[   42.081016][   T25] audit: type=1800 audit(1575368222.566:26): pid=8016 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   42.102577][   T25] audit: type=1800 audit(1575368222.566:27): pid=8016 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[   42.102596][   T25] audit: type=1800 audit(1575368222.566:28): pid=8016 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   42.948327][   T25] audit: type=1800 audit(1575368223.446:29): pid=8016 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.224' (ECDSA) to the list of known hosts.
2019/12/03 10:17:13 fuzzer started
2019/12/03 10:17:15 dialing manager at 10.128.0.26:38907
2019/12/03 10:17:15 syscalls: 2697
2019/12/03 10:17:15 code coverage: enabled
2019/12/03 10:17:15 comparison tracing: enabled
2019/12/03 10:17:15 extra coverage: extra coverage is not supported by the kernel
2019/12/03 10:17:15 setuid sandbox: enabled
2019/12/03 10:17:15 namespace sandbox: enabled
2019/12/03 10:17:15 Android sandbox: /sys/fs/selinux/policy does not exist
2019/12/03 10:17:15 fault injection: enabled
2019/12/03 10:17:15 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/12/03 10:17:15 net packet injection: enabled
2019/12/03 10:17:15 net device setup: enabled
2019/12/03 10:17:15 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2019/12/03 10:17:15 devlink PCI setup: PCI device 0000:00:10.0 is not available
10:17:16 executing program 0:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0, 0xfffffffffffffde8}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b52d9e5f755563698c7e24ab61f0866f15da7f48295eb100000000000000075d2dd15b6210d53eed19bc0080000033270c6a98d91c22def1125d7b1e821039a85ad8b91cea336a1b57f45a0788e3aba04551e4a522e15c7ce71553059a5ef83c2ab06a52fcfce7c467c7e6260464a4770e41f0fa8ae7891e20e1780931f3faf450b02b83048c1a9efa4a7c790000cbdd7bcd17db6d80a0b70ce886da58743a43df1059f6ef39a8b6fa", 0x135}], 0x100000000000011e, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

10:17:16 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = socket(0xa, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0xa)
setreuid(0x0, r2)
r3 = fcntl$dupfd(r0, 0x0, r0)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, 0x0)
bind$bt_rfcomm(r3, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)

syzkaller login: [   56.227150][ T8184] IPVS: ftp: loaded support on port[0] = 21
10:17:16 executing program 2:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="1c00000007ffff0f00fb36b7f08c169e6bb085a70e69"], 0x16)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@noextend='noextend'}]}})

[   56.384891][ T8184] chnl_net:caif_netlink_parms(): no params data found
[   56.404035][ T8187] IPVS: ftp: loaded support on port[0] = 21
[   56.473426][ T8184] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.483713][ T8184] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.492035][ T8184] device bridge_slave_0 entered promiscuous mode
[   56.512476][ T8184] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.521192][ T8184] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.529646][ T8184] device bridge_slave_1 entered promiscuous mode
[   56.616105][ T8187] chnl_net:caif_netlink_parms(): no params data found
[   56.631468][ T8191] IPVS: ftp: loaded support on port[0] = 21
[   56.640311][ T8184] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
10:17:17 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x9, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x61, 0x11, 0x10}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[   56.672791][ T8184] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   56.695075][ T8187] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.702296][ T8187] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.710154][ T8187] device bridge_slave_0 entered promiscuous mode
[   56.750155][ T8187] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.757245][ T8187] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.779546][ T8187] device bridge_slave_1 entered promiscuous mode
[   56.819847][ T8184] team0: Port device team_slave_0 added
[   56.828315][ T8184] team0: Port device team_slave_1 added
[   56.855150][ T8187] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   56.899180][ T8187] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
10:17:17 executing program 4:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$inet6_MRT6_DEL_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd3, &(0x7f0000000100)={{0xa, 0x0, 0x0, @dev}, {0xa, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}}}, 0x5c)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f0000000080), 0x72a, 0x0, 0x0)
write(r0, 0x0, 0x0)

[   56.942291][ T8184] device hsr_slave_0 entered promiscuous mode
[   56.999530][ T8184] device hsr_slave_1 entered promiscuous mode
[   57.087414][ T8193] IPVS: ftp: loaded support on port[0] = 21
[   57.169934][ T8187] team0: Port device team_slave_0 added
[   57.197433][ T8196] IPVS: ftp: loaded support on port[0] = 21
10:17:17 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/tcp\x00')
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
sendfile(r1, r0, 0x0, 0x80000005)

[   57.229861][ T8191] chnl_net:caif_netlink_parms(): no params data found
[   57.247182][ T8187] team0: Port device team_slave_1 added
[   57.306722][ T8184] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   57.352431][ T8184] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   57.423423][ T8184] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   57.492490][ T8184] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   57.560164][ T8198] IPVS: ftp: loaded support on port[0] = 21
[   57.602959][ T8187] device hsr_slave_0 entered promiscuous mode
[   57.659112][ T8187] device hsr_slave_1 entered promiscuous mode
[   57.718916][ T8187] debugfs: Directory 'hsr0' with parent '/' already present!
