[ 36.020829][ T26] audit: type=1800 audit(1550720189.138:27): pid=7565 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 36.042922][ T26] audit: type=1800 audit(1550720189.148:28): pid=7565 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 36.676683][ T26] audit: type=1800 audit(1550720189.848:29): pid=7565 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [....] startpar: service(s) returned failure: ssh ...[?25l[?1c7[FAIL8[?25h[?0c failed! Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.173' (ECDSA) to the list of known hosts. 2019/02/21 03:36:40 fuzzer started 2019/02/21 03:36:43 dialing manager at 10.128.0.26:33245 2019/02/21 03:36:43 syscalls: 1 2019/02/21 03:36:43 code coverage: enabled 2019/02/21 03:36:43 comparison tracing: enabled 2019/02/21 03:36:43 extra coverage: extra coverage is not supported by the kernel 2019/02/21 03:36:43 setuid sandbox: enabled 2019/02/21 03:36:43 namespace sandbox: enabled 2019/02/21 03:36:43 Android sandbox: /sys/fs/selinux/policy does not exist 2019/02/21 03:36:43 fault injection: enabled 2019/02/21 03:36:43 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/02/21 03:36:43 net packet injection: enabled 2019/02/21 03:36:43 net device setup: enabled 03:39:37 executing program 0: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$binfmt_misc(r2, &(0x7f0000000140)=ANY=[], 0xfffffc8f) splice(r1, 0x0, r3, 0x0, 0x100000000000a, 0x0) syzkaller login: [ 224.841693][ T7751] IPVS: ftp: loaded support on port[0] = 21 03:39:38 executing program 1: seccomp(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xffffffff}]}) stat(0x0, 0x0) [ 224.962884][ T7751] chnl_net:caif_netlink_parms(): no params data found [ 225.019217][ T7751] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.026702][ T7751] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.049930][ T7751] device bridge_slave_0 entered promiscuous mode [ 225.058745][ T7751] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.065849][ T7751] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.075208][ T7751] device bridge_slave_1 entered promiscuous mode [ 225.100642][ T7751] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 225.102469][ T7754] IPVS: ftp: loaded support on port[0] = 21 [ 225.115225][ T7751] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 225.140416][ T7751] team0: Port device team_slave_0 added [ 225.151400][ T7751] team0: Port device team_slave_1 added 03:39:38 executing program 2: clone(0x28220003, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 225.251833][ T7751] device hsr_slave_0 entered promiscuous mode [ 225.317962][ T7751] device hsr_slave_1 entered promiscuous mode [ 225.367616][ T7751] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.374828][ T7751] bridge0: port 2(bridge_slave_1) entered forwarding state [ 225.382535][ T7751] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.389690][ T7751] bridge0: port 1(bridge_slave_0) entered forwarding state 03:39:38 executing program 3: clone(0x0, 0x0, 0x0, 0x0, 0x0) shmat(0x0, &(0x7f0000ffb000/0x3000)=nil, 0x0) [ 225.419673][ T7756] IPVS: ftp: loaded support on port[0] = 21 [ 225.589255][ T7751] 8021q: adding VLAN 0 to HW filter on device bond0 [ 225.612675][ T7754] chnl_net:caif_netlink_parms(): no params data found [ 225.632037][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 225.645115][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.664039][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.673173][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 225.688953][ T7751] 8021q: adding VLAN 0 to HW filter on device team0 03:39:38 executing program 4: clone(0x851c0500, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 225.708160][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 225.711331][ T7760] IPVS: ftp: loaded support on port[0] = 21 [ 225.717240][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.729188][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 225.808364][ T7757] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 225.817151][ T7757] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.824266][ T7757] bridge0: port 2(bridge_slave_1) entered forwarding state [ 225.872137][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 225.881052][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 225.894624][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 225.946875][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 225.973567][ T7751] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 225.985603][ T7751] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 225.997530][ T7764] IPVS: ftp: loaded support on port[0] = 21 [ 226.032128][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready 03:39:39 executing program 5: sendmsg(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000003c0)}, 0x0) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x1, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'nr0\x01\x00', 0x3001}) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) close(r1) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f0000000e00)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&') write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x530) [ 226.040681][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 226.051261][ T7754] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.059048][ T7754] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.067266][ T7754] device bridge_slave_0 entered promiscuous mode [ 226.085865][ T7756] chnl_net:caif_netlink_parms(): no params data found [ 226.112126][ T7754] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.119985][ T7754] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.131099][ T7754] device bridge_slave_1 entered promiscuous mode [ 226.170777][ T7751] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 226.213251][ T7754] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 226.224362][ T7754] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 226.251069][ T7754] team0: Port device team_slave_0 added [ 226.284469][ T7754] team0: Port device team_slave_1 added [ 226.294534][ T7756] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.301915][ T7756] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.310228][ T7756] device bridge_slave_0 entered promiscuous mode [ 226.322543][ T7756] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.329893][ T7756] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.331711][ T7766] IPVS: ftp: loaded support on port[0] = 21 [ 226.347059][ T7756] device bridge_slave_1 entered promiscuous mode [ 226.460656][ T7754] device hsr_slave_0 entered promiscuous mode [ 226.498946][ T7754] device hsr_slave_1 entered promiscuous mode [ 226.545919][ T7756] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 226.559422][ T7760] chnl_net:caif_netlink_parms(): no params data found [ 226.581467][ T7756] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 226.620668][ T7756] team0: Port device team_slave_0 added [ 226.651891][ T7756] team0: Port device team_slave_1 added [ 226.701939][ T7760] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.709160][ T7760] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.716926][ T7760] device bridge_slave_0 entered promiscuous mode [ 226.726241][ T7760] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.733397][ T7760] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.741654][ T7760] device bridge_slave_1 entered promiscuous mode [ 226.763869][ T7754] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.770992][ T7754] bridge0: port 2(bridge_slave_1) entered forwarding state [ 226.820870][ T7756] device hsr_slave_0 entered promiscuous mode [ 226.868055][ T7756] device hsr_slave_1 entered promiscuous mode [ 226.966557][ T7756] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.973667][ T7756] bridge0: port 2(bridge_slave_1) entered forwarding state [ 226.981056][ T7756] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.988175][ T7756] bridge0: port 1(bridge_slave_0) entered forwarding state [ 227.004945][ T7760] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 227.014939][ T7760] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 227.035029][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 227.044501][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 227.052033][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 227.104548][ T7764] chnl_net:caif_netlink_parms(): no params data found [ 227.123401][ T7760] team0: Port device team_slave_0 added [ 227.163629][ T7760] team0: Port device team_slave_1 added [ 227.249934][ T7760] device hsr_slave_0 entered promiscuous mode [ 227.287926][ T7760] device hsr_slave_1 entered promiscuous mode [ 227.371798][ T7764] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.379553][ T7764] bridge0: port 1(bridge_slave_0) entered disabled state [ 227.387224][ T7764] device bridge_slave_0 entered promiscuous mode [ 227.395464][ T7766] chnl_net:caif_netlink_parms(): no params data found 03:39:40 executing program 0: clone(0x0, 0x0, 0x0, 0x0, 0x0) seccomp(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0xfffffffffffffffb}]}) [ 227.422584][ T7754] 8021q: adding VLAN 0 to HW filter on device bond0 [ 227.449371][ T7756] 8021q: adding VLAN 0 to HW filter on device bond0 [ 227.456373][ T7764] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.464758][ T7764] bridge0: port 2(bridge_slave_1) entered disabled state [ 227.477324][ T7764] device bridge_slave_1 entered promiscuous mode [ 227.505307][ T7754] 8021q: adding VLAN 0 to HW filter on device team0 [ 227.512102][ T7781] BUG: assuming atomic context at kernel/seccomp.c:271 [ 227.529455][ T7781] in_atomic(): 0, irqs_disabled(): 0, pid: 7781, name: syz-executor.0 [ 227.539242][ T7781] no locks held by syz-executor.0/7781. [ 227.544837][ T7781] CPU: 0 PID: 7781 Comm: syz-executor.0 Not tainted 5.0.0-rc7-next-20190220 #39 [ 227.553866][ T7781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 227.563899][ T7781] Call Trace: [ 227.567168][ T7781] dump_stack+0x172/0x1f0 [ 227.571492][ T7781] __cant_sleep.cold+0xa3/0xbb [ 227.576242][ T7781] __seccomp_filter+0x12b/0x12b0 [ 227.581161][ T7781] ? seccomp_notify_release+0x280/0x280 [ 227.586687][ T7781] ? kasan_check_write+0x14/0x20 [ 227.591619][ T7781] ? _raw_spin_unlock_irq+0x28/0x90 [ 227.596795][ T7781] ? do_seccomp+0xa5a/0x2250 [ 227.601433][ T7781] ? _raw_spin_unlock_irq+0x28/0x90 [ 227.606619][ T7781] ? lockdep_hardirqs_on+0x418/0x5d0 [ 227.611886][ T7781] ? trace_hardirqs_on+0x67/0x230 [ 227.616899][ T7781] ? kasan_check_read+0x11/0x20 [ 227.621745][ T7781] ? _raw_spin_unlock_irq+0x5e/0x90 [ 227.626929][ T7781] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 227.633160][ T7781] ? do_seccomp+0x389/0x2250 [ 227.637731][ T7781] __secure_computing+0x101/0x360 [ 227.642740][ T7781] syscall_trace_enter+0x5bf/0xe10 [ 227.647833][ T7781] ? trace_event_raw_event_sys_exit+0x290/0x290 [ 227.654056][ T7781] ? kasan_check_write+0x14/0x20 [ 227.658979][ T7781] ? lockdep_hardirqs_on+0x418/0x5d0 [ 227.664246][ T7781] ? trace_hardirqs_on+0x67/0x230 [ 227.669254][ T7781] do_syscall_64+0x479/0x610 [ 227.673839][ T7781] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 227.679722][ T7781] RIP: 0033:0x45ac8a [ 227.683596][ T7781] Code: 25 18 00 00 00 00 74 01 f0 48 0f b1 3d df ba 5f 00 48 39 c2 75 da f3 c3 0f 1f 84 00 00 00 00 00 48 63 ff b8 e4 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 06 f3 c3 0f 1f 40 00 48 c7 c2 d4 ff ff ff f7 [ 227.703180][ T7781] RSP: 002b:00007f414606ec58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e4 [ 227.711569][ T7781] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045ac8a [ 227.719522][ T7781] RDX: 000000000003ffff RSI: 00007f414606ec60 RDI: 0000000000000001 [ 227.727502][ T7781] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 227.735471][ T7781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 227.743424][ T7781] R13: 00000000004c4cd5 R14: 00000000004d8890 R15: 00000000ffffffff [ 227.753730][ T26] kauditd_printk_skb: 1 callbacks suppressed [ 227.753744][ T26] audit: type=1326 audit(1550720380.928:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7780 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45ac8a code=0xffff0000 [ 227.783955][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 227.791857][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 227.800213][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 227.807927][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 227.828076][ T7756] 8021q: adding VLAN 0 to HW filter on device team0 [ 227.845782][ T7760] 8021q: adding VLAN 0 to HW filter on device bond0 [ 227.869552][ T7766] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.876721][ T7766] bridge0: port 1(bridge_slave_0) entered disabled state [ 227.884843][ T7766] device bridge_slave_0 entered promiscuous mode [ 227.894037][ T7764] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 227.904291][ T7764] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 227.928705][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 227.937136][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 227.945507][ T3480] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.952567][ T3480] bridge0: port 1(bridge_slave_0) entered forwarding state [ 227.960692][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 227.969108][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 227.977351][ T3480] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.984439][ T3480] bridge0: port 2(bridge_slave_1) entered forwarding state [ 227.991998][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 228.002099][ T7766] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.009601][ T7766] bridge0: port 2(bridge_slave_1) entered disabled state [ 228.017427][ T7766] device bridge_slave_1 entered promiscuous mode [ 228.032294][ T7764] team0: Port device team_slave_0 added [ 228.039638][ T7764] team0: Port device team_slave_1 added [ 228.051814][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 228.060463][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 228.069163][ T3480] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.076254][ T3480] bridge0: port 1(bridge_slave_0) entered forwarding state [ 228.084185][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 228.091908][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 228.099593][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 228.122282][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 228.131012][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 228.140137][ T3480] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.147159][ T3480] bridge0: port 2(bridge_slave_1) entered forwarding state [ 228.155069][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 228.163507][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 228.175012][ T7760] 8021q: adding VLAN 0 to HW filter on device team0 03:39:41 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000000440)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xbd1b) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) r2 = accept4(r0, 0x0, 0x0, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000000)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0xd}, 0x98) [ 228.250644][ T7764] device hsr_slave_0 entered promiscuous mode [ 228.288041][ T7764] device hsr_slave_1 entered promiscuous mode [ 228.342873][ T7754] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 228.354270][ T7754] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 228.370288][ T7773] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 228.379821][ T7773] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 228.388513][ T7773] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 228.396787][ T7773] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 228.405220][ T7773] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 228.413336][ T7773] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 228.421743][ T7773] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 228.430652][ T7773] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 228.439148][ T7773] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 228.447530][ T7773] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 228.455865][ T7773] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.462941][ T7773] bridge0: port 1(bridge_slave_0) entered forwarding state [ 228.471042][ T7773] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 228.479477][ T7773] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 228.496344][ T7756] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 228.508628][ T7756] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 228.527008][ T7766] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 228.542016][ T7766] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 228.554551][ T7773] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 228.566399][ T7773] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 228.574968][ T7773] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 228.583812][ T7773] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 228.592103][ T7773] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 228.601019][ T7773] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 