Warning: Permanently added '[localhost]:15683' (ECDSA) to the list of known hosts. 2019/11/29 10:41:40 fuzzer started [ 77.971303][ T38] audit: type=1400 audit(1575024100.115:42): avc: denied { map } for pid=7794 comm="syz-fuzzer" path="/syz-fuzzer" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 2019/11/29 10:41:40 dialing manager at 10.0.2.10:46599 2019/11/29 10:41:40 syscalls: 2543 2019/11/29 10:41:40 code coverage: enabled 2019/11/29 10:41:40 comparison tracing: enabled 2019/11/29 10:41:40 extra coverage: extra coverage is not supported by the kernel 2019/11/29 10:41:40 setuid sandbox: enabled 2019/11/29 10:41:40 namespace sandbox: enabled 2019/11/29 10:41:40 Android sandbox: /sys/fs/selinux/policy does not exist 2019/11/29 10:41:40 fault injection: enabled 2019/11/29 10:41:40 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/11/29 10:41:40 net packet injection: enabled 2019/11/29 10:41:40 net device setup: enabled 2019/11/29 10:41:40 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2019/11/29 10:41:40 devlink PCI setup: PCI device 0000:00:10.0 is not available 10:41:56 executing program 0: [ 94.556330][ T38] audit: type=1400 audit(1575024116.695:43): avc: denied { map } for pid=7814 comm="syz-executor.0" path="/sys/kernel/debug/kcov" dev="debugfs" ino=2051 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 10:41:56 executing program 1: [ 94.730607][ T7815] IPVS: ftp: loaded support on port[0] = 21 [ 94.814159][ T7815] chnl_net:caif_netlink_parms(): no params data found [ 94.830921][ T7817] IPVS: ftp: loaded support on port[0] = 21 10:41:57 executing program 2: [ 94.849176][ T7815] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.857748][ T7815] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.868032][ T7815] device bridge_slave_0 entered promiscuous mode [ 94.880052][ T7815] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.888619][ T7815] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.897731][ T7815] device bridge_slave_1 entered promiscuous mode [ 94.926498][ T7815] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 94.939011][ T7815] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 94.965775][ T7820] IPVS: ftp: loaded support on port[0] = 21 [ 94.965885][ T7815] team0: Port device team_slave_0 added [ 94.983836][ T7815] team0: Port device team_slave_1 added 10:41:57 executing program 3: 10:41:57 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = memfd_create(&(0x7f0000000240)='.^\x00', 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r3) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000001580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, 0x0, "3fe867eb55c74596693ea1135435555840fca0a9035ad5035b9ab8f043cd0e9b0575dd0cbe8256a7af4316ace1660d8ae33ed8f252d632f2203a231e1fdb1ce5", "9cc59c4fc6f1c318e852177c97623c938ac6652b28140caee899192ff95a8250d54108a13b05809ec8b71effbd44b6c094e86a88a5670db790b24cbfae973f4a", "5e2bc2e15e3271b96a70c5c54a3871be4e894d7a519219757597002905fb72c3"}) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "1c69ab0d058b1b678397214eec9ff0d0cc8773ebb2cfd89b0252317a845d3df759d280ad530ff887d31ed8f9bf42b889fadb99a5defc79bd6b2023939c49224f", "e9af2deca424f1d69c3cef2acc10d15cae4da1bf9b1c974dd2de2185a2ae81bbcb58ebaa0b202596b0b84f59798e42bca13b7dd7218fcb5e75d1d7299ff17955", "804c0e6791e9da90dce632e1e4efa40c25402952a8dd77a5bf0805cfc3425350"}) [ 95.143032][ T7815] device hsr_slave_0 entered promiscuous mode [ 95.191916][ T7815] device hsr_slave_1 entered promiscuous mode 10:41:57 executing program 5: perf_event_open(&(0x7f0000000200)={0x5, 0x70, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000440)}, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) creat(&(0x7f0000000300)='./file0\x00', 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000340)='devpts\x00', 0x0, &(0x7f00000001c0)='/selinux/policy\x00') r0 = gettid() tkill(r0, 0x3c) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) ioctl$EVIOCGMTSLOTS(0xffffffffffffffff, 0x8040450a, &(0x7f00000017c0)=""/165) socket$inet6(0xa, 0x1000000000002, 0x0) r1 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000180), 0x80000) fstat(r1, &(0x7f0000000740)) ioctl$TUNSETNOCSUM(0xffffffffffffffff, 0x400454c8, 0x0) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x400000000081}, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r3, &(0x7f0000008880), 0x4000000000000be, 0x0, 0x0) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$setsig(0xffffffffffffffff, 0xa, 0x2e) bind$inet6(r6, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) sendto$inet6(r6, &(0x7f0000000380)="13ba0e6d24ef4d953069273a07078fec25a554c13414ec361e56b277cd523df88978fc44bdce393183cf732f102df6c17586442a07d7b7869efdb51a8ee85d63af031c7f636a3438b5ee0eb8f8025cc5ef2813d8a23ae1ba27e252345d6b1dd1c608781d58dcd9cddb02", 0x6a, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0xffffffff}, 0x1c) [ 95.298882][ T7823] IPVS: ftp: loaded support on port[0] = 21 [ 95.324656][ T7825] IPVS: ftp: loaded support on port[0] = 21 [ 95.362919][ T38] audit: type=1400 audit(1575024117.505:44): avc: denied { create } for pid=7815 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 95.398206][ T38] audit: type=1400 audit(1575024117.505:45): avc: denied { write } for pid=7815 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 95.425055][ T38] audit: type=1400 audit(1575024117.505:46): avc: denied { read } for pid=7815 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 95.454830][ T7815] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 95.554461][ T7815] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 95.643828][ T7815] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 95.742606][ T7815] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 95.824526][ T7817] chnl_net:caif_netlink_parms(): no params data found [ 95.865632][ T7815] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.866485][ T7828] IPVS: ftp: loaded support on port[0] = 21 [ 95.873005][ T7815] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.886632][ T7815] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.893860][ T7815] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.908374][ T7820] chnl_net:caif_netlink_parms(): no params data found [ 95.947968][ T553] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.957038][ T553] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.981956][ T7817] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.988962][ T7817] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.996953][ T7817] device bridge_slave_0 entered promiscuous mode [ 96.005698][ T7817] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.013024][ T7817] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.020942][ T7817] device bridge_slave_1 entered promiscuous mode [ 96.045537][ T7823] chnl_net:caif_netlink_parms(): no params data found [ 96.067967][ T7817] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.082130][ T7817] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.113690][ T7820] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.121109][ T7820] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.128869][ T7820] device bridge_slave_0 entered promiscuous mode [ 96.136935][ T7820] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.144379][ T7820] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.152306][ T7820] device bridge_slave_1 entered promiscuous mode [ 96.172287][ T7817] team0: Port device team_slave_0 added [ 96.179449][ T7817] team0: Port device team_slave_1 added [ 96.202599][ T7823] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.209486][ T7823] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.217354][ T7823] device bridge_slave_0 entered promiscuous mode [ 96.234021][ T7820] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.246551][ T7820] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.261753][ T7823] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.270379][ T7823] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.279424][ T7823] device bridge_slave_1 entered promiscuous mode [ 96.342731][ T7817] device hsr_slave_0 entered promiscuous mode [ 96.381108][ T7817] device hsr_slave_1 entered promiscuous mode [ 96.420992][ T7817] debugfs: Directory 'hsr0' with parent '/' already present! [ 96.455132][ T7823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.470011][ T7823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.488125][ T7825] chnl_net:caif_netlink_parms(): no params data found [ 96.498671][ T7820] team0: Port device team_slave_0 added [ 96.524871][ T7823] team0: Port device team_slave_0 added [ 96.532114][ T7820] team0: Port device team_slave_1 added [ 96.539059][ T7823] team0: Port device team_slave_1 added [ 96.628806][ T7817] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 96.772822][ T7820] device hsr_slave_0 entered promiscuous mode [ 96.841173][ T7820] device hsr_slave_1 entered promiscuous mode [ 96.921001][ T7820] debugfs: Directory 'hsr0' with parent '/' already present! [ 96.972725][ T7823] device hsr_slave_0 entered promiscuous mode [ 97.041062][ T7823] device hsr_slave_1 entered promiscuous mode [ 97.100906][ T7823] debugfs: Directory 'hsr0' with parent '/' already present! [ 97.108531][ T7825] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.115929][ T7825] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.124414][ T7825] device bridge_slave_0 entered promiscuous mode [ 97.131635][ T7817] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 97.194756][ T7817] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 97.273412][ T7817] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 97.355335][ T7825] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.365125][ T7825] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.372737][ T7825] device bridge_slave_1 entered promiscuous mode [ 97.387205][ T7828] chnl_net:caif_netlink_parms(): no params data found [ 97.402834][ T7815] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.420566][ T7825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.432012][ T7825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.479147][ T7825] team0: Port device team_slave_0 added [ 97.488395][ T7825] team0: Port device team_slave_1 added [ 97.497044][ T7820] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 97.582636][ T7828] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.589523][ T7828] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.597405][ T7828] device bridge_slave_0 entered promiscuous mode [ 97.605252][ T7828] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.612492][ T7828] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.620182][ T7828] device bridge_slave_1 entered promiscuous mode [ 97.638910][ T7815] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.646560][ T7820] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 97.728357][ T7820] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 97.803082][ T7820] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 97.884306][ T7823] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 97.944271][ T2781] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 97.952453][ T2781] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 97.969954][ T7828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.981403][ T7823] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 98.042336][ T7823] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 98.083759][ T7828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 98.106524][ T7828] team0: Port device team_slave_0 added [ 98.116485][ T7823] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 98.232717][ T7825] device hsr_slave_0 entered promiscuous mode [ 98.321169][ T7825] device hsr_slave_1 entered promiscuous mode [ 98.391064][ T7825] debugfs: Directory 'hsr0' with parent '/' already present! [ 98.403296][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 98.411988][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 98.420049][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.427254][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.435660][ T7828] team0: Port device team_slave_1 added [ 98.473458][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 98.482040][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 98.489986][ T7831] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.497078][ T7831] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.563061][ T7828] device hsr_slave_0 entered promiscuous mode [ 98.611095][ T7828] device hsr_slave_1 entered promiscuous mode [ 98.661008][ T7828] debugfs: Directory 'hsr0' with parent '/' already present! [ 98.679682][ T7817] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.688626][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 98.709102][ T7815] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 98.720413][ T7815] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 98.744101][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 98.752791][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 98.761759][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 98.770318][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 98.779597][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 98.790340][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 98.799265][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 98.808146][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 98.816884][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 98.825404][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 