[....] Starting enhanced syslogd: rsyslogd[ 14.978569] audit: type=1400 audit(1573001642.622:4): avc: denied { syslog } for pid=1923 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.75' (ECDSA) to the list of known hosts. 2019/11/06 00:54:13 fuzzer started 2019/11/06 00:54:16 dialing manager at 10.128.0.26:40761 2019/11/06 00:54:16 syscalls: 1350 2019/11/06 00:54:16 code coverage: enabled 2019/11/06 00:54:16 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2019/11/06 00:54:16 extra coverage: extra coverage is not supported by the kernel 2019/11/06 00:54:16 setuid sandbox: enabled 2019/11/06 00:54:16 namespace sandbox: enabled 2019/11/06 00:54:16 Android sandbox: /sys/fs/selinux/policy does not exist 2019/11/06 00:54:16 fault injection: kernel does not have systematic fault injection support 2019/11/06 00:54:16 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/11/06 00:54:16 net packet injection: enabled 2019/11/06 00:54:16 net device setup: enabled 2019/11/06 00:54:16 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2019/11/06 00:54:16 devlink PCI setup: PCI device 0000:00:10.0 is not available 00:54:43 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x803, 0x85) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000003c0)=0x7fe, 0x4) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000514ff0), 0x10) recvfrom$inet(r0, 0x0, 0x0, 0x2000, 0x0, 0xfffffce2) 00:54:43 executing program 1: socket$netlink(0x10, 0x3, 0x0) socket(0x0, 0x0, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000000100)=0x1, 0xfb) setsockopt$inet_tcp_int(r0, 0x6, 0x14, &(0x7f0000788ffc)=0x100000001, 0xfdf6) r1 = socket$netlink(0x10, 0x3, 0xd) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000280)='IPVS\x00') sendmsg$IPVS_CMD_SET_SERVICE(r1, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000400)={&(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYRESOCT=0x0], 0x3}}, 0x0) bind$inet(r0, &(0x7f0000738ff0)={0x2, 0x4e21, @dev}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21}, 0x10) dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) write$P9_RFSYNC(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, 0x0, 0x0) sendto$inet(r0, &(0x7f0000000580)='\x00', 0x1, 0x20000084, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000000)={0x0, 0x4, 0x7ffffffc, 0x0, 0xffffffff}, 0x14) shutdown(r0, 0x2) 00:54:43 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c09, 0x0) 00:54:43 executing program 2: r0 = socket(0x100001400000010, 0x2, 0x9) sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)}, 0x0) 00:54:43 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x10, 0x2, 0x0) write(r2, &(0x7f0000000000)="22000000140067058d000005004c030402080313010000000a00020041020ee376ab", 0xa7) 00:54:43 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setownex(r3, 0x40e, &(0x7f0000000300)) 00:54:45 executing program 2: sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) setuid(0x0) creat(0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000040)) ioprio_set$pid(0x0, 0x0, 0x0) creat(&(0x7f0000000080)='./bus\x00', 0x0) gettid() tkill(0x0, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xc) syz_genetlink_get_family_id$devlink(0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000240)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f00000006c0)=ANY=[@ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB, @ANYRES32, @ANYBLOB, @ANYRES32, @ANYRES32], 