[info] Using makefile-style concurrent boot in runlevel 2. [ 26.819912] audit: type=1800 audit(1544634413.094:21): pid=5887 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="bootlogs" dev="sda1" ino=2419 res=0 [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.8' (ECDSA) to the list of known hosts. 2018/12/12 17:07:09 fuzzer started 2018/12/12 17:07:11 dialing manager at 10.128.0.26:45517 2018/12/12 17:07:17 syscalls: 1 2018/12/12 17:07:17 code coverage: enabled 2018/12/12 17:07:17 comparison tracing: enabled 2018/12/12 17:07:17 setuid sandbox: enabled 2018/12/12 17:07:17 namespace sandbox: enabled 2018/12/12 17:07:17 Android sandbox: /sys/fs/selinux/policy does not exist 2018/12/12 17:07:17 fault injection: enabled 2018/12/12 17:07:17 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/12/12 17:07:17 net packet injection: enabled 2018/12/12 17:07:17 net device setup: enabled 17:09:19 executing program 0: clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000600), 0xffffffffffffffff) r0 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x3a2, 0x0) getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000280)=""/227, &(0x7f00000001c0)=0xe3) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0xe, 0x24, &(0x7f0000001000)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d03010000000000950000000000000071260000000000006706000002000000bf25000000000000620500000e0000007365000000000000bf540000000000000704000004faff003d4301000000000095000000000000005d54090000000000bf250000000000000f65000000000000070500000e000000bf5400000000000007040000040000003d4301000000000095000000000000006154000000000000bf25000000000000070500000e0000001f6500000000000007050000040000000f65000000000000bf5400000000000007040000040000003d3201000000000095000000000000004d54000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) nanosleep(&(0x7f0000000080)={0x77359400}, &(0x7f00000000c0)) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ppp\x00', 0x4000, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCPKT(r3, 0x5420, &(0x7f00000001c0)) ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000440)={'gretap0\x00'}) read(r3, &(0x7f0000000280)=""/11, 0xfe17) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000003c0)) fallocate(r1, 0x40, 0x89, 0x5) openat$urandom(0xffffffffffffff9c, &(0x7f0000000380)='/dev/urandom\x00', 0x1, 0x0) socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000580)="0a5cc80700315f85715070") ioctl$TCSETS(r3, 0x5412, &(0x7f0000000040)) syz_open_pts(r3, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) ioctl$VT_SETMODE(0xffffffffffffffff, 0x5602, &(0x7f00000000c0)) syzkaller login: [ 172.831880] IPVS: ftp: loaded support on port[0] = 21 17:09:19 executing program 1: r0 = socket$inet6(0xa, 0x803, 0x20) ioctl(r0, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070") unshare(0x8000400) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000100)={'ip6gre0\x00', &(0x7f00000001c0)=@ethtool_flash={0x33, 0x0, "bf20f67668b5bcfb84ce9759013e11a35b86ffbc0d505e0d473a6bbb573727c750004a5ca4fbc65ccc1f18b001df5b9eaa08f7c76ad0fe767adfbf81cee81a1f47a92f5b8e048fa3f77a85d608902bfc872232f2b9719a74be59b350ffa0276acdcdb23d68587dfdea3530cc52db174d73d53df3f6131f84f61a1e01b10ab1d8"}}) [ 173.153937] IPVS: ftp: loaded support on port[0] = 21 17:09:19 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000200)='vcan0\x00', 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$can_raw(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@canfd={{}, 0x0, 0x0, 0x0, 0x0, "14201a38d1a9ff4e43c9574dc338b4bed5abbbcf08e6debccffe54e2f9125ac933cb937a4f642146123e0b21a1f25d60bc5831b46cf051a408f88dbd92517a4b"}, 0x48}}, 0x0) sendmsg$can_raw(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=@can={{}, 0x0, 0x0, 0x0, 0x0, "c756b247020c2f95"}, 0x10}}, 0x0) [ 173.494021] IPVS: ftp: loaded support on port[0] = 21 17:09:20 executing program 3: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x2e, &(0x7f00000004c0)="64f66a8d37de403b98aa2eb90a64292beae4690687a3f78350228aa99c605d765083985952b936efc3e21d5377b451596a3cdc05b3d2f08ff5866073b5e76cd455fedf395d6db4cb99b3ceb83f5bdd563ccc494c24561dfe452e04c279eedde3ed67aaa3d9f0559b8dcc394f34da4f7550e875ac48044c1e6c4ff08595c0c96e7a37d83600786858a92c5361cd34254824bd552951af0d7ff97679dee49461bb66465cf6a7dcd7fb0021065510c9bcd6c51eb0c4e7385444ba84ec2c9c47db0d2e8365946cfa53962e7c4863892d012155025838b83d017ad29a9662c468093ee114fdb53cceb30ca2b24f7d2c2dc58703cfc2fe839112f397a0a232d86ced3b9e6d9dcdc6e8b3709854b05ba8dde5442a92448d6123d3ff6b080f45675741a7c35d379490025fb45b893ef99d53b9ef0e2793b45d3c255eed8899503e7323fea7fc6bb839336aebd76b9b07c38b118451c6f7d6a39541247ac4649086105b849a75ff9fdb5ce0996d9ffb34b55294d5576cd116ddb6d32b9238adebb2155034710d4c047118f4edccf0d1c733b2c1235c09fc956621daa9b82c72cc88dd924d775a2a80efa1c5b40b69f4e98077babe377a2cbe27de624fc34f039a569cefb81d46c8a719188b9d1fed06e4ab7178e8bf48b7622d3538169a35bb818d9a304af0ce95641d390ca5e3a986fb367a996430e6b801b8bdf2bb3d738a29f2c1368cc879eb282f91199f06e9fb8ca3301a34993827414d1ba90f6df91d953296a6e54886f540252955f9704ad914413ec9a39474eaf1bdeaa5273d409ab552e973907bbe42102b506b4273415abe52ff1a5e9e9cd69a91f417797f99003489aa87757abb532eb4e4d0dacea97d6ef5b03b4568037b8642d3df31bcf749989413c9e458f0c524cf14a5970daf8b249f046fba714d13ffd762a7ea742c6387afa08716223c4259031bec745d86e4b1276533ce1ac1a74fd60da00be30f2c6ed85e5aa725e21d06af7d7aef1cfd9e3875a5123fa092f310ac6636f8ed0f729ca574e0f220977fb8da968ee242ed9789b6b3e3540745f7e6142bb8061b5c886b8f983600ab8ddd60de8fb9f3dc44c89bf3ae98fbaa793ed26083d5d423f31597d37e3e48b7ffcc933ba0b2d88cb55ca7c333b8fbe8a1bfae7e27a3289306ad9d7c4a7daab7922927bf71f648d98cbdc7e2177176603ebcc5a13e4302e21574322a3f3bb8cb3c699d834564afcd2ff4a8116eefb208bf49b55288e33ce3deeee4c53657ffa3a0970c89a1873bbafbf1e6eb4e03d70beba42261f572931fa600ca98c30317b7dc064c33424e7f550f342712c025d9dc1912e6ee45406738c1176bc183e9ce44196082abb7a70daade44e2c06c33b114f6f9fbbc83a80d27c9e8514dc5d9834ded976528a15403e8bfd7a54f66983cfc1c2de6dab540460eb4b91f6748015bae32c5e788d9dfc470104608e24a566e7ad84b043f40de7c42e0df1e37e266b542722158ebec21f4c22ad8c1094b67fe916f61fac973b74c0e4837e942f37ea8c97d05dde88acc87d11a01e31816aeae917094e1e4b22d34bb64b6af8819a43af04b66ec56bbde4aebdda117634473d4f1f37eb7b82c55d2a8ebc5273fb7543738feff6edea8815486bdf22f238fdaec738e9155f72fc9c47b55b143d05ede7f964efbd073cc37e5d5796453cab221a2b38d7798414abbcd195543bdd19a36a0943048c7cabf1f0e10b62f0c1cfdc952d1c0a0a3558ae96405f376d9f589508ca1d91bc910621ab5bdb2ee8855bd804ad160ec6ec7d08bc82f4c468646d67dba793f763001c