Warning: Permanently added '[localhost]:41177' (ECDSA) to the list of known hosts. 2020/10/13 06:53:51 fuzzer started 2020/10/13 06:53:53 dialing manager at 10.0.2.10:46773 2020/10/13 06:53:53 syscalls: 3440 2020/10/13 06:53:53 code coverage: enabled 2020/10/13 06:53:53 comparison tracing: enabled 2020/10/13 06:53:53 extra coverage: enabled 2020/10/13 06:53:53 setuid sandbox: enabled 2020/10/13 06:53:53 namespace sandbox: enabled 2020/10/13 06:53:53 Android sandbox: /sys/fs/selinux/policy does not exist 2020/10/13 06:53:53 fault injection: enabled 2020/10/13 06:53:53 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/10/13 06:53:53 net packet injection: enabled 2020/10/13 06:53:53 net device setup: enabled 2020/10/13 06:53:53 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/10/13 06:53:53 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/10/13 06:53:53 USB emulation: enabled 2020/10/13 06:53:53 hci packet injection: enabled 2020/10/13 06:53:53 wifi device emulation: enabled 06:55:34 executing program 0: pipe(&(0x7f0000003400)={0xffffffffffffffff}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001700)={0x11, 0x1, &(0x7f0000000040)=@raw=[@exit], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, r0, 0x8, &(0x7f0000001680), 0x8, 0x10, 0x0}, 0x78) 06:55:34 executing program 1: r0 = socket$pptp(0x18, 0x1, 0x2) setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x1, 0x0, 0x4) 06:55:35 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x6, &(0x7f0000000040)=ANY=[@ANYBLOB="18", @ANYRES32, @ANYBLOB="0000000090"], &(0x7f0000000080)='GPL\x00', 0x3, 0xe0, &(0x7f0000000600)=""/224, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 06:55:35 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001700)={0x1a, 0x1, &(0x7f0000000040)=@raw=[@exit], &(0x7f0000000080)='GPL\x00', 0x6, 0xab, &(0x7f00000000c0)=""/171, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) syzkaller login: [ 273.095353][ T9318] IPVS: ftp: loaded support on port[0] = 21 [ 273.095639][ T9322] IPVS: ftp: loaded support on port[0] = 21 [ 273.103835][ T9320] IPVS: ftp: loaded support on port[0] = 21 [ 273.237344][ T9323] IPVS: ftp: loaded support on port[0] = 21 [ 274.328514][ T9322] chnl_net:caif_netlink_parms(): no params data found [ 274.537659][ T9323] chnl_net:caif_netlink_parms(): no params data found [ 274.573133][ T9318] chnl_net:caif_netlink_parms(): no params data found [ 274.668760][ T9320] chnl_net:caif_netlink_parms(): no params data found [ 274.836486][ T23] Bluetooth: hci1: command 0x0409 tx timeout [ 274.852307][ T35] Bluetooth: hci0: command 0x0409 tx timeout [ 274.961548][ T9322] bridge0: port 1(bridge_slave_0) entered blocking state [ 274.983069][ T35] Bluetooth: hci2: command 0x0409 tx timeout [ 274.986917][ T9322] bridge0: port 1(bridge_slave_0) entered disabled state [ 275.035047][ T9322] device bridge_slave_0 entered promiscuous mode [ 275.069719][ T9322] bridge0: port 2(bridge_slave_1) entered blocking state [ 275.084297][ T9322] bridge0: port 2(bridge_slave_1) entered disabled state [ 275.099541][ T9322] device bridge_slave_1 entered promiscuous mode [ 275.142206][ T1243] Bluetooth: hci3: command 0x0409 tx timeout [ 275.153891][ T9323] bridge0: port 1(bridge_slave_0) entered blocking state [ 275.163323][ T9323] bridge0: port 1(bridge_slave_0) entered disabled state [ 275.173008][ T9323] device bridge_slave_0 entered promiscuous mode [ 275.186735][ T9323] bridge0: port 2(bridge_slave_1) entered blocking state [ 275.197086][ T9323] bridge0: port 2(bridge_slave_1) entered disabled state [ 275.206428][ T9323] device bridge_slave_1 entered promiscuous mode [ 275.247436][ T9322] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 275.287011][ T9318] bridge0: port 1(bridge_slave_0) entered blocking state [ 275.303758][ T9318] bridge0: port 1(bridge_slave_0) entered disabled state [ 275.304982][ T9318] device bridge_slave_0 entered promiscuous mode [ 275.392808][ T9322] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 275.415448][ T9320] bridge0: port 1(bridge_slave_0) entered blocking state [ 275.429380][ T9320] bridge0: port 1(bridge_slave_0) entered disabled state [ 275.446321][ T9320] device bridge_slave_0 entered promiscuous mode [ 275.463202][ T9318] bridge0: port 2(bridge_slave_1) entered blocking state [ 275.481338][ T9318] bridge0: port 2(bridge_slave_1) entered disabled state [ 275.496679][ T9318] device bridge_slave_1 entered promiscuous mode [ 275.516201][ T9323] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 275.546103][ T9323] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 275.567439][ T9320] bridge0: port 2(bridge_slave_1) entered blocking state [ 275.581269][ T9320] bridge0: port 2(bridge_slave_1) entered disabled state [ 275.594276][ T9320] device bridge_slave_1 entered promiscuous mode [ 275.640828][ T9323] team0: Port device team_slave_0 added [ 275.657299][ T9323] team0: Port device team_slave_1 added [ 275.667748][ T9322] team0: Port device team_slave_0 added [ 275.696744][ T9318] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 275.723269][ T9318] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 275.748104][ T9322] team0: Port device team_slave_1 added [ 275.760030][ T9320] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 275.786722][ T9320] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 275.827188][ T9323] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 275.843152][ T9323] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 275.883383][ T9323] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 275.906707][ T9323] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 