[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 29.697448] kauditd_printk_skb: 7 callbacks suppressed [ 29.697459] audit: type=1800 audit(1544445366.611:29): pid=5985 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 29.724323] audit: type=1800 audit(1544445366.611:30): pid=5985 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 [....] startpar: service(s) returned failure: rsyslog ssh ...[?25l[?1c7[FAIL8[?25h[?0c failed! Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.71' (ECDSA) to the list of known hosts. 2018/12/10 12:36:18 fuzzer started 2018/12/10 12:36:20 dialing manager at 10.128.0.26:37321 2018/12/10 12:36:26 syscalls: 1 2018/12/10 12:36:26 code coverage: enabled 2018/12/10 12:36:26 comparison tracing: enabled 2018/12/10 12:36:26 setuid sandbox: enabled 2018/12/10 12:36:26 namespace sandbox: enabled 2018/12/10 12:36:26 Android sandbox: /sys/fs/selinux/policy does not exist 2018/12/10 12:36:26 fault injection: enabled 2018/12/10 12:36:26 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/12/10 12:36:26 net packet injection: enabled 2018/12/10 12:36:26 net device setup: enabled 12:38:36 executing program 0: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000280)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) dup2(r0, r1) syzkaller login: [ 179.773096] IPVS: ftp: loaded support on port[0] = 21 12:38:36 executing program 1: r0 = syz_open_dev$vcsn(&(0x7f0000000100)='/dev/vcs#\x00', 0x2, 0x1) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f0000000200)=ANY=[@ANYBLOB="66696c746572000000000000000000000000000000000000000000000000f600bd796f69c02d434c402a825fa4f3096de251439acebd05d3670600000000000000cd5824b7e4e6a80ad11533000000000000000000000000"], &(0x7f00000001c0)=0x1) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x14) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e23}, 0x1c) listen(r1, 0x18) r2 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x4e23, @local}], 0x10) r3 = dup3(r0, r0, 0x80000) ioctl(r3, 0xfffffffffffffffd, &(0x7f0000000300)="b006b47fe5d67846a39579518fe14791e8ebd47fcc7df2ebd09ce7cb57089460480deaefb34f199d72ba09b4d383ecf404f69a1045f5dee2d32e22a842a6e49864fcb741cdb6d0aa0677bd3a3389bab58c3f09686aabc80e0f51809cc7d48f062ef5964ce68d6fbcac568edf151e59fe50") getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r3, 0x84, 0x6d, &(0x7f0000000400)={0x0, 0x34, "e499b79015fca93414bd2aab4e8828b76bdadc511b66f3ca37439e22ccabf06f7a0e580c3c12d1ad7b95f5557f6096736c5b3026"}, &(0x7f0000000440)=0x3c) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000040), 0x244) [ 180.052419] IPVS: ftp: loaded support on port[0] = 21 12:38:37 executing program 2: r0 = perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet_tcp_SIOCATMARK(0xffffffffffffffff, 0x40247007, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000180)='mountinfo\x00') ioctl$TIOCGETD(r2, 0x5424, &(0x7f00000002c0)) set_thread_area(&(0x7f0000000580)={0x7a, 0x20001800, 0x4000, 0x200, 0xffff, 0x1, 0x101, 0x2, 0x843, 0x3}) rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='./file0\x00') write$FUSE_NOTIFY_STORE(r1, &(0x7f0000000480)={0x2a, 0x4, 0x0, {0x1, 0xbe, 0x2, 0x0, [0x0, 0x0]}}, 0x2a) mount(&(0x7f0000000640)=ANY=[@ANYBLOB="539b9105ab1072c24e2b980945c27f3b81ff00"], 0x0, 0x0, 0x0, 0x0) mount(&(0x7f0000d04000), &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x100000, &(0x7f0000444000)) mount(&(0x7f0000000500)=ANY=[@ANYBLOB="969957b52d30fea3a6945a209691fd3e214cb9dcc33db7762efad2628dcef5d3b6364e601019df973b53d859e769464fe2a2410d59da45"], 0x0, 0x0, 0x80010, 0x0) mount(&(0x7f00002b9ff8), &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x80000, &(0x7f000002f000)) r3 = dup2(r1, r1) ioctl$TCSBRKP(r2, 0x5425, 0x5) write$FUSE_OPEN(r3, &(0x7f0000000780)={0x20, 0x0, 0x8, {0x0, 0x1}}, 0x20) pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00') mount(&(0x7f0000000c00)=ANY=[@ANYBLOB="6cef0c39098c2a043df8a2c1a8149b00c19b93ea76774129830cb8e5c1c83d4972085ae341b504e0d822dcffd1483d36d02e094416789ad73e7b16814b44640400fa4c5787cbe9f02e5a9bd67834af4a0235b68d7becf346fd5688b760a453b94ea1c41f15fa83b048f8a0f4525fd949d5ede248dc7de0413f92e6118f8e97b8fbf5bc41a4b18305adb1962f94611d73cedcfda5f20506ff58e1f5e5687a609e3412090de337701a9c6374852e00000000c86ad4e872d8002dd46290eebe61ed25a052740e009848158a889097948dc87aa98fc57ed9299117624477b1ff486ffb15f91f7afea5489acb125e6dd93d7b2214bfaafbb305180596e1ce33e11596a739162aedeb544b5baaad77495d41cd0996d04db58c91dac1301c1404ee174d54db1e46987b793ca23cee33d8f66ba83031ac120536d2f9b2666411696f54d7e3660de76fe4f05667b2edd55c9870cb983f2a0fa7f7fd0511346a73204e7e469bc1197ba335de1343f4979cb0f2a63517873421013823004e129faac9c46f2766faacb1", @ANYRES32=r1, @ANYRES64=r0, @ANYRESHEX, @ANYRES32=r2, @ANYPTR64], 0x0, 0x0, 0x0, &(0x7f0000000bc0)="8d6f5b746d6f6465") preadv(r1, &(0x7f0000001400)=[{&(0x7f0000004200)=""/4096, 0x9d}], 0x1, 0x2) ioctl$int_out(r0, 0x2, &(0x7f0000000700)) link(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='./file0\x00') ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000140)) utimes(&(0x7f0000000440)='./file0\x00', &(0x7f0000000180)={{0x0, 0x7530}}) close(r1) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000340)={0x0, 0x24}, &(0x7f0000000680)=0x8) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f00000006c0)={r4, 0x100000000}, &(0x7f0000000740)=0x8) r5 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r5, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @local}, {0x0, @broadcast}, 0x0, {0x2, 0x0, @multicast2}, 'lo\x00'}) fcntl$setflags(r0, 0x2, 0x0) [ 180.411310] IPVS: ftp: loaded support on port[0] = 21 12:38:37 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000289000)={&(0x7f0000000040), 0xc, &(0x7f0000058000)={&(0x7f000023f000)=ANY=[@ANYBLOB="840008000000000000bd7000ffffffff0000dffc0c00000000000000000000005b659a62290ffc380c2dbfdc5e9f13e1a0481000400000f4c1b4e2bf501fb1bb949869c2984d914d9f04005e4fcd0600050bc1700612dbc3080c91745fa158cf77510d70309f7f1969136edfd73294c0356675ffff000044f2a432a15b4ce56aa166"], 0x82}}, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000289000)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f000023f000)=ANY=[@ANYBLOB="840000001f00000000000000000000000000ffff"], 0x14}}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f000023f000)=0xa, 0x20b) [ 180.787790] IPVS: ftp: loaded support on port[0] = 21 12:38:38 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000840)=""/148, 0x94}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/netlink\x00') preadv(r0, &(0x7f0000000700), 0x31f, 0x10400003) syz_genetlink_get_family_id$team(0x0) [ 181.228790] bridge0: port 1(bridge_slave_0) entered blocking state [ 181.250674] bridge0: port 1(bridge_slave_0) entered disabled state [ 181.258591] device bridge_slave_0 entered promiscuous mode [ 181.366583] bridge0: port 2(bridge_slave_1) entered blocking state [ 181.390306] bridge0: port 2(bridge_slave_1) entered disabled state [ 181.400618] device bridge_slave_1 entered promiscuous mode [ 181.463896] IPVS: ftp: loaded support on port[0] = 21 [ 181.532507] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 181.680611] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 12:38:38 executing program 5: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$nfc_llcp(0xffffffffffffffff, &(0x7f00000008c0)={0x27, 0x0, 0x1, 0x7, 0x1, 0x0, "4d6ae4891088c08f3802b6bf958ae133c35d3a49a84ac4e0b32cdff870851442021c22facc19d429aff2e438aa576352afa1d7b059f184356b45f28a7142ad", 0x18}, 0x60) bind$inet6(r1, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r1, 0x4) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) r3 = open(&(0x7f0000000280)='./bus\x00', 0x141042, 0x0) syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x218, 0x20200) mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, r3, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8001, 0x7}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setgid(0x0) ioctl$TIOCGWINSZ(r3, 0x5413, &(0x7f0000000000)) r4 = accept4(r1, 0x0, &(0x7f0000000040), 0x0) syz_open_dev$mouse(&(0x7f0000000200)='/dev/input/mouse#\x00', 0x8, 0x0) dup3(r0, r4, 0x0) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000400), &(0x7f0000000440)=0x14) [ 182.085070] IPVS: ftp: loaded support on port[0] = 21 [ 182.091810] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 182.188378] bridge0: port 1(bridge_slave_0) entered blocking state [ 182.195848] bridge0: port 1(bridge_slave_0) entered disabled state [ 182.203608] device bridge_slave_0 entered promiscuous mode [ 182.214788] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 182.383983] bridge0: port 2(bridge_slave_1) entered blocking state [ 182.407575] bridge0: port 2(bridge_slave_1) entered disabled state [ 182.417247] device bridge_slave_1 entered promiscuous mode [ 182.520118] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 182.588086] bridge0: port 1(bridge_slave_0) entered blocking state [ 182.608385] bridge0: port 1(bridge_slave_0) entered disabled state [ 182.615745] device bridge_slave_0 entered promiscuous mode [ 182.654609] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 182.710792] bridge0: port 2(bridge_slave_1) entered blocking state [ 182.718746] bridge0: port 2(bridge_slave_1) entered disabled state [ 182.742209] device bridge_slave_1 entered promiscuous mode [ 182.893494] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 182.980628] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 183.003666] team0: Port device team_slave_0 added [ 183.023633] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 183.067801] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 183.138835] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 183.149796] team0: Port device team_slave_1 added [ 183.174029] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 183.274617] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 183.289328] bridge0: port 1(bridge_slave_0) entered blocking state [ 183.298177] bridge0: port 1(bridge_slave_0) entered disabled state [ 183.330915] device bridge_slave_0 entered promiscuous mode [ 183.339176] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 183.354682] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 183.403661] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 183.447678] bridge0: port 2(bridge_slave_1) entered blocking state [ 183.491503] bridge0: port 2(bridge_slave_1) entered disabled state [ 183.498988] device bridge_slave_1 entered promiscuous mode [ 183.530664] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 183.566530] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 183.580950] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 183.603913] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 183.630601] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 183.639643] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 183.666907] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 183.726914] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 183.745027] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 183.819750] bridge0: port 1(bridge_slave_0) entered blocking state [ 183.848131] bridge0: port 1(bridge_slave_0) entered disabled state [ 183.861297] device bridge_slave_0 entered promiscuous mode [ 183.888922] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 183.907185] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 183.931580] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 183.940531] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 183.948007] team0: Port device team_slave_0 added [ 183.972638] bridge0: port 2(bridge_slave_1) entered blocking state [ 183.979011] bridge0: port 2(bridge_slave_1) entered disabled state [ 184.008813] device bridge_slave_1 entered promiscuous mode [ 184.024150] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 184.051696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 184.095401] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 184.130826] team0: Port device team_slave_1 added [ 184.198833] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 184.243892] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 184.273051] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 184.298894] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 184.342593] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 184.352988] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 184.373949] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 184.400816] team0: Port device team_slave_0 added [ 184.407017] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 184.447978] bridge0: port 1(bridge_slave_0) entered blocking state [ 184.471061] bridge0: port 1(bridge_slave_0) entered disabled state [ 184.487958] device bridge_slave_0 entered promiscuous mode [ 184.505945] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 184.528808] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 184.560662] team0: Port device team_slave_1 added [ 184.573402] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 184.592319] bridge0: port 2(bridge_slave_1) entered blocking state [ 184.608187] bridge0: port 2(bridge_slave_1) entered disabled state [ 184.628276] device bridge_slave_1 entered promiscuous mode [ 184.637405] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 184.653880] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 184.701724] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 184.708843] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 184.730826] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 184.749119] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 184.765960] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 184.815526] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 184.831944] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 184.841628] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 184.853291] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 184.877326] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 184.891675] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 184.913022] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 184.970457] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 185.022837] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 185.032574] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 185.041906] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 185.063235] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 185.082001] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 185.140805] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 185.147972] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 185.162235] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 185.189794] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 185.221873] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 185.301718] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 185.309109] team0: Port device team_slave_0 added [ 185.356734] bridge0: port 2(bridge_slave_1) entered blocking state [ 185.363385] bridge0: port 2(bridge_slave_1) entered forwarding state [ 185.370469] bridge0: port 1(bridge_slave_0) entered blocking state [ 