[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 67.773273][ T26] audit: type=1800 audit(1572936380.348:25): pid=8767 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 67.793998][ T26] audit: type=1800 audit(1572936380.348:26): pid=8767 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 67.848377][ T26] audit: type=1800 audit(1572936380.358:27): pid=8767 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.48' (ECDSA) to the list of known hosts. 2019/11/05 06:46:32 fuzzer started 2019/11/05 06:46:34 dialing manager at 10.128.0.26:42879 2019/11/05 06:46:34 syscalls: 2566 2019/11/05 06:46:34 code coverage: enabled 2019/11/05 06:46:34 comparison tracing: enabled 2019/11/05 06:46:34 extra coverage: extra coverage is not supported by the kernel 2019/11/05 06:46:34 setuid sandbox: enabled 2019/11/05 06:46:34 namespace sandbox: enabled 2019/11/05 06:46:34 Android sandbox: /sys/fs/selinux/policy does not exist 2019/11/05 06:46:34 fault injection: enabled 2019/11/05 06:46:34 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/11/05 06:46:34 net packet injection: enabled 2019/11/05 06:46:34 net device setup: enabled 2019/11/05 06:46:34 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2019/11/05 06:46:34 devlink PCI setup: PCI device 0000:00:10.0 is not available 06:48:20 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6, 0x0, 0x0, 0x3}, 0x1c) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00') ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) 06:48:20 executing program 1: mkdir(&(0x7f00000003c0)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) r0 = creat(&(0x7f0000000240)='./bus/file0\x00', 0x0) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000040)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x0, 0x0, @in={0x2, 0x0, @remote}}}, 0x90) syzkaller login: [ 187.749194][ T8933] IPVS: ftp: loaded support on port[0] = 21 [ 187.867928][ T8933] chnl_net:caif_netlink_parms(): no params data found [ 187.945661][ T8933] bridge0: port 1(bridge_slave_0) entered blocking state [ 187.962488][ T8933] bridge0: port 1(bridge_slave_0) entered disabled state [ 187.970380][ T8933] device bridge_slave_0 entered promiscuous mode [ 187.994926][ T8933] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.002082][ T8933] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.010120][ T8933] device bridge_slave_1 entered promiscuous mode [ 188.011424][ T8936] IPVS: ftp: loaded support on port[0] = 21 [ 188.040292][ T8933] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 188.054376][ T8933] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 188.081075][ T8933] team0: Port device team_slave_0 added 06:48:20 executing program 2: syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)={[{@noalign='noalign'}]}) [ 188.091073][ T8933] team0: Port device team_slave_1 added [ 188.155645][ T8933] device hsr_slave_0 entered promiscuous mode [ 188.192764][ T8933] device hsr_slave_1 entered promiscuous mode [ 188.278506][ T8938] IPVS: ftp: loaded support on port[0] = 21 06:48:20 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000003c0)={0xc0003}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000002c0)=[@text64={0x40, &(0x7f0000000300)="640f01c366b8ad008ed00f08c4417b2c020f3548b800000100000000000f23c00f21f835010008000f23f80fc778fc0f350fd8060f30", 0x36}], 0x1, 0x0, 0x0, 0x0) syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 188.396880][ T8936] chnl_net:caif_netlink_parms(): no params data found [ 188.416941][ T8933] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.424226][ T8933] bridge0: port 2(bridge_slave_1) entered forwarding state [ 188.432127][ T8933] bridge0: port 1(bridge_slave_0) entered blocking state [ 188.439223][ T8933] bridge0: port 1(bridge_slave_0) entered forwarding state [ 188.531862][ T8936] bridge0: port 1(bridge_slave_0) entered blocking state [ 188.540220][ T8936] bridge0: port 1(bridge_slave_0) entered disabled state [ 188.548641][ T8936] device bridge_slave_0 entered promiscuous mode [ 188.558738][ T8936] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.566748][ T8936] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.575157][ T8936] device bridge_slave_1 entered promiscuous mode [ 188.619425][ T8941] IPVS: ftp: loaded support on port[0] = 21 [ 188.647993][ T8936] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link 06:48:21 executing program 4: r0 = socket$unix(0x1, 0x5, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) r2 = dup2(r1, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x2000000004e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000000)='vxcan1\x00', 0xf) sendto$inet(r3, &(0x7f0000000400)="f62ab313949355e0273e65d3abda21f068933ec46b1fdf41a833e981e7de5b6aa4a1b65d8ec8094ee099d8271d26428366e221fc061208889c5686a4dc0c2d3d4fd66741cc11c4c833102fc156857f99a8b799636ea87c35b0283036520e5953baf9c51316d8d93aa5096030bd0d0dfbbdf445006af75ad33303c89c2de7ee8ac49a59a6605f3343c51ee399b1977da2e34ffbe0425866c7b7ad499ab8611286d60c0f27a1e62be4fb4b9e41eabec273531810fb81d733a5ea29408c19aba4587f9da5920ad564ad6bb89ac4565194535c7f6f54993deceb58a75e137be85d7600", 