./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1620796863
<...>
DUID 00:04:fb:87:82:62:74:5a:87:37:86:23:e7:72:30:e3:bc:00
forked to background, child pid 3183
[ 20.474568][ T3184] 8021q: adding VLAN 0 to HW filter on device bond0
[ 20.485580][ T3184] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.0.130' (ECDSA) to the list of known hosts.
execve("./syz-executor1620796863", ["./syz-executor1620796863"], 0x7fff1d840e20 /* 10 vars */) = 0
brk(NULL) = 0x555557276000
brk(0x555557276c40) = 0x555557276c40
arch_prctl(ARCH_SET_FS, 0x555557276300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor1620796863", 4096) = 28
brk(0x555557297c40) = 0x555557297c40
brk(0x555557298000) = 0x555557298000
mprotect(0x7fc51f30a000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572765d0) = 3606
./strace-static-x86_64: Process 3606 attached
[pid 3606] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 3606] setpgid(0, 0) = 0
[pid 3606] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 3606] write(3, "1000", 4) = 4
[pid 3606] close(3) = 0
[pid 3606] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid 3606] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x34\x00\x00\x00\x37\x00\x09\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x04\x00\x00\x00\x0c\x00\x01\x80\x06\x00\x00\x00\x08\x00\x00\x00\x08\x00\x02\x00\xff\xff\xff\xff\x08\x00\x05\x00\x08\x00\x00\x00", iov_len=52}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 52
[pid 3606] exit_group(0) = ?
[pid 3606] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3606, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572765d0) = 3608
./strace-static-x86_64: Process 3608 attached
[pid 3608] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 3608] setpgid(0, 0) = 0
[pid 3608] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 3608] write(3, "1000", 4) = 4
[pid 3608] close(3) = 0
[pid 3608] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
syzkaller login: [ 41.692333][ T3606] device � entered promiscuous mode
[ 41.714672][ T3608] ------------[ cut here ]------------
[ 41.720622][ T3608] Dropping previously announced user features
[ 41.727444][ T3608] WARNING: CPU: 1 PID: 3608 at net/openvswitch/datapath.c:1619 ovs_dp_reset_user_features+0x1bc/0x240
[ 41.738870][ T3608] Modules linked in:
[ 41.743246][ T3608] CPU: 1 PID: 3608 Comm: syz-executor162 Not tainted 6.0.0-syzkaller-07994-ge8bc52cb8df8 #0
[ 41.754045][ T3608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[ 41.765440][ T3608] RIP: 0010:ovs_dp_reset_user_features+0x1bc/0x240
[ 41.772390][ T3608] Code: 00 c7 03 00 00 00 00 eb 05 e8 d0 be 67 f7 5b 41 5c 41 5e 41 5f 5d c3 e8 c2 be 67 f7 48 c7 c7 00 92 e3 8b 31 c0 e8 74 7a 2f f7 <0f> 0b eb c7 44 89 f1 80 e1 07 fe c1 38 c1 0f 8c f1 fe ff ff 4c 89
[ 41.792496][ T3608] RSP: 0018:ffffc90003b8f370 EFLAGS: 00010246
[ 41.798838][ T3608] RAX: e794c0e413340e00 RBX: ffff8880175cae68 RCX: ffff88801c069d80
[ 41.807341][ T3608] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[ 41.815733][ T3608] RBP: 0000000000000008 R08: ffffffff816c58ad R09: ffffed1017364f13
[ 41.824041][ T3608] R10: ffffed1017364f13 R11: 1ffff11017364f12 R12: dffffc0000000000
[ 41.832537][ T3608] R13: ffff8880175ca450 R14: 1ffff11002eb95cd R15: ffffc90003b8f6b0
[ 41.840897][ T3608] FS: 0000555557276300(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000
[ 41.850239][ T3608] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 41.857141][ T3608] CR2: 0000000020000916 CR3: 000000001ed81000 CR4: 00000000003506e0
[ 41.865517][ T3608] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 41.873911][ T3608] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 41.882357][ T3608] Call Trace:
[ 41.885930][ T3608]
[ 41.889112][ T3608] ovs_dp_cmd_new+0x8f6/0xc80
[ 41.894262][ T3608] ? destroy_dp_rcu+0xa0/0xa0
[ 41.899303][ T3608] ? genl_family_rcv_msg_attrs_parse+0x1cd/0x290
[ 41.906047][ T3608] genl_rcv_msg+0x11ca/0x1670
[ 41.911042][ T3608] ? stack_trace_save+0x1f0/0x1f0
[ 41.916443][ T3608] ? genl_bind+0x370/0x370
[ 41.921235][ T3608] ? rcu_read_lock_sched_held+0x5f/0x130
[ 41.927161][ T3608] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 41.933573][ T3608] ? stack_trace_snprint+0xf0/0xf0
[ 41.938953][ T3608] ? rcu_read_lock_sched_held+0x5f/0x130
[ 41.945004][ T3608] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 41.951319][ T3608] ? rcu_read_lock_sched_held+0x5f/0x130
[ 41.957385][ T3608] ? rcu_read_lock_sched_held+0x5f/0x130
[ 41.963447][ T3608] ? destroy_dp_rcu+0xa0/0xa0
[ 41.968465][ T3608] ? trace_lock_acquire+0x7f/0x1d0
[ 41.974049][ T3608] ? lock_acquire+0xa5/0x400
[ 41.978994][ T3608] netlink_rcv_skb+0x1f0/0x460
[ 41.984135][ T3608] ? genl_bind+0x370/0x370
[ 41.988956][ T3608] ? netlink_ack+0xef0/0xef0
[ 41.993962][ T3608] ? __down_read_common+0x156/0x2a0
[ 42.002448][ T3608] genl_rcv+0x24/0x40
[ 42.006716][ T3608] netlink_unicast+0x7e7/0x9c0
[ 42.012018][ T3608] ? netlink_detachskb+0xa0/0xa0
[ 42.017243][ T3608] ? __phys_addr_symbol+0x2b/0x70
[ 42.022815][ T3608] ? 0xffffffff81000000
[ 42.027252][ T3608] ? __check_object_size+0x15a/0x210
[ 42.032989][ T3608] ? bpf_lsm_netlink_send+0x5/0x10
[ 42.038393][ T3608] netlink_sendmsg+0x9b3/0xcd0
[ 42.043653][ T3608] ? netlink_getsockopt+0x9c0/0x9c0
[ 42.049121][ T3608] ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 42.054847][ T3608] ? security_socket_sendmsg+0x9d/0xb0
[ 42.060715][ T3608] ? netlink_getsockopt+0x9c0/0x9c0
[ 42.066202][ T3608] ____sys_sendmsg+0x597/0x8e0
[ 42.071829][ T3608] ? __sys_sendmsg_sock+0x30/0x30
[ 42.077174][ T3608] ? rcu_read_lock_sched_held+0x5f/0x130
[ 42.083389][ T3608] ? __rwlock_init+0x140/0x140
[ 42.088475][ T3608] __sys_sendmsg+0x28e/0x390
[ 42.093650][ T3608] ? ____sys_sendmsg+0x8e0/0x8e0
[ 42.098888][ T3608] ? do_notify_parent+0xeb0/0xeb0
[ 42.104550][ T3608] ? rcu_read_lock_sched_held+0x5f/0x130
[ 42.110678][ T3608] ? syscall_enter_from_user_mode+0x86/0x1d0
[ 42.116956][ T3608] do_syscall_64+0x2b/0x70
[ 42.122093][ T3608] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 42.128278][ T3608] RIP: 0033:0x7fc51f29de89
[ 42.133240][ T3608] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 42.153420][ T3608] RSP: 002b:00007ffd99ec6ed8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 42.162355][ T3608] RAX: ffffffffffffffda RBX: 000000000000a2c4 RCX: 00007fc51f29de89
[ 42.170852][ T3608] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[ 42.179109][ T3608] RBP: 0000000000000000 R08: 00007ffd99ec7078 R09: 00007ffd99ec7078
[ 42.187795][ T3608] R10: 00007ffd99ec6950 R11: 0000000000000246 R12: 00007ffd99ec6eec
[ 42.196275][ T3608] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 42.204739][ T3608]
[ 42.208031][ T3608] Kernel panic - not syncing: panic_on_warn set ...
