[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 49.113761][ T23] audit: type=1800 audit(1575352509.261:25): pid=8266 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 49.151885][ T23] audit: type=1800 audit(1575352509.261:26): pid=8266 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 49.191834][ T23] audit: type=1800 audit(1575352509.261:27): pid=8266 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.120' (ECDSA) to the list of known hosts. 2019/12/03 05:55:21 fuzzer started 2019/12/03 05:55:23 dialing manager at 10.128.0.26:38907 2019/12/03 05:55:23 syscalls: 2697 2019/12/03 05:55:23 code coverage: enabled 2019/12/03 05:55:23 comparison tracing: enabled 2019/12/03 05:55:23 extra coverage: extra coverage is not supported by the kernel 2019/12/03 05:55:23 setuid sandbox: enabled 2019/12/03 05:55:23 namespace sandbox: enabled 2019/12/03 05:55:23 Android sandbox: /sys/fs/selinux/policy does not exist 2019/12/03 05:55:23 fault injection: enabled 2019/12/03 05:55:23 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/12/03 05:55:23 net packet injection: enabled 2019/12/03 05:55:23 net device setup: enabled 2019/12/03 05:55:23 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2019/12/03 05:55:23 devlink PCI setup: PCI device 0000:00:10.0 is not available 05:55:24 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r1 = socket$netlink(0x10, 0x3, 0x4000000000000004) writev(r1, &(0x7f0000000000)=[{&(0x7f0000000180)="580000001400192340834b80040d8c5602067fffffff81000000000000dca87086a5c000004f6400940005891550f4a8000000006700008000f0fffeffff09000080fff5dd00000010000100000c0900fcff0000040e05a5", 0x322}], 0x1) 05:55:25 executing program 1: r0 = socket$inet6(0xa, 0x80003, 0xff) ioctl(r0, 0x1000008912, &(0x7f0000000080)="0800b5055e0bcfe87b2071") r1 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$IPT_SO_GET_INFO(r1, 0x0, 0x40, &(0x7f0000000000)={'raw\x00'}, &(0x7f00000004c0)=0x54) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r3 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'tunl0\x00', 0x0}) bind$bt_hci(r2, &(0x7f0000000040)={0x1f, r4}, 0xc) close(r2) syzkaller login: [ 65.009540][ T8430] IPVS: ftp: loaded support on port[0] = 21 05:55:25 executing program 2: r0 = syz_open_dev$video4linux(&(0x7f0000000000)='/dev/v4l-subdev#\x00', 0x5, 0x0) ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205647, &(0x7f0000000100)={0x0, 0x0, 0x0, [], 0x0}) [ 65.194677][ T8430] chnl_net:caif_netlink_parms(): no params data found [ 65.276874][ T8434] IPVS: ftp: loaded support on port[0] = 21 [ 65.334248][ T8430] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.343475][ T8430] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.362824][ T8430] device bridge_slave_0 entered promiscuous mode [ 65.396605][ T8430] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.411837][ T8430] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.420187][ T8430] device bridge_slave_1 entered promiscuous mode 05:55:25 executing program 3: syz_open_dev$vbi(&(0x7f0000000540)='/dev/vbi#\x00', 0x0, 0x2) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x3) renameat2(0xffffffffffffffff, &(0x7f0000000500)='./bus\x00', 0xffffffffffffffff, 0x0, 0x3) ioctl$SG_SCSI_RESET(0xffffffffffffffff, 0x2284, 0x0) open(0x0, 0x0, 0x0) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) pwritev(r0, &(0x7f0000001380)=[{&(0x7f0000000000)="02", 0x1}], 0x1, 0x0) fallocate(r0, 0x20, 0x0, 0xfffffeff000) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r1, 0x0, 0x40000000, 0x10000101) [ 65.455118][ T8435] IPVS: ftp: loaded support on port[0] = 21 [ 65.480327][ T8430] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 65.527175][ T8430] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 65.631551][ T8430] team0: Port device team_slave_0 added [ 65.643031][ T8430] team0: Port device team_slave_1 added [ 65.677084][ T8437] IPVS: ftp: loaded support on port[0] = 21 05:55:25 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'hsr0\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'hsr0\x00L\x00H\x00\x00\x00\x00\x00\x00\xff\x00', 0x1001}) [ 65.774734][ T8430] device hsr_slave_0 entered promiscuous mode [ 65.823087][ T8430] device hsr_slave_1 entered promiscuous mode [ 65.934540][ T8434] chnl_net:caif_netlink_parms(): no params data found [ 65.958260][ T8435] chnl_net:caif_netlink_parms(): no params data found 05:55:26 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'bond0\x00', &(0x7f0000000000)=@ethtool_link_settings={0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}}) pivot_root(0x0, 0x0) [ 66.075487][ T8435] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.091892][ T8435] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.100226][ T8435] device bridge_slave_0 entered promiscuous mode [ 66.116836][ T8430] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 66.156825][ T8430] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 66.236113][ T8430] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 66.301129][ T8435] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.308978][ T8435] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.317771][ T8435] device bridge_slave_1 entered promiscuous mode [ 66.338926][ T8441] IPVS: ftp: loaded support on port[0] = 21 [ 66.352596][ T8430] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 66.414817][ T8434] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.422474][ T8434] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.430778][ T8434] device bridge_slave_0 entered promiscuous mode [ 66.446839][ T8435] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.459235][ T8435] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.483923][ T8443] IPVS: ftp: loaded support on port[0] = 21 [ 66.490055][ T8434] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.497583][ T8434] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.506344][ T8434] device bridge_slave_1 entered promiscuous mode [ 66.564484][ T8434] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.585871][ T8437] chnl_net:caif_netlink_parms(): no params data found [ 66.596709][ T8435] team0: Port device team_slave_0 added [ 66.605889][ T8434] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.635372][ T8435] team0: Port device team_slave_1 added [ 66.660226][ T8434] team0: Port device team_slave_0 added [ 66.673821][ T8434] team0: Port device team_slave_1 added [ 66.746423][ T8437] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.755780][ T8437] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.764346][ T8437] device bridge_slave_0 entered promiscuous mode [ 66.783790][ T8430] 8021q: adding VLAN 0 to HW filter on device bond0 [ 66.824503][ T8435] device hsr_slave_0 entered promiscuous mode [ 66.882404][ T8435] device hsr_slave_1 entered promiscuous mode [ 66.932043][ T8435] debugfs: Directory 'hsr0' with parent '/' already present! [ 66.944893][ T8437] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.952338][ T8437] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.961099][ T8437] device bridge_slave_1 entered promiscuous mode [ 66.983985][ T8437] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.998124][ T8437] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.054818][ T8434] device hsr_slave_0 entered promiscuous mode [ 67.092802][ T8434] device hsr_slave_1 entered promiscuous mode [ 67.131969][ T8434] debugfs: Directory 'hsr0' with parent '/' already present! [ 67.204722][ T8437] team0: Port device team_slave_0 added [ 67.210701][ T8434] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 67.254738][ T8434] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 67.324211][ T8434] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 67.363916][ T8434] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 67.403552][ T8441] chnl_net:caif_netlink_parms(): no params data found [ 67.414135][ T8437] team0: Port device team_slave_1 added [ 67.435613][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 67.444482][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 67.466739][ T8430] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.543996][ T8437] device hsr_slave_0 entered promiscuous mode [ 67.572352][ T8437] device hsr_slave_1 entered promiscuous mode [ 67.612392][ T8437] debugfs: Directory 'hsr0' with parent '/' already present! [ 67.627573][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 67.636785][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 67.645743][ T44] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.653269][ T44] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.707812][ T8441] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.715628][ T8441] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.724823][ T8441] device bridge_slave_0 entered promiscuous mode [ 67.736762][ T8435] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 67.784001][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 67.802332][ T8443] chnl_net:caif_netlink_parms(): no params data found [ 67.816410][ T8441] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.823958][ T8441] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.833505][ T8441] device bridge_slave_1 entered promiscuous mode [ 67.840575][ T8435] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 67.893381][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 67.905161][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 67.913957][ T3188] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.921181][ T3188] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.929718][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 67.964467][ T8435] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 68.014544][ T8435] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 