0xffffff90, 0x60, 0x0, 0x127) [ 188.675114][ T8933] 8021q: adding VLAN 0 to HW filter on device bond0 [ 188.692051][ T8936] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 188.760476][ T8933] 8021q: adding VLAN 0 to HW filter on device team0 [ 188.782073][ T3677] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 188.799818][ T3677] bridge0: port 1(bridge_slave_0) entered disabled state [ 188.819429][ T3677] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.837727][ T3677] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 188.936968][ T3677] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 188.949674][ T3677] bridge0: port 1(bridge_slave_0) entered blocking state [ 188.956835][ T3677] bridge0: port 1(bridge_slave_0) entered forwarding state [ 188.967003][ T3677] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 188.975705][ T3677] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.982838][ T3677] bridge0: port 2(bridge_slave_1) entered forwarding state [ 188.993715][ T8938] chnl_net:caif_netlink_parms(): no params data found [ 189.009674][ T8936] team0: Port device team_slave_0 added [ 189.024132][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 06:48:21 executing program 5: r0 = memfd_create(&(0x7f0000000140)='$B6/%cpuset]\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="7f454c46020000000000000000c4b40003003e000039a594249c1fd83d0000000000000000b649ffaa000000000000e5000000000020380003"], 0x39) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) [ 189.033994][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 189.044994][ T8948] IPVS: ftp: loaded support on port[0] = 21 [ 189.045293][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 189.071901][ T8936] team0: Port device team_slave_1 added [ 189.091149][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 189.135288][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 189.153137][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 189.161447][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 189.178810][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 189.210652][ T8938] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.218400][ T8938] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.227477][ T8938] device bridge_slave_0 entered promiscuous mode [ 189.235388][ T8938] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.243634][ T8938] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.251299][ T8938] device bridge_slave_1 entered promiscuous mode [ 189.268137][ T8950] IPVS: ftp: loaded support on port[0] = 21 [ 189.335817][ T8936] device hsr_slave_0 entered promiscuous mode [ 189.402685][ T8936] device hsr_slave_1 entered promiscuous mode [ 189.452553][ T8936] debugfs: Directory 'hsr0' with parent '/' already present! [ 189.460372][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 189.468892][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 189.479604][ T8933] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 189.501640][ T8938] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 189.569511][ T8938] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 189.624719][ T8938] team0: Port device team_slave_0 added [ 189.645564][ T8941] chnl_net:caif_netlink_parms(): no params data found [ 189.664572][ T8933] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 189.672929][ T8938] team0: Port device team_slave_1 added [ 189.710315][ T8942] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 189.717967][ T8942] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 189.804497][ T8938] device hsr_slave_0 entered promiscuous mode [ 189.852774][ T8938] device hsr_slave_1 entered promiscuous mode [ 189.892602][ T8938] debugfs: Directory 'hsr0' with parent '/' already present! [ 189.963128][ T8941] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.970403][ T8941] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.983455][ T8941] device bridge_slave_0 entered promiscuous mode [ 190.001420][ T8941] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.008921][ T8941] bridge0: port 2(bridge_slave_1) entered disabled state [ 190.021344][ T8941] device bridge_slave_1 entered promiscuous mode [ 190.050768][ T8948] chnl_net:caif_netlink_parms(): no params data found [ 190.144580][ T8948] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.152134][ T8948] bridge0: port 1(bridge_slave_0) entered disabled state [ 190.160551][ T8948] device bridge_slave_0 entered promiscuous mode [ 190.171111][ T8941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 190.187203][ T8941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 190.220719][ T8936] 8021q: adding VLAN 0 to HW filter on device bond0 [ 190.227962][ T8948] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.236985][ T8948] bridge0: port 2(bridge_slave_1) entered disabled state [ 190.245960][ T8948] device bridge_slave_1 entered