[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 29.300224] kauditd_printk_skb: 8 callbacks suppressed [ 29.300235] audit: type=1800 audit(1543921270.267:29): pid=5870 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 29.332245] audit: type=1800 audit(1543921270.277:30): pid=5870 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 34.629848] sshd (6009) used greatest stack depth: 15632 bytes left Warning: Permanently added '10.128.10.33' (ECDSA) to the list of known hosts. 2018/12/04 11:01:22 fuzzer started 2018/12/04 11:01:24 dialing manager at 10.128.0.26:33251 2018/12/04 11:01:26 syscalls: 1 2018/12/04 11:01:26 code coverage: enabled 2018/12/04 11:01:26 comparison tracing: enabled 2018/12/04 11:01:26 setuid sandbox: enabled 2018/12/04 11:01:26 namespace sandbox: enabled 2018/12/04 11:01:26 Android sandbox: /sys/fs/selinux/policy does not exist 2018/12/04 11:01:26 fault injection: enabled 2018/12/04 11:01:26 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/12/04 11:01:26 net packet injection: enabled 2018/12/04 11:01:26 net device setup: enabled 11:02:21 executing program 0: r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f00000019c0)={&(0x7f0000001840), 0xc, &(0x7f0000001980)={&(0x7f0000001880)={0x44, r0, 0x201, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x30, 0x1, [@IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, '\nvf\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc}]}]}, 0x44}}, 0x0) [ 101.053322] IPVS: ftp: loaded support on port[0] = 21 11:02:22 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f000000cfe4), 0x1c) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000000)=0xffffffffffffffff, 0x4) sendmmsg(r0, &(0x7f0000007e00)=[{{0x0, 0x0, &(0x7f0000000380), 0x24d, &(0x7f00000003c0)}}, {{&(0x7f0000000140)=@in6={0xa, 0x4e22, 0x0, @mcast2}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000500), 0xfffffeb6}], 0x1, &(0x7f0000000000)}}], 0x40000000000001c, 0x0) [ 101.316356] IPVS: ftp: loaded support on port[0] = 21 11:02:22 executing program 2: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000080)) sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r0 = msgget(0xffffffffffffffff, 0x0) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000004c0)=""/98) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, &(0x7f0000000540)={0x0, 0x1, [], @raw_data=[0x9, 0x0, 0x51, 0xeff, 0x20, 0xfffffffffffffff9, 0x0, 0x5, 0x0, 0x0, 0x8, 0x5, 0x3, 0x1, 0x0, 0x7f, 0x3, 0x400, 0x9, 0x0, 0x0, 0x1, 0x80000000, 0x5, 0x5, 0x2f2a, 0x0, 0x0, 0x8, 0x201400000000, 0x1, 0xd9]}) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000480)='./file0\x00', 0x42042, 0x9) name_to_handle_at(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000380)={0x7f, 0xfffffffffffffffe, "c462c575d70d00fbba0152703adc403dd8cb742b5ae1bf1478bf5496e7160a1d97038fa0f17be61c9c581610b93f405e636407e55b9b690d60ebd98c671f317500bdb8aee8f1c92246c70c8f57d0ba56ce44da3e88cdb37af67e31568eaaa7d792b5d233f9f2409fc4837c413d44acc5715a26a253904b"}, 0x0, 0x1400) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x80004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat(r2, &(0x7f0000000400)='./file0\x00', 0x8) fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f0000000200)=0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) readahead(0xffffffffffffffff, 0x2, 0x0) write(r2, &(0x7f0000000840)="fc015002a2a55e34dab67b7517766f3188a613b48bef6d2a2999d8da9474917335f8e2f9da2a75722ec004a5e6e244499c012b7a80b129b96d8fa518fef1eecc7743f4d9e96018d4ded15ff21514c13fa444e6f7fee6c2516c91723bf3646a5803887e502f26fc7cfd736ef2c59317e90d8a27ddc1a9d9510b306ede2aaafb95abbc44f0033f7e63c88beb46c697412d6083e6462ed5e06d6bab1352ff887771a302ad4d2c73", 0xa6) sendfile(r2, r2, &(0x7f00000000c0)=0x2, 0x8080ffffff10) ioctl$int_out(0xffffffffffffffff, 0x2000000040045730, &(0x7f0000000000)) [ 101.712849] IPVS: ftp: loaded support on port[0] = 21 11:02:23 executing program 3: r0 = socket$inet6(0xa, 0x400000000000803, 0x3) ioctl(r0, 0x400001000008912, &(0x7f0000000180)="0a5c2d023c126285718070") r1 = socket$inet6(0xa, 0x2, 0x0) sendto$inet6(r1, &(0x7f00000000c0), 0xfd01, 0x8800, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @mcast1}, 0x1c) setsockopt$inet6_int(r1, 0x29, 0x3c, &(0x7f0000311ffc)=0x1, 0x4) setsockopt$inet6_buf(r1, 0x29, 0x3e, &(0x7f0000000080)="00000017", 0x4) sendto$inet6(r1, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000809000)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 102.200634] IPVS: ftp: loaded support on port[0] = 21 11:02:23 executing program 4: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-384\x00'}, 0x58) r3 = accept4$alg(r2, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xfffffdea) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) splice(r0, 0x0, r3, 0x0, 0x20000000003, 0x0) mmap$perf(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1000000, 0x8010, r1, 0x0) [ 102.735906] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.743079] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.762919] device bridge_slave_0 entered promiscuous mode [ 102.797859] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.823388] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.842886] device bridge_slave_0 entered promiscuous mode [ 102.917265] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.949000] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.956650] device bridge_slave_1 entered promiscuous mode [ 102.977425] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.989322] IPVS: ftp: loaded support on port[0] = 21 [ 102.993163] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.024248] device bridge_slave_1 entered promiscuous mode [ 103.114743] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 103.193007] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 103.274499] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 103.303352] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 103.633889] bond0: Enslaving bond_slave_0 as an active interface with an up link 11:02:24 executing program 5: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x6, @empty, "626f6e6430000000000600000800"}}, 0x1e) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'lo\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8937, &(0x7f0000000080)={'bond0\x00', r2}) connect$pppoe(r0, &(0x7f0000000140)={0x18, 0x0, {0x0, @random="b067ecb59347", 'bridge_slave_0\x00'}}, 0x1e) [ 103.712663] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 103.740960] ip (6207) used greatest stack depth: 14792 bytes left [ 103.741673] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.773494] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.780957] device bridge_slave_0 entered promiscuous mode [ 103.839900] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 103.867239] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 103.895186] IPVS: ftp: loaded support on port[0] = 21 [ 103.926628] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.936737] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.951369] device bridge_slave_1 entered promiscuous mode [ 104.059918] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 104.148524] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 104.487778] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 104.498254] team0: Port device team_slave_0 added [ 104.506207] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.512643] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.530915] device bridge_slave_0 entered promiscuous mode [ 104.559493] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 104.580361] team0: Port device team_slave_0 added [ 104.630094] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 104.647573] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.655111] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.673642] device bridge_slave_1 entered promiscuous mode [ 104.686268] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 104.711818] team0: Port device team_slave_1 added [ 104.724198] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 104.731609] team0: Port device team_slave_1 added [ 104.766635] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 104.793971] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 104.846605] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 104.865580] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 104.881586] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 104.906387] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 104.942728] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 104.996000] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 105.023587] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 105.090970] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 105.109326] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 105.117825] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 105.147235] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 105.165043] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 105.184788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 105.242095] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 105.257278] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 105.273848] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 105.323300] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 105.331960] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.353035] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.381923] device bridge_slave_0 entered promiscuous mode [ 105.390436] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 105.411860] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 105.465728] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 105.484204] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.490575] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.517800] device bridge_slave_1 entered promiscuous mode [ 105.596204] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 105.608284] team0: Port device team_slave_0 added [ 105.627608] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 105.640978] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 105.738887] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 105.749712] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 105.773633] team0: Port device team_slave_1 added [ 105.780691] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 105.791978] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 105.913503] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 106.002759] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 106.133100] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 106.150925] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 106.171585] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 106.202556] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.211126] bridge0: port 