[ 41.664930][ T25] audit: type=1800 audit(1575351532.403:26): pid=7972 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 41.721477][ T25] audit: type=1800 audit(1575351532.403:27): pid=7972 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 41.755358][ T25] audit: type=1800 audit(1575351532.403:28): pid=7972 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 42.452506][ T25] audit: type=1800 audit(1575351533.203:29): pid=7972 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.15.219' (ECDSA) to the list of known hosts. 2019/12/03 05:39:00 fuzzer started 2019/12/03 05:39:02 dialing manager at 10.128.0.26:38907 2019/12/03 05:39:02 syscalls: 2697 2019/12/03 05:39:02 code coverage: enabled 2019/12/03 05:39:02 comparison tracing: enabled 2019/12/03 05:39:02 extra coverage: extra coverage is not supported by the kernel 2019/12/03 05:39:02 setuid sandbox: enabled 2019/12/03 05:39:02 namespace sandbox: enabled 2019/12/03 05:39:02 Android sandbox: /sys/fs/selinux/policy does not exist 2019/12/03 05:39:02 fault injection: enabled 2019/12/03 05:39:02 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/12/03 05:39:02 net packet injection: enabled 2019/12/03 05:39:02 net device setup: enabled 2019/12/03 05:39:02 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2019/12/03 05:39:02 devlink PCI setup: PCI device 0000:00:10.0 is not available 05:39:03 executing program 0: sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003f40)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000001bc0)=ANY=[@ANYBLOB="10"], 0x1}], 0x1, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0xe6) r1 = socket(0x10, 0x802, 0x0) r2 = socket$inet6(0xa, 0x80003, 0xff) ioctl(r2, 0x1000008912, &(0x7f0000000080)="0800b5055e0bcfe87b2071") ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bind$packet(r0, &(0x7f0000000100)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @dev}, 0x14) sendmmsg(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x300, 0x0) 05:39:03 executing program 1: r0 = socket$kcm(0x2b, 0x1, 0x0) close(r0) r1 = socket$kcm(0xa, 0x922000000003, 0x11) setsockopt$sock_attach_bpf(r1, 0x29, 0x24, &(0x7f00000000c0), 0x4) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0xa, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000380)="f4001100062b3325fe8000000009000005baa68754a30000004102000000000000000000010000002c00", 0x5ac}], 0x1}, 0x0) syzkaller login: [ 53.180180][ T8138] IPVS: ftp: loaded support on port[0] = 21 05:39:04 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@newae={0x64, 0x1e, 0x1, 0x0, 0x0, {{@in6=@dev}, @in=@broadcast}, [@lifetime_val={0x24}]}, 0x64}}, 0x0) [ 53.327583][ T8138] chnl_net:caif_netlink_parms(): no params data found [ 53.343502][ T8141] IPVS: ftp: loaded support on port[0] = 21 [ 53.454819][ T8138] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.461920][ T8138] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.472185][ T8138] device bridge_slave_0 entered promiscuous mode [ 53.506808][ T8138] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.515556][ T8138] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.523974][ T8138] device bridge_slave_1 entered promiscuous mode [ 53.561369][ T8141] chnl_net:caif_netlink_parms(): no params data found [ 53.578084][ T8143] IPVS: ftp: loaded support on port[0] = 21 [ 53.595455][ T8138] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link 05:39:04 executing program 3: sendmsg(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)="24000000180007041dfffd946f6105000a0000001f0000000400080008001e000400ff7e", 0x24}], 0x1}, 0x0) write(0xffffffffffffffff, &(0x7f0000000000)="2400000021002553e5e86e70af57bb2602000020001c000000ff000c080017", 0x1f) r0 = socket(0x10, 0x3, 0x0) sendmmsg$alg(r0, &(0x7f0000000140)=[{0x6, 0x0, &(0x7f0000000100), 0x6, &(0x7f0000000100)}], 0x492492492492805, 0x0) [ 53.628158][ T8141] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.637330][ T8141] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.645432][ T8141] device bridge_slave_0 entered promiscuous mode [ 53.658477][ T8138] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.686171][ T8141] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.695553][ T8141] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.703732][ T8141] device bridge_slave_1 entered promiscuous mode [ 53.758077][ T8138] team0: Port device team_slave_0 added [ 53.785773][ T8138] team0: Port device team_slave_1 added [ 53.809907][ T8141] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.825416][ T8141] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link 05:39:04 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x7e, 0x1, 0x3}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0xc, 0x4, 0x4, 0x234, 0x0, r0, 0x0, [0x305f, 0x2e, 0x32e, 0x182e, 0x2e, 0x80ffff, 0x80ffff, 0x2e, 0x2e, 0x2]}, 0x2c) [ 53.904679][ T8138] device hsr_slave_0 entered promiscuous mode [ 53.943213][ T8138] device hsr_slave_1 entered promiscuous mode [ 54.018363][ T8147] IPVS: ftp: loaded support on port[0] = 21 [ 54.029816][ T8141] team0: Port device team_slave_0 added [ 54.057896][ T8141] team0: Port device team_slave_1 added [ 54.079500][ T8149] IPVS: ftp: loaded support on port[0] = 21 [ 54.106358][ T8143] chnl_net:caif_netlink_parms(): no params data found 05:39:04 executing program 5: r0 = socket(0x10, 0x2, 0x0) sendto(r0, &(0x7f0000000200)="120000001200e7ef007b1a3fcd00000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x9}, {&(0x7f00000000c0)=""/85, 