Warning: Permanently added '[localhost]:27468' (ECDSA) to the list of known hosts.
2020/07/25 19:45:49 fuzzer started
2020/07/25 19:45:50 dialing manager at 10.0.2.10:39217
2020/07/25 19:45:50 syscalls: 3221
2020/07/25 19:45:50 code coverage: enabled
2020/07/25 19:45:50 comparison tracing: enabled
2020/07/25 19:45:50 extra coverage: enabled
2020/07/25 19:45:50 setuid sandbox: enabled
2020/07/25 19:45:50 namespace sandbox: enabled
2020/07/25 19:45:50 Android sandbox: /sys/fs/selinux/policy does not exist
2020/07/25 19:45:50 fault injection: enabled
2020/07/25 19:45:50 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2020/07/25 19:45:50 net packet injection: enabled
2020/07/25 19:45:50 net device setup: enabled
2020/07/25 19:45:50 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2020/07/25 19:45:50 devlink PCI setup: PCI device 0000:00:10.0 is not available
2020/07/25 19:45:50 USB emulation: enabled
19:46:57 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x40000000002, 0x3, 0x2)
r3 = socket(0x40000000002, 0x3, 0x80000000002)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000140)='bridge_slave_0\x00', 0xf)
sendto$unix(r3, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x33)
setsockopt$inet_int(r2, 0x0, 0x7, &(0x7f0000000040)=0x9, 0x4)
recvmmsg(r2, &(0x7f0000000240)=[{{0x0, 0xfffffffffffffea7, 0x0, 0x0, 0x0, 0xfffffffffffffec8}}], 0x4000000000002c5, 0x2, 0x0)

19:46:58 executing program 1:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fb0\x00', 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x30, 0x0, 0x1, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c0cbf237c21175c})

19:46:58 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast1}}}, 0x108)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

19:46:59 executing program 3:
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffff9c, 0x84, 0x9, &(0x7f0000000940)={0x0, @in={{0x2, 0x4e21, @remote}}}, 0x0)
ioctl$VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, 0x0)
write$P9_RWRITE(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SNAPSHOT_UNFREEZE(r1, 0x3302)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000b00)=[{0x7, 0xee, 0xe7}, {0x0, 0x1, 0x0, 0x2}]}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0xa000000400000005)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000004c0), 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, 0x0, 0x0)
r2 = getpgrp(0xffffffffffffffff)
setpriority(0x0, r2, 0x100)
r3 = openat$cgroup_freezer_state(r0, &(0x7f00000000c0)='freezer.state\x00', 0x2, 0x0)
kcmp$KCMP_EPOLL_TFD(0x0, r2, 0x7, r0, &(0x7f0000000280)={0xffffffffffffffff, r3, 0x762})
open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1)
execve(&(0x7f0000000240)='./file0\x00', &(0x7f0000000640)=[&(0x7f0000000400)='(\xe0\xf5\x00', 0x0], &(0x7f0000000c40)=[&(0x7f0000000740)='syz0\x00', &(0x7f0000000780)='#)\x00', &(0x7f00000007c0)='system\x02\xe8\xb0C\xc5k\xe3\x06\x00\x00z2\x89\x02\xaa\xac.<H\x88\xa4r\x9b\xbc\xbc5\xf5\x82\xdb\x7f\x88\xe9\x8f\x93\xbb\x1cZ6z\xf5\xd3\x1a2n5#J27d\x06,\xb24o\xb2\x95\xb7\xd7B\x00', &(0x7f0000000880)='em0)\x00', &(0x7f00000008c0)='\x91\x00', &(0x7f0000000900)='/dev/l_op#\x00', &(0x7f0000000a00)='\xf2\xacu\xe1 ]QD\x1e7\xabG\xe7\xac\x89\xab>\x01)T\x02\x1dX\xff\x9bn\xe8\x94t\xfb\xca\xb9!\xd82\x1b\x98\x9f\x14\xef\aQ\xe1\xbf\xe6\xc2\x1f\x01p\xf8!\'K\xe6\xd9\"\x8b\xa9\xbb\xb6K0\xaf\xa4\xdf*\xa2\xab\x90', &(0x7f0000000a80)='+\x00', &(0x7f0000000b40)=']((\x00', &(0x7f0000000bc0)='/proc/capi/capi20\x00'])
execve(&(0x7f0000000480)='./file0\x00', &(0x7f0000000840)=[&(0x7f0000000600)='(\xe0\xf5\x00', &(0x7f0000000680)='/dev/l_op#\x00', &(0x7f0000000540)='system\x02\xe8\xb0C\xc5k\xe3\x06\x00\x00z2\x89\x02\xaa\xac.<H\x88\xa4r\x9b\xbc\xbc5\xf5\x82\xdb\x7f\x88\xe9\x8f\x93\xbb\x1cZ6z\xf5\xd3\x1a2n5#J27d\x06,\xb24o\xb2\x95\xb7\xd7B\x00\x00\x00', &(0x7f00000002c0)='\xdcj_\xdb\xd7\x86,\xb2$,\xa2\xfc^qGM\x1e\xb6\xca5C\xd04X\x8eP\xa9\xa5~8\xfd-f\xa3n\xf2\xba~6\xf3\xb1\x82\xb6d\xe6\x12WRo\x9f\x18\xb4\xf2\x100r\xca\x92;SD\xcc\xab', &(0x7f00000006c0)='\xf2\xacu\xe1 ]QD\x1e7\xabG\xe7\xac\x89\xab>\x01)T\x02\x1dX\xff\x9bn\xe8\x94t\xfb\xca\xb9!\xd82\x1b\x98\x9f\x14\xef\aQ\xe1\xbf\xe6\xc2\x1f\x01p\xf8!\'K\xe6\xd9\"\x8b\xa9\xbb\xb6K0\xaf\xa4\xdf*\xa2\xab\x90'], &(0x7f00000005c0)=[&(0x7f0000000040)='selfposix_acl_access&[\x00', &(0x7f00000001c0)='/ARW+\xe7\xf7\x94x\x00\x00\a1p\xf3\xaf\xd5w\x1f|\xbf\x81\xac\xbcQP\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000100)='\\y\b(,\x00', 0x0, &(0x7f0000000140)='\x91\x00', &(0x7f0000000440)='/dev/adsp1\x00'])

syzkaller login: [  225.601756][ T8487] IPVS: ftp: loaded support on port[0] = 21
[  225.601830][ T8485] IPVS: ftp: loaded support on port[0] = 21
