[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 26.989145] kauditd_printk_skb: 7 callbacks suppressed [ 26.989156] audit: type=1800 audit(1538594337.791:29): pid=5200 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 27.015661] audit: type=1800 audit(1538594337.801:30): pid=5200 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.58' (ECDSA) to the list of known hosts. 2018/10/03 19:19:08 fuzzer started 2018/10/03 19:19:10 dialing manager at 10.128.0.26:39575 2018/10/03 19:19:10 syscalls: 1 2018/10/03 19:19:10 code coverage: enabled 2018/10/03 19:19:10 comparison tracing: enabled 2018/10/03 19:19:10 setuid sandbox: enabled 2018/10/03 19:19:10 namespace sandbox: enabled 2018/10/03 19:19:10 Android sandbox: /sys/fs/selinux/policy does not exist 2018/10/03 19:19:10 fault injection: enabled 2018/10/03 19:19:10 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/10/03 19:19:10 net packed injection: enabled 2018/10/03 19:19:10 net device setup: enabled 19:21:06 executing program 0: r0 = syz_open_dev$sndtimer(&(0x7f0000000180)='/dev/snd/timer\x00', 0x0, 0x0) syz_open_dev$sndtimer(&(0x7f00000002c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000001c0)={{0x3}}) readv(r0, &(0x7f00000003c0)=[{&(0x7f0000000240)=""/5, 0x5}], 0x1) syzkaller login: [ 156.130254] IPVS: ftp: loaded support on port[0] = 21 19:21:07 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000000)=0x5dd7d56a, 0xfffffffffffffd3d) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10) [ 156.371008] IPVS: ftp: loaded support on port[0] = 21 19:21:07 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) socket$kcm(0x2, 0x3, 0x2) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8914, &(0x7f0000000380)="6e7230010060a19ef9d2c673d9a1571cb9e1369bcd61ef7e49793ae18712eceb1daa769497800b7fbbd35b170c10751d39aeb660d863e49b8c4f3b3cad48902b5b2d6cfd0abd372c63bcf5d70df3fd4d2e8d443c88c60fd7140fbc0e5637dd82fc3435bed4de5d693c9a781c863e05d8a6f8689a5be29216061f3ff53f8b6b396678e7ba155ef9152d7e43b1eccb2331eb8eb1ed5586dcf8b3b0b999361a44ff2c22c2abbef42dd24eabe6723346a6e46c0499a21442d8d00dcb57f013ff7595edd0ff076930de3675d34117a44eb0e4f832936da44e") r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x801, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6e72300100", 0x502}) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000001880)={0x0, 0x0, &(0x7f00000017c0), 0x0, &(0x7f0000001840)=""/33, 0x21}, 0x0) write$cgroup_int(r1, &(0x7f0000000000), 0xfdef) [ 156.626664] IPVS: ftp: loaded support on port[0] = 21 19:21:07 executing program 3: r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000000080)={&(0x7f0000000000)=@nl, 0x80, &(0x7f0000002000)=[{&(0x7f000000dfaa)="5500000018007f5300fe01b2a4a280930a06000000a8430891000000390008000a000c00060000001900a30704000000000000dc1338d54400009b84136ef75afb83de448daa7227c43ab8220000060cec4fab91d4", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 157.090405] IPVS: ftp: loaded support on port[0] = 21 19:21:08 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000014c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0xfffffffffffffffc, 0x4031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xc8) syz_open_procfs(0x0, &(0x7f0000000000)='numa_maps\x00') [ 157.764429] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.780015] bridge0: port 1(bridge_slave_0) entered disabled state [ 157.797387] device bridge_slave_0 entered promiscuous mode [ 157.835953] IPVS: ftp: loaded support on port[0] = 21 [ 157.914167] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.938059] bridge0: port 2(bridge_slave_1) entered disabled state [ 157.960883] device bridge_slave_1 entered promiscuous mode 19:21:08 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$FUSE_NOTIFY_POLL(r0, &(0x7f00000001c0)={0x18}, 0x18) [ 158.124452] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 158.233213] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 158.357214] IPVS: ftp: loaded support on port[0] = 21 [ 158.383999] bridge0: port 1(bridge_slave_0) entered blocking state [ 158.399964] bridge0: port 1(bridge_slave_0) entered disabled state [ 158.411250] device bridge_slave_0 entered promiscuous mode [ 158.527927] bridge0: port 2(bridge_slave_1) entered blocking state [ 158.536653] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.561254] device bridge_slave_1 entered promiscuous mode [ 158.699329] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 158.747910] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 158.843810] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 