[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 62.464481][ T25] audit: type=1800 audit(1563802989.687:25): pid=8775 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 62.485021][ T25] audit: type=1800 audit(1563802989.687:26): pid=8775 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 62.505697][ T25] audit: type=1800 audit(1563802989.687:27): pid=8775 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.74' (ECDSA) to the list of known hosts. 2019/07/22 13:43:21 fuzzer started 2019/07/22 13:43:23 dialing manager at 10.128.0.26:34077 2019/07/22 13:43:24 syscalls: 2467 2019/07/22 13:43:24 code coverage: enabled 2019/07/22 13:43:24 comparison tracing: enabled 2019/07/22 13:43:24 extra coverage: extra coverage is not supported by the kernel 2019/07/22 13:43:24 setuid sandbox: enabled 2019/07/22 13:43:24 namespace sandbox: enabled 2019/07/22 13:43:24 Android sandbox: /sys/fs/selinux/policy does not exist 2019/07/22 13:43:24 fault injection: enabled 2019/07/22 13:43:24 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/07/22 13:43:24 net packet injection: enabled 2019/07/22 13:43:24 net device setup: enabled 13:45:50 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$TCSETSF(r1, 0xc074510c, 0x0) syzkaller login: [ 223.787748][ T8941] IPVS: ftp: loaded support on port[0] = 21 [ 223.894053][ T8941] chnl_net:caif_netlink_parms(): no params data found 13:45:51 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) socket(0x840000000002, 0x3, 0xff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='ip6_vti0\x00 \x00', 0x10) connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @initdev}, 0x10) write$binfmt_elf32(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="4ef200000e000000000144160501030000000038000000000000000900000b0000000000000400"/56], 0x38) [ 223.934858][ T8941] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.941948][ T8941] bridge0: port 1(bridge_slave_0) entered disabled state [ 223.950238][ T8941] device bridge_slave_0 entered promiscuous mode [ 223.963598][ T8941] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.970665][ T8941] bridge0: port 2(bridge_slave_1) entered disabled state [ 223.978833][ T8941] device bridge_slave_1 entered promiscuous mode [ 224.036094][ T8941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 224.064373][ T8941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 224.091554][ T8941] team0: Port device team_slave_0 added [ 224.104574][ T8944] IPVS: ftp: loaded support on port[0] = 21 [ 224.114690][ T8941] team0: Port device team_slave_1 added 13:45:51 executing program 2: clone(0x7fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f00000021c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="14d20f050e"], 0x5}}, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x30) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 224.245744][ T8941] device hsr_slave_0 entered promiscuous mode [ 224.333185][ T8941] device hsr_slave_1 entered promiscuous mode 13:45:51 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6) [ 224.479696][ T8946] IPVS: ftp: loaded support on port[0] = 21 [ 224.527690][ T8941] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.534949][ T8941] bridge0: port 2(bridge_slave_1) entered forwarding state [ 224.542882][ T8941] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.549979][ T8941] bridge0: port 1(bridge_slave_0) entered forwarding state [ 224.598608][ T8944] chnl_net:caif_netlink_parms(): no params data found [ 224.685826][ T8949] IPVS: ftp: loaded support on port[0] = 21 [ 224.711850][ T8944] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.719177][ T8944] bridge0: port 1(bridge_slave_0) entered disabled state [ 224.727604][ T8944] device bridge_slave_0 entered promiscuous mode [ 224.761610][ T8941] 8021q: adding VLAN 0 to HW filter on device bond0 [ 224.775453][ T8944] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.782649][ T8944] bridge0: port 2(bridge_slave_1) entered disabled state [ 224.790674][ T8944] device bridge_slave_1 entered promiscuous mode [ 224.818876][ T8941] 8021q: adding VLAN 0 to HW filter on device team0 [ 224.833290][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 224.845563][ T2624] bridge0: port 1(bridge_slave_0) entered disabled state 13:45:52 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2ca, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup3(r0, r1, 0x0) ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, 0x0) [ 224.863129][ T2624] bridge0: port 2(bridge_slave_1) entered disabled state [ 224.871959][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 224.894566][ T8946] chnl_net:caif_netlink_parms(): no params data found [ 224.943415][ T8944] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 224.970768][ T2829] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 224.979690][ T2829] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 224.988365][ T2829] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.995476][ T2829] bridge0: port 1(bridge_slave_0) entered forwarding state [ 225.044898][ T8944] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 225.085879][ T2829] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 225.094661][ T2829] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 225.103127][ T2829] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.110211][ T2829] bridge0: port 2(bridge_slave_1) entered forwarding state [ 225.118241][ T2829] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 225.127119][ T2829] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 225.136003][ T2829] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 225.144909][ T2829] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 225.153519][ T2829] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 225.162319][ T2829] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 225.171016][ T2829] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 225.179577][ T2829] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 225.188008][ T2829] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 225.196507][ T2829] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 225.208062][ T2829] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 225.224751][ T8941] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 225.233369][ T8946] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.240438][ T8946] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.248807][ T8946] device bridge_slave_0 entered promiscuous mode [ 225.285382][ T8946] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.292470][ T8946] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.300717][ T8946] device bridge_slave_1 entered promiscuous mode [ 225.320309][ T8944] team0: Port device team_slave_0 added [ 225.341205][ T8944] team0: Port device team_slave_1 added [ 225.387273][ T8949] chnl_net:caif_netlink_parms(): no params data found [ 225.407381][ T8946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 225.421095][ T8941] 8021q: adding VLAN 0 to HW filter on device batadv0 13:45:52 executing program 5: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) r0 = socket$vsock_stream(0x28, 0x1, 0x0) getsockopt$inet6_int(r0, 0x28, 0x0, 0x0, &(0x7f0000000100)) [ 225.469778][ T8944] device hsr_slave_0 entered promiscuous mode [ 225.513003][ T8944] device hsr_slave_1 entered promiscuous mode [ 225.572925][ T8944] debugfs: Directory 'hsr0' with parent '/' already present! [ 225.588748][ T8946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 225.611890][ T8956] IPVS: ftp: loaded support on port[0] = 21 [ 225.657255][ T8946] team0: Port device team_slave_0 added [ 225.670598][ T8946] team0: Port device team_slave_1 added [ 225.766758][ T8946] device hsr_slave_0 entered promiscuous mode [ 225.824000][ T8946] device hsr_slave_1 entered promiscuous mode [ 225.862663][ T8946] debugfs: Directory 'hsr0' with parent '/' already present! [ 225.897028][ T8961] IPVS: ftp: loaded support on port[0] = 21 [ 225.905665][ T8949] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.912775][ T8949] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.920848][ T8949] device bridge_slave_0 entered promiscuous mode [ 225.978912][ T8949] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.986081][ T8949] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.994495][ T8949] device bridge_slave_1 entered promiscuous mode 13:45:53 executing program 0: r0 = open(&(0x7f0000000000)='\x00', 0x18000, 0x1e0) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_STATS(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x9001400}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x202, 0x70bd2c, 0x25dfdbfd, {}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004001}, 0x91) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) getsockopt$bt_hci(r2, 0x0, 0x3, 0x0, &(0x7f0000000400)) [ 226.107946][ T8949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 226.131892][ T8944] 8021q: adding VLAN 0 to HW filter on device bond0 13:45:53 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = epoll_create1(0xfffffffffffffffe) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=0x0) fcntl$lock(r0, 0x24, &(0x7f00000000c0)={0xfffffffffffffffe, 0x4, 0x0, 0x0, r1}) [ 226.168619][ T8949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 226.236764][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 226.244742][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 226.265105][ T8944] 8021q: adding VLAN 0 to HW filter on device team0 [ 226.299558][ T8961] chnl_net:caif_netlink_parms(): no params data found [ 226.324406][ T8949] team0: Port device team_slave_0 added 13:45:53 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000100)={0x0, 0x8a, "b03fc6fc04902a3681c21d1706e9b6976fb4923a9dcb8e3604316d78fa4fcc018aff1ac25238b33a512044b843cac2e10c4e8ba84ea30239fe82b77f23f8d8ff8eaa9be6ae0e7b355610efb2ad00074fd1b96bf1b416699210152d2027a7a9dcccb3380812796aedb806d73b4389d3b96957c276a2cf8e06d5db09cfb07fa70effcf4f8ebbbfa70bd9ef"}, &(0x7f00000001c0)=0x92) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000200)={r2, 0x240000000000}, 0x8) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r3 = accept$alg(r1, 0x0, 0x0) sendmsg$alg(r3, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r3, &(0x7f0000000600)=ANY=[], 0xfec8) recvmmsg(r3, &(0x7f0000007e00)=[{{&(0x7f0000001240)=@alg, 0x80, &(0x7f0000004700)=[{&(0x7f00000012c0)=""/167, 0xf}, {&(0x7f00000023c0)=""/49, 0x200023f1}, {&(0x7f0000003580)=""/4096, 0x1000}], 0x3, &(0x7f0000004780)=""/245, 0xf5}}], 0x30, 0x0, &(0x7f0000008000)={0x0, 0x989680}) [ 226.351902][ T8956] chnl_net:caif_netlink_parms(): no params data found [ 226.368711][ T8949] team0: Port device team_slave_1 added [ 226.377563][ T8946] 8021q: adding VLAN 0 to HW filter on device bond0 [ 226.422148][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 226.431214][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 226.439838][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.446928][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 226.450117][ C0] hrtimer: interrupt took 35038 ns [ 226.454628][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 226.468086][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 226.476558][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.485117][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 226.492866][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 226.512004][ T8946] 8021q: adding VLAN 0 to HW filter on device team0 [ 226.603222][ T8956] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.610321][ T8956] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.618698][ T8956] device bridge_slave_0 entered promiscuous mode 13:45:59 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000100)={0x0, 0x8a, "b03fc6fc04902a3681c21d1706e9b6976fb4923a9dcb8e3604316d78fa4fcc018aff1ac25238b33a512044b843cac2e10c4e8ba84ea30239fe82b77f23f8d8ff8eaa9be6ae0e7b355610efb2ad00074fd1b96bf1b416699210152d2027a7a9dcccb3380812796aedb806d73b4389d3b96957c276a2cf8e06d5db09cfb07fa70effcf4f8ebbbfa70bd9ef"}, &(0x7f00000001c0)=0x92) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000200)={r2, 0x240000000000}, 0x8) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r3 = accept$alg(r1, 0x0, 0x0) sendmsg$alg(r3, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r3, &(0x7f0000000600)=ANY=[], 0xfec8) recvmmsg(r3, &(0x7f0000007e00)=[{{&(0x7f0000001240)=@alg, 0x80, &(0x7f0000004700)=[{&(0x7f00000012c0)=""/167, 0xf}, {&(0x7f00000023c0)=""/49, 0x200023f1}, {&(0x7f0000003580)=""/4096, 0x1000}], 0x3, &(0x7f0000004780)=""/245, 0xf5}}], 0x30, 0x0, &(0x7f0000008000)={0x0, 0x989680}) [ 231.902934][ T8949] device hsr_slave_0 entered promiscuous mode [ 231.943073][ T8949] device hsr_slave_1 entered promiscuous mode [ 231.988498][ T8949] debugfs: Directory 'hsr0' with parent '/' already present! [ 232.063091][ T8949] 8021q: adding VLAN 0 to HW filter on device bond0 [ 232.089102][ T8949] 8021q: adding VLAN 0 to HW filter on device team0 [ 232.145968][ T8949] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 232.173553][ T8949] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 232.348548][ T8992] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. 13:45:59 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000100)={0x0, 0x8a, "b03fc6fc04902a3681c21d1706e9b6976fb4923a9dcb8e3604316d78fa4fcc018aff1ac25238b33a512044b843cac2e10c4e8ba84ea30239fe82b77f23f8d8ff8eaa9be6ae0e7b355610efb2ad00074fd1b96bf1b416699210152d2027a7a9dcccb3380812796aedb806d73b4389d3b96957c276a2cf8e06d5db09cfb07fa70effcf4f8ebbbfa70bd9ef"}, &(0x7f00000001c0)=0x92) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000200)={r2, 0x240000000000}, 0x8) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r3 = accept$alg(r1, 0x0, 0x0) sendmsg$alg(r3, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r3, &(0x7f0000000600)=ANY=[], 0xfec8) recvmmsg(r3, &(0x7f0000007e00)=[{{&(0x7f0000001240)=@alg, 0x80, &(0x7f0000004700)=[{&(0x7f00000012c0)=""/167, 0xf}, {&(0x7f00000023c0)=""/49, 0x200023f1}, {&(0x7f0000003580)=""/4096, 0x1000}], 0x3, &(0x7f0000004780)=""/245, 0xf5}}], 0x30, 0x0, &(0x7f0000008000)={0x0, 0x989680}) [ 336.982602][ C1] rcu: INFO: rcu_sched self-detected stall on CPU [ 336.989224][ C1] rcu: 1-...!: (10500 ticks this GP) idle=9da/1/0x4000000000000002 softirq=10990/10990 fqs=31 [ 336.999846][ C1] (t=10502 jiffies g=13365 q=846) [ 337.004969][ C1] rcu: rcu_sched kthread starved for 10437 jiffies! g13365 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 337.015986][ C1] rcu: RCU grace-period kthread stack dump: [ 337.021885][ C1] rcu_sched R running task 29144 10 2 0x80004000 [ 337.029846][ C1] Call Trace: [ 337.033277][ C1] __schedule+0x772/0x1530 [ 337.037710][ C1] ? __sched_text_start+0x8/0x8 [ 337.042575][ C1] ? _raw_spin_unlock_irqrestore+0x67/0xd0 [ 337.048382][ C1] ? schedule_timeout+0x444/0xbc0 [ 337.053493][ C1] ? lockdep_hardirqs_on+0x418/0x5d0 [ 337.058860][ C1] schedule+0xa5/0x260 [ 337.062931][ C1] schedule_timeout+0x44e/0xbc0 [ 337.067784][ C1] ? _raw_spin_unlock_irqrestore+0x67/0xd0 [ 337.073596][ C1] ? usleep_range+0x170/0x170 [ 337.078332][ C1] ? trace_hardirqs_on+0x67/0x220 [ 337.083406][ C1] ? __kasan_check_read+0x11/0x20 [ 337.088451][ C1] ? __next_timer_interrupt+0x1a0/0x1a0 [ 337.094061][ C1] ? swake_up_one+0x60/0x60 [ 337.098575][ C1] rcu_gp_kthread+0x835/0x1320 [ 337.103349][ C1] ? rcu_barrier+0x310/0x310 [ 337.107948][ C1] ? trace_hardirqs_on+0x67/0x220 [ 337.112975][ C1] ? __kasan_check_read+0x11/0x20 [ 337.118019][ C1] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 337.124310][ C1] ? __kthread_parkme+0x108/0x1c0 [ 337.129337][ C1] ? __kasan_check_read+0x11/0x20 [ 337.134367][ C1] kthread+0x361/0x430 [ 337.138461][ C1] ? rcu_barrier+0x310/0x310 [ 337.143050][ C1] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 337.149296][ C1] ret_from_fork+0x24/0x30 [ 337.153725][ C1] NMI backtrace for cpu 1 [ 337.158056][ C1] CPU: 1 PID: 8985 Comm: syz-executor.0 Not tainted 5.2.0+ #71 [ 337.165588][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 337.175642][ C1] Call Trace: [ 337.178979][ C1] [ 337.181845][ C1] dump_stack+0x16f/0x1f0 [ 337.186220][ C1] ? lapic_can_unplug_cpu.cold+0x36/0x45 [ 337.191860][ C1] nmi_cpu_backtrace.cold+0x70/0xb2 [ 337.197079][ C1] ? lapic_can_unplug_cpu.cold+0x45/0x45 [ 337.202722][ C1] nmi_trigger_cpumask_backtrace+0x22d/0x25c [ 337.208712][ C1] arch_trigger_cpumask_backtrace+0x14/0x20 [ 337.214606][ C1] rcu_dump_cpu_stacks+0x183/0x1cf [ 337.219725][ C1] rcu_sched_clock_irq.cold+0x491/0x8c0 [ 337.225272][ C1] ? raise_softirq+0x163/0x370 [ 337.230039][ C1] update_process_times+0x32/0x80 [ 337.235064][ C1] tick_sched_handle+0xa2/0x190 [ 337.239924][ C1] tick_sched_timer+0x47/0x130 [ 337.244693][ C1] __hrtimer_run_queues+0x364/0xd90 [ 337.249895][ C1] ? tick_sched_do_timer+0x1b0/0x1b0 [ 337.255195][ C1] ? hrtimer_start_range_ns+0xbc0/0xbc0 [ 337.260742][ C1] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 337.266458][ C1] ? ktime_get_update_offsets_now+0x2d3/0x440 [ 337.272537][ C1] hrtimer_interrupt+0x2ea/0x730 [ 337.277494][ C1] smp_apic_timer_interrupt+0x10b/0x550 [ 337.283039][ C1] apic_timer_interrupt+0xf/0x20 [ 337.287972][ C1] [ 337.290917][ C1] RIP: 0010:write_comp_data+0x17/0x70 [ 337.296294][ C1] Code: c2 01 48 39 d0 76 07 48 89 34 d1 48 89 11 5d c3 0f 1f 00 65 4c 8b 04 25 c0 fd 01 00 65 8b 05 a8 a6 90 7e a9 00 01 1f 00 75 51 <41> 8b 80 a8 12 00 00 83 f8 03 75 45 49 8b 80 b0 12 00 00 45 8b 80 [ 337.315903][ C1] RSP: 0018:ffff88805f36f578 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 337.324319][ C1] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff831381ad [ 337.332290][ C1] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000005 [ 337.340262][ C1] RBP: ffff88805f36f580 R08: ffff88808f530380 R09: 00000000747f4071 [ 337.348239][ C1] R10: 000000003195efde R11: 0000000000000000 R12: ffff88805f36f740 [ 337.356747][ C1] R13: ffff88805f36f710 R14: 1ffff1100be6deb2 R15: ffff88805f36f740 [ 337.364837][ C1] ? crypto_aegis128_update+0xbd/0x120 [ 337.370317][ C1] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 337.376560][ C1] crypto_aegis128_update+0xbd/0x120 [ 337.381848][ C1] ? crypto_aegis_aesenc+0xdb0/0xdb0 [ 337.387142][ C1] crypto_aegis128_crypt+0x286/0xd00 [ 337.392472][ C1] ? iov_iter_get_pages+0x31f/0xf80 [ 337.397676][ C1] ? mark_lock+0xc0/0x11e0 [ 337.402101][ C1] ? mark_held_locks+0xa4/0xf0 [ 337.406875][ C1] ? crypto_aegis128_encrypt_chunk+0xaa0/0xaa0 [ 337.413026][ C1] ? sg_init_table+0x23/0x70 [ 337.417619][ C1] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 337.423348][ C1] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 337.429065][ C1] ? iov_iter_advance+0x295/0xf70 [ 337.434102][ C1] ? af_alg_free_sg+0x220/0x220 [ 337.438959][ C1] crypto_aegis128_encrypt+0x110/0x1e0 [ 337.444423][ C1] ? crypto_aegis128_crypt+0xd00/0xd00 [ 337.449892][ C1] crypto_aead_encrypt+0xaf/0xf0 [ 337.454833][ C1] aead_recvmsg+0x8d6/0x16a0 [ 337.459473][ C1] ? aead_release+0x50/0x50 [ 337.464040][ C1] ? apparmor_socket_recvmsg+0x2a/0x30 [ 337.469506][ C1] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 337.475766][ C1] ? security_socket_recvmsg+0x95/0xc0 [ 337.481231][ C1] ? aead_release+0x50/0x50 [ 337.486174][ C1] sock_recvmsg+0xce/0x110 [ 337.490596][ C1] ? sockfs_setattr+0x170/0x170 [ 337.495454][ C1] ___sys_recvmsg+0x271/0x5a0 [ 337.500135][ C1] ? ___sys_sendmsg+0x920/0x920 [ 337.505008][ C1] ? __fget+0x357/0x560 [ 337.509169][ C1] ? __fget+0x388/0x560 [ 337.513329][ C1] ? ksys_dup3+0x3e0/0x3e0 [ 337.517742][ C1] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 337.523461][ C1] ? timespec64_add_safe+0x189/0x210 [ 337.528762][ C1] ? nsec_to_clock_t+0x30/0x30 [ 337.533535][ C1] ? __fget_light+0x1a9/0x230 [ 337.538210][ C1] ? __fdget+0x1b/0x20 [ 337.542283][ C1] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 337.548531][ C1] do_recvmmsg+0x27e/0x7a0 [ 337.552956][ C1] ? ___sys_recvmsg+0x5a0/0x5a0 [ 337.557821][ C1] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 337.564061][ C1] ? _copy_from_user+0x12c/0x1a0 [ 337.569043][ C1] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 337.574507][ C1] __sys_recvmmsg+0xe5/0x270 [ 337.579102][ C1] ? __ia32_sys_recvmsg+0xb0/0xb0 [ 337.584138][ C1] __x64_sys_recvmmsg+0xe6/0x140 [ 337.589079][ C1] do_syscall_64+0xfd/0x6a0 [ 337.593589][ C1] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 337.599489][ C1] RIP: 0033:0x459819 [ 337.603393][ C1] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 337.623086][ C1] RSP: 002b:00007f46a7cdec78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 337.631513][ C1] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459819 [ 337.639484][ C1] RDX: 0000000000000030 RSI: 0000000020007e00 RDI: 0000000000000006 [ 337.647466][ C1] RBP: 000000000075bf20 R08: 0000000020008000 R09: 0000000000000000 [ 337.655443][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f46a7cdf6d4 [ 337.663418][ C1] R13: 00000000004c6bf7 R14: 00000000004dbd88 R15: 00000000ffffffff