[   38.393625][   T26] audit: type=1800 audit(1554634575.886:25): pid=7757 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   38.420719][   T26] audit: type=1800 audit(1554634575.886:26): pid=7757 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   38.441879][   T26] audit: type=1800 audit(1554634575.886:27): pid=7757 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c.
[....] startpar: service(s) returned failure: rsyslog ...[?25l[?1c7[FAIL8[?25h[?0c failed!

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.211' (ECDSA) to the list of known hosts.
2019/04/07 10:56:34 fuzzer started
2019/04/07 10:56:37 dialing manager at 10.128.0.26:34543
2019/04/07 10:56:38 syscalls: 2408
2019/04/07 10:56:38 code coverage: enabled
2019/04/07 10:56:38 comparison tracing: enabled
2019/04/07 10:56:38 extra coverage: extra coverage is not supported by the kernel
2019/04/07 10:56:38 setuid sandbox: enabled
2019/04/07 10:56:38 namespace sandbox: enabled
2019/04/07 10:56:38 Android sandbox: /sys/fs/selinux/policy does not exist
2019/04/07 10:56:38 fault injection: enabled
2019/04/07 10:56:38 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/04/07 10:56:38 net packet injection: enabled
2019/04/07 10:56:38 net device setup: enabled
10:58:53 executing program 0:

syzkaller login: [  196.536580][ T7943] IPVS: ftp: loaded support on port[0] = 21
10:58:54 executing program 1:

[  196.640835][ T7943] chnl_net:caif_netlink_parms(): no params data found
[  196.744295][ T7943] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.752060][ T7943] bridge0: port 1(bridge_slave_0) entered disabled state
[  196.772452][ T7943] device bridge_slave_0 entered promiscuous mode
[  196.781546][ T7943] bridge0: port 2(bridge_slave_1) entered blocking state
[  196.789767][ T7943] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.798493][ T7943] device bridge_slave_1 entered promiscuous mode
[  196.813975][ T7947] IPVS: ftp: loaded support on port[0] = 21
[  196.840409][ T7943] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  196.865572][ T7943] bond0: Enslaving bond_slave_1 as an active interface with an up link
10:58:54 executing program 2:

[  196.912680][ T7943] team0: Port device team_slave_0 added
[  196.930349][ T7943] team0: Port device team_slave_1 added
10:58:54 executing program 3:
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}})
pread64(r0, &(0x7f0000000480)=""/211, 0xd3, 0x0)
write$FUSE_INTERRUPT(r0, &(0x7f0000000240)={0x10, 0x0, 0x2}, 0x10)
setxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='system.posix_acl_default\x00', &(0x7f00000006c0), 0x24, 0x0)

[  197.075897][ T7943] device hsr_slave_0 entered promiscuous mode
[  197.133212][ T7943] device hsr_slave_1 entered promiscuous mode
[  197.218982][ T7950] IPVS: ftp: loaded support on port[0] = 21
[  197.229886][ T7947] chnl_net:caif_netlink_parms(): no params data found
[  197.258053][ T7943] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.265312][ T7943] bridge0: port 2(bridge_slave_1) entered forwarding state
[  197.273101][ T7943] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.280169][ T7943] bridge0: port 1(bridge_slave_0) entered forwarding state
[  197.314272][ T7952] IPVS: ftp: loaded support on port[0] = 21
10:58:54 executing program 4:
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount(&(0x7f0000000040)=@loop={'/dev/loop', 0x0}, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='udf\x00', 0x0, 0x0)

[  197.395016][ T7947] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.402169][ T7947] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.413999][ T7947] device bridge_slave_0 entered promiscuous mode
[  197.421997][ T7947] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.431506][ T7947] bridge0: port 2(bridge_slave_1) entered disabled state
[  197.442262][ T7947] device bridge_slave_1 entered promiscuous mode
[  197.538965][ T7947] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  197.597773][ T7943] 8021q: adding VLAN 0 to HW filter on device bond0
[  197.607109][ T7947] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  197.631778][ T7955] IPVS: ftp: loaded support on port[0] = 21
[  197.678815][ T7943] 8021q: adding VLAN 0 to HW filter on device team0
10:58:55 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="2e0000001d008100e00f80ecdb4cb9040ac8650402000000000000fb120001000e00da1b40d819a9060015000000", 0x2e}], 0x1}, 0x0)

[  197.720661][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  197.737812][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.759170][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  197.771140][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  197.819602][ T7947] team0: Port device team_slave_0 added
[  197.842009][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  197.851447][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  197.859759][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.866852][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  197.874755][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  197.883357][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  197.891603][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.898694][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  197.914823][ T7947] team0: Port device team_slave_1 added
[  197.944710][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  197.953302][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  197.961687][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  197.971773][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  197.980330][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  197.988818][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  197.997225][ T7952] chnl_net:caif_netlink_parms(): no params data found
[  198.064599][ T7947] device hsr_slave_0 entered promiscuous mode
[  198.103671][ T7947] device hsr_slave_1 entered promiscuous mode
[  198.150464][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  198.158684][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  198.167122][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  198.185428][ T7950] chnl_net:caif_netlink_parms(): no params data found
[  198.226782][ T7960] IPVS: ftp: loaded support on port[0] = 21
[  198.238332][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  198.247525][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  198.267067][ T7943] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  198.290656][ T7952] bridge0: port 1(bridge_slave_0) entered blocking state
[  198.300461][ T7952] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.308883][ T7952] device bridge_slave_0 entered promiscuous mode
[  198.338277][ T7952] bridge0: port 2(bridge_slave_1) entered blocking state
[  198.345464][ T7952] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.353250][ T7952] device bridge_slave_1 entered promiscuous mode
[  198.382114][ T7950] bridge0: port 1(bridge_slave_0) entered blocking state
[  198.389337][ T7950] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.397931][ T7950] device bridge_slave_0 entered promiscuous mode
[  198.411960][ T7943] 8021q: adding VLAN 0 to HW filter on device batadv0
[  198.438832][ T7950] bridge0: port 2(bridge_slave_1) entered blocking state
[  198.447076][ T7950] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.456050][ T7950] device bridge_slave_1 entered promiscuous mode
[  198.476264][ T7952] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  198.489103][ T7952] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  198.511803][ T7952] team0: Port device team_slave_0 added
[  198.527256][ T7955] chnl_net:caif_netlink_parms(): no params data found
[  198.538907][ T7952] team0: Port device team_slave_1 added
[  198.558636][ T7950] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  198.569824][ T7950] bond0: Enslaving bond_slave_1 as an active interface with an up link
10:58:56 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="803ff8fffffffeffffff038a7e7164006cff9900000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53efdb56108e53b3994b2cc86d95687df2409c1be2ac93b7e0050a6b72696c6044c1", 0x5a, 0x400}], 0x0, 0x0)

[  198.754540][ T7952] device hsr_slave_0 entered promiscuous mode
[  198.772606][ T7969] EXT4-fs (loop0): unsupported inode size: 49476
[  198.783416][ T7952] device hsr_slave_1 entered promiscuous mode
[  198.842461][ T7950] team0: Port device team_slave_0 added
[  198.851988][ T7950] team0: Port device team_slave_1 added
10:58:56 executing program 0:
r0 = open(&(0x7f0000000280)='./bus\x00', 0x141042, 0x0)
fadvise64(r0, 0xfffffffffffffffc, 0x2, 0x0)

[  198.889058][ T7960] chnl_net:caif_netlink_parms(): no params data found
[  198.907690][ T7955] bridge0: port 1(bridge_slave_0) entered blocking state
[  198.915589][ T7955] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.923692][ T7955] device bridge_slave_0 entered promiscuous mode
10:58:56 executing program 0:
r0 = getpid()
sched_setattr(r0, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, 0x0)
pipe(&(0x7f0000000500)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet_udp(0x2, 0x2, 0x0)
close(r3)
write$binfmt_misc(r2, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
socket$inet(0x2, 0x3, 0x1)
setsockopt$inet_mreqn(r3, 0x0, 0x20, &(0x7f00000000c0)={@rand_addr, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x14)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
splice(r1, 0x0, r3, 0x0, 0x810005, 0x0)

[  198.977749][ T7950] device hsr_slave_0 entered promiscuous mode
[  199.043337][ T7950] device hsr_slave_1 entered promiscuous mode
[  199.074464][    C0] hrtimer: interrupt took 27463 ns
[  199.085042][ T7979] check_preemption_disabled: 3 callbacks suppressed
[  199.085127][ T7979] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/7979
[  199.101516][ T7979] caller is sk_mc_loop+0x1d/0x210
[  199.106692][ T7979] CPU: 0 PID: 7979 Comm: syz-executor.0 Not tainted 5.1.0-rc3-next-20190405 #19
[  199.115720][ T7979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  199.125774][ T7979] Call Trace:
[  199.129087][ T7979]  dump_stack+0x172/0x1f0
[  199.132259][ T7950] 8021q: adding VLAN 0 to HW filter on device bond0
[  199.133471][ T7979]  __this_cpu_preempt_check+0x246/0x270
[  199.133521][ T7979]  sk_mc_loop+0x1d/0x210
[  199.133544][ T7979]  ip_mc_output+0x2ef/0xf70
[  199.133566][ T7979]  ? __ip_queue_xmit+0x1bf0/0x1bf0
[  199.156431][ T7950] 8021q: adding VLAN 0 to HW filter on device team0
[  199.159520][ T7979]  ? __ip_make_skb+0xf15/0x1820
[  199.159541][ T7979]  ? ip_append_data.part.0+0x170/0x170
[  199.176550][ T7979]  ? dst_release+0x62/0xb0
[  199.180986][ T7979]  ? __ip_make_skb+0xf93/0x1820
[  199.185853][ T7979]  ip_local_out+0xc4/0x1b0
[  199.190294][ T7979]  ip_send_skb+0x42/0xf0
[  199.194575][ T7979]  ip_push_pending_frames+0x64/0x80
[  199.199800][ T7979]  raw_sendmsg+0x1e6d/0x2f20
[  199.200805][ T7950] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  199.204412][ T7979]  ? compat_raw_getsockopt+0x100/0x100
[  199.204441][ T7979]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  199.204460][ T7979]  ? mark_held_locks+0xa4/0xf0
[  199.204476][ T7979]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  199.204491][ T7979]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  199.204521][ T7979]  ? 0xffffffff81000000
[  199.204545][ T7979]  ? retint_kernel+0x2d/0x2d
[  199.204566][ T7979]  ? compat_raw_getsockopt+0x100/0x100
[  199.220680][ T7950] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  199.225894][ T7979]  inet_sendmsg+0x147/0x5e0
[  199.225910][ T7979]  ? compat_raw_getsockopt+0x100/0x100
[  199.225922][ T7979]  ? inet_sendmsg+0x147/0x5e0
[  199.225941][ T7979]  ? ipip_gro_receive+0x100/0x100
[  199.250002][ T7950] 8021q: adding VLAN 0 to HW filter on device batadv0
[  199.250324][ T7979]  sock_sendmsg+0xdd/0x130
[  199.266087][ T7979]  kernel_sendmsg+0x44/0x50
[  199.266109][ T7979]  sock_no_sendpage+0x116/0x150
[  199.307697][ T7979]  ? sock_kfree_s+0x70/0x70
[  199.312218][ T7979]  ? mark_held_locks+0xa4/0xf0
[  199.317003][ T7979]  ? trace_hardirqs_on_caller+0x6a/0x220
[  199.322651][ T7979]  inet_sendpage+0x44a/0x630
[  199.327274][ T7979]  kernel_sendpage+0x95/0xf0
[  199.327288][ T7979]  ? inet_sendmsg+0x5e0/0x5e0
[  199.327317][ T7979]  sock_sendpage+0x8b/0xc0
[  199.327337][ T7979]  pipe_to_sendpage+0x299/0x370
[  199.336699][ T7979]  ? kernel_sendpage+0xf0/0xf0
[  199.336717][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  199.336734][ T7979]  ? __splice_from_pipe+0x245/0x7d0
[  199.336752][ T7979]  __splice_from_pipe+0x395/0x7d0
[  199.336768][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  199.336788][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  199.336801][ T7979]  splice_from_pipe+0x108/0x170
[  199.336819][ T7979]  ? splice_shrink_spd+0xd0/0xd0
[  199.336841][ T7979]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
10:58:56 executing program 2:
r0 = socket$kcm(0x10, 0x2, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="2e0000002700050ad25a80648c63940d0124fc00100003400a000000053582c137153e370900018004001700d1bd", 0x2e}], 0x1}, 0x0)

[  199.336859][ T7979]  ? security_file_permission+0x94/0x380
[  199.336876][ T7979]  generic_splice_sendpage+0x3c/0x50
[  199.336888][ T7979]  ? splice_from_pipe+0x170/0x170
[  199.336902][ T7979]  do_splice+0x70a/0x13c0
[  199.336924][ T7979]  ? opipe_prep.part.0+0x2d0/0x2d0
[  199.336941][ T7979]  ? __fget_light+0x1a9/0x230
[  199.336959][ T7979]  __x64_sys_splice+0x2c6/0x330
[  199.336981][ T7979]  do_syscall_64+0x103/0x610
[  199.337002][ T7979]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  199.337013][ T7979] RIP: 0033:0x4582b9
[  199.337029][ T7979] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  199.337037][ T7979] RSP: 002b:00007fda9d39fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  199.337051][ T7979] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9
[  199.337058][ T7979] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
10:58:57 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt(r0, 0x10e, 0xb, &(0x7f00000004c0)="9adc01ce", 0x4)
sendmsg(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000040)="24000000200007041dfffd946f610500027801001f00000000000800050016000400ff7e", 0x24}], 0x1}, 0x0)

