Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '[localhost]:26414' (ECDSA) to the list of known hosts. 2020/07/13 18:11:07 fuzzer started 2020/07/13 18:11:08 dialing manager at 10.0.2.10:35947 2020/07/13 18:11:08 syscalls: 3144 2020/07/13 18:11:08 code coverage: enabled 2020/07/13 18:11:08 comparison tracing: enabled 2020/07/13 18:11:08 extra coverage: enabled 2020/07/13 18:11:08 setuid sandbox: enabled 2020/07/13 18:11:08 namespace sandbox: enabled 2020/07/13 18:11:08 Android sandbox: /sys/fs/selinux/policy does not exist 2020/07/13 18:11:08 fault injection: enabled 2020/07/13 18:11:08 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/07/13 18:11:08 net packet injection: enabled 2020/07/13 18:11:08 net device setup: enabled 2020/07/13 18:11:08 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/07/13 18:11:08 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/07/13 18:11:08 USB emulation: enabled 18:12:01 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) bind(0xffffffffffffffff, &(0x7f0000000080)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/12, 0xc}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x150, &(0x7f0000000300)="0100000087e7326bc88b9baf0500000032a5b60a00008024c30e478947d190ac004c45bec9c683f53b506b8c5893d35500c52c65ec345a8b75c1c317c3da822e15355c2ae26ba533fad72a1d53a9ff5b4ac51e08dcaeeb01eeb2dd9b56de54fcea571b152f7d37491e04451c47d280ce8f3e884f9fb89a03d904403938fa6bbf315b94e725cbeb577a6c389d700a86f72faf2d3e158243210c0f1683bef79bf691e77dcc77507a460cda091ab030cbd53f8ee4144a073ea31f57c642d29d3151acd69b7af3fbaa3e4f7266286aecf3575caec65c782a0e575223483cbc5dd73f8dd8b1855a78f3ab67ebf8db16b75c498d6e4c3591fc8357383f5f54b236cce2df01eb0d307b28997d589dd21680e31e3b0fe7342a467aa10afa4373f97e49b5fa9b85b71c2f03ad3112eade0882603f1419c6e0cc6aa3bb15ed7616eaa1c2e6777c0b76539d7b50254aabdd7a0ee33a"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 18:12:02 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) membarrier(0x2, 0x0) 18:12:02 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x5, 0x35}, [@call={0x85, 0x0, 0x0, 0x8}]}, &(0x7f0000000140)='GPL\x00', 0x0, 0xa0, &(0x7f0000000180)=""/153, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x15) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0x0, 0xe, 0x0, &(0x7f00000000c0)="61df712bc884fed5722780b6c2a7", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) syzkaller login: [ 195.012446][ T8949] IPVS: ftp: loaded support on port[0] = 21 [ 195.012591][ T8951] IPVS: ftp: loaded support on port[0] = 21 18:12:02 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="850000000800000035000000000000008500000008000000950000000000000053856ea60427fe50582144e4abf9800391c86c0b11b3adeb82d0155bbe2f8d99c00348601c7697a81a2ea9f155b5b6c5a5319a48057af4e4158c00e8890cb1bd2097bd831767e9a8a93aadfb06a55b44b82d319169b225664006bcc5e5c881280d7d9e5de77a49f82691547013055a582528f95ff8c46ae43ba4b37adf681b71087cd7a97a3d12956fbec019d312548d151a01349d04502d8353c44ac2d1ad73ebcc28a2e41a6a1a5aedc14dd9365296c60678a6f937c274637b3302bf5b0264288e36ded982dd25c3a960e31d3b12fdddee661322aada10c9c719f2b35ac19973ef03746f23136d5d58031823b0fa7a295604b5c73f31318e92ea4b42c314dfb917efc64375d959403d8e95bdcb951ed22fd0c1a0d805fa328b1d0834edbccb9ab4ca3b1b012426da0ba2568aed7aa160e09743f8bad1"], &(0x7f0000000140)='GPL\x00', 0x0, 0xa0, &(0x7f0000000180)=""/153, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x15) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0x0, 0xe, 0x0, &(0x7f00000000c0)="61df712bc884fed5722780b6c2a7", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 195.208524][ T8953] IPVS: ftp: loaded support on port[0] = 21 [ 195.448342][ T8951] chnl_net:caif_netlink_parms(): no params data found [ 195.467209][ T8949] chnl_net:caif_netlink_parms(): no params data found [ 195.475057][ T8955] IPVS: ftp: loaded support on port[0] = 21 [ 195.624430][ T8953] chnl_net:caif_netlink_parms(): no params data found [ 195.674210][ T8951] bridge0: port 1(bridge_slave_0) entered blocking state [ 195.686810][ T8951] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.702254][ T8951] device bridge_slave_0 entered promiscuous mode [ 195.740232][ T8951] bridge0: port 2(bridge_slave_1) entered blocking state [ 195.752074][ T8951] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.765018][ T8951] device bridge_slave_1 entered promiscuous mode [ 195.804837][ T8949] bridge0: port 1(bridge_slave_0) entered blocking state [ 195.816713][ T8949] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.829626][ T8949] device bridge_slave_0 entered promiscuous mode [ 195.855181][ T8949] bridge0: port 2(bridge_slave_1) entered blocking state [ 195.870367][ T8949] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.882790][ T8949] device bridge_slave_1 entered promiscuous mode [ 195.912626][ T8951] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 195.934099][ T8953] bridge0: port 1(bridge_slave_0) entered blocking state [ 195.946605][ T8953] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.960444][ T8953] device bridge_slave_0 entered promiscuous mode [ 195.992658][ T8951] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 196.012042][ T8953] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.023616][ T8953] bridge0: port 2(bridge_slave_1) entered disabled state [ 196.037201][ T8953] device bridge_slave_1 entered promiscuous mode [ 196.076575][ T8949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 196.096918][ T8951] team0: Port device team_slave_0 added [ 196.110987][ T8953] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 196.127371][ T8949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 196.143637][ T8951] team0: Port device team_slave_1 added [ 196.160905][ T8955] chnl_net:caif_netlink_parms(): no params data found [ 196.175826][ T8953] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 196.204088][ T8951] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 196.215291][ T8951] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 196.261504][ T8951] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 196.308354][ T8949] team0: Port device team_slave_0 added [ 196.319561][ T8951] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 196.333671][ T8951] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 196.397577][ T8951] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 196.435102][ T8953] team0: Port device team_slave_0 added [ 196.454534][ T8949] team0: Port device team_slave_1 added [ 196.488209][ T8953] team0: Port device team_slave_1 added [ 196.589352][ T8951] device hsr_slave_0 entered promiscuous mode [ 196.657392][ T8951] device hsr_slave_1 entered promiscuous mode [ 196.735709][ T8949] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 196.748069][ T8949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 196.790703][ T8949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 196.837086][ T8949] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 196.848390][ T8949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 196.892723][ T8949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 196.911980][ T8955] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.923268][ T8955] bridge0: port 1(bridge_slave_0) entered disabled state [ 196.935417][ T8955] device bridge_slave_0 entered promiscuous mode [ 196.950905][ T8953] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 196.962396][ T8953] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 197.003529][ T8953] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 197.037400][ T8955] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.049410][ T8955] bridge0: port 2(bridge_slave_1) entered disabled state [ 197.061767][ T8955] device bridge_slave_1 entered promiscuous mode [ 197.073878][ T8953] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 197.085456][ T8953] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 197.131677][ T8953] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 197.229887][ T8953] device hsr_slave_0 entered promiscuous mode [ 197.298462][ T8953] device hsr_slave_1 entered promiscuous mode [ 197.356992][ T8953] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 197.377070][ T8953] Cannot create hsr debugfs directory [ 197.405477][ T8955] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 197.458580][ T8949] device hsr_slave_0 entered promiscuous mode [ 197.516767][ T8949] device hsr_slave_1 entered promiscuous mode [ 197.586675][ T8949] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 197.605933][ T8949] Cannot create hsr debugfs directory [ 197.628262][ T8955] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 197.697361][ T8955] team0: Port device team_slave_0 added [ 197.715507][ T8955] team0: Port device team_slave_1 added [ 197.802470][ T8955] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 197.824374][ T8955] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 197.884159][ T8955] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 197.910184][ T8955] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 197.922777][ T8955] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 197.974219][ T8955] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 198.149167][ T8955] device hsr_slave_0 entered promiscuous mode [ 198.209356][ T8955] device hsr_slave_1 entered promiscuous mode [ 198.276740][ T8955] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 198.304521][ T8955] Cannot create hsr debugfs directory [ 198.343717][ T8951] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 198.444723][ T8951] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 198.546831][ T8951] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 198.631068][ T8951] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 198.701289][ T8953] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 198.785770][ T8953] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 198.868754][ T8953] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 198.954812][ T8953] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 199.061772][ T8949] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 199.150908][ T8949] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 199.210503][ T8949] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 199.328905][ T8949] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 199.431294][ T8955] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 199.488183][ T8955] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 199.601054][ T8955] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 199.698476][ T8955] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 199.873742][ T8951] 8021q: adding VLAN 0 to HW filter on device bond0 [ 199.913810][ T8949] 8021q: adding VLAN 0 to HW filter on device bond0 [ 199.935567][ T8953] 8021q: adding VLAN 0 to HW filter on device bond0 [ 199.948807][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 199.963205][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 199.988777][ T3065] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 200.002167][ T3065] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 200.020365][ T8951] 8021q: adding VLAN 0 to HW filter on device team0 [ 200.047246][ T8949] 8021q: adding VLAN 0 to HW filter on device team0 [ 200.059601][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 200.073062][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 200.085742][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 200.100559][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 200.114211][ T1215] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.125897][ T1215] bridge0: port 1(bridge_slave_0) entered forwarding state [ 200.153862][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 200.173152][ T8953] 8021q: adding VLAN 0 to HW filter on device team0 [ 200.189343][ T8955] 8021q: adding VLAN 0 to HW filter on device bond0 [ 200.204102][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 200.219064][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 200.232917][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.245049][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 200.259049][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 200.280982][ T8975] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 200.295983][ T8975] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 200.312538][ T8975] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.323952][ T8975] bridge0: port 2(bridge_slave_1) entered forwarding state [ 200.339675][ T8975] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 200.353720][ T8975] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 200.371466][ T8975] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.390456][ T8975] bridge0: port 1(bridge_slave_0) entered forwarding state [ 200.411547][ T8975] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 200.437726][ T8975] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 200.468087][ T8975] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.483535][ T8975] bridge0: port 2(bridge_slave_1) entered forwarding state [ 200.499613][ T8975] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 200.512710][ T8975] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 200.529201][ T8975] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.545029][ T8975] bridge0: port 2(bridge_slave_1) entered forwarding state [ 200.576904][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 200.595695][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 200.617763][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 200.631902][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 200.645840][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 200.666433][ T8955] 8021q: adding VLAN 0 to HW filter on device team0 [ 200.679857][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 200.694556][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 200.712756][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 200.733813][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 200.755129][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 200.773541][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 200.798749][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 200.814692][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 200.854541][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 200.869377][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 200.882905][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 200.902840][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 200.920221][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 200.940159][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 200.955051][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.971927][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 200.988836][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 201.012274][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 201.030997][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 201.047525][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 201.065425][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 201.078983][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 201.093194][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 201.112675][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 201.132968][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 201.149313][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 201.176513][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 201.210695][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 201.241234][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 201.268244][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 