[ OK ] Started OpenBSD Secure Shell server. [ OK ] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.11' (ECDSA) to the list of known hosts. syzkaller login: [ 56.906465][ T8409] chnl_net:caif_netlink_parms(): no params data found [ 56.947518][ T8409] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.956348][ T8409] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.964026][ T8409] device bridge_slave_0 entered promiscuous mode [ 56.973774][ T8409] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.981338][ T8409] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.988830][ T8409] device bridge_slave_1 entered promiscuous mode [ 57.005738][ T8409] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.017740][ T8409] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.037314][ T8409] team0: Port device team_slave_0 added [ 57.044546][ T8409] team0: Port device team_slave_1 added [ 57.059635][ T8409] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.066757][ T8409] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.093295][ T8409] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.105373][ T8409] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.112345][ T8409] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.138313][ T8409] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.161722][ T8409] device hsr_slave_0 entered promiscuous mode [ 57.168245][ T8409] device hsr_slave_1 entered promiscuous mode [ 57.258314][ T8409] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 57.270025][ T8409] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 57.279031][ T8409] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 57.287097][ T8409] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 57.306969][ T8409] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.314187][ T8409] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.322661][ T8409] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.329846][ T8409] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.365661][ T8409] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.377894][ T2946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.389904][ T2946] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.397873][ T2946] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.407079][ T2946] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 57.419293][ T8409] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.430798][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.439403][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.446419][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.458737][ T3802] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.467896][ T3802] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.474970][ T3802] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.490245][ T3802] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 57.506602][ T8409] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 57.518419][ T8409] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 57.531133][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 57.538819][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 57.548069][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.556679][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.568667][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 57.585694][ T8409] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.593422][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 57.601665][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 57.619566][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 57.637086][ T8409] device veth0_vlan entered promiscuous mode [ 57.644268][ T2946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 57.652899][ T2946] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 57.660883][ T2946] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 57.673939][ T8409] device veth1_vlan entered promiscuous mode [ 57.693141][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 57.702009][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 57.710554][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 57.721578][ T8409] device veth0_macvtap entered promiscuous mode [ 57.731334][ T8409] device veth1_macvtap entered promiscuous mode [ 57.745706][ T8409] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 57.753649][ T8633] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 57.763860][ T8633] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 57.775871][ T8409] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 57.783911][ T2946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 57.794926][ T8409] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.804001][ T8409] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.813977][ T8409] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 executing program executing program executing program executing program executing program [ 57.823166][ T8409] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 executing program [ 57.894123][ T8650] divide error: 0000 [#1] PREEMPT SMP KASAN [ 57.900124][ T8650] CPU: 