[ 31.633603][ T26] audit: type=1800 audit(1550849308.466:27): pid=7247 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[ 31.656319][ T26] audit: type=1800 audit(1550849308.476:28): pid=7247 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[ 32.442361][ T26] audit: type=1800 audit(1550849309.366:29): pid=7247 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[ 32.462747][ T26] audit: type=1800 audit(1550849309.366:30): pid=7247 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.0.252' (ECDSA) to the list of known hosts.
2019/02/22 15:28:38 fuzzer started
2019/02/22 15:28:40 dialing manager at 10.128.0.26:34601
2019/02/22 15:28:41 syscalls: 1
2019/02/22 15:28:41 code coverage: enabled
2019/02/22 15:28:41 comparison tracing: enabled
2019/02/22 15:28:41 extra coverage: extra coverage is not supported by the kernel
2019/02/22 15:28:41 setuid sandbox: enabled
2019/02/22 15:28:41 namespace sandbox: enabled
2019/02/22 15:28:41 Android sandbox: /sys/fs/selinux/policy does not exist
2019/02/22 15:28:41 fault injection: enabled
2019/02/22 15:28:41 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/02/22 15:28:41 net packet injection: enabled
2019/02/22 15:28:41 net device setup: enabled
15:30:46 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes)\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
accept$packet(r1, 0x0, 0x0)
syzkaller login: [ 170.161488][ T7413] IPVS: ftp: loaded support on port[0] = 21
15:30:47 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu\x00', 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000080)='tasks\x00', 0x2, 0x0)
r3 = socket$kcm(0x29, 0x805, 0x0)
sendfile(r3, r2, 0x0, 0x800000000ffff)
[ 170.319565][ T7413] chnl_net:caif_netlink_parms(): no params data found
[ 170.360744][ T7413] bridge0: port 1(bridge_slave_0) entered blocking state
[ 170.368853][ T7413] bridge0: port 1(bridge_slave_0) entered disabled state
[ 170.377029][ T7413] device bridge_slave_0 entered promiscuous mode
[ 170.385120][ T7413] bridge0: port 2(bridge_slave_1) entered blocking state
[ 170.392611][ T7413] bridge0: port 2(bridge_slave_1) entered disabled state
[ 170.400624][ T7413] device bridge_slave_1 entered promiscuous mode
[ 170.420927][ T7413] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 170.436944][ T7413] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 170.452222][ T7416] IPVS: ftp: loaded support on port[0] = 21
[ 170.491447][ T7413] team0: Port device team_slave_0 added
[ 170.498965][ T7413] team0: Port device team_slave_1 added
15:30:47 executing program 2:
clone(0x0, 0x0, 0x0, 0x0, 0x0)
set_robust_list(0x0, 0x0)
[ 170.578396][ T7413] device hsr_slave_0 entered promiscuous mode
[ 170.616319][ T7413] device hsr_slave_1 entered promiscuous mode
15:30:47 executing program 3:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-ssse3\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000007f00)=[{{&(0x7f00000056c0)=@can, 0x7ffff000, &(0x7f00000000c0)}}, {{&(0x7f0000005900)=@pppoe={0x18, 0x0, {0x0, @link_local, 'syzkaller0\x00'}}, 0x80, &(0x7f0000007ac0), 0x1a9, &(0x7f0000007b00)}}], 0x3fffffffffffe0d, 0x0)
[ 170.752510][ T7418] IPVS: ftp: loaded support on port[0] = 21
[ 170.763759][ T7413] bridge0: port 2(bridge_slave_1) entered blocking state
[ 170.770939][ T7413] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 170.778606][ T7413] bridge0: port 1(bridge_slave_0) entered blocking state
[ 170.785651][ T7413] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 170.887077][ T7416] chnl_net:caif_netlink_parms(): no params data found
[ 170.890743][ T7421] IPVS: ftp: loaded support on port[0] = 21
[ 170.955616][ T7416] bridge0: port 1(bridge_slave_0) entered blocking state
[ 170.965033][ T7416] bridge0: port 1(bridge_slave_0) entered disabled state
[ 170.972836][ T7416] device bridge_slave_0 entered promiscuous mode
[ 170.995346][ T7416] bridge0: port 2(bridge_slave_1) entered blocking state
[ 171.004623][ T7416] bridge0: port 2(bridge_slave_1) entered disabled state
[ 171.012544][ T7416] device bridge_slave_1 entered promiscuous mode
[ 171.067799][ T7413] 8021q: adding VLAN 0 to HW filter on device bond0
[ 171.075612][ T7416] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 171.085940][ T7418] chnl_net:caif_netlink_parms(): no params data found
[ 171.099494][ T7416] bond0: Enslaving bond_slave_1 as an active interface with an up link
15:30:48 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070")
pipe(&(0x7f0000000000))
pipe(&(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x2dce334)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000100))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b9}, 0x0, 0x0)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
[ 171.130730][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 171.140789][ T3482] bridge0: port 1(bridge_slave_0) entered disabled state
[ 171.161963][ T3482] bridge0: port 2(bridge_slave_1) entered disabled state
[ 171.174146][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 171.200295][ T7413] 8021q: adding VLAN 0 to HW filter on device team0
[ 171.217027][ T7416] team0: Port device team_slave_0 added
[ 171.234449][ T7416] team0: Port device team_slave_1 added
[ 171.303923][ T7424] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 171.315200][ T7424] bridge0: port 1(bridge_slave_0) entered blocking state
[ 171.322311][ T7424] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 171.356367][ T7418] bridge0: port 1(bridge_slave_0) entered blocking state
[ 171.363412][ T7418] bridge0: port 1(bridge_slave_0) entered disabled state
[ 171.371770][ T7418] device bridge_slave_0 entered promiscuous mode
[ 171.383871][ T7421] chnl_net:caif_netlink_parms(): no params data found
15:30:48 executing program 5:
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write(r0, &(0x7f00000001c0), 0xfffffef3)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0)
truncate(&(0x7f0000000240)='./bus\x00', 0x800)
open(&(0x7f0000000140)='./bus\x00', 0x8, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_open_procfs(0x0, &(0x7f0000000940)='mounts\x00\xbau\xb6\t\x1el\xe4YD\x7f}\xae\xbc\xf7`\xa6\"\r\r\\*\xe0(\xe3,\x17|\xe9\x91\xb9\x80\xbf\"D\x05\xfc$\xa3\x1dl\x127\xc1\xcb\xa1\x8b\xff\x9b\xf6\x11\x1aJ\x9fn\x82\x02%\xdc\x02\xf4\x85k\x8a\x11\x03B\x96\x1c\x11p\x7f\x9bqd\xd9\t\xd6\xd4v\x90sPo\x8cn\xbb\x04Jz\x8e<\x03\xa3,\xa1pi\xf3\xc2\x81\xd4(\xce{\x1f/?C\xc4\xf6}\x98\xc0\xf4n5u\xd3\x1d\xb1Y*\xc7\x10\x87\xba\x12Lr\x1fl\x03j\xb9L\x95H@>g~\xed\xb1u\xc4\xdal\xce\xe8\xb4\x16\xa4-\x88\x05\xddR\xc9\x1e\xb9\x85\xbf\x19\xee\xb4\x8c\xbf\x01~i\x8a\xb0f\xa6\xc4\x9eAf\x06\xd8\xd0Fy\x066\xad\\\xeeD\x84\al\xd8\x92\xe8~\x9c\xd0\xf7L\xd27\xb1\xf2\xb7\x8df\x87\xd6C\f\xe6\xbbH\x93\xad\b\xa9et\x8b\xca#\aU\xd0\x16\x1afI\x81\x842[v\xbd\xd3\xd1\x13\xd1\x97m\xbd\xdd\x9d_\xc0\xb1I\xf9_\xd1\xff\xfc\xd4{\x86\x96\xa1\xe3\xdb\xbb0\x16s\xc4\xdb\\fe:s\xcc\xd3\xab\xafc\x8a\x9b\x92\x17\x03E/\xb1T\xeb\xac\x1aiF\xfe\xcb\xff\x94C\xcd\x1e\xc3\'g\nu#0\x13\x8a<\xe0\xd3\xb7\xf6\x96\x12\x00\xbaLA\x8d\xef\x1b\xd6\xd0a\x94\x00<\xcc@\xd15(\x91\x83(\xe0\xe3\xbfm\tc\x1bJj\xa6\n5\xdb\xe3\x8eo\xef_\xe7@!r\x1b\x8a \x97>\\S\xef\xd6lz!\xb8\x9f\a\xd9\x88,k\xb9;@\x0e\x1e\x91\x8a,\xe7co4\xfc\xb4\xa6\xcdkK\xfe:1\xec5\xd4l+\xba\x95\xfd\x05\xed\x9d')
sendfile(r1, r2, 0x0, 0x800000080008002)
[ 171.400472][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 171.413299][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 171.421948][ T3482] bridge0: port 2(bridge_slave_1) entered blocking state
[ 171.429032][ T3482] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 171.508761][ T7416] device hsr_slave_0 entered promiscuous mode
[ 171.566267][ T7416] device hsr_slave_1 entered promiscuous mode
[ 171.626905][ T7418] bridge0: port 2(bridge_slave_1) entered blocking state
[ 171.630238][ T7428] IPVS: ftp: loaded support on port[0] = 21
[ 171.633957][ T7418] bridge0: port 2(bridge_slave_1) entered disabled state
[ 171.651036][ T7418] device bridge_slave_1 entered promiscuous mode
[ 171.691074][ T7421] bridge0: port 1(bridge_slave_0) entered blocking state
[ 171.698235][ T7421] bridge0: port 1(bridge_slave_0) entered disabled state
[ 171.705787][ T7421] device bridge_slave_0 entered promiscuous mode
[ 171.713883][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 171.722643][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 171.754109][ T7421] bridge0: port 2(bridge_slave_1) entered blocking state
[ 171.761574][ T7421] bridge0: port 2(bridge_slave_1) entered disabled state
[ 171.770949][ T7421] device bridge_slave_1 entered promiscuous mode
[ 171.785927][ T7421] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 171.788671][ T7430] IPVS: ftp: loaded support on port[0] = 21
[ 171.794441][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 171.809232][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 171.817894][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 171.826354][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 171.834792][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 171.845511][ T7418] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 171.855638][ T7418] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 171.866740][ T7420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 171.874842][ T7420] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 171.884343][ T7421] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 171.922800][ T7421] team0: Port device team_slave_0 added
[ 171.931637][ T7418] team0: Port device team_slave_0 added
[ 171.959753][ T7421] team0: Port device team_slave_1 added
[ 171.971521][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 171.980138][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 171.989886][ T7418] team0: Port device team_slave_1 added
[ 172.007679][ T7428] chnl_net:caif_netlink_parms(): no params data found
[ 172.020152][ T7413] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 172.127801][ T7421] device hsr_slave_0 entered promiscuous mode
[ 172.166545][ T7421] device hsr_slave_1 entered promiscuous mode
[ 172.218758][ T7428] bridge0: port 1(bridge_slave_0) entered blocking state
[ 172.225812][ T7428] bridge0: port 1(bridge_slave_0) entered disabled state
[ 172.234803][ T7428] device bridge_slave_0 entered promiscuous mode
[ 172.245867][ T7428] bridge0: port 2(bridge_slave_1) entered blocking state
[ 172.253174][ T7428] bridge0: port 2(bridge_slave_1) entered disabled state
[ 172.260829][ T7428] device bridge_slave_1 entered promiscuous mode
[ 172.328790][ T7418] device hsr_slave_0 entered promiscuous mode
[ 172.366398][ T7418] device hsr_slave_1 entered promiscuous mode
[ 172.447152][ T7430] chnl_net:caif_netlink_parms(): no params data found
[ 172.470818][ T7428] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 172.481558][ T7413] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 172.495512][ T7416] 8021q: adding VLAN 0 to HW filter on device bond0
[ 172.518947][ T7428] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 172.567025][ T7428] team0: Port device team_slave_0 added
[ 172.573699][ T7428] team0: Port device team_slave_1 added
[ 172.610241][ T7416] 8021q: adding VLAN 0 to HW filter on device team0
[ 172.618449][ T7430] bridge0: port 1(bridge_slave_0) entered blocking state
[ 172.632232][ T7430] bridge0: port 1(bridge_slave_0) entered disabled state
