[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 39.835234][ T27] audit: type=1800 audit(1554702030.363:25): pid=7646 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 39.862415][ T27] audit: type=1800 audit(1554702030.363:26): pid=7646 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 39.888318][ T27] audit: type=1800 audit(1554702030.363:27): pid=7646 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.29' (ECDSA) to the list of known hosts. 2019/04/08 05:40:41 fuzzer started 2019/04/08 05:40:44 dialing manager at 10.128.0.26:34543 2019/04/08 05:40:44 syscalls: 2408 2019/04/08 05:40:44 code coverage: enabled 2019/04/08 05:40:44 comparison tracing: enabled 2019/04/08 05:40:44 extra coverage: extra coverage is not supported by the kernel 2019/04/08 05:40:44 setuid sandbox: enabled 2019/04/08 05:40:44 namespace sandbox: enabled 2019/04/08 05:40:44 Android sandbox: /sys/fs/selinux/policy does not exist 2019/04/08 05:40:44 fault injection: enabled 2019/04/08 05:40:44 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/04/08 05:40:44 net packet injection: enabled 2019/04/08 05:40:44 net device setup: enabled 05:42:59 executing program 0: bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)=0xffffffffffffffff, 0x4) accept4$llc(0xffffffffffffff9c, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f00000001c0)=0x10, 0x80000) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f3188b070") mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='.\xcd\x00\x96\x86\x89o\xf8\x8b/cgroup.fet/\xdeiz1\x00d\xea\xad\xcf\xd37\xc8\xcb6Q\xed\xdaH\x84\xdag`3\x15g\x86\xec\xe4p\x1fzP3\x8f\xfc\x93\xd8\x82\xc9\x17\xb2\xabn\xac\x00\xa4\xbf\xe3c#\xc4\xea\xdcK\v\x1e\x16\x1bIv\x18\n4\xca\x1b\x02\xeb\xebWR\xdb\xe0XW@\x04z\xeb`\xa6\xa9Q_\xd4\xb3\f(\xd4hy[\xb7\x87\\\xc4\xf9y\xacT\xc6I\xc4\xba(c\x1b\r\x8e\x14\x9d1', 0x1ff) syzkaller login: [ 188.678869][ T7811] IPVS: ftp: loaded support on port[0] = 21 05:42:59 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r2, 0x0) open_by_handle_at(0xffffffffffffffff, 0x0, 0x0) [ 188.787753][ T7811] chnl_net:caif_netlink_parms(): no params data found [ 188.883785][ T7811] bridge0: port 1(bridge_slave_0) entered blocking state [ 188.891404][ T7811] bridge0: port 1(bridge_slave_0) entered disabled state [ 188.914516][ T7811] device bridge_slave_0 entered promiscuous mode [ 188.923951][ T7811] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.931088][ T7811] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.940302][ T7811] device bridge_slave_1 entered promiscuous mode [ 188.974343][ T7811] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 188.990470][ T7814] IPVS: ftp: loaded support on port[0] = 21 [ 188.999614][ T7811] bond0: Enslaving bond_slave_1 as an active interface with an up link 05:42:59 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e21, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e21, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000004840), &(0x7f0000004880)=0x41) [ 189.029280][ T7811] team0: Port device team_slave_0 added [ 189.039863][ T7811] team0: Port device team_slave_1 added [ 189.125215][ T7811] device hsr_slave_0 entered promiscuous mode [ 189.162463][ T7811] device hsr_slave_1 entered promiscuous mode 05:42:59 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000ac5000), 0x4) sendmmsg$unix(r1, &(0x7f00000bd000), 0x80, 0x0) syz_execute_func(&(0x7f00000006c0)="410f01f964ff0941c3c4e2c99758423e46d8731266420fe2e33e0f1110c442019dcc6f") r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$TIPC_NL_LINK_RESET_STATS(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) close(r0) [ 189.257121][ T7811] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.258286][ T7816] IPVS: ftp: loaded support on port[0] = 21 [ 189.264510][ T7811] bridge0: port 2(bridge_slave_1) entered forwarding state [ 189.265040][ T7811] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.285418][ T7811] bridge0: port 1(bridge_slave_0) entered forwarding state [ 189.408338][ T7814] chnl_net:caif_netlink_parms(): no params data found [ 189.489575][ T7820] IPVS: ftp: loaded support on port[0] = 21 [ 189.530192][ T7814] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.537454][ T7814] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.546357][ T7814] device bridge_slave_0 entered promiscuous mode [ 189.557007][ T7814] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.564609][ T7814] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.573002][ T7814] device bridge_slave_1 entered promiscuous mode [ 189.635962][ T7814] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 189.656654][ T7814] bond0: Enslaving bond_slave_1 as an active interface with an up link 05:43:00 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = fcntl$dupfd(r0, 0x0, r0) bind$bt_rfcomm(r1, &(0x7f0000000280)={0x1f, {0xffffffffffffffff, 0x1ff, 0x2}}, 0x6) [ 189.701946][ T7811] 8021q: adding VLAN 0 to HW filter on device bond0 [ 189.767886][ T7817] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 189.793252][ T7817] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.822909][ T7817] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.832740][ T7817] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 189.854661][ T7814] team0: Port device team_slave_0 added [ 189.924421][ T7811] 8021q: adding VLAN 0 to HW filter on device team0 [ 189.934718][ T7814] team0: Port device team_slave_1 added [ 189.946152][ T7820] chnl_net:caif_netlink_parms(): no params data found [ 189.958777][ T7823] IPVS: ftp: loaded support on port[0] = 21 05:43:00 executing program 5: socketpair(0xb, 0x4, 0x2, &(0x7f0000000000)={0xffffffffffffffff}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x20000200080003, 0x3) sendto$inet(r1, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x10) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000280)=0x40, 0x4) recvmmsg(r1, &(0x7f00000004c0)=[{{&(0x7f0000000400)=@ethernet={0x0, @dev}, 0x0, &(0x7f0000001680)=[{&(0x7f0000000140)=""/217, 0x4a}, {&(0x7f00000002c0)=""/135}, {&(0x7f0000000380)=""/67}, {&(0x7f0000000500)=""/133}, {&(0x7f00000005c0)=""/4096}, {&(0x7f0000000240)=""/4}, {&(0x7f00000015c0)=""/136}], 0x0, 0x0, 0xfffffffffffffd31}}], 0x6fdaec, 0x22, 0x0) setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88) recvmmsg(r0, &(0x7f0000004240)=[{{&(0x7f00000000c0)=@alg, 0x80, 0x0}, 0x6}, {{&(0x7f0000002b40)=@can={0x1d, 0x0}, 0x80, &(0x7f0000000480)=[{&(0x7f0000002bc0)=""/160, 0xa0}, {&(0x7f0000002c80)=""/171, 0xab}], 0x2, &(0x7f0000002d40)=""/185, 0xb9}, 0xb5e}, {{0x0, 0x0, &(0x7f0000003000)=[{&(0x7f0000002e00)=""/56, 0x38}, {&(0x7f0000002e40)=""/54, 0x36}, {&(0x7f0000002e80)=""/161, 0xa1}, {&(0x7f0000002f40)=""/152, 0x98}], 0x4, &(0x7f0000003040)=""/54, 0x36}, 0x5}, {{&(0x7f0000003080)=@vsock={0x28, 0x0, 0x0, @host}, 0x80, &(0x7f00000041c0)=[{&(0x7f0000003100)=""/4096, 0x1000}, {&(0x7f0000004100)=""/135, 0x87}], 0x2, &(0x7f0000004200)=""/3, 0x3}, 0x1}], 0x4, 0x10000, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000043c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000004380)={&(0x7f0000004340)=@gettfilter={0x2c, 0x2e, 0x1, 0x70bd2c, 0x25dfdbff, {0x0, r2, {0x0, 0xf}, {0xf, 0xf}, {0x7}}, [{0x8, 0xb, 0x80000001}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x8000) [ 189.980996][ T7816] chnl_net:caif_netlink_parms(): no params data found [ 190.087647][ T7814] device hsr_slave_0 entered promiscuous mode [ 190.142728][ T7814] device hsr_slave_1 entered promiscuous mode [ 190.243711][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 190.252652][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 190.260917][ T2997] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.268014][ T2997] bridge0: port 1(bridge_slave_0) entered forwarding state [ 190.284719][ T7827] IPVS: ftp: loaded support on port[0] = 21 [ 190.334277][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 190.343112][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 190.351378][ T7828] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.358480][ T7828] bridge0: port 2(bridge_slave_1) entered forwarding state [ 190.398911][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 190.409371][ T7820] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.417766][ T7820] bridge0: port 1(bridge_slave_0) entered disabled state [ 190.425580][ T7820] device bridge_slave_0 entered promiscuous mode [ 190.434663][ T7820] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.441729][ T7820] bridge0: port 2(bridge_slave_1) entered disabled state [ 190.449692][ T7820] device bridge_slave_1 entered promiscuous mode [ 190.487515][ T7816] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.494785][ T7816] bridge0: port 1(bridge_slave_0) entered disabled state [ 190.503287][ T7816] device bridge_slave_0 entered promiscuous mode [ 190.510831][ T7816] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.519050][ T7816] bridge0: port 2(bridge_slave_1) entered disabled state [ 190.526898][ T7816] device bridge_slave_1 entered promiscuous mode [ 190.545668][ T7820] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 190.557992][ T7820] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 190.567884][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 190.576569][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 190.585161][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 190.631529][ T7814] 8021q: adding VLAN 0 to HW filter on device bond0 [ 190.639139][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 190.648214][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 190.656778][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 190.683294][ T7820] team0: Port device team_slave_0 added [ 190.690499][ T7816] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 190.699415][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 190.708020][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 190.716422][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 190.724606][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 190.739589][ T7814] 8021q: adding VLAN 0 to HW filter on device team0 [ 190.751584][ T7811] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 190.761297][ T7820] team0: Port device team_slave_1 added [ 190.768597][ T7816] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 190.786625][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 190.794515][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 190.830711][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 190.839551][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 190.851188][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.858297][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state [ 190.866223][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 190.874976][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 190.883358][ T22] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.890388][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state [ 190.898077][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 190.906558][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 190.915621][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 190.949753][ T7816] team0: Port device team_slave_0 added [ 191.035717][ T7820] device hsr_slave_0 entered promiscuous mode [ 191.072472][ T7820] device hsr_slave_1 entered promiscuous mode [ 191.112360][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 191.120959][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 191.129528][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 191.138037][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 191.146664][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 191.156565][ T7816] team0: Port device team_slave_1 added [ 191.208140][ T7827] chnl_net:caif_netlink_parms(): no params data found [ 191.236334][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 191.245082][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 191.290930][ T7811] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 191.303433][ T7814] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 191.315172][ T7814] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 191.324038][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 191.332403][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 191.347972][ T7823] chnl_net:caif_netlink_parms(): no params data found [ 191.383860][ T7816] device hsr_slave_0 entered promiscuous mode [ 191.432770][ T7816] device hsr_slave_1 entered promiscuous mode [ 191.533823][ T7827] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.540957][ T7827] bridge0: port 1(bridge_slave_0) entered disabled state [ 191.555010][ T7827] device bridge_slave_0 entered promiscuous mode [ 191.569535][ T7827] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.577143][ T7827] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.585999][ T7827] device bridge_slave_1 entered promiscuous mode [ 191.617807][ T7814] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 191.670655][ T7827] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 191.683676][ T7823] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.690743][ T7823] bridge0: port 1(bridge_slave_0) entered disabled state [ 191.700088][ T7823] device bridge_slave_0 entered promiscuous mode 05:43:02 executing program 0: r0 = socket(0x10, 0x2, 0xc) write(r0, &(0x7f00000002c0)="1f0000000104ff007d4354c007110040f305010008000100010423daffdf00", 0x1f) write(r0, &(0x7f0000000000)="1f0000000104fffffd3b54c007110000f30501000b000500000010d10300cf", 0x1f) [ 191.718850][ T7827] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 191.748716][ T7827] team0: Port device team_slave_0 added [ 191.782520][ T7823] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.784745][ T7838] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.0'. [ 191.789632][ T7823] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.808378][ T7823] device bridge_slave_1 entered promiscuous mode [ 191.812673][ T7838] netlink: 'syz-executor.0': attribute type 5 has an invalid length. [ 191.825747][ T7838] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.0'. [ 191.835669][ T7839] netlink: 'syz-executor.0': attribute type 5 has an invalid length. 