98.833093][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 98.853935][ T7825] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 98.946741][ T7817] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.953782][ T2781] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 98.961557][ T2781] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 98.972413][ T7825] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 99.027260][ T7825] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 99.099468][ T7828] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 99.182352][ T7825] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 99.223483][ T7832] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 99.232320][ T7832] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 99.241485][ T7832] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.248602][ T7832] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.270422][ T7820] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.278053][ T7828] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 99.354153][ T7828] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 99.434318][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 99.442648][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 99.451605][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 99.460039][ T24] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.467362][ T24] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.475767][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 99.484498][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 99.492991][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 99.501578][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 99.510224][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 99.520870][ T7828] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 99.594464][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 99.603194][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 99.617001][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 99.625786][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 99.634168][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 99.641956][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 99.649329][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 99.658541][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 99.677405][ T7817] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 99.692084][ T744] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 99.699810][ T744] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 99.713765][ T7815] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.724710][ T7820] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.745111][ T38] audit: type=1400 audit(1575024121.885:47): avc: denied { associate } for pid=7815 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 99.746002][ T4299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 99.777872][ T4299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 99.786544][ T4299] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.793754][ T4299] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.819021][ T7837] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 99.826901][ T7837] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 99.835518][ T7837] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 99.844269][ T7837] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.851664][ T7837] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.860024][ T7837] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 99.868484][ T7837] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 99.877243][ T7837] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 99.886210][ T7837] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 99.894722][ T7837] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 99.902761][ T7837] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 99.915510][ T7817] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.933555][ T7823] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.946760][ T4299] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 99.955353][ T4299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 99.963946][ T4299] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 99.972696][ T4299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready 10:42:02 executing program 0: [ 99.981658][ T4299] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 99.989930][ T4299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready 10:42:02 executing program 0: [ 99.998905][ T4299] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 100.007803][ T4299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready 10:42:02 executing program 0: [ 100.015594][ T4299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 100.041698][ T7823] 8021q: adding VLAN 0 to HW filter on device team0 10:42:02 executing program 0: migrate_pages(0x0, 0x2, &(0x7f0000000000)=0xdd, &(0x7f0000000040)=0x10001) [ 100.053184][ T7820] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 100.063410][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 100.072641][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 100.083582][ T24] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.090930][ T24] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.101854][ T7828] 8021q: adding VLAN 0 to HW filter on device bond0 10:42:02 executing program 0: migrate_pages(0x0, 0x2, &(0x7f0000000000)=0xdd, &(0x7f0000000040)=0x10001) 10:42:02 executing program 1: socket$nl_route(0x10, 0x3, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000000)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x288}], 0x1000014, 0x0) r3 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r3) r4 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r5 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x90) write(r4, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a", 0x1f8) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) rt_sigaction(0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000500)={0x3, &(0x7f00000004c0)=[{0x0, 0x0, 0x7, 0x4}, {0x0, 0x0, 0x81, 0x8}, {0x1, 0x40, 0x0, 0x40}]}, 0x8) ioctl$sock_FIOSETOWN(0xffffffffffffffff, 0x8901, 0x0) ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, &(0x7f0000000300)={'ip_vti0\x00', {0x2, 0x4e20, @remote}}) ioctl$sock_inet_tcp_SIOCATMARK(r3, 0x8905, 0x0) accept4(0xffffffffffffffff, &(0x7f00000003c0)=@nfc, &(0x7f00000002c0)=0x80, 0x0) listen(0xffffffffffffffff, 0x0) sendfile(r4, r5, 0x0, 0x7fffffa7) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0xffffffffffffff94, &(0x7f0000000380)={0x0}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000000000a2a30005000000", @ANYRES32=r6, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)) [ 