201.290381][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 201.308743][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 201.327889][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 201.346692][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 201.367281][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 201.384155][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 201.401282][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 201.415795][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 201.434129][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 201.454519][ T8949] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 201.477944][ T8953] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 201.500741][ T8951] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 201.522510][ T8951] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 201.540147][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 201.560419][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 201.581860][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 201.632145][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 201.648736][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 201.669138][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 201.692719][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 201.709184][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 201.729496][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 201.742856][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 201.767058][ T8953] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 201.790245][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 201.803694][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 201.816054][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 201.835033][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 201.853832][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 201.871782][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 201.884966][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 201.901350][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 201.929365][ T8949] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 201.971987][ T8951] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 201.996049][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 202.011386][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 202.032528][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 202.047317][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 202.088172][ T8955] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 202.118563][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 202.139271][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 202.155552][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 202.175015][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 202.194570][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 202.205458][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 202.226937][ T8953] device veth0_vlan entered promiscuous mode [ 202.245715][ T8953] device veth1_vlan entered promiscuous mode [ 202.275987][ T8649] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 202.293154][ T8649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 202.314040][ T8649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 202.337613][ T3065] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 202.350673][ T3065] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 202.364411][ T3065] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 202.388724][ T8951] device veth0_vlan entered promiscuous mode [ 202.406975][ T3065] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 202.423711][ T3065] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 202.449219][ T3065] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 202.471699][ T3065] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 202.489416][ T3065] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 202.509597][ T3065] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 202.526845][ T3065] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 202.544281][ T3065] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 202.570952][ T8949] device veth0_vlan entered promiscuous mode [ 202.607084][ T8949] device veth1_vlan entered promiscuous mode [ 202.626623][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 202.638838][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 202.650890][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 202.670053][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 202.688318][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 202.717940][ T8951] device veth1_vlan entered promiscuous mode [ 202.742914][ T8955] device veth0_vlan entered promiscuous mode [ 202.759861][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 202.775294][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 202.791919][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 202.806134][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 202.823824][ T8953] device veth0_macvtap entered promiscuous mode [ 202.849702][ T8953] device veth1_macvtap entered