[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 63.754617][ T26] audit: type=1800 audit(1568565769.702:25): pid=8968 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 63.790266][ T26] audit: type=1800 audit(1568565769.702:26): pid=8968 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 63.811062][ T26] audit: type=1800 audit(1568565769.702:27): pid=8968 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.243' (ECDSA) to the list of known hosts. syzkaller login: [ 324.921447][ T9121] IPVS: ftp: loaded support on port[0] = 21 [ 324.982871][ T9121] chnl_net:caif_netlink_parms(): no params data found [ 325.008718][ T9121] bridge0: port 1(bridge_slave_0) entered blocking state [ 325.017874][ T9121] bridge0: port 1(bridge_slave_0) entered disabled state [ 325.025813][ T9121] device bridge_slave_0 entered promiscuous mode [ 325.034048][ T9121] bridge0: port 2(bridge_slave_1) entered blocking state [ 325.041471][ T9121] bridge0: port 2(bridge_slave_1) entered disabled state [ 325.049091][ T9121] device bridge_slave_1 entered promiscuous mode [ 325.065745][ T9121] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 325.076569][ T9121] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 325.095688][ T9121] team0: Port device team_slave_0 added [ 325.103137][ T9121] team0: Port device team_slave_1 added [ 325.181933][ T9121] device hsr_slave_0 entered promiscuous mode [ 325.251260][ T9121] device hsr_slave_1 entered promiscuous mode [ 325.327372][ T9121] bridge0: port 2(bridge_slave_1) entered blocking state [ 325.334560][ T9121] bridge0: port 2(bridge_slave_1) entered forwarding state [ 325.342437][ T9121] bridge0: port 1(bridge_slave_0) entered blocking state [ 325.349494][ T9121] bridge0: port 1(bridge_slave_0) entered forwarding state [ 325.382486][ T9121] 8021q: adding VLAN 0 to HW filter on device bond0 [ 325.394698][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 325.415314][ T2878] bridge0: port 1(bridge_slave_0) entered disabled state [ 325.423823][ T2878] bridge0: port 2(bridge_slave_1) entered disabled state [ 325.432804][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 325.443699][ T9121] 8021q: adding VLAN 0 to HW filter on device team0 [ 325.454112][ T9123] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 325.463316][ T9123] bridge0: port 1(bridge_slave_0) entered blocking state [ 325.470412][ T9123] bridge0: port 1(bridge_slave_0) entered forwarding state [ 325.481516][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 325.489859][ T2878] bridge0: port 2(bridge_slave_1) entered blocking state [ 325.496968][ T2878] bridge0: port 2(bridge_slave_1) entered forwarding state [ 325.511827][ T9123] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 325.520749][ T9123] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 325.532724][ T9126] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 325.546446][ T9121] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 325.557797][ T9121] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 325.570618][ T9123] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready executing program [ 325.579181][ T9123] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 325.587593][ T9123] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 325.604739][ T9121] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 430.690027][ C1] rcu: INFO: rcu_preempt self-detected stall on CPU [ 430.696924][ C1] rcu: 1-...!: (1 GPs behind) idle=da6/1/0x4000000000000002 softirq=9961/9962 fqs=13 [ 430.706832][ C1] (t=10500 jiffies g=8573 q=7) [ 430.711731][ C1] rcu: rcu_preempt kthread starved for 10474 jiffies! g8573 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0 [ 430.723268][ C1] rcu: RCU grace-period kthread stack dump: [ 430.729159][ C1] rcu_preempt I29032 10 2 0x80004000 [ 430.735482][ C1] Call Trace: [ 430.738845][ C1] __schedule+0x76e/0x17a0 [ 430.743257][ C1] ? __sched_text_start+0x8/0x8 [ 430.748104][ C1] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 430.754760][ C1] ? schedule_timeout+0x47c/0xc50 [ 430.759788][ C1] ? lockdep_hardirqs_on+0x418/0x5d0 [ 430.765068][ C1] schedule+0xd9/0x260 [ 430.769129][ C1] schedule_timeout+0x486/0xc50 [ 430.773966][ C1] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 430.779759][ C1] ? usleep_range+0x170/0x170 [ 430.784432][ C1] ? trace_hardirqs_on+0x67/0x240 [ 430.789438][ C1] ? __kasan_check_read+0x11/0x20 [ 430.794476][ C1] ? __next_timer_interrupt+0x1a0/0x1a0 [ 430.800022][ C1] ? swake_up_one+0x60/0x60 [ 430.805067][ C1] rcu_gp_kthread+0x9b2/0x18d0 [ 430.809838][ C1] ? invoke_rcu_core+0x230/0x230 [ 430.814793][ C1] ? trace_hardirqs_on+0x67/0x240 [ 430.819977][ C1] ? __kasan_check_read+0x11/0x20 [ 430.825048][ C1] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 430.831317][ C1] ? __kthread_parkme+0x108/0x1c0 [ 430.837413][ C1] ? __kasan_check_read+0x11/0x20 [ 430.842471][ C1] kthread+0x361/0x430 [ 430.846540][ C1] ? invoke_rcu_core+0x230/0x230 [ 430.851613][ C1] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 430.857872][ C1] ret_from_fork+0x24/0x30 [ 430.862338][ C1] NMI backtrace for cpu 1 [ 430.866658][ C1] CPU: 1 PID: 9121 Comm: syz-executor716 Not tainted 5.3.0-rc6-next-20190830 #75 [ 430.875783][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 430.885852][ C1] Call Trace: [ 430.889160][ C1] [ 430.892087][ C1] dump_stack+0x172/0x1f0 [ 430.896454][ C1] nmi_cpu_backtrace.cold+0x70/0xb2 [ 430.901650][ C1] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 430.907896][ C1] ? lapic_can_unplug_cpu.cold+0x3a/0x3a [ 430.913514][ C1] nmi_trigger_cpumask_backtrace+0x23b/0x28b [ 430.919514][ C1] arch_trigger_cpumask_backtrace+0x14/0x20 [ 430.925474][ C1] rcu_dump_cpu_stacks+0x183/0x1cf [ 430.930608][ C1] rcu_sched_clock_irq.cold+0x4fd/0xc12 [ 430.936170][ C1] ? raise_softirq+0x138/0x340 [ 430.940953][ C1] update_process_times+0x2d/0x70 [ 430.945988][ C1] tick_sched_handle+0xa2/0x190 [ 430.950849][ C1] tick_sched_timer+0x53/0x140 [ 430.955611][ C1] __hrtimer_run_queues+0x364/0xe40 [ 430.960794][ C1] ? tick_sched_do_timer+0x1b0/0x1b0 [ 430.966097][ C1] ? hrtimer_sleeper_start_expires+0x90/0x90 [ 430.972089][ C1] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 430.977808][ C1] ? ktime_get_update_offsets_now+0x2d3/0x440 [ 430.983866][ C1] hrtimer_interrupt+0x314/0x770 [ 430.988821][ C1] smp_apic_timer_interrupt+0x160/0x610 [ 430.994496][ C1] apic_timer_interrupt+0xf/0x20 [ 431.000496][ C1] RIP: 0010:hhf_dequeue+0x67d/0xa20 [ 431.005694][ C1] Code: 5b 03 00 00 4d 8b bd 98 03 00 00 48 89 df 48 8b 55 c8 4c 89 fe e8 43 55 77 fd 31 ff 89 c6 88 45 b0 e8 d7 e7 a6 fb 0f b6 75 b0 <40> 84 f6 0f 84 c6 f9 ff ff e8 85 e6 a6 fb 4c 89 f0 48 c1 e8 03 42 [ 431.025308][ C1] RSP: 0018:ffff8880ae908b48 EFLAGS: 00000206 ORIG_RAX: ffffffffffffff13 [ 431.033737][ C1] RAX: 0000000000000302 RBX: ffff88809b8d02f8 RCX: ffffffff85cb6f79 [ 431.041826][ C1] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 0000000000000001 [ 431.049800][ C1] RBP: ffff8880ae908b98 R08: ffff8880979d4580 R09: fffffbfff14ed341 [ 431.057916][ C1] R10: ffff8880979d4f10 R11: ffff8880979d4580 R12: dffffc0000000000 [ 431.065901][ C1] R13: ffff88809b8d0000 R14: ffff88809b8d0398 R15: ffff88809b8d0390 [ 431.073910][ C1] ? apic_timer_interrupt+0xa/0x20 [ 431.079245][ C1] ? hhf_dequeue+0x679/0xa20 [ 431.083841][ C1] ? hhf_dequeue+0x679/0xa20 [ 431.088535][ C1] __qdisc_run+0x1e7/0x19d0 [ 431.093045][ C1] ? dev_queue_xmit+0x18/0x20 [ 431.097714][ C1] __dev_queue_xmit+0x16f1/0x37c0 [ 431.102739][ C1] ? process_backlog+0x206/0x750 [ 431.107701][ C1] ? net_rx_action+0x50a/0x10d0 [ 431.112546][ C1] ? __do_softirq+0x262/0x98c [ 431.117208][ C1] ? do_softirq_own_stack+0x2a/0x40 [ 431.122430][ C1] ? do_softirq.part.0+0x11a/0x170 [ 431.127566][ C1] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 431.132860][ C1] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 431.139094][ C1] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 431.145343][ C1] ? rcu_read_lock_held+0x9c/0xb0 [ 431.150382][ C1] dev_queue_xmit+0x18/0x20 [ 431.154892][ C1] ? dev_queue_xmit+0x18/0x20 [ 431.159643][ C1] br_dev_queue_push_xmit+0x3f3/0x5e0 [ 431.165068][ C1] ? __skb_ext_del+0xb0/0x2c0 [ 431.169734][ C1] ? lock_downgrade+0x920/0x920 [ 431.174609][ C1] br_nf_dev_queue_xmit+0x34e/0x14b0 [ 431.179906][ C1] br_nf_post_routing+0x1502/0x1d30 [ 431.185112][ C1] ? br_nf_dev_queue_xmit+0x14b0/0x14b0 [ 431.190685][ C1] ? nf_bridge_update_protocol+0x1d0/0x1d0 [ 431.196489][ C1] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 431.202718][ C1] nf_hook_slow+0xbc/0x1e0 [ 431.207127][ C1] br_forward_finish+0x215/0x400 [ 431.212076][ C1] ? br_dev_queue_push_xmit+0x5e0/0x5e0 [ 431.218205][ C1] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 431.224555][ C1] ? br_fdb_add.cold+0x83/0x83 [ 431.229350][ C1] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 431.235301][ C1] ? nf_hook_slow+0xf0/0x1e0 [ 431.240158][ C1] br_nf_hook_thresh+0x2e9/0x370 [ 431.245303][ C1] ? br_dev_queue_push_xmit+0x5e0/0x5e0 [ 431.250845][ C1] ? setup_pre_routing+0x4b0/0x4b0 [ 431.255966][ C1] ? br_dev_queue_push_xmit+0x5e0/0x5e0 [ 431.262154][ C1] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 431.269722][ C1] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 431.276087][ C1] br_nf_forward_finish+0x66c/0xa90 [ 431.281317][ C1] ? br_dev_queue_push_xmit+0x5e0/0x5e0 [ 431.286922][ C1] br_nf_forward_ip+0xc74/0x21e0 [ 431.292005][ C1] ? br_nf_forward_arp+0x1670/0x1670 [ 431.297332][ C1] ? br_nf_hook_thresh+0x370/0x370 [ 431.302580][ C1] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 431.308773][ C1] nf_hook_slow+0xbc/0x1e0 [ 431.313294][ C1] __br_forward+0x393/0xb00 [ 431.317841][ C1] ? br_forward_finish+0x400/0x400 [ 431.322985][ C1] ? br_dev_queue_push_xmit+0x5e0/0x5e0 [ 431.328563][ C1] deliver_clone+0x61/0xc0 [ 431.333087][ C1] br_flood+0x325/0x3d0 [ 431.337269][ C1] br_handle_frame_finish+0xb46/0x1670 [ 431.343877][ C1] ? br_handle_local_finish+0x20/0x20 [ 431.349388][ C1] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 431.355576][ C1] ? rcu_read_lock_held+0x9c/0xb0 [ 431.360785][ C1] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 431.366525][ C1] ? nf_hook_slow+0xf0/0x1e0 [ 431.371140][ C1] br_nf_hook_thresh+0x2e9/0x370 [ 431.376203][ C1] ? br_handle_local_finish+0x20/0x20 [ 431.381591][ C1] ? setup_pre_routing+0x4b0/0x4b0 [ 431.386735][ C1] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 431.392914][ C1] ? br_handle_local_finish+0x20/0x20 [ 431.398286][ C1] ? rcu_read_lock_held+0x9c/0xb0 [ 431.403345][ C1] ? rcu_read_lock_held_common+0x130/0x130 [ 431.409169][ C1] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 431.415094][ C1] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 431.421084][ C1] br_nf_pre_routing_finish_ipv6+0x6fa/0xdb0 [ 431.427097][ C1] ? br_handle_local_finish+0x20/0x20 [ 431.432507][ C1] ? __kasan_check_read+0x11/0x20 [ 431.437542][ C1] br_nf_pre_routing_ipv6+0x456/0x840 [ 431.442939][ C1] ? br_validate_ipv6+0xb80/0xb80 [ 431.448113][ C1] ? br_nf_pre_routing+0x2360/0x2360 [ 431.453410][ C1] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 431.459682][ C1] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 431.466077][ C1] ? skb_pull_rcsum+0x155/0x300 [ 431.470968][ C1] br_nf_pre_routing+0x1743/0x2360 [ 431.476116][ C1] ? br_nf_pre_routing_finish+0x17a0/0x17a0 [ 431.482041][ C1] ? br_nf_pre_routing_finish+0x17a0/0x17a0 [ 431.487969][ C1] br_handle_frame+0x806/0x1340 [ 431.492905][ C1] ? br_handle_frame_finish+0x1670/0x1670 [ 431.498645][ C1] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 431.504816][ C1] ? br_handle_local_finish+0x20/0x20 [ 431.510245][ C1] ? rcu_read_lock_held_common+0x130/0x130 [ 431.516067][ C1] ? try_to_wake_up+0x756/0x1a80 [ 431.521063][ C1] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 431.527584][ C1] ? br_handle_frame_finish+0x1670/0x1670 [ 431.533320][ C1] __netif_receive_skb_core+0xfc1/0x3060 [ 431.538979][ C1] ? __kasan_check_read+0x11/0x20 [ 431.544035][ C1] ? do_xdp_generic+0x50/0x50 [ 431.548721][ C1] ? __kasan_check_read+0x11/0x20 [ 431.553760][ C1] ? __lock_acquire+0x8a0/0x4a00 [ 431.558942][ C1] ? swake_up_one+0x4d/0x60 [ 431.563453][ C1] __netif_receive_skb_one_core+0xa8/0x1a0 [ 431.569255][ C1] ? __netif_receive_skb_one_core+0xa8/0x1a0 [ 431.575340][ C1] ? __netif_receive_skb_core+0x3060/0x3060 [ 431.581255][ C1] ? lock_acquire+0x190/0x410 [ 431.585985][ C1] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 431.592231][ C1] __netif_receive_skb+0x2c/0x1d0 [ 431.597249][ C1] process_backlog+0x206/0x750 [ 431.601998][ C1] ? net_rx_action+0x27d/0x10d0 [ 431.606846][ C1] ? lockdep_hardirqs_on+0x19e/0x5d0 [ 431.612848][ C1] net_rx_action+0x50a/0x10d0 [ 431.617554][ C1] ? napi_busy_loop+0x970/0x970 [ 431.622431][ C1] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 431.628002][ C1] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 431.634015][ C1] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 431.640285][ C1] __do_softirq+0x262/0x98c [ 431.644832][ C1] ? nf_ct_iterate_cleanup+0x1f1/0x4e0 [ 431.650312][ C1] do_softirq_own_stack+0x2a/0x40 [ 431.655351][ C1] [ 431.658295][ C1] do_softirq.part.0+0x11a/0x170 [ 431.663266][ C1] __local_bh_enable_ip+0x211/0x270 [ 431.668544][ C1] nf_ct_iterate_cleanup+0x217/0x4e0 [ 431.673850][ C1] ? nf_ct_alloc_hashtable+0x150/0x150 [ 431.679352][ C1] nf_ct_iterate_cleanup_net+0x133/0x190 [ 431.685117][ C1] ? nf_nat_redirect_ipv6+0x470/0x470 [ 431.690512][ C1] ? nf_ct_iterate_cleanup+0x4e0/0x4e0 [ 431.695977][ C1] ? nf_nat_redirect_ipv6+0x470/0x470 [ 431.701349][ C1] masq_device_event+0xb5/0xe0 [ 431.706106][ C1] notifier_call_chain+0xc2/0x230 [ 431.711720][ C1] raw_notifier_call_chain+0x2e/0x40 [ 431.717011][ C1] call_netdevice_notifiers_info+0x3f/0x90 [ 431.722848][ C1] dev_close_many+0x33f/0x6f0 [ 431.727664][ C1] ? __kasan_check_read+0x11/0x20 [ 431.732709][ C1] ? netdev_master_upper_dev_link+0x50/0x50 [ 431.738675][ C1] rollback_registered_many+0x43b/0xfc0 [ 431.744254][ C1] ? __kasan_check_read+0x11/0x20 [ 431.749282][ C1] ? generic_xdp_install+0x3d0/0x3d0 [ 431.754715][ C1] ? mark_held_locks+0xa4/0xf0 [ 431.759480][ C1] ? queue_delayed_work_on+0xf3/0x210 [ 431.764962][ C1] ? linkwatch_schedule_work+0x190/0x1d0 [ 431.770600][ C1] ? queue_delayed_work_on+0xf3/0x210 [ 431.776001][ C1] ? lockdep_hardirqs_on+0x418/0x5d0 [ 431.781308][ C1] rollback_registered+0x109/0x1d0 [ 431.786449][ C1] ? rollback_registered_many+0xfc0/0xfc0 [ 431.792283][ C1] unregister_netdevice_queue+0x1ee/0x2c0 [ 431.798108][ C1] __tun_detach+0xd8a/0x1040 [ 431.802732][ C1] tun_chr_close+0xe0/0x180 [ 431.807253][ C1] __fput+0x2ff/0x890 [ 431.811237][ C1] ? __tun_detach+0x1040/0x1040 [ 431.816098][ C1] ____fput+0x16/0x20 [ 431.820078][ C1] task_work_run+0x145/0x1c0 [ 431.824823][ C1] do_exit+0x904/0x2e60 [ 431.829011][ C1] ? mm_update_next_owner+0x640/0x640 [ 431.834580][ C1] ? down_read_non_owner+0x490/0x490 [ 431.840115][ C1] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 431.846366][ C1] ? handle_mm_fault+0x1d3/0x6c0 [ 431.851298][ C1] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 431.856743][ C1] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 431.862365][ C1] do_group_exit+0x135/0x360 [ 431.866957][ C1] __x64_sys_exit_group+0x44/0x50 [ 431.871989][ C1] do_syscall_64+0xfa/0x760 [ 431.876522][ C1] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 431.882423][ C1] RIP: 0033:0x440c68 [ 431.886492][ C1] Code: Bad RIP value. [ 431.890553][ C1] RSP: 002b:00007ffe5ac9bd08 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 431.898963][ C1] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000440c68 [ 431.907057][ C1] RDX: 0000000000000001 RSI: 000000000000003c RDI: 0000000000000001 [ 431.915046][ C1] RBP: 00000000004c7110 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 431.923003][ C1] R10: 00000000bb1414ac R11: 0000000000000246 R12: 0000000000000001 [ 431.931788][ C1] R13: 00000000006d9600 R14: 0000000000000000 R15: 0000000000000000