7299dccf365e0859a171b1c55819cf428e4c3d49c7e1e673cf27c5098defb81b930fa7ae11855c4492207483583cdbe21e40f0434c67d35e93e889510283b915755f939a6d1ed9d254786edc1641a09a091e8e45985917b4e17593b6ed172719ea50a7984ffa95d21144eb32f1ec7702b90023e01757596a28c2bd3bd87b9586a05e1870592885bf7b33dd8f8ac7e9582d0155a345a6e79a139927e9db650c7ed77a250381c935b41d43fbd53139d0fb7ce1afb49ac8f92056bedde1d2bfadda6fa89fc0efd542cc14c3f5fdee69a4faefb03edfe9bf44373fc6cf369cd2a45ddc5a45ff6da6127f9615c7846fc7cbe82f6395cbd7d874c59d43727d8ad1fb11650e0d7637359476baf5ad38b256575412e625ee45f27636e685b357dd82c549c358fa1187f3f8b9bee06734a949a7f2ac657c46333661b9dcd6ff4df9aac6f1224cdcfdcda15e3ce263aa5c3f703f1d19d64aef3c538369e81f5b8b3a8ecf4e96501f82a6267dbd2bc9231877310b3501be8ea58a3378cc4d656c1d48709b39220522c16c27ec1fea01e9b34b8502d0fb61329beefd47bd9a07dbbded69408620aa2305c187285284fcb02127f9a03f422330607e7a5acff7bc58b243f6a58ed01baf79d6110d306da5ce05cd5e3273378a274c2353c0c81f8853e5f4cc442d10282c0df2ebf841e6070fb84bfc4590ea140fa103aaac00678f8aa73176f48f568cbb3c110473a6efb88c59e70ee6a6ce369351b2145f37e0b448b1c53f02495503f198df07b242cc13a1cd5212db63e003b8318f275c9dc2790df8e13a4fd99e0840ab3eb89239be89ecfe04e627cfbdb5419166320ec6188a0791cf4f8ca1a6e6a5713d44bd34db99d4b3a509d14d8ac399e7649caa4cd4e0d2a1082f5cae34b95ca02ad6780aecb1e8c44a2462b98a22586f393f868ff87362ec47049a78209f0b9fbac8cfac35f8d3e1ff8df359a4aeefcb5ee94c19c828b3ad485f039a9fe9bb806b045c6c14e2ff4a9ebb096e8ef3fbb6d12f8b26032ad1a67162e4e2d1500a8074a9034c0bed17deadde24713e75db61b4ea760bdb0de0db1d586b1d1b0f27816a496ec9546354bbd112626170f63155f50a34ca55bd9a6f0994e9564f6e07733704e0640bd6b2271b6a29f1f993d3db58234ee2199b4a3e9ff660a7ce35f315d7a196e2a389fd7dc0ad127f3d33c41873b38e2f7d30f767d00ff78cddbb3b88d70aa8c9cbb5c2b9f81693af97dcd4eb63b38b93ca9ee1b2367a4394a674e521db6d56592d4c157beab011f913a0ff8fd68c8054e1ec0fe26f112594f657101600877c68f3a2cf925c7611b45e7b7e47f34e22a7bb91841e60cedc89a9b43195f1dc9667d2eb412ade438415491e8f35b3d3d099d1810047bb39f42b73b1b567eecd3f7527ecde2d2b8433d05403fbf97dbc669d43e79b0537fe64452b517bace8ed4d0b089b3f18c4cd87ad304b7f960bb5196675ad1598b28691328d10701766f23a927013c367bd4c1810d076ba2ac707dcfffc5fbcb6f36f974a2a1591d6b7406524f91953963ad5974acbcdd706c073a20e622e213ee4b53c68fbe86fe52cf75a6dd8098aee76b6a6c5c3611ced9d2642898e046787e90a5ff8b38965b3f3260657b76c5c43c511ee33985eb6644927fb18c23b34f6a63a89bff1545c3e4868c64ededeea14d896d0d34a47f876581f5d84f2fb448ed1e927c89af3ecbb8ca0730e4190552918421c574d43aba6329c197b58a59c494a3af1b8cea5ceba0c3beecd5bca455a6c2de37e4dcc10fe97754d37e88ac92531c5fc646f6f93a6b24d689c9627c99a932b5808f40b1cca8624f70533bc387777d8581796ebcbeaaa58212e5974e7b453bbe5203688d74136e2184dbd51ca44da922ee960eaf72ed3da43d8ed043e6a8517d0c5bff58756b13d5c4032e9f470fe95f2a259f35f31402f3d0661c6ea02415726ad6f3d3e54ef51c1b01b72689473500ce633cae443e27d9a4e60303b72f212fc598c8764bde742181fe301aaec4a35c9ac698b748e15e01aaea2cfa905a3b8a9b6e3c57ccfe1c688337fd646ba14d023be8e75c0df70f0d9193ab5b54ca57598cfa57fef506f18444d9d33529b936bd6b2dc2265870388e536b76e1186f96c240569ce2595469c80c0a95bbca46b81b2e9d56de2218603de40dab82d25ab538a5adfdda796e4e4e5143e1a363a696fb501cd35a11e972c9cc9f074d716cafbeda13626218fbe7af202af59bca2fe47d758d1fbe0b61e7657402a9b7ef5c90e7272ed5cd474eb3a7787b088097668f96d0c272b926033fe4854eb61f2c93e864322fdc9895af66995b2a3876f9c98e29c73cdef44a55729f431d3eeda25d08b70ed6cedf5bb5bcf7d86ae2ce72ed2896d167f2e5e2c0e5c7701394697e5b1e170856a30824501c7ee7cccc3fe9dbae021a5af53aa99c73c24604d0ab4bd70cba5e71fab636e05b38a572da23dae46f56e4c591b23d276656ffbb9e98727ad719f6f118286bebefe91b771fc64b7b1831c2569b5fc6e0e0cdb6f9f9360854b4c64fd21dde43a40d398c13c2f370f1ed32c254ecc89343767e336a483435e7c75b6f24578dbd3aaa097e57f9cce2141bcb4ac46f4d03dbb9d484dccf4a428c0d1c62524f2ea782b5bae4fdaf3b0b0cbc562e1d2810396b243d70daf8a229ca1c102611743f618953b037c1113d96a91969dda1ec9b433a32797ef379b3bb3487e02c03c95308b977f67a1839e23a4b80f64d1c8540cc9859f986a8adc977c46b35f1d1bf6751f695a9ca9eb3db7967ba483ca88c971d2744ece5033b6d64fe4e19d80d2edb899fb88ec4fd2a59f381d7da1d9b1f3ff55eb9001fa9759252fc1335efad3bdc90b248e75430d64d5c15d772e08fa9610ac9ec99d34771af218606b3a0fead685ee3486304b45e64d75556efaf372f2bd653b29ecc386f16bdc74a792c1952e2cf84c8bb58069f71ee6ba43389314bb0fdf6c9fe75f538123c78d75b22e6a7c9a16ca4c6df19979a91faa83cbab831724608c09ac88f808296c04461042bf8a17f88ba7580527e5c48bfc56c2df96b8528d35220503f0e83a94667f47d3f0404962be952a4738e43e2a0b2fc6e4bc1d4b4ef1fecf924d0283ecb33a72523eacd8f803fd2758f294530075a3bf8638ae66b90db1bf880bedf6f61cced771940214783c09f161d793436f227e955b7027830fc3efbab02ebcc", 0xdf0) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='net/tcp6\x00') r2 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r2, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x80000000, @loopback}, 0x1c) listen(r2, 0x4) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r3, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) fcntl$setlease(r0, 0x400, 0x3) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0x0) r4 = accept4(r2, 0x0, &(0x7f0000000040), 0x0) ioctl$TIOCOUTQ(r1, 0x5411, &(0x7f0000000240)) r5 = dup3(r2, r4, 0x80000) syz_genetlink_get_family_id$team(&(0x7f00000001c0)='team\x00') getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000014c0)={{{@in6=@mcast1, @in6=@loopback}}, {{@in6=@dev}, 0x0, @in6=@dev}}, &(0x7f0000000200)=0xe8) getsockopt$inet6_mreq(r2, 0x29, 0x0, &(0x7f0000000280)={@mcast1}, &(0x7f00000002c0)=0x14) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f00000003c0)={@multicast2}, &(0x7f0000000480)=0xc) ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f00000015c0)={'vcan0\x00'}) accept4$packet(r1, &(0x7f0000002f00)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000002f40)=0x14, 0x800) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r5, 0x84, 0x22, &(0x7f0000000080)={0x80000000, 0x200, 0x40, 0x0, 0x0}, &(0x7f0000000300)=0x10) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f0000000340)={r6, 0x9}, 0x8) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000003000)={{{@in6=@ipv4={[], [], @loopback}, @in=@dev}}, {{@in6=@local}, 0x0, @in=@dev}}, &(0x7f0000003100)=0xe8) getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000003300)={{{@in6, @in=@multicast1}}, {{@in=@multicast2}, 0x0, @in=@dev}}, &(0x7f0000003400)=0xe8) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000034c0)={@mcast2}, &(0x7f0000003500)=0x14) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000035c0)={{{@in6=@dev, @in6=@loopback}}, {{}, 