promiscuous mode [ 202.872453][ T8955] device veth1_vlan entered promiscuous mode [ 202.909576][ T8649] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 202.922150][ T8649] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 202.933649][ T8649] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 202.944836][ T8649] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 202.955960][ T8649] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 202.967588][ T8649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 202.980557][ T8649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 202.994543][ T8949] device veth0_macvtap entered promiscuous mode [ 203.007927][ T8953] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 203.019804][ T8649] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 203.035144][ T8649] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 203.047956][ T8649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 203.064933][ T8949] device veth1_macvtap entered promiscuous mode [ 203.088472][ T8951] device veth0_macvtap entered promiscuous mode [ 203.101129][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 203.117139][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 203.130635][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 203.145364][ T8953] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 203.162704][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 203.176952][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 203.196944][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 203.209818][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 203.231381][ T8951] device veth1_macvtap entered promiscuous mode [ 203.253112][ T8955] device veth0_macvtap entered promiscuous mode [ 203.273222][ T8949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 203.293089][ T8949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.330860][ T8949] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 203.445783][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 203.459547][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 203.472784][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 203.486026][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 203.502074][ T8955] device veth1_macvtap entered promiscuous mode [ 203.520019][ T8951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 203.539454][ T8951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.560517][ T8951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 203.595005][ T8951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.631458][ T8951] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 203.757352][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 203.779521][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 203.800194][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 203.821998][ T8951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 203.844718][ T8951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.864425][ T8951] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 203.878177][ T8949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 203.895295][ T8949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.911474][ T8949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 203.929443][ T8949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.953348][ T8949] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 203.977575][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 203.993082][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 204.009584][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 204.025629][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 204.098071][ T8955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 204.114604][ T8955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.133455][ T8955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 204.157979][ T8955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.181358][ T8955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 204.199775][ T8955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.220350][ T8955] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 204.379039][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 204.392149][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 204.479450][ T8955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 204.494716][ T8955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.510107][ T8955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 204.525878][ T8955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.542647][ T8955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 204.559221][ T8955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.576792][ T8955] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 204.590509][ T8953] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 204.649260][ T8976] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 204.674732][ T8976] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 18:12:12 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x5, 0x35}, [@call={0x85, 0x0, 0x0, 0x8}]}, &(0x7f0000000140)='GPL\x00', 0x0, 0xa0, &(0x7f0000000180)=""/153, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x15) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0x0, 