[ 35.576584][ T26] audit: type=1800 audit(1554196328.557:27): pid=7464 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 35.606095][ T26] audit: type=1800 audit(1554196328.557:28): pid=7464 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 36.408754][ T26] audit: type=1800 audit(1554196329.447:29): pid=7464 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 36.428916][ T26] audit: type=1800 audit(1554196329.447:30): pid=7464 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.153' (ECDSA) to the list of known hosts. 2019/04/02 09:12:20 fuzzer started 2019/04/02 09:12:23 dialing manager at 10.128.0.26:40131 2019/04/02 09:12:24 syscalls: 1 2019/04/02 09:12:24 code coverage: enabled 2019/04/02 09:12:24 comparison tracing: enabled 2019/04/02 09:12:24 extra coverage: extra coverage is not supported by the kernel 2019/04/02 09:12:24 setuid sandbox: enabled 2019/04/02 09:12:24 namespace sandbox: enabled 2019/04/02 09:12:24 Android sandbox: /sys/fs/selinux/policy does not exist 2019/04/02 09:12:24 fault injection: enabled 2019/04/02 09:12:24 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/04/02 09:12:24 net packet injection: enabled 2019/04/02 09:12:24 net device setup: enabled 09:12:37 executing program 0: r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(r0, 0x114, 0xa, 0x0, 0x4) syzkaller login: [ 64.343350][ T7630] IPVS: ftp: loaded support on port[0] = 21 09:12:37 executing program 1: r0 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x483, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'lblc\x00'}, 0x2c) [ 64.444773][ T7630] chnl_net:caif_netlink_parms(): no params data found [ 64.534280][ T7630] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.542009][ T7630] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.550317][ T7630] device bridge_slave_0 entered promiscuous mode [ 64.561403][ T7630] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.570524][ T7630] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.578926][ T7630] device bridge_slave_1 entered promiscuous mode [ 64.594359][ T7633] IPVS: ftp: loaded support on port[0] = 21 [ 64.620741][ T7630] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 64.650572][ T7630] bond0: Enslaving bond_slave_1 as an active interface with an up link 09:12:37 executing program 2: r0 = syz_init_net_socket$nfc_llcp(0x27, 0x5, 0x1) bind$nfc_llcp(r0, &(0x7f0000000100)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "8811e78754a539d39c2bd6a40fa8c8aa024d00000000ffffffff25fec2541e21ccf67e1d7b5510029e63000000e565aa9a9d325ebac7627ffe7a54cdbd77b3", 0x2b}, 0x60) r1 = accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000000)=0x80) getsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000180), &(0x7f00000001c0)=0x8) listen(r0, 0x0) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000300)={'security\x00'}, &(0x7f0000000380)=0x54) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={[], [], @multicast1}}, 0x1c) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f00000003c0)={r0}) sendmmsg(r2, &(0x7f00000092c0), 0x4ff, 0x0) getsockopt$nfc_llcp(r3, 0x118, 0x0, &(0x7f0000000480)=""/63, 0x3f) pipe(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_CREATE(0x0, &(0x7f0000000440)={0xf, 0x1, 0x3ff, 0x0, 0x1, r5, 0x9}, 0x2c) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000200)=@sack_info={0x0, 0xb2c, 0x9}, &(0x7f0000000240)=0xc) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000500)=@filter={'filter\x00', 0xe, 0x4, 0x618, 0x228, 0x368, 0x0, 0x0, 0x0, 0x5d8, 0x5d8, 0x5d8, 0x5d8, 0x5d8, 0x4, &(0x7f00000004c0), {[{{@ipv6={@local, @remote, [0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff], [0xffffffff, 0xff, 0xffffffff, 0xffffffff], 'gre0\x00', '\x00', {0xff}, {0xff}, 0x1d, 0x401, 0x5, 0x21}, 0x0, 0x200, 0x228, 0x0, {}, [@common=@rt={0x138, 'rt\x00', 0x0, {0x2, 0x3f, 0x4b, 0x4e8f, 0x10, 0x5, [@mcast1, @loopback, @loopback, @remote, @loopback, @local, @mcast2, @ipv4={[], [], @empty}, @mcast2, @loopback, @local, @ipv4={[], [], @local}, @empty, @ipv4={[], [], @multicast2}, @ipv4={[], [], @remote}, @mcast1], 0x6}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}, {{@ipv6={@mcast1, @loopback, [0xffffffff, 0xff0000ff, 0xff, 0xffffffff], [0xffffffff, 0xffffff00, 0xff000000, 0xffffffff], 'gretap0\x00', 'team_slave_0\x00', {}, {}, 0x2e, 0x2, 0x0, 0x20}, 0x0, 0xc8, 0xf8}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x3f66ed63, 0x730, 0x4, 0x2}}}, {{@ipv6={@loopback, @local, [0xffffffff, 0xffffffff, 0xffffffff], [0xff, 0xffffffff, 0xffffffff, 0xff], 'veth0_to_bond\x00', 'yam0\x00', {}, {0xff}, 0x7b, 0x6, 0x5, 0x9}, 0x0, 0x200, 0x228, 0x0, {}, [@common=@rt={0x138, 'rt\x00', 0x0, {0x6, 0x3, 0x3ff, 0x7, 0x20, 0x2, [@ipv4={[], [], @empty}, @local, @mcast2, @loopback, @mcast2, @remote, @mcast2, @dev={0xfe, 0x80, [], 0xd}, @mcast1, @empty, @remote, @local, @empty, @dev={0xfe, 0x80, [], 0xe}, @mcast1, @dev]}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x1}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x678) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000280)={r6, 0x5}, &(0x7f00000002c0)=0x8) accept$packet(r0, &(0x7f0000000040), &(0x7f0000001580)=0xffffff4c) [ 64.696740][ T7630] team0: Port device team_slave_0 added [ 64.718693][ T7630] team0: Port device team_slave_1 added 09:12:37 executing program 3: r0 = socket$inet6(0xa, 0x1000000000000003, 0xa) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000040)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000180)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @broadcast}}}}, 0x108) [ 64.906151][ T7630] device hsr_slave_0 entered promiscuous mode [ 64.973774][ T7630] device hsr_slave_1 entered promiscuous mode [ 65.022657][ T7630] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.029905][ T7630] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.037832][ T7630] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.044992][ T7630] bridge0: port 1(bridge_slave_0) entered forwarding state 09:12:38 executing program 4: sendmsg(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="5500000018007fafb72d1cb2a4a280930206000000a843096c2623690f00080004000c0816000b770000a3c728f1c46b7b31afdc1338d544", 0x38}], 0x1}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000080)=ANY=[@ANYBLOB="380000001e00090100000000000000000700140100000000040000000000800018000a00"], 0x1}}, 0x0) r0 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r0, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)}], 0x492492492492805, 0x0) [ 65.068711][ T7638] IPVS: ftp: loaded support on port[0] = 21 [ 65.089716][ T7633] chnl_net:caif_netlink_parms(): no params data found [ 65.099548][ T7636] IPVS: ftp: loaded support on port[0] = 21 [ 65.263482][ T7630] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.278623][ T7641] IPVS: ftp: loaded support on port[0] = 21 [ 65.335496][ T7633] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.343177][ T7633] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.351091][ T7633] device bridge_slave_0 entered promiscuous mode [ 65.363650][ T7630] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.370891][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 09:12:38 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f3188b070") r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000100)='cpuset.cpu_exclusive\x00', 0x2, 0x0) write$cgroup_subtree(r2, &(0x7f0000000080)={[{0x2b, '', 0x30}]}, 0x2) [ 65.384807][ T17] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.395084][ T17] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.404556][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 65.435816][ T7633] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.443806][ T7633] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.451679][ T7633] device bridge_slave_1 entered promiscuous mode [ 65.480798][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 65.491726][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.498905][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.506992][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 65.515470][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.522554][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.537744][ T7638] chnl_net:caif_netlink_parms(): no params data found [ 65.558472][ T7646] IPVS: ftp: loaded support on port[0] = 21 [ 65.560216][ T7630] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 65.576723][ T7630] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 65.590012][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 65.598680][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 65.607291][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 65.616004][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 65.624436][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 65.632823][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 65.641274][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 65.649614][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 65.658217][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 65.666114][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 65.680305][ T7633] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 65.722371][ T7633] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 65.762867][ T7633] team0: Port device team_slave_0 added [ 65.774536][ T7638] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.782164][ T7638] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.791210][ T7638] device bridge_slave_0 entered promiscuous mode [ 65.798999][ T7636] chnl_net:caif_netlink_parms(): no params data found [ 65.816865][ T7633] team0: Port device team_slave_1 added [ 65.840064][ T7638] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.847571][ T7638] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.855568][ T7638] device bridge_slave_1 entered promiscuous mode [ 65.874073][ T7638] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 65.914098][ T7638] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 65.937071][ T7638] team0: Port device team_slave_0 added [ 65.946944][ T7630] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.954468][ T7636] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.961577][ T7636] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.971559][ T7636] device bridge_slave_0 entered promiscuous mode [ 65.980879][ T7636] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.988525][ T7636] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.996397][ T7636] device bridge_slave_1 entered promiscuous mode [ 66.016841][ T7638] team0: Port device team_slave_1 added [ 66.040216][ T7636] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 66.104220][ T7633] device hsr_slave_0 entered promiscuous mode [ 66.142850][ T7633] device hsr_slave_1 entered promiscuous mode [ 66.198353][ T7641] chnl_net:caif_netlink_parms(): no params data found [ 66.210464][ T7636] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 66.295347][ T7638] device hsr_slave_0 entered promiscuous mode [ 66.333048][ T7638] device hsr_slave_1 entered promiscuous mode [ 66.427652][ T7646] chnl_net:caif_netlink_parms(): no params data found [ 66.466208][ T7636] team0: Port device team_slave_0 added 09:12:39 executing program 0: r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(r0, 0x114, 0xa, 0x0, 0x4) [ 66.486841][ T7638] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.493938][ T7638] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.501227][ T7638] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.508348][ T7638] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.530127][ T22] bridge0: port 1(bridge_slave_0) entered disabled state 09:12:39 executing program 0: r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(r0, 0x114, 0xa, 0x0, 0x4) [ 66.538813][ T22] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.561553][ T7636] team0: Port device team_slave_1 added 09:12:39 executing program 0: r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(r0, 0x114, 0xa, 0x0, 0x4) 09:12:39 executing program 0: r0 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x7}, 0x8) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000580)={0x0, 0x3}, 0x8) sendmsg(r0, &(0x7f000001afc8)={&(0x7f0000006000)=@in={0x2, 0x4e20, @loopback}, 0x80, &(0x7f0000007f80)=[{&(0x7f00000001c0)='*', 0x1}], 0x1}, 0x0) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000100)={0x0, 0x1f, 0x1, [0x0]}, 0xa) [ 66.635867][ T7641] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.644122][ T7641] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.652071][ T7641] device bridge_slave_0 entered promiscuous mode 09:12:39 executing program 0: r0 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x7}, 0x8) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000580)={0x0, 0x3}, 0x8) sendmsg(r0, &(0x7f000001afc8)={&(0x7f0000006000)=@in={0x2, 0x4e20, @loopback}, 0x80, &(0x7f0000007f80)=[{&(0x7f00000001c0)='*', 0x1}], 0x1}, 0x0) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000100)={0x0, 0x1f, 0x1, [0x0]}, 0xa) 09:12:39 executing program 0: r0 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x7}, 0x8) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000580)={0x0, 0x3}, 0x8) sendmsg(r0, &(0x7f000001afc8)={&(0x7f0000006000)=@in={0x2, 0x4e20, @loopback}, 0x80, &(0x7f0000007f80)=[{&(0x7f00000001c0)='*', 0x1}], 0x1}, 0x0) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000100)={0x0, 0x1f, 0x1, [0x0]}, 0xa) [ 66.705880][ T7636] device hsr_slave_0 entered promiscuous mode [ 66.742973][ T7636] device hsr_slave_1 entered promiscuous mode [ 66.792872][ T7646] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.799951][ T7646] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.808858][ T7646] device bridge_slave_0 entered promiscuous mode [ 66.817248][ T7646] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.824654][ T7646] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.832332][ T7646] device bridge_slave_1 entered promiscuous mode 09:12:39 executing program 0: r0 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x7}, 0x8) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000580)={0x0, 0x3}, 0x8) sendmsg(r0, &(0x7f000001afc8)={&(0x7f0000006000)=@in={0x2, 0x4e20, @loopback}, 0x80, &(0x7f0000007f80)=[{&(0x7f00000001c0)='*', 0x1}], 0x1}, 0x0) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000100)={0x0, 0x1f, 0x1, [0x0]}, 0xa) [ 66.853975][ T7641] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.861038][ T7641] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.885326][ T7641] device bridge_slave_1 entered promiscuous mode [ 66.910288][ T7646] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 66.954684][ T7646] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 66.975983][ T7646] team0: Port device team_slave_0 added [ 66.983254][ T7646] team0: Port device team_slave_1 added [ 67.014580][ T7641] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 67.031020][ T7638] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.054235][ T7646] device hsr_slave_0 entered promiscuous mode [ 67.093076][ T7646] device hsr_slave_1 entered promiscuous mode [ 67.135015][ T7641] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 67.159580][ T7638] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.171577][ T7633] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.182410][ T7641] team0: Port device team_slave_0 added [ 67.191244][ T7639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 67.203050][ T7639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 67.230382][ T7641] team0: Port device team_slave_1 added [ 67.237079][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 67.246427][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 67.254866][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.261900][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.269571][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 67.278180][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 67.286567][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.293739][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.301250][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 67.309825][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 67.318480][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 67.327121][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 