[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.15.206' (ECDSA) to the list of known hosts.
syzkaller login: [  889.007038][ T8500] IPVS: ftp: loaded support on port[0] = 21
[  889.010399][ T8495] IPVS: ftp: loaded support on port[0] = 21
[  889.014992][ T8498] IPVS: ftp: loaded support on port[0] = 21
[  889.021728][ T8493] IPVS: ftp: loaded support on port[0] = 21
[  889.037253][ T8499] IPVS: ftp: loaded support on port[0] = 21
[  889.045525][ T8497] IPVS: ftp: loaded support on port[0] = 21
[  889.273862][ T8525] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  889.287608][ T8525] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  889.303040][ T8529] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  889.311085][ T8529] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  889.320294][ T8655] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  889.340758][ T8655] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  889.360529][  T263] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  889.381543][  T263] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  889.390373][ T8655] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  889.424759][ T8529] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  889.458428][ T8529] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  889.476914][ T8655] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  889.497947][ T8525] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  889.497967][ T8529] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  889.497991][ T8529] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  889.515526][ T8525] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  889.522122][  T263] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  889.552829][ T8481] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
executing program
[  889.573351][ T8481] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  889.577048][  T263] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  889.602371][    C0] hrtimer: interrupt took 30400 ns
[  889.613167][ T8709] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  889.622568][ T8529] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  889.641898][ T8525] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  889.657765][ T8525] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  889.665234][ T8529] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  889.674096][ T8709] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  889.700874][ T3079] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  889.729655][ T8709] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  889.741225][ T3079] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  889.779298][ T8709] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  889.799796][ T3079] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
executing program
executing program
executing program
[  889.826875][ T3079] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  889.846157][ T3079] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  889.865189][  T263] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
executing program
[  889.895803][  T263] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program
executing program
[  890.180717][ T3079] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 1118.062373][    C1] rcu: INFO: rcu_preempt self-detected stall on CPU
[ 1118.069430][    C1] rcu: 	1-....: (10048 ticks this GP) idle=cde/1/0x4000000000000000 softirq=10858/10860 fqs=191 
[ 1118.080202][    C1] 	(t=10500 jiffies g=8689 q=82)
