Warning: Permanently added '10.128.1.54' (ECDSA) to the list of known hosts. syzkaller login: [ 255.522296] kauditd_printk_skb: 2 callbacks suppressed [ 255.522312] audit: type=1400 audit(1567878864.844:36): avc: denied { map } for pid=7616 comm="syz-executor843" path="/root/syz-executor843547734" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 255.548291] IPVS: ftp: loaded support on port[0] = 21 [ 255.620125] chnl_net:caif_netlink_parms(): no params data found [ 255.655384] bridge0: port 1(bridge_slave_0) entered blocking state [ 255.662254] bridge0: port 1(bridge_slave_0) entered disabled state [ 255.669791] device bridge_slave_0 entered promiscuous mode [ 255.678147] bridge0: port 2(bridge_slave_1) entered blocking state [ 255.684623] bridge0: port 2(bridge_slave_1) entered disabled state [ 255.691871] device bridge_slave_1 entered promiscuous mode [ 255.709379] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 255.718753] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 255.735957] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 255.745113] team0: Port device team_slave_0 added [ 255.751025] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 255.758506] team0: Port device team_slave_1 added [ 255.764050] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 255.771424] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 255.826207] device hsr_slave_0 entered promiscuous mode [ 255.893660] device hsr_slave_1 entered promiscuous mode [ 255.964795] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 255.972735] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 255.987863] bridge0: port 2(bridge_slave_1) entered blocking state [ 255.994406] bridge0: port 2(bridge_slave_1) entered forwarding state [ 256.001431] bridge0: port 1(bridge_slave_0) entered blocking state [ 256.007982] bridge0: port 1(bridge_slave_0) entered forwarding state [ 256.040268] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 256.048137] 8021q: adding VLAN 0 to HW filter on device bond0 [ 256.057166] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 256.066114] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 256.075593] bridge0: port 1(bridge_slave_0) entered disabled state [ 256.083188] bridge0: port 2(bridge_slave_1) entered disabled state [ 256.091320] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 256.102600] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 256.109440] 8021q: adding VLAN 0 to HW filter on device team0 [ 256.119080] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 256.126988] bridge0: port 1(bridge_slave_0) entered blocking state [ 256.133405] bridge0: port 1(bridge_slave_0) entered forwarding state [ 256.142876] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 256.150803] bridge0: port 2(bridge_slave_1) entered blocking state [ 256.157447] bridge0: port 2(bridge_slave_1) entered forwarding state [ 256.174124] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 256.182065] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 256.190542] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 256.199765] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 256.211533] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 256.222992] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 256.230582] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready executing program [ 256.238955] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 256.255896] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 