syzkaller login: [   40.687629] audit: type=1400 audit(1568578257.691:35): avc:  denied  { map } for  pid=7548 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.0.18' (ECDSA) to the list of known hosts.
[  215.888008] audit: type=1400 audit(1568578432.891:36): avc:  denied  { map } for  pid=7561 comm="syz-executor455" path="/root/syz-executor455136972" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[  215.907278] IPVS: ftp: loaded support on port[0] = 21
[  215.967723] chnl_net:caif_netlink_parms(): no params data found
[  216.000796] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.007780] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.015962] device bridge_slave_0 entered promiscuous mode
[  216.023445] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.030126] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.037154] device bridge_slave_1 entered promiscuous mode
[  216.052541] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  216.062015] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  216.079047] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  216.086812] team0: Port device team_slave_0 added
[  216.092347] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  216.100950] team0: Port device team_slave_1 added
[  216.106249] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  216.113512] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  216.166858] device hsr_slave_0 entered promiscuous mode
[  216.234813] device hsr_slave_1 entered promiscuous mode
[  216.275026] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[  216.282069] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[  216.296174] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.303607] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.310734] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.317133] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.348356] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[  216.355152] 8021q: adding VLAN 0 to HW filter on device bond0
[  216.363528] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  216.372257] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  216.391599] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.399362] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.407845] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  216.418439] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[  216.425058] 8021q: adding VLAN 0 to HW filter on device team0
[  216.446099] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  216.454121] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.460740] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.475570] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  216.483521] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.489949] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.505306] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  216.513237] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  216.521389] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  216.528883] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  216.537036] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  216.545867] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  216.551909] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  216.566388] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[  216.576574] 8021q: adding VLAN 0 to HW filter on device batadv0
executing program
executing program
executing program
executing program
[  321.634560] rcu: INFO: rcu_preempt self-detected stall on CPU
[  321.640771] rcu: 	0-...!: (10499 ticks this GP) idle=70e/1/0x4000000000000002 softirq=9854/9854 fqs=6 
[  321.650549] rcu: 	 (t=10500 jiffies g=5333 q=140)
[  321.655420] rcu: rcu_preempt kthread starved for 10488 jiffies! g5333 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1
[  321.666000] rcu: RCU grace-period kthread stack dump:
[  321.671186] rcu_preempt     I29104    10      2 0x80000000
[  321.676824] Call Trace:
[  321.679523]  __schedule+0x866/0x1dc0
[  321.683249]  ? pci_mmcfg_check_reserved+0x170/0x170
[  321.688269]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  321.693451]  ? lockdep_hardirqs_on+0x415/0x5d0
[  321.698086]  ? trace_hardirqs_on+0x67/0x220
[  321.702417]  schedule+0x92/0x1c0
[  321.705785]  schedule_timeout+0x4db/0xfc0
[  321.709960]  ? usleep_range+0x170/0x170
[  321.713939]  ? trace_hardirqs_on+0x67/0x220
[  321.718404]  ? kasan_check_read+0x11/0x20
[  321.722595]  ? __next_timer_interrupt+0x1a0/0x1a0
[  321.727487]  ? prepare_to_swait_exclusive+0x120/0x120
[  321.732729]  rcu_gp_kthread+0xd5c/0x2190
[  321.736817]  ? rcu_blocking_is_gp+0x90/0x90
[  321.741140]  ? trace_hardirqs_on+0x67/0x220
[  321.745463]  ? kasan_check_read+0x11/0x20
[  321.749743]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  321.755150]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  321.760868]  ? __kthread_parkme+0xfb/0x1b0
[  321.765110]  kthread+0x354/0x420
[  321.768569]  ? rcu_blocking_is_gp+0x90/0x90
[  321.772899]  ? kthread_cancel_delayed_work_sync+0x20/0x20
[  321.779566]  ret_from_fork+0x24/0x30
[  321.783325] NMI backtrace for cpu 0
[  321.787002] CPU: 0 PID: 7583 Comm: syz-executor455 Not tainted 4.19.72 #0
