[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   45.422775][   T26] audit: type=1800 audit(1575458217.814:25): pid=8153 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   45.456322][   T26] audit: type=1800 audit(1575458217.814:26): pid=8153 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   45.498626][   T26] audit: type=1800 audit(1575458217.814:27): pid=8153 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.15.213' (ECDSA) to the list of known hosts.
2019/12/04 11:17:08 fuzzer started
2019/12/04 11:17:10 dialing manager at 10.128.0.26:36481
2019/12/04 11:17:10 syscalls: 2691
2019/12/04 11:17:10 code coverage: enabled
2019/12/04 11:17:10 comparison tracing: enabled
2019/12/04 11:17:10 extra coverage: extra coverage is not supported by the kernel
2019/12/04 11:17:10 setuid sandbox: enabled
2019/12/04 11:17:10 namespace sandbox: enabled
2019/12/04 11:17:10 Android sandbox: /sys/fs/selinux/policy does not exist
2019/12/04 11:17:10 fault injection: enabled
2019/12/04 11:17:10 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/12/04 11:17:10 net packet injection: enabled
2019/12/04 11:17:10 net device setup: enabled
2019/12/04 11:17:10 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2019/12/04 11:17:10 devlink PCI setup: PCI device 0000:00:10.0 is not available
11:17:11 executing program 0:
capset(&(0x7f00000fc000)={0x800000019980330}, &(0x7f000047efe8))
mkdir(&(0x7f0000002000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
symlink(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', &(0x7f00000002c0)='./file0\x00')
creat(&(0x7f0000000300)='./file0\x00', 0x0)

11:17:11 executing program 1:
unshare(0x20400)
r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x2, 0x0)
ppoll(&(0x7f0000000040)=[{r0}], 0x1, &(0x7f0000000080), 0x0, 0x0)

syzkaller login: [   59.056581][ T8323] IPVS: ftp: loaded support on port[0] = 21
[   59.156753][ T8325] IPVS: ftp: loaded support on port[0] = 21
[   59.237552][ T8323] chnl_net:caif_netlink_parms(): no params data found
[   59.277681][ T8323] bridge0: port 1(bridge_slave_0) entered blocking state
11:17:11 executing program 2:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x3, &(0x7f000055bfe4), 0x36f)

[   59.286120][ T8323] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.309896][ T8323] device bridge_slave_0 entered promiscuous mode
[   59.352944][ T8323] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.368716][ T8323] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.388875][ T8323] device bridge_slave_1 entered promiscuous mode
11:17:11 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000002f3753a9c3b630bf92dd696125265586f2043649b89ec9b91dc174d5701424fa24052b2fe97409000000058e4bf0391702519694cd73608fadb119a5ffc8f1460c55bcce412bc1cc14a1f64ad78f7efc6f2251217bae2233bacac999cbb0468424c2e8ab6cafc7bed227046c4ef20a09f4a46c382c1e7016a71a704c7b3cddf5306b500fda7b4a72bedb7c33a4c7e1f0c42819df5c26d28b450e2a9980b62fe2a57ac040892270e005a2e4ead36494a405cb500badb2b544"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={r0, 0x18000000000002a0, 0xe0, 0x900, &(0x7f00000006c0)="b9ff0300000d698cb89e40f086ddd501890600de0500000077fb7f11c72be9", 0x0, 0x100}, 0x28)

[   59.466097][ T8323] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   59.484752][ T8330] IPVS: ftp: loaded support on port[0] = 21
[   59.506232][ T8323] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   59.529831][ T8325] chnl_net:caif_netlink_parms(): no params data found
[   59.625851][ T8323] team0: Port device team_slave_0 added
[   59.670771][ T8323] team0: Port device team_slave_1 added
[   59.677462][ T8325] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.685196][ T8325] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.694523][ T8325] device bridge_slave_0 entered promiscuous mode
11:17:12 executing program 4:
ioctl$sock_inet_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f00000001c0)={'bond_slave_1\x00', {0x2, 0x0, @empty}})
syz_mount_image$ext4(0x0, 0x0, 0x0, 0x1, &(0x7f00000007c0)=[{&(0x7f0000000280)="62f23e748cdfecc0d3bcb88248f9f8f8e87edc5637656d6e511dcdc6041c8d8a0957939950c15c7ac6360c7820e1d5957ba4167f17600b58767db91e29eb92a20f86dddfb0f8dda322d3ddeadba924051c7894f228f090746b1a55e851e7dcaae4d8411f6806d216b4", 0x69, 0x34}], 0x0, 0x0)
ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f0000000140)={0x0, {0x2, 0x0, @empty}, {0x2, 0x0, @dev}})
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xabb, &(0x7f0000000100)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0)

[   59.723652][ T8325] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.732375][ T8325] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.741935][ T8325] device bridge_slave_1 entered promiscuous mode
