Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.12' (ECDSA) to the list of known hosts. 2020/11/24 08:14:20 parsed 1 programs 2020/11/24 08:14:20 executed programs: 0 syzkaller login: [ 36.230440] IPVS: ftp: loaded support on port[0] = 21 [ 36.329507] chnl_net:caif_netlink_parms(): no params data found [ 36.416126] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.422715] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.430666] device bridge_slave_0 entered promiscuous mode [ 36.438085] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.444902] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.451829] device bridge_slave_1 entered promiscuous mode [ 36.469822] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 36.478604] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 36.497447] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 36.504908] team0: Port device team_slave_0 added [ 36.510363] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 36.518021] team0: Port device team_slave_1 added [ 36.534401] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 36.540628] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.566034] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 36.577445] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 36.583769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.609048] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 36.620070] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 36.627774] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 36.647154] device hsr_slave_0 entered promiscuous mode [ 36.652824] device hsr_slave_1 entered promiscuous mode [ 36.659453] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 36.667051] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 36.734896] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.741316] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.748274] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.754694] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.788137] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 36.794646] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.802722] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 36.812184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 36.821722] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.829033] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.837246] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 36.850261] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 36.856495] 8021q: adding VLAN 0 to HW filter on device team0 [ 36.865896] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 36.874022] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.880358] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.902625] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 36.912474] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 36.924748] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 36.931675] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 36.940020] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.946475] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.954724] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 36.962357] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 36.970236] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 36.978019] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 36.986272] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 36.993307] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 37.008366] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 37.016061] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 37.022700] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 37.035962] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 37.048602] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 37.058107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 37.099283] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 37.106392] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 37.112860] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 37.125287] device veth0_vlan entered promiscuous mode [ 37.134283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 37.141733] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 37.148798] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 37.156677] device veth1_vlan entered promiscuous mode [ 37.162636] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 37.170060] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 37.180832] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 37.191929] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 37.201753] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 37.209875] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 37.219748] device veth0_macvtap entered promiscuous mode [ 37.226322] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 37.234731] device veth1_macvtap entered promiscuous mode [ 37.243196] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 37.252174] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 37.262326] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 37.269723] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 37.278152] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 37.289688] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 37.298398] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 37.409414] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 37.416516] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.433988] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.446488] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 37.452670] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 37.462196] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.470272] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.477565] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 37.515251] BUG: sleeping function called from invalid context at net/mac80211/sta_info.c:1850 [ 37.524293] in_atomic(): 0, irqs_disabled(): 0, pid: 7, name: kworker/u4:0 [ 37.532002] 4 locks held by kworker/u4:0/7: [ 37.537733] #0: 00000000a7a57e06 ((wq_completion)"%s"wiphy_name(local->hw.wiphy)){+.+.}, at: process_one_work+0x767/0x1570 [ 37.550084] #1: 00000000824303ab ((work_completion)(&sdata->work)){+.+.}, at: process_one_work+0x79c/0x1570 [ 37.560920] #2: 000000003a8e250f (&wdev->mtx){+.+.}, at: ieee80211_ibss_work+0x85/0xe10 [ 37.570794] #3: 0000000096c89948 (rcu_read_lock){....}, at: sta_info_insert_rcu+0x48e/0x2310 [ 37.581271] Preemption disabled at: [ 37.581294] [] rcu_lockdep_current_cpu_online+0x32/0x1b0 [ 37.592451] CPU: 1 PID: 7 Comm: kworker/u4:0 Not tainted 4.19.159-syzkaller #0 [ 37.599829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 37.609206] Workqueue: phy2 ieee80211_iface_work [ 37.613965] Call Trace: [ 37.616561] dump_stack+0x1fc/0x2fe [ 37.620204] ? rcu_lockdep_current_cpu_online+0x32/0x1b0 [ 37.625662] ___might_sleep.cold+0x235/0x250 [ 37.630083] sta_info_move_state+0x32/0x900 [ 37.634418] sta_info_free+0x55/0x390 [ 37.638233] sta_info_insert_rcu+0x517/0x2310 [ 37.642738] ? __local_bh_enable_ip+0x159/0x270 [ 37.647410] ? check_preemption_disabled+0x41/0x280 [ 37.652530] ? minstrel_ht_rate_update+0x40/0x40 [ 37.657302] ? rate_control_rate_init+0x2fa/0x4f0 [ 37.662165] ieee80211_ibss_finish_sta+0x25b/0x360 [ 37.667104] ? ieee80211_sta_join_ibss+0xe50/0xe50 [ 37.672039] ? mark_held_locks+0xa6/0xf0 [ 37.676130] ? __local_bh_enable_ip+0x159/0x270 [ 37.680920] ieee80211_ibss_work+0x2b6/0xe10 [ 37.685343] ? ieee80211_ibss_rx_queued_mgmt+0x18b0/0x18b0 [ 37.691001] ? mark_held_locks+0xa6/0xf0 [ 37.695074] ? _raw_spin_unlock_irqrestore+0x79/0xe0 [ 37.700277] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 37.704869] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 37.709985] ieee80211_iface_work+0x7ba/0x8a0 [ 37.714496] process_one_work+0x864/0x1570 [ 37.718746] ? pwq_dec_nr_in_flight+0x2d0/0x2d0 [ 37.723464] worker_thread+0x64c/0x1130 [ 37.727456] ? process_one_work+0x1570/0x1570 [ 37.731959] kthread+0x33f/0x460 [ 37.735331] ? kthread_park+0x180/0x180 [ 37.739319] ret_from_fork+0x24/0x30 [ 38.253755] Bluetooth: hci0: command 0x0409 tx timeout 2020/11/24 08:14:25 executed programs: 216 [ 40.332691] Bluetooth: hci0: command 0x041b tx timeout [ 42.411874] Bluetooth: hci0: command 0x040f tx timeout [ 44.491512] Bluetooth: hci0: command 0x0419 tx timeout 2020/11/24 08:14:30 executed programs: 734