[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   54.294926][   T27] audit: type=1800 audit(1578455885.278:25): pid=8343 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   54.321625][   T27] audit: type=1800 audit(1578455885.278:26): pid=8343 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   54.349039][   T27] audit: type=1800 audit(1578455885.278:27): pid=8343 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.33' (ECDSA) to the list of known hosts.
2020/01/08 03:58:17 fuzzer started
2020/01/08 03:58:19 dialing manager at 10.128.0.26:35703
2020/01/08 03:58:19 syscalls: 2824
2020/01/08 03:58:19 code coverage: enabled
2020/01/08 03:58:19 comparison tracing: enabled
2020/01/08 03:58:19 extra coverage: enabled
2020/01/08 03:58:19 setuid sandbox: enabled
2020/01/08 03:58:19 namespace sandbox: enabled
2020/01/08 03:58:19 Android sandbox: /sys/fs/selinux/policy does not exist
2020/01/08 03:58:19 fault injection: enabled
2020/01/08 03:58:19 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2020/01/08 03:58:19 net packet injection: enabled
2020/01/08 03:58:19 net device setup: enabled
2020/01/08 03:58:19 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2020/01/08 03:58:19 devlink PCI setup: PCI device 0000:00:10.0 is not available
03:58:20 executing program 0:
r0 = perf_event_open(&(0x7f000025c000)={0x400000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x7, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000025c000)={0x400000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r1, 0x0)
perf_event_open(&(0x7f000025c000)={0x400000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r1, 0x0)
dup2(r0, r1)

03:58:20 executing program 1:
r0 = socket$tipc(0x1e, 0x5, 0x0)
getsockopt$TIPC_SOCK_RECVQ_DEPTH(r0, 0x10f, 0x89, &(0x7f0000000000), &(0x7f0000000040)=0x4)

syzkaller login: [   69.399819][ T8509] IPVS: ftp: loaded support on port[0] = 21
[   69.535540][ T8509] chnl_net:caif_netlink_parms(): no params data found
03:58:20 executing program 2:
syz_mount_image$iso9660(&(0x7f00000000c0)='iso9660\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)={[{@map_acorn='map=acorn'}]})

[   69.620408][ T8512] IPVS: ftp: loaded support on port[0] = 21
[   69.629215][ T8509] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.641939][ T8509] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.653830][ T8509] device bridge_slave_0 entered promiscuous mode
[   69.691864][ T8509] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.698959][ T8509] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.722442][ T8509] device bridge_slave_1 entered promiscuous mode
[   69.776132][ T8509] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   69.803446][ T8509] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   69.846327][ T8509] team0: Port device team_slave_0 added
[   69.863437][ T8509] team0: Port device team_slave_1 added
03:58:20 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_ifreq(r0, 0x89f6, &(0x7f0000000080)={'\x00', @ifru_flags})

[   69.899070][ T8514] IPVS: ftp: loaded support on port[0] = 21
[   69.923216][ T8509] device hsr_slave_0 entered promiscuous mode
[   69.962646][ T8509] device hsr_slave_1 entered promiscuous mode
[   70.109542][ T8516] IPVS: ftp: loaded support on port[0] = 21
03:58:21 executing program 4:
syz_open_dev$vbi(0x0, 0x1, 0x2)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)

[   70.165013][ T8512] chnl_net:caif_netlink_parms(): no params data found
[   70.377276][ T8514] chnl_net:caif_netlink_parms(): no params data found
[   70.417821][ T8520] IPVS: ftp: loaded support on port[0] = 21
03:58:21 executing program 5:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPGETCONNLIST(r0, 0x800442d2, &(0x7f0000000000)={0x4, 0x0})

[   70.468131][ T8512] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.479346][ T8512] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.488293][ T8512] device bridge_slave_0 entered promiscuous mode
[   70.503583][ T8509] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   70.543980][ T8509] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   70.630659][ T8512] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.638214][ T8512] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.645963][ T8512] device bridge_slave_1 entered promiscuous mode
[   70.660192][ T8509] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   70.704441][ T8509] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   70.778989][ T8512] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   70.790213][ T8512] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.814555][ T8522] IPVS: ftp: loaded support on port[0] = 21
[   70.830211][ T8512] team0: Port device team_slave_0 added
[   70.838336][ T8512] team0: Port device team_slave_1 added
[   70.845072][ T8516] chnl_net:caif_netlink_parms(): no params data found
[   70.862931][ T8514] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.870040][ T8514] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.877750][ T8514] device bridge_slave_0 entered promiscuous mode
[   70.890630][ T8514] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.897986][ T8514] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.905941][ T8514] device bridge_slave_1 entered promiscuous mode
[   71.024573][ T8512] device hsr_slave_0 entered promiscuous mode
[   71.061869][ T8512] device hsr_slave_1 entered promiscuous mode