[   59.831981][ T8323] device hsr_slave_0 entered promiscuous mode
[   59.859800][ T8323] device hsr_slave_1 entered promiscuous mode
[   59.953606][ T8332] IPVS: ftp: loaded support on port[0] = 21
[   59.963197][ T8325] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
11:17:12 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x75, 0x0, 0x0)

[   60.032586][ T8325] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   60.050090][ T8323] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   60.123198][ T8323] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   60.190850][ T8323] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   60.242242][ T8323] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   60.303561][ T8330] chnl_net:caif_netlink_parms(): no params data found
[   60.314059][ T8335] IPVS: ftp: loaded support on port[0] = 21
[   60.337477][ T8325] team0: Port device team_slave_0 added
[   60.345606][ T8325] team0: Port device team_slave_1 added
[   60.347905][ T8337] IPVS: ftp: loaded support on port[0] = 21
[   60.402083][ T8330] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.411887][ T8330] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.421111][ T8330] device bridge_slave_0 entered promiscuous mode
[   60.491715][ T8325] device hsr_slave_0 entered promiscuous mode
[   60.549030][ T8325] device hsr_slave_1 entered promiscuous mode
[   60.589155][ T8325] debugfs: Directory 'hsr0' with parent '/' already present!
[   60.601377][ T8330] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.609126][ T8330] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.617289][ T8330] device bridge_slave_1 entered promiscuous mode
[   60.655338][ T8330] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   60.691494][ T8330] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   60.722050][ T8325] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   60.768744][ T8330] team0: Port device team_slave_0 added
[   60.780367][ T8330] team0: Port device team_slave_1 added
[   60.791334][ T8325] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   60.842515][ T8325] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   60.911875][ T8325] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   61.011906][ T8335] chnl_net:caif_netlink_parms(): no params data found
[   61.027596][ T8332] chnl_net:caif_netlink_parms(): no params data found
[   61.101147][ T8330] device hsr_slave_0 entered promiscuous mode
[   61.139037][ T8330] device hsr_slave_1 entered promiscuous mode
[   61.198782][ T8330] debugfs: Directory 'hsr0' with parent '/' already present!
[   61.295029][ T8332] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.303429][ T8332] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.311461][ T8332] device bridge_slave_0 entered promiscuous mode
[   61.347197][ T8330] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   61.407073][ T8332] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.414437][ T8332] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.422983][ T8332] device bridge_slave_1 entered promiscuous mode
[   61.442036][ T8332] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   61.462348][ T8330] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   61.510745][ T8335] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.517843][ T8335] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.525892][ T8335] device bridge_slave_0 entered promiscuous mode
[   61.534511][ T8332] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   61.543954][ T8337] chnl_net:caif_netlink_parms(): no params data found
[   61.565914][ T8330] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   61.601130][ T8335] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.608228][ T8335] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.617818][ T8335] device bridge_slave_1 entered promiscuous mode
[   61.641315][ T8332] team0: Port device team_slave_0 added
[   61.653257][ T8332] team0: Port device team_slave_1 added
[   61.662333][ T8323] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.670434][ T8330] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   61.763753][ T8335] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   61.779992][ T8337] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.787131][ T8337] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.795540][ T8337] device bridge_slave_0 entered promiscuous mode
[   61.841840][ T8332] device hsr_slave_0 entered promiscuous mode
[   61.879272][ T8332] device hsr_slave_1 entered promiscuous mode
[   61.908840][ T8332] debugfs: Directory 'hsr0' with parent '/' already present!