[  199.337074][ T7979] RBP: 000000000073bfa0 R08: 0000000000810005 R09: 0000000000000000
[  199.437459][ T7984] netlink: 'syz-executor.2': attribute type 3 has an invalid length.
[  199.439112][ T7979] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fda9d3a06d4
[  199.439121][ T7979] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff
[  199.453851][ T7979] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/7979
[  199.472054][ T7984] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  199.479705][ T7979] caller is sk_mc_loop+0x1d/0x210
[  199.537664][ T7979] CPU: 0 PID: 7979 Comm: syz-executor.0 Not tainted 5.1.0-rc3-next-20190405 #19
[  199.551523][ T7979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  199.551530][ T7979] Call Trace:
[  199.551554][ T7979]  dump_stack+0x172/0x1f0
[  199.551581][ T7979]  __this_cpu_preempt_check+0x246/0x270
[  199.574785][ T7979]  sk_mc_loop+0x1d/0x210
[  199.579040][ T7979]  ip_mc_output+0x2ef/0xf70
[  199.583568][ T7979]  ? __ip_queue_xmit+0x1bf0/0x1bf0
[  199.588690][ T7979]  ? ip_append_data.part.0+0x170/0x170
[  199.594157][ T7979]  ? dst_release+0x62/0xb0
[  199.598585][ T7979]  ? __ip_make_skb+0xf93/0x1820
[  199.603447][ T7979]  ip_local_out+0xc4/0x1b0
[  199.607871][ T7979]  ip_send_skb+0x42/0xf0
[  199.612124][ T7979]  ip_push_pending_frames+0x64/0x80
[  199.617350][ T7979]  raw_sendmsg+0x1e6d/0x2f20
[  199.621964][ T7979]  ? compat_raw_getsockopt+0x100/0x100
[  199.627434][ T7979]  ? trace_hardirqs_on_caller+0x6a/0x220
[  199.633082][ T7979]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  199.638564][ T7979]  ? retint_kernel+0x2d/0x2d
10:58:57 executing program 2:
r0 = open(&(0x7f0000000280)='./bus\x00', 0x141042, 0x0)
fadvise64(r0, 0xfffffffffffffffc, 0x2000000, 0x0)