[   71.101734][ T8512] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   71.109459][ T8512] Cannot create hsr debugfs directory
[   71.139156][ T8514] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   71.152922][ T8516] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.160078][ T8516] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.168478][ T8516] device bridge_slave_0 entered promiscuous mode
[   71.177362][ T8514] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   71.199371][ T8516] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.207618][ T8516] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.216832][ T8516] device bridge_slave_1 entered promiscuous mode
[   71.238619][ T8520] chnl_net:caif_netlink_parms(): no params data found
[   71.259818][ T8516] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   71.283785][ T8514] team0: Port device team_slave_0 added
[   71.291265][ T8516] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   71.318993][ T8514] team0: Port device team_slave_1 added
[   71.377956][ T8516] team0: Port device team_slave_0 added
[   71.463615][ T8514] device hsr_slave_0 entered promiscuous mode
[   71.511987][ T8514] device hsr_slave_1 entered promiscuous mode
[   71.551690][ T8514] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   71.559278][ T8514] Cannot create hsr debugfs directory
[   71.571133][ T8516] team0: Port device team_slave_1 added
[   71.595461][ T8522] chnl_net:caif_netlink_parms(): no params data found
[   71.605983][ T8520] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.613790][ T8520] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.621349][ T8520] device bridge_slave_0 entered promiscuous mode
[   71.629581][ T8520] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.637516][ T8520] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.645169][ T8520] device bridge_slave_1 entered promiscuous mode
[   71.664593][ T8520] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   71.695981][ T8520] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   71.765138][ T8516] device hsr_slave_0 entered promiscuous mode
[   71.801961][ T8516] device hsr_slave_1 entered promiscuous mode
[   71.851711][ T8516] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   71.859313][ T8516] Cannot create hsr debugfs directory
[   71.868476][ T8512] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   71.949716][ T8520] team0: Port device team_slave_0 added
[   71.975164][ T8512] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   72.056287][ T8509] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.064531][ T8520] team0: Port device team_slave_1 added
[   72.081351][ T8512] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   72.127901][ T8522] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.135099][ T8522] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.143281][ T8522] device bridge_slave_0 entered promiscuous mode
[   72.157080][ T8512] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   72.229780][ T8522] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.237069][ T8522] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.245152][ T8522] device bridge_slave_1 entered promiscuous mode
[   72.255775][ T8509] 8021q: adding VLAN 0 to HW filter on device team0
[   72.313619][ T8520] device hsr_slave_0 entered promiscuous mode
[   72.371973][ T8520] device hsr_slave_1 entered promiscuous mode
[   72.411640][ T8520] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   72.419244][ T8520] Cannot create hsr debugfs directory
[   72.445211][ T2798] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   72.453560][ T2798] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   72.461237][ T2798] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   72.470150][ T2798] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   72.478706][ T2798] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.486095][ T2798] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.494549][ T2798] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   72.503488][ T2798] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   72.511883][ T2798] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.518919][ T2798] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.526881][ T2798] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   72.557427][ T8522] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   72.587489][ T2797] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   72.596593][ T2797] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   72.605071][ T2797] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   72.613871][ T2797] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   72.622328][ T2797] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   72.630734][ T2797] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   72.640591][ T2797] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   72.655953][ T8522] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   72.698211][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   72.706826][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   72.743818][ T8509] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   72.759012][ T8509] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   72.767055][ T2797] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   72.776301][ T2797] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   72.784732][ T8514] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   72.838500][ T8514] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   72.886345][ T8514] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   72.944685][ T8522] team0: Port device team_slave_0 added
