Warning: Permanently added '10.128.1.5' (ECDSA) to the list of known hosts. 2019/12/04 09:16:18 fuzzer started 2019/12/04 09:16:20 dialing manager at 10.128.0.26:36481 2019/12/04 09:16:20 syscalls: 2691 2019/12/04 09:16:20 code coverage: enabled 2019/12/04 09:16:20 comparison tracing: enabled 2019/12/04 09:16:20 extra coverage: extra coverage is not supported by the kernel 2019/12/04 09:16:20 setuid sandbox: enabled 2019/12/04 09:16:20 namespace sandbox: enabled 2019/12/04 09:16:20 Android sandbox: /sys/fs/selinux/policy does not exist 2019/12/04 09:16:20 fault injection: enabled 2019/12/04 09:16:20 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/12/04 09:16:20 net packet injection: enabled 2019/12/04 09:16:20 net device setup: enabled 2019/12/04 09:16:20 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2019/12/04 09:16:20 devlink PCI setup: PCI device 0000:00:10.0 is not available 09:16:21 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xb2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 09:16:21 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000440)='/dev/null\x00', 0x0, 0x0) sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000780)={0x1c, 0x0, 0x0, 0x70bd2a}, 0x1c}}, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000580)=""/143, &(0x7f0000000340)=0xfee5) getsockname$packet(0xffffffffffffffff, &(0x7f0000000340), &(0x7f0000000380)=0x14) setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000480)={0x0, @rand_addr, @local}, 0xc) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb, 0x0, 0x0, 0x0, 0x400000000000000]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KDGKBENT(0xffffffffffffffff, 0x4b46, &(0x7f0000000540)={0x0, 0x0, 0xff}) ioctl$TIOCGLCKTRMIOS(0xffffffffffffffff, 0x5456, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x2}) sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[]}}, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) syzkaller login: [ 58.117866][ T8317] IPVS: ftp: loaded support on port[0] = 21 [ 58.264514][ T8317] chnl_net:caif_netlink_parms(): no params data found 09:16:21 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x4, 0x0, 0x0) [ 58.348422][ T8317] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.369797][ T8317] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.377849][ T8317] device bridge_slave_0 entered promiscuous mode [ 58.402378][ T8317] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.409521][ T8317] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.430663][ T8317] device bridge_slave_1 entered promiscuous mode [ 58.468955][ T8317] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.491422][ T8317] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.525053][ T8320] IPVS: ftp: loaded support on port[0] = 21 [ 58.536431][ T8317] team0: Port device team_slave_0 added [ 58.563927][ T8317] team0: Port device team_slave_1 added [ 58.616615][ T8322] IPVS: ftp: loaded support on port[0] = 21 09:16:22 executing program 3: open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x13, 0x0, &(0x7f00000000c0)) [ 58.733607][ T8317] device hsr_slave_0 entered promiscuous mode [ 58.800178][ T8317] device hsr_slave_1 entered promiscuous mode 09:16:22 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f00000001c0)='fou\x00') sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000100)={0x0, 0xff00000000000000, &(0x7f0000000000)={&(0x7f0000000080)={0x24, r1, 0x403, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x8}, @FOU_ATTR_AF={0x8, 0x3}]}, 0x24}}, 0x0) [ 58.869520][ T8324] IPVS: ftp: loaded support on port[0] = 21 [ 58.945229][ T8317] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 59.052983][ T8317] netdevsim netdevsim0 netdevsim1: renamed from eth1 09:16:22 executing program 5: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={[{@discard='discard'}, {@noquota='noquota'}]}) [ 59.134467][ T8317] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 59.217738][ T8326] IPVS: ftp: loaded support on port[0] = 21 [ 59.247455][ T8328] IPVS: ftp: loaded support on port[0] = 21 [ 59.261768][ T8317] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 59.338365][ T8322] chnl_net:caif_netlink_parms(): no params data found [ 59.356828][ T8320] chnl_net:caif_netlink_parms(): no params data found [ 59.442393][ T8320] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.449492][ T8320] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.457243][ T8320] device bridge_slave_0 entered promiscuous mode [ 59.466176][ T8320] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.473376][ T8320] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.481084][ T8320] device bridge_slave_1 entered promiscuous mode [ 59.500275][ T8322] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.507336][ T8322] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.516394][ T8322] device