211_ibss_build_presp+0x15f0/0x15f0 [ 147.717758][T10139] ? __local_bh_enable_ip+0x9c/0x110 [ 147.731006][T10139] ieee80211_ibss_work+0x2c7/0xe80 [ 147.748556][T10139] ? ieee80211_ibss_rx_queued_mgmt+0x1870/0x1870 [ 147.768521][T10139] ? mark_held_locks+0x9f/0xe0 [ 147.777712][T10139] ? _raw_spin_unlock_irqrestore+0x42/0x50 [ 147.797721][T10139] ? lockdep_hardirqs_on+0x79/0x100 [ 147.819050][T10139] ? _raw_spin_unlock_irqrestore+0x2f/0x50 [ 147.847853][T10139] ieee80211_iface_work+0x82e/0x970 [ 147.858688][T10139] process_one_work+0x933/0x15a0 [ 147.867740][T10139] ? lock_release+0x710/0x710 [ 147.891088][T10139] ? pwq_dec_nr_in_flight+0x320/0x320 [ 147.907872][T10139] ? rwlock_bug.part.0+0x90/0x90 [ 147.918470][T10139] ? _raw_spin_lock_irq+0x41/0x50 [ 147.932330][T10139] worker_thread+0x64c/0x1120 [ 147.938576][T10139] ? __kthread_parkme+0x13f/0x1e0 [ 147.957888][T10139] ? process_one_work+0x15a0/0x15a0 [ 147.969210][T10139] kthread+0x3af/0x4a0 [ 147.977717][T10139] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 147.998454][T10139] ret_from_fork+0x1f/0x30 [ 148.020477][T10139] [ 148.025830][T10139] ============================= [ 148.027610][T10139] [ BUG: Invalid wait context ] [ 148.027610][T10139] 5.10.0-rc3-syzkaller #0 Tainted: G W [ 148.027610][T10139] ----------------------------- [ 148.027610][T10139] kworker/u16:2/10139 is trying to lock: [ 148.027610][T10139] ffff88802c6329d0 (&local->chanctx_mtx){+.+.}-{3:3}, at: ieee80211_recalc_min_chandef+0x49/0x140 [ 148.027610][T10139] other info that might help us debug this: [ 148.027610][T10139] context-{4:4} [ 148.027610][T10139] 4 locks held by kworker/u16:2/10139: [ 148.027610][T10139] #0: ffff88801b51d938 ((wq_completion)phy4){+.+.}-{0:0}, at: process_one_work+0x821/0x15a0 [ 148.027610][T10139] #1: ffffc90001107da8 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x15a0 [ 148.027610][T10139] #2: ffff88802c628d00 (&wdev->mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0x93/0xe80 [ 148.027610][T10139] #3: ffffffff8b337060 (rcu_read_lock){....}-{1:2}, at: sta_info_insert_rcu+0x680/0x2ba0 [ 148.027610][T10139] stack backtrace: [ 148.027610][T10139] CPU: 2 PID: 10139 Comm: kworker/u16:2 Tainted: G W 5.10.0-rc3-syzkaller #0 [ 148.027610][T10139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 148.027610][T10139] Workqueue: phy4 ieee80211_iface_work [ 148.027610][T10139] Call Trace: [ 148.027610][T10139] dump_stack+0x107/0x163 [ 148.027610][T10139] __lock_acquire.cold+0x310/0x3a2 [ 148.027610][T10139] ? lockdep_hardirqs_on_prepare+0x400/0x400 executing program [ 148.027610][T10139] ? find_held_lock+0x2d/0x110 [ 148.526581][T10139] lock_acquire+0x2a3/0x8c0 [ 148.526581][T10139] ? ieee80211_recalc_min_chandef+0x49/0x140 [ 148.526581][T10139] ? lock_release+0x710/0x710 [ 148.526581][T10139] __mutex_lock+0x134/0x10e0 [ 148.526581][T10139] ? ieee80211_recalc_min_chandef+0x49/0x140 [ 148.526581][T10139] ? ieee80211_recalc_min_chandef+0x49/0x140 [ 148.526581][T10139] ? mutex_lock_io_nested+0xf60/0xf60 [ 148.526581][T10139] ? ieee80211_clear_fast_rx+0x58/0x80 [ 148.526581][T10139] ? mark_held_locks+0x9f/0xe0 [ 148.526581][T10139] ieee80211_recalc_min_chandef+0x49/0x140 [ 148.526581][T10139] sta_info_move_state+0x3cf/0x8d0 [ 148.526581][T10139] sta_info_free+0x65/0x3b0 [ 148.526581][T10139] sta_info_insert_rcu+0x303/0x2ba0 [ 148.526581][T10139] ? find_held_lock+0x2d/0x110 [ 148.526581][T10139] ? rate_control_rate_init+0x32c/0x6a0 [ 148.526581][T10139] ? sta_info_free+0x3b0/0x3b0 [ 148.526581][T10139] ? __local_bh_enable_ip+0x9c/0x110 [ 148.526581][T10139] ? rate_control_rate_init+0x35f/0x6a0 [ 148.526581][T10139] ieee80211_ibss_finish_sta+0x212/0x390 [ 148.526581][T10139] ? ieee80211_ibss_build_presp+0x15f0/0x15f0 [ 148.526581][T10139] ? __local_bh_enable_ip+0x9c/0x110 [ 148.526581][T10139] ieee80211_ibss_work+0x2c7/0xe80 [ 148.526581][T10139] ? ieee80211_ibss_rx_queued_mgmt+0x1870/0x1870 [ 148.526581][T10139] ? mark_held_locks+0x9f/0xe0 [ 148.526581][T10139] ? _raw_spin_unlock_irqrestore+0x42/0x50 [ 148.526581][T10139] ? lockdep_hardirqs_on+0x79/0x100 [ 148.526581][T10139] ? _raw_spin_unlock_irqrestore+0x2f/0x50 [ 148.526581][T10139] ieee80211_iface_work+0x82e/0x970 [ 148.526581][T10139] process_one_work+0x933/0x15a0 [ 148.526581][T10139] ? lock_release+0x710/0x710 [ 148.526581][T10139] ? pwq_dec_nr_in_flight+0x320/0x320 [ 148.526581][T10139] ? rwlock_bug.part.0+0x90/0x90 [ 148.526581][T10139] ? _raw_spin_lock_irq+0x41/0x50 [ 148.526581][T10139] worker_thread+0x64c/0x1120 [ 148.526581][T10139] ? __kthread_parkme+0x13f/0x1e0 [ 148.526581][T10139] ? process_one_work+0x15a0/0x15a0 [ 148.526581][T10139] kthread+0x3af/0x4a0 [ 148.526581][T10139] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 148.526581][T10139] ret_from_fork+0x1f/0x30 [ 149.304499][T10139] BUG: sleeping function called from invalid context at net/mac80211/sta_info.c:1962 [ 149.308954][T10142] Bluetooth: hci0: command 0x041b tx timeout [ 149.333675][T10139] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 10139, name: kworker/u16:2 [ 149.369830][T10139] INFO: lockdep is turned off. [ 149.379411][T10139] Preemption disabled at: [ 149.379456][T10139] [] preempt_schedule_thunk+0x16/0x18 [ 149.403594][T10139] CPU: 2 PID: 10139 Comm: kworker/u16:2 Tainted: G W 5.10.0-rc3-syzkaller #0 [ 149.413525][T10139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 149.413525][T10139] Workqueue: phy4 ieee80211_iface_work [ 149.413525][T10139] Call Trace: [ 149.413525][T10139] dump_stack+0x107/0x163 [ 149.413525][T10139] ? preempt_schedule_thunk+0x16/0x18 [ 149.413525][T10139] ___might_sleep.cold+0x1e8/0x22e [ 149.413525][T10139] sta_info_move_state+0x32/0x8d0 [ 149.413525][T10139] sta_info_free+0x65/0x3b0 [ 149.413525][T10139] sta_info_insert_rcu+0x303/0x2ba0 [ 149.413525][T10139] ? find_held_lock+0x2d/0x110 [ 149.413525][T10139] ? rate_control_rate_init+0x32c/0x6a0 [ 149.413525][T10139] ? sta_info_free+0x3b0/0x3b0 [ 149.413525][T10139] ? __local_bh_enable_ip+0x9c/0x110 [ 149.413525][T10139] ? rate_control_rate_init+0x35f/0x6a0 [ 149.413525][T10139] ieee80211_ibss_finish_sta+0x212/0x390 [ 149.413525][T10139] ? ieee80211_ibss_build_presp+0x15f0/0x15f0 [ 149.413525][T10139] ? __local_bh_enable_ip+0x9c/0x110 [ 149.413525][T10139] ieee80211_ibss_work+0x2c7/0xe80 [ 149.413525][T10139] ? ieee80211_ibss_rx_queued_mgmt+0x1870/0x1870 [ 149.413525][T10139] ? mark_held_locks+0x9f/0xe0 [ 149.413525][T10139] ? _raw_spin_unlock_irqrestore+0x42/0x50 [ 149.413525][T10139] ? lockdep_hardirqs_on+0x79/0x100 [ 149.413525][T10139] ? _raw_spin_unlock_irqrestore+0x2f/0x50 [ 149.413525][T10139] ieee80211_iface_work+0x82e/0x970 [ 149.413525][T10139] process_one_work+0x933/0x15a0 [ 149.413525][T10139] ? lock_release+0x710/0x710 [ 149.413525][T10139] ? pwq_dec_nr_in_flight+0x320/0x320 [ 149.413525][T10139] ? rwlock_bug.part.0+0x90/0x90 [ 149.413525][T10139] ? _raw_spin_lock_irq+0x41/0x50 [ 149.413525][T10139] worker_thread+0x64c/0x1120 [ 149.413525][T10139] ? __kthread_parkme+0x13f/0x1e0 [ 149.413525][T10139] ? process_one_work+0x15a0/0x15a0 [ 149.413525][T10139] kthread+0x3af/0x4a0 [ 149.413525][T10139] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 149.413525][T10139] ret_from_fork+0x1f/0x30 [ 149.868742][T10131] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation 2020/11/12 19:36:55 building call list... [ 149.996179][ T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.096711][ T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.175804][ T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.256554][ T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.363751][ T9] device hsr_slave_0 left promiscuous mode [ 151.402991][ T9] device hsr_slave_1 left promiscuous mode [ 151.431083][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 151.457939][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 151.476645][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 151.492112][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 151.512471][ T9] device bridge_slave_1 left promiscuous mode executing program [ 151.530496][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 151.592265][ T9] device bridge_slave_0 left promiscuous mode [ 151.607890][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 151.627866][ T9] device veth1_macvtap left promiscuous mode [ 151.642787][ T9] device veth0_macvtap left promiscuous mode [ 151.658063][ T9] device veth1_vlan left promiscuous mode [ 151.669246][ T9] device veth0_vlan left promiscuous mode [ 152.022622][ T9] team0 (unregistering): Port device team_slave_1 removed [ 152.045264][ T9] team0 (unregistering): Port device team_slave_0 removed [ 152.062630][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 152.088999][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 152.125723][ T9] bond0 (unregistering): Released all slaves [ 152.238615][T10150] can: request_module (can-proto-0) failed. [ 152.765659][T10150] can: request_module (can-proto-0) failed. [ 152.863750][T10150] can: request_module (can-proto-0) failed. [ 153.192210][T10150] base_sock_release(00000000786e636b) sk=0000000005869bb3 [ 153.250020][ T46] audit: type=1400 audit(1605209818.510:49): avc: denied { create } for pid=10112 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 [ 153.320026][ T46] audit: type=1400 audit(1605209818.510:50): avc: denied { create } for pid=10112 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 153.398572][ T46] audit: type=1400 audit(1605209818.510:51): avc: denied { create } for pid=10112 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_rdma_socket permissive=1 VM DIAGNOSIS: 19:36:54 Registers: info registers vcpu 0 RAX=000000000004af1b RBX=ffffffff8b09af80 RCX=1ffffffff19d8ea9 RDX=0000000000000000 RSI=0000000000000001 RDI=0000000000000000 RBP=fffffbfff16135f0 RSP=ffffffff8b007e40 R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000000 R14=ffffffff8cecaf08 R15=0000000000000000 RIP=ffffffff88e7b163 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802ca00000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fe806799000 CR3=0000000021baa000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=545b5d3830303032312e37343120205b XMM01=00000000000000000000000000000000 XMM02=65656c73203a475542205d3933313031 XMM03=6163206e6f6974636e756620676e6970 XMM04=696c61766e69206d6f72662064656c6c XMM05=74656e20746120747865746e6f632064 