syzkaller login: [   63.146168][   T38] audit: type=1400 audit(1575024328.518:41): avc:  denied  { map } for  pid=7755 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '[localhost]:22439' (ECDSA) to the list of known hosts.
[   75.822338][   T38] audit: type=1400 audit(1575024341.188:42): avc:  denied  { map } for  pid=7772 comm="syz-fuzzer" path="/syz-fuzzer" dev="sda1" ino=16525 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1
2019/11/29 10:45:41 fuzzer started
2019/11/29 10:45:42 dialing manager at 10.0.2.10:46599
2019/11/29 10:45:42 syscalls: 2543
2019/11/29 10:45:42 code coverage: enabled
2019/11/29 10:45:42 comparison tracing: enabled
2019/11/29 10:45:42 extra coverage: extra coverage is not supported by the kernel
2019/11/29 10:45:42 setuid sandbox: enabled
2019/11/29 10:45:42 namespace sandbox: enabled
2019/11/29 10:45:42 Android sandbox: /sys/fs/selinux/policy does not exist
2019/11/29 10:45:42 fault injection: enabled
2019/11/29 10:45:42 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/11/29 10:45:42 net packet injection: enabled
2019/11/29 10:45:42 net device setup: enabled
2019/11/29 10:45:42 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2019/11/29 10:45:42 devlink PCI setup: PCI device 0000:00:10.0 is not available
10:45:58 executing program 0:
socket$kcm(0x2b, 0xd, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu//.\xf3l\x03@\x05:$\x92\t72\a|6\xaf\tW\xda\xea\xf2\x897~', 0x1ff)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000340)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdirat$cgroup(r0, &(0x7f0000000180)='syz0\x00', 0x1ff)
close(r1)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89a0, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89a1, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x40)
sendmsg$kcm(r0, &(0x7f0000002200)={&(0x7f00000003c0)=@xdp, 0x80, 0x0, 0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="800000000000000014010000f03b000014460dbd03a2113c0f986d249bf200449545a603ade3b0edc057017987dfc6d88a6ec95f3a366dc9271b8ca701583ac3fd971c6bafb4a64f6efa554712a49f94ebf763590649c41963b6041955d7f58d99d1efce47f520c8634948c2e826cddf732d0baeb6799eddd162e742fcef7eb738000000000000001f010000070000001f4a9778985d49a8a6a2184b7413a0201beb64632ea7d8ac3260bdf7caad1c13301dcacb75120000e800000000000000ff0100001f0000006c20be18a06c2adf223419c6fc9bae8064592bfb6b99d0c21153dbc22bf410d006000000abe64ddbf5806e7a86e3f61c284e1189909e2b85844221905af2cf62541e3a403b141055c32ad3d8cb320c1c5422b71c7283900a8f88c7df9af169fb7a682613d1f8129c4f00c0eb5fdcb7c58dd43b308e466d2ecebdab60d0613a641b6d196012977c363822930500000000000000fe85c19ec3863e2e06afb555673c8240a1b876e44c0b042afcec3198e23a5e12825cf70d4707f2230bf41238c6a28852af8666ac590875811985cf591b667845f0453d164898b273c592a9c6c3d33700a5b2f9fe5c6a18d7bedbf181db6fca390530bb0ce9b7cc6aa50bf4dc294f824f4a6dd3a47b06c7c53487d1a8cbe51433731d2a61ae8eca23257ed4d9f99706e568fca09d4e4aa264bded18c20e631158bc0407fd19b53e6f404ee89eca7af75ea01b2de396289ce26a5ece33f0ffe26051f4bcff9f1ce73588cccf658afdbd1f48485761a7457a9dd24300350513e84c4129cb765dc2fa75823196"], 0x20a}, 0x48010)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r2 = gettid()
socket$kcm(0x29, 0x0, 0x0)
r3 = gettid()
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xc0, &(0x7f0000000400)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=0x2000000000401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000800)={0x2, 0x2, 0x4, 0x5}, &(0x7f0000000380)=0x7, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=0x10000}}, 0x10)
r5 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r5)
recvmsg(r5, &(0x7f0000000140)={0x0, 0x100000039, &(0x7f0000000000)=[{&(0x7f0000000380)=""/110, 0xffffffd9}], 0x1, 0x0, 0x4a}, 0x2f04)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r3, r5, 0x0, 0xd, &(0x7f0000000100)='/dev/net/tun\x00', r4}, 0x30)