68.061848][ T8446] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 68.071164][ T8446] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 68.080721][ T8446] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 68.089469][ T8446] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 68.125227][ T8437] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 68.155984][ T8441] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.166820][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 68.176285][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 68.185017][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 68.193573][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 68.209176][ T8430] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 68.221235][ T8430] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 68.236024][ T8437] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 68.304533][ T8441] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.314877][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 68.323601][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 68.348273][ T8437] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 68.385912][ T8437] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 68.441499][ T8434] 8021q: adding VLAN 0 to HW filter on device bond0 [ 68.456830][ T8443] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.464594][ T8443] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.473186][ T8443] device bridge_slave_0 entered promiscuous mode [ 68.499459][ T8443] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.506731][ T8443] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.515388][ T8443] device bridge_slave_1 entered promiscuous mode [ 68.534218][ T8441] team0: Port device team_slave_0 added [ 68.543008][ T8441] team0: Port device team_slave_1 added [ 68.561505][ T8443] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.574797][ T8434] 8021q: adding VLAN 0 to HW filter on device team0 [ 68.598909][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 68.607276][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 68.616648][ T8443] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.704843][ T8441] device hsr_slave_0 entered promiscuous mode [ 68.753578][ T8441] device hsr_slave_1 entered promiscuous mode [ 68.812694][ T8441] debugfs: Directory 'hsr0' with parent '/' already present! [ 68.827435][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 68.836491][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 68.845349][ T3188] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.852611][ T3188] bridge0: port 1(bridge_slave_0) entered forwarding state [ 68.860339][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 68.869555][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 68.878429][ T3188] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.885640][ T3188] bridge0: port 2(bridge_slave_1) entered forwarding state [ 68.893909][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 68.903112][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 68.912774][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 68.922891][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 68.931310][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 68.940939][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 68.949465][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 68.958218][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 68.966894][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 68.975174][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 68.983394][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 68.991700][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 69.000601][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 69.009035][ T3188] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 69.020620][ T8434] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 69.039112][ T8443] team0: Port device team_slave_0 added [ 69.047777][ T8443] team0: Port device team_slave_1 added [ 69.134441][ T8443] device hsr_slave_0 entered promiscuous mode [ 69.182247][ T8443] device hsr_slave_1 entered promiscuous mode [ 69.222144][ T8443] debugfs: Directory 'hsr0' with parent '/' already present! [ 69.251563][ T8441] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 69.295236][ T8430] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 69.324236][ T8434] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 69.341185][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 69.349636][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 69.363659][ T8435] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.371375][ T8441] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 69.415359][ T8441] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 69.446508][ T8441] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 