[[0;32m  OK  [0m] Found device /dev/ttyS0.
[[0;32m  OK  [0m] Started Getty on tty2.
[[0;32m  OK  [0m] Started Serial Getty on ttyS0.
[[0;32m  OK  [0m] Started Getty on tty1.
[[0;32m  OK  [0m] Started System Logging Service.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.10.44' (ECDSA) to the list of known hosts.
2020/08/07 20:13:39 fuzzer started
2020/08/07 20:13:40 dialing manager at 10.128.0.26:45451
2020/08/07 20:13:40 syscalls: 3255
2020/08/07 20:13:40 code coverage: enabled
2020/08/07 20:13:40 comparison tracing: enabled
2020/08/07 20:13:40 extra coverage: enabled
2020/08/07 20:13:40 setuid sandbox: enabled
2020/08/07 20:13:40 namespace sandbox: enabled
2020/08/07 20:13:40 Android sandbox: enabled
2020/08/07 20:13:40 fault injection: enabled
2020/08/07 20:13:40 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2020/08/07 20:13:40 net packet injection: enabled
2020/08/07 20:13:40 net device setup: enabled
2020/08/07 20:13:40 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2020/08/07 20:13:40 devlink PCI setup: PCI device 0000:00:10.0 is not available
2020/08/07 20:13:40 USB emulation: enabled
2020/08/07 20:13:40 hci packet injection: enabled
20:15:47 executing program 0:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000040)=[{r0}], 0x1, 0x0)

syzkaller login: [  285.493138][   T28] audit: type=1400 audit(1596831347.466:8): avc:  denied  { execmem } for  pid=8492 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[  285.841484][ T8493] IPVS: ftp: loaded support on port[0] = 21
[  286.134477][ T8493] chnl_net:caif_netlink_parms(): no params data found
[  286.280475][ T8493] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.287881][ T8493] bridge0: port 1(bridge_slave_0) entered disabled state
[  286.297416][ T8493] device bridge_slave_0 entered promiscuous mode
[  286.316857][ T8493] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.324145][ T8493] bridge0: port 2(bridge_slave_1) entered disabled state
[  286.334167][ T8493] device bridge_slave_1 entered promiscuous mode
[  286.387549][ T8493] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  286.404216][ T8493] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  286.454504][ T8493] team0: Port device team_slave_0 added
[  286.468124][ T8493] team0: Port device team_slave_1 added
[  286.516138][ T8493] batman_adv: batadv0: Adding interface: batadv_slave_0
[  286.523283][ T8493] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  286.549530][ T8493] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  286.630333][ T8493] batman_adv: batadv0: Adding interface: batadv_slave_1
[  286.637551][ T8493] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  286.663812][ T8493] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  286.725323][ T8493] device hsr_slave_0 entered promiscuous mode
[  286.737767][ T8493] device hsr_slave_1 entered promiscuous mode
[  287.003694][ T8493] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  287.023060][ T8493] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  287.041708][ T8493] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  287.062133][ T8493] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  287.359672][ T8493] 8021q: adding VLAN 0 to HW filter on device bond0
[  287.395906][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  287.404729][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  287.431182][ T8493] 8021q: adding VLAN 0 to HW filter on device team0
[  287.453563][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  287.463443][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  287.473757][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[  287.481131][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[  287.528021][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  287.537910][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  287.547516][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  287.556910][   T26] bridge0: port 2(bridge_slave_1) entered blocking state
[  287.564104][   T26] bridge0: port 2(bridge_slave_1) entered forwarding state
[  287.573250][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  287.584188][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  287.621225][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  287.633807][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  287.676804][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  287.686737][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  287.697221][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  287.707534][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  287.716984][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  287.737975][ T8493] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  287.750844][ T8493] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  287.779004][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  287.788645][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  287.827797][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  287.837851][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  287.867686][ T8493] 8021q: adding VLAN 0 to HW filter on device batadv0
[  287.931321][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  287.941217][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  287.996869][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  288.006443][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  288.028773][ T8493] device veth0_vlan entered promiscuous mode
[  288.039023][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  288.040262][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  288.086554][ T8493] device veth1_vlan entered promiscuous mode
[  288.146226][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  288.155986][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  288.189058][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  288.199502][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  288.211923][ T8493] device veth0_macvtap entered promiscuous mode
[  288.233602][ T8493] device veth1_macvtap entered promiscuous mode
[  288.294394][ T8493] batman_adv: batadv0: Interface activated: batadv_slave_0
[  288.302289][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  288.311496][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  288.320643][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  288.330173][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  288.361435][ T8493] batman_adv: batadv0: Interface activated: batadv_slave_1
[  288.369904][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  288.379530][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
20:15:51 executing program 0:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000040)=[{r0}], 0x1, 0x0)

