[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   42.911855][   T25] audit: type=1800 audit(1575402892.319:25): pid=7995 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   42.930990][   T25] audit: type=1800 audit(1575402892.329:26): pid=7995 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   42.974856][   T25] audit: type=1800 audit(1575402892.329:27): pid=7995 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.1.38' (ECDSA) to the list of known hosts.
2019/12/03 19:55:01 fuzzer started
2019/12/03 19:55:03 dialing manager at 10.128.0.26:42111
2019/12/03 19:55:03 syscalls: 2689
2019/12/03 19:55:03 code coverage: enabled
2019/12/03 19:55:03 comparison tracing: enabled
2019/12/03 19:55:03 extra coverage: extra coverage is not supported by the kernel
2019/12/03 19:55:03 setuid sandbox: enabled
2019/12/03 19:55:03 namespace sandbox: enabled
2019/12/03 19:55:03 Android sandbox: /sys/fs/selinux/policy does not exist
2019/12/03 19:55:03 fault injection: enabled
2019/12/03 19:55:03 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/12/03 19:55:03 net packet injection: enabled
2019/12/03 19:55:03 net device setup: enabled
2019/12/03 19:55:03 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2019/12/03 19:55:03 devlink PCI setup: PCI device 0000:00:10.0 is not available
19:55:04 executing program 0:
r0 = socket$inet6(0xa, 0x3, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0815b5055e0bcfe87b3071")
r1 = socket(0x2, 0x3, 0x100000001)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
sendto(r1, &(0x7f0000000140)="04e6f7ebeb34bb", 0x7, 0x8002, 0x0, 0x0)
write$binfmt_elf32(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x38}}, 0x38)

19:55:04 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xe, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x63, 0x11, 0x4}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

syzkaller login: [   55.424651][ T8162] IPVS: ftp: loaded support on port[0] = 21
[   55.492376][ T8164] IPVS: ftp: loaded support on port[0] = 21
19:55:05 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000a40)=ANY=[@ANYBLOB="66696c7465720000000920bb8a18fda7549d7b965876ddea00000000000000000000000000000000000000000000000e000000040000009803000007000000010000000300000003000000030000000300000003000004"], 0x1)

[   55.626990][ T8162] chnl_net:caif_netlink_parms(): no params data found
[   55.643524][ T8164] chnl_net:caif_netlink_parms(): no params data found
[   55.726856][ T8162] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.734557][ T8162] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.757186][ T8162] device bridge_slave_0 entered promiscuous mode
[   55.765368][ T8164] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.774528][ T8164] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.782875][ T8164] device bridge_slave_0 entered promiscuous mode
[   55.792748][ T8162] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.801006][ T8162] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.809209][ T8162] device bridge_slave_1 entered promiscuous mode
[   55.822620][ T8164] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.832793][ T8164] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.840935][ T8164] device bridge_slave_1 entered promiscuous mode
[   55.863265][ T8162] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   55.881616][ T8164] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   55.893862][ T8162] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   55.898582][ T8168] IPVS: ftp: loaded support on port[0] = 21
[   55.910925][ T8164] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
19:55:05 executing program 3:
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3e, &(0x7f00000000c0)=0x7, 0x4)
bind$llc(r0, &(0x7f0000000280)={0x1a, 0x0, 0x0, 0x2}, 0x10)
sendmmsg(r0, &(0x7f00000001c0), 0x400000000000150, 0x0)

[   55.958433][ T8162] team0: Port device team_slave_0 added
[   55.968827][ T8164] team0: Port device team_slave_0 added
[   55.979428][ T8164] team0: Port device team_slave_1 added
[   55.989420][ T8162] team0: Port device team_slave_1 added
[   56.091971][ T8162] device hsr_slave_0 entered promiscuous mode