[ 1118.085146][    C1] NMI backtrace for cpu 1
[ 1118.089489][    C1] CPU: 1 PID: 8879 Comm: syz-executor587 Not tainted 5.10.0-rc7-syzkaller #0
[ 1118.098403][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1118.108472][    C1] Call Trace:
[ 1118.111771][    C1]  <IRQ>
[ 1118.114644][    C1]  dump_stack+0x107/0x163
[ 1118.118967][    C1]  nmi_cpu_backtrace.cold+0x44/0xd7
[ 1118.124159][    C1]  ? lapic_can_unplug_cpu+0x80/0x80
[ 1118.129351][    C1]  nmi_trigger_cpumask_backtrace+0x1b3/0x230
[ 1118.135322][    C1]  rcu_dump_cpu_stacks+0x1e3/0x21e
[ 1118.140431][    C1]  rcu_sched_clock_irq.cold+0x472/0xee8
[ 1118.145971][    C1]  ? do_raw_spin_unlock+0x171/0x230
[ 1118.151158][    C1]  ? rcutree_dead_cpu+0x40/0x40
[ 1118.155998][    C1]  ? timekeeping_advance+0x6f8/0xa40
[ 1118.161281][    C1]  ? __raise_softirq_irqoff+0x93/0x1d0
[ 1118.166733][    C1]  update_process_times+0x77/0xd0
[ 1118.171748][    C1]  tick_sched_handle+0x9b/0x180
[ 1118.176588][    C1]  tick_sched_timer+0x1d1/0x2a0
[ 1118.181428][    C1]  ? can_stop_idle_tick+0x290/0x290
[ 1118.186617][    C1]  __hrtimer_run_queues+0x1ce/0xea0
[ 1118.191822][    C1]  ? hrtimer_sleeper_start_expires+0x80/0x80
[ 1118.197882][    C1]  ? ktime_get_update_offsets_now+0x249/0x320
[ 1118.203942][    C1]  hrtimer_interrupt+0x334/0x940
[ 1118.208905][    C1]  __sysvec_apic_timer_interrupt+0x146/0x540
[ 1118.215238][    C1]  sysvec_apic_timer_interrupt+0x48/0x100
[ 1118.220974][    C1]  asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1118.227206][    C1] RIP: 0010:__read_once_word_nocheck+0x3/0x10
[ 1118.233260][    C1] Code: 48 c7 c7 60 64 1b 8b e8 1b ea 9e 02 e9 60 fb ff ff e8 11 b4 81 00 e9 cf fb ff ff cc cc cc cc cc cc cc cc cc cc cc cc 48 8b 07 <c3> 66 90 66 2e 0f 1f 84 00 00 00 00 00 41 57 89 d0 41 56 41 55 41
[ 1118.253110][    C1] RSP: 0018:ffffc90000d90640 EFLAGS: 00000246
[ 1118.259254][    C1] RAX: ffffffff8126823a RBX: ffffc90000d90798 RCX: ffffc90000d90798
[ 1118.267219][    C1] RDX: dffffc0000000000 RSI: 0000000000000001 RDI: ffffc9000268f5e8
[ 1118.275178][    C1] RBP: ffffc9000268f5e8 R08: 0000000000000000 R09: ffffffff8df5db76
[ 1118.283225][    C1] R10: 0000000000082081 R11: 0000000000000001 R12: ffffc90000d90750
[ 1118.291446][    C1] R13: ffffc90000d89000 R14: ffffc90000d907a0 R15: ffffc90000d90750
[ 1118.299419][    C1]  ? do_softirq_own_stack+0xaa/0xd0
[ 1118.304895][    C1]  deref_stack_reg+0xee/0x150
[ 1118.309738][    C1]  unwind_next_frame+0xc3b/0x1f90
[ 1118.314838][    C1]  ? asm_call_irq_on_stack+0xf/0x20
[ 1118.320034][    C1]  ? deref_stack_reg+0x150/0x150
[ 1118.325049][    C1]  ? create_prof_cpu_mask+0x20/0x20
[ 1118.330240][    C1]  ? create_prof_cpu_mask+0x20/0x20
[ 1118.335432][    C1]  arch_stack_walk+0x7d/0xe0
[ 1118.340143][    C1]  ? asm_call_irq_on_stack+0xf/0x20
[ 1118.345334][    C1]  stack_trace_save+0x8c/0xc0
[ 1118.350090][    C1]  ? stack_trace_consume_entry+0x160/0x160
[ 1118.355977][    C1]  ? ring_buffer_wakeup+0x194/0x2b0
[ 1118.361163][    C1]  ? lock_downgrade+0x6d0/0x6d0
[ 1118.366001][    C1]  ? lapic_next_event+0x4d/0x80
[ 1118.370841][    C1]  kasan_save_stack+0x1b/0x40
[ 1118.375507][    C1]  ? kasan_save_stack+0x1b/0x40
[ 1118.380347][    C1]  ? __kasan_kmalloc.constprop.0+0xc2/0xd0
[ 1118.386139][    C1]  ? kmem_cache_alloc+0x1c6/0x440
[ 1118.391243][    C1]  ? __build_skb+0x21/0x60
[ 1118.395652][    C1]  ? __netdev_alloc_skb+0x20d/0x3f0
[ 1118.401057][    C1]  ? __ieee80211_beacon_get+0xebe/0x1aa0
[ 1118.406884][    C1]  ? ieee80211_beacon_get_tim+0x88/0x910
[ 1118.412507][    C1]  ? mac80211_hwsim_beacon_tx+0x111/0x910