r6 = perf_event_open(&(0x7f0000000500)={0x5, 0x70, 0xa3, 0x3, 0x1f, 0x2, 0x0, 0x81, 0x10004, 0x4, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x4, 0x1}, 0x8000, 0x7f, 0x3, 0x3, 0x800, 0x5, 0x5}, r3, 0xd, 0xffffffffffffffff, 0xc)
perf_event_open(0x0, r2, 0x2, r6, 0x3)
write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYPTR64], 0xff39)
ioctl$TUNSETFILTEREBPF(r0, 0x6609, 0x0)

[   93.345503][   T38] audit: type=1400 audit(1575024358.718:43): avc:  denied  { map } for  pid=7792 comm="syz-executor.0" path="/sys/kernel/debug/kcov" dev="debugfs" ino=2156 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1
10:45:58 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0xffc7}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0100000000000000280012000c0001007665746800000000ececfac5e025573fb5926c7ae92af81800020814a79f7488f611d01cb85041b7f809000000004600006df0840107d3c3bc1747ef4939dd822dafd6037136a70f304dbcdee66ed673df5c98c00033e06a14e3b513ef72364106b249dd59b35aafee80aa0a9b2e3bbfb4941d2ed7d7fc3c3dae0a3a354339e3572311b364ba77c4e343d199812b3862a78324fd19d159913729e3afec87ff2f99746c2aed6d90fff50cc840f622b17a4a827b1a75991f90c9f4b905bba36c199b6615f31bca41e26bd754a284f1d5b0a45697de633a103c7f5c94ada8d5cc2436e9f6bca8371b6c9a7698be8528832757594a630928739d035cb506505793760350aacc93ddac01077a248b872ea0a14664865263377b586e8886915327a8fb7c5796cdc5a4e259513b02beba96f45b3d539f71508664536e", @ANYRES32=0x0, @ANYBLOB="0b4a1914200cc3ad134d722638676806c8290e7b562b6cf4fa7af6933aa62720930c5bde67868a7ae19a80ff6b106ddb9c0c311a7feda8455842b5365ce6d9082f1f056abd876b3e43df416758c774ccb2812e65015ed0b8842bd64eaedb3091495364373194c8291924cde4eb65b0168d36955facea07381b9a4e74fa4c0f111cc2fbf6cd1ea6877a05e7d76dc889950a0af8a3842cf9e6364c087a3d48f2dfc7e7f89b7aa5060d8e3c2e7630e2a22d7e017e36c2e9fcd5e64ba064ca4f8e00a658f5fefd6b640a426762cd0f8368575b72e7b5a6431e3e326a41614b2f54f06fa19d4a475b9da7f71d8bdc5e22c3e9e6ddfe7b23706ad4e0e97bef4388bbbdb5e2cb77e43eb48248565888a7a67a38fe5344e4d43ddccca47ad855d1174aed891ab7cb13c7773d32cee8d2a16aca453da8165308f03920d7fd3c360ebb9451374df5632af7bcadf36fd435da0c0217370b4c9a6e1d63e0fa0ccaaee41f1f885ea0e9e58e9828a4b8ba15adf788ec35a8b7812ec90544402f24fd4aa56d6b6cc69503e0b9937ba71bd84d4ad99d88d26ebe9d2d1634f5db9ae05d89fcffd8aea9e4d611fde1ce2b86c0e738a88254f9b55dac78a4cc4fba181da2a30d235de529b13e53d8d89a0000"], 0x48}}, 0x0)
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000080)={@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68]}, @dev, @local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100018, r4})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = dup(r5)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000140)={@local, @rand_addr="6409c0b80e989ba29fb30dc012b97603", @ipv4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400003, r4})

[   93.501226][ T7793] IPVS: ftp: loaded support on port[0] = 21
[   93.579455][ T7795] IPVS: ftp: loaded support on port[0] = 21
[   93.579602][ T7793] chnl_net:caif_netlink_parms(): no params data found
[   93.626922][ T7793] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.635365][ T7793] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.643261][ T7793] device bridge_slave_0 entered promiscuous mode
[   93.654657][ T7793] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.662731][ T7793] bridge0: port 2(bridge_slave_1) entered disabled state
10:45:59 executing program 2:
r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(0x0, 0x0, 0x0)
open_by_handle_at(r1, 0x0, 0x0)
getsockopt$netlink(0xffffffffffffffff, 0x10e, 0x0, 0x0, &(0x7f0000000080))
r2 = syz_open_procfs(0x0, &(0x7f0000000380)='fd/4\x00\xa7$\xbf\x05l\xb8\t\xd0\x06\xae\b\x86$nV\x92M%\xfd)0m6Z\x05\xae\xa7\rM\bp\xa6Q\x871B\x973\xfe\x05\x12\xf3\xd496\xf9\x1aM6\xb2|\xc5\x05\xbc\xe71g\xe4<&\xd2\xd8g\xb6\xa2U\xae\x9a\x17F\xa5xi\xe8_\xa8R\x96d\x99\xf6_E\xd0\x8f<\xa840\xd6\x84\xd0\x17\xafP\'\xdc{\b\x94\x00Y+\x18N\xc6\x96Y\xf7\xd3`\\\xc9\x1f\a\xf9X\x125\xb9\xd6\xbf\x1a4V\x10\xa6Uq\xceN\xeb\xa8M\xb2?\xda\xfb\xb1\x9d\x94\x13O\xab\xde\xc0t\x8c\")\x05~\x0f\xb8\xf3\xf6d\xbe\xad\xee\"\xaa\x91\x05\xcb9A\x1a\x8d&\x9e\x81\xcf\x9eWvT\x8a\xbfl\x8a\x83%\xec\x94\xfd\x90\xeb\xb3\xa3\xa8\x90\x90\xdb\xc2X\xf48\xd1\x83Eu\xe5c\xd7\xb7qe\xab\xae\xef*\x9e\x95\xde\xa0\x894r[\\\xc4?\xb7\xcfo\xdb\xbeR\xc5\xbc\xb34\xbe}\xf7n/4}\xbc.t\x94\x1c%\xcb\x93\xea\"Aa(\xd6FX\xd8\b\xd1\x10N{\xe8\xbc)\xc8\x1e6\xff\x95\xa3\xf3\x84\xf4\xa5\xe8f\xc2@\x1f7h\xb3\xd6\xab\x9a\x03\x95>V\\\xc4%T\x94M\xc7`\x83\xa1\xa0\xc8gn\xe3\xfe\xef[\xb3\xbd\x18R\x1b=\xab\x97$\x03\xaa\x84C\x0eWD\xeea\xf5\xb9\x82\xea\xbd5:\"\xf6f/\xa1\x8f%8\xa8\x1e\xcf\xb6\xa7\xe1\x1b1\x94\xc1G\xf9\xfc\xc77\x1c\x00'/376)
write$apparmor_exec(r2, &(0x7f0000000600)={'\x9bH\x1b]P\x0e\x06C\xc3MY\x1d\x9b9%\a\x16\xb1\x9b=cy\xeaU\x0e3\\C6\x9bmwH_\xcb\xaa\xc7\xa6\x10&\xb0A\tim\x9bL\xd21\xd2\xbe\xddEf \xa0\xa6v\xf7\xe7\x89\xec\xbf\xc8\x97\xb37\xf0\x10\xcd\xd9\xaf;\xec\xccT\x9e\xe0\xbaw3\xc4K\v\x0e\xca\xdb\xa5\xe6\x91\xdc\x8d3\xf8\xec/\xa4U\x87\x02g\x06k\x9fW[.c\xb1\xd4y\xd4\xca=\f\xd8Q[\xacb\xa3f4\x9el\x90\x878[\x00\xd9\x04\x1a\xa6\xa4\x17\xa6(\x05tl\x17\xef\x1bU\xfbD\xec\x88\xd4\xa0&\xdb\x95wp\xfb\x01[\x8c\xc4(\xbb)\xf3\xa9\x1b\tt\xd3W\x11t\x1f\xa4n\xfd:\x90${\xc5\x16\xa5\x96\x88\xc78\xc0g\xb9\xbe\xbd1\x11}\x8d\'\x15+\xfe\x91\xed\x1e\xeb]\xfa\x9dS\xe6\x12\x9f\r\xc8\x81\xca\xd9\f\xfd\xc8/\xb99\xaa\x1a\r\x92\xae\xb6\xd2\xb8\xb7\f[\xd8y\xc6O\xcfE\xb4\xe6\x16\x1fT\x1e\x9b\x9c\f\x8d\xed1\x96\"\x83\x98\xb1S`\xc7\'\xc2\xbf\xb7', 'fd/4\x00\xa7$\xbf\x05l\xb8\t\xd0\x06\xae\b\x86$dV\x92M%\xfd)0m6Z\x05\xae\xa7\rM\bp\xa6Q\x9b\x0fJ\x973\xfe\x05\x12\xf3\xd496\xf9\x1aM6\xb2|\xc5\x05\xbc\xe71g\xe4<&\xd2\xd8g\xb6\xa2U\xae\x9a\x17F\xa5xi\xe8_\xa8R\x96d\x99\xf6_E\xd0\x8f<\xa840\xd6\x84\xd0\x17\xafP\'\xdc{\b\x94\x00Y+\x18N\\\xc9\x1f\a\xf9X\x125\xb9\xd6\xbf\x1a4V\x10\xa6Uq\xceN\xeb\xa8M\xb2?\xda\xfb\xb1\x9d\x94\x13O\xab\xde\xc0t\x8c\")\x05~\x0f\xb8\xf3\xf6d\xbe\xad\xee\"\xaa\x91\x05\xcb9A\x1a\x8d&\x9e\x81\xcf\x9eWvT\x8a\xbfl\x8a\x83%\xec\x94\xfd\x90\xeb\xb3\xa3\xa8\x90\x90\xdb\xc2X\xf48\xd1\x83Eu\xe5c\xd7\xb7qe\xab\xae\xef*\x9e\x95\xde\xa0\x894r[\\\xc4?\xb7\xcfo\xdb\xbeR\xc5\xbc\xb34\xbe}\xf7n/4}\xbc.t\x94\x1c%\xcb\x93\xea\"Aa(\xd6FX\xd8\b\xd1\x10N{\xe8\xbc)\xc8\x1e6\xff\x95\xa3\xf3\x84\xf4\xa5\xe8f\xc2@\x1f7h\xb3\xd6\xab\x9a\x03\x95>V\\\xc4%T\x94M\xc7`\x83\xa1\xa0\xc8gn\xe3\xfe\xef[\xb3\xbd\x18R\x1b=\xab\x97$\x03\xaa\x84C\x0eWD\xeea\xf5\xb9\x82\xea\xbd5:\"\xf6f/\xa1\x8f%8\xa8\x1e\xcf\xb6\xa7\xe1\x1b1\x94\xc1G\xf9\xfc\xc77\x1c\x00'}, 0x50f)
ioctl$RTC_WIE_ON(0xffffffffffffffff, 0x700f)

[   93.672049][ T7793] device bridge_slave_1 entered promiscuous mode
[   93.697009][ T7793] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   93.708954][ T7793] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   93.733526][ T7793] team0: Port device team_slave_0 added
[   93.742002][ T7793] team0: Port device team_slave_1 added
[   93.761518][ T7799] IPVS: ftp: loaded support on port[0] = 21
10:45:59 executing program 3:
r0 = socket(0x10, 0x803, 0x2)
sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
sendmsg$SEG6_CMD_SET_TUNSRC(r0, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000002c0)={0x0}}, 0x0)

[   93.826120][ T7793] device hsr_slave_0 entered promiscuous mode
[   93.924224][ T7793] device hsr_slave_1 entered promiscuous mode
10:45:59 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000040)=0x4, 0x4)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000012c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendto$inet6(r0, 0x0, 0x0, 0x20000013, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @empty}, 0x1c)

[   93.997772][ T7795] chnl_net:caif_netlink_parms(): no params data found
[   94.021851][ T7802] IPVS: ftp: loaded support on port[0] = 21
[   94.059385][ T7804] IPVS: ftp: loaded support on port[0] = 21
[   94.068039][   T38] audit: type=1400 audit(1575024359.438:44): avc:  denied  { create } for  pid=7793 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[   94.068508][   T38] audit: type=1400 audit(1575024359.438:45): avc:  denied  { write } for  pid=7793 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
10:45:59 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x1)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000080)={'lo:\x05\xe6\r\x00\x00\x85\x01\x00\x00\x00\x12\x03\x00', {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}})
socket$inet_tcp(0x2, 0x1, 0x0)

[   94.119346][   T38] audit: type=1400 audit(1575024359.468:46): avc:  denied  { read } for  pid=7793 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[   94.166723][ T7793] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   94.251368][ T7793] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   94.305637][ T7795] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.312690][ T7795] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.320441][ T7795] device bridge_slave_0 entered promiscuous mode
[   94.327620][ T7795] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.334698][ T7795] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.342446][ T7795] device bridge_slave_1 entered promiscuous mode
[   94.360878][ T7793] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   94.427053][ T7793] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   94.517491][ T7795] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   94.518298][ T7806] IPVS: ftp: loaded support on port[0] = 21
[   94.534408][ T7795] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   94.579338][ T7795] team0: Port device team_slave_0 added
[   94.588445][ T7795] team0: Port device team_slave_1 added
[   94.594559][ T7799] chnl_net:caif_netlink_parms(): no params data found
[   94.705038][ T7795] device hsr_slave_0 entered promiscuous mode
[   94.763277][ T7795] device hsr_slave_1 entered promiscuous mode
[   94.843032][ T7795] debugfs: Directory 'hsr0' with parent '/' already present!
[   94.906380][ T7799] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.914938][ T7799] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.924074][ T7799] device bridge_slave_0 entered promiscuous mode
[   94.943989][ T7802] chnl_net:caif_netlink_parms(): no params data found
[   94.964484][ T7799] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.973236][ T7799] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.982083][ T7799] device bridge_slave_1 entered promiscuous mode
[   95.046178][ T7799] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   95.059250][ T7799] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   95.078527][ T7802] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.085696][ T7802] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.093705][ T7802] device bridge_slave_0 entered promiscuous mode
[   95.129765][ T7802] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.138066][ T7802] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.147703][ T7802] device bridge_slave_1 entered promiscuous mode
[   95.154597][ T7795] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   95.224681][ T7804] chnl_net:caif_netlink_parms(): no params data found
[   95.232835][ T7795] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   95.278031][ T7795] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   95.377891][ T7795] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   95.486095][ T7799] team0: Port device team_slave_0 added
[   95.492803][ T7806] chnl_net:caif_netlink_parms(): no params data found
[   95.503220][ T7799] team0: Port device team_slave_1 added
[   95.521852][ T7802] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   95.546805][ T7802] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   95.575369][ T7802] team0: Port device team_slave_0 added
[   95.583820][ T7802] team0: Port device team_slave_1 added
[   95.664811][ T7799] device hsr_slave_0 entered promiscuous mode
[   95.703247][ T7799] device hsr_slave_1 entered promiscuous mode
[   95.773025][ T7799] debugfs: Directory 'hsr0' with parent '/' already present!
[   95.810842][ T7804] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.818477][ T7804] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.826157][ T7804] device bridge_slave_0 entered promiscuous mode
[   95.856871][ T7806] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.864580][ T7806] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.872164][ T7806] device bridge_slave_0 entered promiscuous mode
[   95.881945][ T7793] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.888992][ T7804] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.896503][ T7804] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.904310][ T7804] device bridge_slave_1 entered promiscuous mode
[   95.915220][ T7799] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   95.955044][ T7799] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   96.054472][ T7806] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.061791][ T7806] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.069773][ T7806] device bridge_slave_1 entered promiscuous mode
[   96.085821][ T7806] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   96.100825][ T7806] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   96.164791][ T7802] device hsr_slave_0 entered promiscuous mode
[   96.224588][ T7802] device hsr_slave_1 entered promiscuous mode
[   96.283125][ T7802] debugfs: Directory 'hsr0' with parent '/' already present!
[   96.291983][ T7799] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   96.344816][ T7799] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   96.408216][ T7804] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   96.418921][ T7804] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   96.430026][ T7806] team0: Port device team_slave_0 added
[   96.439641][ T7806] team0: Port device team_slave_1 added
[   96.469638][ T2971] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   96.477909][ T2971] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   96.498378][ T7804] team0: Port device team_slave_0 added
[   96.509805][ T7793] 8021q: adding VLAN 0 to HW filter on device team0
[   96.527036][ T7804] team0: Port device team_slave_1 added
[   96.532828][ T7802] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   96.584567][ T7802] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   96.634645][ T7802] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   96.766533][ T7806] device hsr_slave_0 entered promiscuous mode
[   96.813162][ T7806] device hsr_slave_1 entered promiscuous mode
[   96.863152][ T7806] debugfs: Directory 'hsr0' with parent '/' already present!
[   96.879467][ T7802] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   96.946116][ T2971] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   96.955099][ T2971] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   96.966932][ T2971] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.974310][ T2971] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.989773][ T7814] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   96.998167][ T7814] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   97.007024][ T7814] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   97.018103][ T7814] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.025337][ T7814] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.104922][ T7804] device hsr_slave_0 entered promiscuous mode
[   97.143250][ T7804] device hsr_slave_1 entered promiscuous mode
[   97.183042][ T7804] debugfs: Directory 'hsr0' with parent '/' already present!
[   97.208186][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   97.227375][ T7795] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.237181][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   97.260082][ T7806] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   97.316640][ T7806] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   97.394635][ T7806] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   97.457619][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   97.466830][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   97.482655][ T7806] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   97.524570][ T7804] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   97.584453][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   97.592304][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   97.601090][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   97.614210][ T7793] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   97.625385][ T7793] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   97.644056][ T7804] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   97.714461][ T7814] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   97.722718][ T7814] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   97.731742][ T7814] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   97.740657][ T7814] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   97.749192][ T7814] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   97.757689][ T7814] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   97.765954][ T7814] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   97.783740][ T7793] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.794968][ T7795] 8021q: adding VLAN 0 to HW filter on device team0
[   97.805299][ T7804] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   97.844809][ T2784] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   97.852399][ T2784] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   97.867120][ T7799] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.873098][   T38] audit: type=1400 audit(1575024363.238:47): avc:  denied  { associate } for  pid=7793 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1
[   97.877530][ T7804] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   97.951939][ T1347] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   97.960870][ T1347] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   97.972587][ T1347] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.979858][ T1347] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.999281][ T7807] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   98.013215][   T38] audit: type=1400 audit(1575024363.378:48): avc:  denied  { open } for  pid=7819 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=perf_event permissive=1
[   98.037377][ T7807] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   98.045925][ T7807] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   98.058755][ T7807] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.066076][ T7807] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.074200][ T7807] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   98.096308][ T1347] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   98.104987][ T1347] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   98.113627][ T1347] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   98.121843][ T1347] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   98.129066][   T38] audit: type=1400 audit(1575024363.498:49): avc:  denied  { kernel } for  pid=7819 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=perf_event permissive=1
[   98.134507][ T1347] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   98.165659][ T7799] 8021q: adding VLAN 0 to HW filter on device team0
[   98.179739][ T7807] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   98.188172][ T7807] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   98.196188][ T7807] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   98.204449][ T7807] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   98.213310][ T7807] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   98.221742][ T7807] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.229057][ T7807] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.237581][ T7807] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   98.261008][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   98.269357][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   98.278327][ T4279] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.285121][ T4279] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.292643][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   98.302508][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   98.311195][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   98.655475][    C3] hrtimer: interrupt took 56633 ns
[  104.222745][ T7802] 8021q: adding VLAN 0 to HW filter on device bond0
[  104.237514][ T7802] 8021q: adding VLAN 0 to HW filter on device team0
[  104.262556][ T7802] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  104.273108][ T7802] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  104.294850][ T7802] 8021q: adding VLAN 0 to HW filter on device batadv0
[  162.319338][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  162.329225][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  162.337146][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  162.345879][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  162.354797][ T1346] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.362322][ T1346] bridge0: port 1(bridge_slave_0) entered forwarding state
[  162.370206][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  162.378778][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  162.387179][ T1346] bridge0: port 2(bridge_slave_1) entered blocking state
[  162.394343][ T1346] bridge0: port 2(bridge_slave_1) entered forwarding state
[  162.401922][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  162.410818][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  162.419715][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  162.428774][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  162.437505][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  162.446139][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  162.454855][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  162.463132][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  162.471706][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  162.479929][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  162.488110][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  162.495978][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  162.504071][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  162.512745][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  162.520973][ T1346] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  208.822538][ T7807] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  316.782882][    C2] rcu: INFO: rcu_preempt self-detected stall on CPU
[  316.783042][    C2] rcu: 	2-....: (1 GPs behind) idle=f02/1/0x4000000000000004 softirq=15110/15120 fqs=5142 
[  316.792963][    C2] 	(t=10502 jiffies g=5389 q=405)
[  316.802957][    C2] NMI backtrace for cpu 2
[  316.802957][    C2] CPU: 2 PID: 7822 Comm: syz-executor.0 Not tainted 5.4.0-syzkaller #0
[  316.813018][    C2] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014
[  316.813018][    C2] Call Trace:
[  316.813018][    C2]  <IRQ>
[  316.813018][    C2]  dump_stack+0x197/0x210
[  316.813018][    C2]  nmi_cpu_backtrace.cold+0x70/0xb2
[  316.813018][    C2]  ? lapic_can_unplug_cpu.cold+0x3a/0x3a
[  316.813018][    C2]  nmi_trigger_cpumask_backtrace+0x23b/0x28b
[  316.813018][    C2]  arch_trigger_cpumask_backtrace+0x14/0x20
[  316.813018][    C2]  rcu_dump_cpu_stacks+0x183/0x1cf
[  316.813018][    C2]  ? find_next_bit+0x107/0x130
[  316.813018][    C2]  rcu_sched_clock_irq.cold+0x509/0xc02
[  316.813018][    C2]  ? raise_softirq+0x138/0x340
[  316.813018][    C2]  update_process_times+0x2d/0x70
[  316.813018][    C2]  tick_sched_handle+0xa2/0x190
[  316.813018][    C2]  tick_sched_timer+0x53/0x140
[  316.813018][    C2]  __hrtimer_run_queues+0x364/0xe40
[  316.813018][    C2]  ? tick_sched_do_timer+0x1b0/0x1b0
[  316.813018][    C2]  ? hrtimer_init+0x330/0x330
[  316.813018][    C2]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  316.813018][    C2]  ? ktime_get_update_offsets_now+0x2ce/0x430
[  316.813018][    C2]  hrtimer_interrupt+0x314/0x770
[  316.813018][    C2]  smp_apic_timer_interrupt+0x160/0x610
[  316.813018][    C2]  apic_timer_interrupt+0xf/0x20
[  316.813018][    C2] RIP: 0010:addrconf_mod_rs_timer+0x40/0x140
