[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.136' (ECDSA) to the list of known hosts. 2021/09/18 04:38:35 parsed 1 programs 2021/09/18 04:38:35 executed programs: 0 syzkaller login: [ 71.036833][ T1359] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.043269][ T1359] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.617536][ T6547] chnl_net:caif_netlink_parms(): no params data found [ 71.711125][ T6547] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.719537][ T6547] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.728706][ T6547] device bridge_slave_0 entered promiscuous mode [ 71.739315][ T6547] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.747129][ T6547] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.755650][ T6547] device bridge_slave_1 entered promiscuous mode [ 71.785200][ T6547] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.796743][ T6547] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.827756][ T6547] team0: Port device team_slave_0 added [ 71.837170][ T6547] team0: Port device team_slave_1 added [ 71.866307][ T6547] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 71.873276][ T6547] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.899778][ T6547] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 71.912459][ T6547] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.919517][ T6547] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.945490][ T6547] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 71.982232][ T6547] device hsr_slave_0 entered promiscuous mode [ 71.990559][ T6547] device hsr_slave_1 entered promiscuous mode [ 72.113648][ T6547] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 72.124254][ T6547] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 72.137761][ T6547] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 72.149973][ T6547] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 72.175946][ T6547] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.183125][ T6547] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.191029][ T6547] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.198197][ T6547] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.241927][ T6547] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.258070][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 72.270560][ T5] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.279574][ T5] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.289393][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 72.303451][ T6547] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.314123][ T1051] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 72.323077][ T1051] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.330188][ T1051] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.346830][ T1051] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 72.355205][ T1051] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.362230][ T1051] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.380819][ T6880] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 72.389311][ T6880] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 72.403874][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 72.420022][ T6547] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 72.430714][ T6547] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 72.445580][ T6880] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 72.454281][ T6880] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 72.465406][ T6880] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 72.484615][ T6547] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.494084][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 72.502022][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 72.521066][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 72.543249][ T6547] device veth0_vlan entered promiscuous mode [ 72.550619][ T6880] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 72.560200][ T6880] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 72.568118][ T6880] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 72.581908][ T6547] device veth1_vlan entered promiscuous mode [ 72.605336][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 