Warning: Permanently added '10.128.0.249' (ECDSA) to the list of known hosts. [ 47.876185] random: sshd: uninitialized urandom read (32 bytes read) 2019/05/01 21:15:31 fuzzer started [ 48.069094] audit: type=1400 audit(1556745331.369:36): avc: denied { map } for pid=7189 comm="syz-fuzzer" path="/root/syz-fuzzer" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 49.896501] random: cc1: uninitialized urandom read (8 bytes read) 2019/05/01 21:15:34 dialing manager at 10.128.0.105:39807 2019/05/01 21:15:34 syscalls: 2434 2019/05/01 21:15:34 code coverage: enabled 2019/05/01 21:15:34 comparison tracing: ioctl(KCOV_TRACE_CMP) failed: invalid argument 2019/05/01 21:15:34 extra coverage: extra coverage is not supported by the kernel 2019/05/01 21:15:34 setuid sandbox: enabled 2019/05/01 21:15:34 namespace sandbox: enabled 2019/05/01 21:15:34 Android sandbox: /sys/fs/selinux/policy does not exist 2019/05/01 21:15:34 fault injection: enabled 2019/05/01 21:15:34 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/05/01 21:15:34 net packet injection: enabled 2019/05/01 21:15:34 net device setup: enabled [ 53.960838] random: crng init done [ 137.870275] audit: type=1400 audit(1556745421.169:37): avc: denied { map } for pid=7207 comm="sh" path="/bin/dash" dev="sda1" ino=1473 scontext=system_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 21:17:50 executing program 0: 21:17:50 executing program 2: [ 187.531956] audit: type=1400 audit(1556745470.839:38): avc: denied { map } for pid=7189 comm="syz-fuzzer" path="/root/syzkaller-shm283792389" dev="sda1" ino=16461 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 21:17:50 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) clone(0x2102101ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = fcntl$dupfd(r0, 0x0, r0) socket(0x0, 0x0, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0) 21:17:50 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0xfe7e) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) sendmsg$TIPC_NL_SOCK_GET(r1, &(0x7f0000000440)={&(0x7f0000000140), 0xc, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x2400c000) 21:17:50 executing program 5: 21:17:50 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x3, &(0x7f0000001fd8)=@framed={{0xffffffb7, 0x0, 0x0, 0xff00000000000000, 0x0, 0x15}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70) [ 187.578018] audit: type=1400 audit(1556745470.879:39): avc: denied { map } for pid=7209 comm="syz-executor.0" path="/sys/kernel/debug/kcov" dev="debugfs" ino=13797 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 [ 188.420201] IPVS: ftp: loaded support on port[0] = 21 [ 188.758438] chnl_net:caif_netlink_parms(): no params data found [ 188.768194] IPVS: ftp: loaded support on port[0] = 21 [ 188.823000] bridge0: port 1(bridge_slave_0) entered blocking state [ 188.829421] bridge0: port 1(bridge_slave_0) entered disabled state [ 188.836501] device bridge_slave_0 entered promiscuous mode [ 188.846045] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.852971] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.859845] device bridge_slave_1 entered promiscuous mode [ 188.881379] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 188.898149] IPVS: ftp: loaded support on port[0] = 21 [ 188.898520] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 188.932013] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 188.939218] team0: Port device team_slave_0 added [ 188.957439] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 188.964859] team0: Port device team_slave_1 added [ 188.973252] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 188.980681] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 189.082177] device hsr_slave_0 entered promiscuous mode [ 189.120399] device hsr_slave_1 entered promiscuous mode [ 189.182301] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 189.191432] IPVS: ftp: loaded support on port[0] = 21 [ 189.202190] chnl_net:caif_netlink_parms(): no params data found [ 189.211786] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 189.318359] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.324874] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.332285] device bridge_slave_0 entered promiscuous mode [ 189.344701] chnl_net:caif_netlink_parms(): no params data found [ 189.355776] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.362257] bridge0: port 2(bridge_slave_1) entered forwarding state [ 189.369134] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.375512] bridge0: port 1(bridge_slave_0) entered forwarding state [ 189.385158] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.391594] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.398898] device bridge_slave_1 entered promiscuous mode [ 189.436472] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 189.456131] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 189.482604] IPVS: ftp: loaded support on port[0] = 21 [ 189.503630] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.510448] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.517741] device bridge_slave_0 entered promiscuous mode [ 189.544463] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.551059] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.557980] device bridge_slave_1 entered promiscuous mode [ 189.619299] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 189.626453] team0: Port device team_slave_0 added [ 189.632290] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 189.639597] team0: Port device team_slave_1 added [ 189.645000] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 189.657716] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 189.670702] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 189.684735] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 189.721387] chnl_net:caif_netlink_parms(): no params data found [ 189.744696] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 189.753274] team0: Port device team_slave_0 added [ 189.803667] device hsr_slave_0 entered promiscuous mode [ 189.840719] device hsr_slave_1 entered promiscuous mode [ 189.900829] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 189.908362] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.926097] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.936679] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 189.943849] team0: Port device team_slave_1 added [ 189.949150] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 189.975385] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 189.985808] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 190.053447] IPVS: ftp: loaded support on port[0] = 21 [ 190.058910] device hsr_slave_0 entered promiscuous mode [ 190.100437] device hsr_slave_1 entered promiscuous mode [ 190.140451] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.146877] bridge0: port 1(bridge_slave_0) entered disabled state [ 190.154315] device bridge_slave_0 entered promiscuous mode [ 190.161647] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.168002] bridge0: port 2(bridge_slave_1) entered disabled state [ 190.175291] device bridge_slave_1 entered promiscuous mode [ 190.200914] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 190.209882] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 190.220232] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 190.227141] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 190.260338] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 190.272805] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 190.299657] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 190.307010] team0: Port device team_slave_0 added [ 190.319664] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 190.327798] team0: Port device team_slave_1 added [ 190.384039] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 190.391610] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 190.472411] device hsr_slave_0 entered promiscuous mode [ 190.510309] device hsr_slave_1 entered promiscuous mode [ 190.571147] chnl_net:caif_netlink_parms(): no params data found [ 190.596057] 8021q: adding VLAN 0 to HW filter on device bond0 [ 190.602655] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 190.621432] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 190.637214] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 190.659940] 8021q: adding VLAN 0 to HW filter on device bond0 [ 190.687951] 8021q: adding VLAN 0 to HW filter on device bond0 [ 190.696369] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 190.704750] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 190.763760] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 190.771416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 190.781620] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 190.787688] 8021q: adding VLAN 0 to HW filter on device team0 [ 190.799503] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.806666] bridge0: port 1(bridge_slave_0) entered disabled state [ 190.813912] device bridge_slave_0 entered promiscuous mode [ 190.820943] chnl_net:caif_netlink_parms(): no params data found [ 190.832160] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 190.843634] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 190.851161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 190.859252] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 190.866311] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.872996] bridge0: port 2(bridge_slave_1) entered disabled state [ 190.879878] device bridge_slave_1 entered promiscuous mode [ 190.888961] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 190.895276] 8021q: adding VLAN 0 to HW filter on device team0 [ 190.908742] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 190.918241] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 190.938191] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 190.945415] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 190.952428] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 190.959190] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 190.967072] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 190.974684] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.981087] bridge0: port 1(bridge_slave_0) entered forwarding state [ 190.990404] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 190.998101] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 191.008565] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 191.016389] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.022751] bridge0: port 1(bridge_slave_0) entered forwarding state [ 191.035835] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 191.055124] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 191.065180] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 191.073125] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 191.080997] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 191.088662] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 191.096507] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.102899] bridge0: port 2(bridge_slave_1) entered forwarding