69.519457][ T8435] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.529601][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 69.557724][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 69.603442][ T8443] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 174.571712][ C0] rcu: INFO: rcu_preempt self-detected stall on CPU [ 174.579832][ C0] rcu: 0-...!: (10499 ticks this GP) idle=0e6/1/0x4000000000000002 softirq=12158/12158 fqs=149 [ 174.591176][ C0] (t=10501 jiffies g=6869 q=139) [ 174.596284][ C0] rcu: rcu_preempt kthread starved for 10204 jiffies! g6869 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 174.609111][ C0] rcu: RCU grace-period kthread stack dump: [ 174.615163][ C0] rcu_preempt R running task 29032 10 2 0x80004000 [ 174.623772][ C0] Call Trace: [ 174.627057][ C0] __schedule+0x9a0/0xcc0 [ 174.631384][ C0] schedule+0x181/0x210 [ 174.635620][ C0] schedule_timeout+0x14f/0x240 [ 174.640810][ C0] ? run_local_timers+0x120/0x120 [ 174.645965][ C0] rcu_gp_kthread+0xed8/0x1770 [ 174.656036][ C0] kthread+0x332/0x350 [ 174.660091][ C0] ? rcu_report_qs_rsp+0x140/0x140 [ 174.665191][ C0] ? kthread_blkcg+0xe0/0xe0 [ 174.670031][ C0] ret_from_fork+0x24/0x30 [ 174.674623][ C0] NMI backtrace for cpu 0 [ 174.678944][ C0] CPU: 0 PID: 8452 Comm: syz-executor.0 Not tainted 5.4.0-syzkaller #0 [ 174.687166][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 174.698074][ C0] Call Trace: [ 174.701347][ C0] [ 174.704190][ C0] dump_stack+0x1fb/0x318 [ 174.708516][ C0] nmi_cpu_backtrace+0xaf/0x1a0 [ 174.713358][ C0] ? nmi_trigger_cpumask_backtrace+0x16d/0x290 [ 174.719503][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 174.725648][ C0] nmi_trigger_cpumask_backtrace+0x174/0x290 [ 174.731623][ C0] arch_trigger_cpumask_backtrace+0x10/0x20 [ 174.738558][ C0] rcu_dump_cpu_stacks+0x15a/0x220 [ 174.743675][ C0] rcu_sched_clock_irq+0xe25/0x1ad0 [ 174.748862][ C0] ? trace_hardirqs_off+0x74/0x80 [ 174.753882][ C0] update_process_times+0x12d/0x180 [ 174.759271][ C0] tick_sched_timer+0x263/0x420 [ 174.764113][ C0] ? tick_setup_sched_timer+0x3d0/0x3d0 [ 174.769650][ C0] __hrtimer_run_queues+0x403/0x840 [ 174.775917][ C0] hrtimer_interrupt+0x38c/0xda0 [ 174.780893][ C0] ? debug_smp_processor_id+0x9/0x20 [ 174.786317][ C0] smp_apic_timer_interrupt+0x109/0x280 [ 174.791876][ C0] apic_timer_interrupt+0xf/0x20 [ 174.796832][ C0] [ 174.800010][ C0] RIP: 0010:__memcg_kmem_uncharge+0x21/0x2e0 [ 174.806332][ C0] Code: 5d c3 0f 1f 80 00 00 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 53 50 89 f3 49 89 fc 48 b8 00 00 00 00 00 fc ff df 4c 8d 77 38 <4d> 89 f5 49 c1 ed 03 41 80 7c 05 00 00 74 08 4c 89 f7 e8 d8 f4 fa [ 174.826742][ C0] RSP: 0018:ffffc90002187848 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 174.835167][ C0] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffff88809a4ca240 [ 174.843148][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffea00028a8b40 [ 174.851244][ C0] RBP: ffffc90002187878 R08: dffffc0000000000 R09: fffffbfff120248a [ 174.859302][ C0] R10: fffffbfff120248a R11: 0000000000000000 R12: ffffea00028a8b40 [ 174.868403][ C0] R13: dffffc0000000000 R14: ffffea00028a8b78 R15: ffff8880a85a7a68 [ 174.876490][ C0] ? free_thread_stack+0x124/0x590 [ 174.881590][ C0] free_thread_stack+0x12e/0x590 [ 174.886519][ C0] put_task_stack+0xa3/0x130 [ 174.891187][ C0] finish_task_switch+0x3f1/0x550 [ 174.896214][ C0] __schedule+0x9a8/0xcc0 [ 174.900920][ C0] ? ___preempt_schedule+0x16/0x18 [ 174.906028][ C0] preempt_schedule+0xdb/0x120 [ 174.910789][ C0] ___preempt_schedule+0x16/0x18 [ 174.915804][ C0] ? page_poisoning_enabled+0x1c/0x30 [ 174.921248][ C0] prep_new_page+0x161/0x2e0 [ 174.925829][ C0] get_page_from_freelist+0x850/0xaa0 [ 174.931198][ C0] __alloc_pages_nodemask+0x264/0x5d0 [ 174.936567][ C0] alloc_pages_vma+0x94a/0xd50 [ 174.941332][ C0] do_huge_pmd_anonymous_page+0x883/0xe50 [ 174.947056][ C0] handle_mm_fault+0x2017/0x2890 [ 174.952178][ C0] do_user_addr_fault+0x589/0xaf0 [ 174.957364][ C0] __do_page_fault+0xd3/0x1f0 [ 174.962048][ C0] do_page_fault+0x99/0xb0 [ 174.966470][ C0] page_fault+0x39/0x40 [ 174.970650][ C0] RIP: 0033:0x400644 [ 174.974539][ C0] Code: 06 e9 49 01 00 00 48 8b 44 24 10 48 0b 44 24 28 75 1f 48 8b 14 24 48 8b 7c 24 20 be 04 00 00 00 e8 91 55 00 00 48 8b 74 24 08 <89> 06 e9 1e 01 00 00 48 8b 44 24 08 48 8b 14 24 be 04 00 00 00 8b [ 174.996122][ C0] RSP: 002b:00007ffecd3c4010 EFLAGS: 00010202 [ 175.002271][ C0] RAX: 2000000000000074 RBX: 000000000075c9a0 RCX: 0000000000000000 [ 175.010564][ C0] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 2000000000000074 [ 175.019462][ C0] RBP: 0000000000760060 R08: 0000000000000000 R09: 0000000000000000 [ 175.028890][ C0] R10: 00007ffecd3c4120 R11: 0000000000000246 R12: 000000000075bf20 [ 175.037477][ C0] R13: 0000000000010f8e R14: 0000000000760068 R15: 000000000075bf2c