100.139243][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 100.148264][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 100.158286][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 100.167966][ T37] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.171073][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 100.175419][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.181627][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 100.192687][ T7825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 100.214649][ T38] audit: type=1800 audit(1575024122.355:48): pid=7859 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16566 res=0 [ 100.231762][ T7823] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network 10:42:02 executing program 0: migrate_pages(0x0, 0x2, &(0x7f0000000000)=0xdd, &(0x7f0000000040)=0x10001) [ 100.250227][ T7823] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 100.257663][ T38] audit: type=1804 audit(1575024122.375:49): pid=7859 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/syzkaller-testdir061029221/syzkaller.66Vm7f/1/file0/file0" dev="sda1" ino=16566 res=1 [ 100.298893][ T553] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 100.306987][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 100.307016][ C1] protocol 88fb is buggy, dev hsr_slave_1 10:42:02 executing program 0: migrate_pages(0x0, 0x2, &(0x7f0000000000)=0xdd, &(0x7f0000000040)=0x10001) [ 100.323093][ T553] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 100.333912][ T38] audit: type=1400 audit(1575024122.375:50): avc: denied { open } for pid=7852 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=perf_event permissive=1 [ 100.335201][ T553] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 100.360216][ T38] audit: type=1400 audit(1575024122.375:51): avc: denied { kernel } for pid=7852 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=perf_event permissive=1 [ 100.371053][ T553] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 100.400609][ T553] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 100.410211][ T553] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 100.419333][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 100.419375][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 100.432981][ T553] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 100.442260][ T553] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 100.451301][ T553] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 100.460536][ T553] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 100.471826][ T553] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 100.480030][ T553] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 100.488694][ T553] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 100.497713][ T553] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 100.521149][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 100.530128][ T7832] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 100.539099][ T7832] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 100.550976][ T7832] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 100.558506][ T7832] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 100.560976][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 100.570238][ T7828] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.572585][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 100.591577][ T7825] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.603079][ T7820] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.612825][ T2781] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 100.622325][ T2781] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 100.636588][ T7823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.648592][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 100.657519][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 100.665913][ T7831] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.673029][ T7831] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.680572][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 100.689276][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 100.697979][ T7831] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.705150][ T7831] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.713055][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 100.721041][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 100.734877][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 100.743943][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 100.752829][ T37] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.759839][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.796789][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready 10:42:02 executing program 2: 10:42:02 executing program 3: [ 100.813617][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 100.825073][ T7831] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.832190][ T7831] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.840095][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 100.849252][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 100.858138][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 100.867026][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 100.875808][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 100.884568][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 100.893521][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 100.902482][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 100.910499][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 100.924375][ T7825] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 100.936358][ T7825] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 100.945978][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 100.954028][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 100.962515][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 100.970307][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 100.986641][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 100.995419][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 101.004381][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 101.013492][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 101.022322][ T7831] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 101.038079][ T553] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 101.047117][ T553] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 101.056126][ T553] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 101.064904][ T553] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 101.076581][ T7825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.090307][ T7828] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 