[   72.950505][ T8514] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   73.018069][ T8522] team0: Port device team_slave_1 added
[   73.056538][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   73.065080][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   73.114288][ T8522] device hsr_slave_0 entered promiscuous mode
[   73.141989][ T8522] device hsr_slave_1 entered promiscuous mode
[   73.182062][ T8522] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   73.189773][ T8522] Cannot create hsr debugfs directory
[   73.196943][ T8509] 8021q: adding VLAN 0 to HW filter on device batadv0
[   73.209149][ T8520] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   73.268318][ T8520] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   73.315788][ T8520] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   73.413291][ T8516] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   73.452832][ T8520] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   73.510605][ T8512] 8021q: adding VLAN 0 to HW filter on device bond0
[   73.517513][ T8516] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   73.593894][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   73.605797][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   73.614796][ T8516] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   73.667643][ T8516] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   73.762849][ T2797] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   73.771140][ T2797] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   73.783870][ T2797] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   73.791736][ T2797] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   73.803285][ T8509] device veth0_vlan entered promiscuous mode
[   73.813941][ T8522] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   73.844654][ T8522] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   73.905553][ T8522] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   73.973367][ T2698] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   73.983970][ T2698] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   73.997241][ T8512] 8021q: adding VLAN 0 to HW filter on device team0
[   74.007939][ T8509] device veth1_vlan entered promiscuous mode
[   74.021420][ T8522] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   74.077455][ T8514] 8021q: adding VLAN 0 to HW filter on device bond0
[   74.086295][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   74.095847][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   74.103971][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   74.113103][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   74.121764][ T2858] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.128808][ T2858] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.137241][ T2858] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   74.173073][ T2698] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   74.187714][ T2698] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   74.197838][ T2698] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.204964][ T2698] bridge0: port 2(bridge_slave_1) entered forwarding state
[   74.219382][ T2698] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   74.228137][ T2698] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   74.239447][ T2698] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   74.247281][ T2698] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   74.287859][ T2698] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   74.298570][ T2698] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   74.307017][ T2698] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   74.315952][ T2698] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   74.324331][ T2698] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   74.332869][ T2698] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   74.341058][ T2698] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   74.353135][ T8512] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   74.374443][ T8512] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   74.383987][ T8514] 8021q: adding VLAN 0 to HW filter on device team0
[   74.426372][ T8516] 8021q: adding VLAN 0 to HW filter on device bond0
[   74.442521][ T8516] 8021q: adding VLAN 0 to HW filter on device team0
[   74.494187][ T8516] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   74.511537][ T8516] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   74.554219][ T8516] 8021q: adding VLAN 0 to HW filter on device batadv0
[   74.602834][ T8516] device veth0_vlan entered promiscuous mode
[   74.623051][ T8516] device veth1_vlan entered promiscuous mode
[  179.411465][    C0] rcu: INFO: rcu_preempt self-detected stall on CPU
[  179.418344][    C0] rcu: 	0-...!: (10500 ticks this GP) idle=666/1/0x4000000000000002 softirq=14763/14763 fqs=41 
[  179.428931][    C0] 	(t=10500 jiffies g=6869 q=702)