[   57.754165][ T8191] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.762388][ T8191] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.770179][ T8191] device bridge_slave_0 entered promiscuous mode
[   57.800861][ T8191] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.807935][ T8191] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.816098][ T8191] device bridge_slave_1 entered promiscuous mode
[   57.878030][ T8193] chnl_net:caif_netlink_parms(): no params data found
[   57.889271][ T8191] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   57.898470][ T8187] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   57.943382][ T8187] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   58.001647][ T8187] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   58.048379][ T8191] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.075911][ T8187] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   58.149451][ T8191] team0: Port device team_slave_0 added
[   58.192180][ T8191] team0: Port device team_slave_1 added
[   58.211838][ T8196] chnl_net:caif_netlink_parms(): no params data found
[   58.233407][ T8193] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.240643][ T8193] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.248241][ T8193] device bridge_slave_0 entered promiscuous mode
[   58.321460][ T8191] device hsr_slave_0 entered promiscuous mode
[   58.359174][ T8191] device hsr_slave_1 entered promiscuous mode
[   58.398824][ T8191] debugfs: Directory 'hsr0' with parent '/' already present!
[   58.424924][ T8193] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.432100][ T8193] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.439796][ T8193] device bridge_slave_1 entered promiscuous mode
[   58.477371][ T8193] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   58.524067][ T8196] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.532160][ T8196] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.540050][ T8196] device bridge_slave_0 entered promiscuous mode
[   58.547634][ T8196] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.554772][ T8196] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.564694][ T8196] device bridge_slave_1 entered promiscuous mode
[   58.577346][ T8193] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.588319][ T8191] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   58.657611][ T8191] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   58.726980][ T8196] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   58.749641][ T8193] team0: Port device team_slave_0 added
[   58.756890][ T8191] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   58.783161][ T8196] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.802308][ T8198] chnl_net:caif_netlink_parms(): no params data found
[   58.814025][ T8193] team0: Port device team_slave_1 added
[   58.821493][ T8187] 8021q: adding VLAN 0 to HW filter on device bond0
[   58.840406][ T8191] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   58.882264][ T8196] team0: Port device team_slave_0 added
[   58.951584][ T8193] device hsr_slave_0 entered promiscuous mode
[   59.009263][ T8193] device hsr_slave_1 entered promiscuous mode
[   59.048905][ T8193] debugfs: Directory 'hsr0' with parent '/' already present!
[   59.057801][ T8196] team0: Port device team_slave_1 added
[   59.122193][ T8196] device hsr_slave_0 entered promiscuous mode
[   59.169192][ T8196] device hsr_slave_1 entered promiscuous mode
[   59.209412][ T8196] debugfs: Directory 'hsr0' with parent '/' already present!