101.102726][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 101.111323][ T553] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 101.119853][ T553] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 101.136979][ T7832] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 101.144870][ T7832] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 101.156569][ T7828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.284289][ T7896] devpts: called with bogus options 10:42:03 executing program 3: 10:42:03 executing program 1: socket$nl_route(0x10, 0x3, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000000)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x288}], 0x1000014, 0x0) r3 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r3) r4 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r5 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x90) write(r4, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a", 0x1f8) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) rt_sigaction(0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000500)={0x3, &(0x7f00000004c0)=[{0x0, 0x0, 0x7, 0x4}, {0x0, 0x0, 0x81, 0x8}, {0x1, 0x40, 0x0, 0x40}]}, 0x8) ioctl$sock_FIOSETOWN(0xffffffffffffffff, 0x8901, 0x0) ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, &(0x7f0000000300)={'ip_vti0\x00', {0x2, 0x4e20, @remote}}) ioctl$sock_inet_tcp_SIOCATMARK(r3, 0x8905, 0x0) accept4(0xffffffffffffffff, &(0x7f00000003c0)=@nfc, &(0x7f00000002c0)=0x80, 0x0) listen(0xffffffffffffffff, 0x0) sendfile(r4, r5, 0x0, 0x7fffffa7) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0xffffffffffffff94, &(0x7f0000000380)={0x0}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000000000a2a30005000000", @ANYRES32=r6, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)) 10:42:03 executing program 5: perf_event_open(&(0x7f0000000200)={0x5, 0x70, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000440)}, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) creat(&(0x7f0000000300)='./file0\x00', 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000340)='devpts\x00', 0x0, &(0x7f00000001c0)='/selinux/policy\x00') r0 = gettid() tkill(r0, 0x3c) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) ioctl$EVIOCGMTSLOTS(0xffffffffffffffff, 0x8040450a, &(0x7f00000017c0)=""/165) socket$inet6(0xa, 0x1000000000002, 0x0) r1 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000180), 0x80000) fstat(r1, &(0x7f0000000740)) ioctl$TUNSETNOCSUM(0xffffffffffffffff, 0x400454c8, 0x0) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x400000000081}, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r3, &(0x7f0000008880), 0x4000000000000be, 0x0, 0x0) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$setsig(0xffffffffffffffff, 0xa, 0x2e) bind$inet6(r6, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) sendto$inet6(r6, &(0x7f0000000380)="13ba0e6d24ef4d953069273a07078fec25a554c13414ec361e56b277cd523df88978fc44bdce393183cf732f102df6c17586442a07d7b7869efdb51a8ee85d63af031c7f636a3438b5ee0eb8f8025cc5ef2813d8a23ae1ba27e252345d6b1dd1c608781d58dcd9cddb02", 0x6a, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0xffffffff}, 0x1c) 10:42:03 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = memfd_create(&(0x7f0000000240)='.^\x00', 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r3) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000001580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, 0x0, "3fe867eb55c74596693ea1135435555840fca0a9035ad5035b9ab8f043cd0e9b0575dd0cbe8256a7af4316ace1660d8ae33ed8f252d632f2203a231e1fdb1ce5", "9cc59c4fc6f1c318e852177c97623c938ac6652b28140caee899192ff95a8250d54108a13b05809ec8b71effbd44b6c094e86a88a5670db790b24cbfae973f4a", "5e2bc2e15e3271b96a70c5c54a3871be4e894d7a519219757597002905fb72c3"}) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "1c69ab0d058b1b678397214eec9ff0d0cc8773ebb2cfd89b0252317a845d3df759d280ad530ff887d31ed8f9bf42b889fadb99a5defc79bd6b2023939c49224f", "e9af2deca424f1d69c3cef2acc10d15cae4da1bf9b1c974dd2de2185a2ae81bbcb58ebaa0b202596b0b84f59798e42bca13b7dd7218fcb5e75d1d7299ff17955", "804c0e6791e9da90dce632e1e4efa40c25402952a8dd77a5bf0805cfc3425350"}) 10:42:03 executing program 0: migrate_pages(0x0, 0x0, &(0x7f0000000000)=0xdd, &(0x7f0000000040)=0x10001) 10:42:03 executing program 2: [ 101.477159][ T7909] devpts: called with bogus options 10:42:03 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = memfd_create(&(0x7f0000000240)='.^\x00', 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r3) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000001580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, 0x0, "3fe867eb55c74596693ea1135435555840fca0a9035ad5035b9ab8f043cd0e9b0575dd0cbe8256a7af4316ace1660d8ae33ed8f252d632f2203a231e1fdb1ce5", "9cc59c4fc6f1c318e852177c97623c938ac6652b28140caee899192ff95a8250d54108a13b05809ec8b71effbd44b6c094e86a88a5670db790b24cbfae973f4a", "5e2bc2e15e3271b96a70c5c54a3871be4e894d7a519219757597002905fb72c3"}) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "1c69ab0d058b1b678397214eec9ff0d0cc8773ebb2cfd89b0252317a845d3df759d280ad530ff887d31ed8f9bf42b889fadb99a5defc79bd6b2023939c49224f", "e9af2deca424f1d69c3cef2acc10d15cae4da1bf9b1c974dd2de2185a2ae81bbcb58ebaa0b202596b0b84f59798e42bca13b7dd7218fcb5e75d1d7299ff17955", "804c0e6791e9da90dce632e1e4efa40c25402952a8dd77a5bf0805cfc3425350"}) 10:42:03 executing program 5: perf_event_open(&(0x7f0000000200)={0x5, 0x70, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000440)}, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) creat(&(0x7f0000000300)='./file0\x00', 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000340)='devpts\x00', 0x0, &(0x7f00000001c0)='/selinux/policy\x00') r0 = gettid() tkill(r0, 0x3c) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) ioctl$EVIOCGMTSLOTS(0xffffffffffffffff, 0x8040450a, &(0x7f00000017c0)=""/165) socket$inet6(0xa, 0x1000000000002, 0x0) r1 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000180), 0x80000) fstat(r1, &(0x7f0000000740)) ioctl$TUNSETNOCSUM(0xffffffffffffffff, 0x400454c8, 0x0) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x400000000081}, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r3, &(0x7f0000008880), 0x4000000000000be, 0x0, 0x0) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$setsig(0xffffffffffffffff, 0xa, 0x2e) bind$inet6(r6, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) sendto$inet6(r6, &(0x7f0000000380)="13ba0e6d24ef4d953069273a07078fec25a554c13414ec361e56b277cd523df88978fc44bdce393183cf732f102df6c17586442a07d7b7869efdb51a8ee85d63af031c7f636a3438b5ee0eb8f8025cc5ef2813d8a23ae1ba27e252345d6b1dd1c608781d58dcd9cddb02", 0x6a, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0xffffffff}, 0x1c) 10:42:03 executing program 0: migrate_pages(0x0, 0x0, &(0x7f0000000000)=0xdd, &(0x7f0000000040)=0x10001) 10:42:03 executing program 2: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = memfd_create(&(0x7f0000000240)='.