185.376902] bridge0: port 1(bridge_slave_0) entered forwarding state [ 185.418585] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 185.436658] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 185.470663] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 185.485073] team0: Port device team_slave_1 added [ 185.600692] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 185.627129] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 185.653531] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 185.681237] team0: Port device team_slave_0 added [ 185.784240] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 185.796114] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 185.838002] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 185.859399] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 185.881276] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 185.888718] team0: Port device team_slave_1 added [ 185.903619] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 185.921405] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 185.930964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 185.972454] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 185.982869] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 185.990869] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 185.998801] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 186.028468] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 186.051066] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 186.140825] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 186.147716] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 186.162114] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 186.310343] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 186.317584] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 186.330711] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 186.358400] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 186.374547] team0: Port device team_slave_0 added [ 186.394941] bridge0: port 2(bridge_slave_1) entered blocking state [ 186.401347] bridge0: port 2(bridge_slave_1) entered forwarding state [ 186.408045] bridge0: port 1(bridge_slave_0) entered blocking state [ 186.414491] bridge0: port 1(bridge_slave_0) entered forwarding state [ 186.447532] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 186.465990] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 186.500473] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 186.509853] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 186.552803] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 186.587066] team0: Port device team_slave_1 added [ 186.728449] bridge0: port 2(bridge_slave_1) entered blocking state [ 186.735035] bridge0: port 2(bridge_slave_1) entered forwarding state [ 186.741850] bridge0: port 1(bridge_slave_0) entered blocking state [ 186.748238] bridge0: port 1(bridge_slave_0) entered forwarding state [ 186.778272] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 186.802431] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 186.810822] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 186.841681] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 186.873196] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 186.904567] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 186.918535] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 187.040385] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 187.047619] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 187.071328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 187.150562] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 187.157727] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 187.170792] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 187.514364] bridge0: port 2(bridge_slave_1) entered blocking state [ 187.520927] bridge0: port 2(bridge_slave_1) entered forwarding state [ 187.527731] bridge0: port 1(bridge_slave_0) entered blocking state [ 187.534183] bridge0: port 1(bridge_slave_0) entered forwarding state [ 187.549919] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 187.831407] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 187.897642] bridge0: port 2(bridge_slave_1) entered blocking state [ 187.904072] bridge0: port 2(bridge_slave_1) entered forwarding state [ 187.910798] bridge0: port 1(bridge_slave_0) entered blocking state [ 187.917166] bridge0: port 1(bridge_slave_0) entered forwarding state [ 187.927213] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 188.607596] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.614039] bridge0: port 2(bridge_slave_1) entered forwarding state [ 188.620877] bridge0: port 1(bridge_slave_0) entered blocking state [ 188.627246] bridge0: port 1(bridge_slave_0) entered forwarding state [ 188.661581] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 188.890460] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 188.898916] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 190.886151] 8021q: adding VLAN 0 to HW filter on device bond0 [ 191.326898] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 191.793122] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 191.799324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 191.807078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 191.945129] 8021q: adding VLAN 0 to HW filter on device bond0 [ 191.964559] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.298659] 8021q: adding VLAN 0 to HW filter on device team0 [ 192.346869] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 192.468995] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 192.760258] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.772706] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 192.778864] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 192.788732] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 192.951445] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 192.971659] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 192.978751] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 193.007445] 8021q: adding VLAN 0 to HW filter on device bond0 [ 193.236167] 8021q: adding VLAN 0 to HW filter on device team0 [ 193.253231] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 193.358218] 8021q: adding VLAN 0 to HW filter on device team0 [ 193.478771] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 193.760140] 8021q: adding VLAN 0 to HW filter on device bond0 [ 193.770319] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 193.785357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 193.798873] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 193.967294] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 193.979362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 194.000816] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 194.159930] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 194.310565] 8021q: adding VLAN 0 to HW filter on device team0 [ 194.392044] 8021q: adding VLAN 0 to HW filter on device team0 [ 194.631613] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 194.637822] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 194.649176] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 195.162998] 8021q: adding VLAN 0 to HW filter on device team0 12:38:52 executing program 0: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0x11, 0xa, 0x300) r0 = socket$kcm(0xa, 0x522000000003, 0x11) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0, 0x7}, 