[   59.237981][ T8187] 8021q: adding VLAN 0 to HW filter on device team0
[   59.263840][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   59.272147][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   59.280975][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   59.290149][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   59.298504][ T8189] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.305742][ T8189] bridge0: port 1(bridge_slave_0) entered forwarding state
[   59.313904][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   59.323183][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   59.331528][ T8189] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.338542][ T8189] bridge0: port 2(bridge_slave_1) entered forwarding state
[   59.359664][ T8184] 8021q: adding VLAN 0 to HW filter on device bond0
[   59.384228][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   59.405452][ T8184] 8021q: adding VLAN 0 to HW filter on device team0
[   59.412396][ T8198] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.422261][ T8198] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.430277][ T8198] device bridge_slave_0 entered promiscuous mode
[   59.437700][ T8198] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.444830][ T8198] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.452583][ T8198] device bridge_slave_1 entered promiscuous mode
[   59.470810][ T8193] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   59.520724][ T3192] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   59.528463][ T3192] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   59.558344][ T8196] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   59.600502][ T8193] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   59.650672][ T3192] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   59.659676][ T3192] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   59.668078][ T3192] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.675210][ T3192] bridge0: port 1(bridge_slave_0) entered forwarding state
[   59.683474][ T3192] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   59.692330][ T3192] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   59.700750][ T3192] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.707778][ T3192] bridge0: port 2(bridge_slave_1) entered forwarding state
[   59.715344][ T3192] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   59.723803][ T3192] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   59.732393][ T3192] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   59.740814][ T3192] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   59.749205][ T3192] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   59.757515][ T3192] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   59.765826][ T3192] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   59.774645][ T3192] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   59.783674][ T3192] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   59.795578][ T8198] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   59.805264][ T8196] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   59.850213][ T8193] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   59.905853][ T8184] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   59.916536][ T8184] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   59.941670][ T8198] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   59.951268][ T8196] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   59.991252][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   60.000221][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   60.008912][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   60.017083][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   60.025353][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   60.033909][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   60.042521][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   60.051314][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   60.060281][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   60.068567][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   60.076238][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   60.083967][ T8193] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   60.164732][ T8196] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   60.253313][ T8204] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   60.260965][ T8204] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   60.268352][ T8204] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   60.277528][ T8204] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   60.294579][ T8198] team0: Port device team_slave_0 added