[  316.813018][    C2] Code: 48 8d bb f0 02 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 e3 00 00 00 48 83 bb f0 02 00 00 00 <74> 44 e8 89 c2 03 fb 48 c7 c0 00 90 00 89 48 ba 00 00 00 00 00 fc
[  316.813018][    C2] RSP: 0018:ffff88802d709c10 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[  316.813018][    C2] RAX: dffffc0000000000 RBX: ffff88807b6f8000 RCX: ffffffff8672989e
[  316.813018][    C2] RDX: 1ffff1100f6df05e RSI: ffffffff86711b66 RDI: ffff88807b6f82f0
[  316.813018][    C2] RBP: ffff88802d709c30 R08: ffff888013424080 R09: ffffed1005ae1376
[  316.813018][    C2] R10: ffffed1005ae1375 R11: 0000000000000003 R12: 000000000000389a
[  316.813018][    C2] R13: ffff88807b6f8168 R14: 000000000000389a R15: ffff88807b6f8000
[  316.813018][    C2]  ? apic_timer_interrupt+0xa/0x20
[  316.813018][    C2]  ? addrconf_rs_timer+0x47e/0x6e0
[  316.813018][    C2]  ? addrconf_mod_rs_timer+0x16/0x140
[  316.813018][    C2]  addrconf_rs_timer+0x4a5/0x6e0
[  316.813018][    C2]  ? ipv6_get_lladdr+0x490/0x490
[  316.813018][    C2]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  316.813018][    C2]  call_timer_fn+0x1ac/0x780
[  316.813018][    C2]  ? ipv6_get_lladdr+0x490/0x490
[  316.813018][    C2]  ? msleep_interruptible+0x150/0x150
[  316.813018][    C2]  ? run_timer_softirq+0x6b1/0x1790
[  316.813018][    C2]  ? trace_hardirqs_on+0x67/0x240
[  316.813018][    C2]  ? ipv6_get_lladdr+0x490/0x490
[  316.813018][    C2]  ? ipv6_get_lladdr+0x490/0x490
[  316.813018][    C2]  run_timer_softirq+0x6c3/0x1790
[  316.813018][    C2]  ? add_timer+0x930/0x930
[  316.813018][    C2]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  316.813018][    C2]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  316.813018][    C2]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  316.813018][    C2]  __do_softirq+0x262/0x98c
[  316.813018][    C2]  ? sched_clock_cpu+0x14e/0x1b0
[  316.813018][    C2]  irq_exit+0x19b/0x1e0
[  316.813018][    C2]  smp_apic_timer_interrupt+0x1a3/0x610
[  316.813018][    C2]  apic_timer_interrupt+0xf/0x20
[  316.813018][    C2]  </IRQ>
[  316.813018][    C2] RIP: 0010:_raw_spin_unlock_irq+0x4f/0x80
[  316.813018][    C2] Code: c0 68 34 13 89 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 33 48 83 3d 12 6a 96 01 00 74 20 fb 66 0f 1f 44 00 00 <bf> 01 00 00 00 e8 e7 ab d3 f9 65 8b 05 18 54 85 78 85 c0 74 06 41
[  316.813018][    C2] RSP: 0018:ffff88801342f8d8 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13
[  316.813018][    C2] RAX: 1ffffffff122668d RBX: ffff888013424080 RCX: 0000000000000006
[  316.813018][    C2] RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff888013424914
[  316.813018][    C2] RBP: ffff88801342f8e0 R08: 1ffffffff15377ba R09: fffffbfff15377bb
[  316.813018][    C2] R10: fffffbfff15377ba R11: ffffffff8a9bbdd7 R12: ffff88802d737380
[  316.813018][    C2] R13: ffff88802c868380 R14: ffff88807a54e100 R15: 0000000000000000
[  316.813018][    C2]  ? _raw_spin_unlock_irq+0x23/0x80
[  316.813018][    C2]  finish_task_switch+0x147/0x750
[  316.813018][    C2]  ? finish_task_switch+0x119/0x750
[  316.813018][    C2]  __schedule+0x8e9/0x1f30
[  316.813018][    C2]  ? __sched_text_start+0x8/0x8
[  316.813018][    C2]  ? __this_cpu_preempt_check+0x35/0x190
[  316.813018][    C2]  ? retint_kernel+0x2b/0x2b
[  316.813018][    C2]  ? perf_duration_warn+0x40/0x40
[  316.813018][    C2]  ? preempt_schedule+0x4b/0x60
[  316.813018][    C2]  preempt_schedule_common+0x4f/0xe0
[  316.813018][    C2]  ? __perf_event_enable+0x930/0x930
[  316.813018][    C2]  preempt_schedule+0x4b/0x60
[  316.813018][    C2]  ___preempt_schedule+0x16/0x18
[  316.813018][    C2]  ? smp_call_function_single+0x40b/0x480
[  316.813018][    C2]  smp_call_function_single+0x410/0x480
[  316.813018][    C2]  ? perf_duration_warn+0x40/0x40
[  316.813018][    C2]  ? generic_exec_single+0x4c0/0x4c0
[  316.813018][    C2]  ? __do_sys_perf_event_open+0x174c/0x2c70
[  316.813018][    C2]  ? __perf_event_enable+0x930/0x930
[  316.813018][    C2]  task_function_call+0xe9/0x180
[  316.813018][    C2]  ? perf_event_addr_filters_exec+0x310/0x310
[  316.813018][    C2]  ? __do_sys_perf_event_open+0x174c/0x2c70
[  316.813018][    C2]  ? __perf_event_enable+0x930/0x930
[  316.813018][    C2]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  316.813018][    C2]  ? exclusive_event_installable+0x257/0x320
[  316.813018][    C2]  perf_install_in_context+0x308/0x5a0
[  316.813018][    C2]  ? list_add_event+0xed0/0xed0
[  316.813018][    C2]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  316.813018][    C2]  ? __perf_event_header_size.isra.0+0x166/0x1c0
[  316.813018][    C2]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  316.813018][    C2]  __do_sys_perf_event_open+0x1cbc/0x2c70
[  316.813018][    C2]  ? perf_event_set_output+0x4e0/0x4e0
[  316.813018][    C2]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  316.813018][    C2]  ? put_timespec64+0xda/0x140
[  316.813018][    C2]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  316.813018][    C2]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  316.813018][    C2]  ? do_syscall_64+0x26/0x790
[  316.813018][    C2]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  316.813018][    C2]  ? do_syscall_64+0x26/0x790
[  316.813018][    C2]  __x64_sys_perf_event_open+0xbe/0x150
[  316.813018][    C2]  do_syscall_64+0xfa/0x790
[  316.813018][    C2]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  316.813018][    C2] RIP: 0033:0x45a759
[  316.813018][    C2] Code: bd b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  316.813018][    C2] RSP: 002b:00007f4491f11c88 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  316.813018][    C2] RAX: ffffffffffffffda RBX: 000000000071bfa8 RCX: 000000000045a759
[  316.813018][    C2] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020000700
[  316.813018][    C2] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000
[  316.813018][    C2] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f4491f126d4
[  316.813018][    C2] R13: 00000000004aec17 R14: 00000000006f1cb0 R15: 00000000ffffffff
[  321.633197][ T4279] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 2-... } 10987 jiffies s: 341 root: 0x4/.