05:43:02 executing program 0: [ 191.896227][ T7827] team0: Port device team_slave_1 added [ 191.924819][ T7823] bond0: Enslaving bond_slave_0 as an active interface with an up link 05:43:02 executing program 0: 05:43:02 executing program 1: pipe2(&(0x7f0000000240), 0x4000) socketpair$unix(0x1, 0x0, 0x0, 0x0) r0 = syz_open_dev$vcsn(0x0, 0x81, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semop(0x0, &(0x7f00000001c0)=[{0x2}], 0x1) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz0\x00', 0x200002, 0x0) getsockname(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3in6, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, &(0x7f0000000400)) ioctl$VIDIOC_QUERY_EXT_CTRL(0xffffffffffffffff, 0xc0e85667, 0x0) ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_STATUS(r0, 0x80605414, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000740)=ANY=[], 0x0) ioctl$DRM_IOCTL_SET_VERSION(0xffffffffffffffff, 0xc0106407, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/snapshot\x00', 0x80001, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000500)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3c, 0x54, 0x7, {"7ebb4e2d6d898c1b1880255dcd52092ff7c13840c1aa180ee12fac86e46c04823539a922adcd2c4e7bdf2325846cece55313e1efa785a88a09"}}, {0x0, "b6a977394b807457c350bed1d46affeb97004cd0afc8431205f9aa4325f80b935bc9c8ed8513a744049fe31352470e1b42be02c184fc7357f26e93a4348ca32e156d99d52db4a4669e4e8108e5651703572e2fbb5db255f4ee6b125b490a76c4d503453927486e03f5e03ccf30a9923e87a1590f74e81896fa1fc4080ad23f18b9b1d38166991642f69bb4a52cbe4cff7545ad4d34203531da5e2dddc0a187fe2d2148b008cc7e61ef3adc8d548940c75fa7c60275d3e7a270d6edcff48a03d7538adf54f067eca109a0829a4f3a1f79e66c154d3348d8a3c5bbe386ecb2bd660bffd488e1bb612c5485b0bc098eb5c6236a"}}, 0x0, 0x148}, 0x20) [ 191.960032][ T7816] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.020561][ T7820] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.052609][ T7823] bond0: Enslaving bond_slave_1 as an active interface with an up link 05:43:02 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070") r1 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000140)={0x84, @multicast1, 0x0, 0x1102, 'mh\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 '}, 0x2c) setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0) [ 192.069592][ T7816] 8021q: adding VLAN 0 to HW filter on device team0 05:43:02 executing program 1: unshare(0x20000000) clone(0x0, &(0x7f00000000c0), 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x40000000, 0x0) [ 192.115013][ T7827] device hsr_slave_0 entered promiscuous mode [ 192.132289][ C1] hrtimer: interrupt took 28123 ns [ 192.142804][ T7827] device hsr_slave_1 entered promiscuous mode [ 192.207774][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 192.218109][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 192.226931][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 192.236966][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 05:43:02 executing program 1: fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) io_destroy(0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000003c0), 0x0, 0x80) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$SG_GET_PACK_ID(0xffffffffffffffff, 0x227c, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_DIRENT(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x0, 0x0, 0x0, 0x0, 0x1, 0xfb, &(0x7f00000002c0)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0}, 0x70) [ 192.258209][ T7820] 8021q: adding VLAN 0 to HW filter on device team0 [ 192.287426][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 192.306942][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 192.323519][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.330640][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 192.346354][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready 05:43:02 executing program 1: [ 192.355496][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 192.370312][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.377483][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 192.424093][ T7823] team0: Port device team_slave_0 added [ 192.438296][ T7817] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 192.447205][ T7817] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 192.457368][ T7817] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 192.466285][ T7817] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 192.475429][ T7817] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 192.484021][ T7817] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 192.492637][ T7817] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 192.500887][ T7817] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.507988][ T7817] bridge0: port 1(bridge_slave_0) entered forwarding state [ 192.515539][ T7817] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 192.524255][ T7817] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 192.532681][ T7817] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.539726][ T7817] bridge0: port 2(bridge_slave_1) entered forwarding state [ 192.547451][ T7817] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 192.557762][ T7817] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 192.565685][ T7817] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 192.573714][ T7817] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 192.582257][ T7817] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 192.599024][ T7820] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 192.609821][ T7820] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 192.633947][ T7823] team0: Port device team_slave_1 added [ 192.647111][ T7816] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 192.659055][ T7816] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 192.671081][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 192.680054][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 192.688567][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 192.696816][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 192.705895][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 192.714306][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 192.723633][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 192.733650][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 192.741829][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 192.750323][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 192.758762][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 192.767664][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 192.775966][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 192.784661][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 192.792532][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 192.800035][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 192.826704][ T7820] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 192.876641][ T7823] device hsr_slave_0 entered promiscuous mode [ 192.922404][ T7823] device hsr_slave_1 entered promiscuous mode [ 193.001110][ T7827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 193.021608][ T7827] 8021q: adding VLAN 0 to HW filter on device team0 [ 193.040350][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 193.051203][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 193.088518][ T7816] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 193.100109][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 193.109168][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 193.118013][ T7828] bridge0: port 1(bridge_slave_0) entered blocking state [ 193.125136][ T7828] bridge0: port 1(bridge_slave_0) entered forwarding state [ 193.133900][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 193.142614][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 193.150920][ T7828] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.158025][ T7828] bridge0: port 2(bridge_slave_1) entered forwarding state [ 193.166128][ T7828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 193.201272][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 193.209426][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 193.219608][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 193.229001][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 193.248718][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 193.261884][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 193.271873][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 193.287298][ T7879] check_preemption_disabled: 3 callbacks suppressed [ 193.287329][ T7879] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7879 [ 193.303773][ T7879] caller is ip6_finish_output+0x335/0xdc0 [ 193.309487][ T7879] CPU: 1 PID: 7879 Comm: syz-executor.2 Not tainted 5.1.0-rc3-next-20190405 #19 [ 193.318497][ T7879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 193.328540][ T7879] Call Trace: [ 193.331822][ T7879] dump_stack+0x172/0x1f0 [ 193.336160][ T7879] __this_cpu_preempt_check+0x246/0x270 [ 193.341716][ T7879] ip6_finish_output+0x335/0xdc0 [ 193.346668][ T7879] ip6_output+0x235/0x7f0 [ 193.350992][ T7879] ? ip6_finish_output+0xdc0/0xdc0 [ 193.356095][ T7879] ? ip6_fragment+0x3980/0x3980 [ 193.360957][ T7879] ? kasan_check_read+0x11/0x20 [ 193.365823][ T7879] ip6_xmit+0xe41/0x20c0 [ 193.370070][ T7879] ? ip6_finish_output2+0x2550/0x2550 [ 193.375446][ T7879] ? mark_held_locks+0xf0/0xf0 [ 193.380197][ T7879] ? ip6_setup_cork+0x1870/0x1870 [ 193.385220][ T7879] sctp_v6_xmit+0x313/0x660 [ 193.389722][ T7879] sctp_packet_transmit+0x1bc4/0x36f0 [ 193.395093][ T7879] ? sctp_packet_config+0xfe0/0xfe0 [ 193.400282][ T7879] ? sctp_packet_append_chunk+0x946/0xda0 [ 193.405986][ T7879] ? sctp_outq_select_transport+0x21a/0x790 [ 193.411872][ T7879] sctp_outq_flush_ctrl.constprop.0+0x6d4/0xd50 [ 193.418260][ T7879] ? finish_task_switch+0x118/0x780 [ 193.423449][ T7879] ? sctp_prsctp_prune_sent.isra.0+0x820/0x820 [ 193.429591][ T7879] ? __schedule+0x81f/0x1cc0 [ 193.434223][ T7879] ? __sched_text_start+0x8/0x8 [ 193.439069][ T7879] sctp_outq_flush+0xe8/0x2780 [ 193.443822][ T7879] ? preempt_schedule_common+0x4f/0xe0 [ 193.449279][ T7879] ? preempt_schedule+0x4b/0x60 [ 193.454123][ T7879] ? ___preempt_schedule+0x16/0x18 [ 193.459226][ T7879] ? __sctp_outq_teardown+0xc60/0xc60 [ 193.464590][ T7879] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 193.470821][ T7879] ? sctp_outq_tail+0x68c/0x930 [ 193.475698][ T7879] sctp_outq_uncork+0x6c/0x80 [ 193.480384][ T7879] sctp_do_sm+0x2575/0x5770 [ 193.484878][ T7879] ? sctp_hash_transport+0xdb1/0x18d0 [ 193.490238][ T7879] ? sctp_do_8_2_transport_strike.isra.0+0x940/0x940 [ 193.496898][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 193.502274][ T7879] ? lock_downgrade+0x880/0x880 [ 193.507138][ T7879] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 193.513377][ T7879] ? kasan_check_read+0x11/0x20 [ 193.518244][ T7879] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 193.524494][ T7879] ? sctp_hash_transport+0x10b/0x18d0 [ 193.529871][ T7879] ? memcpy+0x46/0x50 [ 193.533852][ T7879] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 193.540083][ T7879] ? sctp_assoc_set_primary+0x274/0x310 [ 193.545629][ T7879] sctp_primitive_ASSOCIATE+0x9d/0xd0 [ 193.550995][ T7879] __sctp_connect+0x8cd/0xce0 [ 193.555662][ T7879] ? sctp_sendmsg_to_asoc+0x17b0/0x17b0 [ 193.561192][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 193.566565][ T7879] ? lockdep_hardirqs_on+0x418/0x5d0 [ 193.571846][ T7879] ? lock_sock_nested+0x9a/0x120 [ 193.576773][ T7879] ? trace_hardirqs_on+0x67/0x230 [ 193.581785][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 193.587146][ T7879] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 193.593044][ T7879] sctp_inet_connect+0x2a2/0x350 [ 193.598011][ T7879] __sys_connect+0x266/0x330 [ 193.602592][ T7879] ? __ia32_sys_accept+0xb0/0xb0 [ 193.607530][ T7879] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 193.613778][ T7879] ? put_timespec64+0xda/0x140 [ 193.618568][ T7879] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 193.624048][ T7879] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 193.629495][ T7879] ? do_syscall_64+0x26/0x610 [ 193.634161][ T7879] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 193.640227][ T7879] ? do_syscall_64+0x26/0x610 [ 193.644906][ T7879] __x64_sys_connect+0x73/0xb0 [ 193.649662][ T7879] do_syscall_64+0x103/0x610 [ 193.654245][ T7879] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 193.660123][ T7879] RIP: 0033:0x4582b9 [ 193.664006][ T7879] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 193.683613][ T7879] RSP: 002b:00007fd675513c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 193.692023][ T7879] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004582b9 [ 193.700016][ T7879] RDX: 000000000000001c RSI: 0000000020000200 RDI: 0000000000000003 [ 193.707991][ T7879] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 193.715950][ T7879] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd6755146d4 [ 193.723909][ T7879] R13: 00000000004be64c R14: 00000000004cf1e0 R15: 00000000ffffffff [ 193.763437][ T7817] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 193.771881][ T7817] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 193.781400][ T7817] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 193.789897][ T7817] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 193.793605][ T7879] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7879 [ 193.805037][ T7823] 8021q: adding VLAN 0 to HW filter on device bond0 [ 193.807071][ T7879] caller is ip6_finish_output+0x335/0xdc0 [ 193.819329][ T7879] CPU: 0 PID: 7879 Comm: syz-executor.2 Not tainted 5.1.0-rc3-next-20190405 #19 [ 193.822794][ T7823] 8021q: adding VLAN 0 to HW filter on device team0 [ 193.828353][ T7879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 193.828368][ T7879] Call Trace: [ 193.848313][ T7879] dump_stack+0x172/0x1f0 [ 193.852663][ T7879] __this_cpu_preempt_check+0x246/0x270 [ 193.858223][ T7879] ip6_finish_output+0x335/0xdc0 [ 193.858969][ T7823] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 193.863176][ T7879] ip6_output+0x235/0x7f0 [ 193.863196][ T7879] ? ip6_finish_output+0xdc0/0xdc0 [ 193.863218][ T7879] ? ip6_fragment+0x3980/0x3980 [ 193.873577][ T7823] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 193.877883][ T7879] ? kasan_check_read+0x11/0x20 [ 193.896521][ T7823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 193.898154][ T7879] ip6_xmit+0xe41/0x20c0 [ 193.909769][ T7879] ? ip6_finish_output2+0x2550/0x2550 [ 193.919360][ T7879] ? mark_held_locks+0xf0/0xf0 [ 193.924145][ T7879] ? ip6_setup_cork+0x1870/0x1870 [ 193.929196][ T7879] sctp_v6_xmit+0x313/0x660 [ 193.933734][ T7879] sctp_packet_transmit+0x1bc4/0x36f0 [ 193.939144][ T7879] ? sctp_packet_config+0xfe0/0xfe0 [ 193.944385][ T7879] ? sctp_csum_combine+0x30/0x30 [ 193.949336][ T7879] ? sctp_primitive_RECONF+0xd0/0xd0 [ 193.954635][ T7879] ? sctp_outq_select_transport+0x21a/0x790 [ 193.960537][ T7879] sctp_outq_flush_ctrl.constprop.0+0x6d4/0xd50 [ 193.966797][ T7879] ? sctp_make_init_ack+0x95c/0xdb0 [ 193.972012][ T7879] ? sctp_prsctp_prune_sent.isra.0+0x820/0x820 [ 193.978181][ T7879] ? sctp_make_init+0xd10/0xd10 [ 193.983036][ T7879] ? sctp_verify_init+0x14a0/0x14a0 [ 193.988254][ T7879] sctp_outq_flush+0xe8/0x2780 [ 193.993027][ T7879] ? sctp_assoc_set_bind_addr_from_ep+0x168/0x1c0 [ 193.999454][ T7879] ? sctp_sf_do_unexpected_init.isra.0+0x19e/0x1350 [ 194.006042][ T7879] ? __sctp_outq_teardown+0xc60/0xc60 [ 194.011419][ T7879] ? sctp_sm_lookup_event+0x134/0x48d [ 194.016799][ T7879] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 194.023045][ T7879] ? sctp_outq_tail+0x68c/0x930 [ 194.027899][ T7879] sctp_outq_uncork+0x6c/0x80 [ 194.032582][ T7879] sctp_do_sm+0x418d/0x5770 [ 194.037091][ T7879] ? graph_lock+0x7b/0x200 [ 194.041521][ T7879] ? sctp_do_8_2_transport_strike.isra.0+0x940/0x940 [ 194.048203][ T7879] ? add_lock_to_list.isra.0+0x1cd/0x3a0 [ 194.053830][ T7879] ? save_trace+0xe0/0x290 [ 194.058265][ T7879] ? sctp_assoc_bh_rcv+0x2fc/0x660 [ 194.063375][ T7879] ? find_held_lock+0x35/0x130 [ 194.068141][ T7879] ? sctp_assoc_bh_rcv+0x2fc/0x660 [ 194.073263][ T7879] ? mark_held_locks+0xa4/0xf0 [ 194.078036][ T7879] ? trace_hardirqs_on+0x67/0x230 [ 194.083067][ T7879] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 194.088790][ T7879] ? ktime_get+0x208/0x300 [ 194.093211][ T7879] sctp_assoc_bh_rcv+0x343/0x660 [ 194.098160][ T7879] sctp_inq_push+0x1ea/0x290 [ 194.102774][ T7879] sctp_backlog_rcv+0x196/0xbe0 [ 194.107639][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 194.113027][ T7879] ? _raw_spin_unlock_bh+0x31/0x40 [ 194.118136][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 194.123514][ T7879] ? sctp_hash_obj+0x600/0x600 [ 194.128277][ T7879] ? __release_sock+0xca/0x3a0 [ 194.133058][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 194.138438][ T7879] __release_sock+0x12e/0x3a0 [ 194.143130][ T7879] release_sock+0x59/0x1c0 [ 194.147551][ T7879] sctp_wait_for_connect+0x316/0x540 [ 194.152853][ T7879] ? sctp_get_port+0x180/0x180 [ 194.157643][ T7879] ? memcpy+0x46/0x50 [ 194.161634][ T7879] ? finish_wait+0x260/0x260 [ 194.166240][ T7879] ? sctp_primitive_ASSOCIATE+0x9d/0xd0 [ 194.171791][ T7879] __sctp_connect+0xac2/0xce0 [ 194.176480][ T7879] ? sctp_sendmsg_to_asoc+0x17b0/0x17b0 [ 194.182024][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 194.187397][ T7879] ? lockdep_hardirqs_on+0x418/0x5d0 [ 194.192692][ T7879] ? trace_hardirqs_on+0x67/0x230 [ 194.197722][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 194.203094][ T7879] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 194.208997][ T7879] sctp_inet_connect+0x2a2/0x350 [ 194.213944][ T7879] __sys_connect+0x266/0x330 [ 194.218539][ T7879] ? __ia32_sys_accept+0xb0/0xb0 [ 194.223498][ T7879] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 194.229737][ T7879] ? put_timespec64+0xda/0x140 [ 194.234516][ T7879] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 194.239978][ T7879] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 194.245441][ T7879] ? do_syscall_64+0x26/0x610 [ 194.250141][ T7879] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 194.256213][ T7879] ? do_syscall_64+0x26/0x610 [ 194.260897][ T7879] __x64_sys_connect+0x73/0xb0 [ 194.265665][ T7879] do_syscall_64+0x103/0x610 [ 194.270258][ T7879] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 194.276150][ T7879] RIP: 0033:0x4582b9 [ 194.280042][ T7879] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 194.299654][ T7879] RSP: 002b:00007fd675513c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 194.308075][ T7879] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004582b9 [ 194.316052][ T7879] RDX: 000000000000001c RSI: 0000000020000200 RDI: 0000000000000003 [ 194.324026][ T7879] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 194.331999][ T7879] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd6755146d4 [ 194.339972][ T7879] R13: 00000000004be64c R14: 00000000004cf1e0 R15: 00000000ffffffff [ 194.369337][ T7827] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 194.389385][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 194.400746][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 194.410011][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 194.426181][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 194.434217][ T7879] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7879 [ 194.434241][ T7879] caller is ip6_finish_output+0x335/0xdc0 [ 194.434258][ T7879] CPU: 0 PID: 7879 Comm: syz-executor.2 Not tainted 5.1.0-rc3-next-20190405 #19 [ 194.434266][ T7879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 194.434271][ T7879] Call Trace: [ 194.434290][ T7879] dump_stack+0x172/0x1f0 [ 194.434313][ T7879] __this_cpu_preempt_check+0x246/0x270 [ 194.434336][ T7879] ip6_finish_output+0x335/0xdc0 [ 194.444990][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.449373][ T7879] ip6_output+0x235/0x7f0 [ 194.449402][ T7879] ? ip6_finish_output+0xdc0/0xdc0 [ 194.458503][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 194.468481][ T7879] ? ip6_fragment+0x3980/0x3980 [ 194.468504][ T7879] ? kasan_check_read+0x11/0x20 [ 194.468525][ T7879] ip6_xmit+0xe41/0x20c0 [ 194.472643][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 194.476145][ T7879] ? ip6_finish_output2+0x2550/0x2550 [ 194.476163][ T7879] ? mark_held_locks+0xf0/0xf0 [ 194.476185][ T7879] ? ip6_setup_cork+0x1870/0x1870 [ 194.482550][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 194.486675][ T7879] ? __irqentry_text_end+0x71c62/0x1fac62 [ 194.486700][ T7879] sctp_v6_xmit+0x313/0x660 [ 194.494154][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.498043][ T7879] sctp_packet_transmit+0x1bc4/0x36f0 [ 194.498080][ T7879] ? sctp_packet_config+0xfe0/0xfe0 [ 194.503244][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 194.510366][ T7879] ? kmem_cache_alloc_node_trace+0x352/0x720 [ 194.510388][ T7879] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 194.515983][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 194.520069][ T7879] ? sctp_csum_combine+0x30/0x30 [ 194.520085][ T7879] ? sctp_primitive_RECONF+0xd0/0xd0 [ 194.520113][ T7879] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 194.525227][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 194.532404][ T7879] sctp_outq_flush+0x2b8/0x2780 [ 194.532425][ T7879] ? sctp_chunkify+0x4b/0x290 [ 194.532449][ T7879] ? __sctp_outq_teardown+0xc60/0xc60 [ 194.532479][ T7879] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 194.538881][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 194.542606][ T7879] ? sctp_outq_tail+0x68c/0x930 [ 194.542624][ T7879] sctp_outq_uncork+0x6c/0x80 [ 194.542640][ T7879] sctp_do_sm+0x2575/0x5770 [ 194.542657][ T7879] ? do_syscall_64+0x103/0x610 [ 194.542672][ T7879] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 194.542696][ T7879] ? sctp_do_8_2_transport_strike.isra.0+0x940/0x940 [ 194.548587][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 194.555683][ T7879] ? lock_downgrade+0x880/0x880 [ 194.555710][ T7879] ? sctp_assoc_bh_rcv+0x2fc/0x660 [ 194.555725][ T7879] ? find_held_lock+0x35/0x130 [ 194.555741][ T7879] ? sctp_assoc_bh_rcv+0x2fc/0x660 [ 194.555770][ T7879] ? trace_hardirqs_on+0x67/0x230 [ 194.562350][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 194.565975][ T7879] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 194.565989][ T7879] ? ktime_get+0x208/0x300 [ 194.566011][ T7879] sctp_assoc_bh_rcv+0x343/0x660 [ 194.573805][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 194.578413][ T7879] sctp_inq_push+0x1ea/0x290 [ 194.578442][ T7879] sctp_backlog_rcv+0x196/0xbe0 [ 194.584510][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 194.590820][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 194.590845][ T7879] ? _raw_spin_unlock_bh+0x31/0x40 [ 194.590866][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 194.597530][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 194.603092][ T7879] ? sctp_hash_obj+0x600/0x600 [ 194.603118][ T7879] ? __release_sock+0xca/0x3a0 [ 194.603135][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 194.603153][ T7879] __release_sock+0x12e/0x3a0 [ 194.603176][ T7879] release_sock+0x59/0x1c0 [ 194.612109][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 194.616010][ T7879] sctp_wait_for_connect+0x316/0x540 [ 194.616033][ T7879] ? sctp_get_port+0x180/0x180 [ 194.616056][ T7879] ? memcpy+0x46/0x50 [ 194.621842][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 194.627597][ T7879] ? finish_wait+0x260/0x260 [ 194.627619][ T7879] ? sctp_primitive_ASSOCIATE+0x9d/0xd0 [ 194.627638][ T7879] __sctp_connect+0xac2/0xce0 [ 194.627666][ T7879] ? sctp_sendmsg_to_asoc+0x17b0/0x17b0 [ 194.638631][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 194.640395][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 194.640413][ T7879] ? lockdep_hardirqs_on+0x418/0x5d0 [ 194.640435][ T7879] ? trace_hardirqs_on+0x67/0x230 [ 194.645871][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 194.650479][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 194.650496][ T7879] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 194.650519][ T7879] sctp_inet_connect+0x2a2/0x350 [ 194.657588][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 194.664644][ T7879] __sys_connect+0x266/0x330 [ 194.664664][ T7879] ? __ia32_sys_accept+0xb0/0xb0 [ 194.664679][ T7879] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 194.664693][ T7879] ? put_timespec64+0xda/0x140 [ 194.664719][ T7879] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 194.764078][ T7879] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 194.764102][ T7879] ? do_syscall_64+0x26/0x610 [ 194.764120][ T7879] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 