0x20}, 0x0) 00:54:45 executing program 4: renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x5aa97f52728b90bd) syzkaller login: [ 57.417745] audit: type=1400 audit(1573001685.062:5): avc: denied { create } for pid=2268 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 57.455551] audit: type=1400 audit(1573001685.102:6): avc: denied { write } for pid=2268 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 57.498458] audit: type=1400 audit(1573001685.142:7): avc: denied { read } for pid=2268 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 00:54:45 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x9) recvmmsg(r0, &(0x7f0000007c80)=[{{&(0x7f00000000c0)=@nl=@unspec, 0x80, 0x0}}], 0x1, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) 00:54:45 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000000)={0x0, {0x2, 0x0, @empty}, {0x2, 0x0, @remote}, {0x2, 0x0, @broadcast}, 0x2a8}) 00:54:45 executing program 0: openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000200)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) 00:54:45 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r2) fcntl$setownex(r4, 0xf, &(0x7f0000000100)) 00:54:45 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000738ff0)={0x2, 0x4e21, @dev}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21}, 0x10) 00:54:45 executing program 1: r0 = creat(&(0x7f0000000300)='./file0\x00', 0x0) write$P9_RREMOVE(r0, &(0x7f0000000280)={0x1}, 0xff7f) r1 = open(&(0x7f0000000340)='./file0\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r1, 0x0) madvise(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x9) 00:54:45 executing program 4: ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000140)) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) timerfd_create(0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000180)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x801}]}, 0x10) r3 = socket$inet_udp(0x2, 0x2, 0x0) fcntl$setpipe(r1, 0x407, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x2, &(0x7f00000000c0)=""/5, &(0x7f0000000100)=0x5) bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) splice(r0, 0x0, r3, 0x0, 0x30005, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write$binfmt_misc(r4, &(0x7f0000000140)=ANY=[], 0x4240a2a0) ioctl$PIO_UNISCRNMAP(r4, 0x4b6a, &(0x7f0000000200)="3a7d258b130999af7f16da79a2a3ea9923f5969bc5905faa4b1bfd508caf59943f22fc2957d729698d3c4abb2c0f984210ab93751d6af60d2a1534ed7b60d26e40a6e0137bf51d0cda7dcc472708fb14c531d65804350641895b0d7b38385d1de94ddbb8ed95ac011e8c8d9035d3fb3f9aad6db42ebdb32975a1f1382721ae12e7495543fad9bb4ef55c9e106aa7875e50d40079df26eab5924bfd6084a7a4c538577925650576e45255fda7baf75d02e9580d4074af7466") 00:54:45 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f00000003c0)='\x00\x00\x00\x00\x00egy\xc5\x8e\xcb\x1c\xf8\x8f\xca;\xa3?\xad\xae\x0f\xb5\x97ao3\xab\xcdY\x9a\xe3\xe5\xe1\xf4\x87\xac\xad\x80\xa3P\x8c\xea\x9c\xc7\x00\xeb\xf4X#\xe34\x80O]\x87\xdd\x894\xdal;w\xf8\xf8\v?v\xf0\xb8\xda=|\xa4\xba\xbbiq!\xd8g\xb7I\x12\x80') openat$cgroup_ro(r0, &(0x7f0000000b00)='mem\x00\x01y7SwaS.