[  321.794212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  321.803572] Call Trace:
[  321.806156]  <IRQ>
[  321.808358]  dump_stack+0x172/0x1f0
[  321.812022]  nmi_cpu_backtrace.cold+0x63/0xa4
[  321.816602]  ? lapic_can_unplug_cpu.cold+0x45/0x45
[  321.821552]  nmi_trigger_cpumask_backtrace+0x1b0/0x1f8
[  321.826833]  arch_trigger_cpumask_backtrace+0x14/0x20
[  321.832039]  rcu_dump_cpu_stacks+0x189/0x1d5
[  321.836488]  ? wake_up_process+0x10/0x20
[  321.840559]  rcu_check_callbacks.cold+0x5e3/0xd90
[  321.845406]  ? trace_hardirqs_off+0x62/0x220
[  321.849859]  update_process_times+0x32/0x80
[  321.854221]  tick_sched_handle+0xa2/0x190
[  321.858375]  tick_sched_timer+0x47/0x130
[  321.862439]  __hrtimer_run_queues+0x33b/0xdc0
[  321.866952]  ? tick_sched_do_timer+0x1b0/0x1b0
[  321.871540]  ? hrtimer_fixup_activate+0x30/0x30
[  321.876212]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  321.881230]  ? ktime_get_update_offsets_now+0x2d3/0x440
[  321.886604]  hrtimer_interrupt+0x314/0x770
[  321.890857]  smp_apic_timer_interrupt+0x111/0x550
[  321.895720]  apic_timer_interrupt+0xf/0x20
[  321.899950]  </IRQ>
[  321.902191] RIP: 0010:__sanitizer_cov_trace_pc+0x26/0x50
[  321.907976] Code: 90 90 90 90 55 48 89 e5 48 8b 75 08 65 48 8b 04 25 40 ee 01 00 65 8b 15 28 97 96 7e 81 e2 00 01 1f 00 75 2b 8b 90 d0 12 00 00 <83> fa 02 75 20 48 8b 88 d8 12 00 00 8b 80 d4 12 00 00 48 8b 11 48
[  321.926969] RSP: 0018:ffff88807ed7f348 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[  321.934683] RAX: ffff888093754680 RBX: ffff888092aa3df8 RCX: ffffffff858e7e8e
[  321.941954] RDX: 0000000000000000 RSI: ffffffff858e78aa RDI: ffff888092aa3e00
[  321.949226] RBP: ffff88807ed7f348 R08: ffff888093754680 R09: 0000000000000003
[  321.956504] R10: ffff888093754f78 R11: 00000000a326b5e0 R12: dffffc0000000000
[  321.963889] R13: ffff888092aa3b40 R14: ffff888092aa3e90 R15: ffff888092aa3e90
[  321.971252]  ? hhf_dequeue+0x65e/0xa00
[  321.975137]  ? hhf_dequeue+0x7a/0xa00
[  321.978957]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  321.984596]  hhf_dequeue+0x7a/0xa00
[  321.988294]  __qdisc_run+0x1e7/0x1960
[  321.992155]  __dev_queue_xmit+0x165c/0x2fe0
[  321.996509]  ? mark_held_locks+0x100/0x100
[  322.000772]  ? netdev_pick_tx+0x300/0x300
[  322.005110]  ? __copy_skb_header+0x33d/0x560
[  322.009532]  ? skb_checksum+0xc0/0xc0
[  322.013337]  ? rcu_read_lock_sched_held+0x110/0x130
[  322.018355]  ? kasan_check_write+0x14/0x20
[  322.022588]  ? __skb_clone+0x613/0x870
[  322.026487]  dev_queue_xmit+0x18/0x20
[  322.030305]  ? dev_queue_xmit+0x18/0x20
[  322.034343]  netlink_deliver_tap+0x910/0xc20
[  322.038767]  __netlink_sendskb+0x68/0xc0
[  322.042837]  netlink_unicast+0x616/0x720
[  322.046903]  ? netlink_attachskb+0x770/0x770
[  322.051319]  netlink_ack+0x645/0xb30
[  322.055058]  ? netlink_sendmsg+0xd70/0xd70
[  322.059298]  ? netlink_deliver_tap+0x22d/0xc20
[  322.063881]  ? find_held_lock+0x35/0x130
[  322.067948]  netlink_rcv_skb+0x382/0x460
[  322.072107]  ? rtnetlink_put_metrics+0x560/0x560
[  322.076872]  ? netlink_ack+0xb30/0xb30
[  322.080778]  ? kasan_check_read+0x11/0x20
[  322.084934]  ? netlink_deliver_tap+0x254/0xc20
[  322.089533]  rtnetlink_rcv+0x1d/0x30
[  322.093250]  netlink_unicast+0x537/0x720
[  322.097320]  ? netlink_attachskb+0x770/0x770
[  322.101753]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  322.107299]  netlink_sendmsg+0x8ae/0xd70
[  322.111373]  ? netlink_unicast+0x720/0x720
[  322.115863]  ? selinux_socket_sendmsg+0x36/0x40
[  322.120649]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  322.126453]  ? security_socket_sendmsg+0x8d/0xc0
[  322.131241]  ? netlink_unicast+0x720/0x720
[  322.135652]  sock_sendmsg+0xd7/0x130
[  322.139383]  ___sys_sendmsg+0x803/0x920
[  322.144247]  ? copy_msghdr_from_user+0x430/0x430
[  322.149227]  ? __might_fault+0x12b/0x1e0
[  322.153302]  ? __might_fault+0x12b/0x1e0
[  322.157374]  ? lock_downgrade+0x810/0x810
[  322.161550]  ? kasan_check_read+0x11/0x20
[  322.165707]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  322.171296]  ? __fget_light+0x1a9/0x230
[  322.175274]  ? __fdget+0x1b/0x20
[  322.178649]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  322.184195]  __sys_sendmsg+0x105/0x1d0
[  322.188092]  ? __ia32_sys_shutdown+0x80/0x80
[  322.192507]  ? up_read+0x1a/0x110
[  322.196006]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  322.200800]  ? do_syscall_64+0x26/0x620
[  322.204779]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  322.210143]  ? do_syscall_64+0x26/0x620
[  322.214124]  __x64_sys_sendmsg+0x78/0xb0
[  322.218190]  do_syscall_64+0xfd/0x620
[  322.222081]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  322.227271] RIP: 0033:0x442439
[  322.230470] Code: e8 9c 07 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b 0a fc ff c3 66 2e 0f 1f 84 00 00 00 00
[  322.249457] RSP: 002b:00007fffb823bf98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  322.257171] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000442439
[  322.264527] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[  322.271809] RBP: 0000000000034e30 R08: 0000000000000000 R09: 0000000000000000
[  322.279181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  322.286628] R13: 0000000000403390 R14: 0000000000000000 R15: 0000000000000000