[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] startpar: service(s) returned failure: ssh ...[?25l[?1c7[FAIL8[?25h[?0c failed! Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 37.607022][ T7019] IPVS: ftp: loaded support on port[0] = 21 [ 38.022284][ T7007] can: request_module (can-proto-0) failed. [ 39.070243][ T7007] can: request_module (can-proto-0) failed. Warning: Permanently added '10.128.0.162' (ECDSA) to the list of known hosts. 2019/04/03 06:01:19 parsed 1 programs 2019/04/03 06:01:20 executed programs: 0 [ 47.224559][ T7094] IPVS: ftp: loaded support on port[0] = 21 [ 47.226226][ T7096] IPVS: ftp: loaded support on port[0] = 21 [ 47.245593][ T7098] IPVS: ftp: loaded support on port[0] = 21 [ 47.252220][ T7099] IPVS: ftp: loaded support on port[0] = 21 [ 47.287919][ T7103] IPVS: ftp: loaded support on port[0] = 21 [ 47.316973][ T7101] IPVS: ftp: loaded support on port[0] = 21 [ 47.413511][ T7096] chnl_net:caif_netlink_parms(): no params data found [ 47.460996][ T7094] chnl_net:caif_netlink_parms(): no params data found [ 47.529322][ T7101] chnl_net:caif_netlink_parms(): no params data found [ 47.558680][ T7096] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.566927][ T7096] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.574656][ T7096] device bridge_slave_0 entered promiscuous mode [ 47.587421][ T7096] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.594519][ T7096] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.602217][ T7096] device bridge_slave_1 entered promiscuous mode [ 47.630388][ T7103] chnl_net:caif_netlink_parms(): no params data found [ 47.644980][ T7094] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.652113][ T7094] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.659828][ T7094] device bridge_slave_0 entered promiscuous mode [ 47.668353][ T7096] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 47.686269][ T7099] chnl_net:caif_netlink_parms(): no params data found [ 47.695457][ T7098] chnl_net:caif_netlink_parms(): no params data found [ 47.709644][ T7094] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.717293][ T7094] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.725291][ T7094] device bridge_slave_1 entered promiscuous mode [ 47.732885][ T7096] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 47.771531][ T7101] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.779001][ T7101] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.786852][ T7101] device bridge_slave_0 entered promiscuous mode [ 47.796581][ T7101] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.803725][ T7101] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.811348][ T7101] device bridge_slave_1 entered promiscuous mode [ 47.819367][ T7094] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 47.840338][ T7103] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.847727][ T7103] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.855308][ T7103] device bridge_slave_0 entered promiscuous mode [ 47.865445][ T7103] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.872582][ T7103] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.880127][ T7103] device bridge_slave_1 entered promiscuous mode [ 47.896700][ T7094] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 47.906678][ T7098] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.913928][ T7098] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.921506][ T7098] device bridge_slave_0 entered promiscuous mode [ 47.930823][ T7096] team0: Port device team_slave_0 added [ 47.951515][ T7103] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 47.967996][ T7098] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.976110][ T7098] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.983924][ T7098] device bridge_slave_1 entered promiscuous mode [ 47.991647][ T7096] team0: Port device team_slave_1 added [ 47.998458][ T7103] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 48.008839][ T7101] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 48.020730][ T7101] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 48.029480][ T7099] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.036585][ T7099] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.044094][ T7099] device bridge_slave_0 entered promiscuous mode [ 48.066595][ T7094] team0: Port device team_slave_0 added [ 48.086957][ T7099] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.094713][ T7099] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.102276][ T7099] device bridge_slave_1 entered promiscuous mode [ 48.113547][ T7103] team0: Port device team_slave_0 added [ 48.120168][ T7098] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 48.165855][ T7096] device hsr_slave_0 entered promiscuous mode [ 48.203953][ T7096] device hsr_slave_1 entered promiscuous mode [ 48.284496][ T7094] team0: Port device team_slave_1 added [ 48.298580][ T7098] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 48.311640][ T7103] team0: Port device team_slave_1 added [ 48.321693][ T7101] team0: Port device team_slave_0 added [ 48.328657][ T7101] team0: Port device team_slave_1 added [ 48.338345][ T7098] team0: Port device team_slave_0 added [ 48.350691][ T7099] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 48.360249][ T7099] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 48.382195][ T7098] team0: Port device team_slave_1 added [ 48.392975][ T7099] team0: Port device team_slave_0 added [ 48.465881][ T7103] device hsr_slave_0 entered promiscuous mode [ 48.504575][ T7103] device hsr_slave_1 entered promiscuous mode [ 48.548880][ T7096] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.556151][ T7096] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.564316][ T7096] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.571433][ T7096] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.586671][ T7099] team0: Port device team_slave_1 added [ 48.656717][ T7094] device hsr_slave_0 entered promiscuous mode [ 48.713898][ T7094] device hsr_slave_1 entered promiscuous mode [ 48.789897][ T2863] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.798181][ T2863] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.876337][ T7098] device hsr_slave_0 entered promiscuous mode [ 48.933912][ T7098] device hsr_slave_1 entered promiscuous mode [ 49.015121][ T7101] device hsr_slave_0 entered promiscuous mode [ 49.054103][ T7101] device hsr_slave_1 entered promiscuous mode [ 49.145814][ T7099] device hsr_slave_0 entered promiscuous mode [ 49.193870][ T7099] device hsr_slave_1 entered promiscuous mode [ 49.310258][ T7103] 8021q: adding VLAN 0 to HW filter on device bond0 [ 49.353058][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 49.362986][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 49.385292][ T7096] 8021q: adding VLAN 0 to HW filter on device bond0 [ 49.403974][ T7094] 8021q: adding VLAN 0 to HW filter on device bond0 [ 49.417450][ T7098] 8021q: adding VLAN 0 to HW filter on device bond0 [ 49.428574][ T7103] 8021q: adding VLAN 0 to HW filter on device team0 [ 49.443333][ T7101] 8021q: adding VLAN 0 to HW filter on device bond0 [ 49.455137][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.465848][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.475070][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.482309][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.490503][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 49.498456][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 49.506896][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 49.521858][ T7099] 8021q: adding VLAN 0 to HW filter on device bond0 [ 49.534614][ T7096] 8021q: adding VLAN 0 to HW filter on device team0 [ 49.548733][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.558294][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.567606][ T2863] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.575359][ T2863] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.583592][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 49.592559][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 49.601141][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 49.609749][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 49.617777][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 49.625981][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 49.633783][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.644492][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.652857][ T2863] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.660106][ T2863] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.667958][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 49.675748][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 49.691735][ T7099] 8021q: adding VLAN 0 to HW filter on device team0 [ 49.701847][ T7098] 8021q: adding VLAN 0 to HW filter on device team0 [ 49.710912][ T7101] 8021q: adding VLAN 0 to HW filter on device team0 [ 49.719570][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 49.730743][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 49.739572][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 49.749688][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 49.758548][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 49.767227][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 49.776099][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 49.784138][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 49.791873][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 49.800873][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 49.811325][ T7103] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 49.834767][ T7094] 8021q: adding VLAN 0 to HW filter on device team0 [ 49.843246][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 49.851569][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.860910][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.869727][ T2863] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.877182][ T2863] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.885143][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.894114][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.905116][ T2863] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.923219][ T2863] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.931127][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.940366][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.949896][ T2863] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.957202][ T2863] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.965602][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 49.974461][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 49.983151][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 49.992144][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 50.000525][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 50.009059][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 50.017472][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 50.026660][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 50.048397][ T7101] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 50.069092][ T7101] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 50.079727][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.088124][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.096944][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 50.105278][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 50.114767][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 50.123816][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.131078][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.139921][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 50.149048][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 50.158466][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 50.167550][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 50.176371][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.183718][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.191304][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 50.200848][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 50.209353][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 50.218210][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 50.226626][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.233759][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.241230][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 