[   61.922583][ T8325] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.940533][ T8335] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   61.961291][ T8337] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.970449][ T8337] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.978372][ T8337] device bridge_slave_1 entered promiscuous mode
[   61.989016][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   61.998123][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   62.008440][ T8323] 8021q: adding VLAN 0 to HW filter on device team0
[   62.025219][ T8335] team0: Port device team_slave_0 added
[   62.033006][ T8335] team0: Port device team_slave_1 added
[   62.058032][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   62.066820][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   62.075987][   T17] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.083281][   T17] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.099218][ T8325] 8021q: adding VLAN 0 to HW filter on device team0
[   62.171172][ T8335] device hsr_slave_0 entered promiscuous mode
[   62.219200][ T8335] device hsr_slave_1 entered promiscuous mode
[   62.248750][ T8335] debugfs: Directory 'hsr0' with parent '/' already present!
[   62.257766][ T8337] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.269979][ T8337] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   62.280082][ T3771] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   62.291074][ T3771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   62.299920][ T3771] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   62.308203][ T3771] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.315308][ T3771] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.324736][ T3771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   62.333388][ T3771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   62.341490][ T3771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   62.363914][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   62.373979][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   62.382983][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   62.400071][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   62.438354][ T3771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   62.450368][ T3771] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   62.460203][ T3771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   62.468835][ T3771] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   62.477217][ T3771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   62.485926][ T3771] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   62.494348][ T3771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   62.503074][ T3771] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   62.511866][ T3771] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.518976][ T3771] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.533411][ T8323] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   62.551516][ T8337] team0: Port device team_slave_0 added
[   62.559567][ T3771] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   62.570359][ T8330] 8021q: adding VLAN 0 to HW filter on device bond0
[   62.587737][ T8332] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   62.631720][ T8337] team0: Port device team_slave_1 added
[   62.637545][ T8332] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   62.684794][ T8332] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   62.730212][ T8332] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   62.792338][ T8342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   62.803803][ T8342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   62.812703][ T8342] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.819802][ T8342] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.843140][ T8323] 8021q: adding VLAN 0 to HW filter on device batadv0
[   62.868370][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   62.883230][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   62.891466][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   62.901418][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   62.910819][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   62.920031][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   62.928435][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   62.937596][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   62.947319][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   62.957142][ T8330] 8021q: adding VLAN 0 to HW filter on device team0
