[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.2' (ECDSA) to the list of known hosts. syzkaller login: [ 745.923456][ T8518] IPVS: ftp: loaded support on port[0] = 21 [ 745.929333][ T8515] IPVS: ftp: loaded support on port[0] = 21 [ 745.942218][ T8520] IPVS: ftp: loaded support on port[0] = 21 [ 745.948326][ T8519] IPVS: ftp: loaded support on port[0] = 21 [ 745.950879][ T8521] IPVS: ftp: loaded support on port[0] = 21 [ 745.957640][ T8517] IPVS: ftp: loaded support on port[0] = 21 [ 746.192754][ T555] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 746.216990][ T555] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 746.246838][ T8637] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 746.261539][ T21] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 746.267261][ T8689] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 746.287532][ T8689] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 746.304578][ T21] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 746.314656][ T8637] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 746.340972][ T8669] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 746.367377][ T8689] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 746.375624][ T21] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 746.378986][ T8689] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 746.384086][ T21] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 746.418312][ T8574] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 746.446815][ T8574] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 746.454556][ T8669] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 746.469826][ T8669] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 746.480724][ T8669] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 746.502829][ T8691] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 746.511016][ T21] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 746.525850][ T8691] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 746.529799][ T21] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 746.541471][ T8502] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 746.587603][ T8691] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 746.598534][ T3073] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 746.619635][ T8691] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 746.630063][ T8574] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 746.642013][ T21] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 746.659719][ T8574] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 746.664499][ T555] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 746.669118][ T21] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 746.680735][ T555] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program executing program [ 746.701849][ T3073] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 746.711048][ T3073] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 746.721804][ T3073] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 746.730320][ T3073] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 746.738459][ C0] hrtimer: interrupt took 52470 ns executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 969.005626][ C1] rcu: INFO: rcu_preempt self-detected stall on CPU [ 969.012537][ C1] rcu: 1-...!: (10099 ticks this GP) idle=91a/1/0x4000000000000000 softirq=11741/11743 fqs=80 [ 969.023244][ C1] (t=10500 jiffies g=8521 q=165) [ 969.028263][ C1] rcu: rcu_preempt kthread starved for 5651 jiffies! g8521 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 969.039265][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 969.049225][ C1] rcu: RCU grace-period kthread stack dump: [ 969.055104][ C1] task:rcu_preempt state:R running task stack:28880 pid: 11 ppid: 2 flags:0x00004000 [ 969.065962][ C1] Call Trace: [ 969.069375][ C1] __schedule+0x893/0x2130 [ 969.073795][ C1] ? io_schedule_timeout+0x140/0x140 [ 969.079092][ C1] ? debug_object_destroy+0x210/0x210 [ 969.084455][ C1] ? lock_downgrade+0x6d0/0x6d0 [ 969.089297][ C1] schedule+0xcf/0x270 [ 969.093364][ C1] schedule_timeout+0x148/0x250 [ 969.098288][ C1] ? usleep_range+0x170/0x170 [ 969.102952][ C1] ? lockdep_hardirqs_on+0x79/0x100 [ 969.108137][ C1] ? __next_timer_interrupt+0x210/0x210 [ 969.113678][ C1] ? prepare_to_swait_exclusive+0x2d0/0x2d0 [ 969.119560][ C1] rcu_gp_kthread+0xb4c/0x1c90 [ 969.124314][ C1] ? lock_downgrade+0x6d0/0x6d0 [ 969.129157][ C1] ? rcu_core_si+0x10/0x10 [ 969.133561][ C1] ? _raw_spin_unlock_irqrestore+0x42/0x50 [ 969.139353][ C1] ? lockdep_hardirqs_on+0x79/0x100 [ 969.144540][ C1] ? __kthread_parkme+0x13f/0x1e0 [ 969.149549][ C1] ? rcu_core_si+0x10/0x10 [ 969.153954][ C1] kthread+0x3b1/0x4a0 [ 969.158011][ C1] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 969.163891][ C1] ret_from_fork+0x1f/0x30 [ 969.168307][ C1] NMI backtrace for cpu 1 [ 969.172632][ C1] CPU: 1 PID: 8790 Comm: syz-executor840 Not tainted 5.10.0-rc7-syzkaller #0 [ 969.181454][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 969.191507][ C1] Call Trace: [ 969.194774][ C1] [ 969.197617][ C1] dump_stack+0x107/0x163 [ 969.202139][ C1] nmi_cpu_backtrace.cold+0x44/0xd7 [ 969.207335][ C1] ? lapic_can_unplug_cpu+0x80/0x80 [ 969.212520][ C1] nmi_trigger_cpumask_backtrace+0x1b3/0x230 [ 969.218491][ C1] rcu_dump_cpu_stacks+0x1e3/0x21e [ 969.223592][ C1] rcu_sched_clock_irq.cold+0x472/0xee8 [ 969.229131][ C1] ? rcutree_dead_cpu+0x40/0x40 [ 969.233966][ C1] ? lock_downgrade+0x6d0/0x6d0 [ 969.238814][ C1] ? __raise_softirq_irqoff+0x93/0x1d0 [ 969.244262][ C1] update_process_times+0x77/0xd0 [ 969.249275][ C1] tick_sched_handle+0x9b/0x180 [ 969.254110][ C1] tick_sched_timer+0x1d1/0x2a0 [ 969.258945][ C1] ? can_stop_idle_tick+0x290/0x290 [ 969.264129][ C1] __hrtimer_run_queues+0x1ce/0xea0 [ 969.269323][ C1] ? hrtimer_sleeper_start_expires+0x80/0x80 [ 969.275290][ C1] ? ktime_get_update_offsets_now+0x249/0x320 [ 969.281346][ C1] hrtimer_interrupt+0x334/0x940 [ 969.286283][ C1] __sysvec_apic_timer_interrupt+0x146/0x540 [ 969.292251][ C1] sysvec_apic_timer_interrupt+0x48/0x100 [ 969.297959][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 969.303927][ C1] RIP: 0010:unwind_next_frame+0xcd6/0x1f90 [ 969.309716][ C1] Code: c1 ea 03 80 3c 02 00 0f 85 ca 11 00 00 4c 89 ea 49 c7 47 58 00 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 0f b6 04 02 <4c> 89 ea 83 e2 07 38 d0 7f 08 84 c0 0f 85 70 11 00 00 4c 89 ca 41 [ 969.329308][ C1] RSP: 0018:ffffc90000d90668 EFLAGS: 00000217 [ 969.335370][ C1] RAX: 0000000000000000 RBX: 1ffff920001b20d5 RCX: ffffffff8d669f57 [ 969.343333][ C1] RDX: 1ffff920001b20ee RSI: ffffc900022bf718 RDI: ffffc90000d90798 [ 969.351288][ C1] RBP: 0000000000000001 R08: ffffffff8d669f52 R09: ffffffff8d669f56 [ 969.359245][ C1] R10: 0000000000082081 R11: 0000000000000001 R12: ffffc900022bf720 [ 969.367219][ C1] R13: ffffc90000d90775 R14: ffffc90000d90790 R15: ffffc90000d90740 [ 969.375462][ C1] ? unwind_next_frame+0xc3b/0x1f90 [ 969.380654][ C1] ? stack_trace_save+0x8c/0xc0 [ 969.385494][ C1] ? deref_stack_reg+0x150/0x150 [ 969.390423][ C1] ? sysvec_apic_timer_interrupt+0x4d/0x100 [ 969.396301][ C1] ? stack_trace_consume_entry+0x13/0x160 [ 969.402004][ C1] ? create_prof_cpu_mask+0x20/0x20 [ 969.407187][ C1] arch_stack_walk+0x7d/0xe0 [ 969.411766][ C1] ? kmem_cache_free+0x82/0x350 [ 969.416607][ C1] ? kasan_save_stack+0x1b/0x40 [ 969.421446][ C1] stack_trace_save+0x8c/0xc0 [ 969.426109][ C1] ? stack_trace_consume_entry+0x160/0x160 [ 969.431900][ C1] ? find_held_lock+0x2d/0x110 [ 969.436648][ C1] ? mark_lock+0xf7/0x1730 [ 969.441047][ C1] kasan_save_stack+0x1b/0x40 [ 969.445708][ C1] ? kasan_save_stack+0x1b/0x40 [ 969.450540][ C1] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 969.456505][ C1] ? __kmalloc_node_track_caller+0x1e0/0x3e0 [ 969.462469][ C1] ? __alloc_skb+0xae/0x550 [ 969.466956][ C1] ? skb_copy+0x137/0x2f0 [ 969.471269][ C1] ? mac80211_hwsim_tx_frame_no_nl.isra.0+0xb17/0x1330 [ 969.478110][ C1] ? mac80211_hwsim_tx_frame+0x14f/0x1e0 [ 969.483723][ C1] ? mac80211_hwsim_beacon_tx+0x4ba/0x910 [ 969.489425][ C1] ? __iterate_interfaces+0x1e5/0x520 [ 969.494786][ C1] ? ieee80211_iterate_active_interfaces_atomic+0x8d/0x170 [ 969.501966][ C1] ? mac80211_hwsim_beacon+0xd5/0x1a0 [ 969.507322][ C1] ? __hrtimer_run_queues+0x693/0xea0 [ 969.512676][ C1] ? hrtimer_run_softirq+0x17b/0x360 [ 969.517945][ C1] ? __do_softirq+0x2a0/0x9f6 [ 969.522604][ C1] ? asm_call_irq_on_stack+0xf/0x20 [ 969.527812][ C1] ? do_softirq_own_stack+0xaa/0xd0 [ 969.532996][ C1] ? irq_exit_rcu+0x132/0x200 [ 969.537656][ C1] ? sysvec_apic_timer_interrupt+0x4d/0x100 [ 969.543530][ C1] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 969.549687][ C1] ? unwind_next_frame+0x91f/0x1f90 [ 969.554888][ C1] ? arch_stack_walk+0x7d/0xe0 [ 969.559640][ C1] ? stack_trace_save+0x8c/0xc0 [ 969.564478][ C1] ? kvm_sched_clock_read+0x14/0x40 [ 969.569663][ C1] ? sched_clock+0x2a/0x40 [ 969.574066][ C1] ? sched_clock_cpu+0x18/0x1f0 [ 969.578925][ C1] ? mark_held_locks+0x9f/0xe0 [ 969.583963][ C1] ? irqtime_account_irq+0x17e/0x2d0 [ 969.589325][ C1] ? asm_sysvec_irq_work+0x12/0x20 [ 969.594424][ C1] ? lockdep_hardirqs_on+0x79/0x100 [ 969.599610][ C1] ? asm_sysvec_irq_work+0x12/0x20 [ 969.604710][ C1] ? kasan_unpoison_shadow+0x33/0x40 [ 969.609983][ C1] __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 969.615606][ C1] __kmalloc_node_track_caller+0x1e0/0x3e0 [ 969.621400][ C1] ? skb_copy+0x137/0x2f0 [ 969.625719][ C1] __alloc_skb+0xae/0x550 [ 969.630042][ C1] skb_copy+0x137/0x2f0 [ 969.634203][ C1] mac80211_hwsim_tx_frame_no_nl.isra.0+0xb17/0x1330 [ 969.640872][ C1] ? mac80211_hwsim_add_chanctx+0x220/0x220 [ 969.646750][ C1] ? lock_downgrade+0x6d0/0x6d0 [ 969.651585][ C1] ? static_obj+0x10/0xc0 [ 969.655906][ C1] ? mac80211_hwsim_monitor_rx+0x1c2/0x840 [ 969.661699][ C1] mac80211_hwsim_tx_frame+0x14f/0x1e0 [ 969.667147][ C1] mac80211_hwsim_beacon_tx+0x4ba/0x910 [ 969.672687][ C1] __iterate_interfaces+0x1e5/0x520 [ 969.677870][ C1] ? mac80211_hwsim_tx_frame+0x1e0/0x1e0 [ 969.683491][ C1] ? mac80211_hwsim_tx_frame+0x1e0/0x1e0 [ 969.689137][ C1] ieee80211_iterate_active_interfaces_atomic+0x8d/0x170 [ 969.696150][ C1] ? mac80211_hwsim_addr_match+0x180/0x180 [ 969.701943][ C1] mac80211_hwsim_beacon+0xd5/0x1a0 [ 969.707126][ C1] ? mac80211_hwsim_addr_match+0x180/0x180 [ 969.712923][ C1] __hrtimer_run_queues+0x693/0xea0 [ 969.718124][ C1] ? hrtimer_sleeper_start_expires+0x80/0x80 [ 969.724092][ C1] ? ktime_get_update_offsets_now+0x249/0x320 [ 969.730149][ C1] hrtimer_run_softirq+0x17b/0x360 [ 969.735248][ C1] __do_softirq+0x2a0/0x9f6 [ 969.739748][ C1] asm_call_irq_on_stack+0xf/0x20 [ 969.744754][ C1] [ 969.747788][ C1] do_softirq_own_stack+0xaa/0xd0 [ 969.752797][ C1] irq_exit_rcu+0x132/0x200 [ 969.757294][ C1] sysvec_apic_timer_interrupt+0x4d/0x100 [ 969.762999][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 969.768967][ C1] RIP: 0010:unwind_next_frame+0x91f/0x1f90 [ 969.774918][ C1] Code: 38 48 ba 00 00 00 00 00 fc ff df 48 89 fe 48 c1 ee 03 80 3c 16 00 0f 85 5c 0f 00 00 48 8b 40 38 48 89 44 24 60 e9 a9 fd ff ff <48> b8 00 00 00 00 00 fc ff df 48 8b 14 24 48 c1 ea 03 80 3c 02 00 [ 969.794741][ C1] RSP: 0018:ffffc900022bf520 EFLAGS: 00000297 [ 969.800801][ C1] RAX: 0000000000000005 RBX: 1ffff92000457eac RCX: ffffffff8d6cb031 [ 969.808766][ C1] RDX: 0000000000000005 RSI: 0000000000000001 RDI: 0000000000000001 [ 969.816723][ C1] RBP: 0000000000000001 R08: ffffffff8d6cb02c R09: ffffffff8d6cb030 [ 969.824679][ C1] R10: 0000000000082081 R11: 0000000000026a64 R12: ffffc900022bf640 [ 969.832635][ C1] R13: ffffc900022bf62d R14: ffffc900022bf648 R15: ffffc900022bf5f8 [ 969.840613][ C1] ? remove_vma+0x132/0x170 [ 969.845126][ C1] ? deref_stack_reg+0x150/0x150 [ 969.850056][ C1] ? create_prof_cpu_mask+0x20/0x20 [ 969.855243][ C1] arch_stack_walk+0x7d/0xe0 [ 969.859828][ C1] ? remove_vma+0x132/0x170 [ 969.864320][ C1] ? kmem_cache_free+0x82/0x350 [ 969.869155][ C1] stack_trace_save+0x8c/0xc0 [ 969.873825][ C1] ? stack_trace_consume_entry+0x160/0x160 [ 969.879627][ C1] kasan_save_stack+0x1b/0x40 [ 969.884289][ C1] ? kasan_save_stack+0x1b/0x40 [ 969.889123][ C1] ? kasan_set_track+0x1c/0x30 [ 969.893873][ C1] ? kasan_set_free_info+0x1b/0x30 [ 969.898970][ C1] ? __kasan_slab_free+0x102/0x140 [ 969.904064][ C1] ? slab_free_freelist_hook+0x5d/0x150 [ 969.909624][ C1] ? kmem_cache_free+0x82/0x350 [ 969.914465][ C1] ? remove_vma+0x132/0x170 [ 969.918967][ C1] ? kvm_sched_clock_read+0x14/0x40 [ 969.924152][ C1] ? sched_clock+0x2a/0x40 [ 969.928561][ C1] ? sched_clock_cpu+0x18/0x1f0 [ 969.933410][ C1] ? sched_clock_cpu+0x18/0x1f0 [ 969.938259][ C1] ? asm_sysvec_irq_work+0x12/0x20 [ 969.943368][ C1] ? lockdep_hardirqs_on+0x79/0x100 [ 969.948560][ C1] ? asm_sysvec_irq_work+0x12/0x20 [ 969.953674][ C1] ? kmem_cache_free+0x82/0x350 [ 969.958515][ C1] ? get_free_info+0x7/0x10 [ 969.963009][ C1] kasan_set_track+0x1c/0x30 [ 969.967599][ C1] kasan_set_free_info+0x1b/0x30 [ 969.972527][ C1] __kasan_slab_free+0x102/0x140 [ 969.977454][ C1] slab_free_freelist_hook+0x5d/0x150 [ 969.982817][ C1] ? remove_vma+0x132/0x170 [ 969.987307][ C1] kmem_cache_free+0x82/0x350 [ 969.991977][ C1] remove_vma+0x132/0x170 [ 969.996298][ C1] exit_mmap+0x351/0x530 [ 970.000526][ C1] ? __ia32_sys_remap_file_pages+0x150/0x150 [ 970.006505][ C1] ? __khugepaged_exit+0x2d9/0x3f0 [ 970.011612][ C1] __mmput+0x122/0x470 [ 970.015670][ C1] mmput+0x53/0x60 [ 970.019383][ C1] do_exit+0xa72/0x29b0 [ 970.023534][ C1] ? find_held_lock+0x2d/0x110 [ 970.028287][ C1] ? mm_update_next_owner+0x7a0/0x7a0 [ 970.033656][ C1] ? get_signal+0x34f/0x1f10 [ 970.038238][ C1] ? lock_downgrade+0x6d0/0x6d0 [ 970.043088][ C1] do_group_exit+0x125/0x310 [ 970.047673][ C1] get_signal+0x42a/0x1f10 [ 970.052090][ C1] arch_do_signal+0x82/0x2390 [ 970.056752][ C1] ? asm_sysvec_irq_work+0x12/0x20 [ 970.061857][ C1] ? copy_siginfo_to_user32+0xa0/0xa0 [ 970.067220][ C1] ? __do_sys_futex+0x8f/0x470 [ 970.071982][ C1] ? __do_sys_futex+0x2a2/0x470 [ 970.076841][ C1] ? do_futex+0x1a60/0x1a60 [ 970.081347][ C1] exit_to_user_mode_prepare+0x100/0x1a0 [ 970.086977][ C1] syscall_exit_to_user_mode+0x38/0x260 [ 970.092637][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 970.098528][ C1] RIP: 0033:0x448f39 [ 970.102432][ C1] Code: Unable to access opcode bytes at RIP 0x448f0f. [ 970.109266][ C1] RSP: 002b:00007f29de3aedb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 970.117671][ C1] RAX: fffffffffffffe00 RBX: 00000000006e4a08 RCX: 0000000000448f39 [ 970.125628][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00000000006e4a08 [ 970.133587][ C1] RBP: 00000000006e4a00 R08: 0000000000000000 R09: 0000000000000000 [ 970.141542][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006e4a0c [ 970.149502][ C1] R13: 00007ffe1555481f R14: 00007f29de3af9c0 R15: 20c49ba5e353f7cf