Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.10.16' (ECDSA) to the list of known hosts. syzkaller login: [ 53.597321][ T6787] IPVS: ftp: loaded support on port[0] = 21 [ 53.684297][ T6787] chnl_net:caif_netlink_parms(): no params data found [ 53.757416][ T6787] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.766368][ T6787] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.774178][ T6787] device bridge_slave_0 entered promiscuous mode [ 53.787231][ T6787] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.794428][ T6787] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.804557][ T6787] device bridge_slave_1 entered promiscuous mode [ 53.825933][ T6787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.837665][ T6787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.859700][ T6787] team0: Port device team_slave_0 added [ 53.867544][ T6787] team0: Port device team_slave_1 added [ 53.884584][ T6787] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.891726][ T6787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.918928][ T6787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.932052][ T6787] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.940051][ T6787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.966074][ T6787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.038321][ T6787] device hsr_slave_0 entered promiscuous mode [ 54.086386][ T6787] device hsr_slave_1 entered promiscuous mode [ 54.219679][ T6787] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 54.277887][ T6787] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 54.329021][ T6787] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 54.397167][ T6787] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 54.452094][ T6787] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.459306][ T6787] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.467301][ T6787] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.474378][ T6787] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.518399][ T6787] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.532302][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.543794][ T5] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.552495][ T5] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.561448][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 54.574031][ T6787] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.585235][ T3791] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 54.593709][ T3791] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.600844][ T3791] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.615362][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 54.623741][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.630865][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.648172][ T3790] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 54.657675][ T3790] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 54.670330][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 54.679981][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 54.696328][ T6787] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 54.707208][ T6787] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 54.719477][ T6996] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 54.728586][ T6996] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 54.738117][ T6996] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 54.747327][ T6996] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 54.763389][ T6996] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 54.776499][ T3790] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 54.783896][ T3790] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 54.798223][ T6787] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.816976][ T6996] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 54.826070][ T6996] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 54.845440][ T3790] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 54.853670][ T3790] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 54.864005][ T3790] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 54.872202][ T3790] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 54.882546][ T6787] device veth0_vlan entered promiscuous mode [ 54.896092][ T6787] device veth1_vlan entered promiscuous mode [ 54.918214][ T3790] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 54.927817][ T3790] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 54.936281][ T3790] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 54.945013][ T3790] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 54.956573][ T6787] device veth0_macvtap entered promiscuous mode [ 54.968735][ T6787] device veth1_macvtap entered promiscuous mode [ 54.987731][ T6787] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.995441][ T6996] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 55.003618][ T6996] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 55.012925][ T6996] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 55.021859][ T6996] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 55.035250][ T6787] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.042572][ T3790] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 55.052418][ T3790] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program [ 55.449166][ T7000] general protection fault, probably for non-canonical address 0xdffffc000000001e: 