1(bridge_slave_0) entered disabled state [ 106.218319] device bridge_slave_0 entered promiscuous mode [ 106.234116] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 106.260777] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 106.283706] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 106.303366] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 106.370496] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 106.378934] team0: Port device team_slave_0 added [ 106.387209] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.395783] bridge0: port 2(bridge_slave_1) entered disabled state [ 106.403816] device bridge_slave_1 entered promiscuous mode [ 106.414606] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 106.516325] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 106.536723] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 106.552461] team0: Port device team_slave_1 added [ 106.584131] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 106.604165] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 106.640723] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 106.683002] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 106.695150] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 106.706631] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 106.753102] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 106.783189] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 106.834856] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.841385] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.848543] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.854965] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.864742] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 106.898519] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 107.013694] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.020225] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.026945] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.033373] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.054603] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 107.061247] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 107.107600] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 107.126448] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 107.180032] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 107.197075] team0: Port device team_slave_0 added [ 107.207706] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 107.234451] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 107.242686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 107.272980] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 107.280422] team0: Port device team_slave_1 added [ 107.298981] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 107.315048] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 107.333193] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 107.391623] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 107.428706] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 107.437433] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 107.454704] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 107.528332] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 107.549201] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 107.574249] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 107.584632] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 107.598839] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 107.656397] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 107.681586] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 107.708346] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 107.727056] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 107.743657] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 107.838819] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 107.853409] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 107.869468] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 107.979239] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.985677] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.992331] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.998747] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.033980] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 108.050518] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 108.068316] team0: Port device team_slave_0 added [ 108.242899] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 108.250981] team0: Port device team_slave_1 added [ 108.323899] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 108.388187] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 108.402360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 108.426147] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 108.508028] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 108.523088] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 108.543334] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 108.652985] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 108.660126] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 108.673638] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 108.783096] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 108.792375] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 108.816025] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 108.855345] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.861711] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.868426] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.874845] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.888256] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 109.241557] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.248001] bridge0: port 2(bridge_slave_1) entered forwarding state [ 109.254747] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.261127] bridge0: port 1(bridge_slave_0) entered forwarding state [ 109.282724] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 109.333154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 109.341498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 110.130898] bridge0: port 2(bridge_slave_1) entered blocking state [ 110.137338] bridge0: port 2(bridge_slave_1) entered forwarding state [ 110.144064] bridge0: port 1(bridge_slave_0) entered blocking state [ 110.150426] bridge0: port 1(bridge_slave_0) entered forwarding state [ 110.186879] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 110.362698] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 112.134686] 8021q: adding VLAN 0 to HW filter on device bond0 [ 112.254726] 8021q: adding VLAN 0 to HW filter on device bond0 [ 112.622751] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 112.731407] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 113.093870] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 113.100685] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 113.113514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 113.227466] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 113.250163] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 113.264014] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 113.608189] 8021q: adding VLAN 0 to HW filter on device team0 [ 113.626021] 8021q: adding VLAN 0 to HW filter on device team0 [ 113.644825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 113.889519] 8021q: adding VLAN 0 to HW filter on device bond0 [ 114.122338] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 114.389784] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 114.636507] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 114.642729] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 114.650838] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 114.687689] 8021q: adding VLAN 0 to HW filter on device bond0 [ 114.853594] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 114.860383] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 114.873844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 115.182608] 8021q: adding VLAN 0 to HW filter on device team0 [ 115.236098] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 115.367717] 8021q: adding VLAN 0 to HW filter on device team0 [ 115.656827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 115.681185] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 115.703993] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 115.719241] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 116.081098] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 116.127932] 8021q: adding VLAN 0 to HW filter on device team0 [ 116.532456] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 116.570958] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 116.590860] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 116.599431] netlink: 'syz-executor0': attribute type 1 has an invalid length. [ 116.635267] netlink: 'syz-executor0': attribute type 1 has an invalid length. 11:02:37 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f000000cfe4), 0x1c) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000000)=0xffffffffffffffff, 0x4) sendmmsg(r0, &(0x7f0000007e00)=[{{0x0, 0x0, &(0x7f0000000380), 0x24d, &(0x7f00000003c0)}}, {{&(0x7f0000000140)=@in6={0xa, 0x4e22, 0x0, @mcast2}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000500), 0xfffffeb6}], 0x1, &(0x7f0000000000)}}], 0x40000000000001c, 0x0) 11:02:37 executing program 0: r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f00000019c0)={&(0x7f0000001840), 0xc, &(0x7f0000001980)={&(0x7f0000001880)={0x44, r0, 0x201, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x30, 0x1, [@IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, '\nvf\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc}]}]}, 0x44}}, 0x0) 11:02:37 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f000000cfe4), 0x1c) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000000)=0xffffffffffffffff, 0x4) sendmmsg(r0, &(0x7f0000007e00)=[{{0x0, 0x0, &(0x7f0000000380), 0x24d, &(0x7f00000003c0)}}, {{&(0x7f0000000140)=@in6={0xa, 0x4e22, 0x0, @mcast2}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000500), 0xfffffeb6}], 0x1, &(0x7f0000000000)}}], 0x40000000000001c, 0x0) [ 116.865279] netlink: 'syz-executor0': attribute type 1 has an invalid length. 11:02:37 executing program 0: r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f00000019c0)={&(0x7f0000001840), 0xc, &(0x7f0000001980)={&(0x7f0000001880)={0x44, r0, 0x201, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x30, 0x1, [@IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, '\nvf\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc}]}]}, 0x44}}, 0x0) 11:02:37 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f000000cfe4), 0x1c) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000000)=0xffffffffffffffff, 0x4) sendmmsg(r0, &(0x7f0000007e00)=[{{0x0, 0x0, &(0x7f0000000380), 0x24d, &(0x7f00000003c0)}}, {{&(0x7f0000000140)=@in6={0xa, 0x4e22, 0x0, @mcast2}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000500), 0xfffffeb6}], 0x1, &(0x7f0000000000)}}], 0x40000000000001c, 0x0) [ 116.995585] netlink: 'syz-executor0': attribute type 1 has an invalid length. 