[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.112' (ECDSA) to the list of known hosts. 2021/04/10 17:08:15 parsed 1 programs 2021/04/10 17:08:15 executed programs: 0 syzkaller login: [ 37.717646] IPVS: ftp: loaded support on port[0] = 21 [ 37.806248] chnl_net:caif_netlink_parms(): no params data found [ 37.862434] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.869131] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.877279] device bridge_slave_0 entered promiscuous mode [ 37.884932] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.892144] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.899106] device bridge_slave_1 entered promiscuous mode [ 37.916625] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 37.925528] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 37.945085] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 37.952460] team0: Port device team_slave_0 added [ 37.957910] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 37.966043] team0: Port device team_slave_1 added [ 37.981648] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 37.987910] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.015974] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.027850] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.034852] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.061205] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.071854] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 38.079280] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 38.099040] device hsr_slave_0 entered promiscuous mode [ 38.104892] device hsr_slave_1 entered promiscuous mode [ 38.111203] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 38.118300] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 38.183129] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.189734] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.196796] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.203271] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.233440] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 38.239779] 8021q: adding VLAN 0 to HW filter on device bond0 [ 38.249198] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 38.259082] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 38.278200] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.285669] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.296646] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 38.303113] 8021q: adding VLAN 0 to HW filter on device team0 [ 38.312063] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 38.319733] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.326514] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.336307] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 38.344914] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.351386] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.371709] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 38.379671] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 38.387439] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 38.395041] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 38.402949] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 38.413209] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 38.419414] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 38.432762] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 38.440533] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 38.447313] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 38.458847] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 38.511878] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 38.522954] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 38.554246] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 38.562425] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 38.568916] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 38.578990] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 38.587769] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 38.595830] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 38.605052] device veth0_vlan entered promiscuous mode [ 38.615190] device veth1_vlan entered promiscuous mode [ 38.621652] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 38.630080] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 38.641365] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 38.652034] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 38.659314] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 38.667275] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 38.677133] device veth0_macvtap entered promiscuous mode [ 38.684292] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 38.692984] device veth1_macvtap entered promiscuous mode [ 38.702451] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 38.712578] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 38.723438] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 38.731044] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 38.739355] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 38.749411] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 38.757053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 38.801781] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 39.050523] kasan: CONFIG_KASAN_INLINE enabled [ 39.055766] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 39.063595] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 39.069852] Modules linked in: [ 39.073050] CPU: 1 PID: 8255 Comm: syz-executor.0 Not tainted 4.14.230-syzkaller #0 [ 39.080825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 39.090185] task: ffff88809560e3c0 task.stack: ffff888094fe0000 [ 39.096261] RIP: 0010:rdma_listen+0x32b/0x9b0 [ 39.100742] RSP: 0018:ffff888094fe7be8 EFLAGS: 00010202 [ 39.106096] RAX: dffffc0000000000 RBX: ffff8880afcea000 RCX: 0000000000000000 [ 39.113361] RDX: 0000000000000001 RSI: ffffffff87cce9c0 RDI: 0000000000000008 [ 39.120622] RBP: ffff8880afcea214 R08: 0000000000000000 R09: 0000000000000001 [ 39.129039] R10: 0000000000000000 R11: ffff88809560e3c0 R12: 0000000000000000 [ 39.137327] R13: 0000000000000400 R14: ffff8880afcea218 R15: 0000000000000008 [ 39.144615] FS: 00007f70088c1700(0000) GS:ffff8880ba500000(0000) knlGS:0000000000000000 [ 39.153001] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 39.158873] CR2: 0000000000000000 CR3: 00000000b498f000 CR4: 00000000001406e0 [ 39.166384] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 39.173731] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 39.181133] Call Trace: [ 39.183788] ucma_listen+0x10b/0x170 [ 39.187484] ? ucma_bind_ip+0x150/0x150 [ 39.191462] ? _copy_from_user+0x96/0x100 [ 39.196199] ? ucma_bind_ip+0x150/0x150 [ 39.200163] ucma_write+0x206/0x2c0 [ 39.203894] ? ucma_set_ib_path+0x510/0x510 [ 39.208223] __vfs_write+0xe4/0x630 [ 39.211830] ? ucma_set_ib_path+0x510/0x510 [ 39.216838] ? kernel_read+0x110/0x110 [ 39.220713] ? common_file_perm+0x3ee/0x580 [ 39.225124] ? security_file_permission+0x82/0x1e0 [ 39.230041] ? rw_verify_area+0xe1/0x2a0 [ 39.234107] vfs_write+0x17f/0x4d0 [ 39.237638] SyS_write+0xf2/0x210 [ 39.241077] ? SyS_read+0x210/0x210 [ 39.244692] ? do_syscall_64+0x4c/0x640 [ 39.248656] ? SyS_read+0x210/0x210 [ 39.252360] do_syscall_64+0x1d5/0x640 [ 39.256251] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 39.261532] RIP: 0033:0x466459 [ 39.264719] RSP: 002b:00007f70088c1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 39.272413] RAX: ffffffffffffffda RBX: 000000000056c008 RCX: 0000000000466459 [ 39.279671] RDX: 0000000000000010 RSI: 00000000200001c0 RDI: 0000000000000003 [ 39.286931] RBP: 00000000004bf9fb R08: 0000000000000000 R09: 0000000000000000 [ 39.294187] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c008 [ 39.301560] R13: 00007ffce36f399f R14: 00007f70088c1300 R15: 0000000000022000 [ 39.308942] Code: 4c 8b a3 c0 01 00 00 31 f6 48 c7 c7 40 62 b4 89 e8 5b 8a d4 01 48 b8 00 00 00 00 00 fc ff df 49 8d 7c 24 08 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 92 05 00 00 48 b8 00 00 00 00 00 fc ff df 4d [ 39.328024] RIP: rdma_listen+0x32b/0x9b0 RSP: ffff888094fe7be8 [ 39.336659] ---[ end trace 156beb55c5dc8c63 ]--- [ 39.342156] Kernel panic - not syncing: Fatal exception [ 39.348084] Kernel Offset: disabled [ 39.351812] Rebooting in 86400 seconds..