256.267822] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 361.323237] rcu: INFO: rcu_preempt self-detected stall on CPU [ 361.329556] rcu: 1-...!: (10500 ticks this GP) idle=9fe/1/0x4000000000000002 softirq=20142/20142 fqs=0 [ 361.339370] rcu: (t=10500 jiffies g=5301 q=16) [ 361.344128] rcu: rcu_preempt kthread starved for 10500 jiffies! g5301 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1 [ 361.354775] rcu: RCU grace-period kthread stack dump: [ 361.359959] rcu_preempt I29624 10 2 0x80000000 [ 361.365642] Call Trace: [ 361.368341] __schedule+0x866/0x1dc0 [ 361.372055] ? pci_mmcfg_check_reserved+0x170/0x170 [ 361.377064] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 361.382220] ? lockdep_hardirqs_on+0x415/0x5d0 [ 361.386827] ? trace_hardirqs_on+0x67/0x220 [ 361.391149] schedule+0x92/0x1c0 [ 361.394507] schedule_timeout+0x4db/0xfc0 [ 361.398646] ? usleep_range+0x170/0x170 [ 361.402617] ? trace_hardirqs_on+0x67/0x220 [ 361.406955] ? kasan_check_read+0x11/0x20 [ 361.411204] ? __next_timer_interrupt+0x1a0/0x1a0 [ 361.416054] ? prepare_to_swait_exclusive+0x120/0x120 [ 361.421299] rcu_gp_kthread+0xd5c/0x2190 [ 361.425454] ? rcu_blocking_is_gp+0x90/0x90 [ 361.429786] ? trace_hardirqs_on+0x67/0x220 [ 361.434122] ? kasan_check_read+0x11/0x20 [ 361.438264] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 361.443400] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 361.449140] ? __kthread_parkme+0xfb/0x1b0 [ 361.453368] kthread+0x354/0x420 [ 361.456723] ? rcu_blocking_is_gp+0x90/0x90 [ 361.461031] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 361.466557] ret_from_fork+0x24/0x30 [ 361.470295] NMI backtrace for cpu 1 [ 361.473911] CPU: 1 PID: 24 Comm: kworker/1:1 Not tainted 4.19.71 #0 [ 361.480317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 361.489735] Workqueue: ipv6_addrconf addrconf_dad_work [ 361.495000] Call Trace: [ 361.497568] [ 361.499764] dump_stack+0x172/0x1f0 [ 361.503394] nmi_cpu_backtrace.cold+0x63/0xa4 [ 361.507919] ? lapic_can_unplug_cpu.cold+0x45/0x45 [ 361.512840] nmi_trigger_cpumask_backtrace+0x1b0/0x1f8 [ 361.518127] arch_trigger_cpumask_backtrace+0x14/0x20 [ 361.523307] rcu_dump_cpu_stacks+0x189/0x1d5 [ 361.527740] ? wake_up_process+0x10/0x20 [ 361.531794] rcu_check_callbacks.cold+0x5e3/0xd90 [ 361.536650] ? trace_hardirqs_off+0x62/0x220 [ 361.541156] update_process_times+0x32/0x80 [ 361.545520] tick_sched_handle+0xa2/0x190 [ 361.549674] tick_sched_timer+0x47/0x130 [ 361.553740] __hrtimer_run_queues+0x33b/0xdc0 [ 361.558240] ? tick_sched_do_timer+0x1b0/0x1b0 [ 361.562832] ? hrtimer_fixup_activate+0x30/0x30 [ 361.567492] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 361.572590] ? ktime_get_update_offsets_now+0x2d3/0x440 [ 361.577960] hrtimer_interrupt+0x314/0x770 [ 361.582202] smp_apic_timer_interrupt+0x111/0x550 [ 361.587038] apic_timer_interrupt+0xf/0x20 [ 361.591270] [ 361.593501] RIP: 0010:__sanitizer_cov_trace_pc+0x26/0x50 [ 361.598957] Code: 90 90 90 90 55 48 89 e5 48 8b 75 08 65 48 8b 04 25 40 ee 01 00 65 8b 15 28 87 96 7e 81 e2 00 01 1f 00 75 2b 8b 90 d0 12 00 00 <83> fa 02 75 20 48 8b 88 d8 12 00 00 8b 80 d4 12 00 00 48 8b 11 48 [ 361.618200] RSP: 0018:ffff8880aa3e6de8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 361.625909] RAX: ffff8880aa3ce640 RBX: ffff888091c97db8 RCX: ffffffff858e8a2e [ 361.633190] RDX: 0000000000000000 RSI: ffffffff858e8421 RDI: ffff888091c97dc0 [ 361.640452] RBP: ffff8880aa3e6de8 