[ 37.919057][ T26] audit: type=1800 audit(1554680663.136:25): pid=7703 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 37.958268][ T26] audit: type=1800 audit(1554680663.146:26): pid=7703 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 37.979735][ T26] audit: type=1800 audit(1554680663.146:27): pid=7703 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 38.012602][ T26] audit: type=1800 audit(1554680663.146:28): pid=7703 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.168' (ECDSA) to the list of known hosts. 2019/04/07 23:44:36 fuzzer started 2019/04/07 23:44:39 dialing manager at 10.128.0.26:34543 2019/04/07 23:44:39 syscalls: 2408 2019/04/07 23:44:39 code coverage: enabled 2019/04/07 23:44:39 comparison tracing: enabled 2019/04/07 23:44:39 extra coverage: extra coverage is not supported by the kernel 2019/04/07 23:44:39 setuid sandbox: enabled 2019/04/07 23:44:39 namespace sandbox: enabled 2019/04/07 23:44:39 Android sandbox: /sys/fs/selinux/policy does not exist 2019/04/07 23:44:39 fault injection: enabled 2019/04/07 23:44:39 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/04/07 23:44:39 net packet injection: enabled 2019/04/07 23:44:39 net device setup: enabled 23:46:59 executing program 0: r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x4a001, 0x0) ioctl$UI_SET_SWBIT(r0, 0x4004556d, 0x8001) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(0xffffffffffffffff) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000040)={{{@in, @in6=@ipv4={[], [], @initdev}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @local}}, 0x0, @in=@multicast1}}, &(0x7f0000000200)=0xe8) fchown(0xffffffffffffffff, r2, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000580)={'nr0\x01\x00', 0x801}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x308) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r3) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8914, &(0x7f0000000340)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb96\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\x97\x80\xe9\xa1S\f\xc7?\xa6\x95I\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~\xff\xff\x00\x00#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xd5\x1b\xca\xa9\xc7[\xa2\xef\xacM\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xb4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\x04R\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xafh_\x9c\x91\xc1q_|L\x11\x03\x94\xc0\t=\x17\x95P\xd7\xcdH\x1c8^ARL\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x13\x82Rk\x9cAz\xab\rT\xadLO\f\x17Y\x1dg\x10\xe3LL\x1fC\xfa\xd9\xb0\xfb\xb4\xf3[\xdf\xd0\xd6\x82\xf6~0\xb8\xf4\xb0X\xfew\xbdY\n\xd6\x105\x9c\xb7\xe5F\xc1:9\xb8\xc2\x85\b\xfd\x92\xb0k\x93\xd7\xc40J\xc2\xf0=p\xd6\xe3\xe4W:\xd2\xf6\xfc\x83\xb1\xcb\xd1K\xb9(\"9(~\xf4\xf4\x94`\xe8\xdb\x17\xf9\xcf#)T\xcdj^\xa61\x12\x91 \xd7\x92\xc0\xd0s\xa9\xe4\x18:') ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612) syzkaller login: [ 193.916818][ T7870] IPVS: ftp: loaded support on port[0] = 21 23:46:59 executing program 1: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getrlimit(0x0, 0x0) [ 194.024803][ T7870] chnl_net:caif_netlink_parms(): no params data found [ 194.117639][ T7870] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.141918][ T7870] bridge0: port 1(bridge_slave_0) entered disabled state [ 194.150218][ T7870] device bridge_slave_0 entered promiscuous mode [ 194.179695][ T7873] IPVS: ftp: loaded support on port[0] = 21 [ 194.187345][ T7870] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.194798][ T7870] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.203984][ T7870] device bridge_slave_1 entered promiscuous mode [ 194.232933][ T7870] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 194.248068][ T7870] bond0: Enslaving bond_slave_1 as an active interface with an up link 23:46:59 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendto$inet(r0, &(0x7f0000000440)="af", 0x1, 0x4000010, 0x0, 0x0) sendto$inet(r0, &(0x7f0000000240)="df", 0x1, 0x4200010, 0x0, 0x0) [ 194.300619][ T7870] team0: Port device team_slave_0 added [ 194.327588][ T7870] team0: Port device team_slave_1 added [ 194.425083][ T7870] device hsr_slave_0 entered promiscuous mode 23:46:59 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000100)={r2}) r3 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000015c0)={r3}) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000080)={r3, 0x40000, 0x3}) [ 194.473369][ T7870] device hsr_slave_1 entered promiscuous mode [ 194.541831][ T7870] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.549154][ T7870] bridge0: port 2(bridge_slave_1) entered forwarding state [ 194.557155][ T7870] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.564315][ T7870] bridge0: port 1(bridge_slave_0) entered forwarding state [ 194.647955][ T7878] IPVS: ftp: loaded support on port[0] = 21 [ 194.663140][ T7876] IPVS: ftp: loaded support on port[0] = 21 [ 194.745644][ T7873] chnl_net:caif_netlink_parms(): no params data found [ 194.813199][ T7873] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.820408][ T7873] bridge0: port 1(bridge_slave_0) entered disabled state [ 194.829725][ T7873] device bridge_slave_0 entered promiscuous mode [ 194.839950][ T7873] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.847178][ T7873] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.856012][ T7873] device bridge_slave_1 entered promiscuous mode 23:47:00 executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000680)={0x2, 0x4e23, @local}, 0x10) recvmmsg(r0, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) [ 194.889027][ T7873] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 194.905474][ T7873] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 194.917697][ T7870] 8021q: adding VLAN 0 to HW filter on device bond0 [ 194.962235][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 195.003377][ T17] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.024137][ T17] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.043473][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 195.109165][ T7870] 8021q: adding VLAN 0 to HW filter on device team0 [ 195.125469][ T7873] team0: Port device team_slave_0 added [ 195.161044][ T7884] IPVS: ftp: loaded support on port[0] = 21 [ 195.190351][ T7873] team0: Port device team_slave_1 added [ 195.198607][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready 23:47:00 executing program 5: r0 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000006000)=@in={0x2, 0x4e20, @loopback}, 0x80, &(0x7f0000007f80)=[{&(0x7f00000001c0)="de", 0x1}], 0x1}, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0xa, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x2, 0x20}, 0x98) [ 195.208564][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 195.218517][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 195.225913][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 195.237437][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 195.246729][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 195.258018][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 195.265224][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 195.331870][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 195.343530][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 195.356639][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 195.367178][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 195.385286][ T7878] chnl_net:caif_netlink_parms(): no params data found [ 195.443522][ T7873] device hsr_slave_0 entered promiscuous mode [ 195.482345][ T7873] device hsr_slave_1 entered promiscuous mode [ 195.527223][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 195.536537][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 195.545200][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 195.569111][ T7887] IPVS: ftp: loaded support on port[0] = 21 [ 195.589340][ T7876] chnl_net:caif_netlink_parms(): no params data found [ 195.597944][ T2402] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 195.606716][ T2402] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 195.620417][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 195.633119][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 195.682141][ T7870] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 195.726947][ T7878] bridge0: port 1(bridge_slave_0) entered blocking state [ 195.734664][ T7878] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.742825][ T7878] device bridge_slave_0 entered promiscuous mode [ 195.773112][ T7878] bridge0: port 2(bridge_slave_1) entered blocking state [ 195.780231][ T7878] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.788621][ T7878] device bridge_slave_1 entered promiscuous mode [ 195.820352][ T7878] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 195.831454][ T7878] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 195.858234][ T7878] team0: Port device team_slave_0 added [ 195.870429][ T7878] team0: Port device team_slave_1 added [ 195.940892][ T7876] bridge0: port 1(bridge_slave_0) entered blocking state [ 195.949118][ T7876] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.958964][ T7876] device bridge_slave_0 entered promiscuous mode [ 195.967477][ T7876] bridge0: port 2(bridge_slave_1) entered blocking state [ 195.974804][ T7876] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.982891][ T7876] device bridge_slave_1 entered promiscuous mode [ 196.025803][ T7876] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 196.036122][ T7876] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 196.049901][ T7870] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 196.114702][ T7878] device hsr_slave_0 entered promiscuous mode [ 196.152339][ T7878] device hsr_slave_1 entered promiscuous mode [ 196.200407][ T7884] chnl_net:caif_netlink_parms(): no params data found [ 196.215378][ T7887] chnl_net:caif_netlink_parms(): no params data found [ 196.231278][ T7873] 8021q: adding VLAN 0 to HW filter on device bond0 [ 196.266101][ T7876] team0: Port device team_slave_0 added [ 196.282524][ T7873] 8021q: adding VLAN 0 to HW filter on device team0 [ 196.311491][ T7876] team0: Port device team_slave_1 added [ 196.337389][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 196.348604][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 196.420035][ T7884] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.428738][ T7884] bridge0: port 1(bridge_slave_0) entered disabled state [ 196.431745][ C0] hrtimer: interrupt took 44968 ns [ 196.442306][ T7884] device bridge_slave_0 entered promiscuous mode [ 196.450199][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 196.459979][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 196.468724][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.475895][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state [ 196.484035][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 196.506936][ T7887] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.515243][ T7887] bridge0: port 1(bridge_slave_0) entered disabled state [ 196.523606][ T7887] device bridge_slave_0 entered promiscuous mode [ 196.532355][ T7887] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.539548][ T7887] bridge0: port 2(bridge_slave_1) entered disabled state [ 196.548245][ T7887] device bridge_slave_1 entered promiscuous mode [ 196.597816][ T7884] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.605506][ T7884] bridge0: port 2(bridge_slave_1) entered disabled state [ 196.613938][ T7884] device bridge_slave_1 entered promiscuous mode [ 196.621198][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 196.630357][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 196.639095][ T22] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.652190][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state [ 196.661054][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 196.744572][ T7876] device hsr_slave_0 entered promiscuous mode [ 196.782734][ T7876] device hsr_slave_1 entered promiscuous mode [ 197.014983][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 197.026920][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 197.035614][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 197.044171][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 197.052799][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 197.061119][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 197.096119][ T7887] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 197.115102][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 197.123926][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 197.998562][ T7873] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 198.010101][ T7873] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 198.023396][ T7887] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 198.034095][ T7884] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 198.046266][ T7878] 8021q: adding VLAN 0 to HW filter on device bond0 [ 198.055327][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 198.063990][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 198.090465][ T7884] bond0: Enslaving bond_slave_1 as an active interface with an up link 23:47:03 executing program 0: r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x4a001, 0x0) ioctl$UI_SET_SWBIT(r0, 0x4004556d, 0x8001) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(0xffffffffffffffff) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000040)={{{@in, @in6=@ipv4={[], [], @initdev}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @local}}, 0x0, @in=@multicast1}}, &(0x7f0000000200)=0xe8) fchown(0xffffffffffffffff, r2, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000580)={'nr0\x01\x00', 0x801}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x308) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r3) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8914, &(0x7f0000000340)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb96\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\x97\x80\xe9\xa1S\f\xc7?