[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   49.048961][   T23] audit: type=1800 audit(1578464422.892:25): pid=8319 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   49.067999][   T23] audit: type=1800 audit(1578464422.892:26): pid=8319 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   49.104569][   T23] audit: type=1800 audit(1578464422.902:27): pid=8319 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.246' (ECDSA) to the list of known hosts.
2020/01/08 06:20:34 fuzzer started
2020/01/08 06:20:36 dialing manager at 10.128.0.26:35703
2020/01/08 06:20:36 syscalls: 2824
2020/01/08 06:20:36 code coverage: enabled
2020/01/08 06:20:36 comparison tracing: enabled
2020/01/08 06:20:36 extra coverage: enabled
2020/01/08 06:20:36 setuid sandbox: enabled
2020/01/08 06:20:36 namespace sandbox: enabled
2020/01/08 06:20:36 Android sandbox: /sys/fs/selinux/policy does not exist
2020/01/08 06:20:36 fault injection: enabled
2020/01/08 06:20:36 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2020/01/08 06:20:36 net packet injection: enabled
2020/01/08 06:20:36 net device setup: enabled
2020/01/08 06:20:36 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2020/01/08 06:20:36 devlink PCI setup: PCI device 0000:00:10.0 is not available
06:20:37 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000080)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x61, 0x54}}, &(0x7f0000281ffc)='GPL\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000001c0)={r0, 0x0, 0x36, 0x0, &(0x7f0000000180)="5c71f905cac493551b2ac06c86dddd50d164954a635985a9c6d9a07bf248038e72a6b7cc5f27488be4946d267a5a0236cbdd1b71dae0", 0x0, 0x11}, 0x28)

06:20:37 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f00000000c0)={0x7a, 0x4, [0x40000105], [0x3a]})

syzkaller login: [   63.462555][ T8485] IPVS: ftp: loaded support on port[0] = 21
[   63.629980][ T8485] chnl_net:caif_netlink_parms(): no params data found
06:20:37 executing program 2:
pipe(&(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
r3 = socket(0x11, 0x800000003, 0x8)
setsockopt$packet_buf(r3, 0x107, 0xf, &(0x7f00000001c0)="12cb96c6", 0x4)
bind(r3, &(0x7f0000000280)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000140)=ANY=[@ANYBLOB="fe010000080000000003004000000000000000000000000008"], 0x19)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfffffe14)
r4 = socket$packet(0x11, 0x2, 0x300)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
splice(r0, 0x0, r2, 0x0, 0x10005, 0x0)

[   63.692348][ T8488] IPVS: ftp: loaded support on port[0] = 21
[   63.708061][ T8485] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.733775][ T8485] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.744980][ T8485] device bridge_slave_0 entered promiscuous mode
[   63.767798][ T8485] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.784652][ T8485] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.804699][ T8485] device bridge_slave_1 entered promiscuous mode
[   63.848355][ T8485] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   63.876687][ T8485] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   63.890894][ T8490] IPVS: ftp: loaded support on port[0] = 21
[   63.913647][ T8485] team0: Port device team_slave_0 added
[   63.922415][ T8485] team0: Port device team_slave_1 added
06:20:37 executing program 3:
r0 = socket$tipc(0x1e, 0x5, 0x0)
getsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[   64.006443][ T8485] device hsr_slave_0 entered promiscuous mode
[   64.043997][ T8485] device hsr_slave_1 entered promiscuous mode
[   64.115569][ T8492] IPVS: ftp: loaded support on port[0] = 21
06:20:38 executing program 4:
r0 = socket$inet6(0xa, 0x3, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0815b5055e0bcfe87b3071")
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x2, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x179, 0x11, 0xa}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[   64.277184][ T8488] chnl_net:caif_netlink_parms(): no params data found
[   64.315816][ T8485] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   64.367131][ T8485] netdevsim netdevsim0 netdevsim1: renamed from eth1
06:20:38 executing program 5:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000012c0)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0x1000}], 0x1}, 0x0)

[   64.447597][ T8485] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   64.533763][ T8485] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   64.595932][ T8490] chnl_net:caif_netlink_parms(): no params data found
[   64.633073][ T8485] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.640255][ T8485] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.644176][ T8498] IPVS: ftp: loaded support on port[0] = 21
[   64.647913][ T8485] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.660412][ T8485] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.669881][ T8496] IPVS: ftp: loaded support on port[0] = 21