\x06ur\x89\xc9B\xab\xe3\xfarent\x00\xaa\x1a\xfd\xae\v\xbf\xd8d\xbb\xaf9Q\xde\xfb\x1fY\xfb\x8do\xd1\x16\xce(\x82\xf1\xbf{5Z\x13\x15\x14\xd7\xb8\xce\xf20\x1e\xc0\xc2\xedV\\\xc4%T\x94M\xc7`\x83\xa1\xa0\xc8gn\xe3\xfe\xef[\xb3\xbd\x18R\x1b=\xab\x97$\x03\xaa\x84C\x0eWD\xeea\xf5\xb9\x82\xea\xbd5:\"\xf6f/\xa1\x8f%8\xa8\x1e\xcf\xb6\xa7\xe1\x1b1\x94\xc1G\xf9\xfc\xc77\x1c\x00'/370) lseek(r1, 0x203ffffd, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) write$P9_RXATTRWALK(r1, &(0x7f0000000080)={0xf}, 0x20000357) mremap(&(0x7f0000433000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f000007f000/0x1000)=nil) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, 0x0, 0x0) getsockname$packet(r2, 0x0, &(0x7f0000000200)) 00:54:45 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r2 = socket$inet6(0xa, 0x2000000080803, 0x1) fstat(r2, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fsetxattr$system_posix_acl(r1, &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f0000000400)={{}, {}, [], {}, [{0x8, 0x0, r3}]}, 0x2c, 0x0) 00:54:45 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) read(r0, &(0x7f00003fefff)=""/1, 0x1) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) 00:54:45 executing program 0: r0 = socket$unix(0x1, 0x2, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) inotify_init1(0x2a7c20926001f35d) 00:54:45 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) io_submit(0x0, 0x0, 0x0) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sync() 00:54:45 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) prctl$PR_GET_TIMERSLACK(0x1e) fstat(0xffffffffffffffff, 0x0) getpeername$packet(0xffffffffffffffff, 0x0, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) setxattr$security_capability(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='security.capability\x00', 0x0, 0x0, 0x0) set_tid_address(&(0x7f0000000140)) 00:54:45 executing program 0: mkdir(&(0x7f0000000340)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) mkdir(&(0x7f0000000080)='./file0/file1\x00', 0x0) mount(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x7ffbf, 0x0) 00:54:45 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x50000}]}) r0 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) write$eventfd(r0, 0x0, 0x0) 00:54:45 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 00:54:45 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") unshare(0x400) pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0) 00:54:45 executing program 1: syz_emit_ethernet(0x3e, &(0x7f0000000080)={@random="15cca2e5b3c9", @link_local, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x4, 0x0, @dev, @multicast1}, @icmp=@time_exceeded={0xb, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}}}, 0x0) 00:54:46 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) r1 = dup2(r0, r0) fcntl$getflags(r1, 0x1) 00:54:46 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a40)=ANY=[@ANYBLOB="02070009020000000000000000000000992c30664235b32f4403ad8ee5d59659ab95c6d4b2f5969364549683296346337789a893fc8576a67c1032495bfa69f7da0b6f21a72ae6ad5e6352bbbfaf040042ee7145b193a8c113e0e98ae5abb42e176deaf23925ec3d959962a795251adf1e815a568e119eab905f833adf24cbf734c7bd38ee5eb84580d40000efff0000000031d95239d099ee4b0ff1839156844c55708a4762da79b76bd66cee413314531849ac2a2053addc2680d741ded1963330d7698073ea2f628bf33976f174904920658b735c4e79e84fd61f7e2e50bf16ab478b121460e05e701975162fa916a893d54bafaee8a8bdea01a7a7d8e1e483"], 0x10}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000300)={0x4, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0xb, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x28}, 0x1, 0x2000000000000000}, 0x0) close(r2) r3 