syzkaller login: [   41.835831] audit: type=1400 audit(1567821104.377:35): avc:  denied  { map } for  pid=7474 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.0.234' (ECDSA) to the list of known hosts.
[  200.217048] audit: type=1400 audit(1567821262.757:36): avc:  denied  { map } for  pid=7486 comm="syz-executor275" path="/root/syz-executor275479444" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[  200.239247] IPVS: ftp: loaded support on port[0] = 21
[  200.295448] chnl_net:caif_netlink_parms(): no params data found
[  200.325346] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.332139] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.339261] device bridge_slave_0 entered promiscuous mode
[  200.346238] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.353174] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.360212] device bridge_slave_1 entered promiscuous mode
[  200.376033] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  200.385706] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  200.402095] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  200.410065] team0: Port device team_slave_0 added
[  200.415395] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  200.422794] team0: Port device team_slave_1 added
[  200.428536] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  200.435670] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  200.498721] device hsr_slave_0 entered promiscuous mode
[  200.567257] device hsr_slave_1 entered promiscuous mode
[  200.607584] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[  200.614502] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[  200.628073] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.634633] bridge0: port 2(bridge_slave_1) entered forwarding state
[  200.641560] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.647942] bridge0: port 1(bridge_slave_0) entered forwarding state
[  200.676095] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[  200.682288] 8021q: adding VLAN 0 to HW filter on device bond0
[  200.691379] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  200.700074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  200.708368] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.715271] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.722344] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  200.731951] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[  200.738549] 8021q: adding VLAN 0 to HW filter on device team0
[  200.757587] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  200.765108] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.771482] bridge0: port 1(bridge_slave_0) entered forwarding state
[  200.787508] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  200.795069] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.801461] bridge0: port 2(bridge_slave_1) entered forwarding state
[  200.809190] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  200.823297] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  200.833460] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  200.844299] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[  200.850926] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  200.858599] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  200.866163] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
executing program
[  200.873865] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  200.881295] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  200.893992] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[  200.903425] 8021q: adding VLAN 0 to HW filter on device batadv0
[  305.896875] rcu: INFO: rcu_preempt self-detected stall on CPU
[  305.904487] rcu: 	1-...!: (10499 ticks this GP) idle=56a/0/0x3 softirq=10276/10276 fqs=2 
[  305.913001] rcu: 	 (t=10501 jiffies g=5121 q=121)
[  305.917846] rcu: rcu_preempt kthread starved for 10498 jiffies! g5121 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0
[  305.928397] rcu: RCU grace-period kthread stack dump:
[  305.933570] rcu_preempt     I29424    10      2 0x80000000
[  305.939191] Call Trace:
[  305.941831]  __schedule+0x866/0x1dc0
[  305.945540]  ? pci_mmcfg_check_reserved+0x170/0x170
[  305.950543]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  305.955663]  ? lockdep_hardirqs_on+0x415/0x5d0
[  305.960273]  ? trace_hardirqs_on+0x67/0x220
[  305.964585]  schedule+0x92/0x1c0
[  305.967935]  schedule_timeout+0x4db/0xfc0
[  305.972073]  ? usleep_range+0x170/0x170
[  305.976032]  ? trace_hardirqs_on+0x67/0x220
[  305.980368]  ? kasan_check_read+0x11/0x20
[  305.984518]  ? __next_timer_interrupt+0x1a0/0x1a0
[  305.989366]  ? prepare_to_swait_exclusive+0x120/0x120
[  305.994566]  rcu_gp_kthread+0xd5c/0x2190
[  305.998651]  ? rcu_blocking_is_gp+0x90/0x90
[  306.002959]  ? trace_hardirqs_on+0x67/0x220
[  306.007265]  ? kasan_check_read+0x11/0x20
[  306.011402]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  306.016525]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  306.022082]  ? __kthread_parkme+0xfb/0x1b0
[  306.026315]  kthread+0x354/0x420
[  306.029680]  ? rcu_blocking_is_gp+0x90/0x90
[  306.033986]  ? kthread_cancel_delayed_work_sync+0x20/0x20
[  306.039507]  ret_from_fork+0x24/0x30
[  306.043240] NMI backtrace for cpu 1
[  306.046860] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.19.70 #0
[  306.052988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  306.062321] Call Trace:
[  306.064907]  <IRQ>
[  306.067060]  dump_stack+0x172/0x1f0
[  306.070676]  nmi_cpu_backtrace.cold+0x63/0xa4
[  306.075184]  ? lapic_can_unplug_cpu.cold+0x45/0x45
[  306.080100]  nmi_trigger_cpumask_backtrace+0x1b0/0x1f8
[  306.085365]  arch_trigger_cpumask_backtrace+0x14/0x20
[  306.090542]  rcu_dump_cpu_stacks+0x189/0x1d5
[  306.094957]  ? wake_up_process+0x10/0x20
[  306.099011]  rcu_check_callbacks.cold+0x5e3/0xd90
[  306.103841]  ? trace_hardirqs_off+0x62/0x220
[  306.108276]  update_process_times+0x32/0x80
[  306.112600]  tick_sched_handle+0xa2/0x190
[  306.116733]  tick_sched_timer+0x47/0x130
[  306.120783]  __hrtimer_run_queues+0x33b/0xdc0
[  306.125274]  ? tick_sched_do_timer+0x1b0/0x1b0
[  306.129853]  ? hrtimer_fixup_activate+0x30/0x30
[  306.134513]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  306.139517]  ? ktime_get_update_offsets_now+0x2d3/0x440
[  306.144869]  hrtimer_interrupt+0x314/0x770
[  306.149104]  smp_apic_timer_interrupt+0x111/0x550
[  306.153931]  apic_timer_interrupt+0xf/0x20
[  306.158259] RIP: 0010:__list_del_entry_valid+0x89/0xf5
[  306.163528] Code: 00 00 48 b8 00 02 00 00 00 00 ad de 49 39 c4 0f 84 e2 00 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 80 3c 02 00 <75> 53 49 8b 14 24 4c 39 f2 0f 85 99 00 00 00 49 8d 7d 08 48 b8 00
[  306.182424] RSP: 0018:ffff8880ae907560 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[  306.190129] RAX: dffffc0000000000 RBX: ffff888095ed8778 RCX: ffffffff858e8489
[  306.197386] RDX: 1ffff11012bdb102 RSI: ffffffff858e893b RDI: ffff888095ed8780
[  306.204653] RBP: ffff8880ae907578 R08: ffff8880aa2703c0 R09: 0000000000000005
[  306.211907] R10: ffff8880aa270d08 R11: 00000000baba441b R12: ffff888095ed8810
[  306.219169] R13: ffff888095ed8810 R14: ffff888095ed8778 R15: 0000000000000000
[  306.226444]  ? apic_timer_interrupt+0xa/0x20
[  306.230894]  ? hhf_dequeue+0xb9/0xa00
[  306.234682]  ? hhf_dequeue+0x56b/0xa00
[  306.238562]  hhf_dequeue+0x5aa/0xa00
[  306.242304]  __qdisc_run+0x1e7/0x1960
[  306.246136]  __dev_queue_xmit+0x165c/0x2fe0
[  306.250449]  ? netdev_pick_tx+0x300/0x300
[  306.254633]  ? ip6_finish_output2+0xac0/0x2550
[  306.259206]  ? find_held_lock+0x35/0x130
[  306.263255]  ? ip6_finish_output2+0xb7f/0x2550
[  306.267824]  ? mark_held_locks+0xb1/0x100
[  306.271967]  dev_queue_xmit+0x18/0x20
[  306.275755]  ? dev_queue_xmit+0x18/0x20
[  306.279743]  neigh_resolve_output+0x5b7/0x980
[  306.284233]  ip6_finish_output2+0xb7f/0x2550
[  306.288645]  ? ip6_mtu+0x2e6/0x460
[  306.292175]  ? ip6_forward_finish+0x4d0/0x4d0
[  306.296658]  ? lock_downgrade+0x810/0x810
[  306.300795]  ? kasan_check_read+0x11/0x20
[  306.304934]  ip6_finish_output+0x574/0xbe0
[  306.309167]  ? ip6_finish_output+0x574/0xbe0
[  306.313565]  ip6_output+0x235/0x7c0
[  306.317181]  ? ip6_finish_output+0xbe0/0xbe0
[  306.321582]  ? ip6_fragment+0x3770/0x3770
[  306.325718]  ? icmp6_dst_alloc+0x432/0x660
[  306.329964]  mld_sendpack+0x9d3/0xeb0
[  306.333756]  ? nf_hook.constprop.0+0x560/0x560
[  306.338334]  ? mld_ifc_timer_expire+0x437/0x8a0
[  306.343027]  ? __local_bh_enable_ip+0x15a/0x270
[  306.347686]  mld_ifc_timer_expire+0x449/0x8a0
[  306.352186]  call_timer_fn+0x18d/0x720
[  306.356059]  ? mld_dad_timer_expire+0x1c0/0x1c0
[  306.360714]  ? process_timeout+0x40/0x40
[  306.364758]  ? run_timer_softirq+0x647/0x1700
[  306.369239]  ? trace_hardirqs_on+0x67/0x220
[  306.373554]  ? kasan_check_read+0x11/0x20
[  306.377693]  ? mld_dad_timer_expire+0x1c0/0x1c0
[  306.382348]  run_timer_softirq+0x652/0x1700
[  306.386663]  ? add_timer+0xbe0/0xbe0
[  306.390393]  ? kvm_clock_read+0x18/0x30
[  306.394360]  ? check_preemption_disabled+0x48/0x290
[  306.399381]  ? sched_clock+0x2e/0x50
[  306.403094]  __do_softirq+0x25c/0x921
[  306.406885]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  306.412410]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  306.417940]  irq_exit+0x180/0x1d0
[  306.421381]  smp_apic_timer_interrupt+0x13b/0x550
[  306.426210]  apic_timer_interrupt+0xf/0x20
[  306.430425]  </IRQ>
[  306.432648] RIP: 0010:native_safe_halt+0xe/0x10
[  306.437309] Code: ff ff 48 89 df e8 82 1b ae fa eb 82 e9 07 00 00 00 0f 00 2d a4 fc 53 00 f4 c3 66 90 e9 07 00 00 00 0f 00 2d 94 fc 53 00 fb f4 <c3> 90 55 48 89 e5 41 57 41 56 41 55 41 54 53 e8 ce fd 65 fa e8 39
[  306.456196] RSP: 0018:ffff8880aa27fd00 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13
[  306.463890] RAX: 1ffffffff10e48c4 RBX: ffff8880aa2703c0 RCX: 0000000000000000
[  306.471148] RDX: dffffc0000000000 RSI: 0000000000000001 RDI: ffff8880aa270c3c
[  306.478404] RBP: ffff8880aa27fd30 R08: ffff8880aa2703c0 R09: 0000000000000000
[  306.485657] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000001
[  306.492910] R13: ffffffff88724610 R14: 0000000000000001 R15: 0000000000000000
[  306.500180]  ? default_idle+0x4e/0x320
[  306.504073]  arch_cpu_idle+0xa/0x10
[  306.507689]  default_idle_call+0x36/0x90
[  306.511759]  do_idle+0x377/0x560
[  306.515116]  ? arch_cpu_idle_exit+0x80/0x80
[  306.519424]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  306.524514]  ? complete+0x61/0x80
[  306.527956]  cpu_startup_entry+0xc8/0xe0
[  306.532089]  ? cpu_in_idle+0x20/0x20
[  306.535808]  ? setup_APIC_timer+0x1aa/0x200
[  306.540116]  start_secondary+0x3e8/0x5b0
[  306.544164]  ? set_cpu_sibling_map+0x1860/0x1860
[  306.548921]  secondary_startup_64+0xa4/0xb0