158.860035] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 158.985413] bridge0: port 1(bridge_slave_0) entered blocking state [ 158.999809] bridge0: port 1(bridge_slave_0) entered disabled state [ 159.007258] device bridge_slave_0 entered promiscuous mode [ 159.144577] bridge0: port 2(bridge_slave_1) entered blocking state [ 159.160124] bridge0: port 2(bridge_slave_1) entered disabled state [ 159.167557] device bridge_slave_1 entered promiscuous mode [ 159.244338] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 159.292955] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 159.362809] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 159.459210] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 159.492366] bridge0: port 1(bridge_slave_0) entered blocking state [ 159.498945] bridge0: port 1(bridge_slave_0) entered disabled state [ 159.510890] device bridge_slave_0 entered promiscuous mode [ 159.532646] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 159.560182] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 159.603812] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 159.646722] team0: Port device team_slave_0 added [ 159.655812] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 159.702951] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 159.728659] bridge0: port 2(bridge_slave_1) entered blocking state [ 159.744592] bridge0: port 2(bridge_slave_1) entered disabled state [ 159.752771] device bridge_slave_1 entered promiscuous mode [ 159.785925] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 159.810687] team0: Port device team_slave_1 added [ 159.896203] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 159.924029] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 159.942988] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 160.034270] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 160.058612] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 160.108247] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 160.125931] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 160.136203] team0: Port device team_slave_0 added [ 160.158538] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 160.210159] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 160.220953] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 160.285526] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 160.321387] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 160.328725] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 160.345484] team0: Port device team_slave_1 added [ 160.354417] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 160.380726] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 160.402151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 160.432550] bridge0: port 1(bridge_slave_0) entered blocking state [ 160.438988] bridge0: port 1(bridge_slave_0) entered disabled state [ 160.447702] device bridge_slave_0 entered promiscuous mode [ 160.488225] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 160.508979] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 160.537923] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 160.567650] bridge0: port 2(bridge_slave_1) entered blocking state [ 160.583583] bridge0: port 2(bridge_slave_1) entered disabled state [ 160.591924] device bridge_slave_1 entered promiscuous mode [ 160.612531] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 160.637331] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 160.676702] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 160.713366] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 160.736606] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 160.768233] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 160.798017] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 160.820277] team0: Port device team_slave_0 added [ 160.827686] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 160.843762] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 160.865378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 160.900987] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 160.943333] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 160.957467] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 160.976623] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 161.002796] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 161.020796] team0: Port device team_slave_1 added [ 161.073224] bridge0: port 1(bridge_slave_0) entered blocking state [ 161.106239] bridge0: port 1(bridge_slave_0) entered