R08: ffff8880aa3ce640 R09: 0000000000000009 [ 361.647709] R10: ffff8880aa3cf028 R11: 00000000df4e60ae R12: dffffc0000000000 [ 361.654965] R13: ffff888091c97b00 R14: ffff888091c97e58 R15: ffff888091c97e50 [ 361.662320] ? hhf_dequeue+0x65e/0xa00 [ 361.666202] ? hhf_dequeue+0x51/0xa00 [ 361.670005] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 361.675567] hhf_dequeue+0x51/0xa00 [ 361.679245] __qdisc_run+0x1e7/0x1960 [ 361.683096] __dev_queue_xmit+0x165c/0x2fe0 [ 361.687416] ? netdev_pick_tx+0x300/0x300 [ 361.691589] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 361.697244] ? br_nf_post_routing+0x780/0x12f0 [ 361.701855] ? br_forward_finish+0x235/0x400 [ 361.706360] ? find_held_lock+0x35/0x130 [ 361.710413] ? br_forward_finish+0x235/0x400 [ 361.714918] dev_queue_xmit+0x18/0x20 [ 361.718706] ? dev_queue_xmit+0x18/0x20 [ 361.722669] br_dev_queue_push_xmit+0x405/0x5d0 [ 361.727330] ? kasan_check_read+0x11/0x20 [ 361.731654] br_forward_finish+0xfa/0x400 [ 361.735799] ? br_dev_queue_push_xmit+0x5d0/0x5d0 [ 361.740641] ? br_fdb_add.cold+0x8a/0x8a [ 361.744692] ? kasan_check_read+0x11/0x20 [ 361.748831] __br_forward+0x647/0xb30 [ 361.752642] ? br_forward_finish+0x400/0x400 [ 361.757063] ? br_dev_queue_push_xmit+0x5d0/0x5d0 [ 361.761913] deliver_clone+0x61/0xc0 [ 361.765634] br_flood+0x4da/0x710 [ 361.769083] br_dev_xmit+0xeeb/0x1490 [ 361.772875] ? br_poll_controller+0x10/0x10 [ 361.777187] ? __lock_is_held+0xb6/0x140 [ 361.781418] dev_hard_start_xmit+0x1a5/0x980 [ 361.785904] ? check_preemption_disabled+0x48/0x290 [ 361.790932] __dev_queue_xmit+0x2704/0x2fe0 [ 361.795249] ? netdev_pick_tx+0x300/0x300 [ 361.799500] ? ip6_finish_output2+0xac0/0x2550 [ 361.804128] ? find_held_lock+0x35/0x130 [ 361.808190] ? ip6_finish_output2+0xb7f/0x2550 [ 361.812765] ? mark_held_locks+0xb1/0x100 [ 361.816921] dev_queue_xmit+0x18/0x20 [ 361.820891] ? dev_queue_xmit+0x18/0x20 [ 361.824899] neigh_resolve_output+0x5b7/0x980 [ 361.829478] ip6_finish_output2+0xb7f/0x2550 [ 361.833918] ? ip6_mtu+0x2e6/0x460 [ 361.837450] ? ip6_forward_finish+0x4d0/0x4d0 [ 361.841934] ? lock_downgrade+0x810/0x810 [ 361.846081] ? kasan_check_read+0x11/0x20 [ 361.850222] ip6_finish_output+0x574/0xbe0 [ 361.854453] ? ip6_finish_output+0x574/0xbe0 [ 361.858855] ip6_output+0x235/0x7c0 [ 361.862475] ? ip6_finish_output+0xbe0/0xbe0 [ 361.866877] ? ip6_fragment+0x3770/0x3770 [ 361.871022] ndisc_send_skb+0xf3b/0x1460 [ 361.875074] ? nf_hook.constprop.0+0x560/0x560 [ 361.879710] ? skb_set_owner_w+0x24c/0x360 [ 361.883935] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 361.888973] ndisc_send_ns+0x3a9/0x850 [ 361.892861] ? mark_held_locks+0xb1/0x100 [ 361.897011] ? ndisc_netdev_event+0x470/0x470 [ 361.901507] ? lockdep_hardirqs_on+0x415/0x5d0 [ 361.906101] ? addrconf_dad_work+0xac4/0x1150 [ 361.910586] ? trace_hardirqs_on+0x67/0x220 [ 361.914895] ? addrconf_dad_work+0xac4/0x1150 [ 361.919470] addrconf_dad_work+0xb88/0x1150 [ 361.923783] ? addrconf_dad_completed+0xbb0/0xbb0 [ 361.928627] process_one_work+0x989/0x1750 [ 361.932854] ? pwq_dec_nr_in_flight+0x320/0x320 [ 361.937517] ? lock_acquire+0x16f/0x3f0 [ 361.941483] ? kasan_check_write+0x14/0x20 [ 361.945734] ? do_raw_spin_lock+0xc8/0x240 [ 361.949970] worker_thread+0x98/0xe40 [ 361.953772] ? trace_hardirqs_on+0x67/0x220 [ 361.958180] kthread+0x354/0x420 [ 361.961535] ? process_one_work+0x1750/0x1750 [ 361.966022] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 361.971559] ret_from_fork+0x24/0x30