11:02:38 executing program 0: r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f00000019c0)={&(0x7f0000001840), 0xc, &(0x7f0000001980)={&(0x7f0000001880)={0x44, r0, 0x201, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x30, 0x1, [@IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, '\nvf\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc}]}]}, 0x44}}, 0x0) [ 117.105557] 8021q: adding VLAN 0 to HW filter on device team0 11:02:38 executing program 1: syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) getpgid(0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x0) r1 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r1, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000380)={0x4806, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0xf5ffffff00000000, 0x1c, "7001e0f57c8cf6270b24e415e96042aae51d871554c11cd59cc80000000025bad6b39d778066f9d1ac8a570e3a42f70a7c0f30f66157a96aae15813f0dceb297", "a8a4cd0160ec941a3de45387daf7b1ac786d0e8a75e8904655faf6f2bc6cc487d93a61edb75c8d51c055faf7f4fdb16e0cdaa4276939a3410334000000000002", "2f18ffffffffffff4116893616105829576914e70bfeb59800f97c97644ab8a7"}) [ 117.256242] netlink: 'syz-executor0': attribute type 1 has an invalid length. [ 117.283713] hrtimer: interrupt took 32961 ns 11:02:38 executing program 0: setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0) clone(0x200, 0x0, 0x0, 0x0, 0x0) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f00000003c0)='./file0\x00', 0x0, 0x0) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, r1) fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, 0x0}) kcmp(r1, r2, 0x6, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r2, 0x4, 0xffffffffffffffff, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) [ 117.365172] print_req_error: I/O error, dev loop0, sector 0 [ 117.371053] Buffer I/O error on dev loop0, logical block 0, async page read [ 117.382274] print_req_error: I/O error, dev loop0, sector 0 [ 117.388615] Buffer I/O error on dev loop0, logical block 0, async page read [ 117.410340] print_req_error: I/O error, dev loop0, sector 0 [ 117.416145] Buffer I/O error on dev loop0, logical block 0, async page read [ 117.451705] print_req_error: I/O error, dev loop0, sector 0 [ 117.457519] Buffer I/O error on dev loop0, logical block 0, async page read [ 117.483102] print_req_error: I/O error, dev loop0, sector 0 [ 117.488870] Buffer I/O error on dev loop0, logical block 0, async page read [ 117.508571] print_req_error: I/O error, dev loop0, sector 0 [ 117.514357] Buffer I/O error on dev loop0, logical block 0, async page read [ 117.523010] print_req_error: I/O error, dev loop0, sector 0 [ 117.528808] Buffer I/O error on dev loop0, logical block 0, async page read [ 117.549589] print_req_error: I/O error, dev loop0, sector 0 [ 117.555387] Buffer I/O error on dev loop0, logical block 0, async page read [ 117.580944] print_req_error: I/O error, dev loop0, sector 0 [ 117.586732] Buffer I/O error on dev loop0, logical block 0, async page read [ 117.594990] ldm_validate_partition_table(): Disk read failed. [ 117.603593] print_req_error: I/O error, dev loop0, sector 0 [ 117.609543] Buffer I/O error on dev loop0, logical block 0, async page read [ 117.637602] Dev loop0: unable to read RDB block 0 [ 117.656313] loop0: unable to read partition table [ 117.711980] loop_reread_partitions: partition scan of loop0 (pàõ|Œö' $äé`Bªå‡TÁÕœÈ) failed (rc=-5) [ 117.811509] __loop_clr_fd: partition scan of loop0 failed (rc=-22) [ 118.434494] audit: type=1804 audit(1543921359.407:31): pid=7593 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor2" name="/root/syzkaller-testdir873141772/syzkaller.ef85T3/0/file0/file0" dev="loop2" ino=3 res=1 11:02:39 executing program 2: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000080)) sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r0 = msgget(0xffffffffffffffff, 0x0) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000004c0)=""/98) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, &(0x7f0000000540)={0x0, 0x1, [], @raw_data=[0x9, 0x0, 0x51, 0xeff, 0x20, 0xfffffffffffffff9, 0x0, 0x5, 0x0, 0x0, 0x8, 0x5, 0x3, 0x1, 0x0, 0x7f, 0x3, 0x400, 0x9, 0x0, 0x0, 0x1, 0x80000000, 0x5, 0x5, 0x2f2a, 0x0, 0x0, 0x8, 0x201400000000, 0x1, 0xd9]}) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000480)='./file0\x00', 0x42042, 0x9) name_to_handle_at(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000380)={0x7f, 0xfffffffffffffffe, "c462c575d70d00fbba0152703adc403dd8cb742b5ae1bf1478bf5496e7160a1d97038fa0f17be61c9c581610b93f405e636407e55b9b690d60ebd98c671f317500bdb8aee8f1c92246c70c8f57d0ba56ce44da3e88cdb37af67e31568eaaa7d792b5d233f9f2409fc4837c413d44acc5715a26a253904b"}, 0x0, 0x1400) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x80004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat(r2, &(0x7f0000000400)='./file0\x00', 0x8) fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f0000000200)=0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) readahead(0xffffffffffffffff, 0x2, 0x0) write(r2, &(0x7f0000000840)="fc015002a2a55e34dab67b7517766f3188a613b48bef6d2a2999d8da9474917335f8e2f9da2a75722ec004a5e6e244499c012b7a80b129b96d8fa518fef1eecc7743f4d9e96018d4ded15ff21514c13fa444e6f7fee6c2516c91723bf3646a5803887e502f26fc7cfd736ef2c59317e90d8a27ddc1a9d9510b306ede2aaafb95abbc44f0033f7e63c88beb46c697412d6083e6462ed5e06d6bab1352ff887771a302ad4d2c73", 0xa6) sendfile(r2, r2, &(0x7f00000000c0)=0x2, 0x8080ffffff10) ioctl$int_out(0xffffffffffffffff, 0x2000000040045730, &(0x7f0000000000)) 11:02:39 executing program 1: syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) getpgid(0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x0) r1 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r1, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000380)={0x4806, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0xf5ffffff00000000, 0x1c, "7001e0f57c8cf6270b24e415e96042aae51d871554c11cd59cc80000000025bad6b39d778066f9d1ac8a570e3a42f70a7c0f30f66157a96aae15813f0dceb297", "a8a4cd0160ec941a3de45387daf7b1ac786d0e8a75e8904655faf6f2bc6cc487d93a61edb75c8d51c055faf7f4fdb16e0cdaa4276939a3410334000000000002", "2f18ffffffffffff4116893616105829576914e70bfeb59800f97c97644ab8a7"}) [ 118.479792] audit: type=1804 audit(1543921359.427:32): pid=7597 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor2" name="/root/syzkaller-testdir873141772/syzkaller.ef85T3/0/file0/file0" dev="loop2" ino=3 res=1 [ 118.737167] ldm_validate_partition_table(): Disk read failed. [ 118.753879] Dev loop0: unable to read RDB block 0 [ 118.765837] loop0: unable to read partition table [ 118.788025] loop_reread_partitions: partition scan of loop0 (pàõ|Œö' $äé`Bªå‡TÁÕœÈ) failed (rc=-5) [ 118.889144] __loop_clr_fd: partition scan of loop0 failed (rc=-22) 11:02:40 executing program 4: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-384\x00'}, 0x58) r3 = accept4$alg(r2, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xfffffdea) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) splice(r0, 0x0, r3, 0x0, 0x20000000003, 0x0) mmap$perf(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1000000, 0x8010, r1, 0x0) 11:02:40 executing program 0: setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0) clone(0x200, 0x0, 0x0, 0x0, 0x0) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f00000003c0)='./file0\x00', 0x0, 0x0) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, r1) fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, 0x0}) kcmp(r1, r2, 0x6, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r2, 0x4, 0xffffffffffffffff, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 11:02:40 executing program 3: setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0) clone(0x200, 0x0, 0x0, 0x0, 0x0) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f00000003c0)='./file0\x00', 0x0, 0x0) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, r1) fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, 0x0}) kcmp(r1, r2, 0x6, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r2, 0x4, 0xffffffffffffffff, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 11:02:40 executing program 1: syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) getpgid(0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x0) r1 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r1, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000380)={0x4806, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0xf5ffffff00000000, 0x1c, "7001e0f57c8cf6270b24e415e96042aae51d871554c11cd59cc80000000025bad6b39d778066f9d1ac8a570e3a42f70a7c0f30f66157a96aae15813f0dceb297", "a8a4cd0160ec941a3de45387daf7b1ac786d0e8a75e8904655faf6f2bc6cc487d93a61edb75c8d51c055faf7f4fdb16e0cdaa4276939a3410334000000000002", "2f18ffffffffffff4116893616105829576914e70bfeb59800f97c97644ab8a7"}) 11:02:40 executing program 2: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000080)) sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r0 = msgget(0xffffffffffffffff, 0x0) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000004c0)=""/98) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, &(0x7f0000000540)={0x0, 0x1, [], @raw_data=[0x9, 0x0, 0x51, 0xeff, 0x20, 0xfffffffffffffff9, 0x0, 0x5, 0x0, 0x0, 0x8, 0x5, 0x3, 0x1, 0x0, 0x7f, 0x3, 0x400, 0x9, 0x0, 0x0, 0x1, 0x80000000, 0x5, 0x5, 0x2f2a, 0x0, 0x0, 0x8, 0x201400000000, 0x1, 0xd9]}) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000480)='./file0\x00', 0x42042, 0x9) name_to_handle_at(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000380)={0x7f, 0xfffffffffffffffe, "c462c575d70d00fbba0152703adc403dd8cb742b5ae1bf1478bf5496e7160a1d97038fa0f17be61c9c581610b93f405e636407e55b9b690d60ebd98c671f317500bdb8aee8f1c92246c70c8f57d0ba56ce44da3e88cdb37af67e31568eaaa7d792b5d233f9f2409fc4837c413d44acc5715a26a253904b"}, 0x0, 0x1400) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x80004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat(r2, &(0x7f0000000400)='./file0\x00', 0x8) fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f0000000200)=0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) readahead(0xffffffffffffffff, 0x2, 0x0) write(r2, &(0x7f0000000840)="fc015002a2a55e34dab67b7517766f3188a613b48bef6d2a2999d8da9474917335f8e2f9da2a75722ec004a5e6e244499c012b7a80b129b96d8fa518fef1eecc7743f4d9e96018d4ded15ff21514c13fa444e6f7fee6c2516c91723bf3646a5803887e502f26fc7cfd736ef2c59317e90d8a27ddc1a9d9510b306ede2aaafb95abbc44f0033f7e63c88beb46c697412d6083e6462ed5e06d6bab1352ff887771a302ad4d2c73", 0xa6) sendfile(r2, r2, &(0x7f00000000c0)=0x2, 