[  225.961259][ T8489] IPVS: ftp: loaded support on port[0] = 21
[  226.399564][ T8490] IPVS: ftp: loaded support on port[0] = 21
[  226.406314][ T8485] chnl_net:caif_netlink_parms(): no params data found
[  226.507308][ T8487] chnl_net:caif_netlink_parms(): no params data found
[  226.722786][ T8489] chnl_net:caif_netlink_parms(): no params data found
[  226.910065][ T8487] bridge0: port 1(bridge_slave_0) entered blocking state
[  226.938626][ T8487] bridge0: port 1(bridge_slave_0) entered disabled state
[  226.974443][ T8487] device bridge_slave_0 entered promiscuous mode
[  227.027607][ T8487] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.057660][ T8487] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.095052][ T8487] device bridge_slave_1 entered promiscuous mode
[  227.132070][ T8485] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.158790][ T8485] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.192863][ T8485] device bridge_slave_0 entered promiscuous mode
[  227.236720][ T8485] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.267917][ T8485] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.292849][ T8485] device bridge_slave_1 entered promiscuous mode
[  227.340731][ T8487] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  227.398479][ T8487] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  227.435892][ T8485] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  227.498483][ T8489] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.546288][ T8489] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.573816][ T8489] device bridge_slave_0 entered promiscuous mode
[  227.597657][ T8485] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  227.653700][ T8489] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.685068][ T8489] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.716295][ T8489] device bridge_slave_1 entered promiscuous mode
[  227.781262][ T8487] team0: Port device team_slave_0 added
[  227.864850][ T8487] team0: Port device team_slave_1 added
[  227.936522][ T8489] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  228.049954][ T8485] team0: Port device team_slave_0 added
[  228.077211][ T8487] batman_adv: batadv0: Adding interface: batadv_slave_0
[  228.112202][ T8487] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  228.213927][ T8487] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  228.247829][ T8489] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  228.297844][ T8485] team0: Port device team_slave_1 added
[  228.317846][ T8487] batman_adv: batadv0: Adding interface: batadv_slave_1
[  228.339445][ T8487] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  228.410957][ T8487] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  228.529647][ T8489] team0: Port device team_slave_0 added
[  228.557442][ T8485] batman_adv: batadv0: Adding interface: batadv_slave_0
[  228.575639][ T8485] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  228.627475][ T8485] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  228.664823][ T8490] chnl_net:caif_netlink_parms(): no params data found
[  228.717942][ T8489] team0: Port device team_slave_1 added
[  228.763300][ T8485] batman_adv: batadv0: Adding interface: batadv_slave_1
[  228.802019][ T8485] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  228.962552][ T8485] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  229.103247][ T8487] device hsr_slave_0 entered promiscuous mode
[  229.214973][ T8487] device hsr_slave_1 entered promiscuous mode
[  229.334172][ T8489] batman_adv: batadv0: Adding interface: batadv_slave_0
[  229.377868][ T8489] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  229.510822][ T8489] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  229.575702][ T8489] batman_adv: batadv0: Adding interface: batadv_slave_1
[  229.608723][ T8489] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  229.737425][ T8489] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  229.893441][ T8485] device hsr_slave_0 entered promiscuous mode
[  229.982364][ T8485] device hsr_slave_1 entered promiscuous mode
[  230.083327][ T8485] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  230.108983][ T8485] Cannot create hsr debugfs directory
[  230.264898][ T8489] device hsr_slave_0 entered promiscuous mode
[  230.321889][ T8489] device hsr_slave_1 entered promiscuous mode
[  230.361639][ T8489] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  230.379742][ T8489] Cannot create hsr debugfs directory
