[ OK ] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. [ OK ] Started Getty on tty6. [ OK ] Started Getty on tty5. [ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.124' (ECDSA) to the list of known hosts. syzkaller login: [ 68.898500][ T28] audit: type=1400 audit(1600708629.710:8): avc: denied { execmem } for pid=6862 comm="syz-executor816" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 68.920819][ T6863] IPVS: ftp: loaded support on port[0] = 21 [ 69.017666][ T6863] chnl_net:caif_netlink_parms(): no params data found [ 69.075990][ T6863] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.084994][ T6863] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.093955][ T6863] device bridge_slave_0 entered promiscuous mode [ 69.104178][ T6863] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.111425][ T6863] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.120090][ T6863] device bridge_slave_1 entered promiscuous mode [ 69.143157][ T6863] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.154387][ T6863] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.178431][ T6863] team0: Port device team_slave_0 added [ 69.186727][ T6863] team0: Port device team_slave_1 added [ 69.205780][ T6863] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.212880][ T6863] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.238871][ T6863] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.251823][ T6863] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.258881][ T6863] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.284950][ T6863] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.313948][ T6863] device hsr_slave_0 entered promiscuous mode [ 69.320761][ T6863] device hsr_slave_1 entered promiscuous mode [ 69.433472][ T6863] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 69.445677][ T6863] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 69.455798][ T6863] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 69.470037][ T6863] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 69.496308][ T6863] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.503493][ T6863] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.511707][ T6863] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.518809][ T6863] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.570701][ T6863] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.585808][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 69.596619][ T23] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.606577][ T23] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.615513][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 69.629247][ T6863] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.641801][ T2467] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 69.653786][ T2467] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.660860][ T2467] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.682895][ T2467] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 69.693289][ T2467] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.700356][ T2467] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.722867][ T2467] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 69.732144][ T2467] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 69.740729][ T2467] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 69.750073][ T2467] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 69.760944][ T2467] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 69.772608][ T6863] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 69.792274][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 69.799766][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 69.815245][ T6863] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 69.835889][ T2467] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 69.860437][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 69.870048][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 69.879622][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 69.891172][ T6863] device veth0_vlan entered promiscuous mode [ 69.904709][ T6863] device veth1_vlan entered promiscuous mode [ 69.928259][ T2467] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 69.937229][ T2467] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 69.946248][ T2467] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 69.958518][ T6863] device veth0_macvtap entered promiscuous mode [ 69.969544][ T6863] device veth1_macvtap entered promiscuous mode [ 69.989735][ T6863] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 69.998681][ T2467] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 70.009691][ T2467] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 70.023250][ T6863] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 