0x0, @in6}}, &(0x7f00000036c0)=0xe8) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000003700)={'vcan0\x00'}) getsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f0000003780)={{{@in, @in6=@loopback}}}, &(0x7f0000003880)=0xe8) sendmsg$TEAM_CMD_PORT_LIST_GET(0xffffffffffffffff, &(0x7f0000004180)={&(0x7f00000000c0), 0xc, &(0x7f0000004140)={&(0x7f0000001b40)=ANY=[@ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e74000000000000000000000000000008000300030000000800040008000000"], 0x1}, 0x1, 0x0, 0x0, 0x4040800}, 0x4) openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/current\x00', 0x2, 0x0) [ 174.047604] IPVS: ftp: loaded support on port[0] = 21 [ 174.326388] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.341555] bridge0: port 1(bridge_slave_0) entered disabled state 17:09:20 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)="390000001300090468fe000081000000e8ffff3f03000000450001070000001419001a0004000200070002000200000800005d14a4e91ee400", 0x39}], 0x1) r1 = memfd_create(&(0x7f0000000100)='vmnet1#[!ppp0cpuset,\x00', 0x1) ioctl$VIDIOC_S_HW_FREQ_SEEK(r1, 0x40305652, &(0x7f0000000180)={0x6, 0x0, 0x6, 0x0, 0x7f, 0xfffc}) ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0x80045503, &(0x7f0000000240)) ioctl$sock_bt_bnep_BNEPGETCONNINFO(0xffffffffffffffff, 0x800442d3, &(0x7f00000002c0)={0x0, 0x899, 0x0, @broadcast, 'veth1_to_team\x00'}) [ 174.371151] device bridge_slave_0 entered promiscuous mode [ 174.521313] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.527821] bridge0: port 2(bridge_slave_1) entered disabled state [ 174.539796] device bridge_slave_1 entered promiscuous mode [ 174.677318] IPVS: ftp: loaded support on port[0] = 21 [ 174.686872] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 174.781803] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 174.880616] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.911141] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.918751] device bridge_slave_0 entered promiscuous mode 17:09:21 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f00000000c0)={0x1}) [ 175.029617] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.062003] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.069507] device bridge_slave_1 entered promiscuous mode [ 175.207240] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 175.272147] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 175.343881] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 175.380732] IPVS: ftp: loaded support on port[0] = 21 [ 175.453496] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 175.771216] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.777715] bridge0: port 1(bridge_slave_0) entered disabled state [ 175.786009] device bridge_slave_0 entered promiscuous mode [ 175.842097] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 175.904361] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.924260] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.951628] device bridge_slave_1 entered promiscuous mode [ 175.999647] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 176.072636] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 176.124295] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 176.162634] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 176.182906] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 176.192598] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 176.222376] team0: Port device team_slave_0 added [ 176.306564] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 176.348444] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 176.365855] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 176.381821] team0: Port device team_slave_1 added [ 176.417048] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.434343] bridge0: port 1(bridge_slave_0) entered disabled state [ 176.458169] device bridge_slave_0 entered promiscuous mode [ 176.538155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 176.575479] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.594156] bridge0: port 2(bridge_slave_1) entered disabled state [ 176.609348] device bridge_slave_1 entered promiscuous mode [ 176.661240] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 176.721763] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 176.767793] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 176.788724] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 176.811731] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 176.819777] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 176.847588] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 176.877703] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 176.890453] team0: Port device team_slave_0 added [ 176.904094] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 176.919417] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 176.929395] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 176.958558] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 177.045389] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 177.059561] team0: Port device team_slave_1 added [ 177.101289] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 177.108192] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 177.138224] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.162471] bridge0: port 1(bridge_slave_0) entered disabled state [ 177.170021] device bridge_slave_0 entered promiscuous mode [ 177.239397] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 177.268421] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 177.276756] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 177.292541] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 177.300871] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 177.311777] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 177.320789] bridge0: port 2(bridge_slave_1) entered blocking state [ 177.328059] bridge0: port 2(bridge_slave_1) entered disabled state [ 177.344899] device bridge_slave_1 entered promiscuous mode [ 177.377783] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 177.437392] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 177.447816] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 177.478429] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 177.512032] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 177.529102] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 177.552257] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 177.560404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 177.619186] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 