[[0;32m  OK  [0m] Started Getty on tty2.
[[0;32m  OK  [0m] Started Serial Getty on ttyS0.
[[0;32m  OK  [0m] Started Getty on tty1.
[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Started OpenBSD Secure Shell server.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.88' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
executing program
syzkaller login: [   90.664197][    C0] hrtimer: interrupt took 46168 ns
[   91.190116][ T6894] skbuff: skb_over_panic: text:ffffffff87388516 len:232 put:72 head:ffff888093820800 data:ffff888093820800 tail:0xe8 end:0xc0 dev:<NULL>
[   91.208207][ T6896] skbuff: skb_over_panic: text:ffffffff87388516 len:232 put:72 head:ffff8880a8d2ac00 data:ffff8880a8d2ac00 tail:0xe8 end:0xc0 dev:<NULL>
[   91.411254][ T6896] ------------[ cut here ]------------
[   91.506012][ T6894] ------------[ cut here ]------------
[   91.572192][ T6896] kernel BUG at net/core/skbuff.c:109!
[   91.607329][ T6894] kernel BUG at net/core/skbuff.c:109!
[   91.667179][ T6896] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[   91.673299][ T6896] CPU: 0 PID: 6896 Comm: syz-executor910 Not tainted 5.9.0-rc6-syzkaller #0
[   91.681958][ T6896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   91.692041][ T6896] RIP: 0010:skb_panic+0x16c/0x16e
[   91.697059][ T6896] Code: fb 4c 8b 4c 24 10 8b 4b 70 41 56 45 89 e8 4c 89 e2 41 57 48 89 ee 48 c7 c7 a0 4f 44 89 ff 74 24 10 ff 74 24 20 e8 73 df f8 fa <0f> 0b e8 6d d6 0f fb 4c 8b 64 24 18 e8 e3 a0 50 fb 48 c7 c1 e0 5b
[   91.716663][ T6896] RSP: 0018:ffffc900056fee80 EFLAGS: 00010286
[   91.722783][ T6896] RAX: 0000000000000086 RBX: ffff88808801be80 RCX: 0000000000000000
[   91.730784][ T6896] RDX: ffff8880928fc400 RSI: ffffffff815f5985 RDI: fffff52000adfdc2
[   91.738763][ T6896] RBP: ffffffff89445c20 R08: 0000000000000086 R09: ffff8880ae5318e7
[   91.746738][ T6896] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff87388516
[   91.754737][ T6896] R13: 0000000000000048 R14: ffffffff89444f60 R15: 00000000000000c0
[   91.762732][ T6896] FS:  00007fd6a6588700(0000) GS:ffff8880ae400000(0000) knlGS:0000000000000000
[   91.771676][ T6896] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   91.778253][ T6896] CR2: 00007f9c357d0020 CR3: 0000000096c1a000 CR4: 00000000001506f0
[   91.786224][ T6896] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   91.794191][ T6896] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   91.802174][ T6896] Call Trace:
[   91.805488][ T6896]  ? pfkey_send_acquire+0x1856/0x2520
[   91.810876][ T6896]  skb_put.cold+0x24/0x24
[   91.815208][ T6896]  pfkey_send_acquire+0x1856/0x2520
[   91.820424][ T6896]  km_query+0xc5/0x210
[   91.824497][ T6896]  xfrm_state_find+0x2b70/0x4d50
[   91.829436][ T6896]  ? xfrm_state_update+0xe10/0xe10
[   91.834548][ T6896]  ? is_bpf_text_address+0xcb/0x160
[   91.839804][ T6896]  ? kernel_text_address+0xbd/0xf0
[   91.844915][ T6896]  ? unwind_get_return_address+0x51/0x90
[   91.850544][ T6896]  ? profile_setup.cold+0xc1/0xc1
[   91.855564][ T6896]  ? arch_stack_walk+0x97/0xf0
[   91.860330][ T6896]  xfrm_tmpl_resolve+0x2f3/0xd40