0xe, 0x0, &(0x7f00000000c0)="61df712bc884fed5722780b6c2a7", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 18:12:12 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x5, 0x35}, [@call={0x85, 0x0, 0x0, 0x8}]}, &(0x7f0000000140)='GPL\x00', 0x0, 0xa0, &(0x7f0000000180)=""/153, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x15) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0x0, 0xe, 0x0, &(0x7f00000000c0)="61df712bc884fed5722780b6c2a7", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 18:12:12 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x5, 0x35}, [@call={0x85, 0x0, 0x0, 0x8}]}, &(0x7f0000000140)='GPL\x00', 0x0, 0xa0, &(0x7f0000000180)=""/153, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x15) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0x0, 0xe, 0x0, &(0x7f00000000c0)="61df712bc884fed5722780b6c2a7", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 18:12:12 executing program 0: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fb0\x00', 0x0, 0x0) setsockopt$PNPIPE_INITSTATE(0xffffffffffffffff, 0x113, 0x4, 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x40}) shmctl$IPC_RMID(0x0, 0x0) 18:12:12 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x5, 0x35}, [@call={0x85, 0x0, 0x0, 0x8}]}, &(0x7f0000000140)='GPL\x00', 0x0, 0xa0, &(0x7f0000000180)=""/153, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x15) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0x0, 0xe, 0x0, &(0x7f00000000c0)="61df712bc884fed5722780b6c2a7", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 205.136344][ T9004] ================================================================== [ 205.136344][ T9004] BUG: KASAN: vmalloc-out-of-bounds in bitfill_aligned+0x34a/0x400 [ 205.136344][ T9004] Write of size 8 at addr ffffc90009c41000 by task syz-executor.0/9004 [ 205.136344][ T9004] [ 205.136344][ T9004] CPU: 3 PID: 9004 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 205.136344][ T9004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 205.136344][ T9004] Call Trace: [ 205.136344][ T9004] dump_stack+0x18f/0x20d [ 205.136344][ T9004] ? bitfill_aligned+0x34a/0x400 [ 205.136344][ T9004] ? bitfill_aligned+0x34a/0x400 [ 205.136344][ T9004] print_address_description.constprop.0.cold+0x5/0x436 [ 205.136344][ T9004] ? lockdep_hardirqs_off+0x66/0xa0 [ 205.136344][ T9004] ? vprintk_func+0x97/0x1a6 [ 205.136344][ T9004] ? bitfill_aligned+0x34a/0x400 [ 205.136344][ T9004] kasan_report.cold+0x1f/0x37 [ 205.136344][ T9004] ? bitfill_aligned+0x34a/0x400 [ 205.136344][ T9004] bitfill_aligned+0x34a/0x400 [ 205.136344][ T9004] sys_fillrect+0x408/0x7a0 [ 205.136344][ T9004] ? sys_fillrect+0x7a0/0x7a0 [ 205.136344][ T9004] drm_fb_helper_sys_fillrect+0x1e/0x190 [ 205.136344][ T9004] bit_clear_margins+0x2d5/0x4a0 [ 205.136344][ T9004] ? bit_bmove+0x210/0x210 [ 205.136344][ T9004] ? fb_get_color_depth+0x11a/0x240 [ 205.136344][ T9004] fbcon_clear_margins+0x1d5/0x230 [ 205.136344][ T9004] fbcon_switch+0xb6e/0x16c0 [ 205.136344][ T9004] ? fbcon_scroll+0x3600/0x3600 [ 205.136344][ T9004] ? fbcon_cursor+0x52b/0x650 [ 205.136344][ T9004] ? kmalloc_array.constprop.0+0x20/0x20 [ 205.136344][ T9004] ? is_console_locked+0x5/0x10 [ 205.136344][ T9004] ? fbcon_set_origin+0x26/0x50 [ 205.136344][ T9004] redraw_screen+0x2ae/0x770 [ 205.136344][ T9004] ? vc_init+0x440/0x440 [ 205.136344][ T9004] ? fb_get_color_depth+0x11a/0x240 [ 205.136344][ T9004] ? fbcon_set_palette+0x3a8/0x490 [ 205.136344][ T9004] fbcon_modechanged+0x575/0x710 [ 205.136344][ T9004] fbcon_set_all_vcs+0x3b6/0x470 [ 205.136344][ T9004] fbcon_update_vcs+0x26/0x50 [ 205.136344][ T9004] fb_set_var+0xae8/0xd60 [ 205.136344][ T9004] ? fb_blank+0x190/0x190 [ 205.136344][ T9004] ? lock_release+0x8d0/0x8d0 [ 205.136344][ T9004] ? lock_is_held_type+0xb0/0xe0 [ 205.136344][ T9004] ? do_fb_ioctl+0x2f2/0x6c0 [ 205.136344][ T9004] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 205.136344][ T9004] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 205.136344][ T9004] ? trace_hardirqs_on+0x5f/0x220 [ 205.136344][ T9004] do_fb_ioctl+0x33f/0x6c0 [ 205.136344][ T9004] ? fb_set_suspend+0x1a0/0x1a0 [ 205.136344][ T9004] ? lockdep_hardirqs_on+0x6a/0xe0 [ 205.136344][ T9004] ? _raw_spin_unlock_irq+0x55/0x80 [ 205.136344][ T9004] ? finish_task_switch+0x147/0x750 [ 205.136344][ T9004] ? finish_task_switch+0x119/0x750 [ 205.136344][ T9004] ? __switch_to+0x4fb/0xe80 [ 205.136344][ T9004] ? __schedule+0x8e9/0x1eb0 [ 205.136344][ T9004] ? io_schedule_timeout+0x140/0x140 [ 205.136344][ T9004] ? preempt_schedule_irq+0x88/0x150 [ 205.136344][ T9004] ? lockdep_hardirqs_off+0x66/0xa0 [ 205.136344][ T9004] fb_compat_ioctl+0x175/0xc10 [ 205.136344][ T9004] ? fb_open+0x430/0x430 [ 205.136344][ T9004] ? __fget_files+0x294/0x400 [ 205.136344][ T9004] ? fb_open+0x430/0x430 [ 205.136344][ T9004] __do_compat_sys_ioctl+0x1d3/0x230 [ 205.136344][ T9004] do_syscall_32_irqs_on+0x3f/0x60 [ 205.136344][ T9004] do_fast_syscall_32+0x7f/0x120 [ 205.136344][ T9004] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 205.136344][ T9004] RIP: 0023:0xf7f39569 [ 205.136344][ T9004] Code: Bad RIP value. [ 205.136344][ T9004] RSP: 002b:00000000f5d340bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 