[   60.304856][ T8198] team0: Port device team_slave_1 added
[   60.313231][ T3192] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   60.321536][ T3192] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   60.332692][ T8184] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.341335][ T8187] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   60.363696][ T8191] 8021q: adding VLAN 0 to HW filter on device bond0
[   60.422302][ T8198] device hsr_slave_0 entered promiscuous mode
[   60.459412][ T8198] device hsr_slave_1 entered promiscuous mode
[   60.498954][ T8198] debugfs: Directory 'hsr0' with parent '/' already present!
[   60.520749][ T8191] 8021q: adding VLAN 0 to HW filter on device team0
[   60.543840][ T8204] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   60.562263][ T8204] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   60.570526][ T8204] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   60.577996][ T8204] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   60.589580][ T3192] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   60.598043][ T3192] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   60.611031][ T3192] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.618194][ T3192] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.628553][ T8187] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.658822][ T3192] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   60.667094][ T3192] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   60.680713][ T3192] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   60.701219][ T3192] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.708293][ T3192] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.747019][ T8196] 8021q: adding VLAN 0 to HW filter on device bond0
[  165.698683][    C0] rcu: INFO: rcu_preempt self-detected stall on CPU
[  165.705447][    C0] rcu: 	0-...!: (10499 ticks this GP) idle=aea/1/0x4000000000000002 softirq=11426/11428 fqs=2 
[  165.715920][    C0] 	(t=10501 jiffies g=6177 q=85)
[  165.720843][    C0] rcu: rcu_preempt kthread starved for 10498 jiffies! g6177 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  165.731924][    C0] rcu: RCU grace-period kthread stack dump:
[  165.737804][    C0] rcu_preempt     R  running task    29104    10      2 0x80004000
[  165.745687][    C0] Call Trace:
[  165.748979][    C0]  __schedule+0x9a0/0xcc0
[  165.753307][    C0]  schedule+0x181/0x210
[  165.757450][    C0]  schedule_timeout+0x14f/0x240
[  165.762286][    C0]  ? run_local_timers+0x120/0x120
[  165.767299][    C0]  rcu_gp_kthread+0xed8/0x1770
[  165.772070][    C0]  kthread+0x332/0x350
[  165.776121][    C0]  ? rcu_report_qs_rsp+0x140/0x140
[  165.781218][    C0]  ? kthread_blkcg+0xe0/0xe0
[  165.785805][    C0]  ret_from_fork+0x24/0x30
[  165.790221][    C0] NMI backtrace for cpu 0
[  165.794536][    C0] CPU: 0 PID: 8206 Comm: blkid Not tainted 5.4.0-syzkaller #0
[  165.801968][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  165.812011][    C0] Call Trace:
[  165.815293][    C0]  <IRQ>
[  165.818158][    C0]  dump_stack+0x1fb/0x318
[  165.822492][    C0]  nmi_cpu_backtrace+0xaf/0x1a0
[  165.827335][    C0]  ? nmi_trigger_cpumask_backtrace+0x16d/0x290
[  165.833499][    C0]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  165.839550][    C0]  nmi_trigger_cpumask_backtrace+0x174/0x290
[  165.845528][    C0]  arch_trigger_cpumask_backtrace+0x10/0x20
[  165.851424][    C0]  rcu_dump_cpu_stacks+0x15a/0x220
[  165.856526][    C0]  rcu_sched_clock_irq+0xe25/0x1ad0
[  165.861711][    C0]  ? trace_hardirqs_off+0x74/0x80
[  165.866724][    C0]  update_process_times+0x12d/0x180
[  165.871908][    C0]  tick_sched_timer+0x263/0x420
