[ 38.393625][ T26] audit: type=1800 audit(1554634575.886:25): pid=7757 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 38.420719][ T26] audit: type=1800 audit(1554634575.886:26): pid=7757 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 38.441879][ T26] audit: type=1800 audit(1554634575.886:27): pid=7757 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] startpar: service(s) returned failure: rsyslog ...[?25l[?1c7[FAIL8[?25h[?0c failed! Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.211' (ECDSA) to the list of known hosts. 2019/04/07 10:56:34 fuzzer started 2019/04/07 10:56:37 dialing manager at 10.128.0.26:34543 2019/04/07 10:56:38 syscalls: 2408 2019/04/07 10:56:38 code coverage: enabled 2019/04/07 10:56:38 comparison tracing: enabled 2019/04/07 10:56:38 extra coverage: extra coverage is not supported by the kernel 2019/04/07 10:56:38 setuid sandbox: enabled 2019/04/07 10:56:38 namespace sandbox: enabled 2019/04/07 10:56:38 Android sandbox: /sys/fs/selinux/policy does not exist 2019/04/07 10:56:38 fault injection: enabled 2019/04/07 10:56:38 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/04/07 10:56:38 net packet injection: enabled 2019/04/07 10:56:38 net device setup: enabled 10:58:53 executing program 0: syzkaller login: [ 196.536580][ T7943] IPVS: ftp: loaded support on port[0] = 21 10:58:54 executing program 1: [ 196.640835][ T7943] chnl_net:caif_netlink_parms(): no params data found [ 196.744295][ T7943] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.752060][ T7943] bridge0: port 1(bridge_slave_0) entered disabled state [ 196.772452][ T7943] device bridge_slave_0 entered promiscuous mode [ 196.781546][ T7943] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.789767][ T7943] bridge0: port 2(bridge_slave_1) entered disabled state [ 196.798493][ T7943] device bridge_slave_1 entered promiscuous mode [ 196.813975][ T7947] IPVS: ftp: loaded support on port[0] = 21 [ 196.840409][ T7943] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 196.865572][ T7943] bond0: Enslaving bond_slave_1 as an active interface with an up link 10:58:54 executing program 2: [ 196.912680][ T7943] team0: Port device team_slave_0 added [ 196.930349][ T7943] team0: Port device team_slave_1 added 10:58:54 executing program 3: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) pread64(r0, &(0x7f0000000480)=""/211, 0xd3, 0x0) write$FUSE_INTERRUPT(r0, &(0x7f0000000240)={0x10, 0x0, 0x2}, 0x10) setxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='system.posix_acl_default\x00', &(0x7f00000006c0), 0x24, 0x0) [ 197.075897][ T7943] device hsr_slave_0 entered promiscuous mode [ 197.133212][ T7943] device hsr_slave_1 entered promiscuous mode [ 197.218982][ T7950] IPVS: ftp: loaded support on port[0] = 21 [ 197.229886][ T7947] chnl_net:caif_netlink_parms(): no params data found [ 197.258053][ T7943] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.265312][ T7943] bridge0: port 2(bridge_slave_1) entered forwarding state [ 197.273101][ T7943] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.280169][ T7943] bridge0: port 1(bridge_slave_0) entered forwarding state [ 197.314272][ T7952] IPVS: ftp: loaded support on port[0] = 21 10:58:54 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040)=@loop={'/dev/loop', 0x0}, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='udf\x00', 0x0, 0x0) [ 197.395016][ T7947] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.402169][ T7947] bridge0: port 1(bridge_slave_0) entered disabled state [ 197.413999][ T7947] device bridge_slave_0 entered promiscuous mode [ 197.421997][ T7947] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.431506][ T7947] bridge0: port 2(bridge_slave_1) entered disabled state [ 197.442262][ T7947] device bridge_slave_1 entered promiscuous mode [ 197.538965][ T7947] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 197.597773][ T7943] 8021q: adding VLAN 0 to HW filter on device bond0 [ 197.607109][ T7947] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 197.631778][ T7955] IPVS: ftp: loaded support on port[0] = 21 [ 197.678815][ T7943] 8021q: adding VLAN 0 to HW filter on device team0 10:58:55 executing program 5: r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="2e0000001d008100e00f80ecdb4cb9040ac8650402000000000000fb120001000e00da1b40d819a9060015000000", 0x2e}], 0x1}, 0x0) [ 197.720661][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 197.737812][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 197.759170][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 197.771140][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 197.819602][ T7947] team0: Port device team_slave_0 added [ 197.842009][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 197.851447][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 197.859759][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.866852][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 197.874755][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 197.883357][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 197.891603][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.898694][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 197.914823][ T7947] team0: Port device team_slave_1 added [ 197.944710][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 197.953302][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 197.961687][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 197.971773][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 197.980330][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 197.988818][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 197.997225][ T7952] chnl_net:caif_netlink_parms(): no params data found [ 198.064599][ T7947] device hsr_slave_0 entered promiscuous mode [ 198.103671][ T7947] device hsr_slave_1 entered promiscuous mode [ 198.150464][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 198.158684][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 198.167122][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 198.185428][ T7950] chnl_net:caif_netlink_parms(): no params data found [ 198.226782][ T7960] IPVS: ftp: loaded support on port[0] = 21 [ 198.238332][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 198.247525][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 198.267067][ T7943] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 198.290656][ T7952] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.300461][ T7952] bridge0: port 1(bridge_slave_0) entered disabled state [ 198.308883][ T7952] device bridge_slave_0 entered promiscuous mode [ 198.338277][ T7952] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.345464][ T7952] bridge0: port 2(bridge_slave_1) entered disabled state [ 198.353250][ T7952] device bridge_slave_1 entered promiscuous mode [ 198.382114][ T7950] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.389337][ T7950] bridge0: port 1(bridge_slave_0) entered disabled state [ 198.397931][ T7950] device bridge_slave_0 entered promiscuous mode [ 198.411960][ T7943] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 198.438832][ T7950] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.447076][ T7950] bridge0: port 2(bridge_slave_1) entered disabled state [ 198.456050][ T7950] device bridge_slave_1 entered promiscuous mode [ 198.476264][ T7952] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 198.489103][ T7952] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 198.511803][ T7952] team0: Port device team_slave_0 added [ 198.527256][ T7955] chnl_net:caif_netlink_parms(): no params data found [ 198.538907][ T7952] team0: Port device team_slave_1 added [ 198.558636][ T7950] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 198.569824][ T7950] bond0: Enslaving bond_slave_1 as an active interface with an up link 10:58:56 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="803ff8fffffffeffffff038a7e7164006cff9900000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53efdb56108e53b3994b2cc86d95687df2409c1be2ac93b7e0050a6b72696c6044c1", 0x5a, 0x400}], 0x0, 0x0) [ 198.754540][ T7952] device hsr_slave_0 entered promiscuous mode [ 198.772606][ T7969] EXT4-fs (loop0): unsupported inode size: 49476 [ 198.783416][ T7952] device hsr_slave_1 entered promiscuous mode [ 198.842461][ T7950] team0: Port device team_slave_0 added [ 198.851988][ T7950] team0: Port device team_slave_1 added 10:58:56 executing program 0: r0 = open(&(0x7f0000000280)='./bus\x00', 0x141042, 0x0) fadvise64(r0, 0xfffffffffffffffc, 0x2, 0x0) [ 198.889058][ T7960] chnl_net:caif_netlink_parms(): no params data found [ 198.907690][ T7955] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.915589][ T7955] bridge0: port 1(bridge_slave_0) entered disabled state [ 198.923692][ T7955] device bridge_slave_0 entered promiscuous mode 10:58:56 executing program 0: r0 = getpid() sched_setattr(r0, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, 0x0) pipe(&(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) write$binfmt_misc(r2, &(0x7f0000000140)=ANY=[], 0x4240a2a0) socket$inet(0x2, 0x3, 0x1) setsockopt$inet_mreqn(r3, 0x0, 0x20, &(0x7f00000000c0)={@rand_addr, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x14) connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(r1, 0x0, r3, 0x0, 0x810005, 0x0) [ 198.977749][ T7950] device hsr_slave_0 entered promiscuous mode [ 199.043337][ T7950] device hsr_slave_1 entered promiscuous mode [ 199.074464][ C0] hrtimer: interrupt took 27463 ns [ 199.085042][ T7979] check_preemption_disabled: 3 callbacks suppressed [ 199.085127][ T7979] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/7979 [ 199.101516][ T7979] caller is sk_mc_loop+0x1d/0x210 [ 199.106692][ T7979] CPU: 0 PID: 7979 Comm: syz-executor.0 Not tainted 5.1.0-rc3-next-20190405 #19 [ 199.115720][ T7979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 199.125774][ T7979] Call Trace: [ 199.129087][ T7979] dump_stack+0x172/0x1f0 [ 199.132259][ T7950] 8021q: adding VLAN 0 to HW filter on device bond0 [ 199.133471][ T7979] __this_cpu_preempt_check+0x246/0x270 [ 199.133521][ T7979] sk_mc_loop+0x1d/0x210 [ 199.133544][ T7979] ip_mc_output+0x2ef/0xf70 [ 199.133566][ T7979] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 199.156431][ T7950] 8021q: adding VLAN 0 to HW filter on device team0 [ 199.159520][ T7979] ? __ip_make_skb+0xf15/0x1820 [ 199.159541][ T7979] ? ip_append_data.part.0+0x170/0x170 [ 199.176550][ T7979] ? dst_release+0x62/0xb0 [ 199.180986][ T7979] ? __ip_make_skb+0xf93/0x1820 [ 199.185853][ T7979] ip_local_out+0xc4/0x1b0 [ 199.190294][ T7979] ip_send_skb+0x42/0xf0 [ 199.194575][ T7979] ip_push_pending_frames+0x64/0x80 [ 199.199800][ T7979] raw_sendmsg+0x1e6d/0x2f20 [ 199.200805][ T7950] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 199.204412][ T7979] ? compat_raw_getsockopt+0x100/0x100 [ 199.204441][ T7979] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 199.204460][ T7979] ? mark_held_locks+0xa4/0xf0 [ 199.204476][ T7979] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 199.204491][ T7979] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 199.204521][ T7979] ? 