[ 43.433039][ T26] audit: type=1800 audit(1575362526.045:26): pid=8025 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 43.480938][ T26] audit: type=1800 audit(1575362526.055:27): pid=8025 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 43.523697][ T26] audit: type=1800 audit(1575362526.055:28): pid=8025 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 44.372222][ T26] audit: type=1800 audit(1575362527.005:29): pid=8025 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.226' (ECDSA) to the list of known hosts. 2019/12/03 08:42:14 fuzzer started 2019/12/03 08:42:16 dialing manager at 10.128.0.26:38907 2019/12/03 08:42:16 syscalls: 2697 2019/12/03 08:42:16 code coverage: enabled 2019/12/03 08:42:16 comparison tracing: enabled 2019/12/03 08:42:16 extra coverage: extra coverage is not supported by the kernel 2019/12/03 08:42:16 setuid sandbox: enabled 2019/12/03 08:42:16 namespace sandbox: enabled 2019/12/03 08:42:16 Android sandbox: /sys/fs/selinux/policy does not exist 2019/12/03 08:42:16 fault injection: enabled 2019/12/03 08:42:16 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/12/03 08:42:16 net packet injection: enabled 2019/12/03 08:42:16 net device setup: enabled 2019/12/03 08:42:16 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2019/12/03 08:42:16 devlink PCI setup: PCI device 0000:00:10.0 is not available 08:42:17 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c00000004080501ff7dd6a57effff110a00cfbc0c00030084ffffff7d0a00e30b00020000060000001104a6"], 0x2c}}, 0x0) 08:42:17 executing program 1: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x111}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {}, 0x0, 0xa0010000}}}, 0x90) syzkaller login: [ 55.087404][ T8187] IPVS: ftp: loaded support on port[0] = 21 08:42:17 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000f40ff8)=[{0x6}]}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) dup2(r4, r0) [ 55.247262][ T8190] IPVS: ftp: loaded support on port[0] = 21 [ 55.256853][ T8187] chnl_net:caif_netlink_parms(): no params data found [ 55.319522][ T8187] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.342038][ T8187] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.369995][ T8187] device bridge_slave_0 entered promiscuous mode [ 55.412429][ T8187] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.419537][ T8187] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.436027][ T8187] device bridge_slave_1 entered promiscuous mode [ 55.498217][ T8192] IPVS: ftp: loaded support on port[0] = 21 [ 55.508334][ T8187] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.535466][ T8190] chnl_net:caif_netlink_parms(): no params data found 08:42:18 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000015000400080000003d0301000000000095000000000000006916020000000000bf67000000000000170600000fff070067060000020000001606000007000000bf050000000000000f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000000500000000000000950000000000000032ed3c5be95e5db67754bb12dc8c27df8ecf264e0f84f9ed7a1b142f84f17d3c30e3c72fe9755ba08508460b603daf5a7d1dbdd2d17f2f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fe9de56c9d8a814261bdb94a6538b89dc6c60bf70d742a81b72bab8395fa44810b5b9088f54ed1f18e2c"], &(0x7f0000000100)='GPL\x00'}, 0x48) [ 55.545383][ T8187] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.638454][ T8187] team0: Port device team_slave_0 added [ 55.674670][ T8190] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.683421][ T8190] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.692334][ T8190] device bridge_slave_0 entered promiscuous mode [ 55.702176][ T8187] team0: Port device team_slave_1 added [ 55.715965][ T8195] IPVS: ftp: loaded support on port[0] = 21 [ 55.720940][ T8190] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.729547][ T8190] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.738715][ T8190] device bridge_slave_1 entered promiscuous mode [ 55.806619][ T8190] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link 08:42:18 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) poll(0x0, 0x0, 0x1) [ 55.872652][ T8187] device hsr_slave_0 entered promiscuous mode [ 55.931726][ T8187] device hsr_slave_1 entered promiscuous mode [ 55.973807][ T8192] chnl_net:caif_netlink_parms(): no params data found [ 55.994153][ T8190] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.067968][ T8190] team0: Port device team_slave_0 added [ 56.097153][ T8192] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.119783][ T8192] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.127862][ T8192] device bridge_slave_0 entered promiscuous mode [ 56.144801][ T8190] team0: Port device team_slave_1 added 08:42:18 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x10, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x5b}]}, &(0x7f0000000140)='syzkaller\x00', 0x1, 0xfb, &(0x7f00001a7f05)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 56.170618][ T8192] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.178235][ T8192] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.186379][ T8192] device bridge_slave_1 entered promiscuous mode [ 56.208166][ T8199] IPVS: ftp: loaded support on port[0] = 21 [ 56.214382][ T8187] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 56.271920][ T8187] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 56.344690][ T8192] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.359383][ T8192] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.378428][ T8187] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 56.472816][ T8190] device hsr_slave_0 entered promiscuous mode [ 56.510862][ T8190] device hsr_slave_1 entered promiscuous mode [ 56.580088][ T8190] debugfs: Directory 'hsr0' with parent '/' already present! [ 56.593054][ T8192] team0: Port device team_slave_0 added [ 56.601699][ T8192] team0: Port device team_slave_1 added [ 56.607552][ T8187] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 56.667134][ T8195] chnl_net:caif_netlink_parms(): no params data found [ 56.687845][ T8201] IPVS: ftp: loaded support on port[0] = 21 [ 56.753275][ T8192] device hsr_slave_0 entered promiscuous mode [ 56.790895][ T8192] device hsr_slave_1 entered promiscuous mode [ 56.829771][ T8192] debugfs: Directory 'hsr0' with parent '/' already present! [ 56.884030][ T8195] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.891346][ T8195] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.899964][ T8195] device bridge_slave_0 entered promiscuous mode [ 56.907811][ T8190] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 56.973966][ T8190] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 57.036574][ T8195] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.044406][ T8195] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.052295][ T8195] device bridge_slave_1 entered promiscuous mode [ 57.066373][ T8190] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 57.139111][ T8195] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.155983][ T8190] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 57.219146][ T8195] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.231304][ T8192] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 57.262914][ T8192] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 57.322120][ T8192] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 57.407178][ T8192] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 57.482074][ T8195] team0: Port device team_slave_0 added [ 57.491808][ T8199] chnl_net:caif_netlink_parms(): no params data found [ 57.518700][ T8195] team0: Port device team_slave_1 added [ 57.563605][ T8201] chnl_net:caif_netlink_parms(): no params data found [ 57.594001][ T8187] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.619908][ T8199] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.627056][ T8199] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.637932][ T8199] device bridge_slave_0 entered promiscuous mode [ 57.647729][ T8199] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.655229][ T8199] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.663137][ T8199] device bridge_slave_1 entered promiscuous mode [ 57.732403][ T8195] device hsr_slave_0 entered promiscuous mode [ 57.770251][ T8195] device hsr_slave_1 entered promiscuous mode [ 57.809850][ T8195] debugfs: Directory 'hsr0' with parent '/' already present! [ 57.824513][ T8187] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.852856][ T8201] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.860582][ T8201] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.868281][ T8201] device bridge_slave_0 entered promiscuous mode [ 57.885437][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.893833][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.918818][ T8190] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.926790][ T8201] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.935488][ T8201] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.943426][ T8201] device bridge_slave_1 entered promiscuous mode [ 57.951124][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.959606][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.968511][ T8203] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.975689][ T8203] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.983596][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.992627][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.001000][ T8203] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.008041][ T8203] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.015668][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 58.024164][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 58.032934][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.046644][ T8199] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.066055][ T2707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 58.075267][ T2707] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 58.084057][ T2707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 58.093650][ T2707] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 58.103558][ T2707] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 58.126072][ T8199] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.148544][ T8187] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 58.161389][ T8187] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 58.176039][ T8201] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.189021][ T8201] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.207870][ T8199] team0: Port device team_slave_0 added [ 58.215998][ T8199] team0: Port device team_slave_1 added [ 58.224579][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 58.233082][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.242406][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 58.251423][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.267746][ T8195] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 58.323750][ T8195] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 58.375062][ T8195] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 58.443073][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 58.451230][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 58.459126][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.475255][ T8201] team0: Port device team_slave_0 added [ 58.487695][ T8190] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.497829][ T8195] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 58.576626][ T8201] team0: Port device team_slave_1 added [ 58.623513][ T8201] device hsr_slave_0 entered promiscuous mode [ 58.660180][ T8201] device hsr_slave_1 entered promiscuous mode [ 58.719895][ T8201] debugfs: Directory 'hsr0' with parent '/' already present! [ 58.736280][ T8192] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.783112][ T8199] device hsr_slave_0 entered promiscuous mode [ 58.820209][ T8199] device hsr_slave_1 entered promiscuous mode [ 58.859922][ T8199] debugfs: Directory 'hsr0' with parent '/' already present! [ 58.870166][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 58.878712][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.891839][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.898912][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.906975][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 58.915703][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.924177][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.931347][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.938844][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 58.946813][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 58.959473][ T8187] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.976575][ T8192] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.000765][ T8196] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 59.008649][ T8196] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 59.018218][ T8196] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 59.026858][ T8196] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.035088][ T8196] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.042941][ T8196] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 59.052503][ T8196] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 59.061071][ T8196] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.068110][ T8196] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.076290][ T8196] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 59.099251][ T8199] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 59.149555][ T8199] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 59.205961][ T8199] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 59.252351][ T8199] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 59.281158][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 59.289907][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 59.298206][ T8203] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.305294][ T8203] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.312803][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 59.321726][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 59.330983][ T8203] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 59.344882][ T8201] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 59.430350][ T8201] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 59.472061][ T8201] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 59.590778][ T8210] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 59.599104][ T8210] netlink: 'syz-executor.0': attribute type 2 has an invalid length. [ 164.469643][ C1] rcu: INFO: rcu_preempt self-detected stall on CPU [ 164.476409][ C1] rcu: 1-...!: (10499 ticks this GP) idle=23a/1/0x4000000000000002 softirq=11618/11618 fqs=7 [ 164.486887][ C1] (t=10501 jiffies g=6341 q=53) [ 164.491816][ C1] rcu: rcu_preempt kthread starved for 10488 jiffies! g6341 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 164.502968][ C1] rcu: RCU grace-period kthread stack dump: [ 164.512415][ C1] rcu_preempt R running task 29032 10 2 0x80004000 [ 164.520307][ C1] Call Trace: [ 164.523594][ C1] __schedule+0x9a0/0xcc0 [ 164.527924][ C1] schedule+0x181/0x210 [ 164.532201][ C1] schedule_timeout+0x14f/0x240 [ 164.537043][ C1] ? run_local_timers+0x120/0x120 [ 164.542070][ C1] rcu_gp_kthread+0xed8/0x1770 [ 164.546839][ C1] kthread+0x332/0x350 [ 164.550898][ C1] ? rcu_report_qs_rsp+0x140/0x140 [ 164.556000][ C1] ? kthread_blkcg+0xe0/0xe0 [ 164.560577][ C1] ret_from_fork+0x24/0x30 [ 164.564996][ C1] NMI backtrace for cpu 1 [ 164.569335][ C1] CPU: 1 PID: 28 Comm: kworker/u4:2 Not tainted 5.4.0-syzkaller #0 [ 164.577252][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 164.587302][ C1] Workqueue: events_unbound fsnotify_connector_destroy_workfn [ 164.594739][ C1] Call Trace: [ 164.598010][ C1] [ 164.600848][ C1] dump_stack+0x1fb/0x318 [ 164.605168][ C1] nmi_cpu_backtrace+0xaf/0x1a0 [ 164.610003][ C1] ? nmi_trigger_cpumask_backtrace+0x16d/0x290 [ 164.616170][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 164.622224][ C1] nmi_trigger_cpumask_backtrace+0x174/0x290 [ 164.628193][ C1] arch_trigger_cpumask_backtrace+0x10/0x20 [ 164.634193][ C1] rcu_dump_cpu_stacks+0x15a/0x220 [ 164.639333][ C1] rcu_sched_clock_irq+0xe25/0x1ad0 [ 164.644559][ C1] ? trace_hardirqs_off+0x74/0x80 [ 164.649681][ C1] update_process_times+0x12d/0x180 [ 164.654896][ C1] tick_sched_timer+0x263/0x420 [ 164.659769][ C1] ? tick_setup_sched_timer+0x3d0/0x3d0 [ 164.665310][ C1] __hrtimer_run_queues+0x403/0x840 [ 164.670534][ C1] hrtimer_interrupt+0x38c/0xda0 [ 164.675659][ C1] ? debug_smp_processor_id+0x9/0x20 [ 164.681024][ C1] smp_apic_timer_interrupt+0x109/0x280 [ 164.686561][ C1] apic_timer_interrupt+0xf/0x20 [ 164.691499][ C1] [ 164.694551][ C1] RIP: 0010:mod_memcg_page_state+0x11e/0x190 [ 164.700522][ C1] Code: c7 28 96 0a 89 e8 f2 9e 69 00 48 83 3d 12 22 c2 07 00 74 70 e8 e3 27 2e 00 4c 89 ff 57 9d 0f 1f 44 00 00 e8 f4 c2 33 00 eb 43 cd 27 2e 00 eb 3c e8 86 c0 33 00 48 c7 c0 28 96 0a 89 48 c1 e8 [ 164.720206][ C1] RSP: 0018:ffffc90000e378d8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 164.728605][ C1] RAX: 1ffffd40004b8527 RBX: 0000000000000000 RCX: ffff8880a9878080 [ 164.736563][ C1] RDX: 0000000000000000 RSI: 00000000fffffffc RDI: ffffea00025c2900 [ 164.744555][ C1] RBP: ffffc90000e378f8 R08: 000000000003a768 R09: ffffed1014e02f37 [ 164.752518][ C1] R10: ffffed1014e02f37 R11: 0000000000000000 R12: dffffc0000000000 [ 164.760478][ C1] R13: dffffc0000000000 R14: 00000000fffffffc R15: ffff8880a70179a8 [ 164.768460][ C1] ? mod_memcg_page_state+0x16/0x190 [ 164.773819][ C1] free_thread_stack+0x168/0x590 [ 164.778756][ C1] put_task_stack+0xa3/0x130 [ 164.783593][ C1] finish_task_switch+0x3f1/0x550 [ 164.788608][ C1] __schedule+0x9a8/0xcc0 [ 164.792930][ C1] ? ___preempt_schedule+0x16/0x18 [ 164.798026][ C1] preempt_schedule+0xdb/0x120 [ 164.802776][ C1] ___preempt_schedule+0x16/0x18 [ 164.807699][ C1] _raw_spin_unlock_irqrestore+0xcc/0xe0 [ 164.813317][ C1] __call_srcu+0x7ab/0xb00 [ 164.817742][ C1] __synchronize_srcu+0x1cf/0x260 [ 164.822750][ C1] ? rcu_read_lock_any_held+0x1a0/0x1a0 [ 164.828297][ C1] synchronize_srcu+0x2cb/0x2f0 [ 164.833139][ C1] fsnotify_connector_destroy_workfn+0x44/0xb0 [ 164.839282][ C1] process_one_work+0x7ef/0x10d0 [ 164.844217][ C1] worker_thread+0xc01/0x1630 [ 164.848902][ C1] kthread+0x332/0x350 [ 164.852953][ C1] ? rcu_lock_release+0x30/0x30 [ 164.857790][ C1] ? kthread_blkcg+0xe0/0xe0 [ 164.862369][ C1] ret_from_fork+0x24/0x30