228.609906][ T7773] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 228.619011][ T7773] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 228.627242][ T7773] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 228.635592][ T7773] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 228.644066][ T7773] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 228.658735][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 228.667260][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 228.676105][ T3480] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.683192][ T3480] bridge0: port 2(bridge_slave_1) entered forwarding state [ 228.691045][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 228.730205][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 228.749145][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 228.759299][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 228.782858][ T7756] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 228.813507][ T7760] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network 03:39:42 executing program 0: syz_emit_ethernet(0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd6050a09c00081100fe8051000000000000000000000000bbfe8000000000000000000000000000aa0500000000000000cb1058b8c073a0c5336e9da9ce93bd25eba6cacbacc3cb359a96d35b3b091d479477a4fbf14363f739883973e573525f8b65dcac77b6e84f4f5406b9a38e49700f690510b68ec3dfc0ba74638e3cc78a91dad3c857af2f1995cdcc8a0cbbf5dfde120c335178e5d85849491d36091055ba723e5ab92da52d4d44d7b10705267c7d4728e179b5aa05a948aad4c35193bb18604c44997abb78b47921d092e0cfcea2cb37a9a7fa91c7b3d1aa280e57858209a3e6fadd6c2a823f00000000000000"], 0x0) [ 228.824220][ T7760] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 228.837182][ T7757] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 228.845399][ T7757] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready 03:39:42 executing program 0: sendmsg$key(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000380)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) add_key$user(0x0, 0x0, &(0x7f0000000100)="c9", 0x1, 0x0) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0), &(0x7f0000000100), 0x390, 0xfffffffffffffffb) 03:39:42 executing program 0: r0 = memfd_create(&(0x7f0000000580)='\vem1\xc1\xf8\xa6\x8dN\xc0\xa3\\\xe2\xcb\xa2\xba\xe5\xf4\x97\xac#*\xff', 0x0) write(r0, &(0x7f0000000040)="0600", 0x2) write$FUSE_NOTIFY_STORE(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="3400000000000500000000000000"], 0xe) sendfile(r0, r0, &(0x7f0000001000), 0xffff) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) socketpair$unix(0x1, 0x2000000005, 0x0, &(0x7f000001a000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f000002eff0)={0x32b, &(0x7f0000000000)=[{}]}, 0x10) [ 228.882480][ T7757] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 228.894445][ T7757] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 228.913807][ T7801] Option 'D' to dns_resolver key: bad/missing value [ 228.917560][ T7757] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 228.931976][ T7757] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 228.943257][ T7757] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 228.961795][ T7766] team0: Port device team_slave_0 added [ 228.976915][ T7757] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 228.994646][ T7754] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 229.032476][ T7766] team0: Port device team_slave_1 added 03:39:42 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = shmat(0x0, &(0x7f0000ffc000/0x1000)=nil, 0x5000) shmdt(r1) [ 229.110920][ T7766] device hsr_slave_0 entered promiscuous mode 03:39:42 executing program 0: clone(0x40000040002000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x2) r0 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000180)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$set_timeout(0xf, r0, 0x0) r1 = openat$dir(0xffffffffffffff9c, 0x0, 0x1, 0x400000000003) openat(r1, &(0x7f0000000000)='./file0\x00', 0x2200, 0x100) syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00') r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = creat(&(0x7f0000000700)='./bus\x00', 0x0) setpgid(0x0, 0x0) write$binfmt_elf64(r3, 0x0, 0x0) fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) ftruncate(r3, 0x8200) open(0x0, 0x0, 0x44) ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, 0xffffffffffffffff) getpgid(0x0) rt_tgsigqueueinfo(0x0, 0x0, 0x2d, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r4 = socket$inet6(0xa, 0x400000000001, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) rt_sigtimedwait(&(0x7f0000000000)={0x5}, &(0x7f00000001c0), &(0x7f0000000040)={0x0, 0x1c9c380}, 0x8) r5 = dup(r4) setsockopt$inet6_tcp_int(r5, 0x6, 0x20000000000002, &(0x7f00007b1000)=0x1ff, 0x110) bind$inet6(r4, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r4, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) [ 229.168121][ T7766] device hsr_slave_1 entered promiscuous mode [ 229.200482][ C0] hrtimer: interrupt took 18780 ns [ 229.289232][ T7821] BUG: assuming atomic context at kernel/seccomp.c:271 [ 229.305568][ T7821] in_atomic(): 0, irqs_disabled(): 0, pid: 7821, name: syz-executor.1 [ 229.310908][ T7760] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 229.356819][ T7823] IPVS: ftp: loaded support on port[0] = 21 [ 229.357752][ T7821] no locks held by syz-executor.1/7821. [ 229.388397][ T7821] CPU: 0 PID: 7821 Comm: syz-executor.1 Tainted: G W 5.0.0-rc7-next-20190220 #39 [ 229.398823][ T7821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 229.408880][ T7821] Call Trace: [ 229.412178][ T7821] dump_stack+0x172/0x1f0 [ 229.416520][ T7821] __cant_sleep.cold+0xa3/0xbb [ 229.421297][ T7821] __seccomp_filter+0x12b/0x12b0 [ 229.426259][ T7821] ? seccomp_notify_release+0x280/0x280 [ 229.431813][ T7821] ? kasan_check_write+0x14/0x20 [ 229.436763][ T7821] ? _raw_spin_unlock_irq+0x28/0x90 [ 229.441965][ T7821] ? do_seccomp+0xa5a/0x2250 [ 229.446552][ T7821] ? _raw_spin_unlock_irq+0x28/0x90 [ 229.451768][ T7821] ? lockdep_hardirqs_on+0x418/0x5d0 [ 229.457078][ T7821] ? trace_hardirqs_on+0x67/0x230 [ 229.462123][ T7821] ? kasan_check_read+0x11/0x20 [ 229.466977][ T7821] ? _raw_spin_unlock_irq+0x5e/0x90 [ 229.472468][ T7821] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 229.478708][ T7821] ? do_seccomp+0x389/0x2250 [ 229.483299][ T7821] __secure_computing+0x101/0x360 [ 229.488336][ T7821] syscall_trace_enter+0x5bf/0xe10 [ 229.493467][ T7821] ? trace_event_raw_event_sys_exit+0x290/0x290 [ 229.499740][ T7821] ? lockdep_hardirqs_on+0x418/0x5d0 [ 229.505024][ T7821] ? trace_hardirqs_on+0x67/0x230 [ 229.510052][ T7821] do_syscall_64+0x479/0x610 [ 229.514652][ T7821] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 229.520536][ T7821] RIP: 0033:0x45ac8a [ 229.524431][ T7821] Code: 25 18 00 00 00 00 74 01 f0 48 0f b1 3d df ba 5f 00 48 39 c2 75 da f3 c3 0f 1f 84 00 00 00 00 00 48 63 ff b8 e4 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 06 f3 c3 0f 1f 40 00 48 c7 c2 d4 ff ff ff f7 [ 229.544032][ T7821] RSP: 002b:00007f7a05c55c58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e4 [ 229.552444][ T7821] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045ac8a [ 229.560412][ T7821] RDX: 00000000000037f7 RSI: 00007f7a05c55c60 RDI: 0000000000000001 [ 229.568560][ T7821] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 229.576526][ T7821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 229.584492][ T7821] R13: 00000000004c4cd5 R14: 00000000004d8890 R15: 00000000ffffffff [ 229.592922][ T7827] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 229.623280][ T7764] 8021q: adding VLAN 0 to HW filter on device bond0 [ 229.635737][ T26] audit: type=1326 audit(1550720382.808:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7820 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45ac8a code=0xffff0000 [ 229.655623][ T7764] 8021q: adding VLAN 0 to HW filter on device team0 [ 229.673403][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 229.682370][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 229.711025][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 229.719984][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 229.728694][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 229.735726][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 229.743641][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 229.752078][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 229.760659][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 229.767752][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 229.775914][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 