[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   64.455853][   T26] kauditd_printk_skb: 7 callbacks suppressed
[   64.455863][   T26] audit: type=1800 audit(1568394908.715:29): pid=9632 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   64.492359][   T26] audit: type=1800 audit(1568394908.715:30): pid=9632 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.180' (ECDSA) to the list of known hosts.
syzkaller login: [  313.200571][ T9786] IPVS: ftp: loaded support on port[0] = 21
[  313.242294][ T9786] chnl_net:caif_netlink_parms(): no params data found
[  313.263752][ T9786] bridge0: port 1(bridge_slave_0) entered blocking state
[  313.271143][ T9786] bridge0: port 1(bridge_slave_0) entered disabled state
[  313.278833][ T9786] device bridge_slave_0 entered promiscuous mode
[  313.286019][ T9786] bridge0: port 2(bridge_slave_1) entered blocking state
[  313.293140][ T9786] bridge0: port 2(bridge_slave_1) entered disabled state
[  313.300642][ T9786] device bridge_slave_1 entered promiscuous mode
[  313.314179][ T9786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  313.324748][ T9786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  313.340692][ T9786] team0: Port device team_slave_0 added
[  313.347111][ T9786] team0: Port device team_slave_1 added
[  313.400274][ T9786] device hsr_slave_0 entered promiscuous mode
[  313.438871][ T9786] device hsr_slave_1 entered promiscuous mode
[  313.513367][ T9786] bridge0: port 2(bridge_slave_1) entered blocking state
[  313.520483][ T9786] bridge0: port 2(bridge_slave_1) entered forwarding state
[  313.527747][ T9786] bridge0: port 1(bridge_slave_0) entered blocking state
[  313.534907][ T9786] bridge0: port 1(bridge_slave_0) entered forwarding state
[  313.559453][ T9786] 8021q: adding VLAN 0 to HW filter on device bond0
[  313.570295][ T9788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  313.578257][ T9788] bridge0: port 1(bridge_slave_0) entered disabled state
[  313.586026][ T9788] bridge0: port 2(bridge_slave_1) entered disabled state
[  313.593646][ T9788] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  313.603602][ T9786] 8021q: adding VLAN 0 to HW filter on device team0
[  313.620271][ T9792] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  313.629208][ T9792] bridge0: port 1(bridge_slave_0) entered blocking state
[  313.636256][ T9792] bridge0: port 1(bridge_slave_0) entered forwarding state
[  313.643909][ T9792] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  313.652463][ T9792] bridge0: port 2(bridge_slave_1) entered blocking state
[  313.659518][ T9792] bridge0: port 2(bridge_slave_1) entered forwarding state
[  313.667440][ T9792] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  313.675843][ T9792] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  313.684329][ T9792] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  313.695574][ T9786] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  313.706099][ T9786] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
executing program
[  313.718131][ T9788] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  313.727044][ T9788] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  313.735289][ T9788] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  313.751528][ T9786] 8021q: adding VLAN 0 to HW filter on device batadv0
[  418.778482][    C1] rcu: INFO: rcu_preempt self-detected stall on CPU
[  418.785263][    C1] rcu: 	1-....: (1 GPs behind) idle=7ee/1/0x4000000000000002 softirq=9910/9911 fqs=5250 
[  418.795051][    C1] 	(t=10502 jiffies g=9225 q=202)
[  418.800156][    C1] NMI backtrace for cpu 1
[  418.804472][    C1] CPU: 1 PID: 9786 Comm: syz-executor462 Not tainted 5.3.0-rc8+ #0
[  418.812507][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  418.822551][    C1] Call Trace:
[  418.825821][    C1]  <IRQ>
[  418.828793][    C1]  dump_stack+0x172/0x1f0
[  418.833272][    C1]  nmi_cpu_backtrace.cold+0x70/0xb2
[  418.838464][    C1]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  418.844725][    C1]  ? lapic_can_unplug_cpu.cold+0x45/0x45
[  418.850350][    C1]  nmi_trigger_cpumask_backtrace+0x23b/0x28b
[  418.856434][    C1]  arch_trigger_cpumask_backtrace+0x14/0x20
[  418.862411][    C1]  rcu_dump_cpu_stacks+0x183/0x1cf
[  418.867545][    C1]  ? find_next_bit+0x107/0x130
[  418.872299][    C1]  rcu_sched_clock_irq.cold+0x4dd/0xc13
[  418.877836][    C1]  ? raise_softirq+0x138/0x340
[  418.882594][    C1]  update_process_times+0x32/0x80
[  418.887698][    C1]  tick_sched_handle+0xa2/0x190
[  418.892573][    C1]  tick_sched_timer+0x53/0x140
[  418.897334][    C1]  __hrtimer_run_queues+0x364/0xe40
[  418.902746][    C1]  ? tick_sched_do_timer+0x1b0/0x1b0
[  418.908039][    C1]  ? hrtimer_start_range_ns+0xcb0/0xcb0
[  418.913584][    C1]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  418.919293][    C1]  ? ktime_get_update_offsets_now+0x2d3/0x440
[  418.925352][    C1]  hrtimer_interrupt+0x314/0x770
[  418.930370][    C1]  smp_apic_timer_interrupt+0x160/0x610
[  418.935913][    C1]  apic_timer_interrupt+0xf/0x20
[  418.940882][    C1]  </IRQ>
[  418.943816][    C1] RIP: 0010:__list_add_valid+0x13/0xa0
[  418.949303][    C1] Code: 03 e9 87 fe ff ff e8 6c 48 6e fe eb 9e 90 90 90 90 90 90 90 90 90 90 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 41 55 49 89 fd <48> 8d 7a 08 41 54 49 89 d4 48 89 fa 48 83 ec 08 48 c1 ea 03 80 3c
[  418.968987][    C1] RSP: 0018:ffff8880a989f320 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[  418.977396][    C1] RAX: dffffc0000000000 RBX: ffff8880921e4bf8 RCX: ffffffff85c66051
[  418.985359][    C1] RDX: ffff8880921e4c90 RSI: ffff8880921e4c90 RDI: ffff8880921e4bf8
[  418.993447][    C1] RBP: ffff8880a989f328 R08: ffff88808bd68480 R09: 0000000000000000
[  419.001412][    C1] R10: fffffbfff134afaf R11: ffff88808bd68480 R12: dffffc0000000000
[  419.009422][    C1] R13: ffff8880921e4bf8 R14: ffff8880921e4c98 R15: ffff8880921e4c90
[  419.017446][    C1]  ? hhf_dequeue+0x5d1/0xa20
[  419.022076][    C1]  hhf_dequeue+0x66d/0xa20
[  419.026528][    C1]  __qdisc_run+0x1e7/0x19d0
[  419.031083][    C1]  ? dev_queue_xmit+0x18/0x20
[  419.035759][    C1]  __dev_queue_xmit+0x16f1/0x3650
[  419.040907][    C1]  ? netlink_sendmsg+0x8a5/0xd60
[  419.045843][    C1]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  419.052077][    C1]  ? netdev_core_pick_tx+0x2f0/0x2f0
[  419.057402][    C1]  ? __copy_skb_header+0x2e8/0x550
[  419.062687][    C1]  ? __skb_checksum_complete+0x3f0/0x3f0
[  419.068323][    C1]  ? kasan_slab_alloc+0xf/0x20
[  419.073221][    C1]  ? __kasan_check_write+0x14/0x20
[  419.078382][    C1]  ? __skb_clone+0x5c8/0x820
[  419.083020][    C1]  dev_queue_xmit+0x18/0x20
[  419.087560][    C1]  ? dev_queue_xmit+0x18/0x20
[  419.092233][    C1]  netlink_deliver_tap+0x8e2/0xbf0
[  419.097334][    C1]  __netlink_sendskb+0x62/0xc0
[  419.102090][    C1]  netlink_unicast+0x60a/0x710
[  419.106852][    C1]  ? netlink_attachskb+0x7c0/0x7c0
[  419.111962][    C1]  netlink_ack+0x63f/0xb30
[  419.116376][    C1]  ? netlink_sendmsg+0xd60/0xd60
[  419.121307][    C1]  ? __copy_skb_header+0x250/0x550
[  419.126416][    C1]  netlink_rcv_skb+0x376/0x450
[  419.131232][    C1]  ? rtnetlink_put_metrics+0x580/0x580
[  419.136688][    C1]  ? netlink_ack+0xb30/0xb30
[  419.141271][    C1]  ? netlink_deliver_tap+0x254/0xbf0
[  419.146553][    C1]  rtnetlink_rcv+0x1d/0x30
[  419.150960][    C1]  netlink_unicast+0x531/0x710
[  419.155720][    C1]  ? netlink_attachskb+0x7c0/0x7c0
[  419.160828][    C1]  ? _copy_from_iter_full+0x25d/0x8a0
