bond0: Enslaving bond_slave_1 as an active interface with an up link bond0: Releasing backup interface bond_slave_1 kasan: CONFIG_KASAN_INLINE enabled kobject: 'loop0' (000000001e852c11): kobject_uevent_env kasan: GPF could be caused by NULL-ptr deref or user memory access general protection fault: 0000 [#1] PREEMPT SMP KASAN CPU: 1 PID: 14840 Comm: syz-executor.1 Not tainted 5.0.0-rc7+ #74 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:lock_accessed kernel/locking/lockdep.c:968 [inline] RIP: 0010:__bfs kernel/locking/lockdep.c:1035 [inline] RIP: 0010:__bfs+0x18a/0x5a0 kernel/locking/lockdep.c:989 kobject: 'loop0' (000000001e852c11): fill_kobj_path: path = '/devices/virtual/block/loop0' Code: 8b 3f 4d 39 fd 0f 84 77 01 00 00 49 8d 7f 10 4c 89 f8 4c 8b 0d 17 dc fa 08 48 89 f9 48 2d a0 77 31 8a 48 c1 e9 03 48 c1 f8 06 <42> 80 3c 31 00 0f 85 db 02 00 00 49 8b 77 10 4c 8d 46 2c 4c 89 c1 RSP: 0018:ffff8880ae907828 EFLAGS: 00010007 RAX: 0000000001d73a21 RBX: ffff8880ae9078f0 RCX: 0000000000000002 RDX: 0000000000000000 RSI: 1ffffffff14ab754 RDI: 0000000000000010 RBP: ffff8880ae907890 R08: 0000000000000001 R09: 00000000000027d4 R10: ffffed1015d25bcf R11: 0000000000000000 R12: 0000000000000006 R13: ffffffff8a200110 R14: dffffc0000000000 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 kobject: 'loop2' (0000000029d3e7e5): kobject_uevent_env CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000001b3112a000 CR3: 0000000008871000 CR4: 00000000001406e0 Call Trace: __bfs_forwards kernel/locking/lockdep.c:1063 [inline] find_usage_forwards kernel/locking/lockdep.c:1363 [inline] check_usage_forwards+0x119/0x340 kernel/locking/lockdep.c:2575 kobject: 'loop2' (0000000029d3e7e5): fill_kobj_path: path = '/devices/virtual/block/loop2' mark_lock_irq kernel/locking/lockdep.c:2690 [inline] mark_lock+0x427/0x1380 kernel/locking/lockdep.c:3062 mark_irqflags kernel/locking/lockdep.c:2940 [inline] __lock_acquire+0x128f/0x4700 kernel/locking/lockdep.c:3295 connect: ipv4 mapped TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. lock_acquire+0x16f/0x3f0 kernel/locking/lockdep.c:3841 kobject: 'loop5' (00000000073e942d): kobject_uevent_env __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_lock+0x2f/0x40 kernel/locking/spinlock.c:144 spin_lock include/linux/spinlock.h:329 [inline] __queue_work+0x9ce/0x1180 kernel/workqueue.c:1434 delayed_work_timer_fn+0x5d/0x90 kernel/workqueue.c:1520 kobject: 'loop5' (00000000073e942d): fill_kobj_path: path = '/devices/virtual/block/loop5' call_timer_fn+0x190/0x720 kernel/time/timer.c:1325 kobject: 'loop3' (00000000479c4cea): kobject_uevent_env expire_timers kernel/time/timer.c:1358 [inline] __run_timers kernel/time/timer.c:1681 [inline] __run_timers kernel/time/timer.c:1649 [inline] run_timer_softirq+0x44c/0x1700 kernel/time/timer.c:1694 kobject: 'loop3' (00000000479c4cea): fill_kobj_path: path = '/devices/virtual/block/loop3' __do_softirq+0x266/0x95a kernel/softirq.c:292 invoke_softirq