19:55:05 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000980)=ANY=[@ANYBLOB="740000002d000bf779eed6acceff09000000ff00", @ANYRES32, @ANYBLOB="00000000f1ffffffffffffff08000100736871004800010000000000008000000000000010000000030000000033cc3598c9aa8178bdf1000000000000000000000000de7f4687000000000000000000000001009900807c24f1583940ea0e363002e94564838f54825863fe646c248656cb5d845549c5ceffcfeaab4260fca524afef20c00352bd32262c964c61f3771603fd386dc70a77e574632bd950e808d63007d6c6251ac28f6b621f863af06767ef3b8444b64c875270810633e2eb7d7a89d0f3cf2074000000000000000028026dfe7b7bc2cbc705ed95700983ea22eefa47c53252758e28ba4908ba2e86aff40a0cb6088e18f3b26fa3f16b28a5dcd32cb951da688b87961591b4671e40cf37feaa14dd00000000e60f0000000000003cf875a45a0643142ac688f2a10d2a194d7079ce17e9cbda5da7ecf526f1406f379e40200038b3c3c00b656f9021957cb27486eea0345bdf43b770452e1353b94884160ab1357707dacc631c885e515d18f9e1697a8604cd27f232de35373ad44e60efd73e28c85ce90800002d82680000020000000000cec5268374d089c80ba14824e83ff51cae120aae6ad04471171f99ab966cf04f91d121ebb959deb5697899e4005dae1be3c6299feb0c80cc20fd1d1e9ab43d253637f48f97061896b83a1aaafb7db50fda5ea11e060017d1000000234095318bbe076b2a5c9d0241a4e752aab3caf088ad0c9bf849a782c69a039f56e53085f2877adfe737401f7c24fc50107c19e35e578b9b608e6a7265149f539036ebf5af9387a4a7fe7a190641217ff82eac668d005362f571dae348d770376a67cf141bc81cad1151de8d49745fc360e7a89510253668f3211e9c2e1e59840deae9fa409800499711205f910bce24aad3cc7281c7e6de56636ff1957e17c6c271f9b48184efdfda2e30bb953dae14f814860f0fd204b8344ca5a46cea2468b67adee4ee8bfc571b7f66ce3d5af6195710266aa6aa193bc875e5eccd3879d5c3f245004100000000000004000000"], 0x74}}, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180), 0x49249249249252d, 0x0)

[   56.156424][ T8162] device hsr_slave_1 entered promiscuous mode
[   56.298710][ T8164] device hsr_slave_0 entered promiscuous mode
19:55:05 executing program 5:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000300)={'mangle\x00', 0x2, [{}, {}]}, 0x48)

[   56.346466][ T8164] device hsr_slave_1 entered promiscuous mode
[   56.397797][ T8164] debugfs: Directory 'hsr0' with parent '/' already present!
[   56.443516][ T8172] IPVS: ftp: loaded support on port[0] = 21
[   56.474033][ T8170] IPVS: ftp: loaded support on port[0] = 21
[   56.545481][ T8168] chnl_net:caif_netlink_parms(): no params data found
[   56.584220][ T8162] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   56.593728][ T8175] IPVS: ftp: loaded support on port[0] = 21
[   56.658666][ T8164] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   56.720705][ T8164] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   56.784166][ T8164] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   56.864029][ T8164] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   56.918611][ T8162] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   56.989560][ T8162] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   57.061888][ T8162] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   57.121163][ T8168] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.128880][ T8168] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.137168][ T8168] device bridge_slave_0 entered promiscuous mode
[   57.145822][ T8168] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.153920][ T8168] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.164118][ T8168] device bridge_slave_1 entered promiscuous mode
[   57.205396][ T8168] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   57.251476][ T8168] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   57.301145][ T8168] team0: Port device team_slave_0 added
[   57.309787][ T8168] team0: Port device team_slave_1 added
[   57.321895][ T8170] chnl_net:caif_netlink_parms(): no params data found
[   57.335439][ T8172] chnl_net:caif_netlink_parms(): no params data found
[   57.386778][ T8172] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.394059][ T8172] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.402276][ T8172] device bridge_slave_0 entered promiscuous mode
[   57.424985][ T8172] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.432850][ T8172] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.441298][ T8172] device bridge_slave_1 entered promiscuous mode
[   57.489023][ T8168] device hsr_slave_0 entered promiscuous mode
[   57.526615][ T8168] device hsr_slave_1 entered promiscuous mode
[   57.576239][ T8168] debugfs: Directory 'hsr0' with parent '/' already present!
[   57.625346][ T8172] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   57.643139][ T8172] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   57.673624][ T8172] team0: Port device team_slave_0 added
[   57.690318][ T8162] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.697903][ T8170] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.705658][ T8170] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.715015][ T8170] device bridge_slave_0 entered promiscuous mode
[   57.724363][ T8170] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.732211][ T8170] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.740898][ T8170] device bridge_slave_1 entered promiscuous mode
[   57.753921][ T8172] team0: Port device team_slave_1 added
[   57.778428][ T8164] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.838455][ T8172] device hsr_slave_0 entered promiscuous mode
[   57.896597][ T8172] device hsr_slave_1 entered promiscuous mode
[   57.946236][ T8172] debugfs: Directory 'hsr0' with parent '/' already present!