[  419.166197][    C1]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  419.171932][    C1]  ? __check_object_size+0x3d/0x437
[  419.177137][    C1]  netlink_sendmsg+0x8a5/0xd60
[  419.181900][    C1]  ? netlink_unicast+0x710/0x710
[  419.186835][    C1]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  419.192378][    C1]  ? apparmor_socket_sendmsg+0x2a/0x30
[  419.197828][    C1]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  419.204059][    C1]  ? security_socket_sendmsg+0x8d/0xc0
[  419.209506][    C1]  ? netlink_unicast+0x710/0x710
[  419.214489][    C1]  sock_sendmsg+0xd7/0x130
[  419.219032][    C1]  ___sys_sendmsg+0x803/0x920
[  419.223888][    C1]  ? copy_msghdr_from_user+0x440/0x440
[  419.229346][    C1]  ? _copy_to_user+0x118/0x160
[  419.234110][    C1]  ? __might_fault+0x12b/0x1e0
[  419.238922][    C1]  ? __kasan_check_read+0x11/0x20
[  419.243941][    C1]  ? lock_downgrade+0x920/0x920
[  419.248780][    C1]  ? __might_fault+0xfb/0x1e0
[  419.253454][    C1]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  419.259765][    C1]  ? __fget_light+0x1a9/0x230
[  419.264432][    C1]  ? __fdget+0x1b/0x20
[  419.268492][    C1]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  419.274819][    C1]  __sys_sendmsg+0x105/0x1d0
[  419.279403][    C1]  ? __sys_sendmsg_sock+0xd0/0xd0
[  419.284415][    C1]  ? up_read+0x159/0x570
[  419.288658][    C1]  ? security_file_ioctl+0x8d/0xc0
[  419.293769][    C1]  ? entry_SYSENTER_compat+0x68/0x7f
[  419.299092][    C1]  __ia32_compat_sys_sendmsg+0x7a/0xb0
[  419.304547][    C1]  do_fast_syscall_32+0x27b/0xdb3
[  419.309561][    C1]  entry_SYSENTER_compat+0x70/0x7f
[  419.314665][    C1] RIP: 0023:0xf7f18a29
[  419.318728][    C1] Code: b8 80 96 98 00 eb cc 8b 04 24 c3 8b 1c 24 c3 8b 34 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  419.338441][    C1] RSP: 002b:00000000ffc789cc EFLAGS: 00000202 ORIG_RAX: 0000000000000172
[  419.346846][    C1] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000240
[  419.354829][    C1] RDX: 0000000000000000 RSI: 00000000f7f1828c RDI: 0000000000000004
[  419.362795][    C1] RBP: 00000000569fb018 R08: 0000000000000000 R09: 0000000000000000
[  419.370755][    C1] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  419.378719][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  419.389640][ T2956] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 1-... } 10515 jiffies s: 109 root: 0x2/.
[  419.401258][ T2956] rcu: blocking rcu_node structures:
[  419.406543][ T2956] Task dump for CPU 1:
[  419.410744][ T2956] syz-executor462 R  running task    24272  9786   9785 0xa002400a
[  419.418758][ T2956] Call Trace:
[  419.422056][ T2956]  ? trace_hardirqs_off+0x62/0x240
[  419.427178][ T2956]  ? __kasan_check_read+0x11/0x20
[  419.432312][ T2956]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  419.438134][ T2956]  ? stack_depot_save+0x25a/0x45c
[  419.443293][ T2956]  ? is_bpf_text_address+0xac/0x170
[  419.448579][ T2956]  ? __kasan_check_read+0x11/0x20
[  419.453611][ T2956]  ? lock_downgrade+0x920/0x920
[  419.458470][ T2956]  ? __bpf_address_lookup+0x310/0x310
[  419.463973][ T2956]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  419.469941][ T2956]  ? bpf_prog_kallsyms_find+0x50/0x2c0
[  419.475411][ T2956]  ? is_bpf_text_address+0xd3/0x170
[  419.480779][ T2956]  ? kernel_text_address+0x73/0xf0
[  419.485897][ T2956]  ? stack_depot_save+0x25a/0x45c
[  419.491014][ T2956]  ? __kasan_check_read+0x11/0x20
[  419.496043][ T2956]  ? retint_kernel+0x2b/0x2b
[  419.500742][ T2956]  ? retint_kernel+0x2b/0x2b
[  419.505337][ T2956]  ? trace_hardirqs_on_caller+0x6a/0x240
[  419.511075][ T2956]  ? trace_hardirqs_on_thunk+0x1a/0x20
[  419.516571][ T2956]  ? __this_cpu_preempt_check+0x31/0x210