1 PID: 8650 Comm: syz-executor472 Not tainted 5.13.0-rc4-syzkaller #0 [ 57.909313][ T8650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 57.919940][ T8650] RIP: 0010:netem_enqueue+0x1470/0x3540 [ 57.925488][ T8650] Code: 74 1f 4c 89 44 24 20 89 4c 24 18 89 44 24 10 e8 76 28 82 fa 4c 8b 44 24 20 8b 4c 24 18 8b 44 24 10 48 8b 34 24 31 d2 2b 4e 74 f1 48 b8 00 00 00 00 00 fc ff df 48 01 d3 48 89 d9 48 c1 e9 03 [ 57.945076][ T8650] RSP: 0018:ffffc90001f1f670 EFLAGS: 00010246 [ 57.951125][ T8650] RAX: 00000000c0ba6ebd RBX: ffff88802d21f800 RCX: 0000000000000000 [ 57.959096][ T8650] RDX: 0000000000000000 RSI: ffff8880175bfc80 RDI: ffff8880175bfcf4 [ 57.967223][ T8650] RBP: ffff88801dad9330 R08: ffff8880175bfd50 R09: 0000000000000000 [ 57.975173][ T8650] R10: ffffffff83cc1b8d R11: 0000000000000000 R12: 0000000000000001 [ 57.983139][ T8650] R13: 0000000000000004 R14: ffff88801dad9000 R15: 0000000000000000 [ 57.991109][ T8650] FS: 00007fed9664a700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 [ 58.000021][ T8650] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 58.006695][ T8650] CR2: 00000000200001c0 CR3: 00000000145d2000 CR4: 0000000000350ee0 [ 58.014649][ T8650] Call Trace: [ 58.017906][ T8650] ? lock_release+0x720/0x720 [ 58.022567][ T8650] ? netem_dump+0x1120/0x1120 [ 58.027218][ T8650] ? rwlock_bug.part.0+0x90/0x90 [ 58.032131][ T8650] __dev_queue_xmit+0x18af/0x3130 [ 58.037154][ T8650] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 58.042416][ T8650] ? memcpy+0x39/0x60 [ 58.046376][ T8650] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 58.052603][ T8650] ? memcpy+0x39/0x60 [ 58.056577][ T8650] ? __skb_clone+0x586/0x770 [ 58.061161][ T8650] netlink_deliver_tap+0x996/0xba0 [ 58.066267][ T8650] netlink_unicast+0x5e5/0x7d0 [ 58.071029][ T8650] ? netlink_attachskb+0x870/0x870 [ 58.076118][ T8650] ? __build_skb_around+0x23e/0x2f0 [ 58.081466][ T8650] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 58.087687][ T8650] ? __check_object_size+0x30/0x3f0 [ 58.092871][ T8650] netlink_sendmsg+0x856/0xd90 [ 58.097614][ T8650] ? netlink_unicast+0x7d0/0x7d0 [ 58.102531][ T8650] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 58.108754][ T8650] ? netlink_unicast+0x7d0/0x7d0 [ 58.113872][ T8650] sock_sendmsg+0xcf/0x120 [ 58.118266][ T8650] ____sys_sendmsg+0x6e8/0x810 [ 58.123007][ T8650] ? kernel_sendmsg+0x50/0x50 [ 58.127751][ T8650] ? do_recvmmsg+0x6d0/0x6d0 [ 58.132509][ T8650] ? lock_chain_count+0x20/0x20 [ 58.137340][ T8650] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 58.143473][ T8650] ___sys_sendmsg+0xf3/0x170 [ 58.148055][ T8650] ? sendmsg_copy_msghdr+0x160/0x160 [ 58.153317][ T8650] ? __fget_files+0x266/0x3d0 [ 58.157970][ T8650] ? lock_downgrade+0x6e0/0x6e0 [ 58.162817][ T8650] ? __fget_files+0x288/0x3d0 [ 58.167473][ T8650] ? __fget_light+0xea/0x280 [ 58.172141][ T8650] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 58.178380][ T8650] __sys_sendmsg+0xe5/0x1b0 [ 58.182864][ T8650] ? __sys_sendmsg_sock+0x30/0x30 [ 58.188059][ T8650] ? syscall_enter_from_user_mode+0x27/0x70 [ 58.193934][ T8650] do_syscall_64+0x3a/0xb0 [ 58.198329][ T8650] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 58.204285][ T8650] RIP: 0033:0x44a589 [ 58.208157][ T8650] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 58.227740][ T8650] RSP: 002b:00007fed9664a318 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 58.236148][ T8650] RAX: ffffffffffffffda RBX: 00000000004d04e8 RCX: 000000000044a589 [ 58.244112][ T8650] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000004 [ 58.252234][ T8650] RBP: 00000000004d04e0 R08: 0000000000000000 R09: 0000000000000000 [ 58.260182][ T8650] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000049f5b8 [ 58.268132][ T8650] R13: 00007ffd625494bf R14: 00007fed9664a400 R15: 0000000000022000 [ 58.276082][ T8650] Modules linked in: [ 58.279998][ T8650] ---[ end trace 5bbdcb4311031a37 ]--- [ 58.285433][ T8650] RIP: 0010:netem_enqueue+0x1470/0x3540 [ 58.291058][ T8650] Code: 74 1f 4c 89 44 24 20 89 4c 24 18 89 44 24 10 e8 76 28 82 fa 4c 8b 44 24 20 8b 4c 24 18 8b 44 24 10 48 8b 34 24 31 d2 2b 4e 74 f1 48 b8 00 00 00 00 00 fc ff df 48 01 d3 48 89 d9 48 c1 e9 03 [ 58.310830][ T8650] RSP: 0018:ffffc90001f1f670 EFLAGS: 00010246 [ 58.316875][ T8650] RAX: 00000000c0ba6ebd RBX: ffff88802d21f800 RCX: 0000000000000000 [ 58.325012][ T8650] RDX: 0000000000000000 RSI: ffff8880175bfc80 RDI: ffff8880175bfcf4 [ 58.335343][ T8650] RBP: ffff88801dad9330 R08: ffff8880175bfd50 R09: 0000000000000000 [ 58.344627][ T8650] R10: ffffffff83cc1b8d R11: 0000000000000000 R12: 0000000000000001 [ 58.352591][ T8650] R13: 0000000000000004 R14: ffff88801dad9000 R15: 0000000000000000 [ 58.360553][ T8650] FS: 00007fed9664a700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 [ 58.369494][ T8650] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 58.376078][ T8650] CR2: 00000000200001c0 CR3: 00000000145d2000 CR4: 0000000000350ee0 [ 58.384038][ T8650] Kernel panic - not syncing: Fatal exception in interrupt [ 58.396978][ T8650] Kernel Offset: disabled [ 58.401283][ T8650] Rebooting in 86400 seconds..