229.803878][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 229.818387][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 229.827005][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 229.836021][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 229.845121][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 229.866543][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 229.878069][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 229.892499][ T7823] IPVS: ftp: loaded support on port[0] = 21 [ 229.898198][ T7766] 8021q: adding VLAN 0 to HW filter on device bond0 [ 229.911784][ T7764] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 229.922430][ T7764] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 229.946215][ T7757] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 229.954768][ T7757] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 229.964291][ T7757] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 229.973456][ T7757] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 229.981914][ T7757] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 229.995057][ T7766] 8021q: adding VLAN 0 to HW filter on device team0 [ 230.006995][ T7764] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 230.018795][ T7757] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 230.032184][ T7757] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 230.061266][ T7757] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 230.071496][ T7757] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 230.080232][ T7757] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.087290][ T7757] bridge0: port 1(bridge_slave_0) entered forwarding state [ 230.094982][ T7757] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 230.103636][ T7757] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 230.112432][ T7757] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.119526][ T7757] bridge0: port 2(bridge_slave_1) entered forwarding state [ 230.127480][ T7757] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 230.136117][ T7757] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 03:39:43 executing program 1: unshare(0x44000000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000fc7000)={0x0, 0x0, 0x4000000000080}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0) r0 = dup(0xffffffffffffffff) write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000580)=ANY=[@ANYBLOB="0e0000000900000000aafc032eb67a225d0c726391109ef81d39abec34b7695e3096b91d685df38014cbb537ac4cdabec05eb059ee718fc2561f4640cf97277275ebd9c036fa506402bce2446ddf5cb9a274a51068d5fe2648f3209cec4f1d1109da008d5da0b4afad05dd694212438e6faefc3767203f47ed7e524cb5a9d5dc60558e84380f9db00df7c439050ba35ba7f6f84375ba4a0c9f27eb4a2df348ab4ee081c5091d262a293d00bd054bcacf9405958f600aac95ac2b43835b7352fbbb04c9f366b6a0404ec5900dad557e3bf68e2dcb644dfefca9e201a1d30b63b33585a8a246b3051626d5b8c0b881b538e076a7e952d3497e6a7936c4676b579c43e27d35df48e2710def22876ffb988c43925abad9ae0e82cda9bb9dc45d5e2ba91ff229efaf066bce7980358195250cd6ad3cf8054597353acdfc4a01330c225b1809a821707ff37a418ae1ed50d36984ac77f8ba3b37e22cd1c5351bba415d0c24f4c1b3be69c5672612b074177e2b8fa76ec17cd61ba06732683269481531badc472dfa34cd2227e759a27b62d4d4426b5d049dd30e2f7a1a7f3621f5cf65c368e99b3b617f2b1b83b569947eda94e7110955c5f0aaa2d444a034be2d705124188c64a514d7a8c406b2dde9ca97068e58f4add6089b21779a79464e800c2915c571afa8c18d009f88d0c2dfbd021559efeb7ceaee7d6e725bdb74cbfd162057d21ca7ce1b1221e3daafeed1ef3a29d65600decf1937094232768ac19339645c0ffa680ec122850bc42312e0443c30ff87d075d4d4788a0d73e72cacb67fa2875ab56f7514d169c606d06ed286cc0d98b776ba204214f350cb74a0cf5ab472b574430832383356bae154fb973b279955c6ae9a743c70bd5255662e91c48e53f24a77862ec41992c53fccb6d7db812c82db87758ed9c22b88898f55015104baa2e50e8e592237bea43745184121c716a712791e984fa9f016706e519c23abfebc3987c71f3b1fa2b8b18fe46ee79e66f6799f57a8b2ade34602bce0002150f385e55bc42717526886bea6f85c1cdd2cbd73b97fa76cfa920b43e477b8d70077d0a4fc8aa3d539ab61ba0629554cc21f3d7dfd46e5cfd9176cada944f4677f9b3383ecad0a129c927c942d318e8b869f1afd4f482e9ecfcfda8aff1aa00d10a07efd837957d5764c9571261db15558c5558d70db442ed48aeb7b3fb1e47a701fe1e236e03456077c5ea767b7834d8f94bb97e650f854bfa352526d978ef1f5004863487b442fda341ab0810f4d84ee7e03f8b64600aefa9b27ea4ca36314d487721910c2428b23c35e94aceb6e0bf9252a22d988d0e304240f77a1c9c5b9198152def5a5f05d84c5ab58cd7b7691e55fbc25ffefed31ec94ba36dd1f8bdc"], 0x1) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, r0, &(0x7f0000000140)=0x13, 0x3) connect$unix(0xffffffffffffffff, &(0x7f0000000b00)=@abs, 0x6e) fsetxattr(0xffffffffffffffff, &(0x7f0000000280)=@known='user.syz\x00', 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000dc3000)={0xffffffffffffffff, &(0x7f0000f4d000), 0x0}, 0x18) socket$pptp(0x18, 0x1, 0x2) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x3f4, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 03:39:43 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x4000000000000004) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3199c070") setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000140)='bbr\x00', 0x4) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000040)='lo\x00', 0x10) sendto$inet(r1, 0x0, 0x0, 0x20000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x4f) writev(r0, &(0x7f0000000040)=[{&(0x7f0000000280)="580000001400192340834b80040d8c5602067fffffff81000000000000dca87086a5c000004f6400940005891550f4a8000000006700008000f0fffeffff09000080fff5dd00000010000100000c0900fcff0000040e05a5", 0x58}], 0x1) 03:39:43 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getegid() mkdir(&(0x7f0000000340)='./file0\x00', 0x0) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(&(0x7f0000000040)=@nullb='[d::]:/llb:\x00', &(0x7f0000000200)='./file0\x00', &(0x7f0000000100)='ceph\x00', 0x0, 0x0) [ 230.144191][ T26] audit: type=1326 audit(1550720383.318:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7820 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45ac8a code=0xffff0000 03:39:43 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x4) [ 230.278315][ T7757] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 230.286797][ T7851] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 230.342590][ T7856] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 230.345695][ T7850] IPVS: ftp: loaded support on port[0] = 21 [ 230.378398][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 230.427384][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 230.445795][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 230.474877][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 230.487267][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 230.501970][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 230.518724][ T7766] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 230.535839][ T12] libceph: connect [d::]:6789 error -101 [ 230.542183][ T12] libceph: mon0 [d::]:6789 connect error [ 230.554231][ T7766] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 230.593865][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 230.603999][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 230.621816][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 230.681704][ T7766] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 230.799600][ T7853] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 230.810492][ T7853] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 230.918119][ T7853] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 231.015206][ T7850] IPVS: ftp: loaded support on port[0] = 21 [ 231.061452][ T7864] device nr0 entered promiscuous mode [ 231.392322][ T2638] libceph: connect [d::]:6789 error -101 [ 231.398485][ T2638] libceph: mon0 [d::]:6789 connect error 03:39:44 executing program 5: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000007c0)) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], 0x0}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x1800000000000000, 0x20, 0x0, &(0x7f0000000000)="b90703e6680d698cb89e40f02cead5dc57ee41dea43e63a377fb8a977c3f1d17", 0x0, 0x100}, 0x28) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000006c0)={r0, 0x0, 0xc9, 0x0, &(0x7f0000000540)="dfb1e4bd45c49ec2c0f7f06163e0a934d508b44fc44e86cf2d19a1480d6a17f084dd811053592e79b9ce747f257f308c83f29cdfcb53efad8e8d368c6abe8db0675f8e51a22be3449fb72219c32285ee8401fd9ac422ab651f0194c4f9ebd787844bb3270e027620162168ac35cc01e2e6f7b2870d2fce9434ed5a32b66992c01e83edb7a9933d082c8a1cc85d4c869cb4f0754a73b9ba2cdcced964f3774a5fdf79abaa784a0bf73e7ee75d3b6ff9623c93a9c0829669c10de56cc25b62389086c43f50410cf2b2bb", 0x0, 0xfe}, 