0x4e4}, {&(0x7f00000024c0)=""/4096, 0x1034}, {&(0x7f0000000400)=""/120, 0x78}, {&(0x7f0000000480)=""/60, 0xc6}, {&(0x7f0000000280)=""/77, 0x17c}, {&(0x7f0000000540)=""/154, 0x9a}, {&(0x7f0000000340)=""/22, 0x1de}], 0x3a4, &(0x7f0000002400)=""/191, 0x1f9}}], 0x4000000000001de, 0x6, &(0x7f0000003700)={0x77359400}) [ 54.245343][ T8141] device hsr_slave_0 entered promiscuous mode [ 54.312896][ T8141] device hsr_slave_1 entered promiscuous mode [ 54.362968][ T8141] debugfs: Directory 'hsr0' with parent '/' already present! [ 54.370732][ T8138] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 54.436397][ T8138] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 54.508278][ T8138] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 54.516967][ T8151] IPVS: ftp: loaded support on port[0] = 21 [ 54.564135][ T8138] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 54.642288][ T8149] chnl_net:caif_netlink_parms(): no params data found [ 54.662264][ T8143] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.669491][ T8143] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.677308][ T8143] device bridge_slave_0 entered promiscuous mode [ 54.688176][ T8143] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.696346][ T8143] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.705118][ T8143] device bridge_slave_1 entered promiscuous mode [ 54.726081][ T8141] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 54.787459][ T8141] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 54.847104][ T8141] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 54.899117][ T8141] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 54.977522][ T8149] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.985374][ T8149] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.993354][ T8149] device bridge_slave_0 entered promiscuous mode [ 55.001076][ T8149] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.009184][ T8149] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.016997][ T8149] device bridge_slave_1 entered promiscuous mode [ 55.075649][ T8143] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.091128][ T8143] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.106403][ T8149] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.116070][ T8147] chnl_net:caif_netlink_parms(): no params data found [ 55.144056][ T8149] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.168994][ T8143] team0: Port device team_slave_0 added [ 55.207508][ T8147] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.215605][ T8147] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.223623][ T8147] device bridge_slave_0 entered promiscuous mode [ 55.231941][ T8143] team0: Port device team_slave_1 added [ 55.240652][ T8149] team0: Port device team_slave_0 added [ 55.249561][ T8149] team0: Port device team_slave_1 added [ 55.259352][ T8147] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.266603][ T8147] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.274612][ T8147] device bridge_slave_1 entered promiscuous mode [ 55.344991][ T8149] device hsr_slave_0 entered promiscuous mode [ 55.403119][ T8149] device hsr_slave_1 entered promiscuous mode [ 55.462862][ T8149] debugfs: Directory 'hsr0' with parent '/' already present! [ 55.524832][ T8143] device hsr_slave_0 entered promiscuous mode [ 55.572967][ T8143] device hsr_slave_1 entered promiscuous mode [ 55.612782][ T8143] debugfs: Directory 'hsr0' with parent '/' already present! [ 55.622243][ T8147] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.639036][ T8147] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.719701][ T8141] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.730453][ T8147] team0: Port device team_slave_0 added [ 55.738540][ T8147] team0: Port device team_slave_1 added [ 55.744586][ T8151] chnl_net:caif_netlink_parms(): no params data found [ 55.775411][ T8149] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 55.836411][ T8143] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 55.906971][ T8143] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 55.974997][ T8141] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.981867][ T8149] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 56.015967][ T8149] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 56.088768][ T8149] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 56.147334][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.155873][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.168439][ T8143] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 56.217517][ T8143] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 56.344493][ T8147] device hsr_slave_0 entered promiscuous mode [ 56.373760][ T8147] device hsr_slave_1 entered promiscuous mode [ 56.412819][ T8147] debugfs: Directory 'hsr0' with parent '/' already present! [ 56.420430][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 56.429197][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 56.437734][ T8152] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.444948][ T8152] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.454466][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 56.478913][ T8151] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.486807][ T8151] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.495388][ T8151] device