Warning: Permanently added '10.128.10.48' (ECDSA) to the list of known hosts. 2019/12/04 01:37:17 fuzzer started 2019/12/04 01:37:19 dialing manager at 10.128.0.26:42111 2019/12/04 01:37:19 syscalls: 2689 2019/12/04 01:37:19 code coverage: enabled 2019/12/04 01:37:19 comparison tracing: enabled 2019/12/04 01:37:19 extra coverage: extra coverage is not supported by the kernel 2019/12/04 01:37:19 setuid sandbox: enabled 2019/12/04 01:37:19 namespace sandbox: enabled 2019/12/04 01:37:19 Android sandbox: /sys/fs/selinux/policy does not exist 2019/12/04 01:37:19 fault injection: enabled 2019/12/04 01:37:19 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/12/04 01:37:19 net packet injection: enabled 2019/12/04 01:37:19 net device setup: enabled 2019/12/04 01:37:19 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2019/12/04 01:37:19 devlink PCI setup: PCI device 0000:00:10.0 is not available 01:37:20 executing program 0: r0 = socket$inet6(0xa, 0x6, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000240)={{{@in=@multicast1, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}}}, 0xe8) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @ipv4={[], [], @dev}}, 0x1c) 01:37:20 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x1) ioctl$FIONREAD(r0, 0x5412, &(0x7f0000000100)) syzkaller login: [ 59.950043][ T8308] IPVS: ftp: loaded support on port[0] = 21 01:37:20 executing program 2: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x8229b6545c5f4b19, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x303) socket$kcm(0xa, 0x100000006, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x541b, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x890b, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) perf_event_open(&(0x7f0000000500)={0x0, 0x70, 0x8, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x0, 0x9}, 0x0, 0x0, 0x800, 0x3, 0x0, 0x0, 0x800}, 0x0, 0x0, 0xffffffffffffffff, 0x2) r2 = getpid() perf_event_open(&(0x7f0000000500)={0x0, 0x70, 0x8, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x9, 0x9}, 0x14522, 0xfffffffffffffffb, 0x800, 0x3, 0x2, 0x0, 0x800}, r2, 0x8, 0xffffffffffffffff, 0x2) sendmsg$kcm(r1, &(0x7f0000000240)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0xf]}, 0x14}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='\f', 0x1}], 0x1}, 0xfec0) [ 60.123951][ T8308] chnl_net:caif_netlink_parms(): no params data found [ 60.132405][ T8311] IPVS: ftp: loaded support on port[0] = 21 [ 60.233592][ T8308] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.241210][ T8308] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.262295][ T8308] device bridge_slave_0 entered promiscuous mode [ 60.298918][ T8308] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.312602][ T8308] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.320510][ T8308] device bridge_slave_1 entered promiscuous mode [ 60.360634][ T8311] chnl_net:caif_netlink_parms(): no params data found [ 60.373630][ T8313] IPVS: ftp: loaded support on port[0] = 21 [ 60.396669][ T8308] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link 01:37:21 executing program 3: r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f00001c0000/0x2000)=nil, 0x2000, 0x0, 0x40006011, r0, 0x0) madvise(&(0x7f00001c1000/0x1000)=nil, 0x1000, 0xb) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 60.434784][ T8308] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.489038][ T8308] team0: Port device team_slave_0 added [ 60.521344][ T8308] team0: Port device team_slave_1 added [ 60.566892][ T8311] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.576839][ T8311] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.586653][ T8311] device bridge_slave_0 entered promiscuous mode [ 60.635323][ T8308] device hsr_slave_0 entered promiscuous mode 01:37:21 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x20, 0x23, 0x119, 0x0, 0x0, {0x2}, [@nested={0xc, 0x1, [@typed={0x8, 0x0, @ipv4=@loopback}]}]}, 0x20}}, 0x0) [ 60.712806][ T8308] device hsr_slave_1 entered promiscuous mode [ 60.783993][ T8311] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.791107][ T8311] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.812484][ T8311] device bridge_slave_1 entered promiscuous mode [ 60.841086][ T8316] IPVS: ftp: loaded support on port[0] = 21 [ 60.896049][ T8318] IPVS: ftp: loaded support on port[0] = 21 01:37:21 executing program 5: clone(0x41fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000000)) ptrace(0x10, r0) ptrace$getregset(0x420e, r0, 0x0, 0x0) [ 60.940617][ T8311] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.996690][ T8311] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.008277][ T8308] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 61.053936][ T8313] chnl_net:caif_netlink_parms(): no params data found [ 61.077786][ T8308] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 61.116671][ T8308] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 61.168632][ T8321] IPVS: ftp: loaded support on port[0] = 21 [ 61.172765][ T8311] team0: Port device team_slave_0 added [ 61.185982][ T8308] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 61.243841][ T8311] team0: Port device team_slave_1 added [ 61.266686][ T8313] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.275343][ T8313] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.283078][ T8313] device bridge_slave_0 entered promiscuous mode [ 61.303944][ T8313] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.311047][ T8313] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.319949][ T8313] device bridge_slave_1 entered promiscuous mode [ 61.387223][ T8313] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.444300][ T8311] device hsr_slave_0 entered promiscuous mode [ 61.482008][ T8311] device hsr_slave_1 entered promiscuous mode [ 61.521763][ T8311] debugfs: Directory 'hsr0' with parent '/' already present! [ 61.539691][ T8318] chnl_net:caif_netlink_parms(): no params data