50.250368][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 50.258856][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 50.267775][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 50.275998][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 50.285069][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 50.294078][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.301725][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.309345][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 50.318214][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 50.326842][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.334261][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.344375][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.352309][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 50.360415][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.377264][ T7103] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 50.390681][ T7110] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 50.400232][ T7110] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 50.413251][ T7110] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.420577][ T7110] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.436449][ T7110] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 50.446224][ T7110] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 50.460548][ T7099] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 50.472633][ T7099] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 50.505192][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 50.514974][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 50.533633][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 50.542331][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 50.552019][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 50.561794][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 50.571041][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 50.580128][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 50.589708][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 50.589748][ T7115] check_preemption_disabled: 6 callbacks suppressed [ 50.589755][ T7115] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.5/7115 [ 50.598561][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 50.605124][ T7115] caller is sk_mc_loop+0x16/0x180 [ 50.605132][ T7115] CPU: 1 PID: 7115 Comm: syz-executor.5 Not tainted 5.1.0-rc2+ #1 [ 50.605168][ T7115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.605171][ T7115] Call Trace: [ 50.605180][ T7115] dump_stack+0x113/0x167 [ 50.605193][ T7115] __this_cpu_preempt_check+0x1d2/0x200 [ 50.605198][ T7115] sk_mc_loop+0x16/0x180 [ 50.605208][ T7115] ip_mc_output+0x25b/0xca0 [ 50.605212][ T7115] ? __ip_local_out+0x37e/0x6f0 [ 50.605217][ T7115] ? __ip_queue_xmit+0x1d20/0x1d20 [ 50.605224][ T7115] ? ip_append_data.part.52+0x150/0x150 [ 50.605229][ T7115] ? __ip_make_skb+0xe6b/0x1c20 [ 50.605235][ T7115] ip_local_out+0x7e/0x130 [ 50.605242][ T7115] ip_send_skb+0x36/0xa0 [ 50.605247][ T7115] ip_push_pending_frames+0x4d/0x70 [ 50.605254][ T7115] ? raw_sendmsg+0x93b/0x2b20 [ 50.605260][ T7115] raw_sendmsg+0xeac/0x2b20 [ 50.615319][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 50.622899][ T7115] ? __lock_acquire+0x5ea/0x4390 [ 50.628612][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 50.636239][ T7115] ? compat_raw_getsockopt+0x90/0x90 [ 50.636250][ T7115] ? finish_task_switch+0x14a/0x6e0 [ 50.636258][ T7115] ? _raw_spin_unlock_irq+0x27/0x80 [ 50.636262][ T7115] ? finish_task_switch+0x14a/0x6e0 [ 50.636269][ T7115] ? lockdep_hardirqs_on+0x424/0x5c0 [ 50.647300][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 50.650044][ T7115] ? _raw_spin_unlock_irq+0x27/0x80 [ 50.654946][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 50.660467][ T7115] ? trace_hardirqs_on+0x28/0x190 [ 50.665352][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 50.669643][ T7115] ? aa_profile_af_perm+0x320/0x320 [ 50.675095][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 50.679755][ T7115] ? _raw_spin_unlock_irq+0x60/0x80 [ 50.679765][ T7115] ? finish_task_switch+0x14a/0x6e0 [ 50.686090][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 50.690490][ T7115] ? finish_task_switch+0x11c/0x6e0 [ 50.690498][ T7115] ? __switch_to_asm+0x34/0x70 [ 50.695849][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 50.699900][ T7115] ? __switch_to_asm+0x40/0x70 [ 50.706031][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 50.710702][ T7115] ? ___might_sleep+0x16b/0x270 [ 50.715981][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 50.723376][ T7115] ? __might_sleep+0x95/0x190 [ 50.728822][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 50.736359][ T7115] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 50.736368][ T7115] ? aa_sk_perm+0x167/0x690 [ 50.736382][ T7115] inet_sendmsg+0x10d/0x460 [ 50.736385][ T7115] ? inet_sendmsg+0x10d/0x460 [ 50.736391][ T7115] ? security_socket_sendmsg+0x50/0x90 [ 50.736399][ T7115] ? ipip_gro_receive+0xf0/0xf0 [ 50.742451][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 50.747658][ T7115] sock_sendmsg+0xb7/0xf0 [ 50.747665][ T7115] kernel_sendmsg+0x26/0x30 [ 50.747671][ T7115] sock_no_sendpage+0xfd/0x140 [ 50.747676][ T7115] ? sock_kfree_s+0x40/0x40 [ 50.747693][ T7115] inet_sendpage+0x367/0x620 [ 50.755001][ T7101] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 50.758558][ T7115] ? kernel_sendpage+0xd0/0xd0 [ 50.771844][ T7115] kernel_sendpage+0x63/0xd0 [ 50.798170][ T7115] ? pipe_lock+0x4f/0x60 [ 50.798180][ T7115] sock_sendpage+0x6d/0xd0 [ 50.798188][ T7115] pipe_to_sendpage+0x214/0x430 [ 50.798194][ T7115] ? generic_pipe_buf_nosteal+0x10/0x10 [ 50.798203][ T7115] __splice_from_pipe+0x2cf/0x730 [ 50.798207][ T7115] ? generic_pipe_buf_nosteal+0x10/0x10 [ 50.798213][ T7115] ? generic_pipe_buf_nosteal+0x10/0x10 [ 50.798217][ T7115] splice_from_pipe+0xbb/0x120 [ 50.798221][ T7115] ? splice_shrink_spd+0xa0/0xa0 [ 50.798227][ T7115] ? apparmor_file_permission+0x15/0x20 [ 50.798235][ T7115] ? rw_verify_area+0xb8/0x2b0 [ 50.798240][ T7115] generic_splice_sendpage+0x10/0x20 [ 50.798244][ T7115] do_splice+0x5a5/0x1300 [ 50.811479][ T7115] ? nsecs_to_jiffies+0x20/0x20 [ 50.838524][ T7099] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 50.840816][ T7115] ? opipe_prep.part.14+0x320/0x320 [ 50.840825][ T7115] ? __fget_light+0x179/0x1f0 [ 50.840833][ T7115] __x64_sys_splice+0x248/0x300 [ 50.853612][ T7115] do_syscall_64+0xd6/0x4e0 [ 50.853621][ T7115] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 50.853627][ T7115] RIP: 0033:0x4582b9 [ 50.853633][ T7115] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 50.853635][ T7115] RSP: 002b:00007fa8abd53c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 50.853641][ T7115] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 50.853644][ T7115] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 50.853647][ T7115] RBP: 000000000073bfa0 R08: 0000000000010005 R09: 0000000000000000 [ 50.853650][ T7115] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa8abd546d4 [ 50.853652][ T7115] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 51.147485][ T7115] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.5/7115 [ 51.166080][ T7115] caller is sk_mc_loop+0x16/0x180 [ 51.166088][ T7096] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 51.171270][ T7115] CPU: 0 PID: 7115 Comm: syz-executor.5 Not tainted 5.1.0-rc2+ #1 [ 51.189918][ T7115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 51.190239][ T7096] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 51.200231][ T7115] Call Trace: [ 51.200246][ T7115] dump_stack+0x113/0x167 [ 51.200255][ T7115] __this_cpu_preempt_check+0x1d2/0x200 [ 51.200264][ T7115] sk_mc_loop+0x16/0x180 [ 51.200271][ T7115] ip_mc_output+0x25b/0xca0 [ 51.200275][ T7115] ? __ip_local_out+0x37e/0x6f0 [ 51.200280][ T7115] ? __ip_queue_xmit+0x1d20/0x1d20 [ 51.200287][ T7115] ? ip_append_data.part.52+0x150/0x150 [ 51.200293][ T7115] ? __ip_make_skb+0xe6b/0x1c20 [ 51.200299][ T7115] ip_local_out+0x7e/0x130 [ 51.200305][ T7115] ip_send_skb+0x36/0xa0 [ 51.200310][ T7115] ip_push_pending_frames+0x4d/0x70 [ 51.200315][ T7115] ? raw_sendmsg+0x93b/0x2b20 [ 51.200319][ T7115] raw_sendmsg+0xeac/0x2b20 [ 51.200325][ T7115] ? __lock_acquire+0x5ea/0x4390 [ 51.200335][ T7115] ? compat_raw_getsockopt+0x90/0x90 [ 51.200346][ T7115] ? finish_task_switch+0x14a/0x6e0 [ 51.200352][ T7115] ? _raw_spin_unlock_irq+0x27/0x80 [ 51.200356][ T7115] ? finish_task_switch+0x14a/0x6e0 [ 51.200361][ T7115] ? lockdep_hardirqs_on+0x424/0x5c0 [ 51.200365][ T7115] ? _raw_spin_unlock_irq+0x27/0x80 [ 51.200378][ T7115] ? trace_hardirqs_on+0x28/0x190 [ 51.200387][ T7115] ? aa_profile_af_perm+0x320/0x320 [ 51.200391][ T7115] ? _raw_spin_unlock_irq+0x60/0x80 [ 51.200397][ T7115] ? finish_task_switch+0x14a/0x6e0 [ 51.228718][ T7096] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 51.230381][ T7115] ? finish_task_switch+0x11c/0x6e0 [ 51.230389][ T7115] ? __switch_to_asm+0x34/0x70 [ 51.230395][ T7115] ? __switch_to_asm+0x40/0x70 [ 51.240643][ T7115] ? ___might_sleep+0x16b/0x270 [ 51.240651][ T7115] ? __might_sleep+0x95/0x190 [ 51.240658][ T7115] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 51.240667][ T7115] ? aa_sk_perm+0x167/0x690 [ 51.270015][ T7115] inet_sendmsg+0x10d/0x460 [ 51.279438][ T7098] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 51.279501][ T7115] ? inet_sendmsg+0x10d/0x460 [ 51.300801][ T7115] ? security_socket_sendmsg+0x50/0x90 [ 51.300810][ T7115] ? ipip_gro_receive+0xf0/0xf0 [ 51.300817][ T7115] sock_sendmsg+0xb7/0xf0 [ 51.300824][ T7115] kernel_sendmsg+0x26/0x30 [ 51.300830][ T7115] sock_no_sendpage+0xfd/0x140 [ 51.300834][ T7115] ? sock_kfree_s+0x40/0x40 [ 51.300850][ T7115] inet_sendpage+0x367/0x620 [ 51.311973][ T7098] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 51.314306][ T7115] ? kernel_sendpage+0xd0/0xd0 [ 51.314312][ T7115] kernel_sendpage+0x63/0xd0 [ 51.314318][ T7115] ? pipe_lock+0x4f/0x60 [ 51.314325][ T7115] sock_sendpage+0x6d/0xd0 [ 51.314335][ T7115] pipe_to_sendpage+0x214/0x430 [ 51.314341][ T7115] ? generic_pipe_buf_nosteal+0x10/0x10 [ 51.314350][ T7115] ? kasan_check_read+0x11/0x20 [ 51.314354][ T7115] ? anon_pipe_buf_release+0x71/0x1f0 [ 51.314361][ T7115] __splice_from_pipe+0x2cf/0x730 [ 51.314373][ T7115] ? generic_pipe_buf_nosteal+0x10/0x10 [ 51.314380][ T7115] ? generic_pipe_buf_nosteal+0x10/0x10 [ 51.314384][ T7115] splice_from_pipe+0xbb/0x120 [ 51.314389][ T7115] ? splice_shrink_spd+0xa0/0xa0 [ 51.314395][ T7115] ? apparmor_file_permission+0x15/0x20 [ 51.314406][ T7115] ? rw_verify_area+0xb8/0x2b0 [ 51.314412][ T7115] generic_splice_sendpage+0x10/0x20 [ 51.314417][ T7115] do_splice+0x5a5/0x1300 [ 51.314427][ T7115] ? nsecs_to_jiffies+0x20/0x20 [ 51.314433][ T7115] ? opipe_prep.part.14+0x320/0x320 [ 51.314441][ T7115] ? __fget_light+0x179/0x1f0 [ 51.314447][ T7115] __x64_sys_splice+0x248/0x300 [ 51.314458][ T7115] do_syscall_64+0xd6/0x4e0 [ 51.314467][ T7115] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 51.332234][ T7094] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 51.335439][ T7115] RIP: 0033:0x4582b9 [ 51.335445][ T7115] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 51.335447][ T7115] RSP: 002b:00007fa8abd53c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 51.335452][ T7115] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 51.335455][ T7115] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 51.335457][ T7115] RBP: 000000000073bfa0 R08: 0000000000010005 R09: 0000000000000000 [ 51.335460][ T7115] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa8abd546d4 [ 51.335463][ T7115] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 51.400652][ T7130] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/7130 [ 51.435327][ T7115] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.5/7115 [ 51.438750][ T7130] caller is sk_mc_loop+0x16/0x180 [ 51.444229][ T7115] caller is sk_mc_loop+0x16/0x180 [ 51.448439][ T7130] CPU: 0 PID: 7130 Comm: syz-executor.4 Not tainted 5.1.0-rc2+ #1 [ 51.675790][ T7130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 51.686374][ T7130] Call Trace: [ 51.689691][ T7130] dump_stack+0x113/0x167 [ 51.694168][ T7130] __this_cpu_preempt_check+0x1d2/0x200 [ 51.699876][ T7130] sk_mc_loop+0x16/0x180 [ 51.704288][ T7130] ip_mc_output+0x25b/0xca0 [ 51.708889][ T7130] ? __ip_local_out+0x37e/0x6f0 [ 51.713743][ T7130] ? __ip_queue_xmit+0x1d20/0x1d20 [ 