[  230.429989][ T8490] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.442206][ T8490] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.456123][ T8490] device bridge_slave_0 entered promiscuous mode
[  230.496413][ T8490] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.522768][ T8490] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.541073][ T8490] device bridge_slave_1 entered promiscuous mode
[  230.615454][ T8490] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  230.675600][ T8490] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  230.769293][ T8490] team0: Port device team_slave_0 added
[  230.867968][ T8490] team0: Port device team_slave_1 added
[  230.955209][ T8490] batman_adv: batadv0: Adding interface: batadv_slave_0
[  230.975793][ T8490] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  231.061003][ T8490] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  231.093640][ T8490] batman_adv: batadv0: Adding interface: batadv_slave_1
[  231.112263][ T8490] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  231.177696][ T8490] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  231.260639][ T8487] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  231.488814][ T8490] device hsr_slave_0 entered promiscuous mode
[  231.572652][ T8490] device hsr_slave_1 entered promiscuous mode
[  231.651929][ T8490] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  231.668535][ T8490] Cannot create hsr debugfs directory
[  231.680836][ T8487] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  231.790294][ T8487] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  231.876601][ T8487] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  232.035772][ T8485] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  232.108473][ T8485] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  232.201214][ T8485] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  232.290387][ T8485] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  232.429330][ T8489] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  232.486461][ T8489] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  232.619563][ T8489] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  232.699670][ T8489] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  232.855816][ T8490] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  232.968005][ T8490] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  233.086128][ T8490] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  233.198684][ T8490] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  233.454614][ T8487] 8021q: adding VLAN 0 to HW filter on device bond0
[  233.511294][ T8485] 8021q: adding VLAN 0 to HW filter on device bond0
[  233.570491][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  233.616421][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  233.666593][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  233.717945][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  233.765294][ T8485] 8021q: adding VLAN 0 to HW filter on device team0
[  233.827317][ T8490] 8021q: adding VLAN 0 to HW filter on device bond0
[  233.876288][ T8487] 8021q: adding VLAN 0 to HW filter on device team0
[  233.927533][ T8489] 8021q: adding VLAN 0 to HW filter on device bond0
[  233.967370][ T3775] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  234.009767][ T3775] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  234.055494][ T3775] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.094055][ T3775] bridge0: port 1(bridge_slave_0) entered forwarding state
[  234.148558][   T36] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  234.202887][   T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  234.239462][   T36] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  234.256961][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.276502][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  234.307409][   T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  234.334609][   T36] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  234.355060][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  234.372962][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  234.389793][   T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  234.408346][   T36] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  234.425815][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  234.441198][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  234.460315][   T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  234.476902][   T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  234.495386][   T36] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  234.532619][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  234.563410][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  234.591058][ T8490] 8021q: adding VLAN 0 to HW filter on device team0