\xa6\x95I\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~\xff\xff\x00\x00#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xd5\x1b\xca\xa9\xc7[\xa2\xef\xacM\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xb4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\x04R\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xafh_\x9c\x91\xc1q_|L\x11\x03\x94\xc0\t=\x17\x95P\xd7\xcdH\x1c8^ARL\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x13\x82Rk\x9cAz\xab\rT\xadLO\f\x17Y\x1dg\x10\xe3LL\x1fC\xfa\xd9\xb0\xfb\xb4\xf3[\xdf\xd0\xd6\x82\xf6~0\xb8\xf4\xb0X\xfew\xbdY\n\xd6\x105\x9c\xb7\xe5F\xc1:9\xb8\xc2\x85\b\xfd\x92\xb0k\x93\xd7\xc40J\xc2\xf0=p\xd6\xe3\xe4W:\xd2\xf6\xfc\x83\xb1\xcb\xd1K\xb9(\"9(~\xf4\xf4\x94`\xe8\xdb\x17\xf9\xcf#)T\xcdj^\xa61\x12\x91 \xd7\x92\xc0\xd0s\xa9\xe4\x18:') ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612) [ 198.133553][ T7884] team0: Port device team_slave_0 added [ 198.162144][ T7887] team0: Port device team_slave_0 added [ 198.176119][ T7873] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 198.200202][ T7878] 8021q: adding VLAN 0 to HW filter on device team0 [ 198.208294][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 198.216087][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 198.225351][ T7884] team0: Port device team_slave_1 added [ 198.232980][ T7887] team0: Port device team_slave_1 added [ 198.332425][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 198.341084][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 198.350273][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.357427][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state [ 198.365278][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 198.373960][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 198.382796][ T22] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.389837][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state [ 198.444777][ T7887] device hsr_slave_0 entered promiscuous mode [ 198.492300][ T7887] device hsr_slave_1 entered promiscuous mode [ 198.573563][ T7884] device hsr_slave_0 entered promiscuous mode [ 198.612043][ T7884] device hsr_slave_1 entered promiscuous mode [ 198.682499][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 198.706970][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 198.723679][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 23:47:04 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ubi_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000001100)={r0, 0x0, &(0x7f0000000100)="d5306a75b78b6bee3346b06c9be2a46c62a0862583e0af963e1141cf6b3302147c6b1e4d5a14d161fa3f7c618cbe4f06e6495d56ec7c809714c27cba3dd0ae0aad5ab6d3eb6a2addaa030a2cb5d7a8285c38109a1296505fc6a97ebd0389eddd1ab596d18b4d081615a42fa3e5831f16084235a6835cb708bb8ddb5e89e4d781121a1c3eaf4d5192553afb18e9d599c9d3ecfe56ba3fc7994ae14d4bbbdc5d641d3af16fe57d2ff168fa0d6af29bb00c9d19fe9fe81c6cf6fe059c3c761e1532877b9c45f8fc23755635c6f558edf0cf70dc31f444fd74a1b1222953fc6d453ee90e866389fe2695741877e0f8c2609742e983b95a852f20066a954b16c475b1f45d26bd80e15d76b2441e8932fb0f33782f4af7bf9129abdd4eac15b603cf0a108c4d80daba6c58d39faab48bcb4c18a5ce7ea3a88c99057fe23fd0c3c85f611f17415ed024c4c296e2f5b974da4b44e24bb1964f03f1f1bf03ecb0e121b168639a39f085f2ed06d1cc77d3b22498505763cd864cfc111c2311b00caecb8f6ba14d5e429bcd7843a52c390a0bde5dbddb910bff0418596e0f40056e4173198335f3176eb1051193c60daadd84731c2161c1b310b3935b1c9fbf2c4849a818419664d11c92687cccff382ed6d5e5bebadb8a66973711e09d801aca7ad814cfc5b86259d5ffd0c5c13cfb276fe279bc0e95a8943a3adb16552454ca5ed1a6e43a05c8417ca45c5dba0938490a026517d3c53e70f63668d63fea6949c4fd6c2b2226c588bbb748eaa49ef561837e38e70d157183a6bcbdae27d3e830158b87703b27b0b38c44da0214f4385c71b7b0d6a0e07228c02dfbc4d0d87f870c0dae4520754dc06922baf224386f708892858e1408e9bfbcd135892b18129be307b53914bb75b0289b1d5e0c5ca0733dcafed176b5ffa44bbf1c658c0622e777dbbae80a189265f6692ef60372196dba45e99c76bc458d29050264d73d44cbad67725136d6f8933e5dbbaa70c1ce6311cb68bf2184cc0b55794971375ada96b7bbac66d0d5f8c815e488a4"}, 0x20) ioctl$DRM_IOCTL_GET_MAGIC(0xffffffffffffffff, 0x80046402, &(0x7f00000000c0)=0x8) ppoll(&(0x7f0000000080), 0x20000000000000f5, 0x0, 0x0, 0x0) 23:47:04 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ubi_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000001100)={r0, 0x0, &(0x7f0000000100)="d5306a75b78b6bee3346b06c9be2a46c62a0862583e0af963e1141cf6b3302147c6b1e4d5a14d161fa3f7c618cbe4f06e6495d56ec7c809714c27cba3dd0ae0aad5ab6d3eb6a2addaa030a2cb5d7a8285c38109a1296505fc6a97ebd0389eddd1ab596d18b4d081615a42fa3e5831f16084235a6835cb708bb8ddb5e89e4d781121a1c3eaf4d5192553afb18e9d599c9d3ecfe56ba3fc7994ae14d4bbbdc5d641d3af16fe57d2ff168fa0d6af29bb00c9d19fe9fe81c6cf6fe059c3c761e1532877b9c45f8fc23755635c6f558edf0cf70dc31f444fd74a1b1222953fc6d453ee90e866389fe2695741877e0f8c2609742e983b95a852f20066a954b16c475b1f45d26bd80e15d76b2441e8932fb0f33782f4af7bf9129abdd4eac15b603cf0a108c4d80daba6c58d39faab48bcb4c18a5ce7ea3a88c99057fe23fd0c3c85f611f17415ed024c4c296e2f5b974da4b44e24bb1964f03f1f1bf03ecb0e121b168639a39f085f2ed06d1cc77d3b22498505763cd864cfc111c2311b00caecb8f6ba14d5e429bcd7843a52c390a0bde5dbddb910bff0418596e0f40056e4173198335f3176eb1051193c60daadd84731c2161c1b310b3935b1c9fbf2c4849a818419664d11c92687cccff382ed6d5e5bebadb8a66973711e09d801aca7ad814cfc5b86259d5ffd0c5c13cfb276fe279bc0e95a8943a3adb16552454ca5ed1a6e43a05c8417ca45c5dba0938490a026517d3c53e70f63668d63fea6949c4fd6c2b2226c588bbb748eaa49ef561837e38e70d157183a6bcbdae27d3e830158b87703b27b0b38c44da0214f4385c71b7b0d6a0e07228c02dfbc4d0d87f870c0dae4520754dc06922baf224386f708892858e1408e9bfbcd135892b18129be307b53914bb75b0289b1d5e0c5ca0733dcafed176b5ffa44bbf1c658c0622e777dbbae80a189265f6692ef60372196dba45e99c76bc458d29050264d73d44cbad67725136d6f8933e5dbbaa70c1ce6311cb68bf2184cc0b55794971375ada96b7bbac66d0d5f8c815e488a4"}, 0x20) ioctl$DRM_IOCTL_GET_MAGIC(0xffffffffffffffff, 0x80046402, &(0x7f00000000c0)=0x8) ppoll(&(0x7f0000000080), 0x20000000000000f5, 0x0, 0x0, 0x0) 23:47:04 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000240)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x0, [{0x0, 0x6, 0x0, [], 0x80ffff}]}}) [ 199.030506][ T7915] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 199.804830][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 199.818595][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 199.830464][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 199.839664][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 199.848273][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready 23:47:05 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000240)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x0, [{0x0, 0x2, 0x0, [], 0x80ffff}]}}) 23:47:05 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000240)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x0, [{0x0, 0x4, 0x0, [], 0x80ffff}]}}) [ 199.875689][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 199.884645][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 199.898494][ T7876] 8021q: adding VLAN 0 to HW filter on device bond0 [ 199.909789][ T7878] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 199.948356][ T7878] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 199.989797][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 199.999991][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 200.012201][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 200.021283][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 23:47:05 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0xae64, 0x0) dup2(r0, r2) [ 200.070340][ T7878] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 200.100501][ T7876] 8021q: adding VLAN 0 to HW filter on device team0 [ 200.169481][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready 23:47:05 executing program 0: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'vet\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbdh\x00', 0x43732e5398416f1a}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'vet\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbdh\x00', 0x43732e5398416f1a}) write$tun(r2, &(0x7f0000001540)=ANY=[@ANYBLOB="0000000000000000000000000000450000580000000000009078ac141400ffffffff0420880b00000000000008000000271a6ab9b0f46d07480bca28df736f86dd080088be00000000100000000100000000000000080022eb00000000200000000200000000000011000000000800655800000000016620f717ba80b97b669c0f28e34750577223e7fd881c8aa1b5eb59af8fa31fabc13ea719d8158ec12bdc8f37f86c241f74b3d6dc635d4efc04c91d0d36dba09ccd1ef24fa4247ece75a256a17600e2e154da6227e1f80c35ff636d9906b063b05322cbccd7e29c8a8dc2ab9c9de17f26342954163c516ca997fe39820aeb40f3a62a64470a284c08edd94f3f080a5ea85fac455cbb3052ac9adb207121b0bd88fa94762330f49d6342f058224e231bfe804ff738dce60be41a84f5f3bdb8ebc5ee42eaf65629b3949b0947ec2bea347bf9141ca9811b76c305894cdce88612f53c491c7eecf0d4303ddab03aea5d01c7e58a5ba351aad1e0518d86489430c99359fa0ab3b020dffe73c8decec1715895f2cfbf41da43b7767fb112aec1662e460631e5bd9dd7d44672da2ba852bd90785a324b1ffd5b6990dfebe52141b07e96404ce0ddca43fd21c908807619c8d141bd2ab2a1a7e55127f6403a04886748e8562d8e43d9aa4feb6cb9aafc2ac1d007075cc761556bd6a8c4ae823d1a95066cb8df4e2fddd06c9d3ee341d53287cf932f04b1c941af6d280feb32148c0bb93e2f9852de11e6b3ca3437ba460703cf5c9f1e140a4b5d4b02b51f9f8e85ee55568fd3314836c8fd11788a5eabee201ee9b143e12924ad6659509d6c5c9dbc016edb447ea1c1bcda28ccac926efd7d6277a09c73287c5038867eb95c9bee78e4a3d37afe5bce24617e10faa9c50dc61c9823ee8669d51c"], 0x1) dup2(r0, r2) [ 200.222419][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 200.230933][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.238080][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 200.260353][ T7884] 8021q: adding VLAN 0 to HW filter on device bond0 [ 200.289665][ T7887] 8021q: adding VLAN 0 to HW filter on device bond0 [ 200.320640][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 200.329236][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 200.337379][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 200.345479][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 200.355053][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 200.364253][ T7882] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.371333][ T7882] bridge0: port 2(bridge_slave_1) entered forwarding state [ 200.379012][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 200.398772][ T7887] 8021q: adding VLAN 0 to HW filter on device team0 [ 200.422256][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 200.444022][ T7884] 8021q: adding VLAN 0 to HW filter on device team0 [ 200.476243][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 200.493038][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 200.500845][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 200.511964][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 200.520352][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.527442][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 200.535375][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 200.544048][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 200.552349][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.559389][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 200.567093][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 200.577536][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 200.586222][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 200.595020][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 200.604506][ T2402] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 200.636729][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 200.645594][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 200.678982][ T7875] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.721538][ T7875] bridge0: port 1(bridge_slave_0) entered forwarding state [ 200.729433][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 200.739083][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 200.747675][ T7875] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.754787][ T7875] bridge0: port 2(bridge_slave_1) entered forwarding state [ 200.762750][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 200.771145][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 200.779853][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 200.788647][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 200.797579][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 200.806245][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 200.815191][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 200.826268][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 200.834633][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 200.843504][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 200.851402][ T7875] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 200.864550][ T7876] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 200.898476][ T7920] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 200.909221][ T7920] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 200.920789][ T7920] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 200.930874][ T7920] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 200.939557][ T7920] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 200.948171][ T7920] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 200.956552][ T7920] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 200.964908][ T7920] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 200.985958][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 200.994475][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 201.003183][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 201.011354][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 201.021084][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 201.029383][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 201.037880][ T7882] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 201.049886][ T7884] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 201.067344][ T2402] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 201.075842][ T2402] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 201.088539][ T7876] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 201.097850][ T7887] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 201.134020][ T7884] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 201.148389][ T7887] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 201.218552][ T7955] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 23:47:06 executing program 2: r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fuse\x00', 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) close(r0) 23:47:06 executing program 3: r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000360000)="2400000032001f0414f9f407002c04091c0007ed100002000a0000000900000000000000", 0x24) 23:47:06 executing program 4: sched_yield() socketpair$unix(0x1, 0x0, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x28b87512) r0 = socket$inet6(0xa, 0x400000000001, 0x0) r1 = dup(r0) ioctl$KVM_GET_REGS(r1, 0x8090ae81, &(0x7f00000001c0)) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000000)=0x81, 0x4) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r1, 0x29, 0xb, &(0x7f0000000280)=0x2, 0x4) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000180)=0x6, 0x4) socket$packet(0x11, 0x0, 0x300) read(0xffffffffffffffff, 0x0, 0x0) mlock2(&(0x7f0000ffa000/0x6000)=nil, 0x6000, 0x0) accept4$inet6(r0, 0x0, 0x0, 0x0) ioctl$TIOCNXCL(0xffffffffffffffff, 0x540d) r2 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) pread64(0xffffffffffffffff, 0x0, 0x0, 0x0) ftruncate(r2, 0x7fff) sendfile(r1, r2, 0x0, 0x8000fffffffe) 23:47:06 executing program 0: r0 = syz_open_dev$sndctrl(&(0x7f00000000c0)='/dev/snd/controlC#\x00', 0xdcc, 0x0) ioctl$EXT4_IOC_SETFLAGS(0xffffffffffffffff, 0x40046602, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(0xffffffffffffffff, 0x29, 0x44, 0x0, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000880)) socket$inet6(0xa, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_PVERSION(r0, 0xc1105518, &(0x7f0000001000)) 23:47:06 executing program 1: sched_setaffinity(0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000400)='ns/user\x00') 23:47:06 executing program 3: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PPPIOCGIDLE(r0, 0x40046104, 0x0) 23:47:06 executing program 5: r0 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000006000)=@in={0x2, 0x4e20, @loopback}, 0x80, &(0x7f0000007f80)=[{&(0x7f00000001c0)="de", 0x1}], 0x1}, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0xa, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x2, 0x20}, 0x98) 23:47:06 executing program 2: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x0, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PPPIOCGIDLE(r0, 0x40046104, 0x0) [ 201.461209][ T7975] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 23:47:06 executing program 2: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x0, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PPPIOCGIDLE(r0, 0x40046104, 0x0) 23:47:06 executing program 5: r0 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000006000)=@in={0x2, 0x4e20, @loopback}, 0x80, &(0x7f0000007f80)=[{&(0x7f00000001c0)="de", 0x1}], 0x1}, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0xa, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x2, 0x20}, 0x98) [ 201.541385][ T7975] check_preemption_disabled: 2 callbacks suppressed [ 201.541408][ T7975] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/7975 [ 201.557968][ T7975] caller is ip6_finish_output+0x335/0xdc0 [ 201.563776][ T7975] CPU: 1 PID: 7975 Comm: syz-executor.4 Not