Warning: Permanently added '10.128.1.85' (ECDSA) to the list of known hosts.
2021/03/13 21:23:01 fuzzer started
2021/03/13 21:23:01 connecting to host at 10.128.0.169:35417
2021/03/13 21:23:01 checking machine...
2021/03/13 21:23:01 checking revisions...
2021/03/13 21:23:01 testing simple program...
syzkaller login: [   54.782213][ T8388] IPVS: ftp: loaded support on port[0] = 21
[   54.877302][ T8388] chnl_net:caif_netlink_parms(): no params data found
[   54.920371][ T8388] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.930370][ T8388] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.940422][ T8388] device bridge_slave_0 entered promiscuous mode
[   54.948975][ T8388] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.956040][ T8388] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.964264][ T8388] device bridge_slave_1 entered promiscuous mode
[   54.981090][ T8388] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   54.992504][ T8388] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   55.011554][ T8388] team0: Port device team_slave_0 added
[   55.019256][ T8388] team0: Port device team_slave_1 added
[   55.033240][ T8388] batman_adv: batadv0: Adding interface: batadv_slave_0
[   55.040470][ T8388] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   55.066813][ T8388] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   55.080122][ T8388] batman_adv: batadv0: Adding interface: batadv_slave_1
[   55.087066][ T8388] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   55.113418][ T8388] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   55.136181][ T8388] device hsr_slave_0 entered promiscuous mode
[   55.142980][ T8388] device hsr_slave_1 entered promiscuous mode
[   55.220101][ T8388] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   55.231397][ T8388] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   55.240475][ T8388] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   55.249826][ T8388] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   55.268890][ T8388] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.276134][ T8388] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.283827][ T8388] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.290944][ T8388] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.327028][ T8388] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.341623][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   55.352883][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.361490][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.369701][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   55.382212][ T8388] 8021q: adding VLAN 0 to HW filter on device team0
[   55.392786][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   55.401897][   T20] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.408994][   T20] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.429706][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   55.439158][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.446481][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.454899][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   55.463399][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   55.472588][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   55.484207][ T8607] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   55.495752][ T8388] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   55.507018][ T8388] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   55.516416][ T8607] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   55.536660][ T8388] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.544150][ T3827] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   55.552787][ T3827] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   55.569583][ T8607] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   55.587525][ T8388] device veth0_vlan entered promiscuous mode
[   55.595256][ T3827] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   55.604135][ T3827] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   55.611997][ T3827] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   55.623743][ T8388] device veth1_vlan entered promiscuous mode
[   55.631248][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   55.651091][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   55.659605][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   55.670559][ T8388] device veth0_macvtap entered promiscuous mode
[   55.679839][ T8388] device veth1_macvtap entered promiscuous mode
[   55.696380][ T8388] batman_adv: batadv0: Interface activated: batadv_slave_0
[   55.704756][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   55.715171][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   55.726354][ T8388] batman_adv: batadv0: Interface activated: batadv_slave_1
[   55.734744][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   55.745945][ T8388] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   55.755549][ T8388] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   55.764615][ T8388] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   55.773494][ T8388] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   55.843052][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.857018][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.872449][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   55.885413][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.895444][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.905472][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
2021/03/13 21:23:03 building call list...