[   91.865268][ T6896]  ? __xfrm_dst_lookup+0x130/0x130
[   91.870380][ T6896]  ? lockdep_hardirqs_on_prepare+0x530/0x530
[   91.876389][ T6896]  xfrm_resolve_and_create_bundle+0x123/0x2590
[   91.882536][ T6896]  ? lock_is_held_type+0xbb/0xf0
[   91.887495][ T6896]  ? xfrm_sk_policy_lookup+0x4f3/0x6d0
[   91.892951][ T6896]  ? xfrm_net_init+0xb20/0xb20
[   91.897716][ T6896]  ? __sanitizer_cov_trace_switch+0x45/0x70
[   91.903633][ T6896]  ? xfrm_sk_policy_lookup+0x515/0x6d0
[   91.909117][ T6896]  ? xfrm_selector_match+0xf60/0xf60
[   91.914427][ T6896]  ? ip_route_output_key_hash+0x1d4/0x2f0
[   91.920151][ T6896]  ? xfrm_expand_policies+0x414/0x650
[   91.925552][ T6896]  xfrm_lookup_with_ifid+0x235/0x2130
[   91.930922][ T6896]  ? xfrm_expand_policies+0x650/0x650
[   91.936293][ T6896]  ? ip_route_output_key_hash+0x1f6/0x2f0
[   91.942039][ T6896]  ? udp_sendmsg+0x65d/0x26d0
[   91.946743][ T6896]  ? lock_downgrade+0x830/0x830
[   91.951602][ T6896]  xfrm_lookup_route+0x36/0x1e0
[   91.956461][ T6896]  ip_route_output_flow+0xa6/0xc0
[   91.961481][ T6896]  udp_sendmsg+0x1a21/0x26d0
[   91.966068][ T6896]  ? ip_frag_init+0x330/0x330
[   91.970741][ T6896]  ? __switch_to+0x425/0xfe0
[   91.975346][ T6896]  ? lock_is_held_type+0xbb/0xf0
[   91.980303][ T6896]  ? udp_setsockopt+0xc0/0xc0
[   91.984974][ T6896]  ? lock_is_held_type+0xbb/0xf0
[   91.989911][ T6896]  ? __might_fault+0x11f/0x1d0
[   91.994672][ T6896]  ? lock_is_held_type+0xbb/0xf0
[   91.999637][ T6896]  ? aa_sk_perm+0x316/0xaa0
[   92.004148][ T6896]  ? __might_fault+0x190/0x1d0
[   92.008914][ T6896]  ? rw_copy_check_uvector+0x298/0x390
[   92.014375][ T6896]  ? aa_af_perm+0x230/0x230
[   92.018877][ T6896]  ? __copy_msghdr_from_user+0x2b4/0x4b0
[   92.024510][ T6896]  inet_sendmsg+0x99/0xe0
[   92.028862][ T6896]  ? inet_send_prepare+0x4d0/0x4d0
[   92.033971][ T6896]  sock_sendmsg+0xcf/0x120
[   92.038400][ T6896]  ____sys_sendmsg+0x331/0x810
[   92.043164][ T6896]  ? kernel_sendmsg+0x50/0x50
[   92.047859][ T6896]  ? do_recvmmsg+0x6d0/0x6d0
[   92.052452][ T6896]  ? __lock_acquire+0x164a/0x5780
[   92.057475][ T6896]  ___sys_sendmsg+0xf3/0x170
[   92.062065][ T6896]  ? sendmsg_copy_msghdr+0x160/0x160
[   92.067346][ T6896]  ? lockdep_hardirqs_on_prepare+0x530/0x530
[   92.073344][ T6896]  ? __fget_files+0x272/0x400
[   92.078049][ T6896]  ? lock_is_held_type+0xbb/0xf0
[   92.082984][ T6896]  ? find_held_lock+0x2d/0x110
[   92.087746][ T6896]  ? __might_fault+0x11f/0x1d0
[   92.092515][ T6896]  ? lock_downgrade+0x830/0x830
[   92.097363][ T6896]  ? lock_is_held_type+0xbb/0xf0
[   92.102324][ T6896]  __sys_sendmmsg+0x195/0x480
[   92.107000][ T6896]  ? __ia32_sys_sendmsg+0xb0/0xb0
[   92.112058][ T6896]  ? lockdep_hardirqs_on+0x53/0x100
[   92.117260][ T6896]  ? fput_many+0x2f/0x1a0
[   92.121590][ T6896]  ? __sys_connect+0x10a/0x190
[   92.126382][ T6896]  ? lock_is_held_type+0xbb/0xf0
[   92.131313][ T6896]  ? lock_is_held_type+0xbb/0xf0
[   92.136248][ T6896]  ? syscall_enter_from_user_mode+0x1d/0x60
[   92.142169][ T6896]  __x64_sys_sendmmsg+0x99/0x100
[   92.147108][ T6896]  ? syscall_enter_from_user_mode+0x1d/0x60