[  199.643176][ T7979]  ? ___might_sleep+0x163/0x280
[  199.648041][ T7979]  ? __might_sleep+0x95/0x190
[  199.652730][ T7979]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  199.658377][ T7979]  ? aa_sk_perm+0x288/0x880
[  199.662897][ T7979]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  199.662917][ T7979]  inet_sendmsg+0x147/0x5e0
[  199.662931][ T7979]  ? compat_raw_getsockopt+0x100/0x100
[  199.662942][ T7979]  ? inet_sendmsg+0x147/0x5e0
[  199.662955][ T7979]  ? ipip_gro_receive+0x100/0x100
[  199.662973][ T7979]  sock_sendmsg+0xdd/0x130
[  199.662991][ T7979]  kernel_sendmsg+0x44/0x50
[  199.663009][ T7979]  sock_no_sendpage+0x116/0x150
[  199.663024][ T7979]  ? sock_kfree_s+0x70/0x70
[  199.663056][ T7979]  inet_sendpage+0x44a/0x630
[  199.663078][ T7979]  kernel_sendpage+0x95/0xf0
[  199.673119][ T7979]  ? inet_sendmsg+0x5e0/0x5e0
[  199.673141][ T7979]  sock_sendpage+0x8b/0xc0
[  199.673161][ T7979]  pipe_to_sendpage+0x299/0x370
[  199.673176][ T7979]  ? kernel_sendpage+0xf0/0xf0
[  199.673192][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  199.673208][ T7979]  ? __splice_from_pipe+0x309/0x7d0
[  199.673227][ T7979]  __splice_from_pipe+0x395/0x7d0
[  199.673248][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  199.755700][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  199.760991][ T7979]  splice_from_pipe+0x108/0x170
[  199.765855][ T7979]  ? splice_shrink_spd+0xd0/0xd0
[  199.770810][ T7979]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  199.770835][ T7979]  ? security_file_permission+0x94/0x380
[  199.782701][ T7979]  generic_splice_sendpage+0x3c/0x50
[  199.782718][ T7979]  ? splice_from_pipe+0x170/0x170
[  199.782734][ T7979]  do_splice+0x70a/0x13c0
[  199.782758][ T7979]  ? opipe_prep.part.0+0x2d0/0x2d0
[  199.802502][ T7979]  ? __fget_light+0x1a9/0x230
[  199.807492][ T7979]  __x64_sys_splice+0x2c6/0x330
[  199.812371][ T7979]  do_syscall_64+0x103/0x610
[  199.818373][ T7979]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  199.824594][ T7979] RIP: 0033:0x4582b9
[  199.828500][ T7979] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  199.848214][ T7979] RSP: 002b:00007fda9d39fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  199.856634][ T7979] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9
[  199.864691][ T7979] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
[  199.872665][ T7979] RBP: 000000000073bfa0 R08: 0000000000810005 R09: 0000000000000000
[  199.880653][ T7979] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fda9d3a06d4
[  199.888631][ T7979] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff
[  199.897635][ T7979] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/7979
[  199.906977][ T7979] caller is sk_mc_loop+0x1d/0x210
[  199.912016][ T7979] CPU: 0 PID: 7979 Comm: syz-executor.0 Not tainted 5.1.0-rc3-next-20190405 #19
[  199.921038][ T7979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  199.931093][ T7979] Call Trace:
[  199.934401][ T7979]  dump_stack+0x172/0x1f0
[  199.938745][ T7979]  __this_cpu_preempt_check+0x246/0x270
[  199.944299][ T7979]  sk_mc_loop+0x1d/0x210
[  199.948557][ T7979]  ip_mc_output+0x2ef/0xf70
[  199.948579][ T7979]  ? __ip_queue_xmit+0x1bf0/0x1bf0
[  199.948599][ T7979]  ? __ip_make_skb+0xf15/0x1820
[  199.958203][ T7979]  ? ip_append_data.part.0+0x170/0x170
[  199.958217][ T7979]  ? dst_release+0x62/0xb0
[  199.958238][ T7979]  ? __ip_make_skb+0xf93/0x1820
[  199.977784][ T7979]  ip_local_out+0xc4/0x1b0
[  199.982215][ T7979]  ip_send_skb+0x42/0xf0
[  199.986622][ T7979]  ip_push_pending_frames+0x64/0x80
[  199.991835][ T7979]  raw_sendmsg+0x1e6d/0x2f20
[  199.996446][ T7979]  ? compat_raw_getsockopt+0x100/0x100
[  200.001914][ T7979]  ? trace_hardirqs_on_caller+0x6a/0x220
[  200.007537][ T7979]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  200.012996][ T7979]  ? retint_kernel+0x2d/0x2d
[  200.017592][ T7979]  ? ___might_sleep+0x163/0x280
[  200.022477][ T7979]  ? __might_sleep+0x95/0x190
[  200.027150][ T7979]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  200.032809][ T7979]  ? aa_sk_perm+0x288/0x880
[  200.037308][ T7979]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  200.042849][ T7979]  inet_sendmsg+0x147/0x5e0
[  200.047437][ T7979]  ? compat_raw_getsockopt+0x100/0x100
[  200.052882][ T7979]  ? inet_sendmsg+0x147/0x5e0
[  200.057561][ T7979]  ? ipip_gro_receive+0x100/0x100
[  200.062567][ T7979]  sock_sendmsg+0xdd/0x130
[  200.066968][ T7979]  kernel_sendmsg+0x44/0x50
[  200.071518][ T7979]  sock_no_sendpage+0x116/0x150
[  200.076366][ T7979]  ? sock_kfree_s+0x70/0x70
[  200.080863][ T7979]  ? debug_check_no_obj_freed+0x211/0x444
[  200.086589][ T7979]  ? mark_held_locks+0xa4/0xf0
[  200.091352][ T7979]  inet_sendpage+0x44a/0x630
[  200.096018][ T7979]  kernel_sendpage+0x95/0xf0
[  200.100589][ T7979]  ? inet_sendmsg+0x5e0/0x5e0
[  200.105263][ T7979]  sock_sendpage+0x8b/0xc0
[  200.109675][ T7979]  ? lockdep_hardirqs_on+0x418/0x5d0
[  200.114944][ T7979]  pipe_to_sendpage+0x299/0x370
[  200.119779][ T7979]  ? kernel_sendpage+0xf0/0xf0
[  200.124543][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  200.129828][ T7979]  ? __put_page+0x92/0xd0
[  200.134159][ T7979]  ? anon_pipe_buf_release+0x1c6/0x270
[  200.139643][ T7979]  __splice_from_pipe+0x395/0x7d0
[  200.144668][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  200.149955][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  200.155222][ T7979]  splice_from_pipe+0x108/0x170
[  200.160057][ T7979]  ? splice_shrink_spd+0xd0/0xd0
[  200.164998][ T7979]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  200.171237][ T7979]  ? security_file_permission+0x94/0x380
[  200.176861][ T7979]  generic_splice_sendpage+0x3c/0x50
[  200.182142][ T7979]  ? splice_from_pipe+0x170/0x170
[  200.187148][ T7979]  do_splice+0x70a/0x13c0
[  200.191475][ T7979]  ? opipe_prep.part.0+0x2d0/0x2d0
[  200.196599][ T7979]  ? __fget_light+0x1a9/0x230
[  200.201264][ T7979]  __x64_sys_splice+0x2c6/0x330
[  200.206119][ T7979]  do_syscall_64+0x103/0x610
[  200.210706][ T7979]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  200.216579][ T7979] RIP: 0033:0x4582b9
[  200.220456][ T7979] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  200.240397][ T7979] RSP: 002b:00007fda9d39fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  200.248815][ T7979] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9
[  200.256795][ T7979] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
[  200.264759][ T7979] RBP: 000000000073bfa0 R08: 0000000000810005 R09: 0000000000000000
[  200.272728][ T7979] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fda9d3a06d4
[  200.280681][ T7979] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff
[  200.289169][ T7979] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/7979
[  200.298511][ T7979] caller is sk_mc_loop+0x1d/0x210
[  200.303607][ T7979] CPU: 0 PID: 7979 Comm: syz-executor.0 Not tainted 5.1.0-rc3-next-20190405 #19
[  200.312643][ T7979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  200.322678][ T7979] Call Trace:
[  200.325970][ T7979]  dump_stack+0x172/0x1f0
[  200.330299][ T7979]  __this_cpu_preempt_check+0x246/0x270
[  200.335842][ T7979]  sk_mc_loop+0x1d/0x210
[  200.340080][ T7979]  ip_mc_output+0x2ef/0xf70
[  200.344586][ T7979]  ? __ip_queue_xmit+0x1bf0/0x1bf0
[  200.349698][ T7979]  ? __ip_make_skb+0xf15/0x1820
[  200.354564][ T7979]  ? ip_append_data.part.0+0x170/0x170
[  200.360026][ T7979]  ? dst_release+0x62/0xb0
[  200.364443][ T7979]  ? __ip_make_skb+0xf93/0x1820
[  200.369292][ T7979]  ip_local_out+0xc4/0x1b0
[  200.373711][ T7979]  ip_send_skb+0x42/0xf0
[  200.377951][ T7979]  ip_push_pending_frames+0x64/0x80
[  200.383144][ T7979]  raw_sendmsg+0x1e6d/0x2f20
[  200.387741][ T7979]  ? compat_raw_getsockopt+0x100/0x100
[  200.393198][ T7979]  ? trace_hardirqs_on_caller+0x6a/0x220
[  200.398833][ T7979]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  200.404289][ T7979]  ? retint_kernel+0x2d/0x2d
[  200.408884][ T7979]  ? ___might_sleep+0x163/0x280
[  200.413733][ T7979]  ? __might_sleep+0x95/0x190
[  200.418496][ T7979]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  200.424135][ T7979]  ? aa_sk_perm+0x288/0x880
[  200.428636][ T7979]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  200.434177][ T7979]  inet_sendmsg+0x147/0x5e0
[  200.438684][ T7979]  ? compat_raw_getsockopt+0x100/0x100
[  200.444140][ T7979]  ? inet_sendmsg+0x147/0x5e0
[  200.448814][ T7979]  ? ipip_gro_receive+0x100/0x100
[  200.453841][ T7979]  sock_sendmsg+0xdd/0x130
[  200.458258][ T7979]  kernel_sendmsg+0x44/0x50
[  200.462747][ T7979]  sock_no_sendpage+0x116/0x150
[  200.467603][ T7979]  ? sock_kfree_s+0x70/0x70
[  200.472094][ T7979]  ? debug_check_no_obj_freed+0x211/0x444
[  200.477808][ T7979]  ? mark_held_locks+0xa4/0xf0
[  200.482555][ T7979]  inet_sendpage+0x44a/0x630
[  200.487169][ T7979]  kernel_sendpage+0x95/0xf0
[  200.491741][ T7979]  ? inet_sendmsg+0x5e0/0x5e0
[  200.496440][ T7979]  sock_sendpage+0x8b/0xc0
[  200.500842][ T7979]  ? lockdep_hardirqs_on+0x418/0x5d0
[  200.506135][ T7979]  pipe_to_sendpage+0x299/0x370
[  200.510983][ T7979]  ? kernel_sendpage+0xf0/0xf0
[  200.515731][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  200.520997][ T7979]  ? __put_page+0x92/0xd0
[  200.525323][ T7979]  ? anon_pipe_buf_release+0x1c6/0x270
[  200.530777][ T7979]  __splice_from_pipe+0x395/0x7d0
[  200.535796][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  200.541082][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  200.546376][ T7979]  splice_from_pipe+0x108/0x170
[  200.551320][ T7979]  ? splice_shrink_spd+0xd0/0xd0
[  200.556246][ T7979]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  200.562473][ T7979]  ? security_file_permission+0x94/0x380
[  200.568099][ T7979]  generic_splice_sendpage+0x3c/0x50
[  200.573378][ T7979]  ? splice_from_pipe+0x170/0x170
[  200.578406][ T7979]  do_splice+0x70a/0x13c0
[  200.582725][ T7979]  ? opipe_prep.part.0+0x2d0/0x2d0
[  200.587834][ T7979]  ? __fget_light+0x1a9/0x230
[  200.592515][ T7979]  __x64_sys_splice+0x2c6/0x330
[  200.597363][ T7979]  do_syscall_64+0x103/0x610
[  200.601935][ T7979]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  200.607815][ T7979] RIP: 0033:0x4582b9
[  200.611706][ T7979] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  200.631378][ T7979] RSP: 002b:00007fda9d39fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  200.639769][ T7979] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9
[  200.647721][ T7979] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
[  200.655683][ T7979] RBP: 000000000073bfa0 R08: 0000000000810005 R09: 0000000000000000
[  200.663652][ T7979] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fda9d3a06d4
[  200.671617][ T7979] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff
[  200.680134][ T7979] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/7979
[  200.689456][ T7979] caller is sk_mc_loop+0x1d/0x210
[  200.694542][ T7979] CPU: 0 PID: 7979 Comm: syz-executor.0 Not tainted 5.1.0-rc3-next-20190405 #19
[  200.703565][ T7979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  200.713620][ T7979] Call Trace:
[  200.716910][ T7979]  dump_stack+0x172/0x1f0
[  200.721228][ T7979]  __this_cpu_preempt_check+0x246/0x270
[  200.726798][ T7979]  sk_mc_loop+0x1d/0x210
[  200.731036][ T7979]  ip_mc_output+0x2ef/0xf70
[  200.735554][ T7979]  ? __ip_queue_xmit+0x1bf0/0x1bf0
[  200.740689][ T7979]  ? __ip_make_skb+0xf15/0x1820
[  200.745544][ T7979]  ? ip_append_data.part.0+0x170/0x170
[  200.751010][ T7979]  ? dst_release+0x62/0xb0
[  200.755445][ T7979]  ? __ip_make_skb+0xf93/0x1820
[  200.760370][ T7979]  ip_local_out+0xc4/0x1b0
[  200.764784][ T7979]  ip_send_skb+0x42/0xf0
[  200.769030][ T7979]  ip_push_pending_frames+0x64/0x80
[  200.774228][ T7979]  raw_sendmsg+0x1e6d/0x2f20
[  200.778822][ T7979]  ? compat_raw_getsockopt+0x100/0x100
[  200.784275][ T7979]  ? trace_hardirqs_on_caller+0x6a/0x220
[  200.789907][ T7979]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  200.795370][ T7979]  ? retint_kernel+0x2d/0x2d
[  200.799948][ T7979]  ? ___might_sleep+0x163/0x280
[  200.804797][ T7979]  ? __might_sleep+0x95/0x190
[  200.809468][ T7979]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  200.815080][ T7979]  ? aa_sk_perm+0x288/0x880
[  200.819607][ T7979]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  200.825153][ T7979]  inet_sendmsg+0x147/0x5e0
[  200.829651][ T7979]  ? compat_raw_getsockopt+0x100/0x100
[  200.835091][ T7979]  ? inet_sendmsg+0x147/0x5e0
[  200.839751][ T7979]  ? ipip_gro_receive+0x100/0x100
[  200.844770][ T7979]  sock_sendmsg+0xdd/0x130
[  200.849185][ T7979]  kernel_sendmsg+0x44/0x50
[  200.853689][ T7979]  sock_no_sendpage+0x116/0x150
[  200.858551][ T7979]  ? sock_kfree_s+0x70/0x70
[  200.863163][ T7979]  ? debug_check_no_obj_freed+0x211/0x444
[  200.868898][ T7979]  ? mark_held_locks+0xa4/0xf0
[  200.873677][ T7979]  inet_sendpage+0x44a/0x630
[  200.878281][ T7979]  kernel_sendpage+0x95/0xf0
[  200.882878][ T7979]  ? inet_sendmsg+0x5e0/0x5e0
[  200.887568][ T7979]  sock_sendpage+0x8b/0xc0
[  200.891994][ T7979]  ? lockdep_hardirqs_on+0x418/0x5d0
[  200.897287][ T7979]  pipe_to_sendpage+0x299/0x370
[  200.902149][ T7979]  ? kernel_sendpage+0xf0/0xf0
[  200.906925][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  200.912217][ T7979]  ? __put_page+0x92/0xd0
[  200.916557][ T7979]  ? anon_pipe_buf_release+0x1c6/0x270
[  200.922027][ T7979]  __splice_from_pipe+0x395/0x7d0
[  200.927060][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  200.932343][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  200.937621][ T7979]  splice_from_pipe+0x108/0x170
[  200.942476][ T7979]  ? splice_shrink_spd+0xd0/0xd0
[  200.947426][ T7979]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  200.953669][ T7979]  ? security_file_permission+0x94/0x380
[  200.959304][ T7979]  generic_splice_sendpage+0x3c/0x50
[  200.964609][ T7979]  ? splice_from_pipe+0x170/0x170
[  200.969727][ T7979]  do_splice+0x70a/0x13c0
[  200.974069][ T7979]  ? opipe_prep.part.0+0x2d0/0x2d0
[  200.979184][ T7979]  ? __fget_light+0x1a9/0x230
[  200.983866][ T7979]  __x64_sys_splice+0x2c6/0x330
[  200.988728][ T7979]  do_syscall_64+0x103/0x610
[  200.993324][ T7979]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  200.999221][ T7979] RIP: 0033:0x4582b9
[  201.003117][ T7979] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  201.022725][ T7979] RSP: 002b:00007fda9d39fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  201.031178][ T7979] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9
[  201.039151][ T7979] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
[  201.047123][ T7979] RBP: 000000000073bfa0 R08: 0000000000810005 R09: 0000000000000000
[  201.055094][ T7979] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fda9d3a06d4
[  201.063065][ T7979] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff
[  201.071627][ T7979] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/7979
[  201.080981][ T7979] caller is sk_mc_loop+0x1d/0x210
[  201.086092][ T7979] CPU: 0 PID: 7979 Comm: syz-executor.0 Not tainted 5.1.0-rc3-next-20190405 #19
[  201.095125][ T7979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  201.105604][ T7979] Call Trace:
[  201.108881][ T7979]  dump_stack+0x172/0x1f0
[  201.113211][ T7979]  __this_cpu_preempt_check+0x246/0x270
[  201.118750][ T7979]  sk_mc_loop+0x1d/0x210
[  201.122986][ T7979]  ip_mc_output+0x2ef/0xf70
[  201.127489][ T7979]  ? __ip_queue_xmit+0x1bf0/0x1bf0
[  201.132608][ T7979]  ? __ip_make_skb+0xf15/0x1820
[  201.137458][ T7979]  ? ip_append_data.part.0+0x170/0x170
[  201.142922][ T7979]  ? dst_release+0x62/0xb0
[  201.147366][ T7979]  ? __ip_make_skb+0xf93/0x1820
[  201.152206][ T7979]  ip_local_out+0xc4/0x1b0
[  201.156617][ T7979]  ip_send_skb+0x42/0xf0
[  201.160856][ T7979]  ip_push_pending_frames+0x64/0x80
[  201.166039][ T7979]  raw_sendmsg+0x1e6d/0x2f20
[  201.170616][ T7979]  ? compat_raw_getsockopt+0x100/0x100
[  201.176084][ T7979]  ? trace_hardirqs_on_caller+0x6a/0x220
[  201.181742][ T7979]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  201.187187][ T7979]  ? retint_kernel+0x2d/0x2d
[  201.191774][ T7979]  ? ___might_sleep+0x163/0x280
[  201.196643][ T7979]  ? __might_sleep+0x95/0x190
[  201.201323][ T7979]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  201.207031][ T7979]  ? aa_sk_perm+0x288/0x880
[  201.211528][ T7979]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  201.217069][ T7979]  inet_sendmsg+0x147/0x5e0
[  201.221566][ T7979]  ? compat_raw_getsockopt+0x100/0x100
[  201.227003][ T7979]  ? inet_sendmsg+0x147/0x5e0
[  201.231663][ T7979]  ? ipip_gro_receive+0x100/0x100
[  201.236683][ T7979]  sock_sendmsg+0xdd/0x130
[  201.241185][ T7979]  kernel_sendmsg+0x44/0x50
[  201.245675][ T7979]  sock_no_sendpage+0x116/0x150
[  201.250511][ T7979]  ? sock_kfree_s+0x70/0x70
[  201.255016][ T7979]  ? debug_check_no_obj_freed+0x211/0x444
[  201.260735][ T7979]  ? mark_held_locks+0xa4/0xf0
[  201.265492][ T7979]  inet_sendpage+0x44a/0x630
[  201.270093][ T7979]  kernel_sendpage+0x95/0xf0
[  201.274675][ T7979]  ? inet_sendmsg+0x5e0/0x5e0
[  201.279357][ T7979]  sock_sendpage+0x8b/0xc0
[  201.283862][ T7979]  ? lockdep_hardirqs_on+0x418/0x5d0
[  201.289143][ T7979]  pipe_to_sendpage+0x299/0x370
[  201.293990][ T7979]  ? kernel_sendpage+0xf0/0xf0
[  201.299780][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  201.305050][ T7979]  ? __put_page+0x92/0xd0
[  201.309362][ T7979]  ? anon_pipe_buf_release+0x1c6/0x270
[  201.314817][ T7979]  __splice_from_pipe+0x395/0x7d0
[  201.319858][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  201.325130][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  201.330397][ T7979]  splice_from_pipe+0x108/0x170
[  201.335245][ T7979]  ? splice_shrink_spd+0xd0/0xd0
[  201.340183][ T7979]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  201.346431][ T7979]  ? security_file_permission+0x94/0x380
[  201.352054][ T7979]  generic_splice_sendpage+0x3c/0x50
[  201.357337][ T7979]  ? splice_from_pipe+0x170/0x170
[  201.362358][ T7979]  do_splice+0x70a/0x13c0
[  201.366682][ T7979]  ? opipe_prep.part.0+0x2d0/0x2d0
[  201.371796][ T7979]  ? __fget_light+0x1a9/0x230
[  201.376475][ T7979]  __x64_sys_splice+0x2c6/0x330
[  201.381350][ T7979]  do_syscall_64+0x103/0x610
[  201.385933][ T7979]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  201.391831][ T7979] RIP: 0033:0x4582b9
[  201.395725][ T7979] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  201.416029][ T7979] RSP: 002b:00007fda9d39fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  201.424446][ T7979] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9
[  201.432404][ T7979] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
[  201.440364][ T7979] RBP: 000000000073bfa0 R08: 0000000000810005 R09: 0000000000000000
[  201.448331][ T7979] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fda9d3a06d4
[  201.456292][ T7979] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff
[  201.464844][ T7979] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/7979
[  201.474208][ T7979] caller is sk_mc_loop+0x1d/0x210
[  201.479237][ T7979] CPU: 0 PID: 7979 Comm: syz-executor.0 Not tainted 5.1.0-rc3-next-20190405 #19
[  201.488240][ T7979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  201.498279][ T7979] Call Trace:
[  201.501560][ T7979]  dump_stack+0x172/0x1f0
[  201.505881][ T7979]  __this_cpu_preempt_check+0x246/0x270
[  201.511433][ T7979]  sk_mc_loop+0x1d/0x210
[  201.515678][ T7979]  ip_mc_output+0x2ef/0xf70
[  201.520180][ T7979]  ? __ip_queue_xmit+0x1bf0/0x1bf0
[  201.525275][ T7979]  ? __ip_make_skb+0xf15/0x1820
[  201.530121][ T7979]  ? ip_append_data.part.0+0x170/0x170
[  201.535584][ T7979]  ? dst_release+0x62/0xb0
[  201.539995][ T7979]  ? __ip_make_skb+0xf93/0x1820
[  201.544832][ T7979]  ip_local_out+0xc4/0x1b0
[  201.549229][ T7979]  ip_send_skb+0x42/0xf0
[  201.553464][ T7979]  ip_push_pending_frames+0x64/0x80
[  201.558664][ T7979]  raw_sendmsg+0x1e6d/0x2f20
[  201.563256][ T7979]  ? compat_raw_getsockopt+0x100/0x100
[  201.568709][ T7979]  ? trace_hardirqs_on_caller+0x6a/0x220
[  201.574427][ T7979]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  201.579887][ T7979]  ? retint_kernel+0x2d/0x2d
[  201.584469][ T7979]  ? ___might_sleep+0x163/0x280
[  201.589335][ T7979]  ? __might_sleep+0x95/0x190
[  201.594010][ T7979]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  201.599634][ T7979]  ? aa_sk_perm+0x288/0x880
[  201.604128][ T7979]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  201.609678][ T7979]  inet_sendmsg+0x147/0x5e0
[  201.614174][ T7979]  ? compat_raw_getsockopt+0x100/0x100
[  201.619621][ T7979]  ? inet_sendmsg+0x147/0x5e0
[  201.624304][ T7979]  ? ipip_gro_receive+0x100/0x100
[  201.629339][ T7979]  sock_sendmsg+0xdd/0x130
[  201.633764][ T7979]  kernel_sendmsg+0x44/0x50
[  201.638263][ T7979]  sock_no_sendpage+0x116/0x150
[  201.643108][ T7979]  ? sock_kfree_s+0x70/0x70
[  201.647609][ T7979]  ? debug_check_no_obj_freed+0x211/0x444
[  201.653333][ T7979]  ? mark_held_locks+0xa4/0xf0
[  201.658118][ T7979]  inet_sendpage+0x44a/0x630
[  201.662697][ T7979]  kernel_sendpage+0x95/0xf0
[  201.667270][ T7979]  ? inet_sendmsg+0x5e0/0x5e0
[  201.671951][ T7979]  sock_sendpage+0x8b/0xc0
[  201.676362][ T7979]  ? lockdep_hardirqs_on+0x418/0x5d0
[  201.681642][ T7979]  pipe_to_sendpage+0x299/0x370
[  201.686479][ T7979]  ? kernel_sendpage+0xf0/0xf0
[  201.691238][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  201.696554][ T7979]  ? __put_page+0x92/0xd0
[  201.700880][ T7979]  ? anon_pipe_buf_release+0x1c6/0x270
[  201.706323][ T7979]  __splice_from_pipe+0x395/0x7d0
[  201.711344][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  201.716631][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  201.721946][ T7979]  splice_from_pipe+0x108/0x170
[  201.726822][ T7979]  ? splice_shrink_spd+0xd0/0xd0
[  201.731762][ T7979]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  201.738000][ T7979]  ? security_file_permission+0x94/0x380
[  201.743642][ T7979]  generic_splice_sendpage+0x3c/0x50
[  201.748925][ T7979]  ? splice_from_pipe+0x170/0x170
[  201.753940][ T7979]  do_splice+0x70a/0x13c0
[  201.758291][ T7979]  ? opipe_prep.part.0+0x2d0/0x2d0
[  201.763399][ T7979]  ? __fget_light+0x1a9/0x230
[  201.768072][ T7979]  __x64_sys_splice+0x2c6/0x330
[  201.772932][ T7979]  do_syscall_64+0x103/0x610
[  201.777533][ T7979]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  201.783419][ T7979] RIP: 0033:0x4582b9
[  201.787317][ T7979] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  201.806907][ T7979] RSP: 002b:00007fda9d39fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  201.815331][ T7979] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9
[  201.823308][ T7979] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
[  201.831294][ T7979] RBP: 000000000073bfa0 R08: 0000000000810005 R09: 0000000000000000
[  201.839261][ T7979] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fda9d3a06d4
[  201.847219][ T7979] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff
10:58:57 executing program 2:
mkdir(&(0x7f0000000040)='./control\x00', 0x0)
open(&(0x7f0000000000)='./control\x00', 0xc40beb2474dfd22a, 0xf6ffffff)