state [ 191.109956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 191.119562] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 191.135054] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 191.141214] 8021q: adding VLAN 0 to HW filter on device team0 [ 191.151416] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 191.159492] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 191.183958] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.191460] bridge0: port 1(bridge_slave_0) entered disabled state [ 191.198273] device bridge_slave_0 entered promiscuous mode [ 191.206290] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 191.214085] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 191.221797] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.228270] bridge0: port 1(bridge_slave_0) entered forwarding state [ 191.235122] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 191.243178] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 191.250789] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.257127] bridge0: port 2(bridge_slave_1) entered forwarding state [ 191.265130] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 191.277150] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 191.293949] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.302399] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.309291] device bridge_slave_1 entered promiscuous mode [ 191.315662] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 191.322913] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 191.330723] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 191.338408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 191.346027] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.352377] bridge0: port 2(bridge_slave_1) entered forwarding state [ 191.360477] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 191.367694] team0: Port device team_slave_0 added [ 191.376343] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 191.386274] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 191.404545] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 191.412275] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 191.419688] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 191.427483] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 191.435058] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 191.442791] team0: Port device team_slave_1 added [ 191.448698] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 191.456620] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 191.464663] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 191.473826] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 191.498553] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 191.507970] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 191.515654] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 191.525634] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 191.543736] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 191.559632] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 191.569664] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 191.577535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 191.585770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 191.593468] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 191.601176] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 191.608541] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 191.619665] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 191.672280] device hsr_slave_0 entered promiscuous mode [ 191.720321] device hsr_slave_1 entered promiscuous mode [ 191.760804] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 191.776673] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 191.785323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 191.793452] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 191.801462] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 191.808851] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 191.816396] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 191.824155] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 191.832765] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 191.843867] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 191.851333] team0: Port device team_slave_0 added [ 191.856604] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 191.865198] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 191.871996] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 191.879086] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 191.887636] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 191.895312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 191.903542] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 191.911433] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 191.921285] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 191.931589] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 191.938751] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 191.945964] team0: Port device team_slave_1 added [ 191.951617] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 191.959085] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 191.971151] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 191.982900] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 191.991518] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 191.998927] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 192.006646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 192.014419] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 192.022265] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 192.029765] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 192.037502] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 192.044978] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 192.063216] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 192.069219] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 192.079956] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 192.142362] device hsr_slave_0 entered promiscuous mode [ 192.180480] device hsr_slave_1 entered promiscuous mode [ 192.242585] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 192.255001] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 192.261449] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 192.274185] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 192.280352] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 192.289194] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 192.297117] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 192.304652] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 192.312565] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 192.340888] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 192.356497] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 192.377271] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.387562] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 192.398447] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 192.407208] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 192.421776] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 192.428730] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 192.439198] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 192.445823] 8021q: adding VLAN 0 to HW filter on device team0 [ 192.455596] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 192.465055] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 192.476526] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 192.491722] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 192.501688] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 192.509720] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.516152] bridge0: port 1(bridge_slave_0) entered forwarding state [ 192.525252] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 192.535145] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 192.562643] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 192.589941] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready 21:17:55 executing program 3: openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, 0x0) ioctl$KVM_S390_UCAS_UNMAP(0xffffffffffffffff, 0x4018ae51, &(0x7f0000000040)={0x0, 0x0, 0x7e}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x102], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 192.607678] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 192.623125] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.629515] bridge0: port 2(bridge_slave_1) entered forwarding state [ 192.651617] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 192.668827] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 192.678234] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 192.689831] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 192.707087] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.734921] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 192.748429] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 192.756458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 192.764979] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 192.775000] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 192.794442] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 192.803961] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.810563] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 192.817569] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 192.829868] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 192.841404] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 192.858115] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 192.873737] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready 21:17:56 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup3(r0, r0, 0x80000) ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x2275, 0x0) r2 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6) ioctl$int_in(r2, 0x800000c004500a, &(0x7f0000000040)=0x6) write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x10, 0x8000000, 0x0, 0x803e0000}}, 0xfffffefd) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0) readahead(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCDELDLCI(0xffffffffffffffff, 0x8981, &(0x7f00000000c0)={'nlmon0\x00', 0x401}) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r2, 0xc0305710, &(0x7f0000000180)={0x1, 0x0, 0xfff, 0x1}) dup2(r1, r2) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x1, 0x20050, 0xffffffffffffffff, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r3 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, 0xffffffffffffffff) 21:17:56 executing program 3: r0 = shmget(0xffffffffffffffff, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) shmctl$SHM_STAT(r0, 0xd, &(0x7f00000000c0)=""/204) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_inet_SIOCGIFPFLAGS(r1, 0x8935, &(0x7f0000000400)={'veth0\x00', 0x80000000}) open(0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ID(0xffffffffffffffff, 0x80082407, 