[  165.876745][    C0]  ? tick_setup_sched_timer+0x3d0/0x3d0
[  165.882276][    C0]  __hrtimer_run_queues+0x403/0x840
[  165.887472][    C0]  hrtimer_interrupt+0x38c/0xda0
[  165.892411][    C0]  ? debug_smp_processor_id+0x9/0x20
[  165.897698][    C0]  smp_apic_timer_interrupt+0x109/0x280
[  165.903252][    C0]  apic_timer_interrupt+0xf/0x20
[  165.908370][    C0]  </IRQ>
[  165.911297][    C0] RIP: 0010:mod_memcg_page_state+0x16/0x190
[  165.917264][    C0] Code: 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 54 53 41 89 f6 48 89 fb e8 da 28 2e 00 <48> 83 c3 38 48 89 d8 48 c1 e8 03 49 bc 00 00 00 00 00 fc ff df 42
[  165.936850][    C0] RSP: 0018:ffffc900022277d8 EFLAGS: 00000293 ORIG_RAX: ffffffffffffff13
[  165.945273][    C0] RAX: ffffffff81487326 RBX: ffffea0001b08e40 RCX: ffff88809a652600
[  165.953256][    C0] RDX: 0000000000000000 RSI: 00000000fffffffc RDI: ffffea0001b08e40
[  165.961401][    C0] RBP: ffffc900022277f8 R08: dffffc0000000000 R09: fffffbfff1287025
[  165.969494][    C0] R10: fffffbfff1287025 R11: 0000000000000000 R12: ffff88806c15d3a0
[  165.977695][    C0] R13: dffffc0000000000 R14: 00000000fffffffc R15: ffff88806c2754e8
[  165.985690][    C0]  ? mod_memcg_page_state+0x16/0x190
[  165.990989][    C0]  ? mod_memcg_page_state+0x16/0x190
[  165.996296][    C0]  free_thread_stack+0x168/0x590
[  166.001231][    C0]  put_task_stack+0xa3/0x130
[  166.005839][    C0]  finish_task_switch+0x3f1/0x550
[  166.010880][    C0]  __schedule+0x9a8/0xcc0
[  166.015390][    C0]  preempt_schedule_irq+0xc1/0x140
[  166.020596][    C0]  retint_kernel+0x1b/0x2b
[  166.025004][    C0] RIP: 0010:lock_release+0x6a/0x780
[  166.030206][    C0] Code: 89 f3 48 c1 eb 03 8a 04 13 84 c0 0f 85 9d 04 00 00 41 83 3e 00 0f 85 71 04 00 00 48 c7 c0 20 96 0a 89 48 c1 e8 03 80 3c 10 00 <74> 16 48 c7 c7 20 96 0a 89 e8 d8 5f 56 00 48 ba 00 00 00 00 00 fc
[  166.049803][    C0] RSP: 0018:ffffc90002227a50 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[  166.058222][    C0] RAX: 1ffffffff12152c4 RBX: 1ffff110134ca5d2 RCX: ffff88809a652600
[  166.066225][    C0] RDX: dffffc0000000000 RSI: ffffffff81a505d4 RDI: ffff8880966e77f0
[  166.074203][    C0] RBP: ffffc90002227ad0 R08: ffffffff81a12273 R09: ffffed1012cdcef3
[  166.082209][    C0] R10: ffffed1012cdcef3 R11: 0000000000000000 R12: ffff88809a652600
[  166.090185][    C0] R13: ffffffff81a505d4 R14: ffff88809a652e94 R15: ffff8880966e77f0
[  166.098184][    C0]  ? validate_mm+0x154/0x9b0
[  166.102782][    C0]  ? anon_vma_interval_tree_verify+0x123/0x150
[  166.109083][    C0]  ? validate_mm+0x154/0x9b0
[  166.113691][    C0]  ? __kasan_check_write+0x14/0x20
[  166.118797][    C0]  ? __down_read+0x14b/0x360
[  166.123385][    C0]  up_read+0x15/0x20
[  166.127289][    C0]  validate_mm+0x154/0x9b0
[  166.131725][    C0]  ? __kasan_check_write+0x14/0x20
[  166.136843][    C0]  ? up_write+0xee/0x450
[  166.141095][    C0]  __vma_adjust+0x2280/0x2390
[  166.145772][    C0]  ? __vma_adjust+0xc11/0x2390
[  166.150565][    C0]  __split_vma+0x356/0x490
[  166.155001][    C0]  split_vma+0x7a/0xd0
[  166.159063][    C0]  mprotect_fixup+0x6ef/0x790
[  166.163756][    C0]  ? security_file_mprotect+0xa8/0xd0
[  166.169127][    C0]  do_mprotect_pkey+0x6c2/0x8d0
[  166.173999][    C0]  __x64_sys_mprotect+0x80/0x90
[  166.178852][    C0]  do_syscall_64+0xf7/0x1c0
[  166.183369][    C0]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  166.189391][    C0] RIP: 0033:0x7f553ee57447
[  166.193799][    C0] Code: 73 01 c3 48 8d 0d 5d ad 20 00 31 d2 48 29 c2 89 11 48 83 c8 ff eb eb 90 90 90 90 90 90 90 90 90 90 90 90 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8d 0d 2d ad 20 00 31 d2 48 29 c2 89
[  166.213585][    C0] RSP: 002b:00007ffc10fef388 EFLAGS: 00000206 ORIG_RAX: 000000000000000a
[  166.222029][    C0] RAX: ffffffffffffffda RBX: 00007f553f05f9a8 RCX: 00007f553ee57447
[  166.230002][    C0] RDX: 0000000000000000 RSI: 00000000001ff000 RDI: 00007f553ea11000
[  166.237969][    C0] RBP: 00007ffc10fef6e0 R08: 0000000000000003 R09: 0000000000000000
[  166.245928][    C0] R10: 0000000000000001 R11: 0000000000000206 R12: 00007ffc10fef7c8
[  166.253884][    C0] R13: 0000000000000002 R14: 0000000000000030 R15: 00007ffc10fef3d0