[  201.855880][    C0] sched: RT throttling activated
[  201.882596][ T7955] bridge0: port 2(bridge_slave_1) entered blocking state
[  201.896639][ T7955] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.905033][ T7955] device bridge_slave_1 entered promiscuous mode
[  201.914451][  T269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  201.922229][  T269] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  201.930028][  T269] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  201.938681][  T269] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  201.947003][  T269] bridge0: port 1(bridge_slave_0) entered blocking state
[  201.954117][  T269] bridge0: port 1(bridge_slave_0) entered forwarding state
[  201.961606][  T269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  201.970240][  T269] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  201.978501][  T269] bridge0: port 2(bridge_slave_1) entered blocking state
[  201.985601][  T269] bridge0: port 2(bridge_slave_1) entered forwarding state
[  201.993327][  T269] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  201.994122][ T7979] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/7979
[  202.001956][  T269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  202.010591][ T7979] caller is sk_mc_loop+0x1d/0x210
[  202.010612][ T7979] CPU: 0 PID: 7979 Comm: syz-executor.0 Not tainted 5.1.0-rc3-next-20190405 #19
[  202.019282][  T269] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  202.023503][ T7979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  202.023516][ T7979] Call Trace:
[  202.023543][ T7979]  dump_stack+0x172/0x1f0
[  202.023567][ T7979]  __this_cpu_preempt_check+0x246/0x270
[  202.033341][  T269] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  202.040471][ T7979]  sk_mc_loop+0x1d/0x210
[  202.051288][  T269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  202.053817][ T7979]  ip_mc_output+0x2ef/0xf70
[  202.053838][ T7979]  ? __ip_queue_xmit+0x1bf0/0x1bf0
[  202.053852][ T7979]  ? __ip_make_skb+0xf15/0x1820
[  202.053869][ T7979]  ? ip_append_data.part.0+0x170/0x170
[  202.053882][ T7979]  ? dst_release+0x62/0xb0
[  202.053896][ T7979]  ? __ip_make_skb+0xf93/0x1820
[  202.053911][ T7979]  ip_local_out+0xc4/0x1b0
[  202.053926][ T7979]  ip_send_skb+0x42/0xf0
[  202.053940][ T7979]  ip_push_pending_frames+0x64/0x80
[  202.053955][ T7979]  raw_sendmsg+0x1e6d/0x2f20
[  202.053979][ T7979]  ? compat_raw_getsockopt+0x100/0x100
[  202.053995][ T7979]  ? trace_hardirqs_on_caller+0x6a/0x220
[  202.054016][ T7979]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  202.054037][ T7979]  ? retint_kernel+0x2d/0x2d
[  202.054064][ T7979]  ? ___might_sleep+0x163/0x280
[  202.054082][ T7979]  ? __might_sleep+0x95/0x190
[  202.054100][ T7979]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  202.054114][ T7979]  ? aa_sk_perm+0x288/0x880
[  202.054137][ T7979]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  202.059098][  T269] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  202.063999][ T7979]  inet_sendmsg+0x147/0x5e0
[  202.064013][ T7979]  ? compat_raw_getsockopt+0x100/0x100
[  202.064025][ T7979]  ? inet_sendmsg+0x147/0x5e0
[  202.064038][ T7979]  ? ipip_gro_receive+0x100/0x100
[  202.064060][ T7979]  sock_sendmsg+0xdd/0x130
[  202.072437][  T269] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  202.076090][ T7979]  kernel_sendmsg+0x44/0x50
[  202.076108][ T7979]  sock_no_sendpage+0x116/0x150
[  202.076122][ T7979]  ? sock_kfree_s+0x70/0x70
[  202.076141][ T7979]  ? debug_check_no_obj_freed+0x211/0x444
[  202.076166][ T7979]  ? mark_held_locks+0xa4/0xf0
[  202.084608][  T269] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  202.088553][ T7979]  inet_sendpage+0x44a/0x630
[  202.094359][  T269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  202.098495][ T7979]  kernel_sendpage+0x95/0xf0
[  202.109956][  T269] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  202.113167][ T7979]  ? inet_sendmsg+0x5e0/0x5e0
[  202.113189][ T7979]  sock_sendpage+0x8b/0xc0
[  202.113203][ T7979]  ? lockdep_hardirqs_on+0x418/0x5d0
[  202.113221][ T7979]  pipe_to_sendpage+0x299/0x370
[  202.113237][ T7979]  ? kernel_sendpage+0xf0/0xf0
[  202.113262][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  202.164068][ T7952] 8021q: adding VLAN 0 to HW filter on device bond0
[  202.167907][ T7979]  ? __put_page+0x92/0xd0
[  202.187482][ T7952] 8021q: adding VLAN 0 to HW filter on device team0
[  202.190215][ T7979]  ? anon_pipe_buf_release+0x1c6/0x270
[  202.190240][ T7979]  __splice_from_pipe+0x395/0x7d0
[  202.229824][ T7952] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  202.231383][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  202.231411][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  202.242464][ T7952] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  202.249578][ T7979]  splice_from_pipe+0x108/0x170
[  202.249597][ T7979]  ? splice_shrink_spd+0xd0/0xd0
[  202.249619][ T7979]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  202.249638][ T7979]  ? security_file_permission+0x94/0x380
[  202.249656][ T7979]  generic_splice_sendpage+0x3c/0x50
[  202.249668][ T7979]  ? splice_from_pipe+0x170/0x170
[  202.249691][ T7979]  do_splice+0x70a/0x13c0
[  202.278454][ T7952] 8021q: adding VLAN 0 to HW filter on device batadv0
[  202.279034][ T7979]  ? opipe_prep.part.0+0x2d0/0x2d0
[  202.288720][ T7979]  ? __fget_light+0x1a9/0x230
[  202.288750][ T7979]  __x64_sys_splice+0x2c6/0x330
[  202.326730][ T7979]  do_syscall_64+0x103/0x610
[  202.342065][ T7979]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  202.342077][ T7979] RIP: 0033:0x4582b9
[  202.342092][ T7979] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  202.342099][ T7979] RSP: 002b:00007fda9d39fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  202.342111][ T7979] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9
[  202.342118][ T7979] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
[  202.342125][ T7979] RBP: 000000000073bfa0 R08: 0000000000810005 R09: 0000000000000000
[  202.342133][ T7979] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fda9d3a06d4
[  202.342141][ T7979] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff
[  202.343843][ T7979] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/7979
[  202.384850][ T7979] caller is sk_mc_loop+0x1d/0x210
[  202.384869][ T7979] CPU: 0 PID: 7979 Comm: syz-executor.0 Not tainted 5.1.0-rc3-next-20190405 #19
[  202.384878][ T7979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  202.384883][ T7979] Call Trace:
[  202.384905][ T7979]  dump_stack+0x172/0x1f0
[  202.384929][ T7979]  __this_cpu_preempt_check+0x246/0x270
[  202.384944][ T7979]  sk_mc_loop+0x1d/0x210
[  202.384967][ T7979]  ip_mc_output+0x2ef/0xf70
[  202.421191][ T7979]  ? __ip_queue_xmit+0x1bf0/0x1bf0
[  202.421207][ T7979]  ? __ip_make_skb+0xf15/0x1820
[  202.421233][ T7979]  ? ip_append_data.part.0+0x170/0x170
[  202.455433][ T7979]  ? dst_release+0x62/0xb0
[  202.455452][ T7979]  ? __ip_make_skb+0xf93/0x1820
[  202.455470][ T7979]  ip_local_out+0xc4/0x1b0
[  202.455487][ T7979]  ip_send_skb+0x42/0xf0
[  202.455502][ T7979]  ip_push_pending_frames+0x64/0x80
[  202.455526][ T7979]  raw_sendmsg+0x1e6d/0x2f20
[  202.455551][ T7979]  ? compat_raw_getsockopt+0x100/0x100
[  202.455568][ T7979]  ? trace_hardirqs_on_caller+0x6a/0x220
[  202.455590][ T7979]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  202.455610][ T7979]  ? retint_kernel+0x2d/0x2d
[  202.455633][ T7979]  ? ___might_sleep+0x163/0x280
[  202.455656][ T7979]  ? __might_sleep+0x95/0x190
[  202.498030][ T7979]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  202.498057][ T7979]  ? aa_sk_perm+0x288/0x880
[  202.498080][ T7979]  ? __lock_acquire+0x548/0x3fb0
[  202.515332][ T7979]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  202.515353][ T7979]  inet_sendmsg+0x147/0x5e0
[  202.515367][ T7979]  ? compat_raw_getsockopt+0x100/0x100
[  202.515378][ T7979]  ? inet_sendmsg+0x147/0x5e0
[  202.515392][ T7979]  ? ipip_gro_receive+0x100/0x100
[  202.515418][ T7979]  sock_sendmsg+0xdd/0x130
[  202.529467][ T7979]  kernel_sendmsg+0x44/0x50
[  202.529486][ T7979]  sock_no_sendpage+0x116/0x150
[  202.529502][ T7979]  ? sock_kfree_s+0x70/0x70
[  202.529531][ T7979]  ? do_raw_spin_unlock+0x57/0x270
[  202.529563][ T7979]  inet_sendpage+0x44a/0x630
[  202.529585][ T7979]  kernel_sendpage+0x95/0xf0
[  202.529605][ T7979]  ? inet_sendmsg+0x5e0/0x5e0
[  202.712286][ T7979]  sock_sendpage+0x8b/0xc0
[  202.716683][ T7979]  ? lockdep_hardirqs_on+0x418/0x5d0
[  202.721952][ T7979]  pipe_to_sendpage+0x299/0x370
[  202.726793][ T7979]  ? kernel_sendpage+0xf0/0xf0
[  202.731551][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  202.736851][ T7979]  ? __put_page+0x92/0xd0
[  202.741178][ T7979]  ? anon_pipe_buf_release+0x1c6/0x270
[  202.746623][ T7979]  __splice_from_pipe+0x395/0x7d0
[  202.751632][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  202.756913][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  202.762183][ T7979]  splice_from_pipe+0x108/0x170
[  202.767049][ T7979]  ? splice_shrink_spd+0xd0/0xd0
[  202.771974][ T7979]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  202.778217][ T7979]  ? security_file_permission+0x94/0x380
[  202.783849][ T7979]  generic_splice_sendpage+0x3c/0x50
[  202.789140][ T7979]  ? splice_from_pipe+0x170/0x170
[  202.794203][ T7979]  do_splice+0x70a/0x13c0
[  202.798533][ T7979]  ? opipe_prep.part.0+0x2d0/0x2d0
[  202.803645][ T7979]  ? __fget_light+0x1a9/0x230
[  202.808318][ T7979]  __x64_sys_splice+0x2c6/0x330
[  202.813170][ T7979]  do_syscall_64+0x103/0x610
[  202.817785][ T7979]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  202.823677][ T7979] RIP: 0033:0x4582b9
[  202.827590][ T7979] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  202.847182][ T7979] RSP: 002b:00007fda9d39fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  202.855592][ T7979] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9
[  202.863566][ T7979] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
[  202.871533][ T7979] RBP: 000000000073bfa0 R08: 0000000000810005 R09: 0000000000000000
[  202.879517][ T7979] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fda9d3a06d4
[  202.887500][ T7979] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff
[  202.896601][ T7979] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/7979
[  202.905943][ T7979] caller is sk_mc_loop+0x1d/0x210
[  202.905961][ T7979] CPU: 0 PID: 7979 Comm: syz-executor.0 Not tainted 5.1.0-rc3-next-20190405 #19
[  202.905970][ T7979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  202.905975][ T7979] Call Trace:
[  202.905995][ T7979]  dump_stack+0x172/0x1f0
[  202.906026][ T7979]  __this_cpu_preempt_check+0x246/0x270
[  202.920071][ T7979]  sk_mc_loop+0x1d/0x210
[  202.920090][ T7979]  ip_mc_output+0x2ef/0xf70
[  202.920110][ T7979]  ? __ip_queue_xmit+0x1bf0/0x1bf0
[  202.943285][ T7979]  ? __ip_make_skb+0xf15/0x1820
[  202.943304][ T7979]  ? ip_append_data.part.0+0x170/0x170
[  202.943318][ T7979]  ? dst_release+0x62/0xb0
[  202.943335][ T7979]  ? __ip_make_skb+0xf93/0x1820
[  202.943352][ T7979]  ip_local_out+0xc4/0x1b0
[  202.943371][ T7979]  ip_send_skb+0x42/0xf0
[  202.943392][ T7979]  ip_push_pending_frames+0x64/0x80
[  202.952130][ T7979]  raw_sendmsg+0x1e6d/0x2f20
[  202.952165][ T7979]  ? compat_raw_getsockopt+0x100/0x100
[  202.962117][ T7979]  ? trace_hardirqs_on_caller+0x6a/0x220
[  203.006227][ T7979]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  203.011674][ T7979]  ? retint_kernel+0x2d/0x2d
[  203.016267][ T7979]  ? ___might_sleep+0x163/0x280
[  203.021111][ T7979]  ? __might_sleep+0x95/0x190
[  203.025786][ T7979]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  203.031423][ T7979]  ? aa_sk_perm+0x288/0x880
[  203.035931][ T7979]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  203.041487][ T7979]  inet_sendmsg+0x147/0x5e0
[  203.045980][ T7979]  ? compat_raw_getsockopt+0x100/0x100
[  203.051417][ T7979]  ? inet_sendmsg+0x147/0x5e0
[  203.056087][ T7979]  ? ipip_gro_receive+0x100/0x100
[  203.061103][ T7979]  sock_sendmsg+0xdd/0x130
[  203.065502][ T7979]  kernel_sendmsg+0x44/0x50
[  203.070022][ T7979]  sock_no_sendpage+0x116/0x150
[  203.074868][ T7979]  ? sock_kfree_s+0x70/0x70
[  203.079370][ T7979]  ? debug_check_no_obj_freed+0x211/0x444
[  203.085086][ T7979]  ? mark_held_locks+0xa4/0xf0
[  203.089832][ T7979]  inet_sendpage+0x44a/0x630
[  203.094421][ T7979]  kernel_sendpage+0x95/0xf0
[  203.099002][ T7979]  ? inet_sendmsg+0x5e0/0x5e0
[  203.103677][ T7979]  sock_sendpage+0x8b/0xc0
[  203.108085][ T7979]  ? lockdep_hardirqs_on+0x418/0x5d0
[  203.113363][ T7979]  pipe_to_sendpage+0x299/0x370
[  203.118209][ T7979]  ? kernel_sendpage+0xf0/0xf0
[  203.122962][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  203.128242][ T7979]  ? __put_page+0x92/0xd0
[  203.132555][ T7979]  ? anon_pipe_buf_release+0x1c6/0x270
[  203.137996][ T7979]  __splice_from_pipe+0x395/0x7d0
[  203.143016][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  203.148297][ T7979]  ? direct_splice_actor+0x1a0/0x1a0
[  203.153571][ T7979]  splice_from_pipe+0x108/0x170
[  203.158418][ T7979]  ? splice_shrink_spd+0xd0/0xd0
[  203.163360][ T7979]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  203.169599][ T7979]  ? security_file_permission+0x94/0x380
[  203.175231][ T7979]  generic_splice_sendpage+0x3c/0x50
[  203.180513][ T7979]  ? splice_from_pipe+0x170/0x170
[  203.185522][ T7979]  do_splice+0x70a/0x13c0
[  203.189855][ T7979]  ? opipe_prep.part.0+0x2d0/0x2d0
[  203.194964][ T7979]  ? __fget_light+0x1a9/0x230
[  203.199643][ T7979]  __x64_sys_splice+0x2c6/0x330
[  203.204504][ T7979]  do_syscall_64+0x103/0x610
[  203.209112][ T7979]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  203.215009][ T7979] RIP: 0033:0x4582b9
[  203.218898][ T7979] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  203.238579][ T7979] RSP: 002b:00007fda9d39fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  203.246975][ T7979] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9
[  203.254942][ T7979] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
[  203.262917][ T7979] RBP: 000000000073bfa0 R08: 0000000000810005 R09: 0000000000000000
[  203.270881][ T7979] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fda9d3a06d4
[  203.278830][ T7979] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff
[  203.356790][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  203.369866][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  203.378083][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  203.386137][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  203.394736][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  203.402373][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  203.412199][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  203.420666][ T7946] bridge0: port 1(bridge_slave_0) entered blocking state
[  203.427790][ T7946] bridge0: port 1(bridge_slave_0) entered forwarding state
[  203.435367][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  203.443992][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  203.452243][ T7946] bridge0: port 2(bridge_slave_1) entered blocking state
[  203.459333][ T7946] bridge0: port 2(bridge_slave_1) entered forwarding state
[  203.466857][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  203.475591][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  203.484018][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  203.492381][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  203.500923][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  203.509295][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  203.517721][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  203.526090][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  203.534416][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  203.542556][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  203.552117][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  203.560039][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  203.567884][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  203.581580][ T7960] bridge0: port 1(bridge_slave_0) entered blocking state
[  203.589401][ T7960] bridge0: port 1(bridge_slave_0) entered disabled state
[  203.597160][ T7960] device bridge_slave_0 entered promiscuous mode
[  203.611607][ T7955] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  203.633575][ T7955] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  203.642278][ T7960] bridge0: port 2(bridge_slave_1) entered blocking state
[  203.649837][ T7960] bridge0: port 2(bridge_slave_1) entered disabled state
[  203.662366][ T7960] device bridge_slave_1 entered promiscuous mode
[  203.673412][ T7947] 8021q: adding VLAN 0 to HW filter on device bond0
[  203.705469][ T7960] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  203.715434][ T7960] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  203.740046][ T7955] team0: Port device team_slave_0 added
[  203.747813][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  203.756044][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  203.776202][ T7955] team0: Port device team_slave_1 added
[  203.783579][ T7947] 8021q: adding VLAN 0 to HW filter on device team0
[  203.792139][ T7960] team0: Port device team_slave_0 added
[  203.806965][ T7960] team0: Port device team_slave_1 added
[  203.824435][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  203.833186][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  203.841437][ T2995] bridge0: port 1(bridge_slave_0) entered blocking state
[  203.848534][ T2995] bridge0: port 1(bridge_slave_0) entered forwarding state
[  203.935810][ T7955] device hsr_slave_0 entered promiscuous mode
[  203.993316][ T7955] device hsr_slave_1 entered promiscuous mode
[  204.035457][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  204.043654][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  204.052062][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  204.060437][ T7953] bridge0: port 2(bridge_slave_1) entered blocking state
[  204.067512][ T7953] bridge0: port 2(bridge_slave_1) entered forwarding state
[  204.076260][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  204.084819][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  204.095727][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  204.104352][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  204.113027][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  204.154821][ T7960] device hsr_slave_0 entered promiscuous mode
[  204.193471][ T7960] device hsr_slave_1 entered promiscuous mode
[  204.252403][ T7947] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  204.263833][ T7947] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  204.284323][ T7961] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  204.293388][ T7961] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  204.301673][ T7961] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  204.310498][ T7961] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  204.319136][ T7961] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  204.328022][ T7961] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  204.336435][ T7961] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  204.376394][ T7947] 8021q: adding VLAN 0 to HW filter on device batadv0
10:59:01 executing program 1:
socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$sock_bt_bnep_BNEPCONNDEL(0xffffffffffffffff, 0x400442c9, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_tcp(0xa, 0x1, 0x0)
pipe(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f0000000340), 0x10000014c)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, 0x0)
clock_gettime(0x0, &(0x7f00000001c0)={0x0, <r2=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b9}, &(0x7f0000000200)={0x0, r2+30000000}, &(0x7f0000000300)={0x0})
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