177.654376] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 177.672027] team0: Port device team_slave_0 added [ 177.707496] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 177.742240] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 177.750335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 177.826103] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 177.852356] team0: Port device team_slave_1 added [ 177.963415] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.969811] bridge0: port 1(bridge_slave_0) entered disabled state [ 177.993586] device bridge_slave_0 entered promiscuous mode [ 178.009909] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 178.035692] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 178.046198] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 178.103799] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 178.137370] bridge0: port 2(bridge_slave_1) entered blocking state [ 178.144034] bridge0: port 2(bridge_slave_1) entered disabled state [ 178.159068] device bridge_slave_1 entered promiscuous mode [ 178.168447] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 178.193996] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 178.203974] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 178.239276] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 178.251799] team0: Port device team_slave_0 added [ 178.265893] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 178.296202] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 178.309058] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 178.332562] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 178.342271] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 178.391613] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 178.399101] team0: Port device team_slave_1 added [ 178.430650] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 178.443171] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 178.464821] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 178.482192] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 178.491788] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 178.512470] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 178.583252] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 178.662694] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 178.696579] bridge0: port 2(bridge_slave_1) entered blocking state [ 178.703155] bridge0: port 2(bridge_slave_1) entered forwarding state [ 178.710320] bridge0: port 1(bridge_slave_0) entered blocking state [ 178.716819] bridge0: port 1(bridge_slave_0) entered forwarding state [ 178.732773] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 178.765525] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 178.791286] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 178.802173] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 178.926778] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 178.937599] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 178.952414] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 178.971941] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 178.988123] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 179.020342] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 179.031888] team0: Port device team_slave_0 added [ 179.067007] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 179.184253] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 179.199711] team0: Port device team_slave_1 added [ 179.207438] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 179.240835] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 179.286580] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 179.301155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 179.319177] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 179.353647] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 179.370393] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.376845] bridge0: port 2(bridge_slave_1) entered forwarding state [ 179.383581] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.389953] bridge0: port 1(bridge_slave_0) entered forwarding state [ 179.445386] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 179.451872] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 179.462639] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 179.479837] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 179.493199] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 179.615807] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 179.631902] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 179.642222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 179.737345] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 179.751575] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 179.766055] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 179.821993] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 179.832763] team0: Port device team_slave_0 added [ 179.971508] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 180.010241] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 180.035499] team0: Port device team_slave_1 added [ 180.184739] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 180.201624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 180.212099] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 180.224941] bridge0: port 2(bridge_slave_1) entered blocking state [ 180.231375] bridge0: port 2(bridge_slave_1) entered forwarding state [ 180.238061] bridge0: port 1(bridge_slave_0) entered blocking state [ 180.244517] bridge0: port 1(bridge_slave_0) entered forwarding state [ 180.252772] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 180.273971] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 180.280875] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 180.314831] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 180.412609] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 180.419815] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 180.431774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 180.486371] bridge0: port 2(bridge_slave_1) entered blocking state [ 180.493289] bridge0: port 2(bridge_slave_1) entered forwarding state [ 180.499969] bridge0: port 1(bridge_slave_0) entered blocking state [ 180.506416] bridge0: port 1(bridge_slave_0) entered forwarding state [ 180.536105] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 180.581561] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 