found [ 61.556640][ T8313] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.596651][ T8313] team0: Port device team_slave_0 added [ 61.604168][ T8313] team0: Port device team_slave_1 added [ 61.694331][ T8313] device hsr_slave_0 entered promiscuous mode [ 61.751880][ T8313] device hsr_slave_1 entered promiscuous mode [ 61.801876][ T8313] debugfs: Directory 'hsr0' with parent '/' already present! [ 61.812476][ T8311] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 61.887048][ T8318] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.894680][ T8318] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.902936][ T8318] device bridge_slave_0 entered promiscuous mode [ 61.911480][ T8318] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.920177][ T8318] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.928344][ T8318] device bridge_slave_1 entered promiscuous mode [ 61.938824][ T8311] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 61.989614][ T8311] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 62.055377][ T8318] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.065912][ T8311] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 62.136002][ T8318] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.145252][ T8316] chnl_net:caif_netlink_parms(): no params data found [ 62.173931][ T8313] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 62.240737][ T8308] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.260476][ T8313] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 62.307672][ T8313] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 62.366103][ T8313] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 62.434856][ T8318] team0: Port device team_slave_0 added [ 62.448162][ T8321] chnl_net:caif_netlink_parms(): no params data found [ 62.467740][ T8318] team0: Port device team_slave_1 added [ 62.476147][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.484933][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.504780][ T8308] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.527015][ T8316] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.534644][ T8316] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.542402][ T8316] device bridge_slave_0 entered promiscuous mode [ 62.550306][ T8316] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.557494][ T8316] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.565601][ T8316] device bridge_slave_1 entered promiscuous mode [ 62.615491][ T8318] device hsr_slave_0 entered promiscuous mode [ 62.662017][ T8318] device hsr_slave_1 entered promiscuous mode [ 62.721884][ T8318] debugfs: Directory 'hsr0' with parent '/' already present! [ 62.748416][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 62.757649][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 62.766253][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.773743][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.807958][ T8321] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.815922][ T8321] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.824645][ T8321] device bridge_slave_0 entered promiscuous mode [ 62.833145][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 62.840895][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 62.849672][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 62.857999][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.865173][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.873657][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 62.882282][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 62.892511][ T8316] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.909256][ T8316] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.938246][ T8321] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.945383][ T8321] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.954304][ T8321] device bridge_slave_1 entered promiscuous mode [ 62.967163][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 62.976577][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 62.985111][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 62.993825][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 63.002584][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 63.010722][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 63.019077][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 63.034352][ T8318] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 63.074819][ T8318] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 63.132126][ T8318] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 63.179207][ T8321] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.191709][ T8321] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.203278][ T8318] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 63.236647][ T8316] team0: Port device team_slave_0 added [ 63.252609][ T8308] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 63.265030][ T8308] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 63.280547][ T8316] team0: Port device team_slave_1 added [ 63.294758][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 63.303575][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 63.330723][ T8313] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.344938][ T8321] team0: Port device team_slave_0 added [ 63.356677][ T8311] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.371375][ T8321] team0: Port device team_slave_1 added [ 63.389630][ T8326] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 63.397833][ T8326] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 63.405522][ T8326] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.414027][ T8326] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.427411][ T8311] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.484366][ T8321] device hsr_slave_0 entered promiscuous mode [ 63.522089][ T8321] device hsr_slave_1 entered promiscuous mode [ 63.572285][ T8321] debugfs: Directory 'hsr0' with parent '/' already present! [ 63.585083][ T8326] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.593398][ T8326] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.604283][ T8313] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.616263][ T8308] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.685562][ T8316] device hsr_slave_0 entered promiscuous mode [ 63.722723][ T8316] device hsr_slave_1 entered promiscuous mode [ 63.761776][ T8316] debugfs: Directory 'hsr0' with parent '/' already present! [ 63.770618][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 63.779441][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.787876][ T44] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.794938][ T44] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.852425][ T3208] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 63.860179][ T3208] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 63.869825][ T3208] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.878806][ T3208] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.885893][ T3208] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.893977][ T3208] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 63.902926][ T3208] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 63.911382][ T3208] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.919824][ T3208] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.926883][ T3208] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.934950][ T3208] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 63.943928][ T3208] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 63.952554][ T3208] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.960803][ T3208] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.967883][ T3208] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.975922][ T3208] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 63.985129][ T3208] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 64.038332][ T3208] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 64.047273][ T3208] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 64.056722][ T3208] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 64.065477][ T3208] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 169.041569][ C0] rcu: INFO: rcu_preempt self-detected stall on CPU [ 169.048334][ C0] rcu: 0-...!: (10499 ticks this GP) idle=166/1/0x4000000000000002 softirq=11549/11549 fqs=1 [ 169.058808][ C0] (t=10500 jiffies g=6577 q=31) [ 169.063734][ C0] rcu: rcu_preempt kthread starved for 10498 jiffies! g6577 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1 [ 169.075107][ C0] rcu: RCU grace-period kthread stack dump: [ 169.080983][ C0] rcu_preempt I29104 10 2 0x80004000 [ 169.087309][ C0] Call Trace: [ 169.090593][ C0] __schedule+0x9a0/0xcc0 [ 169.095098][ C0] schedule+0x181/0x210 [ 169.099272][ C0] schedule_timeout+0x14f/0x240 [ 169.104129][ C0] ? run_local_timers+0x120/0x120 [ 169.109281][ C0] rcu_gp_kthread+0xed8/0x1770 [ 169.114137][ C0] kthread+0x332/0x350 [ 169.118201][ C0] ? rcu_report_qs_rsp+0x140/0x140 [ 169.123331][ C0] ? kthread_blkcg+0xe0/0xe0 [ 169.127929][ C0] ret_from_fork+0x24/0x30 [ 169.132381][ C0] NMI backtrace for cpu 0 [ 169.136708][ C0] CPU: 0 PID: 8331 Comm: udevd Not tainted 5.4.0-syzkaller #0 [ 169.144144][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 169.154336][ C0] Call Trace: [ 169.157618][ C0] [ 169.160464][ C0] dump_stack+0x1fb/0x318 [ 169.164901][ C0] nmi_cpu_backtrace+0xaf/0x1a0 [ 169.169762][ C0] ? nmi_trigger_cpumask_backtrace+0x16d/0x290 [ 169.175927][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 169.182016][ C0] nmi_trigger_cpumask_backtrace+0x174/0x290 [ 169.188015][ C0] arch_trigger_cpumask_backtrace+0x10/0x20 [ 169.193906][ C0] rcu_dump_cpu_stacks+0x15a/0x220 [ 169.199038][ C0] rcu_sched_clock_irq+0xe25/0x1ad0 [ 169.204238][ C0] ? trace_hardirqs_off+0x74/0x80 [ 169.209259][ C0] update_process_times+0x12d/0x180 [ 169.214599][ C0] tick_sched_timer+0x263/0x420 [ 169.219449][ C0] ? tick_setup_sched_timer+0x3d0/0x3d0 [ 169.224990][ C0] __hrtimer_run_queues+0x403/0x840 [ 169.230202][ C0] hrtimer_interrupt+0x38c/0xda0 [ 169.235256][ C0] ? debug_smp_processor_id+0x9/0x20 [ 169.240542][ C0] smp_apic_timer_interrupt+0x109/0x280 [ 169.246122][ C0] apic_timer_interrupt+0xf/0x20 [ 169.251049][ C0] [ 169.253986][ C0] RIP: 0010:mod_memcg_page_state+0xa/0x190 [ 169.259962][ C0] Code: e8 0b 29 2e 00 eb 05 e8 04 29 2e 00 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 54 <53> 41 89 f6 48 89 fb e8 da 28 2e 00 48 83 c3 38 48 89 d8 48 c1 e8 [ 169.279689][ C0] RSP: 0018:ffffc90002027e18 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 169.288102][ C0] RAX: 1ffff11014d3d971 RBX: ffff8880a69ecb88 RCX: 0000000000000000 [ 169.298260][ C0] RDX: 0000000000000000 RSI: 00000000fffffffc RDI: ffffea0002808b00 [ 169.306239][ C0] RBP: ffffc90002027e30 R08: dffffc0000000000 R09: fffffbfff12877ed [ 169.314338][ C0] R10: fffffbfff12877ed R11: 0000000000000000 R12: ffff8880a69ecc20 [ 169.322857][ C0] R13: dffffc0000000000 R14: 1ffff11014d3d984 R15: ffff888093a6b728 [ 169.330863][ C0] free_thread_stack+0x168/0x590 [ 169.335806][ C0] put_task_stack+0xa3/0x130 [ 169.340425][ C0] finish_task_switch+0x3f1/0x550 [ 169.345452][ C0] schedule_tail+0x20/0x1a0 [ 169.349953][ C0] ret_from_fork+0x8/0x30 [ 169.354287][ C0] RIP: 0033:0x7f75ee926f46 [ 169.358709][ C0] Code: Bad RIP value. [ 169.363898][ C0] RSP: 002b:00007ffdbf5865e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 169.372423][ C0] RAX: 0000000000000000 RBX: 00007ffdbf5865e0 RCX: 00007f75ee926f46 [ 169.380403][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 169.388375][ C0] RBP: 00007ffdbf586640 R08: 0000000000002057 R09: 0000000000002057 [ 169.396452][ C0] R10: 00007f75ef243a70 R11: 0000000000000246 R12: 0000000000000000 [ 169.404531][ C0] R13: 00007ffdbf586600 R14: 0000000000000005 R15: 0000000000000005