67.336150][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 67.351047][ T7636] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.367833][ T7636] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.385506][ T7639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 67.393654][ T7639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 67.401249][ T7639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 67.409989][ T7639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 67.446156][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 67.455924][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 67.465226][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 67.473612][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 67.481765][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 67.490580][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 67.499002][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.506178][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.514305][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 67.523119][ T7633] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.541291][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 67.550266][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 67.559598][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.566702][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.574817][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 67.583537][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 67.591810][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.598893][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.606762][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 67.615531][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 67.624036][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 67.632367][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 67.645269][ T7638] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 67.704336][ T7641] device hsr_slave_0 entered promiscuous mode [ 67.722860][ T7641] device hsr_slave_1 entered promiscuous mode [ 67.784537][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 67.792380][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 67.800358][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 67.812413][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 67.821561][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 67.830292][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 67.838934][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 67.847498][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 67.856276][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.863372][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.886222][ T7646] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.899403][ T7636] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 67.910409][ T7636] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 67.935726][ T7638] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.944764][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 67.954476][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 67.963393][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 67.971960][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 67.980371][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 67.988882][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 67.997606][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 68.006370][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 68.015199][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 68.023043][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 68.058289][ T7646] 8021q: adding VLAN 0 to HW filter on device team0 [ 68.079039][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 68.099877][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 68.112226][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 68.123560][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 68.131205][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 68.139644][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 68.149324][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 68.158662][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 68.167070][ T7643] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.174163][ T7643] bridge0: port 1(bridge_slave_0) entered forwarding state [ 68.181850][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 68.190611][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 68.198993][ T7643] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.206121][ T7643] bridge0: port 2(bridge_slave_1) entered forwarding state [ 68.215600][ T7636] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 68.235159][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 68.243746][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 68.256955][ T7633] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 68.271908][ T7633] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 68.300885][ T7639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 68.314046][ T7639] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 68.322234][ T7639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 68.340928][ T7633] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 68.349044][ T7682] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7682 [ 68.358677][ T7682] caller is sk_mc_loop+0x1d/0x210 [ 68.363851][ T7682] CPU: 1 PID: 7682 Comm: syz-executor.2 Not tainted 5.1.0-rc2+ #118 [ 68.371835][ T7682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.381899][ T7682] Call Trace: [ 68.383214][ T7646] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 68.385207][ T7682] dump_stack+0x172/0x1f0 [ 68.397386][ T7646] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 68.400022][ T7682] __this_cpu_preempt_check+0x246/0x270 [ 68.416041][ T7682] sk_mc_loop+0x1d/0x210 [ 68.420387][ T7682] ip_mc_output+0x2ef/0xf70 [ 68.421773][ T7646] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 68.424993][ T7682] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 68.425010][ T7682] ? ip_append_data.part.0+0x170/0x170 [ 68.425021][ T7682] ? ip_make_skb+0x1b1/0x2c0 [ 68.425038][ T7682] ? ip_reply_glue_bits+0xc0/0xc0 [ 68.436884][ T7682] ip_local_out+0xc4/0x1b0 [ 68.436900][ T7682] ip_send_skb+0x42/0xf0 [ 68.436918][ T7682] udp_send_skb.isra.0+0x6b2/0x1180 [ 68.465788][ T7682] ? xfrm_lookup_route+0x5b/0x1f0 [ 68.470829][ T7682] udp_sendmsg+0x1dfd/0x2820 [ 68.475427][ T7682] ? __lock_acquire+0x548/0x3fb0 [ 68.480375][ T7682] ? find_held_lock+0x35/0x130 [ 68.485158][ T7682] ? ip_reply_glue_bits+0xc0/0xc0 [ 68.490201][ T7682] ? udp4_lib_lookup_skb+0x440/0x440 [ 68.495512][ T7682] ? mark_held_locks+0xa4/0xf0 [ 68.500282][ T7682] ? lockdep_hardirqs_on+0x418/0x5d0 [ 68.505563][ T7682] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 68.505581][ T7682] ? __lock_acquire+0x548/0x3fb0 [ 68.505610][ T7682] udpv6_sendmsg+0x13a4/0x28d0 [ 68.505621][ T7682] ? udpv6_sendmsg+0x13a4/0x28d0 [ 68.505639][ T7682] ? find_held_lock+0x35/0x130 [ 68.505654][ T7682] ? finish_task_switch+0x146/0x780 [ 68.505670][ T7682] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 68.505687][ T7682] ? aa_profile_af_perm+0x320/0x320 [ 68.505701][ T7682] ? __might_fault+0x12b/0x1e0 [ 68.505711][ T7682] ? find_held_lock+0x35/0x130 [ 68.521293][ T7682] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 68.521309][ T7682] ? rw_copy_check_uvector+0x2a6/0x330 [ 68.521333][ T7682] ? ___might_sleep+0x163/0x280 [ 68.530999][ T7682] ? __might_sleep+0x95/0x190 [ 68.531018][ T7682] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 68.531035][ T7682] ? aa_sk_perm+0x288/0x880 [ 68.588150][ T7682] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 68.593684][ T7682] inet_sendmsg+0x147/0x5e0 [ 68.598191][ T7682] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 68.604250][ T7682] ? inet_sendmsg+0x147/0x5e0 [ 68.608914][ T7682] ? ipip_gro_receive+0x100/0x100 [ 68.613919][ T7682] sock_sendmsg+0xdd/0x130 [ 68.618317][ T7682] ___sys_sendmsg+0x3e2/0x930 [ 68.622977][ T7682] ? copy_msghdr_from_user+0x430/0x430 [ 68.628420][ T7682] ? lock_downgrade+0x880/0x880 [ 68.633249][ T7682] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 68.639473][ T7682] ? kasan_check_read+0x11/0x20 [ 68.644311][ T7682] ? __fget+0x381/0x550 [ 68.648453][ T7682] ? ksys_dup3+0x3e0/0x3e0 [ 68.652851][ T7682] ? __lock_acquire+0x548/0x3fb0 [ 68.657782][ T7682] ? __fget_light+0x1a9/0x230 [ 68.662441][ T7682] ? __fdget+0x1b/0x20 [ 68.666511][ T7682] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 68.672736][ T7682] ? sockfd_lookup_light+0xcb/0x180 [ 68.677942][ T7682] __sys_sendmmsg+0x1bf/0x4d0 [ 68.682610][ T7682] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 68.687625][ T7682] ? _copy_to_user+0xc9/0x120 [ 68.692283][ T7682] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 68.698521][ T7682] ? put_timespec64+0xda/0x140 [ 68.703275][ T7682] ? nsecs_to_jiffies+0x30/0x30 [ 68.708126][ T7682] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 68.713654][ T7682] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 68.719095][ T7682] ? do_syscall_64+0x26/0x610 [ 68.723761][ T7682] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 68.729817][ T7682] ? do_syscall_64+0x26/0x610 [ 68.734482][ T7682] __x64_sys_sendmmsg+0x9d/0x100 [ 68.739402][ T7682] do_syscall_64+0x103/0x610 [ 68.743979][ T7682] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 68.749876][ T7682] RIP: 0033:0x458209 [ 68.753754][ T7682] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 68.773340][ T7682] RSP: 002b:00007f7426706c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 68.781732][ T7682] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000458209 [ 68.789686][ T7682] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000003 [ 68.797635][ T7682] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 68.805589][ T7682] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f74267076d4 [ 68.813635][ T7682] R13: 00000000004c5190 R14: 00000000004d92e0 R15: 00000000ffffffff [ 68.837538][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 68.851368][ T7682] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7682 [ 68.861061][ T7682] caller is sk_mc_loop+0x1d/0x210 [ 68.866158][ T7682] CPU: 0 PID: 7682 Comm: syz-executor.2 Not tainted 5.1.0-rc2+ #118 [ 68.874129][ T7682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.884190][ T7682] Call Trace: [ 68.887492][ T7682] dump_stack+0x172/0x1f0 [ 68.891844][ T7682] __this_cpu_preempt_check+0x246/0x270 [ 68.897420][ T7682] sk_mc_loop+0x1d/0x210 [ 68.901682][ T7682] ip_mc_output+0x2ef/0xf70 [ 68.906205][ T7682] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 68.911337][ T7682] ? ip_append_data.part.0+0x170/0x170 [ 68.916807][ T7682] ? ip_make_skb+0x1b1/0x2c0 [ 68.921408][ T7682] ? ip_reply_glue_bits+0xc0/0xc0 [ 68.926473][ T7682] ip_local_out+0xc4/0x1b0 [ 68.930965][ T7682] ip_send_skb+0x42/0xf0 [ 68.935199][ T7682] udp_send_skb.isra.0+0x6b2/0x1180 [ 68.940377][ T7682] ? xfrm_lookup_route+0x5b/0x1f0 [ 68.945399][ T7682] udp_sendmsg+0x1dfd/0x2820 [ 68.949994][ T7682] ? __lock_acquire+0x548/0x3fb0 [ 68.955100][ T7682] ? find_held_lock+0x35/0x130 [ 68.959850][ T7682] ? ip_reply_glue_bits+0xc0/0xc0 [ 68.964875][ T7682] ? udp4_lib_lookup_skb+0x440/0x440 [ 68.970160][ T7682] ? mark_held_locks+0xa4/0xf0 [ 68.974917][ T7682] ? lockdep_hardirqs_on+0x418/0x5d0 [ 68.980203][ T7682] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 68.985996][ T7682] ? __lock_acquire+0x548/0x3fb0 [ 68.990921][ T7682] udpv6_sendmsg+0x13a4/0x28d0 [ 68.995682][ T7682] ? udpv6_sendmsg+0x13a4/0x28d0 [ 69.000602][ T7682] ? find_held_lock+0x35/0x130 [ 69.005361][ T7682] ? finish_task_switch+0x146/0x780 [ 69.010565][ T7682] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 69.016553][ T7682] ? aa_profile_af_perm+0x320/0x320 [ 69.021774][ T7682] ? __might_fault+0x12b/0x1e0 [ 69.026626][ T7682] ? find_held_lock+0x35/0x130 [ 69.031739][ T7682] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 69.037993][ T7682] ? rw_copy_check_uvector+0x2a6/0x330 [ 69.043459][ T7682] ? ___might_sleep+0x163/0x280 [ 69.048305][ T7682] ? __might_sleep+0x95/0x190 [ 69.052985][ T7682] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 69.058610][ T7682] ? aa_sk_perm+0x288/0x880 [ 69.063114][ T7682] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 69.068654][ T7682] inet_sendmsg+0x147/0x5e0 [ 69.073154][ T7682] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 69.079139][ T7682] ? inet_sendmsg+0x147/0x5e0 [ 69.083811][ T7682] ? ipip_gro_receive+0x100/0x100 [ 69.088830][ T7682] sock_sendmsg+0xdd/0x130 [ 69.093248][ T7682] ___sys_sendmsg+0x3e2/0x930 [ 69.097919][ T7682] ? copy_msghdr_from_user+0x430/0x430 [ 69.103375][ T7682] ? __lock_acquire+0x548/0x3fb0 [ 69.113397][ T7682] ? lock_downgrade+0x880/0x880 [ 69.121944][ T7682] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 69.128189][ T7682] ? kasan_check_read+0x11/0x20 [ 69.133049][ T7682] ? __might_fault+0x12b/0x1e0 [ 69.137804][ T7682] ? find_held_lock+0x35/0x130 [ 69.142566][ T7682] ? __might_fault+0x12b/0x1e0 [ 69.147340][ T7682] ? lock_downgrade+0x880/0x880 [ 69.149518][ T7689] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7689 [ 69.152200][ T7682] ? ___might_sleep+0x163/0x280 [ 69.152226][ T7682] __sys_sendmmsg+0x1bf/0x4d0 [ 69.161595][ T7689] caller is sk_mc_loop+0x1d/0x210 [ 69.166328][ T7682] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 69.166355][ T7682] ? _copy_to_user+0xc9/0x120 [ 69.166372][ T7682] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 69.166384][ T7682] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 69.166398][ T7682] ? put_timespec64+0xda/0x140 [ 69.166409][ T7682] ? nsecs_to_jiffies+0x30/0x30 [ 69.166431][ T7682] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 69.213538][ T7682] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 69.219117][ T7682] ? do_syscall_64+0x26/0x610 [ 69.223789][ T7682] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 69.229944][ T7682] ? do_syscall_64+0x26/0x610 [ 69.234620][ T7682] __x64_sys_sendmmsg+0x9d/0x100 [ 69.239559][ T7682] do_syscall_64+0x103/0x610 [ 69.244147][ T7682] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 69.250029][ T7682] RIP: 0033:0x458209 [ 69.254003][ T7682] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 69.273598][ T7682] RSP: 002b:00007f7426706c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 69.282002][ T7682] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000458209 [ 69.289962][ T7682] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000003 [ 69.297928][ T7682] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 69.305890][ T7682] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f74267076d4 [ 69.313857][ T7682] R13: 00000000004c5190 R14: 00000000004d92e0 R15: 00000000ffffffff [ 69.322019][ T7689] CPU: 1 PID: 7689 Comm: syz-executor.2 Not tainted 5.1.0-rc2+ #118 [ 69.330012][ T7689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.332325][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 69.340060][ T7689] Call Trace: [ 69.340082][ T7689] dump_stack+0x172/0x1f0 [ 69.340101][ T7689] __this_cpu_preempt_check+0x246/0x270 [ 69.340115][ T7689] sk_mc_loop+0x1d/0x210 [ 69.340130][ T7689] ip_mc_output+0x2ef/0xf70 [ 69.340147][ T7689] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 69.340164][ T7689] ? ip_append_data.part.0+0x170/0x170 [ 69.340175][ T7689] ? ip_make_skb+0x1b1/0x2c0 [ 69.340188][ T7689] ? ip_reply_glue_bits+0xc0/0xc0 [ 69.340205][ T7689] ip_local_out+0xc4/0x1b0 [ 69.340222][ T7689] ip_send_skb+0x42/0xf0 [ 69.340237][ T7689] udp_send_skb.isra.0+0x6b2/0x1180 [ 69.340256][ T7689] ? xfrm_lookup_route+0x5b/0x1f0 [ 69.351268][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 69.351323][ T7689] udp_sendmsg+0x1dfd/0x2820 [ 69.356371][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 69.361151][ T7689] ? find_held_lock+0x35/0x130 [ 69.366065][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 69.369853][ T7689] ? ip_reply_glue_bits+0xc0/0xc0 [ 69.375589][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 69.380388][ T7689] ? udp4_lib_lookup_skb+0x440/0x440 [ 69.385728][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 69.389981][ T7689] ? kasan_check_read+0x11/0x20 [ 69.395015][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 