[  234.636339][ T8489] 8021q: adding VLAN 0 to HW filter on device team0
[  234.676480][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  234.715876][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  234.746705][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  234.805102][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  234.859163][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  234.914406][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  234.954871][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  234.974991][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  235.024460][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  235.051185][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  235.078546][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  235.106845][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  235.145637][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  235.183284][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  235.212410][ T2878] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.231230][ T2878] bridge0: port 1(bridge_slave_0) entered forwarding state
[  235.261239][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  235.313697][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  235.346162][ T2878] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.366436][ T2878] bridge0: port 1(bridge_slave_0) entered forwarding state
[  235.393106][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  235.437590][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  235.480089][ T2878] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.514408][ T2878] bridge0: port 2(bridge_slave_1) entered forwarding state
[  235.533187][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  235.554571][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  235.582090][ T3775] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  235.624264][ T3775] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  235.657919][ T3775] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  235.679923][ T3775] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  235.701954][ T3775] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  235.718950][ T3775] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  235.736629][ T3775] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  235.758812][ T3775] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  235.797775][ T3845] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  235.814383][ T3845] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  235.847398][ T3845] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  235.872275][ T3845] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  235.903010][ T8487] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  235.938599][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  235.960947][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  235.982865][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  236.015746][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  236.036211][   T18] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.052023][   T18] bridge0: port 2(bridge_slave_1) entered forwarding state
[  236.067873][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  236.088194][ T8485] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  236.134715][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  236.160464][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  236.193359][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  236.251046][ T1222] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  236.293722][ T1222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  236.338687][ T1222] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  236.375831][ T1222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  236.416289][ T1222] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  236.443274][ T1222] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  236.463732][ T1222] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  236.486023][ T1222] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  236.513651][ T1222] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  236.539069][ T1222] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  236.573584][ T8513] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  236.599854][ T8513] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  236.632310][ T8513] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  236.658495][ T8513] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  236.690374][ T8487] 8021q: adding VLAN 0 to HW filter on device batadv0