[ 172.640786][ T7430] device bridge_slave_0 entered promiscuous mode
[ 172.652863][ T7420] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
15:30:49 executing program 0:
r0 = syz_open_dev$binder(&(0x7f0000000140)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000280)={0x8, 0x0, &(0x7f00000002c0)=[@increfs], 0x0, 0x0, 0x0})
[ 172.660864][ T7420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 172.720990][ T7428] device hsr_slave_0 entered promiscuous mode
[ 172.750144][ T7446] binder: 7444:7446 IncRefs 0 refcount change on invalid ref 0 ret -22
[ 172.776449][ T7428] device hsr_slave_1 entered promiscuous mode
[ 172.821933][ T7430] bridge0: port 2(bridge_slave_1) entered blocking state
[ 172.829237][ T7430] bridge0: port 2(bridge_slave_1) entered disabled state
[ 172.838198][ T7430] device bridge_slave_1 entered promiscuous mode
[ 172.851019][ T7424] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 172.859822][ T7424] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 172.868218][ T7424] bridge0: port 1(bridge_slave_0) entered blocking state
[ 172.875244][ T7424] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 172.882849][ T7424] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 172.908108][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
15:30:49 executing program 0:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
futex(0x0, 0x100000000000087, 0x0, 0x0, 0x0, 0x41000000000000)
[ 172.917630][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 172.929129][ T3482] bridge0: port 2(bridge_slave_1) entered blocking state
[ 172.936234][ T3482] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 172.970563][ T7430] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 172.991622][ T7430] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 173.008979][ T7424] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 173.018573][ T7424] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 173.027216][ T7424] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 173.035508][ T7424] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 173.044726][ T7424] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 173.064416][ T7421] 8021q: adding VLAN 0 to HW filter on device bond0
15:30:50 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000080), 0x1c)
r2 = dup2(r1, r0)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64)
getsockopt$ARPT_SO_GET_INFO(r0, 0x0, 0x60, 0x0, &(0x7f0000000200))
[ 173.073526][ T7418] 8021q: adding VLAN 0 to HW filter on device bond0
[ 173.086853][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 173.095481][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 173.123470][ T7416] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 173.153497][ T7416] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 173.173544][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 173.182298][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 173.196517][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 173.204766][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 173.213699][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 173.233643][ T7430] team0: Port device team_slave_0 added
[ 173.240429][ T7430] team0: Port device team_slave_1 added
[ 173.257590][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 173.265553][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 173.273401][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
15:30:50 executing program 0:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0xffffffffffffffb5, 0x20000802, &(0x7f0000000140)={0x2, 0x10004e23}, 0x68)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6_vti0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000180)="c9", 0x1, 0x0, 0x0, 0x0)
[ 173.281398][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 173.296476][ T7421] 8021q: adding VLAN 0 to HW filter on device team0
[ 173.311067][ T7418] 8021q: adding VLAN 0 to HW filter on device team0
15:30:50 executing program 0:
r0 = syz_open_dev$binder(&(0x7f0000000140)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000280)={0x8, 0x0, &(0x7f00000002c0)=[@increfs], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x5c, 0x0, &(0x7f0000000180)=[@request_death={0x400c630e, 0x0, 0x2}, @transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x9}}], 0x7d, 0x0, &(0x7f0000000200)="07ddd5de3bfb1436a2e73d88ecde6e97bdd269f02fb4cb7a87cca6ebdac152457f5cfc38886e15a8a5490e5b3a4b55c890473084c90ca667f6b06288b2bfea77663187d9b9d4ec1edca1609c62f36d2fcedb61eae9de1de9ef1260a428a50b220239f6881d5b45e76a98af50f247864be98d8a67fc2d91a027adcc72b2"})
[ 173.337953][ T7428] 8021q: adding VLAN 0 to HW filter on device bond0
[ 173.355611][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 173.366656][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 173.375132][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 173.383471][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 173.390541][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 173.399429][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 173.424240][ T7461] binder: 7459:7461 IncRefs 0 refcount change on invalid ref 0 ret -22
15:30:50 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_IRQCHIP(r1, 0xc208ae62, &(0x7f0000000100)={0x1, 0x0, @pic={0x0, 0x0, 0x0, 0x0, 0x80000000}})
[ 173.433407][ T7461] binder: 7459:7461 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0
[ 173.442494][ T7461] binder: 7459:7461 transaction failed 29189/-22, size 0-0 line 2994
[ 173.451468][ T7461] binder: 7459:7461 IncRefs 0 refcount change on invalid ref 0 ret -22
[ 173.460155][ T7462] binder: 7459:7462 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0
[ 173.468321][ T7462] binder: 7459:7462 transaction failed 29189/-22, size 0-0 line 2994
[ 173.478214][ T7430] device hsr_slave_0 entered promiscuous mode
[ 173.512032][ T7465] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.
[ 173.516301][ T7430] device hsr_slave_1 entered promiscuous mode
15:30:50 executing program 0:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='proc\x00', 0x0, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getdents(r0, &(0x7f0000000100)=""/124, 0x1016a)
[ 173.580453][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 173.594508][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 173.616189][ T5] bridge0: port 1(bridge_slave_0) entered blocking state
[ 173.623230][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 173.630840][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 173.639324][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 173.647611][ T5] bridge0: port 2(bridge_slave_1) entered blocking state
[ 173.654628][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 173.662351][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 173.671281][ T7416] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 173.704892][ T7428] 8021q: adding VLAN 0 to HW filter on device team0
[ 173.724249][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 173.736268][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 173.744672][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 173.755228][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 173.763787][ T5] bridge0: port 2(bridge_slave_1) entered blocking state
[ 173.770843][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 173.778547][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 173.787581][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 173.796123][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 173.804363][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 173.812715][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 173.821062][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 173.829222][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 173.836791][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 173.844479][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 173.856591][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 173.864846][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 173.873740][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 173.882328][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 173.890542][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 173.898785][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 173.930408][ T7418] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 173.948920][ T7418] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 173.963991][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 173.975849][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 173.984347][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 173.992955][ T3482] bridge0: port 1(bridge_slave_0) entered blocking state
[ 174.000051][ T3482] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 174.007792][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 174.018359][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 174.026737][ T3482] bridge0: port 2(bridge_slave_1) entered blocking state
[ 174.033759][ T3482] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 174.041650][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 174.050045][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 174.058438][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 174.066950][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 174.075172][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 174.083371][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 174.091433][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 174.100080][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 174.108747][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 174.117015][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 174.125430][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 174.133430][ T3482] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 174.146889][ T7421] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 174.162243][ T7418] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 174.186541][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 174.194811][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 174.203896][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 174.212498][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 174.220767][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 174.228925][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
15:30:51 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu\x00', 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000080)='tasks\x00', 0x2, 0x0)
r3 = socket$kcm(0x29, 0x805, 0x0)
sendfile(r3, r2, 0x0, 0x800000000ffff)
[ 174.248314][ T7430] 8021q: adding VLAN 0 to HW filter on device bond0
[ 174.270075][ T7428] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 174.290831][ T7430] 8021q: adding VLAN 0 to HW filter on device team0
15:30:51 executing program 2:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
clone(0x2102001ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x6, 0x0, 0x0)
close(r1)