180.588769] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 180.602494] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 180.981229] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 180.995868] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 181.202930] bridge0: port 2(bridge_slave_1) entered blocking state [ 181.209339] bridge0: port 2(bridge_slave_1) entered forwarding state [ 181.216101] bridge0: port 1(bridge_slave_0) entered blocking state [ 181.222512] bridge0: port 1(bridge_slave_0) entered forwarding state [ 181.247549] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 182.041253] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 182.140283] bridge0: port 2(bridge_slave_1) entered blocking state [ 182.146755] bridge0: port 2(bridge_slave_1) entered forwarding state [ 182.153522] bridge0: port 1(bridge_slave_0) entered blocking state [ 182.159893] bridge0: port 1(bridge_slave_0) entered forwarding state [ 182.224158] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 183.083488] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 184.352431] 8021q: adding VLAN 0 to HW filter on device bond0 [ 184.822697] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 184.912385] 8021q: adding VLAN 0 to HW filter on device bond0 [ 185.345561] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 185.368628] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 185.381226] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 185.416750] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 185.677599] 8021q: adding VLAN 0 to HW filter on device bond0 [ 185.770494] 8021q: adding VLAN 0 to HW filter on device bond0 [ 185.842187] 8021q: adding VLAN 0 to HW filter on device team0 [ 185.964526] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 185.971937] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 185.980277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 186.152541] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 186.207988] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 186.466869] 8021q: adding VLAN 0 to HW filter on device team0 [ 186.492131] 8021q: adding VLAN 0 to HW filter on device bond0 [ 186.647537] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 186.670367] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 186.691873] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 186.704598] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 186.711318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 186.718459] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 186.970401] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 187.118100] 8021q: adding VLAN 0 to HW filter on device team0 [ 187.243752] 8021q: adding VLAN 0 to HW filter on device team0 [ 187.459003] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 187.486632] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 187.497768] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 187.749653] 8021q: adding VLAN 0 to HW filter on device bond0 [ 187.949600] 8021q: adding VLAN 0 to HW filter on device team0 [ 188.271414] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 188.784225] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 188.790399] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 188.802045] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 188.951957] hrtimer: interrupt took 30689 ns 17:09:35 executing program 0: clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000600), 0xffffffffffffffff) r0 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x3a2, 0x0) getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000280)=""/227, &(0x7f00000001c0)=0xe3) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0xe, 0x24, &(0x7f0000001000)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d03010000000000950000000000000071260000000000006706000002000000bf25000000000000620500000e0000007365000000000000bf540000000000000704000004faff003d4301000000000095000000000000005d54090000000000bf250000000000000f65000000000000070500000e000000bf5400000000000007040000040000003d4301000000000095000000000000006154000000000000bf25000000000000070500000e0000001f6500000000000007050000040000000f65000000000000bf5400000000000007040000040000003d3201000000000095000000000000004d54000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) nanosleep(&(0x7f0000000080)={0x77359400}, &(0x7f00000000c0)) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ppp\x00', 0x4000, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCPKT(r3, 0x5420, &(0x7f00000001c0)) ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000440)={'gretap0\x00'}) read(r3, &(0x7f0000000280)=""/11, 0xfe17) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000003c0)) fallocate(r1, 0x40, 0x89, 0x5) openat$urandom(0xffffffffffffff9c, &(0x7f0000000380)='/dev/urandom\x00', 0x1, 0x0) socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000580)="0a5cc80700315f85715070") ioctl$TCSETS(r3, 0x5412, &(0x7f0000000040)) syz_open_pts(r3, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) ioctl$VT_SETMODE(0xffffffffffffffff, 0x5602, &(0x7f00000000c0)) 17:09:35 executing program 0: clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000600), 0xffffffffffffffff) r0 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x3a2, 0x0) getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000280)=""/227, &(0x7f00000001c0)=0xe3) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0xe, 0x24, &(0x7f0000001000)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d03010000000000950000000000000071260000000000006706000002000000bf25000000000000620500000e0000007365000000000000bf540000000000000704000004faff003d4301000000000095000000000000005d54090000000000bf250000000000000f65000000000000070500000e000000bf5400000000000007040000040000003d4301000000000095000000000000006154000000000000bf25000000000000070500000e0000001f6500000000000007050000040000000f65000000000000bf5400000000000007040000040000003d3201000000000095000000000000004d54000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) nanosleep(&(0x7f0000000080)={0x77359400}, &(0x7f00000000c0)) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ppp\x00', 0x4000, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCPKT(r3, 0x5420, &(0x7f00000001c0)) ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000440)={'gretap0\x00'}) read(r3, &(0x7f0000000280)=""/11, 0xfe17) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000003c0)) fallocate(r1, 0x40, 0x89, 0x5) openat$urandom(0xffffffffffffff9c, &(0x7f0000000380)='/dev/urandom\x00', 