disabled state [ 161.123327] device bridge_slave_0 entered promiscuous mode [ 161.184521] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 161.237168] bridge0: port 2(bridge_slave_1) entered blocking state [ 161.263125] bridge0: port 2(bridge_slave_1) entered disabled state [ 161.280011] device bridge_slave_1 entered promiscuous mode [ 161.302301] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 161.319658] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 161.329023] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 161.352400] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 161.397738] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 161.435746] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 161.461216] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 161.472563] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 161.504170] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 161.517865] team0: Port device team_slave_0 added [ 161.527851] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 161.541069] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 161.580434] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 161.594323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 161.605914] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 161.670610] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 161.680654] team0: Port device team_slave_1 added [ 161.687793] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 161.707762] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 161.776203] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 161.794512] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 161.817161] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 161.853123] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 161.876161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 161.903031] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 161.974011] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 162.045323] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 162.060589] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 162.068586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 162.130077] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 162.166250] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 162.185258] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 162.195062] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 162.225255] bridge0: port 2(bridge_slave_1) entered blocking state [ 162.231792] bridge0: port 2(bridge_slave_1) entered forwarding state [ 162.238722] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.245148] bridge0: port 1(bridge_slave_0) entered forwarding state [ 162.257115] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 162.288557] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 162.363603] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 162.384778] team0: Port device team_slave_0 added [ 162.421420] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 162.450525] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 162.489299] bridge0: port 2(bridge_slave_1) entered blocking state [ 162.495825] bridge0: port 2(bridge_slave_1) entered forwarding state [ 162.502580] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.508963] bridge0: port 1(bridge_slave_0) entered forwarding state [ 162.539463] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 162.549387] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 162.556986] team0: Port device team_slave_1 added [ 162.722496] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 162.729832] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 162.752826] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 162.797353] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 162.822583] team0: Port device team_slave_0 added [ 162.841917] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 162.849587] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 162.873171] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 162.960800] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 162.990111] team0: Port device team_slave_1 added [ 163.009167] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 163.017998] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 163.027919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 163.137187] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 163.195754] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 