promiscuous mode 06:48:22 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x5c831, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 190.303370][ T8936] 8021q: adding VLAN 0 to HW filter on device team0 [ 190.314178][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 190.322039][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 190.343043][ T8950] chnl_net:caif_netlink_parms(): no params data found [ 190.358040][ T8941] team0: Port device team_slave_0 added [ 190.367436][ T8948] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 190.367799][ T8964] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 190.396794][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 190.415143][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 190.424296][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.431577][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 190.439550][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 190.449558][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 190.458668][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.465787][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 190.473986][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 190.483332][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 190.510351][ T8941] team0: Port device team_slave_1 added [ 190.521239][ T8948] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 190.547732][ T8942] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 190.558044][ T8942] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready 06:48:23 executing program 0: syz_mount_image$gfs2(&(0x7f0000000180)='gfs2\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='lockproto=lock_nolock,locktable=/']) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 190.567535][ T8942] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 190.577389][ T8942] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 190.587307][ T8942] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 190.596179][ T8942] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 190.605087][ T8942] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 190.615680][ T8942] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 190.624828][ T8942] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 190.633739][ T8942] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 190.649682][ T8938] 8021q: adding VLAN 0 to HW filter on device bond0 [ 190.683146][ T8968] gfs2: fsid=_: Trying to join cluster "lock_nolock", "_" [ 190.690503][ T8968] gfs2: fsid=_: Now mounting FS... [ 190.698559][ T8968] gfs2: not a GFS2 filesystem [ 190.703950][ T8968] gfs2: fsid=_: can't read superblock [ 190.709436][ T8968] gfs2: fsid=_: can't read superblock: -22 [ 190.747437][ T8936] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 190.811172][ T8941] device hsr_slave_0 entered promiscuous mode [ 190.822834][ T8968] gfs2: fsid=_: Trying to join cluster "lock_nolock", "_" [ 190.836422][ T8968] gfs2: fsid=_: Now mounting FS... [ 190.859627][ T8968] gfs2: not a GFS2 filesystem [ 190.864868][ T8941] device hsr_slave_1 entered promiscuous mode [ 190.871244][ T8968] gfs2: fsid=_: can't read superblock [ 190.876840][ T8968] gfs2: fsid=_: can't read superblock: -22 [ 190.902473][ T8941] debugfs: Directory 'hsr0' with parent '/' already present! [ 190.917399][ T8948] team0: Port device team_slave_0 added 06:48:23 executing program 0: syz_mount_image$gfs2(&(0x7f0000000180)='gfs2\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='lockproto=lock_nolock,locktable=/']) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 190.954697][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 190.962189][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 190.991045][ T8948] team0: Port device team_slave_1 added [ 191.008117][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 191.016605][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 191.028863][ T8978] gfs2: fsid=_: Trying to join cluster "lock_nolock", "_" [ 191.039380][ T8950] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.047168][ T8950] bridge0: port 1(bridge_slave_0) entered disabled state [ 191.052612][ T8978] gfs2: fsid=_: Now mounting FS... [ 191.060165][ T8950] device bridge_slave_0 entered promiscuous mode [ 191.069392][ T8950] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.076823][ T8978] gfs2: not a GFS2 filesystem [ 191.077082][ T8950] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.081572][ T8978] gfs2: fsid=_: can't read superblock [ 191.095430][ T8950] device bridge_slave_1 entered promiscuous mode [ 191.110756][ T8936] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 191.117949][ T8978] gfs2: fsid=_: can't read superblock: -22 [ 191.158173][ T8938] 8021q: adding VLAN 0 to HW filter on device team0 06:48:23 executing program 0: syz_mount_image$gfs2(&(0x7f0000000180)='gfs2\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='lockproto=lock_nolock,locktable=/']) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 