0xffffffff81000000 [ 199.204545][ T7979] ? retint_kernel+0x2d/0x2d [ 199.204566][ T7979] ? compat_raw_getsockopt+0x100/0x100 [ 199.220680][ T7950] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 199.225894][ T7979] inet_sendmsg+0x147/0x5e0 [ 199.225910][ T7979] ? compat_raw_getsockopt+0x100/0x100 [ 199.225922][ T7979] ? inet_sendmsg+0x147/0x5e0 [ 199.225941][ T7979] ? ipip_gro_receive+0x100/0x100 [ 199.250002][ T7950] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 199.250324][ T7979] sock_sendmsg+0xdd/0x130 [ 199.266087][ T7979] kernel_sendmsg+0x44/0x50 [ 199.266109][ T7979] sock_no_sendpage+0x116/0x150 [ 199.307697][ T7979] ? sock_kfree_s+0x70/0x70 [ 199.312218][ T7979] ? mark_held_locks+0xa4/0xf0 [ 199.317003][ T7979] ? trace_hardirqs_on_caller+0x6a/0x220 [ 199.322651][ T7979] inet_sendpage+0x44a/0x630 [ 199.327274][ T7979] kernel_sendpage+0x95/0xf0 [ 199.327288][ T7979] ? inet_sendmsg+0x5e0/0x5e0 [ 199.327317][ T7979] sock_sendpage+0x8b/0xc0 [ 199.327337][ T7979] pipe_to_sendpage+0x299/0x370 [ 199.336699][ T7979] ? kernel_sendpage+0xf0/0xf0 [ 199.336717][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 199.336734][ T7979] ? __splice_from_pipe+0x245/0x7d0 [ 199.336752][ T7979] __splice_from_pipe+0x395/0x7d0 [ 199.336768][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 199.336788][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 199.336801][ T7979] splice_from_pipe+0x108/0x170 [ 199.336819][ T7979] ? splice_shrink_spd+0xd0/0xd0 [ 199.336841][ T7979] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 10:58:56 executing program 2: r0 = socket$kcm(0x10, 0x2, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="2e0000002700050ad25a80648c63940d0124fc00100003400a000000053582c137153e370900018004001700d1bd", 0x2e}], 0x1}, 0x0) [ 199.336859][ T7979] ? security_file_permission+0x94/0x380 [ 199.336876][ T7979] generic_splice_sendpage+0x3c/0x50 [ 199.336888][ T7979] ? splice_from_pipe+0x170/0x170 [ 199.336902][ T7979] do_splice+0x70a/0x13c0 [ 199.336924][ T7979] ? opipe_prep.part.0+0x2d0/0x2d0 [ 199.336941][ T7979] ? __fget_light+0x1a9/0x230 [ 199.336959][ T7979] __x64_sys_splice+0x2c6/0x330 [ 199.336981][ T7979] do_syscall_64+0x103/0x610 [ 199.337002][ T7979] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 199.337013][ T7979] RIP: 0033:0x4582b9 [ 199.337029][ T7979] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 199.337037][ T7979] RSP: 002b:00007fda9d39fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 199.337051][ T7979] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 199.337058][ T7979] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 10:58:57 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt(r0, 0x10e, 0xb, &(0x7f00000004c0)="9adc01ce", 0x4) sendmsg(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000040)="24000000200007041dfffd946f610500027801001f00000000000800050016000400ff7e", 0x24}], 0x1}, 0x0) [ 199.337074][ T7979] RBP: 000000000073bfa0 R08: 0000000000810005 R09: 0000000000000000 [ 199.437459][ T7984] netlink: 'syz-executor.2': attribute type 3 has an invalid length. [ 199.439112][ T7979] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fda9d3a06d4 [ 199.439121][ T7979] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 199.453851][ T7979] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/7979 [ 199.472054][ T7984] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 199.479705][ T7979] caller is sk_mc_loop+0x1d/0x210 [ 199.537664][ T7979] CPU: 0 PID: 7979 Comm: syz-executor.0 Not tainted 5.1.0-rc3-next-20190405 #19 [ 199.551523][ T7979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 199.551530][ T7979] Call Trace: [ 199.551554][ T7979] dump_stack+0x172/0x1f0 [ 199.551581][ T7979] __this_cpu_preempt_check+0x246/0x270 [ 199.574785][ T7979] sk_mc_loop+0x1d/0x210 [ 199.579040][ T7979] ip_mc_output+0x2ef/0xf70 [ 199.583568][ T7979] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 199.588690][ T7979] ? ip_append_data.part.0+0x170/0x170 [ 199.594157][ T7979] ? dst_release+0x62/0xb0 [ 199.598585][ T7979] ? __ip_make_skb+0xf93/0x1820 [ 199.603447][ T7979] ip_local_out+0xc4/0x1b0 [ 199.607871][ T7979] ip_send_skb+0x42/0xf0 [ 199.612124][ T7979] ip_push_pending_frames+0x64/0x80 [ 199.617350][ T7979] raw_sendmsg+0x1e6d/0x2f20 [ 199.621964][ T7979] ? compat_raw_getsockopt+0x100/0x100 [ 199.627434][ T7979] ? trace_hardirqs_on_caller+0x6a/0x220 [ 199.633082][ T7979] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 199.638564][ T7979] ? retint_kernel+0x2d/0x2d 10:58:57 executing program 2: r0 = open(&(0x7f0000000280)='./bus\x00', 0x141042, 0x0) fadvise64(r0, 0xfffffffffffffffc, 0x2000000, 0x0) [ 199.643176][ T7979] ? ___might_sleep+0x163/0x280 [ 199.648041][ T7979] ? __might_sleep+0x95/0x190 [ 199.652730][ T7979] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 199.658377][ T7979] ? aa_sk_perm+0x288/0x880 [ 199.662897][ T7979] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 199.662917][ T7979] inet_sendmsg+0x147/0x5e0 [ 199.662931][ T7979] ? compat_raw_getsockopt+0x100/0x100 [ 199.662942][ T7979] ? inet_sendmsg+0x147/0x5e0 [ 199.662955][ T7979] ? ipip_gro_receive+0x100/0x100 [ 199.662973][ T7979] sock_sendmsg+0xdd/0x130 [ 199.662991][ T7979] kernel_sendmsg+0x44/0x50 [ 199.663009][ T7979] sock_no_sendpage+0x116/0x150 [ 199.663024][ T7979] ? sock_kfree_s+0x70/0x70 [ 199.663056][ T7979] inet_sendpage+0x44a/0x630 [ 199.663078][ T7979] kernel_sendpage+0x95/0xf0 [ 199.673119][ T7979] ? inet_sendmsg+0x5e0/0x5e0 [ 199.673141][ T7979] sock_sendpage+0x8b/0xc0 [ 199.673161][ T7979] pipe_to_sendpage+0x299/0x370 [ 199.673176][ T7979] ? kernel_sendpage+0xf0/0xf0 [ 199.673192][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 199.673208][ T7979] ? __splice_from_pipe+0x309/0x7d0 [ 199.673227][ T7979] __splice_from_pipe+0x395/0x7d0 [ 199.673248][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 199.755700][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 199.760991][ T7979] splice_from_pipe+0x108/0x170 [ 199.765855][ T7979] ? splice_shrink_spd+0xd0/0xd0 [ 199.770810][ T7979] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 199.770835][ T7979] ? security_file_permission+0x94/0x380 [ 199.782701][ T7979] generic_splice_sendpage+0x3c/0x50 [ 199.782718][ T7979] ? splice_from_pipe+0x170/0x170 [ 199.782734][ T7979] do_splice+0x70a/0x13c0 [ 199.782758][ T7979] ? opipe_prep.part.0+0x2d0/0x2d0 [ 199.802502][ T7979] ? __fget_light+0x1a9/0x230 [ 199.807492][ T7979] __x64_sys_splice+0x2c6/0x330 [ 199.812371][ T7979] do_syscall_64+0x103/0x610 [ 199.818373][ T7979] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 199.824594][ T7979] RIP: 0033:0x4582b9 [ 199.828500][ T7979] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 199.848214][ T7979] RSP: 002b:00007fda9d39fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 199.856634][ T7979] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 199.864691][ T7979] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 199.872665][ T7979] RBP: 000000000073bfa0 R08: 0000000000810005 R09: 0000000000000000 [ 199.880653][ T7979] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fda9d3a06d4 [ 199.888631][ T7979] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 199.897635][ T7979] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/7979 [ 199.906977][ T7979] caller is sk_mc_loop+0x1d/0x210 [ 199.912016][ T7979] CPU: 0 PID: 7979 Comm: syz-executor.0 Not tainted 5.1.0-rc3-next-20190405 #19 [ 199.921038][ T7979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 199.931093][ T7979] Call Trace: [ 199.934401][ T7979] dump_stack+0x172/0x1f0 [ 199.938745][ T7979] __this_cpu_preempt_check+0x246/0x270 [ 199.944299][ T7979] sk_mc_loop+0x1d/0x210 [ 199.948557][ T7979] ip_mc_output+0x2ef/0xf70 [ 199.948579][ T7979] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 199.948599][ T7979] ? __ip_make_skb+0xf15/0x1820 [ 199.958203][ T7979] ? ip_append_data.part.0+0x170/0x170 [ 199.958217][ T7979] ? dst_release+0x62/0xb0 [ 199.958238][ T7979] ? __ip_make_skb+0xf93/0x1820 [ 199.977784][ T7979] ip_local_out+0xc4/0x1b0 [ 199.982215][ T7979] ip_send_skb+0x42/0xf0 [ 199.986622][ T7979] ip_push_pending_frames+0x64/0x80 [ 199.991835][ T7979] raw_sendmsg+0x1e6d/0x2f20 [ 199.996446][ T7979] ? compat_raw_getsockopt+0x100/0x100 [ 200.001914][ T7979] ? trace_hardirqs_on_caller+0x6a/0x220 [ 200.007537][ T7979] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 200.012996][ T7979] ? retint_kernel+0x2d/0x2d [ 200.017592][ T7979] ? ___might_sleep+0x163/0x280 [ 200.022477][ T7979] ? __might_sleep+0x95/0x190 [ 200.027150][ T7979] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 200.032809][ T7979] ? aa_sk_perm+0x288/0x880 [ 200.037308][ T7979] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 200.042849][ T7979] inet_sendmsg+0x147/0x5e0 [ 200.047437][ T7979] ? compat_raw_getsockopt+0x100/0x100 [ 200.052882][ T7979] ? inet_sendmsg+0x147/0x5e0 [ 200.057561][ T7979] ? ipip_gro_receive+0x100/0x100 [ 200.062567][ T7979] sock_sendmsg+0xdd/0x130 [ 200.066968][ T7979] kernel_sendmsg+0x44/0x50 [ 200.071518][ T7979] sock_no_sendpage+0x116/0x150 [ 200.076366][ T7979] ? sock_kfree_s+0x70/0x70 [ 200.080863][ T7979] ? debug_check_no_obj_freed+0x211/0x444 [ 200.086589][ T7979] ? mark_held_locks+0xa4/0xf0 [ 200.091352][ T7979] inet_sendpage+0x44a/0x630 [ 200.096018][ T7979] kernel_sendpage+0x95/0xf0 [ 200.100589][ T7979] ? inet_sendmsg+0x5e0/0x5e0 [ 200.105263][ T7979] sock_sendpage+0x8b/0xc0 [ 200.109675][ T7979] ? lockdep_hardirqs_on+0x418/0x5d0 [ 200.114944][ T7979] pipe_to_sendpage+0x299/0x370 [ 200.119779][ T7979] ? kernel_sendpage+0xf0/0xf0 [ 200.124543][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 200.129828][ T7979] ? __put_page+0x92/0xd0 [ 200.134159][ T7979] ? anon_pipe_buf_release+0x1c6/0x270 [ 200.139643][ T7979] __splice_from_pipe+0x395/0x7d0 [ 200.144668][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 200.149955][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 200.155222][ T7979] splice_from_pipe+0x108/0x170 [ 200.160057][ T7979] ? splice_shrink_spd+0xd0/0xd0 [ 200.164998][ T7979] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 200.171237][ T7979] ? security_file_permission+0x94/0x380 [ 200.176861][ T7979] generic_splice_sendpage+0x3c/0x50 [ 200.182142][ T7979] ? splice_from_pipe+0x170/0x170 [ 200.187148][ T7979] do_splice+0x70a/0x13c0 [ 200.191475][ T7979] ? opipe_prep.part.0+0x2d0/0x2d0 [ 200.196599][ T7979] ? __fget_light+0x1a9/0x230 [ 200.201264][ T7979] __x64_sys_splice+0x2c6/0x330 [ 200.206119][ T7979] do_syscall_64+0x103/0x610 [ 200.210706][ T7979] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 200.216579][ T7979] RIP: 0033:0x4582b9 [ 200.220456][ T7979] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 200.240397][ T7979] RSP: 002b:00007fda9d39fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 200.248815][ T7979] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 200.256795][ T7979] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 200.264759][ T7979] RBP: 000000000073bfa0 R08: 0000000000810005 R09: 0000000000000000 [ 200.272728][ T7979] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fda9d3a06d4 [ 200.280681][ T7979] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 200.289169][ T7979] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/7979 [ 200.298511][ T7979] caller is sk_mc_loop+0x1d/0x210 [ 200.303607][ T7979] CPU: 0 PID: 7979 Comm: syz-executor.0 Not tainted 5.1.0-rc3-next-20190405 #19 [ 200.312643][ T7979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 200.322678][ T7979] Call Trace: [ 200.325970][ T7979] dump_stack+0x172/0x1f0 [ 200.330299][ T7979] __this_cpu_preempt_check+0x246/0x270 [ 200.335842][ T7979] sk_mc_loop+0x1d/0x210 [ 200.340080][ T7979] ip_mc_output+0x2ef/0xf70 [ 200.344586][ T7979] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 200.349698][ T7979] ? __ip_make_skb+0xf15/0x1820 [ 200.354564][ T7979] ? ip_append_data.part.0+0x170/0x170 [ 200.360026][ T7979] ? dst_release+0x62/0xb0 [ 200.364443][ T7979] ? __ip_make_skb+0xf93/0x1820 [ 200.369292][ T7979] ip_local_out+0xc4/0x1b0 [ 200.373711][ T7979] ip_send_skb+0x42/0xf0 [ 200.377951][ T7979] ip_push_pending_frames+0x64/0x80 [ 200.383144][ T7979] raw_sendmsg+0x1e6d/0x2f20 [ 200.387741][ T7979] ? compat_raw_getsockopt+0x100/0x100 [ 200.393198][ T7979] ? trace_hardirqs_on_caller+0x6a/0x220 [ 200.398833][ T7979] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 200.404289][ T7979] ? retint_kernel+0x2d/0x2d [ 200.408884][ T7979] ? ___might_sleep+0x163/0x280 [ 200.413733][ T7979] ? __might_sleep+0x95/0x190 [ 200.418496][ T7979] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 200.424135][ T7979] ? aa_sk_perm+0x288/0x880 [ 200.428636][ T7979] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 200.434177][ T7979] inet_sendmsg+0x147/0x5e0 [ 200.438684][ T7979] ? compat_raw_getsockopt+0x100/0x100 [ 200.444140][ T7979] ? inet_sendmsg+0x147/0x5e0 [ 200.448814][ T7979] ? ipip_gro_receive+0x100/0x100 [ 200.453841][ T7979] sock_sendmsg+0xdd/0x130 [ 200.458258][ T7979] kernel_sendmsg+0x44/0x50 [ 200.462747][ T7979] sock_no_sendpage+0x116/0x150 [ 200.467603][ T7979] ? sock_kfree_s+0x70/0x70 [ 200.472094][ T7979] ? debug_check_no_obj_freed+0x211/0x444 [ 200.477808][ T7979] ? mark_held_locks+0xa4/0xf0 [ 200.482555][ T7979] inet_sendpage+0x44a/0x630 [ 200.487169][ T7979] kernel_sendpage+0x95/0xf0 [ 200.491741][ T7979] ? inet_sendmsg+0x5e0/0x5e0 [ 200.496440][ T7979] sock_sendpage+0x8b/0xc0 [ 200.500842][ T7979] ? lockdep_hardirqs_on+0x418/0x5d0 [ 200.506135][ T7979] pipe_to_sendpage+0x299/0x370 [ 200.510983][ T7979] ? kernel_sendpage+0xf0/0xf0 [ 200.515731][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 200.520997][ T7979] ? __put_page+0x92/0xd0 [ 200.525323][ T7979] ? anon_pipe_buf_release+0x1c6/0x270 [ 200.530777][ T7979] __splice_from_pipe+0x395/0x7d0 [ 200.535796][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 200.541082][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 200.546376][ T7979] splice_from_pipe+0x108/0x170 [ 200.551320][ T7979] ? splice_shrink_spd+0xd0/0xd0 [ 200.556246][ T7979] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 200.562473][ T7979] ? security_file_permission+0x94/0x380 [ 200.568099][ T7979] generic_splice_sendpage+0x3c/0x50 [ 200.573378][ T7979] ? splice_from_pipe+0x170/0x170 [ 200.578406][ T7979] do_splice+0x70a/0x13c0 [ 200.582725][ T7979] ? opipe_prep.part.0+0x2d0/0x2d0 [ 200.587834][ T7979] ? __fget_light+0x1a9/0x230 [ 200.592515][ T7979] __x64_sys_splice+0x2c6/0x330 [ 200.597363][ T7979] do_syscall_64+0x103/0x610 [ 200.601935][ T7979] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 200.607815][ T7979] RIP: 0033:0x4582b9 [ 200.611706][ T7979] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 200.631378][ T7979] RSP: 002b:00007fda9d39fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 200.639769][ T7979] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 200.647721][ T7979] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 200.655683][ T7979] RBP: 000000000073bfa0 R08: 0000000000810005 R09: 0000000000000000 [ 200.663652][ T7979] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fda9d3a06d4 [ 200.671617][ T7979] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 200.680134][ T7979] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/7979 [ 200.689456][ T7979] caller is sk_mc_loop+0x1d/0x210 [ 200.694542][ T7979] CPU: 0 PID: 7979 Comm: syz-executor.0 Not tainted 5.1.0-rc3-next-20190405 #19 [ 200.703565][ T7979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 200.713620][ T7979] Call Trace: [ 200.716910][ T7979] dump_stack+0x172/0x1f0 [ 200.721228][ T7979] __this_cpu_preempt_check+0x246/0x270 [ 200.726798][ T7979] sk_mc_loop+0x1d/0x210 [ 200.731036][ T7979] ip_mc_output+0x2ef/0xf70 [ 200.735554][ T7979] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 200.740689][ T7979] ? __ip_make_skb+0xf15/0x1820 [ 200.745544][ T7979] ? ip_append_data.part.0+0x170/0x170 [ 200.751010][ T7979] ? dst_release+0x62/0xb0 [ 200.755445][ T7979] ? __ip_make_skb+0xf93/0x1820 [ 200.760370][ T7979] ip_local_out+0xc4/0x1b0 [ 200.764784][ T7979] ip_send_skb+0x42/0xf0 [ 200.769030][ T7979] ip_push_pending_frames+0x64/0x80 [ 200.774228][ T7979] raw_sendmsg+0x1e6d/0x2f20 [ 200.778822][ T7979] ? compat_raw_getsockopt+0x100/0x100 [ 200.784275][ T7979] ? trace_hardirqs_on_caller+0x6a/0x220 [ 200.789907][ T7979] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 200.795370][ T7979] ? retint_kernel+0x2d/0x2d [ 200.799948][ T7979] ? ___might_sleep+0x163/0x280 [ 200.804797][ T7979] ? __might_sleep+0x95/0x190 [ 200.809468][ T7979] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 200.815080][ T7979] ? aa_sk_perm+0x288/0x880 [ 200.819607][ T7979] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 200.825153][ T7979] inet_sendmsg+0x147/0x5e0 [ 200.829651][ T7979] ? compat_raw_getsockopt+0x100/0x100 [ 200.835091][ T7979] ? inet_sendmsg+0x147/0x5e0 [ 200.839751][ T7979] ? ipip_gro_receive+0x100/0x100 [ 200.844770][ T7979] sock_sendmsg+0xdd/0x130 [ 200.849185][ T7979] kernel_sendmsg+0x44/0x50 [ 200.853689][ T7979] sock_no_sendpage+0x116/0x150 [ 200.858551][ T7979] ? sock_kfree_s+0x70/0x70 [ 200.863163][ T7979] ? debug_check_no_obj_freed+0x211/0x444 [ 200.868898][ T7979] ? mark_held_locks+0xa4/0xf0 [ 200.873677][ T7979] inet_sendpage+0x44a/0x630 [ 200.878281][ T7979] kernel_sendpage+0x95/0xf0 [ 200.882878][ T7979] ? inet_sendmsg+0x5e0/0x5e0 [ 200.887568][ T7979] sock_sendpage+0x8b/0xc0 [ 200.891994][ T7979] ? lockdep_hardirqs_on+0x418/0x5d0 [ 200.897287][ T7979] pipe_to_sendpage+0x299/0x370 [ 200.902149][ T7979] ? kernel_sendpage+0xf0/0xf0 [ 200.906925][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 200.912217][ T7979] ? __put_page+0x92/0xd0 [ 200.916557][ T7979] ? anon_pipe_buf_release+0x1c6/0x270 [ 200.922027][ T7979] __splice_from_pipe+0x395/0x7d0 [ 200.927060][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 200.932343][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 200.937621][ T7979] splice_from_pipe+0x108/0x170 [ 200.942476][ T7979] ? splice_shrink_spd+0xd0/0xd0 [ 200.947426][ T7979] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 200.953669][ T7979] ? security_file_permission+0x94/0x380 [ 200.959304][ T7979] generic_splice_sendpage+0x3c/0x50 [ 200.964609][ T7979] ? splice_from_pipe+0x170/0x170 [ 200.969727][ T7979] do_splice+0x70a/0x13c0 [ 200.974069][ T7979] ? opipe_prep.part.0+0x2d0/0x2d0 [ 200.979184][ T7979] ? __fget_light+0x1a9/0x230 [ 200.983866][ T7979] __x64_sys_splice+0x2c6/0x330 [ 200.988728][ T7979] do_syscall_64+0x103/0x610 [ 200.993324][ T7979] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 200.999221][ T7979] RIP: 0033:0x4582b9 [ 201.003117][ T7979] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 201.022725][ T7979] RSP: 002b:00007fda9d39fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 201.031178][ T7979] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 201.039151][ T7979] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 201.047123][ T7979] RBP: 000000000073bfa0 R08: 0000000000810005 R09: 0000000000000000 [ 201.055094][ T7979] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fda9d3a06d4 [ 201.063065][ T7979] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 201.071627][ T7979] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/7979 [ 201.080981][ T7979] caller is sk_mc_loop+0x1d/0x210 [ 201.086092][ T7979] CPU: 0 PID: 7979 Comm: syz-executor.0 Not tainted 5.1.0-rc3-next-20190405 #19 [ 201.095125][ T7979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 201.105604][ T7979] Call Trace: [ 201.108881][ T7979] dump_stack+0x172/0x1f0 [ 201.113211][ T7979] __this_cpu_preempt_check+0x246/0x270 [ 201.118750][ T7979] sk_mc_loop+0x1d/0x210 [ 201.122986][ T7979] ip_mc_output+0x2ef/0xf70 [ 201.127489][ T7979] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 201.132608][ T7979] ? __ip_make_skb+0xf15/0x1820 [ 201.137458][ T7979] ? ip_append_data.part.0+0x170/0x170 [ 201.142922][ T7979] ? dst_release+0x62/0xb0 [ 201.147366][ T7979] ? __ip_make_skb+0xf93/0x1820 [ 201.152206][ T7979] ip_local_out+0xc4/0x1b0 [ 201.156617][ T7979] ip_send_skb+0x42/0xf0 [ 201.160856][ T7979] ip_push_pending_frames+0x64/0x80 [ 201.166039][ T7979] raw_sendmsg+0x1e6d/0x2f20 [ 201.170616][ T7979] ? compat_raw_getsockopt+0x100/0x100 [ 201.176084][ T7979] ? trace_hardirqs_on_caller+0x6a/0x220 [ 201.181742][ T7979] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 201.187187][ T7979] ? retint_kernel+0x2d/0x2d [ 201.191774][ T7979] ? ___might_sleep+0x163/0x280 [ 201.196643][ T7979] ? __might_sleep+0x95/0x190 [ 201.201323][ T7979] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 201.207031][ T7979] ? aa_sk_perm+0x288/0x880 [ 201.211528][ T7979] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 201.217069][ T7979] inet_sendmsg+0x147/0x5e0 [ 201.221566][ T7979] ? compat_raw_getsockopt+0x100/0x100 [ 201.227003][ T7979] ? inet_sendmsg+0x147/0x5e0 [ 201.231663][ T7979] ? ipip_gro_receive+0x100/0x100 [ 201.236683][ T7979] sock_sendmsg+0xdd/0x130 [ 201.241185][ T7979] kernel_sendmsg+0x44/0x50 [ 201.245675][ T7979] sock_no_sendpage+0x116/0x150 [ 201.250511][ T7979] ? sock_kfree_s+0x70/0x70 [ 201.255016][ T7979] ? debug_check_no_obj_freed+0x211/0x444 [ 201.260735][ T7979] ? mark_held_locks+0xa4/0xf0 [ 201.265492][ T7979] inet_sendpage+0x44a/0x630 [ 201.270093][ T7979] kernel_sendpage+0x95/0xf0 [ 201.274675][ T7979] ? inet_sendmsg+0x5e0/0x5e0 [ 201.279357][ T7979] sock_sendpage+0x8b/0xc0 [ 201.283862][ T7979] ? lockdep_hardirqs_on+0x418/0x5d0 [ 201.289143][ T7979] pipe_to_sendpage+0x299/0x370 [ 201.293990][ T7979] ? kernel_sendpage+0xf0/0xf0 [ 201.299780][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 201.305050][ T7979] ? __put_page+0x92/0xd0 [ 201.309362][ T7979] ? anon_pipe_buf_release+0x1c6/0x270 [ 201.314817][ T7979] __splice_from_pipe+0x395/0x7d0 [ 201.319858][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 201.325130][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 201.330397][ T7979] splice_from_pipe+0x108/0x170 [ 201.335245][ T7979] ? splice_shrink_spd+0xd0/0xd0 [ 201.340183][ T7979] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 201.346431][ T7979] ? security_file_permission+0x94/0x380 [ 201.352054][ T7979] generic_splice_sendpage+0x3c/0x50 [ 201.357337][ T7979] ? splice_from_pipe+0x170/0x170 [ 201.362358][ T7979] do_splice+0x70a/0x13c0 [ 201.366682][ T7979] ? opipe_prep.part.0+0x2d0/0x2d0 [ 201.371796][ T7979] ? __fget_light+0x1a9/0x230 [ 201.376475][ T7979] __x64_sys_splice+0x2c6/0x330 [ 201.381350][ T7979] do_syscall_64+0x103/0x610 [ 201.385933][ T7979] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 201.391831][ T7979] RIP: 0033:0x4582b9 [ 201.395725][ T7979] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 201.416029][ T7979] RSP: 002b:00007fda9d39fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 201.424446][ T7979] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 201.432404][ T7979] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 201.440364][ T7979] RBP: 000000000073bfa0 R08: 0000000000810005 R09: 0000000000000000 [ 201.448331][ T7979] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fda9d3a06d4 [ 201.456292][ T7979] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 201.464844][ T7979] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/7979 [ 201.474208][ T7979] caller is sk_mc_loop+0x1d/0x210 [ 201.479237][ T7979] CPU: 0 PID: 7979 Comm: syz-executor.0 Not tainted 5.1.0-rc3-next-20190405 #19 [ 201.488240][ T7979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 201.498279][ T7979] Call Trace: [ 201.501560][ T7979] dump_stack+0x172/0x1f0 [ 201.505881][ T7979] __this_cpu_preempt_check+0x246/0x270 [ 201.511433][ T7979] sk_mc_loop+0x1d/0x210 [ 201.515678][ T7979] ip_mc_output+0x2ef/0xf70 [ 201.520180][ T7979] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 201.525275][ T7979] ? __ip_make_skb+0xf15/0x1820 [ 201.530121][ T7979] ? ip_append_data.part.0+0x170/0x170 [ 201.535584][ T7979] ? dst_release+0x62/0xb0 [ 201.539995][ T7979] ? __ip_make_skb+0xf93/0x1820 [ 201.544832][ T7979] ip_local_out+0xc4/0x1b0 [ 201.549229][ T7979] ip_send_skb+0x42/0xf0 [ 201.553464][ T7979] ip_push_pending_frames+0x64/0x80 [ 201.558664][ T7979] raw_sendmsg+0x1e6d/0x2f20 [ 201.563256][ T7979] ? compat_raw_getsockopt+0x100/0x100 [ 201.568709][ T7979] ? trace_hardirqs_on_caller+0x6a/0x220 [ 201.574427][ T7979] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 201.579887][ T7979] ? retint_kernel+0x2d/0x2d [ 201.584469][ T7979] ? ___might_sleep+0x163/0x280 [ 201.589335][ T7979] ? __might_sleep+0x95/0x190 [ 201.594010][ T7979] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 201.599634][ T7979] ? aa_sk_perm+0x288/0x880 [ 201.604128][ T7979] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 201.609678][ T7979] inet_sendmsg+0x147/0x5e0 [ 201.614174][ T7979] ? compat_raw_getsockopt+0x100/0x100 [ 201.619621][ T7979] ? inet_sendmsg+0x147/0x5e0 [ 201.624304][ T7979] ? ipip_gro_receive+0x100/0x100 [ 201.629339][ T7979] sock_sendmsg+0xdd/0x130 [ 201.633764][ T7979] kernel_sendmsg+0x44/0x50 [ 201.638263][ T7979] sock_no_sendpage+0x116/0x150 [ 201.643108][ T7979] ? sock_kfree_s+0x70/0x70 [ 201.647609][ T7979] ? debug_check_no_obj_freed+0x211/0x444 [ 201.653333][ T7979] ? mark_held_locks+0xa4/0xf0 [ 201.658118][ T7979] inet_sendpage+0x44a/0x630 [ 201.662697][ T7979] kernel_sendpage+0x95/0xf0 [ 201.667270][ T7979] ? inet_sendmsg+0x5e0/0x5e0 [ 201.671951][ T7979] sock_sendpage+0x8b/0xc0 [ 201.676362][ T7979] ? lockdep_hardirqs_on+0x418/0x5d0 [ 201.681642][ T7979] pipe_to_sendpage+0x299/0x370 [ 201.686479][ T7979] ? kernel_sendpage+0xf0/0xf0 [ 201.691238][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 201.696554][ T7979] ? __put_page+0x92/0xd0 [ 201.700880][ T7979] ? anon_pipe_buf_release+0x1c6/0x270 [ 201.706323][ T7979] __splice_from_pipe+0x395/0x7d0 [ 201.711344][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 201.716631][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 201.721946][ T7979] splice_from_pipe+0x108/0x170 [ 201.726822][ T7979] ? splice_shrink_spd+0xd0/0xd0 [ 201.731762][ T7979] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 201.738000][ T7979] ? security_file_permission+0x94/0x380 [ 201.743642][ T7979] generic_splice_sendpage+0x3c/0x50 [ 201.748925][ T7979] ? splice_from_pipe+0x170/0x170 [ 201.753940][ T7979] do_splice+0x70a/0x13c0 [ 201.758291][ T7979] ? opipe_prep.part.0+0x2d0/0x2d0 [ 201.763399][ T7979] ? __fget_light+0x1a9/0x230 [ 201.768072][ T7979] __x64_sys_splice+0x2c6/0x330 [ 201.772932][ T7979] do_syscall_64+0x103/0x610 [ 201.777533][ T7979] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 201.783419][ T7979] RIP: 0033:0x4582b9 [ 201.787317][ T7979] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 201.806907][ T7979] RSP: 002b:00007fda9d39fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 201.815331][ T7979] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 201.823308][ T7979] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 201.831294][ T7979] RBP: 000000000073bfa0 