[   56.339523][ T8378] ------------[ cut here ]------------
[   56.345725][ T8378] raw_local_irq_restore() called with IRQs enabled
[   56.352312][ T8378] WARNING: CPU: 0 PID: 8378 at kernel/locking/irqflag-debug.c:10 warn_bogus_irq_restore+0x1d/0x20
[   56.363712][ T8378] Modules linked in:
[   56.368024][ T8378] CPU: 0 PID: 8378 Comm: syz-fuzzer Not tainted 5.12.0-rc2-syzkaller #0
[   56.376403][ T8378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   56.386707][ T8378] RIP: 0010:warn_bogus_irq_restore+0x1d/0x20
[   56.392748][ T8378] Code: be ff cc cc cc cc cc cc cc cc cc cc cc 80 3d 5c 28 ac 04 00 74 01 c3 48 c7 c7 e0 8f 6b 89 c6 05 4b 28 ac 04 01 e8 0d d2 be ff <0f> 0b c3 48 39 77 10 0f 84 97 00 00 00 66 f7 47 22 f0 ff 74 4b 48
[   56.413236][ T8378] RSP: 0000:ffffc90001aefac8 EFLAGS: 00010282
[   56.419728][ T8378] RAX: 0000000000000000 RBX: ffff8880185e7de0 RCX: 0000000000000000
[   56.428210][ T8378] RDX: ffff88801bff1bc0 RSI: ffffffff815c0d65 RDI: fffff5200035df4b
[   56.436183][ T8378] RBP: 0000000000000200 R08: 0000000000000000 R09: 0000000000000000
[   56.444372][ T8378] R10: ffffffff815b9afe R11: 0000000000000000 R12: 0000000000000003
[   56.452412][ T8378] R13: ffffed10030bcfbc R14: 0000000000000001 R15: ffff8880b9c35f40
[   56.460525][ T8378] FS:  000000c00002e090(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
[   56.469508][ T8378] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   56.476095][ T8378] CR2: 000000c00003df28 CR3: 000000001472b000 CR4: 0000000000350ef0
[   56.484124][ T8378] Call Trace:
[   56.487398][ T8378]  kvm_wait+0xc9/0xe0
[   56.491428][ T8378]  __pv_queued_spin_lock_slowpath+0x8b8/0xb40
[   56.497596][ T8378]  ? pv_hash+0x100/0x100
[   56.501885][ T8378]  ? lock_release+0x720/0x720
[   56.506589][ T8378]  do_raw_spin_lock+0x200/0x2b0
[   56.511487][ T8378]  ? rwlock_bug.part.0+0x90/0x90
[   56.516437][ T8378]  huge_pmd_set_accessed+0x103/0x320
[   56.521767][ T8378]  ? huge_pud_set_accessed+0x300/0x300
[   56.527234][ T8378]  ? mark_lock+0xef/0x17b0
[   56.531871][ T8378]  ? debug_object_free+0x1c0/0x350
[   56.536992][ T8378]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   56.543105][ T8378]  __handle_mm_fault+0xeeb/0x4f70
[   56.548200][ T8378]  ? vm_iomap_memory+0x190/0x190
[   56.553167][ T8378]  handle_mm_fault+0x1bc/0x7e0
[   56.557986][ T8378]  do_user_addr_fault+0x483/0x1210
[   56.563106][ T8378]  exc_page_fault+0x9e/0x180
[   56.567750][ T8378]  ? asm_exc_page_fault+0x8/0x30
[   56.572702][ T8378]  asm_exc_page_fault+0x1e/0x30
[   56.577538][ T8378] RIP: 0033:0x46dabd
[   56.581483][ T8378] Code: 8b 44 24 20 b9 40 42 0f 00 f7 f1 48 89 04 24 b8 e8 03 00 00 f7 e2 48 89 44 24 08 48 89 e7 be 00 00 00 00 b8 23 00 00 00 0f 05 <48> 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc cc cc cc cc cc cc
[   56.601338][ T8378] RSP: 002b:000000c00003df18 EFLAGS: 00010212
[   56.607419][ T8378] RAX: 0000000000000000 RBX: 0000000000000014 RCX: 000000000046dabd
[   56.615428][ T8378] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000c00003df18
[   56.623537][ T8378] RBP: 000000c00003df28 R08: 00000000000005d0 R09: 00007ffc231be090
[   56.631568][ T8378] R10: 0000000000002a82 R11: 0000000000000212 R12: 000000000043b6a0
[   56.639696][ T8378] R13: 0000000000000000 R14: 000000000093f280 R15: 0000000000000000
[   56.647849][ T8378] Kernel panic - not syncing: panic_on_warn set ...