191.204933][ T8950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 191.255611][ T8948] device hsr_slave_0 entered promiscuous mode [ 191.278449][ T8988] gfs2: fsid=_: Trying to join cluster "lock_nolock", "_" [ 191.278643][ T8948] device hsr_slave_1 entered promiscuous mode [ 191.291048][ T8988] gfs2: fsid=_: Now mounting FS... [ 191.297721][ T8988] gfs2: not a GFS2 filesystem [ 191.308471][ T8988] gfs2: fsid=_: can't read superblock [ 191.314947][ T8988] gfs2: fsid=_: can't read superblock: -22 [ 191.342982][ T8948] debugfs: Directory 'hsr0' with parent '/' already present! [ 191.364263][ T8950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link 06:48:24 executing program 0: syz_mount_image$gfs2(&(0x7f0000000180)='gfs2\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='lockproto=lock_nolock,locktable=/']) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 191.443975][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 191.459613][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 191.492056][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.499213][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 191.518533][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 191.535969][ T8998] gfs2: fsid=_: Trying to join cluster "lock_nolock", "_" [ 191.548352][ T8998] gfs2: fsid=_: Now mounting FS... [ 191.549832][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 191.554495][ T8998] gfs2: not a GFS2 filesystem [ 191.568780][ T8998] gfs2: fsid=_: can't read superblock [ 191.571505][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.574640][ T8998] gfs2: fsid=_: can't read superblock: -22 [ 191.581273][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 191.606876][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 191.619635][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 191.638150][ T8950] team0: Port device team_slave_0 added [ 191.665464][ T8950] team0: Port device team_slave_1 added [ 191.708678][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 191.750457][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 191.771777][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready 06:48:24 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="0900000000003639408fa3a3ba27660199783b0a82f79b32a7c8225086600a38e07d4db88a66596759e95307b680ab73e03c53555c97e8e37d01da4d44a994354a9fa3f355214eeabd24fd620b2022d5ad63b369aaffe9a6b608a5fece0eca95d71f2d3e60613a027fb50cbcbd92d40700000000000000165ccf1032f51d36ab231f6c20d87e9167edf69776dca67d90a17ccd18fb9c7b21d53478e382dcf296a23a060bfe9ac9", 0xa7}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) [ 191.807360][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 191.817384][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 191.830042][ T9007] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 191.838265][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready 06:48:24 executing program 1: mkdir(&(0x7f00000003c0)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) r0 = creat(&(0x7f0000000240)='./bus/file0\x00', 0x0) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000040)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x0, 0x0, @in={0x2, 0x0, @remote}}}, 0x90) [ 191.865316][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 191.907276][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 191.919569][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 191.928224][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 191.984498][ T8950] device hsr_slave_0 entered promiscuous mode [ 192.022854][ T8950] device hsr_slave_1 entered promiscuous mode [ 192.072430][ T8950] debugfs: Directory 'hsr0' with parent '/' already present! [ 192.084399][ T8938] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 192.140040][ T8938] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 192.155404][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 192.165096][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 192.260602][ T8941] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.310704][ T8941] 8021q: adding VLAN 0 to HW filter on device team0 [ 192.331655][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 192.341258][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 192.366581][ T8950] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.389985][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 192.390874][ T9023] XFS (loop2): Invalid superblock magic number [ 192.399111][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 192.414209][ T8945] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.421295][ T8945] bridge0: port 1(bridge_slave_0) entered forwarding state [ 192.429544][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 192.445400][ T8948] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.467612][ T8950] 8021q: adding VLAN 0 to HW filter on device team0 [ 192.476028][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 192.486642][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 