[  179.433958][    C0] rcu: rcu_preempt kthread starved for 10415 jiffies! g6869 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  179.445051][    C0] rcu: RCU grace-period kthread stack dump:
[  179.450941][    C0] rcu_preempt     R  running task    28984    10      2 0x80004000
[  179.458851][    C0] Call Trace:
[  179.462155][    C0]  __schedule+0x9a0/0xcc0
[  179.466493][    C0]  schedule+0x181/0x210
[  179.470648][    C0]  schedule_timeout+0x14f/0x240
[  179.475493][    C0]  ? run_local_timers+0x120/0x120
[  179.480517][    C0]  rcu_gp_kthread+0xed8/0x1770
[  179.485282][    C0]  kthread+0x332/0x350
[  179.489338][    C0]  ? rcu_report_qs_rsp+0x140/0x140
[  179.494437][    C0]  ? kthread_blkcg+0xe0/0xe0
[  179.499015][    C0]  ret_from_fork+0x24/0x30
[  179.503434][    C0] NMI backtrace for cpu 0
[  179.507755][    C0] CPU: 0 PID: 8512 Comm: syz-executor.1 Not tainted 5.5.0-rc5-syzkaller #0
[  179.516323][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  179.526370][    C0] Call Trace:
[  179.529646][    C0]  <IRQ>
[  179.532491][    C0]  dump_stack+0x1fb/0x318
[  179.536987][    C0]  nmi_cpu_backtrace+0xaf/0x1a0
[  179.541826][    C0]  ? nmi_trigger_cpumask_backtrace+0x16d/0x290
[  179.547973][    C0]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  179.554031][    C0]  nmi_trigger_cpumask_backtrace+0x174/0x290
[  179.560003][    C0]  arch_trigger_cpumask_backtrace+0x10/0x20
[  179.565887][    C0]  rcu_dump_cpu_stacks+0x15a/0x220
[  179.571007][    C0]  rcu_sched_clock_irq+0xe25/0x1ad0
[  179.576198][    C0]  ? trace_hardirqs_off+0x74/0x80
[  179.581219][    C0]  update_process_times+0x12d/0x180
[  179.586408][    C0]  tick_sched_timer+0x263/0x420
[  179.591247][    C0]  ? tick_setup_sched_timer+0x3d0/0x3d0
[  179.596781][    C0]  __hrtimer_run_queues+0x403/0x840
[  179.601983][    C0]  hrtimer_interrupt+0x38c/0xda0
[  179.606930][    C0]  ? debug_smp_processor_id+0x9/0x20
[  179.612212][    C0]  smp_apic_timer_interrupt+0x109/0x280
[  179.617747][    C0]  apic_timer_interrupt+0xf/0x20
[  179.622669][    C0]  </IRQ>
[  179.625599][    C0] RIP: 0010:__memcg_kmem_uncharge+0x6/0x1a0
[  179.631481][    C0] Code: bf ac 07 00 74 12 48 81 c3 08 02 00 00 48 89 df 4c 89 f6 e8 8c 85 ff ff 5b 41 5e 5d c3 0f 1f 80 00 00 00 00 55 48 89 e5 41 57 <41> 56 41 55 41 54 53 50 89 f3 49 89 fc 48 b8 00 00 00 00 00 fc ff
[  179.651089][    C0] RSP: 0018:ffffc90002017510 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[  179.659521][    C0] RAX: ffffffff81489244 RBX: ffffea0002344dc0 RCX: ffff8880921ec640
[  179.667485][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffea0002344dc0
[  179.675449][    C0] RBP: ffffc90002017518 R08: 000000000003a728 R09: ffffed1012188729
[  179.683410][    C0] R10: ffffed1012188729 R11: 0000000000000000 R12: ffff88808d3790a0
[  179.691370][    C0] R13: dffffc0000000000 R14: 1ffff11011a6f214 R15: ffff888090c43938
[  179.700043][    C0]  ? free_thread_stack+0x124/0x590
[  179.705152][    C0]  free_thread_stack+0x12e/0x590
[  179.710083][    C0]  put_task_stack+0xa3/0x130
[  179.714677][    C0]  finish_task_switch+0x3f1/0x550
[  179.719694][    C0]  __schedule+0x9a8/0xcc0
[  179.724027][    C0]  ? ___preempt_schedule+0x16/0x18
[  179.729134][    C0]  preempt_schedule+0xdb/0x120
[  179.733890][    C0]  ___preempt_schedule+0x16/0x18
[  179.738949][    C0]  try_to_wake_up+0xe78/0x1050
[  179.743716][    C0]  ? do_raw_spin_unlock+0x142/0x950
[  179.748916][    C0]  wake_up_q+0x8c/0xe0
[  179.752996][    C0]  __mutex_unlock_slowpath+0x586/0x5b0
[  179.758458][    C0]  mutex_unlock+0xd/0x10
[  179.762711][    C0]  __rtnl_unlock+0x2c/0xa0
[  179.767123][    C0]  netdev_run_todo+0xe5/0xe10
[  179.771807][    C0]  rtnetlink_rcv_msg+0x890/0xd40
[  179.776761][    C0]  ? rcu_lock_release+0x9/0x30
[  179.781517][    C0]  ? rcu_lock_release+0x9/0x30
[  179.786277][    C0]  ? rcu_lock_release+0x9/0x30
[  179.791037][    C0]  netlink_rcv_skb+0x19e/0x3d0
[  179.795791][    C0]  ? rtnetlink_bind+0x80/0x80
[  179.801077][    C0]  rtnetlink_rcv+0x1c/0x20
[  179.805510][    C0]  netlink_unicast+0x767/0x920
[  179.810280][    C0]  netlink_sendmsg+0xa31/0xd50
[  179.815072][    C0]  ? netlink_getsockopt+0x9f0/0x9f0
[  179.820302][    C0]  __sys_sendto+0x442/0x5e0
[  179.824833][    C0]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  179.831393][    C0]  ? prepare_exit_to_usermode+0x221/0x5b0
[  179.837109][    C0]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  179.842563][    C0]  __x64_sys_sendto+0xe5/0x100
[  179.847322][    C0]  do_syscall_64+0xf7/0x1c0
[  179.851856][    C0]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  179.857757][    C0] RIP: 0033:0x414c43
[  179.861750][    C0] Code: ff 0f 83 b0 19 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 83 3d 2d 38 66 00 00 75 17 49 89 ca b8 2c 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 81 19 00 00 c3 48 83 ec 08 e8 87 fa ff ff
[  179.881431][    C0] RSP: 002b:00007fffb8f16e68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  179.889834][    C0] RAX: ffffffffffffffda RBX: 0000000000a72200 RCX: 0000000000414c43
[  179.897794][    C0] RDX: 0000000000000020 RSI: 0000000000a72250 RDI: 0000000000000003
[  179.905755][    C0] RBP: 0000000000000000 R08: 00007fffb8f16e70 R09: 000000000000000c
[  179.913715][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  179.921678][    C0] R13: 0000000000000000 R14: 0000000000a72250 R15: 0000000000000003