[   57.969071][ T3692] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   57.980415][ T3692] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   57.992077][ T8170] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   58.003967][ T8170] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.043726][ T8164] 8021q: adding VLAN 0 to HW filter on device team0
[   58.051270][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   58.059791][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   58.079755][ T8175] chnl_net:caif_netlink_parms(): no params data found
[   58.102739][ T8162] 8021q: adding VLAN 0 to HW filter on device team0
[   58.110391][ T8168] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   58.161808][ T8168] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   58.218623][ T3181] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   58.227425][ T3181] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   58.236188][ T3181] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.243626][ T3181] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.259260][ T8170] team0: Port device team_slave_0 added
[   58.268685][ T8170] team0: Port device team_slave_1 added
[   58.278825][ T8168] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   58.340409][ T3181] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   58.356271][ T3692] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   58.367797][ T3692] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   58.379748][ T3692] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.386851][ T3692] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.395543][ T3692] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   58.404448][ T3692] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   58.412913][ T3692] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   58.421449][ T3692] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   58.429931][ T3692] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   58.439004][ T3692] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   58.448339][ T3692] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   58.508290][ T8170] device hsr_slave_0 entered promiscuous mode
[   58.547348][ T8170] device hsr_slave_1 entered promiscuous mode
[   58.586413][ T8170] debugfs: Directory 'hsr0' with parent '/' already present!
[   58.594107][ T8168] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   58.628223][ T3692] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   58.636840][ T3692] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   58.645438][ T3692] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.652868][ T3692] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.660652][ T3692] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   58.670952][ T8172] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   58.729240][ T8172] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   58.772393][ T8172] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   58.827899][ T8172] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   58.879166][   T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   58.889642][   T36] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   58.900392][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.907731][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.915973][   T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   58.925037][   T36] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   58.946197][ T8176] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   58.954962][ T8176] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   58.963727][ T8176] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   58.972415][ T8176] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   58.981704][ T8176] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   58.990410][ T8176] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   58.998784][ T8176] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   59.007500][ T8176] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   59.015790][ T8176] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   59.024354][ T8176] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   59.051280][ T8164] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   59.063352][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   59.074522][ T8162] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   59.088309][ T8176] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   59.096041][ T8176] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   59.104657][ T8176] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   59.113342][ T8175] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.120636][ T8175] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.128567][ T8175] device bridge_slave_0 entered promiscuous mode
[   59.137858][ T8175] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.145446][ T8175] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.153959][ T8175] device bridge_slave_1 entered promiscuous mode
[   59.201310][ T8175] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   59.211243][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   59.219143][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   59.245727][ T8164] 8021q: adding VLAN 0 to HW filter on device batadv0