0x28) openat$tun(0xffffffffffffff9c, &(0x7f0000000280)='/dev/net/tun\x00', 0x2042, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={0xffffffffffffffff, &(0x7f00000002c0)="b86dfa32da56c4eaa38d2491c97f7b81570dc6167c3b57679ef8fae12cb85e3bedaac4858edd7feea053dc", 0x0}, 0x20) 03:39:44 executing program 3: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) lstat(&(0x7f00000002c0)='./file0\x00', 0x0) 03:39:44 executing program 2: r0 = socket(0x10, 0x20000000802, 0xa) write(r0, &(0x7f0000000200)="230000001a0025e0046bbc04fef70f1c020b49ff000000008011080008001d0001000000", 0x24) 03:39:44 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$video(&(0x7f0000000080)='/dev/video#\x00', 0x7, 0x0) ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000100)={0x0, 0x1, 0x0, [], 0x0}) 03:39:44 executing program 2: nanosleep(&(0x7f0000000000), &(0x7f0000000040)) r0 = semget$private(0x0, 0x7, 0x40) semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000080)=[0x1ff]) munlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) r1 = accept(0xffffffffffffff9c, &(0x7f00000000c0)=@sco, &(0x7f0000000140)=0x80) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r1, 0x10e, 0x8, &(0x7f0000000180)=0x4, 0x4) r2 = shmget$private(0x0, 0x2000, 0x800, &(0x7f0000ffd000/0x2000)=nil) shmctl$IPC_INFO(r2, 0x3, &(0x7f00000001c0)=""/8) semctl$GETALL(r2, 0x0, 0xd, &(0x7f0000000200)) getsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000240), 0x10) bind$netlink(r1, &(0x7f0000000280)={0x10, 0x0, 0x25dfdbff, 0x2000}, 0xc) r3 = gettid() prctl$PR_GET_FPEXC(0xb, &(0x7f00000002c0)) rt_sigpending(&(0x7f0000000300), 0x8) semget$private(0x0, 0x4, 0x404) getsockopt$inet_mreqn(r1, 0x0, 0x24, &(0x7f0000000340)={@rand_addr, @local}, &(0x7f0000000380)=0xc) prctl$PR_GET_FPEXC(0xb, &(0x7f00000003c0)) ptrace$poke(0x5, r3, &(0x7f0000000400), 0x6000000000) r4 = dup(r1) ioctl$TCSETAF(r4, 0x5408, &(0x7f0000000440)={0xfff, 0x8, 0x5, 0x3, 0xf, 0x7, 0x7, 0x1, 0x5, 0x5}) fallocate(r1, 0x71, 0x618d, 0x1) socket$netlink(0x10, 0x3, 0x1) prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000480)) accept(r1, &(0x7f00000004c0)=@alg, &(0x7f0000000540)=0x80) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000580)=[@timestamp, @mss={0x2, 0x8}, @window={0x3, 0xffffffff, 0x5b}], 0x3) ioctl$EXT4_IOC_GROUP_EXTEND(r4, 0x40086607, &(0x7f00000005c0)=0x400) 03:39:44 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000200)={0x94, 0x0, [0x80ffff]}) 03:39:44 executing program 3: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x800, 0x0) mlock2(&(0x7f0000d3b000/0x4000)=nil, 0x4000, 0x0) [ 231.874474][ T7892] mmap: syz-executor.3 (7892) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 232.432424][ T5] libceph: connect [d::]:6789 error -101 [ 232.443511][ T5] libceph: mon0 [d::]:6789 connect error [ 233.340460][ T7861] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 233.389444][ T5] libceph: connect [d::]:6789 error -101 [ 233.395295][ T5] libceph: mon0 [d::]:6789 connect error [ 233.466785][ T7861] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. 03:39:47 executing program 0: r0 = syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0x0, 0x5, 0x0, 0x1, 0x0, 'syz0\x00', &(0x7f0000000000)=['Leth1\x81-)\x00'], 0x9}) 03:39:47 executing program 5: seccomp(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0xfffffffffffffffb}]}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0) 03:39:47 executing program 2: seccomp(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xffffffff}]}) syz_genetlink_get_family_id$tipc(0x0) 03:39:47 executing program 3: openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='/\x02roup.stap\x00', 0x2761, 0x0) r0 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0) sendfile(r0, r0, 0x0, 0xfdef) 03:39:47 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) write$binfmt_misc(r0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @broadcast}, 0x10) 03:39:47 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000040)=0x74, 0x7) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='dctcp\x00', 0x6) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='cubic\x00', 0x6) sendto$inet(r0, &(0x7f0000000580)="a3", 0x1, 0x0, 0x0, 0x0) sendmsg(r0, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000005c0)="24f51e929df1ea6117b400791b8044ea70a9a49e26a28ec5b193497ef8e40f513a49e03fd50defde081bfe4476c8e9e1fe96e7a1731f5edb05765c0966da0fb5f3bc77f36cfba306329cf8424249bd18865ecd1d48cbf04bb472fbec892b14d6fa404812d670f4e2a5bbe528676c7883f26bdf26e0e8ae64e931c80162193fa7ec3e318e1a828035dc0e3156192873afb18bbea4ea7b9ceb5cd5d0ef95b05bdcc5e1c074b71d9e71ec1872d08f8bcfb172e4a290376f6fd8704767be88a71dad63e62a0d9945846ad6d70acf9f413bd68dc451dffc7c4de84db6ac99238bf91f9ce15c19dd6fcf23c28146974783eadeb7b59f8a07122508558a5822ef2c69f3c792db0226bf0ee28450527798b44f78f0a81b63cbddd2e8723c66edc4ff9d9efc8f6897c531adebfbb8fc4f1cf2b606f90bde471c672af2342f104975151d2d84b3b996f6d063193d6877659384de5e9d4804f839a755d3e03020ff30a5513ff9e1574ab458e629abe60728474f1933f57004add433c2a25acedb1581d01538aeb6421291cfbdbdbea5511b7565c2f1817baa512c392792fb3b5b4f5690797f8f420174a0dd72f9b9b8b872506a76f5346966fac3b417a83e7b456acee0ac88a63181743a91b2a20e47e08ea5c1a5c681916615adf2f41d96510c93e5c44f5c79bea17799dec6a8abf22b0329dcc43fd3f9fd60fb102c819dbd8783f04eff18158413904d2a8be6476ff1ab772f1a606a5dd85fd02900dbc1e4d5ce26d602612d2757f50d93f9794445bd76e3e928981983a08a6bfc06e88ae859f82733a1053c5baa4d5f835ea282b8d3264f357cf81cbba6eb5047d6e5a5bd1cd94206410354bcdaa2e923086d88e1aa3c80748fc1e99e7f7eec421d97bdf464000c56a1547dd5afdabbc312cbbd581352de6ab113cf9657b532f0abc2341bafb8f5841ab6adf96f164dd03f592ef37e9e9913a800dd5c60493f9129266cb4a5419d654071357d7b3d6ab896bc6423a4acd647649ef48557625ce9f59cd3d64842a7e4699104b21f80982e27d12bc8a725bc587400e838628bf235c9237d7be2c0b384b88920936db47e99811899108e170ebf0071fdb7144bffbd02fc2dae2d7a5295dc7d46956a72a55494d6b2ccb3740f62ac90267f0654725b7c472ff0dee002dc08c57a759c7df93a20c86ad180a07b121258bbdce5b15f858bb32cdbdac252b829448bf7bdcdab5e2a5a35f834b58e927e31ab6f20a580bb0c7ba9efce6f3b1d138c51513544af992e1950b94380f2c35d9a5f5c1dcc41e5b646facea28867fb9736c7882d4e869609e92aab80423cd4e3b8feb2f1a8bea3a420894ff3af43ea52a1e135a614a226bbd40c73dcec91b79935e13a2a50712d5af18b4039257ceb7f12543698e93219a7b44125f2bda769d6ea0cae034cbabfc0220c8718fdb636d80343e9ac0369652f82dc36ee322a2a7aedf3", 0x411}], 0x1}, 0x0) [ 234.156984][ T7908] BUG: assuming atomic context at kernel/seccomp.c:271 [ 234.164312][ T26] audit: type=1326 audit(1550720387.338:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7899 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45ac8a code=0xffff0000 [ 234.188474][ T7908] in_atomic(): 0, irqs_disabled(): 0, pid: 7908, name: syz-executor.5 [ 234.207365][ T7908] no locks held by syz-executor.5/7908. [ 234.218647][ T7908] CPU: 0 PID: 7908 Comm: syz-executor.5 Tainted: G W 5.0.0-rc7-next-20190220 #39 [ 234.229064][ T7908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 234.239132][ T7908] Call Trace: [ 234.242425][ T7908] dump_stack+0x172/0x1f0 [ 234.246766][ T7908] __cant_sleep.cold+0xa3/0xbb [ 234.251539][ T7908] __seccomp_filter+0x12b/0x12b0 [ 234.256489][ T7908] ? seccomp_notify_release+0x280/0x280 [ 234.262037][ T7908] ? kasan_check_write+0x14/0x20 [ 234.266977][ T7908] ? _raw_spin_unlock_irq+0x28/0x90 [ 234.272175][ T7908] ? do_seccomp+0xa5a/0x2250 [ 234.276766][ T7908] ? _raw_spin_unlock_irq+0x28/0x90 [ 234.281962][ T7908] ? lockdep_hardirqs_on+0x418/0x5d0 [ 234.287248][ T7908] ? trace_hardirqs_on+0x67/0x230 [ 234.292280][ T7908] ? kasan_check_read+0x11/0x20 [ 234.297139][ T7908] ? _raw_spin_unlock_irq+0x5e/0x90 [ 234.302337][ T7908] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 234.302353][ T7908] ? do_seccomp+0x389/0x2250 [ 234.302379][ T7908] __secure_computing+0x101/0x360 [ 234.302402][ T7908] syscall_trace_enter+0x5bf/0xe10 [ 234.302420][ T7908] ? trace_event_raw_event_sys_exit+0x290/0x290 [ 234.302438][ T7908] ? lockdep_hardirqs_on+0x418/0x5d0 [ 234.302451][ T7908] ? trace_hardirqs_on+0x67/0x230 [ 234.302466][ T7908] do_syscall_64+0x479/0x610 [ 234.302483][ T7908] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 234.350695][ T7908] RIP: 0033:0x45ac8a [ 234.354594][ T7908] Code: 25 18 00 00 00 00 74 01 f0 48 0f b1 3d df ba 5f 00 48 39 c2 75 da f3 c3 0f 1f 84 00 00 00 00 00 48 63 ff b8 e4 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 06 f3 c3 0f 1f 40 00 48 c7 c2 d4 ff ff ff f7 [ 234.374199][ T7908] RSP: 002b:00007f67c6bcfc58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e4 [ 234.382612][ T7908] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045ac8a [ 234.390578][ T7908] RDX: 0000000000009e4d RSI: 00007f67c6bcfc60 RDI: 