10:59:01 executing program 2:
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vhost-vsock\x00', 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x0})
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_dgram(r1, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x0}, 0x10)
unshare(0x20040600)
shutdown(r1, 0x0)

10:59:01 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000980)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f00000000c0)=[{0xb1, 0x0, 0x0, 0xfffffffffffffffe}, {0x6}]}, 0x10)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmmsg(r0, &(0x7f000000bb80), 0xd8, 0x0)

[  204.453704][ T7960] 8021q: adding VLAN 0 to HW filter on device bond0
[  204.516020][ T7960] 8021q: adding VLAN 0 to HW filter on device team0
[  204.535771][ T7955] 8021q: adding VLAN 0 to HW filter on device bond0
[  204.543497][ T7961] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  204.552414][ T7961] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  204.592123][ T7955] 8021q: adding VLAN 0 to HW filter on device team0
[  204.599520][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  204.613366][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  204.621745][ T7953] bridge0: port 1(bridge_slave_0) entered blocking state
[  204.628859][ T7953] bridge0: port 1(bridge_slave_0) entered forwarding state
[  204.640998][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  204.657758][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  204.667362][ T7953] bridge0: port 2(bridge_slave_1) entered blocking state
[  204.674478][ T7953] bridge0: port 2(bridge_slave_1) entered forwarding state
[  204.693303][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  204.701058][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  204.717757][ T7953] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  204.738289][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  204.748571][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  204.764088][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  204.772607][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  204.779747][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  204.811664][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  204.819837][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  204.835816][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  204.849706][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  204.861936][ T2995] bridge0: port 2(bridge_slave_1) entered blocking state
[  204.869062][ T2995] bridge0: port 2(bridge_slave_1) entered forwarding state
[  204.882939][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  204.891807][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  204.904810][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  204.913744][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  204.922396][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  204.930879][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  204.947546][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  204.955356][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  204.964073][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  204.972239][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  204.981233][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  204.990606][ T2995] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  205.006785][ T7955] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  205.017409][ T7955] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  205.031433][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  205.040162][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  205.048504][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  205.057309][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  205.065782][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  205.074093][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  205.082292][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  205.090630][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  205.098819][ T7946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  205.109372][ T7960] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  205.135719][ T7955] 8021q: adding VLAN 0 to HW filter on device batadv0
[  205.168947][ T7960] 8021q: adding VLAN 0 to HW filter on device batadv0
[  205.271029][ T3018] print_req_error: I/O error, dev loop4, sector 64 flags 0
[  205.280136][ T2490] print_req_error: I/O error, dev loop4, sector 256 flags 0
[  205.287833][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  205.299885][ T2490] print_req_error: I/O error, dev loop4, sector 512 flags 0
[  205.307670][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  205.323633][ T8027] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  205.339210][ T8027] UDF-fs: Scanning with blocksize 512 failed
[  205.357303][ T2490] print_req_error: I/O error, dev loop4, sector 64 flags 0
[  205.365094][ T2490] print_req_error: I/O error, dev loop4, sector 512 flags 0
[  205.372429][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  205.388790][ T2490] print_req_error: I/O error, dev loop4, sector 1024 flags 0
[  205.396850][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  205.407140][ T8027] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  205.417945][ T8027] UDF-fs: Scanning with blocksize 1024 failed
[  205.425347][ T2490] print_req_error: I/O error, dev loop4, sector 64 flags 0
[  205.432781][ T3018] print_req_error: I/O error, dev loop4, sector 1024 flags 0
[  205.440372][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  205.451364][ T3018] print_req_error: I/O error, dev loop4, sector 2048 flags 0
[  205.458915][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  205.468521][ T8027] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  205.476501][ T8027] UDF-fs: Scanning with blocksize 2048 failed
[  205.482962][ T3018] print_req_error: I/O error, dev loop4, sector 64 flags 0
[  205.490454][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  205.500769][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  205.510467][ T8027] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  205.518574][ T8027] UDF-fs: Scanning with blocksize 4096 failed
[  205.525257][ T8027] UDF-fs: warning (device loop4): udf_fill_super: No partition found (1)
[  205.537364][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  205.547322][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  205.557374][ T8027] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  205.565505][ T8027] UDF-fs: Scanning with blocksize 512 failed
[  205.572019][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  205.582476][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  205.592100][ T8027] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  205.600052][ T8027] UDF-fs: Scanning with blocksize 1024 failed
[  205.606913][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  205.617535][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  205.627353][ T8027] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  205.635512][ T8027] UDF-fs: Scanning with blocksize 2048 failed
[  205.642029][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  205.651826][ T8027] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  205.662178][ T8027] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
10:59:03 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x81000008912, &(0x7f0000000100)="0adc1f123c40a41d88b070")
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mixer\x00', 0x0, 0x0)
ioctl$VHOST_GET_FEATURES(r1, 0x80044dfe, &(0x7f00000000c0))

10:59:03 executing program 0:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='/\x02roup.stap\x00', 0x2761, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000000)={r0, 0x0}, 0x10)
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000080)=ANY=[@ANYBLOB="00ffffffff"])
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0xc0c0583b, 0x20000001)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getpid()
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0xe703000000000000]}, 0x2c)