163.221576] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 163.235814] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 163.284670] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 163.305049] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 163.392437] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 163.404039] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 163.420631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 163.453647] bridge0: port 2(bridge_slave_1) entered blocking state [ 163.460073] bridge0: port 2(bridge_slave_1) entered forwarding state [ 163.466759] bridge0: port 1(bridge_slave_0) entered blocking state [ 163.473194] bridge0: port 1(bridge_slave_0) entered forwarding state [ 163.498417] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 163.522693] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 163.541270] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 163.552452] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 163.689057] bridge0: port 2(bridge_slave_1) entered blocking state [ 163.695528] bridge0: port 2(bridge_slave_1) entered forwarding state [ 163.702266] bridge0: port 1(bridge_slave_0) entered blocking state [ 163.708643] bridge0: port 1(bridge_slave_0) entered forwarding state [ 163.722863] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 164.341516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 164.365639] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 164.617997] bridge0: port 2(bridge_slave_1) entered blocking state [ 164.624448] bridge0: port 2(bridge_slave_1) entered forwarding state [ 164.631181] bridge0: port 1(bridge_slave_0) entered blocking state [ 164.637550] bridge0: port 1(bridge_slave_0) entered forwarding state [ 164.662977] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 165.199207] bridge0: port 2(bridge_slave_1) entered blocking state [ 165.205682] bridge0: port 2(bridge_slave_1) entered forwarding state [ 165.212366] bridge0: port 1(bridge_slave_0) entered blocking state [ 165.218735] bridge0: port 1(bridge_slave_0) entered forwarding state [ 165.239096] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 165.360082] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 165.370669] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 167.624271] 8021q: adding VLAN 0 to HW filter on device bond0 [ 167.932723] 8021q: adding VLAN 0 to HW filter on device bond0 [ 168.163151] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 168.368580] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 168.563888] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 168.579874] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 168.591029] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 168.889855] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 168.897408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 168.909466] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 168.989375] 8021q: adding VLAN 0 to HW filter on device bond0 [ 169.056824] 8021q: adding VLAN 0 to HW filter on device bond0 [ 169.097780] 8021q: adding VLAN 0 to HW filter on device team0 [ 169.316942] 8021q: adding VLAN 0 to HW filter on device team0 [ 169.478367] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 169.529976] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 169.769016] 8021q: adding VLAN 0 to HW filter on device bond0 [ 169.960853] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 169.967053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 169.980413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 170.002935] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 170.021091] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 170.041255] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 170.230313] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 170.431055] 8021q: adding VLAN 0 to HW filter on device bond0 [ 170.450917] 8021q: adding VLAN 0 to HW filter on device team0 [ 170.521882] 8021q: adding VLAN 0 to HW filter on device team0 [ 170.743481] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 170.761960] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 170.770507] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 170.989470] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 171.280204] 8021q: adding VLAN 0 to HW filter on device team0 [ 171.575295] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 171.587365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 171.598368] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 171.993635] 8021q: adding