[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.37' (ECDSA) to the list of known hosts. syzkaller login: [ 63.147178][ T8460] IPVS: ftp: loaded support on port[0] = 21 [ 63.236606][ T8460] chnl_net:caif_netlink_parms(): no params data found [ 63.289983][ T8460] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.298010][ T8460] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.307885][ T8460] device bridge_slave_0 entered promiscuous mode [ 63.316988][ T8460] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.325240][ T8460] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.333524][ T8460] device bridge_slave_1 entered promiscuous mode [ 63.354000][ T8460] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.365233][ T8460] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.387824][ T8460] team0: Port device team_slave_0 added [ 63.395615][ T8460] team0: Port device team_slave_1 added [ 63.413728][ T8460] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.420735][ T8460] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.447780][ T8460] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.461824][ T8460] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.469659][ T8460] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.495912][ T8460] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.522676][ T8460] device hsr_slave_0 entered promiscuous mode [ 63.529699][ T8460] device hsr_slave_1 entered promiscuous mode [ 63.625024][ T8460] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 63.639907][ T8460] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 63.650363][ T8460] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 63.660664][ T8460] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 63.686044][ T8460] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.693277][ T8460] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.700937][ T8460] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.708106][ T8460] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.752088][ T8460] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.765422][ T8397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.775993][ T8397] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.784556][ T8397] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.795785][ T8397] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 63.809310][ T8460] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.823536][ T8397] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.831907][ T8397] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.839096][ T8397] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.852655][ T3191] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.861007][ T3191] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.868128][ T3191] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.893902][ T3191] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 63.902632][ T3191] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 63.910971][ T3191] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 63.923027][ T3191] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 63.930789][ T3191] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 63.943661][ T8460] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 63.965677][ T3191] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 63.975398][ T3191] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 63.989366][ T8460] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.013677][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 64.029261][ T8460] device veth0_vlan entered promiscuous mode [ 64.036436][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 