[ 174.318816][ T7421] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 174.337451][ T7420] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 174.345063][ T7420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 174.383155][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 174.403035][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 174.429503][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 174.436623][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 174.448280][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 174.457122][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 174.465362][ T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 174.472452][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 174.481769][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 174.491892][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 174.502531][ T7428] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 174.528349][ T7420] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 174.542553][ T7420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 174.552830][ T7420] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 174.566574][ T7420] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 174.575136][ T7420] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 174.593021][ T7420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 174.604302][ T7420] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 174.616787][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 174.629083][ T7430] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 174.663390][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 174.672134][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 174.725899][ T7430] 8021q: adding VLAN 0 to HW filter on device batadv0
15:30:51 executing program 3:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x805, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c)
write$uinput_user_dev(r0, &(0x7f0000000100)={'syz1\x00'}, 0x45c)
15:30:52 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070")
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14)
15:30:52 executing program 0:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x40, 0x0)
15:30:52 executing program 1:
syz_open_dev$amidi(0x0, 0x0, 0x103000)
r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/netstat\x00')
fanotify_mark(0xffffffffffffffff, 0x4, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x74, 0x4)
bind$inet(r1, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x4)
writev(r1, &(0x7f0000000340)=[{&(0x7f0000000a80)="d85e678e676090b1343eb9c52bd02479d0747d8b2ab1410220300dba233c5193d6240d4a4d3d2a693cc7b07ce79ebbae29f214bee98043109616a4205ae885b9fa8c3b79353fa61bf3da3d814e673a4e0524a241d81a07f6dd09e1d0e34871ddf209e2e0ea4539e15d", 0x69}], 0x1)
vmsplice(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_NL_PEER_REMOVE(0xffffffffffffffff, 0x0, 0x40000)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf32(r1, &(0x7f00000008c0)=ANY=[@ANYBLOB="7f454c4600010000000000040000000000003e0000000000000000003800000000000000042233e9c50000000000002000000000000000000000c9484caaef0000000000000000000000000000000000000008000500000000000000000000000000dcd22cd830a0b2dfb284f65df3be04dde0a02b9b0419a613996c39550c551257a02ed03c964962b39865598eb492c34f905034bd7d9f10500ef64d649be114b2288c34fb7ddc637b9d0946f83fec2e839af8f9e12f1ee74fb6162bd4376c76bc5adde08ed5100ccc787198f570d1cf8416e898239ed43d19c4bb3eaa5c94af371c3873f17fd32c7f6dcd68149eaab27808e12a5f8b9eba051e6aa9643ecc28e846a75295aa20a67542b2e0f401cfa52d12d67c3a56d14afd8af1bc576c97aa3fd8157f787bc01ec50235d4478600038529f054d742fc59d22047ac17a240259f075336007911856ceec85fdfa92e4a10870b1dcaafd938a33e8aaef120c74f3535db08184a92fa"], 0x169)
write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a)
15:30:52 executing program 2:
openat$rfkill(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mknod$loop(&(0x7f0000000040)='./file0\x00', 0x6009, 0x1)
clone(0x2100001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount(&(0x7f00000002c0)=@filename='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='udf\x00', 0x0, 0x0)
clone(0x4c000000, 0x0, 0x0, 0x0, 0x0)
15:30:52 executing program 3:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x151)
clone(0x80002102001ffa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
connect$inet6(r0, &(0x7f0000000080), 0x1c)
r1 = dup2(r0, r0)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0xfdf2)
setsockopt$inet6_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f0000000100)={0x8}, 0x4)
write$apparmor_exec(r1, 0x0, 0x0)
15:30:52 executing program 5:
syz_open_dev$usbmon(&(0x7f00000005c0)='/dev/usbmon#\x00', 0xcd, 0x0)
ioctl$PPPIOCSDEBUG(0xffffffffffffffff, 0x40047440, 0x0)
fcntl$dupfd(0xffffffffffffff9c, 0x0, 0xffffffffffffffff)
getsockopt$IP6T_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x29, 0x45, 0x0, 0x0)
creat(0x0, 0x0)
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
r1 = dup(r0)
ioctl$FICLONE(0xffffffffffffffff, 0x40049409, 0xffffffffffffffff)
setsockopt$inet6_tcp_int(r0, 0x6, 0x12, &(0x7f00000003c0)=0x7f, 0x4)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='syz_tun\x00', 0x10)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000440)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x2007fff)
sendfile(r1, r2, 0x0, 0x8000fffffffe)
15:30:52 executing program 0:
r0 = epoll_create1(0x0)
epoll_pwait(r0, &(0x7f0000000000)=[{}], 0x1, 0x7ff, 0x0, 0x0)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uhid\x00', 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0x4011})
write$UHID_CREATE(r1, &(0x7f0000000100)={0x0, 'syz1\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000000)=""/11, 0xb}, 0x11c)
15:30:52 executing program 3:
syz_emit_ethernet(0x1, &(0x7f0000000400)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd601bfc97004d88cb04000000000000000000000000000000ff02000000000000000000000000000100004e20f50b9078e29607149378d33e1db1c73936c77aa3f7fac33b042bd368236862531934eccc7c6fe4e24d1fcafff87429e50b32881721afab69cc3712c37ed00000000000000000000000"], 0x0)
[ 175.684024][ T2488] print_req_error: I/O error, dev loop5, sector 64 flags 0
[ 175.700734][ T7522] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[ 175.713897][ T2487] print_req_error: I/O error, dev loop5, sector 256 flags 0
[ 175.747984][ T7526] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
15:30:52 executing program 4:
r0 = eventfd2(0x0, 0x0)
read(r0, &(0x7f00000000c0)=""/162, 0xa2)
r1 = dup(r0)
write$FUSE_NOTIFY_RETRIEVE(r1, &(0x7f0000000000)={0x30}, 0x30)
[ 175.808474][ C1] hrtimer: interrupt took 59475 ns
[ 175.823463][ T5] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[ 175.834246][ T7531] IPVS: ftp: loaded support on port[0] = 21
[ 175.855158][ T5] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
15:30:52 executing program 3:
r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x105082)
r1 = memfd_create(&(0x7f0000000180)='}#*nodevem2N,\x00', 0x0)
pwritev(r1, &(0x7f00000000c0)=[{&(0x7f0000000480)="a8", 0x1}], 0x1, 0x81000)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x80084503, 0x0)
pipe(&(0x7f00000001c0))
sendfile(r0, r1, 0x0, 0x80005)
[ 175.895489][ T2488] print_req_error: I/O error, dev loop5, sector 512 flags 0
[ 175.903130][ T5] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[ 175.908654][ T7526] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=512, location=512
15:30:52 executing program 4:
r0 = eventfd2(0x0, 0x0)
read(r0, &(0x7f00000000c0)=""/162, 0xa2)
r1 = dup(r0)
write$FUSE_NOTIFY_RETRIEVE(r1, &(0x7f0000000000)={0x30}, 0x30)
[ 175.960906][ T5] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[ 176.011200][ T5] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[ 176.062354][ T5] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[ 176.072696][ T7551] BUG: Bad page state in process syz-executor.3 pfn:7ac52
[ 176.106525][ T7551] page:ffffea0001eb1480 count:0 mapcount:0 mapping:ffff8880911c4820 index:0x0
[ 176.119356][ T7526] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[ 176.221279][ T5] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[ 176.233819][ T7551] shmem_aops
[ 176.233826][ T7551] name:"memfd:}#*nodevem2N,"
[ 176.261325][ T7551] flags: 0x1fffc000008000c(uptodate|dirty|swapbacked)
15:30:53 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000100)={'ne\x80teviim0\x00\x02\x00', 0x1402})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x339)
close(r0)
[ 176.285672][ T5] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[ 176.295921][ T7526] UDF-fs: Scanning with blocksize 512 failed
[ 176.329175][ T7551] raw: 01fffc000008000c dead000000000100 dead000000000200 ffff8880911c4820
[ 176.353796][ T5] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[ 176.362817][ T2488] print_req_error: I/O error, dev loop5, sector 64 flags 0
15:30:53 executing program 5:
unshare(0x6c060000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
semget(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x40, &(0x7f0000000000)={'security\x00'}, &(0x7f0000000140)=0x54)
[ 176.383270][ T7551] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 176.392258][ T2488] print_req_error: I/O error, dev loop5, sector 512 flags 0
[ 176.400910][ T7526] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[ 176.436988][ T7551] page dumped because: non-NULL mapping
[ 176.481851][ T7551] Modules linked in:
[ 176.495702][ T7551] CPU: 1 PID: 7551 Comm: syz-executor.3 Not tainted 5.0.0-rc7-next-20190222 #41
[ 176.504743][ T7551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 176.514802][ T7551] Call Trace:
[ 176.518098][ T7551] dump_stack+0x172/0x1f0
[ 176.522442][ T7551] bad_page.cold+0xda/0xff
[ 176.526867][ T7551] ? si_mem_available+0x320/0x320
[ 176.531900][ T7551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 176.538138][ T7551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 176.544387][ T7551] free_pages_check_bad+0x142/0x1a0
[ 176.549597][ T7551] free_unref_page+0x3c6/0x600
[ 176.554366][ T7551] __put_page+0x8d/0xd0
[ 176.558531][ T7551] page_cache_pipe_buf_release+0x12b/0x180
[ 176.564339][ T7551] iter_file_splice_write+0x7d1/0xbe0
[ 176.569725][ T7551] ? atime_needs_update+0x5f0/0x5f0
[ 176.574940][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 176.580938][ T7551] ? rw_verify_area+0x118/0x360
[ 176.585790][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 176.591775][ T7551] direct_splice_actor+0x126/0x1a0
[ 176.596894][ T7551] splice_direct_to_actor+0x369/0x970
[ 176.602271][ T7551] ? generic_pipe_buf_nosteal+0x10/0x10
[ 176.607823][ T7551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 176.614063][ T7551] ? do_splice_to+0x190/0x190
[ 176.618744][ T7551] ? rw_verify_area+0x118/0x360
[ 176.623596][ T7551] do_splice_direct+0x1da/0x2a0
[ 176.628455][ T7551] ? splice_direct_to_actor+0x970/0x970
[ 176.634017][ T7551] ? rw_verify_area+0x118/0x360
[ 176.638870][ T7551] do_sendfile+0x597/0xd00
[ 176.643297][ T7551] ? do_compat_pwritev64+0x1c0/0x1c0
[ 176.648583][ T7551] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 176.654826][ T7551] ? put_timespec64+0xda/0x140
[ 176.659605][ T7551] __x64_sys_sendfile64+0x1dd/0x220
[ 176.664805][ T7551] ? __ia32_sys_sendfile+0x230/0x230
[ 176.670097][ T7551] ? do_syscall_64+0x26/0x610
[ 176.674781][ T7551] ? lockdep_hardirqs_on+0x418/0x5d0
[ 176.680070][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 176.685098][ T7551] do_syscall_64+0x103/0x610
[ 176.689711][ T7551] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 176.695597][ T7551] RIP: 0033:0x457e29