VLAN 0 to HW filter on device team0 19:21:23 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000001cc0)={&(0x7f0000000080)={0x10, 0x6}, 0xc, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="000000000000000008001b0000000000"], 0x1}}, 0x0) 19:21:23 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) r1 = dup2(r0, r0) sendmsg$alg(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000900), 0x0, &(0x7f0000000940)=[@assoc={0x10}], 0x10}, 0x0) 19:21:23 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) read(r0, &(0x7f0000000080)=""/11, 0xb) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x0, 0x0) clone(0x7fd, 0x0, 0xfffffffffffffffe, 0xfffffffffffffffe, 0xffffffffffffffff) socket$netlink(0x10, 0x3, 0x1f) dup3(r0, r1, 0x0) ioctl$EVIOCGKEYCODE(r1, 0x80084504, &(0x7f00000000c0)=""/141) 19:21:23 executing program 1: signalfd4(0xffffffffffffff9c, &(0x7f0000000040), 0x8, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001540)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, &(0x7f0000002900)}}], 0x3ffffffffffff2b, 0x0, &(0x7f0000003280)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='oom_score\x00') preadv(r0, &(0x7f00000017c0), 0x1d0, 0x0) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f00000001c0)) 19:21:23 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x7}, 0x1c) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x19, &(0x7f0000000000)={@ipv4={[], [], @multicast2}}, 0x20) 19:21:23 executing program 1: syz_emit_ethernet(0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="500000009078000030e310c92f6e08a5e98566267217c98f9dfbd31743cd300f7d16517df9"], &(0x7f00000004c0)={0xfffffffffffffffe, 0x1}) 19:21:23 executing program 1: r0 = getpgrp(0x0) getpriority(0x1, r0) 19:21:23 executing program 1: r0 = memfd_create(&(0x7f00000000c0)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./file0'], 0xa) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x96) clone(0x20102102, 0x0, 0xfffffffffffffffe, &(0x7f0000000280), 0xffffffffffffffff) mknod$loop(&(0x7f0000000080)='./file0\x00', 0x1, 0xffffffffffffffff) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet(0x10, 0x3, 0xc) sendmsg(r2, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) execveat(r0, &(0x7f0000000380)='\x00', &(0x7f0000000300)=[&(0x7f0000000040)='\x00'], &(0x7f0000000540)=[&(0x7f0000000400)='\x00', &(0x7f0000000440)='\x00'], 0x1000) [ 173.108242] netlink: 4 bytes leftover after parsing attributes in process `syz-executor1'. [ 173.146233] netlink: 4 bytes leftover after parsing attributes in process `syz-executor1'. 19:21:24 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, &(0x7f00000000c0)={0x0, 0x0, 0x5}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x0, 0x3, 0x0, 0x21000000, &(0x7f0000fff000/0x1000)=nil}) 19:21:24 executing program 1: r0 = syz_open_dev$usb(&(0x7f0000000280)='/dev/bus/usb/00#/00#\x00', 0x40000fffffd, 0x2) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000040)={0xa3, 0x4c}) [ 173.589018] vhci_hcd: invalid port number 76 [ 173.602262] ================================================================== [ 173.609798] BUG: KASAN: use-after-free in vhci_hub_control+0x1b6d/0x1be0 [ 173.616663] Read of size 4 at addr ffff8801ce05833c by task syz-executor1/6940 [ 173.624019] [ 173.625662] CPU: 0 PID: 6940 Comm: syz-executor1 Not tainted 4.19.0-rc6+ #168 [ 173.632954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 173.642308] Call Trace: [ 173.644919] dump_stack+0x1c4/0x2b4 [ 173.648604] ? dump_stack_print_info.cold.2+0x52/0x52 [ 173.653806] ? printk+0xa7/0xcf [ 173.657117] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 173.661901] print_address_description.cold.8+0x9/0x1ff [ 173.667282] kasan_report.cold.9+0x242/0x309 [ 173.671737] ? vhci_hub_control+0x1b6d/0x1be0 [ 173.676253] __asan_report_load4_noabort+0x14/0x20 [ 173.681202] vhci_hub_control+0x1b6d/0x1be0 [ 173.685543] ? vhci_hcd_probe+0x240/0x240 [ 173.689713] ? rcu_read_lock_sched_held+0x108/0x120 [ 173.694742] ? __kmalloc+0x5de/0x760 [ 173.698467] ? kasan_check_write+0x14/0x20 [ 173.701915] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 173.702717] ? do_raw_spin_lock+0xc1/0x200 [ 173.721419] ? usb_hcd_submit_urb+0x6fc/0x20a0 [ 173.726012] usb_hcd_submit_urb+0x17bb/0x20a0 [ 173.730514] ? vhci_hcd_probe+0x240/0x240 [ 173.734911] ? usb_create_hcd+0x40/0x40 [ 173.738896] ? __ia32_compat_sys_ioctl+0x20e/0x630 [ 173.743835] ? do_fast_syscall_32+0x34d/0xfb2 [ 173.748349] ? entry_SYSENTER_compat+0x70/0x7f [ 173.752944] ? find_held_lock+0x36/0x1c0 [ 