XMM06=6174732f313132303863616d2f74656e XMM07=00000000000000002000000000000020 XMM08=ffffff0000000000ff000000000000ff XMM09=00000000000000000000000000000000 XMM10=ffffff00000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000047b0b RBX=ffff888010ac4380 RCX=1ffffffff19d8ea9 RDX=0000000000000000 RSI=0000000000000001 RDI=0000000000000000 RBP=ffffed1002158870 RSP=ffffc9000041fdf8 R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000000 R11=0000000000000000 R12=0000000000000001 R13=0000000000000001 R14=ffffffff8cecaf08 R15=0000000000000000 RIP=ffffffff88e7b163 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802cb00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe000003e000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000003c000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fe806799000 CR3=0000000021baa000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=6e20746120747865746e6f632064696c XMM01=61766e69206d6f72662064656c6c6163 XMM02=206e6f6974636e756620676e69706565 XMM03=6c73203a475542205d3933313031545b XMM04=206e6f6974636e756620676e69706565 XMM05=65656c73203a475542205d3933313031 XMM06=5342492077656e20676e697461657243 XMM07=6e65675f6b6e696c74656e3d7373616c XMM08=ffffff0000000000ff000000000000ff XMM09=00000000000000000000000000000000 XMM10=ffffff00000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 2 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff840e586c RDI=ffffffff8faec8c0 RBP=ffffffff8faec880 RSP=ffffc90000667928 R8 =0000000000000001 R9 =0000000000000003 R10=000000000000000a R11=0000000000000000 R12=0000000000000020 R13=fffffbfff1f5d963 R14=fffffbfff1f5d91a R15=dffffc0000000000 RIP=ffffffff840e58c0 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802cc00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe0000079000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000077000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=ffffffffff600400 CR3=0000000021baa000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=205b5d3738323039302e37343120205b XMM01=00000000000000000000000000000000 XMM02=00000000000001210000000000435455 XMM03=6e20676e697461657243203a316e616c XMM04=77205d3535393254205b5d3438333534 XMM05=3438333534302e37343120205b3e363c XMM06=6574616c20676e697972746572282031 XMM07=00000000000000002000000000000020 XMM08=ffffff0000000000ff000000000000ff XMM09=00000000000000000000000000000000 XMM10=ffffff00000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 3 RAX=0000000000000000 RBX=ffffe8ffadc09e00 RCX=ffffffff8164e310 RDX=ffff888029514c00 RSI=ffffffff8164e2ea RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90001037a70 R8 =0000000000000000 R9 =ffffffff8cecaef3 R10=0000000000000000 R11=0000000000000000 R12=fffff91ff5b813c1 R13=0000000000000002 R14=ffffe8ffadc09e08 R15=0000000000000001 RIP=ffffffff8164e2ec RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000002e64940 ffffffff 00c00000 GS =0000 ffff88802cd00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe00000b4000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000b2000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fe806799000 CR3=000000002a7a4000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=0000000000000000ff000000000000ff XMM01=25252525252525252525252525252525 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=ffffffffffffffffffffffffffffffff XMM06=ffffffffffffffffffffffffffffffff XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000