0x20) sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x0, 0xffffff7f00000000, 0x7e4c, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) getdents64(0xffffffffffffffff, &(0x7f0000000280)=""/227, 0xe3) [ 195.441708] hrtimer: interrupt took 31868 ns 12:38:52 executing program 0: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0x11, 0xa, 0x300) r0 = socket$kcm(0xa, 0x522000000003, 0x11) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0, 0x7}, 0x20) sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x0, 0xffffff7f00000000, 0x7e4c, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) getdents64(0xffffffffffffffff, &(0x7f0000000280)=""/227, 0xe3) 12:38:53 executing program 0: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0x11, 0xa, 0x300) r0 = socket$kcm(0xa, 0x522000000003, 0x11) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0, 0x7}, 0x20) sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x0, 0xffffff7f00000000, 0x7e4c, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) getdents64(0xffffffffffffffff, &(0x7f0000000280)=""/227, 0xe3) 12:38:53 executing program 2: r0 = perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet_tcp_SIOCATMARK(0xffffffffffffffff, 0x40247007, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000180)='mountinfo\x00') ioctl$TIOCGETD(r2, 0x5424, &(0x7f00000002c0)) set_thread_area(&(0x7f0000000580)={0x7a, 0x20001800, 0x4000, 0x200, 0xffff, 0x1, 0x101, 0x2, 0x843, 0x3}) rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='./file0\x00') write$FUSE_NOTIFY_STORE(r1, &(0x7f0000000480)={0x2a, 0x4, 0x0, {0x1, 0xbe, 0x2, 0x0, [0x0, 0x0]}}, 0x2a) mount(&(0x7f0000000640)=ANY=[@ANYBLOB="539b9105ab1072c24e2b980945c27f3b81ff00"], 0x0, 0x0, 0x0, 0x0) mount(&(0x7f0000d04000), &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x100000, &(0x7f0000444000)) mount(&(0x7f0000000500)=ANY=[@ANYBLOB="969957b52d30fea3a6945a209691fd3e214cb9dcc33db7762efad2628dcef5d3b6364e601019df973b53d859e769464fe2a2410d59da45"], 0x0, 0x0, 0x80010, 0x0) mount(&(0x7f00002b9ff8), &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x80000, &(0x7f000002f000)) r3 = dup2(r1, r1) ioctl$TCSBRKP(r2, 0x5425, 0x5) write$FUSE_OPEN(r3, &(0x7f0000000780)={0x20, 0x0, 0x8, {0x0, 0x1}}, 0x20) pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00') mount(&(0x7f0000000c00)=ANY=[@ANYBLOB="6cef0c39098c2a043df8a2c1a8149b00c19b93ea76774129830cb8e5c1c83d4972085ae341b504e0d822dcffd1483d36d02e094416789ad73e7b16814b44640400fa4c5787cbe9f02e5a9bd67834af4a0235b68d7becf346fd5688b760a453b94ea1c41f15fa83b048f8a0f4525fd949d5ede248dc7de0413f92e6118f8e97b8fbf5bc41a4b18305adb1962f94611d73cedcfda5f20506ff58e1f5e5687a609e3412090de337701a9c6374852e00000000c86ad4e872d8002dd46290eebe61ed25a052740e009848158a889097948dc87aa98fc57ed9299117624477b1ff486ffb15f91f7afea5489acb125e6dd93d7b2214bfaafbb305180596e1ce33e11596a739162aedeb544b5baaad77495d41cd0996d04db58c91dac1301c1404ee174d54db1e46987b793ca23cee33d8f66ba83031ac120536d2f9b2666411696f54d7e3660de76fe4f05667b2edd55c9870cb983f2a0fa7f7fd0511346a73204e7e469bc1197ba335de1343f4979cb0f2a63517873421013823004e129faac9c46f2766faacb1", @ANYRES32=r1, @ANYRES64=r0, @ANYRESHEX, @ANYRES32=r2, @ANYPTR64], 0x0, 0x0, 0x0, &(0x7f0000000bc0)="8d6f5b746d6f6465") preadv(r1, &(0x7f0000001400)=[{&(0x7f0000004200)=""/4096, 0x9d}], 0x1, 0x2) ioctl$int_out(r0, 0x2, &(0x7f0000000700)) link(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='./file0\x00') ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000140)) utimes(&(0x7f0000000440)='./file0\x00', &(0x7f0000000180)={{0x0, 0x7530}}) close(r1) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000340)={0x0, 0x24}, &(0x7f0000000680)=0x8) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f00000006c0)={r4, 0x100000000}, &(0x7f0000000740)=0x8) r5 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r5, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @local}, {0x0, @broadcast}, 0x0, {0x2, 0x0, @multicast2}, 'lo\x00'}) fcntl$setflags(r0, 0x2, 0x0) [ 196.605342] ================================================================== [ 196.612895] BUG: KASAN: use-after-free in __list_add_valid+0x8f/0xac [ 196.619411] Read of size 8 at addr ffff8881b945d4b0 by task syz-executor1/7672 [ 196.627242] [ 196.628905] CPU: 0 PID: 7672 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 196.637399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 196.646770] Call Trace: [ 196.649390] dump_stack+0x244/0x39d [ 196.653039] ? dump_stack_print_info.cold.1+0x20/0x20 [ 196.658239] ? printk+0xa7/0xcf [ 196.661528] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 196.666313] print_address_description.cold.4+0x9/0x1ff [ 196.671705] ? __list_add_valid+0x8f/0xac [ 196.675934] kasan_report.cold.5+0x1b/0x39 [ 196.680188] ? __list_add_valid+0x8f/0xac [ 196.684366] ? sctp_packet+0xcc0/0x22be [ 196.688361] ? __list_add_valid+0x8f/0xac [ 196.692569] __asan_report_load8_noabort+0x14/0x20 [ 196.697544] __list_add_valid+0x8f/0xac [ 196.701533] ___neigh_create+0x14b7/0x2600 [ 196.705802] ? graph_lock+0x270/0x270 [ 196.709621] ? __lock_acquire+0x62f/0x4c20 [ 196.713889] ? neigh_remove_one+0x5a0/0x5a0 [ 196.718232] ? netlink_has_listeners+0x2a4/0x4a0 [ 196.723005] ? lock_downgrade+0x900/0x900 [ 196.727184] ? check_preemption_disabled+0x48/0x280 [ 196.732488] ? kasan_check_read+0x11/0x20 [ 196.736645] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 196.741950] ? rcu_read_unlock_special+0x370/0x370 [ 196.746920] ? netlink_has_listeners+0x2cb/0x4a0 [ 196.751699] ? netlink_tap_init_net+0x3d0/0x3d0 [ 196.756406] ? lock_acquire+0x1ed/0x520 [ 196.760398] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 196.765979] ? check_preemption_disabled+0x48/0x280 [ 196.771013] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 196.776564] ? rcu_pm_notify+0xc0/0xc0 [ 196.780476] __neigh_create+0x30/0x40 [ 196.784304] ip_finish_output2+0xb91/0x1a30 [ 196.788651] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 196.793971] ? ip_copy_metadata+0xdb0/0xdb0 [ 196.798318] ? graph_lock+0x270/0x270 12:38:53 executing program 2: r0 = perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet_tcp_SIOCATMARK(0xffffffffffffffff, 0x40247007, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000180)='mountinfo\x00') ioctl$TIOCGETD(r2, 0x5424, &(0x7f00000002c0)) set_thread_area(&(0x7f0000000580)={0x7a, 0x20001800, 0x4000, 0x200, 0xffff, 0x1, 0x101, 0x2, 0x843, 0x3}) rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='./file0\x00') write$FUSE_NOTIFY_STORE(r1, &(0x7f0000000480)={0x2a, 0x4, 0x0, {0x1, 0xbe, 0x2, 0x0, [0x0, 0x0]}}, 0x2a) mount(&(0x7f0000000640)=ANY=[@ANYBLOB="539b9105ab1072c24e2b980945c27f3b81ff00"], 0x0, 0x0, 0x0, 0x0) mount(&(0x7f0000d04000), &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x100000, &(0x7f0000444000)) mount(&(0x7f0000000500)=ANY=[@ANYBLOB="969957b52d30fea3a6945a209691fd3e214cb9dcc33db7762efad2628dcef5d3b6364e601019df973b53d859e769464fe2a2410d59da45"], 0x0, 0x0, 0x80010, 0x0) mount(&(0x7f00002b9ff8), &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x80000, &(0x7f000002f000)) r3 = dup2(r1, r1) ioctl$TCSBRKP(r2, 0x5425, 0x5) write$FUSE_OPEN(r3, &(0x7f0000000780)={0x20, 0x0, 0x8, {0x0, 0x1}}, 