[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.10.2' (ECDSA) to the list of known hosts. syzkaller login: [ 71.050329][ T8482] IPVS: ftp: loaded support on port[0] = 21 [ 71.155158][ T8482] chnl_net:caif_netlink_parms(): no params data found [ 71.210655][ T8482] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.218089][ T8482] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.227283][ T8482] device bridge_slave_0 entered promiscuous mode [ 71.237620][ T8482] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.245907][ T8482] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.254257][ T8482] device bridge_slave_1 entered promiscuous mode [ 71.275516][ T8482] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.286355][ T8482] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.310465][ T8482] team0: Port device team_slave_0 added [ 71.317913][ T8482] team0: Port device team_slave_1 added [ 71.336007][ T8482] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 71.342975][ T8482] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.368989][ T8482] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 71.382222][ T8482] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.389248][ T8482] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.415239][ T8482] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 71.444643][ T8482] device hsr_slave_0 entered promiscuous mode [ 71.451384][ T8482] device hsr_slave_1 entered promiscuous mode [ 71.558636][ T8482] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 71.571702][ T8482] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 71.582107][ T8482] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 71.592282][ T8482] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 71.618721][ T8482] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.625978][ T8482] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.633874][ T8482] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.641136][ T8482] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.689656][ T8482] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.704887][ T3201] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 71.715569][ T3201] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.724581][ T3201] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.733144][ T3201] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 71.746896][ T8482] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.760121][ T3860] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 71.768794][ T3860] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.775927][ T3860] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.788230][ T3201] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 71.797577][ T3201] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.804763][ T3201] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.827243][ T3201] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 71.836223][ T3201] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 71.851342][ T2998] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 71.868477][ T8482] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 71.882019][ T8482] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 71.894722][ T2998] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 71.904097][ T2998] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 71.915013][ T2998] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 71.933011][ T8689] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 71.941057][ T8689] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 71.955084][ T8482] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.977043][ T2998] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 71.999288][ T8482] device veth0_vlan entered promiscuous mode [ 72.000520][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 72.014989][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 72.023508][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 72.036895][ T8482] device veth1_vlan entered promiscuous mode [ 72.061263][ T2998] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 72.073026][ T2998] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 72.081366][ T2998] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 72.093554][ T8482] device veth0_macvtap entered promiscuous mode [ 72.105248][ T8482] device veth1_macvtap entered promiscuous mode [ 72.122983][ T8482] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.131041][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 72.142314][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 72.154196][ T8482] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.161996][ T2998] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready executing program [ 72.171510][ T2998] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 72.182886][ T8482] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.193117][ T8482] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.201928][ T8482] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.210959][ T8482] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.433717][ T8691] BUG: unable to handle page fault for address: ffff8880bfffd000 [ 73.441474][ T8691] #PF: supervisor read access in kernel mode [ 73.447428][ T8691] #PF: error_code(0x0000) - not-present page [ 73.453381][ T8691] PGD fc01067 P4D fc01067 PUD 23ffff067 PMD 23fffe067 PTE 0 [ 73.460672][ T8691] Oops: 0000 [#1] PREEMPT SMP KASAN [ 73.465849][ T8691] CPU: 1 PID: 8691 Comm: syz-executor957 Not tainted 5.10.0-syzkaller #0 [ 73.474238][ T8691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 73.484270][ T8691] RIP: 0010:do_csum+0x177/0x400 [ 73.489122][ T8691] Code: 89 ee 44 89 6c 24 04 89 04 24 e8 04 14 9a fd 45 85 ed 74 4e 4d 89 e6 e8 77 0c 9a fd 41 83 ed 01 31 ff 31 c0 44 89 ee 49 03 1e <49> 13 