bridge_slave_0 entered promiscuous mode [ 56.512299][ T8154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 56.521267][ T8154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 56.529723][ T8154] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.536894][ T8154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.556657][ T8138] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.564853][ T8151] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.571914][ T8151] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.580494][ T8151] device bridge_slave_1 entered promiscuous mode [ 56.612166][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 56.631204][ T8151] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.645640][ T8147] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 56.686189][ T8147] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 56.748861][ T8151] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.762881][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 56.773617][ T8147] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 56.815000][ T8147] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 56.880123][ T8138] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.898473][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.906586][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.914575][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 56.923204][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 56.931428][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 56.940232][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 56.949246][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 56.958693][ T8151] team0: Port device team_slave_0 added [ 56.980270][ T8141] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 56.991131][ T8141] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 57.008016][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.017018][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.025730][ T43] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.032816][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.041453][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 57.050857][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.059427][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 57.068120][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.076906][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.086026][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 57.097292][ T8151] team0: Port device team_slave_1 added [ 57.138603][ T8143] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.149548][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.159232][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.168446][ T8152] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.175546][ T8152] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.224797][ T8151] device hsr_slave_0 entered promiscuous mode [ 57.273179][ T8151] device hsr_slave_1 entered promiscuous mode [ 57.332741][ T8151] debugfs: Directory 'hsr0' with parent '/' already present! [ 57.346987][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 57.355792][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 57.364693][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 57.373575][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 57.381872][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 57.389808][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 57.397894][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 57.413982][ T8141] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.427833][ T8138] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 57.438713][ T8138] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 57.452067][ T8149] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.460476][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 57.469169][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 57.478280][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.486255][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.494144][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 57.502380][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.510837][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 57.519171][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.531943][ T8143] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.559428][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 57.567398][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.576052][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.584848][ T8152] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.591873][ T8152] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.599607][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.607400][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.615887][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.631800][ T8147] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.642850][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.651462][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.669778][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.676920][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.690256][ T8149] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.714786][ T2700] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 57.728148][ T2700] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 57.738386][ T8138] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.783107][ T8151] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 162.772594][ C0] rcu: INFO: rcu_preempt self-detected stall on CPU [ 162.779375][ C0] rcu: 0-....: (10499 ticks this GP) idle=02a/1/0x4000000000000002 softirq=11063/11063 fqs=2780 [ 162.790118][ C0] (t=10501 jiffies g=6177 q=292) [ 162.795131][ C0] rcu: rcu_preempt kthread starved for 4942 jiffies! g6177 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 162.806123][ C0] rcu: RCU grace-period kthread stack dump: [ 162.811995][ C0] rcu_preempt R running task 29104 10 2 0x80004000 [ 162.819889][ C0] Call Trace: [ 162.823195][ C0] __schedule+0x9a0/0xcc0 [ 162.827529][ C0] schedule+0x181/0x210 [ 162.831703][ C0] schedule_timeout+0x14f/0x240 [ 162.836548][ C0] ? run_local_timers+0x120/0x120 [ 162.841592][ C0] rcu_gp_kthread+0xed8/0x1770 [ 162.846361][ C0] kthread+0x332/0x350 [ 162.850420][ C0] ? rcu_report_qs_rsp+0x140/0x140 [ 162.855521][ C0] ? kthread_blkcg+0xe0/0xe0 [ 162.860195][ C0] ret_from_fork+0x24/0x30 [ 162.864617][ C0] NMI backtrace for cpu 0 [ 162.868936][ C0] CPU: 0 PID: 8160 Comm: syz-executor.1 Not tainted 5.4.0-syzkaller #0 [ 162.877155][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 162.887207][ C0] Call Trace: [ 162.890491][ C0] [ 162.893334][ C0] dump_stack+0x1fb/0x318 [ 162.897682][ C0] nmi_cpu_backtrace+0xaf/0x1a0 [ 162.902519][ C0] ? nmi_trigger_cpumask_backtrace+0x16d/0x290 [ 162.908659][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 162.914709][ C0] nmi_trigger_cpumask_backtrace+0x174/0x290 [ 162.920675][ C0] arch_trigger_cpumask_backtrace+0x10/0x20 [ 162.926553][ C0] rcu_dump_cpu_stacks+0x15a/0x220 [ 162.931660][ C0] rcu_sched_clock_irq+0xe25/0x1ad0 [ 162.936856][ C0] ? trace_hardirqs_off+0x74/0x80 [ 162.941891][ C0] update_process_times+0x12d/0x180 [ 162.947082][ C0] tick_sched_timer+0x263/0x420 [ 162.951921][ C0] ? tick_setup_sched_timer+0x3d0/0x3d0 [ 162.957452][ C0] __hrtimer_run_queues+0x403/0x840 [ 162.962667][ C0] hrtimer_interrupt+0x38c/0xda0 [ 162.967615][ C0] ? debug_smp_processor_id+0x9/0x20 [ 162.972896][ C0] smp_apic_timer_interrupt+0x109/0x280 [ 162.978432][ C0] apic_timer_interrupt+0xf/0x20 [ 162.983367][ C0] [ 162.986299][ C0] RIP: 0010:mod_memcg_page_state+0x0/0x190 [ 162.992105][ C0] Code: 48 8b 3b e8 12 c1 5f 00 eb 0c e8 0b 29 2e 00 eb 05 e8 04 29 2e 00 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 1f 44 00 00 <55> 48 89 e5 41 57 41 56 41 54 53 41 89 f6 48 89 fb e8 da 28 2e 00 [ 163.011697][ C0] RSP: 0018:ffffc900022179e0 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 163.020096][ C0] RAX: 1ffff110146cefa1 RBX: ffff8880a3677d08 RCX: 0000000000000000 [ 163.028057][ C0] RDX: 0000000000000000 RSI: 00000000fffffffc RDI: ffffea0002488900 [ 163.036020][ C0] RBP: ffffc90002217a20 R08: 000000000003a768 R09: ffffed10131d92ff [ 163.043980][ C0] R10: ffffed10131d92ff R11: 0000000000000000 R12: ffff8880a3677da0 [ 163.051942][ C0] R13: dffffc0000000000 R14: 1ffff110146cefb4 R15: ffff888098ec97e8 [ 163.059930][ C0] ? free_thread_stack+0x168/0x590 [ 163.065125][ C0] put_task_stack+0xa3/0x130 [ 163.069712][ C0] finish_task_switch+0x3f1/0x550 [ 163.074733][ C0] __schedule+0x9a8/0xcc0 [ 163.079058][ C0] preempt_schedule_irq+0xc1/0x140 [ 163.084158][ C0] retint_kernel+0x1b/0x2b [ 163.088562][ C0] RIP: 0010:kfree+0x1a3/0x200 [ 163.093224][ C0] Code: 48 83 3d 67 19 59 07 00 74 68 4c 89 f7 57 9d 0f 1f 44 00 00 eb 19 e8 ec b7 ca ff 48 83 3d 4c 19 59 07 00 74 51 4c 89 f7 57 9d <0f> 1f 44 00 00 5b 41 5c 41 5e 41 5f 5d c3 48 ff c9 48 89 c8 e9 c8 [ 163.112820][ C0] RSP: 0018:ffffc90002217c30 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13 [ 163.121221][ C0] RAX: ffff8880a3db28d4 RBX: ffff8880aa800380 RCX: ffffffff815c0597 [ 163.129198][ C0] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000286 [ 163.137166][ C0] RBP: ffffc90002217c50 R08: ffff8880a3db2898 R09: fffffbfff13c852e [ 163.145141][ C0] R10: fffffbfff13c852e R11: 0000000000000000 R12: ffff888092b8b580 [ 163.153109][ C0] R13: 1ffff92000442f94 R14: 0000000000000286 R15: ffffffff8354c8ab [ 163.161101][ C0] ? tomoyo_path_perm+0x66b/0x850 [ 163.166125][ C0] ? mark_lock+0x107/0x1650 [ 163.170620][ C0] tomoyo_path_perm+0x66b/0x850 [ 163.175488][ C0] tomoyo_path_symlink+0x95/0xc0 [ 163.180414][ C0] security_path_symlink+0xed/0x170 [ 163.185603][ C0] do_symlinkat+0xf3/0x3f0 [ 163.190016][ C0] __x64_sys_symlink+0x60/0x70 [ 163.194770][ C0] do_syscall_64+0xf7/0x1c0 [ 163.199268][ C0] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 163.205149][ C0] RIP: 0033:0x45a3a7 [ 163.209029][ C0] Code: 0f 1f 00 b8 5c 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 6d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 58 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 4d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 163.228618][ C0] RSP: 002b:00007ffdef746908 EFLAGS: 00000202 ORIG_RAX: 0000000000000058 [ 163.237015][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045a3a7 [ 163.244986][ C0] RDX: 00007ffdef7469a7 RSI: 00000000004c00d3 RDI: 00007ffdef746990 [ 163.252943][ C0] RBP: 0000000000000000 R08: 0000000000000220 R09: 0000000000000017 [ 163.260899][ C0] R10: 0000000000000075 R11: 0000000000000202 R12: 0000000000000001 [ 163.268865][ C0] R13: 00007ffdef746940 R14: 0000000000000000 R15: 00007ffdef746950