64.047735][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 64.056169][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 64.068266][ T8460] device veth1_vlan entered promiscuous mode [ 64.089437][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 64.098120][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 64.106769][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 64.118643][ T8460] device veth0_macvtap entered promiscuous mode [ 64.128997][ T8460] device veth1_macvtap entered promiscuous mode [ 64.147576][ T8460] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.156580][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 64.167379][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 64.179374][ T8460] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.187347][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program [ 64.199025][ T8460] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.208719][ T8460] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.217733][ T8460] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.227710][ T8460] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.268195][ T8460] ------------[ cut here ]------------ [ 64.273827][ T8460] WARNING: CPU: 0 PID: 8460 at net/sched/sch_taprio.c:998 taprio_change+0x1ed0/0x2d40 [ 64.283420][ T8460] Modules linked in: [ 64.287350][ T8460] CPU: 0 PID: 8460 Comm: syz-executor652 Not tainted 5.10.0-rc7-syzkaller #0 [ 64.296160][ T8460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 64.306295][ T8460] RIP: 0010:taprio_change+0x1ed0/0x2d40 [ 64.311946][ T8460] Code: 8b 44 24 18 41 bf ea ff ff ff 48 c7 00 c0 31 48 8a e8 d4 fa 4b fa 48 8b 7c 24 08 e8 ba f1 c3 01 e9 0a eb ff ff e8 c0 fa 4b fa <0f> 0b 48 83 7c 24 18 00 74 2e e8 b1 fa 4b fa 48 8b 54 24 18 48 b8 [ 64.331761][ T8460] RSP: 0018:ffffc900016ef2b8 EFLAGS: 00010293 [ 64.337895][ T8460] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff87240500 [ 64.346986][ T8460] RDX: ffff888020554ec0 RSI: ffffffff872409b0 RDI: 0000000000000007 [ 64.355020][ T8460] RBP: 164fa494a1156125 R08: 0000000000000001 R09: ffffffff8ebaf72f [ 64.363080][ T8460] R10: 0000000000000000 R11: 1ffffffff1ceeda4 R12: 0000000000000000 [ 64.371047][ T8460] R13: 0000000000000000 R14: 0000000000000002 R15: 0000000000000000 [ 64.379074][ T8460] FS: 0000000000a87880(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000 [ 64.388070][ T8460] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 64.394734][ T8460] CR2: 0000000020000600 CR3: 0000000011053000 CR4: 00000000001506f0 [ 64.402783][ T8460] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 64.410750][ T8460] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 64.418767][ T8460] Call Trace: [ 64.422154][ T8460] ? lockdep_init_map_waits+0x26a/0x720 [ 64.427699][ T8460] ? fifo_init+0x342/0x6c0 [ 64.432156][ T8460] ? taprio_peek_soft+0x5e0/0x5e0 [ 64.437184][ T8460] ? fifo_create_dflt+0xe0/0xe0 [ 64.442114][ T8460] ? mutex_is_locked+0xe/0x40 [ 64.446792][ T8460] ? rtnl_is_locked+0x11/0x20 [ 64.451449][ T8460] ? qdisc_hash_add+0x21d/0x330 [ 64.456349][ T8460] taprio_init+0x52e/0x670 [ 64.460795][ T8460] ? taprio_change+0x2d40/0x2d40 [ 64.465808][ T8460] qdisc_create+0x4ba/0x1270 [ 64.470412][ T8460] ? tc_get_qdisc+0xad0/0xad0 [ 64.475327][ T8460] ? __nla_parse+0x3d/0x50 [ 64.479756][ T8460] tc_modify_qdisc+0x4c8/0x1990 [ 64.484679][ T8460] ? rtnetlink_rcv_msg+0x3f9/0xad0 [ 64.489792][ T8460] ? qdisc_create+0x1270/0x1270 [ 64.494718][ T8460] ? qdisc_create+0x1270/0x1270 [ 64.499589][ T8460] rtnetlink_rcv_msg+0x44e/0xad0 [ 64.504595][ T8460] ? rtnetlink_put_metrics+0x510/0x510 [ 64.510088][ T8460] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 64.515437][ T8460] netlink_rcv_skb+0x153/0x420 [ 64.520212][ T8460] ? rtnetlink_put_metrics+0x510/0x510 [ 64.525755][ T8460] ? netlink_ack+0xaa0/0xaa0 [ 64.530359][ T8460] ? netlink_deliver_tap+0x227/0xb70 [ 64.535727][ T8460] netlink_unicast+0x533/0x7d0 [ 64.540499][ T8460] ? netlink_attachskb+0x810/0x810 [ 64.545665][ T8460] ? __phys_addr_symbol+0x2c/0x70 [ 64.550701][ T8460] ? __check_object_size+0x171/0x3f0 [ 64.556041][ T8460] netlink_sendmsg+0x856/0xd90 [ 64.560816][ T8460] ? netlink_unicast+0x7d0/0x7d0 [ 64.565843][ T8460] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 64.572404][ T8460] ? netlink_unicast+0x7d0/0x7d0 [ 64.577362][ T8460] sock_sendmsg+0xcf/0x120 [ 64.581780][ T8460] ____sys_sendmsg+0x6e8/0x810 [ 64.586607][ T8460] ? kernel_sendmsg+0x50/0x50 [ 64.591307][ T8460] ? do_recvmmsg+0x6c0/0x6c0 [ 64.595950][ T8460] ? fs_reclaim_release+0x90/0xd0 [ 64.600985][ T8460] ___sys_sendmsg+0xf3/0x170 [ 64.605716][ T8460] ? sendmsg_copy_msghdr+0x160/0x160 [ 64.611008][ T8460] ? lockdep_init_map_waits+0x26a/0x720 [ 64.616612][ T8460] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 64.622678][ T8460] ? percpu_counter_add_batch+0xbd/0x180 [ 64.628317][ T8460] ? find_held_lock+0x2d/0x110 [ 64.633248][ T8460] ? __fd_install+0x1b4/0x600 [ 64.637921][ T8460] ? lock_downgrade+0x6d0/0x6d0 [ 64.642823][ T8460] ? __fget_light+0x215/0x280 [ 64.647509][ T8460] __sys_sendmsg+0xe5/0x1b0 [ 64.652088][ T8460] ? __sys_sendmsg_sock+0xb0/0xb0 [ 64.657130][ T8460] ? syscall_enter_from_user_mode+0x1d/0x50 [ 64.663086][ T8460] do_syscall_64+0x2d/0x70 [ 64.667508][ T8460] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 64.673446][ T8460] RIP: 0033:0x443999 [ 64.677367][ T8460] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 0d fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 64.697044][ T8460] RSP: 002b:00007ffd5cf19ec8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 64.705540][ T8460] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000443999 [ 64.713573][ T8460] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000004 [ 64.721571][ T8460] RBP: 00007ffd5cf19ed0 R08: 0000000001bbbbbb R09: 0000000001bbbbbb [ 64.729600][ T8460] R10: 0000000001bbbbbb R11: 0000000000000246 R12: 00007ffd5cf19ee0 [ 64.737641][ T8460] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 64.745698][ T8460] Kernel panic - not syncing: panic_on_warn set ... [ 64.752293][ T8460] CPU: 0 PID: 8460 Comm: syz-executor652 Not tainted 5.10.0-rc7-syzkaller #0 [ 64.761040][ T8460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 64.771077][ T8460] Call Trace: [ 64.774376][ T8460] dump_stack+0x107/0x163 [ 64.778717][ T8460] panic+0x306/0x73d [ 64.782596][ T8460] ? __warn_printk+0xf3/0xf3 [ 64.787226][ T8460] ? __warn.cold+0x1a/0x44 [ 64.791622][ T8460] ? __warn+0xf1/0x210 [ 64.795692][ T8460] ? taprio_change+0x1ed0/0x2d40 [ 64.800610][ T8460] __warn.cold+0x35/0x44 [ 64.804834][ T8460] ? taprio_change+0x1ed0/0x2d40 [ 64.809766][ T8460] report_bug+0x1bd/0x210 [ 64.815453][ T8460] handle_bug+0x3c/0x60 [ 64.819589][ T8460] exc_invalid_op+0x14/0x40 [ 64.824073][ T8460] asm_exc_invalid_op+0x12/0x20 [ 64.828923][ T8460] RIP: 0010:taprio_change+0x1ed0/0x2d40 [ 64.834467][ T8460] Code: 8b 44 24 18 41 bf ea ff ff ff 48 c7 00 c0 31 48 8a e8 d4 fa 4b fa 48 8b 7c 24 08 e8 ba f1 c3 01 e9 0a eb ff ff e8 c0 fa 4b fa <0f> 0b 48 83 7c 24 18 00 74 2e e8 b1 fa 4b fa 48 8b 54 24 18 48 b8 [ 64.854057][ T8460] RSP: 0018:ffffc900016ef2b8 EFLAGS: 00010293 [ 64.860122][ T8460] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff87240500 [ 64.868090][ T8460] RDX: ffff888020554ec0 RSI: ffffffff872409b0 RDI: 0000000000000007 [ 64.876046][ T8460] RBP: 164fa494a1156125 R08: 0000000000000001 R09: ffffffff8ebaf72f [ 