[ 176.699491][ T7551] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 176.719090][ T7551] RSP: 002b:00007f00d6aa8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 176.727498][ T7551] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457e29
[ 176.735469][ T7551] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 176.743446][ T7551] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 176.751414][ T7551] R10: 0000000000080005 R11: 0000000000000246 R12: 00007f00d6aa96d4
[ 176.759388][ T7551] R13: 00000000004c4dce R14: 00000000004d8af8 R15: 00000000ffffffff
[ 176.841519][ T7564] IPVS: ftp: loaded support on port[0] = 21
[ 176.865906][ T2488] print_req_error: I/O error, dev loop5, sector 1024 flags 0
[ 176.873718][ T7526] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=512, location=512
15:30:53 executing program 1:
syz_open_dev$amidi(0x0, 0x0, 0x103000)
r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/netstat\x00')
fanotify_mark(0xffffffffffffffff, 0x4, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x74, 0x4)
bind$inet(r1, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x4)
writev(r1, &(0x7f0000000340)=[{&(0x7f0000000a80)="d85e678e676090b1343eb9c52bd02479d0747d8b2ab1410220300dba233c5193d6240d4a4d3d2a693cc7b07ce79ebbae29f214bee98043109616a4205ae885b9fa8c3b79353fa61bf3da3d814e673a4e0524a241d81a07f6dd09e1d0e34871ddf209e2e0ea4539e15d", 0x69}], 0x1)
vmsplice(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_NL_PEER_REMOVE(0xffffffffffffffff, 0x0, 0x40000)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf32(r1, &(0x7f00000008c0)=ANY=[@ANYBLOB="7f454c4600010000000000040000000000003e0000000000000000003800000000000000042233e9c50000000000002000000000000000000000c9484caaef0000000000000000000000000000000000000008000500000000000000000000000000dcd22cd830a0b2dfb284f65df3be04dde0a02b9b0419a613996c39550c551257a02ed03c964962b39865598eb492c34f905034bd7d9f10500ef64d649be114b2288c34fb7ddc637b9d0946f83fec2e839af8f9e12f1ee74fb6162bd4376c76bc5adde08ed5100ccc787198f570d1cf8416e898239ed43d19c4bb3eaa5c94af371c3873f17fd32c7f6dcd68149eaab27808e12a5f8b9eba051e6aa9643ecc28e846a75295aa20a67542b2e0f401cfa52d12d67c3a56d14afd8af1bc576c97aa3fd8157f787bc01ec50235d4478600038529f054d742fc59d22047ac17a240259f075336007911856ceec85fdfa92e4a10870b1dcaafd938a33e8aaef120c74f3535db08184a92fa"], 0x169)
write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a)
[ 176.952452][ T7566] IPVS: ftp: loaded support on port[0] = 21
[ 176.987056][ T7526] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[ 177.045426][ T7526] UDF-fs: Scanning with blocksize 1024 failed
[ 177.051754][ T5] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[ 177.059384][ T5] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[ 177.069460][ T5] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
15:30:54 executing program 0:
r0 = epoll_create1(0x0)
epoll_pwait(r0, &(0x7f0000000000)=[{}], 0x1, 0x7ff, 0x0, 0x0)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uhid\x00', 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0x4011})
write$UHID_CREATE(r1, &(0x7f0000000100)={0x0, 'syz1\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000000)=""/11, 0xb}, 0x11c)
[ 177.099379][ T7551] Disabling lock debugging due to kernel taint
[ 177.105824][ T7551] BUG: Bad page state in process syz-executor.3 pfn:74b31
[ 177.124314][ T2487] print_req_error: I/O error, dev loop5, sector 64 flags 0
[ 177.131901][ T2487] print_req_error: I/O error, dev loop5, sector 1024 flags 0
[ 177.139338][ T7526] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[ 177.176104][ T7551] page:ffffea0001d2cc40 count:0 mapcount:0 mapping:ffff8880911c4820 index:0x1
[ 177.202095][ T2487] print_req_error: I/O error, dev loop5, sector 2048 flags 0
[ 177.211982][ T7420] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[ 177.222960][ T7526] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=512, location=512
[ 177.243903][ T7420] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[ 177.271379][ T7551] shmem_aops
[ 177.271385][ T7551] name:"memfd:}#*nodevem2N,"
[ 177.297045][ T7420] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[ 177.312757][ T7551] flags: 0x1fffc000008000c(uptodate|dirty|swapbacked)
[ 177.321871][ T7526] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[ 177.360082][ T7551] raw: 01fffc000008000c dead000000000100 dead000000000200 ffff8880911c4820
[ 177.375443][ T7526] UDF-fs: Scanning with blocksize 2048 failed
[ 177.402524][ T7420] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[ 177.421912][ T2487] print_req_error: I/O error, dev loop5, sector 64 flags 0
[ 177.430691][ T7526] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[ 177.447133][ T7551] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[ 177.456188][ T7526] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=512, location=512
[ 177.465737][ T7526] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[ 177.473425][ T7526] UDF-fs: Scanning with blocksize 4096 failed
[ 177.479509][ T7526] UDF-fs: warning (device loop5): udf_fill_super: No partition found (1)
[ 177.488769][ T7565] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[ 177.498862][ T7565] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=512, location=512
[ 177.544911][ T7565] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[ 177.566959][ T7565] UDF-fs: Scanning with blocksize 512 failed
[ 177.586258][ T7565] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[ 177.609942][ T7565] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=512, location=512
[ 177.621910][ T7565] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[ 177.629697][ T7565] UDF-fs: Scanning with blocksize 1024 failed
[ 177.638569][ T7565] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[ 177.648367][ T7565] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=512, location=512
[ 177.660269][ T7565] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[ 177.668036][ T7565] UDF-fs: Scanning with blocksize 2048 failed
[ 177.674508][ T7565] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[ 177.686881][ T7565] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=512, location=512
[ 177.698075][ T7565] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[ 177.705801][ T7565] UDF-fs: Scanning with blocksize 4096 failed
[ 177.716254][ T7420] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[ 177.719829][ T7571] IPVS: ftp: loaded support on port[0] = 21
[ 177.723728][ T7420] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[ 177.732892][ T7565] UDF-fs: warning (device loop5): udf_fill_super: No partition found (1)
[ 177.737198][ T7420] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[ 177.753015][ T7420] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[ 177.760965][ T7420] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[ 177.770365][ T7420] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[ 177.778319][ T7420] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[ 177.790772][ T7420] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[ 177.819615][ T7551] page dumped because: non-NULL mapping
[ 177.825228][ T7551] Modules linked in:
[ 177.853800][ T7551] CPU: 0 PID: 7551 Comm: syz-executor.3 Tainted: G B 5.0.0-rc7-next-20190222 #41
[ 177.864220][ T7551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 177.874269][ T7551] Call Trace:
[ 177.877581][ T7551] dump_stack+0x172/0x1f0
[ 177.881917][ T7551] bad_page.cold+0xda/0xff
[ 177.886329][ T7551] ? si_mem_available+0x320/0x320
[ 177.891355][ T7551] ? trace_hardirqs_on+0x5e/0x230
[ 177.896382][ T7551] ? _raw_spin_unlock_irqrestore+0x95/0xe0
[ 177.902184][ T7551] free_pages_check_bad+0x142/0x1a0
[ 177.907379][ T7551] free_unref_page+0x3c6/0x600
[ 177.912142][ T7551] __put_page+0x8d/0xd0
[ 177.916298][ T7551] page_cache_pipe_buf_release+0x12b/0x180
[ 177.922099][ T7551] iter_file_splice_write+0x7d1/0xbe0
[ 177.927468][ T7551] ? atime_needs_update+0x5f0/0x5f0
[ 177.932671][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 177.938667][ T7551] ? rw_verify_area+0x118/0x360
[ 177.943517][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 177.949506][ T7551] direct_splice_actor+0x126/0x1a0
[ 177.954616][ T7551] splice_direct_to_actor+0x369/0x970
[ 177.959989][ T7551] ? generic_pipe_buf_nosteal+0x10/0x10
[ 177.965535][ T7551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 177.971793][ T7551] ? do_splice_to+0x190/0x190
[ 177.976477][ T7551] ? rw_verify_area+0x118/0x360
[ 177.981326][ T7551] do_splice_direct+0x1da/0x2a0
[ 177.986173][ T7551] ? splice_direct_to_actor+0x970/0x970
[ 177.991719][ T7551] ? rw_verify_area+0x118/0x360
[ 177.996584][ T7551] do_sendfile+0x597/0xd00
[ 178.001002][ T7551] ? do_compat_pwritev64+0x1c0/0x1c0
[ 178.006285][ T7551] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 178.012520][ T7551] ? put_timespec64+0xda/0x140
[ 178.017306][ T7551] __x64_sys_sendfile64+0x1dd/0x220
[ 178.022501][ T7551] ? __ia32_sys_sendfile+0x230/0x230
[ 178.027787][ T7551] ? do_syscall_64+0x26/0x610
[ 178.032472][ T7551] ? lockdep_hardirqs_on+0x418/0x5d0
[ 178.037754][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 178.042776][ T7551] do_syscall_64+0x103/0x610
[ 178.047373][ T7551] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 178.053260][ T7551] RIP: 0033:0x457e29
[ 178.057154][ T7551] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 178.076751][ T7551] RSP: 002b:00007f00d6aa8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 178.085156][ T7551] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457e29
[ 178.093123][ T7551] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 178.101577][ T7551] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 178.109559][ T7551] R10: 0000000000080005 R11: 0000000000000246 R12: 00007f00d6aa96d4
[ 178.117543][ T7551] R13: 00000000004c4dce R14: 00000000004d8af8 R15: 00000000ffffffff
[ 178.142425][ T7551] BUG: Bad page state in process syz-executor.3 pfn:752e4
[ 178.152013][ T7551] page:ffffea0001d4b900 count:0 mapcount:0 mapping:ffff8880911c4820 index:0x2
[ 178.162875][ T7551] shmem_aops
[ 178.162881][ T7551] name:"memfd:}#*nodevem2N,"
[ 178.168710][ T7551] flags: 0x1fffc000008000c(uptodate|dirty|swapbacked)
[ 178.180430][ T7551] raw: 01fffc000008000c dead000000000100 dead000000000200 ffff8880911c4820
[ 178.191600][ T7551] raw: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[ 178.220543][ T7551] page dumped because: non-NULL mapping
[ 178.227512][ T7551] Modules linked in:
[ 178.231565][ T7551] CPU: 0 PID: 7551 Comm: syz-executor.3 Tainted: G B 5.0.0-rc7-next-20190222 #41
[ 178.241970][ T7551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 178.252018][ T7551] Call Trace:
[ 178.255314][ T7551] dump_stack+0x172/0x1f0
[ 178.259651][ T7551] bad_page.cold+0xda/0xff
[ 178.264071][ T7551] ? si_mem_available+0x320/0x320
[ 178.269102][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 178.274128][ T7551] ? kasan_check_read+0x11/0x20
[ 178.278980][ T7551] free_pages_check_bad+0x142/0x1a0
[ 178.284179][ T7551] free_unref_page+0x3c6/0x600
[ 178.288939][ T7551] __put_page+0x8d/0xd0
[ 178.293097][ T7551] page_cache_pipe_buf_release+0x12b/0x180
[ 178.298902][ T7551] iter_file_splice_write+0x7d1/0xbe0
[ 178.304274][ T7551] ? atime_needs_update+0x5f0/0x5f0