275.917916][ T9323] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 275.953622][ T9323] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 275.986629][ T9318] team0: Port device team_slave_0 added [ 276.000375][ T9320] team0: Port device team_slave_0 added [ 276.023646][ T9320] team0: Port device team_slave_1 added [ 276.035170][ T9322] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 276.043090][ T9322] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 276.074820][ T9322] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 276.099969][ T9318] team0: Port device team_slave_1 added [ 276.151642][ T9322] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 276.163102][ T9322] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 276.210315][ T9322] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 276.260768][ T9323] device hsr_slave_0 entered promiscuous mode [ 276.272490][ T9323] device hsr_slave_1 entered promiscuous mode [ 276.297246][ T9320] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 276.308750][ T9320] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 276.340035][ T9320] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 276.357332][ T9320] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 276.365981][ T9320] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 276.403508][ T9320] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 276.417110][ T9318] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 276.426112][ T9318] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 276.458277][ T9318] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 276.490942][ T9318] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 276.500946][ T9318] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 276.534082][ T9318] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 276.594693][ T9322] device hsr_slave_0 entered promiscuous mode [ 276.605271][ T9322] device hsr_slave_1 entered promiscuous mode [ 276.616745][ T9322] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 276.627932][ T9322] Cannot create hsr debugfs directory [ 276.695070][ T9318] device hsr_slave_0 entered promiscuous mode [ 276.707228][ T9318] device hsr_slave_1 entered promiscuous mode [ 276.718625][ T9318] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 276.728700][ T9318] Cannot create hsr debugfs directory [ 276.744958][ T9320] device hsr_slave_0 entered promiscuous mode [ 276.759588][ T9320] device hsr_slave_1 entered promiscuous mode [ 276.771556][ T9320] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 276.782933][ T9320] Cannot create hsr debugfs directory [ 276.907264][ T1243] Bluetooth: hci1: command 0x041b tx timeout [ 277.062242][ T35] Bluetooth: hci2: command 0x041b tx timeout [ 277.062248][ T13] Bluetooth: hci0: command 0x041b tx timeout [ 277.210615][ T9323] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 277.223076][ T1243] Bluetooth: hci3: command 0x041b tx timeout [ 277.284522][ T9323] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 277.307524][ T9323] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 277.326646][ T9323] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 277.374874][ T9320] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 277.393039][ T9320] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 277.412166][ T9320] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 277.433789][ T9320] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 277.463326][ T9318] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 277.477528][ T9318] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 277.499425][ T9318] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 277.518088][ T9318] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 277.544306][ T9322] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 277.561587][ T9322] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 277.579230][ T9322] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 277.590603][ T9322] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 277.687919][ T9323] 8021q: adding VLAN 0 to HW filter on device bond0 [ 277.707656][ T9320] 8021q: adding VLAN 0 to HW filter on device bond0 [ 277.728086][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 277.741148][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 277.750709][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 277.762119][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 277.784732][ T9320] 8021q: adding VLAN 0 to HW filter on device team0 [ 277.799346][ T9323] 8021q: adding VLAN 0 to HW filter on device team0 [ 277.848936][ T9318] 8021q: adding VLAN 0 to HW filter on device bond0 [ 277.866994][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 277.877300][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 277.890065][ T23] bridge0: port 1(bridge_slave_0) entered blocking state [ 277.898449][ T23] bridge0: port 1(bridge_slave_0) entered forwarding state [ 277.920275][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 277.947001][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 277.961291][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 277.973382][ T9333] bridge0: port 1(bridge_slave_0) entered blocking state [ 277.982841][ T9333] bridge0: port 1(bridge_slave_0) entered forwarding state [ 277.996152][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 278.008448][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 278.020283][ T9333] bridge0: port 2(bridge_slave_1) entered blocking state [ 278.034082][ T9333] bridge0: port 2(bridge_slave_1) entered forwarding state [ 278.044959][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 