[  236.731009][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  236.759171][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  236.787241][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  236.822934][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  236.859380][ T8485] 8021q: adding VLAN 0 to HW filter on device batadv0
[  236.914883][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  236.959878][ T8489] 8021q: adding VLAN 0 to HW filter on device batadv0
[  236.984248][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  237.013313][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  237.041341][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  237.073684][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  237.129310][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  237.161098][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  237.217165][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  237.244704][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  237.270212][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  237.299313][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  237.344783][ T8487] device veth0_vlan entered promiscuous mode
[  237.380860][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  237.423430][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  237.469507][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  237.502938][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  237.543820][ T8485] device veth0_vlan entered promiscuous mode
[  237.562456][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  237.587376][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  237.619902][ T8490] 8021q: adding VLAN 0 to HW filter on device batadv0
[  237.653670][ T3845] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  237.689450][ T3845] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  237.725432][ T8487] device veth1_vlan entered promiscuous mode
[  237.766642][ T8485] device veth1_vlan entered promiscuous mode
[  237.795610][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  237.815437][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  237.839983][ T8489] device veth0_vlan entered promiscuous mode
[  238.260817][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  238.310897][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  238.410384][ T8485] device veth0_macvtap entered promiscuous mode
[  238.449634][ T8489] device veth1_vlan entered promiscuous mode
[  238.478548][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  238.518611][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  238.557153][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  238.589327][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  238.618301][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  238.651039][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  238.684235][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  238.717608][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  238.764758][ T8487] device veth0_macvtap entered promiscuous mode
[  238.803777][ T8485] device veth1_macvtap entered promiscuous mode
[  238.851328][ T8487] device veth1_macvtap entered promiscuous mode
[  238.896149][ T3775] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  238.919669][ T3775] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  238.944672][ T8485] batman_adv: batadv0: Interface activated: batadv_slave_0
[  238.970724][ T8490] device veth0_vlan entered promiscuous mode
[  238.995326][   T36] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  239.017195][   T36] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  239.033565][   T36] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  239.052268][   T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  239.092677][   T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  239.117882][   T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  239.187891][ T8485] batman_adv: batadv0: Interface activated: batadv_slave_1
[  239.306889][ T1222] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  239.363448][ T1222] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  239.422284][ T8489] device veth0_macvtap entered promiscuous mode
[  239.507991][ T8490] device veth1_vlan entered promiscuous mode
[  239.553763][ T8487] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  239.626963][ T8487] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.702213][ T8487] batman_adv: batadv0: Interface activated: batadv_slave_0