51.718855][ T7130] ? ip_append_data.part.52+0x150/0x150 [ 51.724566][ T7130] ? __ip_make_skb+0xe6b/0x1c20 [ 51.729497][ T7130] ip_local_out+0x7e/0x130 [ 51.734195][ T7130] ip_send_skb+0x36/0xa0 [ 51.738434][ T7130] ip_push_pending_frames+0x4d/0x70 [ 51.743724][ T7130] ? raw_sendmsg+0x93b/0x2b20 [ 51.748680][ T7130] raw_sendmsg+0xeac/0x2b20 [ 51.753382][ T7130] ? __lock_acquire+0x5ea/0x4390 [ 51.758986][ T7130] ? compat_raw_getsockopt+0x90/0x90 [ 51.764539][ T7130] ? finish_task_switch+0x14a/0x6e0 [ 51.770126][ T7130] ? _raw_spin_unlock_irq+0x27/0x80 [ 51.775666][ T7130] ? finish_task_switch+0x14a/0x6e0 [ 51.781070][ T7130] ? lockdep_hardirqs_on+0x424/0x5c0 [ 51.786488][ T7130] ? _raw_spin_unlock_irq+0x27/0x80 [ 51.791785][ T7130] ? trace_hardirqs_on+0x28/0x190 [ 51.796916][ T7130] ? aa_profile_af_perm+0x320/0x320 [ 51.802191][ T7130] ? _raw_spin_unlock_irq+0x60/0x80 [ 51.807564][ T7130] ? finish_task_switch+0x14a/0x6e0 [ 51.812754][ T7130] ? finish_task_switch+0x11c/0x6e0 [ 51.818449][ T7130] ? __switch_to_asm+0x34/0x70 [ 51.824324][ T7130] ? __switch_to_asm+0x40/0x70 [ 51.829428][ T7130] ? ___might_sleep+0x16b/0x270 [ 51.834541][ T7130] ? __might_sleep+0x95/0x190 [ 51.839542][ T7130] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 51.845340][ T7130] ? aa_sk_perm+0x167/0x690 [ 51.850149][ T7130] inet_sendmsg+0x10d/0x460 [ 51.855143][ T7130] ? inet_sendmsg+0x10d/0x460 [ 51.859992][ T7130] ? security_socket_sendmsg+0x50/0x90 [ 51.865946][ T7130] ? ipip_gro_receive+0xf0/0xf0 [ 51.870972][ T7130] sock_sendmsg+0xb7/0xf0 [ 51.875316][ T7130] kernel_sendmsg+0x26/0x30 [ 51.880284][ T7130] sock_no_sendpage+0xfd/0x140 [ 51.890400][ T7130] ? sock_kfree_s+0x40/0x40 [ 51.895171][ T7130] inet_sendpage+0x367/0x620 [ 51.899857][ T7130] ? kernel_sendpage+0xd0/0xd0 [ 51.904757][ T7130] kernel_sendpage+0x63/0xd0 [ 51.909425][ T7130] ? pipe_lock+0x4f/0x60 [ 51.913812][ T7130] sock_sendpage+0x6d/0xd0 [ 51.918309][ T7130] pipe_to_sendpage+0x214/0x430 [ 51.923166][ T7130] ? generic_pipe_buf_nosteal+0x10/0x10 [ 51.928897][ T7130] __splice_from_pipe+0x2cf/0x730 [ 51.934177][ T7130] ? generic_pipe_buf_nosteal+0x10/0x10 [ 51.940170][ T7130] ? generic_pipe_buf_nosteal+0x10/0x10 [ 51.945968][ T7130] splice_from_pipe+0xbb/0x120 [ 51.951070][ T7130] ? splice_shrink_spd+0xa0/0xa0 [ 51.956040][ T7130] ? apparmor_file_permission+0x15/0x20 [ 51.961727][ T7130] ? rw_verify_area+0xb8/0x2b0 [ 51.966523][ T7130] generic_splice_sendpage+0x10/0x20 [ 51.971973][ T7130] do_splice+0x5a5/0x1300 [ 51.976395][ T7130] ? nsecs_to_jiffies+0x20/0x20 [ 51.981293][ T7130] ? opipe_prep.part.14+0x320/0x320 [ 51.986495][ T7130] ? __fget_light+0x179/0x1f0 [ 51.991256][ T7130] __x64_sys_splice+0x248/0x300 [ 51.996194][ T7130] do_syscall_64+0xd6/0x4e0 [ 52.001053][ T7130] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 52.006994][ T7130] RIP: 0033:0x4582b9 [ 52.010974][ T7130] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 52.031133][ T7130] RSP: 002b:00007fae38c94c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 52.039984][ T7130] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 52.048052][ T7130] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 52.061878][ T7130] RBP: 000000000073bfa0 R08: 0000000000010005 R09: 0000000000000000 [ 52.069934][ T7130] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae38c956d4 [ 52.078124][ T7130] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 52.086298][ T7115] CPU: 1 PID: 7115 Comm: syz-executor.5 Not tainted 5.1.0-rc2+ #1 [ 52.094371][ T7115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 52.098859][ T7094] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 52.104687][ T7115] Call Trace: [ 52.104701][ T7115] dump_stack+0x113/0x167 [ 52.104711][ T7115] __this_cpu_preempt_check+0x1d2/0x200 [ 52.104719][ T7115] sk_mc_loop+0x16/0x180 [ 52.104727][ T7115] ip_mc_output+0x25b/0xca0 [ 52.104731][ T7115] ? __ip_local_out+0x37e/0x6f0 [ 52.104736][ T7115] ? __ip_queue_xmit+0x1d20/0x1d20 [ 52.104743][ T7115] ? ip_append_data.part.52+0x150/0x150 [ 52.104748][ T7115] ? __ip_make_skb+0xe6b/0x1c20 [ 52.104755][ T7115] ip_local_out+0x7e/0x130 [ 52.116720][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 52.118553][ T7115] ip_send_skb+0x36/0xa0 [ 52.118560][ T7115] ip_push_pending_frames+0x4d/0x70 [ 52.118566][ T7115] ? raw_sendmsg+0x93b/0x2b20 [ 52.118570][ T7115] raw_sendmsg+0xeac/0x2b20 [ 52.118580][ T7115] ? __lock_acquire+0x5ea/0x4390 [ 52.124071][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 52.128881][ T7115] ? compat_raw_getsockopt+0x90/0x90 [ 52.128893][ T7115] ? finish_task_switch+0x14a/0x6e0 [ 52.128900][ T7115] ? _raw_spin_unlock_irq+0x27/0x80 [ 52.128904][ T7115] ? finish_task_switch+0x14a/0x6e0 [ 52.128912][ T7115] ? lockdep_hardirqs_on+0x424/0x5c0 [ 52.133897][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 52.137810][ T7115] ? _raw_spin_unlock_irq+0x27/0x80 [ 52.137819][ T7115] ? trace_hardirqs_on+0x28/0x190 [ 52.137828][ T7115] ? aa_profile_af_perm+0x320/0x320 [ 52.137832][ T7115] ? _raw_spin_unlock_irq+0x60/0x80 [ 52.137845][ T7115] ? finish_task_switch+0x14a/0x6e0 [ 52.143318][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 52.148216][ T7115] ? finish_task_switch+0x11c/0x6e0 [ 52.148233][ T7115] ? __switch_to_asm+0x34/0x70 [ 52.148237][ T7115] ? __switch_to_asm+0x40/0x70 [ 52.148250][ T7115] ? ___might_sleep+0x16b/0x270 [ 52.148255][ T7115] ? __might_sleep+0x95/0x190 [ 52.148263][ T7115] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 52.148270][ T7115] ? aa_sk_perm+0x167/0x690 [ 52.148282][ T7115] inet_sendmsg+0x10d/0x460 [ 52.154765][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 52.159043][ T7115] ? inet_sendmsg+0x10d/0x460 [ 52.159049][ T7115] ? security_socket_sendmsg+0x50/0x90 [ 52.159054][ T7115] ? ipip_gro_receive+0xf0/0xf0 [ 52.159060][ T7115] sock_sendmsg+0xb7/0xf0 [ 52.159065][ T7115] kernel_sendmsg+0x26/0x30 [ 52.159071][ T7115] sock_no_sendpage+0xfd/0x140 [ 52.159110][ T7115] ? sock_kfree_s+0x40/0x40 [ 52.164294][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 52.171127][ T7115] ? find_held_lock+0x36/0x1d0 [ 52.171140][ T7115] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 52.171148][ T7115] inet_sendpage+0x367/0x620 [ 52.171156][ T7115] ? kasan_check_read+0x11/0x20 [ 52.171164][ T7115] ? kernel_sendpage+0xd0/0xd0 [ 52.176413][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 52.181251][ T7115] kernel_sendpage+0x63/0xd0 [ 52.181259][ T7115] ? free_unref_page+0x478/0x5d0 [ 52.181264][ T7115] sock_sendpage+0x6d/0xd0 [ 52.181268][ T7115] ? free_unref_page+0x478/0x5d0 [ 52.181275][ T7115] pipe_to_sendpage+0x214/0x430 [ 52.181281][ T7115] ? generic_pipe_buf_nosteal+0x10/0x10 [ 52.181289][ T7115] ? __put_page+0x5c/0x80 [ 52.186543][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 52.190662][ T7115] ? anon_pipe_buf_release+0x167/0x1f0 [ 52.190670][ T7115] __splice_from_pipe+0x2cf/0x730 [ 52.190675][ T7115] ? generic_pipe_buf_nosteal+0x10/0x10 [ 52.190683][ T7115] ? generic_pipe_buf_nosteal+0x10/0x10 [ 52.190687][ T7115] splice_from_pipe+0xbb/0x120 [ 52.190692][ T7115] ? splice_shrink_spd+0xa0/0xa0 [ 52.190700][ T7115] ? apparmor_file_permission+0x15/0x20 [ 52.197753][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 52.203471][ T7115] ? rw_verify_area+0xb8/0x2b0 [ 52.203479][ T7115] generic_splice_sendpage+0x10/0x20 [ 52.203484][ T7115] do_splice+0x5a5/0x1300 [ 52.203493][ T7115] ? nsecs_to_jiffies+0x20/0x20 [ 52.203499][ T7115] ? opipe_prep.part.14+0x320/0x320 [ 52.203507][ T7115] ? __fget_light+0x179/0x1f0 [ 52.203513][ T7115] __x64_sys_splice+0x248/0x300 [ 52.203522][ T7115] do_syscall_64+0xd6/0x4e0 [ 52.203532][ T7115] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 52.209709][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 52.214550][ T7115] RIP: 0033:0x4582b9 [ 52.214556][ T7115] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 52.214559][ T7115] RSP: 002b:00007fa8abd53c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 52.214563][ T7115] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 52.214566][ T7115] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 52.214569][ T7115] RBP: 000000000073bfa0 R08: 0000000000010005 R09: 0000000000000000 [ 52.214571][ T7115] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa8abd546d4 [ 52.214574][ T7115] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 52.224905][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 52.244002][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 52.264966][ T7130] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/7130 [ 52.272445][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 52.277117][ T7130] caller is sk_mc_loop+0x16/0x180 [ 52.277126][ T7130] CPU: 1 PID: 7130 Comm: syz-executor.4 Not tainted 5.1.0-rc2+ #1 [ 52.277129][ T7130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 52.277132][ T7130] Call Trace: [ 52.277141][ T7130] dump_stack+0x113/0x167 [ 52.277152][ T7130] __this_cpu_preempt_check+0x1d2/0x200 [ 52.282658][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 52.286966][ T7130] sk_mc_loop+0x16/0x180 [ 52.286975][ T7130] ip_mc_output+0x25b/0xca0 [ 52.286979][ T7130] ? __ip_local_out+0x37e/0x6f0 [ 52.286985][ T7130] ? __ip_queue_xmit+0x1d20/0x1d20 [ 52.286991][ T7130] ? ip_append_data.part.52+0x150/0x150 [ 52.286997][ T7130] ? __ip_make_skb+0xe6b/0x1c20 [ 52.287003][ T7130] ip_local_out+0x7e/0x130 [ 52.287009][ T7130] ip_send_skb+0x36/0xa0 [ 52.287017][ T7130] ip_push_pending_frames+0x4d/0x70 [ 52.309366][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 52.312233][ T7130] ? raw_sendmsg+0x93b/0x2b20 [ 52.312239][ T7130] raw_sendmsg+0xeac/0x2b20 [ 52.312246][ T7130] ? __lock_acquire+0x5ea/0x4390 [ 52.312258][ T7130] ? compat_raw_getsockopt+0x90/0x90 [ 52.312268][ T7130] ? finish_task_switch+0x14a/0x6e0 [ 52.312277][ T7130] ? _raw_spin_unlock_irq+0x27/0x80 [ 52.355655][ T7138] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/7138 [ 52.358400][ T7130] ? finish_task_switch+0x14a/0x6e0 [ 52.358408][ T7130] ? lockdep_hardirqs_on+0x424/0x5c0 [ 52.358415][ T7130] ? _raw_spin_unlock_irq+0x27/0x80 [ 52.358422][ T7130] ? trace_hardirqs_on+0x28/0x190 [ 52.358431][ T7130] ? aa_profile_af_perm+0x320/0x320 [ 52.358438][ T7130] ? _raw_spin_unlock_irq+0x60/0x80 [ 52.366586][ T7138] caller is sk_mc_loop+0x16/0x180 [ 52.371583][ T7130] ? finish_task_switch+0x14a/0x6e0 [ 52.842707][ T7130] ? finish_task_switch+0x11c/0x6e0 [ 52.848274][ T7130] ? __switch_to_asm+0x34/0x70 [ 52.853544][ T7130] ? __switch_to_asm+0x40/0x70 [ 52.858874][ T7130] ? ___might_sleep+0x16b/0x270 [ 52.864945][ T7130] ? __might_sleep+0x95/0x190 [ 52.869704][ T7130] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 52.875568][ T7130] ? aa_sk_perm+0x167/0x690 [ 52.880258][ T7130] inet_sendmsg+0x10d/0x460 [ 52.885083][ T7130] ? inet_sendmsg+0x10d/0x460 [ 52.890017][ T7130] ? security_socket_sendmsg+0x50/0x90 [ 52.896001][ T7130] ? ipip_gro_receive+0xf0/0xf0 [ 52.901078][ T7130] sock_sendmsg+0xb7/0xf0 [ 52.905548][ T7130] kernel_sendmsg+0x26/0x30 [ 52.910120][ T7130] sock_no_sendpage+0xfd/0x140 [ 52.914882][ T7130] ? sock_kfree_s+0x40/0x40 [ 52.919393][ T7130] inet_sendpage+0x367/0x620 [ 52.924247][ T7130] ? kernel_sendpage+0xd0/0xd0 [ 52.929002][ T7130] kernel_sendpage+0x63/0xd0 [ 52.933894][ T7130] ? pipe_lock+0x4f/0x60 [ 52.938593][ T7130] sock_sendpage+0x6d/0xd0 [ 52.943317][ T7130] pipe_to_sendpage+0x214/0x430 [ 52.948514][ T7130] ? generic_pipe_buf_nosteal+0x10/0x10 [ 52.954082][ T7130] ? kasan_check_read+0x11/0x20 [ 52.958959][ T7130] ? anon_pipe_buf_release+0x71/0x1f0 [ 52.964415][ T7130] __splice_from_pipe+0x2cf/0x730 [ 52.969434][ T7130] ? generic_pipe_buf_nosteal+0x10/0x10 [ 52.975417][ T7130] ? generic_pipe_buf_nosteal+0x10/0x10 [ 52.980960][ T7130] splice_from_pipe+0xbb/0x120 [ 52.985717][ T7130] ? splice_shrink_spd+0xa0/0xa0 [ 52.990738][ T7130] ? apparmor_file_permission+0x15/0x20 [ 52.996366][ T7130] ? rw_verify_area+0xb8/0x2b0 [ 53.001570][ T7130] generic_splice_sendpage+0x10/0x20 [ 53.006851][ T7130] do_splice+0x5a5/0x1300 [ 53.011317][ T7130] ? nsecs_to_jiffies+0x20/0x20 [ 53.016624][ T7130] ? opipe_prep.part.14+0x320/0x320 [ 53.021818][ T7130] ? __fget_light+0x179/0x1f0 [ 53.026490][ T7130] __x64_sys_splice+0x248/0x300 [ 53.031507][ T7130] do_syscall_64+0xd6/0x4e0 [ 53.036181][ T7130] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 53.042087][ T7130] RIP: 0033:0x4582b9 [ 53.046320][ T7130] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 53.066997][ T7130] RSP: 002b:00007fae38c94c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 