0x1, 0x0) socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000580)="0a5cc80700315f85715070") ioctl$TCSETS(r3, 0x5412, &(0x7f0000000040)) syz_open_pts(r3, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) ioctl$VT_SETMODE(0xffffffffffffffff, 0x5602, &(0x7f00000000c0)) [ 189.347904] 8021q: adding VLAN 0 to HW filter on device team0 17:09:35 executing program 1: r0 = socket$inet6(0xa, 0x803, 0x20) ioctl(r0, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070") unshare(0x8000400) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000100)={'ip6gre0\x00', &(0x7f00000001c0)=@ethtool_flash={0x33, 0x0, "bf20f67668b5bcfb84ce9759013e11a35b86ffbc0d505e0d473a6bbb573727c750004a5ca4fbc65ccc1f18b001df5b9eaa08f7c76ad0fe767adfbf81cee81a1f47a92f5b8e048fa3f77a85d608902bfc872232f2b9719a74be59b350ffa0276acdcdb23d68587dfdea3530cc52db174d73d53df3f6131f84f61a1e01b10ab1d8"}}) 17:09:36 executing program 1: r0 = socket$inet6(0xa, 0x803, 0x20) ioctl(r0, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070") unshare(0x8000400) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000100)={'ip6gre0\x00', &(0x7f00000001c0)=@ethtool_flash={0x33, 0x0, "bf20f67668b5bcfb84ce9759013e11a35b86ffbc0d505e0d473a6bbb573727c750004a5ca4fbc65ccc1f18b001df5b9eaa08f7c76ad0fe767adfbf81cee81a1f47a92f5b8e048fa3f77a85d608902bfc872232f2b9719a74be59b350ffa0276acdcdb23d68587dfdea3530cc52db174d73d53df3f6131f84f61a1e01b10ab1d8"}}) 17:09:36 executing program 1: r0 = socket$inet6(0xa, 0x803, 0x20) ioctl(r0, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070") unshare(0x8000400) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000100)={'ip6gre0\x00', &(0x7f00000001c0)=@ethtool_flash={0x33, 0x0, "bf20f67668b5bcfb84ce9759013e11a35b86ffbc0d505e0d473a6bbb573727c750004a5ca4fbc65ccc1f18b001df5b9eaa08f7c76ad0fe767adfbf81cee81a1f47a92f5b8e048fa3f77a85d608902bfc872232f2b9719a74be59b350ffa0276acdcdb23d68587dfdea3530cc52db174d73d53df3f6131f84f61a1e01b10ab1d8"}}) [ 190.121123] list_add corruption. next->prev should be prev (ffff8881d1f71030), but was ffff8881d1f71930. (next=ffffffff8a1dca60). [ 190.133464] ------------[ cut here ]------------ [ 190.138236] kernel BUG at lib/list_debug.c:25! [ 190.142945] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 190.148318] CPU: 0 PID: 7497 Comm: syz-executor0 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 190.156805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 190.166206] RIP: 0010:__list_add_valid.cold.2+0xf/0x2a [ 190.171524] Code: e5 80 88 e8 11 1f d2 fd 0f 0b 48 89 de 48 c7 c7 60 e5 80 88 e8 00 1f d2 fd 0f 0b 48 89 d9 48 c7 c7 20 e6 80 88 e8 ef 1e d2 fd <0f> 0b 48 89 f1 48 c7 c7 a0 e6 80 88 48 89 de e8 db 1e d2 fd 0f 0b [ 190.190439] RSP: 0018:ffff8881dac06ce0 EFLAGS: 00010286 [ 190.195812] RAX: 0000000000000075 RBX: ffffffff8a1dca60 RCX: 0000000000000000 [ 190.203086] RDX: 0000000000000000 RSI: ffffffff816621c5 RDI: 0000000000000005 [ 190.210373] RBP: ffff8881dac06cf8 R08: ffff8881c5ffe280 R09: ffffed103b585020 [ 190.217296] kobject: 'loop3' (0000000049295ab9): kobject_uevent_env [ 190.217686] R10: ffffed103b585020 R11: ffff8881dac28107 R12: ffff8881ccc9d030 [ 190.225176] kobject: 'loop3' (0000000049295ab9): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 190.231357] R13: ffff8881ccc9cdc0 R14: ffffffff8a1dc820 R15: ffffffff8a1dcab0 [ 190.231368] FS: 0000000000000000(0000) GS:ffff8881dac00000(0000) knlGS:0000000000000000 [ 190.231376] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.231383] CR2: 00000000004df422 CR3: 000000000966e000 CR4: 00000000001406f0 [ 190.231394] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 190.231401] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 190.231406] Call Trace: [ 190.231411] [ 190.231434] ___neigh_create+0x14b7/0x2600 [ 190.277187] kobject: 'loop2' (000000009ca15f9a): kobject_uevent_env [ 190.284042] ? print_usage_bug+0xc0/0xc0 [ 190.284058] ? print_usage_bug+0xc0/0xc0 [ 190.284076] ? neigh_remove_one+0x5a0/0x5a0 [ 190.284094] ? print_usage_bug+0xc0/0xc0 [ 190.284111] ? __local_bh_enable_ip+0x160/0x260 [ 190.306888] kobject: 'loop2' (000000009ca15f9a): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 190.307541] ? __local_bh_enable_ip+0x160/0x260 [ 190.334654] ? lockdep_hardirqs_on+0x296/0x5b0 [ 190.339274] ? mark_held_locks+0x130/0x130 [ 190.343525] ? __local_bh_enable_ip+0x160/0x260 [ 190.348218] ? lockdep_hardirqs_on+0x296/0x5b0 [ 190.352813] ? trace_hardirqs_on+0xbd/0x310 [ 190.357139] ? mark_held_locks+0xc7/0x130 [ 190.361330] ? ip6t_do_table+0xd9e/0x1d30 [ 190.365500] ? trace_hardirqs_off_caller+0x310/0x310 [ 190.370609] ? __local_bh_enable_ip+0x160/0x260 [ 190.375296] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 190.380850] ? lock_acquire+0x1ed/0x520 [ 190.384843] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 190.390391] ? check_preemption_disabled+0x48/0x280 [ 190.395429] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 190.400975] ? rcu_pm_notify+0xc0/0xc0 [ 190.404877] __neigh_create+0x30/0x40 [ 190.408688] ip6_finish_output2+0xa64/0x2940 [ 190.413117] ? find_held_lock+0x36/0x1c0 [ 190.417190] ? ip6_forward_finish+0x560/0x560 [ 190.421714] ? ip6_mtu+0x39c/0x520 [ 190.425279] ? lock_downgrade+0x900/0x900 [ 190.429451] ? check_preemption_disabled+0x48/0x280 [ 190.434483] ? kasan_check_read+0x11/0x20 [ 190.438640] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 190.443943] ? rcu_read_unlock_special+0x370/0x370 [ 190.448886] ? ip6_mtu+0x160/0x520 [ 190.452436] ? find_match+0x10a0/0x10a0 [ 190.456422] ? kasan_check_read+0x11/0x20 [ 190.460578] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 190.465868] ip6_finish_output+0x58c/0xc60 [ 190.470106] ? ip6_finish_output+0x58c/0xc60 [ 190.474520] ip6_output+0x232/0x9d0 [ 190.478158] ? ip6_finish_output+0xc60/0xc60 [ 190.482574] ? ip6_fragment+0x38b0/0x38b0 [ 190.486732] ? __lock_is_held+0xb5/0x140 [ 190.490813] ndisc_send_skb+0x1005/0x1560 [ 190.495391] ? nf_hook.constprop.33+0x860/0x860 [ 190.500074] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 190.505632] ? refcount_sub_and_test_checked+0x203/0x310 [ 190.511102] ? refcount_dec_if_one+0x180/0x180 [ 190.515719] ? memcpy+0x45/0x50 [ 190.519009] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 190.524563] ndisc_send_rs+0x134/0x6e0 [ 190.528458] addrconf_rs_timer+0x314/0x690 [ 190.532712] ? ipv6_get_lladdr+0x5e0/0x5e0 [ 190.536962] call_timer_fn+0x272/0x920 [ 190.540857] ? ipv6_get_lladdr+0x5e0/0x5e0 [ 190.545104] ? process_timeout+0x40/0x40 [ 