278.055989][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 278.067101][ T9333] bridge0: port 2(bridge_slave_1) entered blocking state [ 278.077374][ T9333] bridge0: port 2(bridge_slave_1) entered forwarding state [ 278.092413][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 278.114928][ T9353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 278.131017][ T9353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 278.145779][ T9353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 278.169982][ T9322] 8021q: adding VLAN 0 to HW filter on device bond0 [ 278.182634][ T9318] 8021q: adding VLAN 0 to HW filter on device team0 [ 278.193360][ T87] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 278.205288][ T87] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 278.225124][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 278.241188][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 278.255569][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 278.279707][ T9355] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 278.293392][ T9355] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 278.308018][ T9355] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 278.318882][ T9355] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 278.329065][ T9355] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 278.340098][ T9355] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 278.352764][ T9355] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 278.366843][ T9355] bridge0: port 1(bridge_slave_0) entered blocking state [ 278.374955][ T9355] bridge0: port 1(bridge_slave_0) entered forwarding state [ 278.386043][ T9355] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 278.395895][ T9355] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 278.408622][ T9355] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 278.419030][ T9355] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 278.432731][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 278.447078][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 278.457118][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 278.466685][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 278.476969][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 278.485016][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 278.499629][ T9322] 8021q: adding VLAN 0 to HW filter on device team0 [ 278.514357][ T9353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 278.523574][ T9353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 278.532905][ T9353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 278.544837][ T9353] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 278.554853][ T9353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 278.565453][ T9353] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 278.575581][ T9353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 278.585189][ T9353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 278.594739][ T9353] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 278.608447][ T9320] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 278.625996][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 278.645344][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 278.663651][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 278.682140][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 278.693490][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 278.706873][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 278.719530][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 278.741770][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 278.756267][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 278.768257][ T23] bridge0: port 2(bridge_slave_1) entered blocking state [ 278.785851][ T23] bridge0: port 2(bridge_slave_1) entered forwarding state [ 278.808755][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 278.830918][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 278.843565][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 278.864671][ T3228] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 278.884751][ T3228] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 278.922184][ T9355] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 278.936110][ T9355] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 278.950595][ T9355] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 278.963424][ T9355] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 278.976379][ T9355] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 278.982290][ T23] Bluetooth: hci1: command 0x040f tx timeout [ 278.999545][ T9355] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 279.041251][ T9355] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 279.055867][ T9355] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 279.071202][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 279.104259][ T9323] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 279.122056][ T9320] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 279.142357][ T35] Bluetooth: hci2: command 0x040f tx timeout [ 279.145191][ T9318] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 279.153352][ T9333] Bluetooth: hci0: command 0x040f tx timeout [ 279.178345][ T9318] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 279.214605][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 279.228439][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 279.243806][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 279.258679][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 