0x0) sched_yield() syz_read_part_table(0x0, 0x1, &(0x7f0000000480)=[{&(0x7f0000010000)="02006800000f000000000000000000008128b14700000000d59863d20000000002000f2020cc00000000ff0700000000000000000000000000000000000000000000000000000000000000000000000000000000000000008a6e94c0000055", 0x5f, 0x1a0}]) [ 192.896486] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 192.919894] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 192.943717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 192.959317] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 192.987542] hrtimer: interrupt took 36265 ns [ 192.997912] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 193.005822] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 193.013720] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 193.020668] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 193.025990] Dev loop3: unable to read RDB block 1 [ 193.027546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 193.037371] loop3: unable to read partition table [ 193.039203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 193.045735] loop3: partition table beyond EOD, [ 193.053775] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 193.062809] truncated [ 193.066374] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 193.069289] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) [ 193.085239] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 193.094383] 8021q: adding VLAN 0 to HW filter on device team0 [ 193.103323] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 193.109396] 8021q: adding VLAN 0 to HW filter on device team0 [ 193.130228] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready 21:17:56 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup3(r0, r0, 0x80000) ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x2275, 0x0) r2 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6) ioctl$int_in(r2, 0x800000c004500a, &(0x7f0000000040)=0x6) write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x10, 0x8000000, 0x0, 0x803e0000}}, 0xfffffefd) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0) readahead(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCDELDLCI(0xffffffffffffffff, 0x8981, &(0x7f00000000c0)={'nlmon0\x00', 0x401}) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r2, 0xc0305710, &(0x7f0000000180)={0x1, 0x0, 0xfff, 0x1}) dup2(r1, r2) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x1, 0x20050, 0xffffffffffffffff, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r3 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, 0xffffffffffffffff) [ 193.146701] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 193.158965] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 193.171789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready 21:17:56 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup3(r0, r0, 0x80000) ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x2275, 0x0) r2 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x6) ioctl$int_in(r2, 0x800000c004500a, &(0x7f0000000040)=0x6) write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000004000, {0x8, 0x10, 0x8000000, 0x0, 0x803e0000}}, 0xfffffefd) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0) readahead(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCDELDLCI(0xffffffffffffffff, 0x8981, &(0x7f00000000c0)={'nlmon0\x00', 0x401}) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r2, 0xc0305710, &(0x7f0000000180)={0x1, 0x0, 0xfff, 0x1}) dup2(r1, r2) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x1, 0x20050, 0xffffffffffffffff, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r3 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, 0xffffffffffffffff) [ 193.195353] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready 21:17:56 executing program 3: r0 = shmget(0xffffffffffffffff, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) shmctl$SHM_STAT(r0, 0xd, &(0x7f00000000c0)=""/204) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_inet_SIOCGIFPFLAGS(r1, 0x8935, &(0x7f0000000400)={'veth0\x00', 0x80000000}) open(0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ID(0xffffffffffffffff, 0x80082407, 0x0) sched_yield() syz_read_part_table(0x0, 0x1, &(0x7f0000000480)=[{&(0x7f0000010000)="02006800000f000000000000000000008128b14700000000d59863d20000000002000f2020cc00000000ff0700000000000000000000000000000000000000000000000000000000000000000000000000000000000000008a6e94c0000055", 0x5f, 0x1a0}]) [ 193.240512] bridge0: port 1(bridge_slave_0) entered blocking state [ 193.246953] bridge0: port 1(bridge_slave_0) entered forwarding state [ 193.289016] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 193.297794] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 193.306140] bridge0: port 1(bridge_slave_0) entered blocking state [ 193.312549] bridge0: port 1(bridge_slave_0) entered forwarding state [ 193.327436] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 193.337775] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 193.352701] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 193.359675] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 193.367606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 193.375561] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 193.382844] Dev loop3: unable to read RDB block 1 21:17:56 executing program 2: creat(&(0x7f0000000380)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480)='overlay\x00', 0x0, 0x0) [ 193.382986] loop3: unable to read partition table [ 193.383264] loop3: partition table beyond EOD, [ 193.388376] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.399212] truncated [ 193.404151] bridge0: port 2(bridge_slave_1) entered forwarding state [ 193.405273] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 193.407668] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) [ 193.414340] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready 21:17:56 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$RTC_PLL_SET(0xffffffffffffffff, 0x40207012, 0x0) ioctl$sock_ifreq(r0, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16@\xea\xff\xff\x80\x00\x00\r\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(0xffffffffffffffff, 0x8990, 0x0) [ 193.456089] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.462531] bridge0: port 2(bridge_slave_1) entered forwarding state [ 193.475757] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 193.488102] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 193.496665] audit: type=1400 audit(1556745476.789:40): avc: denied { create } for pid=7299 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 193.522199] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 193.535670] overlayfs: missing 'lowerdir' [ 193.542558] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 193.557191] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 193.564617] audit: type=1400 audit(1556745476.859:41): avc: denied { ioctl } for pid=7299 comm="syz-executor.0" path="socket:[26378]" dev="sockfs" ino=26378 ioctlcmd=0x8991 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 193.581802] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 193.616540] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 193.633647] bond0: Releasing backup interface bond_slave_1 [ 193.683206] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 193.693017] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 193.703382] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 193.712719] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 193.720864] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 193.733648] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 193.741775] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 193.749427] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 193.757737] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 193.764943] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 193.774420] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 193.783163] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 193.791830] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 193.799618] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 193.807441] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 193.815351] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 193.833292] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 193.844163] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 193.855622] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 193.864532] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 193.873196] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 193.885993] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 193.893635] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 193.901438] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 193.908821] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 193.918608] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 193.937987] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 193.944310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 193.954455] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 193.966380] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 193.976052] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 193.982835] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 194.002399] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 194.009888] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 194.025941] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 194.053672] 8021q: adding VLAN 0 to HW filter on device batadv0 21:17:58 executing program 5: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$RTC_PLL_SET(0xffffffffffffffff, 0x40207012, 0x0) ioctl$sock_ifreq(r0, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16@\xea\xff\xff\x80\x00\x00\r\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000000240)={'bond0\x00\n\x00\n\x06!!\x00\x01\x00', @ifru_names='bond_slave_1\x00'}) 21:17:58 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="230000001e0081aee4050c00000f0000008bc36f7d79ce3263dac37b7403242189c609", 0x23}], 0x1}, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='\x00') openat$vimc2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video2\x00', 0x2, 0x0) openat$vimc2(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/video2\x00', 0x2, 0x0) 21:17:58 executing program 3: r0 = shmget(0xffffffffffffffff, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) shmctl$SHM_STAT(r0, 0xd, &(0x7f00000000c0)=""/204) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_inet_SIOCGIFPFLAGS(r1, 0x8935, &(0x7f0000000400)={'veth0\x00', 0x80000000}) open(0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ID(0xffffffffffffffff, 0x80082407, 0x0) sched_yield() syz_read_part_table(0x0, 0x1, &(0x7f0000000480)=[{&(0x7f0000010000)="02006800000f000000000000000000008128b14700000000d59863d20000000002000f2020cc00000000ff0700000000000000000000000000000000000000000000000000000000000000000000000000000000000000008a6e94c0000055", 0x5f, 0x1a0}]) 21:17:58 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f00000f0000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f00001da000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) mount$fuse(0x20000000, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0) 21:17:58 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000140)) 21:17:58 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_S390_UCAS_UNMAP(0xffffffffffffffff, 0x4018ae51, &(0x7f0000000040)={0x7, 0x0, 0x7e}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x102], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 195.049357] netlink: 7 bytes leftover after parsing attributes in process `syz-executor.2'. [ 195.058102] audit: type=1400 audit(1556745478.359:42): avc: denied { map } for pid=7342 comm="syz-executor.0" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=27423 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:hugetlbfs_t:s0 tclass=file permissive=1 [ 195.104996] netlink: 7 bytes leftover after parsing attributes in process `syz-executor.2'. 