69.398615][ T7689] ? is_bpf_text_address+0xd3/0x170 [ 69.413449][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 69.416672][ T7689] ? unwind_get_return_address+0x61/0xa0 [ 69.433017][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 69.433781][ T7689] ? __lock_acquire+0x548/0x3fb0 [ 69.471458][ T7682] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7682 [ 69.472545][ T7689] udpv6_sendmsg+0x13a4/0x28d0 [ 69.472558][ T7689] ? udpv6_sendmsg+0x13a4/0x28d0 [ 69.472576][ T7689] ? find_held_lock+0x35/0x130 [ 69.480275][ T7682] caller is sk_mc_loop+0x1d/0x210 [ 69.485449][ T7689] ? finish_task_switch+0x146/0x780 [ 69.485470][ T7689] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 69.485488][ T7689] ? aa_profile_af_perm+0x320/0x320 [ 69.485515][ T7689] ? __might_fault+0x12b/0x1e0 [ 69.560458][ T7689] ? find_held_lock+0x35/0x130 [ 69.565221][ T7689] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 69.571461][ T7689] ? rw_copy_check_uvector+0x2a6/0x330 [ 69.576920][ T7689] ? ___might_sleep+0x163/0x280 [ 69.581769][ T7689] ? __might_sleep+0x95/0x190 [ 69.586437][ T7689] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 69.592058][ T7689] ? aa_sk_perm+0x288/0x880 [ 69.596558][ T7689] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 69.602103][ T7689] inet_sendmsg+0x147/0x5e0 [ 69.606603][ T7689] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 69.612588][ T7689] ? inet_sendmsg+0x147/0x5e0 [ 69.617359][ T7689] ? ipip_gro_receive+0x100/0x100 [ 69.622389][ T7689] sock_sendmsg+0xdd/0x130 [ 69.626805][ T7689] ___sys_sendmsg+0x3e2/0x930 [ 69.631481][ T7689] ? copy_msghdr_from_user+0x430/0x430 [ 69.636957][ T7689] ? lock_downgrade+0x880/0x880 [ 69.641797][ T7689] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 69.648034][ T7689] ? kasan_check_read+0x11/0x20 [ 69.652882][ T7689] ? __fget+0x381/0x550 [ 69.657037][ T7689] ? ksys_dup3+0x3e0/0x3e0 [ 69.661452][ T7689] ? __fget_light+0x1a9/0x230 [ 69.666123][ T7689] ? __fdget+0x1b/0x20 [ 69.670182][ T7689] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 69.676428][ T7689] ? sockfd_lookup_light+0xcb/0x180 [ 69.681624][ T7689] __sys_sendmmsg+0x1bf/0x4d0 [ 69.686302][ T7689] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 69.691334][ T7689] ? _copy_to_user+0xc9/0x120 [ 69.696006][ T7689] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 69.702256][ T7689] ? put_timespec64+0xda/0x140 [ 69.707018][ T7689] ? nsecs_to_jiffies+0x30/0x30 [ 69.711870][ T7689] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 69.717319][ T7689] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 69.722770][ T7689] ? do_syscall_64+0x26/0x610 [ 69.727435][ T7689] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 69.733498][ T7689] ? do_syscall_64+0x26/0x610 [ 69.738172][ T7689] __x64_sys_sendmmsg+0x9d/0x100 [ 69.743103][ T7689] do_syscall_64+0x103/0x610 [ 69.747690][ T7689] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 69.753571][ T7689] RIP: 0033:0x458209 [ 69.757461][ T7689] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 69.777058][ T7689] RSP: 002b:00007f74266c4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 69.785458][ T7689] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000458209 [ 69.793429][ T7689] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000006 [ 69.801394][ T7689] RBP: 000000000073c040 R08: 0000000000000000 R09: 0000000000000000 [ 69.809356][ T7689] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f74266c56d4 [ 69.817324][ T7689] R13: 00000000004c5190 R14: 00000000004d92e0 R15: 00000000ffffffff [ 69.825308][ T7682] CPU: 0 PID: 7682 Comm: syz-executor.2 Not tainted 5.1.0-rc2+ #118 [ 69.833461][ T7682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.843528][ T7682] Call Trace: [ 69.845239][ T7641] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.846828][ T7682] dump_stack+0x172/0x1f0 [ 69.857728][ T7682] __this_cpu_preempt_check+0x246/0x270 [ 69.862087][ T7641] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.863300][ T7682] sk_mc_loop+0x1d/0x210 [ 69.863315][ T7682] ip_mc_output+0x2ef/0xf70 [ 69.863331][ T7682] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 69.863347][ T7682] ? ip_append_data.part.0+0x170/0x170 [ 69.863358][ T7682] ? ip_make_skb+0x1b1/0x2c0 [ 69.863371][ T7682] ? ip_reply_glue_bits+0xc0/0xc0 [ 69.863387][ T7682] ip_local_out+0xc4/0x1b0 [ 69.863402][ T7682] ip_send_skb+0x42/0xf0 [ 69.863417][ T7682] udp_send_skb.isra.0+0x6b2/0x1180 [ 69.863429][ T7682] ? xfrm_lookup_route+0x5b/0x1f0 [ 69.863447][ T7682] udp_sendmsg+0x1dfd/0x2820 [ 69.863460][ T7682] ? __lock_acquire+0x548/0x3fb0 [ 69.863471][ T7682] ? find_held_lock+0x35/0x130 [ 69.863493][ T7682] ? ip_reply_glue_bits+0xc0/0xc0 [ 69.863508][ T7682] ? udp4_lib_lookup_skb+0x440/0x440 [ 69.863530][ T7682] ? mark_held_locks+0xa4/0xf0 [ 69.863547][ T7682] ? lockdep_hardirqs_on+0x418/0x5d0 [ 69.863568][ T7682] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 69.863587][ T7682] ? __lock_acquire+0x548/0x3fb0 [ 69.863611][ T7682] udpv6_sendmsg+0x13a4/0x28d0 [ 69.863625][ T7682] ? udpv6_sendmsg+0x13a4/0x28d0 [ 69.863637][ T7682] ? find_held_lock+0x35/0x130 [ 69.863653][ T7682] ? finish_task_switch+0x146/0x780 [ 69.863674][ T7682] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 69.863695][ T7682] ? aa_profile_af_perm+0x320/0x320 [ 69.863714][ T7682] ? __might_fault+0x12b/0x1e0 [ 69.889866][ T7641] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 69.894126][ T7682] ? find_held_lock+0x35/0x130 [ 69.894143][ T7682] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 69.894159][ T7682] ? rw_copy_check_uvector+0x2a6/0x330 [ 69.894182][ T7682] ? ___might_sleep+0x163/0x280 [ 69.894200][ T7682] ? __might_sleep+0x95/0x190 [ 69.899224][ T7641] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 69.903600][ T7682] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 69.903614][ T7682] ? aa_sk_perm+0x288/0x880 [ 69.903635][ T7682] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 69.903656][ T7682] inet_sendmsg+0x147/0x5e0 [ 69.919496][ T7641] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 69.922666][ T7682] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 69.922681][ T7682] ? inet_sendmsg+0x147/0x5e0 [ 69.922695][ T7682] ? ipip_gro_receive+0x100/0x100 [ 69.922710][ T7682] sock_sendmsg+0xdd/0x130 [ 69.922730][ T7682] ___sys_sendmsg+0x3e2/0x930 [ 69.932405][ T7682] ? copy_msghdr_from_user+0x430/0x430 [ 69.941795][ T7689] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7689 [ 69.942674][ T7682] ? __lock_acquire+0x548/0x3fb0 [ 69.942686][ T7682] ? lock_downgrade+0x880/0x880 [ 69.942700][ T7682] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 69.942719][ T7682] ? kasan_check_read+0x11/0x20 [ 69.942736][ T7682] ? __might_fault+0x12b/0x1e0 [ 69.942753][ T7682] ? find_held_lock+0x35/0x130 [ 69.947504][ T7689] caller is sk_mc_loop+0x1d/0x210 [ 69.952759][ T7682] ? __might_fault+0x12b/0x1e0 [ 69.952778][ T7682] ? lock_downgrade+0x880/0x880 [ 69.952799][ T7682] ? ___might_sleep+0x163/0x280 [ 69.952814][ T7682] __sys_sendmmsg+0x1bf/0x4d0 [ 69.952834][ T7682] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 69.952860][ T7682] ? _copy_to_user+0xc9/0x120 [ 69.952883][ T7682] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 70.184306][ T7682] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 70.190538][ T7682] ? put_timespec64+0xda/0x140 [ 70.195298][ T7682] ? nsecs_to_jiffies+0x30/0x30 [ 70.200148][ T7682] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 70.205594][ T7682] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 70.211041][ T7682] ? do_syscall_64+0x26/0x610 [ 70.215705][ T7682] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 70.222615][ T7682] ? do_syscall_64+0x26/0x610 [ 70.227303][ T7682] __x64_sys_sendmmsg+0x9d/0x100 [ 70.232236][ T7682] do_syscall_64+0x103/0x610 [ 70.236820][ T7682] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 70.242962][ T7682] RIP: 0033:0x458209 [ 70.246903][ T7682] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 70.266505][ T7682] RSP: 002b:00007f7426706c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 70.274934][ T7682] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000458209 [ 70.282898][ T7682] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000003 [ 70.290866][ T7682] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 70.298829][ T7682] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f74267076d4 [ 70.306804][ T7682] R13: 00000000004c5190 R14: 00000000004d92e0 R15: 00000000ffffffff [ 70.314791][ T7689] CPU: 1 PID: 7689 Comm: syz-executor.2 Not tainted 5.1.0-rc2+ #118 [ 70.322787][ T7689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 70.331064][ T7682] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7682 [ 70.333012][ T7689] Call Trace: [ 70.333034][ T7689] dump_stack+0x172/0x1f0 [ 70.333052][ T7689] __this_cpu_preempt_check+0x246/0x270 [ 70.333071][ T7689] sk_mc_loop+0x1d/0x210 [ 70.342332][ T7682] caller is sk_mc_loop+0x1d/0x210 [ 70.345596][ T7689] ip_mc_output+0x2ef/0xf70 [ 70.345611][ T7689] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 70.345628][ T7689] ? ip_append_data.part.0+0x170/0x170 [ 70.345645][ T7689] ? ip_make_skb+0x1b1/0x2c0 [ 70.384244][ T7689] ? ip_reply_glue_bits+0xc0/0xc0 [ 70.389272][ T7689] ip_local_out+0xc4/0x1b0 [ 70.393684][ T7689] ip_send_skb+0x42/0xf0 [ 70.397920][ T7689] udp_send_skb.isra.0+0x6b2/0x1180 [ 70.403111][ T7689] ? xfrm_lookup_route+0x5b/0x1f0 [ 70.408132][ T7689] udp_sendmsg+0x1dfd/0x2820 [ 70.412708][ T7689] ? find_held_lock+0x35/0x130 [ 70.417471][ T7689] ? ip_reply_glue_bits+0xc0/0xc0 [ 70.422497][ T7689] ? udp4_lib_lookup_skb+0x440/0x440 [ 70.427778][ T7689] ? kasan_check_read+0x11/0x20 [ 70.432624][ T7689] ? is_bpf_text_address+0xd3/0x170 [ 70.437819][ T7689] ? unwind_get_return_address+0x61/0xa0 [ 70.443466][ T7689] ? __lock_acquire+0x548/0x3fb0 [ 70.448405][ T7689] udpv6_sendmsg+0x13a4/0x28d0 [ 70.453167][ T7689] ? udpv6_sendmsg+0x13a4/0x28d0 [ 70.458100][ T7689] ? find_held_lock+0x35/0x130 [ 70.462856][ T7689] ? finish_task_switch+0x146/0x780 [ 70.468059][ T7689] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 70.474039][ T7689] ? aa_profile_af_perm+0x320/0x320 [ 70.479257][ T7689] ? __might_fault+0x12b/0x1e0 [ 70.484016][ T7689] ? find_held_lock+0x35/0x130 [ 70.488787][ T7689] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 70.495035][ T7689] ? rw_copy_check_uvector+0x2a6/0x330 [ 70.500586][ T7689] ? ___might_sleep+0x163/0x280 [ 70.505461][ T7689] ? __might_sleep+0x95/0x190 [ 70.510225][ T7689] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 70.515844][ T7689] ? aa_sk_perm+0x288/0x880 [ 70.520380][ T7689] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 70.525923][ T7689] inet_sendmsg+0x147/0x5e0 [ 70.530416][ T7689] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 70.536391][ T7689] ? inet_sendmsg+0x147/0x5e0 [ 70.541330][ T7689] ? ipip_gro_receive+0x100/0x100 [ 70.546357][ T7689] sock_sendmsg+0xdd/0x130 [ 70.550766][ T7689] ___sys_sendmsg+0x3e2/0x930 [ 70.555458][ T7689] ? copy_msghdr_from_user+0x430/0x430 [ 70.560914][ T7689] ? __lock_acquire+0x548/0x3fb0 [ 70.565843][ T7689] ? lock_downgrade+0x880/0x880 [ 70.570681][ T7689] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 70.576916][ T7689] ? kasan_check_read+0x11/0x20 [ 70.581765][ T7689] ? __might_fault+0x12b/0x1e0 [ 70.586520][ T7689] ? find_held_lock+0x35/0x130 [ 70.591369][ T7689] ? __might_fault+0x12b/0x1e0 [ 70.596131][ T7689] ? lock_downgrade+0x880/0x880 [ 70.600985][ T7689] ? ___might_sleep+0x163/0x280 [ 70.605832][ T7689] __sys_sendmmsg+0x1bf/0x4d0 [ 70.610505][ T7689] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 70.615533][ T7689] ? _copy_to_user+0xc9/0x120 [ 70.620472][ T7689] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 70.626705][ T7689] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 70.632933][ T7689] ? put_timespec64+0xda/0x140 [ 70.637689][ T7689] ? nsecs_to_jiffies+0x30/0x30 [ 70.642543][ T7689] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 70.647999][ T7689] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 70.653450][ T7689] ? do_syscall_64+0x26/0x610 [ 70.658206][ T7689] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 70.664268][ T7689] ? do_syscall_64+0x26/0x610 [ 70.668951][ T7689] __x64_sys_sendmmsg+0x9d/0x100 [ 70.673882][ T7689] do_syscall_64+0x103/0x610 [ 70.678468][ T7689] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 70.684348][ T7689] RIP: 0033:0x458209 [ 70.688239][ T7689] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 70.707858][ T7689] RSP: 002b:00007f74266c4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 70.716277][ T7689] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000458209 [ 70.724245][ T7689] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000006 [ 70.732205][ T7689] RBP: 000000000073c040 R08: 0000000000000000 R09: 0000000000000000 [ 70.740184][ T7689] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f74266c56d4 [ 70.748145][ T7689] R13: 00000000004c5190 R14: 00000000004d92e0 R15: 00000000ffffffff [ 70.756137][ T7682] CPU: 0 PID: 7682 Comm: syz-executor.2 Not tainted 5.1.0-rc2+ #118 [ 70.764123][ T7682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 70.774183][ T7682] Call Trace: [ 70.777482][ T7682] dump_stack+0x172/0x1f0 [ 70.781835][ T7682] __this_cpu_preempt_check+0x246/0x270 [ 70.782622][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 70.787407][ T7682] sk_mc_loop+0x1d/0x210 [ 70.798849][ T7682] ip_mc_output+0x2ef/0xf70 [ 70.803369][ T7682] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 70.808508][ T7682] ? ip_append_data.part.0+0x170/0x170 [ 70.813985][ T7682] ? ip_make_skb+0x1b1/0x2c0 [ 70.818585][ T7682] ? ip_reply_glue_bits+0xc0/0xc0 [ 70.819025][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 70.823609][ T7682] ip_local_out+0xc4/0x1b0 [ 70.823625][ T7682] ip_send_skb+0x42/0xf0 [ 70.823639][ T7682] udp_send_skb.isra.0+0x6b2/0x1180 [ 70.823652][ T7682] ? xfrm_lookup_route+0x5b/0x1f0 [ 70.823670][ T7682] udp_sendmsg+0x1dfd/0x2820 [ 70.823688][ T7682] ? __lock_acquire+0x548/0x3fb0 [ 70.841384][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 70.844722][ T7682] ? find_held_lock+0x35/0x130 [ 70.844742][ T7682] ? ip_reply_glue_bits+0xc0/0xc0 [ 70.844761][ T7682] ? udp4_lib_lookup_skb+0x440/0x440 [ 70.844781][ T7682] ? mark_held_locks+0xa4/0xf0 [ 70.844801][ T7682] ? lockdep_hardirqs_on+0x418/0x5d0 [ 70.844822][ T7682] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 70.850386][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 70.854410][ T7682] ? __lock_acquire+0x548/0x3fb0 [ 70.854434][ T7682] udpv6_sendmsg+0x13a4/0x28d0 [ 70.854447][ T7682] ? udpv6_sendmsg+0x13a4/0x28d0 [ 70.854458][ T7682] ? find_held_lock+0x35/0x130 [ 70.854473][ T7682] ? finish_task_switch+0x146/0x780 [ 70.854494][ T7682] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 70.854515][ T7682] ? aa_profile_af_perm+0x320/0x320 [ 70.854531][ T7682] ? __might_fault+0x12b/0x1e0 [ 70.854542][ T7682] ? find_held_lock+0x35/0x130 [ 70.854562][ T7682] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 70.864657][ T7643] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.867534][ T7682] ? rw_copy_check_uvector+0x2a6/0x330 [ 70.867559][ T7682] ? ___might_sleep+0x163/0x280 [ 70.872332][ T7643] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.877324][ T7682] ? __might_sleep+0x95/0x190 [ 70.877340][ T7682] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 70.877352][ T7682] ? aa_sk_perm+0x288/0x880 [ 70.877374][ T7682] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 70.889068][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 70.892660][ T7682] inet_sendmsg+0x147/0x5e0 [ 70.892676][ T7682] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 70.892688][ T7682] ? inet_sendmsg+0x147/0x5e0 [ 70.892702][ T7682] ? ipip_gro_receive+0x100/0x100 [ 70.892717][ T7682] sock_sendmsg+0xdd/0x130 [ 70.892734][ T7682] ___sys_sendmsg+0x3e2/0x930 [ 70.892751][ T7682] ? copy_msghdr_from_user+0x430/0x430 [ 70.892769][ T7682] ? __lock_acquire+0x548/0x3fb0 [ 70.892781][ T7682] ? lock_downgrade+0x880/0x880 [ 70.892799][ T7682] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 70.892817][ T7682] ? kasan_check_read+0x11/0x20 [ 70.892837][ T7682] ? __might_fault+0x12b/0x1e0 [ 70.892850][ T7682] ? find_held_lock+0x35/0x130 [ 70.892864][ T7682] ? __might_fault+0x12b/0x1e0 [ 70.892882][ T7682] ? lock_downgrade+0x880/0x880 [ 70.892902][ T7682] ? ___might_sleep+0x163/0x280 [ 70.892916][ T7682] __sys_sendmmsg+0x1bf/0x4d0 [ 70.892934][ T7682] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 70.892959][ T7682] ? _copy_to_user+0xc9/0x120 [ 70.892974][ T7682] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 70.892985][ T7682] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 70.892998][ T7682] ? put_timespec64+0xda/0x140 [ 70.893011][ T7682] ? nsecs_to_jiffies+0x30/0x30 [ 70.893034][ T7682] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 70.893047][ T7682] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 70.893059][ T7682] ? do_syscall_64+0x26/0x610 [ 70.893072][ T7682] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 70.893084][ T7682] ? do_syscall_64+0x26/0x610 [ 70.893103][ T7682] __x64_sys_sendmmsg+0x9d/0x100 [ 70.893125][ T7682] do_syscall_64+0x103/0x610 [ 70.899655][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 70.906881][ T7682] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 70.906893][ T7682] RIP: 0033:0x458209 [ 70.906907][ T7682] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 70.906913][ T7682] RSP: 002b:00007f7426706c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 70.906925][ T7682] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000458209 [ 70.906932][ T7682] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000003 [ 70.906939][ T7682] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 70.906946][ T7682] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f74267076d4 09:12:44 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f3188b070") r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000100)='cpuset.cpu_exclusive\x00', 0x2, 0x0) write$cgroup_subtree(r2, &(0x7f0000000080)={[{0x2b, '', 0x30}]}, 0x2) [ 70.906954][ T7682] R13: 00000000004c5190 R14: 00000000004d92e0 R15: 00000000ffffffff [ 70.927283][ T7682] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7682 [ 70.937947][ T7682] caller is sk_mc_loop+0x1d/0x210 [ 70.958866][ T7682] CPU: 0 PID: 7682 Comm: syz-executor.2 Not tainted 5.1.0-rc2+ #118 [ 70.971757][ T7682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 70.971768][ T7682] Call Trace: [ 70.978822][ T7643] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.983797][ T7682] dump_stack+0x172/0x1f0 [ 70.983817][ T7682] __this_cpu_preempt_check+0x246/0x270 [ 70.983836][ T7682] sk_mc_loop+0x1d/0x210 [ 70.988506][ T7643] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.994102][ T7682] ip_mc_output+0x2ef/0xf70 [ 70.994120][ T7682] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 70.994141][ T7682] ? ip_append_data.part.0+0x170/0x170 [ 71.012191][ T7682] ? ip_make_skb+0x1b1/0x2c0 [ 71.034471][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 71.036718][ T7682] ? ip_reply_glue_bits+0xc0/0xc0 [ 71.049398][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 71.051747][ T7682] ip_local_out+0xc4/0x1b0 [ 71.051769][ T7682] ip_send_skb+0x42/0xf0 [ 71.061342][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 71.062834][ T7682] udp_send_skb.isra.0+0x6b2/0x1180 [ 71.062848][ T7682] ? xfrm_lookup_route+0x5b/0x1f0 [ 71.062867][ T7682] udp_sendmsg+0x1dfd/0x2820 [ 71.062881][ T7682] ? __lock_acquire+0x548/0x3fb0 [ 71.062892][ T7682] ? find_held_lock+0x35/0x130 [ 71.062909][ T7682] ? ip_reply_glue_bits+0xc0/0xc0 [ 71.062929][ T7682] ? udp4_lib_lookup_skb+0x440/0x440 [ 71.071565][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 71.072521][ T7682] ? mark_held_locks+0xa4/0xf0 [ 71.072538][ T7682] ? lockdep_hardirqs_on+0x418/0x5d0 [ 71.072557][ T7682] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 71.072575][ T7682] ? __lock_acquire+0x548/0x3fb0 [ 71.072597][ T7682] udpv6_sendmsg+0x13a4/0x28d0 [ 71.072613][ T7682] ? udpv6_sendmsg+0x13a4/0x28d0 [ 71.079655][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 71.082113][ T7682] ? find_held_lock+0x35/0x130 [ 71.082131][ T7682] ? finish_task_switch+0x146/0x780 [ 71.082152][ T7682] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 71.090880][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 71.091818][ T7682] ? aa_profile_af_perm+0x320/0x320 [ 71.091840][ T7682] ? __might_fault+0x12b/0x1e0 [ 71.098793][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 71.101501][ T7682] ? find_held_lock+0x35/0x130 [ 71.101517][ T7682] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 71.101538][ T7682] ? rw_copy_check_uvector+0x2a6/0x330 [ 71.118777][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 71.118843][ T7682] ? ___might_sleep+0x163/0x280 [ 71.128546][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 71.134328][ T7682] ? __might_sleep+0x95/0x190 [ 71.134347][ T7682] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 71.134360][ T7682] ? aa_sk_perm+0x288/0x880 [ 71.134388][ T7682] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 71.134410][ T7682] inet_sendmsg+0x147/0x5e0 [ 71.134424][ T7682] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 71.134436][ T7682] ? inet_sendmsg+0x147/0x5e0 [ 71.134450][ T7682] ? ipip_gro_receive+0x100/0x100 [ 71.134466][ T7682] sock_sendmsg+0xdd/0x130 [ 71.134480][ T7682] ___sys_sendmsg+0x3e2/0x930 [ 71.134495][ T7682] ? copy_msghdr_from_user+0x430/0x430 [ 71.134509][ T7682] ? __lock_acquire+0x548/0x3fb0 [ 71.134521][ T7682] ? lock_downgrade+0x880/0x880 [ 71.134536][ T7682] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 71.134554][ T7682] ? kasan_check_read+0x11/0x20 [ 71.134573][ T7682] ? __might_fault+0x12b/0x1e0 [ 71.134587][ T7682] ? find_held_lock+0x35/0x130 [ 71.134600][ T7682] ? __might_fault+0x12b/0x1e0 [ 71.134625][ T7682] ? lock_downgrade+0x880/0x880 [ 71.146388][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 71.150845][ T7682] ? ___might_sleep+0x163/0x280 [ 71.150866][ T7682] __sys_sendmmsg+0x1bf/0x4d0 [ 71.150886][ T7682] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 71.158648][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 71.160482][ T7682] ? _copy_to_user+0xc9/0x120 [ 71.160501][ T7682] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 71.160518][ T7682] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 71.169413][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 71.173062][ T7682] ? put_timespec64+0xda/0x140 [ 71.173078][ T7682] ? nsecs_to_jiffies+0x30/0x30 [ 71.173102][ T7682] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 71.173116][ T7682] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 71.173130][ T7682] ? do_syscall_64+0x26/0x610 [ 71.173144][ T7682] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 71.173157][ T7682] ? do_syscall_64+0x26/0x610 [ 71.173178][ T7682] __x64_sys_sendmmsg+0x9d/0x100 [ 71.173194][ T7682] do_syscall_64+0x103/0x610 [ 71.173209][ T7682] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 71.173227][ T7682] RIP: 0033:0x458209 [ 71.182126][ T7643] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 71.182989][ T7682] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 71.182996][ T7682] RSP: 002b:00007f7426706c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 71.183010][ T7682] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000458209 [ 71.183018][ T7682] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000003 [ 71.183024][ T7682] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 71.183033][ T7682] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f74267076d4 [ 71.183041][ T7682] R13: 00000000004c5190 R14: 00000000004d92e0 R15: 00000000ffffffff [ 71.303064][ T7682] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7682 [ 71.326735][ T7682] caller is sk_mc_loop+0x1d/0x210 [ 71.326756][ T7682] CPU: 1 PID: 7682 Comm: syz-executor.2 Not tainted 5.1.0-rc2+ #118 [ 71.355528][ T7689] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7689 [ 71.357924][ T7682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 71.357929][ T7682] Call Trace: [ 71.357952][ T7682] dump_stack+0x172/0x1f0 [ 71.357971][ T7682] __this_cpu_preempt_check+0x246/0x270 [ 71.357990][ T7682] sk_mc_loop+0x1d/0x210 [ 71.362393][ T7689] caller is sk_mc_loop+0x1d/0x210 [ 71.366609][ T7682] ip_mc_output+0x2ef/0xf70 [ 71.366625][ T7682] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 71.366641][ T7682] ? ip_append_data.part.0+0x170/0x170 [ 71.366656][ T7682] ? ip_make_skb+0x1b1/0x2c0 [ 71.905709][ T7682] ? ip_reply_glue_bits+0xc0/0xc0 [ 71.910835][ T7682] ip_local_out+0xc4/0x1b0 [ 71.915250][ T7682] ip_send_skb+0x42/0xf0 [ 71.919489][ T7682] udp_send_skb.isra.0+0x6b2/0x1180 [ 71.924682][ T7682] ? xfrm_lookup_route+0x5b/0x1f0 [ 71.929713][ T7682] udp_sendmsg+0x1dfd/0x2820 [ 71.934314][ T7682] ? __lock_acquire+0x548/0x3fb0 [ 71.939245][ T7682] ? find_held_lock+0x35/0x130 [ 71.944027][ T7682] ? ip_reply_glue_bits+0xc0/0xc0 [ 71.949064][ T7682] ? udp4_lib_lookup_skb+0x440/0x440 [ 71.954360][ T7682] ? mark_held_locks+0xa4/0xf0 [ 71.959139][ T7682] ? lockdep_hardirqs_on+0x418/0x5d0 [ 71.964427][ T7682] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 71.970330][ T7682] ? __lock_acquire+0x548/0x3fb0 [ 71.975272][ T7682] udpv6_sendmsg+0x13a4/0x28d0 [ 71.980033][ T7682] ? udpv6_sendmsg+0x13a4/0x28d0 [ 71.984963][ T7682] ? find_held_lock+0x35/0x130 [ 71.989722][ T7682] ? finish_task_switch+0x146/0x780 [ 71.994921][ T7682] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 72.000901][ T7682] ? aa_profile_af_perm+0x320/0x320 [ 72.006114][ T7682] ? __might_fault+0x12b/0x1e0 [ 72.010874][ T7682] ? find_held_lock+0x35/0x130 [ 72.015633][ T7682] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 72.021880][ T7682] ? rw_copy_check_uvector+0x2a6/0x330 [ 72.027344][ T7682] ? ___might_sleep+0x163/0x280 [ 72.032193][ T7682] ? __might_sleep+0x95/0x190 [ 72.036955][ T7682] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 72.042575][ T7682] ? aa_sk_perm+0x288/0x880 [ 72.047081][ T7682] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 72.053724][ T7682] inet_sendmsg+0x147/0x5e0 [ 72.058230][ T7682] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 72.064205][ T7682] ? inet_sendmsg+0x147/0x5e0 [ 72.068879][ T7682] ? ipip_gro_receive+0x100/0x100 [ 72.073900][ T7682] sock_sendmsg+0xdd/0x130 [ 72.078318][ T7682] ___sys_sendmsg+0x3e2/0x930 [ 72.082992][ T7682] ? copy_msghdr_from_user+0x430/0x430 [ 72.088450][ T7682] ? __lock_acquire+0x548/0x3fb0 [ 72.093383][ T7682] ? lock_downgrade+0x880/0x880 [ 72.098225][ T7682] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 72.104482][ T7682] ? kasan_check_read+0x11/0x20 [ 72.109347][ T7682] ? __might_fault+0x12b/0x1e0 [ 72.114105][ T7682] ? find_held_lock+0x35/0x130 [ 72.118867][ T7682] ? __might_fault+0x12b/0x1e0 [ 72.123633][ T7682] ? lock_downgrade+0x880/0x880 [ 72.128490][ T7682] ? ___might_sleep+0x163/0x280 [ 72.133339][ T7682] __sys_sendmmsg+0x1bf/0x4d0 [ 72.138017][ T7682] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 72.143046][ T7682] ? _copy_to_user+0xc9/0x120 [ 72.147724][ T7682] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 72.154572][ T7682] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 72.160810][ T7682] ? put_timespec64+0xda/0x140 [ 72.165567][ T7682] ? nsecs_to_jiffies+0x30/0x30 [ 72.170680][ T7682] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 72.176134][ T7682] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 72.181589][ T7682] ? do_syscall_64+0x26/0x610 [ 72.186263][ T7682] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 72.192334][ T7682] ? do_syscall_64+0x26/0x610 [ 72.197011][ T7682] __x64_sys_sendmmsg+0x9d/0x100 [ 72.201943][ T7682] do_syscall_64+0x103/0x610 [ 72.206532][ T7682] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 72.212427][ T7682] RIP: 0033:0x458209 [ 72.217818][ T7682] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 72.237425][ T7682] RSP: 002b:00007f7426706c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 72.245828][ T7682] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000458209 [ 72.253799][ T7682] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000003 [ 72.261764][ T7682] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 72.269735][ T7682] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f74267076d4 [ 72.277699][ T7682] R13: 00000000004c5190 R14: 00000000004d92e0 R15: 00000000ffffffff [ 72.285692][ T7689] CPU: 0 PID: 7689 Comm: syz-executor.2 Not tainted 5.1.0-rc2+ #118 [ 72.288766][ T7693] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 72.293667][ T7689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 72.293673][ T7689] Call Trace: [ 72.293699][ T7689] dump_stack+0x172/0x1f0 [ 72.293720][ T7689] __this_cpu_preempt_check+0x246/0x270 [ 72.293741][ T7689] sk_mc_loop+0x1d/0x210 [ 72.317136][ T7682] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7682 [ 72.319547][ T7689] ip_mc_output+0x2ef/0xf70 [ 72.319565][ T7689] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 72.319583][ T7689] ? ip_append_data.part.0+0x170/0x170 [ 72.325179][ T7682] caller is sk_mc_loop+0x1d/0x210 [ 72.329353][ T7689] ? ip_make_skb+0x1b1/0x2c0 [ 72.363309][ T7689] ? ip_reply_glue_bits+0xc0/0xc0 [ 72.368340][ T7689] ip_local_out+0xc4/0x1b0 [ 72.372764][ T7689] ip_send_skb+0x42/0xf0 [ 72.377002][ T7689] udp_send_skb.isra.0+0x6b2/0x1180 [ 72.382289][ T7689] ? xfrm_lookup_route+0x5b/0x1f0 [ 72.387332][ T7689] udp_sendmsg+0x1dfd/0x2820 [ 72.391915][ T7689] ? find_held_lock+0x35/0x130 [ 72.396680][ T7689] ? ip_reply_glue_bits+0xc0/0xc0 [ 72.401704][ T7689] ? udp4_lib_lookup_skb+0x440/0x440 [ 72.406991][ T7689] ? kasan_check_read+0x11/0x20 [ 72.411845][ T7689] ? is_bpf_text_address+0xd3/0x170 [ 72.417051][ T7689] ? unwind_get_return_address+0x61/0xa0 [ 72.422731][ T7689] ? __lock_acquire+0x548/0x3fb0 [ 72.427673][ T7689] udpv6_sendmsg+0x13a4/0x28d0 [ 72.432428][ T7689] ? udpv6_sendmsg+0x13a4/0x28d0 [ 72.437354][ T7689] ? find_held_lock+0x35/0x130 [ 72.442114][ T7689] ? finish_task_switch+0x146/0x780 [ 72.447316][ T7689] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 72.453304][ T7689] ? aa_profile_af_perm+0x320/0x320 [ 72.458508][ T7689] ? __might_fault+0x12b/0x1e0 [ 72.463275][ T7689] ? find_held_lock+0x35/0x130 [ 72.468039][ T7689] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 72.474295][ T7689] ? rw_copy_check_uvector+0x2a6/0x330 [ 72.479764][ T7689] ? ___might_sleep+0x163/0x280 [ 72.484627][ T7689] ? __might_sleep+0x95/0x190 [ 72.489325][ T7689] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 72.494953][ T7689] ? aa_sk_perm+0x288/0x880 [ 72.499462][ T7689] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 72.505095][ T7689] inet_sendmsg+0x147/0x5e0 [ 72.509598][ T7689] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 72.515574][ T7689] ? inet_sendmsg+0x147/0x5e0 [ 72.520247][ T7689] ? ipip_gro_receive+0x100/0x100 [ 72.525281][ T7689] sock_sendmsg+0xdd/0x130 [ 72.529708][ T7689] ___sys_sendmsg+0x3e2/0x930 [ 72.534382][ T7689] ? copy_msghdr_from_user+0x430/0x430 [ 72.539843][ T7689] ? __lock_acquire+0x548/0x3fb0 [ 72.544787][ T7689] ? lock_downgrade+0x880/0x880 [ 72.549636][ T7689] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 72.555877][ T7689] ? kasan_check_read+0x11/0x20 [ 72.560727][ T7689] ? __might_fault+0x12b/0x1e0 [ 72.565486][ T7689] ? find_held_lock+0x35/0x130 [ 72.570267][ T7689] ? __might_fault+0x12b/0x1e0 [ 72.575204][ T7689] ? lock_downgrade+0x880/0x880 [ 72.580060][ T7689] ? ___might_sleep+0x163/0x280 [ 72.584909][ T7689] __sys_sendmmsg+0x1bf/0x4d0 [ 72.589606][ T7689] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 72.594641][ T7689] ? _copy_to_user+0xc9/0x120 [ 72.599406][ T7689] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 72.605640][ T7689] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 72.611884][ T7689] ? put_timespec64+0xda/0x140 [ 72.616644][ T7689] ? nsecs_to_jiffies+0x30/0x30 [ 72.621593][ T7689] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 72.627141][ T7689] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 72.632598][ T7689] ? do_syscall_64+0x26/0x610 [ 72.637279][ T7689] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 72.643340][ T7689] ? do_syscall_64+0x26/0x610 [ 72.648026][ T7689] __x64_sys_sendmmsg+0x9d/0x100 [ 72.652982][ T7689] do_syscall_64+0x103/0x610 [ 72.657572][ T7689] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 72.663546][ T7689] RIP: 0033:0x458209 [ 72.667434][ T7689] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 72.687038][ T7689] RSP: 