0000000000000001 [ 234.398545][ T7908] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 03:39:47 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$video(&(0x7f0000000080)='/dev/video#\x00', 0x7, 0x0) ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000100)={0x1002, 0x1, 0x0, [], &(0x7f00000000c0)={0x98f909, 0xfffdfffffffffffe, [], @p_u32}}) 03:39:47 executing program 4: seccomp(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xffffffff}]}) readahead(0xffffffffffffffff, 0x0, 0x0) [ 234.406513][ T7908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 234.414478][ T7908] R13: 00000000004c4cd5 R14: 00000000004d8890 R15: 00000000ffffffff [ 234.428120][ T12] libceph: connect [d::]:6789 error -101 [ 234.433817][ T12] libceph: mon0 [d::]:6789 connect error 03:39:47 executing program 3: futex(&(0x7f000000cffc), 0x800000000086, 0x0, 0x0, 0x0, 0x0) [ 234.447774][ T26] audit: type=1326 audit(1550720387.618:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7906 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45ac8a code=0xffff0000 03:39:47 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1f, 0x1, 0x1, &(0x7f0000000000)) [ 234.488641][ T26] audit: type=1326 audit(1550720387.648:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7920 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45ac8a code=0xffff0000 03:39:47 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000040)=0x74, 0x7) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='dctcp\x00', 0x6) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='cubic\x00', 0x6) sendto$inet(r0, &(0x7f0000000580)="a3", 0x1, 0x0, 0x0, 0x0) sendmsg(r0, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000005c0)="24f51e929df1ea6117b400791b8044ea70a9a49e26a28ec5b193497ef8e40f513a49e03fd50defde081bfe4476c8e9e1fe96e7a1731f5edb05765c0966da0fb5f3bc77f36cfba306329cf8424249bd18865ecd1d48cbf04bb472fbec892b14d6fa404812d670f4e2a5bbe528676c7883f26bdf26e0e8ae64e931c80162193fa7ec3e318e1a828035dc0e3156192873afb18bbea4ea7b9ceb5cd5d0ef95b05bdcc5e1c074b71d9e71ec1872d08f8bcfb172e4a290376f6fd8704767be88a71dad63e62a0d9945846ad6d70acf9f413bd68dc451dffc7c4de84db6ac99238bf91f9ce15c19dd6fcf23c28146974783eadeb7b59f8a07122508558a5822ef2c69f3c792db0226bf0ee28450527798b44f78f0a81b63cbddd2e8723c66edc4ff9d9efc8f6897c531adebfbb8fc4f1cf2b606f90bde471c672af2342f104975151d2d84b3b996f6d063193d6877659384de5e9d4804f839a755d3e03020ff30a5513ff9e1574ab458e629abe60728474f1933f57004add433c2a25acedb1581d01538aeb6421291cfbdbdbea5511b7565c2f1817baa512c392792fb3b5b4f5690797f8f420174a0dd72f9b9b8b872506a76f5346966fac3b417a83e7b456acee0ac88a63181743a91b2a20e47e08ea5c1a5c681916615adf2f41d96510c93e5c44f5c79bea17799dec6a8abf22b0329dcc43fd3f9fd60fb102c819dbd8783f04eff18158413904d2a8be6476ff1ab772f1a606a5dd85fd02900dbc1e4d5ce26d602612d2757f50d93f9794445bd76e3e928981983a08a6bfc06e88ae859f82733a1053c5baa4d5f835ea282b8d3264f357cf81cbba6eb5047d6e5a5bd1cd94206410354bcdaa2e923086d88e1aa3c80748fc1e99e7f7eec421d97bdf464000c56a1547dd5afdabbc312cbbd581352de6ab113cf9657b532f0abc2341bafb8f5841ab6adf96f164dd03f592ef37e9e9913a800dd5c60493f9129266cb4a5419d654071357d7b3d6ab896bc6423a4acd647649ef48557625ce9f59cd3d64842a7e4699104b21f80982e27d12bc8a725bc587400e838628bf235c9237d7be2c0b384b88920936db47e99811899108e170ebf0071fdb7144bffbd02fc2dae2d7a5295dc7d46956a72a55494d6b2ccb3740f62ac90267f0654725b7c472ff0dee002dc08c57a759c7df93a20c86ad180a07b121258bbdce5b15f858bb32cdbdac252b829448bf7bdcdab5e2a5a35f834b58e927e31ab6f20a580bb0c7ba9efce6f3b1d138c51513544af992e1950b94380f2c35d9a5f5c1dcc41e5b646facea28867fb9736c7882d4e869609e92aab80423cd4e3b8feb2f1a8bea3a420894ff3af43ea52a1e135a614a226bbd40c73dcec91b79935e13a2a50712d5af18b4039257ceb7f12543698e93219a7b44125f2bda769d6ea0cae034cbabfc0220c8718fdb636d80343e9ac0369652f82dc36ee322a2a7aedf3", 0x411}], 0x1}, 0x0) 03:39:47 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f00004c6f8b)='mounts\x00') ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) read$eventfd(r0, &(0x7f0000000080), 0xff97) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='tracefs\x00', 0x0, 0x0) 03:39:47 executing program 3: unshare(0x44000000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) prctl$PR_SET_KEEPCAPS(0x8, 0x1) bind$inet6(0xffffffffffffffff, 0x0, 0x0) write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRESHEX=r1, @ANYRES64, @ANYRESHEX, @ANYPTR64=&(0x7f0000000300)=ANY=[@ANYRESOCT=r0, @ANYRES16=r0], @ANYRES32], 0x6) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000080), 0x4) open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x20) ftruncate(0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000080)={@ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x17}}, 0x1d}) r2 = syz_open_procfs(0x0, &(0x7f00000003c0)='map_files\x00') userfaultfd(0x80800) fsetxattr(r2, 0x0, &(0x7f00000002c0)='\x00', 0x1, 0x0) getpeername$unix(0xffffffffffffffff, &(0x7f0000000140), &(0x7f0000000240)=0x6e) fremovexattr(r2, &(0x7f00000000c0)=@known='user.syz\x00') socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000dc3000)={0xffffffffffffffff, &(0x7f0000f4d000), 0x0}, 0x18) socket$pptp(0x18, 0x1, 0x2) openat$pfkey(0xffffffffffffff9c, 0x0, 0x80, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="03000000df00000008001b0000000000"], 0x1}}, 0x0) [ 234.736839][ T7943] IPVS: ftp: loaded support on port[0] = 21 [ 234.937436][ T26] audit: type=1326 audit(1550720388.108:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7899 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45ac8a code=0xffff0000 [ 235.003736][ T26] audit: type=1326 audit(1550720388.138:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7906 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45ac8a code=0xffff0000 03:39:48 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f00000003c0)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0x0, 0x5, 0x0, 0x0, 0x0, 'syz0\x00', 0x0, 0x0, [], [0x2, 0x2000000000000000, 0x0, 0xfffffffffffffffc]}) 03:39:48 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000040)=0x74, 0x7) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='dctcp\x00', 0x6) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='cubic\x00', 0x6) sendto$inet(r0, &(0x7f0000000580)="a3", 0x1, 0x0, 0x0, 0x0) sendmsg(r0, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000005c0)="24f51e929df1ea6117b400791b8044ea70a9a49e26a28ec5b193497ef8e40f513a49e03fd50defde081bfe4476c8e9e1fe96e7a1731f5edb05765c0966da0fb5f3bc77f36cfba306329cf8424249bd18865ecd1d48cbf04bb472fbec892b14d6fa404812d670f4e2a5bbe528676c7883f26bdf26e0e8ae64e931c80162193fa7ec3e318e1a828035dc0e3156192873afb18bbea4ea7b9ceb5cd5d0ef95b05bdcc5e1c074b71d9e71ec1872d08f8bcfb172e4a290376f6fd8704767be88a71dad63e62a0d9945846ad6d70acf9f413bd68dc451dffc7c4de84db6ac99238bf91f9ce15c19dd6fcf23c28146974783eadeb7b59f8a07122508558a5822ef2c69f3c792db0226bf0ee28450527798b44f78f0a81b63cbddd2e8723c66edc4ff9d9efc8f6897c531adebfbb8fc4f1cf2b606f90bde471c672af2342f104975151d2d84b3b996f6d063193d6877659384de5e9d4804f839a755d3e03020ff30a5513ff9e1574ab458e629abe60728474f1933f57004add433c2a25acedb1581d01538aeb6421291cfbdbdbea5511b7565c2f1817baa512c392792fb3b5b4f5690797f8f420174a0dd72f9b9b8b872506a76f5346966fac3b417a83e7b456acee0ac88a63181743a91b2a20e47e08ea5c1a5c681916615adf2f41d96510c93e5c44f5c79bea17799dec6a8abf22b0329dcc43fd3f9fd60fb102c819dbd8783f04eff18158413904d2a8be6476ff1ab772f1a606a5dd85fd02900dbc1e4d5ce26d602612d2757f50d93f9794445bd76e3e928981983a08a6bfc06e88ae859f82733a1053c5baa4d5f835ea282b8d3264f357cf81cbba6eb5047d6e5a5bd1cd94206410354bcdaa2e923086d88e1aa3c80748fc1e99e7f7eec421d97bdf464000c56a1547dd5afdabbc312cbbd581352de6ab113cf9657b532f0abc2341bafb8f5841ab6adf96f164dd03f592ef37e9e9913a800dd5c60493f9129266cb4a5419d654071357d7b3d6ab896bc6423a4acd647649ef48557625ce9f59cd3d64842a7e4699104b21f80982e27d12bc8a725bc587400e838628bf235c9237d7be2c0b384b88920936db47e99811899108e170ebf0071fdb7144bffbd02fc2dae2d7a5295dc7d46956a72a55494d6b2ccb3740f62ac90267f0654725b7c472ff0dee002dc08c57a759c7df93a20c86ad180a07b121258bbdce5b15f858bb32cdbdac252b829448bf7bdcdab5e2a5a35f834b58e927e31ab6f20a580bb0c7ba9efce6f3b1d138c51513544af992e1950b94380f2c35d9a5f5c1dcc41e5b646facea28867fb9736c7882d4e869609e92aab80423cd4e3b8feb2f1a8bea3a420894ff3af43ea52a1e135a614a226bbd40c73dcec91b79935e13a2a50712d5af18b4039257ceb7f12543698e93219a7b44125f2bda769d6ea0cae034cbabfc0220c8718fdb636d80343e9ac0369652f82dc36ee322a2a7aedf3", 0x411}], 0x1}, 0x0) 03:39:48 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') mkdir(&(0x7f0000000480)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000280)='tracefs\x00', 0x0, 0x0) read(r0, &(0x7f0000000340)=""/65, 0x100000071) 03:39:48 executing program 2: setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000002c0)="0b8493da69d419d3e5a313affec5c48780fa42c0606761a2404a9a6c5a567525af09b4ae9ae6a36177018ff55a012c3fa3d9a196466f930c37b676633bbcdd54ad15d1d19aa5b95e6b797acddbacf7ed0796c0f196dfbb8bbe0d57cab508ca10839a6750dab329b861c57d41508204309f85c612f8e5b88a528d442e05736cbb65dc347f371e3b617e807818682759751ae85a5f6de6d672fdf84dfe6317c6c4a7e11b8fd8babb2127430a3eb34f68c6487f", 0xb2) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f00000003c0)={0x0, 0x9, "044c9ff5585adeab5c"}, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000580)=0x2fff) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000280)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 03:39:48 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000040)=0x74, 0x7) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='dctcp\x00', 0x6) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='cubic\x00', 0x6) sendto$inet(r0, &(0x7f0000000580)="a3", 0x1, 0x0, 0x0, 0x0) sendmsg(r0, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000005c0)="24f51e929df1ea6117b400791b8044ea70a9a49e26a28ec5b193497ef8e40f513a49e03fd50defde081bfe4476c8e9e1fe96e7a1731f5edb05765c0966da0fb5f3bc77f36cfba306329cf8424249bd18865ecd1d48cbf04bb472fbec892b14d6fa404812d670f4e2a5bbe528676c7883f26bdf26e0e8ae64e931c80162193fa7ec3e318e1a828035dc0e3156192873afb18bbea4ea7b9ceb5cd5d0ef95b05bdcc5e1c074b71d9e71ec1872d08f8bcfb172e4a290376f6fd8704767be88a71dad63e62a0d9945846ad6d70acf9f413bd68dc451dffc7c4de84db6ac99238bf91f9ce15c19dd6fcf23c28146974783eadeb7b59f8a07122508558a5822ef2c69f3c792db0226bf0ee28450527798b44f78f0a81b63cbddd2e8723c66edc4ff9d9efc8f6897c531adebfbb8fc4f1cf2b606f90bde471c672af2342f104975151d2d84b3b996f6d063193d6877659384de5e9d4804f839a755d3e03020ff30a5513ff9e1574ab458e629abe60728474f1933f57004add433c2a25acedb1581d01538aeb6421291cfbdbdbea5511b7565c2f1817baa512c392792fb3b5b4f5690797f8f420174a0dd72f9b9b8b872506a76f5346966fac3b417a83e7b456acee0ac88a63181743a91b2a20e47e08ea5c1a5c681916615adf2f41d96510c93e5c44f5c79bea17799dec6a8abf22b0329dcc43fd3f9fd60fb102c819dbd8783f04eff18158413904d2a8be6476ff1ab772f1a606a5dd85fd02900dbc1e4d5ce26d602612d2757f50d93f9794445bd76e3e928981983a08a6bfc06e88ae859f82733a1053c5baa4d5f835ea282b8d3264f357cf81cbba6eb5047d6e5a5bd1cd94206410354bcdaa2e923086d88e1aa3c80748fc1e99e7f7eec421d97bdf464000c56a1547dd5afdabbc312cbbd581352de6ab113cf9657b532f0abc2341bafb8f5841ab6adf96f164dd03f592ef37e9e9913a800dd5c60493f9129266cb4a5419d654071357d7b3d6ab896bc6423a4acd647649ef48557625ce9f59cd3d64842a7e4699104b21f80982e27d12bc8a725bc587400e838628bf235c9237d7be2c0b384b88920936db47e99811899108e170ebf0071fdb7144bffbd02fc2dae2d7a5295dc7d46956a72a55494d6b2ccb3740f62ac90267f0654725b7c472ff0dee002dc08c57a759c7df93a20c86ad180a07b121258bbdce5b15f858bb32cdbdac252b829448bf7bdcdab5e2a5a35f834b58e927e31ab6f20a580bb0c7ba9efce6f3b1d138c51513544af992e1950b94380f2c35d9a5f5c1dcc41e5b646facea28867fb9736c7882d4e869609e92aab80423cd4e3b8feb2f1a8bea3a420894ff3af43ea52a1e135a614a226bbd40c73dcec91b79935e13a2a50712d5af18b4039257ceb7f12543698e93219a7b44125f2bda769d6ea0cae034cbabfc0220c8718fdb636d80343e9ac0369652f82dc36ee322a2a7aedf3", 0x411}], 0x1}, 0x0) 03:39:48 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) write$P9_RLINK(0xffffffffffffffff, 0x0, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) getgid() listen(r1, 0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0) r2 = accept(r1, 0x0, 0x0) connect$unix(r0, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) getpgid(0x0) ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, 0x0) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000100)='team0\x00', 0x10) ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, 0x0) [ 235.210535][ T7943] IPVS: ftp: loaded support on port[0] = 21 [ 235.274893][ T7928] BUG: assuming atomic context at kernel/seccomp.c:271 [ 235.306120][ T7928] in_atomic(): 0, irqs_disabled(): 0, pid: 7928, name: syz-executor.4 [ 235.380934][ T7928] no locks held by syz-executor.4/7928. [ 235.389146][ T12] libceph: connect [d::]:6789 error -101 [ 235.394867][ T12] libceph: mon0 [d::]:6789 connect error [ 235.414769][ T7928] CPU: 0 PID: 7928 Comm: syz-executor.4 Tainted: G W 5.0.0-rc7-next-20190220 #39 [ 235.425194][ T7928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 235.436005][ T7928] Call Trace: [ 235.439300][ T7928] dump_stack+0x172/0x1f0 [ 235.439321][ T7928] __cant_sleep.cold+0xa3/0xbb [ 235.439340][ T7928] __seccomp_filter+0x12b/0x12b0 [ 235.439369][ T7928] ? seccomp_notify_release+0x280/0x280 [ 235.458919][ T7928] ? kasan_check_write+0x14/0x20 [ 235.463868][ T7928] ? _raw_spin_unlock_irq+0x28/0x90 [ 235.469390][ T7928] ? do_seccomp+0xa5a/0x2250 [ 235.473981][ T7928] ? _raw_spin_unlock_irq+0x28/0x90 [ 235.479394][ T7928] ? lockdep_hardirqs_on+0x418/0x5d0 [ 235.484695][ T7928] ? trace_hardirqs_on+0x67/0x230 [ 235.489737][ T7928] ? kasan_check_read+0x11/0x20 [ 235.494591][ T7928] ? _raw_spin_unlock_irq+0x5e/0x90 [ 235.499797][ T7928] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 235.506033][ T7928] ? do_seccomp+0x389/0x2250 [ 235.510626][ T7928] __secure_computing+0x101/0x360 [ 235.515651][ T7928] syscall_trace_enter+0x5bf/0xe10 [ 235.520764][ T7928] ? trace_event_raw_event_sys_exit+0x290/0x290 [ 235.527007][ T7928] ? lockdep_hardirqs_on+0x418/0x5d0 [ 235.532291][ T7928] ? trace_hardirqs_on+0x67/0x230 [ 235.537315][ T7928] do_syscall_64+0x479/0x610 [ 235.541909][ T7928] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 235.547792][ T7928] RIP: 0033:0x45ac8a [ 235.551686][ T7928] Code: 25 18 00 00 00 00 74 01 f0 48 0f b1 3d df ba 5f 00 48 39 c2 75 da f3 c3 0f 1f 84 00 00 00 00 00 48 63 ff b8 e4 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 06 f3 c3 0f 1f 40 00 48 c7 c2 d4 ff ff ff f7 [ 235.571286][ T7928] RSP: 002b:00007faf4ce3ac58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e4 [ 235.579689][ T7928] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045ac8a [ 235.587654][ T7928] RDX: 0000000000004400 RSI: 00007faf4ce3ac60 RDI: 0000000000000001 [ 235.595616][ T7928] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 235.603581][ T7928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 235.611547][ T7928] R13: 00000000004c4cd5 R14: 00000000004d8890 R15: 00000000ffffffff 03:39:48 executing program 4: seccomp(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xffffffff}]}) r0 = socket$inet6(0xa, 0x400000000001, 0x0) dup(r0) 03:39:48 executing program 5: unshare(0x44000000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000fc7000)={0x0, 0x0, 0x4000000000080}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0) r0 = dup(0xffffffffffffffff) write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000580)=ANY=[@ANYBLOB="0e0000000900000000aafc032eb67a225d0c726391109ef81d39abec34b7695e3096b91d685df38014cbb537ac4cdabec05eb059ee718fc2561f4640cf97277275ebd9c036fa506402bce2446ddf5cb9a274a51068d5fe2648f3209cec4f1d1109da008d5da0b4afad05dd694212438e6faefc3767203f47ed7e524cb5a9d5dc60558e84380f9db00df7c439050ba35ba7f6f84375ba4a0c9f27eb4a2df348ab4ee081c5091d262a293d00bd054bcacf9405958f600aac95ac2b43835b7352fbbb04c9f366b6a0404ec5900dad557e3bf68e2dcb644dfefca9e201a1d30b63b33585a8a246b3051626d5b8c0b881b538e076a7e952d3497e6a7936c4676b579c43e27d35df48e2710def22876ffb988c43925abad9ae0e82cda9bb9dc45d5e2ba91ff229efaf066bce7980358195250cd6ad3cf8054597353acdfc4a01330c225b1809a821707ff37a418ae1ed50d36984ac77f8ba3b37e22cd1c5351bba415d0c24f4c1b3be69c5672612b074177e2b8fa76ec17cd61ba06732683269481531badc472dfa34cd2227e759a27b62d4d4426b5d049dd30e2f7a1a7f3621f5cf65c368e99b3b617f2b1b83b569947eda94e7110955c5f0aaa2d444a034be2d705124188c64a514d7a8c406b2dde9ca97068e58f4add6089b21779a79464e800c2915c571afa8c18d009f88d0c2dfbd021559efeb7ceaee7d6e725bdb74cbfd162057d21ca7ce1b1221e3daafeed1ef3a29d65600decf1937094232768ac19339645c0ffa680ec122850bc42312e0443c30ff87d075d4d4788a0d73e72cacb67fa2875ab56f7514d169c606d06ed286cc0d98b776ba204214f350cb74a0cf5ab472b574430832383356bae154fb973b279955c6ae9a743c70bd5255662e91c48e53f24a77862ec41992c53fccb6d7db812c82db87758ed9c22b88898f55015104baa2e50e8e592237bea43745184121c716a712791e984fa9f016706e519c23abfebc3987c71f3b1fa2b8b18fe46ee79e66f6799f57a8b2ade34602bce0002150f385e55bc42717526886bea6f85c1cdd2cbd73b97fa76cfa920b43e477b8d70077d0a4fc8aa3d539ab61ba0629554cc21f3d7dfd46e5cfd9176cada944f4677f9b3383ecad0a129c927c942d318e8b869f1afd4f482e9ecfcfda8aff1aa00d10a07efd837957d5764c9571261db15558c5558d70db442ed48aeb7b3fb1e47a701fe1e236e03456077c5ea767b7834d8f94bb97e650f854bfa352526d978ef1f5004863487b442fda341ab0810f4d84ee7e03f8b64600aefa9b27ea4ca36314d487721910c2428b23c35e94aceb6e0bf9252a22d988d0e304240f77a1c9c5b9198152def5a5f05d84c5ab58cd7b7691e55fbc25ffefed31ec94ba36dd1f8bdca91b3d1219078a10e4172c5c3476bd484f4a27530783ab81b9cecb5b93e963906b399323e5ae44412595a8307500c310e3f5a84820a473f8ebe0b176dc89045959"], 