[   92.153009][ T6896]  do_syscall_64+0x2d/0x70
[   92.157426][ T6896]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   92.163312][ T6896] RIP: 0033:0x447369
[   92.167203][ T6896] Code: e8 dc e6 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 ab 05 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   92.186837][ T6896] RSP: 002b:00007fd6a6587da8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   92.195246][ T6896] RAX: ffffffffffffffda RBX: 00000000006dcc68 RCX: 0000000000447369
[   92.203218][ T6896] RDX: 000000000800001d RSI: 0000000020007fc0 RDI: 0000000000000006
[   92.211220][ T6896] RBP: 00000000006dcc60 R08: 0000000000000000 R09: 0000000000000000
[   92.219229][ T6896] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dcc6c
[   92.227199][ T6896] R13: 0000000000000002 R14: 0000000009000702 R15: 0000000000000005
[   92.235166][ T6896] Modules linked in:
[   92.310690][ T6894] invalid opcode: 0000 [#2] PREEMPT SMP KASAN
[   92.316800][ T6894] CPU: 1 PID: 6894 Comm: syz-executor910 Tainted: G      D           5.9.0-rc6-syzkaller #0
[   92.327049][ T6894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   92.337141][ T6894] RIP: 0010:skb_panic+0x16c/0x16e
[   92.342162][ T6894] Code: fb 4c 8b 4c 24 10 8b 4b 70 41 56 45 89 e8 4c 89 e2 41 57 48 89 ee 48 c7 c7 a0 4f 44 89 ff 74 24 10 ff 74 24 20 e8 73 df f8 fa <0f> 0b e8 6d d6 0f fb 4c 8b 64 24 18 e8 e3 a0 50 fb 48 c7 c1 e0 5b
[   92.361761][ T6894] RSP: 0018:ffffc900056cee80 EFLAGS: 00010286
[   92.367820][ T6894] RAX: 0000000000000086 RBX: ffff888093821e40 RCX: 0000000000000000
[   92.375788][ T6894] RDX: ffff88809400e380 RSI: ffffffff815f5985 RDI: fffff52000ad9dc2
[   92.383764][ T6894] RBP: ffffffff89445c20 R08: 0000000000000086 R09: ffff8880ae5318e7
[   92.391731][ T6894] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff87388516
[   92.399733][ T6894] R13: 0000000000000048 R14: ffffffff89444f60 R15: 00000000000000c0
[   92.407727][ T6894] FS:  00007fd6a6588700(0000) GS:ffff8880ae500000(0000) knlGS:0000000000000000
[   92.416648][ T6894] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   92.423257][ T6894] CR2: 00007fc0a0c06008 CR3: 000000009a3a7000 CR4: 00000000001506e0
[   92.431249][ T6894] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   92.439215][ T6894] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   92.447178][ T6894] Call Trace:
[   92.450469][ T6894]  ? pfkey_send_acquire+0x1856/0x2520
[   92.455838][ T6894]  skb_put.cold+0x24/0x24
[   92.460170][ T6894]  pfkey_send_acquire+0x1856/0x2520
[   92.465375][ T6894]  km_query+0xc5/0x210
[   92.469441][ T6894]  xfrm_state_find+0x2b70/0x4d50
[   92.474383][ T6894]  ? xfrm_state_update+0xe10/0xe10
[   92.479522][ T6894]  ? is_bpf_text_address+0xcb/0x160
[   92.484721][ T6894]  ? kernel_text_address+0xbd/0xf0
[   92.489828][ T6894]  ? unwind_get_return_address+0x51/0x90
[   92.495474][ T6894]  ? profile_setup.cold+0xc1/0xc1
[   92.500493][ T6894]  ? arch_stack_walk+0x97/0xf0
[   92.505254][ T6894]  xfrm_tmpl_resolve+0x2f3/0xd40
[   92.510194][ T6894]  ? __xfrm_dst_lookup+0x130/0x130