173.757007] ? __lockdep_init_map+0x105/0x590 [ 173.761510] ? __lockdep_init_map+0x105/0x590 [ 173.766014] usb_submit_urb+0x893/0x14e0 [ 173.770101] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 173.775411] usb_start_wait_urb+0x13d/0x370 [ 173.779838] ? sg_clean+0x240/0x240 [ 173.783549] usb_control_msg+0x332/0x4e0 [ 173.787618] ? usb_start_wait_urb+0x370/0x370 [ 173.792137] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 173.797687] proc_control+0x99b/0xef0 [ 173.801497] ? proc_bulk+0xa70/0xa70 [ 173.805226] ? futex_wake+0x304/0x760 [ 173.809038] usbdev_do_ioctl+0x1eb8/0x3b50 [ 173.813284] ? processcompl_compat+0x680/0x680 [ 173.817888] ? mark_held_locks+0x130/0x130 [ 173.822133] ? graph_lock+0x170/0x170 [ 173.825937] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 173.831214] ? rcu_bh_qs+0xc0/0xc0 [ 173.834765] ? rcu_bh_qs+0xc0/0xc0 [ 173.838309] ? unwind_dump+0x190/0x190 [ 173.842337] ? find_held_lock+0x36/0x1c0 [ 173.846397] ? __fget+0x4aa/0x740 [ 173.849861] ? lock_downgrade+0x900/0x900 [ 173.854013] ? check_preemption_disabled+0x48/0x200 [ 173.859040] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 173.864854] ? kasan_check_read+0x11/0x20 [ 173.869019] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 173.874310] ? rcu_bh_qs+0xc0/0xc0 [ 173.877883] ? __fget+0x4d1/0x740 [ 173.881354] ? ksys_dup3+0x680/0x680 [ 173.885078] ? __might_fault+0x12b/0x1e0 [ 173.889157] ? lock_downgrade+0x900/0x900 [ 173.893332] ? lock_release+0x970/0x970 [ 173.897309] ? arch_local_save_flags+0x40/0x40 [ 173.901903] ? posix_ktime_get_ts+0x15/0x20 [ 173.906231] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 173.911696] ? __fget_light+0x2e9/0x430 [ 173.915671] ? fget_raw+0x20/0x20 [ 173.919146] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 173.924685] ? compat_put_timespec64+0x110/0x280 [ 173.929448] ? compat_get_timespec64+0x2a0/0x2a0 [ 173.934212] ? do_fast_syscall_32+0x150/0xfb2 [ 173.938709] ? do_fast_syscall_32+0x150/0xfb2 [ 173.943213] ? lockdep_hardirqs_on+0x421/0x5c0 [ 173.947807] ? usbdev_do_ioctl+0x3b50/0x3b50 [ 173.952227] usbdev_compat_ioctl+0x24/0x30 [ 173.956468] __ia32_compat_sys_ioctl+0x20e/0x630 [ 173.961239] do_fast_syscall_32+0x34d/0xfb2 [ 173.965587] ? do_int80_syscall_32+0x890/0x890 [ 173.970197] ? entry_SYSENTER_compat+0x68/0x7f [ 173.974787] ? trace_hardirqs_off_caller+0xbb/0x310 [ 173.979808] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 173.984661] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 173.989511] ? trace_hardirqs_on_caller+0x310/0x310 [ 173.994538] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 173.999641] ? prepare_exit_to_usermode+0x291/0x3b0 [ 174.004701] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 174.009566] entry_SYSENTER_compat+0x70/0x7f [ 174.013983] RIP: 0023:0xf7f50ca9 [ 174.017365] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 174.036270] RSP: 002b:00000000f5f4c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 174.043991] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0185500 [ 174.051264] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 174.058531] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 174.065803] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 174.073073] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 174.080357] [ 174.081978] The buggy address belongs to the page: [ 174.086907] page:ffffea0007381600 count:0 mapcount:-128 mapping:0000000000000000 index:0x0 [ 174.095309] flags: 0x2fffc0000000000() [ 174.099205] raw: 02fffc0000000000 ffffea0007382b48 ffffea0007397a48 0000000000000000 [ 174.107089] raw: 0000000000000000 0000000000000000 00000000ffffff7f 0000000000000000 [ 174.114966] page dumped because: kasan: bad access detected [ 174.120669] [ 174.122293] Memory state around the buggy address: [ 174.127227] ffff8801ce058200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 174.134582] ffff8801ce058280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 174.141941] >ffff8801ce058300: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 174.149294] ^ [ 174.154515] ffff8801ce058380: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 174.161881] ffff8801ce058400: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 174.169237] ================================================================== [ 174.176589] Disabling lock debugging due to kernel taint [ 174.182047] Kernel panic - not syncing: panic_on_warn set ... [ 174.182047] [ 174.189412] CPU: 0 PID: 6940 Comm: syz-executor1 Tainted: G B 4.19.0-rc6+ #168 [ 174.198064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 