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 00:54:46 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x200000000, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) prctl$PR_GET_TIMERSLACK(0x1e) fstat(0xffffffffffffffff, 0x0) getpeername$packet(0xffffffffffffffff, 0x0, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) setxattr$security_capability(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='security.capability\x00', 0x0, 0x0, 0x0) openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x90600, 0x0) set_tid_address(&(0x7f0000000140)) 00:54:46 executing program 2: io_setup(0x3, &(0x7f00000000c0)=0x0) io_submit(r0, 0x1, &(0x7f0000000380)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x4}]) 00:54:46 executing program 0: rt_sigaction(0x0, &(0x7f0000000280)={&(0x7f0000000200)="26640f71d21ac4c3f960d179c4c3056e55b800660f380ac2c4e2e12b8c08feefffff26d8c3c4c27d33dfd9f1c4c2fd206709676f", {}, 0x0, 0x0}, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x3d, 0x0) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xffffff78) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = syz_open_pts(r0, 0x0) r5 = dup3(r4, r0, 0x0) read(r5, &(0x7f00000000c0)=""/19, 0x7ffff000) 00:54:46 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSIG(r0, 0x5411, 0x8127000) 00:54:46 executing program 5: r0 = socket$unix(0x1, 0x2, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$unix(0x1, 0x2, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$sock_SIOCGSKNS(r3, 0x894c, 0x0) 00:54:46 executing program 4: socket$inet_tcp(0x2, 0x1, 0x0) openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f00000000c0)) 00:54:46 executing program 2: open(&(0x7f0000000440)='./bus\x00', 0x141042, 0x0) r0 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0) ioctl$FS_IOC_GETVERSION(r0, 0x80047601, &(0x7f0000000040)) 00:54:46 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000300)={0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) splice(r2, 0x0, r3, 0x0, 0x30005, 0x0) rt_sigaction(0x17, &(0x7f0000000240)={0x0, {}, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000e40)) 00:54:46 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(0x0, r1) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000040)) r3 = syz_open_pts(r2, 0x0) ioctl$TCSETSF(r3, 0x5412, 0x0) 00:54:46 executing program 5: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 00:54:46 executing program 2: r0 = socket$unix(0x1, 0x2, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x22) 00:54:47 executing program 1: futex(&(0x7f00000013c0), 0x1, 0x0, 0x0, 0x0, 0x0) 00:54:47 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) unshare(0x20600) prctl$PR_GET_TIMERSLACK(0x1e) ioctl$BINDER_GET_NODE_INFO_FOR_REF(0xffffffffffffffff, 0xc018620c, &(0x7f0000000180)={0x3}) fcntl$getown(0xffffffffffffffff, 0x9) syz_genetlink_get_family_id$SEG6(&(0x7f0000000200)='SEG6\x00') write$smack_current(0xffffffffffffffff, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) sendmsg$TIPC_NL_MEDIA_GET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x64, 0x0, 0x400, 0x70bd2c, 0x0, {}, [@TIPC_NLA_MON={0x1c, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x76f1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x401}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}]}, @TIPC_NLA_NODE={0xc, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}]}, @TIPC_NLA_MEDIA={0x24, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}, @TIPC_NLA_NET={0x4}]}, 