[ 178.309480][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 178.315488][ T7551] ? rw_verify_area+0x118/0x360
[ 178.320351][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 178.326326][ T7551] direct_splice_actor+0x126/0x1a0
[ 178.331435][ T7551] splice_direct_to_actor+0x369/0x970
[ 178.336811][ T7551] ? generic_pipe_buf_nosteal+0x10/0x10
[ 178.342363][ T7551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 178.348605][ T7551] ? do_splice_to+0x190/0x190
[ 178.353281][ T7551] ? rw_verify_area+0x118/0x360
[ 178.358133][ T7551] do_splice_direct+0x1da/0x2a0
[ 178.362984][ T7551] ? splice_direct_to_actor+0x970/0x970
[ 178.368550][ T7551] ? rw_verify_area+0x118/0x360
[ 178.373398][ T7551] do_sendfile+0x597/0xd00
[ 178.377820][ T7551] ? do_compat_pwritev64+0x1c0/0x1c0
[ 178.383103][ T7551] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 178.389344][ T7551] ? put_timespec64+0xda/0x140
[ 178.394113][ T7551] __x64_sys_sendfile64+0x1dd/0x220
[ 178.399311][ T7551] ? __ia32_sys_sendfile+0x230/0x230
[ 178.404593][ T7551] ? do_syscall_64+0x26/0x610
[ 178.409266][ T7551] ? lockdep_hardirqs_on+0x418/0x5d0
[ 178.414560][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 178.419588][ T7551] do_syscall_64+0x103/0x610
[ 178.424182][ T7551] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 178.430068][ T7551] RIP: 0033:0x457e29
[ 178.433964][ T7551] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 178.453561][ T7551] RSP: 002b:00007f00d6aa8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 178.461966][ T7551] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457e29
[ 178.469935][ T7551] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 178.477906][ T7551] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 178.485871][ T7551] R10: 0000000000080005 R11: 0000000000000246 R12: 00007f00d6aa96d4
[ 178.493834][ T7551] R13: 00000000004c4dce R14: 00000000004d8af8 R15: 00000000ffffffff
[ 178.510553][ T7551] BUG: Bad page state in process syz-executor.3 pfn:752b3
[ 178.517894][ T7551] page:ffffea0001d4acc0 count:0 mapcount:0 mapping:ffff8880911c4820 index:0x3
[ 178.529249][ T7551] shmem_aops
[ 178.529255][ T7551] name:"memfd:}#*nodevem2N,"
[ 178.532638][ T7551] flags: 0x1fffc000008000c(uptodate|dirty|swapbacked)
[ 178.544358][ T7551] raw: 01fffc000008000c dead000000000100 dead000000000200 ffff8880911c4820
[ 178.555390][ T7551] raw: 0000000000000003 0000000000000000 00000000ffffffff 0000000000000000
[ 178.564220][ T7551] page dumped because: non-NULL mapping
[ 178.572205][ T7551] Modules linked in:
[ 178.576354][ T7551] CPU: 0 PID: 7551 Comm: syz-executor.3 Tainted: G B 5.0.0-rc7-next-20190222 #41
[ 178.586757][ T7551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 178.596807][ T7551] Call Trace:
[ 178.600097][ T7551] dump_stack+0x172/0x1f0
[ 178.604430][ T7551] bad_page.cold+0xda/0xff
[ 178.608843][ T7551] ? si_mem_available+0x320/0x320
[ 178.613864][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 178.618888][ T7551] ? kasan_check_read+0x11/0x20
[ 178.623737][ T7551] free_pages_check_bad+0x142/0x1a0
[ 178.628937][ T7551] free_unref_page+0x3c6/0x600
[ 178.633697][ T7551] __put_page+0x8d/0xd0
[ 178.637854][ T7551] page_cache_pipe_buf_release+0x12b/0x180
[ 178.643655][ T7551] iter_file_splice_write+0x7d1/0xbe0
[ 178.649664][ T7551] ? atime_needs_update+0x5f0/0x5f0
[ 178.654864][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 178.660852][ T7551] ? rw_verify_area+0x118/0x360
[ 178.665704][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 178.671686][ T7551] direct_splice_actor+0x126/0x1a0
[ 178.676798][ T7551] splice_direct_to_actor+0x369/0x970
[ 178.682166][ T7551] ? generic_pipe_buf_nosteal+0x10/0x10
[ 178.687711][ T7551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 178.693948][ T7551] ? do_splice_to+0x190/0x190
[ 178.698627][ T7551] ? rw_verify_area+0x118/0x360
[ 178.703494][ T7551] do_splice_direct+0x1da/0x2a0
[ 178.708343][ T7551] ? splice_direct_to_actor+0x970/0x970
[ 178.713891][ T7551] ? rw_verify_area+0x118/0x360
[ 178.718743][ T7551] do_sendfile+0x597/0xd00
[ 178.723160][ T7551] ? do_compat_pwritev64+0x1c0/0x1c0
[ 178.728440][ T7551] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 178.734693][ T7551] ? put_timespec64+0xda/0x140
[ 178.739462][ T7551] __x64_sys_sendfile64+0x1dd/0x220
[ 178.744671][ T7551] ? __ia32_sys_sendfile+0x230/0x230
[ 178.749955][ T7551] ? do_syscall_64+0x26/0x610
[ 178.754634][ T7551] ? lockdep_hardirqs_on+0x418/0x5d0
[ 178.759919][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 178.764940][ T7551] do_syscall_64+0x103/0x610
[ 178.769530][ T7551] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 178.775417][ T7551] RIP: 0033:0x457e29
[ 178.779314][ T7551] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 178.798908][ T7551] RSP: 002b:00007f00d6aa8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 178.807312][ T7551] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457e29
[ 178.815276][ T7551] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 178.823331][ T7551] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 178.831296][ T7551] R10: 0000000000080005 R11: 0000000000000246 R12: 00007f00d6aa96d4
[ 178.839261][ T7551] R13: 00000000004c4dce R14: 00000000004d8af8 R15: 00000000ffffffff
[ 178.852223][ T7551] BUG: Bad page state in process syz-executor.3 pfn:752bb
[ 178.859556][ T7551] page:ffffea0001d4aec0 count:0 mapcount:0 mapping:ffff8880911c4820 index:0x4
[ 178.870931][ T7551] shmem_aops
[ 178.870937][ T7551] name:"memfd:}#*nodevem2N,"
[ 178.874314][ T7551] flags: 0x1fffc000008000c(uptodate|dirty|swapbacked)
[ 178.888259][ T7551] raw: 01fffc000008000c dead000000000100 dead000000000200 ffff8880911c4820
[ 178.896948][ T7551] raw: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[ 178.905606][ T7551] page dumped because: non-NULL mapping
[ 178.914008][ T7551] Modules linked in:
[ 178.918143][ T7551] CPU: 0 PID: 7551 Comm: syz-executor.3 Tainted: G B 5.0.0-rc7-next-20190222 #41
[ 178.928547][ T7551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 178.938593][ T7551] Call Trace:
[ 178.941885][ T7551] dump_stack+0x172/0x1f0
[ 178.946214][ T7551] bad_page.cold+0xda/0xff
[ 178.950631][ T7551] ? si_mem_available+0x320/0x320
[ 178.955655][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 178.960678][ T7551] ? kasan_check_read+0x11/0x20
[ 178.965532][ T7551] free_pages_check_bad+0x142/0x1a0
[ 178.970739][ T7551] free_unref_page+0x3c6/0x600
[ 178.975505][ T7551] __put_page+0x8d/0xd0
[ 178.979665][ T7551] page_cache_pipe_buf_release+0x12b/0x180
[ 178.985488][ T7551] iter_file_splice_write+0x7d1/0xbe0
[ 178.990861][ T7551] ? atime_needs_update+0x5f0/0x5f0
[ 178.996066][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 179.002056][ T7551] ? rw_verify_area+0x118/0x360
[ 179.006903][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 179.012884][ T7551] direct_splice_actor+0x126/0x1a0
[ 179.017995][ T7551] splice_direct_to_actor+0x369/0x970
[ 179.023366][ T7551] ? generic_pipe_buf_nosteal+0x10/0x10
[ 179.028913][ T7551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 179.035153][ T7551] ? do_splice_to+0x190/0x190
[ 179.039832][ T7551] ? rw_verify_area+0x118/0x360
[ 179.044685][ T7551] do_splice_direct+0x1da/0x2a0
[ 179.049539][ T7551] ? splice_direct_to_actor+0x970/0x970
[ 179.055090][ T7551] ? rw_verify_area+0x118/0x360
[ 179.059949][ T7551] do_sendfile+0x597/0xd00
[ 179.064373][ T7551] ? do_compat_pwritev64+0x1c0/0x1c0
[ 179.069658][ T7551] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 179.075895][ T7551] ? put_timespec64+0xda/0x140
[ 179.080662][ T7551] __x64_sys_sendfile64+0x1dd/0x220
[ 179.085865][ T7551] ? __ia32_sys_sendfile+0x230/0x230
[ 179.091153][ T7551] ? do_syscall_64+0x26/0x610
[ 179.095833][ T7551] ? lockdep_hardirqs_on+0x418/0x5d0
[ 179.101208][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 179.106237][ T7551] do_syscall_64+0x103/0x610
[ 179.110834][ T7551] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 179.116722][ T7551] RIP: 0033:0x457e29
[ 179.120620][ T7551] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 179.140217][ T7551] RSP: 002b:00007f00d6aa8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 179.148629][ T7551] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457e29
[ 179.156600][ T7551] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 179.164568][ T7551] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 179.172535][ T7551] R10: 0000000000080005 R11: 0000000000000246 R12: 00007f00d6aa96d4
[ 179.180508][ T7551] R13: 00000000004c4dce R14: 00000000004d8af8 R15: 00000000ffffffff
[ 179.195333][ T7551] BUG: Bad page state in process syz-executor.3 pfn:752ac
[ 179.202636][ T7551] page:ffffea0001d4ab00 count:0 mapcount:0 mapping:ffff8880911c4820 index:0x5
[ 179.213983][ T7551] shmem_aops
[ 179.213990][ T7551] name:"memfd:}#*nodevem2N,"
[ 179.217520][ T7551] flags: 0x1fffc000008000c(uptodate|dirty|swapbacked)
[ 179.231907][ T7551] raw: 01fffc000008000c dead000000000100 dead000000000200 ffff8880911c4820
[ 179.240901][ T7551] raw: 0000000000000005 0000000000000000 00000000ffffffff 0000000000000000
[ 179.251887][ T7551] page dumped because: non-NULL mapping
[ 179.257638][ T7551] Modules linked in:
[ 179.261600][ T7551] CPU: 0 PID: 7551 Comm: syz-executor.3 Tainted: G B 5.0.0-rc7-next-20190222 #41
[ 179.272278][ T7551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 179.282328][ T7551] Call Trace:
[ 179.285621][ T7551] dump_stack+0x172/0x1f0
[ 179.289958][ T7551] bad_page.cold+0xda/0xff
[ 179.294375][ T7551] ? si_mem_available+0x320/0x320
[ 179.299398][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 179.304464][ T7551] ? kasan_check_read+0x11/0x20
[ 179.309316][ T7551] free_pages_check_bad+0x142/0x1a0
[ 179.314517][ T7551] free_unref_page+0x3c6/0x600
[ 179.319279][ T7551] __put_page+0x8d/0xd0
[ 179.323453][ T7551] page_cache_pipe_buf_release+0x12b/0x180
[ 179.329258][ T7551] iter_file_splice_write+0x7d1/0xbe0
[ 179.334632][ T7551] ? atime_needs_update+0x5f0/0x5f0
[ 179.339835][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 179.345823][ T7551] ? rw_verify_area+0x118/0x360
[ 179.350675][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 179.356652][ T7551] direct_splice_actor+0x126/0x1a0
[ 179.361769][ T7551] splice_direct_to_actor+0x369/0x970
[ 179.367139][ T7551] ? generic_pipe_buf_nosteal+0x10/0x10
[ 179.372691][ T7551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 179.378931][ T7551] ? do_splice_to+0x190/0x190
[ 179.383611][ T7551] ? rw_verify_area+0x118/0x360
[ 179.388465][ T7551] do_splice_direct+0x1da/0x2a0
[ 179.393315][ T7551] ? splice_direct_to_actor+0x970/0x970
[ 179.398862][ T7551] ? rw_verify_area+0x118/0x360
[ 179.403711][ T7551] do_sendfile+0x597/0xd00
[ 179.408131][ T7551] ? do_compat_pwritev64+0x1c0/0x1c0
[ 179.413426][ T7551] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 179.419672][ T7551] ? put_timespec64+0xda/0x140
[ 179.424457][ T7551] __x64_sys_sendfile64+0x1dd/0x220
[ 179.429656][ T7551] ? __ia32_sys_sendfile+0x230/0x230
[ 179.434945][ T7551] ? do_syscall_64+0x26/0x610
[ 179.439621][ T7551] ? lockdep_hardirqs_on+0x418/0x5d0
[ 179.444903][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 179.449926][ T7551] do_syscall_64+0x103/0x610
[ 179.454518][ T7551] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 179.460424][ T7551] RIP: 0033:0x457e29