194.764134][ T7879] ? do_syscall_64+0x26/0x610 [ 194.764159][ T7879] __x64_sys_connect+0x73/0xb0 [ 194.764175][ T7879] do_syscall_64+0x103/0x610 [ 194.776940][ T7879] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 194.776953][ T7879] RIP: 0033:0x4582b9 [ 194.776968][ T7879] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 194.776975][ T7879] RSP: 002b:00007fd675513c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 194.776989][ T7879] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004582b9 [ 194.777005][ T7879] RDX: 000000000000001c RSI: 0000000020000200 RDI: 0000000000000003 [ 194.858230][ T7887] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7887 [ 194.858633][ T7879] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 194.864225][ T7887] caller is ip6_finish_output+0x335/0xdc0 [ 194.868847][ T7879] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd6755146d4 [ 194.868864][ T7879] R13: 00000000004be64c R14: 00000000004cf1e0 R15: 00000000ffffffff [ 195.076605][ T7887] CPU: 1 PID: 7887 Comm: syz-executor.2 Not tainted 5.1.0-rc3-next-20190405 #19 [ 195.085645][ T7887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 195.095493][ T7879] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7879 [ 195.095725][ T7887] Call Trace: [ 195.105069][ T7879] caller is ip6_finish_output+0x335/0xdc0 [ 195.108291][ T7887] dump_stack+0x172/0x1f0 [ 195.118324][ T7887] __this_cpu_preempt_check+0x246/0x270 [ 195.123880][ T7887] ip6_finish_output+0x335/0xdc0 [ 195.128856][ T7887] ip6_output+0x235/0x7f0 [ 195.133194][ T7887] ? ip6_finish_output+0xdc0/0xdc0 [ 195.138310][ T7887] ? ip6_fragment+0x3980/0x3980 [ 195.143174][ T7887] ? kasan_check_read+0x11/0x20 [ 195.148034][ T7887] ip6_xmit+0xe41/0x20c0 [ 195.152313][ T7887] ? ip6_finish_output2+0x2550/0x2550 [ 195.157713][ T7887] ? mark_held_locks+0xf0/0xf0 [ 195.162485][ T7887] ? ip6_setup_cork+0x1870/0x1870 [ 195.167531][ T7887] sctp_v6_xmit+0x313/0x660 [ 195.172058][ T7887] sctp_packet_transmit+0x1bc4/0x36f0 [ 195.177458][ T7887] ? sctp_packet_config+0xfe0/0xfe0 [ 195.182668][ T7887] ? sctp_packet_append_chunk+0x946/0xda0 [ 195.188401][ T7887] ? sctp_outq_select_transport+0x21a/0x790 [ 195.194305][ T7887] sctp_outq_flush_ctrl.constprop.0+0x6d4/0xd50 [ 195.200558][ T7887] ? sctp_prsctp_prune_sent.isra.0+0x820/0x820 [ 195.206719][ T7887] ? lock_downgrade+0x880/0x880 [ 195.211580][ T7887] ? add_timer+0x400/0x930 [ 195.216009][ T7887] ? find_held_lock+0x35/0x130 [ 195.220778][ T7887] ? add_timer+0x41e/0x930 [ 195.225204][ T7887] sctp_outq_flush+0xe8/0x2780 [ 195.229971][ T7887] ? mark_held_locks+0xa4/0xf0 [ 195.234912][ T7887] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 195.240720][ T7887] ? add_timer+0x41e/0x930 [ 195.245139][ T7887] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 195.250949][ T7887] ? lockdep_hardirqs_on+0x418/0x5d0 [ 195.256237][ T7887] ? trace_hardirqs_on+0x67/0x230 [ 195.261269][ T7887] ? __sctp_outq_teardown+0xc60/0xc60 [ 195.266653][ T7887] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 195.272898][ T7887] ? sctp_outq_tail+0x68c/0x930 [ 195.278332][ T7887] sctp_outq_uncork+0x6c/0x80 [ 195.283103][ T7887] sctp_do_sm+0x2575/0x5770 [ 195.287619][ T7887] ? sctp_hash_transport+0xdb1/0x18d0 [ 195.293009][ T7887] ? sctp_do_8_2_transport_strike.isra.0+0x940/0x940 [ 195.299697][ T7887] ? __local_bh_enable_ip+0x15a/0x270 [ 195.305073][ T7887] ? lock_downgrade+0x880/0x880 [ 195.309924][ T7887] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 195.316172][ T7887] ? kasan_check_read+0x11/0x20 [ 195.321031][ T7887] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 195.327278][ T7887] ? sctp_hash_transport+0x10b/0x18d0 [ 195.332679][ T7887] ? memcpy+0x46/0x50 [ 195.336666][ T7887] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 195.342911][ T7887] ? sctp_assoc_set_primary+0x274/0x310 [ 195.348464][ T7887] sctp_primitive_ASSOCIATE+0x9d/0xd0 [ 195.353853][ T7887] __sctp_connect+0x8cd/0xce0 [ 195.358543][ T7887] ? sctp_sendmsg_to_asoc+0x17b0/0x17b0 [ 195.364090][ T7887] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 195.370341][ T7887] ? sctp_get_port+0x10e/0x180 [ 195.375105][ T7887] ? sctp_get_port_local+0x16e0/0x16e0 [ 195.380572][ T7887] ? __local_bh_enable_ip+0x15a/0x270 [ 195.386692][ T7887] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 195.392624][ T7887] sctp_inet_connect+0x2a2/0x350 [ 195.397576][ T7887] __sys_connect+0x266/0x330 [ 195.402177][ T7887] ? __ia32_sys_accept+0xb0/0xb0 [ 195.407116][ T7887] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 195.413358][ T7887] ? put_timespec64+0xda/0x140 [ 195.418136][ T7887] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 195.423603][ T7887] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 195.429064][ T7887] ? do_syscall_64+0x26/0x610 [ 195.433746][ T7887] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 195.439812][ T7887] ? do_syscall_64+0x26/0x610 [ 195.444510][ T7887] __x64_sys_connect+0x73/0xb0 [ 195.449292][ T7887] do_syscall_64+0x103/0x610 [ 195.453902][ T7887] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 195.459797][ T7887] RIP: 0033:0x4582b9 [ 195.463701][ T7887] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 195.483306][ T7887] RSP: 002b:00007fd6754b0c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 195.491721][ T7887] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004582b9 [ 195.499692][ T7887] RDX: 000000000000001c RSI: 0000000020000200 RDI: 0000000000000004 [ 195.507662][ T7887] RBP: 000000000073c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 195.515635][ T7887] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd6754b16d4 [ 195.523613][ T7887] R13: 00000000004be64c R14: 00000000004cf1e0 R15: 00000000ffffffff [ 195.531611][ T7879] CPU: 0 PID: 7879 Comm: syz-executor.2 Not tainted 5.1.0-rc3-next-20190405 #19 [ 195.540677][ T7879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 195.550740][ T7879] Call Trace: [ 195.554050][ T7879] dump_stack+0x172/0x1f0 [ 195.558402][ T7879] __this_cpu_preempt_check+0x246/0x270 [ 195.563968][ T7879] ip6_finish_output+0x335/0xdc0 [ 195.568922][ T7879] ip6_output+0x235/0x7f0 [ 195.573265][ T7879] ? ip6_finish_output+0xdc0/0xdc0 [ 195.578398][ T7879] ? ip6_fragment+0x3980/0x3980 [ 195.583269][ T7879] ? kasan_check_read+0x11/0x20 [ 195.588143][ T7879] ip6_xmit+0xe41/0x20c0 [ 195.588374][ T7827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 195.592407][ T7879] ? ip6_finish_output2+0x2550/0x2550 [ 195.592426][ T7879] ? mark_held_locks+0xf0/0xf0 [ 195.592448][ T7879] ? ip6_setup_cork+0x1870/0x1870 [ 195.604593][ T7879] ? patch_alc882+0x310/0x570 [ 195.604612][ T7879] sctp_v6_xmit+0x313/0x660 [ 195.604636][ T7879] sctp_packet_transmit+0x1bc4/0x36f0 [ 195.604670][ T7879] ? sctp_packet_config+0xfe0/0xfe0 [ 195.634169][ T7879] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 195.640420][ T7879] sctp_outq_flush+0x2b8/0x2780 [ 195.645276][ T7879] ? kfree_skbmem+0xc5/0x150 [ 195.645293][ T7879] ? kfree_skbmem+0xc5/0x150 [ 195.645306][ T7879] ? kfree_skbmem+0xc5/0x150 [ 195.645318][ T7879] ? sctp_ulpevent_free+0x362/0x4e0 [ 195.645342][ T7879] ? rcu_read_lock_sched_held+0x110/0x130 [ 195.670007][ T7879] ? __sctp_outq_teardown+0xc60/0xc60 [ 195.675393][ T7879] ? sctp_ulpevent_free+0x362/0x4e0 [ 195.680609][ T7879] ? sctp_ulpq_tail_event+0x116/0xbe0 [ 195.685989][ T7879] sctp_outq_uncork+0x6c/0x80 [ 195.690671][ T7879] sctp_do_sm+0x370/0x5770 [ 195.695087][ T7879] ? do_syscall_64+0x103/0x610 [ 195.699864][ T7879] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 195.705942][ T7879] ? sctp_do_8_2_transport_strike.isra.0+0x940/0x940 [ 195.712617][ T7879] ? lock_downgrade+0x880/0x880 [ 195.717501][ T7879] ? sctp_assoc_bh_rcv+0x2fc/0x660 [ 195.722613][ T7879] ? find_held_lock+0x35/0x130 [ 195.727382][ T7879] ? sctp_assoc_bh_rcv+0x2fc/0x660 [ 195.732505][ T7879] ? trace_hardirqs_on+0x67/0x230 [ 195.737531][ T7879] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 195.743294][ T7879] ? ktime_get+0x208/0x300 [ 195.747719][ T7879] sctp_assoc_bh_rcv+0x343/0x660 [ 195.752668][ T7879] sctp_inq_push+0x1ea/0x290 [ 195.757261][ T7879] sctp_backlog_rcv+0x196/0xbe0 [ 195.762120][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 195.767490][ T7879] ? _raw_spin_unlock_bh+0x31/0x40 [ 195.772598][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 195.777981][ T7879] ? sctp_hash_obj+0x600/0x600 [ 195.782746][ T7879] ? __release_sock+0xca/0x3a0 [ 195.787509][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 195.792883][ T7879] __release_sock+0x12e/0x3a0 [ 195.797605][ T7879] release_sock+0x59/0x1c0 [ 195.802022][ T7879] sctp_wait_for_connect+0x316/0x540 [ 195.807320][ T7879] ? sctp_get_port+0x180/0x180 [ 195.812113][ T7879] ? memcpy+0x46/0x50 [ 195.816103][ T7879] ? finish_wait+0x260/0x260 [ 195.820697][ T7879] ? sctp_primitive_ASSOCIATE+0x9d/0xd0 [ 195.826264][ T7879] __sctp_connect+0xac2/0xce0 [ 195.830947][ T7879] ? sctp_sendmsg_to_asoc+0x17b0/0x17b0 [ 195.836515][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 195.841905][ T7879] ? lockdep_hardirqs_on+0x418/0x5d0 [ 195.847200][ T7879] ? trace_hardirqs_on+0x67/0x230 [ 195.852228][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 195.857597][ T7879] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 195.863507][ T7879] sctp_inet_connect+0x2a2/0x350 [ 195.868452][ T7879] __sys_connect+0x266/0x330 [ 195.873051][ T7879] ? __ia32_sys_accept+0xb0/0xb0 [ 195.877986][ T7879] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 195.884223][ T7879] ? put_timespec64+0xda/0x140 [ 195.888998][ T7879] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 195.894456][ T7879] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 195.899913][ T7879] ? do_syscall_64+0x26/0x610 [ 195.904593][ T7879] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 195.910656][ T7879] ? do_syscall_64+0x26/0x610 [ 195.915339][ T7879] __x64_sys_connect+0x73/0xb0 [ 195.920118][ T7879] do_syscall_64+0x103/0x610 [ 195.924713][ T7879] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 195.930605][ T7879] RIP: 0033:0x4582b9 [ 195.934500][ T7879] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 195.954109][ T7879] RSP: 002b:00007fd675513c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 195.962535][ T7879] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004582b9 [ 195.970506][ T7879] RDX: 000000000000001c RSI: 0000000020000200 RDI: 0000000000000003 [ 195.978475][ T7879] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 195.986440][ T7879] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd6755146d4 [ 195.994407][ T7879] R13: 00000000004be64c R14: 00000000004cf1e0 R15: 00000000ffffffff [ 196.038542][ T7879] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7879 [ 196.048386][ T7879] caller is ip6_finish_output+0x335/0xdc0 [ 196.054182][ T7879] CPU: 1 PID: 7879 Comm: syz-executor.2 Not tainted 5.1.0-rc3-next-20190405 #19 [ 196.063207][ T7879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 196.073271][ T7879] Call Trace: [ 196.076575][ T7879] dump_stack+0x172/0x1f0 [ 196.080955][ T7879] __this_cpu_preempt_check+0x246/0x270 [ 196.086526][ T7879] ip6_finish_output+0x335/0xdc0 [ 196.091486][ T7879] ip6_output+0x235/0x7f0 [ 196.095845][ T7879] ? ip6_finish_output+0xdc0/0xdc0 [ 196.100975][ T7879] ? ip6_fragment+0x3980/0x3980 [ 196.105853][ T7879] ? kasan_check_read+0x11/0x20 [ 196.110720][ T7879] ip6_xmit+0xe41/0x20c0 [ 196.114991][ T7879] ? ip6_finish_output2+0x2550/0x2550 [ 196.120402][ T7879] ? mark_held_locks+0xf0/0xf0 [ 196.125185][ T7879] ? ip6_setup_cork+0x1870/0x1870 [ 196.130245][ T7879] ? __kprobes_text_end+0x3b070/0x69030 [ 196.135807][ T7879] sctp_v6_xmit+0x313/0x660 [ 196.140349][ T7879] sctp_packet_transmit+0x1bc4/0x36f0 [ 196.145756][ T7879] ? sctp_packet_config+0xfe0/0xfe0 [ 196.150970][ T7879] ? kasan_check_read+0x11/0x20 [ 196.155853][ T7879] ? del_timer+0xcd/0x120 [ 196.160201][ T7879] sctp_outq_flush+0x2b8/0x2780 [ 196.165064][ T7879] ? mark_held_locks+0xa4/0xf0 [ 196.169863][ T7879] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 196.175683][ T7879] ? del_timer+0xcd/0x120 [ 196.180021][ T7879] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 196.185855][ T7879] ? __sctp_outq_teardown+0xc60/0xc60 [ 196.191245][ T7879] ? del_timer+0xd2/0x120 [ 196.195604][ T7879] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 196.201872][ T7879] ? sctp_outq_tail+0x68c/0x930 [ 196.206737][ T7879] sctp_outq_uncork+0x6c/0x80 [ 196.211438][ T7879] sctp_do_sm+0x2575/0x5770 [ 196.215959][ T7879] ? is_dynamic_key+0x1c0/0x1c0 [ 196.220860][ T7879] ? sctp_do_8_2_transport_strike.isra.0+0x940/0x940 [ 196.227548][ T7879] ? __lock_acquire+0x548/0x3fb0 [ 196.232516][ T7879] ? skb_dequeue+0x12e/0x180 [ 196.237119][ T7879] ? find_held_lock+0x35/0x130 [ 196.241897][ T7879] ? skb_dequeue+0x12e/0x180 [ 196.246514][ T7879] ? trace_hardirqs_on+0x67/0x230 [ 196.251552][ T7879] ? kasan_check_read+0x11/0x20 [ 196.256530][ T7879] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 196.262354][ T7879] sctp_primitive_SHUTDOWN+0xa0/0xd0 [ 196.267656][ T7879] sctp_close+0x445/0x860 [ 196.272026][ T7879] ? sctp_init_sock+0x1360/0x1360 [ 196.277075][ T7879] ? ip_mc_drop_socket+0x211/0x270 [ 196.282203][ T7879] ? __sock_release+0x89/0x2b0 [ 196.295524][ T7879] inet_release+0x105/0x1f0 [ 196.300047][ T7879] inet6_release+0x53/0x80 [ 196.304479][ T7879] __sock_release+0xd3/0x2b0 [ 196.309083][ T7879] ? __sock_release+0x2b0/0x2b0 [ 196.313941][ T7879] sock_close+0x1b/0x30 [ 196.318110][ T7879] __fput+0x2e5/0x8d0 [ 196.322153][ T7879] ____fput+0x16/0x20 [ 196.326159][ T7879] task_work_run+0x14a/0x1c0 [ 196.330766][ T7879] get_signal+0x1961/0x1d50 [ 196.335293][ T7879] ? release_sock+0x158/0x1c0 [ 196.339989][ T7879] ? trace_hardirqs_on+0x67/0x230 [ 196.345031][ T7879] ? release_sock+0x158/0x1c0 [ 196.349746][ T7879] ? task_work_add+0x9c/0x110 [ 196.354444][ T7879] do_signal+0x87/0x1940 [ 196.358700][ T7879] ? fput+0x1b/0x20 [ 196.362532][ T7879] ? __sys_connect+0x12d/0x330 [ 196.367338][ T7879] ? setup_sigcontext+0x7d0/0x7d0 [ 196.372384][ T7879] ? put_timespec64+0xda/0x140 [ 196.377200][ T7879] ? exit_to_usermode_loop+0x43/0x2c0 [ 196.382592][ T7879] ? do_syscall_64+0x52d/0x610 [ 196.387378][ T7879] ? exit_to_usermode_loop+0x43/0x2c0 [ 196.392760][ T7879] ? lockdep_hardirqs_on+0x418/0x5d0 [ 196.398064][ T7879] ? trace_hardirqs_on+0x67/0x230 [ 196.403118][ T7879] exit_to_usermode_loop+0x244/0x2c0 [ 196.408418][ T7879] do_syscall_64+0x52d/0x610 [ 196.413020][ T7879] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 196.418909][ T7879] RIP: 0033:0x4582b9 [ 196.422808][ T7879] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 196.442769][ T7879] RSP: 002b:00007fd675513c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 196.451179][ T7879] RAX: fffffffffffffe00 RBX: 0000000000000003 RCX: 00000000004582b9 [ 196.459150][ T7879] RDX: 000000000000001c RSI: 0000000020000200 RDI: 0000000000000003 [ 196.467119][ T7879] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 196.475086][ T7879] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd6755146d4 [ 196.483059][ T7879] R13: 00000000004be64c R14: 00000000004cf1e0 R15: 00000000ffffffff [ 196.503149][ T7879] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7879 [ 196.512565][ T7879] caller is ip6_finish_output+0x335/0xdc0 [ 196.518303][ T7879] CPU: 1 PID: 7879 Comm: syz-executor.2 Not tainted 5.1.0-rc3-next-20190405 #19 [ 196.527327][ T7879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 196.537387][ T7879] Call Trace: [ 196.540879][ T7879] dump_stack+0x172/0x1f0 [ 196.545318][ T7879] __this_cpu_preempt_check+0x246/0x270 [ 196.550884][ T7879] ip6_finish_output+0x335/0xdc0 [ 196.555854][ T7879] ip6_output+0x235/0x7f0 [ 196.560228][ T7879] ? ip6_finish_output+0xdc0/0xdc0 [ 196.565357][ T7879] ? ip6_fragment+0x3980/0x3980 [ 196.570221][ T7879] ? kasan_check_read+0x11/0x20 [ 196.575090][ T7879] ip6_xmit+0xe41/0x20c0 [ 196.579346][ T7879] ? exit_to_usermode_loop+0x244/0x2c0 [ 196.584825][ T7879] ? ip6_finish_output2+0x2550/0x2550 [ 196.590222][ T7879] ? mark_held_locks+0xf0/0xf0 [ 196.595000][ T7879] ? ip6_setup_cork+0x1870/0x1870 [ 196.600045][ T7879] sctp_v6_xmit+0x313/0x660 [ 196.604562][ T7879] sctp_packet_transmit+0x1bc4/0x36f0 [ 196.609961][ T7879] ? sctp_packet_config+0xfe0/0xfe0 [ 196.615160][ T7879] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 196.620979][ T7879] ? trace_hardirqs_on+0x67/0x230 [ 196.626011][ T7879] ? kasan_check_read+0x11/0x20 [ 196.630887][ T7879] sctp_outq_flush+0x2b8/0x2780 [ 196.635743][ T7879] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 196.641556][ T7879] ? debug_object_destroy+0x220/0x220 [ 196.646935][ T7879] ? trace_hardirqs_on+0x67/0x230 [ 196.651962][ T7879] ? kasan_check_read+0x11/0x20 [ 196.656821][ T7879] ? __sctp_outq_teardown+0xc60/0xc60 [ 196.662214][ T7879] ? del_timer+0xd2/0x120 [ 196.666547][ T7879] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 196.672791][ T7879] ? sctp_outq_tail+0x68c/0x930 [ 196.677643][ T7879] sctp_outq_uncork+0x6c/0x80 [ 196.682324][ T7879] sctp_do_sm+0x2575/0x5770 [ 196.686869][ T7879] ? graph_lock+0x7b/0x200 [ 196.691296][ T7879] ? sctp_do_8_2_transport_strike.isra.0+0x940/0x940 [ 196.697972][ T7879] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 196.703784][ T7879] ? del_timer+0xcd/0x120 [ 196.708229][ T7879] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 196.714044][ T7879] ? sctp_assoc_bh_rcv+0x2fc/0x660 [ 196.719156][ T7879] ? find_held_lock+0x35/0x130 [ 196.723921][ T7879] ? sctp_assoc_bh_rcv+0x2fc/0x660 [ 196.729047][ T7879] ? trace_hardirqs_on+0x67/0x230 [ 196.734074][ T7879] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 196.739791][ T7879] ? ktime_get+0x208/0x300 [ 196.744231][ T7879] sctp_assoc_bh_rcv+0x343/0x660 [ 196.749178][ T7879] sctp_inq_push+0x1ea/0x290 [ 196.753775][ T7879] sctp_backlog_rcv+0x196/0xbe0 [ 196.758625][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 196.763996][ T7879] ? _raw_spin_unlock_bh+0x31/0x40 [ 196.769104][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 196.774483][ T7879] ? sctp_hash_obj+0x600/0x600 [ 196.779251][ T7879] ? __release_sock+0xca/0x3a0 [ 196.784019][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 196.789391][ T7879] __release_sock+0x12e/0x3a0 [ 196.794076][ T7879] release_sock+0x59/0x1c0 [ 196.798493][ T7879] sctp_close+0x4a4/0x860 [ 196.802832][ T7879] ? sctp_init_sock+0x1360/0x1360 [ 196.807882][ T7879] ? ip_mc_drop_socket+0x211/0x270 [ 196.812992][ T7879] ? __sock_release+0x89/0x2b0 [ 196.817760][ T7879] inet_release+0x105/0x1f0 [ 196.822264][ T7879] inet6_release+0x53/0x80 [ 196.826683][ T7879] __sock_release+0xd3/0x2b0 [ 196.831274][ T7879] ? __sock_release+0x2b0/0x2b0 [ 196.836123][ T7879] sock_close+0x1b/0x30 [ 196.840275][ T7879] __fput+0x2e5/0x8d0 [ 196.844347][ T7879] ____fput+0x16/0x20 [ 196.848336][ T7879] task_work_run+0x14a/0x1c0 [ 196.852932][ T7879] get_signal+0x1961/0x1d50 [ 196.857435][ T7879] ? release_sock+0x158/0x1c0 [ 196.862123][ T7879] ? trace_hardirqs_on+0x67/0x230 [ 196.867145][ T7879] ? release_sock+0x158/0x1c0 [ 196.871827][ T7879] ? task_work_add+0x9c/0x110 [ 196.876519][ T7879] do_signal+0x87/0x1940 [ 196.880772][ T7879] ? fput+0x1b/0x20 [ 196.884588][ T7879] ? __sys_connect+0x12d/0x330 [ 196.889359][ T7879] ? setup_sigcontext+0x7d0/0x7d0 [ 196.894381][ T7879] ? put_timespec64+0xda/0x140 [ 196.899153][ T7879] ? exit_to_usermode_loop+0x43/0x2c0 [ 196.904519][ T7879] ? do_syscall_64+0x52d/0x610 [ 196.909278][ T7879] ? exit_to_usermode_loop+0x43/0x2c0 [ 196.914651][ T7879] ? lockdep_hardirqs_on+0x418/0x5d0 [ 196.919935][ T7879] ? trace_hardirqs_on+0x67/0x230 [ 196.924964][ T7879] exit_to_usermode_loop+0x244/0x2c0 [ 196.930249][ T7879] do_syscall_64+0x52d/0x610 [ 196.934854][ T7879] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 196.940744][ T7879] RIP: 0033:0x4582b9 [ 196.944662][ T7879] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 196.964361][ T7879] RSP: 002b:00007fd675513c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 196.972784][ T7879] RAX: fffffffffffffe00 RBX: 0000000000000003 RCX: 00000000004582b9 [ 196.980749][ T7879] RDX: 000000000000001c RSI: 0000000020000200 RDI: 0000000000000003 [ 196.988715][ T7879] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 196.996686][ T7879] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd6755146d4 [ 197.004673][ T7879] R13: 00000000004be64c R14: 00000000004cf1e0 R15: 00000000ffffffff [ 197.057991][ T7879] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7879 [ 197.067701][ T7879] caller is ip6_finish_output+0x335/0xdc0 [ 197.073505][ T7879] CPU: 1 PID: 7879 Comm: syz-executor.2 Not tainted 5.1.0-rc3-next-20190405 #19 [ 197.082542][ T7879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 197.092596][ T7879] Call Trace: [ 197.095905][ T7879] dump_stack+0x172/0x1f0 [ 197.100251][ T7879] __this_cpu_preempt_check+0x246/0x270 [ 197.105812][ T7879] ip6_finish_output+0x335/0xdc0 [ 197.110778][ T7879] ip6_output+0x235/0x7f0 [ 197.115122][ T7879] ? ip6_finish_output+0xdc0/0xdc0 [ 197.120248][ T7879] ? ip6_fragment+0x3980/0x3980 [ 197.125113][ T7879] ? kasan_check_read+0x11/0x20 [ 197.129982][ T7879] ip6_xmit+0xe41/0x20c0 [ 197.134236][ T7879] ? do_signal+0x87/0x1940 [ 197.138675][ T7879] ? ip6_finish_output2+0x2550/0x2550 [ 197.144058][ T7879] ? mark_held_locks+0xf0/0xf0 [ 197.148845][ T7879] ? ip6_setup_cork+0x1870/0x1870 [ 197.153906][ T7879] sctp_v6_xmit+0x313/0x660 [ 197.158427][ T7879] sctp_packet_transmit+0x1bc4/0x36f0 [ 197.163831][ T7879] ? sctp_packet_config+0xfe0/0xfe0 [ 197.169075][ T7879] ? sctp_packet_append_chunk+0x946/0xda0 [ 197.174801][ T7879] ? sctp_outq_select_transport+0x21a/0x790 [ 197.180720][ T7879] sctp_outq_flush_ctrl.constprop.0+0x6d4/0xd50 [ 197.186977][ T7879] ? sctp_prsctp_prune_sent.isra.0+0x820/0x820 [ 197.193152][ T7879] ? __lock_acquire+0x548/0x3fb0 [ 197.198095][ T7879] ? del_timer+0xcd/0x120 [ 197.202435][ T7879] sctp_outq_flush+0xe8/0x2780 [ 197.207214][ T7879] ? sock_def_wakeup+0x160/0x280 [ 197.212162][ T7879] ? find_held_lock+0x35/0x130 [ 197.216942][ T7879] ? sock_def_wakeup+0x160/0x280 [ 197.221885][ T7879] ? __sctp_outq_teardown+0xc60/0xc60 [ 197.227272][ T7879] ? lock_downgrade+0x880/0x880 [ 197.232129][ T7879] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 197.238380][ T7879] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 197.244633][ T7879] ? sctp_outq_tail+0x68c/0x930 [ 197.249498][ T7879] sctp_outq_uncork+0x6c/0x80 [ 197.254189][ T7879] sctp_do_sm+0x418d/0x5770 [ 197.258699][ T7879] ? __fput+0x2e5/0x8d0 [ 197.262898][ T7879] ? ____fput+0x16/0x20 [ 197.267071][ T7879] ? task_work_run+0x14a/0x1c0 [ 197.271863][ T7879] ? sctp_do_8_2_transport_strike.isra.0+0x940/0x940 [ 197.279111][ T7879] ? lock_downgrade+0x880/0x880 [ 197.283986][ T7879] ? sctp_assoc_bh_rcv+0x2fc/0x660 [ 197.289106][ T7879] ? find_held_lock+0x35/0x130 [ 197.293889][ T7879] ? sctp_assoc_bh_rcv+0x2fc/0x660 [ 197.299027][ T7879] ? trace_hardirqs_on+0x67/0x230 [ 197.304066][ T7879] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 197.309791][ T7879] ? ktime_get+0x208/0x300 [ 197.314239][ T7879] sctp_assoc_bh_rcv+0x343/0x660 [ 197.319202][ T7879] sctp_inq_push+0x1ea/0x290 [ 197.323803][ T7879] sctp_backlog_rcv+0x196/0xbe0 [ 197.328676][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 197.334058][ T7879] ? _raw_spin_unlock_bh+0x31/0x40 [ 197.339264][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 197.344649][ T7879] ? sctp_hash_obj+0x600/0x600 [ 197.349422][ T7879] ? __release_sock+0xca/0x3a0 [ 197.354195][ T7879] ? __local_bh_enable_ip+0x15a/0x270 [ 197.359578][ T7879] __release_sock+0x12e/0x3a0 [ 197.364283][ T7879] release_sock+0x59/0x1c0 [ 197.368709][ T7879] sctp_close+0x4a4/0x860 [ 197.373064][ T7879] ? sctp_init_sock+0x1360/0x1360 [ 197.378104][ T7879] ? ip_mc_drop_socket+0x211/0x270 [ 197.383852][ T7879] ? __sock_release+0x89/0x2b0 [ 197.388644][ T7879] inet_release+0x105/0x1f0 [ 197.393161][ T7879] inet6_release+0x53/0x80 [ 197.397858][ T7879] __sock_release+0xd3/0x2b0 [ 197.402466][ T7879] ? __sock_release+0x2b0/0x2b0 [ 197.407322][ T7879] sock_close+0x1b/0x30 [ 197.411488][ T7879] __fput+0x2e5/0x8d0 [ 197.415482][ T7879] ____fput+0x16/0x20 [ 197.419480][ T7879] task_work_run+0x14a/0x1c0 [ 197.424089][ T7879] get_signal+0x1961/0x1d50 [ 197.428609][ T7879] ? release_sock+0x158/0x1c0 [ 197.433300][ T7879] ? trace_hardirqs_on+0x67/0x230 [ 197.438333][ T7879] ? release_sock+0x158/0x1c0 [ 197.443026][ T7879] ? task_work_add+0x9c/0x110 [ 197.447716][ T7879] do_signal+0x87/0x1940 [ 197.451970][ T7879] ? fput+0x1b/0x20 [ 197.455789][ T7879] ? __sys_connect+0x12d/0x330 [ 197.460563][ T7879] ? setup_sigcontext+0x7d0/0x7d0 [ 197.465607][ T7879] ? put_timespec64+0xda/0x140 [ 197.470570][ T7879] ? exit_to_usermode_loop+0x43/0x2c0 [ 197.475954][ T7879] ? do_syscall_64+0x52d/0x610 [ 197.480726][ T7879] ? exit_to_usermode_loop+0x43/0x2c0 [ 197.486110][ T7879] ? lockdep_hardirqs_on+0x418/0x5d0 [ 197.491404][ T7879] ? trace_hardirqs_on+0x67/0x230 [ 197.496446][ T7879] exit_to_usermode_loop+0x244/0x2c0 [ 197.501750][ T7879] do_syscall_64+0x52d/0x610 [ 197.506388][ T7879] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 197.512283][ T7879] RIP: 0033:0x4582b9 [ 197.516186][ T7879] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 197.535795][ T7879] RSP: 002b:00007fd675513c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 197.544221][ T7879] RAX: fffffffffffffe00 RBX: 0000000000000003 RCX: 00000000004582b9 [ 197.552194][ T7879] RDX: 000000000000001c RSI: 0000000020000200 RDI: 0000000000000003 [ 197.560169][ T7879] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 197.568147][ T7879] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd6755146d4 [ 197.576137][ T7879] R13: 00000000004be64c R14: 00000000004cf1e0 R15: 00000000ffffffff 05:43:08 executing program 2: 05:43:08 executing program 1: 05:43:08 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070") r1 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000140)={0x84, @multicast1, 0x0, 0x1102, 