72.613763][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 72.627241][ T6547] device veth0_macvtap entered promiscuous mode [ 72.637805][ T6547] device veth1_macvtap entered promiscuous mode [ 72.655803][ T6547] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.663534][ T6880] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 72.672437][ T6880] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 72.681004][ T6880] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 72.690155][ T6880] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 72.702156][ T6547] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.710074][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 72.719215][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 72.732892][ T6547] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.746302][ T6547] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.755481][ T6547] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.764192][ T6547] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.855379][ T6499] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.863374][ T6499] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.890882][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 72.918218][ T8] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.928896][ T8] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.940460][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 72.994272][ T6901] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 73.436232][ T25] Bluetooth: hci0: command 0x0409 tx timeout [ 74.068080][ T6975] ------------[ cut here ]------------ [ 74.073572][ T6975] jump label: negative count! [ 74.080451][ T6975] WARNING: CPU: 0 PID: 6975 at kernel/jump_label.c:235 static_key_slow_try_dec+0xca/0xe0 [ 74.090726][ T6975] Modules linked in: [ 74.095986][ T6975] CPU: 0 PID: 6975 Comm: syz-executor.0 Not tainted 5.15.0-rc1-syzkaller #0 [ 74.105700][ T6975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 74.117236][ T6975] RIP: 0010:static_key_slow_try_dec+0xca/0xe0 [ 74.123452][ T6975] Code: 5d c3 e8 e9 60 dc ff 45 31 ed 5b 44 89 e8 5d 41 5c 41 5d c3 44 89 e5 eb 8e e8 d2 60 dc ff 48 c7 c7 a0 f7 94 89 e8 c3 75 58 07 <0f> 0b eb c5 48 89 df e8 1a aa 23 00 e9 6a ff ff ff 0f 1f 44 00 00 [ 74.144937][ T6975] RSP: 0018:ffffc90003b97ac0 EFLAGS: 00010286 [ 74.151084][ T6975] RAX: 0000000000000000 RBX: ffffffff8d6e3b20 RCX: 0000000000000000 [ 74.159595][ T6975] RDX: ffff888072fe8000 RSI: ffffffff815dbdb8 RDI: fffff52000772f4a [ 74.168123][ T6975] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 74.176866][ T6975] R10: ffffffff815d5b5e R11: 0000000000000000 R12: 00000000ffffffff [ 74.185031][ T6975] R13: 0000000000000001 R14: ffff88806aa15118 R15: 0000000000000040 [ 74.193011][ T6975] FS: 00007f4642b3f700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 [ 74.202030][ T6975] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.208680][ T6975] CR2: 0000558ddc9c8a50 CR3: 0000000072e54000 CR4: 00000000001526e0 [ 74.216732][ T6975] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 74.224802][ T6975] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 74.232778][ T6975] Call Trace: [ 74.237617][ T6975] __static_key_slow_dec_deferred+0x60/0x100 [ 74.243679][ T6975] kvm_free_lapic+0x144/0x1a0 [ 74.250955][ T6975] kvm_arch_vcpu_create+0x890/0xbf0 [ 74.256812][ T6975] kvm_vm_ioctl+0x137f/0x23d0 [ 74.261599][ T6975] ? kvm_unregister_device_ops+0x90/0x90 [ 74.268099][ T6975] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 74.274389][ T6975] ? tomoyo_path_number_perm+0x24e/0x590 [ 74.281301][ T6975] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 74.287887][ T6975] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 74.293835][ T6975] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 74.301370][ T6975] ? do_vfs_ioctl+0x132/0x15d0 [ 74.306361][ T6975] ? vfs_fileattr_set+0xbe0/0xbe0 [ 74.311410][ T6975] ? lock_downgrade+0x6e0/0x6e0 [ 74.317285][ T6975] ? __fget_files+0x23d/0x3e0 [ 74.322066][ T6975] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 74.328582][ T6975] ? kvm_unregister_device_ops+0x90/0x90 [ 74.334242][ T6975] __x64_sys_ioctl+0x193/0x200 [ 74.340050][ T6975] do_syscall_64+0x35/0xb0 [ 