0x20) pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00') mount(&(0x7f0000000c00)=ANY=[@ANYBLOB="6cef0c39098c2a043df8a2c1a8149b00c19b93ea76774129830cb8e5c1c83d4972085ae341b504e0d822dcffd1483d36d02e094416789ad73e7b16814b44640400fa4c5787cbe9f02e5a9bd67834af4a0235b68d7becf346fd5688b760a453b94ea1c41f15fa83b048f8a0f4525fd949d5ede248dc7de0413f92e6118f8e97b8fbf5bc41a4b18305adb1962f94611d73cedcfda5f20506ff58e1f5e5687a609e3412090de337701a9c6374852e00000000c86ad4e872d8002dd46290eebe61ed25a052740e009848158a889097948dc87aa98fc57ed9299117624477b1ff486ffb15f91f7afea5489acb125e6dd93d7b2214bfaafbb305180596e1ce33e11596a739162aedeb544b5baaad77495d41cd0996d04db58c91dac1301c1404ee174d54db1e46987b793ca23cee33d8f66ba83031ac120536d2f9b2666411696f54d7e3660de76fe4f05667b2edd55c9870cb983f2a0fa7f7fd0511346a73204e7e469bc1197ba335de1343f4979cb0f2a63517873421013823004e129faac9c46f2766faacb1", @ANYRES32=r1, @ANYRES64=r0, @ANYRESHEX, @ANYRES32=r2, @ANYPTR64], 0x0, 0x0, 0x0, &(0x7f0000000bc0)="8d6f5b746d6f6465") preadv(r1, &(0x7f0000001400)=[{&(0x7f0000004200)=""/4096, 0x9d}], 0x1, 0x2) ioctl$int_out(r0, 0x2, &(0x7f0000000700)) link(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='./file0\x00') ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000140)) utimes(&(0x7f0000000440)='./file0\x00', &(0x7f0000000180)={{0x0, 0x7530}}) close(r1) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000340)={0x0, 0x24}, &(0x7f0000000680)=0x8) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f00000006c0)={r4, 0x100000000}, &(0x7f0000000740)=0x8) r5 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r5, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @local}, {0x0, @broadcast}, 0x0, {0x2, 0x0, @multicast2}, 'lo\x00'}) fcntl$setflags(r0, 0x2, 0x0) [ 196.802140] ? nf_ct_deliver_cached_events+0x28b/0x7d0 [ 196.807430] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 196.812975] ? ipv4_mtu+0x39f/0x590 [ 196.816645] ? find_held_lock+0x36/0x1c0 [ 196.820734] ip_finish_output+0x7fd/0xfa0 [ 196.824889] ? ip_finish_output+0x7fd/0xfa0 [ 196.829236] ? ip_fragment.constprop.51+0x240/0x240 [ 196.834266] ? kasan_check_read+0x11/0x20 [ 196.838436] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 196.843742] ? nf_nat_ipv4_out+0x2e1/0x340 [ 196.847996] ? rcu_read_unlock_special+0x370/0x370 [ 196.852938] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 196.857968] ? nf_hook_slow+0x11e/0x1c0 [ 196.861967] ip_output+0x21d/0x8d0 [ 196.865539] ? ip_mc_output+0x15b0/0x15b0 [ 196.869717] ? ip_fragment.constprop.51+0x240/0x240 [ 196.874754] ? __lock_is_held+0xb5/0x140 [ 196.878843] ip_local_out+0xc5/0x1b0 [ 196.882619] __ip_queue_xmit+0x9af/0x1f40 [ 196.886797] ? ip_build_and_send_pkt+0xc90/0xc90 [ 196.891583] ? mark_held_locks+0x130/0x130 [ 196.895870] sctp_v4_xmit+0x1a7/0x200 [ 196.899691] sctp_packet_transmit+0x1f1d/0x3d00 12:38:53 executing program 2: r0 = perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet_tcp_SIOCATMARK(0xffffffffffffffff, 0x40247007, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000180)='mountinfo\x00') ioctl$TIOCGETD(r2, 0x5424, &(0x7f00000002c0)) set_thread_area(&(0x7f0000000580)={0x7a, 0x20001800, 0x4000, 0x200, 0xffff, 0x1, 0x101, 0x2, 0x843, 0x3}) rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='./file0\x00') write$FUSE_NOTIFY_STORE(r1, &(0x7f0000000480)={0x2a, 0x4, 0x0, {0x1, 0xbe, 0x2, 0x0, [0x0, 0x0]}}, 0x2a) mount(&(0x7f0000000640)=ANY=[@ANYBLOB="539b9105ab1072c24e2b980945c27f3b81ff00"], 0x0, 0x0, 0x0, 0x0) mount(&(0x7f0000d04000), &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x100000, &(0x7f0000444000)) mount(&(0x7f0000000500)=ANY=[@ANYBLOB="969957b52d30fea3a6945a209691fd3e214cb9dcc33db7762efad2628dcef5d3b6364e601019df973b53d859e769464fe2a2410d59da45"], 0x0, 0x0, 0x80010, 0x0) mount(&(0x7f00002b9ff8), &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x80000, &(0x7f000002f000)) r3 = dup2(r1, r1) ioctl$TCSBRKP(r2, 0x5425, 0x5) write$FUSE_OPEN(r3, &(0x7f0000000780)={0x20, 0x0, 0x8, {0x0, 0x1}}, 0x20) pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00') mount(&(0x7f0000000c00)=ANY=[@ANYBLOB="6cef0c39098c2a043df8a2c1a8149b00c19b93ea76774129830cb8e5c1c83d4972085ae341b504e0d822dcffd1483d36d02e094416789ad73e7b16814b44640400fa4c5787cbe9f02e5a9bd67834af4a0235b68d7becf346fd5688b760a453b94ea1c41f15fa83b048f8a0f4525fd949d5ede248dc7de0413f92e6118f8e97b8fbf5bc41a4b18305adb1962f94611d73cedcfda5f20506ff58e1f5e5687a609e3412090de337701a9c6374852e00000000c86ad4e872d8002dd46290eebe61ed25a052740e009848158a889097948dc87aa98fc57ed9299117624477b1ff486ffb15f91f7afea5489acb125e6dd93d7b2214bfaafbb305180596e1ce33e11596a739162aedeb544b5baaad77495d41cd0996d04db58c91dac1301c1404ee174d54db1e46987b793ca23cee33d8f66ba83031ac120536d2f9b2666411696f54d7e3660de76fe4f05667b2edd55c9870cb983f2a0fa7f7fd0511346a73204e7e469bc1197ba335de1343f4979cb0f2a63517873421013823004e129faac9c46f2766faacb1", @ANYRES32=r1, @ANYRES64=r0, @ANYRESHEX, @ANYRES32=r2, @ANYPTR64], 0x0, 0x0, 0x0, &(0x7f0000000bc0)="8d6f5b746d6f6465") preadv(r1, &(0x7f0000001400)=[{&(0x7f0000004200)=""/4096, 0x9d}], 0x1, 0x2) ioctl$int_out(r0, 0x2, &(0x7f0000000700)) link(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='./file0\x00') ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000140)) utimes(&(0x7f0000000440)='./file0\x00', &(0x7f0000000180)={{0x0, 0x7530}}) close(r1) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000340)={0x0, 0x24}, &(0x7f0000000680)=0x8) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f00000006c0)={r4, 0x100000000}, &(0x7f0000000740)=0x8) r5 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r5, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @local}, {0x0, @broadcast}, 0x0, {0x2, 0x0, @multicast2}, 'lo\x00'}) fcntl$setflags(r0, 0x2, 0x0) [ 196.904414] ? sctp_packet_config+0x11f0/0x11f0 [ 196.909096] ? graph_lock+0x270/0x270 [ 196.912909] ? sctp_packet_config+0xae9/0x11f0 [ 196.917531] ? lock_downgrade+0x900/0x900 [ 196.921693] ? check_preemption_disabled+0x48/0x280 [ 196.926726] ? find_held_lock+0x36/0x1c0 [ 196.930818] ? sctp_packet_config+0xae9/0x11f0 [ 196.935420] ? lock_downgrade+0x900/0x900 [ 196.939575] ? check_preemption_disabled+0x48/0x280 [ 196.944608] ? kasan_check_read+0x11/0x20 [ 196.948800] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 196.954103] ? rcu_read_unlock_special+0x370/0x370 [ 196.959064] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 196.964288] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 196.969835] ? __sctp_packet_append_chunk+0x11e/0xf00 [ 196.975040] ? sctp_csum_update+0x30/0x30 [ 196.979205] ? __sctp_outq_teardown+0x11f0/0x11f0 [ 196.984071] ? sctp_packet_init+0x7d/0x320 [ 196.988339] ? sctp_packet_append_chunk+0x971/0xdd0 [ 196.993382] sctp_outq_flush_ctrl.constprop.11+0x7a9/0xe50 [ 196.999035] ? mark_held_locks+0x130/0x130 [ 197.003292] ? sctp_outq_select_transport+0x9a0/0x9a0 [ 197.008508] ? lock_downgrade+0x900/0x900 [ 197.012674] ? trace_hardirqs_off+0xb8/0x310 [ 197.017131] ? kasan_check_read+0x11/0x20 [ 197.021309] ? do_raw_spin_unlock+0xa7/0x330 [ 197.025729] ? trace_hardirqs_on+0x310/0x310 [ 197.030153] ? unwind_get_return_address+0x61/0xa0 [ 197.035107] sctp_outq_flush+0x310/0x34f0 [ 197.039266] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 197.044407] ? save_stack+0xa9/0xd0 [ 197.048095] ? sctp_check_transmitted+0x1f10/0x1f10 [ 197.053134] ? print_usage_bug+0xc0/0xc0 [ 197.057272] ? debug_object_activate+0x402/0x600 [ 197.062041] ? lock_downgrade+0x900/0x900 [ 197.066209] ? find_held_lock+0x36/0x1c0 [ 197.070296] ? mark_held_locks+0xc7/0x130 [ 197.074457] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 197.079566] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 197.084677] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 197.089273] ? trace_hardirqs_on+0xbd/0x310 [ 197.093611] ? kasan_check_read+0x11/0x20 [ 197.097766] ? add_timer+0x629/0x15a0 [ 197.101596] ? trace_hardirqs_off_caller+0x310/0x310 12:38:54 executing program 2: r0 = perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet_tcp_SIOCATMARK(0xffffffffffffffff, 0x40247007, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000180)='mountinfo\x00') ioctl$TIOCGETD(r2, 0x5424, &(0x7f00000002c0)) set_thread_area(&(0x7f0000000580)={0x7a, 0x20001800, 0x4000, 0x200, 0xffff, 0x1, 0x101, 0x2, 0x843, 0x3}) rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='./file0\x00') write$FUSE_NOTIFY_STORE(r1, &(0x7f0000000480)={0x2a, 0x4, 0x0, {0x1, 0xbe, 0x2, 0x0, [0x0, 0x0]}}, 0x2a) mount(&(0x7f0000000640)=ANY=[@ANYBLOB="539b9105ab1072c24e2b980945c27f3b81ff00"], 0x0, 0x0, 0x0, 0x0) mount(&(0x7f0000d04000), &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x100000, &(0x7f0000444000)) mount(&(0x7f0000000500)=ANY=[@ANYBLOB="969957b52d30fea3a6945a209691fd3e214cb9dcc33db7762efad2628dcef5d3b6364e601019df973b53d859e769464fe2a2410d59da45"], 0x0, 0x0, 0x80010, 0x0) mount(&(0x7f00002b9ff8), &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x80000, &(0x7f000002f000)) r3 = dup2(r1, r1) ioctl$TCSBRKP(r2, 0x5425, 0x5) write$FUSE_OPEN(r3, &(0x7f0000000780)={0x20, 0x0, 0x8, {0x0, 0x1}}, 0x20) pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00') mount(&(0x7f0000000c00)=ANY=[@ANYBLOB="6cef0c39098c2a043df8a2c1a8149b00c19b93ea76774129830cb8e5c1c83d4972085ae341b504e0d822dcffd1483d36d02e094416789ad73e7b16814b44640400fa4c5787cbe9f02e5a9bd67834af4a0235b68d7becf346fd5688b760a453b94ea1c41f15fa83b048f8a0f4525fd949d5ede248dc7de0413f92e6118f8e97b8fbf5bc41a4b18305adb1962f94611d73cedcfda5f20506ff58e1f5e5687a609e3412090de337701a9c6374852e00000000c86ad4e872d8002dd46290eebe61ed25a052740e009848158a889097948dc87aa98fc57ed9299117624477b1ff486ffb15f91f7afea5489acb125e6dd93d7b2214bfaafbb305180596e1ce33e11596a739162aedeb544b5baaad77495d41cd0996d04db58c91dac1301c1404ee174d54db1e46987b793ca23cee33d8f66ba83031ac120536d2f9b2666411696f54d7e3660de76fe4f05667b2edd55c9870cb983f2a0fa7f7fd0511346a73204e7e469bc1197ba335de1343f4979cb0f2a63517873421013823004e129faac9c46f2766faacb1", @ANYRES32=r1, @ANYRES64=r0, @ANYRESHEX, @ANYRES32=r2, @ANYPTR64], 0x0, 0x0, 0x0, &(0x7f0000000bc0)="8d6f5b746d6f6465") preadv(r1, &(0x7f0000001400)=[{&(0x7f0000004200)=""/4096, 0x9d}], 0x1, 0x2) ioctl$int_out(r0, 0x2, &(0x7f0000000700)) link(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='./file0\x00') ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000140)) utimes(&(0x7f0000000440)='./file0\x00', &(0x7f0000000180)={{0x0, 0x7530}}) close(r1) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000340)={0x0, 0x24}, &(0x7f0000000680)=0x8) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f00000006c0)={r4, 0x100000000}, &(0x7f0000000740)=0x8) r5 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r5, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @local}, {0x0, @broadcast}, 0x0, {0x2, 0x0, @multicast2}, 'lo\x00'}) fcntl$setflags(r0, 0x2, 0x0) [ 197.106706] ? __bpf_trace_timer_expire_entry+0x30/0x30 [ 197.112085] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 197.117195] ? add_timer+0x62e/0x15a0 [ 197.121008] ? mod_timer+0x1560/0x1560 [ 197.124896] ? sctp_init_cause+0x2d0/0x2d0 [ 197.129140] ? sctp_hash_obj+0x5e0/0x5e0 [ 197.133225] ? ip_route_output_key_hash+0x270/0x3b0 [ 197.138270] ? __rhashtable_lookup.isra.24.constprop.29+0x7d0/0x7d0 [ 197.144709] ? sctp_hash_key+0x560/0x560 [ 197.148790] ? sctp_csum_update+0x30/0x30 [ 197.152948] ? graph_lock+0x270/0x270 [ 197.156764] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 197.162339] ? sctp_outq_tail+0x7cf/0xad0 [ 197.166516] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 197.172071] ? sctp_outq_free+0x20/0x20 [ 197.176063] ? refcount_dec_checked+0x70/0x70 [ 197.180566] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 197.185763] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 197.191342] ? sctp_endpoint_add_asoc+0xb3/0x3d0 [ 197.196145] ? sctp_endpoint_new+0xff0/0xff0 [ 197.200570] sctp_outq_uncork+0x6a/0x80 [ 197.204552] sctp_do_sm+0x5ff/0x7190 [ 197.208288] ? sctp_do_8_2_transport_strike.isra.19+0x950/0x950 [ 197.214362] ? sctp_hash_transport+0x55b/0x810 [ 197.218981] ? lock_downgrade+0x900/0x900 [ 197.223140] ? check_preemption_disabled+0x48/0x280 [ 197.228168] ? kasan_check_read+0x11/0x20 [ 197.232322] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 197.237666] ? rcu_read_unlock_special+0x370/0x370 [ 197.242613] ? kmem_cache_alloc_trace+0x356/0x740 [ 197.247462] ? sctp_hash_transport+0x5e2/0x810 [ 197.252075] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 197.257636] ? sctp_hash_transport+0x118/0x810 [ 197.262219] ? ipv4_mtu+0x39f/0x590 [ 197.265870] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 197.271339] ? sctp_transport_hashtable_destroy+0x20/0x20 [ 197.276895] ? __rhashtable_lookup.isra.24.constprop.29+0x7d0/0x7d0 [ 197.283315] ? sctp_hash_key+0x560/0x560 [ 197.287413] ? sctp_csum_update+0x30/0x30 [ 197.291567] ? sctp_packet_init+0x7d/0x320 [ 197.295815] ? __sctp_packet_append_chunk+0xf00/0xf00 [ 197.301008] ? memcpy+0x45/0x50 [ 197.304314] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 197.309890] sctp_primitive_ASSOCIATE+0x9d/0xd0 [ 197.314571] __sctp_connect+0x9aa/0xda0 [ 197.318563] ? sctp_sendmsg_to_asoc+0x1a10/0x1a10 [ 197.323440] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 197.328987] ? _copy_from_user+0xdf/0x150 [ 197.333147] ? security_sctp_bind_connect+0x9a/0xc0 [ 197.338178] __sctp_setsockopt_connectx+0x134/0x190 [ 197.343212] sctp_setsockopt+0x2109/0x7380 [ 197.347490] ? _raw_spin_unlock_irqrestore+0xbb/0xd0 [ 197.352608] ? sctp_setsockopt_paddr_thresholds+0x560/0x560 [ 197.358329] ? __lock_acquire+0x62f/0x4c20 [ 197.362573] ? migrate_swap_stop+0x8a0/0x8a0 [ 197.366999] ? mark_held_locks+0x130/0x130 [ 197.371244] ? futex_wake+0x613/0x760 [ 197.375051] ? lock_downgrade+0x900/0x900 [ 197.379251] ? kasan_check_read+0x11/0x20 [ 197.383411] ? print_usage_bug+0xc0/0xc0 [ 197.387491] ? do_raw_spin_trylock+0x270/0x270 [ 197.392086] ? print_usage_bug+0xc0/0xc0 [ 197.396161] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 197.401359] ? drop_futex_key_refs.isra.14+0x6d/0xe0 [ 197.406471] ? futex_wake+0x304/0x760 [ 197.410285] ? graph_lock+0x270/0x270 [ 197.414091] ? __lock_acquire+0x62f/0x4c20 [ 197.414122] ? find_held_lock+0x36/0x1c0 [ 197.414145] ? __fget+0x4aa/0x740 [ 197.414160] ? lock_downgrade+0x900/0x900 [ 197.422533] ? check_preemption_disabled+0x48/0x280 [ 197.422553] ? kasan_check_read+0x11/0x20 [ 197.422567] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 197.422582] ? rcu_read_unlock_special+0x370/0x370 [ 197.422610] ? __fget+0x4d1/0x740 [ 197.452965] ? ksys_dup3+0x680/0x680 [ 197.456709] ? perf_trace_sched_process_exec+0x860/0x860 [ 197.462170] ? find_held_lock+0x36/0x1c0 [ 197.466262] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 197.471814] ? aa_label_sk_perm+0x91/0x100 [ 197.476114] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 197.476144] ? aa_sk_perm+0x22b/0x8e0 [ 197.476159] ? fget_raw+0x20/0x20 [ 197.476177] ? perf_trace_sched_process_exec+0x860/0x860 [ 197.484907] ? aa_af_perm+0x5a0/0x5a0 [ 197.484934] ? aa_sock_opt_perm.isra.13+0xa1/0x130 [ 197.484957] sock_common_setsockopt+0x9a/0xe0 [ 197.507205] __sys_setsockopt+0x1ba/0x3c0 [ 197.511361] ? kernel_accept+0x310/0x310 [ 197.515452] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 197.520071] ? trace_hardirqs_on+0xbd/0x310 [ 197.524405] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 197.529779] ? trace_hardirqs_off_caller+0x310/0x310 [ 197.534910] __x64_sys_setsockopt+0xbe/0x150 [ 197.539337] do_syscall_64+0x1b9/0x820 [ 