0x1) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, r0, &(0x7f0000000140)=0x13, 0x3) connect$unix(0xffffffffffffffff, &(0x7f0000000b00)=@abs, 0x6e) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net\x00') fsetxattr(r1, &(0x7f0000000280)=@known='user.syz\x00', 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000dc3000)={0xffffffffffffffff, &(0x7f0000f4d000), 0x0}, 0x18) socket$pptp(0x18, 0x1, 0x2) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x3f4, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 03:39:48 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000040)=0x74, 0x7) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='dctcp\x00', 0x6) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='cubic\x00', 0x6) sendmsg(r0, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000005c0)="24f51e929df1ea6117b400791b8044ea70a9a49e26a28ec5b193497ef8e40f513a49e03fd50defde081bfe4476c8e9e1fe96e7a1731f5edb05765c0966da0fb5f3bc77f36cfba306329cf8424249bd18865ecd1d48cbf04bb472fbec892b14d6fa404812d670f4e2a5bbe528676c7883f26bdf26e0e8ae64e931c80162193fa7ec3e318e1a828035dc0e3156192873afb18bbea4ea7b9ceb5cd5d0ef95b05bdcc5e1c074b71d9e71ec1872d08f8bcfb172e4a290376f6fd8704767be88a71dad63e62a0d9945846ad6d70acf9f413bd68dc451dffc7c4de84db6ac99238bf91f9ce15c19dd6fcf23c28146974783eadeb7b59f8a07122508558a5822ef2c69f3c792db0226bf0ee28450527798b44f78f0a81b63cbddd2e8723c66edc4ff9d9efc8f6897c531adebfbb8fc4f1cf2b606f90bde471c672af2342f104975151d2d84b3b996f6d063193d6877659384de5e9d4804f839a755d3e03020ff30a5513ff9e1574ab458e629abe60728474f1933f57004add433c2a25acedb1581d01538aeb6421291cfbdbdbea5511b7565c2f1817baa512c392792fb3b5b4f5690797f8f420174a0dd72f9b9b8b872506a76f5346966fac3b417a83e7b456acee0ac88a63181743a91b2a20e47e08ea5c1a5c681916615adf2f41d96510c93e5c44f5c79bea17799dec6a8abf22b0329dcc43fd3f9fd60fb102c819dbd8783f04eff18158413904d2a8be6476ff1ab772f1a606a5dd85fd02900dbc1e4d5ce26d602612d2757f50d93f9794445bd76e3e928981983a08a6bfc06e88ae859f82733a1053c5baa4d5f835ea282b8d3264f357cf81cbba6eb5047d6e5a5bd1cd94206410354bcdaa2e923086d88e1aa3c80748fc1e99e7f7eec421d97bdf464000c56a1547dd5afdabbc312cbbd581352de6ab113cf9657b532f0abc2341bafb8f5841ab6adf96f164dd03f592ef37e9e9913a800dd5c60493f9129266cb4a5419d654071357d7b3d6ab896bc6423a4acd647649ef48557625ce9f59cd3d64842a7e4699104b21f80982e27d12bc8a725bc587400e838628bf235c9237d7be2c0b384b88920936db47e99811899108e170ebf0071fdb7144bffbd02fc2dae2d7a5295dc7d46956a72a55494d6b2ccb3740f62ac90267f0654725b7c472ff0dee002dc08c57a759c7df93a20c86ad180a07b121258bbdce5b15f858bb32cdbdac252b829448bf7bdcdab5e2a5a35f834b58e927e31ab6f20a580bb0c7ba9efce6f3b1d138c51513544af992e1950b94380f2c35d9a5f5c1dcc41e5b646facea28867fb9736c7882d4e869609e92aab80423cd4e3b8feb2f1a8bea3a420894ff3af43ea52a1e135a614a226bbd40c73dcec91b79935e13a2a50712d5af18b4039257ceb7f12543698e93219a7b44125f2bda769d6ea0cae034cbabfc0220c8718fdb636d80343e9ac0369652f82dc36ee322a2a7aedf3", 0x411}], 0x1}, 0x0) [ 235.653497][ T26] audit: type=1326 audit(1550720388.828:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7920 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45ac8a code=0xffff0000 03:39:48 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = gettid() getsockopt$inet_mreq(r2, 0x0, 0x0, 0x0, &(0x7f0000000140)) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x3c) fcntl$setstatus(r2, 0x4, 0x42803) 03:39:48 executing program 2: mount(0x0, 0x0, 0x0, 0x0, 0x0) recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000740)='oom_score_adj\x00\x9f\xc5r\x0e8J\xdb@\xf8\xbfj1\xe8\xce\x88\x02^\xb2\xf4hTR2\xf1\x89\x1e~m\x19\xc9lG^l\x13c7\xf7$\x7f?9>b\xe8/<\xdbj>:\xd9\x10\x04r\x18\x15\xdc)\x10I<\xd0:\x0f\x18\xec\x00\xc2w\x8a0C\xf8\xa9\xeaa\x16\x8c\xe6C\xf5\xcb\xdc\x1c\xea`\x9c\xe1\x8e\xdd\x8e\xaa\x1f\xf4\xaf\xa3Z\xbf\x17M\x1a\xff\xb1\x8dP]<\x9e\xe1B[y\xe6\xae\xe9I\xdb)\x9b\xcb\xa3Wlt\xe9\xa9\xfc\xf8\xde\xf0]\n\xa5S\x16\x1dh\x88\xc5\xea\xcf\xca5\xd2.\x93\xfd\t\x90#hq\r\x9b;\x83\xdd\x0fs\x80\x12\xc6\x8e~\xd4\xef\xc7:\xee4cu\xb2\x03\xd5\xd5)\xc9\xf1/\xea\x95_\'\xfb\xb9\xa94\xca\x9e\xf3\xfb\xc9\xd6~\xd5\xb7}B\xe5.\x86\xbf\xbb#\xb9\xf7N\xb3\xfe?x\xccX^\x16bz\"\x8a\xa45\x10t\xbb\xb7\xca\xa7\xcc\xde_\xdc\xab\xf2\xb8\xc7\xb3\xd3&$\xbb4\x81\t\xbb\xe3\xbfB(ln\xbc\xe9E<6$\x8f)\xb0\x1a\xc9\xe3\x18\xa6\xd9zk\x94Z\xed\x96\xad\xe2\\\xcb,!\x13\rv)r\xf1\x00E\xcccgr\xbf\xd4uB\x9f\xa5\x8c8\xe4D\x0f\xd3Vtd\x89\xc8V\x14\x17=\xd9\xcf*\xc8\xc7\xb7\xcc\x182/Jm\x8c5\x93\x14\xfd\x02\'\xe3\xc9\x12~\xe3\x10\xb7\xc7\xae\xcfA\x823|\xfd\xba2\xbd\xc6-\xe0E_x\xc7i\x8dV\xd9\\_l\xfb\xd8xX.N\x9bd\x91\xd5\xc1\xa1\xbahL\x95wF\x13{\xfd\xc8T\x1f\xe1)h\a\xe8Wn]\xe4\xa5\x18\x96lko\xc5o\f\x87C\x80,X\x05\xd8\xa5se\xff\xd5\x84\xdc\xc1\x99.\x90\xe0u]\xf0\xb8\xd0Dbq\xbaJk\x9a\xf4\x98[:\xd0Ze\x806\xf8=u\xc6\"n\xd7\xba\x14\x12\xcd\xf6f\xa1L\xa3V\xebI\xc8E\xc5\xf5\x8a!\xe6E\xffDT\xfd\xf3<\x92\xa6\xb6\x8c\x81#\xe2\xdc_Y\xc4\xa6\x9aqj\xa7.\x9cU\xcdZ\x9e!\x11Us7Pe\xa3\xaa\xa5\x0e\x7fmZ\xa4\xe8\xb7!\xae\xdfXL\x18\xa87\x13t\xe6S\xbf\x1a\x18;\b\r\xff\'') sendfile(r0, r0, 0x0, 0x1) [ 235.762917][ T7975] IPVS: ftp: loaded support on port[0] = 21 [ 235.819719][ T26] audit: type=1326 audit(1550720388.968:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7979 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45ac8a code=0xffff0000 [ 236.428739][ T12] libceph: connect [d::]:6789 error -101 [ 236.434482][ T12] libceph: mon0 [d::]:6789 connect error [ 236.534038][ T7975] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 236.583818][ T7985] BUG: assuming atomic context at kernel/seccomp.c:271 [ 236.598706][ T7985] in_atomic(): 0, irqs_disabled(): 0, pid: 7985, name: syz-executor.4 [ 236.638165][ T7985] no locks held by syz-executor.4/7985. [ 236.658361][ T7985] CPU: 1 PID: 7985 Comm: syz-executor.4 Tainted: G W 5.0.0-rc7-next-20190220 #39 [ 236.668781][ T7985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 236.668789][ T7985] Call Trace: [ 236.668815][ T7985] dump_stack+0x172/0x1f0 [ 236.668841][ T7985] __cant_sleep.cold+0xa3/0xbb [ 236.668873][ T7985] __seccomp_filter+0x12b/0x12b0 [ 236.668897][ T7985] ? seccomp_notify_release+0x280/0x280 [ 236.668914][ T7985] ? kasan_check_write+0x14/0x20 [ 236.668935][ T7985] ? _raw_spin_unlock_irq+0x28/0x90 [ 236.668949][ T7985] ? do_seccomp+0xa5a/0x2250 [ 236.668963][ T7985] ? _raw_spin_unlock_irq+0x28/0x90 [ 236.668979][ T7985] ? lockdep_hardirqs_on+0x418/0x5d0 [ 236.668998][ T7985] ? trace_hardirqs_on+0x67/0x230 [ 236.669016][ T7985] ? kasan_check_read+0x11/0x20 [ 236.669036][ T7985] ? _raw_spin_unlock_irq+0x5e/0x90 [ 236.669053][ T7985] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 236.669066][ T7985] ? do_seccomp+0x389/0x2250 [ 236.669088][ T7985] __secure_computing+0x101/0x360 [ 236.669121][ T7985] syscall_trace_enter+0x5bf/0xe10 [ 236.669147][ T7985] ? trace_event_raw_event_sys_exit+0x290/0x290 [ 236.669172][ T7985] ? lockdep_hardirqs_on+0x418/0x5d0 [ 236.669189][ T7985] ? trace_hardirqs_on+0x67/0x230 [ 236.669211][ T7985] do_syscall_64+0x479/0x610 [ 236.669231][ T7985] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 236.669251][ T7985] RIP: 0033:0x45ac8a [ 236.690830][ T7975] IPVS: ftp: loaded support on port[0] = 21 [ 236.691811][ T7985] Code: 25 18 00 00 00 00 74 01 f0 48 0f b1 3d df ba 5f 00 48 39 c2 75 da f3 c3 0f 1f 84 00 00 00 00 00 48 63 ff b8 e4 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 06 f3 c3 0f 1f 40 00 48 c7 c2 d4 ff ff ff f7 [ 236.691821][ T7985] RSP: 002b:00007faf4ce3ac58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e4 [ 236.691837][ T7985] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045ac8a [ 236.691846][ T7985] RDX: 0000000000001adf RSI: 00007faf4ce3ac60 RDI: 0000000000000001 [ 236.691856][ T7985] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 236.691871][ T7985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 236.691889][ T7985] R13: 00000000004c4cd5 R14: 00000000004d8890 R15: 00000000ffffffff [ 236.854835][ T26] audit: type=1326 audit(1550720390.028:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7979 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45ac8a code=0xffff0000 [ 237.143821][ T7998] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 237.159728][ T7998] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 237.207884][ T7998] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 237.345716][ T7975] syz-executor.5 (7975) used greatest stack depth: 21952 bytes left [ 237.388225][ T12] libceph: connect [d::]:6789 error -101 [ 237.393940][ T12] libceph: mon0 [d::]:6789 connect error