'mh\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 '}, 0x2c) setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0) 05:43:08 executing program 5: 05:43:08 executing program 3: 05:43:08 executing program 4: 05:43:08 executing program 1: 05:43:08 executing program 2: 05:43:08 executing program 0: 05:43:08 executing program 4: 05:43:08 executing program 3: 05:43:08 executing program 1: 05:43:08 executing program 0: 05:43:08 executing program 5: 05:43:08 executing program 4: 05:43:08 executing program 1: 05:43:08 executing program 5: 05:43:08 executing program 3: 05:43:08 executing program 2: 05:43:08 executing program 0: 05:43:08 executing program 4: 05:43:09 executing program 3: 05:43:09 executing program 1: 05:43:09 executing program 0: 05:43:09 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) clock_gettime(0x0, &(0x7f0000000100)) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f00000001c0)={{0x9, 0x3, 0x0, 0x0, 'syz1\x00'}, 0x1, [0x0, 0x0, 0x1, 0x0, 0x2, 0x8, 0x0, 0x2, 0x456, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x16, 0xa17, 0x0, 0x7, 0x0, 0x200, 0x7fff, 0x7fffffff, 0x7, 0x4, 0x10b6, 0x0, 0x8, 0x6, 0x0, 0x2, 0x7, 0x401, 0x0, 0x0, 0x401, 0x10001, 0x0, 0xfffffffffffffffc, 0xffffffff, 0x4, 0xd4, 0x0, 0xfff, 0x0, 0x3, 0x0, 0xffffffffffffffc1, 0xdb6, 0xfffffffffffffffd, 0x7f, 0x0, 0x0, 0x6, 0x0, 0x400, 0x1, 0x5, 0x0, 0x5b51c72e, 0x44, 0x4, 0x0, 0x80, 0x8, 0x0, 0x0, 0x100000001, 0x1f, 0x5, 0x6, 0xfffffffffffffffc, 0x0, 0x0, 0x5, 0x0, 0x4e6, 0x4, 0x100, 0x4051, 0x2, 0x2, 0xfffffffffffffffb, 0x0, 0x80, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa3d3, 0x3f, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3ff, 0x100000000, 0x20, 0xfffffffffffffffc, 0x0, 0x3ff, 0x100000000, 0x9, 0x0, 0x8, 0x9, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x7c, 0xd10, 0x5af, 0xfffffffffffffffe], {0x0, r1+30000000}}) r2 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r2, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x2f5}], 0x30}, 0x0) write$binfmt_script(r2, &(0x7f0000000600)=ANY=[], 0xfec8) recvmmsg(r2, &(0x7f0000007e00)=[{{0x0, 0x0, &(0x7f0000004700)=[{&(0x7f00000012c0)=""/167, 0xa7}, {&(0x7f00000023c0)=""/49, 0x31}, {&(0x7f0000003580)=""/4096, 0x1000}], 0x3, &(0x7f0000004780)=""/245, 0xf5}}], 0x1, 0x0, 0x0) 05:43:09 executing program 3: 05:43:09 executing program 2: 05:43:09 executing program 4: 05:43:09 executing program 0: 05:43:09 executing program 3: 05:43:09 executing program 1: 05:43:09 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) clock_gettime(0x0, &(0x7f0000000100)) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f00000001c0)={{0x9, 0x3, 0x0, 0x0, 'syz1\x00'}, 0x1, [0x0, 0x0, 0x1, 0x0, 0x2, 0x8, 0x0, 0x2, 0x456, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x16, 0xa17, 0x0, 0x7, 0x0, 0x200, 0x7fff, 0x7fffffff, 0x7, 0x4, 0x10b6, 0x0, 0x8, 0x6, 0x0, 0x2, 0x7, 0x401, 0x0, 0x0, 0x401, 0x10001, 0x0, 0xfffffffffffffffc, 0xffffffff, 0x4, 0xd4, 0x0, 0xfff, 0x0, 0x3, 0x0, 0xffffffffffffffc1, 0xdb6, 0xfffffffffffffffd, 0x7f, 0x0, 0x0, 0x6, 0x0, 0x400, 0x1, 0x5, 0x0, 0x5b51c72e, 0x44, 0x4, 0x0, 0x80, 0x8, 0x0, 0x0, 0x100000001, 0x1f, 0x5, 0x6, 0xfffffffffffffffc, 0x0, 0x0, 0x5, 0x0, 0x4e6, 0x4, 0x100, 0x4051, 0x2, 0x2, 0xfffffffffffffffb, 0x0, 0x80, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa3d3, 0x3f, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3ff, 0x100000000, 0x20, 0xfffffffffffffffc, 0x0, 0x3ff, 0x100000000, 0x9, 0x0, 0x8, 0x9, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x7c, 0xd10, 0x5af, 0xfffffffffffffffe], {0x0, r1+30000000}}) r2 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r2, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x2f5}], 0x30}, 0x0) write$binfmt_script(r2, &(0x7f0000000600)=ANY=[], 0xfec8) recvmmsg(r2, &(0x7f0000007e00)=[{{0x0, 0x0, &(0x7f0000004700)=[{&(0x7f00000012c0)=""/167, 0xa7}, {&(0x7f00000023c0)=""/49, 0x31}, {&(0x7f0000003580)=""/4096, 0x1000}], 0x3, &(0x7f0000004780)=""/245, 0xf5}}], 0x1, 0x0, 0x0) 05:43:09 executing program 4: 05:43:09 executing program 1: 05:43:09 executing program 2: 05:43:09 executing program 3: 05:43:09 executing program 0: 05:43:09 executing program 4: 05:43:09 executing program 5: 05:43:09 executing program 2: 05:43:09 executing program 3: 05:43:09 executing program 0: 05:43:09 executing program 1: 05:43:09 executing program 4: openat$uinput(0xffffffffffffff9c, &(0x7f0000000380)='/dev/uinput\x00', 0x802, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000900)={@loopback, 0x76}) syz_genetlink_get_family_id$tipc(&(0x7f0000000180)='TIPC\x00') sendmsg$TIPC_CMD_GET_NETID(0xffffffffffffffff, 0x0, 0x4004010) perf_event_open$cgroup(&(0x7f00000000c0)={0x0, 0x70, 0x8001, 0x100000001, 0x400, 0x0, 0x0, 0x0, 0xa000, 0x0, 0x5, 0x5, 0xc457, 0x0, 0x17b0, 0x5, 0x4, 0xec02, 0x100, 0x0, 0x13e, 0x0, 0x9, 0x9, 0x0, 0x0, 0x9, 0x2, 0x1, 0x6, 0x0, 0x8, 0x8ca6, 0x0, 0x800, 0xfffffffffffffffe, 0x8, 0x80, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x2020, 0xfff, 0x400, 0x2, 0xffffffff, 0x8, 0x7}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) r0 = socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x600, 0x3ef, 0x0, 0x3f00000000000000, 0x100000000000000, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}}) ioctl$sock_inet6_SIOCADDRT(r0, 0x89a0, &(0x7f0000000100)={@local={0xfe, 0x80, [0x0, 0xfeff0000]}, @empty, @loopback}) open(0x0, 0x0, 0x0) openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0) getpeername$packet(0xffffffffffffff9c, 0x0, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffff9c, 0xc0106434, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) 05:43:09 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mount(&(0x7f0000000180)=ANY=[@ANYBLOB=':d'], 0x0, &(0x7f0000000100)='ceph\x00', 0x0, 0x0) 05:43:09 executing program 1: syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x1000000040c5, 0x0) r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0) write$9p(r0, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600) sendfile(r0, r1, 0x0, 0x10000) 05:43:09 executing program 2: r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00') sendmsg$TIPC_CMD_SET_NETID(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r2, 0x10, 0x70bd2c, 0x25dfdbfb, {{}, 0x0, 0x800b, 0x0, {0x8, 0x2, 0x1}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x4044}, 0x4000) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCGPGRP(r1, 0x8904, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r0, 0x4010ae74, &(0x7f0000000040)={0x5f, 0x84e, 0xe1}) ioctl$SG_GET_ACCESS_COUNT(0xffffffffffffffff, 0x2289, &(0x7f00000001c0)) getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000300)={0x0}, &(0x7f0000000340)=0x8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000380)=@assoc_value={0x0, 0x6}, &(0x7f00000003c0)=0x8) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000400)={r3, 0x1, 0x7, 0x7, 0xfffffffffffffdf5, 0xfffffffffffffffd, 0x4, 0x0, {r4, @in6={{0xa, 0x4e24, 0x1, @dev={0xfe, 0x80, [], 0x1f}}}, 0x5, 0x8, 0x8000, 0x6, 0x80000000}}, &(0x7f00000004c0)=0xb0) socket$can_raw(0x1d, 0x3, 0x1) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000000)={0x30, 0x6, 0x0, 0x0, 0x0, 0x9917, 0xffff}, 0x0) ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000000540)={0x3, &(0x7f0000000500)=[{0x100000000, 0x1}, {0x9d, 0x3}, {0x1, 0x8000}]}) unshare(0x40000000) 05:43:09 executing program 0: 05:43:09 executing program 5: 05:43:09 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0xffffffffffffffff}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x200408d4, &(0x7f0000000380)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 199.372215][ C1] sched: DL replenish lagged too much [ 199.392241][ T7991] IPVS: ftp: loaded support on port[0] = 21 05:43:09 executing program 0: clone(0x2103001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) keyctl$set_reqkey_keyring(0xe, 0x4) keyctl$join(0x1, 0x0) request_key(&(0x7f0000000040)='user\x00\xbc\xa4\xce\xf4\xefrX\xa2\\\x00\x1f\xe3\xe1\xfe\xea\xa7&\xb9xs\xd0\xc4v\x93e\x92\xd7\xb6N*:\xd5v`\x8c\xeb^', &(0x7f0000000080)={'syz'}, &(0x7f0000000000)='\xd1?\xf3\xd7v', 0x0) writev(0xffffffffffffffff, 0x0, 0x237) [ 199.431088][ T27] audit: type=1804 audit(1554702189.943:31): pid=7993 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir287935534/syzkaller.89FKMm/13/file0" dev="sda1" ino=16548 res=1 05:43:10 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) write(r2, &(0x7f00000001c0), 0xfffffef3) creat(0x0, 0x0) read(r1, &(0x7f0000000200)=""/250, 0x50c7e3e3) clone(0x7ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) getrandom(&(0x7f0000000080)=""/44, 0xfd30, 0x0) ioctl$sock_SIOCADDDLCI(r0, 0x8980, 0x0) r3 = memfd_create(&(0x7f0000000300)='\x80%?\x15\x99t\x9d\xc0e\'1k\x88\xf8\x15\x8ap:\xf4-\xb2s\x7f\xdcp\x84\xd3\x92\xbe\xbb \x18\x84\rX\xadg\x8dT\x7f\xe3\x19u\xb38s\t\xad\xaf\x92/]\xa2\x12\xec\xc4\xd7\xb5\xec(\xd74i\xe6M@\xfa\x05\xc5B3\x8c\x11\b\n\xfa+nv\xa5\xde\xa7\xc64\xf6t!d\xees8\xc7U\xbbv\x00\x1b\xd3\x16\xc4\xf0\xb0\xcf;\xfa\xf00\xa0*\xb8\xbb>{_\xaf\x85\xab?\x9d\x0f\xe0\xc1\xccA~5\xc1v:+\x0e\xc4\xf1\x12\f\x82\'\x05 \xcf2\\\x96=mz\x1f\x1b\xeeRf\xa3M\xa5\x90|$E\x15k|\xc6\x00kaC\xaf\x85\xfa7\x98\'<\r\xb4;\xac\b\x1e\xf38\a', 0x0) execveat(r3, &(0x7f0000000000)='\x00', &(0x7f00000001c0), 0x0, 0x1000) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xc) 05:43:10 executing program 5: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000280)='fd/3\x00') 05:43:10 executing program 0: perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x1000000040c5, 0x0) r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffffff, 0xc018620b, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffffff, 0xc018620b, 0x0) write$9p(r0, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600) sendfile(r0, r1, 0x0, 0x10000) lgetxattr(0x0, 0x0, 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) 05:43:10 executing program 4: syz_open_dev$binder(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$PR_SET_FPEMU(0xa, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x1000000040c5, 0x0) r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffffff, 0xc018620b, 0x0) write$9p(r0, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600) sendfile(r0, r1, 0x0, 0x10000) lgetxattr(0x0, 0x0, &(0x7f0000000400)=""/149, 0x95) socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) write$FUSE_INTERRUPT(r0, 0x0, 0x0) getsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, &(0x7f0000000180)={0x1, [0x6]}, &(0x7f00000001c0)=0x6) [ 199.880186][ T27] audit: type=1804 audit(1554702190.403:32): pid=8023 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir264670705/syzkaller.E2AFB6/15/file0" dev="sda1" ino=16562 res=1 [ 200.008412][ T27] audit: type=1804 audit(1554702190.453:33): pid=8004 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir287935534/syzkaller.89FKMm/13/file0" dev="sda1" ino=16548 res=1 05:43:10 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0) fallocate(r1, 0x10, 0x0, 0x100101) 05:43:10 executing program 5: msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000000080)=ANY=[@ANYRES16], 0x1, 0x0) msgrcv(0x0, &(0x7f00000001c0)={0x0, ""/234}, 0xf2, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f00000007c0)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) [ 200.066537][ T7991] IPVS: ftp: loaded support on port[0] = 21 [ 200.161887][ T27] audit: type=1804 audit(1554702190.623:34): pid=8030 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir264670705/syzkaller.E2AFB6/15/file0" dev="sda1" ino=16562 res=1 [ 200.187201][ T27] audit: type=1804 audit(1554702190.633:35): pid=8031 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir280503805/syzkaller.8y01jl/9/file0" dev="sda1" ino=16542 res=1 05:43:10 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'syz_tun\x00'}) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000180000000000000eaf4a996c0b908060000000000ffeeffffccb14bff0000040014000200fe"], 0x1}}, 0x0) [ 200.211910][ T27] audit: type=1804 audit(1554702190.693:36): pid=8036 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir280503805/syzkaller.8y01jl/9/file0" dev="sda1" ino=16542 res=1 05:43:10 executing program 2: setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000100)=ANY=[@ANYBLOB="7365635533d94900cd8269747900000000d15e4a6ea4a1ac8000000e00ab020027d83e0a6252891cf3b9aa98b400da0000000128f8ffa063c5"], 0x1) clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r0) futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0xe) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x1f, r0, 0x0, 0x0) 05:43:10 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f0000000840)=[{{&(0x7f0000000780)=@sco, 0x80, &(0x7f0000000800)=[{&(0x7f0000001000)=""/175, 0xaf}, {&(0x7f0000000d80)=""/162, 0xa2}], 0x2, &(0x7f0000000e40)=""/158, 0x9e, 0xab}, 0x4}], 0x1, 0x0, &(0x7f0000000940)) sendmsg$nl_netfilter(r0, &(0x7f0000000080)={&(0x7f0000000200), 