0x8080ffffff10) ioctl$int_out(0xffffffffffffffff, 0x2000000040045730, &(0x7f0000000000)) 11:02:40 executing program 5: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x6, @empty, "626f6e6430000000000600000800"}}, 0x1e) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'lo\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8937, &(0x7f0000000080)={'bond0\x00', r2}) connect$pppoe(r0, &(0x7f0000000140)={0x18, 0x0, {0x0, @random="b067ecb59347", 'bridge_slave_0\x00'}}, 0x1e) 11:02:40 executing program 5: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x6, @empty, "626f6e6430000000000600000800"}}, 0x1e) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'lo\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8937, &(0x7f0000000080)={'bond0\x00', r2}) connect$pppoe(r0, &(0x7f0000000140)={0x18, 0x0, {0x0, @random="b067ecb59347", 'bridge_slave_0\x00'}}, 0x1e) [ 119.681225] ldm_validate_partition_table(): Disk read failed. [ 119.717762] Dev loop0: unable to read RDB block 0 [ 119.738914] loop0: unable to read partition table 11:02:40 executing program 5: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x6, @empty, "626f6e6430000000000600000800"}}, 0x1e) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'lo\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8937, &(0x7f0000000080)={'bond0\x00', r2}) connect$pppoe(r0, &(0x7f0000000140)={0x18, 0x0, {0x0, @random="b067ecb59347", 'bridge_slave_0\x00'}}, 0x1e) [ 119.762203] loop_reread_partitions: partition scan of loop0 (pàõ|Œö' $äé`Bªå‡TÁÕœÈ) failed (rc=-5) 11:02:40 executing program 2: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000080)) sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r0 = msgget(0xffffffffffffffff, 0x0) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000004c0)=""/98) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, &(0x7f0000000540)={0x0, 0x1, [], @raw_data=[0x9, 0x0, 0x51, 0xeff, 0x20, 0xfffffffffffffff9, 0x0, 0x5, 0x0, 0x0, 0x8, 0x5, 0x3, 0x1, 0x0, 0x7f, 0x3, 0x400, 0x9, 0x0, 0x0, 0x1, 0x80000000, 0x5, 0x5, 0x2f2a, 0x0, 0x0, 0x8, 0x201400000000, 0x1, 0xd9]}) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000480)='./file0\x00', 0x42042, 0x9) name_to_handle_at(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000380)={0x7f, 0xfffffffffffffffe, "c462c575d70d00fbba0152703adc403dd8cb742b5ae1bf1478bf5496e7160a1d97038fa0f17be61c9c581610b93f405e636407e55b9b690d60ebd98c671f317500bdb8aee8f1c92246c70c8f57d0ba56ce44da3e88cdb37af67e31568eaaa7d792b5d233f9f2409fc4837c413d44acc5715a26a253904b"}, 0x0, 0x1400) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x80004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat(r2, &(0x7f0000000400)='./file0\x00', 0x8) fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f0000000200)=0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) readahead(0xffffffffffffffff, 0x2, 0x0) write(r2, &(0x7f0000000840)="fc015002a2a55e34dab67b7517766f3188a613b48bef6d2a2999d8da9474917335f8e2f9da2a75722ec004a5e6e244499c012b7a80b129b96d8fa518fef1eecc7743f4d9e96018d4ded15ff21514c13fa444e6f7fee6c2516c91723bf3646a5803887e502f26fc7cfd736ef2c59317e90d8a27ddc1a9d9510b306ede2aaafb95abbc44f0033f7e63c88beb46c697412d6083e6462ed5e06d6bab1352ff887771a302ad4d2c73", 0xa6) sendfile(r2, r2, &(0x7f00000000c0)=0x2, 0x8080ffffff10) ioctl$int_out(0xffffffffffffffff, 0x2000000040045730, &(0x7f0000000000)) 11:02:40 executing program 1: syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) getpgid(0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x0) r1 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r1, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000380)={0x4806, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0xf5ffffff00000000, 0x1c, "7001e0f57c8cf6270b24e415e96042aae51d871554c11cd59cc80000000025bad6b39d778066f9d1ac8a570e3a42f70a7c0f30f66157a96aae15813f0dceb297", "a8a4cd0160ec941a3de45387daf7b1ac786d0e8a75e8904655faf6f2bc6cc487d93a61edb75c8d51c055faf7f4fdb16e0cdaa4276939a3410334000000000002", "2f18ffffffffffff4116893616105829576914e70bfeb59800f97c97644ab8a7"}) 11:02:40 executing program 3: setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0) clone(0x200, 0x0, 0x0, 0x0, 0x0) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f00000003c0)='./file0\x00', 0x0, 0x0) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, r1) fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, 0x0}) kcmp(r1, r2, 0x6, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r2, 0x4, 0xffffffffffffffff, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) [ 119.924916] __loop_clr_fd: partition scan of loop0 failed (rc=-22) 11:02:40 executing program 0: setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0) clone(0x200, 0x0, 0x0, 0x0, 0x0) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f00000003c0)='./file0\x00', 0x0, 0x0) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, r1) fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, 0x0}) kcmp(r1, r2, 0x6, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r2, 0x4, 0xffffffffffffffff, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) [ 120.167191] ldm_validate_partition_table(): Disk read failed. [ 120.199468] Dev loop0: unable to read RDB block 0 [ 120.222350] loop0: unable to read partition table [ 120.253723] loop_reread_partitions: partition scan of loop0 (pàõ|Œö' $äé`Bªå‡TÁÕœÈ) failed (rc=-5) [ 120.414902] __loop_clr_fd: partition scan of loop0 failed (rc=-22) 11:02:41 executing program 4: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-384\x00'}, 0x58) r3 = accept4$alg(r2, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xfffffdea) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) splice(r0, 0x0, r3, 0x0, 0x20000000003, 0x0) mmap$perf(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1000000, 0x8010, r1, 0x0) 11:02:41 executing program 5: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x6, @empty, "626f6e6430000000000600000800"}}, 0x1e) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'lo\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8937, &(0x7f0000000080)={'bond0\x00', r2}) connect$pppoe(r0, &(0x7f0000000140)={0x18, 0x0, {0x0, @random="b067ecb59347", 'bridge_slave_0\x00'}}, 0x1e) 11:02:41 executing program 2: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x6, @empty, "626f6e6430000000000600000800"}}, 0x1e) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'lo\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8937, &(0x7f0000000080)={'bond0\x00', r2}) connect$pppoe(r0, &(0x7f0000000140)={0x18, 0x0, {0x0, @random="b067ecb59347", 'bridge_slave_0\x00'}}, 0x1e) 11:02:41 executing program 1: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000080)) sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r0 = msgget(0xffffffffffffffff, 0x0) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000004c0)=""/98) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, &(0x7f0000000540)={0x0, 0x1, [], @raw_data=[0x9, 0x0, 0x51, 0xeff, 0x20, 0xfffffffffffffff9, 0x0, 0x5, 0x0, 0x0, 0x8, 0x5, 0x3, 0x1, 0x0, 0x7f, 0x3, 0x400, 0x9, 0x0, 0x0, 0x1, 0x80000000, 0x5, 0x5, 0x2f2a, 0x0, 0x0, 0x8, 0x201400000000, 0x1, 0xd9]}) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000480)='./file0\x00', 0x42042, 0x9) name_to_handle_at(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000380)={0x7f, 0xfffffffffffffffe, "c462c575d70d00fbba0152703adc403dd8cb742b5ae1bf1478bf5496e7160a1d97038fa0f17be61c9c581610b93f405e636407e55b9b690d60ebd98c671f317500bdb8aee8f1c92246c70c8f57d0ba56ce44da3e88cdb37af67e31568eaaa7d792b5d233f9f2409fc4837c413d44acc5715a26a253904b"}, 0x0, 0x1400) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x80004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat(r2, &(0x7f0000000400)='./file0\x00', 0x8) fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f0000000200)=0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) readahead(0xffffffffffffffff, 0x2, 0x0) write(r2, &(0x7f0000000840)="fc015002a2a55e34dab67b7517766f3188a613b48bef6d2a2999d8da9474917335f8e2f9da2a75722ec004a5e6e244499c012b7a80b129b96d8fa518fef1eecc7743f4d9e96018d4ded15ff21514c13fa444e6f7fee6c2516c91723bf3646a5803887e502f26fc7cfd736ef2c59317e90d8a27ddc1a9d9510b306ede2aaafb95abbc44f0033f7e63c88beb46c697412d6083e6462ed5e06d6bab1352ff887771a302ad4d2c73", 0xa6) sendfile(r2, r2, &(0x7f00000000c0)=0x2, 0x8080ffffff10) ioctl$int_out(0xffffffffffffffff, 0x2000000040045730, &(0x7f0000000000)) 11:02:41 executing program 0: setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0) clone(0x200, 0x0, 0x0, 0x0, 0x0) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f00000003c0)='./file0\x00', 0x0, 0x0) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, r1) fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, 0x0}) kcmp(r1, r2, 0x6, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r2, 0x4, 0xffffffffffffffff, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 11:02:41 executing program 3: setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0) clone(0x200, 0x0, 0x0, 0x0, 0x0) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f00000003c0)='./file0\x00', 0x0, 0x0) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, r1) fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, 0x0}) kcmp(r1, r2, 0x6, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r2, 0x4, 0xffffffffffffffff, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 11:02:41 executing program 2: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x6, @empty, "626f6e6430000000000600000800"}}, 0x1e) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'lo\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8937, &(0x7f0000000080)={'bond0\x00', r2}) connect$pppoe(r0, &(0x7f0000000140)={0x18, 0x0, {0x0, @random="b067ecb59347", 'bridge_slave_0\x00'}}, 0x1e) 11:02:41 executing program 5: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x6, @empty, "626f6e6430000000000600000800"}}, 0x1e) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'lo\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8937, &(0x7f0000000080)={'bond0\x00', r2}) connect$pppoe(r0, &(0x7f0000000140)={0x18, 0x0, {0x0, @random="b067ecb59347", 'bridge_slave_0\x00'}}, 0x1e) 11:02:41 executing program 2: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x6, @empty, "626f6e6430000000000600000800"}}, 0x1e) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'lo\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8937, &(0x7f0000000080)={'bond0\x00', r2}) connect$pppoe(r0, &(0x7f0000000140)={0x18, 0x0, {0x0, @random="b067ecb59347", 'bridge_slave_0\x00'}}, 0x1e) 11:02:41 executing program 5: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x6, @empty, "626f6e6430000000000600000800"}}, 0x1e) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'lo\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8937, &(0x7f0000000080)={'bond0\x00', r2}) connect$pppoe(r0, &(0x7f0000000140)={0x18, 