53.075681][ T7130] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 53.084123][ T7130] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 53.092203][ T7130] RBP: 000000000073bfa0 R08: 0000000000010005 R09: 0000000000000000 [ 53.100347][ T7130] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae38c956d4 [ 53.108594][ T7130] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 53.116579][ T7138] CPU: 0 PID: 7138 Comm: syz-executor.1 Not tainted 5.1.0-rc2+ #1 [ 53.124642][ T7138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 53.135073][ T7138] Call Trace: [ 53.135086][ T7138] dump_stack+0x113/0x167 [ 53.135095][ T7138] __this_cpu_preempt_check+0x1d2/0x200 [ 53.135103][ T7138] sk_mc_loop+0x16/0x180 [ 53.135111][ T7138] ip_mc_output+0x25b/0xca0 [ 53.135115][ T7138] ? __ip_local_out+0x37e/0x6f0 [ 53.135120][ T7138] ? __ip_queue_xmit+0x1d20/0x1d20 [ 53.135126][ T7138] ? ip_append_data.part.52+0x150/0x150 [ 53.135132][ T7138] ? __ip_make_skb+0xe6b/0x1c20 [ 53.135137][ T7138] ip_local_out+0x7e/0x130 [ 53.135143][ T7138] ip_send_skb+0x36/0xa0 [ 53.135148][ T7138] ip_push_pending_frames+0x4d/0x70 [ 53.135153][ T7138] ? raw_sendmsg+0x93b/0x2b20 [ 53.135157][ T7138] raw_sendmsg+0xeac/0x2b20 [ 53.135165][ T7138] ? __lock_acquire+0x5ea/0x4390 [ 53.159859][ T7130] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/7130 [ 53.162418][ T7138] ? compat_raw_getsockopt+0x90/0x90 [ 53.162430][ T7138] ? choke_enqueue+0xf0/0x2470 [ 53.162438][ T7138] ? finish_task_switch+0x14a/0x6e0 [ 53.162444][ T7138] ? _raw_spin_unlock_irq+0x27/0x80 [ 53.162448][ T7138] ? finish_task_switch+0x14a/0x6e0 [ 53.162456][ T7138] ? lockdep_hardirqs_on+0x424/0x5c0 [ 53.167876][ T7130] caller is sk_mc_loop+0x16/0x180 [ 53.173574][ T7138] ? _raw_spin_unlock_irq+0x27/0x80 [ 53.173583][ T7138] ? trace_hardirqs_on+0x28/0x190 [ 53.173592][ T7138] ? aa_profile_af_perm+0x320/0x320 [ 53.173595][ T7138] ? _raw_spin_unlock_irq+0x60/0x80 [ 53.173601][ T7138] ? finish_task_switch+0x14a/0x6e0 [ 53.173604][ T7138] ? finish_task_switch+0x11c/0x6e0 [ 53.173608][ T7138] ? __switch_to_asm+0x34/0x70 [ 53.173612][ T7138] ? __switch_to_asm+0x40/0x70 [ 53.173624][ T7138] ? ___might_sleep+0x16b/0x270 [ 53.173631][ T7138] ? __might_sleep+0x95/0x190 [ 53.306497][ T7138] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 53.312600][ T7138] ? aa_sk_perm+0x167/0x690 [ 53.317198][ T7138] inet_sendmsg+0x10d/0x460 [ 53.321693][ T7138] ? inet_sendmsg+0x10d/0x460 [ 53.326562][ T7138] ? security_socket_sendmsg+0x50/0x90 [ 53.332849][ T7138] ? ipip_gro_receive+0xf0/0xf0 [ 53.338008][ T7138] sock_sendmsg+0xb7/0xf0 [ 53.343023][ T7138] kernel_sendmsg+0x26/0x30 [ 53.347712][ T7138] sock_no_sendpage+0xfd/0x140 [ 53.352558][ T7138] ? sock_kfree_s+0x40/0x40 [ 53.357129][ T7138] inet_sendpage+0x367/0x620 [ 53.362098][ T7138] ? kernel_sendpage+0xd0/0xd0 [ 53.367003][ T7138] kernel_sendpage+0x63/0xd0 [ 53.371838][ T7138] ? pipe_lock+0x4f/0x60 [ 53.376178][ T7138] sock_sendpage+0x6d/0xd0 [ 53.380778][ T7138] pipe_to_sendpage+0x214/0x430 [ 53.385621][ T7138] ? generic_pipe_buf_nosteal+0x10/0x10 [ 53.391254][ T7138] __splice_from_pipe+0x2cf/0x730 [ 53.396491][ T7138] ? generic_pipe_buf_nosteal+0x10/0x10 [ 53.403020][ T7138] ? generic_pipe_buf_nosteal+0x10/0x10 [ 53.408575][ T7138] splice_from_pipe+0xbb/0x120 [ 53.413423][ T7138] ? splice_shrink_spd+0xa0/0xa0 [ 53.418529][ T7138] ? apparmor_file_permission+0x15/0x20 [ 53.424146][ T7138] ? rw_verify_area+0xb8/0x2b0 [ 53.429114][ T7138] generic_splice_sendpage+0x10/0x20 [ 53.434754][ T7138] do_splice+0x5a5/0x1300 [ 53.439332][ T7138] ? nsecs_to_jiffies+0x20/0x20 [ 53.444363][ T7138] ? opipe_prep.part.14+0x320/0x320 [ 53.450342][ T7138] ? __fget_light+0x179/0x1f0 [ 53.455365][ T7138] __x64_sys_splice+0x248/0x300 [ 53.460497][ T7138] do_syscall_64+0xd6/0x4e0 [ 53.465001][ T7138] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 53.471342][ T7138] RIP: 0033:0x4582b9 [ 53.475317][ T7138] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 53.495107][ T7138] RSP: 002b:00007fb8740e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 53.503845][ T7138] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 53.511810][ T7138] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 53.520133][ T7138] RBP: 000000000073bfa0 R08: 0000000000010005 R09: 0000000000000000 [ 53.528602][ T7138] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb8740e36d4 [ 53.536746][ T7138] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 53.545242][ T7130] CPU: 1 PID: 7130 Comm: syz-executor.4 Not tainted 5.1.0-rc2+ #1 [ 53.553299][ T7130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 53.556252][ T7115] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.5/7115 [ 53.563877][ T7130] Call Trace: [ 53.563891][ T7130] dump_stack+0x113/0x167 [ 53.563903][ T7130] __this_cpu_preempt_check+0x1d2/0x200 [ 53.563911][ T7130] sk_mc_loop+0x16/0x180 [ 53.563918][ T7130] ip_mc_output+0x25b/0xca0 [ 53.563922][ T7130] ? __ip_local_out+0x37e/0x6f0 [ 53.563929][ T7130] ? __ip_queue_xmit+0x1d20/0x1d20 [ 53.563935][ T7130] ? ip_append_data.part.52+0x150/0x150 [ 53.563940][ T7130] ? __ip_make_skb+0xe6b/0x1c20 [ 53.563948][ T7130] ip_local_out+0x7e/0x130 [ 53.574292][ T7115] caller is sk_mc_loop+0x16/0x180 [ 53.577750][ T7130] ip_send_skb+0x36/0xa0 [ 53.632064][ T7130] ip_push_pending_frames+0x4d/0x70 [ 53.637435][ T7130] ? raw_sendmsg+0x93b/0x2b20 [ 53.644585][ T7130] raw_sendmsg+0xeac/0x2b20 [ 53.649343][ T7130] ? __lock_acquire+0x5ea/0x4390 [ 53.654814][ T7130] ? compat_raw_getsockopt+0x90/0x90 [ 53.660437][ T7130] ? finish_task_switch+0x14a/0x6e0 [ 53.666324][ T7130] ? _raw_spin_unlock_irq+0x27/0x80 [ 53.671867][ T7130] ? finish_task_switch+0x14a/0x6e0 [ 53.677078][ T7130] ? lockdep_hardirqs_on+0x424/0x5c0 [ 53.682609][ T7130] ? _raw_spin_unlock_irq+0x27/0x80 [ 53.687957][ T7130] ? trace_hardirqs_on+0x28/0x190 [ 53.693341][ T7130] ? aa_profile_af_perm+0x320/0x320 [ 53.698674][ T7130] ? _raw_spin_unlock_irq+0x60/0x80 [ 53.704072][ T7130] ? finish_task_switch+0x14a/0x6e0 [ 53.709523][ T7130] ? finish_task_switch+0x11c/0x6e0 [ 53.714954][ T7130] ? __switch_to_asm+0x34/0x70 [ 53.719844][ T7130] ? __switch_to_asm+0x40/0x70 [ 53.724659][ T7130] ? ___might_sleep+0x16b/0x270 [ 53.729684][ T7130] ? __might_sleep+0x95/0x190 [ 53.734448][ T7130] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 53.740112][ T7130] ? aa_sk_perm+0x167/0x690 [ 53.744619][ T7130] inet_sendmsg+0x10d/0x460 [ 53.749293][ T7130] ? inet_sendmsg+0x10d/0x460 [ 53.754434][ T7130] ? security_socket_sendmsg+0x50/0x90 [ 53.760078][ T7130] ? ipip_gro_receive+0xf0/0xf0 [ 53.765054][ T7130] sock_sendmsg+0xb7/0xf0 [ 53.769584][ T7130] kernel_sendmsg+0x26/0x30 [ 53.774300][ T7130] sock_no_sendpage+0xfd/0x140 [ 53.779386][ T7130] ? sock_kfree_s+0x40/0x40 [ 53.784523][ T7130] ? find_held_lock+0x36/0x1d0 [ 53.789289][ T7130] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 53.795249][ T7130] inet_sendpage+0x367/0x620 [ 53.799835][ T7130] ? kasan_check_read+0x11/0x20 [ 53.804678][ T7130] ? kernel_sendpage+0xd0/0xd0 [ 53.809648][ T7130] kernel_sendpage+0x63/0xd0 [ 53.814405][ T7130] ? free_unref_page+0x478/0x5d0 [ 53.819335][ T7130] sock_sendpage+0x6d/0xd0 [ 53.823739][ T7130] ? free_unref_page+0x478/0x5d0 [ 53.829209][ T7130] pipe_to_sendpage+0x214/0x430 [ 53.834262][ T7130] ? generic_pipe_buf_nosteal+0x10/0x10 [ 53.840139][ T7130] ? __put_page+0x5c/0x80 [ 53.844653][ T7130] ? anon_pipe_buf_release+0x167/0x1f0 [ 53.850487][ T7130] __splice_from_pipe+0x2cf/0x730 [ 53.855593][ T7130] ? generic_pipe_buf_nosteal+0x10/0x10 [ 53.861403][ T7130] ? generic_pipe_buf_nosteal+0x10/0x10 [ 53.867056][ T7130] splice_from_pipe+0xbb/0x120 [ 53.871900][ T7130] ? splice_shrink_spd+0xa0/0xa0 [ 53.877026][ T7130] ? apparmor_file_permission+0x15/0x20 [ 53.889687][ T7130] ? rw_verify_area+0xb8/0x2b0 [ 53.894538][ T7130] generic_splice_sendpage+0x10/0x20 [ 53.900361][ T7130] do_splice+0x5a5/0x1300 [ 53.905064][ T7130] ? nsecs_to_jiffies+0x20/0x20 [ 53.910853][ T7130] ? opipe_prep.part.14+0x320/0x320 [ 53.916197][ T7130] ? __fget_light+0x179/0x1f0 [ 53.921180][ T7130] __x64_sys_splice+0x248/0x300 [ 53.926061][ T7130] do_syscall_64+0xd6/0x4e0 [ 53.930834][ T7130] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 53.937073][ T7130] RIP: 0033:0x4582b9 [ 53.940965][ T7130] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 53.961182][ T7130] RSP: 002b:00007fae38c94c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 53.969770][ T7130] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 53.978193][ T7130] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 53.986519][ T7130] RBP: 000000000073bfa0 R08: 0000000000010005 R09: 0000000000000000 [ 53.994760][ T7130] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae38c956d4 [ 54.003106][ T7130] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 54.011183][ T7115] CPU: 0 PID: 7115 Comm: syz-executor.5 Not tainted 5.1.0-rc2+ #1 [ 54.019087][ T7115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 54.029379][ T7115] Call Trace: [ 54.032850][ T7115] dump_stack+0x113/0x167 [ 54.037286][ T7115] __this_cpu_preempt_check+0x1d2/0x200 [ 54.043185][ T7115] sk_mc_loop+0x16/0x180 [ 54.044232][ T7130] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/7130 [ 54.047576][ T7115] ip_mc_output+0x25b/0xca0 [ 54.047581][ T7115] ? __ip_local_out+0x37e/0x6f0 [ 54.047587][ T7115] ? __ip_queue_xmit+0x1d20/0x1d20 [ 54.047593][ T7115] ? ip_append_data.part.52+0x150/0x150 [ 54.047598][ T7115] ? __ip_make_skb+0xe6b/0x1c20 [ 54.047604][ T7115] ip_local_out+0x7e/0x130 [ 54.047610][ T7115] ip_send_skb+0x36/0xa0 [ 54.047617][ T7115] ip_push_pending_frames+0x4d/0x70 [ 54.063987][ T7130] caller is sk_mc_loop+0x16/0x180 [ 54.066990][ T7115] ? raw_sendmsg+0x93b/0x2b20 [ 54.112284][ T7115] raw_sendmsg+0xeac/0x2b20 [ 54.116796][ T7115] ? __lock_acquire+0x5ea/0x4390 [ 54.121818][ T7115] ? compat_raw_getsockopt+0x90/0x90 [ 54.127101][ T7115] ? finish_task_switch+0x14a/0x6e0 [ 54.132607][ T7115] ? _raw_spin_unlock_irq+0x27/0x80 [ 54.137807][ T7115] ? finish_task_switch+0x14a/0x6e0 [ 54.143107][ T7115] ? lockdep_hardirqs_on+0x424/0x5c0 [ 54.148478][ T7115] ? _raw_spin_unlock_irq+0x27/0x80 [ 54.153669][ T7115] ? trace_hardirqs_on+0x28/0x190 [ 54.158772][ T7115] ? aa_profile_af_perm+0x320/0x320 [ 54.164068][ T7115] ? _raw_spin_unlock_irq+0x60/0x80 [ 54.169343][ T7115] ? finish_task_switch+0x14a/0x6e0 [ 54.174529][ T7115] ? finish_task_switch+0x11c/0x6e0 [ 54.179713][ T7115] ? __switch_to_asm+0x34/0x70 [ 54.184460][ T7115] ? __switch_to_asm+0x40/0x70 [ 54.189219][ T7115] ? ___might_sleep+0x16b/0x270 [ 54.194090][ T7115] ? __might_sleep+0x95/0x190 [ 54.198751][ T7115] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 54.204453][ T7115] ? aa_sk_perm+0x167/0x690 [ 54.208950][ T7115] inet_sendmsg+0x10d/0x460 [ 54.213436][ T7115] ? inet_sendmsg+0x10d/0x460 [ 54.218129][ T7115] ? security_socket_sendmsg+0x50/0x90 [ 54.223571][ T7115] ? ipip_gro_receive+0xf0/0xf0 [ 54.228569][ T7115] sock_sendmsg+0xb7/0xf0 [ 54.232887][ T7115] kernel_sendmsg+0x26/0x30 [ 54.237462][ T7115] sock_no_sendpage+0xfd/0x140 [ 54.242211][ T7115] ? sock_kfree_s+0x40/0x40 [ 54.246966][ T7115] ? find_held_lock+0x36/0x1d0 [ 54.251750][ T7115] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 54.257629][ T7115] inet_sendpage+0x367/0x620 [ 54.262233][ T7115] ? kasan_check_read+0x11/0x20 [ 54.267071][ T7115] ? kernel_sendpage+0xd0/0xd0 [ 54.271835][ T7115] kernel_sendpage+0x63/0xd0 [ 54.276404][ T7115] ? free_unref_page+0x478/0x5d0 [ 54.281323][ T7115] sock_sendpage+0x6d/0xd0 [ 54.285719][ T7115] ? free_unref_page+0x478/0x5d0 [ 54.290634][ T7115] pipe_to_sendpage+0x214/0x430 [ 54.295466][ T7115] ? generic_pipe_buf_nosteal+0x10/0x10 [ 54.301003][ T7115] ? __put_page+0x5c/0x80 [ 54.305308][ T7115] ? anon_pipe_buf_release+0x167/0x1f0 [ 54.310745][ T7115] __splice_from_pipe+0x2cf/0x730 [ 54.315748][ T7115] ? generic_pipe_buf_nosteal+0x10/0x10 [ 54.321276][ T7115] ? generic_pipe_buf_nosteal+0x10/0x10 [ 54.326979][ T7115] splice_from_pipe+0xbb/0x120 [ 54.331731][ T7115] ? splice_shrink_spd+0xa0/0xa0 [ 54.336669][ T7115] ? apparmor_file_permission+0x15/0x20 [ 54.342198][ T7115] ? rw_verify_area+0xb8/0x2b0 [ 54.346938][ T7115] generic_splice_sendpage+0x10/0x20 [ 54.352222][ T7115] do_splice+0x5a5/0x1300 [ 54.356545][ T7115] ? nsecs_to_jiffies+0x20/0x20 [ 54.361376][ T7115] ? opipe_prep.part.14+0x320/0x320 [ 54.366569][ T7115] ? __fget_light+0x179/0x1f0 [ 54.371222][ T7115] __x64_sys_splice+0x248/0x300 [ 54.376084][ T7115] do_syscall_64+0xd6/0x4e0 [ 54.380671][ T7115] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 54.386541][ T7115] RIP: 0033:0x4582b9 [ 54.390415][ T7115] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 54.410007][ T7115] RSP: 002b:00007fa8abd53c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 54.418400][ T7115] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 54.426352][ T7115] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 54.434305][ T7115] RBP: 000000000073bfa0 R08: 0000000000010005 R09: 0000000000000000 [ 54.442258][ T7115] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa8abd546d4 [ 54.450233][ T7115] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 54.458203][ T7130] CPU: 1 PID: 7130 Comm: syz-executor.4 Not tainted 5.1.0-rc2+ #1 [ 54.459288][ T7139] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.3/7139 [ 54.465999][ T7130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 54.466002][ T7130] Call Trace: [ 54.466013][ T7130] dump_stack+0x113/0x167 [ 54.466024][ T7130] __this_cpu_preempt_check+0x1d2/0x200 [ 54.466032][ T7130] sk_mc_loop+0x16/0x180 [ 54.466039][ T7130] ip_mc_output+0x25b/0xca0 [ 54.466044][ T7130] ? __ip_local_out+0x37e/0x6f0 [ 54.466050][ T7130] ? __ip_queue_xmit+0x1d20/0x1d20 [ 54.475320][ T7139] caller is sk_mc_loop+0x16/0x180 [ 54.485337][ T7130] ? ip_append_data.part.52+0x150/0x150 [ 54.485343][ T7130] ? __ip_make_skb+0xe6b/0x1c20 [ 54.485349][ T7130] ip_local_out+0x7e/0x130 [ 54.485356][ T7130] ip_send_skb+0x36/0xa0 [ 54.485362][ T7130] ip_push_pending_frames+0x4d/0x70 [ 54.546235][ T7130] ? raw_sendmsg+0x93b/0x2b20 [ 54.550891][ T7130] raw_sendmsg+0xeac/0x2b20 [ 54.555375][ T7130] ? __lock_acquire+0x5ea/0x4390 [ 54.560295][ T7130] ? compat_raw_getsockopt+0x90/0x90 [ 54.565563][ T7130] ? finish_task_switch+0x14a/0x6e0 [ 54.570824][ T7130] ? _raw_spin_unlock_irq+0x27/0x80 [ 54.576004][ T7130] ? finish_task_switch+0x14a/0x6e0 [ 54.581189][ T7130] ? lockdep_hardirqs_on+0x424/0x5c0 [ 54.586451][ T7130] ? _raw_spin_unlock_irq+0x27/0x80 [ 54.591713][ T7130] ? trace_hardirqs_on+0x28/0x190 [ 54.596715][ T7130] ? aa_profile_af_perm+0x320/0x320 [ 54.602012][ T7130] ? _raw_spin_unlock_irq+0x60/0x80 [ 54.607187][ T7130] ? finish_task_switch+0x14a/0x6e0 [ 54.612361][ T7130] ? finish_task_switch+0x11c/0x6e0 [ 54.617537][ T7130] ? __switch_to_asm+0x34/0x70 [ 54.622276][ T7130] ? __switch_to_asm+0x40/0x70 [ 54.627026][ T7130] ? ___might_sleep+0x16b/0x270 [ 54.631860][ T7130] ? __might_sleep+0x95/0x190 [ 54.636514][ T7130] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 54.642210][ T7130] ? aa_sk_perm+0x167/0x690 [ 54.646696][ T7130] inet_sendmsg+0x10d/0x460 [ 54.651173][ T7130] ? inet_sendmsg+0x10d/0x460 [ 54.655837][ T7130] ? security_socket_sendmsg+0x50/0x90 [ 54.661288][ T7130] ? ipip_gro_receive+0xf0/0xf0 [ 54.666116][ T7130] sock_sendmsg+0xb7/0xf0 [ 54.670427][ T7130] kernel_sendmsg+0x26/0x30 [ 54.674908][ T7130] sock_no_sendpage+0xfd/0x140 [ 54.679664][ T7130] ? sock_kfree_s+0x40/0x40 [ 54.684148][ T7130] ? find_held_lock+0x36/0x1d0 [ 54.688896][ T7130] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 54.694682][ T7130] inet_sendpage+0x367/0x620 [ 54.699251][ T7130] ? kasan_check_read+0x11/0x20 [ 54.704080][ T7130] ? kernel_sendpage+0xd0/0xd0 [ 54.708820][ T7130] kernel_sendpage+0x63/0xd0 [ 54.713403][ T7130] ? free_unref_page+0x478/0x5d0 [ 54.718403][ T7130] sock_sendpage+0x6d/0xd0 [ 54.722885][ T7130] ? free_unref_page+0x478/0x5d0 [ 54.734224][ T7130] pipe_to_sendpage+0x214/0x430 [ 54.739194][ T7130] ? generic_pipe_buf_nosteal+0x10/0x10 [ 54.744719][ T7130] ? __put_page+0x5c/0x80 [ 54.749030][ T7130] ? anon_pipe_buf_release+0x167/0x1f0 [ 54.754477][ T7130] __splice_from_pipe+0x2cf/0x730 [ 54.759481][ T7130] ? generic_pipe_buf_nosteal+0x10/0x10 [ 54.765011][ T7130] ? generic_pipe_buf_nosteal+0x10/0x10 [ 54.770532][ T7130] splice_from_pipe+0xbb/0x120 [ 54.775273][ T7130] ? splice_shrink_spd+0xa0/0xa0 [ 54.780186][ T7130] ? apparmor_file_permission+0x15/0x20 [ 54.785711][ T7130] ? rw_verify_area+0xb8/0x2b0 [ 54.790455][ T7130] generic_splice_sendpage+0x10/0x20 [ 54.795719][ T7130] do_splice+0x5a5/0x1300 [ 54.800041][ T7130] ? nsecs_to_jiffies+0x20/0x20 [ 54.804872][ T7130] ? opipe_prep.part.14+0x320/0x320 [ 54.810053][ T7130] ? __fget_light+0x179/0x1f0 [ 54.814802][ T7130] __x64_sys_splice+0x248/0x300 [ 54.819632][ T7130] do_syscall_64+0xd6/0x4e0 [ 54.824116][ T7130] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 54.829995][ T7130] RIP: 0033:0x4582b9 [ 54.833877][ T7130] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 54.853650][ T7130] RSP: 002b:00007fae38c94c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 54.862042][ T7130] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 54.870004][ T7130] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 54.877955][ T7130] RBP: 000000000073bfa0 R08: 0000000000010005 R09: 0000000000000000 [ 54.885913][ T7130] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae38c956d4 [ 54.893864][ T7130] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 54.901832][ T7139] CPU: 0 PID: 7139 Comm: syz-executor.3 Not tainted 5.1.0-rc2+ #1 [ 54.909627][ T7139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 54.919675][ T7139] Call Trace: [ 54.922956][ T7139] dump_stack+0x113/0x167 [ 54.927292][ T7139] __this_cpu_preempt_check+0x1d2/0x200 [ 54.932961][ T7139] sk_mc_loop+0x16/0x180 [ 54.937250][ T7139] ip_mc_output+0x25b/0xca0 2019/04/03 06:01:27 executed programs: 8 [ 54.941732][ T7139] ? __ip_local_out+0x37e/0x6f0 [ 54.946570][ T7139] ? __ip_queue_xmit+0x1d20/0x1d20 [ 54.951663][ T7139] ? ip_append_data.part.52+0x150/0x150 [ 54.957193][ T7139] ? __ip_make_skb+0xe6b/0x1c20 [ 54.962038][ T7139] ip_local_out+0x7e/0x130 [ 54.966446][ T7139] ip_send_skb+0x36/0xa0 [ 54.970681][ T7139] ip_push_pending_frames+0x4d/0x70 [ 54.975868][ T7139] ? raw_sendmsg+0x93b/0x2b20 [ 54.980536][ T7139] raw_sendmsg+0xeac/0x2b20 [ 54.985033][ T7139] ? __lock_acquire+0x5ea/0x4390 [ 54.989980][ T7139] ? compat_raw_getsockopt+0x90/0x90 [ 54.995388][ T7139] ? mall_dump+0x2c0/0x620 [ 54.999259][ T7098] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.999890][ T7139] ? finish_task_switch+0x14a/0x6e0 [ 54.999899][ T7139] ? _raw_spin_unlock_irq+0x27/0x80 [ 54.999903][ T7139] ? finish_task_switch+0x14a/0x6e0 [ 54.999913][ T7139] ? lockdep_hardirqs_on+0x424/0x5c0 [ 55.022192][ T7139] ? _raw_spin_unlock_irq+0x27/0x80 [ 55.022202][ T7139] ? trace_hardirqs_on+0x28/0x190 [ 55.022213][ T7139] ? aa_profile_af_perm+0x320/0x320 [ 55.022220][ T7139] ? _raw_spin_unlock_irq+0x60/0x80 [ 55.037666][ T7139] ? finish_task_switch+0x14a/0x6e0 [ 55.037671][ T7139] ? finish_task_switch+0x11c/0x6e0 [ 55.037679][ T7139] ? __switch_to_asm+0x34/0x70 [ 55.037683][ T7139] ? __switch_to_asm+0x40/0x70 [ 55.037694][ T7139] ? ___might_sleep+0x16b/0x270 [ 55.037700][ T7139] ? __might_sleep+0x95/0x190 [ 55.037707][ T7139] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 55.037715][ T7139] ? aa_sk_perm+0x167/0x690 [ 55.037728][ T7139] inet_sendmsg+0x10d/0x460 [ 55.037733][ T7139] ? inet_sendmsg+0x10d/0x460 [ 55.037738][ T7139] ? security_socket_sendmsg+0x50/0x90 [ 55.037744][ T7139] ? ipip_gro_receive+0xf0/0xf0 [ 55.037751][ T7139] sock_sendmsg+0xb7/0xf0 [ 55.037757][ T7139] kernel_sendmsg+0x26/0x30 [ 55.037763][ T7139] sock_no_sendpage+0xfd/0x140 [ 55.037768][ T7139] ? sock_kfree_s+0x40/0x40 [ 55.037788][ T7139] inet_sendpage+0x367/0x620 [ 55.037794][ T7139] ? kernel_sendpage+0xd0/0xd0 [ 55.037799][ T7139] kernel_sendpage+0x63/0xd0 [ 55.037805][ T7139] ? pipe_lock+0x4f/0x60 [ 55.037810][ T7139] sock_sendpage+0x6d/0xd0 [ 55.037817][ T7139] pipe_to_sendpage+0x214/0x430 [ 55.037823][ T7139] ? generic_pipe_buf_nosteal+0x10/0x10 [ 55.037833][ T7139] __splice_from_pipe+0x2cf/0x730 [ 55.053635][ T7139] ? generic_pipe_buf_nosteal+0x10/0x10 [ 55.096457][ T7094] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.097749][ T7139] ? generic_pipe_buf_nosteal+0x10/0x10 [ 55.097756][ T7139] splice_from_pipe+0xbb/0x120 [ 55.097762][ T7139] ? splice_shrink_spd+0xa0/0xa0 [ 55.097768][ T7139] ? apparmor_file_permission+0x15/0x20 [ 55.097778][ T7139] ? rw_verify_area+0xb8/0x2b0 [ 55.107865][ T7139] generic_splice_sendpage+0x10/0x20 [ 55.107869][ T7139] do_splice+0x5a5/0x1300 [ 55.107878][ T7139] ? nsecs_to_jiffies+0x20/0x20 [ 55.107884][ T7139] ? opipe_prep.part.14+0x320/0x320 [ 55.107892][ T7139] ? __fget_light+0x179/0x1f0 [ 55.107899][ T7139] __x64_sys_splice+0x248/0x300 [ 55.107908][ T7139] do_syscall_64+0xd6/0x4e0 [ 55.107919][ T7139] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 55.107925][ T7139] RIP: 0033:0x4582b9 [ 55.107932][ T7139] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 55.107935][ T7139] RSP: 002b:00007f4be301ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 55.107940][ T7139] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 55.107943][ T7139] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 55.107945][ T7139] RBP: 000000000073bfa0 R08: 0000000000010005 R09: 0000000000000000 [ 55.107948][ T7139] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4be301f6d4 [ 55.107951][ T7139] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 56.312650][ T7206] check_preemption_disabled: 140 callbacks suppressed [ 56.312673][ T7206] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.3/7206 [ 56.329030][ T7206] caller is sk_mc_loop+0x16/0x180 [ 56.329788][ T7207] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.5/7207 [ 56.334169][ T7206] CPU: 1 PID: 7206 Comm: syz-executor.3 Not tainted 5.1.0-rc2+ #1 [ 56.334173][ T7206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 56.334176][ T7206] Call Trace: [ 56.334186][ T7206] dump_stack+0x113/0x167 [ 56.334196][ T7206] __this_cpu_preempt_check+0x1d2/0x200 [ 56.334204][ T7206] sk_mc_loop+0x16/0x180 [ 56.334212][ T7206] ip_mc_output+0x25b/0xca0 [ 56.334217][ T7206] ? __ip_local_out+0x37e/0x6f0 [ 56.334224][ T7206] ? __ip_queue_xmit+0x1d20/0x1d20 [ 56.334231][ T7206] ? ip_append_data.part.52+0x150/0x150 [ 56.334237][ T7206] ? __ip_make_skb+0xe6b/0x1c20 [ 56.334245][ T7206] ip_local_out+0x7e/0x130 [ 56.344532][ T7207] caller is sk_mc_loop+0x16/0x180 [ 56.351299][ T7206] ip_send_skb+0x36/0xa0 [ 56.417148][ T7206] ip_push_pending_frames+0x4d/0x70 [ 56.422323][ T7206] ? raw_sendmsg+0x93b/0x2b20 [ 56.427016][ T7206] raw_sendmsg+0xeac/0x2b20 [ 56.431495][ T7206] ? __lock_acquire+0x5ea/0x4390 [ 56.436417][ T7206] ? compat_raw_getsockopt+0x90/0x90 [ 56.441690][ T7206] ? finish_task_switch+0x14a/0x6e0 [ 56.446865][ T7206] ? _raw_spin_unlock_irq+0x27/0x80 [ 56.452127][ T7206] ? finish_task_switch+0x14a/0x6e0 [ 56.457318][ T7206] ? lockdep_hardirqs_on+0x424/0x5c0 [ 56.462578][ T7206] ? _raw_spin_unlock_irq+0x27/0x80 [ 56.467754][ T7206] ? aa_profile_af_perm+0x320/0x320 [ 56.472935][ T7206] ? _raw_spin_unlock_irq+0x60/0x80 [ 56.478110][ T7206] ? finish_task_switch+0x14a/0x6e0 [ 56.483283][ T7206] ? finish_task_switch+0x11c/0x6e0 [ 56.488542][ T7206] ? __switch_to_asm+0x34/0x70 [ 56.493281][ T7206] ? __switch_to_asm+0x40/0x70 [ 56.498029][ T7206] ? ___might_sleep+0x16b/0x270 [ 56.502881][ T7206] ? __might_sleep+0x95/0x190 [ 56.507537][ T7206] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 56.513147][ T7206] ? aa_sk_perm+0x167/0x690 [ 56.517627][ T7206] ? kasan_check_read+0x11/0x20 [ 56.522461][ T7206] inet_sendmsg+0x10d/0x460 [ 56.526953][ T7206] ? inet_sendmsg+0x10d/0x460 [ 56.531605][ T7206] ? security_socket_sendmsg+0x50/0x90 [ 56.537040][ T7206] ? ipip_gro_receive+0xf0/0xf0 [ 56.541867][ T7206] sock_sendmsg+0xb7/0xf0 [ 56.546173][ T7206] kernel_sendmsg+0x26/0x30 [ 56.550653][ T7206] sock_no_sendpage+0xfd/0x140 [ 56.555394][ T7206] ? sock_kfree_s+0x40/0x40 [ 56.559887][ T7206] inet_sendpage+0x367/0x620 [ 56.564549][ T7206] ? kernel_sendpage+0xd0/0xd0 [ 56.569482][ T7206] kernel_sendpage+0x63/0xd0 [ 56.574050][ T7206] ? pipe_lock+0x4f/0x60 [ 56.578271][ T7206] sock_sendpage+0x6d/0xd0 [ 56.582674][ T7206] pipe_to_sendpage+0x214/0x430 [ 56.587505][ T7206] ? generic_pipe_buf_nosteal+0x10/0x10 [ 56.593118][ T7206] __splice_from_pipe+0x2cf/0x730 [ 56.598121][ T7206] ? generic_pipe_buf_nosteal+0x10/0x10 [ 56.603648][ T7206] ? generic_pipe_buf_nosteal+0x10/0x10 [ 56.609177][ T7206] splice_from_pipe+0xbb/0x120 [ 56.613923][ T7206] ? splice_shrink_spd+0xa0/0xa0 [ 56.618835][ T7206] ? apparmor_file_permission+0x15/0x20 [ 56.624449][ T7206] ? rw_verify_area+0xb8/0x2b0 [ 56.629189][ T7206] generic_splice_sendpage+0x10/0x20 [ 56.634451][ T7206] do_splice+0x5a5/0x1300 [ 56.638761][ T7206] ? nsecs_to_jiffies+0x20/0x20 [ 56.643643][ T7206] ? opipe_prep.part.14+0x320/0x320 [ 56.648823][ T7206] ? __fget_light+0x179/0x1f0 [ 56.653478][ T7206] __x64_sys_splice+0x248/0x300 [ 56.658396][ T7206] do_syscall_64+0xd6/0x4e0 [ 56.662877][ T7206] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 56.668749][ T7206] RIP: 0033:0x4582b9 [ 56.672621][ T7206] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 56.692203][ T7206] RSP: 002b:00007f4be301ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 56.700708][ T7206] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 56.708674][ T7206] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 56.716636][ T7206] RBP: 000000000073bfa0 R08: 0000000000010005 R09: 0000000000000000 [ 56.724587][ T7206] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4be301f6d4 [ 56.732537][ T7206] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 56.740501][ T7207] CPU: 0 PID: 7207 Comm: syz-executor.5 Not tainted 5.1.0-rc2+ #1 [ 56.741376][ T7208] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/7208 [ 56.748293][ T7207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 56.748296][ T7207] Call Trace: [ 56.748306][ T7207] dump_stack+0x113/0x167 [ 56.748317][ T7207] __this_cpu_preempt_check+0x1d2/0x200 [ 56.748325][ T7207] sk_mc_loop+0x16/0x180 [ 56.748332][ T7207] ip_mc_output+0x25b/0xca0 [ 56.748339][ T7207] ? __ip_local_out+0x37e/0x6f0 [ 56.757621][ T7208] caller is sk_mc_loop+0x16/0x180 [ 56.767760][ T7207] ? __ip_queue_xmit+0x1d20/0x1d20 [ 56.767767][ T7207] ? ip_append_data.part.52+0x150/0x150 [ 56.767772][ T7207] ? __ip_make_skb+0xe6b/0x1c20 [ 56.767778][ T7207] ip_local_out+0x7e/0x130 [ 56.767786][ T7207] ip_send_skb+0x36/0xa0 [ 56.767792][ T7207] ip_push_pending_frames+0x4d/0x70 [ 56.828601][ T7207] ? raw_sendmsg+0x93b/0x2b20 [ 56.833255][ T7207] raw_sendmsg+0xeac/0x2b20 [ 56.837741][ T7207] ? __lock_acquire+0x5ea/0x4390 [ 56.842660][ T7207] ? compat_raw_getsockopt+0x90/0x90 [ 56.847959][ T7207] ? finish_task_switch+0x14a/0x6e0 [ 56.853133][ T7207] ? _raw_spin_unlock_irq+0x27/0x80 [ 56.858506][ T7207] ? finish_task_switch+0x14a/0x6e0 [ 56.863681][ T7207] ? lockdep_hardirqs_on+0x424/0x5c0 [ 56.868969][ T7207] ? _raw_spin_unlock_irq+0x27/0x80 [ 56.874161][ T7207] ? aa_profile_af_perm+0x320/0x320 [ 56.879337][ T7207] ? _raw_spin_unlock_irq+0x60/0x80 [ 56.884773][ T7207] ? finish_task_switch+0x14a/0x6e0 [ 56.889947][ T7207] ? finish_task_switch+0x11c/0x6e0 [ 56.895148][ T7207] ? __switch_to_asm+0x34/0x70 [ 56.899930][ T7207] ? __switch_to_asm+0x40/0x70 [ 56.904690][ T7207] ? ___might_sleep+0x16b/0x270 [ 56.909538][ T7207] ? __might_sleep+0x95/0x190 [ 56.914198][ T7207] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 56.919806][ T7207] ? aa_sk_perm+0x167/0x690 [ 56.924289][ T7207] ? kasan_check_read+0x11/0x20 [ 56.929122][ T7207] inet_sendmsg+0x10d/0x460 [ 56.933599][ T7207] ? inet_sendmsg+0x10d/0x460 [ 56.938260][ T7207] ? security_socket_sendmsg+0x50/0x90 [ 56.943699][ T7207] ? ipip_gro_receive+0xf0/0xf0 [ 56.948551][ T7207] sock_sendmsg+0xb7/0xf0 [ 56.952888][ T7207] kernel_sendmsg+0x26/0x30 [ 56.957383][ T7207] sock_no_sendpage+0xfd/0x140 [ 56.962130][ T7207] ? sock_kfree_s+0x40/0x40 [ 56.966628][ T7207] inet_sendpage+0x367/0x620 [ 56.971195][ T7207] ? kernel_sendpage+0xd0/0xd0 [ 56.975938][ T7207] kernel_sendpage+0x63/0xd0 [ 56.980505][ T7207] ? pipe_lock+0x4f/0x60 [ 56.984726][ T7207] sock_sendpage+0x6d/0xd0 [ 56.989141][ T7207] pipe_to_sendpage+0x214/0x430 [ 56.993980][ T7207] ? generic_pipe_buf_nosteal+0x10/0x10 [ 56.999522][ T7207] __splice_from_pipe+0x2cf/0x730 [ 57.004522][ T7207] ? generic_pipe_buf_nosteal+0x10/0x10 [ 57.010054][ T7207] ? generic_pipe_buf_nosteal+0x10/0x10 [ 57.015573][ T7207] splice_from_pipe+0xbb/0x120 [ 57.020316][ T7207] ? splice_shrink_spd+0xa0/0xa0 [ 57.025229][ T7207] ? apparmor_file_permission+0x15/0x20 [ 57.030754][ T7207] ? rw_verify_area+0xb8/0x2b0 [ 57.035495][ T7207] generic_splice_sendpage+0x10/0x20 [ 57.040847][ T7207] do_splice+0x5a5/0x1300 [ 57.045162][ T7207] ? nsecs_to_jiffies+0x20/0x20 [ 57.050191][ T7207] ? opipe_prep.part.14+0x320/0x320 [ 57.055364][ T7207] ? __fget_light+0x179/0x1f0 [ 57.060021][ T7207] __x64_sys_splice+0x248/0x300 [ 57.064851][ T7207] do_syscall_64+0xd6/0x4e0 [ 57.069335][ T7207] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 57.075205][ T7207] RIP: 0033:0x4582b9 [ 57.079085][ T7207] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 57.098667][ T7207] RSP: 002b:00007fa8abd53c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 57.107061][ T7207] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 57.115009][ T7207] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 57.122962][ T7207] RBP: 000000000073bfa0 R08: 0000000000010005 R09: 0000000000000000 [ 57.130919][ T7207] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa8abd546d4 [ 57.138881][ T7207] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 57.146857][ T7208] CPU: 1 PID: 7208 Comm: syz-executor.4 Not tainted 5.1.0-rc2+ #1 [ 57.154674][ T7208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 57.164723][ T7208] Call Trace: [ 57.164951][ T7207] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.5/7207 [ 57.168014][ T7208] dump_stack+0x113/0x167 [ 57.168027][ T7208] __this_cpu_preempt_check+0x1d2/0x200 [ 57.168037][ T7208] sk_mc_loop+0x16/0x180 [ 57.168045][ T7208] ip_mc_output+0x25b/0xca0 [ 57.168050][ T7208] ? __ip_local_out+0x37e/0x6f0 [ 57.168057][ T7208] ? __ip_queue_xmit+0x1d20/0x1d20 [ 57.168065][ T7208] ? ip_append_data.part.52+0x150/0x150 [ 57.168072][ T7208] ? __ip_make_skb+0xe6b/0x1c20 [ 57.168079][ T7208] ip_local_out+0x7e/0x130 [ 57.168088][ T7208] ip_send_skb+0x36/0xa0 [ 57.177725][ T7207] caller is sk_mc_loop+0x16/0x180 [ 57.181934][ T7208] ip_push_pending_frames+0x4d/0x70 [ 57.235156][ T7208] ? raw_sendmsg+0x93b/0x2b20 [ 57.239811][ T7208] raw_sendmsg+0xeac/0x2b20 [ 57.244296][ T7208] ? __lock_acquire+0x5ea/0x4390 [ 57.249213][ T7208] ? compat_raw_getsockopt+0x90/0x90 [ 57.254479][ T7208] ? finish_task_switch+0x14a/0x6e0 [ 57.259654][ T7208] ? _raw_spin_unlock_irq+0x27/0x80 [ 57.264922][ T7208] ? finish_task_switch+0x14a/0x6e0 [ 57.270094][ T7208] ? lockdep_hardirqs_on+0x424/0x5c0 [ 57.275489][ T7208] ? _raw_spin_unlock_irq+0x27/0x80 [ 57.280666][ T7208] ? aa_profile_af_perm+0x320/0x320 [ 57.285923][ T7208] ? _raw_spin_unlock_irq+0x60/0x80 [ 57.291101][ T7208] ? finish_task_switch+0x14a/0x6e0 [ 57.296373][ T7208] ? finish_task_switch+0x11c/0x6e0 [ 57.301549][ T7208] ? __switch_to_asm+0x34/0x70 [ 57.306287][ T7208] ? __switch_to_asm+0x40/0x70 [ 57.311120][ T7208] ? ___might_sleep+0x16b/0x270 [ 57.315944][ T7208] ? __might_sleep+0x95/0x190 [ 57.320684][ T7208] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 57.326292][ T7208] ? aa_sk_perm+0x167/0x690 [ 57.330769][ T7208] ? kasan_check_read+0x11/0x20 [ 57.335728][ T7208] inet_sendmsg+0x10d/0x460 [ 57.340212][ T7208] ? inet_sendmsg+0x10d/0x460 [ 57.344876][ T7208] ? security_socket_sendmsg+0x50/0x90 [ 57.350319][ T7208] ? ipip_gro_receive+0xf0/0xf0 [ 57.355148][ T7208] sock_sendmsg+0xb7/0xf0 [ 57.359459][ T7208] kernel_sendmsg+0x26/0x30 [ 57.363960][ T7208] sock_no_sendpage+0xfd/0x140 [ 57.368701][ T7208] ? sock_kfree_s+0x40/0x40 [ 57.373193][ T7208] inet_sendpage+0x367/0x620 [ 57.377845][ T7208] ? kernel_sendpage+0xd0/0xd0 [ 57.382672][ T7208] kernel_sendpage+0x63/0xd0 [ 57.387249][ T7208] ? pipe_lock+0x4f/0x60 [ 57.391466][ T7208] sock_sendpage+0x6d/0xd0 [ 57.395967][ T7208] pipe_to_sendpage+0x214/0x430 [ 57.400794][ T7208] ? generic_pipe_buf_nosteal+0x10/0x10 [ 57.406318][ T7208] __splice_from_pipe+0x2cf/0x730 [ 57.411330][ T7208] ? generic_pipe_buf_nosteal+0x10/0x10 [ 57.416851][ T7208] ? generic_pipe_buf_nosteal+0x10/0x10 [ 57.422377][ T7208] splice_from_pipe+0xbb/0x120 [ 57.427118][ T7208] ? splice_shrink_spd+0xa0/0xa0 [ 57.432033][ T7208] ? apparmor_file_permission+0x15/0x20 [ 57.437554][ T7208] ? rw_verify_area+0xb8/0x2b0 [ 57.442292][ T7208] generic_splice_sendpage+0x10/0x20 [ 57.447553][ T7208] do_splice+0x5a5/0x1300 [ 57.451864][ T7208] ? nsecs_to_jiffies+0x20/0x20 [ 57.456697][ T7208] ? opipe_prep.part.14+0x320/0x320 [ 57.461883][ T7208] ? __fget_light+0x179/0x1f0 [ 57.466539][ T7208] __x64_sys_splice+0x248/0x300 [ 57.471371][ T7208] do_syscall_64+0xd6/0x4e0 [ 57.475927][ T7208] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 57.481797][ T7208] RIP: 0033:0x4582b9 [ 57.485686][ T7208] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 57.505268][ T7208] RSP: 002b:00007fae38c94c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 57.513667][ T7208] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 57.521622][ T7208] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 57.529572][ T7208] RBP: 000000000073bfa0 R08: 0000000000010005 R09: 0000000000000000 [ 57.537699][ T7208] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae38c956d4 [ 57.545934][ T7208] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 57.553906][ T7207] CPU: 0 PID: 7207 Comm: syz-executor.5 Not tainted 5.1.0-rc2+ #1 [ 57.554803][ T7209] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/7209 [ 57.561804][ T7207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 57.561807][ T7207] Call Trace: [ 57.561818][ T7207] dump_stack+0x113/0x167 [ 57.561829][ T7207] __this_cpu_preempt_check+0x1d2/0x200 [ 57.561837][ T7207] sk_mc_loop+0x16/0x180 [ 57.561845][ T7207] ip_mc_output+0x25b/0xca0 [ 57.571234][ T7209] caller is sk_mc_loop+0x16/0x180 [ 57.581315][ T7207] ? __ip_local_out+0x37e/0x6f0 [ 57.581321][ T7207] ? __ip_queue_xmit+0x1d20/0x1d20 [ 57.581328][ T7207] ? ip_append_data.part.52+0x150/0x150 [ 57.581333][ T7207] ? __ip_make_skb+0xe6b/0x1c20 [ 57.581341][ T7207] ip_local_out+0x7e/0x130 [ 57.632848][ T7207] ip_send_skb+0x36/0xa0 [ 57.637077][ T7207] ip_push_pending_frames+0x4d/0x70 [ 57.642248][ T7207] ? raw_sendmsg+0x93b/0x2b20 [ 57.646899][ T7207] raw_sendmsg+0xeac/0x2b20 [ 57.651379][ T7207] ? __lock_acquire+0x5ea/0x4390 [ 57.656418][ T7207] ? compat_raw_getsockopt+0x90/0x90 [ 57.661883][ T7207] ? finish_task_switch+0x14a/0x6e0 [ 57.667059][ T7207] ? _raw_spin_unlock_irq+0x27/0x80 [ 57.672232][ T7207] ? finish_task_switch+0x14a/0x6e0 [ 57.677402][ T7207] ? lockdep_hardirqs_on+0x424/0x5c0 [ 57.682661][ T7207] ? _raw_spin_unlock_irq+0x27/0x80 [ 57.687948][ T7207] ? aa_profile_af_perm+0x320/0x320 [ 57.693129][ T7207] ? _raw_spin_unlock_irq+0x60/0x80 [ 57.698299][ T7207] ? finish_task_switch+0x14a/0x6e0 [ 57.703477][ T7207] ? finish_task_switch+0x11c/0x6e0 [ 57.708646][ T7207] ? __switch_to_asm+0x34/0x70 [ 57.713383][ T7207] ? __switch_to_asm+0x40/0x70 [ 57.718136][ T7207] ? ___might_sleep+0x16b/0x270 [ 57.722989][ T7207] ? __might_sleep+0x95/0x190 [ 57.727654][ T7207] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 57.733448][ T7207] ? aa_sk_perm+0x167/0x690 [ 57.737933][ T7207] ? kasan_check_read+0x11/0x20 [ 57.742768][ T7207] inet_sendmsg+0x10d/0x460 [ 57.747255][ T7207] ? inet_sendmsg+0x10d/0x460 [ 57.751995][ T7207] ? security_socket_sendmsg+0x50/0x90 [ 57.757427][ T7207] ? ipip_gro_receive+0xf0/0xf0 [ 57.762256][ T7207] sock_sendmsg+0xb7/0xf0 [ 57.766659][ T7207] kernel_sendmsg+0x26/0x30 [ 57.771143][ T7207] sock_no_sendpage+0xfd/0x140 [ 57.775908][ T7207] ? sock_kfree_s+0x40/0x40 [ 57.780406][ T7207] inet_sendpage+0x367/0x620 [ 57.785158][ T7207] ? kernel_sendpage+0xd0/0xd0 [ 57.789921][ T7207] kernel_sendpage+0x63/0xd0 [ 57.794483][ T7207] ? pipe_lock+0x4f/0x60 [ 57.798702][ T7207] sock_sendpage+0x6d/0xd0 [ 57.803095][ T7207] pipe_to_sendpage+0x214/0x430 [ 57.807922][ T7207] ? generic_pipe_buf_nosteal+0x10/0x10 [ 57.813445][ T7207] ? kasan_check_read+0x11/0x20 [ 57.818269][ T7207] ? anon_pipe_buf_release+0x71/0x1f0 [ 57.823616][ T7207] __splice_from_pipe+0x2cf/0x730 [ 57.828712][ T7207] ? generic_pipe_buf_nosteal+0x10/0x10 [ 57.834238][ T7207] ? generic_pipe_buf_nosteal+0x10/0x10 [ 57.839757][ T7207] splice_from_pipe+0xbb/0x120 [ 57.844509][ T7207] ? splice_shrink_spd+0xa0/0xa0 [ 57.849516][ T7207] ? apparmor_file_permission+0x15/0x20 [ 57.855136][ T7207] ? rw_verify_area+0xb8/0x2b0 [ 57.859891][ T7207] generic_splice_sendpage+0x10/0x20 [ 57.865264][ T7207] do_splice+0x5a5/0x1300 [ 57.869578][ T7207] ? nsecs_to_jiffies+0x20/0x20 [ 57.874419][ T7207] ? opipe_prep.part.14+0x320/0x320 [ 57.879595][ T7207] ? __fget_light+0x179/0x1f0 [ 57.889557][ T7207] __x64_sys_splice+0x248/0x300 [ 57.894710][ T7207] do_syscall_64+0xd6/0x4e0 [ 57.899193][ T7207] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 57.905151][ T7207] RIP: 0033:0x4582b9 [ 57.909021][ T7207] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 