[ 1118.418213][    C1]  ? __iterate_interfaces+0x1e5/0x520
[ 1118.423597][    C1]  ? ieee80211_iterate_active_interfaces_atomic+0x8d/0x170
[ 1118.430781][    C1]  ? mac80211_hwsim_beacon+0xd5/0x1a0
[ 1118.436144][    C1]  ? __hrtimer_run_queues+0x693/0xea0
[ 1118.441678][    C1]  ? hrtimer_run_softirq+0x17b/0x360
[ 1118.447127][    C1]  ? __do_softirq+0x2a0/0x9f6
[ 1118.451792][    C1]  ? asm_call_irq_on_stack+0xf/0x20
[ 1118.457240][    C1]  ? kvm_sched_clock_read+0x14/0x40
[ 1118.462429][    C1]  ? sched_clock+0x2a/0x40
[ 1118.466836][    C1]  ? sched_clock_cpu+0x18/0x1f0
[ 1118.471687][    C1]  ? irqtime_account_irq+0x17e/0x2d0
[ 1118.476961][    C1]  ? asm_sysvec_irq_work+0x12/0x20
[ 1118.482064][    C1]  ? lockdep_hardirqs_on+0x79/0x100
[ 1118.487254][    C1]  ? asm_sysvec_irq_work+0x12/0x20
[ 1118.492392][    C1]  ? kasan_save_stack+0x2/0x40
[ 1118.497323][    C1]  __kasan_kmalloc.constprop.0+0xc2/0xd0
[ 1118.502951][    C1]  kmem_cache_alloc+0x1c6/0x440
[ 1118.507792][    C1]  __build_skb+0x21/0x60
[ 1118.512010][    C1]  __netdev_alloc_skb+0x20d/0x3f0
[ 1118.517078][    C1]  __ieee80211_beacon_get+0xebe/0x1aa0
[ 1118.522518][    C1]  ? ieee80211_set_beacon_cntdwn+0x620/0x620
[ 1118.528469][    C1]  ? kill_fasync+0x18/0x460
[ 1118.532950][    C1]  ? kvm_sched_clock_read+0x14/0x40
[ 1118.538265][    C1]  ? sched_clock+0x2a/0x40
[ 1118.542656][    C1]  ? sched_clock_cpu+0x18/0x1f0
[ 1118.547498][    C1]  ieee80211_beacon_get_tim+0x88/0x910
[ 1118.552929][    C1]  ? ieee80211_beacon_get_template+0x30/0x30
[ 1118.559054][    C1]  ? asm_sysvec_irq_work+0x12/0x20
[ 1118.564144][    C1]  mac80211_hwsim_beacon_tx+0x111/0x910
[ 1118.569834][    C1]  ? __iterate_interfaces+0x12b/0x520
[ 1118.575272][    C1]  ? __iterate_interfaces+0x139/0x520
[ 1118.580704][    C1]  __iterate_interfaces+0x1e5/0x520
[ 1118.585964][    C1]  ? mac80211_hwsim_tx_frame+0x1e0/0x1e0
[ 1118.591656][    C1]  ? mac80211_hwsim_tx_frame+0x1e0/0x1e0
[ 1118.597261][    C1]  ieee80211_iterate_active_interfaces_atomic+0x8d/0x170
[ 1118.604254][    C1]  ? mac80211_hwsim_addr_match+0x180/0x180
[ 1118.610121][    C1]  mac80211_hwsim_beacon+0xd5/0x1a0
[ 1118.615290][    C1]  ? mac80211_hwsim_addr_match+0x180/0x180
[ 1118.621068][    C1]  __hrtimer_run_queues+0x693/0xea0
[ 1118.626243][    C1]  ? hrtimer_sleeper_start_expires+0x80/0x80
[ 1118.632195][    C1]  ? ktime_get_update_offsets_now+0x249/0x320
[ 1118.638236][    C1]  hrtimer_run_softirq+0x17b/0x360
[ 1118.643320][    C1]  __do_softirq+0x2a0/0x9f6
[ 1118.647799][    C1]  asm_call_irq_on_stack+0xf/0x20
[ 1118.652880][    C1]  </IRQ>
[ 1118.655881][    C1]  do_softirq_own_stack+0xaa/0xd0
[ 1118.660881][    C1]  irq_exit_rcu+0x132/0x200
[ 1118.665355][    C1]  sysvec_apic_timer_interrupt+0x4d/0x100
[ 1118.671046][    C1]  asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1118.677100][    C1] RIP: 0010:_raw_spin_unlock_irq+0x25/0x40
[ 1118.682878][    C1] Code: 0f 1f 44 00 00 55 48 8b 74 24 08 48 89 fd 48 83 c7 18 e8 3e 29 6e f8 48 89 ef e8 c6 dd 6e f8 e8 81 c7 8d f8 fb bf 01 00 00 00 <e8> d6 49 63 f8 65 8b 05 ff f3 19 77 85 c0 74 02 5d c3 e8 9b 49 18
[ 1118.702561][    C1] RSP: 0018:ffffc9000268f6e8 EFLAGS: 00000202
[ 1118.708689][    C1] RAX: 00000000002f71b3 RBX: ffff888020b23480 RCX: 1ffffffff19d8e91
[ 1118.716633][    C1] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000001
[ 1118.724837][    C1] RBP: ffff8880b9f34940 R08: 0000000000000001 R09: 0000000000000001
[ 1118.732781][    C1] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880b9f34940
[ 1118.740725][    C1] R13: ffff88801d72b480 R14: 0000000000000000 R15: 0000000000000001
[ 1118.753562][    C1]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 1118.758907][    C1]  finish_task_switch+0x150/0x7a0
[ 1118.763903][    C1]  ? finish_task_switch+0x122/0x7a0
[ 1118.769093][    C1]  ? __switch_to+0x57c/0x1050
[ 1118.773747][    C1]  __schedule+0x89b/0x2130
[ 1118.778139][    C1]  ? io_schedule_timeout+0x140/0x140
[ 1118.783403][    C1]  preempt_schedule_irq+0x4e/0x90
[ 1118.788400][    C1]  irqentry_exit+0x7a/0xa0
[ 1118.792787][    C1]  asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1118.798739][    C1] RIP: 0010:release_pages+0xfc/0x1690
[ 1118.804082][    C1] Code: 83 c6 08 4c 01 f8 48 89 44 24 10 e8 3e 13 da ff 49 8d 7d 08 48 89 f8 48 c1 e8 03 42 80 3c 38 00 0f 85 f9 11 00 00 49 8b 45 08 <31> ff 48 89 c3 48 89 44 24 08 83 e3 01 48 89 de e8 7f 0b da ff 48
[ 1118.823658][    C1] RSP: 0018:ffffc9000268f8f0 EFLAGS: 00000246
[ 1118.829695][    C1] RAX: ffffea0000ae9a88 RBX: 00000000000000b6 RCX: ffffffff8195f4f3
[ 1118.837727][    C1] RDX: ffff888020b23480 RSI: ffffffff8195f132 RDI: ffffea0000b79c08
[ 1118.845671][    C1] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffea0000ae9ab7
[ 1118.853615][    C1] R10: 00000000000000b6 R11: 0000000000000000 R12: 0000000000000038
[ 1118.861560][    C1] R13: ffffea0000b79c00 R14: ffff888013e8d1d8 R15: dffffc0000000000
[ 1118.869528][    C1]  ? release_pages+0x4a3/0x1690
[ 1118.874351][    C1]  ? release_pages+0xe2/0x1690
[ 1118.879091][    C1]  ? free_swap_cache+0xca/0x300
[ 1118.883918][    C1]  ? put_devmap_managed_page+0x160/0x160
[ 1118.889541][    C1]  tlb_finish_mmu+0x165/0x8c0
[ 1118.894193][    C1]  exit_mmap+0x2d1/0x530
[ 1118.898409][    C1]  ? __ia32_sys_remap_file_pages+0x150/0x150
[ 1118.904563][    C1]  ? __khugepaged_exit+0x2d9/0x3f0
[ 1118.909650][    C1]  __mmput+0x122/0x470
[ 1118.913709][    C1]  mmput+0x53/0x60
[ 1118.917404][    C1]  do_exit+0xa72/0x29b0
[ 1118.921552][    C1]  ? find_held_lock+0x2d/0x110
[ 1118.926462][    C1]  ? mm_update_next_owner+0x7a0/0x7a0
[ 1118.931822][    C1]  ? get_signal+0x34f/0x1f10
[ 1118.936386][    C1]  ? lock_downgrade+0x6d0/0x6d0
[ 1118.941315][    C1]  do_group_exit+0x125/0x310
[ 1118.945968][    C1]  get_signal+0x42a/0x1f10
[ 1118.950366][    C1]  arch_do_signal+0x82/0x2390
[ 1118.955203][    C1]  ? ktime_get+0x154/0x1e0
[ 1118.959769][    C1]  ? lapic_next_event+0x4d/0x80
[ 1118.964614][    C1]  ? clockevents_program_event+0x12b/0x350
[ 1118.970394][    C1]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1118.975756][    C1]  ? __do_sys_futex+0x2a2/0x470
[ 1118.980859][    C1]  ? kvm_sched_clock_read+0x14/0x40
[ 1118.986033][    C1]  ? do_futex+0x1a60/0x1a60
[ 1118.990517][    C1]  exit_to_user_mode_prepare+0x100/0x1a0
[ 1118.996127][    C1]  syscall_exit_to_user_mode+0x38/0x260
[ 1119.001651][    C1]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 1119.007514][    C1] RIP: 0033:0x447ad9
[ 1119.011378][    C1] Code: Unable to access opcode bytes at RIP 0x447aaf.
[ 1119.018366][    C1] RSP: 002b:00007f0e9fe7adb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1119.026841][    C1] RAX: fffffffffffffe00 RBX: 00000000006dcc28 RCX: 0000000000447ad9
[ 1119.034802][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00000000006dcc28
[ 1119.042834][    C1] RBP: 00000000006dcc20 R08: 0000000000000000 R09: 0000000000000000
[ 1119.050780][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dcc2c
[ 1119.059420][    C1] R13: 00007ffd8baf43cf R14: 00007f0e9fe7b9c0 R15: 0000000000000064
executing program
executing program
executing program
executing program
executing program