10:59:03 executing program 3:
r0 = open(&(0x7f0000000280)='./bus\x00', 0x141042, 0x0)
write$UHID_INPUT(r0, &(0x7f0000001440)={0x8, "c0c814a55b6300d28afc61ac7dd1ffb869b761e8e53ee36e4be89e9fea175523e4468dec44bf8b5473c7a5062b4ede67dcb24cb9484ccfff2b3a70befc56e8ab2eee3483f5bf78c16beac035b700eb84e2216f268d02b717d2046c273814475b412437f7dc08a13a55d3c02132999dfd9fe80b750eff4d7c1da975b3835602728ae09e72527fcee19377e29c6c19e1ccce0f75e0e54001e3e83e473fa3d37eca8be1b3de565571e0e84f310c11fa8616068113b038aaa5c69967699fc2aa41c6f26fc22cf68e3577242c9b4ca20fab9de5885e0648fbd7af089b05f38f152d2f8144461608733c567b6dc5d2a07022c3764565c85abcfd99dd7a85e58939278235d50e8b321be7dbaa5141e097c28364fad2f713d666ca94f4e429687fcabb72aceeaf8abe5b506d98dc393b6e97492d785ead0ca2953f92c4d2b2c9f616e3d98b36be55a923fc5892413f7a3b615cec89b52e0ecdcee0aa5af72bcbb91b4bade7435dd8b529feaf13f8b48fcaca5952235d2e909f8831d8ca05a0daa3f6c581f388e0c1879b41fe63ef3d122bd0c5acd4fb07b96797918791075ae7383bb1bbdea574b31301ff37ecc45671ee2e7fc55bf6244025d1fd82dca56a42a23aa826a0b1e102bd87893ddc05649304eb1866c796e46e0d57f552bd572891ef892918bb2e7f2c6bcf68f388ea0c50f48c06de1b46b1434cdf25ca1288ebabe2a33d1c6effb77f91ef75471e93952caeda8ac2b2677e46d62b8366922d093832bccb949e177b4417864812d22972d81d89158288b5318d017329d4e8f66273abf74c434f318ebf32c7629342a85336387231b1e579d57cff0b125bef9dddf0fc33f71cb59d5a8972cda06ba6bba4a89cb8d3b465492c431698984998b2979ea61fed3d99b049724f2bdda5a0700ccb28825da1343f41290e569a6d38d4ae3968147cf39b097efd78e058fc71523c12e724bf93dc4ecc02b5cb18d13b59ec8f85368ac1ea93ed0149c60c53569dc69cdb3f37470eab26ef010b03a7e651b9e8e9065da347660836eddb3988c9a0f394aad055f727310f646d6cb35131d02aaf24735792bfce250798bebf0d1a4495fca568b9449e81afef2937b50faf873257d7efa07d31759474d50ca2a7922e79ab47dd59b11dfd1ec43fef3551aed81d01ee4ab997c6cecc39013dcaa442aec803e4cebbc288b4f9e87b30613f0ec88ddc6f60f56787f4040897e6e6bdac317d74b27f97f2efadb031f03c61954fd0232373582b7fa315d3eb9f67053126d2ed0636f04d669c47bdeb078fbda177533902e20b5ce9d8f395ea4c0aaf2cae774fe99bc40105a9ca184bcb598ab2f49c1df62d32d1a6d73a26812cb47a2ccaf0e9b759df89ad1e18238d897b9fd658f6786a92a0c12bd0ee6dad8a430a67962363e5b9afb3329e4f1f6fcd7e63cb8f24872bcf5b8c349d9ce423666ca39f16884219dea338b388e40f4ad996419cb3858637364d8e5af67f846d77b2749115131a3642ef56681315e4a2cbca5e60febabf693570f515e09c2a8994a8e2be3cba28118ef429d4de781118182607dd2c2d5aaba621ea29c140338bd8f1787fd2a3f43bb7fa22a8ce053adb331a4c78eab569af317e14360a6bf1c8b7394f34bfc1a941ac88dab334d5a2d45fc83bee28884698fd82339c972a06efb369220049ca89727513bd4262ad6f94f55f659ec98b684b1d92e1b6a303548a196cc5316e9845baaf01e737ef047d3d1ac4fe13de618e8fd6471c225e688b73b866213f4765c1a1ecf041f66a11177b0425b0423c455dccfa35a34f3b1c4c9850267bd41dcc366f4f8fef6982699e9aee7f3edff90217c84f6865234676e65911e5e99739792161766e959d061d6e86797b595ae3cffc043da0929dce1b4bd27e04532800f14f69398a681d46f00197f547fa138e676a4c84e586e9a2037faad7d7342221c229ff13606688ab70305dc28d01270604fbcb2b5777541e637a10e7d6c2dfa76461b18c8b303234282f31b7ed8afd0cdcc3978c6520a182000ea312296c7d9df08c2a67b944bc519113822014a831c8d6a7f8d26a7a443666b6077bdc1c11cf47001bcbb484d163543445c77a02140191bbb813da818b4dc3ef1ca420f624e5cb67c48024aeb8691b549202750899938067a3ad49da19e9fffc6486b3525fba8b2ff991fb3b4c1a536818f2dad96f713ac264a22136c6a3a9eacb4f69ab08cfe2b971a7d916833c6a0370d4b0bc428db2e4b4013899668b73caf9c983e2f07e46b4b5b4f0d231edee8b1951e1d0e34c881d1fc5c6be05b92b13680398e7109bd18048f0bd980fceb24e59411873e7a8a7f95f4da2ba5c082fdda710361e163a213a3dbb82c08a69020545da4636c09a67cd962182a011cf5eb1c3d999abc7b834ee518bb53afe19941927ca190699abf79c334c52e206fc851deb7398947ad5bd125ef3f51349497142e921c85506c739f6319ae0eb8e3c551ceb7e16afc2d6aad36841ed8eb560ef984ee5e00f1ead2c646546b3c145e3700b07fc257551641cf3dcb76a8b3cc75994f2c3eb521cea22d64c8b72b2de506fde8185b70b4707b7f571668a5925ca21e605904d7c896a5d7290b9c4fc75ecc7ddbbd7f6f003a74f53d1a5432e0377a3efce1e7ac61e36dc13aeea57400d4d3986db3fccb6edaf83f86daeb42f416f58c502e74178e013b399d0b155e0df86b40b5f3f2ab0ad61c90870cee340c07977b55622699101e5372677dd4e208fa6b5d4834a2d6f37b2ead107218aa0e702d1f6a60bd4ad3a2e22807237129fdc02993ef1fffe3c285bd4f7b093b2da8d772ce2df7874bf9b7fd0893eb66a4931acc38129bfe4a8fc6b28ea83bcca1220b66c86d4d90914bb9e9a425fce618f11b66f93aa78515eac0f3956cb1e8b6f12d7f6f22c1ca5563e280b15c64732aec2a37d6010cee0fd2263ea3ea2011043153284b4a5fc87cc0dd8c36f084ce715a6e9ba3e8b2586726255d122f2b5677d6590405ae031df8f83840ef3011a7f5d18037407758270d980aa65d5a4aa26a35a61b65178b6183b282771e89a8fe47bd3ea5a23146b924a47c3cc2540a9c8d91d4a8924e010fb6d3e60457e0aa86749cc3444707fda055a0f489aecda68af7f0d7d31cf25641a10bcc0d00996cddf9059121639fa3ff2e5490bae6b702fcf226d8e50f27f0973e5e4cf543445524d0fe3bd55d3f215978bfabcba0d44c076f5b333b2095c70f6a5426338bf0c065ddce27f6730606d84d1ccef8cebcd15085fa8a5d0975dc47eeb09a4ab6da21d01916c97f4e266c4b01f2bfb3b6a08bb5a7cf834e56782d824e7c55b591cd883ed9e806a4f7033bbab49a2b8ab2cb0f6da9d76968208236b35a51f8eba3769a676ad60d69c475706a630f3a078ebaa6ba5bc25719867cb61d48cc3a381b261165c04f3c93f37d72fc15f43df1de34e24e80a46f5d15fb362e71cb4a5365dde04a53dc5e42745fbd601ff148db416244dd76ac16f24138ef9a02491eb5b48d731a8bdcd46040d0ff11a07c040b83db84bfd21ffb1d818203cb7d3f8fca47f1dc510afa8219ab031aaba2147aed7c50228930e895a72abf55ca6997131e231ea92e0059b680735548adf2d572c3540e096a644deb3750e3b341bbeffee70ff22e0b4e56142e4c1965c01a646dd9b5b0055f88f08987ad45adb844b9ffc84792073048c28bcb60f2666802052ee45dcd9a2950d55ecf0234a3dcf67e83cfa0bfb1285eb54e6292d8075c9e1b459e48556f416898557c9c864fc5de459feb53e33dd1a6860a2d1a836ab5ff6efaee123b3715a7137787ee4345efbce38074e262f363a8ff400345c8539d44a7286c7291246810bce063f0877db6585842380b530a4aaef6e36779a95fed220cef6c1fff2fdd5031f83987dc3282d432f322852cc9dc6d00c59d5ed83b386ff97c521e528e59f2df932467ac02d17f8818c2de26d69725f42cecaf186fab7b6e10b1ebd9a9a12ed83cd382d9a6f9a9bed2736cb0ec0260057f5ec704d2e1a64caad59e02ff2022174b23564cb0942e6769b12e0ae4d65dc4c5e6b6ceaf2667e085909c93a9768b7bfdac612801c0bc3848bad51e2367f788cbd1c5091ce0e9c567528c72003712e91247d87f1ff60d3865fc687a35886822079392f8d151b89e09469bef98e59139c460a53805a93245148cbb9a6a010dadc87e9b1a0e0a89e87e433ff1c0ad4b125760858c8badff4d82cbd31cf88f3e2e16a4e960e1e0b5825fc0f2b21d660cf60069d43fb6a8a96c44fa922164f02c9cd5ebb6fad848871224d157777b5a70dc6deb988506bd03aa4ce2200e9ce23641221784250c22d2c8635a3512f45d433cf66e158eb261f48a23d54f5ef4358df3487da471eb5775bdba565ee170be126b2300d0dad050212606f2d77a63fa2ab430e62670e852b89944e611509415bee36bf0961c8918bd8b0eb8af45b1a9d0420c7101a9c5f4a63efb9cc8de7897b5e2b02cb5885ad8d0d8ac7754ba8d4e9d37175e614e3f3a6a7b122bbc6dd9ce78f1b9a4e940a1160bb85650d8932fe1a82d0525630ba017be5129625a45c3cae66c7cdaa33ee704791db81ef2e11a2f528974fa388cd929c934dbdb21425e6117839ab33b2926b036457db3a43083c3ec17231aed4ee5b607a45a5735c9470c03a424b43efcea953c078717344aeb1449c0dfa3a3ec224b542c16cf735466bdaf26b522aef1db547b14f07ebd4f5da34426a46007757be47ed3f643c47f2c4467762cd049d6f4cf8a78d04f8318bdedcee80871e91c0330499d88254555c456d9bde8a892394267eac15c230cf7e7ba19ebc01b1905c80476de3cea8258f6d0820d159f4aa8a37fb378b2685da4e0e89d253187219869f1157bbe4a8a43eabf65e86a6d9b21e25d91c43c3036914427833ed87073886719069148e2e47219bb5da5d9664d64dc5c4ff71c0e808dadbb53a23e41e3c02fd0c9e0704490f3283d1864d15d795882e6522f31445556cab6832f273dac0c7aef4e3f8c09a34d1624fdb087d852f2e827fb2c3105f1afda54b9dc12cfde3cf7747daa5ac70904e82636a13155303f9a1198d6e7f9dc7be394ebc5db9e8380e290e6cae5f320caa56aa94490789fce2e2540b3de8865396f58e14d61d3cb122f7bd1af5a27c6fe733eba3cc39106efc906ea967fb833e2480aa80bd56ccd9e5c25304e2b8135f1453af70059e599cb67bc8eaaa38c39768e74d3da8aba0135f0192d7ddf0149ce62f353b0360251f1f88b272c6e85b4ee4e0563a6de80de83749af6e6aa4d80cab7031aff3f7e8d0c9114940549f828a62be9fd6a16db001369728b4b93d4ecf91563ae03def3ca4e9900a97657c4ff1e41c5742fb3329ba882ed61645aedb22f2543b83cd4007e5d228697a48064acc32ece41f2d5ead3f31a9689249e8b4bb57ac0b136b6c60ec531708235b94db823344aafbb9b79e21959635664b2193c3add0b28767906b7ba4118e6548e9a23b49e9181dc6f7dc7857425c9ab1b1451bc4572fd060190d0b5a76b8368b68e72a212bd0f89d0778d293b1d32f155f30c9aafe7215d2e746ea8f2c73a30bcd8c093a489519b60616b15afe69074ee77fb65caf5faf0aad49106057a91fdcd622a07ac21eb5c221f2e65323228af41b3eb894517c34c4f60ba20fb6f6c4309a7357884c0eeeb0a4874550107f2d0ffdc412f86bdf712f96183b3932cfb4da3f179cde1a288df9af09c243fae8c67b0d208d9cdb7adde8d5e548e0624b19da4818ef656b88280a", 0x1000}, 0xfffffc41)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fadvise64(r0, 0xfffffffffffffffc, 0x0, 0x1000000004)

10:59:03 executing program 1:
socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$sock_bt_bnep_BNEPCONNDEL(0xffffffffffffffff, 0x400442c9, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_tcp(0xa, 0x1, 0x0)
pipe(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f0000000340), 0x10000014c)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, 0x0)
clock_gettime(0x0, &(0x7f00000001c0)={0x0, <r2=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b9}, &(0x7f0000000200)={0x0, r2+30000000}, &(0x7f0000000300)={0x0})
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

10:59:03 executing program 5:
r0 = memfd_create(&(0x7f0000000300)='\vemI\xc1\x8dO\xc0\xa3\\\xe2\xcb\xa2\xba\xcb\xf4\x97\xac#*\xff\xc0\xd0\xe7\x99y\x05\f\xb9\x15R8\xce1\xb3\xd6\xcf\xbf\xaa\x88\xcb\xf0\x1cw61\x9f\xc2\x85+\x87  \\\xde\xde\x0f<HC\x90\xf4F\v\x1c,\x9c\xb5\x1b\xf7\x02s\xdf\xca\xf1+\xae\xc71\b\xad\x8f\xc2\xcb\r\xfb\xdd\x18t\xce\xeb\x81H\xb8;\xd5\xe02\xac\xb3\xc24\xf705\xf8\x158d\x8a.\xaau\xf6\xa6d\xd6\xf3\xb2(e\xfai\xb5\x9e\xe4\xbd\x8e\x17\xab\x11y\xdc\x19t!f\xba\x9f5y\xe9\x94\x0eTu\x8f\xb3):9\xd2\xf96\xfb\xb3\x82', 0x0)
write(r0, &(0x7f0000000040)="0600", 0x2)
write$FUSE_NOTIFY_STORE(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="40000000000025000400000005007400000000000000200000000000"], 0x1c)
sendfile(r0, r0, &(0x7f0000001000), 0xffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x8, 0x1)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000000c0), 0x2, 0x7}}, 0x20)
write$RDMA_USER_CM_CMD_DISCONNECT(r2, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f000002eff0)={0x32b, &(0x7f0000000000)=[{}]}, 0x10)

10:59:03 executing program 2:
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}})
read$FUSE(r0, &(0x7f0000002000), 0x1000)
stat(&(0x7f0000000080)='./file0/file0\x00', 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f0000000180)={0x33, 0x3, 0x0, {0x1, 0x12, 0x0, 'cgroupcgroupcpuset'}}, 0x33)
write$FUSE_DIRENTPLUS(r0, &(0x7f00000005c0)={0xc8, 0x0, 0x1, [{{}, {0x0, 0x0, 0x1c, 0x0, '+system\xcccpusetcgroup$cgroup\x15'}}]}, 0xc8)

[  205.671859][ T8027] UDF-fs: Scanning with blocksize 4096 failed
[  205.678029][ T8027] UDF-fs: warning (device loop4): udf_fill_super: No partition found (1)
10:59:03 executing program 4:
r0 = memfd_create(&(0x7f0000000300)='\vemI\xc1\x8dO\xc0\xa3\\\xe2\xcb\xa2\xba\xcb\xf4\x97\xac#*\xff\xc0\xd0\xe7\x99y\x05\f\xb9\x15R8\xce1\xb3\xd6\xcf\xbf\xaa\x88\xcb\xf0\x1cw61\x9f\xc2\x85+\x87  \\\xde\xde\x0f<HC\x90\xf4F\v\x1c,\x9c\xb5\x1b\xf7\x02s\xdf\xca\xf1+\xae\xc71\b\xad\x8f\xc2\xcb\r\xfb\xdd\x18t\xce\xeb\x81H\xb8;\xd5\xe02\xac\xb3\xc24\xf705\xf8\x158d\x8a.\xaau\xf6\xa6d\xd6\xf3\xb2(e\xfai\xb5\x9e\xe4\xbd\x8e\x17\xab\x11y\xdc\x19t!f\xba\x9f5y\xe9\x94\x0eTu\x8f\xb3):9\xd2\xf96\xfb\xb3\x82', 0x0)
write(r0, &(0x7f0000000040)="0600", 0x2)
write$FUSE_NOTIFY_STORE(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="40000000000025000400000005007400000000000000200000000000"], 0x1c)
sendfile(r0, r0, &(0x7f0000001000), 0xffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0)
ioctl$VIDIOC_S_TUNER(0xffffffffffffffff, 0x4054561e, &(0x7f0000000100)={0x70, "968043e9a3fbb74d932eba27a645939f3c8d76a09305cf50103b35675484ce1b", 0x3, 0x220, 0x0, 0x0, 0x11, 0x0, 0x0, 0x7})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000000c0), 0x2, 0x7}}, 0x20)
write$RDMA_USER_CM_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f000002eff0)={0x32b, &(0x7f0000000000)=[{}]}, 0x10)

10:59:03 executing program 0:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='/\x02roup.stap\x00', 0x2761, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000000)={r0, 0x0}, 0x10)
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000080)=ANY=[@ANYBLOB="00ffffffff"])
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0xc0c0583b, 0x20000001)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getpid()
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0xe703000000000000]}, 0x2c)

10:59:03 executing program 0:
socketpair$unix(0x1, 0x100000000001, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
request_key(&(0x7f00000002c0)='asymmetric\x00', &(0x7f0000001ffb), &(0x7f0000001fee)='R\trust\xe3cusgrVex:De', 0x0)