0x64}, 0x1, 0x0, 0x0, 0x20000870}, 0x4000004) symlinkat(0x0, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) setxattr$security_capability(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='security.capability\x00', 0x0, 0x0, 0x0) creat(&(0x7f0000000100)='./file0\x00', 0x0) ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, &(0x7f00000000c0)={0x401}) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000080)={0x3b, 0x37, 0x1, {0x0, 0xe7a8, 0x0, 0x0, 0x1d, 'cpusetusernodev]keyringloproc'}}, 0x3b) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x90600, 0x0) r2 = socket(0x0, 0x4000000000080002, 0x81) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'ip_vti0\x00', 0x0}) set_tid_address(&(0x7f0000000140)) bind$packet(r2, &(0x7f0000000080)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000480)={@mcast1, @rand_addr="d78ec2faaa416e34a49ff7b8d3e02cf4", @remote, 0xfc5, 0x6, 0xd8, 0x100, 0xc4}) 00:54:47 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x6, @empty, 0x0, 0x0, 'sed\x00'}, 0x2c) 00:54:47 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x2) setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000040)=0x7f, 0x4) sendmmsg(r0, &(0x7f00000000c0)=[{{&(0x7f0000000100)=@in6={0xa, 0x2, 0x0, @mcast2}, 0x80, 0x0}}], 0x1, 0x0) 00:54:47 executing program 2: sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x4, 0x182) r1 = memfd_create(&(0x7f0000000240)='.^\x00', 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, "1c69ab0d058b1b678397214eec9ff0d0cc8773ebb2cfd89b0252317a845d3df759d280ad530ff887d31ed8f9bf42b889fadb99a5defc79bd6b2023939c49224f", "e9af2deca424f1d69c3cef2acc10d15cae4da1bf9b1c974dd2de2185a2ae81bbcb58ebaa0b202596b0b84f59798e42bca13b7dd7218fcb5e75d1d7299ff17955", "804c0e6791e9da90dce632e1e4efa40c25402952a8dd77a5bf0805cfc3425350"}) ioctl$LOOP_CLR_FD(r0, 0x4c01) syz_open_dev$loop(0x0, 0x0, 0x0) ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01) 00:54:47 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) open(0x0, 0x0, 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') sendfile(r0, r0, &(0x7f0000000180)=0x74000000, 0x5) 00:54:47 executing program 3: socket(0x100000000011, 0x2, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) socket$inet(0x10, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x80000000b9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$P9_RREADLINK(r0, &(0x7f0000000880)=ANY=[@ANYRESDEC], 0x14) sendfile(r0, r0, &(0x7f0000000240), 0x7fff) 00:54:47 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000380)=ANY=[@ANYBLOB="02010109080000000000000000000000030006001000000002000000e00000090000000000000000030005007217440502000000e000000100000000000000000d2c300778a6d0c82a2f8437e891c5e8f43479784498ddc9434cd32acb9814007559b72a3ac49eba42cb3938cc21297656f6761499ee73bd385dd8fc6248c019d86bf187dcaedfd016c96410890ce0f1b578e10dfa622b09fbc79e86edb3763adb945fd89a1b530c8b1b24110cc6b3fef30d956a52efbaa454deed2a01672213c496071ed4c59479024323011806fb8a3998b6265efec09cb3c268b386b13dd323dfed21a8473f59fcb236a39d53950ae4ecd1015dd5987f842a3083b9f87d9620e13c8c70eba465b4de0100e4e84716b590032c410e0c71447aeff13e5efd2b472db6776020906dcaa809c75d92ce543dfc85532f63bf654192f447abcaaf6b2b9f9e11e4dfbdf8c0b7e12bd0120cbfcc699d604f93aa2ccd5ef594d61e64befccc1167d89ebe6e3a5c02fdb815e3829205964495c7ad284e892b01d90d7f254c6da428d3f037db5e7165adb2ce871cac402c7f859a789c273944c1d4a3f656d9473a26926aa54ab1456723195a046320967a6bb2c1d23d853d"], 