0x0, {0x0, @random="b067ecb59347", 'bridge_slave_0\x00'}}, 0x1e) 11:02:41 executing program 0: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000080)) sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r0 = msgget(0xffffffffffffffff, 0x0) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000004c0)=""/98) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, &(0x7f0000000540)={0x0, 0x1, [], @raw_data=[0x9, 0x0, 0x51, 0xeff, 0x20, 0xfffffffffffffff9, 0x0, 0x5, 0x0, 0x0, 0x8, 0x5, 0x3, 0x1, 0x0, 0x7f, 0x3, 0x400, 0x9, 0x0, 0x0, 0x1, 0x80000000, 0x5, 0x5, 0x2f2a, 0x0, 0x0, 0x8, 0x201400000000, 0x1, 0xd9]}) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000480)='./file0\x00', 0x42042, 0x9) name_to_handle_at(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000380)={0x7f, 0xfffffffffffffffe, "c462c575d70d00fbba0152703adc403dd8cb742b5ae1bf1478bf5496e7160a1d97038fa0f17be61c9c581610b93f405e636407e55b9b690d60ebd98c671f317500bdb8aee8f1c92246c70c8f57d0ba56ce44da3e88cdb37af67e31568eaaa7d792b5d233f9f2409fc4837c413d44acc5715a26a253904b"}, 0x0, 0x1400) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x80004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat(r2, &(0x7f0000000400)='./file0\x00', 0x8) fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f0000000200)=0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) readahead(0xffffffffffffffff, 0x2, 0x0) write(r2, &(0x7f0000000840)="fc015002a2a55e34dab67b7517766f3188a613b48bef6d2a2999d8da9474917335f8e2f9da2a75722ec004a5e6e244499c012b7a80b129b96d8fa518fef1eecc7743f4d9e96018d4ded15ff21514c13fa444e6f7fee6c2516c91723bf3646a5803887e502f26fc7cfd736ef2c59317e90d8a27ddc1a9d9510b306ede2aaafb95abbc44f0033f7e63c88beb46c697412d6083e6462ed5e06d6bab1352ff887771a302ad4d2c73", 0xa6) sendfile(r2, r2, &(0x7f00000000c0)=0x2, 0x8080ffffff10) ioctl$int_out(0xffffffffffffffff, 0x2000000040045730, &(0x7f0000000000)) 11:02:42 executing program 2: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000080)) sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r0 = msgget(0xffffffffffffffff, 0x0) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000004c0)=""/98) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, &(0x7f0000000540)={0x0, 0x1, [], @raw_data=[0x9, 0x0, 0x51, 0xeff, 0x20, 0xfffffffffffffff9, 0x0, 0x5, 0x0, 0x0, 0x8, 0x5, 0x3, 0x1, 0x0, 0x7f, 0x3, 0x400, 0x9, 0x0, 0x0, 0x1, 0x80000000, 0x5, 0x5, 0x2f2a, 0x0, 0x0, 0x8, 0x201400000000, 0x1, 0xd9]}) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000480)='./file0\x00', 0x42042, 0x9) name_to_handle_at(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000380)={0x7f, 0xfffffffffffffffe, "c462c575d70d00fbba0152703adc403dd8cb742b5ae1bf1478bf5496e7160a1d97038fa0f17be61c9c581610b93f405e636407e55b9b690d60ebd98c671f317500bdb8aee8f1c92246c70c8f57d0ba56ce44da3e88cdb37af67e31568eaaa7d792b5d233f9f2409fc4837c413d44acc5715a26a253904b"}, 0x0, 0x1400) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x80004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat(r2, &(0x7f0000000400)='./file0\x00', 0x8) fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f0000000200)=0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) readahead(0xffffffffffffffff, 0x2, 0x0) write(r2, &(0x7f0000000840)="fc015002a2a55e34dab67b7517766f3188a613b48bef6d2a2999d8da9474917335f8e2f9da2a75722ec004a5e6e244499c012b7a80b129b96d8fa518fef1eecc7743f4d9e96018d4ded15ff21514c13fa444e6f7fee6c2516c91723bf3646a5803887e502f26fc7cfd736ef2c59317e90d8a27ddc1a9d9510b306ede2aaafb95abbc44f0033f7e63c88beb46c697412d6083e6462ed5e06d6bab1352ff887771a302ad4d2c73", 0xa6) sendfile(r2, r2, &(0x7f00000000c0)=0x2, 0x8080ffffff10) ioctl$int_out(0xffffffffffffffff, 0x2000000040045730, &(0x7f0000000000)) 11:02:42 executing program 4: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-384\x00'}, 0x58) r3 = accept4$alg(r2, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xfffffdea) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) splice(r0, 0x0, r3, 0x0, 0x20000000003, 0x0) mmap$perf(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1000000, 0x8010, r1, 0x0) 11:02:42 executing program 3: setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0) clone(0x200, 0x0, 0x0, 0x0, 0x0) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f00000003c0)='./file0\x00', 0x0, 0x0) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, r1) fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, 0x0}) kcmp(r1, r2, 0x6, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r2, 0x4, 0xffffffffffffffff, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 11:02:42 executing program 1: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000080)) sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r0 = msgget(0xffffffffffffffff, 0x0) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000004c0)=""/98) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, &(0x7f0000000540)={0x0, 0x1, [], @raw_data=[0x9, 0x0, 0x51, 0xeff, 0x20, 0xfffffffffffffff9, 0x0, 0x5, 0x0, 0x0, 0x8, 0x5, 0x3, 0x1, 0x0, 0x7f, 0x3, 0x400, 0x9, 0x0, 0x0, 0x1, 0x80000000, 0x5, 0x5, 0x2f2a, 0x0, 0x0, 0x8, 0x201400000000, 0x1, 0xd9]}) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000480)='./file0\x00', 0x42042, 0x9) name_to_handle_at(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000380)={0x7f, 0xfffffffffffffffe, "c462c575d70d00fbba0152703adc403dd8cb742b5ae1bf1478bf5496e7160a1d97038fa0f17be61c9c581610b93f405e636407e55b9b690d60ebd98c671f317500bdb8aee8f1c92246c70c8f57d0ba56ce44da3e88cdb37af67e31568eaaa7d792b5d233f9f2409fc4837c413d44acc5715a26a253904b"}, 0x0, 0x1400) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x80004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat(r2, &(0x7f0000000400)='./file0\x00', 0x8) fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f0000000200)=0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) readahead(0xffffffffffffffff, 0x2, 0x0) write(r2, &(0x7f0000000840)="fc015002a2a55e34dab67b7517766f3188a613b48bef6d2a2999d8da9474917335f8e2f9da2a75722ec004a5e6e244499c012b7a80b129b96d8fa518fef1eecc7743f4d9e96018d4ded15ff21514c13fa444e6f7fee6c2516c91723bf3646a5803887e502f26fc7cfd736ef2c59317e90d8a27ddc1a9d9510b306ede2aaafb95abbc44f0033f7e63c88beb46c697412d6083e6462ed5e06d6bab1352ff887771a302ad4d2c73", 0xa6) sendfile(r2, r2, &(0x7f00000000c0)=0x2, 0x8080ffffff10) ioctl$int_out(0xffffffffffffffff, 0x2000000040045730, &(0x7f0000000000)) 11:02:42 executing program 5: syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) getpgid(0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x0) r1 = memfd_create(&(0x7f0000000080)="74086e750000000000000000008c00", 0x0) pwritev(r1, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000380)={0x4806, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0xf5ffffff00000000, 0x1c, "7001e0f57c8cf6270b24e415e96042aae51d871554c11cd59cc80000000025bad6b39d778066f9d1ac8a570e3a42f70a7c0f30f66157a96aae15813f0dceb297", "a8a4cd0160ec941a3de45387daf7b1ac786d0e8a75e8904655faf6f2bc6cc487d93a61edb75c8d51c055faf7f4fdb16e0cdaa4276939a3410334000000000002", "2f18ffffffffffff4116893616105829576914e70bfeb59800f97c97644ab8a7"}) 11:02:42 executing program 0: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000080)) sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r0 = msgget(0xffffffffffffffff, 0x0) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000004c0)=""/98) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, &(0x7f0000000540)={0x0, 0x1, [], @raw_data=[0x9, 0x0, 0x51, 0xeff, 0x20, 0xfffffffffffffff9, 0x0, 0x5, 0x0, 0x0, 0x8, 0x5, 0x3, 0x1, 0x0, 0x7f, 0x3, 0x400, 0x9, 0x0, 0x0, 0x1, 0x80000000, 0x5, 0x5, 0x2f2a, 0x0, 0x0, 0x8, 0x201400000000, 0x1, 0xd9]}) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000480)='./file0\x00', 0x42042, 0x9) name_to_handle_at(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000380)={0x7f, 0xfffffffffffffffe, "c462c575d70d00fbba0152703adc403dd8cb742b5ae1bf1478bf5496e7160a1d97038fa0f17be61c9c581610b93f405e636407e55b9b690d60ebd98c671f317500bdb8aee8f1c92246c70c8f57d0ba56ce44da3e88cdb37af67e31568eaaa7d792b5d233f9f2409fc4837c413d44acc5715a26a253904b"}, 0x0, 0x1400) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x80004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat(r2, &(0x7f0000000400)='./file0\x00', 0x8) fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f0000000200)=0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) readahead(0xffffffffffffffff, 0x2, 0x0) write(r2, &(0x7f0000000840)="fc015002a2a55e34dab67b7517766f3188a613b48bef6d2a2999d8da9474917335f8e2f9da2a75722ec004a5e6e244499c012b7a80b129b96d8fa518fef1eecc7743f4d9e96018d4ded15ff21514c13fa444e6f7fee6c2516c91723bf3646a5803887e502f26fc7cfd736ef2c59317e90d8a27ddc1a9d9510b306ede2aaafb95abbc44f0033f7e63c88beb46c697412d6083e6462ed5e06d6bab1352ff887771a302ad4d2c73", 0xa6) sendfile(r2, r2, &(0x7f00000000c0)=0x2, 0x8080ffffff10) ioctl$int_out(0xffffffffffffffff, 0x2000000040045730, &(0x7f0000000000)) 11:02:42 executing program 2: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000080)) sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r0 = msgget(0xffffffffffffffff, 0x0) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000004c0)=""/98) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, &(0x7f0000000540)={0x0, 0x1, [], @raw_data=[0x9, 0x0, 0x51, 0xeff, 0x20, 0xfffffffffffffff9, 0x0, 0x5, 0x0, 0x0, 0x8, 0x5, 0x3, 0x1, 0x0, 0x7f, 0x3, 0x400, 0x9, 0x0, 0x0, 0x1, 0x80000000, 0x5, 0x5, 0x2f2a, 0x0, 0x0, 0x8, 0x201400000000, 0x1, 0xd9]}) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000480)='./file0\x00', 0x42042, 0x9) name_to_handle_at(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000380)={0x7f, 0xfffffffffffffffe, "c462c575d70d00fbba0152703adc403dd8cb742b5ae1bf1478bf5496e7160a1d97038fa0f17be61c9c581610b93f405e636407e55b9b690d60ebd98c671f317500bdb8aee8f1c92246c70c8f57d0ba56ce44da3e88cdb37af67e31568eaaa7d792b5d233f9f2409fc4837c413d44acc5715a26a253904b"}, 0x0, 0x1400) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x80004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat(r2, &(0x7f0000000400)='./file0\x00', 0x8) fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f0000000200)=0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) readahead(0xffffffffffffffff, 0x2, 0x0) write(r2, &(0x7f0000000840)="fc015002a2a55e34dab67b7517766f3188a613b48bef6d2a2999d8da9474917335f8e2f9da2a75722ec004a5e6e244499c012b7a80b129b96d8fa518fef1eecc7743f4d9e96018d4ded15ff21514c13fa444e6f7fee6c2516c91723bf3646a5803887e502f26fc7cfd736ef2c59317e90d8a27ddc1a9d9510b306ede2aaafb95abbc44f0033f7e63c88beb46c697412d6083e6462ed5e06d6bab1352ff887771a302ad4d2c73", 0xa6) sendfile(r2, r2, &(0x7f00000000c0)=0x2, 0x8080ffffff10) ioctl$int_out(0xffffffffffffffff, 0x2000000040045730, &(0x7f0000000000)) 11:02:42 executing program 3: setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0) clone(0x200, 0x0, 0x0, 0x0, 