0xc, &(0x7f0000000000)={&(0x7f00000010c0)=ANY=[@ANYBLOB="140000000301ffffef7f12b685d3901b000000007fb279cbc9f7fdc3269d59c086a8d2740a519deffb2893f1d354869ceecdeb398110ce130ae2d429b641eb1a21ecd55daf9ce4536dc817eb40ddf2b991a938fd0cc24bc69d8afef9cd81843f74fd92ee8e7ee8fd5eb665976861e65135bb61561767635b2bab7755200000006bc0d26cc31c9200cee10100010000000000c6a0c83ecf072e4416ed40afbf6d6dd59284fc35aae8b40e6bdbdebcadaa7079c51b3c9629ed14b0f145d7ef600f8b4a0a2c67325ed5d9f9746bdd833eacbb2cafd87941ce767a812717f305000000000000009668dbd3f9976d005e740beb23b7bdf9b0e784f6a3794130886d8c7886d4d6f922368ee00a46ab02f3c2c350c5cf39ee3e436c62ddedccfe4617e93ada9fa3f56dbe7b9e947f1057091a9982367225c4e0485c6289e7196d71e3af2a6e2350d16cbafd000d1de6f09c4214974a42cf0beaed83e0ad490c11cc243c79a1e48edfefb500b59fda3d4f836fc590d5f900005a8ec0e0705b63c2a0ac7478d6234303e10e2c99e7df14866169fa77a5a1d22aac4226537444f905a5f8c1ef37918cb20786ae8765bdd1e347b8e70e7e56e83d1ba45c175e883fb39879fa6ff1aa865ee306b45df981569c1a90b1bc34ddcd9b0f65eb9046864402745abd2bba521678411582fd71e8f5c71deb"], 0x1ef}}, 0x0) 05:43:10 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x800000000002, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) recvmmsg(r0, &(0x7f0000000840)=[{{&(0x7f0000000780)=@sco, 0x80, &(0x7f0000000800)=[{&(0x7f0000001000)=""/175, 0xaf}, {&(0x7f0000000d80)=""/162, 0xa2}], 0x2, &(0x7f0000000e40)=""/158, 0x9e, 0xab}, 0x4}], 0x1, 0x0, &(0x7f0000000940)) sendmsg$nl_netfilter(r0, &(0x7f0000000080)={&(0x7f0000000200), 0xc, &(0x7f0000000000)={&(0x7f00000010c0)=ANY=[@ANYBLOB="140000000301ffffef7f12b685d3901b000000007fb279cbc9f7fdc3269d59c086a8d2740a519deffb2893f1d354869ceecdeb398110ce130ae2d429b641eb1a21ecd55daf9ce4536dc817eb40ddf2b991a938fd0cc24bc69d8afef9cd81843f74fd92ee8e7ee8fd5eb665976861e65135bb61561767635b2bab7755200000006bc0d26cc31c9200cee10100010000000000c6a0c83ecf072e4416ed40afbf6d6dd59284fc35aae8b40e6bdbdebcadaa7079c51b3c9629ed14b0f145d7ef600f8b4a0a2c67325ed5d9f9746bdd833eacbb2cafd87941ce767a812717f305000000000000009668dbd3f9976d005e740beb23b7bdf9b0e784f6a3794130886d8c7886d4d6f922368ee00a46ab02f3c2c350c5cf39ee3e436c62ddedccfe4617e93ada9fa3f56dbe7b9e947f1057091a9982367225c4e0485c6289e7196d71e3af2a6e2350d16cbafd000d1de6f09c4214974a42cf0beaed83e0ad490c11cc243c79a1e48edfefb500b59fda3d4f836fc590d5f900005a8ec0e0705b63c2a0ac7478d6234303e10e2c99e7df14866169fa77a5a1d22aac4226537444f905a5f8c1ef37918cb20786ae8765bdd1e347b8e70e7e56e83d1ba45c175e883fb39879fa6ff1aa865ee306b45df981569c1a90b1bc34ddcd9b0f65eb9046864402745abd2bba521678411582fd71e8f5c71deb"], 0x1ef}}, 0x0) 05:43:10 executing program 1: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x10, 0x2, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000250007031dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e280000002600ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, r0, 0x0) 05:43:10 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000940)=@nat={'nat\x00', 0x19, 0x3, 0x258, [0x200004c0, 0x0, 0x0, 0x200004f0, 0x20000690], 0x0, 0x0, &(0x7f00000004c0)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x1, [{{{0x13, 0x41, 0x0, '\x00', 'team0\x00', 'dummy0\x00', 'veth1_to_hsr\x00', @broadcast, [0x0, 0xff, 0xff, 0xff, 0xff, 0xff], @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, [0x0, 0xff, 0xff, 0xff, 0x0, 0xff], 0xd0, 0xd0, 0x120, [@arp={'arp\x00', 0x38, {{0x327, 0x0, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, @rand_addr=0x6, 0xffffffff, @random="e7b44d8dea3c", [0xff, 0x0, 0x0, 0xff, 0xff, 0xff], @dev={[], 0xa}, [0x0, 0x0, 0xff, 0xff, 0xff, 0xff], 0x40, 0x20}}}]}}, @common=@LED={'LED\x00', 0x28, {{'syz0\x00', 0x0, 0x8000, 0x8}}}}]}, {0x0, '\x00', 0x1, 0xffffffffffffffff}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x1d, 0x0, 0x0, 'team0\x00', 'veth1_to_bond\x00', 'nr0\x00', 'ipddp0\x00', @dev, [], @link_local, [], 0x70, 0x70, 0xa8}}, @arpreply={'arpreply\x00', 0x10}}]}]}, 0x2d0) [ 200.499117][ T8064] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. 05:43:11 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x151) connect$inet6(r0, &(0x7f0000000280), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_execute_func(&(0x7f0000000140)="410f01f964ff0941c3c4e2c9975842c483556bf6003e46d8731266420fe2e3c463dd691d4c000000c4c442019dcc6f") setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000040), 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x0, 0x0}, 0x10) 05:43:11 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCGSTAMP(r0, 0x8906, &(0x7f0000000240)) seccomp(0x1, 0x2, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xffffffff}]}) setuid(0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$FS_IOC_GETVERSION(0xffffffffffffffff, 0x80087601, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, 0x0) exit(0x0) getdents64(r3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) r4 = socket$inet6(0xa, 0x400000000001, 0x0) r5 = dup(r4) ioctl$int_in(r5, 0x5452, &(0x7f00000000c0)=0x9) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) prctl$PR_SVE_SET_VL(0x32, 0x0) setsockopt$inet6_mtu(r3, 0x29, 0x17, &(0x7f0000000180), 0x4) bind$inet6(r5, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r4, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) ioctl$sock_inet_SIOCGIFADDR(r1, 0x8915, &(0x7f0000000080)={'tunl0\x00', {0x2, 0x4e20, @broadcast}}) r6 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f00000001c0)=0x1fe, 0x4) ftruncate(r6, 0x80003) sendfile(r5, r6, 0x0, 0x8000fffffffe) 05:43:11 executing program 1: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x10, 0x2, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000250007031dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e280000002600ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, r0, 0x0) 05:43:11 executing program 2: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x10, 0x2, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000250007031dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e280000002600ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, r0, 0x0) 05:43:11 executing program 4: syz_execute_func(&(0x7f0000000080)="410f01f964ff0941c3c4e1796c5dc43e46d8731266420fe2e3c403ad7ec900c442014cb5cccc") clone(0x84007bf9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = getpid() openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop-control\x00', 0x0, 0x0) mknod(&(0x7f00000000c0)='./file0\x00', 0x1142, 0x0) execve(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) ptrace(0x10, r0) r1 = creat(&(0x7f0000000200)='./file0\x00', 0x0) ioctl$sock_inet6_udp_SIOCINQ(r1, 0x541b, 0x0) ptrace(0x11, r0) [ 200.703206][ T27] audit: type=1326 audit(1554702191.233:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=8073 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45b11a code=0xffff0000 [ 200.761387][ T8082] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 200.812639][ T8090] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 200.858788][ T8090] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/8090 [ 200.868211][ T8090] caller is ip6_finish_output+0x335/0xdc0 [ 200.874071][ T8090] CPU: 0 PID: 8090 Comm: syz-executor.0 Not tainted 5.1.0-rc3-next-20190405 #19 [ 200.883109][ T8090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 200.893169][ T8090] Call Trace: [ 200.896468][ T8090] dump_stack+0x172/0x1f0 [ 200.900923][ T8090] __this_cpu_preempt_check+0x246/0x270 [ 200.906483][ T8090] ip6_finish_output+0x335/0xdc0 [ 200.911437][ T8090] ip6_output+0x235/0x7f0 [ 200.915801][ T8090] ? ip6_finish_output+0xdc0/0xdc0 [ 200.920968][ T8090] ? ip6_fragment+0x3980/0x3980 [ 200.925858][ T8090] ip6_xmit+0xe41/0x20c0 [ 200.930127][ T8090] ? ip6_finish_output2+0x2550/0x2550 [ 200.935512][ T8090] ? mark_held_locks+0xf0/0xf0 [ 200.940290][ T8090] ? ip6_setup_cork+0x1870/0x1870 [ 200.945339][ T8090] inet6_csk_xmit+0x2fb/0x5d0 [ 200.950029][ T8090] ? inet6_csk_update_pmtu+0x190/0x190 [ 200.955493][ T8090] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 200.961741][ T8090] ? csum_ipv6_magic+0x20/0x80 [ 200.966528][ T8090] __tcp_transmit_skb+0x1a32/0x3750 [ 200.971760][ T8090] ? __tcp_select_window+0x8b0/0x8b0 [ 200.977060][ T8090] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 200.983338][ T8090] ? tcp_fastopen_no_cookie+0xe0/0x190 [ 200.988817][ T8090] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 200.995077][ T8090] tcp_connect+0x1e47/0x4280 [ 200.999722][ T8090] ? tcp_push_one+0x110/0x110 [ 201.000431][ T8086] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.3/8086 [ 201.004412][ T8090] ? secure_tcpv6_ts_off+0x24f/0x360 [ 201.004432][ T8090] ? secure_dccpv6_sequence_number+0x280/0x280 [ 201.004448][ T8090] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 201.004463][ T8090] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 201.004479][ T8090] ? prandom_u32_state+0x13/0x180 [ 201.004500][ T8090] tcp_v6_connect+0x150b/0x20a0 [ 201.004516][ T8090] ? tcp_sendmsg_locked+0x2170/0x37f0 [ 201.004537][ T8090] ? tcp_v6_conn_request+0x2b0/0x2b0 [ 201.013870][ T8086] caller is ip6_finish_output+0x335/0xdc0 [ 201.019119][ T8090] ? find_held_lock+0x35/0x130 [ 201.068638][ T8090] ? fs_reclaim_acquire.part.0+0x30/0x30 [ 201.074281][ T8090] __inet_stream_connect+0x83f/0xea0 [ 201.079600][ T8090] ? tcp_v6_conn_request+0x2b0/0x2b0 [ 201.084891][ T8090] ? __inet_stream_connect+0x83f/0xea0 [ 201.090357][ T8090] ? inet_dgram_connect+0x2e0/0x2e0 [ 201.095621][ T8090] ? tcp_sendmsg_locked+0x2170/0x37f0 [ 201.101000][ T8090] ? rcu_read_lock_sched_held+0x110/0x130 [ 201.106722][ T8090] ? kmem_cache_alloc_trace+0x354/0x760 [ 201.112274][ T8090] ? __lock_acquire+0x548/0x3fb0 [ 201.117222][ T8090] tcp_sendmsg_locked+0x231f/0x37f0 [ 201.122423][ T8090] ? mark_held_locks+0xf0/0xf0 [ 201.127205][ T8090] ? mark_held_locks+0xa4/0xf0 [ 201.131976][ T8090] ? tcp_sendpage+0x60/0x60 [ 201.136484][ T8090] ? lock_sock_nested+0x9a/0x120 [ 201.141421][ T8090] ? trace_hardirqs_on+0x67/0x230 [ 201.146453][ T8090] ? lock_sock_nested+0x9a/0x120 [ 201.151397][ T8090] ? __local_bh_enable_ip+0x15a/0x270 [ 201.156784][ T8090] tcp_sendmsg+0x30/0x50 [ 201.161029][ T8090] inet_sendmsg+0x147/0x5e0 [ 201.165538][ T8090] ? ipip_gro_receive+0x100/0x100 [ 201.170567][ T8090] sock_sendmsg+0xdd/0x130 [ 201.174996][ T8090] __sys_sendto+0x262/0x380 [ 201.179501][ T8090] ? __ia32_sys_getpeername+0xb0/0xb0 [ 201.184893][ T8090] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 201.191153][ T8090] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 201.196620][ T8090] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 201.202084][ T8090] ? do_syscall_64+0x26/0x610 [ 201.206769][ T8090] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 201.212851][ T8090] __x64_sys_sendto+0xe1/0x1a0 [ 201.217627][ T8090] do_syscall_64+0x103/0x610 [ 201.222222][ T8090] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 201.228118][ T8090] RIP: 0033:0x4582b9 [ 201.232018][ T8090] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 201.251631][ T8090] RSP: 002b:00007feb264b6c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 201.260135][ T8090] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 201.268109][ T8090] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 201.277602][ T8090] RBP: 000000000073c040 R08: 00000000208d4fe4 R09: 000000000000001c [ 201.285572][ T8090] R10: 0000000020000008 R11: 0000000000000246 R12: 00007feb264b76d4 [ 201.301440][ T8090] R13: 00000000004c59b6 R14: 00000000004d9d10 R15: 00000000ffffffff 05:43:11 executing program 1: r0 = creat(&(0x7f0000000200)='./file0\x00', 0x0) mkdir(&(0x7f0000000100)='./file1\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000001380)=ANY=[], 0xffffffe0) rename(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='./file2\x00') rename(&(0x7f0000000340)='./file1/file0\x00', &(0x7f0000000300)='./file2\x00') rename(&(0x7f0000000040)='./file1/file0\x00', &(0x7f0000000080)='./file2\x00') [ 201.309481][ T8086] CPU: 1 PID: 8086 Comm: syz-executor.3 Not tainted 5.1.0-rc3-next-20190405 #19 [ 201.318521][ T8086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 201.318536][ T8086] Call Trace: [ 201.331901][ T8086] dump_stack+0x172/0x1f0 [ 201.336270][ T8086] __this_cpu_preempt_check+0x246/0x270 [ 201.341827][ T8086] ip6_finish_output+0x335/0xdc0 [ 201.346790][ T8086] ip6_output+0x235/0x7f0 [ 201.351225][ T8086] ? ip6_finish_output+0xdc0/0xdc0 [ 201.356362][ T8086] ? ip6_fragment+0x3980/0x3980 [ 201.361236][ T8086] ip6_xmit+0xe41/0x20c0 [ 201.365504][ T8086] ? ip6_finish_output2+0x2550/0x2550 [ 201.367166][ T8090] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/8090 [ 201.370885][ T8086] ? mark_held_locks+0xf0/0xf0 [ 201.370906][ T8086] ? ip6_setup_cork+0x1870/0x1870 [ 201.370938][ T8086] inet6_csk_xmit+0x2fb/0x5d0 [ 201.380341][ T8090] caller is ip6_finish_output+0x335/0xdc0 [ 201.386514][ T8086] ? inet6_csk_update_pmtu+0x190/0x190 [ 201.386530][ T8086] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 201.386549][ T8086] ? csum_ipv6_magic+0x20/0x80 [ 201.386572][ T8086] __tcp_transmit_skb+0x1a32/0x3750 [ 201.386584][ T8086] ? tcp_connect+0x1184/0x4280 [ 201.386615][ T8086] ? __tcp_select_window+0x8b0/0x8b0 [ 201.433655][ T8086] ? lockdep_hardirqs_on+0x418/0x5d0 [ 201.438966][ T8086] ? trace_hardirqs_on+0x67/0x230 [ 