21:17:58 executing program 1: seccomp(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000580)=[{0x6}]}) r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$binfmt_aout(r0, &(0x7f0000000880)=ANY=[@ANYBLOB="cc00ff065f030000ce0100000400000028010000090000001f00000000000000e8af9c757be9b70d8f1edabadbaa773bc685f905cd449dd8e407312c0d5abc797f2b3429a3b0bdf21624491af45d8d5cbce650c09c44b7f586835e432c11d19ad71fe2d925372c826a7f6543237a26c9b91cf8ffdb42684b245efdfb16fd3ea2ee73b5786f362d247d0064dc261aa0f8e4e90a75f9759e4a6b3636c1b6545febded839bc237972cac6a3b872fd1578d9f758c22348bce90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600"/695], 0x2b7) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000040)='./bus\x00', 0x1fe, 0x0) pipe2(&(0x7f00000001c0), 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000400)='TIPC\x00') write$binfmt_aout(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="a400000000353c2a76a77200fb2d8ee91a5ae8a4f83eb30bb6dc38e33e3b10274aec4e7073773c4b3a65503bec2e3b009094d5b5918cc153eb3121f902cfe25a7461dde7ce46781872e1a65c0257653f1002964058c79fba488f9f3181a60d433cbf949ba03065f382cc91378808f4d5a156101cea63d8154677407b449dbc5402142460e097fd83bd47"], 0x8a) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unlink(&(0x7f0000001e00)='./bus\x00') sendfile(r2, r2, &(0x7f0000000000), 0x8080fffffffe) r3 = getpid() sched_setattr(r3, &(0x7f00000002c0)={0x0, 0x1, 0x0, 0xfffffffffffffffd, 0x3, 0x3}, 0x0) write(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000300)=@req={0x0, 0x0, 0x1}, 0x10) creat(&(0x7f00000003c0)='./file1\x00', 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000180)={0x7, 0x4d, 0x1}, 0x7) [ 195.152355] Dev loop3: unable to read RDB block 1 [ 195.157487] loop3: unable to read partition table [ 195.157837] loop3: partition table beyond EOD, [ 195.181785] truncated 21:17:58 executing program 2: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$RTC_PLL_SET(0xffffffffffffffff, 0x40207012, 0x0) ioctl$sock_ifreq(r0, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16@\xea\xff\xff\x80\x00\x00\r\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(0xffffffffffffffff, 0x8990, &(0x7f0000000240)={'bond0\x00\n\x00\n\x06!!\x00\x01\x00', @ifru_names='bond_slave_1\x00'}) [ 195.195637] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) 21:17:58 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f00000f0000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f00001da000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) mount$fuse(0x20000000, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0) 21:17:58 executing program 4: creat(&(0x7f0000000380)='./file0\x00', 0x0) mount$fuse(0x20000000, &(0x7f0000000000)='./file0\x00', 0x0, 0x101008, 0x0) mount$fuse(0x20000000, &(0x7f0000000100)='./file0\x00', 0x0, 0x900005, 0x0) [ 195.233886] bond0: Releasing backup interface bond_slave_1 [ 195.321184] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 195.382861] bond0: Releasing backup interface bond_slave_1 [ 195.389881] audit: type=1326 audit(1556745478.679:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=7362 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45bc0a code=0x0 21:17:58 executing program 3: r0 = shmget(0xffffffffffffffff, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) shmctl$SHM_STAT(r0, 0xd, &(0x7f00000000c0)=""/204) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_inet_SIOCGIFPFLAGS(r1, 0x8935, &(0x7f0000000400)={'veth0\x00', 0x80000000}) open(0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ID(0xffffffffffffffff, 0x80082407, 0x0) sched_yield() syz_read_part_table(0x0, 0x1, &(0x7f0000000480)=[{&(0x7f0000010000)="02006800000f000000000000000000008128b14700000000d59863d20000000002000f2020cc00000000ff0700000000000000000000000000000000000000000000000000000000000000000000000000000000000000008a6e94c0000055", 0x5f, 0x1a0}]) [ 195.446529] bond0: Enslaving bond_slave_1 as an active interface with an up link 21:17:58 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x443, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1fe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x14e24}, 0x1c) connect$inet6(r0, &(0x7f0000000240)={0xa, 0x4e24, 0x0, @ipv4={[], [], @loopback}}, 0x1c) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) [ 195.493438] bond0: Releasing backup interface bond_slave_1 21:17:58 executing program 5: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$RTC_PLL_SET(0xffffffffffffffff, 0x40207012, 0x0) ioctl$sock_ifreq(r0, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16@\xea\xff\xff\x80\x00\x00\r\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000000240)={'bond0\x00\n\x00\n\x06!!\x00\x01\x00', @ifru_names='bond_slave_1\x00'}) [ 195.535601] audit: type=1400 audit(1556745478.699:44): avc: denied { create } for pid=7362 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 195.623277] audit: type=1400 audit(1556745478.699:45): avc: denied { write } for pid=7362 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 21:17:59 executing program 2: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$RTC_PLL_SET(0xffffffffffffffff, 0x40207012, 0x0) ioctl$sock_ifreq(r0, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16@\xea\xff\xff\x80\x00\x00\r\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(0xffffffffffffffff, 0x8990, &(0x7f0000000240)={'bond0\x00\n\x00\n\x06!!\x00\x01\x00', @ifru_names='bond_slave_1\x00'}) [ 195.677545] Dev loop3: unable to read RDB block 1 [ 195.695622] loop3: unable to read partition table [ 195.729943] loop3: partition table beyond EOD, [ 195.732463] bond0: Releasing backup interface bond_slave_1 [ 195.737050] truncated [ 195.765476] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) 21:17:59 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x800, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) exit(0x0) [ 195.828670] audit: type=1400 audit(1556745478.709:46): avc: denied { read } for pid=7362 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 195.854853] bond0: Enslaving bond_slave_1 as an active interface with an up link 21:17:59 executing program 3: r0 = shmget(0xffffffffffffffff, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) shmctl$SHM_STAT(r0, 0xd, &(0x7f00000000c0)=""/204) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_inet_SIOCGIFPFLAGS(r1, 0x8935, &(0x7f0000000400)={'veth0\x00', 0x80000000}) open(0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ID(0xffffffffffffffff, 0x80082407, 0x0) syz_read_part_table(0x0, 0x1, &(0x7f0000000480)=[{&(0x7f0000010000)="02006800000f000000000000000000008128b14700000000d59863d20000000002000f2020cc00000000ff0700000000000000000000000000000000000000000000000000000000000000000000000000000000000000008a6e94c0000055", 0x5f, 0x1a0}]) 21:17:59 executing program 5: shmctl$SHM_STAT(0x0, 0xd, &(0x7f00000000c0)=""/204) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_yield() syz_read_part_table(0x0, 0x1, &(0x7f0000000480)=[{&(0x7f0000010000)="02006800000f000000000000000000008128b14700000000d59863d20000000002000f2020cc00000000ff0700000000000000000000000000000000000000000000000000000000000000000000000000000000000000008a6e94c0000055aa", 0x60, 0x1a0}]) 21:17:59 executing program 2: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$RTC_PLL_SET(0xffffffffffffffff, 0x40207012, 0x0) ioctl$sock_ifreq(r0, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16@\xea\xff\xff\x80\x00\x00\r\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(0xffffffffffffffff, 0x8990, &(0x7f0000000240)={'bond0\x00\n\x00\n\x06!!\x00\x01\x00', @ifru_names='bond_slave_1\x00'}) [ 196.089462] audit: type=1326 audit(1556745479.389:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=7362 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45bc0a code=0x0 [ 196.183259] Dev loop3: unable to read RDB block 1 [ 196.188623] loop3: unable to read partition table [ 196.196236] loop3: partition table beyond EOD, truncated [ 196.202216] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) 21:17:59 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0x29, 0x5, 0x0) r0 = socket$kcm(0xa, 0x2, 0x73) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x69) openat$ubi_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0x1e, 0x5, 0x0) bind(0xffffffffffffffff, &(0x7f0000d80f80)=@generic={0x1e, "0103000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cb184a"}, 0x80) connect(r0, &(0x7f0000000180)=@in6={0xa, 0x0, 0x0, @dev, 0x6}, 0x80) sendmmsg$inet_sctp(r0, &(0x7f00000003c0), 0x3a301e0909ff38c, 0x1f4) 21:17:59 executing program 2: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$RTC_PLL_SET(0xffffffffffffffff, 0x40207012, 0x0) ioctl$sock_ifreq(r0, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16@\xea\xff\xff\x80\x00\x00\r\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(0xffffffffffffffff, 0x8990, &(0x7f0000000240)={'bond0\x00\n\x00\n\x06!!