Warning: Permanently added '10.128.1.62' (ECDSA) to the list of known hosts. 2020/01/08 02:30:36 fuzzer started 2020/01/08 02:30:38 dialing manager at 10.128.0.26:35703 2020/01/08 02:30:38 syscalls: 2824 2020/01/08 02:30:38 code coverage: enabled 2020/01/08 02:30:38 comparison tracing: enabled 2020/01/08 02:30:38 extra coverage: enabled 2020/01/08 02:30:38 setuid sandbox: enabled 2020/01/08 02:30:38 namespace sandbox: enabled 2020/01/08 02:30:38 Android sandbox: /sys/fs/selinux/policy does not exist 2020/01/08 02:30:38 fault injection: enabled 2020/01/08 02:30:38 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/01/08 02:30:38 net packet injection: enabled 2020/01/08 02:30:38 net device setup: enabled 2020/01/08 02:30:38 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/01/08 02:30:38 devlink PCI setup: PCI device 0000:00:10.0 is not available 02:30:39 executing program 0: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='smaps_rollup\x00') exit(0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000000)=""/8, 0x8}], 0x1, 0x0) 02:30:39 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x89e3, &(0x7f0000000080)={0x0, 0x0, 0xc, 0x9}) syzkaller login: [ 65.127163][ T8754] IPVS: ftp: loaded support on port[0] = 21 02:30:40 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet(0x11, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000200)=0x108, 0x4) setsockopt$sock_int(r2, 0x1, 0x1d, &(0x7f0000000040)=0x100, 0x4) sendmsg(r2, &(0x7f000087dfc8)={&(0x7f000005e000)=@nfc={0x27, 0x7}, 0x80, 0x0}, 0x0) recvmsg(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x2000) [ 65.284190][ T8757] IPVS: ftp: loaded support on port[0] = 21 [ 65.325785][ T8754] chnl_net:caif_netlink_parms(): no params data found [ 65.458255][ T8754] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.484610][ T8754] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.492375][ T8754] device bridge_slave_0 entered promiscuous mode [ 65.518511][ T8757] chnl_net:caif_netlink_parms(): no params data found [ 65.528854][ T8754] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.541911][ T8754] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.549883][ T8754] device bridge_slave_1 entered promiscuous mode [ 65.597763][ T8754] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link 02:30:40 executing program 3: sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c00000010002fff00"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000120012000c00010062726964676500000c0002000800250000000000"], 0x3c}}, 0x0) r0 = socket(0x10, 0x3, 0x0) sendmmsg$alg(r0, &(0x7f0000000140), 0x4924b68, 0x0) socketpair$unix(0x1, 0x40000000000001, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = fcntl$dupfd(r1, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) [ 65.638965][ T8754] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 65.651484][ T8760] IPVS: ftp: loaded support on port[0] = 21 [ 65.680439][ T8757] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.690414][ T8757] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.698968][ T8757] device bridge_slave_0 entered promiscuous mode [ 65.736951][ T8754] team0: Port device team_slave_0 added [ 65.743829][ T8757] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.752176][ T8757] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.762320][ T8757] device bridge_slave_1 entered promiscuous mode [ 65.774991][ T8754] team0: Port device team_slave_1 added [ 65.822088][ T8757] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link 02:30:40 executing program 4: socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) socket$nl_route(0x10, 0x3, 0x0) syz_open_procfs(0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) msgsnd(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="01"], 0x1, 0x0) msgrcv(0x0, 0x0, 0x0, 0x0, 0x0) msgsnd(0x0, 0x0, 0x0, 0x0) msgrcv(0x0, &(0x7f00000000c0)={0x0, ""/147}, 0x9b, 0xd6d0c418f59fe7d3, 0x0) [ 65.899073][ T8754] device hsr_slave_0 entered promiscuous mode [ 65.959393][ T8754] device hsr_slave_1 entered promiscuous mode [ 66.007726][ T8757] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.040995][ T8762] IPVS: ftp: loaded support on port[0] = 21 [ 66.116704][ T8757] team0: Port device team_slave_0 added 02:30:41 executing program 5: r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) fsetxattr$security_ima(r0, &(0x7f0000000180)='security.ima\x00', &(0x7f00000000c0)=@ng={0x4, 0xf}, 0x2, 0x0) open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) [ 66.172905][ T8757] team0: Port device team_slave_1 added [ 66.189721][ T8760] chnl_net:caif_netlink_parms(): no params data found [ 66.203159][ T8764] IPVS: ftp: loaded support on port[0] = 21 [ 66.317388][ T8757] device hsr_slave_0 entered promiscuous mode [ 66.365364][ T8757] device hsr_slave_1 entered promiscuous mode [ 66.394679][ T8757] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 