[   92.515307][ T6894]  ? lockdep_hardirqs_on_prepare+0x530/0x530
[   92.521292][ T6894]  xfrm_resolve_and_create_bundle+0x123/0x2590
[   92.527443][ T6894]  ? lock_is_held_type+0xbb/0xf0
[   92.532406][ T6894]  ? xfrm_sk_policy_lookup+0x4f3/0x6d0
[   92.537862][ T6894]  ? xfrm_net_init+0xb20/0xb20
[   92.542646][ T6894]  ? __sanitizer_cov_trace_switch+0x45/0x70
[   92.548536][ T6894]  ? xfrm_sk_policy_lookup+0x515/0x6d0
[   92.553992][ T6894]  ? xfrm_selector_match+0xf60/0xf60
[   92.559276][ T6894]  ? ip_route_output_key_hash+0x1d4/0x2f0
[   92.564992][ T6894]  ? xfrm_expand_policies+0x414/0x650
[   92.570383][ T6894]  xfrm_lookup_with_ifid+0x235/0x2130
[   92.575754][ T6894]  ? xfrm_expand_policies+0x650/0x650
[   92.581123][ T6894]  ? ip_route_output_key_hash+0x1f6/0x2f0
[   92.586843][ T6894]  ? udp_sendmsg+0x65d/0x26d0
[   92.591544][ T6894]  ? lock_downgrade+0x830/0x830
[   92.596394][ T6894]  xfrm_lookup_route+0x36/0x1e0
[   92.601270][ T6894]  ip_route_output_flow+0xa6/0xc0
[   92.606292][ T6894]  udp_sendmsg+0x1a21/0x26d0
[   92.610904][ T6894]  ? ip_frag_init+0x330/0x330
[   92.615591][ T6894]  ? udp_setsockopt+0xc0/0xc0
[   92.620270][ T6894]  ? lock_is_held_type+0xbb/0xf0
[   92.625233][ T6894]  ? __might_fault+0x11f/0x1d0
[   92.629995][ T6894]  ? lock_is_held_type+0xbb/0xf0
[   92.634932][ T6894]  ? aa_sk_perm+0x316/0xaa0
[   92.639432][ T6894]  ? __might_fault+0x190/0x1d0
[   92.644195][ T6894]  ? rw_copy_check_uvector+0x298/0x390
[   92.649646][ T6894]  ? aa_af_perm+0x230/0x230
[   92.654147][ T6894]  ? __copy_msghdr_from_user+0x2b4/0x4b0
[   92.659778][ T6894]  inet_sendmsg+0x99/0xe0
[   92.664128][ T6894]  ? inet_send_prepare+0x4d0/0x4d0
[   92.669235][ T6894]  sock_sendmsg+0xcf/0x120
[   92.673649][ T6894]  ____sys_sendmsg+0x331/0x810
[   92.678417][ T6894]  ? kernel_sendmsg+0x50/0x50
[   92.683090][ T6894]  ? do_recvmmsg+0x6d0/0x6d0
[   92.687677][ T6894]  ? mark_lock+0x82/0x1660
[   92.692124][ T6894]  ? __lock_acquire+0x164a/0x5780
[   92.697172][ T6894]  ___sys_sendmsg+0xf3/0x170
[   92.701758][ T6894]  ? sendmsg_copy_msghdr+0x160/0x160
[   92.707081][ T6894]  ? lockdep_hardirqs_on_prepare+0x530/0x530
[   92.713061][ T6894]  ? lock_is_held_type+0xbb/0xf0
[   92.717994][ T6894]  ? find_held_lock+0x2d/0x110
[   92.722779][ T6894]  ? __might_fault+0x11f/0x1d0
[   92.727542][ T6894]  ? lock_downgrade+0x830/0x830
[   92.732390][ T6894]  ? lock_is_held_type+0xbb/0xf0
[   92.737354][ T6894]  __sys_sendmmsg+0x195/0x480
[   92.742028][ T6894]  ? __ia32_sys_sendmsg+0xb0/0xb0
[   92.747050][ T6894]  ? lockdep_hardirqs_on+0x53/0x100
[   92.752272][ T6894]  ? fput_many+0x2f/0x1a0
[   92.756599][ T6894]  ? __sys_connect+0x10a/0x190
[   92.761363][ T6894]  ? lock_is_held_type+0xbb/0xf0
[   92.766326][ T6894]  ? lock_is_held_type+0xbb/0xf0
[   92.771261][ T6894]  ? syscall_enter_from_user_mode+0x1d/0x60
[   92.777151][ T6894]  __x64_sys_sendmmsg+0x99/0x100
[   92.782110][ T6894]  ? syscall_enter_from_user_mode+0x1d/0x60
[   92.788016][ T6894]  do_syscall_64+0x2d/0x70
[   92.792455][ T6894]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   92.798339][ T6894] RIP: 0033:0x447369