279.273203][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 279.299809][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 279.317455][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 279.347172][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 279.372572][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 279.385284][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 279.396556][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 279.408964][ T23] Bluetooth: hci3: command 0x040f tx timeout [ 279.433531][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 279.445630][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 279.458400][ T9322] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 279.486391][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 279.496724][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 279.513135][ T9318] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 279.533797][ T9323] device veth0_vlan entered promiscuous mode [ 279.557759][ T87] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 279.594336][ T87] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 279.633050][ T87] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 279.660032][ T87] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 279.679624][ T87] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 279.688808][ T87] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 279.715838][ T9323] device veth1_vlan entered promiscuous mode [ 279.725088][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 279.737544][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 279.765422][ T9322] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 279.799180][ T9353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 279.810116][ T9353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 279.836406][ T9323] device veth0_macvtap entered promiscuous mode [ 279.844041][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 279.853956][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 279.865430][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 279.876373][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 279.890732][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 279.903726][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 279.913947][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 279.960584][ T9323] device veth1_macvtap entered promiscuous mode [ 279.986483][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 280.003983][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 280.019625][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 280.045864][ T9355] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 280.059610][ T9355] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 280.073032][ T9320] device veth0_vlan entered promiscuous mode [ 280.091939][ T9318] device veth0_vlan entered promiscuous mode [ 280.108678][ T9320] device veth1_vlan entered promiscuous mode [ 280.140268][ T9323] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 280.178574][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 280.216266][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 280.255408][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 280.294967][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 280.328965][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 280.356585][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 280.404998][ T9323] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 280.445929][ T9318] device veth1_vlan entered promiscuous mode [ 280.469720][ T87] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 280.491254][ T87] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 280.510470][ T87] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 280.529538][ T87] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 280.553205][ T87] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 280.577480][ T9323] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 280.606343][ T9323] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 280.624784][ T9323] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 280.647533][ T9323] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 280.684814][ T87] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 280.701534][ T87] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 280.723270][ T87] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 280.742932][ T87] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 280.766985][ T9322] device veth0_vlan entered promiscuous mode [ 280.787209][ T9320] device veth0_macvtap entered promiscuous mode [ 281.062512][ T9353] Bluetooth: hci1: command 0x0419 tx timeout [ 281.095701][ T9322] device veth1_vlan entered promiscuous mode [ 281.125130][ T9320] device veth1_macvtap entered promiscuous mode [ 281.206375][ T9320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 281.233142][ T3228] Bluetooth: hci0: command 0x0419 tx timeout [ 281.250653][ T9320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 281.274841][ T3228] Bluetooth: hci2: command 0x0419 tx timeout [ 281.313116][ T9320] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 281.380484][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 281.419072][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 281.448654][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 281.478126][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 281.482455][ T35] Bluetooth: hci3: command 0x0419 tx timeout [ 281.508152][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 281.559010][ T9320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 