[  239.757597][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  239.799794][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  239.845163][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  239.887085][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  239.968834][ T8489] device veth1_macvtap entered promiscuous mode
[  240.119267][ T8487] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  240.246614][ T8487] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.315937][ T8487] batman_adv: batadv0: Interface activated: batadv_slave_1
[  240.416223][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  240.487039][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  240.813039][ T8489] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  240.880101][ T8489] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.915123][ T8489] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  240.947043][ T8489] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.998865][ T8489] batman_adv: batadv0: Interface activated: batadv_slave_0
[  241.039926][ T3845] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  241.067227][ T3845] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  241.084951][ T3845] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  241.113248][ T3845] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  241.139594][ T8490] device veth0_macvtap entered promiscuous mode
[  241.159955][ T8489] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  241.198094][ T8489] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  241.235748][ T8489] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  241.262148][ T8489] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  241.290679][ T8489] batman_adv: batadv0: Interface activated: batadv_slave_1
[  241.401201][ T8513] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  241.429487][ T8513] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  241.473216][ T8513] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  241.508022][ T8485] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation
[  241.515284][ T8490] device veth1_macvtap entered promiscuous mode
[  241.947698][ T8490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  242.018004][ T8490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.050250][ T8517] raw_sendmsg: syz-executor.0 forgot to set AF_INET. Fix it!
[  242.076117][ T8490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  242.173761][ T8490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.287351][ T8490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  242.386895][ T8490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
19:47:16 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x40000000002, 0x3, 0x2)
r3 = socket(0x40000000002, 0x3, 0x80000000002)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000140)='bridge_slave_0\x00', 0xf)
sendto$unix(r3, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x33)
setsockopt$inet_int(r2, 0x0, 0x7, &(0x7f0000000040)=0x9, 0x4)
recvmmsg(r2, &(0x7f0000000240)=[{{0x0, 0xfffffffffffffea7, 0x0, 0x0, 0x0, 0xfffffffffffffec8}}], 0x4000000000002c5, 0x2, 0x0)

[  242.490763][ T8490] batman_adv: batadv0: Interface activated: batadv_slave_0
[  242.646071][ T3845] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
19:47:16 executing program 0:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mlockall(0x7)
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
munlockall()

[  242.730112][ T3845] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  242.757549][ T8490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  242.757555][ T8490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.757562][ T8490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  242.757566][ T8490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.757572][ T8490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  242.757633][ T8490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.760514][ T8490] batman_adv: batadv0: Interface activated: batadv_slave_1
[  242.890887][ T8513] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  242.947537][ T8518] blkid (8518) used greatest stack depth: 23304 bytes left
[  242.985831][ T8513] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  243.131920][ T8523] ==================================================================
[  243.131920][ T8523] BUG: KASAN: vmalloc-out-of-bounds in bitfill_aligned+0x34a/0x400
[  243.131920][ T8523] Write of size 8 at addr ffffc90009461000 by task syz-executor.1/8523