74.344552][ T6975] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 74.351077][ T6975] RIP: 0033:0x7f46433c8739 [ 74.356326][ T6975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 74.376417][ T6975] RSP: 002b:00007f4642b3f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 74.384986][ T6975] RAX: ffffffffffffffda RBX: 00007f46434ccf80 RCX: 00007f46433c8739 [ 74.392962][ T6975] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 74.402323][ T6975] RBP: 00007f4643422cc4 R08: 0000000000000000 R09: 0000000000000000 [ 74.411241][ T6975] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f46434ccf80 [ 74.419637][ T6975] R13: 00007ffdb9232f7f R14: 00007f4642b3f300 R15: 0000000000022000 [ 74.427762][ T6975] Kernel panic - not syncing: panic_on_warn set ... [ 74.434345][ T6975] CPU: 0 PID: 6975 Comm: syz-executor.0 Not tainted 5.15.0-rc1-syzkaller #0 [ 74.443021][ T6975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 74.453081][ T6975] Call Trace: [ 74.456356][ T6975] dump_stack_lvl+0xcd/0x134 [ 74.460956][ T6975] panic+0x2b0/0x6dd [ 74.464855][ T6975] ? __warn_printk+0xf3/0xf3 [ 74.469452][ T6975] ? __warn.cold+0x1a/0x44 [ 74.473870][ T6975] ? static_key_slow_try_dec+0xca/0xe0 [ 74.479332][ T6975] __warn.cold+0x35/0x44 [ 74.483572][ T6975] ? wake_up_klogd.part.0+0x8e/0xd0 [ 74.488772][ T6975] ? static_key_slow_try_dec+0xca/0xe0 [ 74.494231][ T6975] report_bug+0x1bd/0x210 [ 74.498567][ T6975] handle_bug+0x3c/0x60 [ 74.502727][ T6975] exc_invalid_op+0x14/0x40 [ 74.507229][ T6975] asm_exc_invalid_op+0x12/0x20 [ 74.512081][ T6975] RIP: 0010:static_key_slow_try_dec+0xca/0xe0 [ 74.518151][ T6975] Code: 5d c3 e8 e9 60 dc ff 45 31 ed 5b 44 89 e8 5d 41 5c 41 5d c3 44 89 e5 eb 8e e8 d2 60 dc ff 48 c7 c7 a0 f7 94 89 e8 c3 75 58 07 <0f> 0b eb c5 48 89 df e8 1a aa 23 00 e9 6a ff ff ff 0f 1f 44 00 00 [ 74.537762][ T6975] RSP: 0018:ffffc90003b97ac0 EFLAGS: 00010286 [ 74.543831][ T6975] RAX: 0000000000000000 RBX: ffffffff8d6e3b20 RCX: 0000000000000000 [ 74.551798][ T6975] RDX: ffff888072fe8000 RSI: ffffffff815dbdb8 RDI: fffff52000772f4a [ 74.559769][ T6975] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 74.567733][ T6975] R10: ffffffff815d5b5e R11: 0000000000000000 R12: 00000000ffffffff [ 74.575700][ T6975] R13: 0000000000000001 R14: ffff88806aa15118 R15: 0000000000000040 [ 74.583687][ T6975] ? wake_up_klogd.part.0+0x8e/0xd0 [ 74.588892][ T6975] ? vprintk+0x88/0x90 [ 74.592963][ T6975] __static_key_slow_dec_deferred+0x60/0x100 [ 74.598960][ T6975] kvm_free_lapic+0x144/0x1a0 [ 74.603637][ T6975] kvm_arch_vcpu_create+0x890/0xbf0 [ 74.608844][ T6975] kvm_vm_ioctl+0x137f/0x23d0 [ 74.613528][ T6975] ? kvm_unregister_device_ops+0x90/0x90 [ 74.619168][ T6975] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 74.627245][ T6975] ? tomoyo_path_number_perm+0x24e/0x590 [ 74.633769][ T6975] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 74.640040][ T6975] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 74.646472][ T6975] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 74.655313][ T6975] ? do_vfs_ioctl+0x132/0x15d0 [ 74.660176][ T6975] ? vfs_fileattr_set+0xbe0/0xbe0 [ 74.665221][ T6975] ? lock_downgrade+0x6e0/0x6e0 [ 74.670188][ T6975] ? __fget_files+0x23d/0x3e0 [ 74.676709][ T6975] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 74.683400][ T6975] ? kvm_unregister_device_ops+0x90/0x90 [ 74.689127][ T6975] __x64_sys_ioctl+0x193/0x200 [ 74.694617][ T6975] do_syscall_64+0x35/0xb0 [ 74.699781][ T6975] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 74.705886][ T6975] RIP: 0033:0x7f46433c8739 [ 74.710433][ T6975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 74.732061][ T6975] RSP: 002b:00007f4642b3f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 74.742384][ T6975] RAX: ffffffffffffffda RBX: 00007f46434ccf80 RCX: 00007f46433c8739 [ 74.750354][ T6975] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 74.758320][ T6975] RBP: 00007f4643422cc4 R08: 0000000000000000 R09: 0000000000000000 [ 74.766290][ T6975] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f46434ccf80 [ 74.774295][ T6975] R13: 00007ffdb9232f7f R14: 00007f4642b3f300 R15: 0000000000022000 [ 74.782713][ T6975] Kernel Offset: disabled [ 74.787145][ T6975] Rebooting in 86400 seconds..