281.592776][ T9320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 281.620345][ T9320] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 281.652913][ T9320] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 281.780235][ T9320] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 281.822544][ T9320] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 281.855236][ T9320] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 281.914509][ T9353] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 281.953184][ T9353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 282.024698][ T9318] device veth0_macvtap entered promiscuous mode [ 282.098715][ T8] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 282.139877][ T8] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 282.152691][ T9318] device veth1_macvtap entered promiscuous mode [ 282.190495][ T3228] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 282.216177][ T3228] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 282.237252][ T3228] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 282.300172][ T9322] device veth0_macvtap entered promiscuous mode [ 282.323604][ T9322] device veth1_macvtap entered promiscuous mode [ 282.358997][ T9318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 282.361446][ T9343] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 282.393206][ T9318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 282.415912][ T9343] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 282.433529][ T9318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 282.433534][ T9318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 282.435621][ T9318] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 282.503180][ T9356] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 282.517046][ T9356] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 282.529479][ T9356] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 282.539774][ T9356] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 282.561393][ T9356] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 282.595233][ T9318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 282.614456][ T9318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 282.627597][ T9318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 282.646353][ T9318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 282.667889][ T9318] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 282.722437][ T2456] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 282.734390][ T9353] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 282.746255][ T2456] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 282.762380][ T9353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 282.803954][ T9353] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 282.843756][ T9318] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 282.864553][ T9318] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 282.876921][ T9318] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 282.904364][ T9318] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 282.947047][ T9323] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 282.950511][ T9322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 283.043365][ T9322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.105931][ T9322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 283.180892][ T9322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.254284][ T9322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 283.328414][ T9322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.413390][ T9322] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 283.524630][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 283.571502][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready 06:55:47 executing program 3: syz_open_dev$ndb(&(0x7f0000008d00)='/dev/nbd#\x00', 0x0, 0x3) [ 283.628462][ T9322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 283.676865][ T9322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.760743][ T9322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 283.805973][ T9322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.848501][ T9322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 283.895606][ T9322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! 06:55:47 executing program 3: shmget$private(0x0, 0x2000, 0x78000c00, &(0x7f0000ffe000/0x2000)=nil) [ 283.957755][ T9322] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 283.996116][ T9357] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 06:55:47 executing program 3: r0 = epoll_create1(0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)={0x10002005}) [ 284.008769][ T9322] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.036951][ T9357] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 284.073031][ T9322] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.133744][ T9322] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 06:55:47 executing program 3: migrate_pages(0x0, 0x7, &(0x7f0000000000)=0xfffffffffffffbfe, &(0x7f0000000080)=0x2) [ 284.168509][ T9322] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.247940][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 284.272976][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 284.312824][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 284.427381][ T2456] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 284.473427][ T2456] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 284.505878][ T9357] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 284.534505][ T9357] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 284.568922][ T87] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 284.621057][ T87] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 284.666194][ T8] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 284.669703][ T9357] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 284.706564][ T8] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 284.745293][ T9357] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 284.784209][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 284.854716][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 06:55:48 executing program 2: syz_open_dev$char_raw(&(0x7f0000000640)='/dev/raw/raw#\x00', 0x0, 0x81) 06:55:48 executing program 1: perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 06:55:48 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000004900)={0x0, 0x0, &(0x7f00000048c0)={&(0x7f0000000140)=@delchain={0xec4, 0x65, 0x0, 0x0, 0x0, {}, [@filter_kind_options=@f_basic={{0xa, 0x1, 'basic\x00'}, {0xe94, 0x2, [@TCA_BASIC_ACT={0xe90, 0x3, [@m_pedit={0xe8c, 0x0, 0x0, 0x0, {{0xa, 0x1, 'pedit\x00'}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{}, [{}, {}, {0x0, 0x101, 0x27, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x8001, 0x0, 0x8000}, {}, {0x0, 0x9, 0xffffff7f}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xc0}, {0x0, 0x0, 0x0, 0x0, 0x81}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x101}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x7ff}], [{}, {}, {}, {0x1, 0x1}, {}, {}, {}, {}, {0x3}, {0x5, 0x1}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {0x5}, {0x9d74dc79a42a0031, 0x1}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x3f, 0x6, "94207d37f0a865df539883e698a11bd4928f68309427881552d80040bbadc39ae51caaf00bb7f12907027f77f257b5308eeb25bfd5979a4582f4b3"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x6}}}}]}]}}]}, 0xec4}}, 0x0) 06:55:48 executing program 0: migrate_pages(0xffffffffffffffff, 0xdf, 0x0, 0x0) 06:55:48 executing program 1: bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001200)=@bpf_lsm={0x1d, 0x3, &(0x7f0000000000)=@raw=[@func, @map], &(0x7f0000000080)='GPL\x00', 0x3, 0x1000, &(0x7f00000000c0)=""/4096, 0x0, 0x0, [], 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 06:55:48 executing program 0: syz_open_dev$tty20(0xc, 0x4, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x0) 06:55:48 executing program 2: socketpair(0x3, 0x0, 0x10000, &(0x7f0000000000)) 06:55:48 executing program 3: recvfrom$ax25(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) 06:55:49 executing program 3: ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000000)) shmctl$IPC_INFO(0x0, 0x3, &(0x7f0000001940)=""/171) 06:55:49 executing program 1: r0 = eventfd(0x10001) read$eventfd(r0, &(0x7f0000000600), 0x8) 06:55:49 executing program 2: openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x2200, 0x0) 06:55:49 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000040)={0x79eb}) 06:55:49 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TEAM_CMD_NOOP(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x40841) 06:55:49 executing program 0: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_SCROLLCONSOLE(r0, 0x541c, 0x0) 06:55:49 executing program 2: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDSETMODE(r0, 0x4b3a, 0x0) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, 0x0) 06:55:49 executing program 1: socketpair(0x21, 0x0, 0x0, &(0x7f0000000300)) 06:55:49 executing program 0: pselect6(0x40, &(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000280)={0xacbe}, &(0x7f00000002c0)={0x0, 0x989680}, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDSETMODE(r1, 0x4b3a, 0x1) ioctl$KDGETKEYCODE(r0, 0x4b4c, &(0x7f0000000000)={0x51, 0x401}) 06:55:49 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000040)={0x79eb}) 06:55:49 executing program 2: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDSETMODE(r0, 0x4b3a, 0x0) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, 0x0) 06:55:49 executing program 1: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x3, 0x8}) 06:55:49 executing program 2: bpf$ITER_CREATE(0x3, 0x0, 0x0) 06:55:49 executing program 3: r0 = epoll_create1(0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)) 06:55:49 executing program 0: pselect6(0x40, &(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000280)={0xacbe}, &(0x7f00000002c0)={0x0, 0x989680}, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDSETMODE(r1, 0x4b3a, 0x1) ioctl$KDGETKEYCODE(r0, 0x4b4c, &(0x7f0000000000)={0x51, 0x401}) 06:55:49 executing program 2: syz_open_dev$sndctrl(&(0x7f0000000480)='/dev/snd/controlC#\x00', 0x8, 0x101140) 06:55:49 executing program 3: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, &(0x7f0000000480)={0x0, @bcast, @rose={'rose', 0x0}, 0x0, 'syz1\x00', @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x0, 0x0, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}) 06:55:49 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000040)={0x0, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x4, 0x0, {0x9}, {0x0, 0x800}, {0x4}, {}, 0x0, 0x0, 0x6, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3, 0x8}) 06:55:49 executing program 3: socketpair(0x28, 0x0, 0xdd6, &(0x7f0000000180)) 06:55:49 executing program 3: pselect6(0x0, 0x0, &(0x7f0000000240), &(0x7f0000000280), &(0x7f00000002c0)={0x0, 0x989680}, &(0x7f0000000340)={&(0x7f0000000300)={[0x3]}, 0x8}) 06:55:49 executing program 1: sendmsg$L2TP_CMD_SESSION_MODIFY(0xffffffffffffffff, 0x0, 0x0) r0 = getpgrp(0x0) migrate_pages(r0, 0x3, &(0x7f0000000000)=0x6, &(0x7f0000000040)=0x2) 06:55:49 