192.496245][ T47] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.503385][ T47] bridge0: port 2(bridge_slave_1) entered forwarding state [ 192.510920][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 192.519747][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 192.528614][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 192.536477][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 192.566066][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 192.577349][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 192.590288][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 192.599227][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 192.608759][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 192.617278][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 192.625991][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 192.634758][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 192.643472][ T47] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.650525][ T47] bridge0: port 1(bridge_slave_0) entered forwarding state [ 192.658218][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 192.666137][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 192.674688][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 192.682879][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 192.711405][ T9004] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 192.724585][ T9004] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 192.733770][ T9004] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.740852][ T9004] bridge0: port 2(bridge_slave_1) entered forwarding state [ 192.749704][ T9004] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 192.759130][ T9004] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 192.768450][ T9004] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 192.777489][ T9004] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 192.788026][ T8948] 8021q: adding VLAN 0 to HW filter on device team0 [ 192.802270][ T8941] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 192.833078][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 192.843930][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 192.854040][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 192.868856][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 192.877632][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 192.886273][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 192.912011][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 192.920055][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 192.931024][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 192.939501][ T8945] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.946610][ T8945] bridge0: port 1(bridge_slave_0) entered forwarding state [ 192.954943][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 192.964131][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 192.972942][ T8945] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.980001][ T8945] bridge0: port 2(bridge_slave_1) entered forwarding state [ 192.987728][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 192.996064][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 193.004440][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 193.013862][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready 06:48:25 executing program 2: mkdir(&(0x7f00000003c0)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) r0 = creat(&(0x7f0000000240)='./bus/file0\x00', 0x0) write$RDMA_USER_CM_CMD_BIND(r0, 0x0, 0xeffd) [ 193.028667][ T8950] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 193.061203][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 193.071765][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 193.080679][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 193.092153][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 193.100271][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 193.108942][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 193.117754][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 193.134991][ T8941] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 193.162197][ T8948] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 193.191920][ T8948] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network 06:48:25 executing program 2: mkdir(&(0x7f00000003c0)='./file1\x00', 0x0) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) r0 = creat(&(0x7f0000000240)='./bus/file0\x00', 0x0) write$RDMA_USER_CM_CMD_BIND(r0, 0x0, 0xeffd) [ 193.204451][ T9042] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 193.214923][ T8947] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 193.238440][ T8947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 193.249070][ T8947] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 193.257917][ T8947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 193.266842][ T8947] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 193.275602][ T8947] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 193.283190][ T8947] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 193.293098][ T8950] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 193.300200][ T8947] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 193.325171][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 193.338783][ T8945] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 193.359728][ T8948] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 193.702875][ T9064] ERROR: Domain ' /sbin/init /etc/init.d/rc /sbin/startpar /etc/init.d/ssh /sbin/start-stop-daemon /usr/sbin/sshd /usr/sbin/sshd /bin/bash /root/syz-fuzzer /root/syz-executor.5 proc:/self/fd/3' not defined. 