201.444009][ T8086] ? tcp_rbtree_insert+0x188/0x200 [ 201.449134][ T8086] tcp_connect+0x2e18/0x4280 [ 201.453772][ T8086] ? tcp_push_one+0x110/0x110 [ 201.458465][ T8086] ? secure_tcpv6_ts_off+0x24f/0x360 [ 201.463762][ T8086] ? secure_dccpv6_sequence_number+0x280/0x280 [ 201.469919][ T8086] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 201.476166][ T8086] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 201.482410][ T8086] ? prandom_u32_state+0x13/0x180 [ 201.487441][ T8086] tcp_v6_connect+0x150b/0x20a0 [ 201.492313][ T8086] ? tcp_v6_conn_request+0x2b0/0x2b0 [ 201.497633][ T8086] __inet_stream_connect+0x83f/0xea0 [ 201.502932][ T8086] ? tcp_v6_conn_request+0x2b0/0x2b0 [ 201.508390][ T8086] ? __inet_stream_connect+0x83f/0xea0 [ 201.513946][ T8086] ? mark_held_locks+0xa4/0xf0 [ 201.518720][ T8086] ? inet_dgram_connect+0x2e0/0x2e0 [ 201.523927][ T8086] ? lock_sock_nested+0x9a/0x120 [ 201.528885][ T8086] ? trace_hardirqs_on+0x67/0x230 [ 201.533927][ T8086] ? lock_sock_nested+0x9a/0x120 [ 201.538880][ T8086] ? __local_bh_enable_ip+0x15a/0x270 [ 201.544269][ T8086] inet_stream_connect+0x58/0xa0 [ 201.549244][ T8086] __sys_connect+0x266/0x330 [ 201.553855][ T8086] ? __ia32_sys_accept+0xb0/0xb0 [ 201.558800][ T8086] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 201.565051][ T8086] ? put_timespec64+0xda/0x140 [ 201.569829][ T8086] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 201.575312][ T8086] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 201.580781][ T8086] ? do_syscall_64+0x26/0x610 [ 201.585473][ T8086] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 201.591575][ T8086] ? do_syscall_64+0x26/0x610 [ 201.596279][ T8086] __x64_sys_connect+0x73/0xb0 [ 201.601056][ T8086] do_syscall_64+0x103/0x610 [ 201.605659][ T8086] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 201.611554][ T8086] RIP: 0033:0x4582b9 [ 201.615456][ T8086] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 201.635070][ T8086] RSP: 002b:00007fd98476fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 201.643495][ T8086] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004582b9 [ 201.651519][ T8086] RDX: 000000000000001c RSI: 0000000020000280 RDI: 0000000000000004 [ 201.659505][ T8086] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 201.667487][ T8086] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9847705d4 [ 201.675467][ T8086] R13: 00000000004be64c R14: 00000000004cf1e0 R15: 00000000ffffffff [ 201.683465][ T8090] CPU: 0 PID: 8090 Comm: syz-executor.0 Not tainted 5.1.0-rc3-next-20190405 #19 [ 201.692517][ T8090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 201.702573][ T8090] Call Trace: [ 201.705874][ T8090] dump_stack+0x172/0x1f0 [ 201.710212][ T8090] __this_cpu_preempt_check+0x246/0x270 [ 201.715764][ T8090] ip6_finish_output+0x335/0xdc0 [ 201.720711][ T8090] ip6_output+0x235/0x7f0 [ 201.725065][ T8090] ? ip6_finish_output+0xdc0/0xdc0 [ 201.730182][ T8090] ? ip6_fragment+0x3980/0x3980 [ 201.735043][ T8090] ip6_xmit+0xe41/0x20c0 [ 201.739311][ T8090] ? ip6_finish_output2+0x2550/0x2550 [ 201.744689][ T8090] ? mark_held_locks+0xf0/0xf0 [ 201.749458][ T8090] ? ip6_setup_cork+0x1870/0x1870 [ 201.754502][ T8090] inet6_csk_xmit+0x2fb/0x5d0 [ 201.759181][ T8090] ? inet6_csk_update_pmtu+0x190/0x190 [ 201.764643][ T8090] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 201.770888][ T8090] ? csum_ipv6_magic+0x20/0x80 [ 201.775669][ T8090] __tcp_transmit_skb+0x1a32/0x3750 [ 201.780877][ T8090] ? memcpy+0x46/0x50 [ 201.784888][ T8090] ? __tcp_select_window+0x8b0/0x8b0 [ 201.790211][ T8090] ? tcp_rbtree_insert+0x188/0x200 [ 201.795324][ T8090] tcp_send_synack+0x4b0/0x15b0 [ 201.800179][ T8090] ? tcp_send_active_reset+0x8e0/0x8e0 [ 201.805645][ T8090] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 201.811888][ T8090] ? tcp_sync_mss+0x2ee/0xa30 [ 201.816572][ T8090] tcp_rcv_state_process+0x225d/0x4d93 [ 201.822036][ T8090] ? tcp_finish_connect+0x510/0x510 [ 201.827236][ T8090] ? __release_sock+0xca/0x3a0 [ 201.831998][ T8090] ? find_held_lock+0x35/0x130 [ 201.836766][ T8090] ? mark_held_locks+0xa4/0xf0 [ 201.841529][ T8090] ? __local_bh_enable_ip+0x15a/0x270 [ 201.846899][ T8090] ? _raw_spin_unlock_bh+0x31/0x40 [ 201.852006][ T8090] ? __local_bh_enable_ip+0x15a/0x270 [ 201.857383][ T8090] tcp_v6_do_rcv+0x7da/0x12c0 [ 201.862056][ T8090] ? tcp_v6_do_rcv+0x7da/0x12c0 [ 201.866916][ T8090] __release_sock+0x12e/0x3a0 [ 201.871599][ T8090] release_sock+0x59/0x1c0 [ 201.876018][ T8090] __inet_stream_connect+0x59f/0xea0 [ 201.881309][ T8090] ? inet_dgram_connect+0x2e0/0x2e0 [ 201.886528][ T8090] ? tcp_sendmsg_locked+0x2170/0x37f0 [ 201.891900][ T8090] ? do_wait_intr_irq+0x2b0/0x2b0 [ 201.896931][ T8090] ? __lock_acquire+0x548/0x3fb0 [ 201.901887][ T8090] tcp_sendmsg_locked+0x231f/0x37f0 [ 201.907086][ T8090] ? mark_held_locks+0xf0/0xf0 [ 201.911876][ T8090] ? mark_held_locks+0xa4/0xf0 [ 201.916648][ T8090] ? tcp_sendpage+0x60/0x60 [ 201.921152][ T8090] ? lock_sock_nested+0x9a/0x120 [ 201.926091][ T8090] ? trace_hardirqs_on+0x67/0x230 [ 201.931125][ T8090] ? lock_sock_nested+0x9a/0x120 [ 201.936075][ T8090] ? __local_bh_enable_ip+0x15a/0x270 [ 201.941461][ T8090] tcp_sendmsg+0x30/0x50 [ 201.945704][ T8090] inet_sendmsg+0x147/0x5e0 [ 201.950207][ T8090] ? ipip_gro_receive+0x100/0x100 [ 201.955240][ T8090] sock_sendmsg+0xdd/0x130 [ 201.959656][ T8090] __sys_sendto+0x262/0x380 [ 201.964166][ T8090] ? __ia32_sys_getpeername+0xb0/0xb0 [ 201.969638][ T8090] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 201.975895][ T8090] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 201.981350][ T8090] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 201.986808][ T8090] ? do_syscall_64+0x26/0x610 [ 201.991488][ T8090] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 201.997559][ T8090] __x64_sys_sendto+0xe1/0x1a0 [ 202.002329][ T8090] do_syscall_64+0x103/0x610 [ 202.006926][ T8090] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 202.012814][ T8090] RIP: 0033:0x4582b9 [ 202.016741][ T8090] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 202.036340][ T8090] RSP: 002b:00007feb264b6c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 202.044750][ T8090] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 202.052717][ T8090] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 05:43:12 executing program 4: mkdir(&(0x7f0000000700)='./file1\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x0, 0x0) fstat(0xffffffffffffffff, 0x0) mkdir(&(0x7f00000003c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='overlay\x00', 0x0, &(0x7f0000000c40)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1\x00']) [ 202.060681][ T8090] RBP: 000000000073c040 R08: 00000000208d4fe4 R09: 000000000000001c [ 202.068648][ T8090] R10: 0000000020000008 R11: 0000000000000246 R12: 00007feb264b76d4 [ 202.076619][ T8090] R13: 00000000004c59b6 R14: 00000000004d9d10 R15: 00000000ffffffff 05:43:12 executing program 5: mkdir(&(0x7f0000000700)='./file1\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, 0x0, 0x0) mkdir(&(0x7f00000003c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='overlay\x00', 0x0, &(0x7f0000000c40)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) [ 202.181136][ T8083] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. 05:43:12 executing program 2: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x10, 0x2, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000250007031dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e280000002600ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, r0, 0x0) 05:43:12 executing program 0: syz_emit_ethernet(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(0xffffffffffffffff, 0x800443d2, 0x0) ioctl$FIBMAP(0xffffffffffffffff, 0x1, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000280), 0x0, 0x4001, 0x0, 0x0) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000580)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000000)='./file0\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0) open(&(0x7f0000000100)='./bus\x00', 0x0, 0x0) ftruncate(r0, 0x208200) r1 = open(&(0x7f0000000780)='./bus\x00', 0x14103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x602200, 0x7ffffe, 0x4002011, r1, 0x0) 05:43:13 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa69c, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x0, 0x0) ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x30b) mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0xfffffffffffef, 0x13012, r0, 0x0) [ 202.531947][ T8117] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. 05:43:13 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r0, 0x1000008912, &(0x7f0000000080)="0adc1f123c123f3188b070") r1 = socket(0x1e, 0x4, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, 0x0) [ 202.702288][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 202.708286][ C1] protocol 88fb is buggy, dev hsr_slave_1 05:43:13 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0) mkdir(&(0x7f0000000200)='./file0/file0\x00', 0x0) mount$bpf(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bpf(0x20000000, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x2201001, 0x0) mount$bpf(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x2001001, &(0x7f0000000580)=ANY=[]) accept4$llc(0xffffffffffffffff, &(0x7f0000000400)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, 0x0, 0x0) mount$bpf(0x0, &(0x7f0000001400)='./file0/file0\x00', &(0x7f0000000080)='bpf\x00', 0x0, 0x0) mount$bpf(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000280)='bpf\x00', 0x0, 0x0) mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, 0x0) mount$bpf(0x20000000, &(0x7f0000000000)='.\x00', 0x0, 0x0, 0x0) mount$bpf(0x20000000, &(0x7f0000000380)='./file0\x00', 0x0, 0x5890, 0x0) 05:43:13 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa69c, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x0, 0x0) ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x30b) mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0xfffffffffffef, 0x13012, r0, 0x0) [ 202.954743][ T8146] overlayfs: upperdir is in-use by another mount, mount with '-o index=off' to override exclusive upperdir protection. 05:43:13 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa69c, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x0, 0x0) ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x30b) mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0xfffffffffffef, 0x13012, r0, 0x0) 05:43:13 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer2\x00', 0x4800, 0x0) 05:43:13 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa69c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) msgget$private(0x0, 0x0) msgctl$IPC_INFO(0x0, 0x3, 0x0) ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x4b4e, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x30b) mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0xfffffffffffef, 0x13012, r0, 0x0) 05:43:13 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa69c, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x0, 0x0) ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x30b) mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0xfffffffffffef, 0x13012, r0, 0x0) 05:43:13 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0) mkdir(&(0x7f0000000200)='./file0/file0\x00', 0x0) mount$bpf(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bpf(0x20000000, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x2201001, 0x0) mount$bpf(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x2001001, &(0x7f0000000580)=ANY=[]) accept4$llc(0xffffffffffffffff, &(0x7f0000000400)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, 0x0, 0x0) mount$bpf(0x0, &(0x7f0000001400)='./file0/file0\x00', &(0x7f0000000080)='bpf\x00', 0x0, 0x0) mount$bpf(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000280)='bpf\x00', 0x0, 0x0) mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, 0x0) mount$bpf(0x20000000, &(0x7f0000000000)='.\x00', 0x0, 0x0, 0x0) mount$bpf(0x20000000, &(0x7f0000000380)='./file0\x00', 0x0, 0x5890, 0x0) [ 203.108707][ T8154] overlayfs: upperdir is in-use by another mount, mount with '-o index=off' to override exclusive upperdir protection. 05:43:13 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0) mkdir(&(0x7f0000000200)='./file0/file0\x00', 0x0) mount$bpf(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bpf(0x20000000, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x2201001, 0x0) mount$bpf(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x2001001, &(0x7f0000000580)=ANY=[]) accept4$llc(0xffffffffffffffff, &(0x7f0000000400)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, 0x0, 0x0) mount$bpf(0x0, &(0x7f0000001400)='./file0/file0\x00', &(0x7f0000000080)='bpf\x00', 0x0, 0x0) mount$bpf(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000280)='bpf\x00', 0x0, 0x0) mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, 0x0) mount$bpf(0x20000000, &(0x7f0000000000)='.\x00', 0x0, 0x0, 0x0) mount$bpf(0x20000000, &(0x7f0000000380)='./file0\x00', 0x0, 0x5890, 0x0)