002b:00007f74266c4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 72.695441][ T7689] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000458209 [ 72.703409][ T7689] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000006 [ 72.711374][ T7689] RBP: 000000000073c040 R08: 0000000000000000 R09: 0000000000000000 [ 72.719339][ T7689] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f74266c56d4 [ 72.727300][ T7689] R13: 00000000004c5190 R14: 00000000004d92e0 R15: 00000000ffffffff [ 72.735293][ T7682] CPU: 1 PID: 7682 Comm: syz-executor.2 Not tainted 5.1.0-rc2+ #118 [ 72.743284][ T7682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 72.753349][ T7682] Call Trace: [ 72.756651][ T7682] dump_stack+0x172/0x1f0 [ 72.761008][ T7682] __this_cpu_preempt_check+0x246/0x270 [ 72.766566][ T7682] sk_mc_loop+0x1d/0x210 [ 72.770815][ T7682] ip_mc_output+0x2ef/0xf70 [ 72.775327][ T7682] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 72.780450][ T7682] ? ip_append_data.part.0+0x170/0x170 [ 72.785914][ T7682] ? ip_make_skb+0x1b1/0x2c0 [ 72.790516][ T7682] ? ip_reply_glue_bits+0xc0/0xc0 [ 72.795555][ T7682] ip_local_out+0xc4/0x1b0 [ 72.799980][ T7682] ip_send_skb+0x42/0xf0 [ 72.804246][ T7682] udp_send_skb.isra.0+0x6b2/0x1180 [ 72.809457][ T7682] ? xfrm_lookup_route+0x5b/0x1f0 [ 72.814498][ T7682] udp_sendmsg+0x1dfd/0x2820 [ 72.819097][ T7682] ? __lock_acquire+0x548/0x3fb0 [ 72.824045][ T7682] ? find_held_lock+0x35/0x130 [ 72.828825][ T7682] ? ip_reply_glue_bits+0xc0/0xc0 [ 72.833861][ T7682] ? udp4_lib_lookup_skb+0x440/0x440 [ 72.839168][ T7682] ? mark_held_locks+0xa4/0xf0 [ 72.843945][ T7682] ? lockdep_hardirqs_on+0x418/0x5d0 [ 72.849253][ T7682] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 72.855073][ T7682] ? __lock_acquire+0x548/0x3fb0 [ 72.860025][ T7682] udpv6_sendmsg+0x13a4/0x28d0 [ 72.864796][ T7682] ? udpv6_sendmsg+0x13a4/0x28d0 [ 72.869742][ T7682] ? find_held_lock+0x35/0x130 [ 72.874538][ T7682] ? finish_task_switch+0x146/0x780 [ 72.879750][ T7682] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 72.885742][ T7682] ? aa_profile_af_perm+0x320/0x320 [ 72.890951][ T7682] ? __might_fault+0x12b/0x1e0 [ 72.895719][ T7682] ? find_held_lock+0x35/0x130 [ 72.900490][ T7682] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 72.906715][ T7682] ? rw_copy_check_uvector+0x2a6/0x330 [ 72.912167][ T7682] ? ___might_sleep+0x163/0x280 [ 72.917029][ T7682] ? __might_sleep+0x95/0x190 [ 72.921691][ T7682] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 72.927313][ T7682] ? aa_sk_perm+0x288/0x880 [ 72.931804][ T7682] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 72.937338][ T7682] inet_sendmsg+0x147/0x5e0 [ 72.941826][ T7682] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 72.947789][ T7682] ? inet_sendmsg+0x147/0x5e0 [ 72.952456][ T7682] ? ipip_gro_receive+0x100/0x100 [ 72.957483][ T7682] sock_sendmsg+0xdd/0x130 [ 72.961894][ T7682] ___sys_sendmsg+0x3e2/0x930 [ 72.966559][ T7682] ? copy_msghdr_from_user+0x430/0x430 [ 72.972009][ T7682] ? __lock_acquire+0x548/0x3fb0 [ 72.976932][ T7682] ? lock_downgrade+0x880/0x880 [ 72.981767][ T7682] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 72.988010][ T7682] ? kasan_check_read+0x11/0x20 [ 72.992860][ T7682] ? __might_fault+0x12b/0x1e0 [ 72.997605][ T7682] ? find_held_lock+0x35/0x130 [ 73.002354][ T7682] ? __might_fault+0x12b/0x1e0 [ 73.007106][ T7682] ? lock_downgrade+0x880/0x880 [ 73.011948][ T7682] ? ___might_sleep+0x163/0x280 [ 73.016876][ T7682] __sys_sendmmsg+0x1bf/0x4d0 [ 73.021544][ T7682] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 73.026563][ T7682] ? _copy_to_user+0xc9/0x120 [ 73.031322][ T7682] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 73.037546][ T7682] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 73.043780][ T7682] ? put_timespec64+0xda/0x140 [ 73.048541][ T7682] ? nsecs_to_jiffies+0x30/0x30 [ 73.053382][ T7682] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 73.058824][ T7682] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 73.064267][ T7682] ? do_syscall_64+0x26/0x610 [ 73.068934][ T7682] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 73.074989][ T7682] ? do_syscall_64+0x26/0x610 [ 73.079655][ T7682] __x64_sys_sendmmsg+0x9d/0x100 [ 73.084580][ T7682] do_syscall_64+0x103/0x610 [ 73.089164][ T7682] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 73.095038][ T7682] RIP: 0033:0x458209 [ 73.098916][ T7682] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 73.118506][ T7682] RSP: 002b:00007f7426706c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 73.126908][ T7682] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000458209 [ 73.134865][ T7682] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000003 [ 73.142930][ T7682] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 73.150895][ T7682] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f74267076d4 [ 73.159034][ T7682] R13: 00000000004c5190 R14: 00000000004d92e0 R15: 00000000ffffffff 09:12:46 executing program 2: r0 = syz_init_net_socket$nfc_llcp(0x27, 0x5, 0x1) bind$nfc_llcp(r0, &(0x7f0000000100)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "8811e78754a539d39c2bd6a40fa8c8aa024d00000000ffffffff25fec2541e21ccf67e1d7b5510029e63000000e565aa9a9d325ebac7627ffe7a54cdbd77b3", 0x2b}, 0x60) r1 = accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000000)=0x80) getsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000180), &(0x7f00000001c0)=0x8) listen(r0, 0x0) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000300)={'security\x00'}, &(0x7f0000000380)=0x54) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={[], [], @multicast1}}, 0x1c) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f00000003c0)={r0}) sendmmsg(r2, &(0x7f00000092c0), 0x4ff, 0x0) getsockopt$nfc_llcp(r3, 0x118, 0x0, &(0x7f0000000480)=""/63, 0x3f) pipe(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_CREATE(0x0, &(0x7f0000000440)={0xf, 0x1, 0x3ff, 0x0, 0x1, r5, 0x9}, 0x2c) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000200)=@sack_info={0x0, 0xb2c, 0x9}, &(0x7f0000000240)=0xc) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000500)=@filter={'filter\x00', 0xe, 0x4, 0x618, 0x228, 0x368, 0x0, 0x0, 0x0, 0x5d8, 0x5d8, 0x5d8, 0x5d8, 0x5d8, 0x4, &(0x7f00000004c0), {[{{@ipv6={@local, @remote, [0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff], [0xffffffff, 0xff, 0xffffffff, 0xffffffff], 'gre0\x00', '\x00', {0xff}, {0xff}, 0x1d, 0x401, 0x5, 0x21}, 0x0, 0x200, 0x228, 0x0, {}, [@common=@rt={0x138, 'rt\x00', 0x0, {0x2, 0x3f, 0x4b, 0x4e8f, 0x10, 0x5, [@mcast1, @loopback, @loopback, @remote, @loopback, @local, @mcast2, @ipv4={[], [], @empty}, @mcast2, @loopback, @local, @ipv4={[], [], @local}, @empty, @ipv4={[], [], @multicast2}, @ipv4={[], [], @remote}, @mcast1], 0x6}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}, {{@ipv6={@mcast1, @loopback, [0xffffffff, 0xff0000ff, 0xff, 0xffffffff], [0xffffffff, 0xffffff00, 0xff000000, 0xffffffff], 'gretap0\x00', 'team_slave_0\x00', {}, {}, 0x2e, 0x2, 0x0, 0x20}, 0x0, 0xc8, 0xf8}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x3f66ed63, 0x730, 0x4, 0x2}}}, {{@ipv6={@loopback, @local, [0xffffffff, 0xffffffff, 0xffffffff], [0xff, 0xffffffff, 0xffffffff, 0xff], 'veth0_to_bond\x00', 'yam0\x00', {}, {0xff}, 0x7b, 0x6, 0x5, 0x9}, 0x0, 0x200, 0x228, 0x0, {}, [@common=@rt={0x138, 'rt\x00', 0x0, {0x6, 0x3, 0x3ff, 0x7, 0x20, 0x2, [@ipv4={[], [], @empty}, @local, @mcast2, @loopback, @mcast2, @remote, @mcast2, @dev={0xfe, 0x80, [], 0xd}, @mcast1, @empty, @remote, @local, @empty, @dev={0xfe, 0x80, [], 0xe}, @mcast1, @dev]}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x1}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x678) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000280)={r6, 0x5}, &(0x7f00000002c0)=0x8) accept$packet(r0, &(0x7f0000000040), &(0x7f0000001580)=0xffffff4c) 09:12:46 executing program 0: r0 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x7}, 0x8) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000580)={0x0, 0x3}, 0x8) sendmsg(r0, &(0x7f000001afc8)={&(0x7f0000006000)=@in={0x2, 0x4e20, @loopback}, 0x80, &(0x7f0000007f80)=[{&(0x7f00000001c0)='*', 0x1}], 0x1}, 0x0) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000100)={0x0, 0x1f, 0x1, [0x0]}, 0xa) 09:12:46 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f3188b070") r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000100)='cpuset.cpu_exclusive\x00', 0x2, 0x0) write$cgroup_subtree(r2, &(0x7f0000000080)={[{0x2b, '', 0x30}]}, 0x2) 09:12:46 executing program 3: r0 = socket$inet6(0xa, 0x1000000000000003, 0xa) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000040)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000180)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @broadcast}}}}, 0x108) 09:12:46 executing program 4: sendmsg(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="5500000018007fafb72d1cb2a4a280930206000000a843096c2623690f00080004000c0816000b770000a3c728f1c46b7b31afdc1338d544", 0x38}], 0x1}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000080)=ANY=[@ANYBLOB="380000001e00090100000000000000000700140100000000040000000000800018000a00"], 0x1}}, 0x0) r0 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r0, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)}], 0x492492492492805, 0x0) 09:12:46 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f3188b070") r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000100)='cpuset.cpu_exclusive\x00', 0x2, 0x0) write$cgroup_subtree(r2, &(0x7f0000000080)={[{0x2b, '', 0x30}]}, 0x2) 09:12:46 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f3188b070") r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000100)='cpuset.cpu_exclusive\x00', 0x2, 0x0) write$cgroup_subtree(r2, &(0x7f0000000080)={[{0x2b, '', 0x30}]}, 0x2) [ 73.367723][ T7709] netlink: 'syz-executor.4': attribute type 10 has an invalid length. 09:12:46 executing program 4: sendmsg(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="5500000018007fafb72d1cb2a4a280930206000000a843096c2623690f00080004000c0816000b770000a3c728f1c46b7b31afdc1338d544", 0x38}], 0x1}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000080)=ANY=[@ANYBLOB="380000001e00090100000000000000000700140100000000040000000000800018000a00"], 0x1}}, 0x0) r0 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r0, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)}], 0x492492492492805, 0x0) 09:12:46 executing program 3: r0 = socket$inet6(0xa, 0x1000000000000003, 0xa) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000040)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000180)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @broadcast}}}}, 0x108) 09:12:46 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f3188b070") r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000100)='cpuset.cpu_exclusive\x00', 0x2, 0x0) write$cgroup_subtree(r2, &(0x7f0000000080)={[{0x2b, '', 0x30}]}, 0x2) [ 73.465929][ T7718] check_preemption_disabled: 2038 callbacks suppressed [ 73.465944][ T7718] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7718 [ 73.482309][ T7718] caller is sk_mc_loop+0x1d/0x210 [ 73.487396][ T7718] CPU: 0 PID: 7718 Comm: syz-executor.2 Not tainted 5.1.0-rc2+ #118 [ 73.495473][ T7718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 73.505623][ T7718] Call Trace: [ 73.508938][ T7718] dump_stack+0x172/0x1f0 [ 73.513290][ T7718] __this_cpu_preempt_check+0x246/0x270 [ 73.518828][ T7718] sk_mc_loop+0x1d/0x210 [ 73.523067][ T7718] ip_mc_output+0x2ef/0xf70 [ 73.527564][ T7718] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 73.532677][ T7718] ? ip_append_data.part.0+0x170/0x170 [ 73.538127][ T7718] ? ip_make_skb+0x1b1/0x2c0 [ 73.542709][ T7718] ? ip_reply_glue_bits+0xc0/0xc0 [ 73.547732][ T7718] ip_local_out+0xc4/0x1b0 [ 73.552133][ T7718] ip_send_skb+0x42/0xf0 [ 73.556377][ T7718] udp_send_skb.isra.0+0x6b2/0x1180 [ 73.561560][ T7718] ? xfrm_lookup_route+0x5b/0x1f0 [ 73.566581][ T7718] udp_sendmsg+0x1dfd/0x2820 [ 73.571155][ T7718] ? find_held_lock+0x35/0x130 [ 73.575912][ T7718] ? ip_reply_glue_bits+0xc0/0xc0 [ 73.580935][ T7718] ? udp4_lib_lookup_skb+0x440/0x440 [ 73.586217][ T7718] ? kasan_check_read+0x11/0x20 [ 73.591054][ T7718] ? __lock_acquire+0x548/0x3fb0 [ 73.596072][ T7718] udpv6_sendmsg+0x13a4/0x28d0 [ 73.600834][ T7718] ? udpv6_sendmsg+0x13a4/0x28d0 [ 73.605763][ T7718] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 73.611743][ T7718] ? aa_profile_af_perm+0x320/0x320 [ 73.616924][ T7718] ? __might_fault+0x12b/0x1e0 [ 73.621674][ T7718] ? find_held_lock+0x35/0x130 [ 73.626424][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 73.632648][ T7718] ? rw_copy_check_uvector+0x2a6/0x330 [ 73.638105][ T7718] ? ___might_sleep+0x163/0x280 [ 73.642946][ T7718] ? __might_sleep+0x95/0x190 [ 73.647872][ T7718] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 73.653485][ T7718] ? aa_sk_perm+0x288/0x880 [ 73.657985][ T7718] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 73.663520][ T7718] inet_sendmsg+0x147/0x5e0 [ 73.668009][ T7718] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 73.673971][ T7718] ? inet_sendmsg+0x147/0x5e0 [ 73.678632][ T7718] ? ipip_gro_receive+0x100/0x100 [ 73.683664][ T7718] sock_sendmsg+0xdd/0x130 [ 73.688071][ T7718] ___sys_sendmsg+0x3e2/0x930 [ 73.692745][ T7718] ? copy_msghdr_from_user+0x430/0x430 [ 73.698200][ T7718] ? lock_downgrade+0x880/0x880 [ 73.703039][ T7718] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 73.709277][ T7718] ? kasan_check_read+0x11/0x20 [ 73.714125][ T7718] ? __fget+0x381/0x550 [ 73.718270][ T7718] ? ksys_dup3+0x3e0/0x3e0 [ 73.722669][ T7718] ? __lock_acquire+0x548/0x3fb0 [ 73.727597][ T7718] ? __fget_light+0x1a9/0x230 [ 73.733000][ T7718] ? __fdget+0x1b/0x20 [ 73.737059][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 73.743297][ T7718] ? sockfd_lookup_light+0xcb/0x180 [ 73.748484][ T7718] __sys_sendmmsg+0x1bf/0x4d0 [ 73.753167][ T7718] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 73.758191][ T7718] ? _copy_to_user+0xc9/0x120 [ 73.762853][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 73.769083][ T7718] ? put_timespec64+0xda/0x140 [ 73.773831][ T7718] ? nsecs_to_jiffies+0x30/0x30 [ 73.778671][ T7718] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 73.784115][ T7718] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 73.789560][ T7718] ? do_syscall_64+0x26/0x610 [ 73.794237][ T7718] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 73.800287][ T7718] ? do_syscall_64+0x26/0x610 [ 73.804953][ T7718] __x64_sys_sendmmsg+0x9d/0x100 [ 73.809976][ T7718] do_syscall_64+0x103/0x610 [ 73.814554][ T7718] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 73.820427][ T7718] RIP: 0033:0x458209 [ 73.824306][ T7718] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 73.843893][ T7718] RSP: 002b:00007f7426706c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 73.852286][ T7718] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000458209 09:12:46 executing program 0: r0 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x7}, 0x8) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000580)={0x0, 0x3}, 0x8) sendmsg(r0, &(0x7f000001afc8)={&(0x7f0000006000)=@in={0x2, 0x4e20, @loopback}, 0x80, &(0x7f0000007f80)=[{&(0x7f00000001c0)='*', 0x1}], 0x1}, 0x0) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000100)={0x0, 0x1f, 0x1, [0x0]}, 0xa) [ 73.860262][ T7718] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000003 [ 73.868218][ T7718] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 73.876180][ T7718] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f74267076d4 [ 73.884159][ T7718] R13: 00000000004c5190 R14: 00000000004d92e0 R15: 00000000ffffffff 09:12:47 executing program 3: r0 = socket$inet6(0xa, 0x1000000000000003, 0xa) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000040)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000180)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @broadcast}}}}, 0x108) [ 73.983789][ T7734] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 74.023957][ T7718] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7718 [ 74.033372][ T7718] caller is sk_mc_loop+0x1d/0x210 [ 74.038410][ T7718] CPU: 1 PID: 7718 Comm: syz-executor.2 Not tainted 5.1.0-rc2+ #118 [ 74.046385][ T7718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 74.057770][ T7718] Call Trace: [ 74.061077][ T7718] dump_stack+0x172/0x1f0 [ 