tainted 5.1.0-rc3-next-20190405 #19 [ 201.572806][ T7975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 201.582872][ T7975] Call Trace: [ 201.586179][ T7975] dump_stack+0x172/0x1f0 23:47:06 executing program 2: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x0, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PPPIOCGIDLE(r0, 0x40046104, 0x0) [ 201.590531][ T7975] __this_cpu_preempt_check+0x246/0x270 [ 201.596100][ T7975] ip6_finish_output+0x335/0xdc0 [ 201.601061][ T7975] ip6_output+0x235/0x7f0 [ 201.605404][ T7975] ? ip6_finish_output+0xdc0/0xdc0 [ 201.610531][ T7975] ? ip6_fragment+0x3980/0x3980 [ 201.615409][ T7975] ip6_xmit+0xe41/0x20c0 [ 201.619669][ T7975] ? ip6_finish_output2+0x2550/0x2550 [ 201.625053][ T7975] ? mark_held_locks+0xf0/0xf0 [ 201.629856][ T7975] ? perf_trace_lock+0x510/0x510 [ 201.634812][ T7975] ? ip6_setup_cork+0x1870/0x1870 23:47:06 executing program 5: r0 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000006000)=@in={0x2, 0x4e20, @loopback}, 0x80, &(0x7f0000007f80)=[{&(0x7f00000001c0)="de", 0x1}], 0x1}, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0xa, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x2, 0x20}, 0x98) [ 201.639870][ T7975] inet6_csk_xmit+0x2fb/0x5d0 [ 201.644562][ T7975] ? inet6_csk_update_pmtu+0x190/0x190 [ 201.650026][ T7975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 201.656289][ T7975] ? csum_ipv6_magic+0x20/0x80 [ 201.661086][ T7975] __tcp_transmit_skb+0x1a32/0x3750 [ 201.666310][ T7975] ? __tcp_select_window+0x8b0/0x8b0 [ 201.671613][ T7975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 201.677881][ T7975] ? tcp_fastopen_no_cookie+0xe0/0x190 [ 201.683375][ T7975] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 23:47:06 executing program 2: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x0, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PPPIOCGIDLE(r0, 0x40046104, 0x0) [ 201.689648][ T7975] tcp_connect+0x1e47/0x4280 [ 201.694285][ T7975] ? tcp_push_one+0x110/0x110 [ 201.699011][ T7975] ? secure_tcpv6_ts_off+0x24f/0x360 [ 201.704332][ T7975] ? secure_dccpv6_sequence_number+0x280/0x280 [ 201.710510][ T7975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 201.716783][ T7975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 201.723051][ T7975] ? prandom_u32_state+0x13/0x180 [ 201.728112][ T7975] tcp_v6_connect+0x150b/0x20a0 [ 201.732999][ T7975] ? tcp_sendmsg_locked+0x2170/0x37f0 [ 201.738413][ T7975] ? tcp_v6_conn_request+0x2b0/0x2b0 [ 201.743731][ T7975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 201.750117][ T7975] ? find_held_lock+0x35/0x130 [ 201.754907][ T7975] ? fs_reclaim_acquire.part.0+0x30/0x30 [ 201.760576][ T7975] __inet_stream_connect+0x83f/0xea0 [ 201.765907][ T7975] ? tcp_v6_conn_request+0x2b0/0x2b0 [ 201.771211][ T7975] ? __inet_stream_connect+0x83f/0xea0 [ 201.776727][ T7975] ? inet_dgram_connect+0x2e0/0x2e0 [ 201.781944][ T7975] ? tcp_sendmsg_locked+0x2170/0x37f0 [ 201.787370][ T7975] ? rcu_read_lock_sched_held+0x110/0x130 [ 201.793105][ T7975] ? kmem_cache_alloc_trace+0x354/0x760 [ 201.798659][ T7975] ? __lock_acquire+0x548/0x3fb0 [ 201.803623][ T7975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 201.809882][ T7975] ? debug_smp_processor_id+0x3c/0x280 [ 201.815355][ T7975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 201.821638][ T7975] tcp_sendmsg_locked+0x231f/0x37f0 [ 201.826857][ T7975] ? mark_held_locks+0xf0/0xf0 [ 201.831636][ T7975] ? mark_held_locks+0xa4/0xf0 [ 201.836420][ T7975] ? tcp_sendpage+0x60/0x60 [ 201.840939][ T7975] ? lock_sock_nested+0x9a/0x120 [ 201.845899][ T7975] ? trace_hardirqs_on+0x67/0x230 [ 201.850939][ T7975] ? lock_sock_nested+0x9a/0x120 [ 201.855896][ T7975] ? __local_bh_enable_ip+0x15a/0x270 [ 201.861295][ T7975] tcp_sendmsg+0x30/0x50 [ 201.865556][ T7975] inet_sendmsg+0x147/0x5e0 [ 201.870090][ T7975] ? ipip_gro_receive+0x100/0x100 [ 201.875126][ T7975] sock_sendmsg+0xdd/0x130 [ 201.879558][ T7975] __sys_sendto+0x262/0x380 [ 201.884076][ T7975] ? __ia32_sys_getpeername+0xb0/0xb0 [ 201.889501][ T7975] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 201.896043][ T7975] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 201.901523][ T7975] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 201.907011][ T7975] ? do_syscall_64+0x26/0x610 [ 201.911701][ T7975] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 201.917800][ T7975] __x64_sys_sendto+0xe1/0x1a0 [ 201.922597][ T7975] do_syscall_64+0x103/0x610 [ 201.927393][ T7975] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 201.933310][ T7975] RIP: 0033:0x4582b9 [ 201.937219][ T7975] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 201.956832][ T7975] RSP: 002b:00007f6a60261c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 201.965261][ T7975] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 201.973249][ T7975] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 201.981253][ T7975] RBP: 000000000073bf00 R08: 00000000208d4fe4 R09: 000000000000001c [ 201.989245][ T7975] R10: 0000000020000008 R11: 0000000000000246 R12: 00007f6a602626d4 [ 201.997234][ T7975] R13: 00000000004c59b6 R14: 00000000004d9d10 R15: 00000000ffffffff [ 202.055050][ T7975] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/7975 [ 202.064682][ T7975] caller is ip6_finish_output+0x335/0xdc0 [ 202.070429][ T7975] CPU: 1 PID: 7975 Comm: syz-executor.4 Not tainted 5.1.0-rc3-next-20190405 #19 [ 202.079481][ T7975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 202.089549][ T7975] Call Trace: [ 202.092858][ T7975] dump_stack+0x172/0x1f0 [ 202.097213][ T7975] __this_cpu_preempt_check+0x246/0x270 23:47:07 executing program 2: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$PPPIOCGIDLE(r0, 0x40046104, 0x0) [ 202.102801][ T7975] ip6_finish_output+0x335/0xdc0 [ 202.107949][ T7975] ip6_output+0x235/0x7f0 [ 202.112309][ T7975] ? ip6_finish_output+0xdc0/0xdc0 [ 202.117443][ T7975] ? ip6_fragment+0x3980/0x3980 [ 202.122323][ T7975] ip6_xmit+0xe41/0x20c0 [ 202.126578][ T7975] ? find_held_lock+0x35/0x130 [ 202.131369][ T7975] ? ip6_finish_output2+0x2550/0x2550 [ 202.136766][ T7975] ? mark_held_locks+0xf0/0xf0 [ 202.141547][ T7975] ? perf_trace_lock+0x510/0x510 [ 202.146503][ T7975] ? ip6_setup_cork+0x1870/0x1870 [ 202.151571][ T7975] inet6_csk_xmit+0x2fb/0x5d0 [ 202.156266][ T7975] ? inet6_csk_update_pmtu+0x190/0x190 [ 202.161741][ T7975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 202.168024][ T7975] ? csum_ipv6_magic+0x20/0x80 [ 202.172820][ T7975] __tcp_transmit_skb+0x1a32/0x3750 [ 202.178031][ T7975] ? memcpy+0x46/0x50 [ 202.182031][ T7975] ? __tcp_select_window+0x8b0/0x8b0 [ 202.182058][ T7975] ? __lockdep_free_key_range+0x120/0x120 [ 202.182085][ T7975] ? tcp_rbtree_insert+0x188/0x200 [ 202.182104][ T7975] tcp_send_synack+0x4b0/0x15b0 [ 202.182131][ T7975] ? tcp_send_active_reset+0x8e0/0x8e0 [ 202.182155][ T7975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 202.182170][ T7975] ? tcp_sync_mss+0x2ee/0xa30 [ 202.182195][ T7975] tcp_rcv_state_process+0x225d/0x4d93 [ 202.182208][ T7975] ? perf_trace_lock+0xeb/0x510 [ 202.182223][ T7975] ? do_seccomp+0x9e4/0x2250 [ 202.182245][ T7975] ? tcp_finish_connect+0x510/0x510 [ 202.182262][ T7975] ? __release_sock+0xca/0x3a0 [ 202.182277][ T7975] ? find_held_lock+0x35/0x130 [ 202.182296][ T7975] ? mark_held_locks+0xa4/0xf0 [ 202.182311][ T7975] ? __local_bh_enable_ip+0x15a/0x270 [ 202.182324][ T7975] ? _raw_spin_unlock_bh+0x31/0x40 [ 202.182337][ T7975] ? __local_bh_enable_ip+0x15a/0x270 [ 202.182359][ T7975] tcp_v6_do_rcv+0x7da/0x12c0 [ 202.182372][ T7975] ? tcp_v6_do_rcv+0x7da/0x12c0 [ 202.182395][ T7975] __release_sock+0x12e/0x3a0 [ 202.182422][ T7975] release_sock+0x59/0x1c0 [ 202.182443][ T7975] __inet_stream_connect+0x59f/0xea0 [ 202.182471][ T7975] ? inet_dgram_connect+0x2e0/0x2e0 [ 202.182496][ T7975] ? tcp_sendmsg_locked+0x2170/0x37f0 [ 202.182511][ T7975] ? do_wait_intr_irq+0x2b0/0x2b0 [ 202.182524][ T7975] ? __lock_acquire+0x548/0x3fb0 [ 202.182536][ T7975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 202.182550][ T7975] ? debug_smp_processor_id+0x3c/0x280 [ 202.182561][ T7975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 202.182582][ T7975] tcp_sendmsg_locked+0x231f/0x37f0 [ 202.339025][ T7975] ? mark_held_locks+0xf0/0xf0 [ 202.343832][ T7975] ? mark_held_locks+0xa4/0xf0 [ 202.348642][ T7975] ? tcp_sendpage+0x60/0x60 [ 202.353157][ T7975] ? lock_sock_nested+0x9a/0x120 [ 202.358152][ T7975] ? trace_hardirqs_on+0x67/0x230 [ 202.363194][ T7975] ? lock_sock_nested+0x9a/0x120 [ 202.368150][ T7975] ? __local_bh_enable_ip+0x15a/0x270 [ 202.373560][ T7975] tcp_sendmsg+0x30/0x50 [ 202.377831][ T7975] inet_sendmsg+0x147/0x5e0 [ 202.382553][ T7975] ? ipip_gro_receive+0x100/0x100 [ 202.387610][ T7975] sock_sendmsg+0xdd/0x130 [ 202.392062][ T7975] __sys_sendto+0x262/0x380 [ 202.396600][ T7975] ? __ia32_sys_getpeername+0xb0/0xb0 [ 202.402123][ T7975] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 202.408514][ T7975] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 202.414007][ T7975] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 202.419494][ T7975] ? do_syscall_64+0x26/0x610 [ 202.424197][ T7975] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 202.430293][ T7975] __x64_sys_sendto+0xe1/0x1a0 [ 202.435088][ T7975] do_syscall_64+0x103/0x610 [ 202.439737][ T7975] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 202.445655][ T7975] RIP: 0033:0x4582b9 [ 202.449563][ T7975] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 202.469186][ T7975] RSP: 002b:00007f6a60261c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 202.477620][ T7975] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 202.485692][ T7975] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 202.493676][ T7975] RBP: 000000000073bf00 R08: 00000000208d4fe4 R09: 000000000000001c [ 202.501675][ T7975] R10: 0000000020000008 R11: 0000000000000246 R12: 00007f6a602626d4 [ 202.509639][ T7975] R13: 00000000004c59b6 R14: 00000000004d9d10 R15: 00000000ffffffff [ 202.519439][ T7975] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/7975 [ 202.529204][ T7975] caller is ip6_finish_output+0x335/0xdc0 [ 202.535051][ T7975] CPU: 0 PID: 7975 Comm: syz-executor.4 Not tainted 5.1.0-rc3-next-20190405 #19 [ 202.544101][ T7975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 202.554164][ T7975] Call Trace: [ 202.557446][ T7975] dump_stack+0x172/0x1f0 [ 202.561787][ T7975] __this_cpu_preempt_check+0x246/0x270 [ 202.567356][ T7975] ip6_finish_output+0x335/0xdc0 [ 202.582113][ T7975] ip6_output+0x235/0x7f0 [ 202.586800][ T7975] ? ip6_finish_output+0xdc0/0xdc0 [ 202.591903][ T7975] ? ip6_fragment+0x3980/0x3980 [ 202.596853][ T7975] ip6_xmit+0xe41/0x20c0 [ 202.601101][ T7975] ? find_held_lock+0x35/0x130 [ 202.605885][ T7975] ? ip6_finish_output2+0x2550/0x2550 [ 202.611295][ T7975] ? mark_held_locks+0xf0/0xf0 [ 202.616054][ T7975] ? perf_trace_lock+0x510/0x510 [ 202.620987][ T7975] ? ip6_setup_cork+0x1870/0x1870 [ 202.626039][ T7975] inet6_csk_xmit+0x2fb/0x5d0 [ 202.630719][ T7975] ? inet6_csk_update_pmtu+0x190/0x190 [ 202.636165][ T7975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 202.642400][ T7975] ? csum_ipv6_magic+0x20/0x80 [ 202.647171][ T7975] __tcp_transmit_skb+0x1a32/0x3750 [ 202.652404][ T7975] ? __tcp_select_window+0x8b0/0x8b0 [ 202.657693][ T7975] ? tcp_mstamp_refresh+0x16/0xa0 [ 202.662712][ T7975] __tcp_send_ack.part.0+0x3c6/0x5b0 [ 202.667994][ T7975] tcp_send_ack+0x88/0xa0 [ 202.672339][ T7975] tcp_send_challenge_ack.isra.0+0x250/0x300 [ 202.678421][ T7975] tcp_validate_incoming+0x55e/0x1660 [ 202.683814][ T7975] tcp_rcv_state_process+0xb6b/0x4d93 [ 202.689185][ T7975] ? perf_trace_lock+0xeb/0x510 [ 202.694049][ T7975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 202.700291][ T7975] ? debug_smp_processor_id+0x3c/0x280 [ 202.705743][ T7975] ? tcp_finish_connect+0x510/0x510 [ 202.710944][ T7975] ? __release_sock+0xca/0x3a0 [ 202.715698][ T7975] ? find_held_lock+0x35/0x130 [ 202.720453][ T7975] ? mark_held_locks+0xa4/0xf0 [ 202.725234][ T7975] ? __local_bh_enable_ip+0x15a/0x270 [ 202.730619][ T7975] ? _raw_spin_unlock_bh+0x31/0x40 [ 202.735732][ T7975] ? __local_bh_enable_ip+0x15a/0x270 [ 202.741108][ T7975] tcp_v6_do_rcv+0x7da/0x12c0 [ 202.745886][ T7975] ? tcp_v6_do_rcv+0x7da/0x12c0 [ 202.750745][ T7975] __release_sock+0x12e/0x3a0 [ 202.755414][ T7975] release_sock+0x59/0x1c0 [ 202.759816][ T7975] __inet_stream_connect+0x59f/0xea0 [ 202.765094][ T7975] ? inet_dgram_connect+0x2e0/0x2e0 [ 202.770288][ T7975] ? tcp_sendmsg_locked+0x2170/0x37f0 [ 202.775641][ T7975] ? do_wait_intr_irq+0x2b0/0x2b0 [ 202.780647][ T7975] ? __lock_acquire+0x548/0x3fb0 [ 202.785585][ T7975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 202.791819][ T7975] ? debug_smp_processor_id+0x3c/0x280 [ 202.797285][ T7975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 202.803613][ T7975] tcp_sendmsg_locked+0x231f/0x37f0 [ 202.808820][ T7975] ? mark_held_locks+0xf0/0xf0 [ 202.813587][ T7975] ? mark_held_locks+0xa4/0xf0 [ 202.818341][ T7975] ? tcp_sendpage+0x60/0x60 [ 202.822828][ T7975] ? lock_sock_nested+0x9a/0x120 [ 202.827749][ T7975] ? trace_hardirqs_on+0x67/0x230 [ 202.832771][ T7975] ? lock_sock_nested+0x9a/0x120 [ 202.837718][ T7975] ? __local_bh_enable_ip+0x15a/0x270 [ 202.843105][ T7975] tcp_sendmsg+0x30/0x50 [ 202.847346][ T7975] inet_sendmsg+0x147/0x5e0 [ 202.851833][ T7975] ? ipip_gro_receive+0x100/0x100 [ 202.856856][ T7975] sock_sendmsg+0xdd/0x130 [ 202.861300][ T7975] __sys_sendto+0x262/0x380 [ 202.865812][ T7975] ? __ia32_sys_getpeername+0xb0/0xb0 [ 202.871190][ T7975] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 202.877521][ T7975] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 202.882978][ T7975] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 202.888458][ T7975] ? do_syscall_64+0x26/0x610 [ 202.893149][ T7975] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 202.899249][ T7975] __x64_sys_sendto+0xe1/0x1a0 [ 202.904023][ T7975] do_syscall_64+0x103/0x610 [ 202.908618][ T7975] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 202.914518][ T7975] RIP: 0033:0x4582b9 [ 202.918416][ T7975] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 202.938202][ T7975] RSP: 002b:00007f6a60261c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 202.946608][ T7975] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 202.954603][ T7975] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 202.962592][ T7975] RBP: 000000000073bf00 R08: 00000000208d4fe4 R09: 000000000000001c [ 202.970580][ T7975] R10: 0000000020000008 R11: 0000000000000246 R12: 00007f6a602626d4 [ 202.978553][ T7975] R13: 00000000004c59b6 R14: 00000000004d9d10 R15: 00000000ffffffff [ 202.996912][ T8016] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/8016 [ 203.006372][ T8016] caller is ip6_finish_output+0x335/0xdc0 [ 203.012189][ T8016] CPU: 0 PID: 8016 Comm: syz-executor.4 Not tainted 5.1.0-rc3-next-20190405 #19 [ 203.021238][ T8016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 203.031317][ T8016] Call Trace: [ 203.034641][ T8016] dump_stack+0x172/0x1f0 [ 203.038979][ T8016] __this_cpu_preempt_check+0x246/0x270 [ 203.044512][ T8016] ip6_finish_output+0x335/0xdc0 [ 203.049444][ T8016] ip6_output+0x235/0x7f0 [ 203.053783][ T8016] ? ip6_finish_output+0xdc0/0xdc0 [ 203.058881][ T8016] ? ip6_fragment+0x3980/0x3980 [ 203.063749][ T8016] ip6_xmit+0xe41/0x20c0 [ 203.068015][ T8016] ? ip6_finish_output2+0x2550/0x2550 [ 203.073409][ T8016] ? mark_held_locks+0xf0/0xf0 [ 203.078175][ T8016] ? perf_trace_lock+0x510/0x510 [ 203.083120][ T8016] ? ip6_setup_cork+0x1870/0x1870 [ 203.088144][ T8016] inet6_csk_xmit+0x2fb/0x5d0 [ 203.092830][ T8016] ? inet6_csk_update_pmtu+0x190/0x190 [ 203.098302][ T8016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 203.104555][ T8016] ? csum_ipv6_magic+0x20/0x80 [ 203.109926][ T8016] __tcp_transmit_skb+0x1a32/0x3750 [ 203.115135][ T8016] ? __tcp_select_window+0x8b0/0x8b0 [ 203.120418][ T8016] ? lockdep_hardirqs_on+0x418/0x5d0 [ 203.125730][ T8016] ? trace_hardirqs_on+0x67/0x230 [ 203.130855][ T8016] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 203.136595][ T8016] tcp_write_xmit+0xe39/0x5660 [ 203.141369][ T8016] ? tcp_current_mss+0x239/0x390 [ 203.146311][ T8016] tcp_push_one+0xd7/0x110 [ 203.150716][ T8016] do_tcp_sendpages+0x115b/0x1b80 [ 203.155747][ T8016] ? sk_stream_alloc_skb+0xd10/0xd10 [ 203.161029][ T8016] ? __local_bh_enable_ip+0x15a/0x270 [ 203.166435][ T8016] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 203.172167][ T8016] tcp_sendpage_locked+0x84/0xd0 [ 203.177136][ T8016] tcp_sendpage+0x3f/0x60 [ 203.181456][ T8016] ? tcp_sendpage_locked+0xd0/0xd0 [ 203.186572][ T8016] inet_sendpage+0x16b/0x630 [ 203.191177][ T8016] kernel_sendpage+0x95/0xf0 [ 203.195756][ T8016] ? inet_sendmsg+0x5e0/0x5e0 [ 203.200424][ T8016] sock_sendpage+0x8b/0xc0 [ 203.204835][ T8016] pipe_to_sendpage+0x299/0x370 [ 203.209688][ T8016] ? kernel_sendpage+0xf0/0xf0 [ 203.214474][ T8016] ? direct_splice_actor+0x1a0/0x1a0 [ 203.219763][ T8016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 203.226015][ T8016] ? splice_from_pipe_next.part.0+0x255/0x2f0 [ 203.232093][ T8016] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 203.238348][ T8016] __splice_from_pipe+0x395/0x7d0 [ 203.243399][ T8016] ? direct_splice_actor+0x1a0/0x1a0 [ 203.248795][ T8016] ? direct_splice_actor+0x1a0/0x1a0 [ 203.254068][ T8016] splice_from_pipe+0x108/0x170 [ 203.258914][ T8016] ? splice_shrink_spd+0xd0/0xd0 [ 203.263853][ T8016] generic_splice_sendpage+0x3c/0x50 [ 203.269133][ T8016] ? splice_from_pipe+0x170/0x170 [ 203.274191][ T8016] direct_splice_actor+0x126/0x1a0 [ 203.279315][ T8016] splice_direct_to_actor+0x369/0x970 [ 203.284707][ T8016] ? generic_pipe_buf_nosteal+0x10/0x10 [ 203.290271][ T8016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 203.296543][ T8016] ? do_splice_to+0x190/0x190 [ 203.301222][ T8016] ? rw_verify_area+0x118/0x360 [ 203.306092][ T8016] do_splice_direct+0x1da/0x2a0 [ 203.310943][ T8016] ? splice_direct_to_actor+0x970/0x970 [ 203.316492][ T8016] ? rw_verify_area+0x118/0x360 [ 203.321330][ T8016] do_sendfile+0x597/0xd00 [ 203.325745][ T8016] ? do_compat_pwritev64+0x1c0/0x1c0 [ 203.331027][ T8016] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 203.337273][ T8016] ? put_timespec64+0xda/0x140 [ 203.342070][ T8016] __x64_sys_sendfile64+0x1dd/0x220 [ 203.347288][ T8016] ? __ia32_sys_sendfile+0x230/0x230 [ 203.352574][ T8016] ? do_syscall_64+0x26/0x610 [ 203.357253][ T8016] ? lockdep_hardirqs_on+0x418/0x5d0 [ 203.362541][ T8016] ? trace_hardirqs_on+0x67/0x230 [ 203.367591][ T8016] do_syscall_64+0x103/0x610 [ 203.372179][ T8016] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 203.378060][ T8016] RIP: 0033:0x4582b9 [ 203.381946][ T8016] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 203.401551][ T8016] RSP: 002b:00007f6a601ddc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 203.409973][ T8016] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 203.418030][ T8016] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000004 [ 203.426018][ T8016] RBP: 000000000073c180 R08: 0000000000000000 R09: 0000000000000000 [ 203.433998][ T8016] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007f6a601de6d4 [ 203.441965][ T8016] R13: 00000000004c5227 R14: 00000000004d9368 R15: 00000000ffffffff [ 203.453521][ T8016] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/8016 [ 203.463015][ T8016] caller is ip6_finish_output+0x335/0xdc0 [ 203.468769][ T8016] CPU: 0 PID: 8016 Comm: syz-executor.4 Not tainted 5.1.0-rc3-next-20190405 #19 [ 203.478156][ T8016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 203.488386][ T8016] Call Trace: [ 203.491705][ T8016] dump_stack+0x172/0x1f0 [ 203.497976][ T8016] __this_cpu_preempt_check+0x246/0x270 [ 203.503524][ T8016] ip6_finish_output+0x335/0xdc0 [ 203.508482][ T8016] ip6_output+0x235/0x7f0 [ 203.512828][ T8016] ? ip6_finish_output+0xdc0/0xdc0 [ 203.517956][ T8016] ? ip6_fragment+0x3980/0x3980 [ 203.522821][ T8016] ip6_xmit+0xe41/0x20c0 [ 203.527062][ T8016] ? ip6_finish_output2+0x2550/0x2550 [ 203.532441][ T8016] ? mark_held_locks+0xf0/0xf0 [ 203.537211][ T8016] ? perf_trace_lock+0x510/0x510 [ 203.542136][ T8016] ? ip6_setup_cork+0x1870/0x1870 [ 203.547167][ T8016] ? inet6_csk_route_socket+0x715/0xf40 [ 203.552707][ T8016] inet6_csk_xmit+0x2fb/0x5d0 [ 203.557370][ T8016] ? inet6_csk_update_pmtu+0x190/0x190 [ 203.562810][ T8016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 203.569054][ T8016] ? csum_ipv6_magic+0x20/0x80 [ 203.573829][ T8016] __tcp_transmit_skb+0x1a32/0x3750 [ 203.579105][ T8016] ? __tcp_select_window+0x8b0/0x8b0 [ 203.584374][ T8016] ? lockdep_hardirqs_on+0x418/0x5d0 [ 203.589656][ T8016] ? trace_hardirqs_on+0x67/0x230 [ 203.594700][ T8016] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 203.600411][ T8016] tcp_write_xmit+0xe39/0x5660 [ 203.605193][ T8016] __tcp_push_pending_frames+0xb4/0x350 [ 203.610744][ T8016] do_tcp_sendpages+0x167b/0x1b80 [ 203.615810][ T8016] ? sk_stream_alloc_skb+0xd10/0xd10 [ 203.621097][ T8016] ? __local_bh_enable_ip+0x15a/0x270 [ 203.626486][ T8016] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 203.632228][ T8016] tcp_sendpage_locked+0x84/0xd0 [ 203.637185][ T8016] tcp_sendpage+0x3f/0x60 [ 203.641528][ T8016] ? tcp_sendpage_locked+0xd0/0xd0 [ 203.646652][ T8016] inet_sendpage+0x16b/0x630 [ 203.651230][ T8016] kernel_sendpage+0x95/0xf0 [ 203.655807][ T8016] ? inet_sendmsg+0x5e0/0x5e0 [ 203.660490][ T8016] sock_sendpage+0x8b/0xc0 [ 203.664894][ T8016] pipe_to_sendpage+0x299/0x370 [ 203.669735][ T8016] ? kernel_sendpage+0xf0/0xf0 [ 203.674521][ T8016] ? direct_splice_actor+0x1a0/0x1a0 [ 203.679804][ T8016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 203.686046][ T8016] ? splice_from_pipe_next.part.0+0x255/0x2f0 [ 203.692113][ T8016] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 203.698356][ T8016] __splice_from_pipe+0x395/0x7d0 [ 203.703383][ T8016] ? direct_splice_actor+0x1a0/0x1a0 [ 203.708668][ T8016] ? direct_splice_actor+0x1a0/0x1a0 [ 203.713938][ T8016] splice_from_pipe+0x108/0x170 [ 203.718792][ T8016] ? splice_shrink_spd+0xd0/0xd0 [ 203.723739][ T8016] generic_splice_sendpage+0x3c/0x50 [ 203.729008][ T8016] ? splice_from_pipe+0x170/0x170 [ 203.734033][ T8016] direct_splice_actor+0x126/0x1a0 [ 203.739149][ T8016] splice_direct_to_actor+0x369/0x970 [ 203.744538][ T8016] ? generic_pipe_buf_nosteal+0x10/0x10 [ 203.750084][ T8016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 203.756331][ T8016] ? do_splice_to+0x190/0x190 [ 203.761041][ T8016] ? rw_verify_area+0x118/0x360 [ 203.765889][ T8016] do_splice_direct+0x1da/0x2a0 [ 203.770748][ T8016] ? splice_direct_to_actor+0x970/0x970 [ 203.776319][ T8016] ? rw_verify_area+0x118/0x360 [ 203.781178][ T8016] do_sendfile+0x597/0xd00 [ 203.785589][ T8016] ? do_compat_pwritev64+0x1c0/0x1c0 [ 203.790871][ T8016] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 203.797119][ T8016] ? put_timespec64+0xda/0x140 [ 203.801884][ T8016] __x64_sys_sendfile64+0x1dd/0x220 [ 203.807077][ T8016] ? __ia32_sys_sendfile+0x230/0x230 [ 203.812352][ T8016] ? do_syscall_64+0x26/0x610 [ 203.817034][ T8016] ? lockdep_hardirqs_on+0x418/0x5d0 [ 203.822327][ T8016] ? trace_hardirqs_on+0x67/0x230 [ 203.827346][ T8016] do_syscall_64+0x103/0x610 [ 203.831927][ T8016] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 203.837813][ T8016] RIP: 0033:0x4582b9 [ 203.841717][ T8016] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 203.861339][ T8016] RSP: 002b:00007f6a601ddc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 203.869737][ T8016] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 203.877694][ T8016] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000004 [ 203.885680][ T8016] RBP: 000000000073c180 R08: 0000000000000000 R09: 0000000000000000 [ 203.893664][ T8016] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007f6a601de6d4 [ 203.901627][ T8016] R13: 00000000004c5227 R14: 00000000004d9368 R15: 00000000ffffffff [ 203.918749][ T8016] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/8016 [ 203.928161][ T8016] caller is ip6_finish_output+0x335/0xdc0 [ 203.934199][ T8016] CPU: 0 PID: 8016 Comm: syz-executor.4 Not tainted 5.1.0-rc3-next-20190405 #19 [ 203.943224][ T8016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 203.953293][ T8016] Call Trace: [ 203.956591][ T8016] dump_stack+0x172/0x1f0 [ 203.960937][ T8016] __this_cpu_preempt_check+0x246/0x270 [ 203.966498][ T8016] ip6_finish_output+0x335/0xdc0 [ 203.971457][ T8016] ip6_output+0x235/0x7f0 [ 203.975790][ T8016] ? ip6_finish_output+0xdc0/0xdc0 [ 203.980903][ T8016] ? ip6_fragment+0x3980/0x3980 [ 203.985772][ T8016] ? mip6_destopt_init_state+0xf8/0x110 [ 203.985795][ T8016] ip6_xmit+0xe41/0x20c0 [ 203.985822][ T8016] ? ip6_finish_output2+0x2550/0x2550 [ 203.985839][ T8016] ? mark_held_locks+0xf0/0xf0 [ 203.985859][ T8016] ? perf_trace_lock+0x510/0x510 [ 204.010690][ T8016] ? ip6_setup_cork+0x1870/0x1870 [ 204.015720][ T8016] ? inet6_csk_route_socket+0x715/0xf40 [ 204.021279][ T8016] ? mip6_destopt_init_state+0xa0/0x110 [ 204.026857][ T8016] inet6_csk_xmit+0x2fb/0x5d0 [ 204.031552][ T8016] ? inet6_csk_update_pmtu+0x190/0x190 [ 204.037019][ T8016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 204.043340][ T8016] ? csum_ipv6_magic+0x20/0x80 [ 204.048099][ T8016] __tcp_transmit_skb+0x1a32/0x3750 [ 204.053289][ T8016] ? __tcp_select_window+0x8b0/0x8b0 [ 204.058560][ T8016] ? mark_lock+0x1340/0x1380 [ 204.063153][ T8016] ? ktime_get+0x105/0x300 [ 204.067552][ T8016] ? tcp_mstamp_refresh+0x16/0xa0 [ 204.072566][ T8016] ? ktime_get+0x105/0x300 [ 204.076985][ T8016] __tcp_send_ack.part.0+0x3c6/0x5b0 [ 204.082255][ T8016] tcp_send_ack+0x88/0xa0 [ 204.086599][ T8016] __tcp_ack_snd_check+0x165/0x8d0 [ 204.091699][ T8016] tcp_rcv_established+0x175d/0x1fb0 [ 204.096988][ T8016] ? tcp_data_queue+0x4840/0x4840 [ 204.102020][ T8016] tcp_v6_do_rcv+0x421/0x12c0 [ 204.106723][ T8016] __release_sock+0x12e/0x3a0 [ 204.111423][ T8016] release_sock+0x59/0x1c0 [ 204.115861][ T8016] tcp_sendpage+0x4a/0x60 [ 204.120184][ T8016] ? tcp_sendpage_locked+0xd0/0xd0 [ 204.125303][ T8016] inet_sendpage+0x16b/0x630 [ 204.129897][ T8016] kernel_sendpage+0x95/0xf0 [ 204.134494][ T8016] ? inet_sendmsg+0x5e0/0x5e0 [ 204.139173][ T8016] sock_sendpage+0x8b/0xc0 [ 204.143588][ T8016] pipe_to_sendpage+0x299/0x370 [ 204.148431][ T8016] ? kernel_sendpage+0xf0/0xf0 [ 204.153189][ T8016] ? direct_splice_actor+0x1a0/0x1a0 [ 204.158471][ T8016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 204.164698][ T8016] ? splice_from_pipe_next.part.0+0x255/0x2f0 [ 204.170763][ T8016] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 204.177001][ T8016] __splice_from_pipe+0x395/0x7d0 [ 204.182017][ T8016] ? direct_splice_actor+0x1a0/0x1a0 [ 204.187301][ T8016] ? direct_splice_actor+0x1a0/0x1a0 [ 204.192591][ T8016] splice_from_pipe+0x108/0x170 [ 204.197461][ T8016] ? splice_shrink_spd+0xd0/0xd0 [ 204.202431][ T8016] generic_splice_sendpage+0x3c/0x50 [ 204.207712][ T8016] ? splice_from_pipe+0x170/0x170 [ 204.212738][ T8016] direct_splice_actor+0x126/0x1a0 [ 204.217849][ T8016] splice_direct_to_actor+0x369/0x970 [ 204.223222][ T8016] ? generic_pipe_buf_nosteal+0x10/0x10 [ 204.228766][ T8016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 204.234991][ T8016] ? do_splice_to+0x190/0x190 [ 204.239656][ T8016] ? rw_verify_area+0x118/0x360 [ 204.244506][ T8016] do_splice_direct+0x1da/0x2a0 [ 204.249384][ T8016] ? splice_direct_to_actor+0x970/0x970 [ 204.254933][ T8016] ? rw_verify_area+0x118/0x360 [ 204.259778][ T8016] do_sendfile+0x597/0xd00 [ 204.264195][ T8016] ? do_compat_pwritev64+0x1c0/0x1c0 [ 204.269489][ T8016] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 204.275717][ T8016] ? put_timespec64+0xda/0x140 [ 204.280492][ T8016] __x64_sys_sendfile64+0x1dd/0x220 [ 204.285688][ T8016] ? __ia32_sys_sendfile+0x230/0x230 [ 204.290972][ T8016] ? do_syscall_64+0x26/0x610 [ 204.295658][ T8016] ? lockdep_hardirqs_on+0x418/0x5d0 [ 204.300946][ T8016] ? trace_hardirqs_on+0x67/0x230 [ 204.305958][ T8016] do_syscall_64+0x103/0x610 [ 204.310557][ T8016] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 204.316445][ T8016] RIP: 0033:0x4582b9 [ 204.320361][ T8016] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 204.339971][ T8016] RSP: 002b:00007f6a601ddc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 204.348382][ T8016] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 204.356345][ T8016] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000004 [ 204.364300][ T8016] RBP: 000000000073c180 R08: 0000000000000000 R09: 0000000000000000 [ 204.372267][ T8016] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007f6a601de6d4 [ 204.380221][ T8016] R13: 00000000004c5227 R14: 00000000004d9368 R15: 00000000ffffffff [ 204.391849][ T8016] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/8016 [ 204.401166][ T8016] caller is ip6_finish_output+0x335/0xdc0 [ 204.407145][ T8016] CPU: 0 PID: 8016 Comm: syz-executor.4 Not tainted 5.1.0-rc3-next-20190405 #19 [ 204.416171][ T8016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 204.426213][ T8016] Call Trace: [ 204.429536][ T8016] dump_stack+0x172/0x1f0 [ 204.433874][ T8016] __this_cpu_preempt_check+0x246/0x270 [ 204.439422][ T8016] ip6_finish_output+0x335/0xdc0 [ 204.444354][ T8016] ip6_output+0x235/0x7f0 [ 204.448685][ T8016] ? ip6_finish_output+0xdc0/0xdc0 [ 204.453799][ T8016] ? ip6_fragment+0x3980/0x3980 [ 204.458637][ T8016] ip6_xmit+0xe41/0x20c0 [ 204.462869][ T8016] ? ip6_finish_output2+0x2550/0x2550 [ 204.468222][ T8016] ? mark_held_locks+0xf0/0xf0 [ 204.472965][ T8016] ? perf_trace_lock+0x510/0x510 [ 204.477886][ T8016] ? ip6_setup_cork+0x1870/0x1870 [ 204.482903][ T8016] inet6_csk_xmit+0x2fb/0x5d0 [ 204.487563][ T8016] ? inet6_csk_update_pmtu+0x190/0x190 [ 204.493001][ T8016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 204.499274][ T8016] ? csum_ipv6_magic+0x20/0x80 [ 204.504043][ T8016] __tcp_transmit_skb+0x1a32/0x3750 [ 204.509233][ T8016] ? __tcp_select_window+0x8b0/0x8b0 [ 204.514509][ T8016] ? lockdep_hardirqs_on+0x418/0x5d0 [ 204.519779][ T8016] ? trace_hardirqs_on+0x67/0x230 [ 204.524791][ T8016] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 204.530494][ T8016] tcp_write_xmit+0xe39/0x5660 [ 204.535250][ T8016] ? tcp_established_options+0x29d/0x4d0 [ 204.540923][ T8016] __tcp_push_pending_frames+0xb4/0x350 [ 204.546497][ T8016] tcp_rcv_established+0x1974/0x1fb0 [ 204.551786][ T8016] ? tcp_data_queue+0x4840/0x4840 [ 204.556802][ T8016] tcp_v6_do_rcv+0x421/0x12c0 [ 204.561486][ T8016] __release_sock+0x12e/0x3a0 [ 204.566156][ T8016] release_sock+0x59/0x1c0 [ 204.570575][ T8016] tcp_sendpage+0x4a/0x60 [ 204.574893][ T8016] ? tcp_sendpage_locked+0xd0/0xd0 [ 204.580002][ T8016] inet_sendpage+0x16b/0x630 [ 204.584584][ T8016] kernel_sendpage+0x95/0xf0 [ 204.589801][ T8016] ? inet_sendmsg+0x5e0/0x5e0 [ 204.594465][ T8016] sock_sendpage+0x8b/0xc0 [ 204.598861][ T8016] pipe_to_sendpage+0x299/0x370 [ 204.603692][ T8016] ? kernel_sendpage+0xf0/0xf0 [ 204.608454][ T8016] ? direct_splice_actor+0x1a0/0x1a0 [ 204.613727][ T8016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 204.619951][ T8016] ? splice_from_pipe_next.part.0+0x255/0x2f0 [ 204.626099][ T8016] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 204.632334][ T8016] __splice_from_pipe+0x395/0x7d0 [ 204.637349][ T8016] ? direct_splice_actor+0x1a0/0x1a0 [ 204.642625][ T8016] ? direct_splice_actor+0x1a0/0x1a0 [ 204.647891][ T8016] splice_from_pipe+0x108/0x170 [ 204.652744][ T8016] ? splice_shrink_spd+0xd0/0xd0 [ 204.657675][ T8016] generic_splice_sendpage+0x3c/0x50 [ 204.662940][ T8016] ? splice_from_pipe+0x170/0x170 [ 204.667944][ T8016] direct_splice_actor+0x126/0x1a0 [ 204.673834][ T8016] splice_direct_to_actor+0x369/0x970 [ 204.679206][ T8016] ? generic_pipe_buf_nosteal+0x10/0x10 [ 204.684909][ T8016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 204.691128][ T8016] ? do_splice_to+0x190/0x190 [ 204.695789][ T8016] ? rw_verify_area+0x118/0x360 [ 204.700620][ T8016] do_splice_direct+0x1da/0x2a0 [ 204.705472][ T8016] ? splice_direct_to_actor+0x970/0x970 [ 204.711011][ T8016] ? rw_verify_area+0x118/0x360 [ 204.715851][ T8016] do_sendfile+0x597/0xd00 [ 204.720272][ T8016] ? do_compat_pwritev64+0x1c0/0x1c0 [ 204.725556][ T8016] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 204.731810][ T8016] ? put_timespec64+0xda/0x140 [ 204.736571][ T8016] __x64_sys_sendfile64+0x1dd/0x220 [ 204.741769][ T8016] ? __ia32_sys_sendfile+0x230/0x230 [ 204.747047][ T8016] ? do_syscall_64+0x26/0x610 [ 204.751708][ T8016] ? lockdep_hardirqs_on+0x418/0x5d0 [ 204.756987][ T8016] ? trace_hardirqs_on+0x67/0x230 [ 204.761995][ T8016] do_syscall_64+0x103/0x610 [ 204.766605][ T8016] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 204.772475][ T8016] RIP: 0033:0x4582b9 [ 204.776356][ T8016] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 204.795954][ T8016] RSP: 002b:00007f6a601ddc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 204.804387][ T8016] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 204.812350][ T8016] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000004 [ 204.820309][ T8016] RBP: 000000000073c180 R08: 0000000000000000 R09: 0000000000000000 [ 204.828278][ T8016] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007f6a601de6d4 [ 204.836234][ T8016] R13: 00000000004c5227 R14: 00000000004d9368 R15: 00000000ffffffff [ 204.846485][ T8016] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/8016 [ 204.856444][ T8016] caller is ip6_finish_output+0x335/0xdc0 [ 204.862234][ T8016] CPU: 0 PID: 8016 Comm: syz-executor.4 Not tainted 5.1.0-rc3-next-20190405 #19 [ 204.871264][ T8016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 204.881321][ T8016] Call Trace: [ 204.884623][ T8016] dump_stack+0x172/0x1f0 [ 204.888973][ T8016] __this_cpu_preempt_check+0x246/0x270 [ 204.894535][ T8016] ip6_finish_output+0x335/0xdc0 [ 204.899513][ T8016] ip6_output+0x235/0x7f0 [ 204.903863][ T8016] ? ip6_finish_output+0xdc0/0xdc0 [ 204.908959][ T8016] ? ip6_fragment+0x3980/0x3980 [ 204.913793][ T8016] ip6_xmit+0xe41/0x20c0 [ 204.918039][ T8016] ? ip6_finish_output2+0x2550/0x2550 [ 204.923398][ T8016] ? mark_held_locks+0xf0/0xf0 [ 204.928148][ T8016] ? perf_trace_lock+0x510/0x510 [ 204.933074][ T8016] ? ip6_setup_cork+0x1870/0x1870 [ 204.938093][ T8016] inet6_csk_xmit+0x2fb/0x5d0 [ 204.942755][ T8016] ? inet6_csk_update_pmtu+0x190/0x190 [ 204.948196][ T8016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 204.954437][ T8016] ? csum_ipv6_magic+0x20/0x80 [ 204.959185][ T8016] __tcp_transmit_skb+0x1a32/0x3750 [ 204.964372][ T8016] ? __tcp_select_window+0x8b0/0x8b0 [ 204.969631][ T8016] ? lockdep_hardirqs_on+0x418/0x5d0 [ 204.974908][ T8016] ? trace_hardirqs_on+0x67/0x230 [ 204.979918][ T8016] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 204.985624][ T8016] tcp_write_xmit+0xe39/0x5660 [ 204.990381][ T8016] ? kasan_check_write+0x14/0x20 [ 204.995316][ T8016] tcp_push_one+0xd7/0x110 [ 204.999722][ T8016] do_tcp_sendpages+0x115b/0x1b80 [ 205.004742][ T8016] ? sk_stream_alloc_skb+0xd10/0xd10 [ 205.010014][ T8016] ? __local_bh_enable_ip+0x15a/0x270 [ 205.015374][ T8016] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 205.021079][ T8016] tcp_sendpage_locked+0x84/0xd0 [ 205.026005][ T8016] tcp_sendpage+0x3f/0x60 [ 205.030312][ T8016] ? tcp_sendpage_locked+0xd0/0xd0 [ 205.035406][ T8016] inet_sendpage+0x16b/0x630 [ 205.039978][ T8016] kernel_sendpage+0x95/0xf0 [ 205.044546][ T8016] ? inet_sendmsg+0x5e0/0x5e0 [ 205.049204][ T8016] sock_sendpage+0x8b/0xc0 [ 205.053636][ T8016] pipe_to_sendpage+0x299/0x370 [ 205.058479][ T8016] ? kernel_sendpage+0xf0/0xf0 [ 205.063230][ T8016] ? direct_splice_actor+0x1a0/0x1a0 [ 205.068520][ T8016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 205.074767][ T8016] ? splice_from_pipe_next.part.0+0x255/0x2f0 [ 205.080819][ T8016] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 205.087050][ T8016] __splice_from_pipe+0x395/0x7d0 [ 205.092058][ T8016] ? direct_splice_actor+0x1a0/0x1a0 [ 205.097325][ T8016] ? direct_splice_actor+0x1a0/0x1a0 [ 205.102590][ T8016] splice_from_pipe+0x108/0x170 [ 205.107447][ T8016] ? splice_shrink_spd+0xd0/0xd0 [ 205.112553][ T8016] generic_splice_sendpage+0x3c/0x50 [ 205.117821][ T8016] ? splice_from_pipe+0x170/0x170 [ 205.122833][ T8016] direct_splice_actor+0x126/0x1a0 [ 205.127933][ T8016] splice_direct_to_actor+0x369/0x970 [ 205.133303][ T8016] ? generic_pipe_buf_nosteal+0x10/0x10 [ 205.138841][ T8016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 205.145073][ T8016] ? do_splice_to+0x190/0x190 [ 205.149752][ T8016] ? rw_verify_area+0x118/0x360 [ 205.154593][ T8016] do_splice_direct+0x1da/0x2a0 [ 205.159445][ T8016] ? splice_direct_to_actor+0x970/0x970 [ 205.164981][ T8016] ? rw_verify_area+0x118/0x360 [ 205.169828][ T8016] do_sendfile+0x597/0xd00 [ 205.174239][ T8016] ? do_compat_pwritev64+0x1c0/0x1c0 [ 205.179511][ T8016] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 205.185732][ T8016] ? put_timespec64+0xda/0x140 [ 205.190498][ T8016] __x64_sys_sendfile64+0x1dd/0x220 [ 205.195693][ T8016] ? __ia32_sys_sendfile+0x230/0x230 [ 205.200953][ T8016] ? do_syscall_64+0x26/0x610 [ 205.205628][ T8016] ? lockdep_hardirqs_on+0x418/0x5d0 [ 205.210891][ T8016] ? trace_hardirqs_on+0x67/0x230 [ 205.215896][ T8016] do_syscall_64+0x103/0x610 [ 205.220468][ T8016] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 205.226337][ T8016] RIP: 0033:0x4582b9 [ 205.230211][ T8016] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 205.249810][ T8016] RSP: 002b:00007f6a601ddc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 205.258210][ T8016] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 205.266168][ T8016] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000004 [ 205.274139][ T8016] RBP: 000000000073c180 R08: 0000000000000000 R09: 0000000000000000 [ 205.282095][ T8016] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007f6a601de6d4 [ 205.290061][ T8016] R13: 00000000004c5227 R14: 00000000004d9368 R15: 00000000ffffffff [ 205.300357][ T8016] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/8016 [ 205.309941][ T8016] caller is ip6_finish_output+0x335/0xdc0 [ 205.315758][ T8016] CPU: 0 PID: 8016 Comm: syz-executor.4 Not tainted 5.1.0-rc3-next-20190405 #19 [ 205.324781][ T8016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 205.334832][ T8016] Call Trace: [ 205.338108][ T8016] dump_stack+0x172/0x1f0 [ 205.342446][ T8016] __this_cpu_preempt_check+0x246/0x270 [ 205.347975][ T8016] ip6_finish_output+0x335/0xdc0 [ 205.352895][ T8016] ip6_output+0x235/0x7f0 [ 205.357206][ T8016] ? ip6_finish_output+0xdc0/0xdc0 [ 205.362316][ T8016] ? ip6_fragment+0x3980/0x3980 [ 205.367152][ T8016] ip6_xmit+0xe41/0x20c0 [ 205.371380][ T8016] ? ip6_finish_output2+0x2550/0x2550 [ 205.376739][ T8016] ? mark_held_locks+0xf0/0xf0 [ 205.381514][ T8016] ? perf_trace_lock+0x510/0x510 [ 205.386767][ T8016] ? ip6_setup_cork+0x1870/0x1870 [ 205.391801][ T8016] inet6_csk_xmit+0x2fb/0x5d0 [ 205.396472][ T8016] ? inet6_csk_update_pmtu+0x190/0x190 [ 205.401942][ T8016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 205.408174][ T8016] ? csum_ipv6_magic+0x20/0x80 [ 205.412942][ T8016] __tcp_transmit_skb+0x1a32/0x3750 [ 205.418128][ T8016] ? __tcp_select_window+0x8b0/0x8b0 [ 205.423416][ T8016] ? lockdep_hardirqs_on+0x418/0x5d0 [ 205.428733][ T8016] ? trace_hardirqs_on+0x67/0x230 [ 205.433770][ T8016] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 205.439494][ T8016] tcp_write_xmit+0xe39/0x5660 [ 205.444251][ T8016] ? tcp_established_options+0x29d/0x4d0 [ 205.449889][ T8016] __tcp_push_pending_frames+0xb4/0x350 [ 205.455436][ T8016] tcp_rcv_established+0x16fe/0x1fb0 [ 205.460712][ T8016] ? tcp_data_queue+0x4840/0x4840 [ 205.465731][ T8016] tcp_v6_do_rcv+0x421/0x12c0 [ 205.470415][ T8016] __release_sock+0x12e/0x3a0 [ 205.475089][ T8016] release_sock+0x59/0x1c0 [ 205.479491][ T8016] tcp_sendpage+0x4a/0x60 [ 205.483801][ T8016] ? tcp_sendpage_locked+0xd0/0xd0 [ 205.488908][ T8016] inet_sendpage+0x16b/0x630 [ 205.493486][ T8016] kernel_sendpage+0x95/0xf0 [ 205.498050][ T8016] ? inet_sendmsg+0x5e0/0x5e0 [ 205.502706][ T8016] sock_sendpage+0x8b/0xc0 [ 205.507105][ T8016] pipe_to_sendpage+0x299/0x370 [ 205.511932][ T8016] ? kernel_sendpage+0xf0/0xf0 [ 205.516676][ T8016] ? direct_splice_actor+0x1a0/0x1a0 [ 205.524732][ T8016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 205.531057][ T8016] ? splice_from_pipe_next.part.0+0x255/0x2f0 [ 205.537118][ T8016] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 205.543351][ T8016] __splice_from_pipe+0x395/0x7d0 [ 205.548361][ T8016] ? direct_splice_actor+0x1a0/0x1a0 [ 205.553635][ T8016] ? direct_splice_actor+0x1a0/0x1a0 [ 205.558920][ T8016] splice_from_pipe+0x108/0x170 [ 205.563757][ T8016] ? splice_shrink_spd+0xd0/0xd0 [ 205.568686][ T8016] generic_splice_sendpage+0x3c/0x50 [ 205.573971][ T8016] ? splice_from_pipe+0x170/0x170 [ 205.578977][ T8016] direct_splice_actor+0x126/0x1a0 [ 205.584071][ T8016] splice_direct_to_actor+0x369/0x970 [ 205.589429][ T8016] ? generic_pipe_buf_nosteal+0x10/0x10 [ 205.594959][ T8016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 205.601200][ T8016] ? do_splice_to+0x190/0x190 [ 205.605872][ T8016] ? rw_verify_area+0x118/0x360 [ 205.610711][ T8016] do_splice_direct+0x1da/0x2a0 [ 205.615558][ T8016] ? splice_direct_to_actor+0x970/0x970 [ 205.621122][ T8016] ? rw_verify_area+0x118/0x360 [ 205.626057][ T8016] do_sendfile+0x597/0xd00 [ 205.630495][ T8016] ? do_compat_pwritev64+0x1c0/0x1c0 [ 205.635765][ T8016] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 205.641987][ T8016] ? put_timespec64+0xda/0x140 [ 205.646743][ T8016] __x64_sys_sendfile64+0x1dd/0x220 [ 205.651925][ T8016] ? __ia32_sys_sendfile+0x230/0x230 [ 205.657206][ T8016] ? do_syscall_64+0x26/0x610 [ 205.661867][ T8016] ? lockdep_hardirqs_on+0x418/0x5d0 [ 205.667131][ T8016] ? trace_hardirqs_on+0x67/0x230 [ 205.672141][ T8016] do_syscall_64+0x103/0x610 [ 205.676711][ T8016] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 205.682578][ T8016] RIP: 0033:0x4582b9 [ 205.686452][ T8016] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 205.706036][ T8016] RSP: 002b:00007f6a601ddc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 205.714426][ T8016] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 205.722374][ T8016] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000004 [ 205.730323][ T8016] RBP: 000000000073c180 R08: 0000000000000000 R09: 0000000000000000 [ 205.738284][ T8016] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007f6a601de6d4 [ 205.746246][ T8016] R13: 00000000004c5227 R14: 00000000004d9368 R15: 00000000ffffffff [ 205.755978][ T8016] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/8016 [ 205.765377][ T8016] caller is ip6_finish_output+0x335/0xdc0 [ 205.771105][ T8016] CPU: 0 PID: 8016 Comm: syz-executor.4 Not tainted 5.1.0-rc3-next-20190405 #19 [ 205.780119][ T8016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 205.790157][ T8016] Call Trace: [ 205.793437][ T8016] dump_stack+0x172/0x1f0 [ 205.797763][ T8016] __this_cpu_preempt_check+0x246/0x270 [ 205.803303][ T8016] ip6_finish_output+0x335/0xdc0 [ 205.808249][ T8016] ip6_output+0x235/0x7f0 [ 205.812597][ T8016] ? ip6_finish_output+0xdc0/0xdc0 [ 205.817698][ T8016] ? ip6_fragment+0x3980/0x3980 [ 205.822539][ T8016] ip6_xmit+0xe41/0x20c0 [ 205.826775][ T8016] ? ip6_finish_output2+0x2550/0x2550 [ 205.832134][ T8016] ? mark_held_locks+0xf0/0xf0 [ 205.836884][ T8016] ? perf_trace_lock+0x510/0x510 [ 205.841808][ T8016] ? ip6_setup_cork+0x1870/0x1870 [ 205.846825][ T8016] inet6_csk_xmit+0x2fb/0x5d0 [ 205.851503][ T8016] ? inet6_csk_update_pmtu+0x190/0x190 [ 205.856945][ T8016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 205.863171][ T8016] ? csum_ipv6_magic+0x20/0x80 [ 205.867925][ T8016] __tcp_transmit_skb+0x1a32/0x3750 [ 205.873116][ T8016] ? __tcp_select_window+0x8b0/0x8b0 [ 205.878382][ T8016] ? lockdep_hardirqs_on+0x418/0x5d0 [ 205.883653][ T8016] ? trace_hardirqs_on+0x67/0x230 [ 205.888662][ T8016] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 205.894367][ T8016] tcp_write_xmit+0xe39/0x5660 [ 205.899140][ T8016] ? kasan_check_write+0x14/0x20 [ 205.904092][ T8016] tcp_push_one+0xd7/0x110 [ 205.908510][ T8016] do_tcp_sendpages+0x115b/0x1b80 [ 205.913527][ T8016] ? sk_stream_alloc_skb+0xd10/0xd10 [ 205.918790][ T8016] ? __local_bh_enable_ip+0x15a/0x270 [ 205.924143][ T8016] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 205.929844][ T8016] tcp_sendpage_locked+0x84/0xd0 [ 205.934770][ T8016] tcp_sendpage+0x3f/0x60 [ 205.939103][ T8016] ? tcp_sendpage_locked+0xd0/0xd0 [ 205.944222][ T8016] inet_sendpage+0x16b/0x630 [ 205.948811][ T8016] kernel_sendpage+0x95/0xf0 [ 205.953395][ T8016] ? inet_sendmsg+0x5e0/0x5e0 [ 205.958070][ T8016] sock_sendpage+0x8b/0xc0 [ 205.962485][ T8016] pipe_to_sendpage+0x299/0x370 [ 205.967369][ T8016] ? kernel_sendpage+0xf0/0xf0 [ 205.972133][ T8016] ? direct_splice_actor+0x1a0/0x1a0 [ 205.977417][ T8016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 205.983657][ T8016] ? splice_from_pipe_next.part.0+0x255/0x2f0 [ 205.989733][ T8016] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 205.995979][ T8016] __splice_from_pipe+0x395/0x7d0 [ 206.001005][ T8016] ? direct_splice_actor+0x1a0/0x1a0 [ 206.006297][ T8016] ? direct_splice_actor+0x1a0/0x1a0 [ 206.011586][ T8016] splice_from_pipe+0x108/0x170 [ 206.016459][ T8016] ? splice_shrink_spd+0xd0/0xd0 [ 206.021404][ T8016] generic_splice_sendpage+0x3c/0x50 [ 206.026706][ T8016] ? splice_from_pipe+0x170/0x170 [ 206.031740][ T8016] direct_splice_actor+0x126/0x1a0 [ 206.036887][ T8016] splice_direct_to_actor+0x369/0x970 [ 206.042266][ T8016] ? generic_pipe_buf_nosteal+0x10/0x10 [ 206.047810][ T8016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 206.054062][ T8016] ? do_splice_to+0x190/0x190 [ 206.058753][ T8016] ? rw_verify_area+0x118/0x360 [ 206.063619][ T8016] do_splice_direct+0x1da/0x2a0 [ 206.068479][ T8016] ? splice_direct_to_actor+0x970/0x970 [ 206.074022][ T8016] ? rw_verify_area+0x118/0x360 [ 206.078865][ T8016] do_sendfile+0x597/0xd00 [ 206.083312][ T8016] ? do_compat_pwritev64+0x1c0/0x1c0 [ 206.088605][ T8016] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 206.094834][ T8016] ? put_timespec64+0xda/0x140 [ 206.099593][ T8016] __x64_sys_sendfile64+0x1dd/0x220 [ 206.104787][ T8016] ? __ia32_sys_sendfile+0x230/0x230 [ 206.110062][ T8016] ? do_syscall_64+0x26/0x610 [ 206.114742][ T8016] ? lockdep_hardirqs_on+0x418/0x5d0 [ 206.120025][ T8016] ? trace_hardirqs_on+0x67/0x230 [ 206.125062][ T8016] do_syscall_64+0x103/0x610 [ 206.129658][ T8016] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 206.135566][ T8016] RIP: 0033:0x4582b9 [ 206.139467][ T8016] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 206.159084][ T8016] RSP: 002b:00007f6a601ddc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 206.167512][ T8016] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 23:47:11 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) setsockopt$sock_timeval(r0, 0x1, 0x33, &(0x7f0000abaff9)={0x3, 0xfff}, 0x10) 23:47:11 executing program 5: r0 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000006000)=@in={0x2, 0x4e20, @loopback}, 0x80, &(0x7f0000007f80)=[{&(0x7f00000001c0)="de", 0x1}], 0x1}, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0xa, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x2, 0x20}, 0x98) 23:47:11 executing program 2: ioctl$PPPIOCGIDLE(0xffffffffffffffff, 0x40046104, 0x0) [ 206.175585][ T8016] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000004 [ 206.183548][ T8016] RBP: 000000000073c180 R08: 0000000000000000 R09: 0000000000000000 [ 206.191523][ T8016] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007f6a601de6d4 [ 206.199503][ T8016] R13: 00000000004c5227 R14: 00000000004d9368 R15: 00000000ffffffff 23:47:11 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000240)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x0, [{0x0, 0x5, 0x0, [], 0x80ffff}]}}) 23:47:11 executing program 0: r0 = syz_open_dev$sndctrl(&(0x7f00000000c0)='/dev/snd/controlC#\x00', 0xdcc, 0x0) ioctl$EXT4_IOC_SETFLAGS(0xffffffffffffffff, 0x40046602, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(0xffffffffffffffff, 0x29, 0x44, 0x0, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000880)) socket$inet6(0xa, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_PVERSION(r0, 0xc1105518, &(0x7f0000001000)) 23:47:11 executing program 1: sched_yield() sched_setaffinity(0x0, 0x0, 0x0) syz_open_dev$evdev(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x28b87512) r0 = socket$inet6(0xa, 0x400000000001, 0x0) r1 = dup(r0) ioctl$KVM_GET_REGS(r1, 0x8090ae81, &(0x7f00000001c0)) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000000)=0x81, 0x4) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r1, 0x29, 0xb, &(0x7f0000000280)=0x2, 0x4) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000180)=0x6, 0x4) socket$packet(0x11, 0x0, 0x300) read(0xffffffffffffffff, 0x0, 0x0) mlock2(&(0x7f0000ffa000/0x6000)=nil, 0x6000, 0x0) accept4$inet6(r0, 0x0, 0x0, 0x0) ioctl$TIOCNXCL(0xffffffffffffffff, 0x540d) r2 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) pread64(0xffffffffffffffff, 0x0, 0x0, 0x0) ftruncate(r2, 0x7fff) sendfile(r1, r2, 0x0, 0x8000fffffffe) 23:47:11 executing program 2: ioctl$PPPIOCGIDLE(0xffffffffffffffff, 0x40046104, 0x0) [ 206.331028][ T8029] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 23:47:11 executing program 5: r0 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000006000)=@in={0x2, 0x4e20, @loopback}, 0x80, &(0x7f0000007f80)=[{&(0x7f00000001c0)="de", 0x1}], 0x1}, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0xa, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x2, 0x20}, 0x98) 23:47:11 executing program 4: sched_yield() sched_setaffinity(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x28b87512) r0 = socket$inet6(0xa, 0x400000000001, 0x0) r1 = dup(r0) ioctl$KVM_GET_REGS(r1, 0x8090ae81, &(0x7f00000001c0)) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000000)=0x81, 0x4) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r1, 0x29, 0xb, &(0x7f0000000280)=0x2, 0x4) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000180)=0x6, 0x4) socket$packet(0x11, 0x0, 0x300) read(0xffffffffffffffff, 0x0, 0x0) mlock2(&(0x7f0000ffa000/0x6000)=nil, 0x6000, 0x0) accept4$inet6(r0, 0x0, 0x0, 0x0) ioctl$TIOCNXCL(0xffffffffffffffff, 0x540d) r2 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) pread64(0xffffffffffffffff, 0x0, 0x0, 0x0) ftruncate(r2, 0x7fff) sendfile(r1, r2, 0x0, 0x8000fffffffe) 23:47:11 executing program 2: ioctl$PPPIOCGIDLE(0xffffffffffffffff, 0x40046104, 0x0) 23:47:11 executing program 3: clone(0x40000000200, 0x0, 0x0, 0x0, 0x0) mknod(&(0x7f0000000100)='./file0\x00', 0x103c, 0x0) execve(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) r0 = gettid() r1 = syz_open_procfs(r0, &(0x7f0000000600)='io\x00\x9ez\x8f\xe4\xb9\x00\x16\xf2f\xe3\xf6 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 207.044950][ T8038] RSP: 002b:00007f806db03c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 207.053419][ T8038] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 207.061421][ T8038] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000004 [ 207.069405][ T8038] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 207.077395][ T8038] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007f806db046d4 23:47:11 executing program 0: r0 = socket$inet(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x1004e20}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x8084, &(0x7f00000002c0)={0x2, 0x4e20}, 0x10) sendto$inet(r0, &(0x7f0000000080)="dd", 0x1, 0x0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 207.085387][ T8038] R13: 00000000004c5227 R14: 00000000004d9368 R15: 00000000ffffffff [ 207.093415][ T8055] CPU: 1 PID: 8055 Comm: syz-executor.4 Not tainted 5.1.0-rc3-next-20190405 #19 [ 207.102460][ T8055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 207.112638][ T8055] Call Trace: [ 207.115958][ T8055] dump_stack+0x172/0x1f0 [ 207.120332][ T8055] __this_cpu_preempt_check+0x246/0x270 [ 207.125913][ T8055] ip6_finish_output+0x335/0xdc0 [ 207.131587][ T8055] ip6_output+0x235/0x7f0 [ 207.135971][ T8055] ? ip6_finish_output+0xdc0/0xdc0 [ 207.141111][ T8055] ? ip6_fragment+0x3980/0x3980 [ 207.146521][ T8055] ip6_xmit+0xe41/0x20c0 [ 207.150805][ T8055] ? ip6_finish_output2+0x2550/0x2550 [ 207.156252][ T8055] ? mark_held_locks+0xf0/0xf0 [ 207.161150][ T8055] ? ip6_setup_cork+0x1870/0x1870 [ 207.165350][ T8029] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/8029 [ 207.166300][ T8055] inet6_csk_xmit+0x2fb/0x5d0 [ 207.166327][ T8055] ? inet6_csk_update_pmtu+0x190/0x190 [ 207.175702][ T8029] caller is ip6_finish_output+0x335/0xdc0 [ 207.180315][ T8055] ? retint_kernel+0x2d/0x2d [ 207.196124][ T8055] ? bictcp_cwnd_event+0x35/0x150 [ 207.201175][ T8055] ? bictcp_cwnd_event+0x78/0x150 [ 207.206235][ T8055] __tcp_transmit_skb+0x1a32/0x3750 [ 207.211468][ T8055] ? __tcp_select_window+0x8b0/0x8b0 [ 207.216787][ T8055] ? retint_kernel+0x2d/0x2d [ 207.221437][ T8055] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 207.227185][ T8055] tcp_write_xmit+0xe39/0x5660 [ 207.231983][ T8055] tcp_push_one+0xd7/0x110 [ 207.236419][ T8055] do_tcp_sendpages+0x115b/0x1b80 [ 207.241496][ T8055] ? sk_stream_alloc_skb+0xd10/0xd10 [ 207.246900][ T8055] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 207.252643][ T8055] tcp_sendpage_locked+0x84/0xd0 [ 207.257595][ T8055] tcp_sendpage+0x3f/0x60 [ 207.261938][ T8055] ? tcp_sendpage_locked+0xd0/0xd0 [ 207.267066][ T8055] inet_sendpage+0x16b/0x630 [ 207.271685][ T8055] kernel_sendpage+0x95/0xf0 [ 207.276379][ T8055] ? inet_sendmsg+0x5e0/0x5e0 [ 207.281111][ T8055] sock_sendpage+0x8b/0xc0 [ 207.285557][ T8055] pipe_to_sendpage+0x299/0x370 [ 207.290444][ T8055] ? kernel_sendpage+0xf0/0xf0 [ 207.295233][ T8055] ? direct_splice_actor+0x1a0/0x1a0 [ 207.300553][ T8055] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 207.306827][ T8055] ? splice_from_pipe_next.part.0+0x255/0x2f0 [ 207.312921][ T8055] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 207.319191][ T8055] __splice_from_pipe+0x395/0x7d0 [ 207.324236][ T8055] ? direct_splice_actor+0x1a0/0x1a0 [ 207.329553][ T8055] ? direct_splice_actor+0x1a0/0x1a0 [ 207.334859][ T8055] splice_from_pipe+0x108/0x170 [ 207.339765][ T8055] ? splice_shrink_spd+0xd0/0xd0 [ 207.344739][ T8055] ? splice_from_pipe+0x170/0x170 [ 207.349815][ T8055] generic_splice_sendpage+0x3c/0x50 [ 207.355121][ T8055] ? splice_from_pipe+0x170/0x170 [ 207.360169][ T8055] direct_splice_actor+0x126/0x1a0 [ 207.365301][ T8055] splice_direct_to_actor+0x369/0x970 [ 207.370696][ T8055] ? generic_pipe_buf_nosteal+0x10/0x10 [ 207.376266][ T8055] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 207.382530][ T8055] ? do_splice_to+0x190/0x190 [ 207.387428][ T8055] ? rw_verify_area+0x118/0x360 [ 207.392325][ T8055] do_splice_direct+0x1da/0x2a0 [ 207.398073][ T8055] ? splice_direct_to_actor+0x970/0x970 [ 207.403644][ T8055] ? rw_verify_area+0x118/0x360 [ 207.408502][ T8055] do_sendfile+0x597/0xd00 [ 207.412936][ T8055] ? do_compat_pwritev64+0x1c0/0x1c0 [ 207.418237][ T8055] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 207.423715][ T8055] __x64_sys_sendfile64+0x1dd/0x220 [ 207.428974][ T8055] ? __ia32_sys_sendfile+0x230/0x230 [ 207.434300][ T8055] ? __ia32_sys_sendfile+0x230/0x230 [ 207.439607][ T8055] do_syscall_64+0x103/0x610 [ 207.444651][ T8055] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 207.450578][ T8055] RIP: 0033:0x4582b9 [ 207.454482][ T8055] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 207.474614][ T8055] RSP: 002b:00007f6a60261c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 207.483870][ T8055] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 207.491874][ T8055] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000004 [ 207.502026][ T8055] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 207.510012][ T8055] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007f6a602626d4 [ 207.518024][ T8055] R13: 00000000004c5227 R14: 00000000004d9368 R15: 00000000ffffffff [ 207.526067][ T8029] CPU: 0 PID: 8029 Comm: syz-executor.1 Not tainted 5.1.0-rc3-next-20190405 #19 23:47:12 executing program 3: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000080)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, r1}, 0x10) 23:47:12 executing program 5: r0 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000006000)=@in={0x2, 0x4e20, @loopback}, 0x80, &(0x7f0000007f80)=[{&(0x7f00000001c0)="de", 0x1}], 0x1}, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0xa, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x2, 0x20}, 0x98) [ 207.535112][ T8029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 207.545196][ T8029] Call Trace: [ 207.548515][ T8029] dump_stack+0x172/0x1f0 [ 207.552871][ T8029] __this_cpu_preempt_check+0x246/0x270 [ 207.558443][ T8029] ip6_finish_output+0x335/0xdc0 [ 207.563406][ T8029] ip6_output+0x235/0x7f0 [ 207.567764][ T8029] ? ip6_finish_output+0xdc0/0xdc0 [ 207.568292][ T8038] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/8038 [ 207.572893][ T8029] ? ip6_fragment+0x3980/0x3980 [ 207.572916][ T8029] ip6_xmit+0xe41/0x20c0 [ 207.572942][ T8029] ? ip6_finish_output2+0x2550/0x2550 [ 207.572959][ T8029] ? mark_held_locks+0xf0/0xf0 [ 207.572989][ T8029] ? ip6_setup_cork+0x1870/0x1870 [ 207.573024][ T8029] inet6_csk_xmit+0x2fb/0x5d0 [ 207.573041][ T8029] ? inet6_csk_update_pmtu+0x190/0x190 [ 207.573057][ T8029] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 207.573080][ T8029] ? csum_ipv6_magic+0x20/0x80 [ 207.573104][ T8029] __tcp_transmit_skb+0x1a32/0x3750 [ 207.573132][ T8029] ? __tcp_select_window+0x8b0/0x8b0 [ 207.573154][ T8029] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 207.573171][ T8029] ? tcp_fastopen_no_cookie+0xe0/0x190 [ 207.573187][ T8029] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 207.573205][ T8029] tcp_connect+0x1e47/0x4280 [ 207.573233][ T8029] ? tcp_push_one+0x110/0x110 [ 207.573250][ T8029] ? secure_tcpv6_ts_off+0x24f/0x360 [ 207.573275][ T8029] ? secure_dccpv6_sequence_number+0x280/0x280 [ 207.573289][ T8029] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 207.573304][ T8029] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 207.573319][ T8029] ? prandom_u32_state+0x13/0x180 [ 207.573339][ T8029] tcp_v6_connect+0x150b/0x20a0 [ 207.573357][ T8029] ? tcp_sendmsg_locked+0x2170/0x37f0 [ 207.573378][ T8029] ? tcp_v6_conn_request+0x2b0/0x2b0 [ 207.573392][ T8029] ? __switch_to_asm+0x34/0x70 [ 207.573406][ T8029] ? __switch_to_asm+0x40/0x70 [ 207.573434][ T8029] ? find_held_lock+0x35/0x130 [ 207.573452][ T8029] ? fs_reclaim_acquire.part.0+0x30/0x30 [ 207.573476][ T8029] __inet_stream_connect+0x83f/0xea0 [ 207.573490][ T8029] ? tcp_v6_conn_request+0x2b0/0x2b0 [ 207.573507][ T8029] ? __inet_stream_connect+0x83f/0xea0 [ 207.573531][ T8029] ? inet_dgram_connect+0x2e0/0x2e0 [ 207.573548][ T8029] ? tcp_sendmsg_locked+0x2170/0x37f0 [ 207.573563][ T8029] ? rcu_read_lock_sched_held+0x110/0x130 [ 207.573582][ T8029] ? kmem_cache_alloc_trace+0x354/0x760 [ 207.573596][ T8029] ? __lock_acquire+0x548/0x3fb0 [ 207.573621][ T8029] tcp_sendmsg_locked+0x231f/0x37f0 [ 207.573639][ T8029] ? mark_held_locks+0xf0/0xf0 [ 207.573660][ T8029] ? mark_held_locks+0xa4/0xf0 [ 207.573679][ T8029] ? tcp_sendpage+0x60/0x60 [ 207.573695][ T8029] ? lock_sock_nested+0x9a/0x120 [ 207.573710][ T8029] ? trace_hardirqs_on+0x67/0x230 [ 207.573725][ T8029] ? lock_sock_nested+0x9a/0x120 [ 207.573743][ T8029] ? __local_bh_enable_ip+0x15a/0x270 [ 207.573765][ T8029] tcp_sendmsg+0x30/0x50 [ 207.573781][ T8029] inet_sendmsg+0x147/0x5e0 [ 207.573795][ T8029] ? ipip_gro_receive+0x100/0x100 [ 207.573813][ T8029] sock_sendmsg+0xdd/0x130 [ 207.573833][ T8029] __sys_sendto+0x262/0x380 [ 207.573853][ T8029] ? __ia32_sys_getpeername+0xb0/0xb0 [ 207.573885][ T8029] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 207.573916][ T8029] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 207.573932][ T8029] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 207.573948][ T8029] ? do_syscall_64+0x26/0x610 [ 207.573962][ T8029] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 207.573993][ T8029] __x64_sys_sendto+0xe1/0x1a0 [ 207.574013][ T8029] do_syscall_64+0x103/0x610 [ 207.574032][ T8029] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 207.574045][ T8029] RIP: 0033:0x4582b9 [ 207.574061][ T8029] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 207.574069][ T8029] RSP: 002b:00007f806db24c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 207.574083][ T8029] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 207.574092][ T8029] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000a [ 207.574102][ T8029] RBP: 000000000073bf00 R08: 00000000208d4fe4 R09: 000000000000001c [ 207.574111][ T8029] R10: 0000000020000008 R11: 0000000000000246 R12: 00007f806db256d4 [ 207.574120][ T8029] R13: 00000000004c59b6 R14: 00000000004d9d10 R15: 00000000ffffffff [ 207.603559][ T8038] caller is ip6_finish_output+0x335/0xdc0 [ 207.623106][ T8062] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 207.625343][ T8038] CPU: 1 PID: 8038 Comm: syz-executor.1 Not tainted 5.1.0-rc3-next-20190405 #19 [ 207.635402][ T8038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 207.658766][ T8038] Call Trace: [ 207.658791][ T8038] dump_stack+0x172/0x1f0 [ 207.658817][ T8038] __this_cpu_preempt_check+0x246/0x270 [ 207.685755][ T8038] ip6_finish_output+0x335/0xdc0 [ 207.685786][ T8038] ip6_output+0x235/0x7f0 [ 207.685813][ T8038] ? ip6_finish_output+0xdc0/0xdc0 [ 207.697070][ T8038] ? ip6_fragment+0x3980/0x3980 [ 207.697092][ T8038] ? tcp_parse_options+0x158/0xe50 [ 207.697113][ T8038] ip6_xmit+0xe41/0x20c0 [ 207.697141][ T8038] ? ip6_finish_output2+0x2550/0x2550 [ 207.721562][ T8055] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/8055 [ 207.722218][ T8038] ? mark_held_locks+0xf0/0xf0 [ 207.722240][ T8038] ? ip6_setup_cork+0x1870/0x1870 [ 207.722270][ T8038] ? tcp_parse_options+0x100/0xe50 [ 207.722292][ T8038] inet6_csk_xmit+0x2fb/0x5d0 [ 207.722310][ T8038] ? inet6_csk_update_pmtu+0x190/0x190 [ 207.722333][ T8038] ? csum_ipv6_magic+0x20/0x80 [ 207.722356][ T8038] __tcp_transmit_skb+0x1a32/0x3750 [ 207.722384][ T8038] ? __tcp_select_window+0x8b0/0x8b0 [ 207.722407][ T8038] ? retint_kernel+0x2d/0x2d [ 207.722429][ T8038] __tcp_send_ack.part.0+0x3c6/0x5b0 [ 207.727225][ T8055] caller is ip6_finish_output+0x335/0xdc0 [ 207.732815][ T8038] tcp_send_ack+0x88/0xa0 [ 207.732829][ T8038] __tcp_ack_snd_check+0x165/0x8d0 [ 207.732844][ T8038] tcp_rcv_established+0x175d/0x1fb0 [ 207.732862][ T8038] ? tcp_data_queue+0x4840/0x4840 [ 207.732887][ T8038] tcp_v6_do_rcv+0x421/0x12c0 [ 207.732908][ T8038] __release_sock+0x12e/0x3a0 [ 207.732932][ T8038] release_sock+0x59/0x1c0 [ 207.732949][ T8038] sk_stream_wait_memory+0x5cb/0xe70 [ 207.732980][ T8038] ? sk_stream_error+0x110/0x110 [ 208.156433][ T8038] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 208.162680][ T8038] ? do_wait_intr_irq+0x2b0/0x2b0 [ 208.167707][ T8038] ? tcp_push+0x4d2/0x6c0 [ 208.172044][ T8038] do_tcp_sendpages+0x84f/0x1b80 [ 208.177007][ T8038] ? sk_stream_alloc_skb+0xd10/0xd10 [ 208.182295][ T8038] ? __local_bh_enable_ip+0x15a/0x270 [ 208.187679][ T8038] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 208.193416][ T8038] tcp_sendpage_locked+0x84/0xd0 [ 208.198373][ T8038] tcp_sendpage+0x3f/0x60 [ 208.202707][ T8038] ? tcp_sendpage_locked+0xd0/0xd0 [ 