[  243.131920][ T8523] 
[  243.131920][ T8523] CPU: 1 PID: 8523 Comm: syz-executor.1 Not tainted 5.8.0-rc6-syzkaller #0
[  243.131920][ T8523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014
[  243.131920][ T8523] Call Trace:
[  243.131920][ T8523]  dump_stack+0x18f/0x20d
[  243.131920][ T8523]  ? bitfill_aligned+0x34a/0x400
[  243.131920][ T8523]  ? bitfill_aligned+0x34a/0x400
[  243.131920][ T8523]  print_address_description.constprop.0.cold+0x5/0x436
[  243.131920][ T8523]  ? trace_hardirqs_on+0x5f/0x220
[  243.131920][ T8523]  ? lockdep_hardirqs_off+0x66/0xa0
[  243.131920][ T8523]  ? vprintk_func+0x97/0x1a6
[  243.131920][ T8523]  ? bitfill_aligned+0x34a/0x400
[  243.131920][ T8523]  kasan_report.cold+0x1f/0x37
[  243.131920][ T8523]  ? bitfill_aligned+0xe1/0x400
[  243.131920][ T8523]  ? bitfill_aligned+0x34a/0x400
[  243.131920][ T8523]  bitfill_aligned+0x34a/0x400
[  243.131920][ T8523]  sys_fillrect+0x408/0x7a0
[  243.131920][ T8523]  ? sys_fillrect+0x7a0/0x7a0
[  243.131920][ T8523]  drm_fb_helper_sys_fillrect+0x1e/0x190
[  243.131920][ T8523]  bit_clear_margins+0x3f6/0x4a0
[  243.131920][ T8523]  ? bit_bmove+0x210/0x210
[  243.131920][ T8523]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[  243.131920][ T8523]  ? fb_get_color_depth+0x11a/0x240
[  243.131920][ T8523]  fbcon_clear_margins+0x1d5/0x230
[  243.131920][ T8523]  fbcon_switch+0xb6e/0x16c0
[  243.131920][ T8523]  ? fbcon_scroll+0x3600/0x3600
[  243.131920][ T8523]  ? fbcon_cursor+0x52b/0x650
[  243.131920][ T8523]  ? kmalloc_array.constprop.0+0x20/0x20
[  243.131920][ T8523]  ? is_console_locked+0x5/0x10
[  243.131920][ T8523]  ? fbcon_set_origin+0x26/0x50
[  243.131920][ T8523]  redraw_screen+0x2ae/0x770
[  243.131920][ T8523]  ? vc_init+0x440/0x440
[  243.131920][ T8523]  ? fb_get_color_depth+0x11a/0x240
[  243.131920][ T8523]  ? fbcon_set_palette+0x3a8/0x490
[  243.131920][ T8523]  fbcon_modechanged+0x575/0x710
[  243.131920][ T8523]  fbcon_update_vcs+0x3a/0x50
[  243.131920][ T8523]  fb_set_var+0xae8/0xd60
[  243.131920][ T8523]  ? fb_blank+0x190/0x190
[  243.131920][ T8523]  ? lock_release+0x8d0/0x8d0
[  243.131920][ T8523]  ? lock_is_held_type+0xb0/0xe0
[  243.131920][ T8523]  ? lock_release+0x8d0/0x8d0
[  243.131920][ T8523]  ? do_fb_ioctl+0x2f2/0x6c0
[  243.131920][ T8523]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[  243.131920][ T8523]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[  243.131920][ T8523]  ? trace_hardirqs_on+0x5f/0x220
[  243.131920][ T8523]  do_fb_ioctl+0x33f/0x6c0
[  243.131920][ T8523]  ? fb_set_suspend+0x1a0/0x1a0
[  243.131920][ T8523]  ? lock_downgrade+0x820/0x820
[  243.131920][ T8523]  ? trace_hardirqs_on+0x5f/0x220
[  243.131920][ T8523]  ? lockdep_hardirqs_on+0x6a/0xe0
[  243.131920][ T8523]  ? tomoyo_path_number_perm+0x244/0x4d0
[  243.131920][ T8523]  ? tomoyo_execute_permission+0x470/0x470
[  243.131920][ T8523]  ? __might_fault+0xef/0x1d0
[  243.131920][ T8523]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  243.131920][ T8523]  ? do_vfs_ioctl+0x27d/0x1090
[  243.131920][ T8523]  ? generic_block_fiemap+0x60/0x60
[  243.131920][ T8523]  fb_compat_ioctl+0x175/0xc10
[  243.131920][ T8523]  ? fb_open+0x430/0x430
[  243.131920][ T8523]  ? __fget_files+0x294/0x400
[  243.131920][ T8523]  ? fb_open+0x430/0x430
[  243.131920][ T8523]  __do_compat_sys_ioctl+0x1d3/0x230
[  243.131920][ T8523]  do_syscall_32_irqs_on+0x3f/0x60
[  243.131920][ T8523]  do_fast_syscall_32+0x7f/0x120
[  243.131920][ T8523]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  243.131920][ T8523] RIP: 0023:0xf7fa3569
[  243.131920][ T8523] Code: Bad RIP value.
[  243.131920][ T8523] RSP: 002b:00000000f5d9e0bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  243.131920][ T8523] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000004601
[  243.131920][ T8523] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  243.131920][ T8523] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  243.131920][ T8523] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  243.131920][ T8523] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  243.131920][ T8523] 
[  243.131920][ T8523] 
[  243.131920][ T8523] Memory state around the buggy address:
[  243.131920][ T8523]  ffffc90009460f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  243.131920][ T8523]  ffffc90009460f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  243.131920][ T8523] >ffffc90009461000: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
[  243.131920][ T8523]                    ^
[  243.131920][ T8523]  ffffc90009461080: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