[   64.689291][ T2868] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.697371][ T2868] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.735193][ T8488] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.742307][ T8488] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.750806][ T8488] device bridge_slave_0 entered promiscuous mode
[   64.760407][ T8488] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.767602][ T8488] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.775453][ T8488] device bridge_slave_1 entered promiscuous mode
[   64.827052][ T8490] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.834454][ T8490] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.842021][ T8490] device bridge_slave_0 entered promiscuous mode
[   64.871354][ T8488] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   64.910605][ T8490] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.918408][ T8490] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.926572][ T8490] device bridge_slave_1 entered promiscuous mode
[   64.947602][ T8488] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   64.963286][ T8498] chnl_net:caif_netlink_parms(): no params data found
[   64.977181][ T8492] chnl_net:caif_netlink_parms(): no params data found
[   65.008711][ T8490] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.027188][ T8488] team0: Port device team_slave_0 added
[   65.034833][ T8490] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.060019][ T8490] team0: Port device team_slave_0 added
[   65.070076][ T8490] team0: Port device team_slave_1 added
[   65.092415][ T8488] team0: Port device team_slave_1 added
[   65.134567][ T8485] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.147895][ T8492] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.158506][ T8492] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.166249][ T8492] device bridge_slave_0 entered promiscuous mode
[   65.216433][ T8490] device hsr_slave_0 entered promiscuous mode
[   65.254755][ T8490] device hsr_slave_1 entered promiscuous mode
[   65.323826][ T8490] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   65.331771][ T8490] Cannot create hsr debugfs directory
[   65.339848][ T8498] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.347388][ T8498] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.355387][ T8498] device bridge_slave_0 entered promiscuous mode
[   65.367697][ T8498] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.374784][ T8498] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.382444][ T8498] device bridge_slave_1 entered promiscuous mode
[   65.399614][ T8492] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.409712][ T8492] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.417364][ T8492] device bridge_slave_1 entered promiscuous mode
[   65.486375][ T8488] device hsr_slave_0 entered promiscuous mode
[   65.524553][ T8488] device hsr_slave_1 entered promiscuous mode
[   65.563845][ T8488] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   65.571490][ T8488] Cannot create hsr debugfs directory
[   65.591182][ T8496] chnl_net:caif_netlink_parms(): no params data found
[   65.606233][ T8492] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.621603][ T8492] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.656115][ T8498] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.668503][ T8485] 8021q: adding VLAN 0 to HW filter on device team0
[   65.679830][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   65.688678][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   65.706020][ T8492] team0: Port device team_slave_0 added
[   65.719275][ T8498] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.742513][ T8492] team0: Port device team_slave_1 added
[   65.772212][ T8498] team0: Port device team_slave_0 added
[   65.783913][ T2737] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   65.792408][ T2737] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   65.801066][ T2737] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.808278][ T2737] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.839941][ T8498] team0: Port device team_slave_1 added
[   65.847346][ T8496] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.854963][ T8496] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.862500][ T8496] device bridge_slave_0 entered promiscuous mode
[   65.875544][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   65.886889][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   65.895313][ T2675] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.902340][ T2675] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.935763][ T8496] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.942834][ T8496] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.952098][ T8496] device bridge_slave_1 entered promiscuous mode
[   65.968643][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   65.977698][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   65.999452][ T8485] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   66.013641][ T8485] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   66.026144][ T8490] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   66.070488][ T8490] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   66.176353][ T8492] device hsr_slave_0 entered promiscuous mode