[   59.257479][ T8162] 8021q: adding VLAN 0 to HW filter on device batadv0
[   59.267545][ T8175] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   59.289400][   T36] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   59.297444][   T36] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   59.306470][ T8170] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   59.380951][ T8170] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   59.431403][ T8170] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   59.488731][ T8170] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   59.561882][ T8175] team0: Port device team_slave_0 added
[   59.604625][ T8175] team0: Port device team_slave_1 added
[  164.636065][    C0] rcu: INFO: rcu_preempt self-detected stall on CPU
[  164.642858][    C0] rcu: 	0-...!: (10499 ticks this GP) idle=7a6/1/0x4000000000000002 softirq=10091/10091 fqs=0 
[  164.653334][    C0] 	(t=10500 jiffies g=6273 q=90)
[  164.658278][    C0] rcu: rcu_preempt kthread starved for 10500 jiffies! g6273 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  164.669384][    C0] rcu: RCU grace-period kthread stack dump:
[  164.675266][    C0] rcu_preempt     R  running task    28992    10      2 0x80004000
[  164.683154][    C0] Call Trace:
[  164.686440][    C0]  __schedule+0x9a0/0xcc0
[  164.690770][    C0]  schedule+0x181/0x210
[  164.694916][    C0]  schedule_timeout+0x14f/0x240
[  164.699761][    C0]  ? run_local_timers+0x120/0x120
[  164.704776][    C0]  rcu_gp_kthread+0xed8/0x1770
[  164.709537][    C0]  kthread+0x332/0x350
[  164.713588][    C0]  ? rcu_report_qs_rsp+0x140/0x140
[  164.718699][    C0]  ? kthread_blkcg+0xe0/0xe0
[  164.723294][    C0]  ret_from_fork+0x24/0x30
[  164.727717][    C0] NMI backtrace for cpu 0
[  164.732062][    C0] CPU: 0 PID: 8164 Comm: syz-executor.1 Not tainted 5.4.0-syzkaller #0
[  164.740419][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  164.750472][    C0] Call Trace:
[  164.753768][    C0]  <IRQ>
[  164.756611][    C0]  dump_stack+0x1fb/0x318
[  164.760941][    C0]  nmi_cpu_backtrace+0xaf/0x1a0
[  164.765890][    C0]  ? nmi_trigger_cpumask_backtrace+0x16d/0x290
[  164.772062][    C0]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  164.778135][    C0]  nmi_trigger_cpumask_backtrace+0x174/0x290
[  164.784109][    C0]  arch_trigger_cpumask_backtrace+0x10/0x20
[  164.790008][    C0]  rcu_dump_cpu_stacks+0x15a/0x220
[  164.795113][    C0]  rcu_sched_clock_irq+0xe25/0x1ad0
[  164.800389][    C0]  ? trace_hardirqs_off+0x74/0x80
[  164.805587][    C0]  update_process_times+0x12d/0x180
[  164.810786][    C0]  tick_sched_timer+0x263/0x420
[  164.815631][    C0]  ? tick_setup_sched_timer+0x3d0/0x3d0
[  164.821199][    C0]  __hrtimer_run_queues+0x403/0x840
[  164.826413][    C0]  hrtimer_interrupt+0x38c/0xda0
[  164.831362][    C0]  ? debug_smp_processor_id+0x9/0x20
[  164.836643][    C0]  smp_apic_timer_interrupt+0x109/0x280
[  164.842175][    C0]  apic_timer_interrupt+0xf/0x20
[  164.847108][    C0]  </IRQ>
[  164.850037][    C0] RIP: 0010:__memcg_kmem_uncharge+0x40/0x2e0
[  164.856098][    C0] Code: 00 00 00 00 fc ff df 4c 8d 77 38 4d 89 f5 49 c1 ed 03 41 80 7c 05 00 00 74 08 4c 89 f7 e8 d8 f4 fa ff 4d 8b 3e b8 01 00 00 00 <89> d9 d3 e0 4d 85 ff 0f 84 bf 01 00 00 4c 39 3d 04 ce 8c 07 0f 84
[  164.876071][    C0] RSP: 0018:ffffc90001e47b90 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[  164.885821][    C0] RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffff8880955e45c0
[  164.893803][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffea0002824780
[  164.902030][    C0] RBP: ffffc90001e47bc0 R08: 000000000003a768 R09: ffffed1015125f3f
[  164.910167][    C0] R10: ffffed1015125f3f R11: 0000000000000000 R12: ffffea0002824780
[  164.918127][    C0] R13: 1ffffd40005048f7 R14: ffffea00028247b8 R15: 0000000000000000
[  164.926111][    C0]  ? free_thread_stack+0x124/0x590
[  164.931561][    C0]  free_thread_stack+0x12e/0x590
[  164.936490][    C0]  put_task_stack+0xa3/0x130
[  164.941071][    C0]  finish_task_switch+0x3f1/0x550
[  164.946104][    C0]  __schedule+0x9a8/0xcc0
[  164.950432][    C0]  schedule+0x181/0x210
[  164.954581][    C0]  do_nanosleep+0x1d0/0x6c0
[  164.959085][    C0]  hrtimer_nanosleep+0x3a6/0x5b0
[  164.964016][    C0]  ? trace_hrtimer_expire_exit+0x2d0/0x2d0
[  164.969980][    C0]  __x64_sys_nanosleep+0x186/0x1d0
[  164.975100][    C0]  do_syscall_64+0xf7/0x1c0
[  164.979604][    C0]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  164.985924][    C0] RIP: 0033:0x458b20
[  164.989898][    C0] Code: c0 5b 5d c3 66 0f 1f 44 00 00 8b 04 24 48 83 c4 18 5b 5d c3 66 0f 1f 44 00 00 83 3d 11 fe 61 00 00 75 14 b8 23 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 d4 d1 fb ff c3 48 83 ec 08 e8 ea 46 00 00
[  165.009497][    C0] RSP: 002b:00007ffd77173298 EFLAGS: 00000246 ORIG_RAX: 0000000000000023
[  165.017924][    C0] RAX: ffffffffffffffda RBX: 000000000000e89e RCX: 0000000000458b20
[  165.025886][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007ffd771732a0
[  165.033842][    C0] RBP: 0000000000000002 R08: 0000000000000001 R09: 0000000002370940
[  165.041890][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  165.050194][    C0] R13: 00007ffd771732f0 R14: 000000000000e89e R15: 00007ffd77173300