[ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Load/Save RF Kill Switch Status. [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.137' (ECDSA) to the list of known hosts. syzkaller login: [ 769.500366][ T8492] IPVS: ftp: loaded support on port[0] = 21 [ 769.503215][ T8491] IPVS: ftp: loaded support on port[0] = 21 [ 769.509084][ T8489] IPVS: ftp: loaded support on port[0] = 21 [ 769.515025][ T8493] IPVS: ftp: loaded support on port[0] = 21 [ 769.521305][ T8486] IPVS: ftp: loaded support on port[0] = 21 [ 769.528107][ T8490] IPVS: ftp: loaded support on port[0] = 21 [ 769.731985][ T8515] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 769.744709][ T8] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 769.773236][ T8515] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 769.781372][ T8] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 769.796211][ T8638] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 769.804159][ T8638] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 769.817479][ T8635] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 769.831158][ T8635] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 769.852609][ T8515] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 769.869593][ T3073] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 769.878377][ T8515] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 769.887037][ T8638] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 769.894916][ T8638] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 769.928954][ T8635] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 769.943551][ T8635] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 769.973376][ T8515] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 769.983043][ T8656] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 770.004701][ T8656] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 770.013661][ T8515] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 770.030862][ T8635] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 770.039674][ T8] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 770.055778][ T8635] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 770.057774][ T8] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program [ 770.085179][ T26] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 770.093267][ T26] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 770.102360][ T8656] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 770.111959][ T8635] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 770.126311][ T8656] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program [ 770.134376][ T8635] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 770.144526][ T8635] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 770.164962][ C0] hrtimer: interrupt took 39230 ns [ 772.620593][ T8638] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 772.628671][ T8] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 772.657724][ T8] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 772.667176][ T8638] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program executing program [ 773.318412][ T8635] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 799.496441][ T8635] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready executing program executing program [ 905.895092][ C1] rcu: INFO: rcu_preempt