^\x00', 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r3) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000001580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, 0x0, "3fe867eb55c74596693ea1135435555840fca0a9035ad5035b9ab8f043cd0e9b0575dd0cbe8256a7af4316ace1660d8ae33ed8f252d632f2203a231e1fdb1ce5", "9cc59c4fc6f1c318e852177c97623c938ac6652b28140caee899192ff95a8250d54108a13b05809ec8b71effbd44b6c094e86a88a5670db790b24cbfae973f4a", "5e2bc2e15e3271b96a70c5c54a3871be4e894d7a519219757597002905fb72c3"}) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "1c69ab0d058b1b678397214eec9ff0d0cc8773ebb2cfd89b0252317a845d3df759d280ad530ff887d31ed8f9bf42b889fadb99a5defc79bd6b2023939c49224f", "e9af2deca424f1d69c3cef2acc10d15cae4da1bf9b1c974dd2de2185a2ae81bbcb58ebaa0b202596b0b84f59798e42bca13b7dd7218fcb5e75d1d7299ff17955", "804c0e6791e9da90dce632e1e4efa40c25402952a8dd77a5bf0805cfc3425350"}) [ 101.520465][ T38] audit: type=1800 audit(1575024123.655:52): pid=7912 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16571 res=0 [ 101.545195][ T38] audit: type=1804 audit(1575024123.685:53): pid=7912 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/syzkaller-testdir061029221/syzkaller.66Vm7f/2/file0" dev="sda1" ino=16571 res=1 [ 101.580976][ C1] protocol 88fb is buggy, dev hsr_slave_0 10:42:03 executing program 0: migrate_pages(0x0, 0x0, &(0x7f0000000000)=0xdd, &(0x7f0000000040)=0x10001) [ 101.630304][ T7929] devpts: called with bogus options 10:42:03 executing program 5: perf_event_open(&(0x7f0000000200)={0x5, 0x70, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000440)}, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) creat(&(0x7f0000000300)='./file0\x00', 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000340)='devpts\x00', 0x0, &(0x7f00000001c0)='/selinux/policy\x00') r0 = gettid() tkill(r0, 0x3c) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) ioctl$EVIOCGMTSLOTS(0xffffffffffffffff, 0x8040450a, &(0x7f00000017c0)=""/165) socket$inet6(0xa, 0x1000000000002, 0x0) r1 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000180), 0x80000) fstat(r1, &(0x7f0000000740)) ioctl$TUNSETNOCSUM(0xffffffffffffffff, 0x400454c8, 0x0) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x400000000081}, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r3, &(0x7f0000008880), 0x4000000000000be, 0x0, 0x0) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$setsig(0xffffffffffffffff, 0xa, 0x2e) bind$inet6(r6, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) sendto$inet6(r6, &(0x7f0000000380)="13ba0e6d24ef4d953069273a07078fec25a554c13414ec361e56b277cd523df88978fc44bdce393183cf732f102df6c17586442a07d7b7869efdb51a8ee85d63af031c7f636a3438b5ee0eb8f8025cc5ef2813d8a23ae1ba27e252345d6b1dd1c608781d58dcd9cddb02", 0x6a, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0xffffffff}, 0x1c) [ 101.749181][ T7944] devpts: called with bogus options 10:42:04 executing program 1: socket$nl_route(0x10, 0x3, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000000)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x288}], 0x1000014, 0x0) r3 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r3) r4 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r5 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x90) write(r4, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a", 0x1f8) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) rt_sigaction(0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000500)={0x3, &(0x7f00000004c0)=[{0x0, 0x0, 0x7, 0x4}, {0x0, 0x0, 0x81, 0x8}, {0x1, 0x40, 0x0, 0x40}]}, 0x8) ioctl$sock_FIOSETOWN(0xffffffffffffffff, 0x8901, 0x0) ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, &(0x7f0000000300)={'ip_vti0\x00', {0x2, 0x4e20, @remote}}) ioctl$sock_inet_tcp_SIOCATMARK(r3, 0x8905, 0x0) accept4(0xffffffffffffffff, &(0x7f00000003c0)=@nfc, &(0x7f00000002c0)=0x80, 0x0) listen(0xffffffffffffffff, 0x0) sendfile(r4, r5, 0x0, 0x7fffffa7) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0xffffffffffffff94, &(0x7f0000000380)={0x0}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000000000a2a30005000000", @ANYRES32=r6, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)) 10:42:04 executing program 0: migrate_pages(0x0, 0x2, 0x0, &(0x7f0000000040)=0x10001) 10:42:04 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = memfd_create(&(0x7f0000000240)='.^\x00', 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r3) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000001580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, 0x0, "3fe867eb55c74596693ea1135435555840fca0a9035ad5035b9ab8f043cd0e9b0575dd0cbe8256a7af4316ace1660d8ae33ed8f252d632f2203a231e1fdb1ce5", "9cc59c4fc6f1c318e852177c97623c938ac6652b28140caee899192ff95a8250d54108a13b05809ec8b71effbd44b6c094e86a88a5670db790b24cbfae973f4a", "5e2bc2e15e3271b96a70c5c54a3871be4e894d7a519219757597002905fb72c3"}) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "1c69ab0d058b1b678397214eec9ff0d0cc8773ebb2cfd89b0252317a845d3df759d280ad530ff887d31ed8f9bf42b889fadb99a5defc79bd6b2023939c49224f", "e9af2deca424f1d69c3cef2acc10d15cae4da1bf9b1c974dd2de2185a2ae81bbcb58ebaa0b202596b0b84f59798e42bca13b7dd7218fcb5e75d1d7299ff17955", "804c0e6791e9da90dce632e1e4efa40c25402952a8dd77a5bf0805cfc3425350"}) 10:42:04 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = memfd_create(&(0x7f0000000240)='.^\x00', 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r3) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000001580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, 0x0, "3fe867eb55c74596693ea1135435555840fca0a9035ad5035b9ab8f043cd0e9b0575dd0cbe8256a7af4316ace1660d8ae33ed8f252d632f2203a231e1fdb1ce5", "9cc59c4fc6f1c318e852177c97623c938ac6652b28140caee899192ff95a8250d54108a13b05809ec8b71effbd44b6c094e86a88a5670db790b24cbfae973f4a", "5e2bc2e15e3271b96a70c5c54a3871be4e894d7a519219757597002905fb72c3"}) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "1c69ab0d058b1b678397214eec9ff0d0cc8773ebb2cfd89b0252317a845d3df759d280ad530ff887d31ed8f9bf42b889fadb99a5defc79bd6b2023939c49224f", "e9af2deca424f1d69c3cef2acc10d15cae4da1bf9b1c974dd2de2185a2ae81bbcb58ebaa0b202596b0b84f59798e42bca13b7dd7218fcb5e75d1d7299ff17955", "804c0e6791e9da90dce632e1e4efa40c25402952a8dd77a5bf0805cfc3425350"}) 10:42:04 executing program 5: perf_event_open(&(0x7f0000000200)={0x5, 0x70, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000440)}, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) creat(&(0x7f0000000300)='./file0\x00', 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000340)='devpts\x00', 0x0, &(0x7f00000001c0)='/selinux/policy\x00') r0 = gettid() tkill(r0, 0x3c) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) ioctl$EVIOCGMTSLOTS(0xffffffffffffffff, 0x8040450a, &(0x7f00000017c0)=""/165) socket$inet6(0xa, 0x1000000000002, 0x0) r1 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000180), 0x80000) fstat(r1, &(0x7f0000000740)) ioctl$TUNSETNOCSUM(0xffffffffffffffff, 0x400454c8, 0x0) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x400000000081}, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r3, &(0x7f0000008880), 0x4000000000000be, 0x0, 0x0) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$setsig(0xffffffffffffffff, 0xa, 0x2e) bind$inet6(r6, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) 10:42:04 executing program 2: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = memfd_create(&(0x7f0000000240)='.