0x40}}, 0x0) sendmsg$key(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x3, 0x81, 0x9, 0xa, 0x0, 0x0, 0xfffffffd, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x4e22, @loopback}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x15}}}]}, 0x50}}, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00') r2 = memfd_create(&(0x7f0000000040)='/\x01ev/loop#\x00', 0x0) fcntl$setlease(r2, 0x400, 0x0) sendfile(r2, r1, 0x0, 0x2000005) r3 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00') ioperm(0x31c, 0x5, 0xfffffffb) r4 = memfd_create(&(0x7f0000000040)='/\x01ev/loop#\x00', 0x0) sendfile(r4, r3, 0x0, 0x2000005) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0x0, r4, 0x100, 0x8001, 0x7, 0x1}) 00:54:47 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) read(r0, &(0x7f00003fefff)=""/1, 0x1) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 00:54:47 executing program 0: r0 = creat(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0x0, 0xffffffffffffffff, 0x0) 00:54:47 executing program 3: mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='configfs\x00', 0x0, 0x0) r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) fchdir(r0) getsockopt(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) lchown(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 00:54:47 executing program 1: r0 = socket$unix(0x1, 0x2, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) timerfd_create(0x6, 0x0) INIT: Id "6" respawning too fast: disabled for 5 minutes INIT: Id "4" respawning too fast: disabled for 5 minutes INIT: Id "1" respawning too fast: disabled for 5 minutes INIT: Id "3" respawning too fast: disabled for 5 minutes INIT: Id "2" respawning too fast: disabled for 5 minutes INIT: Id "5" respawning too fast: disabled for 5 minutes [ 281.821956] INFO: task syz-executor.4:2112 blocked for more than 140 seconds. [ 281.829285] Not tainted 4.4.174+ #17 [ 281.833538] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 281.841489] syz-executor.4 D ffff8800a64b75f8 24736 2112 1 0x20020004 [ 281.848968] ffff8800a64b75f8 ffff8801d7fe5f00 989d53dccaf7a7d6 ffff8801d7fe5f00 [ 281.857105] 0000000000000000 ffff8801d7fe6700 ffff8801db71f180 ffff8801db71f1a8 [ 281.865150] ffff8801db71e898 ffff8801da68df00 ffff8801d7fe5f00 ffffed0014c96001 [ 281.873183] Call Trace: [ 281.875750] [] schedule+0x99/0x1d0 [ 281.880953] [] schedule_preempt_disabled+0x13/0x20 [ 281.887579] [] mutex_lock_nested+0x3c2/0xb80 [ 281.893661] [] ? __blkdev_get+0x10c/0xdf0 [ 281.899438] [] ? get_disk+0xe0/0xe0 [ 281.904728] [] ? kobj_lookup+0x273/0x410 [ 281.910430] [] ? mutex_trylock+0x500/0x500 [ 281.916351] [] ? disk_block_events+0xc7/0x140 [ 281.922515] [] __blkdev_get+0x10c/0xdf0 [ 281.928154] [] ? __blkdev_put+0x840/0x840 [ 281.933978] [] ? trace_hardirqs_on+0x10/0x10 [ 281.940023] [] blkdev_get+0x2e8/0x920 [ 281.945476] [] ? bd_may_claim+0xd0/0xd0 [ 281.951082] [] ? bd_acquire+0x8a/0x370 [ 281.956641] [] ? _raw_spin_unlock+0x2d/0x50 [ 281.962615] [] blkdev_open+0x1aa/0x250 [ 281.968130] [] do_dentry_open+0x38f/0xbd0 [ 281.973924] [] ? __inode_permission2+0x9e/0x250 [ 281.980228] [] ? blkdev_get_by_dev+0x80/0x80 [ 281.986289] [] vfs_open+0x10b/0x210 [ 281.991550] [] ? may_open.isra.0+0xe7/0x210 [ 281.997524] [] path_openat+0x136f/0x4470 [ 