[ 179.464319][ T7551] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 179.483919][ T7551] RSP: 002b:00007f00d6aa8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 179.492328][ T7551] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457e29
[ 179.500293][ T7551] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 179.508258][ T7551] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 179.516223][ T7551] R10: 0000000000080005 R11: 0000000000000246 R12: 00007f00d6aa96d4
[ 179.524189][ T7551] R13: 00000000004c4dce R14: 00000000004d8af8 R15: 00000000ffffffff
[ 179.537600][ T7551] BUG: Bad page state in process syz-executor.3 pfn:752be
[ 179.544881][ T7551] page:ffffea0001d4af80 count:0 mapcount:0 mapping:ffff8880911c4820 index:0x6
[ 179.558052][ T7551] shmem_aops
[ 179.558058][ T7551] name:"memfd:}#*nodevem2N,"
[ 179.561438][ T7551] flags: 0x1fffc000008000c(uptodate|dirty|swapbacked)
[ 179.573848][ T7551] raw: 01fffc000008000c dead000000000100 dead000000000200 ffff8880911c4820
[ 179.584120][ T7551] raw: 0000000000000006 0000000000000000 00000000ffffffff 0000000000000000
[ 179.593623][ T7551] page dumped because: non-NULL mapping
[ 179.600824][ T7551] Modules linked in:
[ 179.604785][ T7551] CPU: 0 PID: 7551 Comm: syz-executor.3 Tainted: G B 5.0.0-rc7-next-20190222 #41
[ 179.615183][ T7551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 179.625228][ T7551] Call Trace:
[ 179.628522][ T7551] dump_stack+0x172/0x1f0
[ 179.632852][ T7551] bad_page.cold+0xda/0xff
[ 179.637270][ T7551] ? si_mem_available+0x320/0x320
[ 179.642294][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 179.647318][ T7551] ? kasan_check_read+0x11/0x20
[ 179.652170][ T7551] free_pages_check_bad+0x142/0x1a0
[ 179.657366][ T7551] free_unref_page+0x3c6/0x600
[ 179.662146][ T7551] __put_page+0x8d/0xd0
[ 179.666302][ T7551] page_cache_pipe_buf_release+0x12b/0x180
[ 179.672107][ T7551] iter_file_splice_write+0x7d1/0xbe0
[ 179.677480][ T7551] ? atime_needs_update+0x5f0/0x5f0
[ 179.682681][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 179.688672][ T7551] ? rw_verify_area+0x118/0x360
[ 179.693522][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 179.699498][ T7551] direct_splice_actor+0x126/0x1a0
[ 179.704611][ T7551] splice_direct_to_actor+0x369/0x970
[ 179.709984][ T7551] ? generic_pipe_buf_nosteal+0x10/0x10
[ 179.715530][ T7551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 179.721765][ T7551] ? do_splice_to+0x190/0x190
[ 179.726448][ T7551] ? rw_verify_area+0x118/0x360
[ 179.731297][ T7551] do_splice_direct+0x1da/0x2a0
[ 179.736145][ T7551] ? splice_direct_to_actor+0x970/0x970
[ 179.741692][ T7551] ? rw_verify_area+0x118/0x360
[ 179.746545][ T7551] do_sendfile+0x597/0xd00
[ 179.750964][ T7551] ? do_compat_pwritev64+0x1c0/0x1c0
[ 179.756244][ T7551] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 179.762480][ T7551] ? put_timespec64+0xda/0x140
[ 179.767251][ T7551] __x64_sys_sendfile64+0x1dd/0x220
[ 179.772448][ T7551] ? __ia32_sys_sendfile+0x230/0x230
[ 179.777818][ T7551] ? do_syscall_64+0x26/0x610
[ 179.782492][ T7551] ? lockdep_hardirqs_on+0x418/0x5d0
[ 179.787780][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 179.792806][ T7551] do_syscall_64+0x103/0x610
[ 179.797418][ T7551] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 179.803303][ T7551] RIP: 0033:0x457e29
[ 179.807199][ T7551] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 179.826794][ T7551] RSP: 002b:00007f00d6aa8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 179.835198][ T7551] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457e29
[ 179.843166][ T7551] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 179.851129][ T7551] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 179.859097][ T7551] R10: 0000000000080005 R11: 0000000000000246 R12: 00007f00d6aa96d4
[ 179.867066][ T7551] R13: 00000000004c4dce R14: 00000000004d8af8 R15: 00000000ffffffff
[ 179.879408][ T7551] BUG: Bad page state in process syz-executor.3 pfn:752c1
[ 179.886701][ T7551] page:ffffea0001d4b040 count:0 mapcount:0 mapping:ffff8880911c4820 index:0x7
[ 179.895596][ T7551] shmem_aops
[ 179.895602][ T7551] name:"memfd:}#*nodevem2N,"
[ 179.901288][ T7551] flags: 0x1fffc000008000c(uptodate|dirty|swapbacked)
[ 179.912898][ T7551] raw: 01fffc000008000c dead000000000100 dead000000000200 ffff8880911c4820
[ 179.923761][ T7551] raw: 0000000000000007 0000000000000000 00000000ffffffff 0000000000000000
[ 179.932420][ T7551] page dumped because: non-NULL mapping
[ 179.940325][ T7551] Modules linked in:
[ 179.944302][ T7551] CPU: 0 PID: 7551 Comm: syz-executor.3 Tainted: G B 5.0.0-rc7-next-20190222 #41
[ 179.954701][ T7551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 179.964749][ T7551] Call Trace:
[ 179.968040][ T7551] dump_stack+0x172/0x1f0
[ 179.972389][ T7551] bad_page.cold+0xda/0xff
[ 179.976809][ T7551] ? si_mem_available+0x320/0x320
[ 179.981835][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 179.986855][ T7551] ? kasan_check_read+0x11/0x20
[ 179.991710][ T7551] free_pages_check_bad+0x142/0x1a0
[ 179.996904][ T7551] free_unref_page+0x3c6/0x600
[ 180.001670][ T7551] __put_page+0x8d/0xd0
[ 180.005823][ T7551] page_cache_pipe_buf_release+0x12b/0x180
[ 180.011633][ T7551] iter_file_splice_write+0x7d1/0xbe0
[ 180.017001][ T7551] ? atime_needs_update+0x5f0/0x5f0
[ 180.022201][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 180.028189][ T7551] ? rw_verify_area+0x118/0x360
[ 180.033041][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 180.039020][ T7551] direct_splice_actor+0x126/0x1a0
[ 180.044131][ T7551] splice_direct_to_actor+0x369/0x970
[ 180.049500][ T7551] ? generic_pipe_buf_nosteal+0x10/0x10
[ 180.055044][ T7551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 180.061283][ T7551] ? do_splice_to+0x190/0x190
[ 180.065962][ T7551] ? rw_verify_area+0x118/0x360
[ 180.070813][ T7551] do_splice_direct+0x1da/0x2a0
[ 180.075662][ T7551] ? splice_direct_to_actor+0x970/0x970
[ 180.081212][ T7551] ? rw_verify_area+0x118/0x360
[ 180.086062][ T7551] do_sendfile+0x597/0xd00
[ 180.090483][ T7551] ? do_compat_pwritev64+0x1c0/0x1c0
[ 180.095765][ T7551] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 180.102527][ T7551] ? put_timespec64+0xda/0x140
[ 180.107300][ T7551] __x64_sys_sendfile64+0x1dd/0x220
[ 180.112498][ T7551] ? __ia32_sys_sendfile+0x230/0x230
[ 180.117779][ T7551] ? do_syscall_64+0x26/0x610
[ 180.122454][ T7551] ? lockdep_hardirqs_on+0x418/0x5d0
[ 180.127737][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 180.132765][ T7551] do_syscall_64+0x103/0x610
[ 180.137370][ T7551] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 180.143255][ T7551] RIP: 0033:0x457e29
[ 180.147148][ T7551] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 180.166749][ T7551] RSP: 002b:00007f00d6aa8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 180.175155][ T7551] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457e29
[ 180.183120][ T7551] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 180.191090][ T7551] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 180.199055][ T7551] R10: 0000000000080005 R11: 0000000000000246 R12: 00007f00d6aa96d4
[ 180.207021][ T7551] R13: 00000000004c4dce R14: 00000000004d8af8 R15: 00000000ffffffff
[ 180.219487][ T7551] BUG: Bad page state in process syz-executor.3 pfn:752c0
[ 180.226745][ T7551] page:ffffea0001d4b000 count:0 mapcount:0 mapping:ffff8880911c4820 index:0x8
[ 180.235638][ T7551] shmem_aops
[ 180.235644][ T7551] name:"memfd:}#*nodevem2N,"
[ 180.241142][ T7551] flags: 0x1fffc000008000c(uptodate|dirty|swapbacked)
[ 180.252641][ T7551] raw: 01fffc000008000c dead000000000100 dead000000000200 ffff8880911c4820
[ 180.263447][ T7551] raw: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[ 180.273610][ T7551] page dumped because: non-NULL mapping
[ 180.281371][ T7551] Modules linked in:
[ 180.285313][ T7551] CPU: 0 PID: 7551 Comm: syz-executor.3 Tainted: G B 5.0.0-rc7-next-20190222 #41
[ 180.295725][ T7551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 180.305770][ T7551] Call Trace:
[ 180.309060][ T7551] dump_stack+0x172/0x1f0
[ 180.313406][ T7551] bad_page.cold+0xda/0xff
[ 180.317820][ T7551] ? si_mem_available+0x320/0x320
[ 180.322846][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 180.327866][ T7551] ? kasan_check_read+0x11/0x20
[ 180.332718][ T7551] free_pages_check_bad+0x142/0x1a0
[ 180.337920][ T7551] free_unref_page+0x3c6/0x600
[ 180.342685][ T7551] __put_page+0x8d/0xd0
[ 180.346844][ T7551] page_cache_pipe_buf_release+0x12b/0x180
[ 180.352650][ T7551] iter_file_splice_write+0x7d1/0xbe0
[ 180.358021][ T7551] ? atime_needs_update+0x5f0/0x5f0
[ 180.363226][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 180.369215][ T7551] ? rw_verify_area+0x118/0x360
[ 180.374061][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 180.380042][ T7551] direct_splice_actor+0x126/0x1a0
[ 180.385156][ T7551] splice_direct_to_actor+0x369/0x970
[ 180.390526][ T7551] ? generic_pipe_buf_nosteal+0x10/0x10
[ 180.396071][ T7551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 180.402306][ T7551] ? do_splice_to+0x190/0x190
[ 180.406998][ T7551] ? rw_verify_area+0x118/0x360
[ 180.411848][ T7551] do_splice_direct+0x1da/0x2a0
[ 180.416700][ T7551] ? splice_direct_to_actor+0x970/0x970
[ 180.422250][ T7551] ? rw_verify_area+0x118/0x360
[ 180.427098][ T7551] do_sendfile+0x597/0xd00
[ 180.431517][ T7551] ? do_compat_pwritev64+0x1c0/0x1c0
[ 180.436799][ T7551] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 180.443034][ T7551] ? put_timespec64+0xda/0x140
[ 180.447803][ T7551] __x64_sys_sendfile64+0x1dd/0x220
[ 180.453006][ T7551] ? __ia32_sys_sendfile+0x230/0x230
[ 180.458290][ T7551] ? do_syscall_64+0x26/0x610
[ 180.462982][ T7551] ? lockdep_hardirqs_on+0x418/0x5d0
[ 180.468264][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 180.473291][ T7551] do_syscall_64+0x103/0x610
[ 180.477900][ T7551] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 180.483788][ T7551] RIP: 0033:0x457e29
[ 180.487682][ T7551] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 180.507283][ T7551] RSP: 002b:00007f00d6aa8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 180.515707][ T7551] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457e29
[ 180.523676][ T7551] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 180.531645][ T7551] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 180.539615][ T7551] R10: 0000000000080005 R11: 0000000000000246 R12: 00007f00d6aa96d4
[ 180.547930][ T7551] R13: 00000000004c4dce R14: 00000000004d8af8 R15: 00000000ffffffff
[ 180.561035][ T7551] BUG: Bad page state in process syz-executor.3 pfn:752bf
[ 180.568325][ T7551] page:ffffea0001d4afc0 count:0 mapcount:0 mapping:ffff8880911c4820 index:0x9
[ 180.579432][ T7551] shmem_aops
[ 180.579439][ T7551] name:"memfd:}#*nodevem2N,"
[ 180.582768][ T7551] flags: 0x1fffc000008000c(uptodate|dirty|swapbacked)
[ 180.598468][ T7551] raw: 01fffc000008000c dead000000000100 dead000000000200 ffff8880911c4820
[ 180.607107][ T7551] raw: 0000000000000009 0000000000000000 00000000ffffffff 0000000000000000
[ 180.615717][ T7551] page dumped because: non-NULL mapping
[ 180.623510][ T7551] Modules linked in:
[ 180.627485][ T7551] CPU: 0 PID: 7551 Comm: syz-executor.3 Tainted: G B 5.0.0-rc7-next-20190222 #41