64.884000][ T8460] R10: 0000000000000000 R11: 1ffffffff1ceeda4 R12: 0000000000000000 [ 64.892136][ T8460] R13: 0000000000000000 R14: 0000000000000002 R15: 0000000000000000 [ 64.900112][ T8460] ? taprio_change+0x1a20/0x2d40 [ 64.905031][ T8460] ? taprio_change+0x1ed0/0x2d40 [ 64.909953][ T8460] ? taprio_change+0x1ed0/0x2d40 [ 64.914888][ T8460] ? lockdep_init_map_waits+0x26a/0x720 [ 64.920425][ T8460] ? fifo_init+0x342/0x6c0 [ 64.924832][ T8460] ? taprio_peek_soft+0x5e0/0x5e0 [ 64.929883][ T8460] ? fifo_create_dflt+0xe0/0xe0 [ 64.934725][ T8460] ? mutex_is_locked+0xe/0x40 [ 64.939387][ T8460] ? rtnl_is_locked+0x11/0x20 [ 64.944048][ T8460] ? qdisc_hash_add+0x21d/0x330 [ 64.948885][ T8460] taprio_init+0x52e/0x670 [ 64.953288][ T8460] ? taprio_change+0x2d40/0x2d40 [ 64.958208][ T8460] qdisc_create+0x4ba/0x1270 [ 64.962789][ T8460] ? tc_get_qdisc+0xad0/0xad0 [ 64.967467][ T8460] ? __nla_parse+0x3d/0x50 [ 64.971875][ T8460] tc_modify_qdisc+0x4c8/0x1990 [ 64.976723][ T8460] ? rtnetlink_rcv_msg+0x3f9/0xad0 [ 64.981822][ T8460] ? qdisc_create+0x1270/0x1270 [ 64.986667][ T8460] ? qdisc_create+0x1270/0x1270 [ 64.991522][ T8460] rtnetlink_rcv_msg+0x44e/0xad0 [ 64.996464][ T8460] ? rtnetlink_put_metrics+0x510/0x510 [ 65.002207][ T8460] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 65.007481][ T8460] netlink_rcv_skb+0x153/0x420 [ 65.012243][ T8460] ? rtnetlink_put_metrics+0x510/0x510 [ 65.017697][ T8460] ? netlink_ack+0xaa0/0xaa0 [ 65.022441][ T8460] ? netlink_deliver_tap+0x227/0xb70 [ 65.027728][ T8460] netlink_unicast+0x533/0x7d0 [ 65.032489][ T8460] ? netlink_attachskb+0x810/0x810 [ 65.037593][ T8460] ? __phys_addr_symbol+0x2c/0x70 [ 65.042595][ T8460] ? __check_object_size+0x171/0x3f0 [ 65.047947][ T8460] netlink_sendmsg+0x856/0xd90 [ 65.052751][ T8460] ? netlink_unicast+0x7d0/0x7d0 [ 65.057702][ T8460] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 65.062966][ T8460] ? netlink_unicast+0x7d0/0x7d0 [ 65.067884][ T8460] sock_sendmsg+0xcf/0x120 [ 65.072294][ T8460] ____sys_sendmsg+0x6e8/0x810 [ 65.079572][ T8460] ? kernel_sendmsg+0x50/0x50 [ 65.084227][ T8460] ? do_recvmmsg+0x6c0/0x6c0 [ 65.088814][ T8460] ? fs_reclaim_release+0x90/0xd0 [ 65.093842][ T8460] ___sys_sendmsg+0xf3/0x170 [ 65.098434][ T8460] ? sendmsg_copy_msghdr+0x160/0x160 [ 65.103701][ T8460] ? lockdep_init_map_waits+0x26a/0x720 [ 65.109226][ T8460] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 65.115188][ T8460] ? percpu_counter_add_batch+0xbd/0x180 [ 65.120805][ T8460] ? find_held_lock+0x2d/0x110 [ 65.125552][ T8460] ? __fd_install+0x1b4/0x600 [ 65.130208][ T8460] ? lock_downgrade+0x6d0/0x6d0 [ 65.135995][ T8460] ? __fget_light+0x215/0x280 [ 65.140660][ T8460] __sys_sendmsg+0xe5/0x1b0 [ 65.145161][ T8460] ? __sys_sendmsg_sock+0xb0/0xb0 [ 65.150176][ T8460] ? syscall_enter_from_user_mode+0x1d/0x50 [ 65.156052][ T8460] do_syscall_64+0x2d/0x70 [ 65.160453][ T8460] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 65.166338][ T8460] RIP: 0033:0x443999 [ 65.170227][ T8460] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 0d fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 65.189912][ T8460] RSP: 002b:00007ffd5cf19ec8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 65.198312][ T8460] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000443999 [ 65.206286][ T8460] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000004 [ 65.214256][ T8460] RBP: 00007ffd5cf19ed0 R08: 0000000001bbbbbb R09: 0000000001bbbbbb [ 65.222208][ T8460] R10: 0000000001bbbbbb R11: 0000000000000246 R12: 00007ffd5cf19ee0 [ 65.230173][ T8460] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 65.239047][ T8460] Kernel Offset: disabled [ 65.243459][ T8460] Rebooting in 86400 seconds..