kernel/softirq.c:373 [inline] irq_exit+0x180/0x1d0 kernel/softirq.c:413 exiting_irq arch/x86/include/asm/apic.h:536 [inline] smp_apic_timer_interrupt+0x14a/0x570 arch/x86/kernel/apic/apic.c:1062 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:807 RIP: 0010:pte_none arch/x86/include/asm/pgtable.h:704 [inline] RIP: 0010:zap_pte_range mm/memory.c:1057 [inline] RIP: 0010:zap_pmd_range mm/memory.c:1192 [inline] RIP: 0010:zap_pud_range mm/memory.c:1221 [inline] RIP: 0010:zap_p4d_range mm/memory.c:1242 [inline] RIP: 0010:unmap_page_range+0x8d3/0x2330 mm/memory.c:1263 Code: ff ff ff e8 6f e9 d5 ff 48 8b 85 58 ff ff ff 48 c1 e8 03 42 80 3c 38 00 0f 85 ef 15 00 00 48 8b 85 58 ff ff ff 31 ff 4c 8b 28 <4c> 89 eb 48 83 e3 9f 48 89 de e8 de ea d5 ff 48 85 db 0f 84 7c 08 RSP: 0018:ffff888063487968 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 RAX: ffff88808bbb0cc0 RBX: 00007fbce0798000 RCX: ffffffff819a0163 RDX: 0000000000000000 RSI: ffffffff8199fb01 RDI: 0000000000000000 RBP: ffff888063487ac8 R08: ffff8880a789e700 R09: fffff94000473f1f R10: fffff94000473f1e R11: ffffea000239f8f3 R12: 0000000000000000 R13: 800000008e7e4007 R14: 00007fbce0800000 R15: dffffc0000000000 unmap_single_vma+0x19d/0x300 mm/memory.c:1308 unmap_vmas+0x115/0x250 mm/memory.c:1339 exit_mmap+0x2c2/0x530 mm/mmap.c:3140 __mmput kernel/fork.c:1047 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1068 exit_mm kernel/exit.c:545 [inline] do_exit+0x838/0x2fd0 kernel/exit.c:862 do_group_exit+0x135/0x370 kernel/exit.c:979 __do_sys_exit_group kernel/exit.c:990 [inline] __se_sys_exit_group kernel/exit.c:988 [inline] __x64_sys_exit_group+0x44/0x50 kernel/exit.c:988 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x457e29 Code: Bad RIP value. RSP: 002b:00007ffdb76741b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000457e29 RDX: 0000000000411d31 RSI: fffffffffffffff7 RDI: 0000000000000000 RBP: 0000000000000000 R08: 000000007c44de37 R09: 0000000000000001 R10: ffffffff81329b2a R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000001 R14: 0000000000000100 R15: 0000000000000001 Modules linked in: ---[ end trace 251dfab2376e95bd ]--- RIP: 0010:lock_accessed kernel/locking/lockdep.c:968 [inline] RIP: 0010:__bfs kernel/locking/lockdep.c:1035 [inline] RIP: 0010:__bfs+0x18a/0x5a0 kernel/locking/lockdep.c:989 Code: 8b 3f 4d 39 fd 0f 84 77 01 00 00 49 8d 7f 10 4c 89 f8 4c 8b 0d 17 dc fa 08 48 89 f9 48 2d a0 77 31 8a 48 c1 e9 03 48 c1 f8 06 <42> 80 3c 31 00 0f 85 db 02 00 00 49 8b 77 10 4c 8d 46 2c 4c 89 c1 RSP: 0018:ffff8880ae907828 EFLAGS: 00010007 RAX: 0000000001d73a21 RBX: ffff8880ae9078f0 RCX: 0000000000000002 RDX: 0000000000000000 RSI: 1ffffffff14ab754 RDI: 0000000000000010 RBP: ffff8880ae907890 R08: 0000000000000001 R09: 00000000000027d4 R10: ffffed1015d25bcf R11: 0000000000000000 R12: 0000000000000006 R13: ffffffff8a200110 R14: dffffc0000000000 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000457dff CR3: 0000000008871000 CR4: 00000000001406e0