[ 44.411623][ T23] audit: type=1800 audit(1575328906.410:26): pid=8040 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 44.471211][ T23] audit: type=1800 audit(1575328906.410:27): pid=8040 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 44.515371][ T23] audit: type=1800 audit(1575328906.420:28): pid=8040 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 45.384519][ T23] audit: type=1800 audit(1575328907.400:29): pid=8040 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.154' (ECDSA) to the list of known hosts. 2019/12/02 23:21:59 fuzzer started 2019/12/02 23:22:00 dialing manager at 10.128.0.26:38907 2019/12/02 23:22:00 syscalls: 2697 2019/12/02 23:22:00 code coverage: enabled 2019/12/02 23:22:00 comparison tracing: enabled 2019/12/02 23:22:00 extra coverage: extra coverage is not supported by the kernel 2019/12/02 23:22:00 setuid sandbox: enabled 2019/12/02 23:22:00 namespace sandbox: enabled 2019/12/02 23:22:00 Android sandbox: /sys/fs/selinux/policy does not exist 2019/12/02 23:22:00 fault injection: enabled 2019/12/02 23:22:00 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/12/02 23:22:00 net packet injection: enabled 2019/12/02 23:22:00 net device setup: enabled 2019/12/02 23:22:00 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2019/12/02 23:22:00 devlink PCI setup: PCI device 0000:00:10.0 is not available 23:22:01 executing program 0: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r1 = dup(r0) sendto$inet(r1, 0x0, 0x0, 0xadf5571442d3cdbe, 0x0, 0x0) 23:22:01 executing program 1: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, 0x0) creat(&(0x7f0000000000)='./file0/file1\x00', 0x0) mount$overlay(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='lowerdir=.:file0']) execve(&(0x7f0000000040)='./file0/file1\x00', 0x0, 0x0) syzkaller login: [ 59.567903][ T8208] IPVS: ftp: loaded support on port[0] = 21 [ 59.567908][ T8206] IPVS: ftp: loaded support on port[0] = 21 23:22:01 executing program 2: r0 = socket$rxrpc(0x21, 0x2, 0xa) sendmsg$sock(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=[@mark={{0x14, 0x110, 0x2, 0x800}}], 0x18}, 0x0) [ 59.719768][ T8208] chnl_net:caif_netlink_parms(): no params data found [ 59.801017][ T8208] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.808655][ T8208] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.830063][ T8208] device bridge_slave_0 entered promiscuous mode [ 59.849947][ T8208] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.857095][ T8208] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.879807][ T8208] device bridge_slave_1 entered promiscuous mode 23:22:02 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x6b) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0815b5055e0bcfe87b3071") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000013c0)={{{@in6=@remote, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast2, 0x0, 0x32}, 0x0, @in6}}, 0xe8) connect$inet6(r1, &(0x7f0000000140)={0xa, 0xffffffffffffffff, 0x0, @ipv4={[], [], @dev}}, 0x1c) sendmmsg(r1, &(0x7f0000000240), 0x5c3, 0x0) [ 59.941233][ T8206] chnl_net:caif_netlink_parms(): no params data found [ 59.960771][ T8212] IPVS: ftp: loaded support on port[0] = 21 [ 59.973494][ T8208] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.007400][ T8208] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.076988][ T8206] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.109108][ T8206] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.129816][ T8206] device bridge_slave_0 entered promiscuous mode [ 60.140180][ T8206] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.147235][ T8206] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.169893][ T8206] device bridge_slave_1 entered promiscuous mode [ 60.190839][ T8208] team0: Port device team_slave_0 added [ 60.216830][ T8208] team0: Port device team_slave_1 added [ 60.233917][ T8206] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.235495][ T8215] IPVS: ftp: loaded support on port[0] = 21 [ 60.250801][ T8206] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link 23:22:02 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x1, 0x2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[], 0x0) [ 60.294405][ T8206] team0: Port device team_slave_0 added [ 60.361035][ T8206] team0: Port device team_slave_1 added [ 60.413168][ T8208] device hsr_slave_0 entered promiscuous mode [ 60.479525][ T8208] device hsr_slave_1 entered promiscuous mode [ 60.523438][ T8212] chnl_net:caif_netlink_parms(): no params data found 23:22:02 executing program 5: ioctl$VIDIOC_DBG_G_CHIP_INFO(0xffffffffffffffff, 0xc0c85666, &(0x7f0000000000)={{}, "77bc077e473752df9ac3b84e4588f7905c0d6e1f99abd7a34f5912dd52f4b299", 0x1}) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000040)={0x1, [0x0]}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x7b, &(0x7f0000000000)={r2}, &(0x7f0000000140)=0x8) [ 60.563828][ T8218] IPVS: ftp: loaded support on port[0] = 21 [ 60.641485][ T8206] device hsr_slave_0 entered promiscuous mode [ 60.679404][ T8206] device hsr_slave_1 entered promiscuous mode [ 60.729173][ T8206] debugfs: Directory 'hsr0' with parent '/' already present! [ 60.778277][ T8220] IPVS: ftp: loaded support on port[0] = 21 [ 60.816956][ T8212] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.824169][ T8212] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.833034][ T8212] device bridge_slave_0 entered promiscuous mode [ 60.841100][ T8212] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.848185][ T8212] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.856222][ T8212] device bridge_slave_1 entered promiscuous mode [ 60.876061][ T8208] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 60.957828][ T8206] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 61.002521][ T8206] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 61.065127][ T8206] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 61.110382][ T8208] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 61.173785][ T8212] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.185893][ T8212] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.195358][ T8206] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 61.260783][ T8208] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 61.333792][ T8208] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 61.387410][ T8215] chnl_net:caif_netlink_parms(): no params data found [ 61.402647][ T8212] team0: Port device team_slave_0 added [ 61.411046][ T8212] team0: Port device team_slave_1 added [ 61.444260][ T8218] chnl_net:caif_netlink_parms(): no params data found [ 61.531750][ T8212] device hsr_slave_0 entered promiscuous mode [ 61.579379][ T8212] device hsr_slave_1 entered promiscuous mode [ 61.619141][ T8212] debugfs: Directory 'hsr0' with parent '/' already present! [ 61.657274][ T8215] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.665096][ T8215] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.674296][ T8215] device bridge_slave_0 entered promiscuous mode [ 61.685453][ T8218] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.692625][ T8218] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.700676][ T8218] device bridge_slave_0 entered promiscuous mode [ 61.708444][ T8218] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.716173][ T8218] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.724234][ T8218] device bridge_slave_1 entered promiscuous mode [ 61.747235][ T8215] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.754663][ T8215] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.763768][ T8215] device bridge_slave_1 entered promiscuous mode [ 61.809136][ T8218] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.820275][ T8218] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.840879][ T8215] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.854009][ T8215] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.875965][ T8218] team0: Port device team_slave_0 added [ 61.899460][ T8215] team0: Port device team_slave_0 added [ 61.906256][ T8220] chnl_net:caif_netlink_parms(): no params data found [ 61.918905][ T8218] team0: Port device team_slave_1 added [ 61.928812][ T8215] team0: Port device team_slave_1 added [ 62.011791][ T8215] device hsr_slave_0 entered promiscuous mode [ 62.079329][ T8215] device hsr_slave_1 entered promiscuous mode [ 62.129267][ T8215] debugfs: Directory 'hsr0' with parent '/' already present! [ 62.211705][ T8218] device hsr_slave_0 entered promiscuous mode [ 62.249477][ T8218] device hsr_slave_1 entered promiscuous mode [ 62.289940][ T8218] debugfs: Directory 'hsr0' with parent '/' already present! [ 62.299217][ T8212] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 62.335912][ T8212] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 62.403158][ T8212] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 62.476519][ T8212] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 62.551357][ T8220] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.558429][ T8220] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.566735][ T8220] device bridge_slave_0 entered promiscuous mode [ 62.574814][ T8220] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.582019][ T8220] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.589934][ T8220] device bridge_slave_1 entered promiscuous mode [ 62.600790][ T8206] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.657677][ T8215] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 62.692606][ T8215] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 62.752996][ T8211] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.762194][ T8211] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.772695][ T8206] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.782157][ T8220] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.793931][ T8218] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 62.860883][ T8215] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 62.910226][ T8208] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.919114][ T8220] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.929376][ T8218] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 62.972941][ T8223] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 62.981880][ T8223] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 62.990480][ T8223] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.997613][ T8223] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.005650][ T8223] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 63.014386][ T8223] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.023143][ T8223] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.030316][ T8223] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.038572][ T8223] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 63.046580][ T8215] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 63.117592][ T8218] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 63.153247][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 63.162349][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 63.171374][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 63.179836][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 63.188083][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 63.196783][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 63.205549][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.213502][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.222693][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 63.236580][ T8220] team0: Port device team_slave_0 added [ 63.245559][ T8218] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 63.294105][ T8220] team0: Port device team_slave_1 added [ 63.305274][ T8208] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.322687][ T8223] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 63.331754][ T8223] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 63.340794][ T8223] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 63.350234][ T8223] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 63.364795][ T8206] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 63.391532][ T8223] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 63.400441][ T8223] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.408890][ T8223] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.416006][ T8223] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.424963][ T8223] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 63.483259][ T8220] device hsr_slave_0 entered promiscuous mode [ 63.529479][ T8220] device hsr_slave_1 entered promiscuous mode [ 63.579192][ T8220] debugfs: Directory 'hsr0' with parent '/' already present! [ 63.591411][ T8212] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.624573][ T8226] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 63.634426][ T8226] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.643535][ T8226] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.650656][ T8226] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.658162][ T8226] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 63.677666][ T8212] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.694780][ T8220] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 63.723189][ T8220] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 63.770529][ T8226] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.778221][ T8226] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.786818][ T8226] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 63.813631][ T8206] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.830655][ T8220] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 63.861545][ T8220] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 63.911472][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 63.920350][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.928634][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.935723][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.944119][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 63.952136][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 63.959841][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 63.969647][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 63.977893][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 63.986424][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 63.994834][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 64.003246][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 64.012602][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 64.020494][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 64.028150][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 