66.402455][ T8757] Cannot create hsr debugfs directory [ 66.447566][ T8760] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.454853][ T8760] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.462601][ T8760] device bridge_slave_0 entered promiscuous mode [ 66.472733][ T8760] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.479905][ T8760] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.487731][ T8760] device bridge_slave_1 entered promiscuous mode [ 66.502150][ T8767] IPVS: ftp: loaded support on port[0] = 21 [ 66.539036][ T8760] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.551938][ T8760] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.671568][ T8760] team0: Port device team_slave_0 added [ 66.687399][ T8754] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 66.768787][ T8754] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 66.828864][ T8754] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 66.889997][ T8760] team0: Port device team_slave_1 added [ 66.903225][ T8762] chnl_net:caif_netlink_parms(): no params data found [ 66.913022][ T8754] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 66.994002][ T8757] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 67.106431][ T8760] device hsr_slave_0 entered promiscuous mode [ 67.144905][ T8760] device hsr_slave_1 entered promiscuous mode [ 67.204678][ T8760] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 67.212998][ T8760] Cannot create hsr debugfs directory [ 67.232078][ T8757] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 67.312082][ T8757] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 67.405734][ T8764] chnl_net:caif_netlink_parms(): no params data found [ 67.416947][ T8757] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 67.446217][ T8762] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.453321][ T8762] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.462112][ T8762] device bridge_slave_0 entered promiscuous mode [ 67.501697][ T8762] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.509497][ T8762] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.517524][ T8762] device bridge_slave_1 entered promiscuous mode [ 67.558094][ T8762] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.572720][ T8762] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.648609][ T8754] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.667904][ T8764] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.677913][ T8764] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.687507][ T8764] device bridge_slave_0 entered promiscuous mode [ 67.700584][ T8762] team0: Port device team_slave_0 added [ 67.723833][ T8762] team0: Port device team_slave_1 added [ 67.730659][ T8764] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.739512][ T8764] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.748724][ T8764] device bridge_slave_1 entered promiscuous mode [ 67.768233][ T8767] chnl_net:caif_netlink_parms(): no params data found [ 67.848937][ T8762] device hsr_slave_0 entered promiscuous mode [ 67.914845][ T8762] device hsr_slave_1 entered promiscuous mode [ 67.974607][ T8762] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 67.983000][ T8762] Cannot create hsr debugfs directory [ 67.990524][ T8764] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.005156][ T8764] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.025037][ T8754] 8021q: adding VLAN 0 to HW filter on device team0 [ 68.038489][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 68.047526][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 68.079510][ T8760] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 68.117168][ T8760] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 68.196829][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 68.206779][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 68.217153][ T44] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.224656][ T44] bridge0: port 1(bridge_slave_0) entered forwarding state [ 68.233238][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 68.242407][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 68.251467][ T44] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.258577][ T44] bridge0: port 2(bridge_slave_1) entered forwarding state [ 68.266314][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 68.288672][ T8760] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 68.346925][ T8760] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 68.412354][ T8764] team0: Port device team_slave_0 added [ 68.418987][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 68.427801][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 68.472855][ T8764] team0: Port device team_slave_1 added [ 68.484980][ T8770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 68.495611][ T8770] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 