282.003235] [] ? kasan_kmalloc.part.0+0xc6/0xf0 [ 282.009538] [] ? may_open.isra.0+0x210/0x210 [ 282.015597] [] ? trace_hardirqs_on+0x10/0x10 [ 282.021644] [] do_filp_open+0x1a1/0x270 [ 282.027271] [] ? user_path_mountpoint_at+0x50/0x50 [ 282.033856] [] ? do_dup2+0x3d0/0x3d0 [ 282.039206] [] ? _raw_spin_unlock+0x2d/0x50 [ 282.045210] [] do_sys_open+0x2f8/0x600 [ 282.050754] [] ? mntput+0x66/0x90 [ 282.055868] [] ? filp_open+0x70/0x70 [ 282.061222] [] ? SyS_mkdirat+0x164/0x250 [ 282.066951] [] ? SyS_mknod+0x40/0x40 [ 282.072360] [] compat_SyS_open+0x2a/0x40 [ 282.078071] [] ? compat_SyS_getdents64+0x270/0x270 [ 282.084676] [] do_fast_syscall_32+0x32d/0xa90 [ 282.090807] [] sysenter_flags_fixed+0xd/0x1a [ 282.096893] 1 lock held by syz-executor.4/2112: [ 282.101544] #0: (&bdev->bd_mutex){+.+.+.}, at: [] __blkdev_get+0x10c/0xdf0 [ 282.111407] Sending NMI to all CPUs: [ 282.115412] NMI backtrace for cpu 0 [ 282.119035] CPU: 0 PID: 20 Comm: khungtaskd Not tainted 4.4.174+ #17 [ 282.125532] task: ffff8801da6c5f00 task.stack: ffff8800001c8000 [ 282.131571] RIP: 0010:[] [] flat_send_IPI_mask+0xf7/0x1b0 [ 282.140323] RSP: 0018:ffff8800001cfc88 EFLAGS: 00000046 [ 282.145779] RAX: 0000000000000000 RBX: 0000000000000c00 RCX: 0000000000000000 [ 282.153045] RDX: 0000000000000c00 RSI: 0000000000000000 RDI: ffffffffff5fc300 [ 282.160302] RBP: ffff8800001cfcb8 R08: 0000000000000018 R09: 0000000000000000 [ 282.167574] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000246 [ 282.174843] R13: 0000000003000000 R14: ffffffff82e5f2e0 R15: 0000000000000002 [ 282.182123] FS: 0000000000000000(0000) GS:ffff8801db600000(0000) knlGS:0000000000000000 [ 282.190345] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 282.196245] CR2: 0000000001f6e000 CR3: 00000001d8175000 CR4: 00000000001606b0 [ 282.203523] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 282.210769] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 282.218042] Stack: [ 282.220175] 0000000000000001 ffffffff82e5f2e0 ffffffff831a6ac0 fffffbfff0634c34 [ 282.227793] 000000000001b6c0 0000000000000008 ffff8800001cfcd8 ffffffff81092bee [ 282.235333] 0000000000000008 ffffffff82924260 ffff8800001cfd30 ffffffff81ab8252 [ 282.242859] Call Trace: [ 282.245426] [] nmi_raise_cpu_backtrace+0x5e/0x80 [ 282.251832] [] nmi_trigger_all_cpu_backtrace.cold+0xa1/0xae [ 282.259176] [] ? print_lock+0xa8/0xab [ 282.264625] [] ? irq_force_complete_move+0x330/0x330 [ 282.271358] [] arch_trigger_all_cpu_backtrace+0x14/0x20 [ 282.278378] [] watchdog.cold+0xd3/0xee [ 282.283916] [] ? watchdog+0xac/0xa00 [ 282.289268] [] ? reset_hung_task_detector+0x20/0x20 [ 282.295965] [] kthread+0x273/0x310 [ 282.301145] [] ? kthread_create_on_node+0x4c0/0x4c0 [ 282.307808] [] ? _raw_spin_unlock_irq+0x39/0x60 [ 282.314437] [] ? finish_task_switch+0x1e1/0x660 [ 282.320826] [] ? finish_task_switch+0x1b3/0x660 [ 282.327149] [] ? __schedule+0x7af/0x1ee0 [ 282.332853] [] ? __schedule+0x7a3/0x1ee0 [ 282.338538] [] ? __schedule+0x7af/0x1ee0 [ 282.344268] [] ? kthread_create_on_node+0x4c0/0x4c0 [ 282.350927] [] ret_from_fork+0x55/0x80 [ 282.356476] [] ? kthread_create_on_node+0x4c0/0x4c0 [ 282.363141] Code: 00 c3 5f ff 80 e6 10 75 e1 41 c1 e5 18 44 89 2c 25 10 c3 5f ff 44 89 fa 09 da 80 cf 04 41 83 ff 02 0f 44 d3 89 14 25 00 c3 5f ff <41> f7 c4 00 02 00 00 75 1e 4c 89 e7 57 9d 0f 1f 44 00 00 e8 f1 [ 282.382137] NMI backtrace for cpu 1 [ 