[ 43.920216][ T25] audit: type=1800 audit(1575425288.380:25): pid=8015 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 43.939444][ T25] audit: type=1800 audit(1575425288.380:26): pid=8015 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 43.987489][ T25] audit: type=1800 audit(1575425288.380:27): pid=8015 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [ 44.565176][ T8081] sshd (8081) used greatest stack depth: 23416 bytes left [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.15.227' (ECDSA) to the list of known hosts. 2019/12/04 02:08:19 fuzzer started 2019/12/04 02:08:20 dialing manager at 10.128.0.26:42111 2019/12/04 02:08:20 syscalls: 2689 2019/12/04 02:08:20 code coverage: enabled 2019/12/04 02:08:20 comparison tracing: enabled 2019/12/04 02:08:20 extra coverage: extra coverage is not supported by the kernel 2019/12/04 02:08:20 setuid sandbox: enabled 2019/12/04 02:08:20 namespace sandbox: enabled 2019/12/04 02:08:20 Android sandbox: /sys/fs/selinux/policy does not exist 2019/12/04 02:08:20 fault injection: enabled 2019/12/04 02:08:20 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/12/04 02:08:20 net packet injection: enabled 2019/12/04 02:08:20 net device setup: enabled 2019/12/04 02:08:20 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2019/12/04 02:08:20 devlink PCI setup: PCI device 0000:00:10.0 is not available 02:08:21 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$lock(r0, 0x7, &(0x7f0000000100)={0x0, 0x0, 0x18d4}) fcntl$lock(r0, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x4}) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:08:22 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x3000005, 0x31, 0xffffffffffffffff, 0x0) getsockopt$inet6_int(r0, 0x29, 0x12, 0x0, &(0x7f0000000000)) syzkaller login: [ 57.602000][ T8180] IPVS: ftp: loaded support on port[0] = 21 02:08:22 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet(0x10, 0x3, 0xc) sendmsg(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000100)="24000000100007031dff22946fa2830020200a0009000300001d85687f0000000400ff7e28000000080a43ba5d806055b6fdd80b40000000140001000029ec2400020cd37e99d69cda45a95e", 0x4c}], 0x1}, 0x0) [ 57.764295][ T8180] chnl_net:caif_netlink_parms(): no params data found [ 57.782637][ T8183] IPVS: ftp: loaded support on port[0] = 21 [ 57.883347][ T8180] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.891637][ T8180] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.893574][ T8185] IPVS: ftp: loaded support on port[0] = 21 [ 57.921627][ T8180] device bridge_slave_0 entered promiscuous mode [ 57.963703][ T8180] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.970954][ T8180] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.979492][ T8180] device bridge_slave_1 entered promiscuous mode [ 58.016158][ T8180] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.028576][ T8180] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link 02:08:22 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x3, &(0x7f0000000080)=[{}, {0x25}, {0x6, 0x0, 0x0, 0x7fffffff}]}) [ 58.143263][ T8180] team0: Port device team_slave_0 added [ 58.175673][ T8183] chnl_net:caif_netlink_parms(): no params data found [ 58.196527][ T8180] team0: Port device team_slave_1 added [ 58.242073][ T8190] IPVS: ftp: loaded support on port[0] = 21 02:08:22 executing program 4: ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0xc02812f8, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "447b7082ca4b315fbf31db60448d61d6320cb882c8fbc5fbc99e670f303120ce524ec30452db7f145ab1658ad4c4d39d5ad3019c4bee5d8833488a68a77fd3d5", "f8496f19440aa2788481ccdba1ee4b00cb7bdfd714669010d8e23815a7701441"}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) bind(0xffffffffffffffff, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="000129bd7000000000000e00000030000100080002000000000014000300e000000200000000000000000000000008000b0073697000080009005f0000000800050000000000080004000000000008000500020000003c000100080002000000000008000b0073697000080008000000000008000800090000000800040000000000080001000000000008000500000000000800050003000000080005007b0000000800050013000000280002"], 0x1}}, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 58.364242][ T8180] device hsr_slave_0 entered promiscuous mode [ 58.421123][ T8180] device hsr_slave_1 entered promiscuous mode [ 58.468799][ T8185] chnl_net:caif_netlink_parms(): no params data found [ 58.489973][ T8183] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.499038][ T8183] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.509866][ T8183] device bridge_slave_0 entered promiscuous mode [ 58.525932][ T8192] IPVS: ftp: loaded support on port[0] = 21 [ 58.556711][ T8183] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.564733][ T8183] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.572835][ T8183] device bridge_slave_1 entered promiscuous mode 02:08:23 executing program 5: r0 = socket$can_bcm(0x1d, 0x2, 0x2) io_setup(0x9, &(0x7f0000000240)=0x0) connect$can_bcm(r0, &(0x7f0000000140), 0x10) io_submit(r1, 0x2, &(0x7f0000000080)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)="0300000093c21faf16da39de706f646800580f02000000003f420f000000000000580f02000000003f420f000000000000ffffffff000000", 0x20000238}]) [ 58.644551][ T8183] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.657296][ T8180] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 58.706349][ T8185] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.720724][ T8185] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.728888][ T8185] device bridge_slave_0 entered promiscuous mode [ 58.738542][ T8185] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.746208][ T8185] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.753944][ T8185] device bridge_slave_1 entered promiscuous mode [ 58.764130][ T8183] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.773770][ T8180] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 58.820450][ T8194] IPVS: ftp: loaded support on port[0] = 21 [ 58.826920][ T8180] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 58.873667][ T8180] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 58.959740][ T8183] team0: Port device team_slave_0 added [ 58.967083][ T8185] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.993306][ T8183] team0: Port device team_slave_1 added [ 59.006329][ T8185] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.133393][ T8183] device hsr_slave_0 entered promiscuous mode [ 59.171234][ T8183] device hsr_slave_1 entered promiscuous mode [ 59.211070][ T8183] debugfs: Directory 'hsr0' with parent '/' already present! [ 59.220575][ T8185] team0: Port device team_slave_0 added [ 59.229135][ T8185] team0: Port device team_slave_1 added [ 59.255523][ T8190] chnl_net:caif_netlink_parms(): no params data found [ 59.323716][ T8185] device hsr_slave_0 entered promiscuous mode [ 59.361168][ T8185] device hsr_slave_1 entered promiscuous mode [ 59.402114][ T8185] debugfs: Directory 'hsr0' with parent '/' already present! [ 59.425726][ T8192] chnl_net:caif_netlink_parms(): no params data found [ 59.496972][ T8194] chnl_net:caif_netlink_parms(): no params data found [ 59.517345][ T8192] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.525047][ T8192] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.532666][ T8192] device bridge_slave_0 entered promiscuous mode [ 59.565650][ T8192] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.576114][ T8192] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.584465][ T8192] device bridge_slave_1 entered promiscuous mode [ 59.595536][ T8190] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.603029][ T8190] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.610562][ T8190] device bridge_slave_0 entered promiscuous mode [ 59.618262][ T8183] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 59.683220][ T8183] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 59.727904][ T8183] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 59.785427][ T8183] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 59.850342][ T8190] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.858833][ T8190] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.866680][ T8190] device bridge_slave_1 entered promiscuous mode [ 59.883900][ T8185] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 59.924527][ T8192] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.952357][ T8185] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 60.012964][ T8185] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 60.057336][ T8192] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.076211][ T8180] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.083242][ T8194] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.090281][ T8194] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.098640][ T8194] device bridge_slave_0 entered promiscuous mode [ 60.107829][ T8194] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.115252][ T8194] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.122842][ T8194] device bridge_slave_1 entered promiscuous mode [ 60.131164][ T8190] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.140365][ T8185] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 60.194390][ T8192] team0: Port device team_slave_0 added [ 60.206554][ T8190] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.220711][ T8192] team0: Port device team_slave_1 added [ 60.231015][ T8194] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.265956][ T8194] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.292557][ T8198] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 