20:15:52 executing program 0:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000040)=[{r0}], 0x1, 0x0)

20:15:52 executing program 0:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000040)=[{r0}], 0x1, 0x0)

20:15:52 executing program 0:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
poll(&(0x7f0000000040)=[{r0}], 0x1, 0x0)

20:15:52 executing program 0:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
poll(&(0x7f0000000040)=[{r0}], 0x1, 0x0)

20:15:53 executing program 0:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
poll(&(0x7f0000000040)=[{r0}], 0x1, 0x0)

20:15:53 executing program 0:
unshare(0x400)
poll(&(0x7f0000000040)=[{}], 0x1, 0x0)

20:15:53 executing program 0:
unshare(0x400)
poll(&(0x7f0000000040)=[{}], 0x1, 0x0)

[  291.647405][   T26] Bluetooth: hci0: command 0x0409 tx timeout
20:15:53 executing program 0:
unshare(0x400)
poll(&(0x7f0000000040)=[{}], 0x1, 0x0)

20:15:53 executing program 0:
r0 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000040)=[{r0}], 0x1, 0x0)

20:15:54 executing program 0:
r0 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000040)=[{r0}], 0x1, 0x0)

20:15:54 executing program 0:
r0 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000040)=[{r0}], 0x1, 0x0)

20:15:54 executing program 0:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x0)
poll(&(0x7f0000000040)=[{r0}], 0x1, 0x0)

20:15:54 executing program 0:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x0)
poll(&(0x7f0000000040)=[{r0}], 0x1, 0x0)

20:15:54 executing program 0:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x0)
poll(&(0x7f0000000040)=[{r0}], 0x1, 0x0)

20:15:55 executing program 0:
openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(0x0, 0x0, 0x0)

20:15:55 executing program 0:
openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(0x0, 0x0, 0x0)

20:15:55 executing program 0:
openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(0x0, 0x0, 0x0)

20:15:55 executing program 0:
openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000040), 0x0, 0x0)

[  293.724732][ T8701] Bluetooth: hci0: command 0x041b tx timeout
20:15:55 executing program 0:
openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000040), 0x0, 0x0)

20:15:56 executing program 0:
openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000040), 0x0, 0x0)

20:15:56 executing program 0:
openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000040)=[{}], 0x1, 0x0)

20:15:56 executing program 0:
openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000040)=[{}], 0x1, 0x0)

20:15:56 executing program 0:
openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000040)=[{}], 0x1, 0x0)

20:15:56 executing program 0:
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS3\x00', 0x103140, 0x0)