[   56.654425][ T8378] CPU: 0 PID: 8378 Comm: syz-fuzzer Not tainted 5.12.0-rc2-syzkaller #0
[   56.662733][ T8378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   56.672958][ T8378] Call Trace:
[   56.676238][ T8378]  dump_stack+0x141/0x1d7
[   56.680658][ T8378]  panic+0x306/0x73d
[   56.684538][ T8378]  ? __warn_printk+0xf3/0xf3
[   56.689130][ T8378]  ? __warn.cold+0x1a/0x44
[   56.693724][ T8378]  ? warn_bogus_irq_restore+0x1d/0x20
[   56.699080][ T8378]  __warn.cold+0x35/0x44
[   56.703308][ T8378]  ? wake_up_klogd.part.0+0x8e/0xd0
[   56.708579][ T8378]  ? warn_bogus_irq_restore+0x1d/0x20
[   56.713959][ T8378]  report_bug+0x1bd/0x210
[   56.718281][ T8378]  handle_bug+0x3c/0x60
[   56.722424][ T8378]  exc_invalid_op+0x14/0x40
[   56.726917][ T8378]  asm_exc_invalid_op+0x12/0x20
[   56.731751][ T8378] RIP: 0010:warn_bogus_irq_restore+0x1d/0x20
[   56.737722][ T8378] Code: be ff cc cc cc cc cc cc cc cc cc cc cc 80 3d 5c 28 ac 04 00 74 01 c3 48 c7 c7 e0 8f 6b 89 c6 05 4b 28 ac 04 01 e8 0d d2 be ff <0f> 0b c3 48 39 77 10 0f 84 97 00 00 00 66 f7 47 22 f0 ff 74 4b 48
[   56.757313][ T8378] RSP: 0000:ffffc90001aefac8 EFLAGS: 00010282
[   56.763366][ T8378] RAX: 0000000000000000 RBX: ffff8880185e7de0 RCX: 0000000000000000
[   56.771741][ T8378] RDX: ffff88801bff1bc0 RSI: ffffffff815c0d65 RDI: fffff5200035df4b
[   56.780419][ T8378] RBP: 0000000000000200 R08: 0000000000000000 R09: 0000000000000000
[   56.788376][ T8378] R10: ffffffff815b9afe R11: 0000000000000000 R12: 0000000000000003
[   56.796331][ T8378] R13: ffffed10030bcfbc R14: 0000000000000001 R15: ffff8880b9c35f40
[   56.804288][ T8378]  ? wake_up_klogd.part.0+0x8e/0xd0
[   56.809478][ T8378]  ? vprintk_func+0x95/0x1e0
[   56.814055][ T8378]  ? warn_bogus_irq_restore+0x1d/0x20
[   56.819414][ T8378]  kvm_wait+0xc9/0xe0
[   56.823383][ T8378]  __pv_queued_spin_lock_slowpath+0x8b8/0xb40
[   56.829436][ T8378]  ? pv_hash+0x100/0x100
[   56.833663][ T8378]  ? lock_release+0x720/0x720
[   56.838323][ T8378]  do_raw_spin_lock+0x200/0x2b0
[   56.843160][ T8378]  ? rwlock_bug.part.0+0x90/0x90
[   56.848099][ T8378]  huge_pmd_set_accessed+0x103/0x320
[   56.853382][ T8378]  ? huge_pud_set_accessed+0x300/0x300
[   56.858821][ T8378]  ? mark_lock+0xef/0x17b0
[   56.863218][ T8378]  ? debug_object_free+0x1c0/0x350
[   56.868311][ T8378]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   56.874276][ T8378]  __handle_mm_fault+0xeeb/0x4f70
[   56.879287][ T8378]  ? vm_iomap_memory+0x190/0x190
[   56.884308][ T8378]  handle_mm_fault+0x1bc/0x7e0
[   56.889060][ T8378]  do_user_addr_fault+0x483/0x1210
[   56.894159][ T8378]  exc_page_fault+0x9e/0x180
[   56.898733][ T8378]  ? asm_exc_page_fault+0x8/0x30
[   56.903654][ T8378]  asm_exc_page_fault+0x1e/0x30
[   56.908488][ T8378] RIP: 0033:0x46dabd
[   56.912362][ T8378] Code: 8b 44 24 20 b9 40 42 0f 00 f7 f1 48 89 04 24 b8 e8 03 00 00 f7 e2 48 89 44 24 08 48 89 e7 be 00 00 00 00 b8 23 00 00 00 0f 05 <48> 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc cc cc cc cc cc cc
[   56.931962][ T8378] RSP: 002b:000000c00003df18 EFLAGS: 00010212
[   56.938011][ T8378] RAX: 0000000000000000 RBX: 0000000000000014 RCX: 000000000046dabd
[   56.945966][ T8378] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000c00003df18
[   56.953918][ T8378] RBP: 000000c00003df28 R08: 00000000000005d0 R09: 00007ffc231be090
[   56.962135][ T8378] R10: 0000000000002a82 R11: 0000000000000212 R12: 000000000043b6a0
[   56.970088][ T8378] R13: 0000000000000000 R14: 000000000093f280 R15: 0000000000000000
[   56.982059][ T8378] Kernel Offset: disabled
[   56.986665][ T8378] Rebooting in 86400 seconds..