self-detected stall on CPU [ 905.901996][ C1] rcu: 1-....: (9735 ticks this GP) idle=0ce/1/0x4000000000000000 softirq=9507/9508 fqs=4834 [ 905.912677][ C1] (t=10502 jiffies g=8265 q=91) [ 905.917596][ C1] NMI backtrace for cpu 1 [ 905.921900][ C1] CPU: 1 PID: 8732 Comm: syz-executor009 Not tainted 5.10.0-rc7-syzkaller #0 [ 905.930639][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 905.940668][ C1] Call Trace: [ 905.943924][ C1] [ 905.946787][ C1] dump_stack+0x107/0x163 [ 905.951105][ C1] nmi_cpu_backtrace.cold+0x44/0xd7 [ 905.956277][ C1] ? lapic_can_unplug_cpu+0x80/0x80 [ 905.961462][ C1] nmi_trigger_cpumask_backtrace+0x1b3/0x230 [ 905.967431][ C1] rcu_dump_cpu_stacks+0x1e3/0x21e [ 905.972518][ C1] rcu_sched_clock_irq.cold+0x472/0xee8 [ 905.978041][ C1] ? rcutree_dead_cpu+0x40/0x40 [ 905.982874][ C1] ? lock_downgrade+0x6d0/0x6d0 [ 905.987702][ C1] ? __raise_softirq_irqoff+0x93/0x1d0 [ 905.993409][ C1] update_process_times+0x77/0xd0 [ 905.998406][ C1] tick_sched_handle+0x9b/0x180 [ 906.003239][ C1] tick_sched_timer+0x1d1/0x2a0 [ 906.008063][ C1] ? can_stop_idle_tick+0x290/0x290 [ 906.013231][ C1] __hrtimer_run_queues+0x1ce/0xea0 [ 906.018406][ C1] ? hrtimer_sleeper_start_expires+0x80/0x80 [ 906.024358][ C1] ? ktime_get_update_offsets_now+0x249/0x320 [ 906.030413][ C1] hrtimer_interrupt+0x334/0x940 [ 906.035333][ C1] __sysvec_apic_timer_interrupt+0x146/0x540 [ 906.041295][ C1] sysvec_apic_timer_interrupt+0x48/0x100 [ 906.046986][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 906.052940][ C1] RIP: 0010:__orc_find+0xa3/0xf0 [ 906.057848][ C1] Code: d0 7c 04 84 d2 75 48 48 63 03 48 01 d8 48 39 c1 73 b0 4c 8d 63 fc 49 39 ec 73 b3 4d 29 ee 49 c1 fe 02 4b 8d 04 76 48 8d 04 46 <48> 83 c4 10 5b 5d 41 5c 41 5d 41 5e 41 5f c3 48 83 c4 10 31 c0 5b [ 906.077435][ C1] RSP: 0018:ffffc90000d90768 EFLAGS: 00000256 [ 906.083476][ C1] RAX: ffffffff8d66d11e RBX: ffffffff8cfb7020 RCX: ffffffff81601e0a [ 906.091422][ C1] RDX: 0000000000000000 RSI: ffffffff8d66d11e RDI: ffffffff8cfb7020 [ 906.099383][ C1] RBP: ffffffff8cfb7024 R08: ffffffff8d66d124 R09: ffffffff8d66d11e [ 906.107326][ C1] R10: 0000000000082081 R11: 0000000000016fe3 R12: ffffffff8cfb7020 [ 906.115282][ C1] R13: ffffffff8cfb7020 R14: 0000000000000000 R15: dffffc0000000000 [ 906.123244][ C1] ? hrtimer_run_softirq+0x17a/0x360 [ 906.128505][ C1] ? mac80211_hwsim_tx_frame+0x156/0x1e0 [ 906.134123][ C1] unwind_next_frame+0x342/0x1f90 [ 906.139118][ C1] ? hrtimer_run_softirq+0x17b/0x360 [ 906.144378][ C1] ? get_stack_info_noinstr+0x39/0x110 [ 906.149807][ C1] ? deref_stack_reg+0x150/0x150 [ 906.154719][ C1] ? __unwind_start+0x51b/0x800 [ 906.159561][ C1] ? create_prof_cpu_mask+0x20/0x20 [ 906.164753][ C1] arch_stack_walk+0x7d/0xe0 [ 906.169318][ C1] ? hrtimer_run_softirq+0x17b/0x360 [ 906.174592][ C1] ? kmem_cache_free+0x82/0x350 [ 906.179416][ C1] stack_trace_save+0x8c/0xc0 [ 906.184066][ C1] ? stack_trace_consume_entry+0x160/0x160 [ 906.189850][ C1] kasan_save_stack+0x1b/0x40 [ 906.194496][ C1] ? kasan_save_stack+0x1b/0x40 [ 906.199317][ C1] ? kasan_set_track+0x1c/0x30 [ 906.204050][ C1] ? kasan_set_free_info+0x1b/0x30 [ 906.209131][ C1] ? __kasan_slab_free+0x102/0x140 [ 906.214218][ C1] ? slab_free_freelist_hook+0x5d/0x150 [ 906.219748][ C1] ? kmem_cache_free+0x82/0x350 [ 906.224573][ C1] ? kfree_skbmem+0xef/0x1b0 [ 906.229136][ C1] ? consume_skb+0xcf/0x160 [ 906.233634][ C1] ? mac80211_hwsim_tx_frame+0x157/0x1e0 [ 906.239262][ C1] ? mac80211_hwsim_beacon_tx+0x4ba/0x910 [ 906.244952][ C1] ? __iterate_interfaces+0x1e5/0x520 [ 906.250306][ C1] ? ieee80211_iterate_active_interfaces_atomic+0x8d/0x170 [ 906.257472][ C1] ? mac80211_hwsim_beacon+0xd5/0x1a0 [ 906.262816][ C1] ? __hrtimer_run_queues+0x693/0xea0 [ 906.268163][ C1] ? hrtimer_run_softirq+0x17b/0x360 [ 906.273424][ C1] ? find_held_lock+0x2d/0x110 [ 906.278165][ C1] ? debug_check_no_obj_freed+0x20c/0x420 [ 906.283872][ C1] ? mark_held_locks+0x9f/0xe0 [ 906.288611][ C1] ? _raw_spin_unlock_irqrestore+0x42/0x50 [ 906.294387][ C1] ? lockdep_hardirqs_on+0x79/0x100 [ 906.299556][ C1] ? _raw_spin_unlock_irqrestore+0x2f/0x50 [ 906.305352][ C1] ? debug_check_no_obj_freed+0x20c/0x420 [ 906.311045][ C1] kasan_set_track+0x1c/0x30 [ 906.315620][ C1] kasan_set_free_info+0x1b/0x30 [ 906.320544][ C1] __kasan_slab_free+0x102/0x140 [ 906.325712][ C1] slab_free_freelist_hook+0x5d/0x150 [ 906.331062][ C1] ? kfree_skbmem+0xef/0x1b0 [ 906.335618][ C1] kmem_cache_free+0x82/0x350 [ 906.340265][ C1] kfree_skbmem+0xef/0x1b0 [ 906.344652][ C1] consume_skb+0xcf/0x160 [ 906.348952][ C1] mac80211_hwsim_tx_frame+0x157/0x1e0 [ 906.354382][ C1] mac80211_hwsim_beacon_tx+0x4ba/0x910 [ 906.360017][ C1] __iterate_interfaces+0x1e5/0x520 [ 906.365198][ C1] ? mac80211_hwsim_tx_frame+0x1e0/0x1e0 [ 906.370815][ C1] ? mac80211_hwsim_tx_frame+0x1e0/0x1e0 [ 906.376422][ C1] ieee80211_iterate_active_interfaces_atomic+0x8d/0x170 [ 906.383422][ C1] ? mac80211_hwsim_addr_match+0x180/0x180 [ 906.389203][ C1] mac80211_hwsim_beacon+0xd5/0x1a0 [ 906.394374][ C1] ? mac80211_hwsim_addr_match+0x180/0x180 [ 906.400154][ C1] __hrtimer_run_queues+0x693/0xea0 [ 906.405346][ C1] ? hrtimer_sleeper_start_expires+0x80/0x80 [ 906.411309][ C1] ? ktime_get_update_offsets_now+0x249/0x320 [ 906.417351][ C1] hrtimer_run_softirq+0x17b/0x360 [ 906.422436][ C1] __do_softirq+0x2a0/0x9f6 [ 906.426915][ C1] asm_call_irq_on_stack+0xf/0x20 [ 906.431909][ C1] [ 906.434824][ C1] do_softirq_own_stack+0xaa/0xd0 [ 906.439911][ C1] irq_exit_rcu+0x132/0x200 [ 906.444387][ C1] sysvec_apic_timer_interrupt+0x4d/0x100 [ 906.450092][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 906.456054][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60 [ 906.462102][ C1] Code: fc ff ff 48 c7 c7 00 d5 38 8b 48 89 54 24 08 48 89 34 24 e8 72 b3 5e 02 48 8b 54 24 08 48 8b 34 24 e9 a1 fd ff ff 0f 1f 40 00 <65> 48 8b 14 25 00 f0 01 00 65 8b 05 40 eb 91 7e a9 00 01 ff 00 48 [ 906.481758][ C1] RSP: 0018:ffffc9000210f950 EFLAGS: 00000282 [ 906.487803][ C1] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 1ffff92000421f0d [ 906.495751][ C1] RDX: 1ffff110173e6172 RSI: 0000000000000001 RDI: 0000000000000000 [ 906.503698][ C1] RBP: ffff8880b9f30b90 R08: 0000000000000001 R09: ffffffff8ebaf67f [ 906.511641][ C1] R10: fffffbfff1d75ecf R11: 0000000000000000 R12: ffffffff8ae3c6c8 [ 906.519599][ C1] R13: 1ffff92000421f2e R14: 0000000000000007 R15: ffff8880313786c0 [ 906.527570][ C1] lru_add_drain_cpu+0xdc/0x990 [ 906.532395][ C1] ? lru_cache_add_inactive_or_unevictable+0x5b0/0x5b0 [ 906.539214][ C1] ? _raw_spin_unlock_irqrestore+0x42/0x50 [ 906.544995][ C1] lru_add_drain+0x108/0x430 [ 906.549557][ C1] exit_mmap+0x27a/0x530 [ 906.553767][ C1] ? __ia32_sys_remap_file_pages+0x150/0x150 [ 906.559718][ C1] ? __khugepaged_exit+0x2b8/0x3f0 [ 906.564800][ C1] ? rcu_read_lock_sched_held+0x3a/0x70 [ 906.570314][ C1] ? kmem_cache_free+0x315/0x350 [ 906.575222][ C1] ? __khugepaged_exit+0x2d9/0x3f0 [ 906.580306][ C1] __mmput+0x122/0x470 [ 906.584348][ C1] mmput+0x53/0x60 [ 906.588059][ C1] do_exit+0xa72/0x29b0 [ 906.592275][ C1] ? asm_sysvec_irq_work+0x12/0x20 [ 906.597371][ C1] ? mm_update_next_owner+0x7a0/0x7a0 [ 906.602726][ C1] ? asm_sysvec_irq_work+0x12/0x20 [ 906.607824][ C1] ? do_group_exit+0xab/0x310 [ 906.612473][ C1] ? do_group_exit+0x118/0x310 [ 906.617210][ C1] do_group_exit+0x125/0x310 [ 906.621776][ C1] get_signal+0x42a/0x1f10 [ 906.626167][ C1] ? do_mmap+0x610/0x11d0 [ 906.630473][ C1] arch_do_signal+0x82/0x2390 [ 906.635124][ C1] ? randomize_stack_top+0x100/0x100 [ 906.640478][ C1] ? copy_siginfo_to_user32+0xa0/0xa0 [ 906.645824][ C1] ? fput_many+0x2f/0x1a0 [ 906.650126][ C1] ? ksys_mmap_pgoff+0xe6/0x580 [ 906.654984][ C1] exit_to_user_mode_prepare+0x100/0x1a0 [ 906.660658][ C1] syscall_exit_to_user_mode+0x38/0x260 [ 906.666177][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 906.672053][ C1] RIP: 0033:0x442b19 [ 906.675914][ C1] Code: Unable to access opcode bytes at RIP 0x442aef. [ 906.682727][ C1] RSP: 002b:00007ffc5d162e08 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 906.691110][ C1] RAX: 0000000020ffc000 RBX: 00007ffc5d162e40 RCX: 0000000000442b19 [ 906.699053][ C1] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000000020ffc000 [ 906.707007][ C1] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000000 [ 906.714964][ C1] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000003 [ 906.722907][ C1] R13: 00000000006d3dc8 R14: 00000000006d4440 R15: 0000000000000004 [ 910.315216][ T5] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 1-... } 10941 jiffies s: 1537 root: 0x2/. [ 910.327970][ T5] rcu: blocking rcu_node structures: [ 910.333254][ T5] Task dump for CPU 1: [ 910.339526][ T5] task:syz-executor009 state:R running task stack:26968 pid: 8732 ppid: 8493 flags:0x0000400c [ 910.350939][ T5] Call Trace: [ 910.354229][ T5] ? lru_add_drain+0x108/0x430 [ 910.359909][ T5] ? exit_mmap+0x27a/0x530 [ 910.364326][ T5] ? __ia32_sys_remap_file_pages+0x150/0x150 [ 910.371177][ T5] ? __khugepaged_exit+0x2b8/0x3f0 [ 910.376816][ T5] ? rcu_read_lock_sched_held+0x3a/0x70 [ 910.382358][ T5] ? kmem_cache_free+0x315/0x350 [ 910.388126][ T5] ? __khugepaged_exit+0x2d9/0x3f0 [ 910.393239][ T5] ? __mmput+0x122/0x470 [ 910.398317][ T5] ? mmput+0x53/0x60 [ 910.402389][ T5] ? do_exit+0xa72/0x29b0 [ 910.408144][ T5] ? asm_sysvec_irq_work+0x12/0x20 [ 910.413347][ T5] ? mm_update_next_owner+0x7a0/0x7a0 [ 910.419648][ T5] ? asm_sysvec_irq_work+0x12/0x20 [ 910.424765][ T5] ? do_group_exit+0xab/0x310 [ 910.430396][ T5] ? do_group_exit+0x118/0x310 [ 910.435732][ T5] ? do_group_exit+0x125/0x310 [ 910.441001][ T5] ? get_signal+0x42a/0x1f10 [ 910.446533][ T5] ? do_mmap+0x610/0x11d0 [ 910.450875][ T5] ? arch_do_signal+0x82/0x2390 [ 910.456697][ T5] ? randomize_stack_top+0x100/0x100 [ 910.461983][ T5] ? copy_siginfo_to_user32+0xa0/0xa0 [ 910.468272][ T5] ? fput_many+0x2f/0x1a0 [ 910.472601][ T5] ? ksys_mmap_pgoff+0xe6/0x580 [ 910.478474][ T5] ? exit_to_user_mode_prepare+0x100/0x1a0 [ 910.484289][ T5] ? syscall_exit_to_user_mode+0x38/0x260 [ 910.490959][ T5] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9