60.301105][ T8198] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 60.311060][ T8180] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.353647][ T8192] device hsr_slave_0 entered promiscuous mode [ 60.411207][ T8192] device hsr_slave_1 entered promiscuous mode [ 60.460938][ T8192] debugfs: Directory 'hsr0' with parent '/' already present! [ 60.471672][ T8190] team0: Port device team_slave_0 added [ 60.479209][ T8194] team0: Port device team_slave_0 added [ 60.486342][ T8190] team0: Port device team_slave_1 added [ 60.510541][ T8194] team0: Port device team_slave_1 added [ 60.518588][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 60.527714][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 60.536578][ T2777] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.543802][ T2777] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.552188][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 60.560612][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 60.569336][ T2777] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.576419][ T2777] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.584400][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 60.592935][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 60.602283][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 60.673537][ T8190] device hsr_slave_0 entered promiscuous mode [ 60.741133][ T8190] device hsr_slave_1 entered promiscuous mode [ 60.790930][ T8190] debugfs: Directory 'hsr0' with parent '/' already present! [ 60.817207][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 60.826139][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 60.835169][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 60.845041][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 60.853775][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 60.862101][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 60.870624][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 60.922648][ T8194] device hsr_slave_0 entered promiscuous mode [ 60.971608][ T8194] device hsr_slave_1 entered promiscuous mode [ 61.020965][ T8194] debugfs: Directory 'hsr0' with parent '/' already present! [ 61.041716][ T8180] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 61.056705][ T8180] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 61.065801][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 61.074567][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 61.094393][ T8183] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.139086][ T8183] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.158531][ T8190] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 61.193667][ T8190] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 61.232371][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 61.240006][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 61.248080][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 61.255742][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 61.265486][ T8192] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 61.313399][ T8192] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 61.355382][ T8192] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 61.397230][ T8190] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 61.453650][ T8190] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 61.483203][ T8199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 61.492335][ T8199] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 61.500604][ T8199] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.507713][ T8199] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.515673][ T8199] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 61.528455][ T8192] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 61.597594][ T8194] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 61.666516][ T8180] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.684743][ T8185] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.694704][ T8198] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 61.704199][ T8198] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 61.712912][ T8198] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.720079][ T8198] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.727938][ T8194] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 61.787708][ T8185] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.798260][ T8194] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 61.853574][ T8198] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 61.862688][ T8198] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 61.874296][ T8198] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 61.881994][ T8198] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 61.910464][ T8194] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 61.974731][ T8199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 61.989419][ T8199] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 61.998536][ T8199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 62.012841][ T8199] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 62.025539][ T8199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 62.035657][ T8199] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 62.048721][ T8199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 62.058901][ T8199] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 62.074651][ T8183] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 167.010739][ C0] rcu: INFO: rcu_preempt self-detected stall on CPU [ 167.017520][ C0] rcu: 0-...!: (10499 ticks this GP) idle=b12/1/0x4000000000000002 softirq=10969/10969 fqs=3 [ 167.027988][ C0] (t=10500 jiffies g=6497 q=67) [ 167.032917][ C0] rcu: rcu_preempt kthread starved for 10494 jiffies! g6497 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 167.044006][ C0] rcu: RCU grace-period kthread stack dump: [ 167.049884][ C0] rcu_preempt R running task 29032 10 2 0x80004000 [ 167.057768][ C0] Call Trace: [ 167.061049][ C0] __schedule+0x9a0/0xcc0 [ 167.065374][ C0] schedule+0x181/0x210 [ 167.069513][ C0] schedule_timeout+0x14f/0x240 [ 167.074364][ C0] ? run_local_timers+0x120/0x120 [ 167.079379][ C0] rcu_gp_kthread+0xed8/0x1770 [ 167.084139][ C0] kthread+0x332/0x350 [ 167.088222][ C0] ? rcu_report_qs_rsp+0x140/0x140 [ 167.093318][ C0] ? kthread_blkcg+0xe0/0xe0 [ 167.097895][ C0] ret_from_fork+0x24/0x30 [ 167.102308][ C0] NMI backtrace for cpu 0 [ 167.106631][ C0] CPU: 0 PID: 8180 Comm: syz-executor.0 Not tainted 5.4.0-syzkaller #0 [ 167.114844][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 167.124896][ C0] Call Trace: [ 167.128175][ C0] [ 167.131023][ C0] dump_stack+0x1fb/0x318 [ 167.135379][ C0] nmi_cpu_backtrace+0xaf/0x1a0 [ 167.140229][ C0] ? nmi_trigger_cpumask_backtrace+0x16d/0x290 [ 167.146478][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 167.152535][ C0] nmi_trigger_cpumask_backtrace+0x174/0x290 [ 167.158503][ C0] arch_trigger_cpumask_backtrace+0x10/0x20 [ 167.164379][ C0] rcu_dump_cpu_stacks+0x15a/0x220 [ 167.169479][ C0] rcu_sched_clock_irq+0xe25/0x1ad0 [ 167.174665][ C0] ? trace_hardirqs_off+0x74/0x80 [ 167.179677][ C0] update_process_times+0x12d/0x180 [ 167.184860][ C0] tick_sched_timer+0x263/0x420 [ 167.189698][ C0] ? tick_setup_sched_timer+0x3d0/0x3d0 [ 167.195232][ C0] __hrtimer_run_queues+0x403/0x840 [ 167.200426][ C0] hrtimer_interrupt+0x38c/0xda0 [ 167.205369][ C0] ? debug_smp_processor_id+0x9/0x20 [ 167.210645][ C0] smp_apic_timer_interrupt+0x109/0x280 [ 167.216174][ C0] apic_timer_interrupt+0xf/0x20 [ 167.221091][ C0] [ 167.224016][ C0] RIP: 0010:free_thread_stack+0x14c/0x590 [ 167.229720][ C0] Code: 2e 00 48 89 df 31 f6 e8 42 af 6e 00 43 80 3c 2e 00 74 08 4c 89 e7 e8 43 a4 69 00 49 8b 1c 24 48 83 c3 08 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 25 a4 69 00 48 8b 3b be fc ff ff [ 167.249309][ C0] RSP: 0018:ffffc900023e7bd0 EFLAGS: 00000a02 ORIG_RAX: ffffffffffffff13 [ 167.257716][ C0] RAX: 1ffff110118b7fc1 RBX: ffff88808c5bfe08 RCX: 0000000000000000 [ 167.265670][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffea00024bc780 [ 167.273642][ C0] RBP: ffffc900023e7c08 R08: dffffc0000000000 R09: fffffbfff120248a [ 167.281609][ C0] R10: fffffbfff120248a R11: 0000000000000000 R12: ffff88808c5bfea0 [ 167.289574][ C0] R13: dffffc0000000000 R14: 1ffff110118b7fd4 R15: ffff8880a8b33a28 [ 167.297561][ C0] put_task_stack+0xa3/0x130 [ 167.302142][ C0] finish_task_switch+0x3f1/0x550 [ 167.307157][ C0] __schedule+0x9a8/0xcc0 [ 167.311481][ C0] schedule+0x181/0x210 [ 167.315625][ C0] do_nanosleep+0x1d0/0x6c0 [ 167.320124][ C0] hrtimer_nanosleep+0x3a6/0x5b0 [ 167.325049][ C0] ? trace_hrtimer_expire_exit+0x2d0/0x2d0 [ 167.330842][ C0] __x64_sys_nanosleep+0x186/0x1d0 [ 167.335945][ C0] do_syscall_64+0xf7/0x1c0 [ 167.340521][ C0] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 167.346398][ C0] RIP: 0033:0x458b20 [ 167.350293][ C0] Code: c0 5b 5d c3 66 0f 1f 44 00 00 8b 04 24 48 83 c4 18 5b 5d c3 66 0f 1f 44 00 00 83 3d 11 fe 61 00 00 75 14 b8 23 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 d4 d1 fb ff c3 48 83 ec 08 e8 ea 46 00 00 [ 167.369878][ C0] RSP: 002b:00007ffff7b17568 EFLAGS: 00000246 ORIG_RAX: 0000000000000023 [ 167.378270][ C0] RAX: ffffffffffffffda RBX: 000000000000f206 RCX: 0000000000458b20 [ 167.386224][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007ffff7b17570 [ 167.394265][ C0] RBP: 0000000000000002 R08: 0000000000000001 R09: 0000000000a7b940 [ 167.402221][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 167.410181][ C0] R13: 00007ffff7b175c0 R14: 000000000000f206 R15: 00007ffff7b175d0