57.928613][ T7207] RSP: 002b:00007fa8abd53c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 57.937012][ T7207] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 57.945266][ T7207] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 57.953217][ T7207] RBP: 000000000073bfa0 R08: 0000000000010005 R09: 0000000000000000 [ 57.961184][ T7207] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa8abd546d4 [ 57.969137][ T7207] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 57.977371][ T7209] CPU: 1 PID: 7209 Comm: syz-executor.0 Not tainted 5.1.0-rc2+ #1 [ 57.985169][ T7209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 57.988011][ T7208] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/7208 [ 57.996562][ T7209] Call Trace: [ 57.996575][ T7209] dump_stack+0x113/0x167 [ 57.996584][ T7209] __this_cpu_preempt_check+0x1d2/0x200 [ 57.996592][ T7209] sk_mc_loop+0x16/0x180 [ 57.996599][ T7209] ip_mc_output+0x25b/0xca0 [ 57.996604][ T7209] ? __ip_local_out+0x37e/0x6f0 [ 57.996611][ T7209] ? __ip_queue_xmit+0x1d20/0x1d20 [ 57.996623][ T7209] ? ip_append_data.part.52+0x150/0x150 [ 57.996628][ T7209] ? __ip_make_skb+0xe6b/0x1c20 [ 57.996634][ T7209] ip_local_out+0x7e/0x130 [ 57.996640][ T7209] ip_send_skb+0x36/0xa0 [ 57.996645][ T7209] ip_push_pending_frames+0x4d/0x70 [ 57.996650][ T7209] ? raw_sendmsg+0x93b/0x2b20 [ 57.996654][ T7209] raw_sendmsg+0xeac/0x2b20 [ 57.996661][ T7209] ? __lock_acquire+0x5ea/0x4390 [ 57.996670][ T7209] ? compat_raw_getsockopt+0x90/0x90 [ 57.996681][ T7209] ? finish_task_switch+0x14a/0x6e0 [ 58.005968][ T7208] caller is sk_mc_loop+0x16/0x180 [ 58.009199][ T7209] ? _raw_spin_unlock_irq+0x27/0x80 [ 58.102484][ T7209] ? finish_task_switch+0x14a/0x6e0 [ 58.107830][ T7209] ? lockdep_hardirqs_on+0x424/0x5c0 [ 58.113110][ T7209] ? _raw_spin_unlock_irq+0x27/0x80 [ 58.118310][ T7209] ? aa_profile_af_perm+0x320/0x320 [ 58.123490][ T7209] ? _raw_spin_unlock_irq+0x60/0x80 [ 58.128663][ T7209] ? finish_task_switch+0x14a/0x6e0 [ 58.133931][ T7209] ? finish_task_switch+0x11c/0x6e0 [ 58.139188][ T7209] ? __switch_to_asm+0x34/0x70 [ 58.143927][ T7209] ? __switch_to_asm+0x40/0x70 [ 58.148674][ T7209] ? ___might_sleep+0x16b/0x270 [ 58.153498][ T7209] ? __might_sleep+0x95/0x190 [ 58.158176][ T7209] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 58.163797][ T7209] ? aa_sk_perm+0x167/0x690 [ 58.168277][ T7209] ? kasan_check_read+0x11/0x20 [ 58.173197][ T7209] inet_sendmsg+0x10d/0x460 [ 58.177766][ T7209] ? inet_sendmsg+0x10d/0x460 [ 58.182426][ T7209] ? security_socket_sendmsg+0x50/0x90 [ 58.187870][ T7209] ? ipip_gro_receive+0xf0/0xf0 [ 58.192746][ T7209] sock_sendmsg+0xb7/0xf0 [ 58.197052][ T7209] kernel_sendmsg+0x26/0x30 [ 58.201534][ T7209] sock_no_sendpage+0xfd/0x140 [ 58.206274][ T7209] ? sock_kfree_s+0x40/0x40 [ 58.210780][ T7209] inet_sendpage+0x367/0x620 [ 58.215538][ T7209] ? kernel_sendpage+0xd0/0xd0 [ 58.220275][ T7209] kernel_sendpage+0x63/0xd0 [ 58.224839][ T7209] ? pipe_lock+0x4f/0x60 [ 58.229066][ T7209] sock_sendpage+0x6d/0xd0 [ 58.233461][ T7209] pipe_to_sendpage+0x214/0x430 [ 58.238290][ T7209] ? generic_pipe_buf_nosteal+0x10/0x10 [ 58.243902][ T7209] __splice_from_pipe+0x2cf/0x730 [ 58.248912][ T7209] ? generic_pipe_buf_nosteal+0x10/0x10 [ 58.254521][ T7209] ? generic_pipe_buf_nosteal+0x10/0x10 [ 58.260038][ T7209] splice_from_pipe+0xbb/0x120 [ 58.264784][ T7209] ? splice_shrink_spd+0xa0/0xa0 [ 58.269707][ T7209] ? apparmor_file_permission+0x15/0x20 [ 58.275315][ T7209] ? rw_verify_area+0xb8/0x2b0 [ 58.280053][ T7209] generic_splice_sendpage+0x10/0x20 [ 58.285311][ T7209] do_splice+0x5a5/0x1300 [ 58.289624][ T7209] ? nsecs_to_jiffies+0x20/0x20 [ 58.294451][ T7209] ? opipe_prep.part.14+0x320/0x320 [ 58.299635][ T7209] ? __fget_light+0x179/0x1f0 [ 58.304296][ T7209] __x64_sys_splice+0x248/0x300 [ 58.309126][ T7209] do_syscall_64+0xd6/0x4e0 [ 58.313612][ T7209] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 58.319565][ T7209] RIP: 0033:0x4582b9 [ 58.323522][ T7209] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 58.343197][ T7209] RSP: 002b:00007f3f3da42c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 58.351595][ T7209] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 58.359549][ T7209] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 58.367497][ T7209] RBP: 000000000073bfa0 R08: 0000000000010005 R09: 0000000000000000 [ 58.375444][ T7209] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3f3da436d4 [ 58.383477][ T7209] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 58.391451][ T7208] CPU: 0 PID: 7208 Comm: syz-executor.4 Not tainted 5.1.0-rc2+ #1 [ 58.398721][ T7207] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.5/7207 [ 58.399246][ T7208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 58.408641][ T7207] caller is sk_mc_loop+0x16/0x180 [ 58.418613][ T7208] Call Trace: [ 58.418622][ T7208] dump_stack+0x113/0x167 [ 58.418633][ T7208] __this_cpu_preempt_check+0x1d2/0x200 [ 58.418640][ T7208] sk_mc_loop+0x16/0x180 [ 58.440933][ T7208] ip_mc_output+0x25b/0xca0 [ 58.445587][ T7208] ? __ip_local_out+0x37e/0x6f0 [ 58.450487][ T7208] ? __ip_queue_xmit+0x1d20/0x1d20 [ 58.455679][ T7208] ? ip_append_data.part.52+0x150/0x150 [ 58.461210][ T7208] ? __ip_make_skb+0xe6b/0x1c20 [ 58.466037][ T7208] ip_local_out+0x7e/0x130 [ 58.470506][ T7208] ip_send_skb+0x36/0xa0 [ 58.474814][ T7208] ip_push_pending_frames+0x4d/0x70 [ 58.480255][ T7208] ? raw_sendmsg+0x93b/0x2b20 [ 58.485001][ T7208] raw_sendmsg+0xeac/0x2b20 [ 58.489659][ T7208] ? __lock_acquire+0x5ea/0x4390 [ 58.494856][ T7208] ? compat_raw_getsockopt+0x90/0x90 [ 58.500130][ T7208] ? finish_task_switch+0x14a/0x6e0 [ 58.505480][ T7208] ? _raw_spin_unlock_irq+0x27/0x80 [ 58.510649][ T7208] ? finish_task_switch+0x14a/0x6e0 [ 58.515822][ T7208] ? lockdep_hardirqs_on+0x424/0x5c0 [ 58.521092][ T7208] ? _raw_spin_unlock_irq+0x27/0x80 [ 58.526280][ T7208] ? aa_profile_af_perm+0x320/0x320 [ 58.531452][ T7208] ? _raw_spin_unlock_irq+0x60/0x80 [ 58.536625][ T7208] ? finish_task_switch+0x14a/0x6e0 [ 58.541814][ T7208] ? finish_task_switch+0x11c/0x6e0 [ 58.547086][ T7208] ? __switch_to_asm+0x34/0x70 [ 58.551921][ T7208] ? __switch_to_asm+0x40/0x70 [ 58.556757][ T7208] ? ___might_sleep+0x16b/0x270 [ 58.561588][ T7208] ? __might_sleep+0x95/0x190 [ 58.566327][ T7208] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 58.572019][ T7208] ? aa_sk_perm+0x167/0x690 [ 58.576585][ T7208] ? kasan_check_read+0x11/0x20 [ 58.581414][ T7208] inet_sendmsg+0x10d/0x460 [ 58.586076][ T7208] ? inet_sendmsg+0x10d/0x460 [ 58.590729][ T7208] ? security_socket_sendmsg+0x50/0x90 [ 58.596163][ T7208] ? ipip_gro_receive+0xf0/0xf0 [ 58.601084][ T7208] sock_sendmsg+0xb7/0xf0 [ 58.605395][ T7208] kernel_sendmsg+0x26/0x30 [ 58.609899][ T7208] sock_no_sendpage+0xfd/0x140 [ 58.614639][ T7208] ? sock_kfree_s+0x40/0x40 [ 58.619132][ T7208] inet_sendpage+0x367/0x620 [ 58.623719][ T7208] ? kernel_sendpage+0xd0/0xd0 [ 58.628478][ T7208] kernel_sendpage+0x63/0xd0 [ 58.633042][ T7208] ? pipe_lock+0x4f/0x60 [ 58.637281][ T7208] sock_sendpage+0x6d/0xd0 [ 58.641673][ T7208] pipe_to_sendpage+0x214/0x430 [ 58.646613][ T7208] ? generic_pipe_buf_nosteal+0x10/0x10 [ 58.652283][ T7208] ? kasan_check_read+0x11/0x20 [ 58.657109][ T7208] ? anon_pipe_buf_release+0x71/0x1f0 [ 58.665061][ T7208] __splice_from_pipe+0x2cf/0x730 [ 58.670098][ T7208] ? generic_pipe_buf_nosteal+0x10/0x10 [ 58.675704][ T7208] ? generic_pipe_buf_nosteal+0x10/0x10 [ 58.681222][ T7208] splice_from_pipe+0xbb/0x120 [ 58.686050][ T7208] ? splice_shrink_spd+0xa0/0xa0 [ 58.690963][ T7208] ? apparmor_file_permission+0x15/0x20 [ 58.696489][ T7208] ? rw_verify_area+0xb8/0x2b0 [ 58.701253][ T7208] generic_splice_sendpage+0x10/0x20 [ 58.706529][ T7208] do_splice+0x5a5/0x1300 [ 58.710849][ T7208] ? nsecs_to_jiffies+0x20/0x20 [ 58.715673][ T7208] ? opipe_prep.part.14+0x320/0x320 [ 58.720872][ T7208] ? __fget_light+0x179/0x1f0 [ 58.725546][ T7208] __x64_sys_splice+0x248/0x300 [ 58.730401][ T7208] do_syscall_64+0xd6/0x4e0 [ 58.734882][ T7208] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 58.740754][ T7208] RIP: 0033:0x4582b9 [ 58.744629][ T7208] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 58.764283][ T7208] RSP: 002b:00007fae38c94c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 58.772762][ T7208] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 58.780724][ T7208] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 58.788671][ T7208] RBP: 000000000073bfa0 R08: 0000000000010005 R09: 0000000000000000 [ 58.796707][ T7208] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae38c956d4 [ 58.804657][ T7208] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 58.812806][ T7207] CPU: 1 PID: 7207 Comm: syz-executor.5 Not tainted 5.1.0-rc2+ #1 [ 58.816250][ T7209] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/7209 [ 58.820607][ T7207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 58.820610][ T7207] Call Trace: [ 58.820621][ T7207] dump_stack+0x113/0x167 [ 58.820631][ T7207] __this_cpu_preempt_check+0x1d2/0x200 [ 58.820641][ T7207] sk_mc_loop+0x16/0x180 [ 58.820648][ T7207] ip_mc_output+0x25b/0xca0 [ 58.820655][ T7207] ? __ip_local_out+0x37e/0x6f0 [ 58.830121][ T7209] caller is sk_mc_loop+0x16/0x180 [ 58.840082][ T7207] ? __ip_queue_xmit+0x1d20/0x1d20 [ 58.840089][ T7207] ? ip_append_data.part.52+0x150/0x150 [ 58.840094][ T7207] ? __ip_make_skb+0xe6b/0x1c20 [ 58.840101][ T7207] ip_local_out+0x7e/0x130 [ 58.840108][ T7207] ip_send_skb+0x36/0xa0 [ 58.840113][ T7207] ip_push_pending_frames+0x4d/0x70 [ 58.840119][ T7207] ? raw_sendmsg+0x93b/0x2b20 [ 58.840124][ T7207] raw_sendmsg+0xeac/0x2b20 [ 58.840132][ T7207] ? __lock_acquire+0x5ea/0x4390 [ 58.915304][ T7207] ? compat_raw_getsockopt+0x90/0x90 [ 58.920572][ T7207] ? finish_task_switch+0x14a/0x6e0 [ 58.925751][ T7207] ? _raw_spin_unlock_irq+0x27/0x80 [ 58.930923][ T7207] ? finish_task_switch+0x14a/0x6e0 [ 58.936191][ T7207] ? lockdep_hardirqs_on+0x424/0x5c0 [ 58.941449][ T7207] ? _raw_spin_unlock_irq+0x27/0x80 [ 58.947136][ T7207] ? aa_profile_af_perm+0x320/0x320 [ 58.952417][ T7207] ? _raw_spin_unlock_irq+0x60/0x80 [ 58.957590][ T7207] ? finish_task_switch+0x14a/0x6e0 [ 58.962763][ T7207] ? finish_task_switch+0x11c/0x6e0 [ 58.968027][ T7207] ? __switch_to_asm+0x34/0x70 [ 58.972774][ T7207] ? __switch_to_asm+0x40/0x70 [ 58.977523][ T7207] ? ___might_sleep+0x16b/0x270 [ 58.982351][ T7207] ? __might_sleep+0x95/0x190 [ 58.987005][ T7207] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 58.992613][ T7207] ? aa_sk_perm+0x167/0x690 [ 58.997098][ T7207] inet_sendmsg+0x10d/0x460 [ 59.001681][ T7207] ? inet_sendmsg+0x10d/0x460 [ 59.006333][ T7207] ? security_socket_sendmsg+0x50/0x90 [ 59.011942][ T7207] ? ipip_gro_receive+0xf0/0xf0 [ 59.016879][ T7207] sock_sendmsg+0xb7/0xf0 [ 59.021185][ T7207] kernel_sendmsg+0x26/0x30 [ 59.025665][ T7207] sock_no_sendpage+0xfd/0x140 [ 59.030488][ T7207] ? sock_kfree_s+0x40/0x40 [ 59.034976][ T7207] ? find_held_lock+0x36/0x1d0 [ 59.039983][ T7207] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 59.045768][ T7207] inet_sendpage+0x367/0x620 [ 59.050796][ T7207] ? kasan_check_read+0x11/0x20 [ 59.055719][ T7207] ? kernel_sendpage+0xd0/0xd0 [ 59.060460][ T7207] kernel_sendpage+0x63/0xd0 [ 59.065025][ T7207] ? free_unref_page+0x478/0x5d0 [ 59.069937][ T7207] sock_sendpage+0x6d/0xd0 [ 59.074325][ T7207] ? free_unref_page+0x478/0x5d0 [ 59.079296][ T7207] pipe_to_sendpage+0x214/0x430 [ 59.084122][ T7207] ? generic_pipe_buf_nosteal+0x10/0x10 [ 59.089641][ T7207] ? __put_page+0x5c/0x80 [ 59.093951][ T7207] ? anon_pipe_buf_release+0x167/0x1f0 [ 59.099518][ T7207] __splice_from_pipe+0x2cf/0x730 [ 59.104517][ T7207] ? generic_pipe_buf_nosteal+0x10/0x10 [ 59.110060][ T7207] ? generic_pipe_buf_nosteal+0x10/0x10 [ 59.115586][ T7207] splice_from_pipe+0xbb/0x120 [ 59.120324][ T7207] ? splice_shrink_spd+0xa0/0xa0 [ 59.125278][ T7207] ? apparmor_file_permission+0x15/0x20 [ 59.130903][ T7207] ? rw_verify_area+0xb8/0x2b0 [ 59.135677][ T7207] generic_splice_sendpage+0x10/0x20 [ 59.140937][ T7207] do_splice+0x5a5/0x1300 [ 59.145266][ T7207] ? nsecs_to_jiffies+0x20/0x20 [ 59.150095][ T7207] ? opipe_prep.part.14+0x320/0x320 [ 59.155275][ T7207] ? __fget_light+0x179/0x1f0 [ 59.159928][ T7207] __x64_sys_splice+0x248/0x300 [ 59.164776][ T7207] do_syscall_64+0xd6/0x4e0 [ 59.169259][ T7207] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 59.175124][ T7207] RIP: 0033:0x4582b9 [ 59.178998][ T7207] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 59.198593][ T7207] RSP: 002b:00007fa8abd53c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 