10:59:03 executing program 0:
r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1fb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_int(0xffffffffffffff9c, &(0x7f00000000c0)='notify_on_release\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x1a, 0x9, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, [@jmp={0x5, 0x4, 0x1, 0xf, 0xa, 0x10, 0x4}, @exit, @jmp={0x5, 0xaf03, 0x4, 0x5, 0xe, 0x6, 0x4}, @ldst={0x0, 0x2, 0x7, 0x1, 0x3, 0xffffffffffffffff, 0xfffffffffffffffd}, @call={0x85, 0x0, 0x0, 0x51}, @generic={0x7, 0xfffffffffffffffe, 0x6, 0x8000, 0x3}]}, &(0x7f0000000200)='syzkaller\x00', 0x4, 0x3, &(0x7f0000000240)=""/3, 0x41f00, 0x1, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x7, 0x9}, 0x8, 0x10, &(0x7f00000002c0)={0x0, 0xfffffffffffff800, 0x4, 0x5}, 0x10}, 0x70)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x0)
write$cgroup_int(r1, &(0x7f0000000080), 0x297ef)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x5)

10:59:04 executing program 5:
r0 = memfd_create(&(0x7f0000000300)='\vemI\xc1\x8dO\xc0\xa3\\\xe2\xcb\xa2\xba\xcb\xf4\x97\xac#*\xff\xc0\xd0\xe7\x99y\x05\f\xb9\x15R8\xce1\xb3\xd6\xcf\xbf\xaa\x88\xcb\xf0\x1cw61\x9f\xc2\x85+\x87  \\\xde\xde\x0f<HC\x90\xf4F\v\x1c,\x9c\xb5\x1b\xf7\x02s\xdf\xca\xf1+\xae\xc71\b\xad\x8f\xc2\xcb\r\xfb\xdd\x18t\xce\xeb\x81H\xb8;\xd5\xe02\xac\xb3\xc24\xf705\xf8\x158d\x8a.\xaau\xf6\xa6d\xd6\xf3\xb2(e\xfai\xb5\x9e\xe4\xbd\x8e\x17\xab\x11y\xdc\x19t!f\xba\x9f5y\xe9\x94\x0eTu\x8f\xb3):9\xd2\xf96\xfb\xb3\x82', 0x0)
write(r0, &(0x7f0000000040)="0600", 0x2)
write$FUSE_NOTIFY_STORE(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="40000000000025000400000005007400000000000000200000000000"], 0x1c)
sendfile(r0, r0, &(0x7f0000001000), 0xffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x8, 0x1)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000000c0), 0x2, 0x7}}, 0x20)
write$RDMA_USER_CM_CMD_DISCONNECT(r2, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f000002eff0)={0x32b, &(0x7f0000000000)=[{}]}, 0x10)

10:59:04 executing program 2:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="803ff8fffffffeffffff038a7e7164006cff9900000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53efdb56108e53b3994b2cc86d95687df2409c1be2", 0x4d, 0x400}], 0x0, 0x0)

10:59:04 executing program 4:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(des3_ede)\x00'}, 0x58)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000040)="0aed1f123c12a41d88b070")
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000400)="de75e1fe7d087634b214a3765ba0017995103a08917fc2a1", 0x18)

10:59:04 executing program 1:
socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$sock_bt_bnep_BNEPCONNDEL(0xffffffffffffffff, 0x400442c9, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_tcp(0xa, 0x1, 0x0)
pipe(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f0000000340), 0x10000014c)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, 0x0)
clock_gettime(0x0, &(0x7f00000001c0)={0x0, <r2=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b9}, &(0x7f0000000200)={0x0, r2+30000000}, &(0x7f0000000300)={0x0})
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  206.723575][ T8083] EXT4-fs (loop2): invalid first ino: 0
10:59:04 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xf, 0x3, &(0x7f0000000280)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x50, 0x54}}, &(0x7f0000000140)='GPL\x00', 0x1, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

10:59:04 executing program 2:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="803ff8fffffffeffffff038a7e7164006cff9900000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53efdb56108e53b3994b2cc86d95687df2409c1be2", 0x4d, 0x400}], 0x0, 0x0)

10:59:04 executing program 3:
r0 = socket$inet6(0xa, 0x801, 0x0)
r1 = dup(r0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
read$rfkill(r1, &(0x7f0000000140), 0x8)
sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
syz_emit_ethernet(0x7ffff, &(0x7f0000000080)={@local, @local, [], {@ipv4={0x800, {{0x8, 0x4, 0x0, 0x0, 0x21c, 0x0, 0x0, 0x0, 0xf42f, 0x0, @dev, @remote={0xac, 0x14, 0x223}}, @icmp=@timestamp_reply={0xffffff83, 0xa, 0x0, 0x0, 0x0, 0x8906, 0xf0ffffffffffff}}}}}, &(0x7f0000000040))
setsockopt$packet_int(r3, 0x107, 0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
setsockopt$packet_tx_ring(r3, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x44)
ftruncate(r2, 0x2007fff)
sendfile(r1, r2, 0x0, 0x8000fffffffe)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000002c0)="0adc1f123c123f3188b070")

10:59:04 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0xe21}, 0x10)
r3 = dup(r1)
bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e21, 0x0, @ipv4={[], [], @local}}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e1d, 0x0, @empty}, 0x1c)
r4 = syz_open_procfs(0x0, &(0x7f0000000240)='net/udp6\x00')
sendfile(r1, r4, 0x0, 0x1000003)

[  207.017201][ T8106] EXT4-fs (loop2): invalid first ino: 0
10:59:04 executing program 4:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x2}, 0x10)
r1 = socket$inet(0x2, 0x3, 0x1c)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0ad401003c123f319bd070")
ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000580)=0xffffffffffffffff)
ioctl$int_in(r0, 0x100005452, &(0x7f0000000040)=0x19b)
sendto$inet(r0, 0x0, 0x0, 0x900000020000000, &(0x7f0000000000)={0x2, 0x2, @local}, 0x10)
sendto$inet(r0, &(0x7f00000001c0)="a5fe9e7be7060850100792f46b647308d3e2a67328969288734cc698158a84b40408261762639ee5e5881d4fb471fcb9639d30513ab42a04f920d8c1fa0c6ed49b0028fda44d1e69121bd2ff68125d42c7beccab2998e3392614583dd729cd341292ded369a34c4c75e12e8e0f519531fc8f11e74b74f2e5ad24cd0ab65395a2307394f48438306edcbb2ad2261f7535abea9833df32f75d92d392390b4fef75c9923a1745b53c", 0xa7, 0x8801, 0x0, 0x0)

10:59:04 executing program 2:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="803ff8fffffffeffffff038a7e7164006cff9900000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53efdb56108e53b3994b2cc86d95687df2409c1be2", 0x4d, 0x400}], 0x0, 0x0)

10:59:04 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0xe21}, 0x10)
r3 = dup(r1)
bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e21, 0x0, @ipv4={[], [], @local}}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e1d, 0x0, @empty}, 0x1c)
r4 = syz_open_procfs(0x0, &(0x7f0000000240)='net/udp6\x00')
sendfile(r1, r4, 0x0, 0x1000003)

[  207.241353][ T8121] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[  207.290474][ T8124] EXT4-fs (loop2): invalid first ino: 0
[  207.311309][ T8121] check_preemption_disabled: 6 callbacks suppressed
[  207.311335][ T8121] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.3/8121
[  207.327622][ T8121] caller is ip6_finish_output+0x335/0xdc0
[  207.334110][ T8121] CPU: 1 PID: 8121 Comm: syz-executor.3 Not tainted 5.1.0-rc3-next-20190405 #19
[  207.343138][ T8121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  207.353198][ T8121] Call Trace:
[  207.356500][ T8121]  dump_stack+0x172/0x1f0
[  207.360845][ T8121]  __this_cpu_preempt_check+0x246/0x270
[  207.366413][ T8121]  ip6_finish_output+0x335/0xdc0
[  207.371379][ T8121]  ip6_output+0x235/0x7f0
[  207.375735][ T8121]  ? ip6_finish_output+0xdc0/0xdc0
[  207.380864][ T8121]  ? ip6_fragment+0x3980/0x3980
[  207.385738][ T8121]  ip6_xmit+0xe41/0x20c0
[  207.390005][ T8121]  ? ip6_finish_output2+0x2550/0x2550
[  207.395397][ T8121]  ? mark_held_locks+0xf0/0xf0
[  207.400177][ T8121]  ? ip6_setup_cork+0x1870/0x1870
[  207.406729][ T8121]  inet6_csk_xmit+0x2fb/0x5d0
[  207.411428][ T8121]  ? inet6_csk_update_pmtu+0x190/0x190
[  207.416903][ T8121]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  207.423159][ T8121]  ? csum_ipv6_magic+0x20/0x80
[  207.427947][ T8121]  __tcp_transmit_skb+0x1a32/0x3750
[  207.433170][ T8121]  ? __tcp_select_window+0x8b0/0x8b0
[  207.438475][ T8121]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  207.444724][ T8121]  ? tcp_fastopen_no_cookie+0xe0/0x190
[  207.450199][ T8121]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  207.456459][ T8121]  tcp_connect+0x1e47/0x4280
[  207.461070][ T8121]  ? tcp_push_one+0x110/0x110
[  207.465760][ T8121]  ? secure_tcpv6_ts_off+0x24f/0x360
[  207.471052][ T8121]  ? secure_dccpv6_sequence_number+0x280/0x280
[  207.477211][ T8121]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  207.483462][ T8121]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  207.489709][ T8121]  ? prandom_u32_state+0x13/0x180
[  207.494742][ T8121]  tcp_v6_connect+0x150b/0x20a0
[  207.499598][ T8121]  ? tcp_sendmsg_locked+0x2170/0x37f0
[  207.504983][ T8121]  ? tcp_v6_conn_request+0x2b0/0x2b0
[  207.510462][ T8121]  ? __switch_to_asm+0x34/0x70
[  207.515225][ T8121]  ? __switch_to_asm+0x40/0x70
[  207.520103][ T8121]  ? find_held_lock+0x35/0x130
[  207.524873][ T8121]  ? fs_reclaim_acquire.part.0+0x30/0x30
[  207.530516][ T8121]  __inet_stream_connect+0x83f/0xea0
[  207.535809][ T8121]  ? tcp_v6_conn_request+0x2b0/0x2b0
[  207.541098][ T8121]  ? __inet_stream_connect+0x83f/0xea0
[  207.546570][ T8121]  ? inet_dgram_connect+0x2e0/0x2e0
[  207.551772][ T8121]  ? tcp_sendmsg_locked+0x2170/0x37f0
[  207.557146][ T8121]  ? rcu_read_lock_sched_held+0x110/0x130
[  207.562872][ T8121]  ? kmem_cache_alloc_trace+0x354/0x760
[  207.568423][ T8121]  ? __lock_acquire+0x548/0x3fb0
[  207.573371][ T8121]  tcp_sendmsg_locked+0x231f/0x37f0
[  207.578573][ T8121]  ? mark_held_locks+0xf0/0xf0
[  207.583348][ T8121]  ? mark_held_locks+0xa4/0xf0
[  207.588121][ T8121]  ? tcp_sendpage+0x60/0x60
[  207.592625][ T8121]  ? lock_sock_nested+0x9a/0x120
[  207.597567][ T8121]  ? trace_hardirqs_on+0x67/0x230
[  207.602598][ T8121]  ? lock_sock_nested+0x9a/0x120
[  207.607646][ T8121]  ? __local_bh_enable_ip+0x15a/0x270
[  207.613034][ T8121]  tcp_sendmsg+0x30/0x50
[  207.617292][ T8121]  inet_sendmsg+0x147/0x5e0
[  207.621797][ T8121]  ? ipip_gro_receive+0x100/0x100
[  207.626830][ T8121]  sock_sendmsg+0xdd/0x130
[  207.631267][ T8121]  __sys_sendto+0x262/0x380
[  207.635778][ T8121]  ? __ia32_sys_getpeername+0xb0/0xb0
[  207.641196][ T8121]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  207.647485][ T8121]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  207.652945][ T8121]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  207.658407][ T8121]  ? do_syscall_64+0x26/0x610
[  207.663087][ T8121]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  207.669161][ T8121]  __x64_sys_sendto+0xe1/0x1a0
[  207.673932][ T8121]  do_syscall_64+0x103/0x610
[  207.678528][ T8121]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  207.684420][ T8121] RIP: 0033:0x4582b9
[  207.688318][ T8121] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  207.707920][ T8121] RSP: 002b:00007f7d35b49c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  207.716334][ T8121] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9
[  207.724309][ T8121] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  207.732284][ T8121] RBP: 000000000073bf00 R08: 00000000200000c0 R09: 000000000000001c
10:59:05 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xf7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x7ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r0 = syz_open_dev$sndtimer(&(0x7f0000000180)='/dev/snd/timer\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000001c0)={{0xffffffffffffffff}})