70.030831][ T7069] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 70.040028][ T7069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 70.054763][ T6863] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.064404][ T6863] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.073791][ T6863] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.082801][ T6863] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 executing program [ 70.133408][ C1] ------------[ cut here ]------------ [ 70.135265][ T6863] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 70.139119][ C1] Illegal XDP return value 4294967274, expect packet loss! [ 70.151951][ T6863] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 70.154362][ C1] WARNING: CPU: 1 PID: 143 at net/core/filter.c:7193 bpf_warn_invalid_xdp_action+0x6f/0x80 [ 70.162556][ T6863] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 70.171325][ C1] Kernel panic - not syncing: panic_on_warn set ... [ 70.185155][ C1] CPU: 1 PID: 143 Comm: kworker/u4:3 Not tainted 5.9.0-rc6-syzkaller #0 [ 70.193695][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 70.204844][ C1] Workqueue: wg-kex-wg2 wg_packet_handshake_send_worker [ 70.211785][ C1] Call Trace: [ 70.215073][ C1] [ 70.217938][ C1] dump_stack+0x198/0x1fd [ 70.222309][ C1] panic+0x382/0x7fb [ 70.226226][ C1] ? __warn_printk+0xf3/0xf3 [ 70.230823][ C1] ? __warn.cold+0x5/0x4b [ 70.235277][ C1] ? __warn+0xd6/0x1f2 [ 70.240587][ C1] ? bpf_warn_invalid_xdp_action+0x6f/0x80 [ 70.246618][ C1] __warn.cold+0x20/0x4b [ 70.250884][ C1] ? bpf_warn_invalid_xdp_action+0x6f/0x80 [ 70.256785][ C1] report_bug+0x1bd/0x210 [ 70.261142][ C1] handle_bug+0x38/0x90 [ 70.265446][ C1] ? __warn_printk+0xc6/0xf3 [ 70.270309][ C1] exc_invalid_op+0x14/0x40 [ 70.274821][ C1] asm_exc_invalid_op+0x12/0x20 [ 70.279690][ C1] RIP: 0010:bpf_warn_invalid_xdp_action+0x6f/0x80 [ 70.286117][ C1] Code: 40 5c 45 89 41 83 fc 04 48 c7 c6 80 5c 45 89 48 0f 46 ee e8 a3 92 02 fb 44 89 e2 48 c7 c7 c0 5c 45 89 48 89 ee e8 13 d0 d2 fa <0f> 0b 5b 5d 41 5c e9 86 92 02 fb 66 0f 1f 44 00 00 41 57 41 56 49 [ 70.305989][ C1] RSP: 0018:ffffc90000da8a80 EFLAGS: 00010286 [ 70.312064][ C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 70.320058][ C1] RDX: ffff8880a8f2e040 RSI: ffffffff815f5985 RDI: fffff520001b5142 [ 70.328053][ C1] RBP: ffffffff89455c40 R08: 0000000000000001 R09: ffff8880ae5318e7 [ 70.336640][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: 00000000ffffffea [ 70.344622][ C1] R13: 0000000000000000 R14: 0000000000000008 R15: ffffc90000da8c70 [ 70.353322][ C1] ? vprintk_func+0x95/0x1d4 [ 70.359252][ C1] netif_receive_generic_xdp+0xe65/0x1790 [ 70.364995][ C1] ? lock_is_held_type+0xbb/0xf0 [ 70.370054][ C1] __netif_receive_skb_core+0x11ee/0x36b0 [ 70.376132][ C1] ? generic_xdp_tx+0x710/0x710 [ 70.381049][ C1] ? lockdep_hardirqs_on_prepare+0x530/0x530 [ 70.387150][ C1] ? lock_acquire+0x1f3/0xaf0 [ 70.391858][ C1] __netif_receive_skb_one_core+0xae/0x180 [ 70.397934][ C1] ? __netif_receive_skb_core+0x36b0/0x36b0 [ 70.403926][ C1] ? mark_held_locks+0x9f/0xe0 [ 70.408807][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 70.413948][ C1] __netif_receive_skb+0x27/0x1c0 [ 70.419154][ C1] process_backlog+0x2e1/0x8e0 [ 70.424023][ C1] ? net_rx_action+0x2ad/0xfc0 [ 70.428949][ C1] net_rx_action+0x50d/0xfc0 [ 70.433644][ C1] ? napi_complete_done+0x940/0x940 [ 70.438834][ C1] ? mark_held_locks+0x9f/0xe0 [ 70.443700][ C1] ? lock_is_held_type+0xbb/0xf0 [ 70.449067][ C1] __do_softirq+0x1f8/0xb23 [ 70.453593][ C1] asm_call_on_stack+0xf/0x20 [ 70.458268][ C1] [ 70.461212][ C1] do_softirq_own_stack+0x9d/0xd0 [ 70.466317][ C1] do_softirq+0x154/0x1b0 [ 70.470643][ C1] ? wg_socket_send_buffer_to_peer+0x24f/0x340 [ 70.476911][ C1] __local_bh_enable_ip+0x196/0x1f0 [ 70.482227][ C1] wg_socket_send_buffer_to_peer+0x24f/0x340 [ 70.488671][ C1] wg_packet_send_handshake_initiation+0x1fc/0x240 [ 70.495181][ C1] ? wg_packet_queue_free+0x160/0x160 [ 70.501007][ C1] ? preempt_schedule_common+0x59/0xc0 [ 70.506484][ C1] ? preempt_schedule_thunk+0x16/0x18 [ 70.511866][ C1] ? lock_is_held_type+0xbb/0xf0 [ 70.516809][ C1] wg_packet_handshake_send_worker+0x18/0x30 [ 70.522791][ C1] process_one_work+0x94c/0x1670 [ 70.527733][ C1] ? lock_release+0x8f0/0x8f0 [ 70.532444][ C1] ? pwq_dec_nr_in_flight+0x320/0x320 [ 70.537830][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 70.542777][ C1] ? lockdep_hardirqs_off+0x96/0xd0 [ 70.549029][ C1] worker_thread+0x64c/0x1120 [ 70.553739][ C1] ? process_one_work+0x1670/0x1670 [ 70.558946][ C1] kthread+0x3b5/0x4a0 [ 70.564767][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 70.569871][ C1] ret_from_fork+0x1f/0x30 [ 70.575661][ C1] Kernel Offset: disabled [ 70.580068][ C1] Rebooting in 86400 seconds..