0x0) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f00000003c0)='./file0\x00', 0x0, 0x0) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, r1) fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, 0x0}) kcmp(r1, r2, 0x6, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r2, 0x4, 0xffffffffffffffff, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 11:02:42 executing program 2: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000080)) sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r0 = msgget(0xffffffffffffffff, 0x0) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000004c0)=""/98) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, &(0x7f0000000540)={0x0, 0x1, [], @raw_data=[0x9, 0x0, 0x51, 0xeff, 0x20, 0xfffffffffffffff9, 0x0, 0x5, 0x0, 0x0, 0x8, 0x5, 0x3, 0x1, 0x0, 0x7f, 0x3, 0x400, 0x9, 0x0, 0x0, 0x1, 0x80000000, 0x5, 0x5, 0x2f2a, 0x0, 0x0, 0x8, 0x201400000000, 0x1, 0xd9]}) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000480)='./file0\x00', 0x42042, 0x9) name_to_handle_at(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000380)={0x7f, 0xfffffffffffffffe, "c462c575d70d00fbba0152703adc403dd8cb742b5ae1bf1478bf5496e7160a1d97038fa0f17be61c9c581610b93f405e636407e55b9b690d60ebd98c671f317500bdb8aee8f1c92246c70c8f57d0ba56ce44da3e88cdb37af67e31568eaaa7d792b5d233f9f2409fc4837c413d44acc5715a26a253904b"}, 0x0, 0x1400) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x80004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat(r2, &(0x7f0000000400)='./file0\x00', 0x8) fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f0000000200)=0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) readahead(0xffffffffffffffff, 0x2, 0x0) write(r2, &(0x7f0000000840)="fc015002a2a55e34dab67b7517766f3188a613b48bef6d2a2999d8da9474917335f8e2f9da2a75722ec004a5e6e244499c012b7a80b129b96d8fa518fef1eecc7743f4d9e96018d4ded15ff21514c13fa444e6f7fee6c2516c91723bf3646a5803887e502f26fc7cfd736ef2c59317e90d8a27ddc1a9d9510b306ede2aaafb95abbc44f0033f7e63c88beb46c697412d6083e6462ed5e06d6bab1352ff887771a302ad4d2c73", 0xa6) sendfile(r2, r2, &(0x7f00000000c0)=0x2, 0x8080ffffff10) ioctl$int_out(0xffffffffffffffff, 0x2000000040045730, &(0x7f0000000000)) 11:02:43 executing program 3: setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0) clone(0x200, 0x0, 0x0, 0x0, 0x0) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f00000003c0)='./file0\x00', 0x0, 0x0) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, r1) fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, 0x0}) kcmp(r1, r2, 0x6, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r2, 0x4, 0xffffffffffffffff, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 11:02:43 executing program 1: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000080)) sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r0 = msgget(0xffffffffffffffff, 0x0) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000004c0)=""/98) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, &(0x7f0000000540)={0x0, 0x1, [], @raw_data=[0x9, 0x0, 0x51, 0xeff, 0x20, 0xfffffffffffffff9, 0x0, 0x5, 0x0, 0x0, 0x8, 0x5, 0x3, 0x1, 0x0, 0x7f, 0x3, 0x400, 0x9, 0x0, 0x0, 0x1, 0x80000000, 0x5, 0x5, 0x2f2a, 0x0, 0x0, 0x8, 0x201400000000, 0x1, 0xd9]}) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000480)='./file0\x00', 0x42042, 0x9) name_to_handle_at(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000380)={0x7f, 0xfffffffffffffffe, "c462c575d70d00fbba0152703adc403dd8cb742b5ae1bf1478bf5496e7160a1d97038fa0f17be61c9c581610b93f405e636407e55b9b690d60ebd98c671f317500bdb8aee8f1c92246c70c8f57d0ba56ce44da3e88cdb37af67e31568eaaa7d792b5d233f9f2409fc4837c413d44acc5715a26a253904b"}, 0x0, 0x1400) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x80004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat(r2, &(0x7f0000000400)='./file0\x00', 0x8) fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f0000000200)=0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) readahead(0xffffffffffffffff, 0x2, 0x0) write(r2, &(0x7f0000000840)="fc015002a2a55e34dab67b7517766f3188a613b48bef6d2a2999d8da9474917335f8e2f9da2a75722ec004a5e6e244499c012b7a80b129b96d8fa518fef1eecc7743f4d9e96018d4ded15ff21514c13fa444e6f7fee6c2516c91723bf3646a5803887e502f26fc7cfd736ef2c59317e90d8a27ddc1a9d9510b306ede2aaafb95abbc44f0033f7e63c88beb46c697412d6083e6462ed5e06d6bab1352ff887771a302ad4d2c73", 0xa6) sendfile(r2, r2, &(0x7f00000000c0)=0x2, 0x8080ffffff10) ioctl$int_out(0xffffffffffffffff, 0x2000000040045730, &(0x7f0000000000)) 11:02:43 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) getsockopt$inet6_buf(r0, 0x29, 0x30, &(0x7f0000000000)=""/40, &(0x7f0000001000)=0xfffffffffffffff9) 11:02:43 executing program 4: r0 = perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) r2 = memfd_create(&(0x7f0000000100)="885d292b00", 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r2, 0x0) 11:02:43 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x7fff}) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000939000)=0x3) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r1, 0x5412, &(0x7f0000000080)=""/111) 11:02:43 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) getsockopt$inet6_buf(r0, 0x29, 0x30, &(0x7f0000000000)=""/40, &(0x7f0000001000)=0xfffffffffffffff9) 11:02:43 executing program 4: r0 = perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) r2 = memfd_create(&(0x7f0000000100)="885d292b00", 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r2, 0x0) [ 124.642866] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 127.652820] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 130.662871] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 133.672811] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 136.682810] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 139.692797] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 142.702803] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 145.714505] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 148.722824] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 151.732822] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 154.742866] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 157.752856] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 160.762816] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 163.772819] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 166.782802] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 169.792846] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 172.802814] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 175.812802] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 178.822806] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 181.832831] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 184.842809] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 187.852843] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 190.862820] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 193.872894] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 196.882802] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 199.892827] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 202.902819] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 205.912805] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 208.922806] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 211.932801] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 214.942799] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 217.952799] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 220.962813] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 223.972811] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 226.982803] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 229.992871] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 233.002809] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 236.012820] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 239.022803] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 242.032850] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 245.042821] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 248.052824] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 251.062852] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 254.072826] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 257.082820] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 260.092830] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 263.102825] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 266.113288] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 269.122832] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 271.393005] INFO: task syz-executor0:7776 blocked for more than 140 seconds. [ 271.400367] Not tainted 4.20.0-rc1-next-20181109+ #110 [ 271.406618] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 271.414900] syz-executor0 D23048 7776 6038 0x00000004 [ 271.420629] Call Trace: [ 271.423743] __schedule+0x8cf/0x21d0 [ 271.427541] ? kasan_check_read+0x11/0x20 [ 271.431751] ? __sched_text_start+0x8/0x8 [ 271.436434] ? graph_lock+0x270/0x270 [ 271.440282] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 271.446220] ? graph_lock+0x270/0x270 [ 271.450048] ? find_held_lock+0x36/0x1c0 [ 271.454557] ? __mutex_lock+0xafa/0x16f0 [ 271.458650] schedule+0xef/0x370 [ 271.462028] ? __schedule+0x21d0/0x21d0 [ 271.466495] ? kasan_check_read+0x11/0x20 [ 271.470659] ? do_raw_spin_unlock+0xa7/0x330 [ 271.475563] ? do_raw_spin_trylock+0x270/0x270 [ 271.480192] ? ww_mutex_lock.part.8+0xf0/0xf0 [ 271.485188] ? mutex_destroy+0x200/0x200 [ 271.489282] schedule_preempt_disabled+0x13/0x20 [ 271.494516] __mutex_lock+0xaff/0x16f0 [ 271.498498] ? blkdev_put+0x34/0x540 [ 271.502229] ? mutex_trylock+0x2b0/0x2b0 [ 271.506804] ? __lock_acquire+0x62f/0x4c20 [ 271.511120] ? page_rmapping+0xd9/0x160 [ 271.515604] ? mark_held_locks+0x130/0x130 [ 271.519925] ? __might_fault+0x1e0/0x1e0 [ 271.524414] ? _raw_spin_unlock+0x2c/0x50 [ 271.528591] ? __handle_mm_fault+0xa57/0x5be0 [ 271.533546] ? finish_task_switch+0x1f4/0x920 [ 271.538074] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 271.544357] ? locks_remove_posix+0x486/0x850 [ 271.548884] ? fsnotify+0x50e/0xef0 [ 271.552515] ? finish_task_switch+0x1f4/0x920 [ 271.557958] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 271.563956] ? locks_remove_file+0x3c6/0x5c0 [ 271.568404] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 271.574423] ? ima_file_free+0x132/0x650 [ 271.578503] ? fsnotify_first_mark+0x350/0x350 [ 271.583508] mutex_lock_nested+0x16/0x20 [ 271.587617] ? mutex_lock_nested+0x16/0x20 [ 271.591862] blkdev_put+0x34/0x540 [ 271.595919] blkdev_close+0x8b/0xb0 [ 271.599654] __fput+0x3bc/0xa70 [ 271.603290] ? blkdev_put+0x540/0x540 [ 271.607115] ? get_max_files+0x20/0x20 [ 271.611085] ? trace_hardirqs_on+0xbd/0x310 [ 271.615901] ? kasan_check_read+0x11/0x20 [ 271.620123] ? task_work_run+0x1af/0x2a0 [ 