20:15:56 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000006000000bfa300000000000007030000007effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca711fcd0cdfa146ed3d09a5f75037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc3d5d78c07f34e4d5b3185b310efd4989147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760d0a5f032341a2d7cbdb9cd38bdb2ca8e050000003a41a475d11c49487af0a8678bc725a1e114817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c21476619f28d9961b626c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e6ea09c346dfebd31a08060000000200000000000000334d832302000000000000000e10d858e8327ef01fb6c86adac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd3964663e88535c133f0130856f756436303767d2e24f29e5dad9796edb697a6ea0182babc18cae2ed4b4390af9a9ceefd07e002cab5ebf8aad34732181feb215139f00007e8cb0c7cbe31fbae7c34d5ac5e7e64c21add9191eadd6e1795ad6a0f7f8cd3fcc3d148f77eda3cac94c8fd033c3dec04b25dfc17975238345d4f71af35910b158c36657b7218baaa7cbf781c0a99bd50499ccc421ace5e85efb5b9964e4beba3da8223fe5308e4e65ee93e1d92b9f99f8ddebf70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086e97bcc5ca0e221a0e34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb00159830d7617001154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf754a56e4b2d0f22d428bd705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0600885f1ea8f2371b1f243e99fe33c3cdafda323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab9261503def3639ea69f5e4be1b8e0d6697e97186fc51439d670dba66e3279f73db9dec75070cd9ab0fd96b069ef6d2857b6bf955012cf7fe50d133d541da86e0477e4a6cc999dc21c3ef408e633dfa35f14d6e734837d365e63845f3c1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cad4ead134847425a6da2c8067ab743c1d82a5687f2ed6900000000000000000000000000000000000000000000996e291aa1503a601b3f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee4ccd8aeeda2919a4bff2ed893f20a6aba26cce2d4eedf356701c56051a9f748e5aaf10a10bd8c40889967a39d57e6565264e3d3f8e0048e55ae289ce2ad77c43c549737d6d79ce71d4dca0c"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r0, 0x18000000000002a0, 0x43, 0x0, &(0x7f0000000280)="b9ff0300600d698c389e14f008001fffffff00004000633300ffe0000000e0e000000062050000002fbd53039e6aab84181aa500"/67, 0x0, 0xfc, 0x60000000, 0x0, 0x0, &(0x7f0000000140)="486e90decd837f7e62c4f903a15a12d35c31c761c1da726b54ccd47736cdde536c0b3e75ef5c913757491df3e38f5cc44e6847bdc594358967964f76aa9f31a6", &(0x7f0000000e00)="e2cf5bb7e5746a6740aebad755a0c2f42d131e1493afc9154aeae4ff8916e84fae2dbac6ba23acee58596467b1d68d886cf44ae164800edec75a809bcc514384c499930e5c18337dcbedb8e326b8b42e4ba1acb01b73cdcef9b719fb5ce7b547f9324fbebb24d0fd464fa10fd1fccf19f0f42441b5b27a5c93b29874c85ae55fd3cce1e8b903601c"}, 0x29)

20:15:57 executing program 0:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x1e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040)='devlink\x00')
sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)={0x3c, r1, 0x3e6d, 0x0, 0x0, {}, [{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0x18, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8}}]}, 0x3c}}, 0x0)

[  295.805162][ T3217] Bluetooth: hci0: command 0x040f tx timeout
20:15:58 executing program 1:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
unshare(0x400)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x10, &(0x7f0000000000))

20:15:58 executing program 0:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x1e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040)='devlink\x00')
sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)={0x3c, r1, 0x3e6d, 0x0, 0x0, {}, [{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0x18, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8}}]}, 0x3c}}, 0x0)

[  297.147328][ T8837] IPVS: ftp: loaded support on port[0] = 21
20:15:59 executing program 0:
r0 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0xffffffffffffffff, 0x2)
pwrite64(r0, 0x0, 0x0, 0x0)

[  297.627986][ T8837] chnl_net:caif_netlink_parms(): no params data found
[  297.871098][ T8837] bridge0: port 1(bridge_slave_0) entered blocking state
[  297.878733][ T8837] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.888047][ T8837] device bridge_slave_0 entered promiscuous mode
[  297.897714][ T8701] Bluetooth: hci0: command 0x0419 tx timeout
20:16:00 executing program 0 (fault-call:2 fault-nth:0):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000040)=[{r0}], 0x1, 0x0)

[  297.992354][ T8837] bridge0: port 2(bridge_slave_1) entered blocking state
[  297.999769][ T8837] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.009681][ T8837] device bridge_slave_1 entered promiscuous mode
[  298.101875][ T8837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  298.141094][ T8837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  298.246194][ T8837] team0: Port device team_slave_0 added
[  298.269125][ T8837] team0: Port device team_slave_1 added
20:16:00 executing program 0:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000040)=[{r0}], 0x1, 0x0)

[  298.347191][ T8837] batman_adv: batadv0: Adding interface: batadv_slave_0
[  298.354806][ T8837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  298.380924][ T8837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  298.455975][ T8837] batman_adv: batadv0: Adding interface: batadv_slave_1
[  298.463039][ T8837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  298.489232][ T8837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
20:16:00 executing program 0:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000040)=[{r0}], 0x1e, 0x0)