74.065428][ T7718] __this_cpu_preempt_check+0x246/0x270 [ 74.070983][ T7718] sk_mc_loop+0x1d/0x210 [ 74.075230][ T7718] ip_mc_output+0x2ef/0xf70 [ 74.075247][ T7718] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 74.075263][ T7718] ? ip_append_data.part.0+0x170/0x170 [ 74.075273][ T7718] ? ip_make_skb+0x1b1/0x2c0 [ 74.075284][ T7718] ? ip_reply_glue_bits+0xc0/0xc0 [ 74.075302][ T7718] ip_local_out+0xc4/0x1b0 [ 74.095284][ T7718] ip_send_skb+0x42/0xf0 [ 74.104722][ T7718] udp_send_skb.isra.0+0x6b2/0x1180 [ 74.104735][ T7718] ? xfrm_lookup_route+0x5b/0x1f0 [ 74.104753][ T7718] udp_sendmsg+0x1dfd/0x2820 [ 74.104767][ T7718] ? find_held_lock+0x35/0x130 [ 74.104784][ T7718] ? ip_reply_glue_bits+0xc0/0xc0 [ 74.144984][ T7718] ? udp4_lib_lookup_skb+0x440/0x440 [ 74.150293][ T7718] ? kasan_check_read+0x11/0x20 [ 74.155174][ T7718] ? __lock_acquire+0x548/0x3fb0 [ 74.160156][ T7718] udpv6_sendmsg+0x13a4/0x28d0 [ 74.160174][ T7718] ? udpv6_sendmsg+0x13a4/0x28d0 [ 74.169867][ T7718] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 74.175867][ T7718] ? aa_profile_af_perm+0x320/0x320 [ 74.181081][ T7718] ? __might_fault+0x12b/0x1e0 [ 74.185870][ T7718] ? find_held_lock+0x35/0x130 [ 74.190640][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 74.190656][ T7718] ? rw_copy_check_uvector+0x2a6/0x330 [ 74.190681][ T7718] ? ___might_sleep+0x163/0x280 [ 74.202351][ T7718] ? __might_sleep+0x95/0x190 [ 74.202368][ T7718] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 74.202385][ T7718] ? aa_sk_perm+0x288/0x880 [ 74.223543][ T7718] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 74.229100][ T7718] inet_sendmsg+0x147/0x5e0 [ 74.233948][ T7718] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 74.239996][ T7718] ? inet_sendmsg+0x147/0x5e0 [ 74.244659][ T7718] ? ipip_gro_receive+0x100/0x100 [ 74.249683][ T7718] sock_sendmsg+0xdd/0x130 [ 74.254158][ T7718] ___sys_sendmsg+0x3e2/0x930 [ 74.258858][ T7718] ? copy_msghdr_from_user+0x430/0x430 [ 74.264328][ T7718] ? __lock_acquire+0x548/0x3fb0 [ 74.269599][ T7718] ? lock_downgrade+0x880/0x880 [ 74.274431][ T7718] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 74.280790][ T7718] ? kasan_check_read+0x11/0x20 [ 74.285628][ T7718] ? __might_fault+0x12b/0x1e0 [ 74.290376][ T7718] ? find_held_lock+0x35/0x130 [ 74.295177][ T7718] ? __might_fault+0x12b/0x1e0 [ 74.299931][ T7718] ? lock_downgrade+0x880/0x880 [ 74.304769][ T7718] ? ___might_sleep+0x163/0x280 [ 74.309608][ T7718] __sys_sendmmsg+0x1bf/0x4d0 [ 74.314270][ T7718] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 74.319287][ T7718] ? _copy_to_user+0xc9/0x120 [ 74.324038][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 74.330264][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 74.336507][ T7718] ? put_timespec64+0xda/0x140 [ 74.341262][ T7718] ? nsecs_to_jiffies+0x30/0x30 [ 74.346108][ T7718] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 74.351569][ T7718] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 74.357022][ T7718] ? do_syscall_64+0x26/0x610 [ 74.361679][ T7718] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 74.367818][ T7718] ? do_syscall_64+0x26/0x610 [ 74.372489][ T7718] __x64_sys_sendmmsg+0x9d/0x100 [ 74.377417][ T7718] do_syscall_64+0x103/0x610 [ 74.381993][ T7718] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 74.387887][ T7718] RIP: 0033:0x458209 [ 74.391769][ T7718] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 74.411366][ T7718] RSP: 002b:00007f7426706c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 74.419763][ T7718] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000458209 [ 74.427717][ T7718] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000003 [ 74.435683][ T7718] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 74.443726][ T7718] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f74267076d4 [ 74.451785][ T7718] R13: 00000000004c5190 R14: 00000000004d92e0 R15: 00000000ffffffff [ 74.470676][ T7718] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7718 [ 74.480466][ T7718] caller is sk_mc_loop+0x1d/0x210 [ 74.485701][ T7718] CPU: 0 PID: 7718 Comm: syz-executor.2 Not tainted 5.1.0-rc2+ #118 [ 74.493805][ T7718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 74.503917][ T7718] Call Trace: [ 74.507305][ T7718] dump_stack+0x172/0x1f0 [ 74.511622][ T7718] __this_cpu_preempt_check+0x246/0x270 [ 74.517166][ T7718] sk_mc_loop+0x1d/0x210 [ 74.521407][ T7718] ip_mc_output+0x2ef/0xf70 [ 74.526037][ T7718] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 74.531238][ T7718] ? ip_append_data.part.0+0x170/0x170 [ 74.536690][ T7718] ? ip_make_skb+0x1b1/0x2c0 [ 74.541282][ T7718] ? ip_reply_glue_bits+0xc0/0xc0 [ 74.546301][ T7718] ip_local_out+0xc4/0x1b0 [ 74.550784][ T7718] ip_send_skb+0x42/0xf0 [ 74.555031][ T7718] udp_send_skb.isra.0+0x6b2/0x1180 [ 74.560272][ T7718] ? xfrm_lookup_route+0x5b/0x1f0 [ 74.565290][ T7718] udp_sendmsg+0x1dfd/0x2820 [ 74.569866][ T7718] ? find_held_lock+0x35/0x130 [ 74.574642][ T7718] ? ip_reply_glue_bits+0xc0/0xc0 [ 74.579668][ T7718] ? udp4_lib_lookup_skb+0x440/0x440 [ 74.584943][ T7718] ? kasan_check_read+0x11/0x20 [ 74.589782][ T7718] ? __lock_acquire+0x548/0x3fb0 [ 74.594843][ T7718] udpv6_sendmsg+0x13a4/0x28d0 [ 74.599623][ T7718] ? udpv6_sendmsg+0x13a4/0x28d0 [ 74.604558][ T7718] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 74.610536][ T7718] ? aa_profile_af_perm+0x320/0x320 [ 74.615731][ T7718] ? __might_fault+0x12b/0x1e0 [ 74.620494][ T7718] ? find_held_lock+0x35/0x130 [ 74.625249][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 74.631475][ T7718] ? rw_copy_check_uvector+0x2a6/0x330 [ 74.636948][ T7718] ? ___might_sleep+0x163/0x280 [ 74.641971][ T7718] ? __might_sleep+0x95/0x190 [ 74.646645][ T7718] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 74.652263][ T7718] ? aa_sk_perm+0x288/0x880 [ 74.656774][ T7718] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 74.662322][ T7718] inet_sendmsg+0x147/0x5e0 [ 74.666831][ T7718] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 74.672827][ T7718] ? inet_sendmsg+0x147/0x5e0 [ 74.677511][ T7718] ? ipip_gro_receive+0x100/0x100 [ 74.682558][ T7718] sock_sendmsg+0xdd/0x130 [ 74.686970][ T7718] ___sys_sendmsg+0x3e2/0x930 [ 74.691637][ T7718] ? copy_msghdr_from_user+0x430/0x430 [ 74.697106][ T7718] ? __lock_acquire+0x548/0x3fb0 [ 74.702423][ T7718] ? lock_downgrade+0x880/0x880 [ 74.707263][ T7718] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 74.713507][ T7718] ? kasan_check_read+0x11/0x20 [ 74.718357][ T7718] ? __might_fault+0x12b/0x1e0 [ 74.723138][ T7718] ? find_held_lock+0x35/0x130 [ 74.727895][ T7718] ? __might_fault+0x12b/0x1e0 [ 74.732661][ T7718] ? lock_downgrade+0x880/0x880 [ 74.737513][ T7718] ? ___might_sleep+0x163/0x280 [ 74.742378][ T7718] __sys_sendmmsg+0x1bf/0x4d0 [ 74.747061][ T7718] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 74.752097][ T7718] ? _copy_to_user+0xc9/0x120 [ 74.756773][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 74.763009][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 74.769234][ T7718] ? put_timespec64+0xda/0x140 [ 74.773990][ T7718] ? nsecs_to_jiffies+0x30/0x30 [ 74.778837][ T7718] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 74.784282][ T7718] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 74.789723][ T7718] ? do_syscall_64+0x26/0x610 [ 74.794397][ T7718] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 74.800461][ T7718] ? do_syscall_64+0x26/0x610 [ 74.805130][ T7718] __x64_sys_sendmmsg+0x9d/0x100 [ 74.810055][ T7718] do_syscall_64+0x103/0x610 [ 74.814651][ T7718] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 74.820535][ T7718] RIP: 0033:0x458209 [ 74.824411][ T7718] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 74.844013][ T7718] RSP: 002b:00007f7426706c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 74.852409][ T7718] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000458209 [ 74.860366][ T7718] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000003 [ 74.868410][ T7718] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 74.876372][ T7718] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f74267076d4 [ 74.884433][ T7718] R13: 00000000004c5190 R14: 00000000004d92e0 R15: 00000000ffffffff [ 74.894742][ T7718] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7718 [ 74.904315][ T7718] caller is sk_mc_loop+0x1d/0x210 [ 74.909359][ T7718] CPU: 1 PID: 7718 Comm: syz-executor.2 Not tainted 5.1.0-rc2+ #118 [ 74.917317][ T7718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 74.927356][ T7718] Call Trace: [ 74.930692][ T7718] dump_stack+0x172/0x1f0 [ 74.935007][ T7718] __this_cpu_preempt_check+0x246/0x270 [ 74.940537][ T7718] sk_mc_loop+0x1d/0x210 [ 74.944763][ T7718] ip_mc_output+0x2ef/0xf70 [ 74.949250][ T7718] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 74.954344][ T7718] ? ip_append_data.part.0+0x170/0x170 [ 74.959780][ T7718] ? ip_make_skb+0x1b1/0x2c0 [ 74.964359][ T7718] ? ip_reply_glue_bits+0xc0/0xc0 [ 74.969363][ T7718] ip_local_out+0xc4/0x1b0 [ 74.973759][ T7718] ip_send_skb+0x42/0xf0 [ 74.977985][ T7718] udp_send_skb.isra.0+0x6b2/0x1180 [ 74.983284][ T7718] ? xfrm_lookup_route+0x5b/0x1f0 [ 74.988305][ T7718] udp_sendmsg+0x1dfd/0x2820 [ 74.992889][ T7718] ? find_held_lock+0x35/0x130 [ 74.997644][ T7718] ? ip_reply_glue_bits+0xc0/0xc0 [ 75.002653][ T7718] ? udp4_lib_lookup_skb+0x440/0x440 [ 75.007929][ T7718] ? kasan_check_read+0x11/0x20 [ 75.012780][ T7718] ? __lock_acquire+0x548/0x3fb0 [ 75.017743][ T7718] udpv6_sendmsg+0x13a4/0x28d0 [ 75.022498][ T7718] ? udpv6_sendmsg+0x13a4/0x28d0 [ 75.027436][ T7718] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 75.033502][ T7718] ? aa_profile_af_perm+0x320/0x320 [ 75.038683][ T7718] ? __might_fault+0x12b/0x1e0 [ 75.043427][ T7718] ? find_held_lock+0x35/0x130 [ 75.048182][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 75.054427][ T7718] ? rw_copy_check_uvector+0x2a6/0x330 [ 75.059900][ T7718] ? ___might_sleep+0x163/0x280 [ 75.064738][ T7718] ? __might_sleep+0x95/0x190 [ 75.069399][ T7718] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 75.075015][ T7718] ? aa_sk_perm+0x288/0x880 [ 75.079504][ T7718] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 75.085055][ T7718] inet_sendmsg+0x147/0x5e0 [ 75.089536][ T7718] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 75.095516][ T7718] ? inet_sendmsg+0x147/0x5e0 [ 75.100183][ T7718] ? ipip_gro_receive+0x100/0x100 [ 75.105189][ T7718] sock_sendmsg+0xdd/0x130 [ 75.109585][ T7718] ___sys_sendmsg+0x3e2/0x930 [ 75.114255][ T7718] ? copy_msghdr_from_user+0x430/0x430 [ 75.119697][ T7718] ? __lock_acquire+0x548/0x3fb0 [ 75.124615][ T7718] ? lock_downgrade+0x880/0x880 [ 75.129450][ T7718] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 75.135671][ T7718] ? kasan_check_read+0x11/0x20 [ 75.140505][ T7718] ? __might_fault+0x12b/0x1e0 [ 75.145256][ T7718] ? find_held_lock+0x35/0x130 [ 75.150009][ T7718] ? __might_fault+0x12b/0x1e0 [ 75.154755][ T7718] ? lock_downgrade+0x880/0x880 [ 75.159590][ T7718] ? ___might_sleep+0x163/0x280 [ 75.164422][ T7718] __sys_sendmmsg+0x1bf/0x4d0 [ 75.169109][ T7718] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 75.174130][ T7718] ? _copy_to_user+0xc9/0x120 [ 75.178804][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 75.185028][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 75.191278][ T7718] ? put_timespec64+0xda/0x140 [ 75.196044][ T7718] ? nsecs_to_jiffies+0x30/0x30 [ 75.200882][ T7718] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 75.206322][ T7718] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 75.211761][ T7718] ? do_syscall_64+0x26/0x610 [ 75.216421][ T7718] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 75.222479][ T7718] ? do_syscall_64+0x26/0x610 [ 75.227157][ T7718] __x64_sys_sendmmsg+0x9d/0x100 [ 75.232078][ T7718] do_syscall_64+0x103/0x610 [ 75.236668][ T7718] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 75.242564][ T7718] RIP: 0033:0x458209 [ 75.246460][ T7718] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 75.266053][ T7718] RSP: 002b:00007f7426706c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 75.274448][ T7718] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000458209 [ 75.282495][ T7718] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000003 [ 75.290450][ T7718] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 75.298586][ T7718] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f74267076d4 [ 75.306645][ T7718] R13: 00000000004c5190 R14: 00000000004d92e0 R15: 00000000ffffffff [ 75.317063][ T7718] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7718 [ 75.326831][ T7718] caller is sk_mc_loop+0x1d/0x210 [ 75.332055][ T7718] CPU: 0 PID: 7718 Comm: syz-executor.2 Not tainted 5.1.0-rc2+ #118 [ 75.340018][ T7718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 75.350114][ T7718] Call Trace: [ 75.353409][ T7718] dump_stack+0x172/0x1f0 [ 75.357741][ T7718] __this_cpu_preempt_check+0x246/0x270 [ 75.363338][ T7718] sk_mc_loop+0x1d/0x210 [ 75.367571][ T7718] ip_mc_output+0x2ef/0xf70 [ 75.372056][ T7718] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 75.377170][ T7718] ? ip_append_data.part.0+0x170/0x170 [ 75.382729][ T7718] ? ip_make_skb+0x1b1/0x2c0 [ 75.387392][ T7718] ? ip_reply_glue_bits+0xc0/0xc0 [ 75.392402][ T7718] ip_local_out+0xc4/0x1b0 [ 75.396814][ T7718] ip_send_skb+0x42/0xf0 [ 75.401048][ T7718] udp_send_skb.isra.0+0x6b2/0x1180 [ 75.406225][ T7718] ? xfrm_lookup_route+0x5b/0x1f0 [ 75.411260][ T7718] udp_sendmsg+0x1dfd/0x2820 [ 75.415852][ T7718] ? find_held_lock+0x35/0x130 [ 75.420787][ T7718] ? ip_reply_glue_bits+0xc0/0xc0 [ 75.425807][ T7718] ? udp4_lib_lookup_skb+0x440/0x440 [ 75.431099][ T7718] ? kasan_check_read+0x11/0x20 [ 75.435953][ T7718] ? __lock_acquire+0x548/0x3fb0 [ 75.440902][ T7718] udpv6_sendmsg+0x13a4/0x28d0 [ 75.445651][ T7718] ? udpv6_sendmsg+0x13a4/0x28d0 [ 75.450576][ T7718] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 75.456562][ T7718] ? aa_profile_af_perm+0x320/0x320 [ 75.461777][ T7718] ? __might_fault+0x12b/0x1e0 [ 75.466549][ T7718] ? find_held_lock+0x35/0x130 [ 75.471300][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 75.477538][ T7718] ? rw_copy_check_uvector+0x2a6/0x330 [ 75.483003][ T7718] ? ___might_sleep+0x163/0x280 [ 75.487850][ T7718] ? __might_sleep+0x95/0x190 [ 75.492529][ T7718] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 75.498161][ T7718] ? aa_sk_perm+0x288/0x880 [ 75.502677][ T7718] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 75.508223][ T7718] inet_sendmsg+0x147/0x5e0 [ 75.512722][ T7718] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 75.518697][ T7718] ? inet_sendmsg+0x147/0x5e0 [ 75.523369][ T7718] ? ipip_gro_receive+0x100/0x100 [ 75.528386][ T7718] sock_sendmsg+0xdd/0x130 [ 75.532799][ T7718] ___sys_sendmsg+0x3e2/0x930 [ 75.537486][ T7718] ? copy_msghdr_from_user+0x430/0x430 [ 75.542967][ T7718] ? __lock_acquire+0x548/0x3fb0 [ 75.547913][ T7718] ? lock_downgrade+0x880/0x880 [ 75.552757][ T7718] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 75.559015][ T7718] ? kasan_check_read+0x11/0x20 [ 75.563864][ T7718] ? __might_fault+0x12b/0x1e0 [ 75.568646][ T7718] ? find_held_lock+0x35/0x130 [ 75.573413][ T7718] ? __might_fault+0x12b/0x1e0 [ 75.578172][ T7718] ? lock_downgrade+0x880/0x880 [ 75.583015][ T7718] ? ___might_sleep+0x163/0x280 [ 75.587851][ T7718] __sys_sendmmsg+0x1bf/0x4d0 [ 75.592519][ T7718] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 75.597543][ T7718] ? _copy_to_user+0xc9/0x120 [ 75.602319][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 75.608540][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 75.614773][ T7718] ? put_timespec64+0xda/0x140 [ 75.619539][ T7718] ? nsecs_to_jiffies+0x30/0x30 [ 75.624386][ T7718] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 75.629827][ T7718] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 75.635278][ T7718] ? do_syscall_64+0x26/0x610 [ 75.639949][ T7718] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 75.646004][ T7718] ? do_syscall_64+0x26/0x610 [ 75.650673][ T7718] __x64_sys_sendmmsg+0x9d/0x100 [ 75.655624][ T7718] do_syscall_64+0x103/0x610 [ 75.660229][ T7718] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 75.666103][ T7718] RIP: 0033:0x458209 [ 75.670006][ T7718] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 75.689597][ T7718] RSP: 