68.526774][ T8767] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.534183][ T8767] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.545041][ T8767] device bridge_slave_0 entered promiscuous mode [ 68.579014][ T8770] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 68.589236][ T8770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 68.599747][ T8770] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 68.614234][ T8754] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 68.626181][ T8754] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 68.645981][ T8762] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 68.676839][ T8767] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.684298][ T8767] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.693227][ T8767] device bridge_slave_1 entered promiscuous mode [ 68.748326][ T8764] device hsr_slave_0 entered promiscuous mode [ 68.804976][ T8764] device hsr_slave_1 entered promiscuous mode [ 68.844674][ T8764] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.853607][ T8764] Cannot create hsr debugfs directory [ 68.859576][ T2674] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 68.868745][ T2674] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 68.878121][ T2674] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 68.888140][ T2674] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 68.899589][ T8757] 8021q: adding VLAN 0 to HW filter on device bond0 [ 68.912984][ T8762] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 68.970515][ T8762] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 69.026994][ T2674] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 69.051360][ T8762] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 69.097383][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 69.105060][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 69.131321][ T8767] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.146464][ T8754] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 69.171853][ T8757] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.182836][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 69.191256][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 69.200563][ T8767] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.250574][ T8767] team0: Port device team_slave_0 added [ 69.258989][ T8767] team0: Port device team_slave_1 added [ 69.275678][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 69.284680][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 69.294092][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 69.303690][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 69.312578][ T44] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.322177][ T44] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.330340][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 69.339513][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 69.347987][ T44] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.356880][ T44] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.367908][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 69.423561][ T8754] device veth0_vlan entered promiscuous mode [ 69.437243][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 69.446990][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 69.457800][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 69.468216][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 69.477346][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 69.485811][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 69.494027][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 69.502880][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 69.513376][ T8760] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.587430][ T8767] device hsr_slave_0 entered promiscuous mode [ 69.645090][ T8767] device hsr_slave_1 entered promiscuous mode [ 69.704793][ T8767] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 69.714778][ T8767] Cannot create hsr debugfs directory [ 69.730080][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 69.738371][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 69.746551][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 69.754926][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 69.763215][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 69.774045][ T8754] device veth1_vlan entered promiscuous mode [ 69.808653][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 69.821047][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 69.843223][ T8760] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.862223][ T8757] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 69.871557][ T8770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 69.879901][ T8770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 