5e 08 49 13 5e 10 49 13 5e 18 49 13 5e 20 49 13 5e 28 49 13 [ 73.508714][ T8691] RSP: 0018:ffffc90001dff420 EFLAGS: 00010296 [ 73.514769][ T8691] RAX: 0000000000000000 RBX: e87b8fb6a788da1b RCX: 0000000000000000 [ 73.522741][ T8691] RDX: ffff888010ef9bc0 RSI: 00000000016ea4e1 RDI: 0000000000000000 [ 73.530694][ T8691] RBP: 00000000ffffffec R08: 0000000000000000 R09: 0000000000000060 [ 73.538659][ T8691] R10: ffffffff83d7506b R11: 0000000000000060 R12: ffff88801ba908b8 [ 73.546612][ T8691] R13: 00000000016ea4e1 R14: ffff8880bfffcff8 R15: 0000000000000000 [ 73.554563][ T8691] FS: 00007f56fd0c3700(0000) GS:ffff8880b9f00000(0000) knlGS:0000000000000000 [ 73.563487][ T8691] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.570110][ T8691] CR2: ffff8880bfffd000 CR3: 00000000206f6000 CR4: 00000000001506e0 [ 73.578069][ T8691] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 73.586028][ T8691] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 73.593996][ T8691] Call Trace: [ 73.597256][ T8691] csum_partial+0x1c/0x30 [ 73.601588][ T8691] __gre_xmit+0x867/0x8f0 [ 73.605906][ T8691] ipgre_xmit+0x679/0x830 [ 73.610240][ T8691] dev_hard_start_xmit+0x1eb/0x920 [ 73.615353][ T8691] __dev_queue_xmit+0x21db/0x2dd0 [ 73.620375][ T8691] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 73.626079][ T8691] ? _copy_from_iter+0x37b/0xbf0 [ 73.630999][ T8691] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 73.636701][ T8691] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 73.641975][ T8691] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 73.648198][ T8691] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 73.653897][ T8691] ? virtio_net_hdr_to_skb.constprop.0+0x423/0xa70 [ 73.660385][ T8691] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 73.666609][ T8691] ? packet_parse_headers+0x11d/0x490 [ 73.671974][ T8691] ? prb_fill_curr_block+0x5d0/0x5d0 [ 73.677257][ T8691] packet_sendmsg+0x2413/0x52b0 [ 73.682095][ T8691] ? aa_sk_perm+0x316/0xaa0 [ 73.686586][ T8691] ? packet_cached_dev_get+0x250/0x250 [ 73.692027][ T8691] ? aa_af_perm+0x230/0x230 [ 73.696531][ T8691] ? __lock_acquire+0x16b7/0x5500 [ 73.701538][ T8691] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 73.707764][ T8691] ? packet_cached_dev_get+0x250/0x250 [ 73.713242][ T8691] sock_sendmsg+0xcf/0x120 [ 73.717653][ T8691] sock_no_sendpage+0xee/0x130 [ 73.722434][ T8691] ? sk_page_frag_refill+0x1d0/0x1d0 [ 73.727740][ T8691] ? lock_release+0x710/0x710 [ 73.732414][ T8691] ? find_held_lock+0x2d/0x110 [ 73.737160][ T8691] kernel_sendpage.part.0+0x1ab/0x350 [ 73.742513][ T8691] sock_sendpage+0xe5/0x140 [ 73.747014][ T8691] ? __sock_recv_ts_and_drops+0x430/0x430 [ 73.752714][ T8691] pipe_to_sendpage+0x2ad/0x380 [ 73.757550][ T8691] ? propagate_umount+0x1c20/0x1c20 [ 73.762731][ T8691] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 73.768959][ T8691] ? splice_from_pipe_next.part.0+0x167/0x520 [ 73.775205][ T8691] __splice_from_pipe+0x439/0x8a0 [ 73.780230][ T8691] ? propagate_umount+0x1c20/0x1c20 [ 73.785412][ T8691] generic_splice_sendpage+0xd4/0x140 [ 73.790769][ T8691] ? __do_sys_vmsplice+0x9d0/0x9d0 [ 73.795880][ T8691] ? security_file_permission+0x248/0x560 [ 73.801584][ T8691] ? __do_sys_vmsplice+0x9d0/0x9d0 [ 73.806682][ T8691] do_splice+0xba4/0x1a90 [ 73.810996][ T8691] ? find_held_lock+0x2d/0x110 [ 73.815757][ T8691] ? splice_from_pipe+0x140/0x140 [ 73.820797][ T8691] __do_splice+0x134/0x250 [ 73.825200][ T8691] ? do_splice+0x1a90/0x1a90 [ 73.829780][ T8691] __x64_sys_splice+0x198/0x250 [ 73.834716][ T8691] do_syscall_64+0x2d/0x70 [ 73.839129][ T8691] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 73.845024][ T8691] RIP: 0033:0x448dc9 [ 73.848902][ T8691] Code: e8 ac 12 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 1b 0c fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 73.868522][ T8691] RSP: 002b:00007f56fd0c2d88 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 73.876931][ T8691] RAX: ffffffffffffffda RBX: 00000000006dec78 RCX: 0000000000448dc9 [ 73.884901][ T8691] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000004 [ 73.892858][ T8691] RBP: 00000000006dec70 R08: 00000000ffffffff R09: 0000000000000000 [ 73.900817][ T8691] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dec7c [ 73.908792][ T8691] R13: 00316c6e747a7973 R14: 0000000000000000 R15: 0000000030657267 [ 73.916809][ T8691] Modules linked in: [ 73.920685][ T8691] CR2: ffff8880bfffd000 [ 73.924823][ T8691] ---[ end trace 5a003039afae783b ]--- [ 73.930260][ T8691] RIP: 0010:do_csum+0x177/0x400 [ 73.935125][ T8691] Code: 89 ee 44 89 6c 24 04 89 04 24 e8 04 14 9a fd 45 85 ed 74 4e 4d 89 e6 e8 77 0c 9a fd 41 83 ed 01 31 ff 31 c0 44 89 ee 49 03 1e <49> 13 5e 08 49 13 5e 10 49 13 5e 18 49 13 5e 20 49 13 5e 28 49 13 [ 73.954717][ T8691] RSP: 0018:ffffc90001dff420 EFLAGS: 00010296 [ 73.960783][ T8691] RAX: 0000000000000000 RBX: e87b8fb6a788da1b RCX: 0000000000000000 [ 73.968802][ T8691] RDX: ffff888010ef9bc0 RSI: 00000000016ea4e1 RDI: 0000000000000000 [ 73.976782][ T8691] RBP: 00000000ffffffec R08: 0000000000000000 R09: 0000000000000060 [ 73.984742][ T8691] R10: ffffffff83d7506b R11: 0000000000000060 R12: ffff88801ba908b8 [ 73.992698][ T8691] R13: 00000000016ea4e1 R14: ffff8880bfffcff8 R15: 0000000000000000 [ 74.000671][ T8691] FS: 00007f56fd0c3700(0000) GS:ffff8880b9f00000(0000) knlGS:0000000000000000 [ 74.009593][ T8691] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.016193][ T8691] CR2: ffff8880bfffd000 CR3: 00000000206f6000 CR4: 00000000001506e0 [ 74.024150][ T8691] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 74.032101][ T8691] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 74.040056][ T8691] Kernel panic - not syncing: Fatal exception in interrupt [ 74.047838][ T8691] Kernel Offset: disabled [ 74.052154][ T8691] Rebooting in 86400 seconds..