002b:00007f7426706c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 75.698004][ T7718] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000458209 [ 75.705959][ T7718] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000003 [ 75.713929][ T7718] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 75.721900][ T7718] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f74267076d4 [ 75.729872][ T7718] R13: 00000000004c5190 R14: 00000000004d92e0 R15: 00000000ffffffff [ 75.739153][ T7718] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7718 [ 75.748743][ T7718] caller is sk_mc_loop+0x1d/0x210 [ 75.753896][ T7718] CPU: 1 PID: 7718 Comm: syz-executor.2 Not tainted 5.1.0-rc2+ #118 [ 75.762028][ T7718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 75.772171][ T7718] Call Trace: [ 75.775469][ T7718] dump_stack+0x172/0x1f0 [ 75.779796][ T7718] __this_cpu_preempt_check+0x246/0x270 [ 75.785349][ T7718] sk_mc_loop+0x1d/0x210 [ 75.789579][ T7718] ip_mc_output+0x2ef/0xf70 [ 75.794243][ T7718] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 75.799340][ T7718] ? ip_append_data.part.0+0x170/0x170 [ 75.804779][ T7718] ? ip_make_skb+0x1b1/0x2c0 [ 75.809351][ T7718] ? ip_reply_glue_bits+0xc0/0xc0 [ 75.814367][ T7718] ip_local_out+0xc4/0x1b0 [ 75.818786][ T7718] ip_send_skb+0x42/0xf0 [ 75.823070][ T7718] udp_send_skb.isra.0+0x6b2/0x1180 [ 75.828270][ T7718] ? xfrm_lookup_route+0x5b/0x1f0 [ 75.833281][ T7718] udp_sendmsg+0x1dfd/0x2820 [ 75.837857][ T7718] ? find_held_lock+0x35/0x130 [ 75.842609][ T7718] ? ip_reply_glue_bits+0xc0/0xc0 [ 75.847620][ T7718] ? udp4_lib_lookup_skb+0x440/0x440 [ 75.852988][ T7718] ? kasan_check_read+0x11/0x20 [ 75.857922][ T7718] ? __lock_acquire+0x548/0x3fb0 [ 75.862868][ T7718] udpv6_sendmsg+0x13a4/0x28d0 [ 75.867630][ T7718] ? udpv6_sendmsg+0x13a4/0x28d0 [ 75.872561][ T7718] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 75.878541][ T7718] ? aa_profile_af_perm+0x320/0x320 [ 75.883725][ T7718] ? __might_fault+0x12b/0x1e0 [ 75.888475][ T7718] ? find_held_lock+0x35/0x130 [ 75.893232][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 75.899475][ T7718] ? rw_copy_check_uvector+0x2a6/0x330 [ 75.904935][ T7718] ? ___might_sleep+0x163/0x280 [ 75.909773][ T7718] ? __might_sleep+0x95/0x190 [ 75.914447][ T7718] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 75.920063][ T7718] ? aa_sk_perm+0x288/0x880 [ 75.924552][ T7718] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 75.930090][ T7718] inet_sendmsg+0x147/0x5e0 [ 75.934585][ T7718] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 75.940656][ T7718] ? inet_sendmsg+0x147/0x5e0 [ 75.945335][ T7718] ? ipip_gro_receive+0x100/0x100 [ 75.950347][ T7718] sock_sendmsg+0xdd/0x130 [ 75.954761][ T7718] ___sys_sendmsg+0x3e2/0x930 [ 75.959422][ T7718] ? copy_msghdr_from_user+0x430/0x430 [ 75.964864][ T7718] ? __lock_acquire+0x548/0x3fb0 [ 75.969800][ T7718] ? lock_downgrade+0x880/0x880 [ 75.974635][ T7718] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 75.980857][ T7718] ? kasan_check_read+0x11/0x20 [ 75.985693][ T7718] ? __might_fault+0x12b/0x1e0 [ 75.990439][ T7718] ? find_held_lock+0x35/0x130 [ 75.995185][ T7718] ? __might_fault+0x12b/0x1e0 [ 75.999933][ T7718] ? lock_downgrade+0x880/0x880 [ 76.004784][ T7718] ? ___might_sleep+0x163/0x280 [ 76.009822][ T7718] __sys_sendmmsg+0x1bf/0x4d0 [ 76.014501][ T7718] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 76.019518][ T7718] ? _copy_to_user+0xc9/0x120 [ 76.024183][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 76.030405][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 76.036647][ T7718] ? put_timespec64+0xda/0x140 [ 76.048980][ T7718] ? nsecs_to_jiffies+0x30/0x30 [ 76.053824][ T7718] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 76.059261][ T7718] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 76.064698][ T7718] ? do_syscall_64+0x26/0x610 [ 76.069357][ T7718] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 76.075411][ T7718] ? do_syscall_64+0x26/0x610 [ 76.080078][ T7718] __x64_sys_sendmmsg+0x9d/0x100 [ 76.084998][ T7718] do_syscall_64+0x103/0x610 [ 76.089569][ T7718] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 76.095439][ T7718] RIP: 0033:0x458209 [ 76.099324][ T7718] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 76.118915][ T7718] RSP: 002b:00007f7426706c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 76.127306][ T7718] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000458209 [ 76.135272][ T7718] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000003 [ 76.143245][ T7718] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 76.151200][ T7718] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f74267076d4 [ 76.159165][ T7718] R13: 00000000004c5190 R14: 00000000004d92e0 R15: 00000000ffffffff [ 76.168662][ T7718] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7718 [ 76.178074][ T7718] caller is sk_mc_loop+0x1d/0x210 [ 76.183170][ T7718] CPU: 1 PID: 7718 Comm: syz-executor.2 Not tainted 5.1.0-rc2+ #118 [ 76.191157][ T7718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 76.201198][ T7718] Call Trace: [ 76.204782][ T7718] dump_stack+0x172/0x1f0 [ 76.209099][ T7718] __this_cpu_preempt_check+0x246/0x270 [ 76.214656][ T7718] sk_mc_loop+0x1d/0x210 [ 76.218881][ T7718] ip_mc_output+0x2ef/0xf70 [ 76.223382][ T7718] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 76.228533][ T7718] ? ip_append_data.part.0+0x170/0x170 [ 76.233990][ T7718] ? ip_make_skb+0x1b1/0x2c0 [ 76.238561][ T7718] ? ip_reply_glue_bits+0xc0/0xc0 [ 76.243584][ T7718] ip_local_out+0xc4/0x1b0 [ 76.248021][ T7718] ip_send_skb+0x42/0xf0 [ 76.252254][ T7718] udp_send_skb.isra.0+0x6b2/0x1180 [ 76.257522][ T7718] ? xfrm_lookup_route+0x5b/0x1f0 [ 76.262530][ T7718] udp_sendmsg+0x1dfd/0x2820 [ 76.267098][ T7718] ? find_held_lock+0x35/0x130 [ 76.271841][ T7718] ? ip_reply_glue_bits+0xc0/0xc0 [ 76.276851][ T7718] ? udp4_lib_lookup_skb+0x440/0x440 [ 76.282118][ T7718] ? kasan_check_read+0x11/0x20 [ 76.286957][ T7718] ? __lock_acquire+0x548/0x3fb0 [ 76.291899][ T7718] udpv6_sendmsg+0x13a4/0x28d0 [ 76.296644][ T7718] ? udpv6_sendmsg+0x13a4/0x28d0 [ 76.301572][ T7718] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 76.307536][ T7718] ? aa_profile_af_perm+0x320/0x320 [ 76.312717][ T7718] ? __might_fault+0x12b/0x1e0 [ 76.317463][ T7718] ? find_held_lock+0x35/0x130 [ 76.322213][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 76.328522][ T7718] ? rw_copy_check_uvector+0x2a6/0x330 [ 76.333981][ T7718] ? ___might_sleep+0x163/0x280 [ 76.338834][ T7718] ? __might_sleep+0x95/0x190 [ 76.343507][ T7718] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 76.349140][ T7718] ? aa_sk_perm+0x288/0x880 [ 76.353630][ T7718] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 76.359173][ T7718] inet_sendmsg+0x147/0x5e0 [ 76.363664][ T7718] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 76.369637][ T7718] ? inet_sendmsg+0x147/0x5e0 [ 76.374300][ T7718] ? ipip_gro_receive+0x100/0x100 [ 76.379322][ T7718] sock_sendmsg+0xdd/0x130 [ 76.383739][ T7718] ___sys_sendmsg+0x3e2/0x930 [ 76.388406][ T7718] ? copy_msghdr_from_user+0x430/0x430 [ 76.393846][ T7718] ? __lock_acquire+0x548/0x3fb0 [ 76.398760][ T7718] ? lock_downgrade+0x880/0x880 [ 76.403589][ T7718] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 76.409823][ T7718] ? kasan_check_read+0x11/0x20 [ 76.414859][ T7718] ? __might_fault+0x12b/0x1e0 [ 76.419606][ T7718] ? find_held_lock+0x35/0x130 [ 76.424355][ T7718] ? __might_fault+0x12b/0x1e0 [ 76.429114][ T7718] ? lock_downgrade+0x880/0x880 [ 76.433957][ T7718] ? ___might_sleep+0x163/0x280 [ 76.438794][ T7718] __sys_sendmmsg+0x1bf/0x4d0 [ 76.443454][ T7718] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 76.448464][ T7718] ? _copy_to_user+0xc9/0x120 [ 76.453122][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 76.459343][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 76.465578][ T7718] ? put_timespec64+0xda/0x140 [ 76.470319][ T7718] ? nsecs_to_jiffies+0x30/0x30 [ 76.475169][ T7718] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 76.480608][ T7718] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 76.486133][ T7718] ? do_syscall_64+0x26/0x610 [ 76.490791][ T7718] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 76.496870][ T7718] ? do_syscall_64+0x26/0x610 [ 76.501539][ T7718] __x64_sys_sendmmsg+0x9d/0x100 [ 76.506474][ T7718] do_syscall_64+0x103/0x610 [ 76.511058][ T7718] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 76.516936][ T7718] RIP: 0033:0x458209 [ 76.520810][ T7718] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 76.540405][ T7718] RSP: 002b:00007f7426706c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 76.548806][ T7718] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000458209 [ 76.556761][ T7718] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000003 [ 76.564724][ T7718] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 76.572677][ T7718] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f74267076d4 [ 76.580649][ T7718] R13: 00000000004c5190 R14: 00000000004d92e0 R15: 00000000ffffffff [ 76.590359][ T7718] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7718 [ 76.600152][ T7718] caller is sk_mc_loop+0x1d/0x210 [ 76.605480][ T7718] CPU: 1 PID: 7718 Comm: syz-executor.2 Not tainted 5.1.0-rc2+ #118 [ 76.613452][ T7718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 76.623507][ T7718] Call Trace: [ 76.626787][ T7718] dump_stack+0x172/0x1f0 [ 76.631098][ T7718] __this_cpu_preempt_check+0x246/0x270 [ 76.636619][ T7718] sk_mc_loop+0x1d/0x210 [ 76.640844][ T7718] ip_mc_output+0x2ef/0xf70 [ 76.645326][ T7718] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 76.650429][ T7718] ? ip_append_data.part.0+0x170/0x170 [ 76.655862][ T7718] ? ip_make_skb+0x1b1/0x2c0 [ 76.660430][ T7718] ? ip_reply_glue_bits+0xc0/0xc0 [ 76.665435][ T7718] ip_local_out+0xc4/0x1b0 [ 76.669848][ T7718] ip_send_skb+0x42/0xf0 [ 76.674075][ T7718] udp_send_skb.isra.0+0x6b2/0x1180 [ 76.679248][ T7718] ? xfrm_lookup_route+0x5b/0x1f0 [ 76.684252][ T7718] udp_sendmsg+0x1dfd/0x2820 [ 76.688823][ T7718] ? find_held_lock+0x35/0x130 [ 76.693562][ T7718] ? ip_reply_glue_bits+0xc0/0xc0 [ 76.698567][ T7718] ? udp4_lib_lookup_skb+0x440/0x440 [ 76.703830][ T7718] ? kasan_check_read+0x11/0x20 [ 76.708660][ T7718] ? __lock_acquire+0x548/0x3fb0 [ 76.713588][ T7718] udpv6_sendmsg+0x13a4/0x28d0 [ 76.718330][ T7718] ? udpv6_sendmsg+0x13a4/0x28d0 [ 76.723270][ T7718] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 76.729248][ T7718] ? aa_profile_af_perm+0x320/0x320 [ 76.734425][ T7718] ? __might_fault+0x12b/0x1e0 [ 76.739166][ T7718] ? find_held_lock+0x35/0x130 [ 76.743923][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 76.750143][ T7718] ? rw_copy_check_uvector+0x2a6/0x330 [ 76.755675][ T7718] ? ___might_sleep+0x163/0x280 [ 76.760518][ T7718] ? __might_sleep+0x95/0x190 [ 76.765265][ T7718] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 76.770882][ T7718] ? aa_sk_perm+0x288/0x880 [ 76.775391][ T7718] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 76.780924][ T7718] inet_sendmsg+0x147/0x5e0 [ 76.785405][ T7718] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 76.791449][ T7718] ? inet_sendmsg+0x147/0x5e0 [ 76.796120][ T7718] ? ipip_gro_receive+0x100/0x100 [ 76.801125][ T7718] sock_sendmsg+0xdd/0x130 [ 76.805537][ T7718] ___sys_sendmsg+0x3e2/0x930 [ 76.810211][ T7718] ? copy_msghdr_from_user+0x430/0x430 [ 76.815656][ T7718] ? __lock_acquire+0x548/0x3fb0 [ 76.820580][ T7718] ? lock_downgrade+0x880/0x880 [ 76.825414][ T7718] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 76.831639][ T7718] ? kasan_check_read+0x11/0x20 [ 76.836476][ T7718] ? __might_fault+0x12b/0x1e0 [ 76.841221][ T7718] ? find_held_lock+0x35/0x130 [ 76.845963][ T7718] ? __might_fault+0x12b/0x1e0 [ 76.850705][ T7718] ? lock_downgrade+0x880/0x880 [ 76.855549][ T7718] ? ___might_sleep+0x163/0x280 [ 76.860391][ T7718] __sys_sendmmsg+0x1bf/0x4d0 [ 76.865051][ T7718] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 76.870151][ T7718] ? _copy_to_user+0xc9/0x120 [ 76.874833][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 76.881049][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 76.887269][ T7718] ? put_timespec64+0xda/0x140 [ 76.892010][ T7718] ? nsecs_to_jiffies+0x30/0x30 [ 76.896858][ T7718] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 76.902296][ T7718] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 76.907743][ T7718] ? do_syscall_64+0x26/0x610 [ 76.912410][ T7718] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 76.918464][ T7718] ? do_syscall_64+0x26/0x610 [ 76.923122][ T7718] __x64_sys_sendmmsg+0x9d/0x100 [ 76.928051][ T7718] do_syscall_64+0x103/0x610 [ 76.932634][ T7718] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 76.938503][ T7718] RIP: 0033:0x458209 [ 76.942387][ T7718] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 76.961980][ T7718] RSP: 002b:00007f7426706c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 76.970474][ T7718] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000458209 [ 76.978429][ T7718] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000003 [ 76.986484][ T7718] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 76.994455][ T7718] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f74267076d4 [ 77.002417][ T7718] R13: 00000000004c5190 R14: 00000000004d92e0 R15: 00000000ffffffff [ 77.011981][ T7718] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7718 [ 77.021391][ T7718] caller is sk_mc_loop+0x1d/0x210 [ 77.026530][ T7718] CPU: 1 PID: 7718 Comm: syz-executor.2 Not tainted 5.1.0-rc2+ #118 [ 77.034626][ T7718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 77.044851][ T7718] Call Trace: [ 77.048135][ T7718] dump_stack+0x172/0x1f0 [ 77.052462][ T7718] __this_cpu_preempt_check+0x246/0x270 [ 77.057994][ T7718] sk_mc_loop+0x1d/0x210 [ 77.062231][ T7718] ip_mc_output+0x2ef/0xf70 [ 77.066734][ T7718] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 77.071846][ T7718] ? ip_append_data.part.0+0x170/0x170 [ 77.077301][ T7718] ? ip_make_skb+0x1b1/0x2c0 [ 77.081880][ T7718] ? ip_reply_glue_bits+0xc0/0xc0 [ 77.086891][ T7718] ip_local_out+0xc4/0x1b0 [ 77.091296][ T7718] ip_send_skb+0x42/0xf0 [ 77.095542][ T7718] udp_send_skb.isra.0+0x6b2/0x1180 [ 77.100806][ T7718] ? xfrm_lookup_route+0x5b/0x1f0 [ 77.105813][ T7718] udp_sendmsg+0x1dfd/0x2820 [ 77.110391][ T7718] ? find_held_lock+0x35/0x130 [ 77.115137][ T7718] ? ip_reply_glue_bits+0xc0/0xc0 [ 77.120445][ T7718] ? udp4_lib_lookup_skb+0x440/0x440 [ 77.125726][ T7718] ? kasan_check_read+0x11/0x20 [ 77.130669][ T7718] ? __lock_acquire+0x548/0x3fb0 [ 77.135607][ T7718] udpv6_sendmsg+0x13a4/0x28d0 [ 77.140440][ T7718] ? udpv6_sendmsg+0x13a4/0x28d0 [ 77.145365][ T7718] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 77.151330][ T7718] ? aa_profile_af_perm+0x320/0x320 [ 77.156535][ T7718] ? __might_fault+0x12b/0x1e0 [ 77.161294][ T7718] ? find_held_lock+0x35/0x130 [ 77.166045][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 77.172266][ T7718] ? rw_copy_check_uvector+0x2a6/0x330 [ 77.177714][ T7718] ? ___might_sleep+0x163/0x280 [ 77.182566][ T7718] ? __might_sleep+0x95/0x190 [ 77.187228][ T7718] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 77.192844][ T7718] ? aa_sk_perm+0x288/0x880 [ 77.197464][ T7718] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 77.203087][ T7718] inet_sendmsg+0x147/0x5e0 [ 77.207575][ T7718] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 77.213547][ T7718] ? inet_sendmsg+0x147/0x5e0 [ 77.218206][ T7718] ? ipip_gro_receive+0x100/0x100 [ 77.223217][ T7718] sock_sendmsg+0xdd/0x130 [ 77.227619][ T7718] ___sys_sendmsg+0x3e2/0x930 [ 77.232308][ T7718] ? copy_msghdr_from_user+0x430/0x430 [ 77.237808][ T7718] ? __lock_acquire+0x548/0x3fb0 [ 77.242730][ T7718] ? lock_downgrade+0x880/0x880 [ 77.247568][ T7718] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 77.253800][ T7718] ? kasan_check_read+0x11/0x20 [ 77.258632][ T7718] ? __might_fault+0x12b/0x1e0 [ 77.263376][ T7718] ? find_held_lock+0x35/0x130 [ 77.268116][ T7718] ? __might_fault+0x12b/0x1e0 [ 77.272869][ T7718] ? lock_downgrade+0x880/0x880 [ 77.277704][ T7718] ? ___might_sleep+0x163/0x280 [ 77.282540][ T7718] __sys_sendmmsg+0x1bf/0x4d0 [ 77.287205][ T7718] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 77.292306][ T7718] ? _copy_to_user+0xc9/0x120 [ 77.296964][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 