[  298.608257][ T8837] device hsr_slave_0 entered promiscuous mode
[  298.619831][ T8837] device hsr_slave_1 entered promiscuous mode
[  298.628932][ T8837] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  298.637613][ T8837] Cannot create hsr debugfs directory
20:16:00 executing program 0:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000040)=[{r0}], 0x300, 0x0)

20:16:01 executing program 0:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000040)=[{r0}], 0x1, 0x0)

[  299.157642][ T8837] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  299.217375][ T8837] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  299.275616][ T8837] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  299.315676][ T8837] netdevsim netdevsim1 netdevsim3: renamed from eth3
20:16:01 executing program 0:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000040)=[{r0}], 0x1, 0xca9a3b)

[  299.710512][ T8837] 8021q: adding VLAN 0 to HW filter on device bond0
[  299.794750][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  299.803497][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  299.827675][ T8837] 8021q: adding VLAN 0 to HW filter on device team0
[  299.874913][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  299.885993][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  299.895377][ T3217] bridge0: port 1(bridge_slave_0) entered blocking state
[  299.902610][ T3217] bridge0: port 1(bridge_slave_0) entered forwarding state
[  299.955177][ T8701] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  299.964595][ T8701] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  299.974274][ T8701] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  299.983454][ T8701] bridge0: port 2(bridge_slave_1) entered blocking state
[  299.990747][ T8701] bridge0: port 2(bridge_slave_1) entered forwarding state
[  299.999705][ T8701] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  300.010498][ T8701] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  300.046461][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  300.057041][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  300.075275][ T8701] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  300.085548][ T8701] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  300.095802][ T8701] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  300.114674][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  300.124541][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  300.148983][ T8797] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  300.158859][ T8797] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  300.181790][ T8837] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  300.246514][ T8797] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  300.254453][ T8797] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  300.292908][ T8837] 8021q: adding VLAN 0 to HW filter on device batadv0
[  300.368323][ T8797] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  300.378201][ T8797] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  300.440796][ T8797] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  300.450709][ T8797] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  300.465101][ T8797] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  300.474690][ T8797] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  300.498473][ T8837] device veth0_vlan entered promiscuous mode
20:16:02 executing program 0:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000040)=[{r0}], 0x1, 0x3b9aca00)

[  300.542861][ T8837] device veth1_vlan entered promiscuous mode
[  300.575422][ T8797] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  300.660805][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  300.670380][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  300.694839][ T8837] device veth0_macvtap entered promiscuous mode
[  300.717164][ T8837] device veth1_macvtap entered promiscuous mode
[  300.810188][ T8837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  300.820699][ T8837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  300.833841][ T8837] batman_adv: batadv0: Interface activated: batadv_slave_0
[  300.843817][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  300.852890][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  300.862161][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  300.871859][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  300.911862][ T8837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  300.922712][ T8837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  300.937025][ T8837] batman_adv: batadv0: Interface activated: batadv_slave_1
[  300.944947][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  300.954697][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
20:16:03 executing program 0:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000040)=[{r0}], 0x1, 0xfefdffff)

20:16:04 executing program 0:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000040)=[{r0}], 0x1, 0xfffffdfe)

20:16:04 executing program 1:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
unshare(0x400)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x10, &(0x7f0000000000))

20:16:05 executing program 1:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
unshare(0x400)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x10, &(0x7f0000000000))

20:16:05 executing program 1:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
unshare(0x400)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x10, &(0x7f0000000000))

20:16:05 executing program 1:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
unshare(0x400)

20:16:06 executing program 0:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000000)=[{r0, 0x2050}, {r0, 0x8100}], 0x2, 0x4000)
socket$nl_generic(0x10, 0x3, 0x10)

20:16:06 executing program 1:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)

20:16:06 executing program 1:
openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)

[  304.364280][   T26] Bluetooth: hci1: command 0x0409 tx timeout
20:16:06 executing program 1:
openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)

20:16:06 executing program 1:
openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)

20:16:07 executing program 1:
ioctl$int_in(0xffffffffffffffff, 0x40000000af01, 0x0)

20:16:07 executing program 0:
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x80008}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x3f)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r2, 0x111, 0x1, 0x6, 0x4)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r5, 0x0, 0x2a, &(0x7f00000001c0)={0x8, {{0x2, 0x0, @multicast1}}}, 0x88)
setsockopt$inet_MCAST_JOIN_GROUP(r5, 0x0, 0x2a, &(0x7f0000000000)={0x3, {{0x2, 0x0, @multicast2}}}, 0x88)
getsockopt$inet_buf(r5, 0x0, 0x30, &(0x7f0000008000)=""/144, &(0x7f0000012ffc)=0x90)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYRES16=r5, @ANYRES32=r3, @ANYBLOB="03000016010000001800120008100100736974000c00020008000300", @ANYRES32=r4], 0x38}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x3f)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3800000010000507000200"/20, @ANYRES32=r6, @ANYBLOB="03000016010000001800120008000100736974000c00020008000300", @ANYRES32=r7], 0x38}}, 0x0)
connect$can_bcm(0xffffffffffffffff, &(0x7f0000000280), 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'macvlan1\x00', r4})
r8 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
unshare(0x400)
poll(&(0x7f0000000040)=[{r8}], 0x1, 0x0)

[  305.384330][ T9157] =====================================================
[  305.391382][ T9157] BUG: KMSAN: kernel-infoleak in kmsan_copy_to_user+0x81/0x90
[  305.398841][ T9157] CPU: 1 PID: 9157 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0
[  305.407413][ T9157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  305.417564][ T9157] Call Trace:
[  305.420949][ T9157]  dump_stack+0x21c/0x280
[  305.425290][ T9157]  kmsan_report+0xf7/0x1e0
[  305.429712][ T9157]  kmsan_internal_check_memory+0x238/0x3d0
[  305.435532][ T9157]  ? kmsan_get_metadata+0x116/0x180
[  305.440725][ T9157]  ? kmsan_get_metadata+0x116/0x180
[  305.445929][ T9157]  kmsan_copy_to_user+0x81/0x90
[  305.450877][ T9157]  _copy_to_user+0x18e/0x260
[  305.455554][ T9157]  move_addr_to_user+0x3de/0x670
[  305.460504][ T9157]  __sys_getsockname+0x407/0x5e0
[  305.465504][ T9157]  ? put_old_timespec32+0x231/0x2d0
[  305.470706][ T9157]  ? kmsan_get_metadata+0x116/0x180
[  305.475906][ T9157]  ? kmsan_get_metadata+0x116/0x180
[  305.481107][ T9157]  ? kmsan_get_metadata+0x116/0x180
[  305.486305][ T9157]  __se_sys_getsockname+0x91/0xb0
[  305.491333][ T9157]  __ia32_sys_getsockname+0x4a/0x70
[  305.496557][ T9157]  __do_fast_syscall_32+0x2af/0x480
[  305.501812][ T9157]  do_fast_syscall_32+0x6b/0xd0
[  305.506668][ T9157]  do_SYSENTER_32+0x73/0x90
[  305.511198][ T9157]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  305.517515][ T9157] RIP: 0023:0xf7f23549
[  305.521565][ T9157] Code: Bad RIP value.
[  305.525617][ T9157] RSP: 002b:00000000f551d0cc EFLAGS: 00000296 ORIG_RAX: 000000000000016f
[  305.534051][ T9157] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000140
[  305.542012][ T9157] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000
[  305.549970][ T9157] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  305.557927][ T9157] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  305.565887][ T9157] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  305.573856][ T9157] 
[  305.576171][ T9157] Local variable ----address@__sys_getsockname created at:
[  305.583359][ T9157]  __sys_getsockname+0x91/0x5e0
[  305.588197][ T9157]  __sys_getsockname+0x91/0x5e0
[  305.593041][ T9157] 
[  305.595356][ T9157] Bytes 2-3 of 24 are uninitialized
[  305.600533][ T9157] Memory access of size 24 starts at ffff888054fa7d50
[  305.607270][ T9157] Data copied to user address 0000000020000140