282.385746] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.4.174+ #17 [ 282.392062] task: ffff8801da6897c0 task.stack: ffff8801da698000 [ 282.398099] RIP: 0010:[] [] notifier_call_chain+0x3c/0x1e0 [ 282.406932] RSP: 0018:ffff8801da69fd00 EFLAGS: 00000246 [ 282.412375] RAX: dffffc0000000000 RBX: ffffffff82e6db18 RCX: 00000000ffffffff [ 282.419710] RDX: 1ffffffff05cdb63 RSI: ffffffff81137dd7 RDI: ffffffff82e6db18 [ 282.426982] RBP: ffff8801da69fd50 R08: 0000000000000000 R09: ffff8801da68a0a8 [ 282.434246] R10: ffffffff82836880 R11: 0000000000000000 R12: 0000000000000002 [ 282.441495] R13: 00000000ffffffff R14: 00000000ffffffff R15: 0000000000000000 [ 282.448758] FS: 0000000000000000(0000) GS:ffff8801db700000(0000) knlGS:0000000000000000 [ 282.456978] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 282.462855] CR2: 000000c420496000 CR3: 00000000ba08f000 CR4: 00000000001606b0 [ 282.470109] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 282.477410] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 282.484677] Stack: [ 282.486814] 0000000000000002 0000000000000000 0000000000000000 0000000000000002 [ 282.494343] ffff8801da69fd30 ffffffff82e6dae0 0000000000000002 0000000000000000 [ 282.501877] 00000000ffffffff 0000000000000000 ffff8801da69fd90 ffffffff81138097 [ 282.509380] Call Trace: [ 282.511955] [] __atomic_notifier_call_chain+0x87/0x150 [ 282.518861] [] ? raw_notifier_call_chain+0x40/0x40 [ 282.525451] [] atomic_notifier_call_chain+0x2e/0x40 [ 282.532111] [] idle_notifier_call_chain+0x1f/0x30 [ 282.538575] [] arch_cpu_idle_exit+0x1e/0x20 [ 282.544552] [] cpu_startup_entry+0x246/0x810 [ 282.550590] [] ? call_cpuidle+0xe0/0xe0 [ 282.556211] [] start_secondary+0x31d/0x410 [ 282.562100] [] ? set_cpu_sibling_map+0x10d0/0x10d0 [ 282.568653] Code: 54 53 48 89 fb 48 83 ec 28 48 89 55 c0 48 89 75 c8 e8 19 18 1d 00 48 89 da 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 <0f> 85 8e 01 00 00 4c 8b 23 e8 f6 28 10 00 4d 85 e4 0f 84 34 01 [ 282.587820] Kernel panic - not syncing: hung_task: blocked tasks [ 282.593959] CPU: 0 PID: 20 Comm: khungtaskd Not tainted 4.4.174+ #17 [ 282.600422] 0000000000000000 3725e0f9c175349c ffff8800001cfc60 ffffffff81aad1a1 [ 282.608414] ffff8801d7fe5f00 ffffffff82872120 dffffc0000000000 0000000000000003 [ 282.616426] 00000000003fff98 ffff8800001cfd40 ffffffff813a48c2 0000000041b58ab3 [ 282.624417] Call Trace: [ 282.626982] [] dump_stack+0xc1/0x120 [ 282.632320] [] panic+0x1b9/0x37b [ 282.637320] [] ? add_taint.cold+0x16/0x16 [ 282.643109] [] ? find_next_bit+0x44/0x50 [ 282.648796] [] ? nmi_trigger_all_cpu_backtrace+0x3c6/0x490 [ 282.656043] [] ? nmi_trigger_all_cpu_backtrace+0x3c6/0x490 [ 282.663292] [] watchdog.cold+0xe4/0xee [ 282.668804] [] ? watchdog+0xac/0xa00 [ 282.674153] [] ? reset_hung_task_detector+0x20/0x20 [ 282.680796] [] kthread+0x273/0x310 [ 282.686049] [] ? kthread_create_on_node+0x4c0/0x4c0 [ 282.692689] [] ? _raw_spin_unlock_irq+0x39/0x60 [ 282.698981] [] ? finish_task_switch+0x1e1/0x660 [ 282.705271] [] ? finish_task_switch+0x1b3/0x660 [ 282.711565] [] ? __schedule+0x7af/0x1ee0 [ 282.717255] [] ? __schedule+0x7a3/0x1ee0 [ 282.722940] [] ? __schedule+0x7af/0x1ee0 [ 282.728626] [] ? kthread_create_on_node+0x4c0/0x4c0 [ 282.735265] [] ret_from_fork+0x55/0x80 [ 282.740797] [] ? kthread_create_on_node+0x4c0/0x4c0 [ 282.748133] Kernel Offset: disabled [ 282.751763] Rebooting in 86400 seconds..