06:48:26 executing program 3: mkdir(&(0x7f0000000340)='./file0\x00', 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) clock_gettime(0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000001, 0x5c831, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$TCSETS(r1, 0x5402, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, 0x0, &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',grou', @ANYRESDEC=0x0]) preadv(r4, &(0x7f0000000740), 0x0, 0x0) read$FUSE(r4, &(0x7f0000000780), 0x1000) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000380)='memory.swap.current\x00', 0x0, 0x0) fstat(r5, &(0x7f0000000e40)) read$FUSE(r4, &(0x7f0000001780), 0x1000) write$FUSE_ENTRY(r4, 0x0, 0x0) write$FUSE_ENTRY(r4, &(0x7f0000000380)={0x90, 0x0, 0x3, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}}}, 0x90) 06:48:26 executing program 5: r0 = memfd_create(&(0x7f0000000140)='$B6/%cpuset]\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="7f454c46020000000000000000c4b40003003e000039a594249c1fd83d0000000000000000b649ffaa000000000000e5000000000020380003"], 0x39) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 06:48:26 executing program 4: r0 = fsopen(&(0x7f0000000040)='squashfs\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x6, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_SET_PATH_EMPTY(r0, 0x4, &(0x7f00000002c0)='/dev/sr0\x00', &(0x7f0000000300)='./file1\x00', 0xffffffffffffff9c) 06:48:26 executing program 5: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfa\x81\x00\x00\x00\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7.\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x1) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) openat$uhid(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uhid\x00', 0x0, 0x0) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) write$UHID_CREATE2(r2, &(0x7f0000000440)={0xb, 'syz1\x00', 'syz1\x00', 'syz0\x00'}, 0x118) 06:48:26 executing program 4: 06:48:26 executing program 4: [ 194.036795][ C1] hrtimer: interrupt took 71840 ns 06:48:26 executing program 4: 06:48:26 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000140)={{0x2, 0x0, @empty}, {0x4000030000000304, @dev}, 0x0, {}, 'bond0\x00'}) 06:48:27 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x200000000000004) r1 = socket$inet(0xa, 0x801, 0x84) listen(r1, 0xfc0001) writev(r0, &(0x7f0000000240)=[{&(0x7f0000000080)="480000001400190d09004beafd0d8c560a8447000bffe0064e230f00000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) [ 226.652610][ T1080] INFO: task khugepaged:1087 blocked for more than 143 seconds. [ 226.660555][ T1080] Not tainted 5.4.0-rc5-next-20191031 #0 [ 226.667067][ T1080] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 226.678969][ T1080] khugepaged D27704 1087 2 0x80004000 [ 226.685403][ T1080] Call Trace: [ 226.688704][ T1080] __schedule+0x94a/0x1e70 [ 226.693291][ T1080] ? __sched_text_start+0x8/0x8 [ 226.698160][ T1080] ? blk_insert_cloned_request+0x530/0x530 [ 226.704060][ T1080] ? _raw_spin_unlock_irq+0x23/0x80 [ 226.709298][ T1080] ? __lock_page+0x3d9/0xab0 [ 226.713959][ T1080] ? _raw_spin_unlock_irq+0x23/0x80 [ 226.719162][ T1080] schedule+0xdc/0x2b0 [ 226.723328][ T1080] io_schedule+0x1c/0x70 [ 226.727574][ T1080] __lock_page+0x422/0xab0 [ 226.731981][ T1080] ? wait_on_page_bit+0xa60/0xa60 [ 226.737280][ T1080] ? page_cache_next_miss+0x340/0x340 [ 226.742770][ T1080] ? ___might_sleep+0x163/0x2c0 [ 226.747624][ T1080] ? __might_sleep+0x95/0x190 [ 226.752309][ T1080] mpage_prepare_extent_to_map+0xb3f/0xf90 [ 226.758221][ T1080] ? mpage_process_page_bufs+0x780/0x780 [ 226.764054][ T1080] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 226.769660][ T1080] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 226.775692][ T1080] ? __kmalloc_node+0xf/0x70 [ 226.780328][ T1080] ext4_writepages+0x954/0x2e70 [ 226.785292][ T1080] ? get_page_from_freelist+0x21fb/0x4330 [ 226.791053][ T1080] ? find_held_lock+0x35/0x130 [ 226.795870][ T1080] ? get_page_from_freelist+0x21fb/0x4330 [ 226.801599][ T1080] ? ext4_mark_inode_dirty+0x9b0/0x9b0 [ 226.807154][ T1080] ? 