[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.10.55' (ECDSA) to the list of known hosts. syzkaller login: [ 313.212224][ T6795] IPVS: ftp: loaded support on port[0] = 21 [ 313.297526][ T6795] chnl_net:caif_netlink_parms(): no params data found [ 313.350715][ T6795] bridge0: port 1(bridge_slave_0) entered blocking state [ 313.358567][ T6795] bridge0: port 1(bridge_slave_0) entered disabled state [ 313.367720][ T6795] device bridge_slave_0 entered promiscuous mode [ 313.376518][ T6795] bridge0: port 2(bridge_slave_1) entered blocking state [ 313.384629][ T6795] bridge0: port 2(bridge_slave_1) entered disabled state [ 313.393181][ T6795] device bridge_slave_1 entered promiscuous mode [ 313.413742][ T6795] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 313.425378][ T6795] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 313.448011][ T6795] team0: Port device team_slave_0 added [ 313.456260][ T6795] team0: Port device team_slave_1 added [ 313.473583][ T6795] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 313.480563][ T6795] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 313.506604][ T6795] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 313.518980][ T6795] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 313.526077][ T6795] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 313.552520][ T6795] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 313.605456][ T6795] device hsr_slave_0 entered promiscuous mode [ 313.672456][ T6795] device hsr_slave_1 entered promiscuous mode [ 313.797049][ T6795] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 313.845379][ T6795] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 313.904495][ T6795] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 313.945286][ T6795] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 314.018634][ T6795] bridge0: port 2(bridge_slave_1) entered blocking state [ 314.025875][ T6795] bridge0: port 2(bridge_slave_1) entered forwarding state [ 314.033925][ T6795] bridge0: port 1(bridge_slave_0) entered blocking state [ 314.041028][ T6795] bridge0: port 1(bridge_slave_0) entered forwarding state [ 314.086655][ T6795] 8021q: adding VLAN 0 to HW filter on device bond0 [ 314.099788][ T2507] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 314.111077][ T2507] bridge0: port 1(bridge_slave_0) entered disabled state [ 314.119714][ T2507] bridge0: port 2(bridge_slave_1) entered disabled state [ 314.128973][ T2507] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 314.143314][ T6795] 8021q: adding VLAN 0 to HW filter on device team0 [ 314.156046][ T2486] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 314.165121][ T2486] bridge0: port 1(bridge_slave_0) entered blocking state [ 314.172405][ T2486] bridge0: port 1(bridge_slave_0) entered forwarding state [ 314.193674][ T2507] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 314.203141][ T2507] bridge0: port 2(bridge_slave_1) entered blocking state [ 314.210253][ T2507] bridge0: port 2(bridge_slave_1) entered forwarding state [ 314.218732][ T2507] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 314.228785][ T2507] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 314.246458][ T6795] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 314.257250][ T6795] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 314.269895][ T6922] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 314.279618][ T6922] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 314.289145][ T6922] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 314.298171][ T6922] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 314.323758][ T6795] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 314.330887][ T6922] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 314.340380][ T6922] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 314.362344][ T2507] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 314.371004][ T2507] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 314.390870][ T6795] device veth0_vlan entered promiscuous mode [ 314.398637][ T7003] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 314.408109][ T7003] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 314.424611][ T6795] device veth1_vlan entered promiscuous mode [ 314.432548][ T6922] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 314.440776][ T6922] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 314.449932][ T6922] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 314.473215][ T2507] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 314.481302][ T2507] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 314.491454][ T2507] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 314.503611][ T6795] device veth0_macvtap entered promiscuous mode [ 314.514807][ T6795] device veth1_macvtap entered promiscuous mode [ 314.531200][ T6795] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 314.539764][ T2507] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 314.550336][ T2507] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 314.558996][ T2507] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 314.568622][ T2507] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 314.581541][ T6795] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 314.589388][ T6922] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 314.598355][ T6922] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program [ 419.791965][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 419.799102][ C0] rcu: 1-...0: (0 ticks this GP) idle=3ca/1/0x4000000000000000 softirq=9395/9395 fqs=5250 [ 419.809460][ C0] (detected by 0, t=10502 jiffies, g=8657, q=281) [ 419.815972][ C0] Sending NMI from CPU 0 to CPUs 1: [ 419.823350][ C0] NMI backtrace for cpu 1 [ 419.823357][ C0] CPU: 1 PID: 6795 Comm: syz-executor592 Not tainted 5.8.0-rc4-syzkaller #0 [ 419.823364][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 419.823369][ C0] RIP: 0010:check_memory_region+0x52/0x180 [ 419.823381][ C0] Code: 39 c7 0f 86 05 01 00 00 49 83 e9 01 48 89 fd 48 b8 00 00 00 00 00 fc ff df 4d 89 ca 48 c1 ed 03 49 c1 ea 03 48 01 c5 49 01 c2 <48> 89 e8 49 8d 5a 01 48 89 da 48 29 ea 48 83 fa 10 7e 63 41 89 eb [ 419.823385][ C0] RSP: 0018:ffffc90000da8bf0 EFLAGS: 00000086 [ 419.823394][ C0] RAX: dffffc0000000000 RBX: 1ffff920001b5183 RCX: ffffffff815afc00 [ 419.823400][ C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffc90000da8c38 [ 419.823406][ C0] RBP: fffff520001b5187 R08: 0000000000000001 R09: ffffc90000da8c3b [ 419.823411][ C0] R10: fffff520001b5187 R11: 0000000000000000 R12: ffffffff8cb517f0 [ 419.823417][ C0] R13: ffffffff8cb517f8 R14: 1ffff920001b519b R15: ffffffff89bd0d40 [ 419.823423][ C0] FS: 0000000002367880(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000 [ 419.823428][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 419.823434][ C0] CR2: 00007f90d3cb46c0 CR3: 00000000a1ac4000 CR4: 00000000001406e0 [ 419.823440][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 419.823445][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 419.823449][ C0] Call Trace: [ 419.823452][ C0] [ 419.823456][ C0] do_raw_spin_lock+0x120/0x2b0 [ 419.823460][ C0] ? rwlock_bug.part.0+0x90/0x90 [ 419.823464][ C0] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 419.823468][ C0] ? lock_acquire+0x1f1/0xad0 [ 419.823472][ C0] ? lockdep_hardirqs_off+0x66/0xa0 [ 419.823477][ C0] _raw_spin_lock_irqsave+0x94/0xc0 [ 419.823481][ C0] ? debug_object_activate+0x12e/0x3e0 [ 419.823485][ C0] debug_object_activate+0x12e/0x3e0 [ 419.823490][ C0] ? debug_object_assert_init+0x2e0/0x2e0 [ 419.823494][ C0] ? do_raw_spin_lock+0x120/0x2b0 [ 419.823498][ C0] ? rwlock_bug.part.0+0x90/0x90 [ 419.823502][ C0] enqueue_hrtimer+0x27/0x3f0 [ 419.823506][ C0] __hrtimer_run_queues+0xc1e/0xfc0 [ 419.823511][ C0] ? hrtimer_sleeper_start_expires+0x80/0x80 [ 419.823515][ C0] ? ktime_get_update_offsets_now+0x1c4/0x250 [ 419.823519][ C0] hrtimer_interrupt+0x32a/0x930 [ 419.823524][ C0] __sysvec_apic_timer_interrupt+0x142/0x5e0 [ 419.823528][ C0] asm_call_on_stack+0xf/0x20 [ 419.823531][ C0] [ 419.823535][ C0] sysvec_apic_timer_interrupt+0xe0/0x120 [ 419.823540][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 419.823544][ C0] RIP: 0010:on_each_cpu+0x149/0x240 [ 419.823556][ C0] Code: 00 fc ff df 48 c1 e8 03 80 3c 10 00 0f 85 e6 00 00 00 48 83 3d 97 12 4c 08 00 0f 84 af 00 00 00 e8 6c e9 0a 00 48 89 df 57 9d <0f> 1f 44 00 00 e8 5d e9 0a 00 bf 01 00 00 00 e8 83 a4 e6 ff 31 ff [ 419.823561][ C0] RSP: 0018:ffffc90001277d70 EFLAGS: 00000293 [ 419.823569][ C0] RAX: 0000000000000000 RBX: 0000000000000293 RCX: 0000000000000000 [ 419.823575][ C0] RDX: ffff8880944d2100 RSI: ffffffff8168cdf4 RDI: 0000000000000293 [ 419.823581][ C0] RBP: 0000000000000200 R08: 0000000000000000 R09: 0000000000000000 [ 419.823587][ C0] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000 [ 419.823592][ C0] R13: 0000000000000000 R14: ffffc90001277ed0 R15: ffffffffa0f92939 [ 419.823596][ C0] ? on_each_cpu+0x144/0x240 [ 419.823600][ C0] clock_was_set+0x18/0x20 [ 419.823604][ C0] do_settimeofday64+0x350/0x4e0 [ 419.823608][ C0] ? change_clocksource+0x200/0x200 [ 419.823612][ C0] ? capable+0xdd/0x100 [ 419.823616][ C0] do_sys_settimeofday64+0x1de/0x260 [ 419.823621][ C0] __x64_sys_clock_settime+0x197/0x260 [ 419.823625][ C0] ? exit_itimers+0x2d0/0x2d0 [ 419.823629][ C0] ? lock_is_held_type+0xb0/0xe0 [ 419.823632][ C0] ? do_syscall_64+0x1c/0xe0 [ 419.823637][ C0] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 419.823641][ C0] do_syscall_64+0x60/0xe0 [ 419.823645][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 419.823649][ C0] RIP: 0033:0x443849 [ 419.823653][ C0] Code: Bad RIP value. [ 419.823657][ C0] RSP: 002b:00007fff3d0ea0b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e3 [ 419.823667][ C0] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000443849 [ 419.823673][ C0] RDX: 0000000000443849 RSI: 0000000020000400 RDI: 0000000000000000 [ 419.823678][ C0] RBP: 00007fff3d0ea0c0 R08: 0000000001bbbbbb R09: 0000000001bbbbbb [ 419.823684][ C0] R10: 0000000001bbbbbb R11: 0000000000000246 R12: 00007fff3d0ea0d0 [ 419.823690][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 419.823696][ C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 0.000 msecs