\x00\x01\x00', @ifru_names='bond_slave_1\x00'}) [ 196.251712] loop5: p1 < > p4 [ 196.255150] loop5: partition table partially beyond EOD, truncated [ 196.272432] loop5: p1 size 2 extends beyond EOD, truncated [ 196.286076] loop5: p4 start 1854537728 is beyond EOD, truncated 21:17:59 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$RTC_PLL_SET(0xffffffffffffffff, 0x40207012, 0x0) ioctl$sock_ifreq(r0, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16@\xea\xff\xff\x80\x00\x00\r\xff', @ifru_names='bond_slave_1\x00'}) 21:17:59 executing program 3: r0 = shmget(0xffffffffffffffff, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) shmctl$SHM_STAT(r0, 0xd, &(0x7f00000000c0)=""/204) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_inet_SIOCGIFPFLAGS(r1, 0x8935, &(0x7f0000000400)={'veth0\x00', 0x80000000}) open(0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ID(0xffffffffffffffff, 0x80082407, 0x0) syz_read_part_table(0x0, 0x1, &(0x7f0000000480)=[{&(0x7f0000010000)="02006800000f000000000000000000008128b14700000000d59863d20000000002000f2020cc00000000ff0700000000000000000000000000000000000000000000000000000000000000000000000000000000000000008a6e94c0000055", 0x5f, 0x1a0}]) 21:17:59 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$RTC_PLL_SET(0xffffffffffffffff, 0x40207012, 0x0) ioctl$sock_ifreq(r0, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16@\xea\xff\xff\x80\x00\x00\r\xff', @ifru_names='bond_slave_1\x00'}) 21:17:59 executing program 5: shmctl$SHM_STAT(0x0, 0xd, &(0x7f00000000c0)=""/204) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_yield() syz_read_part_table(0x0, 0x1, &(0x7f0000000480)=[{&(0x7f0000010000)="02006800000f000000000000000000008128b14700000000d59863d20000000002000f2020cc00000000ff0700000000000000000000000000000000000000000000000000000000000000000000000000000000000000008a6e94c0000055aa", 0x60, 0x1a0}]) 21:17:59 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x443, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1fe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x14e24}, 0x1c) connect$inet6(r0, &(0x7f0000000240)={0xa, 0x4e24, 0x0, @ipv4={[], [], @loopback}}, 0x1c) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) 21:17:59 executing program 2: socketpair(0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) socketpair(0x17, 0x0, 0x1001, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0xff4a) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a0f, 0x1702) r1 = getpid() perf_event_open(&(0x7f0000000000)={0x3, 0x70, 0x6, 0x0, 0x8, 0x2e4, 0x0, 0x81, 0xc0, 0xa, 0x0, 0x101, 0x1, 0x1, 0x96b7, 0x0, 0x3, 0x80000000, 0x8, 0x1, 0x7ff, 0x7, 0x100000001, 0x81, 0xfd, 0x100000000, 0x1f, 0x743, 0x7f, 0x8, 0x6, 0x0, 0x4dac, 0x8, 0x5, 0x31, 0x3, 0x4000000000000, 0x0, 0x4, 0x2, @perf_config_ext={0x1643, 0x9}, 0x0, 0x0, 0x9, 0x7, 0x3c39, 0x6, 0x2608000000}, r1, 0x5, 0xffffffffffffffff, 0x1) [ 196.602612] Dev loop3: unable to read RDB block 1 [ 196.609177] loop3: unable to read partition table [ 196.624407] loop3: partition table beyond EOD, truncated [ 196.630735] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) 21:18:00 executing program 0: creat(&(0x7f0000000380)='./file0\x00', 0x0) mount$fuse(0x20000000, &(0x7f0000000000)='./file0\x00', 0x0, 0x101008, 0x0) mount$fuse(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x79f9, 0x0) setxattr$trusted_overlay_origin(&(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0) 21:18:00 executing program 1: creat(&(0x7f0000000380)='./file0\x00', 0x0) mount$fuse(0x20000000, &(0x7f0000000000)='./file0\x00', 0x0, 0x101008, 0x0) open$dir(&(0x7f0000000040)='./file0\x00', 0x2, 0x0) mount$fuse(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x79f9, 0x0) 21:18:00 executing program 3: r0 = shmget(0xffffffffffffffff, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) shmctl$SHM_STAT(r0, 0xd, &(0x7f00000000c0)=""/204) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_inet_SIOCGIFPFLAGS(r1, 0x8935, &(0x7f0000000400)={'veth0\x00', 0x80000000}) open(0x0, 0x0, 0x0) syz_read_part_table(0x0, 0x1, &(0x7f0000000480)=[{&(0x7f0000010000)="02006800000f000000000000000000008128b14700000000d59863d20000000002000f2020cc00000000ff0700000000000000000000000000000000000000000000000000000000000000000000000000000000000000008a6e94c0000055", 0x5f, 0x1a0}]) [ 196.784006] loop5: p1 < > p4 [ 196.787295] loop5: partition table partially beyond EOD, truncated [ 196.801304] loop5: p1 size 2 extends beyond EOD, truncated 21:18:00 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f00000f0000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f00001da000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) [ 196.815261] audit: type=1804 audit(1556745480.119:48): pid=7453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir782110138/syzkaller.vmIeV6/11/memory.events" dev="sda1" ino=16554 res=1 [ 196.848760] loop5: p4 start 1854537728 is beyond EOD, truncated 21:18:00 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_S390_UCAS_UNMAP(0xffffffffffffffff, 0x4018ae51, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x102], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:18:00 executing program 0: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000380)='./file0\x00', 0x0) mount(0x0, &(0x7f000000aff8)='./file0\x00', &(0x7f0000000400)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f0000000480)='./file0\x00') creat(&(0x7f0000000180)='./file0\x00', 0x0) [ 196.984534] audit: type=1800 audit(1556745480.119:49): pid=7453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="memory.events" dev="sda1" ino=16554 res=0 21:18:00 executing program 5: syz_open_dev$evdev(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x443, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1fe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x14e24}, 0x1c) connect$inet6(r0, &(0x7f0000000240)={0xa, 0x4e24, 0x0, @ipv4={[], [], @loopback}}, 0x1c) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) 21:18:00 executing program 2: r0 = open(&(0x7f00000001c0)='./bus\x00', 0x18f040, 0x32) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000200)=0x7) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xed}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) rmdir(0x0) r1 = socket$inet6(0xa, 0xffffffffffffffff, 0x1) r2 = fcntl$getown(r1, 0x9) ptrace$pokeuser(0x6, r2, 0x7fe, 0x2) ioctl(r1, 0x8912, &(0x7f00000005c0)='\x00'/12) remap_file_pages(&(0x7f0000fee000/0xf000)=nil, 0xf000, 0x0, 0x74f, 0x1000) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x8) rmdir(&(0x7f0000000580)='./bus\x00') write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000008c0)=ANY=[@ANYBLOB="4edc9825dab8a2dab9f640724a7b3ac3df64b0a8003a5beb9932eaef73d561c61bd54ce5544f622b992b3a88ff5e6de0cfc82d6f51da2f24070a6d41f542cea210168ebbf71369865951bc2f60c24425f5ffc44289f04aa55ccdf4368029f5a526a4413788ed8f2e7a2d19028fe94bb33919b6b42c76ad9d9df88a72ead92bfadf4cfdd2074927fb04924b2e654e1156f6dbbe241ee08de28851ed9381971e16c9b85df4e1f97f103ce8ff5a01f5eadd9e504598f86e056e0b9064cad904b147c2e6404d0f867e9607c93e23f624f13a5b2afd784a0f724204d08ab81f8e81b66801c8d27279bc8047ffe711facd026490a451ee122fd78bd7cb90f7bb71dec53de5ba1ea3ff0fcf600d154718c4f1b7bc130829b0f3dac5397021fa97052047c571448433a436c6a3538f63f4ab5fb0626b5ae6f10d68a580038f8295cc53988ef46fa99a1142c021b4d90aeb9a5488006117cca998c230eba49d6a7ded8cca5b1880"], 0x163) mkdir(&(0x7f0000000680)='./bus\x00', 0x22) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000440)={0x2, 0x1}, 0xfffffffffffffead) r4 = socket$inet6(0xa, 0x3, 0x6) syz_genetlink_get_family_id$tipc2(&(0x7f0000000500)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_ENABLE(r3, 0x0, 0x801) setsockopt$inet6_int(r0, 0x29, 0xcf, &(0x7f0000000840)=0x1, 0x4) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000880)={@remote, 0x400800, 0x0, 0x3, 0x3, 0x0, 0x10001}, 0x20) fcntl$setownex(r3, 0xf, &(0x7f0000000180)={0x2, r2}) fsetxattr$trusted_overlay_redirect(r1, &(0x7f00000007c0)='trusted.overlay.redirect\x00', &(0x7f0000000400)='./bus\x00', 0xffffffffffffff69, 0x2) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000000)={@local, 0x0, 0x0, 0xfe, 0x3}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000040)={@loopback, 0x0, 0x0, 0x1, 0x3}, 0x20) r5 = syz_open_procfs(0x0, &(0x7f0000000340)='net/ip6_flowlabel\x00n\xc01\x14\x894X\xed\xc1\xc9\xd8\xdcK\r\x8d\xae\x98&@\xd0\xe6\xbbQ\xd7\xffYn\x1c\x92\xde\x0e\xaa1\x91\x98\xe9\x1f\nMCi|+\xcdw\xf0\x176Z\xf1`\xac\xf3;\xd6d2\xeb\xe5\f\x0e\x8b\xda\xf7\xfc9\xfe\xff4\xef\'\xa19q\x93\"\x7fG3\xc1E\xe6e6\xc6\xc2u\x11% \xe7+0\x97\x84;\\\xda\xc4\x80\xc3\xb18N\xbfY%\x05\xf8\x85\x89\xfc\xd2\xd7') sendfile(r4, r5, &(0x7f00000000c0)=0x202, 0x8) [ 197.032839] Dev loop3: unable to read RDB block 1 [ 197.042171] loop3: unable to read partition table [ 197.078343] loop3: partition table beyond EOD, truncated [ 197.089079] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) 21:18:00 executing program 3: r0 = shmget(0xffffffffffffffff, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) shmctl$SHM_STAT(r0, 0xd, &(0x7f00000000c0)=""/204) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_inet_SIOCGIFPFLAGS(r1, 0x8935, &(0x7f0000000400)={'veth0\x00', 0x80000000}) open(0x0, 0x0, 0x0) syz_read_part_table(0x0, 0x1, &(0x7f0000000480)=[{&(0x7f0000010000)="02006800000f000000000000000000008128b14700000000d59863d20000000002000f2020cc00000000ff0700000000000000000000000000000000000000000000000000000000000000000000000000000000000000008a6e94c0000055", 0x5f, 0x1a0}]) [ 197.216461] mmap: syz-executor.2 (7491) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.txt. 21:18:00 executing program 0: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f00000002c0)) [ 197.384109] Dev loop3: unable to read RDB block 1 [ 197.398249] loop3: unable to read partition table [ 197.419866] loop3: partition table beyond EOD, truncated [ 197.429644] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) 21:18:01 executing program 4: ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_S390_UCAS_UNMAP(0xffffffffffffffff, 0x4018ae51, &(0x7f0000000040)={0x7, 0x0, 0x7e}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x102], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:18:01 executing program 1: shmget(0xffffffffffffffff, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) shmctl$SHM_STAT(0x0, 0xd, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet_SIOCGIFPFLAGS(0xffffffffffffffff, 0x8935, 0x0) open(0x0, 0x0, 0x0) syz_read_part_table(0x0, 0x1, &(0x7f0000000480)=[{&(0x7f0000010000)="02006800000f000000000000000000008128b14700000000d59863d20000000002000f2020cc00000000ff0700000000000000000000000000000000000000000000000000000000000000000000000000000000000000008a6e94c0000055aa", 0x60, 0x1a0}]) 21:18:01 executing program 2: mkdir(&(0x7f0000000380)='./file0\x00', 0x0) mount(0x0, &(0x7f000000aff8)='./file0\x00', &(0x7f0000000400)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f0000000480)='./file0\x00') creat(&(0x7f0000000180)='./file0\x00', 0x0) 21:18:01 executing program 0: seccomp(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000580)=[{0x6, 0x0, 0x0, 0xfffffffffffffffd}]}) r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$binfmt_aout(r0, &(0x7f0000000880)=ANY=[@ANYBLOB="cc00ff065f030000ce0100000400000028010000090000001f00000000000000e8af9c757be9b70d8f1edabadbaa773bc685f905cd449dd8e407312c0d5abc797f2b3429a3b0bdf21624491af45d8d5cbce650c09c44b7f586835e432c11d19ad71fe2d925372c826a7f6543237a26c9b91cf8ffdb42684b245efdfb16fd3ea2ee73b5786f362d247d0064dc261aa0f8e4e90a75f9759e4a6b3636c1b6545febded839bc237972cac6a3b872fd1578d9f758c22348bce90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600"/695], 0x2b7) pwritev(0xffffffffffffffff, 0x0, 0x182, 0x0) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000040)='./bus\x00', 0x1fe, 0x0) pipe2(&(0x7f00000001c0), 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000400)='TIPC\x00') write$binfmt_aout(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="a400000000353c2a76a77200fb2d8ee91a5ae8a4f83eb30bb6dc38e33e3b10274aec4e7073773c4b3a65503bec2e3b009094d5b5918cc153eb3121f902cfe25a7461dde7ce46781872e1a65c0257653f1002964058c79fba488f9f3181a60d433cbf949ba03065f382cc91378808f4d5a156101cea63d8154677407b449dbc5402142460e097fd83bd47e31d7538a9c454589029b6d4f092f625fa58ce0b80d214bac542facbffe6809a8e15e09c3eddf357027f2d3466"], 