[  305.613408][ T9157] =====================================================
[  305.620321][ T9157] Disabling lock debugging due to kernel taint
[  305.626447][ T9157] Kernel panic - not syncing: panic_on_warn set ...
[  305.633027][ T9157] CPU: 1 PID: 9157 Comm: syz-executor.0 Tainted: G    B             5.8.0-rc5-syzkaller #0
[  305.642982][ T9157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  305.653021][ T9157] Call Trace:
[  305.656319][ T9157]  dump_stack+0x21c/0x280
[  305.660707][ T9157]  panic+0x4d7/0xef7
[  305.664602][ T9157]  ? add_taint+0x17c/0x210
[  305.669017][ T9157]  kmsan_report+0x1df/0x1e0
[  305.673532][ T9157]  kmsan_internal_check_memory+0x238/0x3d0
[  305.679327][ T9157]  ? kmsan_get_metadata+0x116/0x180
[  305.684514][ T9157]  ? kmsan_get_metadata+0x116/0x180
[  305.689704][ T9157]  kmsan_copy_to_user+0x81/0x90
[  305.694543][ T9157]  _copy_to_user+0x18e/0x260
[  305.699130][ T9157]  move_addr_to_user+0x3de/0x670
[  305.704061][ T9157]  __sys_getsockname+0x407/0x5e0
[  305.708988][ T9157]  ? put_old_timespec32+0x231/0x2d0
[  305.714168][ T9157]  ? kmsan_get_metadata+0x116/0x180
[  305.719346][ T9157]  ? kmsan_get_metadata+0x116/0x180
[  305.724530][ T9157]  ? kmsan_get_metadata+0x116/0x180
[  305.729713][ T9157]  __se_sys_getsockname+0x91/0xb0
[  305.734732][ T9157]  __ia32_sys_getsockname+0x4a/0x70
[  305.739924][ T9157]  __do_fast_syscall_32+0x2af/0x480
[  305.745116][ T9157]  do_fast_syscall_32+0x6b/0xd0
[  305.749952][ T9157]  do_SYSENTER_32+0x73/0x90
[  305.754446][ T9157]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  305.760755][ T9157] RIP: 0023:0xf7f23549
[  305.764802][ T9157] Code: Bad RIP value.
[  305.768848][ T9157] RSP: 002b:00000000f551d0cc EFLAGS: 00000296 ORIG_RAX: 000000000000016f
[  305.777252][ T9157] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000140
[  305.785205][ T9157] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000
[  305.793158][ T9157] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  305.801112][ T9157] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  305.809063][ T9157] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  305.817587][ T9157] ------------[ cut here ]------------
[  305.823018][ T9157] kernel BUG at mm/kmsan/kmsan.h:87!
[  305.828332][ T9157] invalid opcode: 0000 [#1] SMP
[  305.833200][ T9157] CPU: 1 PID: 9157 Comm: syz-executor.0 Tainted: G    B             5.8.0-rc5-syzkaller #0
[  305.843232][ T9157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  305.853270][ T9157] RIP: 0010:kmsan_internal_check_memory+0x3c0/0x3d0
[  305.859829][ T9157] Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 0b 48 c7 c7 b0 63 e1 91 31 c0 e8 f8 02 30 ff 0f 0b 0f 0b 0f 0b 0f 0b e8 c2 13 b0 0e 0f 0b <0f> 0b 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 83 ff
[  305.879410][ T9157] RSP: 0018:ffff888054fa7778 EFLAGS: 00010046
[  305.885449][ T9157] RAX: 0000000000000002 RBX: 0000000004d600b5 RCX: 0000000004d600b5
[  305.893393][ T9157] RDX: 0000000000000000 RSI: 0000000000000140 RDI: ffff888054fa785c
[  305.901430][ T9157] RBP: ffff888054fa7820 R08: ffffea000000000f R09: ffff88812fffa000
[  305.909459][ T9157] R10: 0000000000000002 R11: ffff888064a8db80 R12: 0000000000000000
[  305.917402][ T9157] R13: 0000000000000001 R14: 0000000000000002 R15: 0000000000000001
[  305.925434][ T9157] FS:  0000000000000000(0000) GS:ffff88812fd00000(0063) knlGS:00000000f551db40
[  305.934358][ T9157] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  305.940915][ T9157] CR2: 000000000819b000 CR3: 0000000054d84000 CR4: 00000000001406e0
