[ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.43' (ECDSA) to the list of known hosts. 2020/08/28 06:54:25 parsed 1 programs 2020/08/28 06:54:25 executed programs: 0 syzkaller login: [ 64.933567][ T6902] IPVS: ftp: loaded support on port[0] = 21 [ 65.084989][ T6902] chnl_net:caif_netlink_parms(): no params data found [ 65.137191][ T6902] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.145077][ T6902] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.153970][ T6902] device bridge_slave_0 entered promiscuous mode [ 65.162875][ T6902] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.171119][ T6902] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.178711][ T6902] device bridge_slave_1 entered promiscuous mode [ 65.200052][ T6902] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 65.211177][ T6902] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 65.233730][ T6902] team0: Port device team_slave_0 added [ 65.241202][ T6902] team0: Port device team_slave_1 added [ 65.258467][ T6902] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 65.265493][ T6902] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.292200][ T6902] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 65.305924][ T6902] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 65.313449][ T6902] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.339895][ T6902] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 65.366284][ T6902] device hsr_slave_0 entered promiscuous mode [ 65.372984][ T6902] device hsr_slave_1 entered promiscuous mode [ 65.469673][ T6902] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 65.484224][ T6902] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 65.493056][ T6902] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 65.506491][ T6902] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 65.531761][ T6902] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.538917][ T6902] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.546689][ T6902] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.553835][ T6902] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.600948][ T6902] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.614322][ T2588] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 65.624886][ T2588] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.633572][ T2588] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.641944][ T2588] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 65.654604][ T6902] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.666236][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 65.674808][ T23] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.681970][ T23] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.699577][ T3273] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 65.707849][ T3273] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.714959][ T3273] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.732802][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 65.741704][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 65.758236][ T6902] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 65.769897][ T6902] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 65.781958][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 65.790504][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 65.799434][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 65.807686][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 65.827687][ T3273] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 65.835882][ T3273] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 65.849414][ T6902] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.868640][ T3273] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 65.890098][ T2784] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 65.900844][ T2784] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 65.908432][ T2784] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 65.918435][ T6902] device veth0_vlan entered promiscuous mode [ 65.930804][ T6902] device veth1_vlan entered promiscuous mode [ 65.952944][ T3273] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 65.961401][ T3273] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 65.970102][ T3273] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 65.981235][ T6902] device veth0_macvtap entered promiscuous mode [ 65.994215][ T6902] device veth1_macvtap entered promiscuous mode [ 66.016499][ T6902] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.025016][ T2784] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 66.036048][ T2784] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 66.048380][ T6902] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.056774][ T2784] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 66.071131][ T6902] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.080536][ T6902] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.090785][ T6902] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.099528][ T6902] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.939628][ T7112] Bluetooth: hci0: command 0x0409 tx timeout 2020/08/28 06:54:30 executed programs: 74 [ 69.018860][ T2784] Bluetooth: hci0: command 0x041b tx timeout [ 71.089538][ T7113] Bluetooth: hci0: command 0x040f tx timeout [ 73.167916][ T7113] Bluetooth: hci0: command 0x0419 tx timeout 2020/08/28 06:54:35 executed programs: 227 [ 74.490549][ T7981] general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] PREEMPT SMP KASAN [ 74.502292][ T7981] KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017] [ 74.510677][ T7981] CPU: 0 PID: 7981 Comm: syz-executor.0 Not tainted 5.9.0-rc2-syzkaller #0 [ 74.519230][ T7981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 74.529294][ T7981] RIP: 0010:__sock_release+0xbb/0x280 [ 74.534639][ T7981] Code: ff df 48 c1 ea 03 80 3c 02 00 0f 85 a5 01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b 63 20 49 8d 7c 24 10 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 8e 01 00 00 48 89 df 41 ff 54 24 10 48 8d 7b 18 [ 74.554215][ T7981] RSP: 0018:ffffc90008ef7e28 EFLAGS: 00010202 [ 74.560254][ T7981] RAX: dffffc0000000000 RBX: ffff888090b71540 RCX: 0000000000000000 [ 74.568217][ T7981] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000010 [ 74.576186][ T7981] RBP: ffff888090b716e0 R08: ffff888090b716e0 R09: ffffffff8c5f3a77 [ 74.584160][ T7981] R10: fffffbfff18be74e R11: 0000000000000000 R12: 0000000000000000 [ 74.592108][ T7981] R13: ffff888090b71560 R14: 0000000000000000 R15: ffff888086494a88 [ 74.600061][ T7981] FS: 00007fc056140700(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000 [ 74.608968][ T7981] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.615547][ T7981] CR2: 0000000000000000 CR3: 000000009053e000 CR4: 00000000001506f0 [ 74.623514][ T7981] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 74.631502][ T7981] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 74.639452][ T7981] Call Trace: [ 74.642760][ T7981] sock_close+0x18/0x20 [ 74.646902][ T7981] __fput+0x285/0x920 [ 74.650875][ T7981] ? __sock_release+0x280/0x280 [ 74.655701][ T7981] task_work_run+0xdd/0x190 [ 74.660284][ T7981] exit_to_user_mode_prepare+0x195/0x1c0 [ 74.665910][ T7981] syscall_exit_to_user_mode+0x59/0x2b0 [ 74.671431][ T7981] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 74.677319][ T7981] RIP: 0033:0x45d5b9 [ 74.681189][ T7981] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 74.700765][ T7981] RSP: 002b:00007fc05613fc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 74.709170][ T7981] RAX: 0000000000000000 RBX: 0000000000002ac0 RCX: 000000000045d5b9 [ 74.717141][ T7981] RDX: 0000000000000004 RSI: 0000000000000001 RDI: 0000000000000005 [ 74.725086][ T7981] RBP: 000000000118cf88 R08: 0000000000000000 R09: 0000000000000000 [ 74.733031][ T7981] R10: 0000000020000000 R11: 0000000000000246 R12: 000000000118cf4c [ 74.740988][ T7981] R13: 000000000169fb6f R14: 00007fc0561409c0 R15: 000000000118cf4c [ 74.748939][ T7981] Modules linked in: [ 74.773163][ T7981] ---[ end trace 9014d87a0cdb915f ]--- [ 74.778874][ T7981] RIP: 0010:__sock_release+0xbb/0x280 [ 74.784280][ T7981] Code: ff df 48 c1 ea 03 80 3c 02 00 0f 85 a5 01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b 63 20 49 8d 7c 24 10 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 8e 01 00 00 48 89 df 41 ff 54 24 10 48 8d 7b 18 [ 74.804277][ T7981] RSP: 0018:ffffc90008ef7e28 EFLAGS: 00010202 [ 74.810830][ T7981] RAX: dffffc0000000000 RBX: ffff888090b71540 RCX: 0000000000000000 [ 74.818896][ T7981] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000010 [ 74.826863][ T7981] RBP: ffff888090b716e0 R08: ffff888090b716e0 R09: ffffffff8c5f3a77 [ 74.834865][ T7981] R10: fffffbfff18be74e R11: 0000000000000000 R12: 0000000000000000 [ 74.842912][ T7981] R13: ffff888090b71560 R14: 0000000000000000 R15: ffff888086494a88 [ 74.850943][ T7981] FS: 00007fc056140700(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000 [ 74.860290][ T7981] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.866856][ T7981] CR2: 0000000000000000 CR3: 000000009053e000 CR4: 00000000001506f0 [ 74.874873][ T7981] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 74.883115][ T7981] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 74.891116][ T7981] Kernel panic - not syncing: Fatal exception [ 74.898226][ T7981] Kernel Offset: disabled [ 74.902539][ T7981] Rebooting in 86400 seconds..