[  207.740264][ T8121] R10: 0000000020000008 R11: 0000000000000246 R12: 00007f7d35b4a6d4
[  207.748238][ T8121] R13: 00000000004c59b6 R14: 00000000004d9d10 R15: 00000000ffffffff
[  207.782097][ T8121] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.3/8121
[  207.791634][ T8121] caller is ip6_finish_output+0x335/0xdc0
[  207.797440][ T8121] CPU: 1 PID: 8121 Comm: syz-executor.3 Not tainted 5.1.0-rc3-next-20190405 #19
[  207.806464][ T8121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  207.816516][ T8121] Call Trace:
[  207.819815][ T8121]  dump_stack+0x172/0x1f0
[  207.824165][ T8121]  __this_cpu_preempt_check+0x246/0x270
[  207.829726][ T8121]  ip6_finish_output+0x335/0xdc0
[  207.834683][ T8121]  ip6_output+0x235/0x7f0
[  207.839036][ T8121]  ? ip6_finish_output+0xdc0/0xdc0
[  207.844159][ T8121]  ? ip6_fragment+0x3980/0x3980
[  207.849034][ T8121]  ip6_xmit+0xe41/0x20c0
[  207.853294][ T8121]  ? ip6_finish_output2+0x2550/0x2550
[  207.858669][ T8121]  ? mark_held_locks+0xf0/0xf0
[  207.863440][ T8121]  ? ip6_setup_cork+0x1870/0x1870
[  207.868485][ T8121]  inet6_csk_xmit+0x2fb/0x5d0
[  207.873166][ T8121]  ? inet6_csk_update_pmtu+0x190/0x190
[  207.878622][ T8121]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  207.884866][ T8121]  ? csum_ipv6_magic+0x20/0x80
[  207.889634][ T8121]  __tcp_transmit_skb+0x1a32/0x3750
[  207.894830][ T8121]  ? memcpy+0x46/0x50
[  207.898821][ T8121]  ? __tcp_select_window+0x8b0/0x8b0
[  207.904114][ T8121]  ? tcp_rbtree_insert+0x188/0x200
[  207.909226][ T8121]  tcp_send_synack+0x4b0/0x15b0
[  207.914091][ T8121]  ? tcp_send_active_reset+0x8e0/0x8e0
[  207.919551][ T8121]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  207.925785][ T8121]  ? tcp_sync_mss+0x2ee/0xa30
[  207.930463][ T8121]  tcp_rcv_state_process+0x225d/0x4d93
[  207.935926][ T8121]  ? tcp_finish_connect+0x510/0x510
[  207.941120][ T8121]  ? __lock_acquire+0x548/0x3fb0
[  207.946402][ T8121]  ? trace_hardirqs_on+0x67/0x230
[  207.951451][ T8121]  ? __release_sock+0xca/0x3a0
[  207.956212][ T8121]  ? find_held_lock+0x35/0x130
[  207.960982][ T8121]  ? mark_held_locks+0xa4/0xf0
[  207.965750][ T8121]  ? __local_bh_enable_ip+0x15a/0x270
[  207.971116][ T8121]  ? _raw_spin_unlock_bh+0x31/0x40
[  207.976224][ T8121]  ? __local_bh_enable_ip+0x15a/0x270
[  207.981604][ T8121]  tcp_v6_do_rcv+0x7da/0x12c0
[  207.986283][ T8121]  ? tcp_v6_do_rcv+0x7da/0x12c0
[  207.991143][ T8121]  __release_sock+0x12e/0x3a0
[  207.995829][ T8121]  release_sock+0x59/0x1c0
[  208.000258][ T8121]  tcp_sendmsg+0x3b/0x50
[  208.004502][ T8121]  inet_sendmsg+0x147/0x5e0
[  208.009001][ T8121]  ? ipip_gro_receive+0x100/0x100
[  208.014035][ T8121]  sock_sendmsg+0xdd/0x130
[  208.018453][ T8121]  __sys_sendto+0x262/0x380
[  208.022958][ T8121]  ? __ia32_sys_getpeername+0xb0/0xb0
[  208.028343][ T8121]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  208.034599][ T8121]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  208.040076][ T8121]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  208.045534][ T8121]  ? do_syscall_64+0x26/0x610
[  208.050212][ T8121]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  208.056293][ T8121]  __x64_sys_sendto+0xe1/0x1a0
[  208.061064][ T8121]  do_syscall_64+0x103/0x610
[  208.065660][ T8121]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  208.071548][ T8121] RIP: 0033:0x4582b9
[  208.075440][ T8121] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  208.095047][ T8121] RSP: 002b:00007f7d35b49c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  208.103460][ T8121] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9
[  208.111423][ T8121] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  208.119399][ T8121] RBP: 000000000073bf00 R08: 00000000200000c0 R09: 000000000000001c
[  208.127372][ T8121] R10: 0000000020000008 R11: 0000000000000246 R12: 00007f7d35b4a6d4
[  208.135337][ T8121] R13: 00000000004c59b6 R14: 00000000004d9d10 R15: 00000000ffffffff
10:59:05 executing program 5:
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000200)={@multicast1, @local}, 0xc)

10:59:05 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0xe21}, 0x10)
r3 = dup(r1)
bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e21, 0x0, @ipv4={[], [], @local}}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e1d, 0x0, @empty}, 0x1c)
r4 = syz_open_procfs(0x0, &(0x7f0000000240)='net/udp6\x00')
sendfile(r1, r4, 0x0, 0x1000003)

10:59:05 executing program 1:
socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$sock_bt_bnep_BNEPCONNDEL(0xffffffffffffffff, 0x400442c9, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_tcp(0xa, 0x1, 0x0)
pipe(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f0000000340), 0x10000014c)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, 0x0)
clock_gettime(0x0, &(0x7f00000001c0)={0x0, <r2=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b9}, &(0x7f0000000200)={0x0, r2+30000000}, &(0x7f0000000300)={0x0})
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  208.150441][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  208.156430][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  208.164567][ T8121] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.3/8121
[  208.173963][ T8121] caller is ip6_finish_output+0x335/0xdc0
[  208.179699][ T8121] CPU: 1 PID: 8121 Comm: syz-executor.3 Not tainted 5.1.0-rc3-next-20190405 #19
[  208.188799][ T8121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  208.198848][ T8121] Call Trace:
[  208.202127][ T8121]  dump_stack+0x172/0x1f0
[  208.206450][ T8121]  __this_cpu_preempt_check+0x246/0x270
[  208.211980][ T8121]  ip6_finish_output+0x335/0xdc0
[  208.216902][ T8121]  ip6_output+0x235/0x7f0
[  208.221215][ T8121]  ? ip6_finish_output+0xdc0/0xdc0
[  208.226329][ T8121]  ? ip6_fragment+0x3980/0x3980
[  208.231203][ T8121]  ip6_xmit+0xe41/0x20c0
[  208.235436][ T8121]  ? ip6_finish_output2+0x2550/0x2550
[  208.240789][ T8121]  ? mark_held_locks+0xf0/0xf0
[  208.245536][ T8121]  ? ip6_setup_cork+0x1870/0x1870
[  208.250551][ T8121]  inet6_csk_xmit+0x2fb/0x5d0
[  208.255234][ T8121]  ? inet6_csk_update_pmtu+0x190/0x190
[  208.260678][ T8121]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  208.266901][ T8121]  ? csum_ipv6_magic+0x20/0x80
[  208.271655][ T8121]  __tcp_transmit_skb+0x1a32/0x3750
[  208.276898][ T8121]  ? __tcp_select_window+0x8b0/0x8b0
[  208.282180][ T8121]  ? tcp_mstamp_refresh+0x16/0xa0
[  208.287189][ T8121]  __tcp_send_ack.part.0+0x3c6/0x5b0
[  208.292457][ T8121]  tcp_send_ack+0x88/0xa0
[  208.296768][ T8121]  tcp_send_challenge_ack.isra.0+0x250/0x300
[  208.302728][ T8121]  tcp_validate_incoming+0x55e/0x1660
[  208.308087][ T8121]  tcp_rcv_state_process+0xb6b/0x4d93
[  208.313444][ T8121]  ? tcp_finish_connect+0x510/0x510
[  208.318627][ T8121]  ? __release_sock+0xca/0x3a0
[  208.323382][ T8121]  ? find_held_lock+0x35/0x130
[  208.328144][ T8121]  ? mark_held_locks+0xa4/0xf0
[  208.332893][ T8121]  ? __local_bh_enable_ip+0x15a/0x270
[  208.338245][ T8121]  ? _raw_spin_unlock_bh+0x31/0x40
[  208.343357][ T8121]  ? __local_bh_enable_ip+0x15a/0x270
[  208.348713][ T8121]  tcp_v6_do_rcv+0x7da/0x12c0
[  208.353374][ T8121]  ? tcp_v6_do_rcv+0x7da/0x12c0
[  208.358226][ T8121]  __release_sock+0x12e/0x3a0
[  208.362911][ T8121]  release_sock+0x59/0x1c0
[  208.367315][ T8121]  tcp_sendmsg+0x3b/0x50
[  208.371541][ T8121]  inet_sendmsg+0x147/0x5e0
[  208.376028][ T8121]  ? ipip_gro_receive+0x100/0x100
[  208.381042][ T8121]  sock_sendmsg+0xdd/0x130
[  208.385440][ T8121]  __sys_sendto+0x262/0x380
[  208.389924][ T8121]  ? __ia32_sys_getpeername+0xb0/0xb0
[  208.395288][ T8121]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  208.401520][ T8121]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  208.406962][ T8121]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  208.412403][ T8121]  ? do_syscall_64+0x26/0x610
[  208.417064][ T8121]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  208.423114][ T8121]  __x64_sys_sendto+0xe1/0x1a0
[  208.427864][ T8121]  do_syscall_64+0x103/0x610
[  208.432439][ T8121]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  208.438310][ T8121] RIP: 0033:0x4582b9
[  208.442186][ T8121] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  208.461770][ T8121] RSP: 002b:00007f7d35b49c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  208.470175][ T8121] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9
[  208.478148][ T8121] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  208.486102][ T8121] RBP: 000000000073bf00 R08: 00000000200000c0 R09: 000000000000001c
[  208.494053][ T8121] R10: 0000000020000008 R11: 0000000000000246 R12: 00007f7d35b4a6d4
[  208.502039][ T8121] R13: 00000000004c59b6 R14: 00000000004d9d10 R15: 00000000ffffffff
[  208.512745][ T8130] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.3/8130
[  208.522168][ T8130] caller is ip6_finish_output+0x335/0xdc0
[  208.528558][ T8130] CPU: 1 PID: 8130 Comm: syz-executor.3 Not tainted 5.1.0-rc3-next-20190405 #19
[  208.537589][ T8130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  208.547639][ T8130] Call Trace:
[  208.550937][ T8130]  dump_stack+0x172/0x1f0
[  208.555276][ T8130]  __this_cpu_preempt_check+0x246/0x270
[  208.560827][ T8130]  ip6_finish_output+0x335/0xdc0
[  208.565768][ T8130]  ip6_output+0x235/0x7f0
[  208.570101][ T8130]  ? ip6_finish_output+0xdc0/0xdc0
[  208.575218][ T8130]  ? ip6_fragment+0x3980/0x3980
[  208.580075][ T8130]  ip6_xmit+0xe41/0x20c0
[  208.584334][ T8130]  ? ip6_finish_output2+0x2550/0x2550
[  208.589713][ T8130]  ? mark_held_locks+0xf0/0xf0
[  208.594483][ T8130]  ? ip6_setup_cork+0x1870/0x1870
[  208.599528][ T8130]  inet6_csk_xmit+0x2fb/0x5d0
[  208.604239][ T8130]  ? inet6_csk_update_pmtu+0x190/0x190
[  208.609701][ T8130]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  208.615945][ T8130]  ? csum_ipv6_magic+0x20/0x80
[  208.620714][ T8130]  __tcp_transmit_skb+0x1a32/0x3750
[  208.625924][ T8130]  ? __tcp_select_window+0x8b0/0x8b0
[  208.631205][ T8130]  ? lockdep_hardirqs_on+0x418/0x5d0
[  208.636489][ T8130]  ? trace_hardirqs_on+0x67/0x230
[  208.641518][ T8130]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  208.647242][ T8130]  tcp_write_xmit+0xe39/0x5660
[  208.652008][ T8130]  ? trace_hardirqs_on+0x67/0x230
[  208.657048][ T8130]  ? mem_cgroup_sk_alloc+0x170/0x1a0
[  208.662344][ T8130]  __tcp_push_pending_frames+0xb4/0x350
[  208.667891][ T8130]  tcp_push+0x4cd/0x6c0
[  208.672053][ T8130]  do_tcp_sendpages+0x15c2/0x1b80
[  208.677096][ T8130]  ? sk_stream_alloc_skb+0xd10/0xd10
[  208.682391][ T8130]  ? __local_bh_enable_ip+0x15a/0x270
[  208.687941][ T8130]  ? trace_hardirqs_on+0x67/0x230
[  208.692964][ T8130]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  208.698687][ T8130]  tcp_sendpage_locked+0x84/0xd0
[  208.703626][ T8130]  tcp_sendpage+0x3f/0x60
[  208.707951][ T8130]  ? tcp_sendpage_locked+0xd0/0xd0
[  208.713059][ T8130]  inet_sendpage+0x16b/0x630
[  208.717653][ T8130]  kernel_sendpage+0x95/0xf0
[  208.722239][ T8130]  ? inet_sendmsg+0x5e0/0x5e0
[  208.726918][ T8130]  sock_sendpage+0x8b/0xc0
[  208.731337][ T8130]  pipe_to_sendpage+0x299/0x370
[  208.736187][ T8130]  ? kernel_sendpage+0xf0/0xf0
[  208.740947][ T8130]  ? direct_splice_actor+0x1a0/0x1a0
[  208.746232][ T8130]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  208.752470][ T8130]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  208.758715][ T8130]  __splice_from_pipe+0x395/0x7d0
[  208.764174][ T8130]  ? direct_splice_actor+0x1a0/0x1a0
[  208.769465][ T8130]  ? direct_splice_actor+0x1a0/0x1a0
[  208.774748][ T8130]  splice_from_pipe+0x108/0x170
[  208.779599][ T8130]  ? splice_shrink_spd+0xd0/0xd0
[  208.784549][ T8130]  generic_splice_sendpage+0x3c/0x50
[  208.789828][ T8130]  ? splice_from_pipe+0x170/0x170
[  208.794857][ T8130]  direct_splice_actor+0x126/0x1a0
[  208.799969][ T8130]  splice_direct_to_actor+0x369/0x970
[  208.805347][ T8130]  ? generic_pipe_buf_nosteal+0x10/0x10
[  208.810895][ T8130]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  208.817133][ T8130]  ? do_splice_to+0x190/0x190
[  208.821820][ T8130]  ? rw_verify_area+0x118/0x360
[  208.826685][ T8130]  do_splice_direct+0x1da/0x2a0
[  208.831543][ T8130]  ? splice_direct_to_actor+0x970/0x970
[  208.837097][ T8130]  ? rw_verify_area+0x118/0x360
[  208.841949][ T8130]  do_sendfile+0x597/0xd00
[  208.846375][ T8130]  ? do_compat_pwritev64+0x1c0/0x1c0
[  208.851658][ T8130]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  208.857894][ T8130]  ? put_timespec64+0xda/0x140
[  208.862666][ T8130]  __x64_sys_sendfile64+0x1dd/0x220
[  208.867864][ T8130]  ? __ia32_sys_sendfile+0x230/0x230
[  208.873146][ T8130]  ? do_syscall_64+0x26/0x610
[  208.877819][ T8130]  ? lockdep_hardirqs_on+0x418/0x5d0
[  208.883101][ T8130]  ? trace_hardirqs_on+0x67/0x230
[  208.888124][ T8130]  do_syscall_64+0x103/0x610
[  208.892715][ T8130]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  208.898600][ T8130] RIP: 0033:0x4582b9
[  208.902492][ T8130] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  208.922096][ T8130] RSP: 002b:00007f7d35b07c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  208.930504][ T8130] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9
[  208.938470][ T8130] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  208.946438][ T8130] RBP: 000000000073c040 R08: 0000000000000000 R09: 0000000000000000
[  208.954402][ T8130] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007f7d35b086d4
[  208.962417][ T8130] R13: 00000000004c5227 R14: 00000000004d9368 R15: 00000000ffffffff
10:59:06 executing program 2:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="803ff8fffffffeffffff038a7e7164006cff9900000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53efdb56108e53b3994b2cc86d95687df2409c1be2", 0x4d, 0x400}], 0x0, 0x0)