[ 76.450624][ T24] audit: type=1800 audit(1564497036.257:27): pid=10110 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 76.471079][ T24] audit: type=1800 audit(1564497036.267:28): pid=10110 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 77.196174][ T24] audit: type=1800 audit(1564497037.077:29): pid=10110 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 77.216445][ T24] audit: type=1800 audit(1564497037.077:30): pid=10110 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.128' (ECDSA) to the list of known hosts. syzkaller login: [ 174.820849][T10262] IPVS: ftp: loaded support on port[0] = 21 [ 174.868696][T10262] chnl_net:caif_netlink_parms(): no params data found [ 174.892625][T10262] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.900059][T10262] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.908035][T10262] device bridge_slave_0 entered promiscuous mode [ 174.915803][T10262] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.922923][T10262] bridge0: port 2(bridge_slave_1) entered disabled state [ 174.930723][T10262] device bridge_slave_1 entered promiscuous mode [ 174.945243][T10262] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 174.955641][T10262] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 174.971963][T10262] team0: Port device team_slave_0 added [ 174.978992][T10262] team0: Port device team_slave_1 added [ 175.047124][T10262] device hsr_slave_0 entered promiscuous mode [ 175.115485][T10262] device hsr_slave_1 entered promiscuous mode [ 175.191248][T10262] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.198385][T10262] bridge0: port 2(bridge_slave_1) entered forwarding state [ 175.205759][T10262] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.212802][T10262] bridge0: port 1(bridge_slave_0) entered forwarding state [ 175.239664][T10262] 8021q: adding VLAN 0 to HW filter on device bond0 [ 175.250475][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 175.258881][ T5] bridge0: port 1(bridge_slave_0) entered disabled state [ 175.266680][ T5] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.274323][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 175.284436][T10262] 8021q: adding VLAN 0 to HW filter on device team0 [ 175.294079][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 175.302473][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.309547][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state [ 175.326426][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 175.334777][ T3040] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.341869][ T3040] bridge0: port 2(bridge_slave_1) entered forwarding state [ 175.350011][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 175.358445][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 175.367289][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 175.379743][T10262] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network executing program [ 175.390224][T10262] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 175.402693][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 175.411166][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 175.419556][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 175.433707][T10262] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 175.465454][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 