divide error: 0000 [#1] PREEMPT SMP KASAN CPU: 1 PID: 3010 Comm: kworker/1:38 Not tainted 5.5.0-rc5-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: ipv6_addrconf addrconf_dad_work RIP: 0010:tabledist.part.0+0x13f/0x170 net/sched/sch_netem.c:333 Code: e8 48 83 c4 08 5b 41 5c 41 5d 41 5e 5d c3 e8 a8 09 28 fb 48 81 eb 00 10 00 00 eb a5 e8 9a 09 28 fb 43 8d 0c 24 44 89 f0 31 d2 f1 4d 29 e5 49 01 d5 eb c5 48 89 df e8 8f c2 65 fb e9 0d ff ff RSP: 0018:ffffc90000da7f38 EFLAGS: 00010246 RAX: 0000000037230827 RBX: 0000000000000000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffffffff864d2396 RDI: 0000000000000005 RBP: ffffc90000da7f60 R08: ffff88809e916540 R09: ffffed1013014c2f R10: ffffed1013014c2e R11: ffff8880980a6177 R12: ffffffff80000000 R13: 0000000000000000 R14: 0000000037230827 R15: ffff8880980a6000 FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000055b98a6f6110 CR3: 00000000a9b1b000 CR4: 00000000001406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: tabledist net/sched/sch_netem.c:536 [inline] netem_enqueue+0x416/0x2e10 net/sched/sch_netem.c:536 __dev_xmit_skb net/core/dev.c:3671 [inline] __dev_queue_xmit+0x152e/0x35c0 net/core/dev.c:3982 dev_queue_xmit+0x18/0x20 net/core/dev.c:4046 br_dev_queue_push_xmit+0x3f3/0x5e0 net/bridge/br_forward.c:52 NF_HOOK include/linux/netfilter.h:307 [inline] NF_HOOK include/linux/netfilter.h:301 [inline] br_forward_finish+0xfa/0x3f0 net/bridge/br_forward.c:65 NF_HOOK include/linux/netfilter.h:307 [inline] NF_HOOK include/linux/netfilter.h:301 [inline] __br_forward+0x63c/0xaf0 net/bridge/br_forward.c:109 deliver_clone+0x61/0xc0 net/bridge/br_forward.c:125 maybe_deliver+0x2c7/0x390 net/bridge/br_forward.c:181 br_flood+0x13a/0x3d0 net/bridge/br_forward.c:223 br_dev_xmit+0x98c/0x1590 net/bridge/br_device.c:98 __netdev_start_xmit include/linux/netdevice.h:4447 [inline] netdev_start_xmit include/linux/netdevice.h:4461 [inline] xmit_one net/core/dev.c:3420 [inline] dev_hard_start_xmit+0x1a3/0x9b0 net/core/dev.c:3436 __dev_queue_xmit+0x2b05/0x35c0 net/core/dev.c:4013 dev_queue_xmit+0x18/0x20 net/core/dev.c:4046 neigh_hh_output include/net/neighbour.h:499 [inline] neigh_output include/net/neighbour.h:508 [inline] ip6_finish_output2+0xfbe/0x25c0 net/ipv6/ip6_output.c:116 __ip6_finish_output+0x444/0xaa0 net/ipv6/ip6_output.c:142 ip6_finish_output+0x38/0x1f0 net/ipv6/ip6_output.c:152 NF_HOOK_COND include/linux/netfilter.h:296 [inline] ip6_output+0x25e/0x880 net/ipv6/ip6_output.c:175 dst_output include/net/dst.h:436 [inline] NF_HOOK include/linux/netfilter.h:307 [inline] NF_HOOK include/linux/netfilter.h:301 [inline] mld_sendpack+0x9c2/0xed0 net/ipv6/mcast.c:1682 mld_send_cr net/ipv6/mcast.c:1978 [inline] mld_ifc_timer_expire+0x454/0x950 net/ipv6/mcast.c:2477 call_timer_fn+0x1ac/0x780 kernel/time/timer.c:1404 expire_timers kernel/time/timer.c:1449 [inline] __run_timers kernel/time/timer.c:1773 [inline] __run_timers kernel/time/timer.c:1740 [inline] run_timer_softirq+0x6c3/0x1790 kernel/time/timer.c:1786 __do_softirq+0x262/0x98c kernel/softirq.c:292 invoke_softirq kernel/softirq.c:373 [inline] irq_exit+0x19b/0x1e0 kernel/softirq.c:413 exiting_irq arch/x86/include/asm/apic.h:536 [inline] smp_apic_timer_interrupt+0x1a3/0x610 arch/x86/kernel/apic/apic.c:1137 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:829 RIP: 0010:check_memory_region+0x1d/0x1a0 mm/kasan/generic.c:191 Code: 0f 1f 00 66 2e 0f 1f 84 00 00 00 00 00 48 85 f6 0f 84 34 01 00 00 48 b8 ff ff ff ff ff 7f ff ff 55 0f b6 d2 48 39 c7 48 89 e5 <41> 55 41 54 53 0f 86 07 01 00 00 4c 8d 5c 37 ff 49 89 f8 48 b8 00 RSP: 0018:ffffc9000861fa40 EFLAGS: 00000216 ORIG_RAX: ffffffffffffff13 RAX: ffff7fffffffffff RBX: ffff88809e204340 RCX: ffffffff815993ff RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff88809e916540 RBP: ffffc9000861fa40 R08: 1ffffffff149b0fc R09: fffffbfff149b0fd R10: fffffbfff149b0fc R11: ffffffff8a4d87e7 R12: ffffffff8a4d87e0 R13: ffff88809e916540 R14: 0000000000000000 R15: dffffc0000000000 __kasan_check_read+0x11/0x20 mm/kasan/common.c:95 test_bit include/asm-generic/bitops/instrumented-non-atomic.h:110 [inline] test_ti_thread_flag include/linux/thread_info.h:84 [inline] need_resched include/linux/sched.h:1820 [inline] mutex_spin_on_owner+0xdf/0x330 kernel/locking/mutex.c:568 mutex_optimistic_spin kernel/locking/mutex.c:673 [inline] __mutex_lock_common kernel/locking/mutex.c:959 [inline] __mutex_lock+0x32b/0x13c0 kernel/locking/mutex.c:1103 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1118 rtnl_lock+0x17/0x20 net/core/rtnetlink.c:72 addrconf_dad_work+0xad/0x11d0 net/ipv6/addrconf.c:4033 process_one_work+0x9af/0x1740 kernel/workqueue.c:2264 worker_thread+0x98/0xe40 kernel/workqueue.c:2410 kthread+0x361/0x430 kernel/kthread.c:255 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352 Modules linked in: ---[ end trace 8cd136136e6cb948 ]--- RIP: 0010:tabledist.part.0+0x13f/0x170 net/sched/sch_netem.c:333 Code: e8 48 83 c4 08 5b 41 5c 41 5d 41 5e 5d c3 e8 a8 09 28 fb 48 81 eb 00 10 00 00 eb a5 e8 9a 09 28 fb 43 8d 0c 24 44 89 f0 31 d2 f1 4d 29 e5 49 01 d5 eb c5 48 89 df e8 8f c2 65 fb e9 0d ff ff RSP: 0018:ffffc90000da7f38 EFLAGS: 00010246 RAX: 0000000037230827 RBX: 0000000000000000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffffffff864d2396 RDI: 0000000000000005 RBP: ffffc90000da7f60 R08: ffff88809e916540 R09: ffffed1013014c2f R10: ffffed1013014c2e R11: ffff8880980a6177 R12: ffffffff80000000 R13: 0000000000000000 R14: 0000000037230827 R15: ffff8880980a6000 FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000055b98a6f6110 CR3: 00000000a9b1b000 CR4: 00000000001406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400