0xb7) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unlink(&(0x7f0000001e00)='./bus\x00') sendfile(r2, r2, &(0x7f0000000000), 0x8080fffffffe) r3 = getpid() sched_setattr(r3, &(0x7f00000002c0)={0x0, 0x1, 0x0, 0xfffffffffffffffd, 0x3, 0x3}, 0x0) write(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000300)=@req={0x0, 0x0, 0x1, 0x401}, 0x10) creat(&(0x7f00000003c0)='./file1\x00', 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000180)={0x7, 0x4d, 0x1}, 0x7) 21:18:01 executing program 3: r0 = shmget(0xffffffffffffffff, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) shmctl$SHM_STAT(r0, 0xd, &(0x7f00000000c0)=""/204) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_inet_SIOCGIFPFLAGS(r1, 0x8935, &(0x7f0000000400)={'veth0\x00', 0x80000000}) syz_read_part_table(0x0, 0x1, &(0x7f0000000480)=[{&(0x7f0000010000)="02006800000f000000000000000000008128b14700000000d59863d20000000002000f2020cc00000000ff0700000000000000000000000000000000000000000000000000000000000000000000000000000000000000008a6e94c0000055", 0x5f, 0x1a0}]) 21:18:01 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_S390_UCAS_UNMAP(0xffffffffffffffff, 0x4018ae51, &(0x7f0000000040)={0x7, 0x0, 0x7e}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x102], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 197.766048] loop1: p1 < > p4 [ 197.769328] loop1: partition table partially beyond EOD, truncated [ 197.789119] loop1: p1 size 2 extends beyond EOD, truncated [ 197.810414] loop1: p4 start 1854537728 is beyond EOD, truncated [ 197.873584] Dev loop3: unable to read RDB block 1 [ 197.879009] loop3: unable to read partition table [ 197.907927] loop3: partition table beyond EOD, truncated [ 197.941390] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) 21:18:01 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="7f454c460100f307000000000000000003000000020000000000000000000088000000e4ff0000f1d70000000038000200c800010000000100000000000000080000000000000000802000000000000600000000000000ff070000000000001c9d5b020000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000138d0000000000000000"], 0xc9) write$binfmt_elf64(r0, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c4600000000000000000000000000003e00000000000000000000000000400000000000000000000000000000000000000000003800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000e818f9b1b47aa49200000000000000000000000000000000000000000000000000000000e2ffffff00"/612], 0x264) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000080), 0x4) sendto$inet(r0, &(0x7f0000001600)='(', 0x1, 0x3, 0x0, 0x0) 21:18:01 executing program 4: ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_S390_UCAS_UNMAP(0xffffffffffffffff, 0x4018ae51, &(0x7f0000000040)={0x7, 0x0, 0x7e}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x102], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 198.518246] kauditd_printk_skb: 6 callbacks suppressed [ 198.518255] audit: type=1326 audit(1556745481.819:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=7513 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45bc0a code=0xffff0000 [ 428.000605] INFO: task syz-executor.2:7217 blocked for more than 140 seconds. [ 428.008286] Not tainted 4.14.114 #4 [ 428.013086] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 428.021095] syz-executor.2 D24992 7217 1 0x00000004 [ 428.026732] Call Trace: [ 428.029321] __schedule+0x7be/0x1cf0 [ 428.033242] ? __mutex_lock+0x737/0x1470 [ 428.037305] ? pci_mmcfg_check_reserved+0x150/0x150 [ 428.042374] schedule+0x92/0x1c0 [ 428.045918] schedule_preempt_disabled+0x13/0x20 [ 428.051435] __mutex_lock+0x73c/0x1470 [ 428.055405] ? trace_hardirqs_on+0x10/0x10 [ 428.059631] ? lo_release+0x1e/0x1b0 [ 428.063392] ? save_trace+0x250/0x290 [ 428.067204] ? mutex_trylock+0x1c0/0x1c0 [ 428.071375] ? __blkdev_put+0x397/0x7f0 [ 428.075357] ? find_held_lock+0x35/0x130 [ 428.079426] ? __blkdev_put+0x397/0x7f0 [ 428.083565] ? loop_clr_fd+0xae0/0xae0 [ 428.087658] mutex_lock_nested+0x16/0x20 [ 428.091791] ? mutex_lock_nested+0x16/0x20 [ 428.096036] lo_release+0x1e/0x1b0 [ 428.099573] ? loop_clr_fd+0xae0/0xae0 [ 428.103505] __blkdev_put+0x436/0x7f0 [ 428.107317] ? bd_set_size+0xb0/0xb0 [ 428.111086] ? wait_for_completion+0x420/0x420 [ 428.115687] blkdev_put+0x88/0x510 [ 428.119227] ? fcntl_setlk+0xb90/0xb90 [ 428.123169] ? blkdev_put+0x510/0x510 [ 428.126982] blkdev_close+0x8b/0xb0 [ 428.130693] __fput+0x277/0x7a0 [ 428.133993] ____fput+0x16/0x20 [ 428.137278] task_work_run+0x119/0x190 [ 428.160150] exit_to_usermode_loop+0x1da/0x220 [ 428.164783] do_syscall_64+0x4a9/0x630 [ 428.168674] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 428.180775] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 428.185998] RIP: 0033:0x412b40 [ 428.189184] RSP: 002b:00007ffefbfffc38 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 428.217771] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000412b40 [ 428.238005] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000003 [ 428.258241] RBP: 000000000000002a R08: 0000000000000000 R09: 000000000000000a [ 428.278455] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000 [ 428.298662] R13: 00007ffefbfffc70 R14: 0000000000030449 R15: 00007ffefbfffc80 [ 428.311830] INFO: task syz-executor.4:7220 blocked for more than 140 seconds. [ 428.340065] Not tainted 4.14.114 #4 [ 428.344246] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 428.360058] syz-executor.4 D24992 7220 1 0x00000004 [ 428.365716] Call Trace: [ 428.368317] __schedule+0x7be/0x1cf0 [ 428.380064] ? __mutex_lock+0x737/0x1470 [ 428.384153] ? pci_mmcfg_check_reserved+0x150/0x150 [ 428.389170] schedule+0x92/0x1c0 [ 428.410098] schedule_preempt_disabled+0x13/0x20 [ 428.414909] __mutex_lock+0x73c/0x1470 [ 428.418800] ? trace_hardirqs_on+0x10/0x10 [ 428.430079] ? lo_open+0x1d/0xb0 [ 428.433477] ? refcount_add+0x40/0x50 [ 428.437285] ? mutex_trylock+0x1c0/0x1c0 [ 428.442118] ? find_held_lock+0x35/0x130 [ 428.446193] ? disk_get_part+0x9c/0x140 [ 428.450580] ? lock_downgrade+0x6e0/0x6e0 [ 428.455003] ? loop_unregister_transfer+0x90/0x90 [ 428.459839] mutex_lock_nested+0x16/0x20 [ 428.463936] ? mutex_lock_nested+0x16/0x20 [ 428.468170] lo_open+0x1d/0xb0 [ 428.471422] __blkdev_get+0x2c9/0x1120 [ 428.475318] ? __blkdev_put+0x7f0/0x7f0 [ 428.479361] ? bd_acquire+0x178/0x2c0 [ 428.483221] ? find_held_lock+0x35/0x130 [ 428.498409] blkdev_get+0xa8/0x8e0 [ 428.502012] ? bd_may_claim+0xd0/0xd0 [ 428.505829] ? _raw_spin_unlock+0x2d/0x50 [ 428.509962] blkdev_open+0x1d1/0x260 [ 428.513716] ? security_file_open+0x8f/0x1a0 [ 428.518136] do_dentry_open+0x73e/0xeb0 [ 428.522156] ? bd_acquire+0x2c0/0x2c0 [ 428.525976] vfs_open+0x105/0x230 [ 428.529428] path_openat+0x8bd/0x3f70 [ 428.533296] ? trace_hardirqs_on+0x10/0x10 [ 428.537550] ? path_lookupat.isra.0+0x7b0/0x7b0 [ 428.542272] ? find_held_lock+0x35/0x130 [ 428.546354] ? __alloc_fd+0x1d4/0x4a0 [ 428.550200] do_filp_open+0x18e/0x250 [ 428.554009] ? may_open_dev+0xe0/0xe0 [ 428.557814] ? _raw_spin_unlock+0x2d/0x50 [ 428.562234] ? __alloc_fd+0x1d4/0x4a0 [ 428.566058] do_sys_open+0x2c5/0x430 [ 428.569798] ? filp_open+0x70/0x70 [ 428.573862] SyS_open+0x2d/0x40 [ 428.577182] ? do_sys_open+0x430/0x430 [ 428.581131] do_syscall_64+0x1eb/0x630 [ 428.585024] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 428.589986] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 428.595230] RIP: 0033:0x412d20 [ 428.598551] RSP: 002b:00007ffd7bbab3a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 428.606306] RAX: ffffffffffffffda RBX: 0000000000030540 RCX: 0000000000412d20 [ 428.613649] RDX: 00007ffd7bbab43a RSI: 0000000000000002 RDI: 00007ffd7bbab430 [ 428.620976] RBP: 0000000000000011 R08: 0000000000000000 R09: 000000000000000a [ 428.628249] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000 [ 428.635640] R13: 00007ffd7bbab3e0 R14: 0000000000030467 R15: 00007ffd7bbab3f0 [ 428.643023] INFO: task syz-executor.5:7221 blocked for more than 140 seconds. [ 428.650356] Not tainted 4.14.114 #4 [ 428.654503] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 428.662532] syz-executor.5 D24992 7221 1 0x00000004 [ 428.668169] Call Trace: [ 428.670816] __schedule+0x7be/0x1cf0 [ 428.674540] ? __mutex_lock+0x737/0x1470 [ 428.678593] ? pci_mmcfg_check_reserved+0x150/0x150 [ 428.683653] schedule+0x92/0x1c0 [ 428.687033] schedule_preempt_disabled+0x13/0x20 [ 428.691838] __mutex_lock+0x73c/0x1470 [ 428.695743] ? lo_ioctl+0x87/0x1c70 [ 428.699364] ? lock_downgrade+0x620/0x6e0 [ 428.704080] ? mutex_trylock+0x1c0/0x1c0 [ 428.708141] ? avc_has_extended_perms+0x8ec/0xe40 [ 428.713018] ? putname+0xdb/0x120 [ 428.716641] ? avc_ss_reset+0x110/0x110 [ 428.720674] ? kasan_slab_free+0x75/0xc0 [ 428.724749] mutex_lock_nested+0x16/0x20 [ 428.728803] ? mutex_lock_nested+0x16/0x20 [ 428.733170] lo_ioctl+0x87/0x1c70 [ 428.736667] ? loop_probe+0x160/0x160 [ 428.740515] blkdev_ioctl+0x983/0x1880 [ 428.744409] ? blkpg_ioctl+0x980/0x980 [ 428.748325] ? __might_sleep+0x93/0xb0 [ 428.752282] block_ioctl+0xde/0x120 [ 428.755909] ? blkdev_fallocate+0x3b0/0x3b0 [ 428.760375] do_vfs_ioctl+0x7b9/0x1070 [ 428.764305] ? selinux_file_mprotect+0x5d0/0x5d0 [ 428.769285] ? ioctl_preallocate+0x1c0/0x1c0 [ 428.773742] ? putname+0xe0/0x120 [ 428.777202] ? do_sys_open+0x221/0x430 [ 428.781228] ? security_file_ioctl+0x83/0xc0 [ 428.785636] ? security_file_ioctl+0x8f/0xc0 [ 428.790107] SyS_ioctl+0x8f/0xc0 [ 428.793476] ? do_vfs_ioctl+0x1070/0x1070 [ 428.797659] do_syscall_64+0x1eb/0x630 [ 428.801626] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 428.806538] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 428.811885] RIP: 0033:0x458c17 [ 428.815081] RSP: 002b:00007ffc690e2d48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 428.822966] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000458c17 [ 428.831137] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000003 [ 428.838779] RBP: 000000000000000e R08: 0000000000000000 R09: 000000000000000a [ 428.846124] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000 [ 428.853442] R13: 00007ffc690e2d80 R14: 000000000003020f R15: 00007ffc690e2d90 [ 428.860911] INFO: task syz-executor.1:7514 blocked for more than 140 seconds. [ 428.868201] Not tainted 4.14.114 #4 [ 428.872512] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 428.880767] syz-executor.1 D26240 7514 7219 0x00000004 [ 428.886573] Call Trace: [ 428.889201] __schedule+0x7be/0x1cf0 [ 428.892966] ? retint_kernel+0x2d/0x2d [ 428.896870] ? pci_mmcfg_check_reserved+0x150/0x150 [ 428.901941] schedule+0x92/0x1c0 [ 428.905312] schedule_preempt_disabled+0x13/0x20 [ 428.910108] __mutex_lock+0x73c/0x1470 [ 428.914003] ? blkdev_reread_part+0x1f/0x40 [ 428.918313] ? mutex_trylock+0x1c0/0x1c0 [ 428.922448] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 428.927563] ? __wake_up_common_lock+0xe3/0x160 [ 428.932290] mutex_lock_nested+0x16/0x20 [ 428.936364] ? mutex_lock_nested+0x16/0x20 [ 428.940659] blkdev_reread_part+0x1f/0x40 [ 428.944825] loop_reread_partitions+0x7c/0x90 [ 428.949313] loop_clr_fd+0x844/0xae0 [ 428.953097] lo_ioctl+0x8d0/0x1c70 [ 428.956656] ? trace_hardirqs_on_caller+0x400/0x590 [ 428.962395] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 