190.549176] ? mark_held_locks+0xc7/0x130 [ 190.553335] ? _raw_spin_unlock_irq+0x27/0x80 [ 190.557831] ? _raw_spin_unlock_irq+0x27/0x80 [ 190.562328] ? ipv6_get_lladdr+0x5e0/0x5e0 [ 190.566569] ? lockdep_hardirqs_on+0x296/0x5b0 [ 190.571162] ? trace_hardirqs_on+0xbd/0x310 [ 190.575507] ? kasan_check_read+0x11/0x20 [ 190.579670] ? __run_timers+0x7da/0xc70 [ 190.583686] ? trace_hardirqs_off_caller+0x310/0x310 [ 190.589565] ? ipv6_get_lladdr+0x5e0/0x5e0 [ 190.593808] __run_timers+0x7e5/0xc70 [ 190.597616] ? timer_fixup_init+0x70/0x70 [ 190.601774] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 190.606794] ? graph_lock+0x270/0x270 [ 190.610604] ? print_usage_bug+0xc0/0xc0 [ 190.614702] ? hrtimer_update_softirq_timer+0xa0/0xa0 [ 190.619905] ? find_held_lock+0x36/0x1c0 [ 190.621973] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 190.624308] ? graph_lock+0x270/0x270 [ 190.624329] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 190.624345] ? check_preemption_disabled+0x48/0x280 [ 190.624364] ? __lock_is_held+0xb5/0x140 [ 190.660360] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 190.665923] ? check_preemption_disabled+0x48/0x280 17:09:36 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000200)='vcan0\x00', 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$can_raw(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@canfd={{}, 0x0, 0x0, 0x0, 0x0, "14201a38d1a9ff4e43c9574dc338b4bed5abbbcf08e6debccffe54e2f9125ac933cb937a4f642146123e0b21a1f25d60bc5831b46cf051a408f88dbd92517a4b"}, 0x48}}, 0x0) sendmsg$can_raw(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=@can={{}, 0x0, 0x0, 0x0, 0x0, "c756b247020c2f95"}, 0x10}}, 0x0) [ 190.670962] run_timer_softirq+0x52/0xb0 [ 190.675034] ? rcu_read_lock_sched_held+0x14f/0x180 [ 190.680063] __do_softirq+0x308/0xb7e [ 190.683879] ? ktime_get_raw_ts64+0x4d0/0x4d0 [ 190.688376] ? lock_downgrade+0x900/0x900 [ 190.692530] ? __irqentry_text_end+0x1f9658/0x1f9658 [ 190.697654] ? pvclock_read_flags+0x160/0x160 [ 190.698599] kobject: 'loop2' (000000009ca15f9a): kobject_uevent_env [ 190.702190] ? lapic_next_event+0x5a/0x90 [ 190.702208] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 190.702224] ? kvm_clock_read+0x18/0x30 [ 190.702234] ? kvm_sched_clock_read+0x9/0x20 [ 190.702248] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 190.702263] ? check_preemption_disabled+0x48/0x280 [ 190.702281] irq_exit+0x17f/0x1c0 [ 190.702296] smp_apic_timer_interrupt+0x1cb/0x760 [ 190.702322] ? smp_call_function_single_interrupt+0x650/0x650 [ 190.709231] kobject: 'loop2' (000000009ca15f9a): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 190.712864] ? interrupt_entry+0xb5/0xc0 [ 190.712881] ? trace_hardirqs_off_caller+0xbb/0x310 17:09:37 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000200)='vcan0\x00', 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$can_raw(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@canfd={{}, 0x0, 0x0, 0x0, 0x0, "14201a38d1a9ff4e43c9574dc338b4bed5abbbcf08e6debccffe54e2f9125ac933cb937a4f642146123e0b21a1f25d60bc5831b46cf051a408f88dbd92517a4b"}, 0x48}}, 0x0) sendmsg$can_raw(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=@can={{}, 0x0, 0x0, 0x0, 0x0, "c756b247020c2f95"}, 0x10}}, 0x0) [ 190.712893] ? trace_hardirqs_off_caller+0xbb/0x310 [ 190.712906] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 190.712919] ? trace_hardirqs_on_caller+0x310/0x310 [ 190.712931] ? trace_hardirqs_on_caller+0x310/0x310 [ 190.712955] ? task_prio+0x50/0x50 [ 190.793436] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 190.798983] ? check_preemption_disabled+0x48/0x280 [ 190.804008] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 190.808888] apic_timer_interrupt+0xf/0x20 [ 190.813127] [ 190.815375] RIP: 0010:lock_acquire+0x268/0x520 [ 190.819962] Code: 00 00 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 44 02 00 00 48 83 3d f7 2d 10 08 00 0f 84 c3 01 00 00 48 8b bd 20 ff ff ff 57 9d <0f> 1f 44 00 00 48 b8 00 00 00 00 00 fc ff df 48 01 c3 48 c7 03 00 [ 190.838871] RSP: 0018:ffff88818e3f6b10 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13 [ 190.846586] RAX: dffffc0000000000 RBX: 1ffff11031c7ed67 RCX: 0000000000000000 [ 190.853857] RDX: 1ffffffff12e4816 RSI: 0000000000000000 RDI: 0000000000000282 [ 190.861145] RBP: ffff88818e3f6c00 R08: ffff8881c5ffeb48 R09: 0000000000000008 17:09:37 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000200)='vcan0\x00', 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$can_raw(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@canfd={{}, 0x0, 0x0, 0x0, 0x0, "14201a38d1a9ff4e43c9574dc338b4bed5abbbcf08e6debccffe54e2f9125ac933cb937a4f642146123e0b21a1f25d60bc5831b46cf051a408f88dbd92517a4b"}, 0x48}}, 0x0) sendmsg$can_raw(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=@can={{}, 0x0, 0x0, 0x0, 0x0, "c756b247020c2f95"}, 0x10}}, 0x0) [ 190.868413] R10: 0000000000000028 R11: ffff8881c5ffe280 R12: ffff8881c5ffe280 [ 190.875726] R13: 0000000000000002 R14: 0000000000000000 R15: 0000000000000000 [ 190.883026] ? find_held_lock+0x36/0x1c0 [ 190.887099] ? lock_release+0xa00/0xa00 [ 190.891093] ? __unlock_page_memcg+0x53/0x100 [ 190.895597] ? lock_downgrade+0x900/0x900 [ 190.899754] ? check_preemption_disabled+0x48/0x280 [ 190.904786] lock_page_memcg+0x95/0x350 [ 190.908767] ? mem_cgroup_hierarchy_write+0x230/0x230 [ 190.913963] ? rcu_read_unlock_special+0x370/0x370 [ 190.918903] ? mem_cgroup_hierarchy_write+0x230/0x230 [ 190.924106] page_remove_rmap+0x855/0x1a30 [ 190.928354] ? page_add_file_rmap+0x1470/0x1470 [ 190.933030] ? __lock_is_held+0xb5/0x140 [ 190.937110] ? rcu_read_lock_sched_held+0x14f/0x180 [ 190.942135] ? __alloc_pages_nodemask+0xb9c/0xec0 [ 190.946993] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 190.952536] ? graph_lock+0x270/0x270 [ 190.956348] ? __alloc_pages_slowpath+0x2e00/0x2e00 [ 190.961369] ? free_pages_and_swap_cache+0x475/0x6f0 [ 190.966479] ? find_held_lock+0x36/0x1c0 [ 190.970541] ? kasan_check_read+0x11/0x20 [ 190.974709] ? page_mapcount+0x3b5/0x5d0 [ 190.978834] ? fault_around_bytes_set+0x90/0x90 [ 190.983515] ? lock_downgrade+0x900/0x900 [ 190.987686] ? kasan_check_write+0x14/0x20 [ 190.991939] ? do_raw_spin_lock+0x14f/0x350 [ 190.996271] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 191.001300] ? _vm_normal_page+0x161/0x3c0 [ 191.005541] ? __pte_alloc_kernel+0x210/0x210 [ 191.010041] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 191.015061] ? __tlb_remove_page_size+0x187/0x500 [ 191.019918] unmap_page_range+0x11c7/0x2930 [ 