69.914969][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 69.922467][ T2681] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 69.960660][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 69.971752][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 69.981880][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.988979][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.996492][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 70.005081][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 70.013351][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.020477][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.028344][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 70.037991][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 70.053867][ T8764] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 70.089232][ T8764] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 70.147760][ T8757] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.167932][ T8762] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.198493][ T8764] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 175.224457][ C0] rcu: INFO: rcu_preempt self-detected stall on CPU [ 175.231256][ C0] rcu: 0-....: (10499 ticks this GP) idle=382/1/0x4000000000000002 softirq=12034/12034 fqs=2744 [ 175.242666][ C0] (t=10501 jiffies g=7465 q=137) [ 175.247713][ C0] rcu: rcu_preempt kthread starved for 5014 jiffies! g7465 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 175.258729][ C0] rcu: RCU grace-period kthread stack dump: [ 175.265282][ C0] rcu_preempt R running task 29032 10 2 0x80004000 [ 175.273235][ C0] Call Trace: [ 175.276553][ C0] __schedule+0x9a0/0xcc0 [ 175.280904][ C0] schedule+0x181/0x210 [ 175.285077][ C0] schedule_timeout+0x14f/0x240 [ 175.289928][ C0] ? run_local_timers+0x120/0x120 [ 175.294966][ C0] rcu_gp_kthread+0xed8/0x1770 [ 175.299739][ C0] kthread+0x332/0x350 [ 175.303925][ C0] ? rcu_report_qs_rsp+0x140/0x140 [ 175.309068][ C0] ? kthread_blkcg+0xe0/0xe0 [ 175.313704][ C0] ret_from_fork+0x24/0x30 [ 175.318238][ C0] NMI backtrace for cpu 0 [ 175.322588][ C0] CPU: 0 PID: 8774 Comm: syz-executor.0 Not tainted 5.5.0-rc5-syzkaller #0 [ 175.331179][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 175.341243][ C0] Call Trace: [ 175.344533][ C0] [ 175.347400][ C0] dump_stack+0x1fb/0x318 [ 175.351742][ C0] nmi_cpu_backtrace+0xaf/0x1a0 [ 175.356598][ C0] ? nmi_trigger_cpumask_backtrace+0x16d/0x290 [ 175.362770][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 175.368873][ C0] nmi_trigger_cpumask_backtrace+0x174/0x290 [ 175.374880][ C0] arch_trigger_cpumask_backtrace+0x10/0x20 [ 175.380783][ C0] rcu_dump_cpu_stacks+0x15a/0x220 [ 175.385907][ C0] rcu_sched_clock_irq+0xe25/0x1ad0 [ 175.391118][ C0] ? trace_hardirqs_off+0x74/0x80 [ 175.396497][ C0] update_process_times+0x12d/0x180 [ 175.401712][ C0] tick_sched_timer+0x263/0x420 [ 175.406633][ C0] ? tick_setup_sched_timer+0x3d0/0x3d0 [ 175.412212][ C0] __hrtimer_run_queues+0x403/0x840 [ 175.417439][ C0] hrtimer_interrupt+0x38c/0xda0 [ 175.422391][ C0] ? debug_smp_processor_id+0x9/0x20 [ 175.428345][ C0] smp_apic_timer_interrupt+0x109/0x280 [ 175.433931][ C0] apic_timer_interrupt+0xf/0x20 [ 175.438887][ C0] [ 175.441837][ C0] RIP: 0010:__memcg_kmem_uncharge+0x2e/0x1a0 [ 175.447839][ C0] Code: 41 57 41 56 41 55 41 54 53 50 89 f3 49 89 fc 48 b8 00 00 00 00 00 fc ff df 4c 8d 77 38 4d 89 f5 49 c1 ed 03 41 80 7c 05 00 00 <74> 08 4c 89 f7 e8 48 07 fb ff 4d 8b 3e b8 01 00 00 00 89 d9 d3 e0 [ 175.467443][ C0] RSP: 0018:ffffc90002657e00 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 175.475864][ C0] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffff88809457a3c0 [ 175.483870][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffea00029b8b40 [ 175.491854][ C0] RBP: ffffc90002657e30 R08: dffffc0000000000 R09: fffffbfff124248a [ 175.499854][ C0] R10: fffffbfff124248a R11: 0000000000000000 R12: ffffea00029b8b40 [ 175.507843][ C0] R13: 1ffffd400053716f R14: ffffea00029b8b78 R15: ffff88808c3ab678 [ 175.515853][ C0] ? free_thread_stack+0x124/0x590 [ 175.521006][ C0] free_thread_stack+0x12e/0x590 [ 175.526031][ C0] put_task_stack+0xa3/0x130 [ 175.531077][ C0] finish_task_switch+0x3f1/0x550 [ 175.536161][ C0] schedule_tail+0x20/0x1a0 [ 175.540693][ C0] ret_from_fork+0x8/0x30 [ 175.545012][ C0] RIP: 0033:0x45951a [ 175.549016][ C0] Code: Bad RIP value. [ 175.553096][ C0] RSP: 002b:00007fff4d22b8a0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 175.561525][ C0] RAX: 0000000000000000 RBX: 00007fff4d22b8a0 RCX: 000000000045951a [ 175.569491][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 175.577489][ C0] RBP: 00007fff4d22b8e0 R08: 0000000000000001 R09: 00000000029fd940 [ 175.585476][ C0] R10: 00000000029fdc10 R11: 0000000000000246 R12: 0000000000000001 [ 175.593463][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fff4d22b930