0000 [#1] PREEMPT SMP KASAN [ 55.460920][ T7000] KASAN: null-ptr-deref in range [0x00000000000000f0-0x00000000000000f7] [ 55.469325][ T7000] CPU: 0 PID: 7000 Comm: systemd-udevd Not tainted 5.8.0-rc3-syzkaller #0 [ 55.477813][ T7000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 55.488003][ T7000] RIP: 0010:bdev_read_page+0x35/0x290 [ 55.493419][ T7000] Code: f5 53 48 89 fb 48 83 ec 08 48 89 14 24 e8 03 12 a5 ff 48 8d bb f0 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 e7 01 00 00 4c 8b bb f0 00 00 00 48 b8 00 00 00 [ 55.513018][ T7000] RSP: 0018:ffffc90001e5f530 EFLAGS: 00010206 [ 55.519101][ T7000] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff81cf749a [ 55.527142][ T7000] RDX: 000000000000001e RSI: ffffffff81cea51d RDI: 00000000000000f0 [ 55.535087][ T7000] RBP: fff89719b6b00000 R08: 0000000000000001 R09: ffffea000253b247 [ 55.543118][ T7000] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 55.551095][ T7000] R13: 0000000000000000 R14: 0000000000000000 R15: ffffc90001e5f748 [ 55.559044][ T7000] FS: 00007f3f76cce8c0(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000 [ 55.567948][ T7000] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 55.574508][ T7000] CR2: 00005615f11f0c78 CR3: 0000000094547000 CR4: 00000000001406f0 [ 55.582464][ T7000] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 55.590416][ T7000] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 55.598361][ T7000] Call Trace: [ 55.601633][ T7000] do_mpage_readpage+0x10ca/0x1ef0 [ 55.606722][ T7000] ? lock_downgrade+0x820/0x820 [ 55.611569][ T7000] ? mpage_writepage+0x1b0/0x1b0 [ 55.616480][ T7000] ? __xa_clear_mark+0x110/0x110 [ 55.621388][ T7000] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 55.627341][ T7000] ? get_mem_cgroup_from_mm+0x13/0x450 [ 55.632784][ T7000] ? __lock_acquire+0x16e3/0x56e0 [ 55.637783][ T7000] mpage_readahead+0x3a2/0x870 [ 55.642524][ T7000] ? do_mpage_readpage+0x1ef0/0x1ef0 [ 55.647786][ T7000] ? __blkdev_direct_IO_simple+0x940/0x940 [ 55.653572][ T7000] ? lock_downgrade+0x820/0x820 [ 55.658402][ T7000] ? blkdev_write_begin+0x40/0x40 [ 55.663394][ T7000] read_pages+0x1df/0x8d0 [ 55.667697][ T7000] ? read_cache_pages+0x750/0x750 [ 55.672690][ T7000] ? add_to_page_cache_lru+0x2ab/0x5b0 [ 55.678116][ T7000] ? 0xffffffff81000000 [ 55.682265][ T7000] ? alloc_pages_current+0x18f/0x280 [ 55.687533][ T7000] ? __page_cache_alloc+0x10b/0x450 [ 55.692715][ T7000] page_cache_readahead_unbounded+0x572/0x850 [ 55.698755][ T7000] ? lock_acquire+0x1f1/0xad0 [ 55.703403][ T7000] ? read_pages+0x8d0/0x8d0 [ 55.707893][ T7000] ? blk_cgroup_congested+0x1f9/0x3e0 [ 55.713239][ T7000] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 55.719199][ T7000] force_page_cache_readahead+0x2e9/0x460 [ 55.724895][ T7000] page_cache_sync_readahead+0x113/0x130 [ 55.730611][ T7000] generic_file_buffered_read+0x108c/0x27e0 [ 55.736483][ T7000] generic_file_read_iter+0x396/0x4e0 [ 55.741832][ T7000] blkdev_read_iter+0x11b/0x180 [ 55.746658][ T7000] new_sync_read+0x41a/0x6e0 [ 55.751222][ T7000] ? vfs_dedupe_file_range+0x780/0x780 [ 55.756659][ T7000] ? security_file_permission+0x239/0x470 [ 55.762350][ T7000] __vfs_read+0xc9/0x100 [ 55.766569][ T7000] vfs_read+0x1f6/0x420 [ 55.770734][ T7000] ksys_read+0x12d/0x250 [ 55.774949][ T7000] ? kernel_write+0x120/0x120 [ 55.779859][ T7000] do_syscall_64+0x60/0xe0 [ 55.784249][ T7000] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 55.790112][ T7000] RIP: 0033:0x7f3f75e15210 [ 55.794511][ T7000] Code: Bad RIP value. [ 55.798564][ T7000] RSP: 002b:00007ffc2bb79ab8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 55.806946][ T7000] RAX: ffffffffffffffda RBX: 00005615f11f0840 RCX: 00007f3f75e15210 [ 55.814889][ T7000] RDX: 0000000000000400 RSI: 00005615f11f0868 RDI: 000000000000000f [ 55.822831][ T7000] RBP: 00005615f11e0120 R08: 00007f3f75dfffe8 R09: 0000000000000430 [ 55.830773][ T7000] R10: 000000000000006d R11: 0000000000000246 R12: 0000000000000000 [ 55.838719][ T7000] R13: 0000000000000400 R14: 00005615f11e0170 R15: 0000000000000400 [ 55.846667][ T7000] Modules linked in: [ 55.858773][ T7000] ---[ end trace 2bd3b42735d7e06f ]--- [ 55.864260][ T7000] RIP: 0010:bdev_read_page+0x35/0x290 [ 55.870183][ T7000] Code: f5 53 48 89 fb 48 83 ec 08 48 89 14 24 e8 03 12 a5 ff 48 8d bb f0 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 e7 01 00 00 4c 8b bb f0 00 00 00 48 b8 00 00 00 [ 55.890178][ T7000] RSP: 0018:ffffc90001e5f530 EFLAGS: 00010206 [ 55.896274][ T7000] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff81cf749a [ 55.904239][ T7000] RDX: 000000000000001e RSI: ffffffff81cea51d RDI: 00000000000000f0 [ 55.912255][ T7000] RBP: fff89719b6b00000 R08: 0000000000000001 R09: ffffea000253b247 [ 55.920265][ T7000] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 55.928330][ T7000] R13: 0000000000000000 R14: 0000000000000000 R15: ffffc90001e5f748 [ 55.936560][ T7000] FS: 00007f3f76cce8c0(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000 [ 55.945579][ T7000] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 55.952149][ T7000] CR2: 00007fa7a2108000 CR3: 0000000094547000 CR4: 00000000001406f0 [ 55.960409][ T7000] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 55.968830][ T7000] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 55.977106][ T7000] Kernel panic - not syncing: Fatal exception [ 55.984394][ T7000] Kernel Offset: disabled [ 55.988720][ T7000] Rebooting in 86400 seconds..