[  243.131920][ T8523]  ffffc90009461100: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
[  243.131920][ T8523] ==================================================================
[  243.131920][ T8523] Disabling lock debugging due to kernel taint
[  243.224612][ T8523] Kernel panic - not syncing: panic_on_warn set ...
[  243.224818][ T8523] CPU: 1 PID: 8523 Comm: syz-executor.1 Tainted: G    B             5.8.0-rc6-syzkaller #0
[  243.224823][ T8523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014
[  243.224938][ T8523] Call Trace:
[  243.225448][ T8523]  dump_stack+0x18f/0x20d
[  243.225460][ T8523]  ? bitfill_aligned+0x2e0/0x400
[  243.225889][ T8523]  panic+0x2e3/0x75c
[  243.225899][ T8523]  ? __warn_printk+0xf3/0xf3
[  243.225993][ T8523]  ? preempt_schedule_common+0x59/0xc0
[  243.226001][ T8523]  ? bitfill_aligned+0x34a/0x400
[  243.226012][ T8523]  ? preempt_schedule_thunk+0x16/0x18
[  243.226020][ T8523]  ? trace_hardirqs_on+0x55/0x220
[  243.226030][ T8523]  ? bitfill_aligned+0x34a/0x400
[  243.226039][ T8523]  ? bitfill_aligned+0x34a/0x400
[  243.226052][ T8523]  end_report+0x4d/0x53
[  243.226062][ T8523]  kasan_report.cold+0xd/0x37
[  243.226075][ T8523]  ? bitfill_aligned+0xe1/0x400
[  243.226083][ T8523]  ? bitfill_aligned+0x34a/0x400
[  243.226092][ T8523]  bitfill_aligned+0x34a/0x400
[  243.226102][ T8523]  sys_fillrect+0x408/0x7a0
[  243.226112][ T8523]  ? sys_fillrect+0x7a0/0x7a0
[  243.226125][ T8523]  drm_fb_helper_sys_fillrect+0x1e/0x190
[  243.226134][ T8523]  bit_clear_margins+0x3f6/0x4a0
[  243.226142][ T8523]  ? bit_bmove+0x210/0x210
[  243.226152][ T8523]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[  243.226161][ T8523]  ? fb_get_color_depth+0x11a/0x240
[  243.226170][ T8523]  fbcon_clear_margins+0x1d5/0x230
[  243.226178][ T8523]  fbcon_switch+0xb6e/0x16c0
[  243.226188][ T8523]  ? fbcon_scroll+0x3600/0x3600
[  243.226199][ T8523]  ? fbcon_cursor+0x52b/0x650
[  243.226207][ T8523]  ? kmalloc_array.constprop.0+0x20/0x20
[  243.226216][ T8523]  ? is_console_locked+0x5/0x10
[  243.226227][ T8523]  ? fbcon_set_origin+0x26/0x50
[  243.226241][ T8523]  redraw_screen+0x2ae/0x770
[  243.226251][ T8523]  ? vc_init+0x440/0x440
[  243.226259][ T8523]  ? fb_get_color_depth+0x11a/0x240
[  243.226267][ T8523]  ? fbcon_set_palette+0x3a8/0x490
[  243.226275][ T8523]  fbcon_modechanged+0x575/0x710
[  243.226284][ T8523]  fbcon_update_vcs+0x3a/0x50
[  243.226293][ T8523]  fb_set_var+0xae8/0xd60
[  243.226302][ T8523]  ? fb_blank+0x190/0x190
[  243.226310][ T8523]  ? lock_release+0x8d0/0x8d0
[  243.226319][ T8523]  ? lock_is_held_type+0xb0/0xe0
[  243.226326][ T8523]  ? lock_release+0x8d0/0x8d0
[  243.226337][ T8523]  ? do_fb_ioctl+0x2f2/0x6c0
[  243.226348][ T8523]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[  243.226357][ T8523]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[  243.226364][ T8523]  ? trace_hardirqs_on+0x5f/0x220
[  243.226373][ T8523]  do_fb_ioctl+0x33f/0x6c0
[  243.226382][ T8523]  ? fb_set_suspend+0x1a0/0x1a0
[  243.226390][ T8523]  ? lock_downgrade+0x820/0x820
[  243.226399][ T8523]  ? trace_hardirqs_on+0x5f/0x220
[  243.226419][ T8523]  ? lockdep_hardirqs_on+0x6a/0xe0
[  243.226431][ T8523]  ? tomoyo_path_number_perm+0x244/0x4d0
[  243.226441][ T8523]  ? tomoyo_execute_permission+0x470/0x470
[  243.226450][ T8523]  ? __might_fault+0xef/0x1d0
[  243.226465][ T8523]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  243.226545][ T8523]  ? do_vfs_ioctl+0x27d/0x1090
[  243.226553][ T8523]  ? generic_block_fiemap+0x60/0x60
[  243.226562][ T8523]  fb_compat_ioctl+0x175/0xc10
[  243.226571][ T8523]  ? fb_open+0x430/0x430
[  243.226581][ T8523]  ? __fget_files+0x294/0x400
[  243.226591][ T8523]  ? fb_open+0x430/0x430
[  243.226599][ T8523]  __do_compat_sys_ioctl+0x1d3/0x230
[  243.226610][ T8523]  do_syscall_32_irqs_on+0x3f/0x60
[  243.226622][ T8523]  do_fast_syscall_32+0x7f/0x120
[  243.226636][ T8523]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  243.226710][ T8523] RIP: 0023:0xf7fa3569
[  243.226821][ T8523] Code: Bad RIP value.
[  243.226826][ T8523] RSP: 002b:00000000f5d9e0bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  243.226834][ T8523] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000004601
[  243.226839][ T8523] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  243.226843][ T8523] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  243.226848][ T8523] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  243.226852][ T8523] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  243.231711][ T8523] Kernel Offset: disabled
[  243.231711][ T8523] Rebooting in 86400 seconds..