executing program 0: pselect6(0x40, &(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000280)={0xacbe}, &(0x7f00000002c0)={0x0, 0x989680}, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDSETMODE(r1, 0x4b3a, 0x1) ioctl$KDGETKEYCODE(r0, 0x4b4c, &(0x7f0000000000)={0x51, 0x401}) 06:55:49 executing program 2: r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, 0x0, 0x0) 06:55:49 executing program 3: socket$inet6(0xa, 0x3, 0x20) 06:55:49 executing program 0: sendmmsg$nfc_llcp(0xffffffffffffffff, 0x0, 0x0, 0x48318715b309a135) 06:55:50 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000900)='gtp\x00') sendmsg$GTP_CMD_GETPDP(r0, &(0x7f00000009c0)={&(0x7f00000008c0), 0xc, &(0x7f0000000980)={&(0x7f0000000940)={0x24, r1, 0x1, 0x0, 0x0, {}, [@GTPA_I_TEI={0x8}, @GTPA_VERSION={0x8}]}, 0x24}}, 0x0) 06:55:50 executing program 0: r0 = syz_open_dev$vcsn(0x0, 0x2, 0x10401) ioctl$KDGKBTYPE(r0, 0x4b33, &(0x7f0000000040)) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$PIO_FONT(r1, 0x4b61, &(0x7f00000000c0)="852e6b12a99dbf61fba64bb5816918069e2be45c588a0353f52bc892fd4f22cc5cb5") 06:55:50 executing program 1: perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 06:55:50 executing program 1: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$GIO_CMAP(r0, 0x4b70, &(0x7f0000000340)) 06:55:50 executing program 3: syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x0, 0x3c7825491292a1c3) 06:55:50 executing program 2: syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x101003) 06:55:50 executing program 3: bpf$ITER_CREATE(0x16, 0x0, 0x0) 06:55:50 executing program 0: r0 = syz_open_dev$vcsn(0x0, 0x2, 0x10401) ioctl$KDGKBTYPE(r0, 0x4b33, &(0x7f0000000040)) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$PIO_FONT(r1, 0x4b61, &(0x7f00000000c0)="852e6b12a99dbf61fba64bb5816918069e2be45c588a0353f52bc892fd4f22cc5cb5") 06:55:50 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000004900)={0x0, 0x0, &(0x7f00000048c0)={&(0x7f0000000140)=@delchain={0xec4, 0x65, 0x0, 0x0, 0x0, {}, [@filter_kind_options=@f_basic={{0xa, 0x1, 'basic\x00'}, {0xe94, 0x2, [@TCA_BASIC_ACT={0xe90, 0x3, [@m_pedit={0xe8c, 0x0, 0x0, 0x0, {{0xa, 0x1, 'pedit\x00'}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x8}]}}]}, {0x3e, 0x6, "94207d37f0a865df539883e698a11bd4928f68309427881552d80040bbadc39ae51caaf00bb7f12907027f77f257b5308eeb25bfd5979a4582f4"}, {0xc}, {0xc}}}]}]}}]}, 0xec4}}, 0x0) 06:55:50 executing program 2: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$GIO_FONT(r0, 0x4b60, &(0x7f0000000a40)=""/153) 06:55:50 executing program 3: syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x4040) 06:55:50 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000600)='/dev/binder#\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x1, 0x11, r0, 0x0) syz_open_dev$ttys(0xc, 0x2, 0x1) 06:55:50 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x2, &(0x7f0000000180)=@raw=[@ldst, @alu], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 286.555328][ T9515] ================================================================== [ 286.560205][ T9515] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x117f/0x1290 [ 286.560461][ T9515] Write of size 4 at addr ffffc90009761000 by task syz-executor.0/9515 [ 286.560463][ T9515] [ 286.561467][ T9515] CPU: 2 PID: 9515 Comm: syz-executor.0 Not tainted 5.9.0-syzkaller #0 [ 286.561614][ T9515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 286.561910][ T9515] Call Trace: [ 286.562665][ T9515] dump_stack+0x198/0x1fd [ 286.562954][ T9515] ? sys_imageblit+0x117f/0x1290 [ 286.562961][ T9515] ? sys_imageblit+0x117f/0x1290 [ 286.563038][ T9515] print_address_description.constprop.0.cold+0x5/0x497 [ 286.563038][ T9515] ? sys_imageblit+0x117f/0x1290 [ 286.563038][ T9515] ? lockdep_hardirqs_off+0x96/0xd0 [ 286.563038][ T9515] ? vprintk_func+0x95/0x1d4 [ 286.563038][ T9515] ? sys_imageblit+0x117f/0x1290 [ 286.563038][ T9515] ? sys_imageblit+0x117f/0x1290 [ 286.563038][ T9515] kasan_report.cold+0x1f/0x37 [ 286.563038][ T9515] ? sys_imageblit+0x117f/0x1290 [ 286.563038][ T9515] sys_imageblit+0x117f/0x1290 [ 286.563038][ T9515] drm_fb_helper_sys_imageblit+0x1c/0x180 [ 286.563038][ T9515] bit_putcs+0x6e1/0xd20 [ 286.563038][ T9515] ? bit_cursor+0x1720/0x1720 [ 286.563038][ T9515] ? wait_for_completion+0x260/0x260 [ 286.563038][ T9515] ? fb_get_color_depth+0x71/0x240 [ 286.563038][ T9515] ? fb_get_color_depth+0x11a/0x240 [ 286.563038][ T9515] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 286.563038][ T9515] ? bit_cursor+0x1720/0x1720 [ 286.563038][ T9515] fbcon_putcs+0x35a/0x450 [ 286.563038][ T9515] do_update_region+0x399/0x630 [ 286.563038][ T9515] ? con_get_trans_old+0x2a0/0x2a0 [ 286.563038][ T9515] ? fb_get_color_depth+0x11a/0x240 [ 286.563038][ T9515] ? fbcon_set_palette+0x422/0x620 [ 286.563038][ T9515] ? var_to_display+0x7f0/0x7f0 [ 286.563038][ T9515] redraw_screen+0x658/0x790 [ 286.563038][ T9515] ? vc_init+0x5a0/0x5a0 [ 286.563038][ T9515] fbcon_do_set_font+0x718/0x880 [ 286.563038][ T9515] fbcon_set_font+0x7c9/0x9b0 [ 286.563038][ T9515] ? fbcon_get_font+0x7d0/0x7d0 [ 286.563038][ T9515] con_font_op+0xd26/0x1140 [ 286.563038][ T9515] ? con_write+0xb0/0xb0 [ 286.563038][ T9515] ? apparmor_capable+0x1d8/0x460 [ 286.563038][ T9515] ? bpf_lsm_capable+0x5/0x10 [ 286.563038][ T9515] ? security_capable+0x8f/0xc0 [ 286.563038][ T9515] vt_ioctl+0x1ce7/0x2e90 [ 286.563038][ T9515] ? vt_waitactive+0x350/0x350 [ 286.563038][ T9515] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 286.563038][ T9515] ? lock_is_held_type+0xbb/0xf0 [ 286.563038][ T9515] ? apparmor_capable+0x1d8/0x460 [ 286.563038][ T9515] ? bpf_lsm_capable+0x5/0x10 [ 286.563038][ T9515] ? security_capable+0x8f/0xc0 [ 286.563038][ T9515] vt_compat_ioctl+0x168/0x6f0 [ 286.563038][ T9515] ? vc_SAK+0x340/0x340 [ 286.563038][ T9515] ? __fget_files+0x294/0x400 [ 286.563038][ T9515] ? vc_SAK+0x340/0x340 [ 286.563038][ T9515] tty_compat_ioctl+0x19c/0x410 [ 286.563038][ T9515] ? tty_ioctl+0x15f0/0x15f0 [ 286.563038][ T9515] __do_compat_sys_ioctl+0x1d3/0x230 [ 286.563038][ T9515] __do_fast_syscall_32+0x60/0x90 [ 286.563038][ T9515] do_fast_syscall_32+0x2f/0x70 [ 286.563038][ T9515] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 286.563038][ T9515] RIP: 0023:0xf7f0e549 [ 286.563038][ T9515] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 286.563038][ T9515] RSP: 002b:00000000f55080bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 286.563038][ T9515] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004b61 [ 286.563038][ T9515] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 286.563038][ T9515] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 286.563038][ T9515] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 286.563038][ T9515] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 286.563038][ T9515] [ 286.563038][ T9515] [ 286.563038][ T9515] Memory state around the buggy address: [ 286.563038][ T9515] ffffc90009760f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 286.563038][ T9515] ffffc90009760f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 286.563038][ T9515] >ffffc90009761000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 286.563038][ T9515] ^ [ 286.563038][ T9515] ffffc90009761080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 286.563038][ T9515] ffffc90009761100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 286.563038][ T9515] ================================================================== [ 286.563038][ T9515] Disabling lock debugging due to kernel taint [ 286.597399][ T9515] Kernel panic - not syncing: panic_on_warn set ... [ 286.597427][ T9515] CPU: 2 PID: 9515 Comm: syz-executor.0 Tainted: G B 5.9.0-syzkaller #0 [ 286.597431][ T9515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 286.597448][ T9515] Call Trace: [ 286.597589][ T9515] dump_stack+0x198/0x1fd [ 286.597598][ T9515] ? sys_imageblit+0x1170/0x1290 [ 286.597648][ T9515] panic+0x382/0x7fb [ 286.597656][ T9515] ? __warn_printk+0xf3/0xf3 [ 286.597666][ T9515] ? preempt_schedule_common+0x59/0xc0 [ 286.597672][ T9515] ? sys_imageblit+0x117f/0x1290 [ 286.597681][ T9515] ? preempt_schedule_thunk+0x16/0x18 [ 286.597689][ T9515] ? trace_hardirqs_on+0x55/0x220 [ 286.597696][ T9515] ? sys_imageblit+0x117f/0x1290 [ 286.597702][ T9515] ? sys_imageblit+0x117f/0x1290 [ 286.597709][ T9515] end_report+0x4d/0x53 [ 286.597716][ T9515] kasan_report.cold+0xd/0x37 [ 286.597723][ T9515] ? sys_imageblit+0x117f/0x1290 [ 286.597729][ T9515] sys_imageblit+0x117f/0x1290 [ 286.597742][ T9515] drm_fb_helper_sys_imageblit+0x1c/0x180 [ 286.597750][ T9515] bit_putcs+0x6e1/0xd20 [ 286.597761][ T9515] ? bit_cursor+0x1720/0x1720 [ 286.597768][ T9515] ? wait_for_completion+0x260/0x260 [ 286.597775][ T9515] ? fb_get_color_depth+0x71/0x240 [ 286.597782][ T9515] ? fb_get_color_depth+0x11a/0x240 [ 286.597789][ T9515] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 286.597797][ T9515] ? bit_cursor+0x1720/0x1720 [ 286.597804][ T9515] fbcon_putcs+0x35a/0x450 [ 286.597812][ T9515] do_update_region+0x399/0x630 [ 286.597820][ T9515] ? con_get_trans_old+0x2a0/0x2a0 [ 286.597826][ T9515] ? fb_get_color_depth+0x11a/0x240 [ 286.597834][ T9515] ? fbcon_set_palette+0x422/0x620 [ 286.597841][ T9515] ? var_to_display+0x7f0/0x7f0 [ 286.597848][ T9515] redraw_screen+0x658/0x790 [ 286.597855][ T9515] ? vc_init+0x5a0/0x5a0 [ 286.597864][ T9515] fbcon_do_set_font+0x718/0x880 [ 286.597872][ T9515] fbcon_set_font+0x7c9/0x9b0 [ 286.597880][ T9515] ? fbcon_get_font+0x7d0/0x7d0 [ 286.597888][ T9515] con_font_op+0xd26/0x1140 [ 286.597894][ T9515] ? con_write+0xb0/0xb0 [ 286.597903][ T9515] ? apparmor_capable+0x1d8/0x460 [ 286.597911][ T9515] ? bpf_lsm_capable+0x5/0x10 [ 286.597963][ T9515] ? security_capable+0x8f/0xc0 [ 286.597973][ T9515] vt_ioctl+0x1ce7/0x2e90 [ 286.597985][ T9515] ? vt_waitactive+0x350/0x350 [ 286.597994][ T9515] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 286.598003][ T9515] ? lock_is_held_type+0xbb/0xf0 [ 286.598012][ T9515] ? apparmor_capable+0x1d8/0x460 [ 286.598018][ T9515] ? bpf_lsm_capable+0x5/0x10 [ 286.598024][ T9515] ? security_capable+0x8f/0xc0 [ 286.598032][ T9515] vt_compat_ioctl+0x168/0x6f0 [ 286.598039][ T9515] ? vc_SAK+0x340/0x340 [ 286.598048][ T9515] ? __fget_files+0x294/0x400 [ 286.598055][ T9515] ? vc_SAK+0x340/0x340 [ 286.598062][ T9515] tty_compat_ioctl+0x19c/0x410 [ 286.598068][ T9515] ? tty_ioctl+0x15f0/0x15f0 [ 286.598076][ T9515] __do_compat_sys_ioctl+0x1d3/0x230 [ 286.598084][ T9515] __do_fast_syscall_32+0x60/0x90 [ 286.598091][ T9515] do_fast_syscall_32+0x2f/0x70 [ 286.598100][ T9515] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 286.598105][ T9515] RIP: 0023:0xf7f0e549 [ 286.598134][ T9515] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 286.598138][ T9515] RSP: 002b:00000000f55080bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 286.598278][ T9515] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004b61 [ 286.598283][ T9515] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 286.598287][ T9515] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 286.598291][ T9515] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 286.598295][ T9515] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 286.602081][ T9515] Kernel Offset: disabled