bridge_slave_0 entered promiscuous mode [ 59.524136][ T8322] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.531269][ T8322] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.538882][ T8322] device bridge_slave_1 entered promiscuous mode [ 59.556591][ T8320] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.574033][ T8320] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.596633][ T8320] team0: Port device team_slave_0 added [ 59.606553][ T8320] team0: Port device team_slave_1 added [ 59.617997][ T8322] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.669576][ T8322] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.706582][ T8324] chnl_net:caif_netlink_parms(): no params data found [ 59.802661][ T8320] device hsr_slave_0 entered promiscuous mode [ 59.840222][ T8320] device hsr_slave_1 entered promiscuous mode [ 59.889974][ T8320] debugfs: Directory 'hsr0' with parent '/' already present! [ 59.904980][ T8322] team0: Port device team_slave_0 added [ 59.951529][ T8322] team0: Port device team_slave_1 added [ 60.004740][ T8320] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 60.043207][ T8320] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 60.081997][ T8324] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.089101][ T8324] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.097303][ T8324] device bridge_slave_0 entered promiscuous mode [ 60.119294][ T8326] chnl_net:caif_netlink_parms(): no params data found [ 60.127605][ T8320] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 60.185425][ T8324] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.192711][ T8324] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.201561][ T8324] device bridge_slave_1 entered promiscuous mode [ 60.227513][ T8320] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 60.322828][ T8322] device hsr_slave_0 entered promiscuous mode [ 60.380171][ T8322] device hsr_slave_1 entered promiscuous mode [ 60.430306][ T8322] debugfs: Directory 'hsr0' with parent '/' already present! [ 60.444990][ T8317] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.468260][ T8324] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.481514][ T8324] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.521592][ T8328] chnl_net:caif_netlink_parms(): no params data found [ 60.533572][ T8326] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.540904][ T8326] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.548544][ T8326] device bridge_slave_0 entered promiscuous mode [ 60.574628][ T8324] team0: Port device team_slave_0 added [ 60.582662][ T8324] team0: Port device team_slave_1 added [ 60.590618][ T8333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 60.599034][ T8333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 60.611364][ T8326] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.618416][ T8326] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.628071][ T8326] device bridge_slave_1 entered promiscuous mode [ 60.657374][ T8326] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.673621][ T8322] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 60.727382][ T8322] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 60.772072][ T8322] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 60.823976][ T8317] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.831950][ T8326] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.912487][ T8324] device hsr_slave_0 entered promiscuous mode [ 60.961637][ T8324] device hsr_slave_1 entered promiscuous mode [ 60.999933][ T8324] debugfs: Directory 'hsr0' with parent '/' already present! [ 61.007928][ T8322] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 61.069017][ T8326] team0: Port device team_slave_0 added [ 61.078963][ T8326] team0: Port device team_slave_1 added [ 61.086283][ T8328] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.094355][ T8328] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.102080][ T8328] device bridge_slave_0 entered promiscuous mode [ 61.133781][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 61.142440][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 61.151592][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.158703][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.167224][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 61.175704][ T8328] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.184209][ T8328] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.192372][ T8328] device bridge_slave_1 entered promiscuous mode [ 61.210351][ T8328] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.222395][ T8335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 61.231259][ T8335] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 61.239509][ T8335] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.246604][ T8335] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.279986][ T8328] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.333104][ T8326] device hsr_slave_0 entered promiscuous mode [ 61.380112][ T8326] device hsr_slave_1 entered promiscuous mode [ 61.439942][ T8326] debugfs: Directory 'hsr0' with parent '/' already present! [ 61.470236][ T8320] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.478887][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 61.487501][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 61.496481][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 61.505322][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 61.516868][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 61.541004][ T8328] team0: Port device team_slave_0 added [ 61.549036][ T8328] team0: Port device team_slave_1 added [ 61.558582][ T8324] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 61.638045][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 61.646096][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 61.654574][ T8324] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 61.714092][ T8320] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.723699][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 61.735387][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 61.747621][ T8326] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 61.794445][ T8326] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 61.843864][ T8324] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 61.899506][ T8317] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 61.912511][ T8317] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 61.952789][ T8328] device hsr_slave_0 entered promiscuous mode [ 62.010363][ T8328] device hsr_slave_1 entered promiscuous mode [ 62.059842][ T8328] debugfs: Directory 'hsr0' with parent '/' already present! [ 62.067572][ T8326] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 62.111292][ T8324] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 62.172287][ T8335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 62.181509][ T8335] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 62.190228][ T8335] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.197340][ T8335] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.205239][ T8335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 62.213614][ T8335] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 62.222639][ T8335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 62.231203][ T8335] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 62.239476][ T8335] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.246574][ T8335] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.254356][ T8335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 62.262807][ T8335] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 62.270988][ T8335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 62.279794][ T8335] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 62.287615][ T8335] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 62.314337][ T8326] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 62.373462][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 62.402747][ T8317] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 62.421023][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 62.428585][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 62.437983][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 62.446736][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 62.455350][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 62.464279][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 62.473259][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 62.481851][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 62.490551][ T2777] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 62.502169][ T8320] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 62.517302][ T8322] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.530093][ T8328] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 62.571962][ T8328] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 62.611533][ T8328] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 62.672091][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 62.681192][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 62.700368][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 62.707914][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 62.728988][ T8328] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 62.795113][ T8320] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 62.803793][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.811831][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.822877][ T8322] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.927508][ T8324] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.955561][ T8324] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.983538][ T8326] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.006396][ T8326] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.049286][ T8326] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 63.065223][ T8326] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 63.106088][ T8326] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 167.959708][ C1] rcu: INFO: rcu_preempt self-detected stall on CPU [ 167.966535][ C1] rcu: 1-...!: (10499 ticks this GP) idle=87a/1/0x4000000000000002 softirq=12676/12676 fqs=6 [ 167.977116][ C1] (t=10501 jiffies g=6489 q=601) [ 167.982130][ C1] rcu: rcu_preempt kthread starved for 10486 jiffies! g6489 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 167.993219][ C1] rcu: RCU grace-period kthread stack dump: [ 167.999091][ C1] rcu_preempt R running task 29032 10 2 0x80004000 [ 168.006979][ C1] Call Trace: [ 168.010266][ C1] __schedule+0x9a0/0xcc0 [ 168.014590][ C1] schedule+0x181/0x210 [ 168.018743][ C1] schedule_timeout+0x14f/0x240 [ 168.023579][ C1] ? run_local_timers+0x120/0x120 [ 168.028590][ C1] rcu_gp_kthread+0xed8/0x1770 [ 168.033362][ C1] kthread+0x332/0x350 [ 168.037419][ C1] ? rcu_report_qs_rsp+0x140/0x140 [ 168.042521][ C1] ? kthread_blkcg+0xe0/0xe0 [ 168.047097][ C1] ret_from_fork+0x24/0x30 [ 168.051516][ C1] NMI backtrace for cpu 1 [ 168.055844][ C1] CPU: 1 PID: 8288 Comm: udevd Not tainted 5.4.0-syzkaller #0 [ 168.063276][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 168.073315][ C1] Call Trace: [ 168.076582][ C1] [ 168.079424][ C1] dump_stack+0x1fb/0x318 [ 168.083744][ C1] nmi_cpu_backtrace+0xaf/0x1a0 [ 168.088578][ C1] ? nmi_trigger_cpumask_backtrace+0x16d/0x290 [ 168.094717][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 168.100769][ C1] nmi_trigger_cpumask_backtrace+0x174/0x290 [ 168.106734][ C1] arch_trigger_cpumask_backtrace+0x10/0x20 [ 168.112613][ C1] rcu_dump_cpu_stacks+0x15a/0x220 [ 168.117717][ C1] rcu_sched_clock_irq+0xe25/0x1ad0 [ 168.122905][ C1] ? trace_hardirqs_off+0x74/0x80 [ 168.128010][ C1] update_process_times+0x12d/0x180 [ 168.133197][ C1] tick_sched_timer+0x263/0x420 [ 168.138037][ C1] ? tick_setup_sched_timer+0x3d0/0x3d0 [ 168.143569][ C1] __hrtimer_run_queues+0x403/0x840 [ 168.148765][ C1] hrtimer_interrupt+0x38c/0xda0 [ 168.153708][ C1] ? debug_smp_processor_id+0x9/0x20 [ 168.158983][ C1] smp_apic_timer_interrupt+0x109/0x280 [ 168.164517][ C1] apic_timer_interrupt+0xf/0x20 [ 168.169434][ C1] [ 168.172359][ C1] RIP: 0010:free_thread_stack+0x195/0x590 [ 168.178065][ C1] Code: 2e 00 74 08 4c 89 e7 e8 09 a0 69 00 49 8b 1c 24 48 83 c3 08 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 eb 9f 69 00 <48> 8b 1b e9 82 ff ff ff e8 5e 2a 2e 00 43 80 3c 2e 00 75 18 eb 1e [ 168.202340][ C1] RSP: 0018:ffffc90001ce7b10 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 168.210745][ C1] RAX: 1ffff11010ed67c1 RBX: ffff8880876b3e08 RCX: ffff88809d3c8540 [ 168.218699][ C1] RDX: 0000000000000000 RSI: 00000000fffffffc RDI: ffffea0002953700 [ 168.226659][ C1] RBP: ffffc90001ce7b48 R08: 000000000003a728 R09: ffffed101522d2bf [ 168.234616][ C1] R10: ffffed101522d2bf R11: 0000000000000000 R12: ffff8880876b3ea0 [ 168.242582][ C1] R13: dffffc0000000000 R14: 1ffff11010ed67d4 R15: ffff8880a91695e8 [ 168.250835][ C1] put_task_stack+0xa3/0x130 [ 168.255421][ C1] finish_task_switch+0x3f1/0x550 [ 168.260436][ C1] __schedule+0x9a8/0xcc0 [ 168.264759][ C1] schedule+0x181/0x210 [ 168.268905][ C1] schedule_hrtimeout_range_clock+0x3c7/0x510 [ 168.274965][ C1] ? trace_hrtimer_expire_exit+0x2d0/0x2d0 [ 168.280761][ C1] schedule_hrtimeout_range+0x2a/0x40 [ 168.286126][ C1] ep_poll+0xa4d/0xe80 [ 168.290190][ C1] ? do_task_dead+0xc0/0xc0 [ 168.294679][ C1] ? __kasan_check_read+0x11/0x20 [ 168.299692][ C1] do_epoll_wait+0x1ee/0x260 [ 168.304274][ C1] __x64_sys_epoll_wait+0x9a/0xb0 [ 168.309287][ C1] do_syscall_64+0xf7/0x1c0 [ 168.313776][ C1] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 168.319661][ C1] RIP: 0033:0x7fa24f425943 [ 168.324062][ C1] Code: 00 31 d2 48 29 c2 64 89 11 48 83 c8 ff eb ea 90 90 90 90 90 90 90 90 83 3d b5 dc 2a 00 00 75 13 49 89 ca b8 e8 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 34 c3 48 83 ec 08 e8 3b c4 00 00 48 89 04 24 [ 168.343650][ C1] RSP: 002b:00007ffc5cbb2978 EFLAGS: 00000246 ORIG_RAX: 00000000000000e8 [ 168.352044][ C1] RAX: ffffffffffffffda RBX: 0000000001952250 RCX: 00007fa24f425943 [ 168.359999][ C1] RDX: 0000000000000004 RSI: 00007ffc5cbb2a40 RDI: 0000000000000007 [ 168.367955][ C1] RBP: 0000000000625500 R08: 00007ffc5cbb2960 R09: 00007ffc5cbdd0b8 [ 168.376075][ C1] R10: 000000000000ee3c R11: 0000000000000246 R12: 0000000001962450 [ 168.384045][ C1] R13: 00007ffc5cbb3a97 R14: 0000000000000005 R15: 0000000001952250