205.136344][ T9004] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000004601 [ 205.136344][ T9004] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 205.136344][ T9004] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 205.136344][ T9004] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 205.136344][ T9004] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 205.136344][ T9004] [ 205.136344][ T9004] [ 205.136344][ T9004] Memory state around the buggy address: [ 205.136344][ T9004] ffffc90009c40f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 205.136344][ T9004] ffffc90009c40f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 205.136344][ T9004] >ffffc90009c41000: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 205.136344][ T9004] ^ [ 205.136344][ T9004] ffffc90009c41080: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 205.136344][ T9004] ffffc90009c41100: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 205.136344][ T9004] ================================================================== [ 205.136344][ T9004] Disabling lock debugging due to kernel taint [ 205.155146][ T9004] Kernel panic - not syncing: panic_on_warn set ... [ 205.155193][ T9004] CPU: 3 PID: 9004 Comm: syz-executor.0 Tainted: G B 5.8.0-rc5-syzkaller #0 [ 205.155198][ T9004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 205.155208][ T9004] Call Trace: [ 205.155295][ T9004] dump_stack+0x18f/0x20d [ 205.155307][ T9004] ? bitfill_aligned+0x300/0x400 [ 205.155318][ T9004] panic+0x2e3/0x75c [ 205.155326][ T9004] ? __warn_printk+0xf3/0xf3 [ 205.155337][ T9004] ? preempt_schedule_common+0x59/0xc0 [ 205.155356][ T9004] ? bitfill_aligned+0x34a/0x400 [ 205.155364][ T9004] ? preempt_schedule_thunk+0x16/0x18 [ 205.155377][ T9004] ? trace_hardirqs_on+0x55/0x220 [ 205.155388][ T9004] ? bitfill_aligned+0x34a/0x400 [ 205.155395][ T9004] ? bitfill_aligned+0x34a/0x400 [ 205.155401][ T9004] end_report+0x4d/0x53 [ 205.155407][ T9004] kasan_report.cold+0xd/0x37 [ 205.155415][ T9004] ? bitfill_aligned+0x34a/0x400 [ 205.155425][ T9004] bitfill_aligned+0x34a/0x400 [ 205.155434][ T9004] sys_fillrect+0x408/0x7a0 [ 205.155445][ T9004] ? sys_fillrect+0x7a0/0x7a0 [ 205.155456][ T9004] drm_fb_helper_sys_fillrect+0x1e/0x190 [ 205.155464][ T9004] bit_clear_margins+0x2d5/0x4a0 [ 205.155470][ T9004] ? bit_bmove+0x210/0x210 [ 205.155479][ T9004] ? fb_get_color_depth+0x11a/0x240 [ 205.155486][ T9004] fbcon_clear_margins+0x1d5/0x230 [ 205.155493][ T9004] fbcon_switch+0xb6e/0x16c0 [ 205.155501][ T9004] ? fbcon_scroll+0x3600/0x3600 [ 205.155510][ T9004] ? fbcon_cursor+0x52b/0x650 [ 205.155517][ T9004] ? kmalloc_array.constprop.0+0x20/0x20 [ 205.155544][ T9004] ? is_console_locked+0x5/0x10 [ 205.155551][ T9004] ? fbcon_set_origin+0x26/0x50 [ 205.155560][ T9004] redraw_screen+0x2ae/0x770 [ 205.155598][ T9004] ? vc_init+0x440/0x440 [ 205.155606][ T9004] ? fb_get_color_depth+0x11a/0x240 [ 205.155614][ T9004] ? fbcon_set_palette+0x3a8/0x490 [ 205.155622][ T9004] fbcon_modechanged+0x575/0x710 [ 205.155631][ T9004] fbcon_set_all_vcs+0x3b6/0x470 [ 205.155640][ T9004] fbcon_update_vcs+0x26/0x50 [ 205.155649][ T9004] fb_set_var+0xae8/0xd60 [ 205.155657][ T9004] ? fb_blank+0x190/0x190 [ 205.155665][ T9004] ? lock_release+0x8d0/0x8d0 [ 205.155674][ T9004] ? lock_is_held_type+0xb0/0xe0 [ 205.155684][ T9004] ? do_fb_ioctl+0x2f2/0x6c0 [ 205.155707][ T9004] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 205.155714][ T9004] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 205.155720][ T9004] ? trace_hardirqs_on+0x5f/0x220 [ 205.155727][ T9004] do_fb_ioctl+0x33f/0x6c0 [ 205.155734][ T9004] ? fb_set_suspend+0x1a0/0x1a0 [ 205.155740][ T9004] ? lockdep_hardirqs_on+0x6a/0xe0 [ 205.155746][ T9004] ? _raw_spin_unlock_irq+0x55/0x80 [ 205.155754][ T9004] ? finish_task_switch+0x147/0x750 [ 205.155760][ T9004] ? finish_task_switch+0x119/0x750 [ 205.155766][ T9004] ? __switch_to+0x4fb/0xe80 [ 205.155774][ T9004] ? __schedule+0x8e9/0x1eb0 [ 205.155782][ T9004] ? io_schedule_timeout+0x140/0x140 [ 205.155789][ T9004] ? preempt_schedule_irq+0x88/0x150 [ 205.155795][ T9004] ? lockdep_hardirqs_off+0x66/0xa0 [ 205.155807][ T9004] fb_compat_ioctl+0x175/0xc10 [ 205.155814][ T9004] ? fb_open+0x430/0x430 [ 205.155822][ T9004] ? __fget_files+0x294/0x400 [ 205.155829][ T9004] ? fb_open+0x430/0x430 [ 205.155837][ T9004] __do_compat_sys_ioctl+0x1d3/0x230 [ 205.155849][ T9004] do_syscall_32_irqs_on+0x3f/0x60 [ 205.155858][ T9004] do_fast_syscall_32+0x7f/0x120 [ 205.155870][ T9004] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 205.155876][ T9004] RIP: 0023:0xf7f39569 [ 205.155878][ T9004] Code: Bad RIP value. [ 205.155882][ T9004] RSP: 002b:00000000f5d340bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 205.155888][ T9004] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000004601 [ 205.155892][ T9004] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 205.155896][ T9004] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 205.155902][ T9004] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 205.155907][ T9004] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 205.156374][ T9004] Kernel Offset: disabled [ 205.156374][ T9004] Rebooting in 86400 seconds..