197.543242] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 197.548614] ? syscall_return_slowpath+0x5e0/0x5e0 [ 197.553554] ? trace_hardirqs_on_caller+0x310/0x310 [ 197.558594] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 197.563638] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 197.570313] ? __switch_to_asm+0x40/0x70 [ 197.574386] ? __switch_to_asm+0x34/0x70 [ 197.578464] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 197.583354] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 197.588596] RIP: 0033:0x457659 [ 197.591802] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 197.610950] RSP: 002b:00007f04322bdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 197.618664] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000457659 [ 197.625935] RDX: 000000000000006b RSI: 0000000000000084 RDI: 0000000000000006 [ 197.633210] RBP: 000000000072bfa0 R08: 0000000000000010 R09: 0000000000000000 [ 197.640482] R10: 0000000020000000 R11: 0000000000000246 R12: 00007f04322be6d4 [ 197.647751] R13: 00000000004cb718 R14: 00000000004d8678 R15: 00000000ffffffff [ 197.655038] [ 197.656672] Allocated by task 7660: [ 197.660317] save_stack+0x43/0xd0 [ 197.663776] kasan_kmalloc+0xcb/0xd0 [ 197.667523] __kmalloc+0x15d/0x760 [ 197.671084] ___neigh_create+0x13fc/0x2600 [ 197.675342] __neigh_create+0x30/0x40 [ 197.679161] arp_req_set+0x59d/0xaa0 [ 197.682888] arp_ioctl+0x48b/0xae0 [ 197.686456] inet_ioctl+0x237/0x360 [ 197.690094] sock_do_ioctl+0xeb/0x420 [ 197.693899] sock_ioctl+0x313/0x690 [ 197.697530] do_vfs_ioctl+0x1de/0x1790 [ 197.701427] ksys_ioctl+0xa9/0xd0 [ 197.704886] __x64_sys_ioctl+0x73/0xb0 [ 197.708780] do_syscall_64+0x1b9/0x820 [ 197.712693] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 197.717879] [ 197.719519] Freed by task 9: [ 197.722549] save_stack+0x43/0xd0 [ 197.726012] __kasan_slab_free+0x102/0x150 [ 197.730268] kasan_slab_free+0xe/0x10 [ 197.734085] kfree+0xcf/0x230 [ 197.737194] rcu_process_callbacks+0xd91/0x15f0 [ 197.741870] __do_softirq+0x308/0xb7e [ 197.745665] [ 197.747298] The buggy address belongs to the object at ffff8881b945d240 [ 197.747298] which belongs to the cache kmalloc-1k of size 1024 [ 197.759979] The buggy address is located 624 bytes inside of [ 197.759979] 1024-byte region [ffff8881b945d240, ffff8881b945d640) [ 197.771943] The buggy address belongs to the page: [ 197.776870] page:ffffea0006e51700 count:1 mapcount:0 mapping:ffff8881da800ac0 index:0xffff8881b945c040 compound_mapcount: 0 [ 197.788134] flags: 0x2fffc0000010200(slab|head) [ 197.792830] raw: 02fffc0000010200 ffffea0007097208 ffffea0006e3f988 ffff8881da800ac0 [ 197.800730] raw: ffff8881b945c040 ffff8881b945c040 0000000100000006 0000000000000000 [ 197.808605] page dumped because: kasan: bad access detected [ 197.814315] [ 197.815959] Memory state around the buggy address: [ 197.820896] ffff8881b945d380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 197.828264] ffff8881b945d400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 197.835629] >ffff8881b945d480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 197.842986] ^ [ 197.847926] ffff8881b945d500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 197.855297] ffff8881b945d580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 197.862652] ================================================================== [ 197.870014] Disabling lock debugging due to kernel taint [ 197.875554] Kernel panic - not syncing: panic_on_warn set ... [ 197.881461] CPU: 0 PID: 7672 Comm: syz-executor1 Tainted: G B 4.20.0-rc6-next-20181210+ #164 [ 197.891367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 197.900740] Call Trace: [ 197.903335] dump_stack+0x244/0x39d [ 197.907002] ? dump_stack_print_info.cold.1+0x20/0x20 [ 197.912209] ? __list_add_valid+0x10/0xac [ 197.916363] panic+0x2ad/0x632 [ 197.919561] ? add_taint.cold.5+0x16/0x16 [ 197.923724] ? trace_hardirqs_on+0xb4/0x310 [ 197.928052] ? __list_add_valid+0x8f/0xac [ 197.932215] end_report+0x47/0x4f [ 197.935679] kasan_report.cold.5+0xe/0x39 [ 197.939834] ? __list_add_valid+0x8f/0xac [ 197.944015] ? sctp_packet+0xcc0/0x22be [ 197.947998] ? __list_add_valid+0x8f/0xac [ 197.952153] __asan_report_load8_noabort+0x14/0x20 [ 197.957098] __list_add_valid+0x8f/0xac [ 197.961087] ___neigh_create+0x14b7/0x2600 [ 197.965342] ? graph_lock+0x270/0x270 [ 197.969176] ? __lock_acquire+0x62f/0x4c20 [ 197.973424] ? neigh_remove_one+0x5a0/0x5a0 [ 197.977837] ? netlink_has_listeners+0x2a4/0x4a0 [ 197.982635] ? lock_downgrade+0x900/0x900 [ 197.986805] ? check_preemption_disabled+0x48/0x280 [ 197.991863] ? kasan_check_read+0x11/0x20 [ 197.991878] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 197.991893] ? rcu_read_unlock_special+0x370/0x370 [ 197.991914] ? netlink_has_listeners+0x2cb/0x4a0 [ 197.991929] ? netlink_tap_init_net+0x3d0/0x3d0 [ 197.991949] ? lock_acquire+0x1ed/0x520 [ 198.019688] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 198.025231] ? check_preemption_disabled+0x48/0x280 [ 198.030278] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 198.035828] ? rcu_pm_notify+0xc0/0xc0 [ 198.039725] __neigh_create+0x30/0x40 [ 198.043544] ip_finish_output2+0xb91/0x1a30 [ 198.047873] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 198.053150] ? ip_copy_metadata+0xdb0/0xdb0 [ 198.057476] ? graph_lock+0x270/0x270 [ 198.061299] ? nf_ct_deliver_cached_events+0x28b/0x7d0 [ 198.065693] kobject: 'loop5' (00000000a3546e1b): kobject_uevent_env [ 198.066608] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 198.066620] ? ipv4_mtu+0x39f/0x590 [ 198.066637] ? find_held_lock+0x36/0x1c0 [ 198.075211] kobject: 'loop5' (00000000a3546e1b): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 198.078655] ip_finish_output+0x7fd/0xfa0 [ 198.078668] ? ip_finish_output+0x7fd/0xfa0 [ 198.078686] ? ip_fragment.constprop.51+0x240/0x240 [ 198.109267] ? kasan_check_read+0x11/0x20 [ 198.113445] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 198.118757] ? nf_nat_ipv4_out+0x2e1/0x340 [ 198.123007] ? rcu_read_unlock_special+0x370/0x370 [ 198.127941] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 198.132958] ? nf_hook_slow+0x11e/0x1c0 [ 198.136934] ip_output+0x21d/0x8d0 [ 198.140501] ? ip_mc_output+0x15b0/0x15b0 [ 198.144657] ? ip_fragment.constprop.51+0x240/0x240 [ 198.149709] ? __lock_is_held+0xb5/0x140 [ 198.153798] ip_local_out+0xc5/0x1b0 [ 198.157544] __ip_queue_xmit+0x9af/0x1f40 [ 198.161699] ? ip_build_and_send_pkt+0xc90/0xc90 [ 198.166477] ? mark_held_locks+0x130/0x130 [ 198.170721] sctp_v4_xmit+0x1a7/0x200 [ 198.174550] sctp_packet_transmit+0x1f1d/0x3d00 [ 198.179235] ? sctp_packet_config+0x11f0/0x11f0 [ 198.183908] ? graph_lock+0x270/0x270 [ 198.187714] ? sctp_packet_config+0xae9/0x11f0 [ 198.192301] ? lock_downgrade+0x900/0x900 [ 198.196449] ? check_preemption_disabled+0x48/0x280 [ 198.201494] ? find_held_lock+0x36/0x1c0 [ 198.205579] ? sctp_packet_config+0xae9/0x11f0 [ 198.210166] ? lock_downgrade+0x900/0x900 [ 198.214666] ? check_preemption_disabled+0x48/0x280 [ 198.219691] ? kasan_check_read+0x11/0x20 [ 198.223843] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 198.229126] ? rcu_read_unlock_special+0x370/0x370 [ 198.234073] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 198.239271] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 198.244822] ? __sctp_packet_append_chunk+0x11e/0xf00 [ 198.250018] ? sctp_csum_update+0x30/0x30 [ 198.254170] ? __sctp_outq_teardown+0x11f0/0x11f0 [ 198.259020] ? sctp_packet_init+0x7d/0x320 [ 198.263282] ? sctp_packet_append_chunk+0x971/0xdd0 [ 198.268383] sctp_outq_flush_ctrl.constprop.11+0x7a9/0xe50 [ 198.274012] ? mark_held_locks+0x130/0x130 [ 198.278255] ? sctp_outq_select_transport+0x9a0/0x9a0 [ 198.283475] ? lock_downgrade+0x900/0x900 [ 198.287662] ? trace_hardirqs_off+0xb8/0x310 [ 198.292079] ? kasan_check_read+0x11/0x20 [ 198.296227] ? do_raw_spin_unlock+0xa7/0x330 [ 198.300635] ? trace_hardirqs_on+0x310/0x310 [ 198.305050] ? unwind_get_return_address+0x61/0xa0 [ 198.309990] sctp_outq_flush+0x310/0x34f0 [ 198.314165] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 198.319287] ? save_stack+0xa9/0xd0 [ 198.322947] ? sctp_check_transmitted+0x1f10/0x1f10 [ 198.327970] ? print_usage_bug+0xc0/0xc0 [ 198.332038] ? debug_object_activate+0x402/0x600 [ 198.336809] ? lock_downgrade+0x900/0x900 [ 198.340964] ? find_held_lock+0x36/0x1c0 [ 198.345066] ? mark_held_locks+0xc7/0x130 [ 198.349227] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 198.354349] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 198.359456] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 198.364068] ? trace_hardirqs_on+0xbd/0x310 [ 198.368391] ? kasan_check_read+0x11/0x20 [ 198.372540] ? add_timer+0x629/0x15a0 [ 198.376361] ? trace_hardirqs_off_caller+0x310/0x310 [ 198.381464] ? __bpf_trace_timer_expire_entry+0x30/0x30 [ 198.386836] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 198.391941] ? add_timer+0x62e/0x15a0 [ 198.395757] ? mod_timer+0x1560/0x1560 [ 198.399674] ? sctp_init_cause+0x2d0/0x2d0 [ 198.403916] ? sctp_hash_obj+0x5e0/0x5e0 [ 198.407985] ? ip_route_output_key_hash+0x270/0x3b0 [ 198.413012] ? __rhashtable_lookup.isra.24.constprop.29+0x7d0/0x7d0 [ 198.419422] ? sctp_hash_key+0x560/0x560 [ 198.423486] ? sctp_csum_update+0x30/0x30 [ 198.427635] ? graph_lock+0x270/0x270 [ 198.431443] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 198.437008] ? sctp_outq_tail+0x7cf/0xad0 [ 198.441191] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 198.446735] ? sctp_outq_free+0x20/0x20 [ 198.450745] ? refcount_dec_checked+0x70/0x70 [ 198.451482] kobject: 'loop5' (00000000a3546e1b): kobject_uevent_env [ 198.455307] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 198.455323] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 198.455349] ? sctp_endpoint_add_asoc+0xb3/0x3d0 [ 198.470151] kobject: 'loop5' (00000000a3546e1b): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 198.472446] ? sctp_endpoint_new+0xff0/0xff0 [ 198.472464] sctp_outq_uncork+0x6a/0x80 [ 198.472481] sctp_do_sm+0x5ff/0x7190 [ 198.498741] ? sctp_do_8_2_transport_strike.isra.19+0x950/0x950 [ 198.504804] ? sctp_hash_transport+0x55b/0x810 [ 198.509388] ? lock_downgrade+0x900/0x900 [ 198.513533] ? check_preemption_disabled+0x48/0x280 [ 198.518553] ? kasan_check_read+0x11/0x20 [ 198.522708] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 198.527992] ? rcu_read_unlock_special+0x370/0x370 [ 198.532929] ? kmem_cache_alloc_trace+0x356/0x740 [ 198.537773] ? sctp_hash_transport+0x5e2/0x810 [ 198.542384] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 198.547926] ? sctp_hash_transport+0x118/0x810 [ 198.552522] ? ipv4_mtu+0x39f/0x590 [ 198.556201] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 198.561668] ? sctp_transport_hashtable_destroy+0x20/0x20 [ 198.567224] ? __rhashtable_lookup.isra.24.constprop.29+0x7d0/0x7d0 [ 198.573636] ? sctp_hash_key+0x560/0x560 [ 198.577704] ? sctp_csum_update+0x30/0x30 [ 198.581871] ? sctp_packet_init+0x7d/0x320 [ 198.586115] ? __sctp_packet_append_chunk+0xf00/0xf00 [ 198.591308] ? memcpy+0x45/0x50 [ 198.594588] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 198.600371] sctp_primitive_ASSOCIATE+0x9d/0xd0 [ 198.605045] __sctp_connect+0x9aa/0xda0 [ 198.609033] ? sctp_sendmsg_to_asoc+0x1a10/0x1a10 [ 198.613896] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 198.619445] ? _copy_from_user+0xdf/0x150 [ 198.623612] ? security_sctp_bind_connect+0x9a/0xc0 [ 198.628631] __sctp_setsockopt_connectx+0x134/0x190 [ 198.633675] sctp_setsockopt+0x2109/0x7380 [ 198.637912] ? _raw_spin_unlock_irqrestore+0xbb/0xd0 [ 198.643022] ? sctp_setsockopt_paddr_thresholds+0x560/0x560 [ 198.648743] ? __lock_acquire+0x62f/0x4c20 [ 198.652994] ? migrate_swap_stop+0x8a0/0x8a0 [ 198.657415] ? mark_held_locks+0x130/0x130 [ 198.661661] ? futex_wake+0x613/0x760 [ 198.665516] ? lock_downgrade+0x900/0x900 [ 198.669678] ? kasan_check_read+0x11/0x20 [ 198.673840] ? print_usage_bug+0xc0/0xc0 [ 198.677908] ? do_raw_spin_trylock+0x270/0x270 [ 198.681665] kobject: 'loop4' (000000000b2aee94): kobject_uevent_env [ 198.682502] ? print_usage_bug+0xc0/0xc0 [ 198.688922] kobject: 'loop4' (000000000b2aee94): fill_kobj_path: path = '/devices/virtual/block/loop4' [ 198.692972] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 198.693009] ? drop_futex_key_refs.isra.14+0x6d/0xe0 [ 198.693022] ? futex_wake+0x304/0x760 [ 198.693041] ? graph_lock+0x270/0x270 [ 198.720361] ? __lock_acquire+0x62f/0x4c20 [ 198.724620] ? find_held_lock+0x36/0x1c0 [ 198.728688] ? __fget+0x4aa/0x740 [ 198.732294] ? lock_downgrade+0x900/0x900 [ 198.736493] ? check_preemption_disabled+0x48/0x280 [ 198.741619] ? kasan_check_read+0x11/0x20 [ 198.745776] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 198.751082] ? rcu_read_unlock_special+0x370/0x370 [ 198.756020] ? __fget+0x4d1/0x740 [ 198.759491] ? ksys_dup3+0x680/0x680 [ 198.763213] ? perf_trace_sched_process_exec+0x860/0x860 [ 198.768720] ? find_held_lock+0x36/0x1c0 [ 198.772801] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 198.778370] ? aa_label_sk_perm+0x91/0x100 [ 198.782630] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 198.787559] ? aa_sk_perm+0x22b/0x8e0 [ 198.791368] ? fget_raw+0x20/0x20 [ 198.794889] ? perf_trace_sched_process_exec+0x860/0x860 [ 198.800346] ? aa_af_perm+0x5a0/0x5a0 [ 198.804177] ? aa_sock_opt_perm.isra.13+0xa1/0x130 [ 198.809152] sock_common_setsockopt+0x9a/0xe0 [ 198.813663] __sys_setsockopt+0x1ba/0x3c0 [ 198.817831] ? kernel_accept+0x310/0x310 [ 198.821923] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 198.826525] ? trace_hardirqs_on+0xbd/0x310 [ 198.830870] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 198.836240] ? trace_hardirqs_off_caller+0x310/0x310 [ 198.840581] kobject: 'loop4' (000000000b2aee94): kobject_uevent_env [ 198.841351] __x64_sys_setsockopt+0xbe/0x150 [ 198.841371] do_syscall_64+0x1b9/0x820 [ 198.841390] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 198.847815] kobject: 'loop4' (000000000b2aee94): fill_kobj_path: path = '/devices/virtual/block/loop4' [ 198.852198] ? syscall_return_slowpath+0x5e0/0x5e0 [ 198.852215] ? trace_hardirqs_on_caller+0x310/0x310 [ 198.852235] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 198.885872] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 198.892609] ? __switch_to_asm+0x40/0x70 [ 198.896674] ? __switch_to_asm+0x34/0x70 [ 198.900752] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 198.905615] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 198.910797] RIP: 0033:0x457659 [ 198.913977] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 198.932861] RSP: 002b:00007f04322bdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 198.940550] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000457659 [ 198.947819] RDX: 000000000000006b RSI: 0000000000000084 RDI: 0000000000000006 [ 198.955084] RBP: 000000000072bfa0 R08: 0000000000000010 R09: 0000000000000000 [ 198.962336] R10: 0000000020000000 R11: 0000000000000246 R12: 00007f04322be6d4 [ 198.969589] R13: 00000000004cb718 R14: 00000000004d8678 R15: 00000000ffffffff [ 198.977779] Kernel Offset: disabled [ 198.981412] Rebooting in 86400 seconds..