[  305.948860][ T9157] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  305.956805][ T9157] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  305.964749][ T9157] Call Trace:
[  305.968030][ T9157]  kmsan_check_memory+0xd/0x10
[  305.972767][ T9157]  iowrite8+0x99/0x300
[  305.976892][ T9157]  pvpanic_panic_notify+0xb7/0xe0
[  305.981892][ T9157]  ? pvpanic_mmio_remove+0x60/0x60
[  305.987006][ T9157]  atomic_notifier_call_chain+0x123/0x290
[  305.992700][ T9157]  panic+0x560/0xef7
[  305.996575][ T9157]  ? add_taint+0x17c/0x210
[  306.000962][ T9157]  kmsan_report+0x1df/0x1e0
[  306.005454][ T9157]  kmsan_internal_check_memory+0x238/0x3d0
[  306.011229][ T9157]  ? kmsan_get_metadata+0x116/0x180
[  306.016406][ T9157]  ? kmsan_get_metadata+0x116/0x180
[  306.021592][ T9157]  kmsan_copy_to_user+0x81/0x90
[  306.026415][ T9157]  _copy_to_user+0x18e/0x260
[  306.030981][ T9157]  move_addr_to_user+0x3de/0x670
[  306.035892][ T9157]  __sys_getsockname+0x407/0x5e0
[  306.040805][ T9157]  ? put_old_timespec32+0x231/0x2d0
[  306.045972][ T9157]  ? kmsan_get_metadata+0x116/0x180
[  306.051144][ T9157]  ? kmsan_get_metadata+0x116/0x180
[  306.056325][ T9157]  ? kmsan_get_metadata+0x116/0x180
[  306.061599][ T9157]  __se_sys_getsockname+0x91/0xb0
[  306.066599][ T9157]  __ia32_sys_getsockname+0x4a/0x70
[  306.071769][ T9157]  __do_fast_syscall_32+0x2af/0x480
[  306.076958][ T9157]  do_fast_syscall_32+0x6b/0xd0
[  306.081784][ T9157]  do_SYSENTER_32+0x73/0x90
[  306.086266][ T9157]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  306.092568][ T9157] RIP: 0023:0xf7f23549
[  306.096602][ T9157] Code: Bad RIP value.
[  306.100646][ T9157] RSP: 002b:00000000f551d0cc EFLAGS: 00000296 ORIG_RAX: 000000000000016f
[  306.109027][ T9157] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000140
[  306.116971][ T9157] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000
[  306.124912][ T9157] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  306.132857][ T9157] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  306.140804][ T9157] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  306.148783][ T9157] Modules linked in:
[  306.152653][ T9157] ---[ end trace 3795cea1ee4aa1af ]---
[  306.158084][ T9157] RIP: 0010:kmsan_internal_check_memory+0x3c0/0x3d0
[  306.164641][ T9157] Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 0b 48 c7 c7 b0 63 e1 91 31 c0 e8 f8 02 30 ff 0f 0b 0f 0b 0f 0b 0f 0b e8 c2 13 b0 0e 0f 0b <0f> 0b 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 83 ff
[  306.184303][ T9157] RSP: 0018:ffff888054fa7778 EFLAGS: 00010046
[  306.190343][ T9157] RAX: 0000000000000002 RBX: 0000000004d600b5 RCX: 0000000004d600b5
[  306.198285][ T9157] RDX: 0000000000000000 RSI: 0000000000000140 RDI: ffff888054fa785c
[  306.206229][ T9157] RBP: ffff888054fa7820 R08: ffffea000000000f R09: ffff88812fffa000
[  306.214173][ T9157] R10: 0000000000000002 R11: ffff888064a8db80 R12: 0000000000000000
[  306.222689][ T9157] R13: 0000000000000001 R14: 0000000000000002 R15: 0000000000000001
[  306.230639][ T9157] FS:  0000000000000000(0000) GS:ffff88812fd00000(0063) knlGS:00000000f551db40
[  306.239538][ T9157] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  306.246092][ T9157] CR2: 000000000819b000 CR3: 0000000054d84000 CR4: 00000000001406e0
[  306.254145][ T9157] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  306.262095][ T9157] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  306.270040][ T9157] Kernel panic - not syncing: Fatal exception
[  306.276840][ T9157] Kernel Offset: disabled
[  306.281147][ T9157] Rebooting in 86400 seconds..