[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.254' (ECDSA) to the list of known hosts. syzkaller login: [ 512.747396][ T6842] IPVS: ftp: loaded support on port[0] = 21 [ 512.836906][ T6842] chnl_net:caif_netlink_parms(): no params data found [ 512.886926][ T6842] bridge0: port 1(bridge_slave_0) entered blocking state [ 512.894464][ T6842] bridge0: port 1(bridge_slave_0) entered disabled state [ 512.903743][ T6842] device bridge_slave_0 entered promiscuous mode [ 512.912830][ T6842] bridge0: port 2(bridge_slave_1) entered blocking state [ 512.920255][ T6842] bridge0: port 2(bridge_slave_1) entered disabled state [ 512.928171][ T6842] device bridge_slave_1 entered promiscuous mode [ 512.948230][ T6842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 512.960351][ T6842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 512.982893][ T6842] team0: Port device team_slave_0 added [ 512.990573][ T6842] team0: Port device team_slave_1 added [ 513.008999][ T6842] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 513.015965][ T6842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 513.042158][ T6842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 513.054909][ T6842] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 513.061996][ T6842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 513.088139][ T6842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 513.169832][ T6842] device hsr_slave_0 entered promiscuous mode [ 513.217233][ T6842] device hsr_slave_1 entered promiscuous mode [ 513.353628][ T6842] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 513.419919][ T6842] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 513.469223][ T6842] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 513.508627][ T6842] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 513.574457][ T6842] bridge0: port 2(bridge_slave_1) entered blocking state [ 513.581683][ T6842] bridge0: port 2(bridge_slave_1) entered forwarding state [ 513.589768][ T6842] bridge0: port 1(bridge_slave_0) entered blocking state [ 513.596937][ T6842] bridge0: port 1(bridge_slave_0) entered forwarding state [ 513.639019][ T6842] 8021q: adding VLAN 0 to HW filter on device bond0 [ 513.653898][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 513.665165][ T5] bridge0: port 1(bridge_slave_0) entered disabled state [ 513.673959][ T5] bridge0: port 2(bridge_slave_1) entered disabled state [ 513.682351][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 513.694963][ T6842] 8021q: adding VLAN 0 to HW filter on device team0 [ 513.707556][ T6834] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 513.715928][ T6834] bridge0: port 1(bridge_slave_0) entered blocking state [ 513.723056][ T6834] bridge0: port 1(bridge_slave_0) entered forwarding state [ 513.747074][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 513.755422][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 513.762539][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 513.771113][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 513.780188][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 513.795522][ T6842] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 513.807738][ T6842] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 513.820836][ T6970] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 513.829709][ T6970] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 513.838809][ T6970] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 513.850462][ T6970] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 513.869832][ T6970] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 513.879209][ T6970] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 513.896702][ T6842] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 513.916707][ T6970] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 513.925380][ T6970] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 513.942479][ T6834] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 513.951216][ T6834] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 513.961222][ T6834] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 513.969388][ T6834] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 513.979628][ T6842] device veth0_vlan entered promiscuous mode [ 513.992224][ T6842] device veth1_vlan entered promiscuous mode [ 514.013500][ T6970] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 514.022514][ T6970] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 514.031425][ T6970] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 514.040949][ T6970] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 514.051526][ T6842] device veth0_macvtap entered promiscuous mode [ 514.062478][ T6842] device veth1_macvtap entered promiscuous mode [ 514.079688][ T6842] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 514.089053][ T6970] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 514.097369][ T6970] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 514.105341][ T6970] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 514.114463][ T6970] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 514.128777][ T6842] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 514.136576][ T7050] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 514.145215][ T7050] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 514.158244][ T6842] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 514.167186][ T6842] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 514.175862][ T6842] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 514.188247][ T6842] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 executing program [ 519.226856][ T7066] apt-get (7066) used greatest stack depth: 23688 bytes left [ 619.400654][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 619.407773][ C1] rcu: 0-...0: (1 GPs behind) idle=a6e/1/0x4000000000000000 softirq=8506/8507 fqs=5249 [ 619.417746][ C1] (detected by 1, t=10502 jiffies, g=9261, q=3451) [ 619.424327][ C1] Sending NMI from CPU 1 to CPUs 0: [ 619.430628][ C1] NMI backtrace for cpu 0 [ 619.430637][ C1] CPU: 0 PID: 6842 Comm: syz-executor787 Not tainted 5.8.0-rc7-next-20200731-syzkaller #0 [ 619.430645][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 619.430650][ C1] RIP: 0010:trace_hardirqs_off+0x27/0x210 [ 619.430664][ C1] Code: 00 00 00 41 56 41 55 41 54 55 53 e8 63 3c fa ff 48 8b 7c 24 28 e8 d9 58 77 06 65 8b 1d 02 04 89 7e 31 ff 89 de e8 c9 38 fa ff <85> db 75 2a e8 40 3c fa ff 65 c7 05 e5 03 89 7e 01 00 00 00 65 8b [ 619.430669][ C1] RSP: 0018:ffffc90000007da0 EFLAGS: 00000046 [ 619.430679][ C1] RAX: 0000000080010002 RBX: 0000000000000001 RCX: ffffffff817a03c7 [ 619.430686][ C1] RDX: 0000000000000001 RSI: ffff88809478a440 RDI: 0000000000000005 [ 619.430693][ C1] RBP: ffff8880ae627700 R08: 0000000000000000 R09: ffff8880ae627703 [ 619.430700][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880ae627700 [ 619.430706][ C1] R13: ffff8880ae627800 R14: ffff8880a85d9b40 R15: dffffc0000000000 [ 619.430714][ C1] FS: 0000000001012880(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000 [ 619.430719][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 619.430726][ C1] CR2: 0000000020000610 CR3: 000000009e5c5000 CR4: 00000000001506f0 [ 619.430733][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 619.430739][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 619.430743][ C1] Call Trace: [ 619.430746][ C1] [ 619.430751][ C1] _raw_spin_unlock_irqrestore+0x5b/0xe0 [ 619.430756][ C1] __hrtimer_run_queues+0x5d1/0xfc0 [ 619.430761][ C1] ? taprio_dequeue_soft+0xa40/0xa40 [ 619.430767][ C1] ? hrtimer_sleeper_start_expires+0x80/0x80 [ 619.430772][ C1] ? ktime_get_update_offsets_now+0x1c4/0x250 [ 619.430777][ C1] hrtimer_interrupt+0x32a/0x930 [ 619.430782][ C1] __sysvec_apic_timer_interrupt+0x142/0x5e0 [ 619.430786][ C1] asm_call_on_stack+0xf/0x20 [ 619.430790][ C1] [ 619.430795][ C1] sysvec_apic_timer_interrupt+0xb2/0xf0 [ 619.430800][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 619.430805][ C1] RIP: 0010:on_each_cpu+0x149/0x240 [ 619.430819][ C1] Code: 00 fc ff df 48 c1 e8 03 80 3c 10 00 0f 85 e6 00 00 00 48 83 3d ef a1 4b 08 00 0f 84 af 00 00 00 e8 2c ee 0a 00 48 89 df 57 9d <0f> 1f 44 00 00 e8 1d ee 0a 00 bf 01 00 00 00 e8 53 40 e6 ff 31 ff [ 619.430823][ C1] RSP: 0018:ffffc900057a7d78 EFLAGS: 00000293 [ 619.430833][ C1] RAX: 0000000000000000 RBX: 0000000000000293 RCX: 1ffffffff1572ba1 [ 619.430840][ C1] RDX: ffff88809478a440 RSI: ffffffff816951e4 RDI: 0000000000000293 [ 619.430846][ C1] RBP: 0000000000000200 R08: 0000000000000001 R09: 0000000000000001 [ 619.430853][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 619.430860][ C1] R13: 0000000000000000 R14: ffffc900057a7ed8 R15: ffffffffa0d7d240 [ 619.430865][ C1] ? on_each_cpu+0x144/0x240 [ 619.430869][ C1] clock_was_set+0x18/0x20 [ 619.430874][ C1] do_settimeofday64+0x350/0x4e0 [ 619.430879][ C1] ? change_clocksource+0x200/0x200 [ 619.430883][ C1] ? capable+0xdd/0x100 [ 619.430888][ C1] do_sys_settimeofday64+0x1de/0x260 [ 619.430893][ C1] __x64_sys_clock_settime+0x197/0x260 [ 619.430898][ C1] ? exit_itimers+0x2d0/0x2d0 [ 619.430902][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 619.430907][ C1] ? lockdep_hardirqs_on+0x76/0xf0 [ 619.430912][ C1] do_syscall_64+0x2d/0x70 [ 619.430917][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 619.430921][ C1] RIP: 0033:0x443849 [ 619.430935][ C1] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 0f fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 619.430940][ C1] RSP: 002b:00007ffce6321fe8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e3 [ 619.430951][ C1] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000443849 [ 619.430958][ C1] RDX: 0000000000443849 RSI: 0000000020000380 RDI: 0000000000000000 [ 619.430965][ C1] RBP: 00007ffce6321ff0 R08: 0000000001bbbbbb R09: 0000000001bbbbbb [ 619.430971][ C1] R10: 0000000001bbbbbb R11: 0000000000000246 R12: 00007ffce6322000 [ 619.430978][ C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000