[ 180.637888][ T7551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 180.647939][ T7551] Call Trace:
[ 180.651229][ T7551] dump_stack+0x172/0x1f0
[ 180.655572][ T7551] bad_page.cold+0xda/0xff
[ 180.659985][ T7551] ? si_mem_available+0x320/0x320
[ 180.665009][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 180.670035][ T7551] ? kasan_check_read+0x11/0x20
[ 180.674888][ T7551] free_pages_check_bad+0x142/0x1a0
[ 180.680100][ T7551] free_unref_page+0x3c6/0x600
[ 180.684862][ T7551] __put_page+0x8d/0xd0
[ 180.689018][ T7551] page_cache_pipe_buf_release+0x12b/0x180
[ 180.694818][ T7551] iter_file_splice_write+0x7d1/0xbe0
[ 180.700189][ T7551] ? atime_needs_update+0x5f0/0x5f0
[ 180.705393][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 180.711377][ T7551] ? rw_verify_area+0x118/0x360
[ 180.716223][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 180.722200][ T7551] direct_splice_actor+0x126/0x1a0
[ 180.727321][ T7551] splice_direct_to_actor+0x369/0x970
[ 180.732688][ T7551] ? generic_pipe_buf_nosteal+0x10/0x10
[ 180.738237][ T7551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 180.744471][ T7551] ? do_splice_to+0x190/0x190
[ 180.749147][ T7551] ? rw_verify_area+0x118/0x360
[ 180.753999][ T7551] do_splice_direct+0x1da/0x2a0
[ 180.758846][ T7551] ? splice_direct_to_actor+0x970/0x970
[ 180.764397][ T7551] ? rw_verify_area+0x118/0x360
[ 180.769248][ T7551] do_sendfile+0x597/0xd00
[ 180.773681][ T7551] ? do_compat_pwritev64+0x1c0/0x1c0
[ 180.778961][ T7551] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 180.785199][ T7551] ? put_timespec64+0xda/0x140
[ 180.789966][ T7551] __x64_sys_sendfile64+0x1dd/0x220
[ 180.795162][ T7551] ? __ia32_sys_sendfile+0x230/0x230
[ 180.800442][ T7551] ? do_syscall_64+0x26/0x610
[ 180.805119][ T7551] ? lockdep_hardirqs_on+0x418/0x5d0
[ 180.810405][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 180.815430][ T7551] do_syscall_64+0x103/0x610
[ 180.820024][ T7551] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 180.825908][ T7551] RIP: 0033:0x457e29
[ 180.829804][ T7551] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 180.849400][ T7551] RSP: 002b:00007f00d6aa8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 180.857809][ T7551] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457e29
[ 180.865774][ T7551] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 180.873740][ T7551] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 180.881711][ T7551] R10: 0000000000080005 R11: 0000000000000246 R12: 00007f00d6aa96d4
[ 180.889681][ T7551] R13: 00000000004c4dce R14: 00000000004d8af8 R15: 00000000ffffffff
[ 180.898780][ T7551] BUG: Bad page state in process syz-executor.3 pfn:752c3
[ 180.906325][ T7551] page:ffffea0001d4b0c0 count:0 mapcount:0 mapping:ffff8880911c4820 index:0xa
[ 180.915177][ T7551] shmem_aops
[ 180.915182][ T7551] name:"memfd:}#*nodevem2N,"
[ 180.918646][ T7551] flags: 0x1fffc000008000c(uptodate|dirty|swapbacked)
[ 180.930255][ T7551] raw: 01fffc000008000c dead000000000100 dead000000000200 ffff8880911c4820
[ 180.939337][ T7551] raw: 000000000000000a 0000000000000000 00000000ffffffff 0000000000000000
[ 180.948094][ T7551] page dumped because: non-NULL mapping
[ 180.953635][ T7551] Modules linked in:
[ 180.957702][ T7551] CPU: 1 PID: 7551 Comm: syz-executor.3 Tainted: G B 5.0.0-rc7-next-20190222 #41
[ 180.968101][ T7551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 180.978147][ T7551] Call Trace:
[ 180.981434][ T7551] dump_stack+0x172/0x1f0
[ 180.985766][ T7551] bad_page.cold+0xda/0xff
[ 180.990194][ T7551] ? si_mem_available+0x320/0x320
[ 180.995217][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 181.000239][ T7551] ? kasan_check_read+0x11/0x20
[ 181.005106][ T7551] free_pages_check_bad+0x142/0x1a0
[ 181.010311][ T7551] free_unref_page+0x3c6/0x600
[ 181.015072][ T7551] __put_page+0x8d/0xd0
[ 181.019224][ T7551] page_cache_pipe_buf_release+0x12b/0x180
[ 181.025042][ T7551] iter_file_splice_write+0x7d1/0xbe0
[ 181.030411][ T7551] ? atime_needs_update+0x5f0/0x5f0
[ 181.035611][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 181.041601][ T7551] ? rw_verify_area+0x118/0x360
[ 181.046446][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 181.052422][ T7551] direct_splice_actor+0x126/0x1a0
[ 181.057536][ T7551] splice_direct_to_actor+0x369/0x970
[ 181.062906][ T7551] ? generic_pipe_buf_nosteal+0x10/0x10
[ 181.068454][ T7551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 181.074691][ T7551] ? do_splice_to+0x190/0x190
[ 181.079366][ T7551] ? rw_verify_area+0x118/0x360
[ 181.084217][ T7551] do_splice_direct+0x1da/0x2a0
[ 181.089081][ T7551] ? splice_direct_to_actor+0x970/0x970
[ 181.094631][ T7551] ? rw_verify_area+0x118/0x360
[ 181.099482][ T7551] do_sendfile+0x597/0xd00
[ 181.103902][ T7551] ? do_compat_pwritev64+0x1c0/0x1c0
[ 181.109186][ T7551] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 181.115424][ T7551] ? put_timespec64+0xda/0x140
[ 181.120193][ T7551] __x64_sys_sendfile64+0x1dd/0x220
[ 181.125388][ T7551] ? __ia32_sys_sendfile+0x230/0x230
[ 181.130669][ T7551] ? do_syscall_64+0x26/0x610
[ 181.135344][ T7551] ? lockdep_hardirqs_on+0x418/0x5d0
[ 181.140629][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 181.145653][ T7551] do_syscall_64+0x103/0x610
[ 181.150266][ T7551] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 181.156155][ T7551] RIP: 0033:0x457e29
[ 181.160050][ T7551] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 181.179651][ T7551] RSP: 002b:00007f00d6aa8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 181.188057][ T7551] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457e29
[ 181.196022][ T7551] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 181.203988][ T7551] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 181.211960][ T7551] R10: 0000000000080005 R11: 0000000000000246 R12: 00007f00d6aa96d4
[ 181.219926][ T7551] R13: 00000000004c4dce R14: 00000000004d8af8 R15: 00000000ffffffff
[ 181.229442][ T7551] BUG: Bad page state in process syz-executor.3 pfn:752e2
[ 181.236673][ T7551] page:ffffea0001d4b880 count:0 mapcount:0 mapping:ffff8880911c4820 index:0xb
[ 181.245515][ T7551] shmem_aops
[ 181.245520][ T7551] name:"memfd:}#*nodevem2N,"
[ 181.249059][ T7551] flags: 0x1fffc000008000c(uptodate|dirty|swapbacked)
[ 181.260692][ T7551] raw: 01fffc000008000c dead000000000100 dead000000000200 ffff8880911c4820
[ 181.270010][ T7551] raw: 000000000000000b 0000000000000000 00000000ffffffff 0000000000000000
[ 181.278739][ T7551] page dumped because: non-NULL mapping
[ 181.284277][ T7551] Modules linked in:
[ 181.288360][ T7551] CPU: 1 PID: 7551 Comm: syz-executor.3 Tainted: G B 5.0.0-rc7-next-20190222 #41
[ 181.298764][ T7551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 181.308809][ T7551] Call Trace:
[ 181.312100][ T7551] dump_stack+0x172/0x1f0
[ 181.316436][ T7551] bad_page.cold+0xda/0xff
[ 181.320853][ T7551] ? si_mem_available+0x320/0x320
[ 181.325872][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 181.330894][ T7551] ? kasan_check_read+0x11/0x20
[ 181.335745][ T7551] free_pages_check_bad+0x142/0x1a0
[ 181.340945][ T7551] free_unref_page+0x3c6/0x600
[ 181.345713][ T7551] __put_page+0x8d/0xd0
[ 181.349871][ T7551] page_cache_pipe_buf_release+0x12b/0x180
[ 181.355672][ T7551] iter_file_splice_write+0x7d1/0xbe0
[ 181.361038][ T7551] ? atime_needs_update+0x5f0/0x5f0
[ 181.366257][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 181.372263][ T7551] ? rw_verify_area+0x118/0x360
[ 181.377109][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 181.383085][ T7551] direct_splice_actor+0x126/0x1a0
[ 181.388196][ T7551] splice_direct_to_actor+0x369/0x970
[ 181.393581][ T7551] ? generic_pipe_buf_nosteal+0x10/0x10
[ 181.399127][ T7551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 181.405363][ T7551] ? do_splice_to+0x190/0x190
[ 181.410038][ T7551] ? rw_verify_area+0x118/0x360
[ 181.414888][ T7551] do_splice_direct+0x1da/0x2a0
[ 181.419735][ T7551] ? splice_direct_to_actor+0x970/0x970
[ 181.425281][ T7551] ? rw_verify_area+0x118/0x360
[ 181.430133][ T7551] do_sendfile+0x597/0xd00
[ 181.434557][ T7551] ? do_compat_pwritev64+0x1c0/0x1c0
[ 181.439841][ T7551] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 181.446080][ T7551] ? put_timespec64+0xda/0x140
[ 181.450847][ T7551] __x64_sys_sendfile64+0x1dd/0x220
[ 181.456041][ T7551] ? __ia32_sys_sendfile+0x230/0x230
[ 181.461328][ T7551] ? do_syscall_64+0x26/0x610
[ 181.466003][ T7551] ? lockdep_hardirqs_on+0x418/0x5d0
[ 181.471298][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 181.476321][ T7551] do_syscall_64+0x103/0x610
[ 181.480916][ T7551] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 181.486805][ T7551] RIP: 0033:0x457e29
[ 181.490700][ T7551] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 181.510303][ T7551] RSP: 002b:00007f00d6aa8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 181.518712][ T7551] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457e29
[ 181.526678][ T7551] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 181.534663][ T7551] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 181.542633][ T7551] R10: 0000000000080005 R11: 0000000000000246 R12: 00007f00d6aa96d4
[ 181.550599][ T7551] R13: 00000000004c4dce R14: 00000000004d8af8 R15: 00000000ffffffff
[ 181.561718][ T7551] BUG: Bad page state in process syz-executor.3 pfn:752c6
[ 181.573738][ T7551] page:ffffea0001d4b180 count:0 mapcount:0 mapping:ffff8880911c4820 index:0xc
[ 181.582793][ T7551] shmem_aops
[ 181.582798][ T7551] name:"memfd:}#*nodevem2N,"
[ 181.588368][ T7551] flags: 0x1fffc000008000c(uptodate|dirty|swapbacked)
[ 181.600009][ T7551] raw: 01fffc000008000c dead000000000100 dead000000000200 ffff8880911c4820
[ 181.610882][ T7551] raw: 000000000000000c 0000000000000000 00000000ffffffff 0000000000000000
[ 181.619613][ T7551] page dumped because: non-NULL mapping
[ 181.625146][ T7551] Modules linked in:
[ 181.631386][ T7551] CPU: 1 PID: 7551 Comm: syz-executor.3 Tainted: G B 5.0.0-rc7-next-20190222 #41
[ 181.641879][ T7551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 181.651925][ T7551] Call Trace:
[ 181.655232][ T7551] dump_stack+0x172/0x1f0
[ 181.659566][ T7551] bad_page.cold+0xda/0xff
[ 181.663983][ T7551] ? si_mem_available+0x320/0x320
[ 181.669006][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 181.674029][ T7551] ? kasan_check_read+0x11/0x20
[ 181.678882][ T7551] free_pages_check_bad+0x142/0x1a0
[ 181.684080][ T7551] free_unref_page+0x3c6/0x600
[ 181.688841][ T7551] __put_page+0x8d/0xd0
[ 181.692995][ T7551] page_cache_pipe_buf_release+0x12b/0x180
[ 181.698801][ T7551] iter_file_splice_write+0x7d1/0xbe0
[ 181.704170][ T7551] ? atime_needs_update+0x5f0/0x5f0
[ 181.709393][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 181.715381][ T7551] ? rw_verify_area+0x118/0x360
[ 181.720243][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 181.726236][ T7551] direct_splice_actor+0x126/0x1a0
[ 181.731345][ T7551] splice_direct_to_actor+0x369/0x970
[ 181.736713][ T7551] ? generic_pipe_buf_nosteal+0x10/0x10
[ 181.742263][ T7551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 181.748499][ T7551] ? do_splice_to+0x190/0x190
[ 181.753173][ T7551] ? rw_verify_area+0x118/0x360
[ 181.758036][ T7551] do_splice_direct+0x1da/0x2a0
[ 181.762888][ T7551] ? splice_direct_to_actor+0x970/0x970