64.037019][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 64.045923][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.053213][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.080587][ T8208] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 64.114752][ T3189] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 64.124189][ T3189] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 64.145321][ T8223] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 64.169544][ T8215] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.211193][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 64.218789][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 64.235094][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 64.252087][ T8218] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.274270][ T8218] 8021q: adding VLAN 0 to HW filter on device team0 [ 169.228947][ C1] rcu: INFO: rcu_preempt self-detected stall on CPU [ 169.235725][ C1] rcu: 1-...!: (10499 ticks this GP) idle=12a/1/0x4000000000000002 softirq=11539/11539 fqs=1 [ 169.246672][ C1] (t=10500 jiffies g=6449 q=150) [ 169.251691][ C1] rcu: rcu_preempt kthread starved for 10497 jiffies! g6449 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 169.262777][ C1] rcu: RCU grace-period kthread stack dump: [ 169.268664][ C1] rcu_preempt R running task 29032 10 2 0x80004000 [ 169.276559][ C1] Call Trace: [ 169.279848][ C1] __schedule+0x9a0/0xcc0 [ 169.284177][ C1] schedule+0x181/0x210 [ 169.288324][ C1] schedule_timeout+0x14f/0x240 [ 169.293161][ C1] ? run_local_timers+0x120/0x120 [ 169.298189][ C1] rcu_gp_kthread+0xed8/0x1770 [ 169.302949][ C1] kthread+0x332/0x350 [ 169.306999][ C1] ? rcu_report_qs_rsp+0x140/0x140 [ 169.312106][ C1] ? kthread_blkcg+0xe0/0xe0 [ 169.316867][ C1] ret_from_fork+0x24/0x30 [ 169.321287][ C1] NMI backtrace for cpu 1 [ 169.325614][ C1] CPU: 1 PID: 8226 Comm: kworker/1:4 Not tainted 5.4.0-syzkaller #0 [ 169.333832][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 169.343886][ C1] Workqueue: ipv6_addrconf addrconf_dad_work [ 169.349864][ C1] Call Trace: [ 169.353152][ C1] [ 169.355995][ C1] dump_stack+0x1fb/0x318 [ 169.360354][ C1] nmi_cpu_backtrace+0xaf/0x1a0 [ 169.365220][ C1] ? nmi_trigger_cpumask_backtrace+0x16d/0x290 [ 169.371378][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 169.377442][ C1] nmi_trigger_cpumask_backtrace+0x174/0x290 [ 169.383414][ C1] arch_trigger_cpumask_backtrace+0x10/0x20 [ 169.389315][ C1] rcu_dump_cpu_stacks+0x15a/0x220 [ 169.394425][ C1] rcu_sched_clock_irq+0xe25/0x1ad0 [ 169.399637][ C1] ? trace_hardirqs_off+0x74/0x80 [ 169.404649][ C1] update_process_times+0x12d/0x180 [ 169.409847][ C1] tick_sched_timer+0x263/0x420 [ 169.414683][ C1] ? tick_setup_sched_timer+0x3d0/0x3d0 [ 169.421175][ C1] __hrtimer_run_queues+0x403/0x840 [ 169.427197][ C1] hrtimer_interrupt+0x38c/0xda0 [ 169.432137][ C1] ? debug_smp_processor_id+0x9/0x20 [ 169.437411][ C1] smp_apic_timer_interrupt+0x109/0x280 [ 169.442946][ C1] apic_timer_interrupt+0xf/0x20 [ 169.447875][ C1] [ 169.451185][ C1] RIP: 0010:__memcg_kmem_uncharge+0xa/0x2e0 [ 169.457075][ C1] Code: 74 12 48 81 c3 08 02 00 00 48 89 df 4c 89 f6 e8 dc 7d ff ff 5b 41 5e 5d c3 0f 1f 80 00 00 00 00 55 48 89 e5 41 57 41 56 41 55 <41> 54 53 50 89 f3 49 89 fc 48 b8 00 00 00 00 00 fc ff df 4c 8d 77 [ 169.476670][ C1] RSP: 0018:ffffc900021878c0 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 169.485071][ C1] RAX: ffffffff81486ea4 RBX: ffffea000252c880 RCX: ffff8880a49823c0 [ 169.493028][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffea000252c880 [ 169.501086][ C1] RBP: ffffc900021878d8 R08: dffffc0000000000 R09: fffffbfff120248a [ 169.509392][ C1] R10: fffffbfff120248a R11: 0000000000000000 R12: ffff8880974b43a0 [ 169.517352][ C1] R13: dffffc0000000000 R14: 1ffff11012e96874 R15: ffff8880a88df4e8 [ 169.525329][ C1] ? free_thread_stack+0x124/0x590 [ 169.530445][ C1] free_thread_stack+0x12e/0x590 [ 169.535373][ C1] put_task_stack+0xa3/0x130 [ 169.539959][ C1] finish_task_switch+0x3f1/0x550 [ 169.544984][ C1] __schedule+0x9a8/0xcc0 [ 169.549305][ C1] ? debug_smp_processor_id+0x9/0x20 [ 169.554578][ C1] schedule+0x181/0x210 [ 169.558751][ C1] schedule_preempt_disabled+0x13/0x20 [ 169.564339][ C1] mutex_optimistic_spin+0x445/0x480 [ 169.569628][ C1] __mutex_lock_common+0x2e7/0x2e10 [ 169.574813][ C1] ? rtnl_lock+0x17/0x20 [ 169.579071][ C1] ? process_one_work+0x75d/0x10d0 [ 169.584182][ C1] mutex_lock_nested+0x1b/0x30 [ 169.588933][ C1] rtnl_lock+0x17/0x20 [ 169.592990][ C1] addrconf_dad_work+0x69/0x1c30 [ 169.597918][ C1] ? rcu_read_lock_sched_held+0x10b/0x170 [ 169.603737][ C1] process_one_work+0x7ef/0x10d0 [ 169.608679][ C1] worker_thread+0xc01/0x1630 [ 169.613361][ C1] kthread+0x332/0x350 [ 169.617414][ C1] ? rcu_lock_release+0x30/0x30 [ 169.622251][ C1] ? kthread_blkcg+0xe0/0xe0 [ 169.626835][ C1] ret_from_fork+0x24/0x30