0xffffffff81000000 [ 226.811310][ T1080] ? mark_lock+0xc2/0x1220 [ 226.815792][ T1080] ? prep_new_page+0x19f/0x200 [ 226.820599][ T1080] ? wbc_attach_and_unlock_inode+0x514/0x920 [ 226.826741][ T1080] ? find_held_lock+0x35/0x130 [ 226.831572][ T1080] ? wbc_attach_and_unlock_inode+0x515/0x920 [ 226.837633][ T1080] ? ext4_mark_inode_dirty+0x9b0/0x9b0 [ 226.843349][ T1080] do_writepages+0xfa/0x2a0 [ 226.847852][ T1080] ? do_writepages+0xfa/0x2a0 [ 226.852589][ T1080] ? lock_downgrade+0x920/0x920 [ 226.857450][ T1080] ? page_writeback_cpu_online+0x20/0x20 [ 226.863219][ T1080] ? __kasan_check_read+0x11/0x20 [ 226.868242][ T1080] ? do_raw_spin_unlock+0x57/0x270 [ 226.873515][ T1080] ? _raw_spin_unlock+0x28/0x40 [ 226.878372][ T1080] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 226.884744][ T1080] ? wbc_attach_and_unlock_inode+0x5bf/0x920 [ 226.890729][ T1080] __filemap_fdatawrite_range+0x2bc/0x3b0 [ 226.896524][ T1080] ? delete_from_page_cache_batch+0xfe0/0xfe0 [ 226.902709][ T1080] ? lockdep_hardirqs_on+0x421/0x5e0 [ 226.907993][ T1080] filemap_flush+0x24/0x30 [ 226.912471][ T1080] collapse_file+0x36b1/0x41a0 [ 226.917238][ T1080] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 226.923506][ T1080] ? khugepaged+0x21c0/0x4360 [ 226.928188][ T1080] ? trace_event_raw_event_mm_collapse_huge_page_isolate+0x370/0x370 [ 226.936367][ T1080] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 226.942090][ T1080] ? khugepaged_find_target_node+0x142/0x180 [ 226.948169][ T1080] khugepaged+0x2da9/0x4360 [ 226.952728][ T1080] ? __kasan_check_read+0x11/0x20 [ 226.957746][ T1080] ? __lock_acquire+0x16f2/0x4a00 [ 226.962886][ T1080] ? _raw_spin_unlock_irq+0x23/0x80 [ 226.968080][ T1080] ? finish_task_switch+0x147/0x750 [ 226.973492][ T1080] ? _raw_spin_unlock_irq+0x23/0x80 [ 226.978752][ T1080] ? lockdep_hardirqs_on+0x421/0x5e0 [ 226.984259][ T1080] ? collapse_pte_mapped_thp+0xbe0/0xbe0 [ 226.989897][ T1080] ? lock_downgrade+0x920/0x920 [ 226.994818][ T1080] ? finish_wait+0x260/0x260 [ 226.999412][ T1080] ? lockdep_hardirqs_on+0x421/0x5e0 [ 227.004783][ T1080] ? trace_hardirqs_on+0x67/0x240 [ 227.009824][ T1080] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 227.016136][ T1080] ? __kthread_parkme+0x108/0x1c0 [ 227.021157][ T1080] ? __kasan_check_read+0x11/0x20 [ 227.026278][ T1080] kthread+0x361/0x430 [ 227.030344][ T1080] ? collapse_pte_mapped_thp+0xbe0/0xbe0 [ 227.036029][ T1080] ? kthread_mod_delayed_work+0x1f0/0x1f0 [ 227.041747][ T1080] ret_from_fork+0x24/0x30 [ 227.046409][ T1080] [ 227.046409][ T1080] Showing all locks held in the system: [ 227.054227][ T1080] 4 locks held by kworker/u4:3/159: [ 227.059411][ T1080] #0: ffff8880a746e528 ((wq_completion)writeback){+.+.}, at: process_one_work+0x88b/0x1740 [ 227.069538][ T1080] #1: ffff8880a953fdc0 ((work_completion)(&(&wb->dwork)->work)){+.+.}, at: process_one_work+0x8c1/0x1740 [ 227.080895][ T1080] #2: ffff88809b7b20d8 (&type->s_umount_key#32){++++}, at: trylock_super+0x22/0x110 [ 227.090412][ T1080] #3: ffff88809b7b4990 (&sbi->s_journal_flag_rwsem){.+.+}, at: do_writepages+0xfa/0x2a0 [ 227.100374][ T1080] 1 lock held by khungtaskd/1080: [ 227.105440][ T1080] #0: ffffffff88faba40 (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x279 [ 227.114777][ T1080] 1 lock held by khugepaged/1087: [ 227.119778][ T1080] #0: ffff88809b7b4990 (&sbi->s_journal_flag_rwsem){.+.+}, at: do_writepages+0xfa/0x2a0 [ 227.129671][ T1080] 2 locks held by rsyslogd/8805: [ 227.134743][ T1080] #0: ffff8880a3fdd620 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xee/0x110 [ 227.143429][ T1080] #1: ffffffff88faba40 (rcu_read_lock){....}, at: do_syslog+0x699/0x1870 [ 227.151963][ T1080] 2 locks held by getty/8895: [ 227.156683][ T1080] #0: ffff8880a7399090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 227.165677][ T1080] #1: ffffc90005f3b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 227.175291][ T1080] 2 locks held by getty/8896: [ 227.179961][ T1080] #0: ffff88809c017090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 227.188947][ T1080] #1: ffffc90005f312e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 227.198600][ T1080] 2 locks held by getty/8897: [ 227.203427][ T1080] #0: ffff888097075090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 227.212432][ T1080] #1: ffffc90005f4b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 227.222085][ T1080] 2 locks held by getty/8898: [ 227.226798][ T1080] #0: ffff88809280c090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 227.235802][ T1080] #1: ffffc90005f472e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 227.245411][ T1080] 2 locks held by getty/8899: [ 227.250080][ T1080] #0: ffff88809aec9090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 227.259069][ T1080] #1: ffffc90005f372e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 227.268708][ T1080] 2 locks held by getty/8900: [ 227.273441][ T1080] #0: ffff8880a7b31090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 227.282478][ T1080] #1: ffffc90005f252e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 227.292053][ T1080] 2 locks held by getty/8901: [ 227.296764][ T1080] #0: ffff8880a8671090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 227.305781][ T1080] #1: ffffc90005f192e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 227.315505][ T1080] 2 locks held by syz-executor.1/8936: [ 227.320958][ T1080] #0: ffff8880601180d8 (&type->s_umount_key#50){+.+.}, at: deactivate_super+0x1aa/0x1d0 [ 227.330835][ T1080] #1: ffff88809b7b20d8 (&type->s_umount_key#32){++++}, at: ovl_sync_fs+0xb7/0x100 [ 227.340190][ T1080] 2 locks held by syz-executor.2/8938: [ 227.345677][ T1080] #0: ffff88805f02c0d8 (&type->s_umount_key#50){+.+.}, at: deactivate_super+0x1aa/0x1d0 [ 227.355546][ T1080] #1: ffff88809b7b20d8 (&type->s_umount_key#32){++++}, at: ovl_sync_fs+0xb7/0x100 [ 227.364902][ T1080] [ 227.367230][ T1080] ============================================= [ 227.367230][ T1080] [ 227.375751][ T1080] NMI backtrace for cpu 1 [ 227.380077][ T1080] CPU: 1 PID: 1080 Comm: khungtaskd Not tainted 5.4.0-rc5-next-20191031 #0 [ 227.388639][ T1080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 227.398673][ T1080] Call Trace: [ 227.401948][ T1080] dump_stack+0x172/0x1f0 [ 227.406297][ T1080] nmi_cpu_backtrace.cold+0x70/0xb2 [ 227.411471][ T1080] ? vprintk_func+0x86/0x189 [ 227.416043][ T1080] ? lapic_can_unplug_cpu.cold+0x3a/0x3a [ 227.421656][ T1080] nmi_trigger_cpumask_backtrace+0x23b/0x28b [ 227.427617][ T1080] arch_trigger_cpumask_backtrace+0x14/0x20 [ 227.433489][ T1080] watchdog+0xc8f/0x1350 [ 227.437718][ T1080] kthread+0x361/0x430 [ 227.441761][ T1080] ? reset_hung_task_detector+0x30/0x30 [ 227.447283][ T1080] ? kthread_mod_delayed_work+0x1f0/0x1f0 [ 227.452990][ T1080] ret_from_fork+0x24/0x30 [ 227.457528][ T1080] Sending NMI from CPU 1 to CPUs 0: [ 227.463079][ C0] NMI backtrace for cpu 0 [ 227.463085][ C0] CPU: 0 PID: 9004 Comm: kworker/0:5 Not tainted 5.4.0-rc5-next-20191031 #0 [ 227.463090][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 227.463094][ C0] Workqueue: events_power_efficient gc_worker [ 227.463100][ C0] RIP: 0010:lock_is_held_type+0x220/0x320 [ 227.463111][ C0] Code: e0 03 3b 45 cc 41 0f 94 c4 65 48 8b 1c 25 80 fe 01 00 48 8d bb 9c 08 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 d3 [ 227.463114][ C0] RSP: 0018:ffff888060037bc0 EFLAGS: 00000803 [ 227.463121][ C0] RAX: dffffc0000000000 RBX: ffff88806002a240 RCX: ffff88806002aae0 [ 227.463125][ C0] RDX: 1ffff1100c00555b RSI: ffffffff88fab9c0 RDI: ffff88806002aadc [ 227.463130][ C0] RBP: ffff888060037c08 R08: 0000000000000003 R09: ffff88806002aad8 [ 227.463134][ C0] R10: fffffbfff1390778 R11: ffffffff89c83bc7 R12: 0000000000000000 [ 227.463138][ C0] R13: ffff88806002ab08 R14: ffffffff88fab9c0 R15: 0000000000000002 [ 227.463144][ C0] FS: 0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 227.463147][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.463152][ C0] CR2: ffffffffff600400 CR3: 00000000956a5000 CR4: 00000000001406f0 [ 227.463156][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 227.463161][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 227.463163][ C0] Call Trace: [ 227.463166][ C0] ? gc_worker+0xa57/0xdd0 [ 227.463169][ C0] ___might_sleep+0x205/0x2c0 [ 227.463172][ C0] gc_worker+0x759/0xdd0 [ 227.463176][ C0] ? init_conntrack.isra.0+0x11a0/0x11a0 [ 227.463179][ C0] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 227.463183][ C0] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 227.463186][ C0] ? trace_hardirqs_on+0x67/0x240 [ 227.463189][ C0] process_one_work+0x9af/0x1740 [ 227.463193][ C0] ? pwq_dec_nr_in_flight+0x320/0x320 [ 227.463196][ C0] ? lock_acquire+0x190/0x410 [ 227.463199][ C0] worker_thread+0x98/0xe40 [ 227.463202][ C0] ? trace_hardirqs_on+0x67/0x240 [ 227.463205][ C0] kthread+0x361/0x430 [ 227.463208][ C0] ? process_one_work+0x1740/0x1740 [ 227.463212][ C0] ? kthread_mod_delayed_work+0x1f0/0x1f0 [ 227.463215][ C0] ret_from_fork+0x24/0x30 [ 227.463837][ T1080] Kernel panic - not syncing: hung_task: blocked tasks [ 227.701483][ T1080] CPU: 1 PID: 1080 Comm: khungtaskd Not tainted 5.4.0-rc5-next-20191031 #0 [ 227.710040][ T1080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 227.720069][ T1080] Call Trace: [ 227.723343][ T1080] dump_stack+0x172/0x1f0 [ 227.727653][ T1080] panic+0x2e3/0x75c [ 227.731530][ T1080] ? add_taint.cold+0x16/0x16 [ 227.736184][ T1080] ? lapic_can_unplug_cpu.cold+0x3a/0x3a [ 227.741813][ T1080] ? ___preempt_schedule+0x16/0x18 [ 227.746903][ T1080] ? nmi_trigger_cpumask_backtrace+0x21b/0x28b [ 227.753031][ T1080] ? nmi_trigger_cpumask_backtrace+0x24c/0x28b [ 227.759158][ T1080] ? nmi_trigger_cpumask_backtrace+0x256/0x28b [ 227.765291][ T1080] ? nmi_trigger_cpumask_backtrace+0x21b/0x28b [ 227.771443][ T1080] watchdog+0xca0/0x1350 [ 227.775686][ T1080] kthread+0x361/0x430 [ 227.779745][ T1080] ? reset_hung_task_detector+0x30/0x30 [ 227.785270][ T1080] ? kthread_mod_delayed_work+0x1f0/0x1f0 [ 227.790969][ T1080] ret_from_fork+0x24/0x30 [ 227.796674][ T1080] Kernel Offset: disabled [ 227.801036][ T1080] Rebooting in 86400 seconds..