^\x00', 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r3) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000001580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, 0x0, "3fe867eb55c74596693ea1135435555840fca0a9035ad5035b9ab8f043cd0e9b0575dd0cbe8256a7af4316ace1660d8ae33ed8f252d632f2203a231e1fdb1ce5", "9cc59c4fc6f1c318e852177c97623c938ac6652b28140caee899192ff95a8250d54108a13b05809ec8b71effbd44b6c094e86a88a5670db790b24cbfae973f4a", "5e2bc2e15e3271b96a70c5c54a3871be4e894d7a519219757597002905fb72c3"}) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "1c69ab0d058b1b678397214eec9ff0d0cc8773ebb2cfd89b0252317a845d3df759d280ad530ff887d31ed8f9bf42b889fadb99a5defc79bd6b2023939c49224f", "e9af2deca424f1d69c3cef2acc10d15cae4da1bf9b1c974dd2de2185a2ae81bbcb58ebaa0b202596b0b84f59798e42bca13b7dd7218fcb5e75d1d7299ff17955", "804c0e6791e9da90dce632e1e4efa40c25402952a8dd77a5bf0805cfc3425350"}) [ 101.977193][ T7959] devpts: called with bogus options 10:42:04 executing program 0: migrate_pages(0x0, 0x2, 0x0, &(0x7f0000000040)=0x10001) [ 102.128831][ C0] hrtimer: interrupt took 24328 ns [ 102.146429][ T38] audit: type=1800 audit(1575024124.285:54): pid=7973 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16598 res=0 [ 102.177783][ T38] audit: type=1804 audit(1575024124.315:55): pid=7973 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/syzkaller-testdir061029221/syzkaller.66Vm7f/3/file0" dev="sda1" ino=16598 res=1 [ 207.150797][ C0] rcu: INFO: rcu_preempt self-detected stall on CPU [ 207.150797][ C0] rcu: 0-....: (1 GPs behind) idle=742/1/0x4000000000000004 softirq=7710/7711 fqs=4771 [ 207.150797][ C0] (t=10502 jiffies g=5669 q=1287) [ 207.150797][ C0] NMI backtrace for cpu 0 [ 207.150797][ C0] CPU: 0 PID: 7972 Comm: syz-executor.5 Not tainted 5.4.0-syzkaller #0 [ 207.150797][ C0] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014 [ 207.150797][ C0] Call Trace: [ 207.150797][ C0] [ 207.150797][ C0] dump_stack+0x197/0x210 [ 207.150797][ C0] nmi_cpu_backtrace.cold+0x70/0xb2 [ 207.150797][ C0] ? lapic_can_unplug_cpu.cold+0x3a/0x3a [ 207.150797][ C0] nmi_trigger_cpumask_backtrace+0x23b/0x28b [ 207.150797][ C0] arch_trigger_cpumask_backtrace+0x14/0x20 [ 207.150797][ C0] rcu_dump_cpu_stacks+0x183/0x1cf [ 207.150797][ C0] ? find_next_bit+0x107/0x130 [ 207.150797][ C0] rcu_sched_clock_irq.cold+0x509/0xc02 [ 207.150797][ C0] ? raise_softirq+0x138/0x340 [ 207.150797][ C0] update_process_times+0x2d/0x70 [ 207.150797][ C0] tick_sched_handle+0xa2/0x190 [ 207.150797][ C0] tick_sched_timer+0x53/0x140 [ 207.150797][ C0] __hrtimer_run_queues+0x364/0xe40 [ 207.150797][ C0] ? tick_sched_do_timer+0x1b0/0x1b0 [ 207.150797][ C0] ? hrtimer_init+0x330/0x330 [ 207.150797][ C0] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 207.150797][ C0] ? ktime_get_update_offsets_now+0x2ce/0x430 [ 207.150797][ C0] hrtimer_interrupt+0x314/0x770 [ 207.150797][ C0] smp_apic_timer_interrupt+0x160/0x610 [ 207.150797][ C0] apic_timer_interrupt+0xf/0x20 [ 207.150797][ C0] RIP: 0010:__dev_queue_xmit+0xca/0x35c0 [ 207.150797][ C0] Code: f3 65 48 8b 04 25 28 00 00 00 48 89 45 c8 31 c0 e8 1b 15 a7 fb 4c 89 e8 48 c1 e8 03 80 3c 18 00 0f 85 f5 2f 00 00 49 8b 47 10 85 00 ff ff ff 00 c7 85 10 ff ff ff f4 ff ff ff 48 89 85 c8 fe [ 207.150797][ C0] RSP: 0018:ffff88802d6095d0 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 207.150797][ C0] RAX: ffff888023b84000 RBX: dffffc0000000000 RCX: ffffffff866f41b3 [ 207.150797][ C0] RDX: 0000000000000100 RSI: ffffffff85cdc905 RDI: ffff88802b720c00 [ 207.150797][ C0] RBP: ffff88802d609770 R08: ffff88801068c1c0 R09: fffffbfff15377b3 [ 207.150797][ C0] R10: ffff88802d609790 R11: ffffffff8a9bbd97 R12: ffff88802b720c00 [ 207.150797][ C0] R13: ffff88802b720c10 R14: ffff8880233720c0 R15: ffff88802b720c00 [ 207.150797][ C0] ? apic_timer_interrupt+0xa/0x20 [ 207.150797][ C0] ? ip6_finish_output2+0xba3/0x25c0 [ 207.150797][ C0] ? __dev_queue_xmit+0xb5/0x35c0 [ 207.150797][ C0] ? mark_held_locks+0xa4/0xf0 [ 207.150797][ C0] ? __local_bh_enable_ip+0x15a/0x270 [ 207.150797][ C0] ? _raw_write_unlock_bh+0x2c/0x30 [ 207.150797][ C0] ? __local_bh_enable_ip+0x15a/0x270 [ 207.150797][ C0] ? lockdep_hardirqs_on+0x19e/0x5e0 [ 207.150797][ C0] ? trace_hardirqs_on+0x67/0x240 [ 207.150797][ C0] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 207.150797][ C0] ? __local_bh_enable_ip+0x15a/0x270 [ 207.150797][ C0] ? _raw_write_unlock_bh+0x2c/0x30 [ 207.150797][ C0] ? ___neigh_create+0xdb4/0x2560 [ 207.150797][ C0] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 207.150797][ C0] ? debug_smp_processor_id+0x33/0x18a [ 207.150797][ C0] dev_queue_xmit+0x18/0x20 [ 207.150797][ C0] ? dev_queue_xmit+0x18/0x20 [ 207.150797][ C0] neigh_direct_output+0x16/0x20 [ 207.150797][ C0] ip6_finish_output2+0x109a/0x25c0 [ 207.150797][ C0] ? ip6_mtu+0x2e6/0x450 [ 207.150797][ C0] ? ip6_frag_next+0xb20/0xb20 [ 207.150797][ C0] ? lock_downgrade+0x920/0x920 [ 207.150797][ C0] ? rcu_read_lock_held+0x9c/0xb0 [ 207.150797][ C0] ? __kasan_check_read+0x11/0x20 [ 207.150797][ C0] __ip6_finish_output+0x444/0xaa0 [ 207.150797][ C0] ? __ip6_finish_output+0x444/0xaa0 [ 207.150797][ C0] ip6_finish_output+0x38/0x1f0 [ 207.150797][ C0] ip6_output+0x25e/0x880 [ 207.150797][ C0] ? ip6_finish_output+0x1f0/0x1f0 [ 207.150797][ C0] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 207.150797][ C0] ? __ip6_finish_output+0xaa0/0xaa0 [ 207.150797][ C0] ? rcu_read_lock_held_common+0x130/0x130 [ 207.150797][ C0] ndisc_send_skb+0xf1f/0x1490 [ 207.150797][ C0] ? nf_hook.constprop.0+0x560/0x560 [ 207.150797][ C0] ? memset+0x32/0x40 [ 207.150797][ C0] ndisc_send_rs+0x134/0x720 [ 207.150797][ C0] addrconf_rs_timer+0x30f/0x6e0 [ 207.150797][ C0] ? ipv6_get_lladdr+0x490/0x490 [ 207.150797][ C0] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 207.150797][ C0] call_timer_fn+0x1ac/0x780 [ 207.150797][ C0] ? ipv6_get_lladdr+0x490/0x490 [ 207.150797][ C0] ? msleep_interruptible+0x150/0x150 [ 207.150797][ C0] ? run_timer_softirq+0x6b1/0x1790 [ 