59.206981][ T7207] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 59.214929][ T7207] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 59.222923][ T7207] RBP: 000000000073bfa0 R08: 0000000000010005 R09: 0000000000000000 [ 59.230874][ T7207] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa8abd546d4 [ 59.238827][ T7207] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 59.246791][ T7209] CPU: 0 PID: 7209 Comm: syz-executor.0 Not tainted 5.1.0-rc2+ #1 [ 59.247826][ T7213] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/7213 [ 59.254595][ T7209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.254598][ T7209] Call Trace: [ 59.254608][ T7209] dump_stack+0x113/0x167 [ 59.254619][ T7209] __this_cpu_preempt_check+0x1d2/0x200 [ 59.254628][ T7209] sk_mc_loop+0x16/0x180 [ 59.254635][ T7209] ip_mc_output+0x25b/0xca0 [ 59.254640][ T7209] ? __ip_local_out+0x37e/0x6f0 [ 59.254647][ T7209] ? __ip_queue_xmit+0x1d20/0x1d20 [ 59.254654][ T7209] ? ip_append_data.part.52+0x150/0x150 [ 59.254660][ T7209] ? __ip_make_skb+0xe6b/0x1c20 [ 59.254667][ T7209] ip_local_out+0x7e/0x130 [ 59.254675][ T7209] ip_send_skb+0x36/0xa0 [ 59.254680][ T7209] ip_push_pending_frames+0x4d/0x70 [ 59.254685][ T7209] ? raw_sendmsg+0x93b/0x2b20 [ 59.254690][ T7209] raw_sendmsg+0xeac/0x2b20 [ 59.254697][ T7209] ? __lock_acquire+0x5ea/0x4390 [ 59.254705][ T7209] ? compat_raw_getsockopt+0x90/0x90 [ 59.254716][ T7209] ? finish_task_switch+0x14a/0x6e0 [ 59.254722][ T7209] ? _raw_spin_unlock_irq+0x27/0x80 [ 59.254727][ T7209] ? finish_task_switch+0x14a/0x6e0 [ 59.264007][ T7213] caller is sk_mc_loop+0x16/0x180 [ 59.274013][ T7209] ? lockdep_hardirqs_on+0x424/0x5c0 [ 59.274017][ T7209] ? _raw_spin_unlock_irq+0x27/0x80 [ 59.274028][ T7209] ? aa_profile_af_perm+0x320/0x320 [ 59.274032][ T7209] ? _raw_spin_unlock_irq+0x60/0x80 [ 59.274038][ T7209] ? finish_task_switch+0x14a/0x6e0 [ 59.395846][ T7209] ? finish_task_switch+0x11c/0x6e0 [ 59.401019][ T7209] ? __switch_to_asm+0x34/0x70 [ 59.405756][ T7209] ? __switch_to_asm+0x40/0x70 [ 59.410500][ T7209] ? ___might_sleep+0x16b/0x270 [ 59.415329][ T7209] ? __might_sleep+0x95/0x190 [ 59.419984][ T7209] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 59.425592][ T7209] ? aa_sk_perm+0x167/0x690 [ 59.430077][ T7209] ? kasan_check_read+0x11/0x20 [ 59.434912][ T7209] inet_sendmsg+0x10d/0x460 [ 59.439419][ T7209] ? inet_sendmsg+0x10d/0x460 [ 59.444079][ T7209] ? security_socket_sendmsg+0x50/0x90 [ 59.449537][ T7209] ? ipip_gro_receive+0xf0/0xf0 [ 59.454361][ T7209] sock_sendmsg+0xb7/0xf0 [ 59.458669][ T7209] kernel_sendmsg+0x26/0x30 [ 59.463146][ T7209] sock_no_sendpage+0xfd/0x140 [ 59.467885][ T7209] ? sock_kfree_s+0x40/0x40 [ 59.472373][ T7209] inet_sendpage+0x367/0x620 [ 59.476938][ T7209] ? kernel_sendpage+0xd0/0xd0 [ 59.481678][ T7209] kernel_sendpage+0x63/0xd0 [ 59.486246][ T7209] ? pipe_lock+0x4f/0x60 [ 59.490548][ T7209] sock_sendpage+0x6d/0xd0 [ 59.494939][ T7209] pipe_to_sendpage+0x214/0x430 [ 59.499770][ T7209] ? generic_pipe_buf_nosteal+0x10/0x10 [ 59.505308][ T7209] ? kasan_check_read+0x11/0x20 [ 59.510134][ T7209] ? anon_pipe_buf_release+0x71/0x1f0 [ 59.515482][ T7209] __splice_from_pipe+0x2cf/0x730 [ 59.520484][ T7209] ? generic_pipe_buf_nosteal+0x10/0x10 [ 59.526006][ T7209] ? generic_pipe_buf_nosteal+0x10/0x10 [ 59.531565][ T7209] splice_from_pipe+0xbb/0x120 [ 59.536307][ T7209] ? splice_shrink_spd+0xa0/0xa0 [ 59.541219][ T7209] ? apparmor_file_permission+0x15/0x20 [ 59.546837][ T7209] ? rw_verify_area+0xb8/0x2b0 [ 59.551841][ T7209] generic_splice_sendpage+0x10/0x20 [ 59.557201][ T7209] do_splice+0x5a5/0x1300 [ 59.561512][ T7209] ? nsecs_to_jiffies+0x20/0x20 [ 59.566341][ T7209] ? opipe_prep.part.14+0x320/0x320 [ 59.571519][ T7209] ? __fget_light+0x179/0x1f0 [ 59.576174][ T7209] __x64_sys_splice+0x248/0x300 [ 59.581010][ T7209] do_syscall_64+0xd6/0x4e0 [ 59.585579][ T7209] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 59.591475][ T7209] RIP: 0033:0x4582b9 [ 59.595351][ T7209] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 59.614943][ T7209] RSP: 002b:00007f3f3da42c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 59.623331][ T7209] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 59.631308][ T7209] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 59.639260][ T7209] RBP: 000000000073bfa0 R08: 0000000000010005 R09: 0000000000000000 [ 59.647213][ T7209] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3f3da436d4 [ 59.655340][ T7209] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 59.663311][ T7213] CPU: 1 PID: 7213 Comm: syz-executor.1 Not tainted 5.1.0-rc2+ #1 [ 59.663842][ T7214] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/7214 [ 59.671187][ T7213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.671190][ T7213] Call Trace: [ 59.671202][ T7213] dump_stack+0x113/0x167 [ 59.671212][ T7213] __this_cpu_preempt_check+0x1d2/0x200 [ 59.671221][ T7213] sk_mc_loop+0x16/0x180 [ 59.680510][ T7214] caller is sk_mc_loop+0x16/0x180 [ 59.690500][ T7213] ip_mc_output+0x25b/0xca0 [ 59.690506][ T7213] ? __ip_local_out+0x37e/0x6f0 [ 59.690512][ T7213] ? __ip_queue_xmit+0x1d20/0x1d20 [ 59.690519][ T7213] ? ip_append_data.part.52+0x150/0x150 [ 59.690525][ T7213] ? __ip_make_skb+0xe6b/0x1c20 [ 59.737710][ T7213] ip_local_out+0x7e/0x130 [ 59.742104][ T7213] ip_send_skb+0x36/0xa0 [ 59.746424][ T7213] ip_push_pending_frames+0x4d/0x70 [ 59.751598][ T7213] ? raw_sendmsg+0x93b/0x2b20 [ 59.756356][ T7213] raw_sendmsg+0xeac/0x2b20 [ 59.760838][ T7213] ? __lock_acquire+0x5ea/0x4390 [ 59.765762][ T7213] ? compat_raw_getsockopt+0x90/0x90 [ 59.771036][ T7213] ? finish_task_switch+0x14a/0x6e0 [ 59.776381][ T7213] ? _raw_spin_unlock_irq+0x27/0x80 [ 59.781612][ T7213] ? finish_task_switch+0x14a/0x6e0 [ 59.786871][ T7213] ? lockdep_hardirqs_on+0x424/0x5c0 [ 59.792130][ T7213] ? _raw_spin_unlock_irq+0x27/0x80 [ 59.797306][ T7213] ? aa_profile_af_perm+0x320/0x320 [ 59.802483][ T7213] ? _raw_spin_unlock_irq+0x60/0x80 [ 59.807835][ T7213] ? finish_task_switch+0x14a/0x6e0 [ 59.813006][ T7213] ? finish_task_switch+0x11c/0x6e0 [ 59.818178][ T7213] ? __switch_to_asm+0x34/0x70 [ 59.822918][ T7213] ? __switch_to_asm+0x40/0x70 [ 59.827672][ T7213] ? ___might_sleep+0x16b/0x270 [ 59.832521][ T7213] ? __might_sleep+0x95/0x190 [ 59.837175][ T7213] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 59.842782][ T7213] ? aa_sk_perm+0x167/0x690 [ 59.847283][ T7213] ? kasan_check_read+0x11/0x20 [ 59.852114][ T7213] inet_sendmsg+0x10d/0x460 [ 59.856770][ T7213] ? inet_sendmsg+0x10d/0x460 [ 59.861427][ T7213] ? security_socket_sendmsg+0x50/0x90 [ 59.866951][ T7213] ? ipip_gro_receive+0xf0/0xf0 [ 59.871864][ T7213] sock_sendmsg+0xb7/0xf0 [ 59.876168][ T7213] kernel_sendmsg+0x26/0x30 [ 59.880646][ T7213] sock_no_sendpage+0xfd/0x140 [ 59.890077][ T7213] ? sock_kfree_s+0x40/0x40 [ 59.894878][ T7213] inet_sendpage+0x367/0x620 [ 59.899455][ T7213] ? kernel_sendpage+0xd0/0xd0 [ 59.904220][ T7213] kernel_sendpage+0x63/0xd0 [ 59.908791][ T7213] ? pipe_lock+0x4f/0x60 [ 59.913008][ T7213] sock_sendpage+0x6d/0xd0 [ 59.917400][ T7213] pipe_to_sendpage+0x214/0x430 [ 59.922225][ T7213] ? generic_pipe_buf_nosteal+0x10/0x10 [ 59.927760][ T7213] __splice_from_pipe+0x2cf/0x730 [ 59.932765][ T7213] ? generic_pipe_buf_nosteal+0x10/0x10 [ 59.938385][ T7213] ? generic_pipe_buf_nosteal+0x10/0x10 [ 59.943999][ T7213] splice_from_pipe+0xbb/0x120 [ 59.948835][ T7213] ? splice_shrink_spd+0xa0/0xa0 [ 59.953838][ T7213] ? apparmor_file_permission+0x15/0x20 [ 59.959543][ T7213] ? rw_verify_area+0xb8/0x2b0 [ 59.964282][ T7213] generic_splice_sendpage+0x10/0x20 [ 59.969555][ T7213] do_splice+0x5a5/0x1300 [ 59.973873][ T7213] ? nsecs_to_jiffies+0x20/0x20 [ 59.978697][ T7213] ? opipe_prep.part.14+0x320/0x320 [ 59.983872][ T7213] ? __fget_light+0x179/0x1f0 [ 59.988535][ T7213] __x64_sys_splice+0x248/0x300 [ 59.993481][ T7213] do_syscall_64+0xd6/0x4e0 [ 59.997964][ T7213] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 60.003838][ T7213] RIP: 0033:0x4582b9 [ 60.007711][ T7213] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 60.027302][ T7213] RSP: 002b:00007fb8740e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 60.035773][ T7213] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 60.043730][ T7213] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 60.056526][ T7213] RBP: 000000000073bfa0 R08: 0000000000010005 R09: 0000000000000000 [ 60.064570][ T7213] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb8740e36d4 [ 60.072705][ T7213] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff [ 60.080761][ T7214] CPU: 0 PID: 7214 Comm: syz-executor.2 Not tainted 5.1.0-rc2+ #1 [ 60.088572][ T7214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 60.098708][ T7214] Call Trace: [ 60.102013][ T7214] dump_stack+0x113/0x167 [ 60.106868][ T7214] __this_cpu_preempt_check+0x1d2/0x200 [ 60.112767][ T7214] sk_mc_loop+0x16/0x180 [ 60.117124][ T7214] ip_mc_output+0x25b/0xca0 [ 60.121815][ T7214] ? __ip_local_out+0x37e/0x6f0 2019/04/03 06:01:33 executed programs: 18 [ 60.126664][ T7214] ? __ip_queue_xmit+0x1d20/0x1d20 [ 60.131763][ T7214] ? ip_append_data.part.52+0x150/0x150 [ 60.131770][ T7214] ? __ip_make_skb+0xe6b/0x1c20 [ 60.131788][ T7214] ip_local_out+0x7e/0x130 [ 60.131796][ T7214] ip_send_skb+0x36/0xa0 [ 60.131802][ T7214] ip_push_pending_frames+0x4d/0x70 [ 60.131807][ T7214] ? raw_sendmsg+0x93b/0x2b20 [ 60.131813][ T7214] raw_sendmsg+0xeac/0x2b20 [ 60.146585][ T7214] ? __lock_acquire+0x5ea/0x4390 [ 60.146600][ T7214] ? compat_raw_getsockopt+0x90/0x90 [ 60.146612][ T7214] ? finish_task_switch+0x14a/0x6e0 [ 60.146619][ T7214] ? _raw_spin_unlock_irq+0x27/0x80 [ 60.146623][ T7214] ? finish_task_switch+0x14a/0x6e0 [ 60.146627][ T7214] ? lockdep_hardirqs_on+0x424/0x5c0 [ 60.146630][ T7214] ? _raw_spin_unlock_irq+0x27/0x80 [ 60.146637][ T7214] ? trace_hardirqs_on+0x28/0x190 [ 60.146648][ T7214] ? aa_profile_af_perm+0x320/0x320 [ 60.146653][ T7214] ? _raw_spin_unlock_irq+0x60/0x80 [ 60.217432][ T7214] ? finish_task_switch+0x14a/0x6e0 [ 60.222700][ T7214] ? finish_task_switch+0x11c/0x6e0 [ 60.227896][ T7214] ? __switch_to_asm+0x34/0x70 [ 60.232644][ T7214] ? __switch_to_asm+0x40/0x70 [ 60.237389][ T7214] ? ___might_sleep+0x16b/0x270 [ 60.242343][ T7214] ? __might_sleep+0x95/0x190 [ 60.247007][ T7214] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 60.252671][ T7214] ? aa_sk_perm+0x167/0x690 [ 60.257339][ T7214] inet_sendmsg+0x10d/0x460 [ 60.261837][ T7214] ? inet_sendmsg+0x10d/0x460 [ 60.266499][ T7214] ? security_socket_sendmsg+0x50/0x90 [ 60.271941][ T7214] ? ipip_gro_receive+0xf0/0xf0 [ 60.276786][ T7214] sock_sendmsg+0xb7/0xf0 [ 60.281106][ T7214] kernel_sendmsg+0x26/0x30 [ 60.285604][ T7214] sock_no_sendpage+0xfd/0x140 [ 60.290361][ T7214] ? sock_kfree_s+0x40/0x40 [ 60.294957][ T7214] inet_sendpage+0x367/0x620 [ 60.299541][ T7214] ? kernel_sendpage+0xd0/0xd0 [ 60.304300][ T7214] kernel_sendpage+0x63/0xd0 [ 60.304308][ T7214] ? pipe_lock+0x4f/0x60 [ 60.304314][ T7214] sock_sendpage+0x6d/0xd0 [ 60.304324][ T7214] pipe_to_sendpage+0x214/0x430 [ 60.304332][ T7214] ? generic_pipe_buf_nosteal+0x10/0x10 [ 60.304341][ T7214] __splice_from_pipe+0x2cf/0x730 [ 60.304346][ T7214] ? generic_pipe_buf_nosteal+0x10/0x10 [ 60.304353][ T7214] ? generic_pipe_buf_nosteal+0x10/0x10 [ 60.304357][ T7214] splice_from_pipe+0xbb/0x120 [ 60.304364][ T7214] ? splice_shrink_spd+0xa0/0xa0 [ 60.313251][ T7214] ? apparmor_file_permission+0x15/0x20 [ 60.313261][ T7214] ? rw_verify_area+0xb8/0x2b0 [ 60.313270][ T7214] generic_splice_sendpage+0x10/0x20 [ 60.313275][ T7214] do_splice+0x5a5/0x1300 [ 60.313285][ T7214] ? nsecs_to_jiffies+0x20/0x20 [ 60.313295][ T7214] ? opipe_prep.part.14+0x320/0x320 [ 60.354020][ T7214] ? __fget_light+0x179/0x1f0 [ 60.354036][ T7214] __x64_sys_splice+0x248/0x300 [ 60.354049][ T7214] do_syscall_64+0xd6/0x4e0 [ 60.354061][ T7214] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 60.354066][ T7214] RIP: 0033:0x4582b9 [ 60.354072][ T7214] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 60.354075][ T7214] RSP: 002b:00007fa5989cfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 60.354080][ T7214] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000004582b9 [ 60.354083][ T7214] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 60.354086][ T7214] RBP: 000000000073bfa0 R08: 0000000000010005 R09: 0000000000000000 [ 60.354088][ T7214] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5989d06d4 [ 60.354091][ T7214] R13: 00000000004c70e6 R14: 00000000004dc0e0 R15: 00000000ffffffff