R08: 0000000000810005 R09: 0000000000000000 [ 201.839261][ T7979] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fda9d3a06d4 [ 201.847219][ T7979] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff 10:58:57 executing program 2: mkdir(&(0x7f0000000040)='./control\x00', 0x0) open(&(0x7f0000000000)='./control\x00', 0xc40beb2474dfd22a, 0xf6ffffff) [ 201.855880][ C0] sched: RT throttling activated [ 201.882596][ T7955] bridge0: port 2(bridge_slave_1) entered blocking state [ 201.896639][ T7955] bridge0: port 2(bridge_slave_1) entered disabled state [ 201.905033][ T7955] device bridge_slave_1 entered promiscuous mode [ 201.914451][ T269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 201.922229][ T269] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 201.930028][ T269] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 201.938681][ T269] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 201.947003][ T269] bridge0: port 1(bridge_slave_0) entered blocking state [ 201.954117][ T269] bridge0: port 1(bridge_slave_0) entered forwarding state [ 201.961606][ T269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 201.970240][ T269] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 201.978501][ T269] bridge0: port 2(bridge_slave_1) entered blocking state [ 201.985601][ T269] bridge0: port 2(bridge_slave_1) entered forwarding state [ 201.993327][ T269] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 201.994122][ T7979] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/7979 [ 202.001956][ T269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 202.010591][ T7979] caller is sk_mc_loop+0x1d/0x210 [ 202.010612][ T7979] CPU: 0 PID: 7979 Comm: syz-executor.0 Not tainted 5.1.0-rc3-next-20190405 #19 [ 202.019282][ T269] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 202.023503][ T7979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 202.023516][ T7979] Call Trace: [ 202.023543][ T7979] dump_stack+0x172/0x1f0 [ 202.023567][ T7979] __this_cpu_preempt_check+0x246/0x270 [ 202.033341][ T269] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 202.040471][ T7979] sk_mc_loop+0x1d/0x210 [ 202.051288][ T269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 202.053817][ T7979] ip_mc_output+0x2ef/0xf70 [ 202.053838][ T7979] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 202.053852][ T7979] ? __ip_make_skb+0xf15/0x1820 [ 202.053869][ T7979] ? ip_append_data.part.0+0x170/0x170 [ 202.053882][ T7979] ? dst_release+0x62/0xb0 [ 202.053896][ T7979] ? __ip_make_skb+0xf93/0x1820 [ 202.053911][ T7979] ip_local_out+0xc4/0x1b0 [ 202.053926][ T7979] ip_send_skb+0x42/0xf0 [ 202.053940][ T7979] ip_push_pending_frames+0x64/0x80 [ 202.053955][ T7979] raw_sendmsg+0x1e6d/0x2f20 [ 202.053979][ T7979] ? compat_raw_getsockopt+0x100/0x100 [ 202.053995][ T7979] ? trace_hardirqs_on_caller+0x6a/0x220 [ 202.054016][ T7979] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 202.054037][ T7979] ? retint_kernel+0x2d/0x2d [ 202.054064][ T7979] ? ___might_sleep+0x163/0x280 [ 202.054082][ T7979] ? __might_sleep+0x95/0x190 [ 202.054100][ T7979] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 202.054114][ T7979] ? aa_sk_perm+0x288/0x880 [ 202.054137][ T7979] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 202.059098][ T269] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 202.063999][ T7979] inet_sendmsg+0x147/0x5e0 [ 202.064013][ T7979] ? compat_raw_getsockopt+0x100/0x100 [ 202.064025][ T7979] ? inet_sendmsg+0x147/0x5e0 [ 202.064038][ T7979] ? ipip_gro_receive+0x100/0x100 [ 202.064060][ T7979] sock_sendmsg+0xdd/0x130 [ 202.072437][ T269] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 202.076090][ T7979] kernel_sendmsg+0x44/0x50 [ 202.076108][ T7979] sock_no_sendpage+0x116/0x150 [ 202.076122][ T7979] ? sock_kfree_s+0x70/0x70 [ 202.076141][ T7979] ? debug_check_no_obj_freed+0x211/0x444 [ 202.076166][ T7979] ? mark_held_locks+0xa4/0xf0 [ 202.084608][ T269] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 202.088553][ T7979] inet_sendpage+0x44a/0x630 [ 202.094359][ T269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 202.098495][ T7979] kernel_sendpage+0x95/0xf0 [ 202.109956][ T269] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 202.113167][ T7979] ? inet_sendmsg+0x5e0/0x5e0 [ 202.113189][ T7979] sock_sendpage+0x8b/0xc0 [ 202.113203][ T7979] ? lockdep_hardirqs_on+0x418/0x5d0 [ 202.113221][ T7979] pipe_to_sendpage+0x299/0x370 [ 202.113237][ T7979] ? kernel_sendpage+0xf0/0xf0 [ 202.113262][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 202.164068][ T7952] 8021q: adding VLAN 0 to HW filter on device bond0 [ 202.167907][ T7979] ? __put_page+0x92/0xd0 [ 202.187482][ T7952] 8021q: adding VLAN 0 to HW filter on device team0 [ 202.190215][ T7979] ? anon_pipe_buf_release+0x1c6/0x270 [ 202.190240][ T7979] __splice_from_pipe+0x395/0x7d0 [ 202.229824][ T7952] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 202.231383][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 202.231411][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 202.242464][ T7952] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 202.249578][ T7979] splice_from_pipe+0x108/0x170 [ 202.249597][ T7979] ? splice_shrink_spd+0xd0/0xd0 [ 202.249619][ T7979] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 202.249638][ T7979] ? security_file_permission+0x94/0x380 [ 202.249656][ T7979] generic_splice_sendpage+0x3c/0x50 [ 202.249668][ T7979] ? splice_from_pipe+0x170/0x170 [ 202.249691][ T7979] do_splice+0x70a/0x13c0 [ 202.278454][ T7952] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 202.279034][ T7979] ? opipe_prep.part.0+0x2d0/0x2d0 [ 202.288720][ T7979] ? __fget_light+0x1a9/0x230 [ 202.288750][ T7979] __x64_sys_splice+0x2c6/0x330 [ 202.326730][ T7979] do_syscall_64+0x103/0x610 [ 202.342065][ T7979] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 202.342077][ T7979] RIP: 0033:0x4582b9 [ 202.342092][ T7979] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 202.342099][ T7979] RSP: 002b:00007fda9d39fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 202.342111][ T7979] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 202.342118][ T7979] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 202.342125][ T7979] RBP: 000000000073bfa0 R08: 0000000000810005 R09: 0000000000000000 [ 202.342133][ T7979] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fda9d3a06d4 [ 202.342141][ T7979] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 202.343843][ T7979] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/7979 [ 202.384850][ T7979] caller is sk_mc_loop+0x1d/0x210 [ 202.384869][ T7979] CPU: 0 PID: 7979 Comm: syz-executor.0 Not tainted 5.1.0-rc3-next-20190405 #19 [ 202.384878][ T7979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 202.384883][ T7979] Call Trace: [ 202.384905][ T7979] dump_stack+0x172/0x1f0 [ 202.384929][ T7979] __this_cpu_preempt_check+0x246/0x270 [ 202.384944][ T7979] sk_mc_loop+0x1d/0x210 [ 202.384967][ T7979] ip_mc_output+0x2ef/0xf70 [ 202.421191][ T7979] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 202.421207][ T7979] ? __ip_make_skb+0xf15/0x1820 [ 202.421233][ T7979] ? ip_append_data.part.0+0x170/0x170 [ 202.455433][ T7979] ? dst_release+0x62/0xb0 [ 202.455452][ T7979] ? __ip_make_skb+0xf93/0x1820 [ 202.455470][ T7979] ip_local_out+0xc4/0x1b0 [ 202.455487][ T7979] ip_send_skb+0x42/0xf0 [ 202.455502][ T7979] ip_push_pending_frames+0x64/0x80 [ 202.455526][ T7979] raw_sendmsg+0x1e6d/0x2f20 [ 202.455551][ T7979] ? compat_raw_getsockopt+0x100/0x100 [ 202.455568][ T7979] ? trace_hardirqs_on_caller+0x6a/0x220 [ 202.455590][ T7979] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 202.455610][ T7979] ? retint_kernel+0x2d/0x2d [ 202.455633][ T7979] ? ___might_sleep+0x163/0x280 [ 202.455656][ T7979] ? __might_sleep+0x95/0x190 [ 202.498030][ T7979] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 202.498057][ T7979] ? aa_sk_perm+0x288/0x880 [ 202.498080][ T7979] ? __lock_acquire+0x548/0x3fb0 [ 202.515332][ T7979] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 202.515353][ T7979] inet_sendmsg+0x147/0x5e0 [ 202.515367][ T7979] ? compat_raw_getsockopt+0x100/0x100 [ 202.515378][ T7979] ? inet_sendmsg+0x147/0x5e0 [ 202.515392][ T7979] ? ipip_gro_receive+0x100/0x100 [ 202.515418][ T7979] sock_sendmsg+0xdd/0x130 [ 202.529467][ T7979] kernel_sendmsg+0x44/0x50 [ 202.529486][ T7979] sock_no_sendpage+0x116/0x150 [ 202.529502][ T7979] ? sock_kfree_s+0x70/0x70 [ 202.529531][ T7979] ? do_raw_spin_unlock+0x57/0x270 [ 202.529563][ T7979] inet_sendpage+0x44a/0x630 [ 202.529585][ T7979] kernel_sendpage+0x95/0xf0 [ 202.529605][ T7979] ? inet_sendmsg+0x5e0/0x5e0 [ 202.712286][ T7979] sock_sendpage+0x8b/0xc0 [ 202.716683][ T7979] ? lockdep_hardirqs_on+0x418/0x5d0 [ 202.721952][ T7979] pipe_to_sendpage+0x299/0x370 [ 202.726793][ T7979] ? kernel_sendpage+0xf0/0xf0 [ 202.731551][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 202.736851][ T7979] ? __put_page+0x92/0xd0 [ 202.741178][ T7979] ? anon_pipe_buf_release+0x1c6/0x270 [ 202.746623][ T7979] __splice_from_pipe+0x395/0x7d0 [ 202.751632][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 202.756913][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 202.762183][ T7979] splice_from_pipe+0x108/0x170 [ 202.767049][ T7979] ? splice_shrink_spd+0xd0/0xd0 [ 202.771974][ T7979] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 202.778217][ T7979] ? security_file_permission+0x94/0x380 [ 202.783849][ T7979] generic_splice_sendpage+0x3c/0x50 [ 202.789140][ T7979] ? splice_from_pipe+0x170/0x170 [ 202.794203][ T7979] do_splice+0x70a/0x13c0 [ 202.798533][ T7979] ? opipe_prep.part.0+0x2d0/0x2d0 [ 202.803645][ T7979] ? __fget_light+0x1a9/0x230 [ 202.808318][ T7979] __x64_sys_splice+0x2c6/0x330 [ 202.813170][ T7979] do_syscall_64+0x103/0x610 [ 202.817785][ T7979] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 202.823677][ T7979] RIP: 0033:0x4582b9 [ 202.827590][ T7979] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 202.847182][ T7979] RSP: 002b:00007fda9d39fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 202.855592][ T7979] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 202.863566][ T7979] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 202.871533][ T7979] RBP: 000000000073bfa0 R08: 0000000000810005 R09: 0000000000000000 [ 202.879517][ T7979] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fda9d3a06d4 [ 202.887500][ T7979] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 202.896601][ T7979] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/7979 [ 202.905943][ T7979] caller is sk_mc_loop+0x1d/0x210 [ 202.905961][ T7979] CPU: 0 PID: 7979 Comm: syz-executor.0 Not tainted 5.1.0-rc3-next-20190405 #19 [ 202.905970][ T7979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 202.905975][ T7979] Call Trace: [ 202.905995][ T7979] dump_stack+0x172/0x1f0 [ 202.906026][ T7979] __this_cpu_preempt_check+0x246/0x270 [ 202.920071][ T7979] sk_mc_loop+0x1d/0x210 [ 202.920090][ T7979] ip_mc_output+0x2ef/0xf70 [ 202.920110][ T7979] ? __ip_queue_xmit+0x1bf0/0x1bf0 [ 202.943285][ T7979] ? __ip_make_skb+0xf15/0x1820 [ 202.943304][ T7979] ? ip_append_data.part.0+0x170/0x170 [ 202.943318][ T7979] ? dst_release+0x62/0xb0 [ 202.943335][ T7979] ? __ip_make_skb+0xf93/0x1820 [ 202.943352][ T7979] ip_local_out+0xc4/0x1b0 [ 202.943371][ T7979] ip_send_skb+0x42/0xf0 [ 202.943392][ T7979] ip_push_pending_frames+0x64/0x80 [ 202.952130][ T7979] raw_sendmsg+0x1e6d/0x2f20 [ 202.952165][ T7979] ? compat_raw_getsockopt+0x100/0x100 [ 202.962117][ T7979] ? trace_hardirqs_on_caller+0x6a/0x220 [ 203.006227][ T7979] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 203.011674][ T7979] ? retint_kernel+0x2d/0x2d [ 203.016267][ T7979] ? ___might_sleep+0x163/0x280 [ 203.021111][ T7979] ? __might_sleep+0x95/0x190 [ 203.025786][ T7979] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 203.031423][ T7979] ? aa_sk_perm+0x288/0x880 [ 203.035931][ T7979] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 203.041487][ T7979] inet_sendmsg+0x147/0x5e0 [ 203.045980][ T7979] ? compat_raw_getsockopt+0x100/0x100 [ 203.051417][ T7979] ? inet_sendmsg+0x147/0x5e0 [ 203.056087][ T7979] ? ipip_gro_receive+0x100/0x100 [ 203.061103][ T7979] sock_sendmsg+0xdd/0x130 [ 203.065502][ T7979] kernel_sendmsg+0x44/0x50 [ 203.070022][ T7979] sock_no_sendpage+0x116/0x150 [ 203.074868][ T7979] ? sock_kfree_s+0x70/0x70 [ 203.079370][ T7979] ? debug_check_no_obj_freed+0x211/0x444 [ 203.085086][ T7979] ? mark_held_locks+0xa4/0xf0 [ 203.089832][ T7979] inet_sendpage+0x44a/0x630 [ 203.094421][ T7979] kernel_sendpage+0x95/0xf0 [ 203.099002][ T7979] ? inet_sendmsg+0x5e0/0x5e0 [ 203.103677][ T7979] sock_sendpage+0x8b/0xc0 [ 203.108085][ T7979] ? lockdep_hardirqs_on+0x418/0x5d0 [ 203.113363][ T7979] pipe_to_sendpage+0x299/0x370 [ 203.118209][ T7979] ? kernel_sendpage+0xf0/0xf0 [ 203.122962][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 203.128242][ T7979] ? __put_page+0x92/0xd0 [ 203.132555][ T7979] ? anon_pipe_buf_release+0x1c6/0x270 [ 203.137996][ T7979] __splice_from_pipe+0x395/0x7d0 [ 203.143016][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 203.148297][ T7979] ? direct_splice_actor+0x1a0/0x1a0 [ 203.153571][ T7979] splice_from_pipe+0x108/0x170 [ 203.158418][ T7979] ? splice_shrink_spd+0xd0/0xd0 [ 203.163360][ T7979] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 203.169599][ T7979] ? security_file_permission+0x94/0x380 [ 203.175231][ T7979] generic_splice_sendpage+0x3c/0x50 [ 203.180513][ T7979] ? splice_from_pipe+0x170/0x170 [ 203.185522][ T7979] do_splice+0x70a/0x13c0 [ 203.189855][ T7979] ? opipe_prep.part.0+0x2d0/0x2d0 [ 203.194964][ T7979] ? __fget_light+0x1a9/0x230 [ 203.199643][ T7979] __x64_sys_splice+0x2c6/0x330 [ 203.204504][ T7979] do_syscall_64+0x103/0x610 [ 203.209112][ T7979] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 203.215009][ T7979] RIP: 0033:0x4582b9 [ 203.218898][ T7979] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 203.238579][ T7979] RSP: 002b:00007fda9d39fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 203.246975][ T7979] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 203.254942][ T7979] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 203.262917][ T7979] RBP: 000000000073bfa0 R08: 0000000000810005 R09: 0000000000000000 [ 203.270881][ T7979] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fda9d3a06d4 [ 203.278830][ T7979] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 203.356790][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 203.369866][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 203.378083][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 203.386137][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 203.394736][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 203.402373][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 203.412199][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 203.420666][ T7946] bridge0: port 1(bridge_slave_0) entered blocking state [ 203.427790][ T7946] bridge0: port 1(bridge_slave_0) entered forwarding state [ 203.435367][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 203.443992][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 203.452243][ T7946] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.459333][ T7946] bridge0: port 2(bridge_slave_1) entered forwarding state [ 203.466857][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 203.475591][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 203.484018][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 203.492381][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 203.500923][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 203.509295][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 203.517721][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 203.526090][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 203.534416][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 203.542556][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 203.552117][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 203.560039][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 203.567884][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 203.581580][ T7960] bridge0: port 1(bridge_slave_0) entered blocking state [ 203.589401][ T7960] bridge0: port 1(bridge_slave_0) entered disabled state [ 203.597160][ T7960] device bridge_slave_0 entered promiscuous mode [ 203.611607][ T7955] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 203.633575][ T7955] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 203.642278][ T7960] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.649837][ T7960] bridge0: port 2(bridge_slave_1) entered disabled state [ 203.662366][ T7960] device bridge_slave_1 entered promiscuous mode [ 203.673412][ T7947] 8021q: adding VLAN 0 to HW filter on device bond0 [ 203.705469][ T7960] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 203.715434][ T7960] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 203.740046][ T7955] team0: Port device team_slave_0 added [ 203.747813][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 203.756044][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 203.776202][ T7955] team0: Port device team_slave_1 added [ 203.783579][ T7947] 8021q: adding VLAN 0 to HW filter on device team0 [ 203.792139][ T7960] team0: Port device team_slave_0 added [ 203.806965][ T7960] team0: Port device team_slave_1 added [ 203.824435][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 203.833186][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 203.841437][ T2995] bridge0: port 1(bridge_slave_0) entered blocking state [ 203.848534][ T2995] bridge0: port 1(bridge_slave_0) entered forwarding state [ 203.935810][ T7955] device hsr_slave_0 entered promiscuous mode [ 203.993316][ T7955] device hsr_slave_1 entered promiscuous mode [ 204.035457][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 204.043654][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 204.052062][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 204.060437][ T7953] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.067512][ T7953] bridge0: port 2(bridge_slave_1) entered forwarding state [ 204.076260][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 204.084819][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 204.095727][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 204.104352][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 204.113027][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 204.154821][ T7960] device hsr_slave_0 entered promiscuous mode [ 204.193471][ T7960] device hsr_slave_1 entered promiscuous mode [ 204.252403][ T7947] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 204.263833][ T7947] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 204.284323][ T7961] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 204.293388][ T7961] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 204.301673][ T7961] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 204.310498][ T7961] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 204.319136][ T7961] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 204.328022][ T7961] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 204.336435][ T7961] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 204.376394][ T7947] 8021q: adding VLAN 0 to HW filter on device batadv0 10:59:01 executing program 1: socket$inet_dccp(0x2, 0x6, 0x0) ioctl$sock_bt_bnep_BNEPCONNDEL(0xffffffffffffffff, 0x400442c9, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6_tcp(0xa, 0x1, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000340), 0x10000014c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TCSETA(0xffffffffffffffff, 0x5406, 0x0) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b9}, &(0x7f0000000200)={0x0, r2+30000000}, &(0x7f0000000300)={0x0}) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 10:59:01 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x0}) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_dgram(r1, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x0}, 0x10) unshare(0x20040600) shutdown(r1, 0x0) 10:59:01 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000980)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f00000000c0)=[{0xb1, 0x0, 0x0, 0xfffffffffffffffe}, {0x6}]}, 0x10) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmmsg(r0, &(0x7f000000bb80), 0xd8, 0x0) [ 204.453704][ T7960] 8021q: adding VLAN 0 to HW filter on device bond0 [ 204.516020][ T7960] 8021q: adding VLAN 0 to HW filter on device team0 [ 204.535771][ T7955] 8021q: adding VLAN 0 to HW filter on device bond0 [ 204.543497][ T7961] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 204.552414][ T7961] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 204.592123][ T7955] 8021q: adding VLAN 0 to HW filter on device team0 [ 204.599520][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 204.613366][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 204.621745][ T7953] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.628859][ T7953] bridge0: port 1(bridge_slave_0) entered forwarding state [ 204.640998][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 204.657758][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 204.667362][ T7953] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.674478][ T7953] bridge0: port 2(bridge_slave_1) entered forwarding state [ 204.693303][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 204.701058][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 204.717757][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 204.738289][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 204.748571][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 204.764088][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 204.772607][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.779747][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 204.811664][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 204.819837][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 204.835816][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 204.849706][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 204.861936][ T2995] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.869062][ T2995] bridge0: port 2(bridge_slave_1) entered forwarding state [ 204.882939][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 204.891807][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 204.904810][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 204.913744][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 204.922396][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 204.930879][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 204.947546][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 204.955356][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 204.964073][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 204.972239][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 204.981233][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 204.990606][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 205.006785][ T7955] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 205.017409][ T7955] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 205.031433][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 205.040162][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 205.048504][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 205.057309][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 205.065782][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 205.074093][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 205.082292][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 205.090630][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 205.098819][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 205.109372][ T7960] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 205.135719][ T7955] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 205.168947][ T7960] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 205.271029][ T3018] print_req_error: I/O error, dev loop4, sector 64 flags 0 [ 205.280136][ T2490] print_req_error: I/O error, dev loop4, sector 256 flags 0 [ 205.287833][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 205.299885][ T2490] print_req_error: I/O error, dev loop4, sector 512 flags 0 [ 205.307670][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512 [ 205.323633][ T8027] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 205.339210][ T8027] UDF-fs: Scanning with blocksize 512 failed [ 205.357303][ T2490] print_req_error: I/O error, dev loop4, sector 64 flags 0 [ 205.365094][ T2490] print_req_error: I/O error, dev loop4, sector 512 flags 0 [ 205.372429][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 205.388790][ T2490] print_req_error: I/O error, dev loop4, sector 1024 flags 0 [ 205.396850][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512 [ 205.407140][ T8027] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 205.417945][ T8027] UDF-fs: Scanning with blocksize 1024 failed [ 205.425347][ T2490] print_req_error: I/O error, dev loop4, sector 64 flags 0 [ 205.432781][ T3018] print_req_error: I/O error, dev loop4, sector 1024 flags 0 [ 205.440372][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 205.451364][ T3018] print_req_error: I/O error, dev loop4, sector 2048 flags 