[ 42.214636][ T3608] CPU: 1 PID: 3608 Comm: syz-executor162 Not tainted 6.0.0-syzkaller-07994-ge8bc52cb8df8 #0
[ 42.224709][ T3608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[ 42.234777][ T3608] Call Trace:
[ 42.238151][ T3608]
[ 42.241093][ T3608] dump_stack_lvl+0x1e3/0x2cb
[ 42.245966][ T3608] ? io_alloc_page_table+0x110/0x110
[ 42.251272][ T3608] ? panic+0x766/0x766
[ 42.255363][ T3608] ? vscnprintf+0x59/0x80
[ 42.259726][ T3608] ? ovs_dp_reset_user_features+0x130/0x240
[ 42.265677][ T3608] panic+0x316/0x766
[ 42.269596][ T3608] ? __warn+0x131/0x220
[ 42.273769][ T3608] ? fb_is_primary_device+0xcc/0xcc
[ 42.278987][ T3608] ? ovs_dp_reset_user_features+0x1bc/0x240
[ 42.284902][ T3608] __warn+0x1fa/0x220
[ 42.288905][ T3608] ? ovs_dp_reset_user_features+0x1bc/0x240
[ 42.294906][ T3608] report_bug+0x1b3/0x2d0
[ 42.299253][ T3608] handle_bug+0x3d/0x70
[ 42.303429][ T3608] exc_invalid_op+0x16/0x40
[ 42.307953][ T3608] asm_exc_invalid_op+0x16/0x20
[ 42.312847][ T3608] RIP: 0010:ovs_dp_reset_user_features+0x1bc/0x240
[ 42.319353][ T3608] Code: 00 c7 03 00 00 00 00 eb 05 e8 d0 be 67 f7 5b 41 5c 41 5e 41 5f 5d c3 e8 c2 be 67 f7 48 c7 c7 00 92 e3 8b 31 c0 e8 74 7a 2f f7 <0f> 0b eb c7 44 89 f1 80 e1 07 fe c1 38 c1 0f 8c f1 fe ff ff 4c 89
[ 42.338952][ T3608] RSP: 0018:ffffc90003b8f370 EFLAGS: 00010246
[ 42.345010][ T3608] RAX: e794c0e413340e00 RBX: ffff8880175cae68 RCX: ffff88801c069d80
[ 42.352969][ T3608] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[ 42.360929][ T3608] RBP: 0000000000000008 R08: ffffffff816c58ad R09: ffffed1017364f13
[ 42.368888][ T3608] R10: ffffed1017364f13 R11: 1ffff11017364f12 R12: dffffc0000000000
[ 42.376845][ T3608] R13: ffff8880175ca450 R14: 1ffff11002eb95cd R15: ffffc90003b8f6b0
[ 42.384981][ T3608] ? __wake_up_klogd+0xcd/0x100
[ 42.389840][ T3608] ovs_dp_cmd_new+0x8f6/0xc80
[ 42.394521][ T3608] ? destroy_dp_rcu+0xa0/0xa0
[ 42.399190][ T3608] ? genl_family_rcv_msg_attrs_parse+0x1cd/0x290
[ 42.405682][ T3608] genl_rcv_msg+0x11ca/0x1670
[ 42.410433][ T3608] ? stack_trace_save+0x1f0/0x1f0
[ 42.415477][ T3608] ? genl_bind+0x370/0x370
[ 42.419912][ T3608] ? rcu_read_lock_sched_held+0x5f/0x130
[ 42.425572][ T3608] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 42.431564][ T3608] ? stack_trace_snprint+0xf0/0xf0
[ 42.436675][ T3608] ? rcu_read_lock_sched_held+0x5f/0x130
[ 42.442300][ T3608] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 42.448271][ T3608] ? rcu_read_lock_sched_held+0x5f/0x130
[ 42.453894][ T3608] ? rcu_read_lock_sched_held+0x5f/0x130
[ 42.459516][ T3608] ? destroy_dp_rcu+0xa0/0xa0
[ 42.464182][ T3608] ? trace_lock_acquire+0x7f/0x1d0
[ 42.469286][ T3608] ? lock_acquire+0xa5/0x400
[ 42.473871][ T3608] netlink_rcv_skb+0x1f0/0x460
[ 42.478633][ T3608] ? genl_bind+0x370/0x370
[ 42.483037][ T3608] ? netlink_ack+0xef0/0xef0
[ 42.487632][ T3608] ? __down_read_common+0x156/0x2a0
[ 42.492818][ T3608] genl_rcv+0x24/0x40
[ 42.496810][ T3608] netlink_unicast+0x7e7/0x9c0
[ 42.501566][ T3608] ? netlink_detachskb+0xa0/0xa0
[ 42.506496][ T3608] ? __phys_addr_symbol+0x2b/0x70
[ 42.511506][ T3608] ? 0xffffffff81000000
[ 42.515643][ T3608] ? __check_object_size+0x15a/0x210
[ 42.520918][ T3608] ? bpf_lsm_netlink_send+0x5/0x10
[ 42.526018][ T3608] netlink_sendmsg+0x9b3/0xcd0
[ 42.530772][ T3608] ? netlink_getsockopt+0x9c0/0x9c0
[ 42.535960][ T3608] ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 42.541228][ T3608] ? security_socket_sendmsg+0x9d/0xb0
[ 42.546676][ T3608] ? netlink_getsockopt+0x9c0/0x9c0
[ 42.551859][ T3608] ____sys_sendmsg+0x597/0x8e0
[ 42.556619][ T3608] ? __sys_sendmsg_sock+0x30/0x30
[ 42.562154][ T3608] ? rcu_read_lock_sched_held+0x5f/0x130
[ 42.567774][ T3608] ? __rwlock_init+0x140/0x140
[ 42.572531][ T3608] __sys_sendmsg+0x28e/0x390
[ 42.577114][ T3608] ? ____sys_sendmsg+0x8e0/0x8e0
[ 42.582052][ T3608] ? do_notify_parent+0xeb0/0xeb0
[ 42.587061][ T3608] ? rcu_read_lock_sched_held+0x5f/0x130
[ 42.592686][ T3608] ? syscall_enter_from_user_mode+0x86/0x1d0
[ 42.598743][ T3608] do_syscall_64+0x2b/0x70
[ 42.603143][ T3608] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 42.609037][ T3608] RIP: 0033:0x7fc51f29de89
[ 42.613439][ T3608] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 42.633031][ T3608] RSP: 002b:00007ffd99ec6ed8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 42.641431][ T3608] RAX: ffffffffffffffda RBX: 000000000000a2c4 RCX: 00007fc51f29de89
[ 42.649390][ T3608] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[ 42.657349][ T3608] RBP: 0000000000000000 R08: 00007ffd99ec7078 R09: 00007ffd99ec7078
[ 42.665314][ T3608] R10: 00007ffd99ec6950 R11: 0000000000000246 R12: 00007ffd99ec6eec
[ 42.673287][ T3608] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 42.681428][ T3608]
[ 42.684605][ T3608] Kernel Offset: disabled
[ 42.688927][ T3608] Rebooting in 86400 seconds..