207.150797][ C0] ? trace_hardirqs_on+0x67/0x240 [ 207.150797][ C0] ? ipv6_get_lladdr+0x490/0x490 [ 207.150797][ C0] ? ipv6_get_lladdr+0x490/0x490 [ 207.150797][ C0] run_timer_softirq+0x6c3/0x1790 [ 207.150797][ C0] ? add_timer+0x930/0x930 [ 207.150797][ C0] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 207.150797][ C0] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 207.150797][ C0] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 207.150797][ C0] __do_softirq+0x262/0x98c [ 207.150797][ C0] ? sched_clock_cpu+0x14e/0x1b0 [ 207.150797][ C0] irq_exit+0x19b/0x1e0 [ 207.150797][ C0] smp_apic_timer_interrupt+0x1a3/0x610 [ 207.150797][ C0] apic_timer_interrupt+0xf/0x20 [ 207.150797][ C0] [ 207.150797][ C0] RIP: 0010:generic_exec_single+0x33a/0x4c0 [ 207.150797][ C0] Code: 00 fc ff df 48 c1 e8 03 80 3c 10 00 0f 85 68 01 00 00 48 83 3d 2e 81 a9 07 00 0f 84 e0 00 00 00 e8 eb 2a 0b 00 48 89 df 57 9d <0f> 1f 44 00 00 45 31 ed e9 39 fe ff ff e8 d4 2a 0b 00 0f 0b e9 23 [ 207.150797][ C0] RSP: 0018:ffff888010697a80 EFLAGS: 00000212 ORIG_RAX: ffffffffffffff13 [ 207.150797][ C0] RAX: 0000000000040000 RBX: 0000000000000212 RCX: ffffc900118a3000 [ 207.150797][ C0] RDX: 0000000000000769 RSI: ffffffff8169b335 RDI: 0000000000000212 [ 207.150797][ C0] RBP: ffff888010697ab0 R08: 1ffffffff15377bb R09: fffffbfff15377bc [ 207.150797][ C0] R10: fffffbfff15377bb R11: ffffffff8a9bbddf R12: 0000000000000200 [ 207.150797][ C0] R13: ffff888010697b00 R14: ffff888010697bd0 R15: ffffffff818bd170 [ 207.150797][ C0] ? perf_duration_warn+0x40/0x40 [ 207.150797][ C0] ? generic_exec_single+0x335/0x4c0 [ 207.150797][ C0] ? __perf_event_enable+0x930/0x930 [ 207.150797][ C0] smp_call_function_single+0x17c/0x480 [ 207.150797][ C0] ? perf_duration_warn+0x40/0x40 [ 207.150797][ C0] ? generic_exec_single+0x4c0/0x4c0 [ 207.150797][ C0] ? __do_sys_perf_event_open+0x174c/0x2c70 [ 207.150797][ C0] ? __perf_event_enable+0x930/0x930 [ 207.150797][ C0] task_function_call+0xe9/0x180 [ 207.150797][ C0] ? perf_event_addr_filters_exec+0x310/0x310 [ 207.150797][ C0] ? __do_sys_perf_event_open+0x174c/0x2c70 [ 207.150797][ C0] ? __perf_event_enable+0x930/0x930 [ 207.150797][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 207.150797][ C0] ? exclusive_event_installable+0x257/0x320 [ 207.150797][ C0] perf_install_in_context+0x308/0x5a0 [ 207.150797][ C0] ? list_add_event+0xed0/0xed0 [ 207.150797][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 207.150797][ C0] ? __perf_event_header_size.isra.0+0x166/0x1c0 [ 207.150797][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 207.150797][ C0] __do_sys_perf_event_open+0x1cbc/0x2c70 [ 207.150797][ C0] ? perf_event_set_output+0x4e0/0x4e0 [ 207.150797][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 207.150797][ C0] ? put_timespec64+0xda/0x140 [ 207.150797][ C0] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 207.150797][ C0] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 207.150797][ C0] ? do_syscall_64+0x26/0x790 [ 207.150797][ C0] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 207.150797][ C0] ? do_syscall_64+0x26/0x790 [ 207.150797][ C0] __x64_sys_perf_event_open+0xbe/0x150 [ 207.150797][ C0] do_syscall_64+0xfa/0x790 [ 207.150797][ C0] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 207.150797][ C0] RIP: 0033:0x45a759 [ 207.150797][ C0] Code: bd b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 207.150797][ C0] RSP: 002b:00007f0c5bf25c88 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 207.150797][ C0] RAX: ffffffffffffffda RBX: 000000000071c0f8 RCX: 000000000045a759 [ 207.150797][ C0] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 000000002001d000 [ 207.150797][ C0] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 [ 207.150797][ C0] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f0c5bf266d4 [ 207.150797][ C0] R13: 00000000004aec17 R14: 00000000006f1cb0 R15: 00000000ffffffff [ 209.001443][ T2781] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { P7831 0-... } 10612 jiffies s: 333 root: 0x1/T [ 209.020953][ T2781] rcu: blocking rcu_node structures: [ 209.026481][ T2781] Task dump for CPU 0: [ 209.030723][ T2781] syz-executor.5 R running task 29080 7972 7828 0x8000000c [ 209.041976][ T2781] Call Trace: [ 209.045342][ T2781] ? mark_lock+0xc2/0x1220 [ 209.049907][ T2781] ? __perf_install_in_context+0x42b/0x970 [ 209.058195][ T2781] ? mark_held_locks+0xa4/0xf0 [ 209.064344][ T2781] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 209.069828][ T2781] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 209.077629][ T2781] ? lockdep_hardirqs_on+0x421/0x5e0 [ 209.084154][ T2781] ? retint_kernel+0x2b/0x2b [ 209.088943][ T2781] ? trace_hardirqs_on_caller+0x6a/0x240 [ 209.096920][ T2781] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 209.103706][ T2781] ? apic_timer_interrupt+0xa/0x20 [ 209.108997][ T2781] ? perf_duration_warn+0x40/0x40 [ 209.116568][ T2781] ? generic_exec_single+0x335/0x4c0 [ 209.123340][ T2781] ? generic_exec_single+0x33a/0x4c0 [ 209.128860][ T2781] ? __perf_event_enable+0x930/0x930 [ 209.136603][ T2781] ? smp_call_function_single+0x17c/0x480 [ 209.143795][ T2781] ? perf_duration_warn+0x40/0x40 [ 209.149149][ T2781] ? generic_exec_single+0x4c0/0x4c0 [ 209.156959][ T2781] ? __do_sys_perf_event_open+0x174c/0x2c70 [ 209.165525][ T2781] ? __perf_event_enable+0x930/0x930 [ 209.175093][ T2781] ? task_function_call+0xe9/0x180 [ 209.180651][ T2781] ? perf_event_addr_filters_exec+0x310/0x310 [ 209.189725][ T2781] ? __do_sys_perf_event_open+0x174c/0x2c70 [ 209.198491][ T2781] ? __perf_event_enable+0x930/0x930 [ 209.205285][ T2781] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 209.214275][ T2781] ? exclusive_event_installable+0x257/0x320 [ 209.220564][ T2781] ? perf_install_in_context+0x308/0x5a0 [ 209.227595][ T2781] ? list_add_event+0xed0/0xed0 [ 209.234932][ T2781] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 209.243895][ T2781] ? __perf_event_header_size.isra.0+0x166/0x1c0 [ 209.250594][ T2781] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 209.259448][ T2781] ? __do_sys_perf_event_open+0x1cbc/0x2c70 [ 209.267102][ T2781] ? perf_event_set_output+0x4e0/0x4e0 [ 209.275525][ T2781] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 209.283467][ T2781] ? put_timespec64+0xda/0x140 [ 209.288623][ T2781] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 209.296712][ T2781] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 209.303836][ T2781] ? do_syscall_64+0x26/0x790 [ 209.308765][ T2781] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 209.317501][ T2781] ? do_syscall_64+0x26/0x790 [ 209.323876][ T2781] ? __x64_sys_perf_event_open+0xbe/0x150 [ 209.330120][ T2781] ? do_syscall_64+0xfa/0x790 [ 209.337467][ T2781] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe