------------[ cut here ]------------ HSR: Could not send supervision frame WARNING: CPU: 0 PID: 27863 at net/hsr/hsr_device.c:299 send_hsr_supervision_frame+0x889/0xb40 net/hsr/hsr_device.c:299 Kernel panic - not syncing: panic_on_warn set ... CPU: 0 PID: 27863 Comm: syz-executor.3 Not tainted 5.9.0-rc7-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x198/0x1fd lib/dump_stack.c:118 panic+0x382/0x7fb kernel/panic.c:231 __warn.cold+0x20/0x4b kernel/panic.c:600 report_bug+0x1bd/0x210 lib/bug.c:198 handle_bug+0x38/0x90 arch/x86/kernel/traps.c:234 exc_invalid_op+0x14/0x40 arch/x86/kernel/traps.c:254 asm_exc_invalid_op+0x12/0x20 arch/x86/include/asm/idtentry.h:536 RIP: 0010:send_hsr_supervision_frame+0x889/0xb40 net/hsr/hsr_device.c:299 Code: 03 31 ff 89 de e8 37 c4 58 f9 84 db 0f 85 8b fd ff ff e8 0a c8 58 f9 48 c7 c7 40 3e 67 89 c6 05 ff 06 37 03 01 e8 79 05 29 f9 <0f> 0b e9 6c fd ff ff e8 eb c7 58 f9 41 be 42 00 00 00 ba 01 00 00 RSP: 0018:ffffc90000007c48 EFLAGS: 00010286 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 RDX: ffff88808d968500 RSI: ffffffff815f59d5 RDI: fffff52000000f7b RBP: 00000000000088fb R08: 0000000000000001 R09: ffff8880ae4318e7 R10: 0000000000000000 R11: 0000000000000000 R12: ffff888088be3980 R13: 0000000000000000 R14: ffff88804793ece8 R15: ffff8880ae4255c0 hsr_announce+0x122/0x320 net/hsr/hsr_device.c:404 call_timer_fn+0x1ac/0x760 kernel/time/timer.c:1413 expire_timers kernel/time/timer.c:1458 [inline] __run_timers.part.0+0x67c/0xaa0 kernel/time/timer.c:1755 __run_timers kernel/time/timer.c:1736 [inline] run_timer_softirq+0xb3/0x1d0 kernel/time/timer.c:1768 __do_softirq+0x1f8/0xb23 kernel/softirq.c:298 asm_call_irq_on_stack+0xf/0x20 __run_on_irqstack arch/x86/include/asm/irq_stack.h:26 [inline] run_on_irqstack_cond arch/x86/include/asm/irq_stack.h:77 [inline] do_softirq_own_stack+0x9b/0xd0 arch/x86/kernel/irq_64.c:77 invoke_softirq kernel/softirq.c:393 [inline] __irq_exit_rcu kernel/softirq.c:423 [inline] irq_exit_rcu+0x235/0x280 kernel/softirq.c:435 sysvec_apic_timer_interrupt+0x51/0xf0 arch/x86/kernel/apic/apic.c:1091 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:581 RIP: 0010:__sanitizer_cov_trace_pc+0x45/0x60 kernel/kcov.c:202 Code: f6 c4 01 74 35 8b 82 2c 14 00 00 85 c0 74 2b 8b 82 08 14 00 00 83 f8 02 75 20 48 8b 8a 10 14 00 00 8b 92 0c 14 00 00 48 8b 01 <48> 83 c0 01 48 39 c2 76 07 48 89 34 c1 48 89 01 c3 66 2e 0f 1f 84 RSP: 0018:ffffc9000939e1c0 EFLAGS: 00000246 RAX: 000000000003ffff RBX: 0000000000000001 RCX: ffffc90015f39000 RDX: 0000000000040000 RSI: ffffffff819dc107 RDI: 0000000000000001 RBP: dffffc0000000000 R08: 0000000000000001 R09: ffffea0005de2387 R10: 0000000000000000 R11: 0000000000000000 R12: ffffea0005de2348 R13: 0000000000000000 R14: ffffea0005de2388 R15: ffffea0005de2380 __list_add include/linux/list.h:70 [inline] list_add include/linux/list.h:86 [inline] shrink_page_list+0x11b7/0x5a30 mm/vmscan.c:1477 shrink_inactive_list+0x34f/0xd40 mm/vmscan.c:1958 shrink_list mm/vmscan.c:2168 [inline] shrink_lruvec+0x61b/0x11b0 mm/vmscan.c:2463 shrink_node_memcgs mm/vmscan.c:2651 [inline] shrink_node+0x839/0x1d60 mm/vmscan.c:2768 shrink_zones mm/vmscan.c:2971 [inline] do_try_to_free_pages+0x38b/0x1440 mm/vmscan.c:3026 try_to_free_pages+0x29e/0x7d0 mm/vmscan.c:3265 __perform_reclaim mm/page_alloc.c:4260 [inline] __alloc_pages_direct_reclaim mm/page_alloc.c:4281 [inline] __alloc_pages_slowpath.constprop.0+0x995/0x28c0 mm/page_alloc.c:4685 __alloc_pages_nodemask+0x62c/0x790 mm/page_alloc.c:4901 __alloc_pages include/linux/gfp.h:509 [inline] __alloc_pages_node include/linux/gfp.h:522 [inline] kmem_getpages mm/slab.c:1376 [inline] cache_grow_begin+0x71/0x4a0 mm/slab.c:2594 fallback_alloc+0x1fb/0x2e0 mm/slab.c:3141 __do_cache_alloc mm/slab.c:3279 [inline] slab_alloc mm/slab.c:3308 [inline] kmem_cache_alloc+0x2e3/0x3f0 mm/slab.c:3486 mempool_alloc+0x146/0x350 mm/mempool.c:393 bio_alloc_bioset+0x37b/0x5d0 block/bio.c:486 bio_clone_fast+0x21/0x1b0 block/bio.c:710 bio_split+0xc7/0x2c0 block/bio.c:1479 blk_bio_segment_split block/blk-merge.c:281 [inline] __blk_queue_split+0x10e1/0x1650 block/blk-merge.c:331 blk_mq_submit_bio+0x1b0/0x1760 block/blk-mq.c:2156 __submit_bio_noacct_mq block/blk-core.c:1180 [inline] submit_bio_noacct+0xc78/0x12b0 block/blk-core.c:1213 submit_bio+0x263/0x5b0 block/blk-core.c:1283 mpage_bio_submit fs/mpage.c:66 [inline] do_mpage_readpage+0x1072/0x1f70 fs/mpage.c:316 mpage_readahead+0x3a3/0x880 fs/mpage.c:391 read_pages+0x1df/0x8d0 mm/readahead.c:130 page_cache_readahead_unbounded+0x572/0x850 mm/readahead.c:244 __do_page_cache_readahead+0xc2/0xf0 mm/readahead.c:273 ra_submit mm/internal.h:64 [inline] do_sync_mmap_readahead mm/filemap.c:2603 [inline] filemap_fault+0x1a66/0x2aa0 mm/filemap.c:2691 __do_fault+0x10d/0x4d0 mm/memory.c:3639 do_shared_fault mm/memory.c:4086 [inline] do_fault mm/memory.c:4164 [inline] handle_pte_fault mm/memory.c:4400 [inline] __handle_mm_fault mm/memory.c:4535 [inline] handle_mm_fault+0x34f3/0x4590 mm/memory.c:4633 do_user_addr_fault+0x598/0xbf0 arch/x86/mm/fault.c:1372 handle_page_fault arch/x86/mm/fault.c:1429 [inline] exc_page_fault+0xa8/0x190 arch/x86/mm/fault.c:1482 asm_exc_page_fault+0x1e/0x30 arch/x86/include/asm/idtentry.h:538 RIP: 0010:__put_user_4+0x1c/0x30 arch/x86/lib/putuser.S:70 Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 c0 fe 01 00 48 8b 9b 50 15 00 00 48 83 eb 03 48 39 d9 73 4a 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 RSP: 0018:ffffc9000939fe38 EFLAGS: 00010293 RAX: 0000000000000200 RBX: 00007fffffffeffd RCX: 0000000020000140 RDX: 0000000000040000 RSI: ffffffff83af402b RDI: 0000000000000286 RBP: 1ffff92001273fc9 R08: 0000000000000001 R09: ffff88808d968de0 R10: fffffbfff16b2ca1 R11: 0000000000000000 R12: 0000000080081270 R13: 0000000000000200 R14: 0000000020000140 R15: ffff88808afeb1c0 put_int block/ioctl.c:183 [inline] blkdev_ioctl+0x196/0x700 block/ioctl.c:605 block_ioctl+0xf9/0x140 fs/block_dev.c:1871 vfs_ioctl fs/ioctl.c:48 [inline] __do_sys_ioctl fs/ioctl.c:753 [inline] __se_sys_ioctl fs/ioctl.c:739 [inline] __x64_sys_ioctl+0x193/0x200 fs/ioctl.c:739 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x45dd99 Code: Bad RIP value. RSP: 002b:00007f2dd37ecc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000008b80 RCX: 000000000045dd99 RDX: 0000000020000140 RSI: 0000000080081270 RDI: 0000000000000005 RBP: 000000000118bf60 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118bf2c R13: 00007ffdf2f4c78f R14: 00007f2dd37ed9c0 R15: 000000000118bf2c Kernel Offset: disabled Rebooting in 86400 seconds..