[   66.204103][ T8492] device hsr_slave_1 entered promiscuous mode
[   66.243826][ T8492] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   66.251440][ T8492] Cannot create hsr debugfs directory
[   66.268764][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   66.280716][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   66.289216][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   66.297932][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   66.306319][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   66.314540][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   66.322919][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   66.331240][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   66.339485][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   66.348191][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   66.359966][ T8490] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   66.410409][ T8496] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   66.422187][ T8496] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   66.486285][ T8498] device hsr_slave_0 entered promiscuous mode
[   66.524269][ T8498] device hsr_slave_1 entered promiscuous mode
[   66.563999][ T8498] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   66.571638][ T8498] Cannot create hsr debugfs directory
[   66.577447][ T8490] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   66.662293][ T8496] team0: Port device team_slave_0 added
[   66.673248][ T8496] team0: Port device team_slave_1 added
[   66.705248][ T8488] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   66.758314][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   66.765868][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   66.827644][ T8496] device hsr_slave_0 entered promiscuous mode
[   66.874118][ T8496] device hsr_slave_1 entered promiscuous mode
[   66.914401][ T8496] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   66.921961][ T8496] Cannot create hsr debugfs directory
[   66.932904][ T8488] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   66.977776][ T8485] 8021q: adding VLAN 0 to HW filter on device batadv0
[   67.002018][ T8488] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   67.049353][ T8488] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   67.138063][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   67.146687][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   67.209768][ T8485] device veth0_vlan entered promiscuous mode
[   67.218356][ T8492] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   67.255377][ T2841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   67.263467][ T2841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   67.297055][ T8492] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   67.354974][ T2841] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   67.362628][ T2841] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   67.379060][ T8488] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.402751][ T8492] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   67.445575][ T8485] device veth1_vlan entered promiscuous mode
[   67.455427][ T8498] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   67.507838][ T8498] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   67.559662][ T8498] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   67.619995][ T8492] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   67.692765][ T8498] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   67.735221][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   67.743196][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   67.751611][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   67.759581][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   67.770581][ T8488] 8021q: adding VLAN 0 to HW filter on device team0
[   67.778124][ T8496] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   67.818363][ T8496] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   67.882243][ T8490] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.900958][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   67.912196][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   67.939717][ T8496] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   68.022844][ T8490] 8021q: adding VLAN 0 to HW filter on device team0
[   68.034674][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   68.043288][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   68.055788][ T2868] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.062869][ T2868] bridge0: port 1(bridge_slave_0) entered forwarding state
[   68.070490][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   68.079285][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   68.087703][ T2868] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.094773][ T2868] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.102200][ T2868] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   68.120318][ T8496] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  173.143653][    C0] rcu: INFO: rcu_preempt self-detected stall on CPU
[  173.150396][    C0] rcu: 	0-....: (1 GPs behind) idle=02a/1/0x4000000000000002 softirq=12887/12889 fqs=2761 
[  173.160530][    C0] 	(t=10500 jiffies g=6469 q=252)
[  173.165546][    C0] rcu: rcu_preempt kthread starved for 4966 jiffies! g6469 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  173.176543][    C0] rcu: RCU grace-period kthread stack dump:
[  173.182503][    C0] rcu_preempt     R  running task    29104    10      2 0x80004000
[  173.190390][    C0] Call Trace:
[  173.193673][    C0]  __schedule+0x9a0/0xcc0
[  173.197999][    C0]  schedule+0x181/0x210
[  173.202144][    C0]  schedule_timeout+0x14f/0x240
[  173.206984][    C0]  ? run_local_timers+0x120/0x120
[  173.212001][    C0]  rcu_gp_kthread+0xed8/0x1770
[  173.216762][    C0]  kthread+0x332/0x350
[  173.220814][    C0]  ? rcu_report_qs_rsp+0x140/0x140
[  173.225920][    C0]  ? kthread_blkcg+0xe0/0xe0
[  173.230499][    C0]  ret_from_fork+0x24/0x30
[  173.234919][    C0] NMI backtrace for cpu 0
[  173.239235][    C0] CPU: 0 PID: 8503 Comm: syz-executor.0 Not tainted 5.5.0-rc5-syzkaller #0
[  173.247803][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  173.257847][    C0] Call Trace:
[  173.261119][    C0]  <IRQ>
[  173.263964][    C0]  dump_stack+0x1fb/0x318
[  173.268289][    C0]  nmi_cpu_backtrace+0xaf/0x1a0
[  173.273128][    C0]  ? nmi_trigger_cpumask_backtrace+0x16d/0x290
[  173.279269][    C0]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  173.285322][    C0]  nmi_trigger_cpumask_backtrace+0x174/0x290
[  173.291294][    C0]  arch_trigger_cpumask_backtrace+0x10/0x20
[  173.297172][    C0]  rcu_dump_cpu_stacks+0x15a/0x220
[  173.302277][    C0]  rcu_sched_clock_irq+0xe25/0x1ad0
[  173.307468][    C0]  ? trace_hardirqs_off+0x74/0x80
[  173.312480][    C0]  update_process_times+0x12d/0x180
[  173.317672][    C0]  tick_sched_timer+0x263/0x420
[  173.322506][    C0]  ? tick_setup_sched_timer+0x3d0/0x3d0
[  173.328038][    C0]  __hrtimer_run_queues+0x403/0x840
[  173.333242][    C0]  hrtimer_interrupt+0x38c/0xda0
[  173.338203][    C0]  ? debug_smp_processor_id+0x9/0x20
[  173.343486][    C0]  smp_apic_timer_interrupt+0x109/0x280
[  173.349024][    C0]  apic_timer_interrupt+0xf/0x20
[  173.353947][    C0]  </IRQ>
[  173.356878][    C0] RIP: 0010:__memcg_kmem_uncharge+0x6/0x1a0
[  173.362762][    C0] Code: bf ac 07 00 74 12 48 81 c3 08 02 00 00 48 89 df 4c 89 f6 e8 8c 85 ff ff 5b 41 5e 5d c3 0f 1f 80 00 00 00 00 55 48 89 e5 41 57 <41> 56 41 55 41 54 53 50 89 f3 49 89 fc 48 b8 00 00 00 00 00 fc ff
[  173.382441][    C0] RSP: 0018:ffffc90002647870 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[  173.390842][    C0] RAX: ffffffff81489244 RBX: ffffea000263ef00 RCX: ffff888096834000
[  173.398808][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffea000263ef00
[  173.406769][    C0] RBP: ffffc90002647878 R08: dffffc0000000000 R09: fffffbfff124248a
[  173.414728][    C0] R10: fffffbfff124248a R11: 0000000000000000 R12: ffff88809714eda0
[  173.422693][    C0] R13: dffffc0000000000 R14: 1ffff11012e29db4 R15: ffff8880900cf9f8
[  173.430662][    C0]  ? free_thread_stack+0x124/0x590
[  173.435769][    C0]  free_thread_stack+0x12e/0x590
[  173.440790][    C0]  put_task_stack+0xa3/0x130
[  173.445368][    C0]  finish_task_switch+0x3f1/0x550
[  173.450470][    C0]  __schedule+0x9a8/0xcc0
[  173.454795][    C0]  ? ___preempt_schedule+0x16/0x18
[  173.459893][    C0]  preempt_schedule+0xdb/0x120
[  173.464641][    C0]  ___preempt_schedule+0x16/0x18
[  173.469563][    C0]  ? page_poisoning_enabled+0x1c/0x30
[  173.474922][    C0]  prep_new_page+0x161/0x2e0
[  173.479501][    C0]  get_page_from_freelist+0x850/0xaa0
[  173.484873][    C0]  __alloc_pages_nodemask+0x264/0x5d0
[  173.490237][    C0]  alloc_pages_vma+0x94a/0xd50
[  173.494994][    C0]  do_huge_pmd_anonymous_page+0x883/0xe50
[  173.500722][    C0]  handle_mm_fault+0x2017/0x2890
[  173.505670][    C0]  do_user_addr_fault+0x589/0xaf0
[  173.510693][    C0]  __do_page_fault+0xd3/0x1f0
[  173.515357][    C0]  do_page_fault+0x99/0xb0
[  173.519762][    C0]  page_fault+0x39/0x40
[  173.523903][    C0] RIP: 0033:0x400644
[  173.527803][    C0] Code: 06 e9 49 01 00 00 48 8b 44 24 10 48 0b 44 24 28 75 1f 48 8b 14 24 48 8b 7c 24 20 be 04 00 00 00 e8 21 55 00 00 48 8b 74 24 08 <89> 06 e9 1e 01 00 00 48 8b 44 24 08 48 8b 14 24 be 04 00 00 00 8b
[  173.547404][    C0] RSP: 002b:00007ffdeeda3690 EFLAGS: 00010206
[  173.553471][    C0] RAX: 0000000000000008 RBX: 0000000000000000 RCX: 0000000000000000
[  173.561441][    C0] RDX: 0000000000000000 RSI: 0000000020caefb8 RDI: 0000000000000008
[  173.569406][    C0] RBP: 0000000000760000 R08: 0000000000000000 R09: 0000000000000000
[  173.577365][    C0] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000001
[  173.585322][    C0] R13: 00007ffdeeda38b0 R14: 0000000000760008 R15: 00007ffdeeda38c0