[  419.522340][ T2956]  ? __this_cpu_preempt_check+0x3a/0x210
[  419.527979][ T2956]  ? retint_kernel+0x2b/0x2b
[  419.532654][ T2956]  ? __this_cpu_preempt_check+0x3a/0x210
[  419.538375][ T2956]  ? retint_kernel+0x2b/0x2b
[  419.543091][ T2956]  ? hhf_dequeue+0xb9/0xa20
[  419.547600][ T2956]  ? hhf_dequeue+0x586/0xa20
[  419.552287][ T2956]  ? hhf_dequeue+0x679/0xa20
[  419.556987][ T2956]  ? hhf_dequeue+0x68b/0xa20
[  419.561694][ T2956]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  419.567956][ T2956]  ? hhf_dequeue+0x66d/0xa20
[  419.572649][ T2956]  ? __qdisc_run+0x1e7/0x19d0
[  419.577329][ T2956]  ? dev_queue_xmit+0x18/0x20
[  419.582144][ T2956]  ? __dev_queue_xmit+0x16f1/0x3650
[  419.587348][ T2956]  ? netlink_sendmsg+0x8a5/0xd60
[  419.592382][ T2956]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  419.598829][ T2956]  ? netdev_core_pick_tx+0x2f0/0x2f0
[  419.604120][ T2956]  ? __copy_skb_header+0x2e8/0x550
[  419.609323][ T2956]  ? __skb_checksum_complete+0x3f0/0x3f0
[  419.614961][ T2956]  ? kasan_slab_alloc+0xf/0x20
[  419.619867][ T2956]  ? __kasan_check_write+0x14/0x20
[  419.624983][ T2956]  ? __skb_clone+0x5c8/0x820
[  419.629661][ T2956]  ? dev_queue_xmit+0x18/0x20
[  419.634339][ T2956]  ? dev_queue_xmit+0x18/0x20
[  419.639144][ T2956]  ? netlink_deliver_tap+0x8e2/0xbf0
[  419.644444][ T2956]  ? __netlink_sendskb+0x62/0xc0
[  419.650863][ T2956]  ? netlink_unicast+0x60a/0x710
[  419.655809][ T2956]  ? netlink_attachskb+0x7c0/0x7c0
[  419.661218][ T2956]  ? netlink_ack+0x63f/0xb30
[  419.665898][ T2956]  ? netlink_sendmsg+0xd60/0xd60
[  419.670923][ T2956]  ? __copy_skb_header+0x250/0x550
[  419.676045][ T2956]  ? netlink_rcv_skb+0x376/0x450
[  419.681192][ T2956]  ? rtnetlink_put_metrics+0x580/0x580
[  419.686650][ T2956]  ? netlink_ack+0xb30/0xb30
[  419.691339][ T2956]  ? netlink_deliver_tap+0x254/0xbf0
[  419.696633][ T2956]  ? rtnetlink_rcv+0x1d/0x30
[  419.701342][ T2956]  ? netlink_unicast+0x531/0x710
[  419.706285][ T2956]  ? netlink_attachskb+0x7c0/0x7c0
[  419.711581][ T2956]  ? _copy_from_iter_full+0x25d/0x8a0
[  419.716959][ T2956]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  419.722802][ T2956]  ? __check_object_size+0x3d/0x437
[  419.728022][ T2956]  ? netlink_sendmsg+0x8a5/0xd60
[  419.733168][ T2956]  ? netlink_unicast+0x710/0x710
[  419.738114][ T2956]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  419.743788][ T2956]  ? apparmor_socket_sendmsg+0x2a/0x30
[  419.749328][ T2956]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  419.755571][ T2956]  ? security_socket_sendmsg+0x8d/0xc0
[  419.761158][ T2956]  ? netlink_unicast+0x710/0x710
[  419.766109][ T2956]  ? sock_sendmsg+0xd7/0x130
[  419.770797][ T2956]  ? ___sys_sendmsg+0x803/0x920
[  419.775768][ T2956]  ? copy_msghdr_from_user+0x440/0x440
[  419.781345][ T2956]  ? _copy_to_user+0x118/0x160
[  419.786116][ T2956]  ? __might_fault+0x12b/0x1e0
[  419.790964][ T2956]  ? __kasan_check_read+0x11/0x20
[  419.795997][ T2956]  ? lock_downgrade+0x920/0x920
[  419.800970][ T2956]  ? __might_fault+0xfb/0x1e0
[  419.805656][ T2956]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  419.811977][ T2956]  ? __fget_light+0x1a9/0x230
[  419.816658][ T2956]  ? __fdget+0x1b/0x20
[  419.820851][ T2956]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  419.827098][ T2956]  ? __sys_sendmsg+0x105/0x1d0
[  419.835714][ T2956]  ? __sys_sendmsg_sock+0xd0/0xd0
[  419.840825][ T2956]  ? up_read+0x159/0x570
[  419.845075][ T2956]  ? security_file_ioctl+0x8d/0xc0
[  419.850274][ T2956]  ? entry_SYSENTER_compat+0x68/0x7f
[  419.855654][ T2956]  ? __ia32_compat_sys_sendmsg+0x7a/0xb0
[  419.861417][ T2956]  ? do_fast_syscall_32+0x27b/0xdb3
[  419.866619][ T2956]  ? entry_SYSENTER_compat+0x70/0x7f