[   92.802229][ T6894] Code: e8 dc e6 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 ab 05 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   92.821830][ T6894] RSP: 002b:00007fd6a6587da8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   92.830260][ T6894] RAX: ffffffffffffffda RBX: 00000000006dcc68 RCX: 0000000000447369
[   92.838252][ T6894] RDX: 000000000800001d RSI: 0000000020007fc0 RDI: 0000000000000006
[   92.846241][ T6894] RBP: 00000000006dcc60 R08: 0000000000000000 R09: 0000000000000000
[   92.854231][ T6894] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dcc6c
[   92.862217][ T6894] R13: 0000000000000002 R14: 0000000009000702 R15: 0000000000000005
[   92.870206][ T6894] Modules linked in:
[   94.779098][ T6896] ---[ end trace 32391753eee01ee9 ]---
[   94.784898][ T6896] RIP: 0010:skb_panic+0x16c/0x16e
[   94.790087][ T6896] Code: fb 4c 8b 4c 24 10 8b 4b 70 41 56 45 89 e8 4c 89 e2 41 57 48 89 ee 48 c7 c7 a0 4f 44 89 ff 74 24 10 ff 74 24 20 e8 73 df f8 fa <0f> 0b e8 6d d6 0f fb 4c 8b 64 24 18 e8 e3 a0 50 fb 48 c7 c1 e0 5b
[   94.817201][ T6894] ---[ end trace 32391753eee01eea ]---
[   94.829669][ T6894] RIP: 0010:skb_panic+0x16c/0x16e
[   94.841788][ T6894] Code: fb 4c 8b 4c 24 10 8b 4b 70 41 56 45 89 e8 4c 89 e2 41 57 48 89 ee 48 c7 c7 a0 4f 44 89 ff 74 24 10 ff 74 24 20 e8 73 df f8 fa <0f> 0b e8 6d d6 0f fb 4c 8b 64 24 18 e8 e3 a0 50 fb 48 c7 c1 e0 5b
[   94.867266][ T6896] RSP: 0018:ffffc900056fee80 EFLAGS: 00010286
[   94.881578][ T6896] RAX: 0000000000000086 RBX: ffff88808801be80 RCX: 0000000000000000
[   94.889922][ T6896] RDX: ffff8880928fc400 RSI: ffffffff815f5985 RDI: fffff52000adfdc2
[   94.898188][ T6896] RBP: ffffffff89445c20 R08: 0000000000000086 R09: ffff8880ae5318e7
[   94.906317][ T6896] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff87388516
[   94.909543][ T6894] RSP: 0018:ffffc900056fee80 EFLAGS: 00010286
[   94.914453][ T6896] R13: 0000000000000048 R14: ffffffff89444f60 R15: 00000000000000c0
[   94.928861][ T6896] FS:  00007fd6a6588700(0000) GS:ffff8880ae500000(0000) knlGS:0000000000000000
[   94.934805][ T6894] RAX: 0000000000000086 RBX: ffff88808801be80 RCX: 0000000000000000
[   94.937966][ T6896] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   94.952554][ T6894] RDX: ffff8880928fc400 RSI: ffffffff815f5985 RDI: fffff52000adfdc2
[   94.952783][ T6896] CR2: 00007f398003e0f8 CR3: 0000000096c1a000 CR4: 00000000001506e0
[   94.967185][ T6894] RBP: ffffffff89445c20 R08: 0000000000000086 R09: ffff8880ae5318e7
[   94.968804][ T6896] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   94.977418][ T6894] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff87388516
[   94.984900][ T6896] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   94.993792][ T6894] R13: 0000000000000048 R14: ffffffff89444f60 R15: 00000000000000c0
[   95.000914][ T6896] Kernel panic - not syncing: Fatal exception
[   95.009607][ T6894] FS:  00007fd6a6588700(0000) GS:ffff8880ae400000(0000) knlGS:0000000000000000
[   95.015764][ T6896] Kernel Offset: disabled
[   95.028994][ T6896] Rebooting in 86400 seconds..