[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.14' (ECDSA) to the list of known hosts. 2021/10/28 15:50:21 parsed 1 programs syzkaller login: [ 67.703526][ T6536] cgroup: Unknown subsys name 'net' [ 67.720969][ T6536] cgroup: Unknown subsys name 'rlimit' 2021/10/28 15:50:22 executed programs: 0 [ 69.469988][ T6551] chnl_net:caif_netlink_parms(): no params data found [ 69.536472][ T6551] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.543749][ T6551] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.552039][ T6551] device bridge_slave_0 entered promiscuous mode [ 69.561883][ T6551] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.568936][ T6551] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.577395][ T6551] device bridge_slave_1 entered promiscuous mode [ 69.606093][ T6551] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.617050][ T6551] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.651798][ T6551] team0: Port device team_slave_0 added [ 69.659609][ T6551] team0: Port device team_slave_1 added [ 69.686144][ T6551] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.693281][ T6551] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.719265][ T6551] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.733308][ T6551] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.740540][ T6551] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.766824][ T6551] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.803140][ T6551] device hsr_slave_0 entered promiscuous mode [ 69.810996][ T6551] device hsr_slave_1 entered promiscuous mode [ 69.928730][ T6551] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 69.938951][ T6551] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 69.948933][ T6551] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 69.959478][ T6551] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 69.980656][ T6551] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.987864][ T6551] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.995784][ T6551] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.002917][ T6551] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.049003][ T6551] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.067159][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 70.078140][ T5] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.087510][ T5] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.095856][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 70.108749][ T6551] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.120104][ T1363] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 70.129090][ T1363] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.136205][ T1363] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.147244][ T6883] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 70.155622][ T6883] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.162890][ T6883] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.181854][ T6883] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 70.191641][ T6883] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 70.203023][ T6883] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 70.215682][ T1363] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 70.227199][ T1363] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 70.237979][ T6551] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 70.256191][ T1363] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 70.263899][ T1363] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 70.277442][ T6551] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.295995][ T6883] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 70.315576][ T6883] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 70.323900][ T6883] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 70.331839][ T6883] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 70.343389][ T6551] device veth0_vlan entered promiscuous mode [ 70.356343][ T6551] device veth1_vlan entered promiscuous