[   62.972057][ T8335] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   63.011273][ T8335] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   63.071246][ T8335] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   63.170953][ T8337] device hsr_slave_0 entered promiscuous mode
[   63.208977][ T8337] device hsr_slave_1 entered promiscuous mode
[   63.248731][ T8337] debugfs: Directory 'hsr0' with parent '/' already present!
[   63.265645][ T8325] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   63.277648][ T8325] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   63.290513][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   63.300094][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   63.308641][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   63.316837][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   63.326127][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   63.334783][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   63.343158][ T8335] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   63.423092][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   63.432256][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   63.440963][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   63.450048][ T3007] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.457090][ T3007] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.464862][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   63.473737][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   63.482188][ T3007] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.489279][ T3007] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.496818][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   63.505800][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   63.514996][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   63.529314][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   63.537959][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   63.559441][ T8325] 8021q: adding VLAN 0 to HW filter on device batadv0
[   63.597053][ T8347] capability: warning: `syz-executor.0' uses 32-bit capabilities (legacy support in use)
[  168.578514][    C0] rcu: INFO: rcu_preempt self-detected stall on CPU
[  168.585315][    C0] rcu: 	0-...!: (10499 ticks this GP) idle=8e6/1/0x4000000000000002 softirq=10714/10714 fqs=1 
[  168.595811][    C0] 	(t=10500 jiffies g=6641 q=106)
[  168.600823][    C0] rcu: rcu_preempt kthread starved for 10497 jiffies! g6641 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  168.611914][    C0] rcu: RCU grace-period kthread stack dump:
[  168.617802][    C0] rcu_preempt     R  running task    29032    10      2 0x80004000
[  168.625692][    C0] Call Trace:
[  168.629003][    C0]  __schedule+0x9a0/0xcc0
[  168.633331][    C0]  schedule+0x181/0x210
[  168.637480][    C0]  schedule_timeout+0x14f/0x240
[  168.642321][    C0]  ? run_local_timers+0x120/0x120
[  168.647333][    C0]  rcu_gp_kthread+0xed8/0x1770
[  168.652091][    C0]  kthread+0x332/0x350
[  168.656143][    C0]  ? rcu_report_qs_rsp+0x140/0x140
[  168.661243][    C0]  ? kthread_blkcg+0xe0/0xe0
[  168.665819][    C0]  ret_from_fork+0x24/0x30
[  168.670235][    C0] NMI backtrace for cpu 0
[  168.674552][    C0] CPU: 0 PID: 8337 Comm: syz-executor.5 Not tainted 5.4.0-syzkaller #0
[  168.682783][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  168.692831][    C0] Call Trace:
[  168.696100][    C0]  <IRQ>
[  168.698940][    C0]  dump_stack+0x1fb/0x318
[  168.703289][    C0]  nmi_cpu_backtrace+0xaf/0x1a0
[  168.708157][    C0]  ? nmi_trigger_cpumask_backtrace+0x16d/0x290
[  168.714310][    C0]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  168.720544][    C0]  nmi_trigger_cpumask_backtrace+0x174/0x290
[  168.726517][    C0]  arch_trigger_cpumask_backtrace+0x10/0x20
[  168.732399][    C0]  rcu_dump_cpu_stacks+0x15a/0x220
[  168.737540][    C0]  rcu_sched_clock_irq+0xe25/0x1ad0
[  168.742727][    C0]  ? trace_hardirqs_off+0x74/0x80
[  168.747742][    C0]  update_process_times+0x12d/0x180
[  168.752931][    C0]  tick_sched_timer+0x263/0x420
[  168.757815][    C0]  ? tick_setup_sched_timer+0x3d0/0x3d0
[  168.763349][    C0]  __hrtimer_run_queues+0x403/0x840
[  168.768549][    C0]  hrtimer_interrupt+0x38c/0xda0
[  168.773515][    C0]  ? debug_smp_processor_id+0x9/0x20
[  168.778796][    C0]  smp_apic_timer_interrupt+0x109/0x280
[  168.784334][    C0]  apic_timer_interrupt+0xf/0x20
[  168.789259][    C0]  </IRQ>
[  168.792215][    C0] RIP: 0010:__sanitizer_cov_trace_pc+0x14/0x50
[  168.798359][    C0] Code: 00 00 00 48 8b 3d f4 3c cd 07 48 89 de e8 d4 01 3b 00 5b 5d c3 cc 48 8b 04 24 65 48 8b 0c 25 c0 1d 02 00 65 8b 15 38 84 8b 7e <f7> c2 00 01 1f 00 75 2c 8b 91 80 13 00 00 83 fa 02 75 21 48 8b 91
[  168.817946][    C0] RSP: 0018:ffffc90002747250 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[  168.826342][    C0] RAX: ffffffff81487326 RBX: ffffea00024588c0 RCX: ffff888092ab4100
[  168.834299][    C0] RDX: 0000000000000001 RSI: 00000000fffffffc RDI: ffffea00024588c0
[  168.842256][    C0] RBP: ffffc90002747278 R08: 000000000003a728 R09: fffffbfff120248a
[  168.850214][    C0] R10: fffffbfff120248a R11: 0000000000000000 R12: ffff88808aa659a0
[  168.858168][    C0] R13: dffffc0000000000 R14: 00000000fffffffc R15: ffff8880988217e8
[  168.867094][    C0]  ? mod_memcg_page_state+0x16/0x190
[  168.872371][    C0]  ? mod_memcg_page_state+0x16/0x190
[  168.877646][    C0]  free_thread_stack+0x168/0x590
[  168.882586][    C0]  put_task_stack+0xa3/0x130
[  168.887161][    C0]  finish_task_switch+0x3f1/0x550
[  168.892214][    C0]  __schedule+0x9a8/0xcc0
[  168.896543][    C0]  preempt_schedule_irq+0xc1/0x140
[  168.901645][    C0]  retint_kernel+0x1b/0x2b
[  168.906070][    C0] RIP: 0010:batadv_hardif_get_by_netdev+0x105/0x3f0
[  168.912639][    C0] Code: e8 03 48 89 45 c0 49 c7 c5 78 70 dd 8a 4c 89 65 b8 eb 07 66 90 e8 bb 35 a4 f9 49 8d 5f 18 48 89 d8 48 c1 e8 03 42 80 3c 30 00 <74> 08 48 89 df e8 21 ab df f9 4c 39 23 74 0c e8 97 35 a4 f9 e9 58
[  168.932243][    C0] RSP: 0018:ffffc900027474d8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff02
[  168.940656][    C0] RAX: 1ffff1100ebe9003 RBX: ffff888075f48018 RCX: ffff888092ab4100
[  168.948704][    C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff8880aed37e20
[  168.956660][    C0] RBP: ffffc90002747520 R08: dffffc0000000000 R09: ffffed1015da6fc5
[  168.964615][    C0] R10: ffffed1015da6fc5 R11: 0000000000000000 R12: ffff8880902d8000
[  168.972584][    C0] R13: ffffffff8add7078 R14: dffffc0000000000 R15: ffff888075f48000
[  168.980566][    C0]  ? batadv_hardif_get_by_netdev+0xf5/0x3f0
[  168.986451][    C0]  batadv_hard_if_event+0x89/0xf10
[  168.991548][    C0]  ? cfusbl_device_notify+0xd0/0x6c0
[  168.996818][    C0]  ? lowpan_event+0xca/0x6c0
[  169.001392][    C0]  ? smc_pnet_netdev_event+0x1ec/0x2f0
[  169.006839][    C0]  raw_notifier_call_chain+0xec/0x190
[  169.012201][    C0]  register_netdevice+0xf70/0x1830
[  169.017310][    C0]  nsim_create+0x1d4/0x230
[  169.021715][    C0]  __nsim_dev_port_add+0x289/0x4d0
[  169.026811][    C0]  ? debugfs_create_file_unsafe+0x4a/0x60
[  169.032517][    C0]  ? nsim_bpf_dev_init+0x1eb/0x220
[  169.037627][    C0]  nsim_dev_probe+0xb55/0xef0
[  169.042306][    C0]  nsim_bus_probe+0x15/0x20
[  169.046792][    C0]  really_probe+0x71c/0xf40
[  169.051284][    C0]  driver_probe_device+0xfc/0x260
[  169.056293][    C0]  ? parse_option_str+0x1bf/0x200
[  169.061305][    C0]  __device_attach_driver+0x336/0x3f0
[  169.066747][    C0]  ? coredump_store+0x90/0x90
[  169.071416][    C0]  bus_for_each_drv+0x12b/0x180
[  169.076260][    C0]  __device_attach+0x1ea/0x390
[  169.081190][    C0]  device_initial_probe+0x1a/0x20
[  169.086214][    C0]  bus_probe_device+0xb9/0x1f0
[  169.090965][    C0]  device_add+0x1710/0x1ad0
[  169.095473][    C0]  device_register+0x1d/0x20
[  169.100047][    C0]  new_device_store+0x286/0x510
[  169.104882][    C0]  ? nsim_num_vf+0x50/0x50
[  169.109304][    C0]  bus_attr_store+0x78/0x90
[  169.113795][    C0]  ? bus_attr_show+0x90/0x90
[  169.118387][    C0]  sysfs_kf_write+0x281/0x2f0
[  169.123060][    C0]  ? sysfs_kf_read+0x370/0x370
[  169.128763][    C0]  kernfs_fop_write+0x3e4/0x4e0
[  169.133600][    C0]  ? kernfs_fop_read+0x580/0x580
[  169.138524][    C0]  __vfs_write+0xb8/0x740
[  169.142933][    C0]  ? rcu_read_lock_any_held+0x13d/0x1a0
[  169.148462][    C0]  ? __sb_start_write+0x382/0x430
[  169.153491][    C0]  vfs_write+0x275/0x590
[  169.157724][    C0]  ksys_write+0x117/0x220
[  169.162044][    C0]  __x64_sys_write+0x7b/0x90
[  169.166620][    C0]  do_syscall_64+0xf7/0x1c0
[  169.171126][    C0]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  169.177003][    C0] RIP: 0033:0x414130
[  169.180905][    C0] Code: b0 89 c8 f7 d8 eb ed b8 6e 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 83 3d 3d 43 66 00 00 75 14 b8 01 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 c4 1b 00 00 c3 48 83 ec 08 e8 ca fc ff ff
[  169.200598][    C0] RSP: 002b:00007ffcc9191d38 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  169.209002][    C0] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000414130
[  169.216959][    C0] RDX: 0000000000000003 RSI: 00007ffcc9191d60 RDI: 0000000000000004
[  169.224943][    C0] RBP: 00007ffcc9191d60 R08: 0000000000000000 R09: 0000000000000003
[  169.232897][    C0] R10: 0000000000000075 R11: 0000000000000246 R12: 00000000004bfc97
[  169.240855][    C0] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000