77.303200][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 77.309442][ T7718] ? put_timespec64+0xda/0x140 [ 77.314193][ T7718] ? nsecs_to_jiffies+0x30/0x30 [ 77.319189][ T7718] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 77.324628][ T7718] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 77.330108][ T7718] ? do_syscall_64+0x26/0x610 [ 77.334769][ T7718] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 77.340837][ T7718] ? do_syscall_64+0x26/0x610 [ 77.345513][ T7718] __x64_sys_sendmmsg+0x9d/0x100 [ 77.350444][ T7718] do_syscall_64+0x103/0x610 [ 77.355015][ T7718] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 77.360887][ T7718] RIP: 0033:0x458209 [ 77.364869][ T7718] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 77.385179][ T7718] RSP: 002b:00007f7426706c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 77.393573][ T7718] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000458209 [ 77.401523][ T7718] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000003 [ 77.409475][ T7718] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 77.417443][ T7718] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f74267076d4 [ 77.425504][ T7718] R13: 00000000004c5190 R14: 00000000004d92e0 R15: 00000000ffffffff [ 77.435407][ T7718] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7718 [ 77.444807][ T7718] caller is sk_mc_loop+0x1d/0x210 [ 77.449851][ T7718] CPU: 1 PID: 7718 Comm: syz-executor.2 Not tainted 5.1.0-rc2+ #118 [ 77.457825][ T7718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 77.467868][ T7718] Call Trace: [ 77.471164][ T7718] dump_stack+0x172/0x1f0 [ 77.475497][ T7718] __this_cpu_preempt_check+0x246/0x270 [ 77.481223][ T7718] sk_mc_loop+0x1d/0x210 [ 77.485465][ T7718] ip_mc_output+0x2ef/0xf70 [ 77.489969][ T7718] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 77.495062][ T7718] ? ip_append_data.part.0+0x170/0x170 [ 77.500513][ T7718] ? ip_make_skb+0x1b1/0x2c0 [ 77.505101][ T7718] ? ip_reply_glue_bits+0xc0/0xc0 [ 77.510109][ T7718] ip_local_out+0xc4/0x1b0 [ 77.514508][ T7718] ip_send_skb+0x42/0xf0 [ 77.518730][ T7718] udp_send_skb.isra.0+0x6b2/0x1180 [ 77.523911][ T7718] ? xfrm_lookup_route+0x5b/0x1f0 [ 77.528938][ T7718] udp_sendmsg+0x1dfd/0x2820 [ 77.533599][ T7718] ? find_held_lock+0x35/0x130 [ 77.538343][ T7718] ? ip_reply_glue_bits+0xc0/0xc0 [ 77.543347][ T7718] ? udp4_lib_lookup_skb+0x440/0x440 [ 77.548642][ T7718] ? kasan_check_read+0x11/0x20 [ 77.553582][ T7718] ? __lock_acquire+0x548/0x3fb0 [ 77.558533][ T7718] udpv6_sendmsg+0x13a4/0x28d0 [ 77.563276][ T7718] ? udpv6_sendmsg+0x13a4/0x28d0 [ 77.568218][ T7718] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 77.574186][ T7718] ? aa_profile_af_perm+0x320/0x320 [ 77.579388][ T7718] ? __might_fault+0x12b/0x1e0 [ 77.584159][ T7718] ? find_held_lock+0x35/0x130 [ 77.588902][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 77.595142][ T7718] ? rw_copy_check_uvector+0x2a6/0x330 [ 77.600610][ T7718] ? ___might_sleep+0x163/0x280 [ 77.605442][ T7718] ? __might_sleep+0x95/0x190 [ 77.610115][ T7718] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 77.615725][ T7718] ? aa_sk_perm+0x288/0x880 [ 77.620233][ T7718] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 77.625773][ T7718] inet_sendmsg+0x147/0x5e0 [ 77.630259][ T7718] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 77.636217][ T7718] ? inet_sendmsg+0x147/0x5e0 [ 77.640900][ T7718] ? ipip_gro_receive+0x100/0x100 [ 77.645992][ T7718] sock_sendmsg+0xdd/0x130 [ 77.650389][ T7718] ___sys_sendmsg+0x3e2/0x930 [ 77.655048][ T7718] ? copy_msghdr_from_user+0x430/0x430 [ 77.660500][ T7718] ? __lock_acquire+0x548/0x3fb0 [ 77.665423][ T7718] ? lock_downgrade+0x880/0x880 [ 77.670262][ T7718] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 77.676489][ T7718] ? kasan_check_read+0x11/0x20 [ 77.681323][ T7718] ? __might_fault+0x12b/0x1e0 [ 77.686075][ T7718] ? find_held_lock+0x35/0x130 [ 77.690831][ T7718] ? __might_fault+0x12b/0x1e0 [ 77.695578][ T7718] ? lock_downgrade+0x880/0x880 [ 77.700499][ T7718] ? ___might_sleep+0x163/0x280 [ 77.705340][ T7718] __sys_sendmmsg+0x1bf/0x4d0 [ 77.710000][ T7718] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 77.715013][ T7718] ? _copy_to_user+0xc9/0x120 [ 77.719670][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 77.725909][ T7718] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 77.732126][ T7718] ? put_timespec64+0xda/0x140 [ 77.736983][ T7718] ? nsecs_to_jiffies+0x30/0x30 [ 77.741847][ T7718] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 77.747295][ T7718] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 77.752758][ T7718] ? do_syscall_64+0x26/0x610 [ 77.757438][ T7718] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 77.763482][ T7718] ? do_syscall_64+0x26/0x610 [ 77.768141][ T7718] __x64_sys_sendmmsg+0x9d/0x100 [ 77.773076][ T7718] do_syscall_64+0x103/0x610 [ 77.777666][ T7718] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 77.783538][ T7718] RIP: 0033:0x458209 [ 77.787422][ T7718] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 77.807007][ T7718] RSP: 002b:00007f7426706c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 77.815404][ T7718] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000458209 [ 77.823530][ T7718] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000003 [ 77.831483][ T7718] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 77.839439][ T7718] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f74267076d4 [ 77.847392][ T7718] R13: 00000000004c5190 R14: 00000000004d92e0 R15: 00000000ffffffff 09:12:51 executing program 2: r0 = syz_init_net_socket$nfc_llcp(0x27, 0x5, 0x1) bind$nfc_llcp(r0, &(0x7f0000000100)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "8811e78754a539d39c2bd6a40fa8c8aa024d00000000ffffffff25fec2541e21ccf67e1d7b5510029e63000000e565aa9a9d325ebac7627ffe7a54cdbd77b3", 0x2b}, 0x60) r1 = accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000000)=0x80) getsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000180), &(0x7f00000001c0)=0x8) listen(r0, 0x0) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000300)={'security\x00'}, &(0x7f0000000380)=0x54) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={[], [], @multicast1}}, 0x1c) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f00000003c0)={r0}) sendmmsg(r2, &(0x7f00000092c0), 0x4ff, 0x0) getsockopt$nfc_llcp(r3, 0x118, 0x0, &(0x7f0000000480)=""/63, 0x3f) pipe(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_CREATE(0x0, &(0x7f0000000440)={0xf, 0x1, 0x3ff, 0x0, 0x1, r5, 0x9}, 0x2c) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000200)=@sack_info={0x0, 0xb2c, 0x9}, &(0x7f0000000240)=0xc) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000500)=@filter={'filter\x00', 0xe, 0x4, 0x618, 0x228, 0x368, 0x0, 0x0, 0x0, 0x5d8, 0x5d8, 0x5d8, 0x5d8, 0x5d8, 0x4, &(0x7f00000004c0), {[{{@ipv6={@local, @remote, [0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff], [0xffffffff, 0xff, 0xffffffff, 0xffffffff], 'gre0\x00', '\x00', {0xff}, {0xff}, 0x1d, 0x401, 0x5, 0x21}, 0x0, 0x200, 0x228, 0x0, {}, [@common=@rt={0x138, 'rt\x00', 0x0, {0x2, 0x3f, 0x4b, 0x4e8f, 0x10, 0x5, [@mcast1, @loopback, @loopback, @remote, @loopback, @local, @mcast2, @ipv4={[], [], @empty}, @mcast2, @loopback, @local, @ipv4={[], [], @local}, @empty, @ipv4={[], [], @multicast2}, @ipv4={[], [], @remote}, @mcast1], 0x6}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}, {{@ipv6={@mcast1, @loopback, [0xffffffff, 0xff0000ff, 0xff, 0xffffffff], [0xffffffff, 0xffffff00, 0xff000000, 0xffffffff], 'gretap0\x00', 'team_slave_0\x00', {}, {}, 0x2e, 0x2, 0x0, 0x20}, 0x0, 0xc8, 0xf8}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x3f66ed63, 0x730, 0x4, 0x2}}}, {{@ipv6={@loopback, @local, [0xffffffff, 0xffffffff, 0xffffffff], [0xff, 0xffffffff, 0xffffffff, 0xff], 'veth0_to_bond\x00', 'yam0\x00', {}, {0xff}, 0x7b, 0x6, 0x5, 0x9}, 0x0, 0x200, 0x228, 0x0, {}, [@common=@rt={0x138, 'rt\x00', 0x0, {0x6, 0x3, 0x3ff, 0x7, 0x20, 0x2, [@ipv4={[], [], @empty}, @local, @mcast2, @loopback, @mcast2, @remote, @mcast2, @dev={0xfe, 0x80, [], 0xd}, @mcast1, @empty, @remote, @local, @empty, @dev={0xfe, 0x80, [], 0xe}, @mcast1, @dev]}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x1}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x678) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000280)={r6, 0x5}, &(0x7f00000002c0)=0x8) accept$packet(r0, &(0x7f0000000040), &(0x7f0000001580)=0xffffff4c) 09:12:51 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f3188b070") r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000100)='cpuset.cpu_exclusive\x00', 0x2, 0x0) write$cgroup_subtree(r2, &(0x7f0000000080)={[{0x2b, '', 0x30}]}, 0x2) 09:12:51 executing program 0: r0 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x7}, 0x8) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000580)={0x0, 0x3}, 0x8) sendmsg(r0, &(0x7f000001afc8)={&(0x7f0000006000)=@in={0x2, 0x4e20, @loopback}, 0x80, &(0x7f0000007f80)=[{&(0x7f00000001c0)='*', 0x1}], 0x1}, 0x0) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000100)={0x0, 0x1f, 0x1, [0x0]}, 0xa) 09:12:51 executing program 4: sendmsg(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="5500000018007fafb72d1cb2a4a280930206000000a843096c2623690f00080004000c0816000b770000a3c728f1c46b7b31afdc1338d544", 0x38}], 0x1}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000080)=ANY=[@ANYBLOB="380000001e00090100000000000000000700140100000000040000000000800018000a00"], 0x1}}, 0x0) r0 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r0, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)}], 0x492492492492805, 0x0) 09:12:51 executing program 1: r0 = syz_init_net_socket$nfc_llcp(0x27, 0x5, 0x1) bind$nfc_llcp(r0, &(0x7f0000000100)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "8811e78754a539d39c2bd6a40fa8c8aa024d00000000ffffffff25fec2541e21ccf67e1d7b5510029e63000000e565aa9a9d325ebac7627ffe7a54cdbd77b3", 0x2b}, 0x60) r1 = accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000000)=0x80) getsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000180), &(0x7f00000001c0)=0x8) listen(r0, 0x0) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000300)={'security\x00'}, &(0x7f0000000380)=0x54) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={[], [], @multicast1}}, 0x1c) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f00000003c0)={r0}) sendmmsg(r2, &(0x7f00000092c0), 0x4ff, 0x0) getsockopt$nfc_llcp(r3, 0x118, 0x0, &(0x7f0000000480)=""/63, 0x3f) pipe(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_CREATE(0x0, &(0x7f0000000440)={0xf, 0x1, 0x3ff, 0x0, 0x1, r5, 0x9}, 0x2c) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000200)=@sack_info={0x0, 0xb2c, 0x9}, &(0x7f0000000240)=0xc) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000500)=@filter={'filter\x00', 0xe, 0x4, 0x618, 0x228, 0x368, 0x0, 0x0, 0x0, 0x5d8, 0x5d8, 0x5d8, 0x5d8, 0x5d8, 0x4, &(0x7f00000004c0), {[{{@ipv6={@local, @remote, [0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff], [0xffffffff, 0xff, 0xffffffff, 0xffffffff], 'gre0\x00', '\x00', {0xff}, {0xff}, 0x1d, 0x401, 0x5, 0x21}, 0x0, 0x200, 0x228, 0x0, {}, [@common=@rt={0x138, 'rt\x00', 0x0, {0x2, 0x3f, 0x4b, 0x4e8f, 0x10, 0x5, [@mcast1, @loopback, @loopback, @remote, @loopback, @local, @mcast2, @ipv4={[], [], @empty}, @mcast2, @loopback, @local, @ipv4={[], [], @local}, @empty, @ipv4={[], [], @multicast2}, @ipv4={[], [], @remote}, @mcast1], 0x6}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}, {{@ipv6={@mcast1, @loopback, [0xffffffff, 0xff0000ff, 0xff, 0xffffffff], [0xffffffff, 0xffffff00, 0xff000000, 0xffffffff], 'gretap0\x00', 'team_slave_0\x00', {}, {}, 0x2e, 0x2, 0x0, 0x20}, 0x0, 0xc8, 0xf8}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x3f66ed63, 0x730, 0x4, 0x2}}}, {{@ipv6={@loopback, @local, [0xffffffff, 0xffffffff, 0xffffffff], [0xff, 0xffffffff, 0xffffffff, 0xff], 'veth0_to_bond\x00', 'yam0\x00', {}, {0xff}, 0x7b, 0x6, 0x5, 0x9}, 0x0, 0x200, 0x228, 0x0, {}, [@common=@rt={0x138, 'rt\x00', 0x0, {0x6, 0x3, 0x3ff, 0x7, 0x20, 0x2, [@ipv4={[], [], @empty}, @local, @mcast2, @loopback, @mcast2, @remote, @mcast2, @dev={0xfe, 0x80, [], 0xd}, @mcast1, @empty, @remote, @local, @empty, @dev={0xfe, 0x80, [], 0xe}, @mcast1, @dev]}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x1}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x678) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000280)={r6, 0x5}, &(0x7f00000002c0)=0x8) accept$packet(r0, &(0x7f0000000040), &(0x7f0000001580)=0xffffff4c) 09:12:51 executing program 3: r0 = socket$kcm(0x2, 0x2, 0x73) sendmmsg(r0, &(0x7f0000004500)=[{{&(0x7f0000000000)=@nl=@unspec, 0x80, 0x0}}, {{&(0x7f0000000ac0)=@rc, 0x80, 0x0}}], 0x2, 0x0) [ 77.983679][ T7751] netlink: 'syz-executor.4': attribute type 10 has an invalid length. 09:12:51 executing program 5: r0 = accept$unix(0xffffffffffffff9c, 0x0, &(0x7f0000000100)) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x18}}, 0x0, 0x1a, 0x0, 0x2}, 0x20) ioctl$sock_SIOCGIFBR(r0, 0x8940, &(0x7f0000000040)=@generic={0x0, 0x0, 0x4}) r1 = bpf$OBJ_GET_PROG(0x7, 0x0, 0x70879e28b99e269) ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f0000000a00)=ANY=[]) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000040)=ANY=[], 0x65c15bf2) write$binfmt_elf32(r2, &(0x7f0000000640)=ANY=[], 0x0) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000a40)={0x0, @remote, @broadcast}, &(0x7f0000000a80)=0xc) getsockopt$inet_sctp_SCTP_HMAC_IDENT(r2, 0x84, 0x16, &(0x7f0000000180)={0x7, [0x2, 0xef6, 0x4, 0x10000, 0x763136a2, 0x1, 0x9]}, &(0x7f00000001c0)=0x12) setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000840)={{{@in6=@mcast1, @in6=@mcast1, 0x4e23, 0x0, 0x4e21, 0xff8b, 0xa, 0xa0, 0x20, 0x2c}, {0x2, 0x7, 0xffffffffffffffe1, 0x0, 0xe5b4, 0x6, 0x5, 0x8}, {0x4, 0x1, 0x7, 0x7f}, 0x80000001, 0x0, 0x2, 0xfffffffffffffffd}, {{@in=@remote}, 0x2, @in6=@dev={0xfe, 0x80, [], 0x1e}, 0x3505, 0x0, 0x0, 0x100000000, 0x3, 0x0, 0x7}}, 0xe8) mmap(&(0x7f0000a00000/0x600000)=nil, 0x600000, 0x300000a, 0x2011, r2, 0x0) ioctl$sock_inet_tcp_SIOCOUTQ(r2, 0x5411, &(0x7f0000000000)) getsockopt$inet_sctp_SCTP_RECVRCVINFO(r2, 0x84, 0x20, &(0x7f00000007c0), 0x0) mmap(&(0x7f0000b39000/0x1000)=nil, 0x1000, 0x3000009, 0x10, r2, 0x0) mmap(&(0x7f0000a35000/0x400000)=nil, 0x400000, 0x1000006, 0x2013, r2, 0x3f000000) ioctl$EXT4_IOC_SWAP_BOOT(r2, 0x6611) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000200)="680c4c067e5cf188f070c2c4f5d7aad9eba35d38314a81ef590dfdc53ff08f8c695a4f5fe4cc3597b50d98293a70cdb3dcc50200d125f0200953e8ec9e973129bb26e9b4fc36e287cd0b80b874378114d9668cf455122278a8af3489a803e773e890d8a7a3084e3bf242f380df846b844b47ad7fc32ac369cbe8994990bae24967c0779b0960ad4d3c5848d11dc3b4f8911923fd4dfa7cde9eadf90e27017bb55c43b9d8100ee720d5ad899d9214e2c1fed64986bc36c3cfc7c17d14402e0db285a62c01f7fbbf37c421f04a920eb4371e3193f98aa4b9f48be514267cf2c080f8e785f01608210be76a8f6f44fdfb25bd834b674ca155288a5f08e7873fca3c934bbe6e17ca0efda3370fd7c4b5cb3847b213194d960ab24f6c9281b4b5a3fd7e1f6f59a27ee358377b4c58a726c0eb42595348e3b7202e4d075d5ef404d9e4ae8775e632c6465d046e8c79d4e05800b1a9095fa9e6cf70e6d5ecee089952694205efc14799716018a6f4eb359b56c5b9f1eb5f57f3c006677d1f42490f02493c0914e779e4e5a6e937c8686df5e6fdf5bebd58800f7b2fae032836fbaf305bbfdf9a213705082d45317228e54a9c43fed922c26893d8c816aaf0ef8a3baaa865e8498dfe19bc53e8507804d38ec07a79b9ebf9684955d32f0edb", 0x1db) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x1, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200002c0], 0x0, &(0x7f0000000000), 0x0}, 0x240) 09:12:51 executing program 3: r0 = socket$kcm(0x2, 0x2, 0x73) sendmmsg(r0, &(0x7f0000004500)=[{{&(0x7f0000000000)=@nl=@unspec, 0x80, 0x0}}, {{&(0x7f0000000ac0)=@rc, 0x80, 0x0}}], 0x2, 0x0) 09:12:51 executing program 0: r0 = socket$kcm(0x2, 0x2, 0x73) sendmmsg(r0, &(0x7f0000004500)=[{{&(0x7f0000000000)=@nl=@unspec, 0x80, 0x0}}, {{&(0x7f0000000ac0)=@rc, 0x80, 0x0}}], 0x2, 0x0) 09:12:51 executing program 4: mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f0000000000), 0x4) 09:12:51 executing program 0: r0 = socket$kcm(0x2, 0x2, 0x73) sendmmsg(r0, &(0x7f0000004500)=[{{&(0x7f0000000000)=@nl=@unspec, 0x80, 0x0}}, {{&(0x7f0000000ac0)=@rc, 0x80, 0x0}}], 0x2, 0x0) 09:12:51 executing program 3: r0 = socket$kcm(0x2, 0x2, 0x73) sendmmsg(r0, &(0x7f0000004500)=[{{&(0x7f0000000000)=@nl=@unspec, 0x80, 0x0}}, {{&(0x7f0000000ac0)=@rc, 0x80, 0x0}}], 0x2, 0x0)