174.207424] Call Trace: [ 174.210014] dump_stack+0x1c4/0x2b4 [ 174.213661] ? dump_stack_print_info.cold.2+0x52/0x52 [ 174.218861] ? lock_downgrade+0x900/0x900 [ 174.223032] panic+0x238/0x4e7 [ 174.226238] ? add_taint.cold.5+0x16/0x16 [ 174.230400] ? add_taint.cold.5+0x5/0x16 [ 174.234459] ? trace_hardirqs_off+0xaf/0x310 [ 174.238874] kasan_end_report+0x47/0x4f [ 174.242856] kasan_report.cold.9+0x76/0x309 [ 174.247191] ? vhci_hub_control+0x1b6d/0x1be0 [ 174.251686] __asan_report_load4_noabort+0x14/0x20 [ 174.256620] vhci_hub_control+0x1b6d/0x1be0 [ 174.260942] ? vhci_hcd_probe+0x240/0x240 [ 174.265099] ? rcu_read_lock_sched_held+0x108/0x120 [ 174.270134] ? __kmalloc+0x5de/0x760 [ 174.273855] ? kasan_check_write+0x14/0x20 [ 174.278089] ? do_raw_spin_lock+0xc1/0x200 [ 174.282324] ? usb_hcd_submit_urb+0x6fc/0x20a0 [ 174.286905] usb_hcd_submit_urb+0x17bb/0x20a0 [ 174.291425] ? vhci_hcd_probe+0x240/0x240 [ 174.295586] ? usb_create_hcd+0x40/0x40 [ 174.299561] ? __ia32_compat_sys_ioctl+0x20e/0x630 [ 174.304495] ? do_fast_syscall_32+0x34d/0xfb2 [ 174.308992] ? entry_SYSENTER_compat+0x70/0x7f [ 174.313593] ? find_held_lock+0x36/0x1c0 [ 174.317671] ? __lockdep_init_map+0x105/0x590 [ 174.322165] ? __lockdep_init_map+0x105/0x590 [ 174.326662] usb_submit_urb+0x893/0x14e0 [ 174.330720] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 174.336015] usb_start_wait_urb+0x13d/0x370 [ 174.340338] ? sg_clean+0x240/0x240 [ 174.343972] usb_control_msg+0x332/0x4e0 [ 174.348029] ? usb_start_wait_urb+0x370/0x370 [ 174.352519] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 174.358059] proc_control+0x99b/0xef0 [ 174.361870] ? proc_bulk+0xa70/0xa70 [ 174.365581] ? futex_wake+0x304/0x760 [ 174.369382] usbdev_do_ioctl+0x1eb8/0x3b50 [ 174.373621] ? processcompl_compat+0x680/0x680 [ 174.378207] ? mark_held_locks+0x130/0x130 [ 174.382439] ? graph_lock+0x170/0x170 [ 174.386238] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 174.391525] ? rcu_bh_qs+0xc0/0xc0 [ 174.395071] ? rcu_bh_qs+0xc0/0xc0 [ 174.398608] ? unwind_dump+0x190/0x190 [ 174.402514] ? find_held_lock+0x36/0x1c0 [ 174.406576] ? __fget+0x4aa/0x740 [ 174.410026] ? lock_downgrade+0x900/0x900 [ 174.414172] ? check_preemption_disabled+0x48/0x200 [ 174.419203] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 174.425008] ? kasan_check_read+0x11/0x20 [ 174.429149] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 174.434420] ? rcu_bh_qs+0xc0/0xc0 [ 174.437995] ? __fget+0x4d1/0x740 [ 174.441460] ? ksys_dup3+0x680/0x680 [ 174.445169] ? __might_fault+0x12b/0x1e0 [ 174.449224] ? lock_downgrade+0x900/0x900 [ 174.453395] ? lock_release+0x970/0x970 [ 174.457370] ? arch_local_save_flags+0x40/0x40 [ 174.461950] ? posix_ktime_get_ts+0x15/0x20 [ 174.466285] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 174.471740] ? __fget_light+0x2e9/0x430 [ 174.475717] ? fget_raw+0x20/0x20 [ 174.479170] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 174.484714] ? compat_put_timespec64+0x110/0x280 [ 174.489482] ? compat_get_timespec64+0x2a0/0x2a0 [ 174.494265] ? do_fast_syscall_32+0x150/0xfb2 [ 174.498762] ? do_fast_syscall_32+0x150/0xfb2 [ 174.503263] ? lockdep_hardirqs_on+0x421/0x5c0 [ 174.507882] ? usbdev_do_ioctl+0x3b50/0x3b50 [ 174.512309] usbdev_compat_ioctl+0x24/0x30 [ 174.516545] __ia32_compat_sys_ioctl+0x20e/0x630 [ 174.521326] do_fast_syscall_32+0x34d/0xfb2 [ 174.525670] ? do_int80_syscall_32+0x890/0x890 [ 174.530255] ? entry_SYSENTER_compat+0x68/0x7f [ 174.534838] ? trace_hardirqs_off_caller+0xbb/0x310 [ 174.539875] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 174.544718] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 174.549558] ? trace_hardirqs_on_caller+0x310/0x310 [ 174.554569] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 174.559585] ? prepare_exit_to_usermode+0x291/0x3b0 [ 174.564606] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 174.569457] entry_SYSENTER_compat+0x70/0x7f [ 174.573872] RIP: 0023:0xf7f50ca9 [ 174.577240] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 174.596135] RSP: 002b:00000000f5f4c0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 174.603848] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0185500 [ 174.611123] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 174.618421] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 174.625682] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 174.632946] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 174.641153] Kernel Offset: disabled [ 174.644777] Rebooting in 86400 seconds..