191.024257] ? vm_normal_page_pmd+0x510/0x510 [ 191.028762] ? kasan_check_read+0x11/0x20 [ 191.032538] kobject: 'loop4' (00000000309c2aa2): kobject_uevent_env [ 191.032915] ? rcu_read_unlock_special+0x370/0x370 [ 191.039339] kobject: 'loop4' (00000000309c2aa2): fill_kobj_path: path = '/devices/virtual/block/loop4' [ 191.044235] ? rcu_softirq_qs+0x20/0x20 [ 191.044247] ? unwind_dump+0x190/0x190 [ 191.044264] ? is_bpf_text_address+0xd3/0x170 [ 191.044277] ? kernel_text_address+0x79/0xf0 [ 191.044289] ? __kernel_text_address+0xd/0x40 [ 191.044303] ? graph_lock+0x270/0x270 [ 191.044325] ? find_held_lock+0x36/0x1c0 [ 191.073517] netlink: 3 bytes leftover after parsing attributes in process `syz-executor4'. [ 191.074976] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 191.074990] ? uprobe_munmap+0x14c/0x450 [ 191.075005] ? uprobe_mmap+0x1130/0x1130 [ 191.075018] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 191.075038] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 191.079237] netlink: 3 bytes leftover after parsing attributes in process `syz-executor4'. [ 191.082886] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 191.082902] ? pagevec_lru_move_fn+0x259/0x350 [ 191.082917] ? trace_hardirqs_off_caller+0x310/0x310 [ 191.082934] unmap_single_vma+0x19b/0x310 [ 191.082951] unmap_vmas+0x252/0x3d0 [ 191.082965] ? zap_vma_ptes+0x110/0x110 [ 191.082976] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 191.082994] ? kasan_check_write+0x14/0x20 [ 191.083007] exit_mmap+0x2be/0x590 [ 191.083020] ? __ia32_sys_munmap+0x80/0x80 [ 191.083034] ? __khugepaged_exit+0x455/0x6a0 [ 191.083056] ? __might_sleep+0x95/0x190 [ 191.083070] mmput+0x247/0x610 [ 191.083084] ? lock_downgrade+0x900/0x900 [ 191.083097] ? set_mm_exe_file+0x200/0x200 [ 191.083113] ? kasan_check_read+0x11/0x20 [ 191.083125] ? do_raw_spin_unlock+0xa7/0x330 [ 191.083138] ? do_raw_spin_trylock+0x270/0x270 [ 191.083152] ? up_read_non_owner+0x100/0x100 [ 191.083167] ? __down_interruptible+0x700/0x700 [ 191.083186] do_exit+0xdeb/0x2620 [ 191.083205] ? mm_update_next_owner+0x990/0x990 [ 191.083219] ? finish_task_switch+0x1f4/0x910 [ 191.083232] ? _raw_spin_unlock_irq+0x27/0x80 [ 191.083245] ? _raw_spin_unlock_irq+0x27/0x80 [ 191.083259] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 191.083273] ? trace_hardirqs_on+0xbd/0x310 [ 191.083286] ? kasan_check_read+0x11/0x20 [ 191.083297] ? finish_task_switch+0x1f4/0x910 [ 191.083312] ? trace_hardirqs_off_caller+0x310/0x310 [ 191.083325] ? compat_start_thread+0x80/0x80 [ 191.083342] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 191.083357] ? _raw_spin_unlock_irq+0x60/0x80 [ 191.083369] ? finish_task_switch+0x1f4/0x910 [ 191.083380] ? finish_task_switch+0x1b4/0x910 [ 191.083391] ? __switch_to_asm+0x34/0x70 [ 191.083404] ? preempt_notifier_register+0x200/0x200 [ 191.083415] ? __switch_to_asm+0x34/0x70 [ 191.083426] ? __switch_to_asm+0x34/0x70 [ 191.083438] ? __switch_to_asm+0x40/0x70 [ 191.083449] ? __switch_to_asm+0x34/0x70 [ 191.083460] ? __switch_to_asm+0x40/0x70 [ 191.083471] ? __switch_to_asm+0x34/0x70 [ 191.083482] ? __switch_to_asm+0x40/0x70 [ 191.083493] ? __switch_to_asm+0x34/0x70 [ 191.083505] ? __switch_to_asm+0x34/0x70 [ 191.083517] ? __switch_to_asm+0x34/0x70 [ 191.083528] ? __switch_to_asm+0x40/0x70 [ 191.083539] ? __switch_to_asm+0x34/0x70 [ 191.083550] ? __switch_to_asm+0x40/0x70 [ 191.083567] ? __schedule+0xa49/0x21e0 [ 191.083584] ? __sched_text_start+0x8/0x8 [ 191.083598] ? find_held_lock+0x36/0x1c0 [ 191.083614] ? find_held_lock+0x36/0x1c0 [ 191.083632] ? do_group_exit+0x35f/0x440 [ 191.083645] ? _raw_spin_unlock_irq+0x27/0x80 [ 191.083667] ? _raw_spin_unlock_irq+0x27/0x80 [ 191.083681] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 191.083700] ? preempt_schedule+0x4d/0x60 [ 191.083716] ? preempt_schedule_common+0x1f/0xe0 [ 191.083730] ? preempt_schedule+0x4d/0x60 [ 191.083744] ? ___preempt_schedule+0x16/0x18 [ 191.083763] do_group_exit+0x177/0x440 [ 191.083779] ? __ia32_sys_exit+0x50/0x50 [ 191.083793] ? trace_hardirqs_off_caller+0x310/0x310 [ 191.083811] __x64_sys_exit_group+0x3e/0x50 [ 191.083825] do_syscall_64+0x1b9/0x820 [ 191.083837] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 191.083852] ? syscall_return_slowpath+0x5e0/0x5e0 [ 191.083864] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 191.083878] ? trace_hardirqs_on_caller+0x310/0x310 [ 191.083892] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 191.083906] ? prepare_exit_to_usermode+0x291/0x3b0 [ 191.083923] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 191.083940] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 191.083952] RIP: 0033:0x457679 [ 191.083975] Code: Bad RIP value. [ 191.083983] RSP: 002b:00007ffe9f645458 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 191.083996] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000457679 [ 191.084004] RDX: 0000000000411131 RSI: fffffffffffffff7 RDI: 0000000000000000 [ 191.084011] RBP: 0000000000000000 R08: 0000000032202fcc R09: 0000000000000001 [ 191.084019] R10: ffffffff816dc8f1 R11: 0000000000000246 R12: 0000000000000000 [ 191.084027] R13: 0000000000000001 R14: 0000000000000002 R15: 0000000000000000 [ 191.084043] ? enqueue_hrtimer+0xf1/0x560 [ 191.084053] Modules linked in: [ 191.084120] ---[ end trace 722a20efecb542f9 ]--- [ 191.084138] RIP: 0010:__list_add_valid.cold.2+0xf/0x2a [ 191.084151] Code: e5 80 88 e8 11 1f d2 fd 0f 0b 48 89 de 48 c7 c7 60 e5 80 88 e8 00 1f d2 fd 0f 0b 48 89 d9 48 c7 c7 20 e6 80 88 e8 ef 1e d2 fd <0f> 0b 48 89 f1 48 c7 c7 a0 e6 80 88 48 89 de e8 db 1e d2 fd 0f 0b [ 191.084158] RSP: 0018:ffff8881dac06ce0 EFLAGS: 00010286 [ 191.084169] RAX: 0000000000000075 RBX: ffffffff8a1dca60 RCX: 0000000000000000 [ 191.084177] RDX: 0000000000000000 RSI: ffffffff816621c5 RDI: 0000000000000005 [ 191.084185] RBP: ffff8881dac06cf8 R08: ffff8881c5ffe280 R09: ffffed103b585020 [ 191.084193] R10: ffffed103b585020 R11: ffff8881dac28107 R12: ffff8881ccc9d030 [ 191.084202] R13: ffff8881ccc9cdc0 R14: ffffffff8a1dc820 R15: ffffffff8a1dcab0 [ 191.084212] FS: 0000000000000000(0000) GS:ffff8881dac00000(0000) knlGS:0000000000000000 [ 191.084221] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.084229] CR2: 000000000045764f CR3: 000000000966e000 CR4: 00000000001406f0 [ 191.084241] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 191.084249] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 191.084256] Kernel panic - not syncing: Fatal exception in interrupt [ 191.085311] Kernel Offset: disabled [ 191.626517] Rebooting in 86400 seconds..