[  321.644926][ T4279] rcu: blocking rcu_node structures:
[  321.650067][ T4279] Task dump for CPU 2:
[  321.655221][ T4279] syz-executor.0  R  running task    27680  7822   7793 0x8000400e
[  321.664266][ T4279] Call Trace:
[  321.667547][ T4279]  __schedule+0x8e9/0x1f30
[  321.671651][ T4279]  ? __sched_text_start+0x8/0x8
[  321.679042][ T4279]  ? __this_cpu_preempt_check+0x35/0x190
[  321.685843][ T4279]  ? retint_kernel+0x2b/0x2b
[  321.691554][ T4279]  ? perf_duration_warn+0x40/0x40
[  321.697811][ T4279]  ? preempt_schedule+0x4b/0x60
[  321.702435][ T4279]  preempt_schedule_common+0x4f/0xe0
[  321.708681][ T4279]  ? __perf_event_enable+0x930/0x930
[  321.714268][ T4279]  preempt_schedule+0x4b/0x60
[  321.718911][ T4279]  ___preempt_schedule+0x16/0x18
[  321.723825][ T4279]  ? smp_call_function_single+0x40b/0x480
[  321.729431][ T4279]  smp_call_function_single+0x410/0x480
[  321.734824][ T4279]  ? perf_duration_warn+0x40/0x40
[  321.739739][ T4279]  ? generic_exec_single+0x4c0/0x4c0
[  321.745024][ T4279]  ? __do_sys_perf_event_open+0x174c/0x2c70
[  321.750866][ T4279]  ? __perf_event_enable+0x930/0x930
[  321.756276][ T4279]  task_function_call+0xe9/0x180
[  321.761034][ T4279]  ? perf_event_addr_filters_exec+0x310/0x310
[  321.766979][ T4279]  ? __do_sys_perf_event_open+0x174c/0x2c70
[  321.772638][ T4279]  ? __perf_event_enable+0x930/0x930
[  321.778206][ T4279]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  321.784626][ T4279]  ? exclusive_event_installable+0x257/0x320
[  321.790493][ T4279]  perf_install_in_context+0x308/0x5a0
[  321.796060][ T4279]  ? list_add_event+0xed0/0xed0
[  321.800742][ T4279]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  321.806790][ T4279]  ? __perf_event_header_size.isra.0+0x166/0x1c0
[  321.812734][ T4279]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  321.819238][ T4279]  __do_sys_perf_event_open+0x1cbc/0x2c70
[  321.824724][ T4279]  ? perf_event_set_output+0x4e0/0x4e0
[  321.830082][ T4279]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  321.836085][ T4279]  ? put_timespec64+0xda/0x140
[  321.840872][ T4279]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  321.846320][ T4279]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  321.851546][ T4279]  ? do_syscall_64+0x26/0x790
[  321.856306][ T4279]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  321.862189][ T4279]  ? do_syscall_64+0x26/0x790
[  321.867218][ T4279]  __x64_sys_perf_event_open+0xbe/0x150
[  321.872368][ T4279]  do_syscall_64+0xfa/0x790
[  321.877103][ T4279]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  321.882830][ T4279] RIP: 0033:0x45a759
[  321.887005][ T4279] Code: Bad RIP value.
[  321.890949][ T4279] RSP: 002b:00007f4491f11c88 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  321.899446][ T4279] RAX: ffffffffffffffda RBX: 000000000071bfa8 RCX: 000000000045a759
[  321.907669][ T4279] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020000700
[  321.915890][ T4279] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000
[  321.923981][ T4279] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f4491f126d4
[  321.932182][ T4279] R13: 00000000004aec17 R14: 00000000006f1cb0 R15: 00000000ffffffff