271.624631] ? trace_hardirqs_off_caller+0x300/0x300 [ 271.629865] ? filp_close+0x1cd/0x250 [ 271.634185] ____fput+0x15/0x20 [ 271.637484] task_work_run+0x1e8/0x2a0 [ 271.641381] ? task_work_cancel+0x240/0x240 [ 271.646183] ? copy_fd_bitmaps+0x210/0x210 [ 271.650476] ? do_syscall_64+0x9a/0x820 [ 271.654900] exit_to_usermode_loop+0x318/0x380 [ 271.659500] ? __bpf_trace_sys_exit+0x30/0x30 [ 271.664416] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 271.669975] do_syscall_64+0x6be/0x820 [ 271.674277] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 271.679677] ? syscall_return_slowpath+0x5e0/0x5e0 [ 271.685048] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 271.689916] ? trace_hardirqs_on_caller+0x310/0x310 [ 271.695411] ? prepare_exit_to_usermode+0x291/0x3b0 [ 271.700445] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 271.705737] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 271.711888] RIP: 0033:0x411021 [ 271.715736] Code: 4c 89 f6 48 89 c7 48 89 ca 48 89 4c 24 10 4c 89 54 24 08 e8 b1 a3 ff ff 48 8b 4c 24 10 41 c6 04 0f 00 4c 8b 7c 24 28 4c 8b 54 <24> 08 45 0f b6 37 e9 db fc ff ff 0f 1f 40 00 41 80 f8 29 74 7f ba [ 271.735105] RSP: 002b:00007ffc9374a940 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 271.743198] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000411021 [ 271.750483] RDX: 0000000000000000 RSI: ffffffff87cba5d4 RDI: 0000000000000004 [ 271.758173] RBP: 0000000000000000 R08: ffffffff8139bdc9 R09: 00000000756d66b3 [ 271.765819] R10: 00007ffc9374a870 R11: 0000000000000293 R12: 0000000000000000 [ 271.773494] R13: 0000000000000001 R14: 0000000000000009 R15: 0000000000000000 [ 271.781455] ? __phys_addr+0x19/0x120 [ 271.785873] ? xas_store+0x7a4/0x1710 [ 271.789694] INFO: task syz-executor5:7783 blocked for more than 140 seconds. [ 271.797311] Not tainted 4.20.0-rc1-next-20181109+ #110 [ 271.803457] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 271.811429] syz-executor5 D23144 7783 6222 0x00000004 [ 271.817506] Call Trace: [ 271.820118] __schedule+0x8cf/0x21d0 [ 271.824216] ? save_stack_trace+0x1a/0x20 [ 271.828387] ? __sched_text_start+0x8/0x8 [ 271.832554] ? graph_lock+0x270/0x270 [ 271.836933] ? print_usage_bug+0xc0/0xc0 [ 271.841025] ? find_held_lock+0x36/0x1c0 [ 271.845482] ? mark_held_locks+0xc7/0x130 [ 271.849653] schedule+0xef/0x370 [ 271.853416] ? __schedule+0x21d0/0x21d0 [ 271.857406] ? rwsem_down_read_failed+0x342/0x710 [ 271.862260] ? trace_hardirqs_off_caller+0x300/0x300 [ 271.867844] ? graph_lock+0x270/0x270 [ 271.871695] rwsem_down_read_failed+0x371/0x710 [ 271.876913] ? rwsem_down_write_failed_killable+0x10/0x10 [ 271.882464] ? find_held_lock+0x36/0x1c0 [ 271.887013] ? __lock_is_held+0xb5/0x140 [ 271.891108] ? __lock_is_held+0xb5/0x140 [ 271.895508] ? lock_acquire+0x1ed/0x520 [ 271.899500] ? __get_super.part.11+0x207/0x2e0 [ 271.904509] ? lock_release+0xa10/0xa10 [ 271.908600] ? perf_trace_sched_process_exec+0x860/0x860 [ 271.914409] ? __get_super.part.11+0x107/0x2e0 [ 271.919015] call_rwsem_down_read_failed+0x18/0x30 [ 271.924319] down_read+0x9b/0x120 [ 271.927795] ? __get_super.part.11+0x207/0x2e0 [ 271.932382] ? __down_interruptible+0x700/0x700 [ 271.937504] ? rwlock_bug.part.2+0x90/0x90 [ 271.941764] __get_super.part.11+0x207/0x2e0 [ 271.946625] get_super+0x2d/0x50 [ 271.950013] fsync_bdev+0x17/0xc0 [ 271.954112] invalidate_partition+0x35/0x60 [ 271.958457] drop_partitions.isra.14+0xe1/0x200 [ 271.963558] ? delete_partition+0x2c0/0x2c0 [ 271.967947] ? apparmor_cred_transfer+0x590/0x590 [ 271.973187] rescan_partitions+0x72/0x8e0 [ 271.977423] __blkdev_reread_part+0x1ad/0x230 [ 271.981946] blkdev_reread_part+0x26/0x40 [ 271.986647] loop_reread_partitions+0x1c/0x40 [ 271.991166] loop_set_status+0xcd8/0x10e0 [ 271.995717] loop_set_status64+0xaa/0x100 [ 271.999887] ? loop_set_status_old+0x920/0x920 [ 272.004890] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 272.010501] ? ns_capable_common+0x13f/0x170 [ 272.015449] lo_ioctl+0x904/0x22a0 [ 272.019066] ? __generic_file_write_iter+0x1bd/0x630 [ 272.030636] ? lock_downgrade+0x900/0x900 [ 272.035184] ? lo_rw_aio+0x1ef0/0x1ef0 [ 272.039097] ? find_held_lock+0x36/0x1c0 [ 272.043541] ? lo_rw_aio+0x1ef0/0x1ef0 [ 272.047468] blkdev_ioctl+0x98e/0x21b0 [ 272.051384] ? blkpg_ioctl+0xc10/0xc10 [ 272.055790] ? lock_downgrade+0x900/0x900 [ 272.059999] ? check_preemption_disabled+0x48/0x280 [ 272.065558] ? kasan_check_read+0x11/0x20 [ 272.069784] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 272.075465] ? rcu_read_unlock_special+0x370/0x370 [ 272.080423] ? __fget+0x4d1/0x740 [ 272.084272] ? ksys_dup3+0x680/0x680 [ 272.088011] ? __might_fault+0x12b/0x1e0 [ 272.092081] ? lock_downgrade+0x900/0x900 [ 272.096700] block_ioctl+0xee/0x130 [ 272.100367] ? blkdev_fallocate+0x400/0x400 [ 272.105111] do_vfs_ioctl+0x1de/0x1790 [ 272.109025] ? ioctl_preallocate+0x300/0x300 [ 272.113834] ? __fget_light+0x2e9/0x430 [ 272.117828] ? fget_raw+0x20/0x20 [ 272.121283] ? _copy_to_user+0xc8/0x110 [ 272.125716] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 272.131327] ? put_timespec64+0x10f/0x1b0 [ 272.132843] syz-executor0(7777): getblk(): executed=9 bh_count=0 bh_state=0 [ 272.135917] ? nsecs_to_jiffies+0x30/0x30 [ 272.147059] ? do_syscall_64+0x9a/0x820 [ 272.151054] ? do_syscall_64+0x9a/0x820 [ 272.155436] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 272.160138] ? security_file_ioctl+0x94/0xc0 [ 272.164951] ksys_ioctl+0xa9/0xd0 [ 272.168425] __x64_sys_ioctl+0x73/0xb0 [ 272.172342] do_syscall_64+0x1b9/0x820 [ 272.176708] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 272.182218] ? syscall_return_slowpath+0x5e0/0x5e0 [ 272.187559] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 272.192432] ? trace_hardirqs_on_caller+0x310/0x310 [ 272.198075] ? prepare_exit_to_usermode+0x291/0x3b0 [ 272.203470] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 272.208354] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 272.213965] RIP: 0033:0x457569 [ 272.217245] Code: Bad RIP value. [ 272.220621] RSP: 002b:00007f3510af5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 272.228790] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 272.236416] RDX: 0000000020000380 RSI: 0000000000004c04 RDI: 0000000000000004 [ 272.244060] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 272.251349] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3510af66d4 [ 272.259388] R13: 00000000004c07a8 R14: 00000000004d10e8 R15: 00000000ffffffff [ 272.267041] INFO: task blkid:7795 blocked for more than 140 seconds. [ 272.275570] Not tainted 4.20.0-rc1-next-20181109+ #110 [ 272.281407] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 272.289916] blkid D23120 7795 6006 0x00000004 [ 272.295952] Call Trace: [ 272.298570] __schedule+0x8cf/0x21d0 [ 272.302306] ? __sched_text_start+0x8/0x8 [ 272.306917] ? graph_lock+0x270/0x270 [ 272.310739] ? graph_lock+0x270/0x270 [ 272.314956] ? find_held_lock+0x36/0x1c0 [ 272.319060] ? __mutex_lock+0xafa/0x16f0 [ 272.323553] schedule+0xef/0x370 [ 272.326946] ? __schedule+0x21d0/0x21d0 [ 272.330930] ? kasan_check_read+0x11/0x20 [ 272.335678] ? do_raw_spin_unlock+0xa7/0x330 [ 272.340104] ? do_raw_spin_trylock+0x270/0x270 [ 272.345107] ? ww_mutex_lock.part.8+0xf0/0xf0 [ 272.349620] ? mutex_destroy+0x200/0x200 [ 272.354093] schedule_preempt_disabled+0x13/0x20 [ 272.358865] __mutex_lock+0xaff/0x16f0 [ 272.362769] ? __blkdev_get+0x19b/0x13b0 [ 272.367283] ? mutex_trylock+0x2b0/0x2b0 [ 272.371360] ? graph_lock+0x270/0x270 [ 272.375684] ? graph_lock+0x270/0x270 [ 272.379510] ? __lock_acquire+0x62f/0x4c20 [ 272.384171] ? find_held_lock+0x36/0x1c0 [ 272.388264] ? get_gendisk+0xd2/0x380 [ 272.392076] ? lock_downgrade+0x900/0x900 [ 272.396708] ? lock_release+0xa10/0xa10 [ 272.400730] ? perf_trace_sched_process_exec+0x860/0x860 [ 272.406742] ? get_disk_and_module+0xf0/0xf0 [ 272.411180] ? kasan_check_write+0x14/0x20 [ 272.415900] ? up_read+0x225/0x2c0 [ 272.419513] ? down_read+0x8d/0x120 [ 272.423667] ? up_read_non_owner+0x100/0x100 [ 272.428102] ? __down_interruptible+0x700/0x700 [ 272.433290] ? blkdev_ioctl+0x21b0/0x21b0 [ 272.437485] mutex_lock_nested+0x16/0x20 [ 272.441552] ? mutex_lock_nested+0x16/0x20 [ 272.446247] __blkdev_get+0x19b/0x13b0 [ 272.450162] ? check_disk_change+0x140/0x140 [ 272.455044] blkdev_get+0xc1/0xb50 [ 272.458619] ? bdget+0x5b0/0x5b0 [ 272.461993] ? do_raw_spin_trylock+0x270/0x270 [ 272.467012] ? apparmor_capable+0x6c0/0x6c0 [ 272.471359] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 272.477306] ? errseq_sample+0xe5/0x130 [ 272.481304] ? _copy_to_user+0x110/0x110 [ 272.485773] ? _raw_spin_unlock+0x2c/0x50 [ 272.489964] blkdev_open+0x1fb/0x280 [ 272.494272] do_dentry_open+0x499/0x1250 [ 272.498362] ? bd_acquire+0x2c0/0x2c0 [ 272.502172] ? chown_common+0x730/0x730 [ 272.506594] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 272.512149] ? security_inode_permission+0xd2/0x100 [ 272.517656] ? inode_permission+0xb2/0x560 [ 272.521916] vfs_open+0xa0/0xd0 [ 272.525649] path_openat+0x12bc/0x5150 [ 272.529623] ? rcu_softirq_qs+0x20/0x20 [ 272.534037] ? unwind_dump+0x190/0x190 [ 272.537963] ? path_lookupat.isra.43+0xc00/0xc00 [ 272.542724] ? unwind_get_return_address+0x61/0xa0 [ 272.548159] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 272.553565] ? expand_files.part.8+0x571/0x9a0 [ 272.558182] ? find_held_lock+0x36/0x1c0 [ 272.562274] ? __alloc_fd+0x347/0x6e0 [ 272.566655] ? lock_downgrade+0x900/0x900 [ 272.570819] ? getname+0x19/0x20 [ 272.574604] ? kasan_check_read+0x11/0x20 [ 272.578768] ? do_raw_spin_unlock+0xa7/0x330 [ 272.583616] ? do_raw_spin_trylock+0x270/0x270 [ 272.588229] ? __lock_is_held+0xb5/0x140 [ 272.592293] ? __check_object_size+0xb1/0x782 [ 272.597190] ? _raw_spin_unlock+0x2c/0x50 [ 272.601370] ? __alloc_fd+0x347/0x6e0 [ 272.605571] do_filp_open+0x255/0x380 [ 272.609413] ? may_open_dev+0x100/0x100 [ 272.613729] ? get_unused_fd_flags+0x122/0x1a0 [ 272.618365] ? __alloc_fd+0x6e0/0x6e0 [ 272.622186] do_sys_open+0x568/0x700 [ 272.626239] ? filp_open+0x80/0x80 [ 272.629804] ? trace_hardirqs_off_caller+0x300/0x300 [ 272.635380] __x64_sys_open+0x7e/0xc0 [ 272.639198] do_syscall_64+0x1b9/0x820 [ 272.643482] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 272.648878] ? syscall_return_slowpath+0x5e0/0x5e0 [ 272.654135] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 272.659001] ? trace_hardirqs_on_caller+0x310/0x310 [ 272.664591] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 272.669647] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 272.675728] ? prepare_exit_to_usermode+0x291/0x3b0 [ 272.680785] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 272.686112] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 272.691320] RIP: 0033:0x7f41d5562120 [ 272.695482] Code: Bad RIP value. [ 272.698887] RSP: 002b:00007ffdd94552d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 272.707012] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f41d5562120 [ 272.714720] RDX: 00007ffdd9456f41 RSI: 0000000000000000 RDI: 00007ffdd9456f41 [ 272.722005] RBP: 0000000000000000 R08: 0000000000000078 R09: 0000000000000000 [ 272.729835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000b0a030 [ 272.737541] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 272.745222] [ 272.745222] Showing all locks held in the system: [ 272.751566] 1 lock held by khungtaskd/1010: [ 272.756504] #0: 0000000055f44ca9 (rcu_read_lock){....}, at: debug_show_all_locks+0xd0/0x424 [ 272.765609] 1 lock held by rsyslogd/5909: [ 272.769760] #0: 000000002a432a9b (&f->f_pos_lock){+.+.}, at: __fdget_pos+0x1bb/0x200 [ 272.778214] 2 locks held by getty/5999: [ 272.782702] #0: 000000009d32545f (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 [ 272.791414] #1: 00000000da6d253e (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80 [ 272.800918] 2 locks held by getty/6000: [ 272.805265] #0: 00000000442fe9b4 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 [ 272.813914] #1: 0000000066badecb (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80 [ 272.823208] 2 locks held by getty/6001: [ 272.827189] #0: 000000009ee71bde (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 [ 272.835885] #1: 00000000dabe5541 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80 [ 272.845184] 2 locks held by getty/6002: [ 272.849163] #0: 00000000c0b6f3c5 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 [ 272.857874] #1: 000000001f08fd2f (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80 [ 272.867132] 2 locks held by getty/6003: [ 272.871111] #0: 00000000e2f86068 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 [ 272.879807] #1: 000000002b0b00ac (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80 [ 272.889127] 2 locks held by getty/6004: [ 272.893440] #0: 00000000b0c1640b (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 [ 272.901729] #1: 00000000fa8b9ff9 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80 [ 272.911082] 2 locks held by getty/6005: [ 272.915547] #0: 00000000dfe252eb (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 [ 272.924198] #1: 00000000a229ec70 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80 [ 272.933481] 1 lock held by syz-executor0/7776: [ 272.938075] #0: 00000000367972ae (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x34/0x540 [ 272.946458] 2 locks held by syz-executor0/7777: [ 272.951139] 2 locks held by syz-executor5/7783: [ 272.956187] #0: 00000000367972ae (&bdev->bd_mutex){+.+.}, at: blkdev_reread_part+0x1e/0x40 [ 272.965101] #1: 00000000632a5a56 (&fc->fs_type->s_umount_key#46){++++}, at: __get_super.part.11+0x207/0x2e0 [ 272.975561] 1 lock held by blkid/7795: [ 272.979466] #0: 00000000367972ae (&bdev->bd_mutex){+.+.}, at: __blkdev_get+0x19b/0x13b0 [ 272.988309] [ 272.989984] ============================================= [ 272.989984] [ 272.997508] NMI backtrace for cpu 1 [ 273.001156] CPU: 1 PID: 1010 Comm: khungtaskd Not tainted 4.20.0-rc1-next-20181109+ #110 [ 273.009386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 273.018751] Call Trace: [ 273.021356] dump_stack+0x244/0x39d [ 273.024996] ? dump_stack_print_info.cold.1+0x20/0x20 [ 273.030194] ? check_preemption_disabled+0x48/0x280 [ 273.035244] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 273.040805] nmi_cpu_backtrace.cold.2+0x5c/0xa1 [ 273.045622] ? lapic_can_unplug_cpu.cold.27+0x3f/0x3f [ 273.050850] nmi_trigger_cpumask_backtrace+0x1e8/0x22a [ 273.056142] arch_trigger_cpumask_backtrace+0x14/0x20 [ 273.061365] watchdog+0xb4c/0x1060 [ 273.064924] ? hungtask_pm_notify+0xb0/0xb0 [ 273.069258] ? __kthread_parkme+0xce/0x1a0 [ 273.073509] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 273.078622] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 273.083740] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 273.088339] ? trace_hardirqs_on+0xbd/0x310 [ 273.092686] ? kasan_check_read+0x11/0x20 [ 273.096846] ? __kthread_parkme+0xce/0x1a0 [ 273.101091] ? trace_hardirqs_off_caller+0x300/0x300 [ 273.106204] ? __schedule+0x21d0/0x21d0 [ 273.110206] ? lockdep_init_map+0x9/0x10 [ 273.114285] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 273.119396] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 273.124957] ? __kthread_parkme+0xfb/0x1a0 [ 273.129203] ? hungtask_pm_notify+0xb0/0xb0 [ 273.133538] kthread+0x35a/0x440 [ 273.136914] ? kthread_stop+0x8f0/0x8f0 [ 273.140897] ret_from_fork+0x3a/0x50 [ 273.144739] Sending NMI from CPU 1 to CPUs 0: [ 273.150668] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.184 msecs [ 273.151267] NMI backtrace for cpu 0 [ 273.151275] CPU: 0 PID: 7777 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 273.151298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 273.151303] RIP: 0010:check_memory_region+0x21/0x1b0 [ 273.151341] Code: 2e 0f 1f 84 00 00 00 00 00 48 85 f6 0f 84 3c 01 00 00 48 b8 ff ff ff ff ff 7f ff ff 55 0f b6 d2 48 39 c7 48 89 e5 41 55 41 54 <53> 0f 86 11 01 00 00 4c 8d 5c 37 ff 48 89 fb 49 b9 00 00 00 00 00 [ 273.151347] RSP: 0018:ffff880193ef7240 EFLAGS: 00000212 [ 273.151356] RAX: ffff7fffffffffff RBX: ffffea0006c39074 RCX: ffffffff81e1e081 [ 273.151363] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffea0006c39074 [ 273.151369] RBP: ffff880193ef7250 R08: ffff8801943cc240 R09: ffffed003b5c5b67 [ 273.151376] R10: 0000000000000002 R11: ffff8801dae2db3b R12: 0000000000000001 [ 273.151382] R13: ffffea0006c39040 R14: dffffc0000000000 R15: ffff880193ef7380 [ 273.151389] FS: 00007f40c6425700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 273.151395] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 273.151402] CR2: ffffffffff600400 CR3: 00000001bc85b000 CR4: 00000000001406f0 [ 273.151408] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 273.151415] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 273.151418] Call Trace: [ 273.151423] kasan_check_read+0x11/0x20 [ 273.151427] __getblk_gfp+0xa91/0x1030 [ 273.151431] ? __find_get_block+0xf10/0xf10 [ 273.151436] ? graph_lock+0x270/0x270 [ 273.151440] ? remove_wait_queue+0x360/0x360 [ 273.151444] ? io_schedule+0x1c/0x70 [ 273.151449] ? __wait_on_bit+0x92/0x130 [ 273.151453] ? __wait_on_bit+0x130/0x130 [ 273.151458] ? kasan_check_write+0x14/0x20 [ 273.151462] ? __brelse+0x104/0x180 [ 273.151466] ? block_commit_write+0x30/0x30 [ 273.151471] __bread_gfp+0x2d/0x310 [ 273.151475] fat__get_entry+0x5a6/0xa40 [ 273.151479] ? __put_user_ns+0x60/0x60 [ 273.151484] ? copy_overflow+0x30/0x30 [ 273.151488] ? inode_sb_list_add+0x213/0x2f0 [ 273.151493] ? lock_downgrade+0x900/0x900 [ 273.151497] fat_get_short_entry+0x13c/0x2c0 [ 273.151501] fat_subdirs+0x142/0x290 [ 273.151506] ? fat_dir_ioctl+0x1b0/0x1b0 [ 273.151510] ? _raw_spin_unlock+0x2c/0x50 [ 273.151515] ? inode_sb_list_add+0x213/0x2f0 [ 273.151519] ? evict_inodes+0x610/0x610 [ 273.151523] ? no_open+0x10/0x10 [ 273.151527] ? _raw_spin_unlock+0x2c/0x50 [ 273.151532] fat_fill_super+0x2a9f/0x4310 [ 273.151536] ? fat_flush_inodes+0x1a0/0x1a0 [ 273.151542] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 273.151546] ? vsnprintf+0x20d/0x1b60 [ 273.151550] ? pointer+0x900/0x900 [ 273.151554] ? snprintf+0xae/0xe0 [ 273.151558] ? vsprintf+0x40/0x40 [ 273.151563] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 273.151567] ? set_blocksize+0x2c1/0x340 [ 273.151595] msdos_fill_super+0x2e/0x40 [ 273.151600] mount_bdev+0x314/0x3e0 [ 273.151603] ? msdos_mount+0x50/0x50 [ 273.151607] msdos_mount+0x3c/0x50 [ 273.151611] ? setup+0xe0/0xe0 [ 273.151615] legacy_get_tree+0x12f/0x260 [ 273.151620] ? security_fs_context_validate+0x80/0xa0 [ 273.151624] vfs_get_tree+0x1cb/0x5c0 [ 273.151644] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 273.151648] do_mount+0x82a/0x1ff0 [ 273.151652] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 273.151657] ? copy_mount_string+0x40/0x40 [ 273.151676] ? copy_mount_options+0x5f/0x430 [ 273.151681] ? kmem_cache_alloc_trace+0x353/0x750 [ 273.151686] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 273.151690] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 273.151695] ? copy_mount_options+0x315/0x430 [ 273.151698] ksys_mount+0x12d/0x140 [ 273.151702] __x64_sys_mount+0xbe/0x150 [ 273.151706] do_syscall_64+0x1b9/0x820 [ 273.151711] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 273.151715] ? syscall_return_slowpath+0x5e0/0x5e0 [ 273.151720] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 273.151724] ? trace_hardirqs_on_caller+0x310/0x310 [ 273.151729] ? prepare_exit_to_usermode+0x291/0x3b0 [ 273.151733] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 273.151738] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 273.151742] RIP: 0033:0x459fda [ 273.151754] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 273.151759] RSP: 002b:00007f40c6424a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 273.151769] RAX: ffffffffffffffda RBX: 00007f40c6424b30 RCX: 0000000000459fda [ 273.151774] RDX: 00007f40c6424ad0 RSI: 0000000020000280 RDI: 00007f40c6424af0 [ 273.151780] RBP: 0000000020000280 R08: 00007f40c6424b30 R09: 00007f40c6424ad0 [ 273.151786] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000003 [ 273.151792] R13: 0000000000000000 R14: 00000000004d8c90 R15: 00000000ffffffff [ 273.152606] Kernel panic - not syncing: hung_task: blocked tasks [ 273.615907] CPU: 1 PID: 1010 Comm: khungtaskd Not tainted 4.20.0-rc1-next-20181109+ #110 [ 273.624139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 273.633496] Call Trace: [ 273.636094] dump_stack+0x244/0x39d [ 273.639731] ? dump_stack_print_info.cold.1+0x20/0x20 [ 273.645053] panic+0x2ad/0x55c [ 273.648256] ? add_taint.cold.5+0x16/0x16 [ 273.652414] ? nmi_trigger_cpumask_backtrace+0x1c8/0x22a [ 273.657873] ? nmi_trigger_cpumask_backtrace+0x1f9/0x22a [ 273.663349] ? nmi_trigger_cpumask_backtrace+0x1d1/0x22a [ 273.668811] ? nmi_trigger_cpumask_backtrace+0x1c8/0x22a [ 273.674284] watchdog+0xb5d/0x1060 [ 273.677843] ? hungtask_pm_notify+0xb0/0xb0 [ 273.682204] ? __kthread_parkme+0xce/0x1a0 [ 273.686446] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 273.691555] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 273.696671] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 273.701263] ? trace_hardirqs_on+0xbd/0x310 [ 273.705603] ? kasan_check_read+0x11/0x20 [ 273.709776] ? __kthread_parkme+0xce/0x1a0 [ 273.714024] ? trace_hardirqs_off_caller+0x300/0x300 [ 273.719151] ? __schedule+0x21d0/0x21d0 [ 273.723134] ? lockdep_init_map+0x9/0x10 [ 273.727215] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 273.732360] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 273.737905] ? __kthread_parkme+0xfb/0x1a0 [ 273.742161] ? hungtask_pm_notify+0xb0/0xb0 [ 273.746506] kthread+0x35a/0x440 [ 273.749884] ? kthread_stop+0x8f0/0x8f0 [ 273.753871] ret_from_fork+0x3a/0x50 [ 273.758841] Kernel Offset: disabled [ 273.762474] Rebooting in 86400 seconds..