mode [ 70.377502][ T6883] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 70.385636][ T6883] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 70.394093][ T6883] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 70.405882][ T6551] device veth0_macvtap entered promiscuous mode [ 70.415879][ T6551] device veth1_macvtap entered promiscuous mode [ 70.434287][ T6551] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 70.443756][ T6883] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 70.454027][ T6883] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 70.465632][ T6551] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 70.474748][ T6883] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 70.483281][ T6883] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 70.495152][ T6551] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.504172][ T6551] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.512968][ T6551] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.521732][ T6551] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.604906][ T1075] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.613130][ T1075] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.631381][ T6883] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 70.648143][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.656351][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.666757][ T1363] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 70.721208][ T6904] loop0: detected capacity change from 0 to 3798 [ 70.876590][ T6912] loop0: detected capacity change from 0 to 3798 [ 71.063097][ T1198] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.069618][ T1198] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.107340][ T6927] loop0: detected capacity change from 0 to 3798 [ 71.301792][ T1363] Bluetooth: hci0: command 0x0409 tx timeout [ 71.309910][ T6939] loop0: detected capacity change from 0 to 3798 [ 71.423473][ T6947] loop0: detected capacity change from 0 to 3798 [ 71.639860][ T6954] loop0: detected capacity change from 0 to 3798 [ 71.774132][ T6960] loop0: detected capacity change from 0 to 3798 [ 71.951876][ T6970] loop0: detected capacity change from 0 to 3798 [ 72.112710][ T6980] loop0: detected capacity change from 0 to 3798 [ 72.272301][ T6986] loop0: detected capacity change from 0 to 3798 [ 72.394226][ T6993] loop0: detected capacity change from 0 to 3798 [ 72.589230][ T7002] loop0: detected capacity change from 0 to 3798 [ 72.827581][ T7014] loop0: detected capacity change from 0 to 3798 [ 73.008324][ T7021] loop0: detected capacity change from 0 to 3798 2021/10/28 15:50:27 executed programs: 18 [ 73.265435][ T7029] loop0: detected capacity change from 0 to 3798 [ 73.380753][ T2935] Bluetooth: hci0: command 0x041b tx timeout [ 73.504464][ T7037] loop0: detected capacity change from 0 to 3798 [ 73.673970][ T7043] loop0: detected capacity change from 0 to 3798 [ 73.878696][ T7052] loop0: detected capacity change from 0 to 3798 [ 74.064568][ T7060] loop0: detected capacity change from 0 to 3798 [ 74.195006][ T7066] loop0: detected capacity change from 0 to 3798 [ 74.306082][ T7073] loop0: detected capacity change from 0 to 3798 [ 74.548630][ T7085] loop0: detected capacity change from 0 to 3798 [ 74.701814][ T7091] loop0: detected capacity change from 0 to 3798 [ 74.883454][ T7100] loop0: detected capacity change from 0 to 3798 [ 75.103724][ T7108] loop0: detected capacity change from 0 to 3798 [ 75.277426][ T7116] loop0: detected capacity change from 0 to 3798 [ 75.425217][ T7123] loop0: detected capacity change from 0 to 3798 [ 75.459989][ T1363] Bluetooth: hci0: command 0x040f tx timeout [ 75.592011][ T7131] loop0: detected capacity change from 0 to 3798 [ 75.749330][ T7139] loop0: detected capacity change from 0 to 3798 [ 75.951229][ T7149] loop0: detected capacity change from 0 to 3798 [ 76.256989][ T7161] loop0: detected capacity change from 0 to 3798 [ 76.406506][ T7166] loop0: detected capacity change from 0 to 3798 [ 76.526125][ T7174] loop0: detected capacity change from 0 to 3798 [ 76.692058][ T7181] loop0: detected capacity change from 0 to 3798 [ 76.806763][ T7188] loop0: detected capacity change from 0 to 3798 [ 77.040255][ T7198] loop0: detected capacity change from 0 to 3798 [ 77.118534][ T7202] BUG: unable to handle page fault for address: ffffed107ba66550 [ 77.126318][ T7202] #PF: supervisor read access in kernel mode [ 77.132334][ T7202] #PF: error_code(0x0000) - not-present page [ 77.138290][ T7202] PGD 23ffee067 P4D 23ffee067 PUD 13fff4067 PMD 0 [ 77.144781][ T7202] Oops: 0000 [#1] PREEMPT SMP KASAN [ 77.149957][ T7202] CPU: 0 PID: 7202 Comm: syz-executor.0 Not tainted 5.15.0-rc7-next-20211028-syzkaller #0 [ 77.159827][ T7202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 77.169860][ T7202] RIP: 0010:__blk_mq_alloc_requests+0x4a7/0xb00 [ 77.176102][ T7202] Code: e8 fd 48 8b 44 24 10 80 38 00 0f 85 a6 04 00 00 48 8b 44 24 08 45 89 ed 48 8b b0 88 00 00 00 4a 8d 1c ee 48 89 d8 48 c1 e8 03 <42> 80 3c 30 00 0f 85 6c 04 00 00 44 8b ac 24 a0 00 00 00 48 8b 03 [ 77.195693][ T7202] RSP: 0018:ffffc900039aea90 EFLAGS: 00010a06 [ 77.201757][ T7202] RAX: 1ffff1107ba66550 RBX: ffff8883dd332a80 RCX: 0000000000000000 [ 77.209720][ T7202] RDX: ffff8880740c0000 RSI: ffff888019fda000 RDI: 0000000000000003 [ 77.217686][ T7202] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 77.225645][ T7202] R10: ffffffff838f31a1 R11: 0000000000000000 R12: 0000000000000000 [ 77.233603][ T7202] R13: 000000007866b150 R14: dffffc0000000000 R15: ffffc900039aec28 [ 77.241564][ T7202] FS: 00007f3c2b614700(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 [ 77.250485][ T7202] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.257063][ T7202] CR2: ffffed107ba66550 CR3: 0000000018721000 CR4: 00000000003506f0 [ 77.265025][ T7202] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 77.272987][ T7202] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 77.280944][ T7202] Call Trace: [ 77.284210][ T7202] [ 77.287134][ T7202] ? blk_mq_hctx_mark_pending+0x2a0/0x2a0 [ 77.292857][ T7202] ? iolatency_pd_alloc+0x1b0/0x1b0 [ 77.298058][ T7202] blk_mq_submit_bio+0xdac/0x1b40 [ 77.303076][ T7202] ? blk_mq_try_issue_list_directly+0x4d0/0x4d0 [ 77.309309][ T7202] ? submit_bio_checks+0x26a/0x1d90 [ 77.314506][ T7202] __submit_bio+0x794/0x8e0 [ 77.319004][ T7202] ? __bio_try_merge_page+0xae/0x360 [ 77.324287][ T7202] ? submit_bio_checks+0x1d90/0x1d90 [ 77.329565][ T7202] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 77.335797][ T7202] ? bio_add_page+0x186/0x1f0 [ 77.340653][ T7202] ? __bio_try_merge_page+0x360/0x360 [ 77.346028][ T7202] ? find_held_lock+0x2d/0x110 [ 77.350796][ T7202] submit_bio_noacct+0x6c9/0x8a0 [ 77.355747][ T7202] ? __submit_bio+0x8e0/0x8e0 [ 77.360419][ T7202] submit_bio+0x1ea/0x430 [ 77.364914][ T7202] ? submit_bio_noacct+0x8a0/0x8a0 [ 77.370016][ T7202] mpage_readahead+0x589/0x750 [ 77.374782][ T7202] ? do_mpage_readpage+0x1f80/0x1f80 [ 77.380071][ T7202] ? __blkdev_direct_IO_simple+0x860/0x860 [ 77.385872][ T7202] ? folio_add_lru+0x353/0x6a0 [ 77.390627][ T7202] ? lock_downgrade+0x6e0/0x6e0 [ 77.395470][ T7202] ? blkdev_write_begin+0x40/0x40 [ 77.400489][ T7202] read_pages+0x1e4/0xfa0 [ 77.404812][ T7202] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 77.411047][ T7202] ? folio_add_lru+0x508/0x6a0 [ 77.415800][ T7202] ? readahead_expand+0x8b0/0x8b0 [ 77.420812][ T7202] ? filemap_add_folio+0x138/0x1d0 [ 77.425913][ T7202] ? add_to_page_cache_locked+0x90/0x90 [ 77.431454][ T7202] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 77.437691][ T7202] ? folio_alloc+0x3f/0x70 [ 77.442117][ T7202] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 77.448354][ T7202] page_cache_ra_unbounded+0x64b/0x940 [ 77.453832][ T7202] ? read_pages+0xfa0/0xfa0 [ 77.458326][ T7202] ? lock_downgrade+0x6e0/0x6e0 [ 77.463167][ T7202] ? lock_downgrade+0x6e0/0x6e0 [ 77.468009][ T7202] ondemand_readahead+0x594/0x1090 [ 77.473125][ T7202] page_cache_sync_ra+0x1cb/0x200 [ 77.478151][ T7202] filemap_get_pages+0x2b2/0x1be0 [ 77.483170][ T7202] ? filemap_get_read_batch+0xad0/0xad0 [ 77.488723][ T7202] filemap_read+0x315/0xeb0 [ 77.493224][ T7202] ? aa_file_perm+0x595/0x1180 [ 77.497986][ T7202] ? filemap_get_pages+0x1be0/0x1be0 [ 77.503267][ T7202] ? fsnotify+0x12b0/0x12b0 [ 77.507757][ T7202] ? import_single_range+0x288/0x320 [ 77.513035][ T7202] ? __io_import_iovec+0x36f/0x1330 [ 77.518233][ T7202] generic_file_read_iter+0x3b6/0x5a0 [ 77.523608][ T7202] blkdev_read_iter+0x117/0x200 [ 77.528450][ T7202] ? blkdev_write_iter+0x6a0/0x6a0 [ 77.533555][ T7202] io_read+0x33c/0xff0 [ 77.537616][ T7202] ? stack_trace_save+0x8c/0xc0 [ 77.542462][ T7202] ? kiocb_done+0xb90/0xb90 [ 77.546967][ T7202] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 77.552944][ T7202] ? lock_chain_count+0x20/0x20 [ 77.557789][ T7202] io_issue_sqe+0x800/0x7010 [ 77.562373][ T7202] ? find_held_lock+0x2d/0x110 [ 77.567130][ T7202] ? __fget_files+0x21b/0x3e0 [ 77.571800][ T7202] ? lock_downgrade+0x6e0/0x6e0 [ 77.576642][ T7202] ? io_openat2+0xb50/0xb50 [ 77.581154][ T7202] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 77.587395][ T7202] io_submit_sqes+0x1bca/0x8a20 [ 77.592245][ T7202] ? do_raw_spin_unlock+0x171/0x230 [ 77.597437][ T7202] ? io_async_task_func+0x550/0x550 [ 77.602633][ T7202] ? io_timeout_fn+0x360/0x360 [ 77.607395][ T7202] ? __do_sys_io_uring_enter+0xf6e/0x1f50 [ 77.613110][ T7202] __do_sys_io_uring_enter+0xf6e/0x1f50 [ 77.618656][ T7202] ? io_submit_sqes+0x8a20/0x8a20 [ 77.623676][ T7202] ? find_held_lock+0x2d/0x110 [ 77.628536][ T7202] ? __context_tracking_exit+0xb8/0xe0 [ 77.634011][ T7202] ? lock_downgrade+0x6e0/0x6e0 [ 77.638862][ T7202] ? lock_downgrade+0x6e0/0x6e0 [ 77.643718][ T7202] ? syscall_enter_from_user_mode+0x21/0x70 [ 77.649621][ T7202] do_syscall_64+0x35/0xb0 [ 77.654040][ T7202] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 77.659933][ T7202] RIP: 0033:0x7f3c2bebfa39 [ 77.664338][ T7202] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 77.683939][ T7202] RSP: 002b:00007f3c2b614188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 77.692341][ T7202] RAX: ffffffffffffffda RBX: 00007f3c2bfd3020 RCX: 00007f3c2bebfa39 [ 77.700300][ T7202] RDX: 0000000000000000 RSI: 0000000000000300 RDI: 0000000000000003 [ 77.708257][ T7202] RBP: 00007f3c2bf19e8f R08: 0000000000000000 R09: 0000000000000000 [ 77.716228][ T7202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 77.724184][ T7202] R13: 00007fff8fded97f R14: 00007f3c2b614300 R15: 0000000000022000 [ 77.732149][ T7202] [ 77.735153][ T7202] Modules linked in: [ 77.739039][ T7202] CR2: ffffed107ba66550 [ 77.743198][ T7202] ---[ end trace 82adc37c4f8d8622 ]--- [ 77.748633][ T7202] RIP: 0010:__blk_mq_alloc_requests+0x4a7/0xb00 [ 77.754884][ T7202] Code: e8 fd 48 8b 44 24 10 80 38 00 0f 85 a6 04 00 00 48 8b 44 24 08 45 89 ed 48 8b b0 88 00 00 00 4a 8d 1c ee 48 89 d8 48 c1 e8 03 <42> 80 3c 30 00 0f 85 6c 04 00 00 44 8b ac 24 a0 00 00 00 48 8b 03 [ 77.774484][ T7202] RSP: 0018:ffffc900039aea90 EFLAGS: 00010a06 [ 77.780539][ T7202] RAX: 1ffff1107ba66550 RBX: ffff8883dd332a80 RCX: 0000000000000000 [ 77.788495][ T7202] RDX: ffff8880740c0000 RSI: ffff888019fda000 RDI: 0000000000000003 [ 77.796455][ T7202] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 77.804422][ T7202] R10: ffffffff838f31a1 R11: 0000000000000000 R12: 0000000000000000 [ 77.812397][ T7202] R13: 000000007866b150 R14: dffffc0000000000 R15: ffffc900039aec28 [ 77.820362][ T7202] FS: 00007f3c2b614700(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 [ 77.829300][ T7202] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.835880][ T7202] CR2: ffffed107ba66550 CR3: 0000000018721000 CR4: 00000000003506f0 [ 77.843934][ T7202] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 77.851891][ T7202] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 77.859851][ T7202] Kernel panic - not syncing: Fatal exception [ 77.866330][ T7202] Kernel Offset: disabled [ 77.870641][ T7202] Rebooting in 86400 seconds..