428.967166] ? loop_probe+0x160/0x160 [ 428.971050] blkdev_ioctl+0x983/0x1880 [ 428.974941] ? blkpg_ioctl+0x980/0x980 [ 428.978966] ? __sanitizer_cov_trace_pc+0x29/0x60 [ 428.983868] block_ioctl+0xde/0x120 [ 428.987505] ? blkdev_fallocate+0x3b0/0x3b0 [ 428.991868] do_vfs_ioctl+0x7b9/0x1070 [ 428.995828] ? selinux_file_mprotect+0x5d0/0x5d0 [ 429.000637] ? lock_downgrade+0x6e0/0x6e0 [ 429.004796] ? ioctl_preallocate+0x1c0/0x1c0 [ 429.009195] ? __fget+0x237/0x370 [ 429.012691] ? security_file_ioctl+0x8f/0xc0 [ 429.017105] SyS_ioctl+0x8f/0xc0 [ 429.020634] ? do_vfs_ioctl+0x1070/0x1070 [ 429.024833] do_syscall_64+0x1eb/0x630 [ 429.028777] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 429.033671] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 429.038971] RIP: 0033:0x458c17 [ 429.042635] RSP: 002b:00007f1db91aa9f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 429.050408] RAX: ffffffffffffffda RBX: 00007f1db91ab6d4 RCX: 0000000000458c17 [ 429.057680] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000005 [ 429.065069] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000c [ 429.072394] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000004 [ 429.079749] R13: 0000000000000000 R14: 0000000000000005 R15: 0000000000000001 [ 429.087197] INFO: task syz-executor.0:7524 blocked for more than 140 seconds. [ 429.094865] Not tainted 4.14.114 #4 [ 429.099006] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 429.107030] syz-executor.0 D29328 7524 7213 0x00000004 [ 429.112702] Call Trace: [ 429.115289] __schedule+0x7be/0x1cf0 [ 429.118993] ? __mutex_lock+0x737/0x1470 [ 429.123163] ? pci_mmcfg_check_reserved+0x150/0x150 [ 429.128227] schedule+0x92/0x1c0 [ 429.131737] schedule_preempt_disabled+0x13/0x20 [ 429.136509] __mutex_lock+0x73c/0x1470 [ 429.140452] ? trace_hardirqs_on+0x10/0x10 [ 429.144861] ? lo_release+0x84/0x1b0 [ 429.148573] ? save_trace+0x250/0x290 [ 429.152420] ? mutex_trylock+0x1c0/0x1c0 [ 429.156484] ? __blkdev_put+0x397/0x7f0 [ 429.160537] ? find_held_lock+0x35/0x130 [ 429.164607] ? __blkdev_put+0x397/0x7f0 [ 429.168576] ? loop_clr_fd+0xae0/0xae0 [ 429.172505] mutex_lock_nested+0x16/0x20 [ 429.176571] ? mutex_lock_nested+0x16/0x20 [ 429.180855] lo_release+0x84/0x1b0 [ 429.184468] ? loop_clr_fd+0xae0/0xae0 [ 429.188351] __blkdev_put+0x436/0x7f0 [ 429.192204] ? bd_set_size+0xb0/0xb0 [ 429.195924] ? wait_for_completion+0x420/0x420 [ 429.200600] blkdev_put+0x88/0x510 [ 429.204202] ? fcntl_setlk+0xb90/0xb90 [ 429.208084] ? blkdev_put+0x510/0x510 [ 429.211932] blkdev_close+0x8b/0xb0 [ 429.215567] __fput+0x277/0x7a0 [ 429.218935] ____fput+0x16/0x20 [ 429.222942] task_work_run+0x119/0x190 [ 429.226844] exit_to_usermode_loop+0x1da/0x220 [ 429.231654] do_syscall_64+0x4a9/0x630 [ 429.235548] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 429.240450] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 429.245646] RIP: 0033:0x412b61 [ 429.248912] RSP: 002b:00007f0d7d08ca80 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 429.256733] RAX: 0000000000000000 RBX: 00007f0d7d08cb40 RCX: 0000000000412b61 [ 429.264083] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000004 [ 429.271406] RBP: 0000000000000001 R08: 00007f0d7d08cb40 R09: 00007f0d7d08cae0 [ 429.278683] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 429.286013] R13: 00000000004c79d9 R14: 00000000004dda18 R15: 00000000ffffffff [ 429.293327] INFO: task syz-executor.0:7538 blocked for more than 140 seconds. [ 429.300831] Not tainted 4.14.114 #4 [ 429.304978] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 429.312980] syz-executor.0 D28736 7538 7213 0x00000004 [ 429.318622] Call Trace: [ 429.321268] __schedule+0x7be/0x1cf0 [ 429.325125] ? __mutex_lock+0x737/0x1470 [ 429.329173] ? pci_mmcfg_check_reserved+0x150/0x150 [ 429.334342] schedule+0x92/0x1c0 [ 429.337721] schedule_preempt_disabled+0x13/0x20 [ 429.342529] __mutex_lock+0x73c/0x1470 [ 429.346426] ? __mutex_unlock_slowpath+0x71/0x800 [ 429.351910] ? __blkdev_get+0x145/0x1120 [ 429.355965] ? mutex_trylock+0x1c0/0x1c0 [ 429.360011] ? exact_match+0xd/0x20 [ 429.363689] ? kobj_lookup+0x319/0x410 [ 429.367563] ? blkdev_ioctl+0x1880/0x1880 [ 429.371877] mutex_lock_nested+0x16/0x20 [ 429.375941] ? mutex_lock_nested+0x16/0x20 [ 429.380217] __blkdev_get+0x145/0x1120 [ 429.384123] ? __blkdev_put+0x7f0/0x7f0 [ 429.388081] ? bd_acquire+0x178/0x2c0 [ 429.391920] ? find_held_lock+0x35/0x130 [ 429.395991] blkdev_get+0xa8/0x8e0 [ 429.399525] ? bd_may_claim+0xd0/0xd0 [ 429.403377] ? _raw_spin_unlock+0x2d/0x50 [ 429.407530] blkdev_open+0x1d1/0x260 [ 429.411308] ? security_file_open+0x8f/0x1a0 [ 429.415777] do_dentry_open+0x73e/0xeb0 [ 429.419745] ? bd_acquire+0x2c0/0x2c0 [ 429.423584] vfs_open+0x105/0x230 [ 429.427043] path_openat+0x8bd/0x3f70 [ 429.430901] ? trace_hardirqs_on+0x10/0x10 [ 429.435143] ? path_lookupat.isra.0+0x7b0/0x7b0 [ 429.439791] ? find_held_lock+0x35/0x130 [ 429.444038] ? __alloc_fd+0x1d4/0x4a0 [ 429.447844] do_filp_open+0x18e/0x250 [ 429.451674] ? may_open_dev+0xe0/0xe0 [ 429.455506] ? _raw_spin_unlock+0x2d/0x50 [ 429.459701] ? __alloc_fd+0x1d4/0x4a0 [ 429.463563] do_sys_open+0x2c5/0x430 [ 429.467281] ? filp_open+0x70/0x70 [ 429.470869] ? fput+0xd4/0x150 [ 429.474186] ? SyS_pwrite64+0xca/0x140 [ 429.478105] SyS_open+0x2d/0x40 [ 429.481829] ? do_sys_open+0x430/0x430 [ 429.485717] do_syscall_64+0x1eb/0x630 [ 429.489588] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 429.494507] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 429.499724] RIP: 0033:0x412d41 [ 429.502951] RSP: 002b:00007f0d7d008a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 429.510688] RAX: ffffffffffffffda RBX: 0000000020000168 RCX: 0000000000412d41 [ 429.517949] RDX: 00007f0d7d008b0a RSI: 0000000000000002 RDI: 00007f0d7d008b00 [ 429.525304] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 429.532659] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000003 [ 429.539970] R13: 00000000004c79d9 R14: 00000000004dda18 R15: 00000000ffffffff [ 429.547365] INFO: task syz-executor.3:7517 blocked for more than 140 seconds. [ 429.554653] Not tainted 4.14.114 #4 [ 429.558778] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 429.566836] syz-executor.3 D26272 7517 7218 0x00000004 [ 429.572629] Call Trace: [ 429.575323] __schedule+0x7be/0x1cf0 [ 429.579138] ? __mutex_lock+0x737/0x1470 [ 429.583348] ? pci_mmcfg_check_reserved+0x150/0x150 [ 429.588387] schedule+0x92/0x1c0 [ 429.591806] schedule_preempt_disabled+0x13/0x20 [ 429.596572] __mutex_lock+0x73c/0x1470 [ 429.600704] ? lo_ioctl+0x87/0x1c70 [ 429.604369] ? lock_downgrade+0x620/0x6e0 [ 429.608501] ? mutex_trylock+0x1c0/0x1c0 [ 429.613217] ? avc_has_extended_perms+0x8ec/0xe40 [ 429.618076] ? putname+0xe0/0x120 [ 429.621594] ? avc_ss_reset+0x110/0x110 [ 429.625578] mutex_lock_nested+0x16/0x20 [ 429.629625] ? mutex_lock_nested+0x16/0x20 [ 429.633989] lo_ioctl+0x87/0x1c70 [ 429.637448] ? retint_kernel+0x2d/0x2d [ 429.641394] ? trace_hardirqs_on_caller+0x400/0x590 [ 429.646416] ? loop_probe+0x160/0x160 [ 429.652020] blkdev_ioctl+0x983/0x1880 [ 429.655917] ? blkpg_ioctl+0x980/0x980 [ 429.659790] ? retint_kernel+0x2d/0x2d [ 429.663727] ? block_ioctl+0x1b/0x120 [ 429.667537] block_ioctl+0xde/0x120 [ 429.671219] ? blkdev_fallocate+0x3b0/0x3b0 [ 429.675642] do_vfs_ioctl+0x7b9/0x1070 [ 429.679527] ? selinux_file_mprotect+0x5d0/0x5d0 [ 429.684315] ? lock_downgrade+0x6e0/0x6e0 [ 429.688469] ? ioctl_preallocate+0x1c0/0x1c0 [ 429.692913] ? __fget+0x237/0x370 [ 429.696374] ? security_file_ioctl+0x8f/0xc0 [ 429.700835] SyS_ioctl+0x8f/0xc0 [ 429.704209] ? do_vfs_ioctl+0x1070/0x1070 [ 429.708343] do_syscall_64+0x1eb/0x630 [ 429.712259] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 429.718144] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 429.723382] RIP: 0033:0x458c17 [ 429.726573] RSP: 002b:00007efc962879f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 429.734314] RAX: ffffffffffffffda RBX: 00007efc962886d4 RCX: 0000000000458c17 [ 429.742344] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 [ 429.749637] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000c [ 429.756964] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000005 [ 429.764308] R13: 0000000000000000 R14: 0000000000000006 R15: 00000000ffffffff [ 429.771652] INFO: task blkid:7527 blocked for more than 140 seconds. [ 429.778161] Not tainted 4.14.114 #4 [ 429.782353] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 429.790369] blkid D29040 7527 7286 0x00000004 [ 429.796025] Call Trace: [ 429.798608] __schedule+0x7be/0x1cf0 [ 429.802370] ? __mutex_lock+0x737/0x1470 [ 429.806464] ? pci_mmcfg_check_reserved+0x150/0x150 [ 429.811541] schedule+0x92/0x1c0 [ 429.814919] schedule_preempt_disabled+0x13/0x20 [ 429.819677] __mutex_lock+0x73c/0x1470 [ 429.823602] ? lo_ioctl+0x87/0x1c70 [ 429.827251] ? lock_downgrade+0x620/0x6e0 [ 429.831461] ? mutex_trylock+0x1c0/0x1c0 [ 429.835530] ? avc_has_extended_perms+0x8ec/0xe40 [ 429.840426] ? __might_fault+0x110/0x1d0 [ 429.844501] ? avc_ss_reset+0x110/0x110 [ 429.848466] mutex_lock_nested+0x16/0x20 [ 429.852690] ? mutex_lock_nested+0x16/0x20 [ 429.856968] lo_ioctl+0x87/0x1c70 [ 429.860472] ? loop_probe+0x160/0x160 [ 429.864277] blkdev_ioctl+0x983/0x1880 [ 429.868151] ? blkpg_ioctl+0x980/0x980 [ 429.873083] ? __might_sleep+0x93/0xb0 [ 429.876972] ? save_trace+0x290/0x290 [ 429.880832] block_ioctl+0xde/0x120 [ 429.884470] ? blkdev_fallocate+0x3b0/0x3b0 [ 429.888795] do_vfs_ioctl+0x7b9/0x1070 [ 429.892724] ? selinux_file_mprotect+0x5d0/0x5d0 [ 429.897488] ? ioctl_preallocate+0x1c0/0x1c0 [ 429.901950] ? lock_downgrade+0x6e0/0x6e0 [ 429.906109] ? security_file_ioctl+0x83/0xc0 [ 429.910565] ? security_file_ioctl+0x8f/0xc0 [ 429.914979] SyS_ioctl+0x8f/0xc0 [ 429.918327] ? do_vfs_ioctl+0x1070/0x1070 [ 429.922517] do_syscall_64+0x1eb/0x630 [ 429.926406] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 429.931305] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 429.936498] RIP: 0033:0x7f867c157347 [ 429.940245] RSP: 002b:00007ffd16c5fbc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 429.947969] RAX: ffffffffffffffda RBX: 00000000019fb030 RCX: 00007f867c157347 [ 429.955279] RDX: 0000000000000000 RSI: 0000000000005331 RDI: 0000000000000003 [ 429.962604] RBP: 0000000000000003 R08: 00007f867c4075a0 R09: 0000000000000008 [ 429.969875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 429.977191] R13: 0000000000000200 R14: 0000000000000003 R15: 0000000000000005 [ 429.984499] INFO: task blkid:7532 blocked for more than 140 seconds. [ 429.991032] Not tainted 4.14.114 #4 [ 429.995179] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 430.003879] blkid D28696 7532 7177 0x00000004 [ 430.009523] Call Trace: [ 430.012150] __schedule+0x7be/0x1cf0 [ 430.015920] ? __mutex_lock+0x737/0x1470 [ 430.019968] ? pci_mmcfg_check_reserved+0x150/0x150 [ 430.025103] schedule+0x92/0x1c0 [ 430.028474] schedule_preempt_disabled+0x13/0x20 [ 430.033260] __mutex_lock+0x73c/0x1470 [ 430.037153] ? lo_open+0x1d/0xb0 [ 430.040565] ? refcount_add+0x40/0x50 [ 430.044370] ? mutex_trylock+0x1c0/0x1c0 [ 430.048419] ? exact_match+0xd/0x20 [ 430.052093] ? kobj_lookup+0x319/0x410 [ 430.055991] ? loop_unregister_transfer+0x90/0x90 [ 430.060877] mutex_lock_nested+0x16/0x20 [ 430.064938] ? mutex_lock_nested+0x16/0x20 [ 430.069184] lo_open+0x1d/0xb0 [ 430.072413] __blkdev_get+0xab1/0x1120 [ 430.076310] ? __blkdev_put+0x7f0/0x7f0 [ 430.080391] ? bd_acquire+0x178/0x2c0 [ 430.084206] ? find_held_lock+0x35/0x130 [ 430.088271] blkdev_get+0xa8/0x8e0 [ 430.091866] ? bd_may_claim+0xd0/0xd0 [ 430.095676] ? _raw_spin_unlock+0x2d/0x50 [ 430.099808] blkdev_open+0x1d1/0x260 [ 430.103554] ? security_file_open+0x8f/0x1a0 [ 430.107975] do_dentry_open+0x73e/0xeb0 [ 430.111994] ? bd_acquire+0x2c0/0x2c0 [ 430.115805] vfs_open+0x105/0x230 [ 430.119245] path_openat+0x8bd/0x3f70 [ 430.123104] ? trace_hardirqs_on+0x10/0x10 [ 430.127473] ? path_lookupat.isra.0+0x7b0/0x7b0 [ 430.132681] ? find_held_lock+0x35/0x130 [ 430.136771] ? __alloc_fd+0x1d4/0x4a0 [ 430.140626] do_filp_open+0x18e/0x250 [ 430.144433] ? may_open_dev+0xe0/0xe0 [ 430.148228] ? _raw_spin_unlock+0x2d/0x50 [ 430.152422] ? __alloc_fd+0x1d4/0x4a0 [ 430.156269] do_sys_open+0x2c5/0x430 [ 430.159975] ? filp_open+0x70/0x70 [ 430.163608] SyS_open+0x2d/0x40 [ 430.166893] ? do_sys_open+0x430/0x430 [ 430.170835] do_syscall_64+0x1eb/0x630 [ 430.174765] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 430.179639] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 430.184881] RIP: 0033:0x7fb97ea18120 [ 430.188592] RSP: 002b:00007ffd41a92ab8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 430.196612] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fb97ea18120 [ 430.204084] RDX: 00007ffd41a94f41 RSI: 0000000000000000 RDI: 00007ffd41a94f41 [ 430.211396] RBP: 0000000000000000 R08: 0000000000000078 R09: 0000000000000000 [ 430.218667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000001588030 [ 430.226352] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 430.233658] INFO: task blkid:7533 blocked for more than 140 seconds. [ 430.240235] Not tainted 4.14.114 #4 [ 430.244387] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 430.252417] blkid D28816 7533 7176 0x00000004 [ 430.258074] Call Trace: [ 430.261406] __schedule+0x7be/0x1cf0 [ 430.265128] ? __mutex_lock+0x737/0x1470 [ 430.269190] ? pci_mmcfg_check_reserved+0x150/0x150 [ 430.274244] schedule+0x92/0x1c0 [ 430.277616] schedule_preempt_disabled+0x13/0x20 [ 430.282413] __mutex_lock+0x73c/0x1470 [ 430.286303] ? __mutex_unlock_slowpath+0x71/0x800 [ 430.291319] ? __blkdev_get+0x145/0x1120 [ 430.295386] ? mutex_trylock+0x1c0/0x1c0 [ 430.299432] ? exact_match+0xd/0x20 [ 430.303089] ? kobj_lookup+0x319/0x410 [ 430.306978] ? blkdev_ioctl+0x1880/0x1880 [ 430.311170] mutex_lock_nested+0x16/0x20 [ 430.315237] ? mutex_lock_nested+0x16/0x20 [ 430.319522] __blkdev_get+0x145/0x1120 [ 430.323567] ? __blkdev_put+0x7f0/0x7f0 [ 430.327545] ? bd_acquire+0x178/0x2c0 [ 430.331391] ? find_held_lock+0x35/0x130 [ 430.335500] blkdev_get+0xa8/0x8e0 [ 430.339027] ? bd_may_claim+0xd0/0xd0 [ 430.342880] ? _raw_spin_unlock+0x2d/0x50 [ 430.347031] blkdev_open+0x1d1/0x260 [ 430.350802] ? security_file_open+0x8f/0x1a0 [ 430.355266] do_dentry_open+0x73e/0xeb0 [ 430.359253] ? bd_acquire+0x2c0/0x2c0 [ 430.363113] vfs_open+0x105/0x230 [ 430.366577] path_openat+0x8bd/0x3f70 [ 430.370426] ? trace_hardirqs_on+0x10/0x10 [ 430.374673] ? path_lookupat.isra.0+0x7b0/0x7b0 [ 430.379327] ? find_held_lock+0x35/0x130 [ 430.383429] ? __alloc_fd+0x1d4/0x4a0 [ 430.387245] do_filp_open+0x18e/0x250 [ 430.391796] ? may_open_dev+0xe0/0xe0 [ 430.395609] ? _raw_spin_unlock+0x2d/0x50 [ 430.399752] ? __alloc_fd+0x1d4/0x4a0 [ 430.403610] do_sys_open+0x2c5/0x430 [ 430.407346] ? filp_open+0x70/0x70 [ 430.410936] SyS_open+0x2d/0x40 [ 430.414223] ? do_sys_open+0x430/0x430 [ 430.418119] do_syscall_64+0x1eb/0x630 [ 430.422049] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 430.426901] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 430.432121] RIP: 0033:0x7f37b7d2c120 [ 430.435831] RSP: 002b:00007ffd4f9e9528 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 430.443731] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f37b7d2c120 [ 430.451050] RDX: 00007ffd4f9e9f41 RSI: 0000000000000000 RDI: 00007ffd4f9e9f41 [ 430.458322] RBP: 0000000000000000 R08: 0000000000000078 R09: 0000000000000000 [ 430.465632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000001eb5030 [ 430.472949] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 430.480288] [ 430.480288] Showing all locks held in the system: [ 430.486617] 1 lock held by khungtaskd/1008: [ 430.491129] #0: (tasklist_lock){.+.+}, at: [] debug_show_all_locks+0x7f/0x21f [ 430.500235] 1 lock held by rsyslogd/7045: [ 430.504378] #0: (&f->f_pos_lock){+.+.}, at: [] __fdget_pos+0xab/0xd0 [ 430.512661] 2 locks held by getty/7167: [ 430.516732] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x33/0x40 [ 430.526465] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1e6/0x17b0 [ 430.535806] 2 locks held by getty/7168: [ 430.539764] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x33/0x40 [ 430.548487] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1e6/0x17b0 [ 430.557855] 2 locks held by getty/7169: [ 430.561876] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x33/0x40 [ 430.570632] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1e6/0x17b0 [ 430.579935] 2 locks held by getty/7170: [ 430.583968] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x33/0x40 [ 430.592692] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1e6/0x17b0 [ 430.602057] 2 locks held by getty/7171: [ 430.606046] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x33/0x40 [ 430.614779] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1e6/0x17b0 [ 430.624122] 2 locks held by getty/7172: [ 430.628079] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x33/0x40 [ 430.636821] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1e6/0x17b0 [ 430.646239] 2 locks held by getty/7173: [ 430.650256] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x33/0x40 [ 430.658947] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1e6/0x17b0 [ 430.668281] 2 locks held by syz-executor.2/7217: [ 430.673077] #0: (&bdev->bd_mutex){+.+.}, at: [] __blkdev_put+0xa6/0x7f0 [ 430.681620] #1: (loop_index_mutex){+.+.}, at: [] lo_release+0x1e/0x1b0 [ 430.690092] 2 locks held by syz-executor.4/7220: [ 430.694847] #0: (&bdev->bd_mutex){+.+.}, at: [] __blkdev_get+0x145/0x1120 [ 430.703548] #1: (loop_index_mutex){+.+.}, at: [] lo_open+0x1d/0xb0 [ 430.711650] 1 lock held by syz-executor.5/7221: [ 430.716299] #0: (loop_ctl_mutex/1){+.+.}, at: [] lo_ioctl+0x87/0x1c70 [ 430.724682] 2 locks held by syz-executor.1/7514: [ 430.729459] #0: (loop_ctl_mutex/1){+.+.}, at: [] lo_ioctl+0x87/0x1c70 [ 430.738203] #1: (&bdev->bd_mutex){+.+.}, at: [] blkdev_reread_part+0x1f/0x40 [ 430.747180] 3 locks held by syz-executor.0/7524: [ 430.751968] #0: (&bdev->bd_mutex){+.+.}, at: [] __blkdev_put+0xa6/0x7f0 [ 430.760518] #1: (loop_index_mutex){+.+.}, at: [] lo_release+0x1e/0x1b0 [ 430.768950] #2: (loop_ctl_mutex#2){+.+.}, at: [] lo_release+0x84/0x1b0 [ 430.777430] 1 lock held by syz-executor.0/7538: [ 430.782130] #0: (&bdev->bd_mutex){+.+.}, at: [] __blkdev_get+0x145/0x1120 [ 430.790961] 1 lock held by syz-executor.3/7517: [ 430.795627] #0: (loop_ctl_mutex/1){+.+.}, at: [] lo_ioctl+0x87/0x1c70 [ 430.803998] 1 lock held by blkid/7527: [ 430.807885] #0: (loop_ctl_mutex/1){+.+.}, at: [] lo_ioctl+0x87/0x1c70 [ 430.816254] 2 locks held by blkid/7532: [ 430.820261] #0: (&bdev->bd_mutex){+.+.}, at: [] __blkdev_get+0x145/0x1120 [ 430.828962] #1: (loop_index_mutex){+.+.}, at: [] lo_open+0x1d/0xb0 [ 430.837069] 1 lock held by blkid/7533: [ 430.841104] #0: (&bdev->bd_mutex){+.+.}, at: [] __blkdev_get+0x145/0x1120 [ 430.849800] 1 lock held by blkid/7534: [ 430.853722] #0: (&bdev->bd_mutex){+.+.}, at: [] __blkdev_get+0x145/0x1120 [ 430.862452] [ 430.864072] ============================================= [ 430.864072] [ 430.871853] NMI backtrace for cpu 0 [ 430.875517] CPU: 0 PID: 1008 Comm: khungtaskd Not tainted 4.14.114 #4 [ 430.882077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 430.891413] Call Trace: [ 430.894005] dump_stack+0x138/0x19c [ 430.897615] nmi_cpu_backtrace.cold+0x57/0x94 [ 430.902095] ? irq_force_complete_move.cold+0x7d/0x7d [ 430.907273] nmi_trigger_cpumask_backtrace+0x141/0x189 [ 430.912565] arch_trigger_cpumask_backtrace+0x14/0x20 [ 430.917753] watchdog+0x5e7/0xb90 [ 430.921207] kthread+0x31c/0x430 [ 430.924582] ? hungtask_pm_notify+0x60/0x60 [ 430.928908] ? kthread_create_on_node+0xd0/0xd0 [ 430.933593] ret_from_fork+0x3a/0x50 [ 430.937480] Sending NMI from CPU 0 to CPUs 1: [ 430.942320] NMI backtrace for cpu 1 [ 430.942324] CPU: 1 PID: 7260 Comm: kworker/u4:6 Not tainted 4.14.114 #4 [ 430.942329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 430.942332] Workqueue: bat_events batadv_nc_worker [ 430.942337] task: ffff8880614363c0 task.stack: ffff888061438000 [ 430.942340] RIP: 0010:lock_acquire+0x30d/0x430 [ 430.942342] RSP: 0018:ffff88806143fbf0 EFLAGS: 00000083 [ 430.942348] RAX: 0000000000000001 RBX: ffff8880614363c0 RCX: 0000000000000000 [ 430.942351] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888061436c3c [ 430.942355] RBP: ffff88806143fc38 R08: 0000000000000001 R09: 0000000000000000 [ 430.942358] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888063541390 [ 430.942362] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 430.942365] FS: 0000000000000000(0000) GS:ffff8880aef00000(0000) knlGS:0000000000000000 [ 430.942368] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 430.942372] CR2: 00007f47f9afd000 CR3: 0000000072b22000 CR4: 00000000001406e0 [ 430.942374] Call Trace: [ 430.942377] ? batadv_nc_purge_orig_nc_nodes+0x230/0x230 [ 430.942379] _raw_spin_lock_bh+0x33/0x50 [ 430.942382] ? batadv_nc_purge_paths+0xcb/0x350 [ 430.942385] batadv_nc_purge_paths+0xcb/0x350 [ 430.942387] ? lock_downgrade+0x6e0/0x6e0 [ 430.942390] batadv_nc_worker+0x23d/0x6d0 [ 430.942392] process_one_work+0x868/0x1610 [ 430.942395] ? pwq_dec_nr_in_flight+0x2e0/0x2e0 [ 430.942397] worker_thread+0x5d9/0x1050 [ 430.942400] kthread+0x31c/0x430 [ 430.942402] ? process_one_work+0x1610/0x1610 [ 430.942405] ? kthread_create_on_node+0xd0/0xd0 [ 430.942407] ret_from_fork+0x3a/0x50 [ 430.942409] Code: 48 85 c0 75 99 44 8b 5d c0 65 ff 0d de 9f b9 7e 0f 85 29 fe ff ff e8 87 f4 b7 ff e9 1f fe ff ff 44 89 5d c0 65 ff 05 c3 9f b9 7e <48> 8b 05 94 2e d9 06 e8 e7 dd 04 00 44 8b 5d c0 85 c0 74 09 80 [ 430.943051] Kernel panic - not syncing: hung_task: blocked tasks [ 431.124688] CPU: 0 PID: 1008 Comm: khungtaskd Not tainted 4.14.114 #4 [ 431.131250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 431.140594] Call Trace: [ 431.143173] dump_stack+0x138/0x19c [ 431.146799] panic+0x1f2/0x438 [ 431.149989] ? add_taint.cold+0x16/0x16 [ 431.153954] ? ___preempt_schedule+0x16/0x18 [ 431.158358] watchdog+0x5f8/0xb90 [ 431.161800] kthread+0x31c/0x430 [ 431.165148] ? hungtask_pm_notify+0x60/0x60 [ 431.169467] ? kthread_create_on_node+0xd0/0xd0 [ 431.174121] ret_from_fork+0x3a/0x50 [ 431.179058] Kernel Offset: disabled [ 431.182683] Rebooting in 86400 seconds..