208.207823][ T8038] inet_sendpage+0x16b/0x630 [ 208.212422][ T8038] kernel_sendpage+0x95/0xf0 [ 208.217031][ T8038] ? inet_sendmsg+0x5e0/0x5e0 [ 208.221711][ T8038] sock_sendpage+0x8b/0xc0 [ 208.226137][ T8038] pipe_to_sendpage+0x299/0x370 [ 208.230996][ T8038] ? kernel_sendpage+0xf0/0xf0 [ 208.235769][ T8038] ? direct_splice_actor+0x1a0/0x1a0 [ 208.241058][ T8038] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 208.247302][ T8038] ? splice_from_pipe_next.part.0+0x255/0x2f0 [ 208.253379][ T8038] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 208.259625][ T8038] __splice_from_pipe+0x395/0x7d0 [ 208.264828][ T8038] ? direct_splice_actor+0x1a0/0x1a0 [ 208.270123][ T8038] ? direct_splice_actor+0x1a0/0x1a0 [ 208.275410][ T8038] splice_from_pipe+0x108/0x170 [ 208.280264][ T8038] ? splice_shrink_spd+0xd0/0xd0 [ 208.285224][ T8038] generic_splice_sendpage+0x3c/0x50 [ 208.290535][ T8038] ? splice_from_pipe+0x170/0x170 [ 208.295571][ T8038] direct_splice_actor+0x126/0x1a0 [ 208.300689][ T8038] splice_direct_to_actor+0x369/0x970 [ 208.306470][ T8038] ? generic_pipe_buf_nosteal+0x10/0x10 [ 208.312061][ T8038] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 208.318525][ T8038] ? do_splice_to+0x190/0x190 [ 208.323418][ T8038] ? rw_verify_area+0x118/0x360 [ 208.328399][ T8038] do_splice_direct+0x1da/0x2a0 [ 208.333280][ T8038] ? splice_direct_to_actor+0x970/0x970 [ 208.338886][ T8038] ? rw_verify_area+0x118/0x360 [ 208.343769][ T8038] do_sendfile+0x597/0xd00 [ 208.348227][ T8038] ? do_compat_pwritev64+0x1c0/0x1c0 [ 208.353533][ T8038] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 208.359887][ T8038] ? put_timespec64+0xda/0x140 [ 208.364698][ T8038] __x64_sys_sendfile64+0x1dd/0x220 [ 208.370028][ T8038] ? __ia32_sys_sendfile+0x230/0x230 [ 208.375540][ T8038] ? do_syscall_64+0x26/0x610 [ 208.380270][ T8038] ? lockdep_hardirqs_on+0x418/0x5d0 [ 208.385586][ T8038] ? trace_hardirqs_on+0x67/0x230 [ 208.390797][ T8038] do_syscall_64+0x103/0x610 [ 208.395446][ T8038] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 208.401908][ T8038] RIP: 0033:0x4582b9 [ 208.406009][ T8038] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 208.426060][ T8038] RSP: 002b:00007f806db03c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 208.434492][ T8038] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 208.442495][ T8038] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000004 [ 208.450497][ T8038] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 208.458613][ T8038] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007f806db046d4 [ 208.466776][ T8038] R13: 00000000004c5227 R14: 00000000004d9368 R15: 00000000ffffffff [ 208.474817][ T8055] CPU: 0 PID: 8055 Comm: syz-executor.4 Not tainted 5.1.0-rc3-next-20190405 #19 [ 208.483899][ T8055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 208.493959][ T8055] Call Trace: [ 208.497282][ T8055] dump_stack+0x172/0x1f0 [ 208.501634][ T8055] __this_cpu_preempt_check+0x246/0x270 [ 208.507226][ T8055] ip6_finish_output+0x335/0xdc0 [ 208.512218][ T8055] ip6_output+0x235/0x7f0 [ 208.516572][ T8055] ? ip6_finish_output+0xdc0/0xdc0 [ 208.521717][ T8055] ? ip6_fragment+0x3980/0x3980 [ 208.526596][ T8055] ip6_xmit+0xe41/0x20c0 [ 208.530869][ T8055] ? mark_held_locks+0xa4/0xf0 [ 208.535669][ T8055] ? ip6_finish_output2+0x2550/0x2550 [ 208.541065][ T8055] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 208.546549][ T8055] ? ip6_setup_cork+0x1870/0x1870 [ 208.551592][ T8055] ? retint_kernel+0x2d/0x2d [ 208.556219][ T8055] inet6_csk_xmit+0x2fb/0x5d0 [ 208.560921][ T8055] ? inet6_csk_update_pmtu+0x190/0x190 [ 208.566406][ T8055] ? csum_ipv6_magic+0x20/0x80 [ 208.571195][ T8055] __tcp_transmit_skb+0x1a32/0x3750 [ 208.576436][ T8055] ? __tcp_select_window+0x8b0/0x8b0 [ 208.581736][ T8055] ? tcp_small_queue_check.isra.0+0x20/0x2a0 [ 208.588398][ T8055] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 208.594148][ T8055] tcp_write_xmit+0xe39/0x5660 [ 208.598940][ T8055] __tcp_push_pending_frames+0xb4/0x350 [ 208.604500][ T8055] do_tcp_sendpages+0x167b/0x1b80 [ 208.609548][ T8055] ? sk_stream_alloc_skb+0xd10/0xd10 [ 208.614844][ T8055] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 208.620594][ T8055] tcp_sendpage_locked+0x84/0xd0 [ 208.625547][ T8055] tcp_sendpage+0x3f/0x60 [ 208.629893][ T8055] ? tcp_sendpage_locked+0xd0/0xd0 [ 208.635020][ T8055] inet_sendpage+0x16b/0x630 [ 208.639632][ T8055] kernel_sendpage+0x95/0xf0 [ 208.644244][ T8055] ? inet_sendmsg+0x5e0/0x5e0 [ 208.648948][ T8055] sock_sendpage+0x8b/0xc0 [ 208.653389][ T8055] pipe_to_sendpage+0x299/0x370 [ 208.658280][ T8055] ? kernel_sendpage+0xf0/0xf0 [ 208.663238][ T8055] ? direct_splice_actor+0x1a0/0x1a0 [ 208.668549][ T8055] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 208.674837][ T8055] ? splice_from_pipe_next.part.0+0x255/0x2f0 [ 208.681106][ T8055] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 208.687377][ T8055] __splice_from_pipe+0x395/0x7d0 [ 208.692600][ T8055] ? direct_splice_actor+0x1a0/0x1a0 [ 208.697921][ T8055] ? direct_splice_actor+0x1a0/0x1a0 [ 208.703240][ T8055] splice_from_pipe+0x108/0x170 [ 208.708142][ T8055] ? splice_shrink_spd+0xd0/0xd0 [ 208.713111][ T8055] ? splice_from_pipe+0x170/0x170 [ 208.718158][ T8055] generic_splice_sendpage+0x3c/0x50 [ 208.723460][ T8055] ? splice_from_pipe+0x170/0x170 [ 208.728500][ T8055] direct_splice_actor+0x126/0x1a0 [ 208.733633][ T8055] splice_direct_to_actor+0x369/0x970 [ 208.739034][ T8055] ? generic_pipe_buf_nosteal+0x10/0x10 [ 208.744605][ T8055] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 208.750873][ T8055] ? do_splice_to+0x190/0x190 [ 208.755590][ T8055] ? rw_verify_area+0x118/0x360 [ 208.760467][ T8055] do_splice_direct+0x1da/0x2a0 [ 208.765338][ T8055] ? splice_direct_to_actor+0x970/0x970 [ 208.770910][ T8055] ? rw_verify_area+0x118/0x360 [ 208.775780][ T8055] do_sendfile+0x597/0xd00 [ 208.780234][ T8055] ? do_compat_pwritev64+0x1c0/0x1c0 [ 208.785549][ T8055] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 208.791037][ T8055] __x64_sys_sendfile64+0x1dd/0x220 [ 208.796263][ T8055] ? __ia32_sys_sendfile+0x230/0x230 [ 208.801581][ T8055] ? __ia32_sys_sendfile+0x230/0x230 [ 208.806910][ T8055] do_syscall_64+0x103/0x610 [ 208.811543][ T8055] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 208.817546][ T8055] RIP: 0033:0x4582b9 [ 208.821488][ T8055] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 23:47:14 executing program 5: r0 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0xa, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x2, 0x20}, 0x98) 23:47:14 executing program 2: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$PPPIOCGIDLE(r0, 0x40046104, 0x0) [ 208.841115][ T8055] RSP: 002b:00007f6a60261c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 208.849729][ T8055] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 208.857716][ T8055] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000004 [ 208.865717][ T8055] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 208.873726][ T8055] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007f6a602626d4 [ 208.881725][ T8055] R13: 00000000004c5227 R14: 00000000004d9368 R15: 00000000ffffffff [ 208.984685][ T8055] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/8055 [ 208.994307][ T8055] caller is ip6_finish_output+0x335/0xdc0 [ 209.000213][ T8055] CPU: 1 PID: 8055 Comm: syz-executor.4 Not tainted 5.1.0-rc3-next-20190405 #19 [ 209.009424][ T8055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 209.009441][ T8055] Call Trace: [ 209.022828][ T8055] dump_stack+0x172/0x1f0 [ 209.027190][ T8055] __this_cpu_preempt_check+0x246/0x270 [ 209.032769][ T8055] ip6_finish_output+0x335/0xdc0 [ 209.037917][ T8055] ip6_output+0x235/0x7f0 [ 209.042285][ T8055] ? ip6_finish_output+0xdc0/0xdc0 [ 209.045033][ T8072] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/8072 [ 209.047427][ T8055] ? ip6_fragment+0x3980/0x3980 [ 209.056815][ T8072] caller is ip6_finish_output+0x335/0xdc0 [ 209.061604][ T8055] ? ip6_output+0x1e/0x7f0 [ 209.072293][ T8055] ip6_xmit+0xe41/0x20c0 [ 209.076572][ T8055] ? ip6_finish_output2+0x2550/0x2550 [ 209.082003][ T8055] ? retint_kernel+0x2d/0x2d [ 209.086614][ T8055] ? ip6_setup_cork+0x1870/0x1870 [ 209.091689][ T8055] inet6_csk_xmit+0x2fb/0x5d0 [ 209.096429][ T8055] ? inet6_csk_update_pmtu+0x190/0x190 [ 209.101927][ T8055] ? __tcp_transmit_skb+0x1854/0x3750 [ 209.107374][ T8055] __tcp_transmit_skb+0x1a32/0x3750 [ 209.112604][ T8055] ? __tcp_select_window+0x8b0/0x8b0 [ 209.117947][ T8055] __tcp_send_ack.part.0+0x3c6/0x5b0 [ 209.123300][ T8055] tcp_send_ack+0x88/0xa0 [ 209.127672][ T8055] __tcp_ack_snd_check+0x165/0x8d0 [ 209.132812][ T8055] tcp_rcv_established+0x175d/0x1fb0 [ 209.138130][ T8055] ? tcp_data_queue+0x4840/0x4840 [ 209.143191][ T8055] tcp_v6_do_rcv+0x421/0x12c0 [ 209.147907][ T8055] __release_sock+0x12e/0x3a0 [ 209.152608][ T8055] release_sock+0x59/0x1c0 [ 209.157046][ T8055] sk_stream_wait_memory+0x5cb/0xe70 [ 209.162359][ T8055] ? sk_stream_error+0x110/0x110 [ 209.167335][ T8055] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 209.173590][ T8055] ? do_wait_intr_irq+0x2b0/0x2b0 [ 209.178628][ T8055] ? tcp_push+0x4d2/0x6c0 [ 209.182980][ T8055] do_tcp_sendpages+0x84f/0x1b80 [ 209.187958][ T8055] ? sk_stream_alloc_skb+0xd10/0xd10 [ 209.193278][ T8055] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 209.199027][ T8055] tcp_sendpage_locked+0x84/0xd0 [ 209.203999][ T8055] tcp_sendpage+0x3f/0x60 [ 209.208355][ T8055] ? tcp_sendpage_locked+0xd0/0xd0 [ 209.213485][ T8055] inet_sendpage+0x16b/0x630 [ 209.218113][ T8055] kernel_sendpage+0x95/0xf0 [ 209.222810][ T8055] ? inet_sendmsg+0x5e0/0x5e0 [ 209.227524][ T8055] sock_sendpage+0x8b/0xc0 [ 209.231965][ T8055] pipe_to_sendpage+0x299/0x370 [ 209.236848][ T8055] ? kernel_sendpage+0xf0/0xf0 [ 209.241631][ T8055] ? direct_splice_actor+0x1a0/0x1a0 [ 209.246939][ T8055] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 209.253209][ T8055] ? splice_from_pipe_next.part.0+0x255/0x2f0 [ 209.259300][ T8055] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 209.265557][ T8055] __splice_from_pipe+0x395/0x7d0 [ 209.270610][ T8055] ? direct_splice_actor+0x1a0/0x1a0 [ 209.275912][ T8055] ? direct_splice_actor+0x1a0/0x1a0 [ 209.281248][ T8055] splice_from_pipe+0x108/0x170 [ 209.286217][ T8055] ? splice_shrink_spd+0xd0/0xd0 [ 209.291185][ T8055] ? splice_from_pipe+0x170/0x170 [ 209.296248][ T8055] generic_splice_sendpage+0x3c/0x50 [ 209.301812][ T8055] ? splice_from_pipe+0x170/0x170 [ 209.306865][ T8055] direct_splice_actor+0x126/0x1a0 [ 209.312011][ T8055] splice_direct_to_actor+0x369/0x970 [ 209.317408][ T8055] ? generic_pipe_buf_nosteal+0x10/0x10 [ 209.323078][ T8055] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 209.329343][ T8055] ? do_splice_to+0x190/0x190 [ 209.334049][ T8055] ? rw_verify_area+0x118/0x360 [ 209.338919][ T8055] do_splice_direct+0x1da/0x2a0 [ 209.343815][ T8055] ? splice_direct_to_actor+0x970/0x970 [ 209.349404][ T8055] ? rw_verify_area+0x118/0x360 [ 209.354362][ T8055] do_sendfile+0x597/0xd00 [ 209.359467][ T8055] ? do_compat_pwritev64+0x1c0/0x1c0 [ 209.374030][ T8055] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 209.380686][ T8055] __x64_sys_sendfile64+0x1dd/0x220 [ 209.387444][ T8055] ? __ia32_sys_sendfile+0x230/0x230 [ 209.396512][ T8055] ? __ia32_sys_sendfile+0x230/0x230 [ 209.403144][ T8055] do_syscall_64+0x103/0x610 [ 209.408560][ T8055] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 209.416312][ T8055] RIP: 0033:0x4582b9 [ 209.420407][ T8055] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 209.440892][ T8055] RSP: 002b:00007f6a60261c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 209.449321][ T8055] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 209.457305][ T8055] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000004 [ 209.465696][ T8055] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 209.476635][ T8055] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007f6a602626d4 [ 209.486309][ T8055] R13: 00000000004c5227 R14: 00000000004d9368 R15: 00000000ffffffff [ 209.502997][ T8072] CPU: 0 PID: 8072 Comm: syz-executor.1 Not tainted 5.1.0-rc3-next-20190405 #19 [ 209.512044][ T8072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 209.522248][ T8072] Call Trace: [ 209.525574][ T8072] dump_stack+0x172/0x1f0 [ 209.529957][ T8072] __this_cpu_preempt_check+0x246/0x270 [ 209.534008][ T8055] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/8055 [ 209.535563][ T8072] ip6_finish_output+0x335/0xdc0 [ 209.535587][ T8072] ip6_output+0x235/0x7f0 [ 209.535607][ T8072] ? ip6_finish_output+0xdc0/0xdc0 [ 209.535629][ T8072] ? ip6_fragment+0x3980/0x3980 [ 209.535654][ T8072] ip6_xmit+0xe41/0x20c0 [ 209.535688][ T8072] ? ip6_finish_output2+0x2550/0x2550 [ 209.549206][ T8055] caller is ip6_finish_output+0x335/0xdc0 [ 209.552628][ T8072] ? mark_held_locks+0xf0/0xf0 [ 209.552650][ T8072] ? ip6_setup_cork+0x1870/0x1870 [ 209.552679][ T8072] inet6_csk_xmit+0x2fb/0x5d0 [ 209.552696][ T8072] ? inet6_csk_update_pmtu+0x190/0x190 [ 209.552712][ T8072] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 209.552736][ T8072] ? csum_ipv6_magic+0x20/0x80 [ 209.552767][ T8072] __tcp_transmit_skb+0x1a32/0x3750 [ 209.622883][ T8072] ? __tcp_select_window+0x8b0/0x8b0 [ 209.629670][ T8072] ? lockdep_hardirqs_on+0x418/0x5d0 [ 209.636730][ T8072] ? trace_hardirqs_on+0x67/0x230 [ 209.641809][ T8072] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 209.647559][ T8072] tcp_write_xmit+0xe39/0x5660 [ 209.652356][ T8072] ? kasan_check_write+0x14/0x20 [ 209.657337][ T8072] tcp_push_one+0xd7/0x110 [ 209.661782][ T8072] do_tcp_sendpages+0x115b/0x1b80 [ 209.666863][ T8072] ? sk_stream_alloc_skb+0xd10/0xd10 [ 209.672169][ T8072] ? __local_bh_enable_ip+0x15a/0x270 [ 209.677571][ T8072] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 209.683319][ T8072] tcp_sendpage_locked+0x84/0xd0 [ 209.688295][ T8072] tcp_sendpage+0x3f/0x60 [ 209.692648][ T8072] ? tcp_sendpage_locked+0xd0/0xd0 [ 209.697872][ T8072] inet_sendpage+0x16b/0x630 [ 209.702517][ T8072] kernel_sendpage+0x95/0xf0 [ 209.707128][ T8072] ? inet_sendmsg+0x5e0/0x5e0 [ 209.711830][ T8072] sock_sendpage+0x8b/0xc0 [ 209.716282][ T8072] pipe_to_sendpage+0x299/0x370 [ 209.721163][ T8072] ? kernel_sendpage+0xf0/0xf0 [ 209.725952][ T8072] ? direct_splice_actor+0x1a0/0x1a0 [ 209.731281][ T8072] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 209.737550][ T8072] ? splice_from_pipe_next.part.0+0x255/0x2f0 [ 209.743644][ T8072] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 209.749913][ T8072] __splice_from_pipe+0x395/0x7d0 [ 209.754965][ T8072] ? direct_splice_actor+0x1a0/0x1a0 [ 209.760397][ T8072] ? direct_splice_actor+0x1a0/0x1a0 [ 209.765809][ T8072] splice_from_pipe+0x108/0x170 [ 209.770713][ T8072] ? splice_shrink_spd+0xd0/0xd0 [ 209.775691][ T8072] generic_splice_sendpage+0x3c/0x50 [ 209.781004][ T8072] ? splice_from_pipe+0x170/0x170 [ 209.786056][ T8072] direct_splice_actor+0x126/0x1a0 [ 209.791197][ T8072] splice_direct_to_actor+0x369/0x970 [ 209.796592][ T8072] ? generic_pipe_buf_nosteal+0x10/0x10 [ 209.802187][ T8072] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 209.808464][ T8072] ? do_splice_to+0x190/0x190 [ 209.813171][ T8072] ? rw_verify_area+0x118/0x360 [ 209.818049][ T8072] do_splice_direct+0x1da/0x2a0 [ 209.822943][ T8072] ? splice_direct_to_actor+0x970/0x970 [ 209.828527][ T8072] ? rw_verify_area+0x118/0x360 [ 209.833414][ T8072] do_sendfile+0x597/0xd00 [ 209.837866][ T8072] ? do_compat_pwritev64+0x1c0/0x1c0 [ 209.843196][ T8072] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 209.849458][ T8072] ? put_timespec64+0xda/0x140 [ 209.854267][ T8072] __x64_sys_sendfile64+0x1dd/0x220 [ 209.859494][ T8072] ? __ia32_sys_sendfile+0x230/0x230 [ 209.864799][ T8072] ? do_syscall_64+0x26/0x610 [ 209.869519][ T8072] ? lockdep_hardirqs_on+0x418/0x5d0 [ 209.874837][ T8072] ? trace_hardirqs_on+0x67/0x230 [ 209.879886][ T8072] do_syscall_64+0x103/0x610 [ 209.884505][ T8072] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 209.890417][ T8072] RIP: 0033:0x4582b9 [ 209.894329][ T8072] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 209.913942][ T8072] RSP: 002b:00007f806da5ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 209.922379][ T8072] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 209.930367][ T8072] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 000000000000000b [ 209.938353][ T8072] RBP: 000000000073c2c0 R08: 0000000000000000 R09: 0000000000000000 [ 209.946338][ T8072] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007f806da5f6d4 [ 209.954322][ T8072] R13: 00000000004c5227 R14: 00000000004d9368 R15: 00000000ffffffff [ 209.962375][ T8055] CPU: 1 PID: 8055 Comm: syz-executor.4 Not tainted 5.1.0-rc3-next-20190405 #19 [ 209.971416][ T8055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 209.977721][ T8072] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/8072 [ 209.981483][ T8055] Call Trace: [ 209.981510][ T8055] dump_stack+0x172/0x1f0 [ 209.981530][ T8055] __this_cpu_preempt_check+0x246/0x270 [ 209.981558][ T8055] ip6_finish_output+0x335/0xdc0 [ 209.990948][ T8072] caller is ip6_finish_output+0x335/0xdc0 [ 209.994174][ T8055] ip6_output+0x235/0x7f0 [ 209.994192][ T8055] ? ip6_finish_output+0xdc0/0xdc0 [ 209.994212][ T8055] ? ip6_fragment+0x3980/0x3980 [ 209.994234][ T8055] ip6_xmit+0xe41/0x20c0 [ 210.033304][ T8055] ? ip6_finish_output2+0x2550/0x2550 [ 210.038696][ T8055] ? mark_held_locks+0xf0/0xf0 [ 210.043475][ T8055] ? ip6_setup_cork+0x1870/0x1870 [ 210.048528][ T8055] inet6_csk_xmit+0x2fb/0x5d0 [ 210.053256][ T8055] ? inet6_csk_update_pmtu+0x190/0x190 [ 210.058748][ T8055] ? csum_ipv6_magic+0x20/0x80 [ 210.063929][ T8055] __tcp_transmit_skb+0x1a32/0x3750 [ 210.070031][ T8055] ? __tcp_select_window+0x8b0/0x8b0 [ 210.075352][ T8055] __tcp_send_ack.part.0+0x3c6/0x5b0 [ 210.080680][ T8055] tcp_send_ack+0x88/0xa0 [ 210.085027][ T8055] __tcp_ack_snd_check+0x165/0x8d0 [ 210.090170][ T8055] tcp_rcv_established+0x9ed/0x1fb0 [ 210.095388][ T8055] ? tcp_data_queue+0x4840/0x4840 [ 210.100433][ T8055] tcp_v6_do_rcv+0x421/0x12c0 [ 210.105132][ T8055] __release_sock+0x12e/0x3a0 [ 210.109861][ T8055] release_sock+0x59/0x1c0 [ 210.114302][ T8055] sk_stream_wait_memory+0x5cb/0xe70 [ 210.119622][ T8055] ? sk_stream_error+0x110/0x110 [ 210.124597][ T8055] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 210.130861][ T8055] ? do_wait_intr_irq+0x2b0/0x2b0 [ 210.135926][ T8055] ? tcp_push+0x4d2/0x6c0 [ 210.140287][ T8055] do_tcp_sendpages+0x84f/0x1b80 [ 210.145269][ T8055] ? sk_stream_alloc_skb+0xd10/0xd10 [ 210.150575][ T8055] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 210.156314][ T8055] tcp_sendpage_locked+0x84/0xd0 [ 210.161271][ T8055] tcp_sendpage+0x3f/0x60 [ 210.165616][ T8055] ? tcp_sendpage_locked+0xd0/0xd0 [ 210.170741][ T8055] inet_sendpage+0x16b/0x630 [ 210.175361][ T8055] kernel_sendpage+0x95/0xf0 [ 210.179967][ T8055] ? inet_sendmsg+0x5e0/0x5e0 [ 210.184697][ T8055] sock_sendpage+0x8b/0xc0 [ 210.189169][ T8055] pipe_to_sendpage+0x299/0x370 [ 210.194071][ T8055] ? kernel_sendpage+0xf0/0xf0 [ 210.198855][ T8055] ? direct_splice_actor+0x1a0/0x1a0 [ 210.204159][ T8055] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 210.210419][ T8055] ? splice_from_pipe_next.part.0+0x255/0x2f0 [ 210.216508][ T8055] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 210.222776][ T8055] __splice_from_pipe+0x395/0x7d0 [ 210.227848][ T8055] ? direct_splice_actor+0x1a0/0x1a0 [ 210.233155][ T8055] ? direct_splice_actor+0x1a0/0x1a0 [ 210.238457][ T8055] splice_from_pipe+0x108/0x170 [ 210.243331][ T8055] ? splice_shrink_spd+0xd0/0xd0 [ 210.248297][ T8055] ? splice_from_pipe+0x170/0x170 [ 210.253351][ T8055] generic_splice_sendpage+0x3c/0x50 [ 210.258658][ T8055] ? splice_from_pipe+0x170/0x170 [ 210.263705][ T8055] direct_splice_actor+0x126/0x1a0 [ 210.268844][ T8055] splice_direct_to_actor+0x369/0x970 [ 210.274252][ T8055] ? generic_pipe_buf_nosteal+0x10/0x10 [ 210.279839][ T8055] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 210.286098][ T8055] ? do_splice_to+0x190/0x190 [ 210.290809][ T8055] ? rw_verify_area+0x118/0x360 [ 210.295685][ T8055] do_splice_direct+0x1da/0x2a0 [ 210.300585][ T8055] ? splice_direct_to_actor+0x970/0x970 [ 210.306171][ T8055] ? rw_verify_area+0x118/0x360 [ 210.311046][ T8055] do_sendfile+0x597/0xd00 [ 210.315497][ T8055] ? do_compat_pwritev64+0x1c0/0x1c0 [ 210.320803][ T8055] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 210.326311][ T8055] __x64_sys_sendfile64+0x1dd/0x220 [ 210.331558][ T8055] ? __ia32_sys_sendfile+0x230/0x230 [ 210.336871][ T8055] ? __ia32_sys_sendfile+0x230/0x230 [ 210.342186][ T8055] do_syscall_64+0x103/0x610 [ 210.346810][ T8055] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 210.352718][ T8055] RIP: 0033:0x4582b9 [ 210.356632][ T8055] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 210.376244][ T8055] RSP: 002b:00007f6a60261c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 210.384674][ T8055] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 210.392937][ T8055] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000004 [ 210.400923][ T8055] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 210.409169][ T8055] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007f6a602626d4 [ 210.417154][ T8055] R13: 00000000004c5227 R14: 00000000004d9368 R15: 00000000ffffffff [ 210.425168][ T8072] CPU: 0 PID: 8072 Comm: syz-executor.1 Not tainted 5.1.0-rc3-next-20190405 #19 [ 210.434214][ T8072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 210.444286][ T8072] Call Trace: [ 210.447620][ T8072] dump_stack+0x172/0x1f0 [ 210.448031][ T8055] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/8055 [ 210.451979][ T8072] __this_cpu_preempt_check+0x246/0x270 [ 210.452000][ T8072] ip6_finish_output+0x335/0xdc0 [ 210.452020][ T8072] ip6_output+0x235/0x7f0 [ 210.452038][ T8072] ? ip6_finish_output+0xdc0/0xdc0 [ 210.452058][ T8072] ? ip6_fragment+0x3980/0x3980 [ 210.452082][ T8072] ip6_xmit+0xe41/0x20c0 [ 210.452109][ T8072] ? ip6_finish_output2+0x2550/0x2550 [ 210.452126][ T8072] ? mark_held_locks+0xf0/0xf0 [ 210.452145][ T8072] ? ip6_setup_cork+0x1870/0x1870 [ 210.452163][ T8072] ? inet6_csk_route_socket+0x715/0xf40 [ 210.452193][ T8072] inet6_csk_xmit+0x2fb/0x5d0 [ 210.452211][ T8072] ? inet6_csk_update_pmtu+0x190/0x190 [ 210.452227][ T8072] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 210.452250][ T8072] ? csum_ipv6_magic+0x20/0x80 [ 210.452282][ T8072] __tcp_transmit_skb+0x1a32/0x3750 [ 210.452309][ T8072] ? __tcp_select_window+0x8b0/0x8b0 [ 210.452322][ T8072] ? lockdep_hardirqs_on+0x418/0x5d0 [ 210.452339][ T8072] ? trace_hardirqs_on+0x67/0x230 [ 210.452359][ T8072] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 210.452378][ T8072] tcp_write_xmit+0xe39/0x5660 [ 210.452414][ T8072] __tcp_push_pending_frames+0xb4/0x350 [ 210.452434][ T8072] do_tcp_sendpages+0x167b/0x1b80 [ 210.452468][ T8072] ? sk_stream_alloc_skb+0xd10/0xd10 [ 210.452482][ T8072] ? __local_bh_enable_ip+0x15a/0x270 [ 210.452504][ T8072] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 210.452525][ T8072] tcp_sendpage_locked+0x84/0xd0 [ 210.452545][ T8072] tcp_sendpage+0x3f/0x60 [ 210.452560][ T8072] ? tcp_sendpage_locked+0xd0/0xd0 [ 210.452576][ T8072] inet_sendpage+0x16b/0x630 [ 210.452599][ T8072] kernel_sendpage+0x95/0xf0 [ 210.452611][ T8072] ? inet_sendmsg+0x5e0/0x5e0 [ 210.452630][ T8072] sock_sendpage+0x8b/0xc0 [ 210.452651][ T8072] pipe_to_sendpage+0x299/0x370 [ 210.452667][ T8072] ? kernel_sendpage+0xf0/0xf0 [ 210.452683][ T8072] ? direct_splice_actor+0x1a0/0x1a0 [ 210.452700][ T8072] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 210.452715][ T8072] ? splice_from_pipe_next.part.0+0x255/0x2f0 [ 210.452730][ T8072] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 210.452750][ T8072] __splice_from_pipe+0x395/0x7d0 [ 210.452766][ T8072] ? direct_splice_actor+0x1a0/0x1a0 [ 210.452788][ T8072] ? direct_splice_actor+0x1a0/0x1a0 [ 210.452802][ T8072] splice_from_pipe+0x108/0x170 [ 210.452821][ T8072] ? splice_shrink_spd+0xd0/0xd0 [ 210.452852][ T8072] generic_splice_sendpage+0x3c/0x50 [ 210.452865][ T8072] ? splice_from_pipe+0x170/0x170 [ 210.452883][ T8072] direct_splice_actor+0x126/0x1a0 [ 210.452902][ T8072] splice_direct_to_actor+0x369/0x970 [ 210.452920][ T8072] ? generic_pipe_buf_nosteal+0x10/0x10 [ 210.452940][ T8072] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 210.452955][ T8072] ? do_splice_to+0x190/0x190 [ 210.452986][ T8072] ? rw_verify_area+0x118/0x360 [ 210.453005][ T8072] do_splice_direct+0x1da/0x2a0 [ 210.453023][ T8072] ? splice_direct_to_actor+0x970/0x970 [ 210.453049][ T8072] ? rw_verify_area+0x118/0x360 [ 210.453069][ T8072] do_sendfile+0x597/0xd00 [ 210.453095][ T8072] ? do_compat_pwritev64+0x1c0/0x1c0 [ 210.453109][ T8072] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 210.453124][ T8072] ? put_timespec64+0xda/0x140 [ 210.453152][ T8072] __x64_sys_sendfile64+0x1dd/0x220 [ 210.453175][ T8072] ? __ia32_sys_sendfile+0x230/0x230 [ 210.462572][ T8055] caller is ip6_finish_output+0x335/0xdc0 [ 210.468021][ T8072] ? do_syscall_64+0x26/0x610 [ 210.468040][ T8072] ? lockdep_hardirqs_on+0x418/0x5d0 [ 210.468057][ T8072] ? trace_hardirqs_on+0x67/0x230 [ 210.468085][ T8072] do_syscall_64+0x103/0x610 [ 210.797796][ T8072] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 210.803697][ T8072] RIP: 0033:0x4582b9 [ 210.807592][ T8072] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 210.827231][ T8072] RSP: 002b:00007f806da5ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 210.835652][ T8072] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 210.843628][ T8072] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 000000000000000b [ 210.851611][ T8072] RBP: 000000000073c2c0 R08: 0000000000000000 R09: 0000000000000000 [ 210.859775][ T8072] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007f806da5f6d4 [ 210.867776][ T8072] R13: 00000000004c5227 R14: 00000000004d9368 R15: 00000000ffffffff [ 210.875791][ T8055] CPU: 1 PID: 8055 Comm: syz-executor.4 Not tainted 5.1.0-rc3-next-20190405 #19 [ 210.884820][ T8055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 210.884825][ T8055] Call Trace: [ 210.884848][ T8055] dump_stack+0x172/0x1f0 [ 210.884871][ T8055] __this_cpu_preempt_check+0x246/0x270 [ 210.884895][ T8055] ip6_finish_output+0x335/0xdc0 [ 210.908095][ T8055] ip6_output+0x235/0x7f0 [ 210.917339][ T8055] ? ip6_finish_output+0xdc0/0xdc0 [ 210.922456][ T8055] ? ip6_fragment+0x3980/0x3980 [ 210.922479][ T8055] ip6_xmit+0xe41/0x20c0 [ 210.922494][ T8055] ? lockdep_hardirqs_on+0x418/0x5d0 [ 210.922518][ T8055] ? ip6_finish_output2+0x2550/0x2550 [ 210.922540][ T8055] ? ip6_setup_cork+0x1870/0x1870 [ 210.947317][ T8055] inet6_csk_xmit+0x2fb/0x5d0 [ 210.952023][ T8055] ? inet6_csk_update_pmtu+0x190/0x190 [ 210.957529][ T8055] ? csum_ipv6_magic+0x20/0x80 [ 210.962318][ T8055] __tcp_transmit_skb+0x1a32/0x3750 [ 210.967720][ T8055] ? __tcp_select_window+0x8b0/0x8b0 [ 210.973022][ T8055] ? lockdep_hardirqs_on+0x418/0x5d0 [ 210.978320][ T8055] ? trace_hardirqs_on+0x67/0x230 [ 210.983389][ T8055] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 210.989119][ T8055] tcp_write_xmit+0xe39/0x5660 [ 210.993891][ T8055] ? tcp_established_options+0x29d/0x4d0 [ 210.999545][ T8055] __tcp_push_pending_frames+0xb4/0x350 [ 211.005101][ T8055] tcp_rcv_established+0x1974/0x1fb0 [ 211.010397][ T8055] ? tcp_data_queue+0x4840/0x4840 [ 211.015433][ T8055] tcp_v6_do_rcv+0x421/0x12c0 [ 211.020121][ T8055] __release_sock+0x12e/0x3a0 [ 211.024821][ T8055] release_sock+0x59/0x1c0 [ 211.029251][ T8055] sk_stream_wait_memory+0x5cb/0xe70 [ 211.029275][ T8055] ? sk_stream_error+0x110/0x110 23:47:16 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x8, &(0x7f0000000300)=0xffffffffffffff20, 0x4) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c) listen(r1, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x4e22}, 0x1c) setsockopt$sock_linger(r0, 0x1, 0xd, 0x0, 0x0) close(r0) close(r1) 23:47:16 executing program 5: r0 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0xa, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x2, 0x20}, 0x98) 23:47:16 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070") r1 = socket$inet6(0xa, 0x80000000003, 0x80000000000000c) ioctl$sock_SIOCETHTOOL(r1, 0x89f0, &(0x7f0000000240)={'bridge0\x00\x00\x00\x00\x80\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="09000000000000000003"]}) 23:47:16 executing program 2: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$PPPIOCGIDLE(r0, 0x40046104, 0x0) [ 211.029293][ T8055] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 211.029308][ T8055] ? do_wait_intr_irq+0x2b0/0x2b0 [ 211.029334][ T8055] ? tcp_push+0x4d2/0x6c0 [ 211.045797][ T8055] do_tcp_sendpages+0x84f/0x1b80 [ 211.045832][ T8055] ? sk_stream_alloc_skb+0xd10/0xd10 [ 211.065382][ T8055] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 211.071125][ T8055] tcp_sendpage_locked+0x84/0xd0 [ 211.076089][ T8055] tcp_sendpage+0x3f/0x60 [ 211.080436][ T8055] ? tcp_sendpage_locked+0xd0/0xd0 [ 211.085566][ T8055] inet_sendpage+0x16b/0x630 [ 211.085587][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 211.090175][ T8055] kernel_sendpage+0x95/0xf0 [ 211.090190][ T8055] ? inet_sendmsg+0x5e0/0x5e0 [ 211.090208][ T8055] sock_sendpage+0x8b/0xc0 [ 211.090226][ T8055] pipe_to_sendpage+0x299/0x370 [ 211.090249][ T8055] ? kernel_sendpage+0xf0/0xf0 [ 211.124746][ T8055] ? direct_splice_actor+0x1a0/0x1a0 [ 211.130040][ T8055] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 211.136296][ T8055] ? splice_from_pipe_next.part.0+0x255/0x2f0 [ 211.142375][ T8055] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 211.148633][ T8055] __splice_from_pipe+0x395/0x7d0 [ 211.153664][ T8055] ? direct_splice_actor+0x1a0/0x1a0 [ 211.158963][ T8055] ? direct_splice_actor+0x1a0/0x1a0 [ 211.164268][ T8055] splice_from_pipe+0x108/0x170 [ 211.169139][ T8055] ? splice_shrink_spd+0xd0/0xd0 [ 211.174092][ T8055] ? splice_from_pipe+0x170/0x170 [ 211.179133][ T8055] generic_splice_sendpage+0x3c/0x50 [ 211.184426][ T8055] ? splice_from_pipe+0x170/0x170 [ 211.189457][ T8055] direct_splice_actor+0x126/0x1a0 [ 211.194580][ T8055] splice_direct_to_actor+0x369/0x970 [ 211.199973][ T8055] ? generic_pipe_buf_nosteal+0x10/0x10 [ 211.205541][ T8055] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 211.211796][ T8055] ? do_splice_to+0x190/0x190 [ 211.216479][ T8055] ? rw_verify_area+0x118/0x360 [ 211.221340][ T8055] do_splice_direct+0x1da/0x2a0 [ 211.226204][ T8055] ? splice_direct_to_actor+0x970/0x970 [ 211.231790][ T8055] ? rw_verify_area+0x118/0x360 [ 211.236661][ T8055] do_sendfile+0x597/0xd00 [ 211.241100][ T8055] ? do_compat_pwritev64+0x1c0/0x1c0 [ 211.246403][ T8055] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 211.251881][ T8055] __x64_sys_sendfile64+0x1dd/0x220 [ 211.257094][ T8055] ? __ia32_sys_sendfile+0x230/0x230 [ 211.262390][ T8055] ? __ia32_sys_sendfile+0x230/0x230 [ 211.267695][ T8055] do_syscall_64+0x103/0x610 [ 211.272296][ T8055] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 211.278192][ T8055] RIP: 0033:0x4582b9 [ 211.282088][ T8055] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 211.301697][ T8055] RSP: 002b:00007f6a60261c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 211.310120][ T8055] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 211.318094][ T8055] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000004 [ 211.326061][ T8055] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 211.334026][ T8055] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007f6a602626d4 [ 211.341998][ T8055] R13: 00000000004c5227 R14: 00000000004d9368 R15: 00000000ffffffff [ 211.379859][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters.