[ OK ] Started OpenBSD Secure Shell server. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.100' (ECDSA) to the list of known hosts. syzkaller login: [ 317.619536][ T6782] IPVS: ftp: loaded support on port[0] = 21 [ 317.709859][ T6782] chnl_net:caif_netlink_parms(): no params data found [ 317.771199][ T6782] bridge0: port 1(bridge_slave_0) entered blocking state [ 317.779544][ T6782] bridge0: port 1(bridge_slave_0) entered disabled state [ 317.790140][ T6782] device bridge_slave_0 entered promiscuous mode [ 317.801639][ T6782] bridge0: port 2(bridge_slave_1) entered blocking state [ 317.809135][ T6782] bridge0: port 2(bridge_slave_1) entered disabled state [ 317.817106][ T6782] device bridge_slave_1 entered promiscuous mode [ 317.843401][ T6782] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 317.855120][ T6782] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 317.880160][ T6782] team0: Port device team_slave_0 added [ 317.890699][ T6782] team0: Port device team_slave_1 added [ 317.910335][ T6782] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 317.917613][ T6782] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 317.945369][ T6782] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 317.959775][ T6782] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 317.966832][ T6782] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 317.993558][ T6782] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 318.062713][ T6782] device hsr_slave_0 entered promiscuous mode [ 318.118689][ T6782] device hsr_slave_1 entered promiscuous mode [ 318.262166][ T6782] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 318.331393][ T6782] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 318.390486][ T6782] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 318.430724][ T6782] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 318.485209][ T6782] bridge0: port 2(bridge_slave_1) entered blocking state [ 318.492706][ T6782] bridge0: port 2(bridge_slave_1) entered forwarding state [ 318.500929][ T6782] bridge0: port 1(bridge_slave_0) entered blocking state [ 318.508234][ T6782] bridge0: port 1(bridge_slave_0) entered forwarding state [ 318.554408][ T6782] 8021q: adding VLAN 0 to HW filter on device bond0 [ 318.566789][ T3820] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 318.579780][ T3820] bridge0: port 1(bridge_slave_0) entered disabled state [ 318.590230][ T3820] bridge0: port 2(bridge_slave_1) entered disabled state [ 318.599675][ T3820] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 318.613965][ T6782] 8021q: adding VLAN 0 to HW filter on device team0 [ 318.626739][ T2486] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 318.636652][ T2486] bridge0: port 1(bridge_slave_0) entered blocking state [ 318.643890][ T2486] bridge0: port 1(bridge_slave_0) entered forwarding state [ 318.659956][ T6990] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 318.670258][ T6990] bridge0: port 2(bridge_slave_1) entered blocking state [ 318.677369][ T6990] bridge0: port 2(bridge_slave_1) entered forwarding state [ 318.699506][ T2486] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 318.709734][ T2486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 318.720019][ T2486] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 318.729684][ T2486] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 318.738883][ T2486] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 318.747659][ T2486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 318.756567][ T2486] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 318.765682][ T2486] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 318.774619][ T2486] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 318.784215][ T2486] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 318.796848][ T6782] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 318.819300][ T6989] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 318.826927][ T6989] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 318.842849][ T6782] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 318.865813][ T6989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 318.877598][ T6989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 318.898385][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 318.909814][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 318.921551][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 318.931302][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 318.943507][ T6782] device veth0_vlan entered promiscuous mode [ 318.955495][ T6782] device veth1_vlan entered promiscuous mode [ 318.977415][ T6989] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 318.986834][ T6989] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 318.997147][ T6989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 319.007685][ T6989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 319.019016][ T6782] device veth0_macvtap entered promiscuous mode [ 319.030015][ T6782] device veth1_macvtap entered promiscuous mode [ 319.047272][ T6782] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 319.055413][ T6989] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 319.065303][ T6989] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 319.073882][ T6989] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 319.082755][ T6989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 319.094998][ T6782] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 319.102570][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 319.112425][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program [ 455.231705][ C1] watchdog: BUG: soft lockup - CPU#1 stuck for 122s! [syz-executor026:6782] [ 455.240636][ C1] Modules linked in: [ 455.244519][ C1] irq event stamp: 171892 [ 455.248952][ C1] hardirqs last enabled at (171891): [] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 455.259813][ C1] hardirqs last disabled at (171892): [] idtentry_enter_cond_rcu+0x2e/0x50 [ 455.269956][ C1] softirqs last enabled at (144702): [] asm_call_on_stack+0xf/0x20 [ 455.279489][ C1] softirqs last disabled at (144695): [] asm_call_on_stack+0xf/0x20 [ 455.289634][ C1] CPU: 1 PID: 6782 Comm: syz-executor026 Not tainted 5.8.0-rc6-syzkaller #0 [ 455.298300][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 455.308450][ C1] RIP: 0010:smp_call_function_single+0x307/0x450 [ 455.314793][ C1] Code: e6 01 31 ff e8 6a 05 0b 00 41 83 e5 01 75 14 e8 4f 01 0b 00 eb 45 0f 1f 00 66 2e 0f 1f 84 00 00 00 00 00 f3 90 42 0f b6 04 23 <84> c0 75 0d 41 f6 07 01 74 22 e8 2a 01 0b 00 eb e8 44 89 f9 80 e1 [ 455.334416][ C1] RSP: 0018:ffffc90001277aa0 EFLAGS: 00000293 [ 455.340484][ C1] RAX: 0000000000000000 RBX: 1ffff9200024ef59 RCX: ffff888092eba440 [ 455.348450][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 455.356415][ C1] RBP: ffffc90001277b28 R08: ffffffff816990a6 R09: ffffed1015d06d11 [ 455.364382][ C1] R10: ffffed1015d06d11 R11: 0000000000000000 R12: dffffc0000000000 [ 455.372364][ C1] R13: 0000000000000001 R14: 0000000000000000 R15: ffffc90001277ac8 [ 455.380337][ C1] FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 455.389262][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 455.395841][ C1] CR2: 00000000004c8aa8 CR3: 0000000009479000 CR4: 00000000001406e0 [ 455.403817][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 455.411792][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 455.419760][ C1] Call Trace: [ 455.423054][ C1] ? smp_call_function_many_cond+0x8b7/0x990 [ 455.429111][ C1] ? trace_tlb_flush+0x1e0/0x1e0 [ 455.434046][ C1] ? trace_tlb_flush+0x1e0/0x1e0 [ 455.438980][ C1] ? trace_tlb_flush+0x1e0/0x1e0 [ 455.443945][ C1] flush_tlb_mm_range+0x304/0x450 [ 455.449057][ C1] tlb_flush_mmu+0x1a7/0x910 [ 455.453650][ C1] tlb_finish_mmu+0xcb/0x200 [ 455.458343][ C1] exit_mmap+0x296/0x530 [ 455.462681][ C1] __mmput+0x113/0x370 [ 455.466745][ C1] exit_mm+0x4cd/0x550 [ 455.470840][ C1] ? taskstats_exit+0x466/0xc00 [ 455.475697][ C1] do_exit+0x584/0x1f80 [ 455.479913][ C1] ? __up_read+0x1f1/0x6f0 [ 455.484354][ C1] ? do_user_addr_fault+0x768/0xba0 [ 455.489548][ C1] do_group_exit+0x161/0x2d0 [ 455.494138][ C1] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 455.500207][ C1] __do_sys_exit_group+0x13/0x20 [ 455.505136][ C1] __se_sys_exit_group+0x10/0x10 [ 455.510063][ C1] __x64_sys_exit_group+0x37/0x40 [ 455.515080][ C1] do_syscall_64+0x73/0xe0 [ 455.519501][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 455.525459][ C1] RIP: 0033:0x442478 [ 455.529342][ C1] Code: Bad RIP value. [ 455.533395][ C1] RSP: 002b:00007ffde202ed88 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 455.541800][ C1] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000442478 [ 455.549769][ C1] RDX: 0000000000000001 RSI: 000000000000003c RDI: 0000000000000001 [ 455.557740][ C1] RBP: 00000000004c8a70 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 455.565720][ C1] R10: 0000000001bbbbbb R11: 0000000000000246 R12: 0000000000000001 [ 455.573701][ C1] R13: 00000000006dba40 R14: 0000000000000000 R15: 0000000000000000 [ 455.581692][ C1] Sending NMI from CPU 1 to CPUs 0: [ 455.587934][ C1] NMI backtrace for cpu 0 [ 455.587939][ C1] CPU: 0 PID: 2485 Comm: kworker/0:2 Not tainted 5.8.0-rc6-syzkaller #0 [ 455.587944][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 455.587947][ C1] Workqueue: wg-crypt-wg0 wg_packet_tx_worker [ 455.587953][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x4/0x60 [ 455.587961][ C1] Code: 00 00 0f 0b 66 90 53 48 89 fb e8 17 00 00 00 48 8b 3d 88 af 18 08 48 89 de 5b e9 67 9c 3e 00 cc cc cc cc cc cc cc 48 8b 04 24 <65> 48 8b 0c 25 00 fe 01 00 65 8b 15 f8 6b 8d 7e f7 c2 00 01 ff 00 [ 455.587965][ C1] RSP: 0018:ffffc90000007d90 EFLAGS: 00000002 [ 455.587971][ C1] RAX: ffffffff8165468f RBX: 0000000000000001 RCX: dffffc0000000000 [ 455.587975][ C1] RDX: ffff8880a06d4380 RSI: 0000000000000001 RDI: 0000000000000000 [ 455.587978][ C1] RBP: 1bc16d674ec9f90f R08: ffffffff81654686 R09: fffffbfff131a7ee [ 455.587982][ C1] R10: fffffbfff131a7ee R11: 0000000000000000 R12: ffff888097389b40 [ 455.587986][ C1] R13: ffff8880ae8276d0 R14: ffff888097389b40 R15: ffff8880ae8276c0 [ 455.587990][ C1] FS: 0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 455.587994][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 455.587998][ C1] CR2: 0000000020000610 CR3: 00000000a31b6000 CR4: 00000000001406f0 [ 455.588001][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 455.588005][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 455.588008][ C1] Call Trace: [ 455.588010][ C1] [ 455.588013][ C1] trace_hrtimer_cancel+0x22f/0x2b0 [ 455.588016][ C1] __hrtimer_run_queues+0x291/0x930 [ 455.588019][ C1] hrtimer_interrupt+0x373/0xd60 [ 455.588022][ C1] __sysvec_apic_timer_interrupt+0xf0/0x260 [ 455.588025][ C1] asm_call_on_stack+0xf/0x20 [ 455.588027][ C1] [ 455.588030][ C1] sysvec_apic_timer_interrupt+0xb9/0x130 [ 455.588033][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 455.588037][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xa5/0xd0 [ 455.588044][ C1] Code: b9 00 00 00 00 00 fc ff df 80 3c 08 00 74 0c 48 c7 c7 f8 c7 4b 89 e8 5a 5f 93 f9 48 83 3d 7a 87 2b 01 00 74 2c 4c 89 f7 57 9d <0f> 1f 44 00 00 bf 01 00 00 00 e8 4c 58 30 f9 65 8b 05 71 bd e1 77 [ 455.588047][ C1] RSP: 0018:ffffc9000814fb70 EFLAGS: 00000286 [ 455.588053][ C1] RAX: 1ffffffff12978ff RBX: ffff8880ae825400 RCX: dffffc0000000000 [ 455.588057][ C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000286 [ 455.588061][ C1] RBP: ffff888091eac928 R08: dffffc0000000000 R09: fffffbfff1674eb8 [ 455.588065][ C1] R10: fffffbfff1674eb8 R11: 0000000000000000 R12: 0000000000000000 [ 455.588069][ C1] R13: ffff8880ae825400 R14: 0000000000000286 R15: ffff8880ae825400 [ 455.588071][ C1] __mod_timer+0xf78/0x1620 [ 455.588074][ C1] wg_timers_data_sent+0x19c/0x2b0 [ 455.588077][ C1] wg_packet_tx_worker+0x3e1/0xcc0 [ 455.588080][ C1] process_one_work+0x789/0xfc0 [ 455.588083][ C1] worker_thread+0xaa4/0x1460 [ 455.588086][ C1] kthread+0x37e/0x3a0 [ 455.588089][ C1] ? rcu_lock_release+0x20/0x20 [ 455.588092][ C1] ? kthread_blkcg+0xd0/0xd0 [ 455.588095][ C1] ret_from_fork+0x1f/0x30 [ 455.588103][ C1] Kernel panic - not syncing: softlockup: hung tasks [ 455.894762][ C1] CPU: 1 PID: 6782 Comm: syz-executor026 Tainted: G L 5.8.0-rc6-syzkaller #0 [ 455.904814][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 455.914866][ C1] Call Trace: [ 455.918142][ C1] [ 455.921084][ C1] dump_stack+0x1f0/0x31e [ 455.925414][ C1] panic+0x264/0x7a0 [ 455.929299][ C1] ? watchdog_timer_fn+0x48a/0x4e0 [ 455.934423][ C1] watchdog_timer_fn+0x4de/0x4e0 [ 455.939349][ C1] ? proc_watchdog_cpumask+0xc0/0xc0 [ 455.944640][ C1] __hrtimer_run_queues+0x42d/0x930 [ 455.949840][ C1] hrtimer_interrupt+0x373/0xd60 [ 455.954788][ C1] __sysvec_apic_timer_interrupt+0xf0/0x260 [ 455.960676][ C1] asm_call_on_stack+0xf/0x20 [ 455.965338][ C1] [ 455.968271][ C1] sysvec_apic_timer_interrupt+0xb9/0x130 [ 455.973984][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 455.979992][ C1] RIP: 0010:smp_call_function_single+0x307/0x450 [ 455.986316][ C1] Code: e6 01 31 ff e8 6a 05 0b 00 41 83 e5 01 75 14 e8 4f 01 0b 00 eb 45 0f 1f 00 66 2e 0f 1f 84 00 00 00 00 00 f3 90 42 0f b6 04 23 <84> c0 75 0d 41 f6 07 01 74 22 e8 2a 01 0b 00 eb e8 44 89 f9 80 e1 [ 456.005943][ C1] RSP: 0018:ffffc90001277aa0 EFLAGS: 00000293 [ 456.012007][ C1] RAX: 0000000000000000 RBX: 1ffff9200024ef59 RCX: ffff888092eba440 [ 456.019974][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 456.027940][ C1] RBP: ffffc90001277b28 R08: ffffffff816990a6 R09: ffffed1015d06d11 [ 456.035906][ C1] R10: ffffed1015d06d11 R11: 0000000000000000 R12: dffffc0000000000 [ 456.043873][ C1] R13: 0000000000000001 R14: 0000000000000000 R15: ffffc90001277ac8 [ 456.051855][ C1] ? smp_call_function_single+0x2e6/0x450 [ 456.057583][ C1] ? smp_call_function_many_cond+0x8b7/0x990 [ 456.063584][ C1] ? trace_tlb_flush+0x1e0/0x1e0 [ 456.068522][ C1] ? trace_tlb_flush+0x1e0/0x1e0 [ 456.073455][ C1] ? trace_tlb_flush+0x1e0/0x1e0 [ 456.078390][ C1] flush_tlb_mm_range+0x304/0x450 [ 456.083440][ C1] tlb_flush_mmu+0x1a7/0x910 [ 456.088032][ C1] tlb_finish_mmu+0xcb/0x200 [ 456.092620][ C1] exit_mmap+0x296/0x530 [ 456.096866][ C1] __mmput+0x113/0x370 [ 456.100927][ C1] exit_mm+0x4cd/0x550 [ 456.104991][ C1] ? taskstats_exit+0x466/0xc00 [ 456.109842][ C1] do_exit+0x584/0x1f80 [ 456.113992][ C1] ? __up_read+0x1f1/0x6f0 [ 456.118403][ C1] ? do_user_addr_fault+0x768/0xba0 [ 456.123594][ C1] do_group_exit+0x161/0x2d0 [ 456.128177][ C1] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 456.134233][ C1] __do_sys_exit_group+0x13/0x20 [ 456.139161][ C1] __se_sys_exit_group+0x10/0x10 [ 456.144090][ C1] __x64_sys_exit_group+0x37/0x40 [ 456.149127][ C1] do_syscall_64+0x73/0xe0 [ 456.153535][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 456.159419][ C1] RIP: 0033:0x442478 [ 456.163293][ C1] Code: Bad RIP value. [ 456.167348][ C1] RSP: 002b:00007ffde202ed88 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 456.175748][ C1] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000442478 [ 456.183711][ C1] RDX: 0000000000000001 RSI: 000000000000003c RDI: 0000000000000001 [ 456.191671][ C1] RBP: 00000000004c8a70 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 456.199659][ C1] R10: 0000000001bbbbbb R11: 0000000000000246 R12: 0000000000000001 [ 456.207622][ C1] R13: 00000000006dba40 R14: 0000000000000000 R15: 0000000000000000 [ 457.312090][ C1] Shutting down cpus with NMI [ 457.318040][ C1] Kernel Offset: disabled [ 457.322441][ C1] Rebooting in 86400 seconds..