[ 181.768435][ T7551] ? rw_verify_area+0x118/0x360
[ 181.773283][ T7551] do_sendfile+0x597/0xd00
[ 181.777704][ T7551] ? do_compat_pwritev64+0x1c0/0x1c0
[ 181.782987][ T7551] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 181.789246][ T7551] ? put_timespec64+0xda/0x140
[ 181.794014][ T7551] __x64_sys_sendfile64+0x1dd/0x220
[ 181.799223][ T7551] ? __ia32_sys_sendfile+0x230/0x230
[ 181.804505][ T7551] ? do_syscall_64+0x26/0x610
[ 181.809199][ T7551] ? lockdep_hardirqs_on+0x418/0x5d0
[ 181.814485][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 181.819509][ T7551] do_syscall_64+0x103/0x610
[ 181.824106][ T7551] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 181.829999][ T7551] RIP: 0033:0x457e29
[ 181.833895][ T7551] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 181.853491][ T7551] RSP: 002b:00007f00d6aa8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 181.861897][ T7551] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457e29
[ 181.869861][ T7551] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 181.877828][ T7551] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 181.885793][ T7551] R10: 0000000000080005 R11: 0000000000000246 R12: 00007f00d6aa96d4
[ 181.893764][ T7551] R13: 00000000004c4dce R14: 00000000004d8af8 R15: 00000000ffffffff
[ 181.907958][ T7551] BUG: Bad page state in process syz-executor.3 pfn:752cb
[ 181.915163][ T7551] page:ffffea0001d4b2c0 count:0 mapcount:0 mapping:ffff8880911c4820 index:0xd
[ 181.925668][ T7551] shmem_aops
[ 181.925673][ T7551] name:"memfd:}#*nodevem2N,"
[ 181.929828][ T7551] flags: 0x1fffc000008000c(uptodate|dirty|swapbacked)
[ 181.942846][ T7551] raw: 01fffc000008000c dead000000000100 dead000000000200 ffff8880911c4820
[ 181.952499][ T7551] raw: 000000000000000d 0000000000000000 00000000ffffffff 0000000000000000
[ 181.962670][ T7551] page dumped because: non-NULL mapping
[ 181.968994][ T7551] Modules linked in:
[ 181.972907][ T7551] CPU: 0 PID: 7551 Comm: syz-executor.3 Tainted: G B 5.0.0-rc7-next-20190222 #41
[ 181.983301][ T7551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 181.993346][ T7551] Call Trace:
[ 181.996638][ T7551] dump_stack+0x172/0x1f0
[ 182.000967][ T7551] bad_page.cold+0xda/0xff
[ 182.005383][ T7551] ? si_mem_available+0x320/0x320
[ 182.010404][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 182.015435][ T7551] ? kasan_check_read+0x11/0x20
[ 182.020290][ T7551] free_pages_check_bad+0x142/0x1a0
[ 182.025487][ T7551] free_unref_page+0x3c6/0x600
[ 182.030255][ T7551] __put_page+0x8d/0xd0
[ 182.034409][ T7551] page_cache_pipe_buf_release+0x12b/0x180
[ 182.040219][ T7551] iter_file_splice_write+0x7d1/0xbe0
[ 182.045587][ T7551] ? atime_needs_update+0x5f0/0x5f0
[ 182.050793][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 182.056780][ T7551] ? rw_verify_area+0x118/0x360
[ 182.061628][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 182.067602][ T7551] direct_splice_actor+0x126/0x1a0
[ 182.072715][ T7551] splice_direct_to_actor+0x369/0x970
[ 182.078089][ T7551] ? generic_pipe_buf_nosteal+0x10/0x10
[ 182.083635][ T7551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 182.089870][ T7551] ? do_splice_to+0x190/0x190
[ 182.094547][ T7551] ? rw_verify_area+0x118/0x360
[ 182.099904][ T7551] do_splice_direct+0x1da/0x2a0
[ 182.104752][ T7551] ? splice_direct_to_actor+0x970/0x970
[ 182.110304][ T7551] ? rw_verify_area+0x118/0x360
[ 182.115165][ T7551] do_sendfile+0x597/0xd00
[ 182.119590][ T7551] ? do_compat_pwritev64+0x1c0/0x1c0
[ 182.124879][ T7551] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 182.131118][ T7551] ? put_timespec64+0xda/0x140
[ 182.135900][ T7551] __x64_sys_sendfile64+0x1dd/0x220
[ 182.141096][ T7551] ? __ia32_sys_sendfile+0x230/0x230
[ 182.146378][ T7551] ? do_syscall_64+0x26/0x610
[ 182.151058][ T7551] ? lockdep_hardirqs_on+0x418/0x5d0
[ 182.156347][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 182.161371][ T7551] do_syscall_64+0x103/0x610
[ 182.165964][ T7551] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 182.171854][ T7551] RIP: 0033:0x457e29
[ 182.175747][ T7551] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 182.195347][ T7551] RSP: 002b:00007f00d6aa8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 182.203757][ T7551] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457e29
[ 182.211722][ T7551] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 182.219693][ T7551] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 182.227669][ T7551] R10: 0000000000080005 R11: 0000000000000246 R12: 00007f00d6aa96d4
[ 182.235635][ T7551] R13: 00000000004c4dce R14: 00000000004d8af8 R15: 00000000ffffffff
[ 182.247233][ T7551] BUG: Bad page state in process syz-executor.3 pfn:752c7
[ 182.254434][ T7551] page:ffffea0001d4b1c0 count:0 mapcount:0 mapping:ffff8880911c4820 index:0xe
[ 182.265350][ T7551] shmem_aops
[ 182.265355][ T7551] name:"memfd:}#*nodevem2N,"
[ 182.270718][ T7551] flags: 0x1fffc000008000c(uptodate|dirty|swapbacked)
[ 182.284165][ T7551] raw: 01fffc000008000c dead000000000100 dead000000000200 ffff8880911c4820
[ 182.293291][ T7551] raw: 000000000000000e 0000000000000000 00000000ffffffff 0000000000000000
[ 182.303789][ T7551] page dumped because: non-NULL mapping
[ 182.309852][ T7551] Modules linked in:
[ 182.313757][ T7551] CPU: 0 PID: 7551 Comm: syz-executor.3 Tainted: G B 5.0.0-rc7-next-20190222 #41
[ 182.324169][ T7551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 182.334215][ T7551] Call Trace:
[ 182.337506][ T7551] dump_stack+0x172/0x1f0
[ 182.341837][ T7551] bad_page.cold+0xda/0xff
[ 182.346255][ T7551] ? si_mem_available+0x320/0x320
[ 182.351275][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 182.356301][ T7551] ? kasan_check_read+0x11/0x20
[ 182.361166][ T7551] free_pages_check_bad+0x142/0x1a0
[ 182.366362][ T7551] free_unref_page+0x3c6/0x600
[ 182.371125][ T7551] __put_page+0x8d/0xd0
[ 182.375300][ T7551] page_cache_pipe_buf_release+0x12b/0x180
[ 182.381102][ T7551] iter_file_splice_write+0x7d1/0xbe0
[ 182.386490][ T7551] ? atime_needs_update+0x5f0/0x5f0
[ 182.391693][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 182.397683][ T7551] ? rw_verify_area+0x118/0x360
[ 182.402534][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 182.408512][ T7551] direct_splice_actor+0x126/0x1a0
[ 182.413625][ T7551] splice_direct_to_actor+0x369/0x970
[ 182.418997][ T7551] ? generic_pipe_buf_nosteal+0x10/0x10
[ 182.424541][ T7551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 182.430775][ T7551] ? do_splice_to+0x190/0x190
[ 182.435454][ T7551] ? rw_verify_area+0x118/0x360
[ 182.440304][ T7551] do_splice_direct+0x1da/0x2a0
[ 182.445166][ T7551] ? splice_direct_to_actor+0x970/0x970
[ 182.450712][ T7551] ? rw_verify_area+0x118/0x360
[ 182.455562][ T7551] do_sendfile+0x597/0xd00
[ 182.459984][ T7551] ? do_compat_pwritev64+0x1c0/0x1c0
[ 182.465264][ T7551] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 182.471505][ T7551] ? put_timespec64+0xda/0x140
[ 182.476271][ T7551] __x64_sys_sendfile64+0x1dd/0x220
[ 182.481468][ T7551] ? __ia32_sys_sendfile+0x230/0x230
[ 182.486749][ T7551] ? do_syscall_64+0x26/0x610
[ 182.491424][ T7551] ? lockdep_hardirqs_on+0x418/0x5d0
[ 182.496710][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 182.501735][ T7551] do_syscall_64+0x103/0x610
[ 182.506327][ T7551] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 182.512215][ T7551] RIP: 0033:0x457e29
[ 182.516108][ T7551] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 182.535724][ T7551] RSP: 002b:00007f00d6aa8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 182.544150][ T7551] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457e29
[ 182.552134][ T7551] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 182.560105][ T7551] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 182.568092][ T7551] R10: 0000000000080005 R11: 0000000000000246 R12: 00007f00d6aa96d4
[ 182.576074][ T7551] R13: 00000000004c4dce R14: 00000000004d8af8 R15: 00000000ffffffff
[ 182.589487][ T7551] BUG: Bad page state in process syz-executor.3 pfn:752f4
[ 182.598150][ T7551] page:ffffea0001d4bd00 count:0 mapcount:0 mapping:ffff8880911c4820 index:0xf
[ 182.607930][ T7551] shmem_aops
[ 182.607935][ T7551] name:"memfd:}#*nodevem2N,"
[ 182.611225][ T7551] flags: 0x1fffc000008000c(uptodate|dirty|swapbacked)
[ 182.624264][ T7551] raw: 01fffc000008000c dead000000000100 dead000000000200 ffff8880911c4820
[ 182.633727][ T7551] raw: 000000000000000f 0000000000000000 00000000ffffffff 0000000000000000
[ 182.643855][ T7551] page dumped because: non-NULL mapping
[ 182.650299][ T7551] Modules linked in:
[ 182.654203][ T7551] CPU: 0 PID: 7551 Comm: syz-executor.3 Tainted: G B 5.0.0-rc7-next-20190222 #41
[ 182.664598][ T7551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 182.674647][ T7551] Call Trace:
[ 182.677935][ T7551] dump_stack+0x172/0x1f0
[ 182.682271][ T7551] bad_page.cold+0xda/0xff
[ 182.686686][ T7551] ? si_mem_available+0x320/0x320
[ 182.691714][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 182.696735][ T7551] ? kasan_check_read+0x11/0x20
[ 182.701583][ T7551] free_pages_check_bad+0x142/0x1a0
[ 182.706783][ T7551] free_unref_page+0x3c6/0x600
[ 182.711545][ T7551] __put_page+0x8d/0xd0
[ 182.715697][ T7551] page_cache_pipe_buf_release+0x12b/0x180
[ 182.721500][ T7551] iter_file_splice_write+0x7d1/0xbe0
[ 182.726872][ T7551] ? atime_needs_update+0x5f0/0x5f0
[ 182.732072][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 182.738070][ T7551] ? rw_verify_area+0x118/0x360
[ 182.742938][ T7551] ? page_cache_pipe_buf_confirm+0x2b0/0x2b0
[ 182.748914][ T7551] direct_splice_actor+0x126/0x1a0
[ 182.754024][ T7551] splice_direct_to_actor+0x369/0x970
[ 182.759398][ T7551] ? generic_pipe_buf_nosteal+0x10/0x10
[ 182.764946][ T7551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 182.771183][ T7551] ? do_splice_to+0x190/0x190
[ 182.775859][ T7551] ? rw_verify_area+0x118/0x360
[ 182.780708][ T7551] do_splice_direct+0x1da/0x2a0
[ 182.785559][ T7551] ? splice_direct_to_actor+0x970/0x970
[ 182.791119][ T7551] ? rw_verify_area+0x118/0x360
[ 182.795972][ T7551] do_sendfile+0x597/0xd00
[ 182.800395][ T7551] ? do_compat_pwritev64+0x1c0/0x1c0
[ 182.805675][ T7551] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 182.811909][ T7551] ? put_timespec64+0xda/0x140
[ 182.816679][ T7551] __x64_sys_sendfile64+0x1dd/0x220
[ 182.821879][ T7551] ? __ia32_sys_sendfile+0x230/0x230
[ 182.827164][ T7551] ? do_syscall_64+0x26/0x610
[ 182.831837][ T7551] ? lockdep_hardirqs_on+0x418/0x5d0
[ 182.837128][ T7551] ? trace_hardirqs_on+0x67/0x230
[ 182.842170][ T7551] do_syscall_64+0x103/0x610
[ 182.846763][ T7551] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 182.852646][ T7551] RIP: 0033:0x457e29
[ 182.856536][ T7551] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 182.876132][ T7551] RSP: 002b:00007f00d6aa8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 182.884542][ T7551] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457e29
[ 182.892507][ T7551] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 182.900480][ T7551] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 182.908446][ T7551] R10: 0000000000080005 R11: 0000000000000246 R12: 00007f00d6aa96d4
[ 182.916413][ T7551] R13: 00000000004c4dce R14: 00000000004d8af8 R15: 00000000ffffffff