0 [ 205.458915][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512 [ 205.468521][ T8027] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 205.476501][ T8027] UDF-fs: Scanning with blocksize 2048 failed [ 205.482962][ T3018] print_req_error: I/O error, dev loop4, sector 64 flags 0 [ 205.490454][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 205.500769][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512 [ 205.510467][ T8027] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 205.518574][ T8027] UDF-fs: Scanning with blocksize 4096 failed [ 205.525257][ T8027] UDF-fs: warning (device loop4): udf_fill_super: No partition found (1) [ 205.537364][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 205.547322][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512 [ 205.557374][ T8027] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 205.565505][ T8027] UDF-fs: Scanning with blocksize 512 failed [ 205.572019][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 205.582476][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512 [ 205.592100][ T8027] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 205.600052][ T8027] UDF-fs: Scanning with blocksize 1024 failed [ 205.606913][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 205.617535][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512 [ 205.627353][ T8027] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 205.635512][ T8027] UDF-fs: Scanning with blocksize 2048 failed [ 205.642029][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 205.651826][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512 [ 205.662178][ T8027] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found 10:59:03 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x81000008912, &(0x7f0000000100)="0adc1f123c40a41d88b070") r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mixer\x00', 0x0, 0x0) ioctl$VHOST_GET_FEATURES(r1, 0x80044dfe, &(0x7f00000000c0)) 10:59:03 executing program 0: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='/\x02roup.stap\x00', 0x2761, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000000)={r0, 0x0}, 0x10) ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000080)=ANY=[@ANYBLOB="00ffffffff"]) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0xc0c0583b, 0x20000001) socketpair$unix(0x1, 0x0, 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) getpid() perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0xe703000000000000]}, 0x2c) 10:59:03 executing program 3: r0 = open(&(0x7f0000000280)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000001440)={0x8, "c0c814a55b6300d28afc61ac7dd1ffb869b761e8e53ee36e4be89e9fea175523e4468dec44bf8b5473c7a5062b4ede67dcb24cb9484ccfff2b3a70befc56e8ab2eee3483f5bf78c16beac035b700eb84e2216f268d02b717d2046c273814475b412437f7dc08a13a55d3c02132999dfd9fe80b750eff4d7c1da975b3835602728ae09e72527fcee19377e29c6c19e1ccce0f75e0e54001e3e83e473fa3d37eca8be1b3de565571e0e84f310c11fa8616068113b038aaa5c69967699fc2aa41c6f26fc22cf68e3577242c9b4ca20fab9de5885e0648fbd7af089b05f38f152d2f8144461608733c567b6dc5d2a07022c3764565c85abcfd99dd7a85e58939278235d50e8b321be7dbaa5141e097c28364fad2f713d666ca94f4e429687fcabb72aceeaf8abe5b506d98dc393b6e97492d785ead0ca2953f92c4d2b2c9f616e3d98b36be55a923fc5892413f7a3b615cec89b52e0ecdcee0aa5af72bcbb91b4bade7435dd8b529feaf13f8b48fcaca5952235d2e909f8831d8ca05a0daa3f6c581f388e0c1879b41fe63ef3d122bd0c5acd4fb07b96797918791075ae7383bb1bbdea574b31301ff37ecc45671ee2e7fc55bf6244025d1fd82dca56a42a23aa826a0b1e102bd87893ddc05649304eb1866c796e46e0d57f552bd572891ef892918bb2e7f2c6bcf68f388ea0c50f48c06de1b46b1434cdf25ca1288ebabe2a33d1c6effb77f91ef75471e93952caeda8ac2b2677e46d62b8366922d093832bccb949e177b4417864812d22972d81d89158288b5318d017329d4e8f66273abf74c434f318ebf32c7629342a85336387231b1e579d57cff0b125bef9dddf0fc33f71cb59d5a8972cda06ba6bba4a89cb8d3b465492c431698984998b2979ea61fed3d99b049724f2bdda5a0700ccb28825da1343f41290e569a6d38d4ae3968147cf39b097efd78e058fc71523c12e724bf93dc4ecc02b5cb18d13b59ec8f85368ac1ea93ed0149c60c53569dc69cdb3f37470eab26ef010b03a7e651b9e8e9065da347660836eddb3988c9a0f394aad055f727310f646d6cb35131d02aaf24735792bfce250798bebf0d1a4495fca568b9449e81afef2937b50faf873257d7efa07d31759474d50ca2a7922e79ab47dd59b11dfd1ec43fef3551aed81d01ee4ab997c6cecc39013dcaa442aec803e4cebbc288b4f9e87b30613f0ec88ddc6f60f56787f4040897e6e6bdac317d74b27f97f2efadb031f03c61954fd0232373582b7fa315d3eb9f67053126d2ed0636f04d669c47bdeb078fbda177533902e20b5ce9d8f395ea4c0aaf2cae774fe99bc40105a9ca184bcb598ab2f49c1df62d32d1a6d73a26812cb47a2ccaf0e9b759df89ad1e18238d897b9fd658f6786a92a0c12bd0ee6dad8a430a67962363e5b9afb3329e4f1f6fcd7e63cb8f24872bcf5b8c349d9ce423666ca39f16884219dea338b388e40f4ad996419cb3858637364d8e5af67f846d77b2749115131a3642ef56681315e4a2cbca5e60febabf693570f515e09c2a8994a8e2be3cba28118ef429d4de781118182607dd2c2d5aaba621ea29c140338bd8f1787fd2a3f43bb7fa22a8ce053adb331a4c78eab569af317e14360a6bf1c8b7394f34bfc1a941ac88dab334d5a2d45fc83bee28884698fd82339c972a06efb369220049ca89727513bd4262ad6f94f55f659ec98b684b1d92e1b6a303548a196cc5316e9845baaf01e737ef047d3d1ac4fe13de618e8fd6471c225e688b73b866213f4765c1a1ecf041f66a11177b0425b0423c455dccfa35a34f3b1c4c9850267bd41dcc366f4f8fef6982699e9aee7f3edff90217c84f6865234676e65911e5e99739792161766e959d061d6e86797b595ae3cffc043da0929dce1b4bd27e04532800f14f69398a681d46f00197f547fa138e676a4c84e586e9a2037faad7d7342221c229ff13606688ab70305dc28d01270604fbcb2b5777541e637a10e7d6c2dfa76461b18c8b303234282f31b7ed8afd0cdcc3978c6520a182000ea312296c7d9df08c2a67b944bc519113822014a831c8d6a7f8d26a7a443666b6077bdc1c11cf47001bcbb484d163543445c77a02140191bbb813da818b4dc3ef1ca420f624e5cb67c48024aeb8691b549202750899938067a3ad49da19e9fffc6486b3525fba8b2ff991fb3b4c1a536818f2dad96f713ac264a22136c6a3a9eacb4f69ab08cfe2b971a7d916833c6a0370d4b0bc428db2e4b4013899668b73caf9c983e2f07e46b4b5b4f0d231edee8b1951e1d0e34c881d1fc5c6be05b92b13680398e7109bd18048f0bd980fceb24e59411873e7a8a7f95f4da2ba5c082fdda710361e163a213a3dbb82c08a69020545da4636c09a67cd962182a011cf5eb1c3d999abc7b834ee518bb53afe19941927ca190699abf79c334c52e206fc851deb7398947ad5bd125ef3f51349497142e921c85506c739f6319ae0eb8e3c551ceb7e16afc2d6aad36841ed8eb560ef984ee5e00f1ead2c646546b3c145e3700b07fc257551641cf3dcb76a8b3cc75994f2c3eb521cea22d64c8b72b2de506fde8185b70b4707b7f571668a5925ca21e605904d7c896a5d7290b9c4fc75ecc7ddbbd7f6f003a74f53d1a5432e0377a3efce1e7ac61e36dc13aeea57400d4d3986db3fccb6edaf83f86daeb42f416f58c502e74178e013b399d0b155e0df86b40b5f3f2ab0ad61c90870cee340c07977b55622699101e5372677dd4e208fa6b5d4834a2d6f37b2ead107218aa0e702d1f6a60bd4ad3a2e22807237129fdc02993ef1fffe3c285bd4f7b093b2da8d772ce2df7874bf9b7fd0893eb66a4931acc38129bfe4a8fc6b28ea83bcca1220b66c86d4d90914bb9e9a425fce618f11b66f93aa78515eac0f3956cb1e8b6f12d7f6f22c1ca5563e280b15c64732aec2a37d6010cee0fd2263ea3ea2011043153284b4a5fc87cc0dd8c36f084ce715a6e9ba3e8b2586726255d122f2b5677d6590405ae031df8f83840ef3011a7f5d18037407758270d980aa65d5a4aa26a35a61b65178b6183b282771e89a8fe47bd3ea5a23146b924a47c3cc2540a9c8d91d4a8924e010fb6d3e60457e0aa86749cc3444707fda055a0f489aecda68af7f0d7d31cf25641a10bcc0d00996cddf9059121639fa3ff2e5490bae6b702fcf226d8e50f27f0973e5e4cf543445524d0fe3bd55d3f215978bfabcba0d44c076f5b333b2095c70f6a5426338bf0c065ddce27f6730606d84d1ccef8cebcd15085fa8a5d0975dc47eeb09a4ab6da21d01916c97f4e266c4b01f2bfb3b6a08bb5a7cf834e56782d824e7c55b591cd883ed9e806a4f7033bbab49a2b8ab2cb0f6da9d76968208236b35a51f8eba3769a676ad60d69c475706a630f3a078ebaa6ba5bc25719867cb61d48cc3a381b261165c04f3c93f37d72fc15f43df1de34e24e80a46f5d15fb362e71cb4a5365dde04a53dc5e42745fbd601ff148db416244dd76ac16f24138ef9a02491eb5b48d731a8bdcd46040d0ff11a07c040b83db84bfd21ffb1d818203cb7d3f8fca47f1dc510afa8219ab031aaba2147aed7c50228930e895a72abf55ca6997131e231ea92e0059b680735548adf2d572c3540e096a644deb3750e3b341bbeffee70ff22e0b4e56142e4c1965c01a646dd9b5b0055f88f08987ad45adb844b9ffc84792073048c28bcb60f2666802052ee45dcd9a2950d55ecf0234a3dcf67e83cfa0bfb1285eb54e6292d8075c9e1b459e48556f416898557c9c864fc5de459feb53e33dd1a6860a2d1a836ab5ff6efaee123b3715a7137787ee4345efbce38074e262f363a8ff400345c8539d44a7286c7291246810bce063f0877db6585842380b530a4aaef6e36779a95fed220cef6c1fff2fdd5031f83987dc3282d432f322852cc9dc6d00c59d5ed83b386ff97c521e528e59f2df932467ac02d17f8818c2de26d69725f42cecaf186fab7b6e10b1ebd9a9a12ed83cd382d9a6f9a9bed2736cb0ec0260057f5ec704d2e1a64caad59e02ff2022174b23564cb0942e6769b12e0ae4d65dc4c5e6b6ceaf2667e085909c93a9768b7bfdac612801c0bc3848bad51e2367f788cbd1c5091ce0e9c567528c72003712e91247d87f1ff60d3865fc687a35886822079392f8d151b89e09469bef98e59139c460a53805a93245148cbb9a6a010dadc87e9b1a0e0a89e87e433ff1c0ad4b125760858c8badff4d82cbd31cf88f3e2e16a4e960e1e0b5825fc0f2b21d660cf60069d43fb6a8a96c44fa922164f02c9cd5ebb6fad848871224d157777b5a70dc6deb988506bd03aa4ce2200e9ce23641221784250c22d2c8635a3512f45d433cf66e158eb261f48a23d54f5ef4358df3487da471eb5775bdba565ee170be126b2300d0dad050212606f2d77a63fa2ab430e62670e852b89944e611509415bee36bf0961c8918bd8b0eb8af45b1a9d0420c7101a9c5f4a63efb9cc8de7897b5e2b02cb5885ad8d0d8ac7754ba8d4e9d37175e614e3f3a6a7b122bbc6dd9ce78f1b9a4e940a1160bb85650d8932fe1a82d0525630ba017be5129625a45c3cae66c7cdaa33ee704791db81ef2e11a2f528974fa388cd929c934dbdb21425e6117839ab33b2926b036457db3a43083c3ec17231aed4ee5b607a45a5735c9470c03a424b43efcea953c078717344aeb1449c0dfa3a3ec224b542c16cf735466bdaf26b522aef1db547b14f07ebd4f5da34426a46007757be47ed3f643c47f2c4467762cd049d6f4cf8a78d04f8318bdedcee80871e91c0330499d88254555c456d9bde8a892394267eac15c230cf7e7ba19ebc01b1905c80476de3cea8258f6d0820d159f4aa8a37fb378b2685da4e0e89d253187219869f1157bbe4a8a43eabf65e86a6d9b21e25d91c43c3036914427833ed87073886719069148e2e47219bb5da5d9664d64dc5c4ff71c0e808dadbb53a23e41e3c02fd0c9e0704490f3283d1864d15d795882e6522f31445556cab6832f273dac0c7aef4e3f8c09a34d1624fdb087d852f2e827fb2c3105f1afda54b9dc12cfde3cf7747daa5ac70904e82636a13155303f9a1198d6e7f9dc7be394ebc5db9e8380e290e6cae5f320caa56aa94490789fce2e2540b3de8865396f58e14d61d3cb122f7bd1af5a27c6fe733eba3cc39106efc906ea967fb833e2480aa80bd56ccd9e5c25304e2b8135f1453af70059e599cb67bc8eaaa38c39768e74d3da8aba0135f0192d7ddf0149ce62f353b0360251f1f88b272c6e85b4ee4e0563a6de80de83749af6e6aa4d80cab7031aff3f7e8d0c9114940549f828a62be9fd6a16db001369728b4b93d4ecf91563ae03def3ca4e9900a97657c4ff1e41c5742fb3329ba882ed61645aedb22f2543b83cd4007e5d228697a48064acc32ece41f2d5ead3f31a9689249e8b4bb57ac0b136b6c60ec531708235b94db823344aafbb9b79e21959635664b2193c3add0b28767906b7ba4118e6548e9a23b49e9181dc6f7dc7857425c9ab1b1451bc4572fd060190d0b5a76b8368b68e72a212bd0f89d0778d293b1d32f155f30c9aafe7215d2e746ea8f2c73a30bcd8c093a489519b60616b15afe69074ee77fb65caf5faf0aad49106057a91fdcd622a07ac21eb5c221f2e65323228af41b3eb894517c34c4f60ba20fb6f6c4309a7357884c0eeeb0a4874550107f2d0ffdc412f86bdf712f96183b3932cfb4da3f179cde1a288df9af09c243fae8c67b0d208d9cdb7adde8d5e548e0624b19da4818ef656b88280a", 0x1000}, 0xfffffc41) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fadvise64(r0, 0xfffffffffffffffc, 0x0, 0x1000000004) 10:59:03 executing program 1: socket$inet_dccp(0x2, 0x6, 0x0) ioctl$sock_bt_bnep_BNEPCONNDEL(0xffffffffffffffff, 0x400442c9, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6_tcp(0xa, 0x1, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000340), 0x10000014c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TCSETA(0xffffffffffffffff, 0x5406, 0x0) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b9}, &(0x7f0000000200)={0x0, r2+30000000}, &(0x7f0000000300)={0x0}) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 10:59:03 executing program 5: r0 = memfd_create(&(0x7f0000000300)='\vemI\xc1\x8dO\xc0\xa3\\\xe2\xcb\xa2\xba\xcb\xf4\x97\xac#*\xff\xc0\xd0\xe7\x99y\x05\f\xb9\x15R8\xce1\xb3\xd6\xcf\xbf\xaa\x88\xcb\xf0\x1cw61\x9f\xc2\x85+\x87 \\\xde\xde\x0f0xffffffffffffffff}) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x8, 0x1) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000000c0), 0x2, 0x7}}, 0x20) write$RDMA_USER_CM_CMD_DISCONNECT(r2, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f000002eff0)={0x32b, &(0x7f0000000000)=[{}]}, 0x10) 10:59:03 executing program 2: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000002000), 0x1000) stat(&(0x7f0000000080)='./file0/file0\x00', 0x0) write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f0000000180)={0x33, 0x3, 0x0, {0x1, 0x12, 0x0, 'cgroupcgroupcpuset'}}, 0x33) write$FUSE_DIRENTPLUS(r0, &(0x7f00000005c0)={0xc8, 0x0, 0x1, [{{}, {0x0, 0x0, 0x1c, 0x0, '+system\xcccpusetcgroup$cgroup\x15'}}]}, 0xc8) [ 205.671859][ T8027] UDF-fs: Scanning with blocksize 4096 failed [ 205.678029][ T8027] UDF-fs: warning (device loop4): udf_fill_super: No partition found (1) 10:59:03 executing program 4: r0 = memfd_create(&(0x7f0000000300)='\vemI\xc1\x8dO\xc0\xa3\\\xe2\xcb\xa2\xba\xcb\xf4\x97\xac#*\xff\xc0\xd0\xe7\x99y\x05\f\xb9\x15R8\xce1\xb3\xd6\xcf\xbf\xaa\x88\xcb\xf0\x1cw61\x9f\xc2\x85+\x87 \\\xde\xde\x0f0xffffffffffffffff}) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000000c0), 0x2, 0x7}}, 0x20) write$RDMA_USER_CM_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f000002eff0)={0x32b, &(0x7f0000000000)=[{}]}, 0x10) 10:59:03 executing program 0: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='/\x02roup.stap\x00', 0x2761, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000000)={r0, 0x0}, 0x10) ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000080)=ANY=[@ANYBLOB="00ffffffff"]) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0xc0c0583b, 0x20000001) socketpair$unix(0x1, 0x0, 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) getpid() perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0xe703000000000000]}, 0x2c) 10:59:03 executing program 0: socketpair$unix(0x1, 0x100000000001, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) request_key(&(0x7f00000002c0)='asymmetric\x00', &(0x7f0000001ffb), &(0x7f0000001fee)='R\trust\xe3cusgrVex:De', 0x0) 10:59:03 executing program 0: r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1fb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_int(0xffffffffffffff9c, &(0x7f00000000c0)='notify_on_release\x00', 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x1a, 0x9, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, [@jmp={0x5, 0x4, 0x1, 0xf, 0xa, 0x10, 0x4}, @exit, @jmp={0x5, 0xaf03, 0x4, 0x5, 0xe, 0x6, 0x4}, @ldst={0x0, 0x2, 0x7, 0x1, 0x3, 0xffffffffffffffff, 0xfffffffffffffffd}, @call={0x85, 0x0, 0x0, 0x51}, @generic={0x7, 0xfffffffffffffffe, 0x6, 0x8000, 0x3}]}, &(0x7f0000000200)='syzkaller\x00', 0x4, 0x3, &(0x7f0000000240)=""/3, 0x41f00, 0x1, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x7, 0x9}, 0x8, 0x10, &(0x7f00000002c0)={0x0, 0xfffffffffffff800, 0x4, 0x5}, 0x10}, 0x70) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x0) write$cgroup_int(r1, &(0x7f0000000080), 0x297ef) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x5) 10:59:04 executing program 5: r0 = memfd_create(&(0x7f0000000300)='\vemI\xc1\x8dO\xc0\xa3\\\xe2\xcb\xa2\xba\xcb\xf4\x97\xac#*\xff\xc0\xd0\xe7\x99y\x05\f\xb9\x15R8\xce1\xb3\xd6\xcf\xbf\xaa\x88\xcb\xf0\x1cw61\x9f\xc2\x85+\x87 \\\xde\xde\x0f0xffffffffffffffff}) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x8, 0x1) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000000c0), 0x2, 0x7}}, 0x20) write$RDMA_USER_CM_CMD_DISCONNECT(r2, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f000002eff0)={0x32b, &(0x7f0000000000)=[{}]}, 0x10) 10:59:04 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="803ff8fffffffeffffff038a7e7164006cff9900000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53efdb56108e53b3994b2cc86d95687df2409c1be2", 0x4d, 0x400}], 0x0, 0x0) 10:59:04 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(des3_ede)\x00'}, 0x58) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0aed1f123c12a41d88b070") setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000400)="de75e1fe7d087634b214a3765ba0017995103a08917fc2a1", 0x18) 10:59:04 executing program 1: socket$inet_dccp(0x2, 0x6, 0x0) ioctl$sock_bt_bnep_BNEPCONNDEL(0xffffffffffffffff, 0x400442c9, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6_tcp(0xa, 0x1, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000340), 0x10000014c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TCSETA(0xffffffffffffffff, 0x5406, 0x0) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b9}, &(0x7f0000000200)={0x0, r2+30000000}, &(0x7f0000000300)={0x0}) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) [ 206.723575][ T8083] EXT4-fs (loop2): invalid first ino: 0 10:59:04 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xf, 0x3, &(0x7f0000000280)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x50, 0x54}}, &(0x7f0000000140)='GPL\x00', 0x1, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 10:59:04 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="803ff8fffffffeffffff038a7e7164006cff9900000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53efdb56108e53b3994b2cc86d95687df2409c1be2", 0x4d, 0x400}], 0x0, 0x0) 10:59:04 executing program 3: r0 = socket$inet6(0xa, 0x801, 0x0) r1 = dup(r0) bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) fsetxattr$trusted_overlay_upper(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) read$rfkill(r1, &(0x7f0000000140), 0x8) sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) r3 = socket$packet(0x11, 0x2, 0x300) syz_emit_ethernet(0x7ffff, &(0x7f0000000080)={@local, @local, [], {@ipv4={0x800, {{0x8, 0x4, 0x0, 0x0, 0x21c, 0x0, 0x0, 0x0, 0xf42f, 0x0, @dev, @remote={0xac, 0x14, 0x223}}, @icmp=@timestamp_reply={0xffffff83, 0xa, 0x0, 0x0, 0x0, 0x8906, 0xf0ffffffffffff}}}}}, &(0x7f0000000040)) setsockopt$packet_int(r3, 0x107, 0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4) setsockopt$packet_tx_ring(r3, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x44) ftruncate(r2, 0x2007fff) sendfile(r1, r2, 0x0, 0x8000fffffffe) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f00000002c0)="0adc1f123c123f3188b070") 10:59:04 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x2, 0x0) r2 = socket$inet(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f0000000040)={0x2, 0xe21}, 0x10) r3 = dup(r1) bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e21, 0x0, @ipv4={[], [], @local}}, 0x1c) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e1d, 0x0, @empty}, 0x1c) r4 = syz_open_procfs(0x0, &(0x7f0000000240)='net/udp6\x00') sendfile(r1, r4, 0x0, 0x1000003) [ 207.017201][ T8106] EXT4-fs (loop2): invalid first ino: 0 10:59:04 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000100)={0x2, 0x2}, 0x10) r1 = socket$inet(0x2, 0x3, 0x1c) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0ad401003c123f319bd070") ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000580)=0xffffffffffffffff) ioctl$int_in(r0, 0x100005452, &(0x7f0000000040)=0x19b) sendto$inet(r0, 0x0, 0x0, 0x900000020000000, &(0x7f0000000000)={0x2, 0x2, @local}, 0x10) sendto$inet(r0, &(0x7f00000001c0)="a5fe9e7be7060850100792f46b647308d3e2a67328969288734cc698158a84b40408261762639ee5e5881d4fb471fcb9639d30513ab42a04f920d8c1fa0c6ed49b0028fda44d1e69121bd2ff68125d42c7beccab2998e3392614583dd729cd341292ded369a34c4c75e12e8e0f519531fc8f11e74b74f2e5ad24cd0ab65395a2307394f48438306edcbb2ad2261f7535abea9833df32f75d92d392390b4fef75c9923a1745b53c", 0xa7, 0x8801, 0x0, 0x0) 10:59:04 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="803ff8fffffffeffffff038a7e7164006cff9900000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53efdb56108e53b3994b2cc86d95687df2409c1be2", 0x4d, 0x400}], 0x0, 0x0) 10:59:04 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x2, 0x0) r2 = socket$inet(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f0000000040)={0x2, 0xe21}, 0x10) r3 = dup(r1) bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e21, 0x0, @ipv4={[], [], @local}}, 0x1c) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e1d, 0x0, @empty}, 0x1c) r4 = syz_open_procfs(0x0, &(0x7f0000000240)='net/udp6\x00') sendfile(r1, r4, 0x0, 0x1000003) [ 207.241353][ T8121] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 207.290474][ T8124] EXT4-fs (loop2): invalid first ino: 0 [ 207.311309][ T8121] check_preemption_disabled: 6 callbacks suppressed [ 207.311335][ T8121] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.3/8121 [ 207.327622][ T8121] caller is ip6_finish_output+0x335/0xdc0 [ 207.334110][ T8121] CPU: 1 PID: 8121 Comm: syz-executor.3 Not tainted 5.1.0-rc3-next-20190405 #19 [ 207.343138][ T8121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 207.353198][ T8121] Call Trace: [ 207.356500][ T8121] dump_stack+0x172/0x1f0 [ 207.360845][ T8121] __this_cpu_preempt_check+0x246/0x270 [ 207.366413][ T8121] ip6_finish_output+0x335/0xdc0 [ 207.371379][ T8121] ip6_output+0x235/0x7f0 [ 207.375735][ T8121] ? ip6_finish_output+0xdc0/0xdc0 [ 207.380864][ T8121] ? ip6_fragment+0x3980/0x3980 [ 207.385738][ T8121] ip6_xmit+0xe41/0x20c0 [ 207.390005][ T8121] ? ip6_finish_output2+0x2550/0x2550 [ 207.395397][ T8121] ? mark_held_locks+0xf0/0xf0 [ 207.400177][ T8121] ? ip6_setup_cork+0x1870/0x1870 [ 207.406729][ T8121] inet6_csk_xmit+0x2fb/0x5d0 [ 207.411428][ T8121] ? inet6_csk_update_pmtu+0x190/0x190 [ 207.416903][ T8121] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 207.423159][ T8121] ? csum_ipv6_magic+0x20/0x80 [ 207.427947][ T8121] __tcp_transmit_skb+0x1a32/0x3750 [ 207.433170][ T8121] ? __tcp_select_window+0x8b0/0x8b0 [ 207.438475][ T8121] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 207.444724][ T8121] ? tcp_fastopen_no_cookie+0xe0/0x190 [ 207.450199][ T8121] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 207.456459][ T8121] tcp_connect+0x1e47/0x4280 [ 207.461070][ T8121] ? tcp_push_one+0x110/0x110 [ 207.465760][ T8121] ? secure_tcpv6_ts_off+0x24f/0x360 [ 207.471052][ T8121] ? secure_dccpv6_sequence_number+0x280/0x280 [ 207.477211][ T8121] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 207.483462][ T8121] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 207.489709][ T8121] ? prandom_u32_state+0x13/0x180 [ 207.494742][ T8121] tcp_v6_connect+0x150b/0x20a0 [ 207.499598][ T8121] ? tcp_sendmsg_locked+0x2170/0x37f0 [ 207.504983][ T8121] ? tcp_v6_conn_request+0x2b0/0x2b0 [ 207.510462][ T8121] ? __switch_to_asm+0x34/0x70 [ 207.515225][ T8121] ? __switch_to_asm+0x40/0x70 [ 207.520103][ T8121] ? find_held_lock+0x35/0x130 [ 207.524873][ T8121] ? fs_reclaim_acquire.part.0+0x30/0x30 [ 207.530516][ T8121] __inet_stream_connect+0x83f/0xea0 [ 207.535809][ T8121] ? tcp_v6_conn_request+0x2b0/0x2b0 [ 207.541098][ T8121] ? __inet_stream_connect+0x83f/0xea0 [ 207.546570][ T8121] ? inet_dgram_connect+0x2e0/0x2e0 [ 207.551772][ T8121] ? tcp_sendmsg_locked+0x2170/0x37f0 [ 207.557146][ T8121] ? rcu_read_lock_sched_held+0x110/0x130 [ 207.562872][ T8121] ? kmem_cache_alloc_trace+0x354/0x760 [ 207.568423][ T8121] ? __lock_acquire+0x548/0x3fb0 [ 207.573371][ T8121] tcp_sendmsg_locked+0x231f/0x37f0 [ 207.578573][ T8121] ? mark_held_locks+0xf0/0xf0 [ 207.583348][ T8121] ? mark_held_locks+0xa4/0xf0 [ 207.588121][ T8121] ? tcp_sendpage+0x60/0x60 [ 207.592625][ T8121] ? lock_sock_nested+0x9a/0x120 [ 207.597567][ T8121] ? trace_hardirqs_on+0x67/0x230 [ 207.602598][ T8121] ? lock_sock_nested+0x9a/0x120 [ 207.607646][ T8121] ? __local_bh_enable_ip+0x15a/0x270 [ 207.613034][ T8121] tcp_sendmsg+0x30/0x50 [ 207.617292][ T8121] inet_sendmsg+0x147/0x5e0 [ 207.621797][ T8121] ? ipip_gro_receive+0x100/0x100 [ 207.626830][ T8121] sock_sendmsg+0xdd/0x130 [ 207.631267][ T8121] __sys_sendto+0x262/0x380 [ 207.635778][ T8121] ? __ia32_sys_getpeername+0xb0/0xb0 [ 207.641196][ T8121] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 207.647485][ T8121] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 207.652945][ T8121] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 207.658407][ T8121] ? do_syscall_64+0x26/0x610 [ 207.663087][ T8121] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 207.669161][ T8121] __x64_sys_sendto+0xe1/0x1a0 [ 207.673932][ T8121] do_syscall_64+0x103/0x610 [ 207.678528][ T8121] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 207.684420][ T8121] RIP: 0033:0x4582b9 [ 207.688318][ T8121] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 207.707920][ T8121] RSP: 002b:00007f7d35b49c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 207.716334][ T8121] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 207.724309][ T8121] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 207.732284][ T8121] RBP: 000000000073bf00 R08: 00000000200000c0 R09: 000000000000001c 10:59:05 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xf7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x7ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000000180)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000001c0)={{0xffffffffffffffff}}) [ 207.740264][ T8121] R10: 0000000020000008 R11: 0000000000000246 R12: 00007f7d35b4a6d4 [ 207.748238][ T8121] R13: 00000000004c59b6 R14: 00000000004d9d10 R15: 00000000ffffffff [ 207.782097][ T8121] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.3/8121 [ 207.791634][ T8121] caller is ip6_finish_output+0x335/0xdc0 [ 207.797440][ T8121] CPU: 1 PID: 8121 Comm: syz-executor.3 Not tainted 5.1.0-rc3-next-20190405 #19 [ 207.806464][ T8121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 207.816516][ T8121] Call Trace: [ 207.819815][ T8121] dump_stack+0x172/0x1f0 [ 207.824165][ T8121] __this_cpu_preempt_check+0x246/0x270 [ 207.829726][ T8121] ip6_finish_output+0x335/0xdc0 [ 207.834683][ T8121] ip6_output+0x235/0x7f0 [ 207.839036][ T8121] ? ip6_finish_output+0xdc0/0xdc0 [ 207.844159][ T8121] ? ip6_fragment+0x3980/0x3980 [ 207.849034][ T8121] ip6_xmit+0xe41/0x20c0 [ 207.853294][ T8121] ? ip6_finish_output2+0x2550/0x2550 [ 207.858669][ T8121] ? mark_held_locks+0xf0/0xf0 [ 207.863440][ T8121] ? ip6_setup_cork+0x1870/0x1870 [ 207.868485][ T8121] inet6_csk_xmit+0x2fb/0x5d0 [ 207.873166][ T8121] ? inet6_csk_update_pmtu+0x190/0x190 [ 207.878622][ T8121] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 207.884866][ T8121] ? csum_ipv6_magic+0x20/0x80 [ 207.889634][ T8121] __tcp_transmit_skb+0x1a32/0x3750 [ 207.894830][ T8121] ? memcpy+0x46/0x50 [ 207.898821][ T8121] ? __tcp_select_window+0x8b0/0x8b0 [ 207.904114][ T8121] ? tcp_rbtree_insert+0x188/0x200 [ 207.909226][ T8121] tcp_send_synack+0x4b0/0x15b0 [ 207.914091][ T8121] ? tcp_send_active_reset+0x8e0/0x8e0 [ 207.919551][ T8121] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 207.925785][ T8121] ? tcp_sync_mss+0x2ee/0xa30 [ 207.930463][ T8121] tcp_rcv_state_process+0x225d/0x4d93 [ 207.935926][ T8121] ? tcp_finish_connect+0x510/0x510 [ 207.941120][ T8121] ? __lock_acquire+0x548/0x3fb0 [ 207.946402][ T8121] ? trace_hardirqs_on+0x67/0x230 [ 207.951451][ T8121] ? __release_sock+0xca/0x3a0 [ 207.956212][ T8121] ? find_held_lock+0x35/0x130 [ 207.960982][ T8121] ? mark_held_locks+0xa4/0xf0 [ 207.965750][ T8121] ? __local_bh_enable_ip+0x15a/0x270 [ 207.971116][ T8121] ? _raw_spin_unlock_bh+0x31/0x40 [ 207.976224][ T8121] ? __local_bh_enable_ip+0x15a/0x270 [ 207.981604][ T8121] tcp_v6_do_rcv+0x7da/0x12c0 [ 207.986283][ T8121] ? tcp_v6_do_rcv+0x7da/0x12c0 [ 207.991143][ T8121] __release_sock+0x12e/0x3a0 [ 207.995829][ T8121] release_sock+0x59/0x1c0 [ 208.000258][ T8121] tcp_sendmsg+0x3b/0x50 [ 208.004502][ T8121] inet_sendmsg+0x147/0x5e0 [ 208.009001][ T8121] ? ipip_gro_receive+0x100/0x100 [ 208.014035][ T8121] sock_sendmsg+0xdd/0x130 [ 208.018453][ T8121] __sys_sendto+0x262/0x380 [ 208.022958][ T8121] ? __ia32_sys_getpeername+0xb0/0xb0 [ 208.028343][ T8121] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 208.034599][ T8121] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 208.040076][ T8121] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 208.045534][ T8121] ? do_syscall_64+0x26/0x610 [ 208.050212][ T8121] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 208.056293][ T8121] __x64_sys_sendto+0xe1/0x1a0 [ 208.061064][ T8121] do_syscall_64+0x103/0x610 [ 208.065660][ T8121] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 208.071548][ T8121] RIP: 0033:0x4582b9 [ 208.075440][ T8121] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 208.095047][ T8121] RSP: 002b:00007f7d35b49c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 208.103460][ T8121] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 208.111423][ T8121] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 208.119399][ T8121] RBP: 000000000073bf00 R08: 00000000200000c0 R09: 000000000000001c [ 208.127372][ T8121] R10: 0000000020000008 R11: 0000000000000246 R12: 00007f7d35b4a6d4 [ 208.135337][ T8121] R13: 00000000004c59b6 R14: 00000000004d9d10 R15: 00000000ffffffff 10:59:05 executing program 5: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000200)={@multicast1, @local}, 0xc) 10:59:05 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x2, 0x0) r2 = socket$inet(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f0000000040)={0x2, 0xe21}, 0x10) r3 = dup(r1) bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e21, 0x0, @ipv4={[], [], @local}}, 0x1c) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e1d, 0x0, @empty}, 0x1c) r4 = syz_open_procfs(0x0, &(0x7f0000000240)='net/udp6\x00') sendfile(r1, r4, 0x0, 0x1000003) 10:59:05 executing program 1: socket$inet_dccp(0x2, 0x6, 0x0) ioctl$sock_bt_bnep_BNEPCONNDEL(0xffffffffffffffff, 0x400442c9, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6_tcp(0xa, 0x1, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000340), 0x10000014c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TCSETA(0xffffffffffffffff, 0x5406, 0x0) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b9}, &(0x7f0000000200)={0x0, r2+30000000}, &(0x7f0000000300)={0x0}) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) [ 208.150441][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 208.156430][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 208.164567][ T8121] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.3/8121 [ 208.173963][ T8121] caller is ip6_finish_output+0x335/0xdc0 [ 208.179699][ T8121] CPU: 1 PID: 8121 Comm: syz-executor.3 Not tainted 5.1.0-rc3-next-20190405 #19 [ 208.188799][ T8121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 208.198848][ T8121] Call Trace: [ 208.202127][ T8121] dump_stack+0x172/0x1f0 [ 208.206450][ T8121] __this_cpu_preempt_check+0x246/0x270 [ 208.211980][ T8121] ip6_finish_output+0x335/0xdc0 [ 208.216902][ T8121] ip6_output+0x235/0x7f0 [ 208.221215][ T8121] ? ip6_finish_output+0xdc0/0xdc0 [ 208.226329][ T8121] ? ip6_fragment+0x3980/0x3980 [ 208.231203][ T8121] ip6_xmit+0xe41/0x20c0 [ 208.235436][ T8121] ? ip6_finish_output2+0x2550/0x2550 [ 208.240789][ T8121] ? mark_held_locks+0xf0/0xf0 [ 208.245536][ T8121] ? ip6_setup_cork+0x1870/0x1870 [ 208.250551][ T8121] inet6_csk_xmit+0x2fb/0x5d0 [ 208.255234][ T8121] ? inet6_csk_update_pmtu+0x190/0x190 [ 208.260678][ T8121] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 208.266901][ T8121] ? csum_ipv6_magic+0x20/0x80 [ 208.271655][ T8121] __tcp_transmit_skb+0x1a32/0x3750 [ 208.276898][ T8121] ? __tcp_select_window+0x8b0/0x8b0 [ 208.282180][ T8121] ? tcp_mstamp_refresh+0x16/0xa0 [ 208.287189][ T8121] __tcp_send_ack.part.0+0x3c6/0x5b0 [ 208.292457][ T8121] tcp_send_ack+0x88/0xa0 [ 208.296768][ T8121] tcp_send_challenge_ack.isra.0+0x250/0x300 [ 208.302728][ T8121] tcp_validate_incoming+0x55e/0x1660 [ 208.308087][ T8121] tcp_rcv_state_process+0xb6b/0x4d93 [ 208.313444][ T8121] ? tcp_finish_connect+0x510/0x510 [ 208.318627][ T8121] ? __release_sock+0xca/0x3a0 [ 208.323382][ T8121] ? find_held_lock+0x35/0x130 [ 208.328144][ T8121] ? mark_held_locks+0xa4/0xf0 [ 208.332893][ T8121] ? __local_bh_enable_ip+0x15a/0x270 [ 208.338245][ T8121] ? _raw_spin_unlock_bh+0x31/0x40 [ 208.343357][ T8121] ? __local_bh_enable_ip+0x15a/0x270 [ 208.348713][ T8121] tcp_v6_do_rcv+0x7da/0x12c0 [ 208.353374][ T8121] ? tcp_v6_do_rcv+0x7da/0x12c0 [ 208.358226][ T8121] __release_sock+0x12e/0x3a0 [ 208.362911][ T8121] release_sock+0x59/0x1c0 [ 208.367315][ T8121] tcp_sendmsg+0x3b/0x50 [ 208.371541][ T8121] inet_sendmsg+0x147/0x5e0 [ 208.376028][ T8121] ? ipip_gro_receive+0x100/0x100 [ 208.381042][ T8121] sock_sendmsg+0xdd/0x130 [ 208.385440][ T8121] __sys_sendto+0x262/0x380 [ 208.389924][ T8121] ? __ia32_sys_getpeername+0xb0/0xb0 [ 208.395288][ T8121] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 208.401520][ T8121] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 208.406962][ T8121] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 208.412403][ T8121] ? do_syscall_64+0x26/0x610 [ 208.417064][ T8121] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 208.423114][ T8121] __x64_sys_sendto+0xe1/0x1a0 [ 208.427864][ T8121] do_syscall_64+0x103/0x610 [ 208.432439][ T8121] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 208.438310][ T8121] RIP: 0033:0x4582b9 [ 208.442186][ T8121] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 208.461770][ T8121] RSP: 002b:00007f7d35b49c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 208.470175][ T8121] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 208.478148][ T8121] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 208.486102][ T8121] RBP: 000000000073bf00 R08: 00000000200000c0 R09: 000000000000001c [ 208.494053][ T8121] R10: 0000000020000008 R11: 0000000000000246 R12: 00007f7d35b4a6d4 [ 208.502039][ T8121] R13: 00000000004c59b6 R14: 00000000004d9d10 R15: 00000000ffffffff [ 208.512745][ T8130] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.3/8130 [ 208.522168][ T8130] caller is ip6_finish_output+0x335/0xdc0 [ 208.528558][ T8130] CPU: 1 PID: 8130 Comm: syz-executor.3 Not tainted 5.1.0-rc3-next-20190405 #19 [ 208.537589][ T8130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 208.547639][ T8130] Call Trace: [ 208.550937][ T8130] dump_stack+0x172/0x1f0 [ 208.555276][ T8130] __this_cpu_preempt_check+0x246/0x270 [ 208.560827][ T8130] ip6_finish_output+0x335/0xdc0 [ 208.565768][ T8130] ip6_output+0x235/0x7f0 [ 208.570101][ T8130] ? ip6_finish_output+0xdc0/0xdc0 [ 208.575218][ T8130] ? ip6_fragment+0x3980/0x3980 [ 208.580075][ T8130] ip6_xmit+0xe41/0x20c0 [ 208.584334][ T8130] ? ip6_finish_output2+0x2550/0x2550 [ 208.589713][ T8130] ? mark_held_locks+0xf0/0xf0 [ 208.594483][ T8130] ? ip6_setup_cork+0x1870/0x1870 [ 208.599528][ T8130] inet6_csk_xmit+0x2fb/0x5d0 [ 208.604239][ T8130] ? inet6_csk_update_pmtu+0x190/0x190 [ 208.609701][ T8130] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 208.615945][ T8130] ? csum_ipv6_magic+0x20/0x80 [ 208.620714][ T8130] __tcp_transmit_skb+0x1a32/0x3750 [ 208.625924][ T8130] ? __tcp_select_window+0x8b0/0x8b0 [ 208.631205][ T8130] ? lockdep_hardirqs_on+0x418/0x5d0 [ 208.636489][ T8130] ? trace_hardirqs_on+0x67/0x230 [ 208.641518][ T8130] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 208.647242][ T8130] tcp_write_xmit+0xe39/0x5660 [ 208.652008][ T8130] ? trace_hardirqs_on+0x67/0x230 [ 208.657048][ T8130] ? mem_cgroup_sk_alloc+0x170/0x1a0 [ 208.662344][ T8130] __tcp_push_pending_frames+0xb4/0x350 [ 208.667891][ T8130] tcp_push+0x4cd/0x6c0 [ 208.672053][ T8130] do_tcp_sendpages+0x15c2/0x1b80 [ 208.677096][ T8130] ? sk_stream_alloc_skb+0xd10/0xd10 [ 208.682391][ T8130] ? __local_bh_enable_ip+0x15a/0x270 [ 208.687941][ T8130] ? trace_hardirqs_on+0x67/0x230 [ 208.692964][ T8130] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 208.698687][ T8130] tcp_sendpage_locked+0x84/0xd0 [ 208.703626][ T8130] tcp_sendpage+0x3f/0x60 [ 208.707951][ T8130] ? tcp_sendpage_locked+0xd0/0xd0 [ 208.713059][ T8130] inet_sendpage+0x16b/0x630 [ 208.717653][ T8130] kernel_sendpage+0x95/0xf0 [ 208.722239][ T8130] ? inet_sendmsg+0x5e0/0x5e0 [ 208.726918][ T8130] sock_sendpage+0x8b/0xc0 [ 208.731337][ T8130] pipe_to_sendpage+0x299/0x370 [ 208.736187][ T8130] ? kernel_sendpage+0xf0/0xf0 [ 208.740947][ T8130] ? direct_splice_actor+0x1a0/0x1a0 [ 208.746232][ T8130] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 208.752470][ T8130] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 208.758715][ T8130] __splice_from_pipe+0x395/0x7d0 [ 208.764174][ T8130] ? direct_splice_actor+0x1a0/0x1a0 [ 208.769465][ T8130] ? direct_splice_actor+0x1a0/0x1a0 [ 208.774748][ T8130] splice_from_pipe+0x108/0x170 [ 208.779599][ T8130] ? splice_shrink_spd+0xd0/0xd0 [ 208.784549][ T8130] generic_splice_sendpage+0x3c/0x50 [ 208.789828][ T8130] ? splice_from_pipe+0x170/0x170 [ 208.794857][ T8130] direct_splice_actor+0x126/0x1a0 [ 208.799969][ T8130] splice_direct_to_actor+0x369/0x970 [ 208.805347][ T8130] ? generic_pipe_buf_nosteal+0x10/0x10 [ 208.810895][ T8130] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 208.817133][ T8130] ? do_splice_to+0x190/0x190 [ 208.821820][ T8130] ? rw_verify_area+0x118/0x360 [ 208.826685][ T8130] do_splice_direct+0x1da/0x2a0 [ 208.831543][ T8130] ? splice_direct_to_actor+0x970/0x970 [ 208.837097][ T8130] ? rw_verify_area+0x118/0x360 [ 208.841949][ T8130] do_sendfile+0x597/0xd00 [ 208.846375][ T8130] ? do_compat_pwritev64+0x1c0/0x1c0 [ 208.851658][ T8130] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 208.857894][ T8130] ? put_timespec64+0xda/0x140 [ 208.862666][ T8130] __x64_sys_sendfile64+0x1dd/0x220 [ 208.867864][ T8130] ? __ia32_sys_sendfile+0x230/0x230 [ 208.873146][ T8130] ? do_syscall_64+0x26/0x610 [ 208.877819][ T8130] ? lockdep_hardirqs_on+0x418/0x5d0 [ 208.883101][ T8130] ? trace_hardirqs_on+0x67/0x230 [ 208.888124][ T8130] do_syscall_64+0x103/0x610 [ 208.892715][ T8130] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 208.898600][ T8130] RIP: 0033:0x4582b9 [ 208.902492][ T8130] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 208.922096][ T8130] RSP: 002b:00007f7d35b07c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 208.930504][ T8130] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 208.938470][ T8130] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 208.946438][ T8130] RBP: 000000000073c040 R08: 0000000000000000 R09: 0000000000000000 [ 208.954402][ T8130] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007f7d35b086d4 [ 208.962417][ T8130] R13: 00000000004c5227 R14: 00000000004d9368 R15: 00000000ffffffff 10:59:06 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="803ff8fffffffeffffff038a7e7164006cff9900000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53efdb56108e53b3994b2cc86d95687df2409c1be2", 0x4d, 0x400}], 0x0, 0x0)