280.645270][ C1] rcu: INFO: rcu_preempt self-detected stall on CPU [ 280.652158][ C1] rcu: 1-....: (1 GPs behind) idle=366/1/0x4000000000000002 softirq=10248/10249 fqs=5250 [ 280.662339][ C1] (t=10502 jiffies g=10637 q=64) [ 280.667354][ C1] NMI backtrace for cpu 1 [ 280.677281][ C1] CPU: 1 PID: 10262 Comm: syz-executor127 Not tainted 5.3.0-rc2-next-20190730 #55 [ 280.689082][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 280.699674][ C1] Call Trace: [ 280.703089][ C1] [ 280.706061][ C1] dump_stack+0x172/0x1f0 [ 280.710755][ C1] nmi_cpu_backtrace.cold+0x70/0xb2 [ 280.716306][ C1] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 280.722583][ C1] ? lapic_can_unplug_cpu.cold+0x45/0x45 [ 280.728423][ C1] nmi_trigger_cpumask_backtrace+0x23b/0x28b [ 280.734418][ C1] arch_trigger_cpumask_backtrace+0x14/0x20 [ 280.740322][ C1] rcu_dump_cpu_stacks+0x183/0x1cf [ 280.745444][ C1] ? find_next_bit+0x107/0x130 [ 280.750208][ C1] rcu_sched_clock_irq.cold+0x4dd/0xc13 [ 280.755748][ C1] ? raise_softirq+0x138/0x340 [ 280.760514][ C1] update_process_times+0x32/0x80 [ 280.765536][ C1] tick_sched_handle+0xa2/0x190 [ 280.770380][ C1] tick_sched_timer+0x53/0x140 [ 280.775148][ C1] __hrtimer_run_queues+0x364/0xe40 [ 280.780373][ C1] ? tick_sched_do_timer+0x1b0/0x1b0 [ 280.785658][ C1] ? hrtimer_start_range_ns+0xcb0/0xcb0 [ 280.791204][ C1] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 280.796926][ C1] ? ktime_get_update_offsets_now+0x2d3/0x440 [ 280.803029][ C1] hrtimer_interrupt+0x314/0x770 [ 280.807979][ C1] smp_apic_timer_interrupt+0x160/0x610 [ 280.813529][ C1] apic_timer_interrupt+0xf/0x20 [ 280.818467][ C1] RIP: 0010:check_memory_region+0x10c/0x1a0 [ 280.825068][ C1] Code: 89 c8 4d 39 c8 74 10 41 80 38 00 74 ee 4b 8d 44 25 00 4d 85 c0 75 31 49 89 d9 49 29 c1 e9 68 ff ff ff 5b b8 01 00 00 00 41 5c <41> 5d 5d c3 4d 85 c9 74 ef 4d 01 e1 eb 09 48 83 c0 01 4c 39 c8 74 [ 280.844762][ C1] RSP: 0018:ffff8880ae9091e8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 280.853185][ C1] RAX: 0000000000000001 RBX: ffff88808dec0d08 RCX: ffffffff8158f237 [ 280.861173][ C1] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88808dec0d08 [ 280.869230][ C1] RBP: ffff8880ae9091f0 R08: 1ffff11011bd81a1 R09: ffffed1011bd81a2 [ 280.877239][ C1] R10: ffffed1011bd81a1 R11: ffff88808dec0d0b R12: 0000000000000001 [ 280.885225][ C1] R13: 0000000000000003 R14: ffffed1011bd81a1 R15: 0000000000000001 [ 280.893228][ C1] ? apic_timer_interrupt+0xa/0x20 [ 280.898613][ C1] ? native_queued_spin_lock_slowpath+0xb7/0x9f0 [ 280.904941][ C1] __kasan_check_read+0x11/0x20 [ 280.909826][ C1] native_queued_spin_lock_slowpath+0xb7/0x9f0 [ 280.915971][ C1] ? __pv_queued_spin_lock_slowpath+0xd10/0xd10 [ 280.922209][ C1] ? mark_held_locks+0xf0/0xf0 [ 280.926963][ C1] do_raw_spin_lock+0x20e/0x2e0 [ 280.931811][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 280.936828][ C1] ? lock_acquire+0x190/0x410 [ 280.941496][ C1] ? release_sock+0x20/0x1c0 [ 280.946076][ C1] ? __kasan_check_read+0x11/0x20 [ 280.951092][ C1] _raw_spin_lock_bh+0x3b/0x50 [ 280.955849][ C1] ? release_sock+0x20/0x1c0 [ 280.960438][ C1] release_sock+0x20/0x1c0 [ 280.964859][ C1] wait_on_pending_writer+0x20f/0x420 [ 280.970238][ C1] ? ip6_rcv_finish+0x1de/0x2f0 [ 280.975083][ C1] ? tls_init+0x560/0x560 [ 280.979409][ C1] ? process_backlog+0x206/0x750 [ 280.984333][ C1] ? net_rx_action+0x508/0x10c0 [ 280.989189][ C1] ? __do_softirq+0x262/0x98c [ 280.993860][ C1] ? prepare_to_wait_exclusive+0x320/0x320 [ 280.999657][ C1] ? inet_release+0xed/0x200 [ 281.004236][ C1] ? inet6_release+0x53/0x80 [ 281.008813][ C1] ? __sock_release+0xce/0x280 [ 281.013580][ C1] ? sock_close+0x1e/0x30 [ 281.017896][ C1] ? __fput+0x2ff/0x890 [ 281.022037][ C1] ? ____fput+0x16/0x20 [ 281.026183][ C1] ? task_work_run+0x145/0x1c0 [ 281.030941][ C1] ? exit_to_usermode_loop+0x316/0x380 [ 281.036393][ C1] tls_sk_proto_cleanup+0x2c5/0x3e0 [ 281.041589][ C1] ? wait_on_pending_writer+0x420/0x420 [ 281.047131][ C1] tls_sk_proto_unhash+0x90/0x3f0 [ 281.052152][ C1] tcp_set_state+0x5b9/0x7d0 [ 281.056735][ C1] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 281.062965][ C1] ? __sk_mem_reduce_allocated+0x1b0/0x560 [ 281.068769][ C1] ? tcp_alloc_md5sig_pool+0x4a0/0x4a0 [ 281.074220][ C1] ? __sk_mem_reclaim+0x55/0x70 [ 281.079063][ C1] ? tcp_write_queue_purge+0x5d8/0x1310 [ 281.084602][ C1] ? inet6_sk_rx_dst_set+0x244/0x6f0 [ 281.089890][ C1] tcp_done+0xe2/0x320 [ 281.093956][ C1] tcp_reset+0x132/0x500 [ 281.098202][ C1] tcp_validate_incoming+0xa2d/0x1660 [ 281.103582][ C1] tcp_rcv_established+0x6b5/0x1e70 [ 281.108775][ C1] ? mark_held_locks+0xf0/0xf0 [ 281.113545][ C1] ? sk_filter_trim_cap+0x45f/0xb30 [ 281.118748][ C1] ? tcp_data_queue+0x4860/0x4860 [ 281.123779][ C1] ? do_raw_spin_lock+0x12a/0x2e0 [ 281.128805][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 281.133734][ C1] ? lock_acquire+0x190/0x410 [ 281.138410][ C1] tcp_v6_do_rcv+0x41e/0x12c0 [ 281.143100][ C1] tcp_v6_rcv+0x31f1/0x3500 [ 281.147609][ C1] ? tcp_v6_syn_recv_sock+0x2290/0x2290 [ 281.153152][ C1] ? nf_confirm+0x360/0x4d0 [ 281.157652][ C1] ? mark_held_locks+0xf0/0xf0 [ 281.162417][ C1] ip6_protocol_deliver_rcu+0x2fe/0x1660 [ 281.168051][ C1] ip6_input_finish+0x84/0x170 [ 281.172808][ C1] ip6_input+0xe4/0x3f0 [ 281.176960][ C1] ? ip6_input_finish+0x170/0x170 [ 281.181988][ C1] ? __kasan_check_read+0x11/0x20 [ 281.187013][ C1] ? ip6_protocol_deliver_rcu+0x1660/0x1660 [ 281.192920][ C1] ? lock_downgrade+0x920/0x920 [ 281.197774][ C1] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 281.204018][ C1] ip6_rcv_finish+0x1de/0x2f0 [ 281.208696][ C1] ipv6_rcv+0x10e/0x420 [ 281.212847][ C1] ? ip6_rcv_core.isra.0+0x1bb0/0x1bb0 [ 281.218302][ C1] ? lock_downgrade+0x920/0x920 [ 281.223171][ C1] ? lock_downgrade+0x920/0x920 [ 281.228027][ C1] ? ip6_rcv_finish_core.isra.0+0x560/0x560 [ 281.233919][ C1] ? trace_hardirqs_off+0x62/0x240 [ 281.239029][ C1] ? ip6_rcv_core.isra.0+0x1bb0/0x1bb0 [ 281.244527][ C1] __netif_receive_skb_one_core+0x113/0x1a0 [ 281.250421][ C1] ? __netif_receive_skb_core+0x3060/0x3060 [ 281.256400][ C1] ? lock_acquire+0x190/0x410 [ 281.261085][ C1] ? process_backlog+0x195/0x750 [ 281.266068][ C1] __netif_receive_skb+0x2c/0x1d0 [ 281.271100][ C1] process_backlog+0x206/0x750 [ 281.275863][ C1] ? lock_acquire+0x190/0x410 [ 281.280536][ C1] ? clockevents_program_event+0x15a/0x370 [ 281.286336][ C1] net_rx_action+0x508/0x10c0 [ 281.291021][ C1] ? napi_complete_done+0x4b0/0x4b0 [ 281.296212][ C1] ? sched_clock+0x2e/0x50 [ 281.300638][ C1] ? kvm_clock_read+0x18/0x30 [ 281.305310][ C1] ? inet_csk_listen_stop+0x1bc/0x850 [ 281.310712][ C1] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 281.317061][ C1] __do_softirq+0x262/0x98c [ 281.321570][ C1] ? inet_csk_listen_stop+0x1bc/0x850 [ 281.326962][ C1] do_softirq_own_stack+0x2a/0x40 [ 281.331987][ C1] [ 281.334926][ C1] do_softirq.part.0+0x11a/0x170 [ 281.339860][ C1] __local_bh_enable_ip+0x211/0x270 [ 281.345075][ C1] inet_csk_listen_stop+0x1e0/0x850 [ 281.350272][ C1] tcp_close+0xd5b/0x10e0 [ 281.354598][ C1] ? ip_mc_drop_socket+0x211/0x270 [ 281.359709][ C1] ? down_write+0xdf/0x150 [ 281.364126][ C1] inet_release+0xed/0x200 [ 281.368541][ C1] inet6_release+0x53/0x80 [ 281.372959][ C1] __sock_release+0xce/0x280 [ 281.377547][ C1] sock_close+0x1e/0x30 [ 281.381700][ C1] __fput+0x2ff/0x890 [ 281.385672][ C1] ? __sock_release+0x280/0x280 [ 281.390515][ C1] ____fput+0x16/0x20 [ 281.394492][ C1] task_work_run+0x145/0x1c0 [ 281.399082][ C1] exit_to_usermode_loop+0x316/0x380 [ 281.404360][ C1] do_syscall_64+0x65f/0x760 [ 281.408963][ C1] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 281.414890][ C1] RIP: 0033:0x406571 [ 281.418792][ C1] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 24 1a 00 00 c3 48 83 ec 08 e8 6a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 b3 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 281.438389][ C1] RSP: 002b:00007ffc287d7350 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 281.447055][ C1] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000406571 [ 281.455106][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 281.463071][ C1] RBP: 00000000006dcc20 R08: 0000000000000140 R09: 0000000000000140 [ 281.471031][ C1] R10: 00007ffc287d7380 R11: 0000000000000293 R12: 00007ffc287d73b0 [ 281.478999][ C1] R13: 00000000006dcc2c R14: 000000000000002d R15: 0000000000000007 [ 282.825306][ T5] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 1-... } 10696 jiffies s: 105 root: 0x2/. [ 282.837635][ T5] rcu: blocking rcu_node structures: [ 282.842946][ T5] Task dump for CPU 1: [ 282.847396][ T5] syz-executor127 R running task 24184 10262 10261 0x8000000a [ 282.856096][ T5] Call Trace: [ 282.859402][ T5] ? __kasan_check_read+0x11/0x20 [ 282.864427][ T5] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 282.871028][ T5] ? lock_downgrade+0x920/0x920 [ 282.876656][ T5] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 282.882908][ T5] ? __this_cpu_preempt_check+0x3a/0x210 [ 282.888880][ T5] ? inet_csk_listen_stop+0x1bc/0x850 [ 282.894258][ T5] ? ksoftirqd_running+0x16/0x70 [ 282.899957][ T5] ? inet_csk_listen_stop+0x1bc/0x850 [ 282.905554][ T5] ? do_softirq.part.0+0x11a/0x170 [ 282.910680][ T5] ? __local_bh_enable_ip+0x211/0x270 [ 282.917015][ T5] ? inet_csk_listen_stop+0x1e0/0x850 [ 282.922418][ T5] ? tcp_close+0xd5b/0x10e0 [ 282.927237][ T5] ? ip_mc_drop_socket+0x211/0x270 [ 282.932359][ T5] ? down_write+0xdf/0x150 [ 282.937676][ T5] ? inet_release+0xed/0x200 [ 282.942281][ T5] ? inet6_release+0x53/0x80 [ 282.947196][ T5] ? __sock_release+0xce/0x280 [ 282.951977][ T5] ? sock_close+0x1e/0x30 [ 282.957355][ T5] ? __fput+0x2ff/0x890 [ 282.961538][ T5] ? __sock_release+0x280/0x280 [ 282.966733][ T5] ? ____fput+0x16/0x20 [ 282.970907][ T5] ? task_work_run+0x145/0x1c0 [ 282.976529][ T5] ? exit_to_usermode_loop+0x316/0x380 [ 282.982015][ T5] ? do_syscall_64+0x65f/0x760 [ 282.987149][ T5] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe