[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
         Starting Load/Save RF Kill Switch Status...

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.10.17' (ECDSA) to the list of known hosts.
2021/04/02 04:39:24 parsed 1 programs
2021/04/02 04:39:25 executed programs: 0
syzkaller login: [   75.631233][ T8414] IPVS: ftp: loaded support on port[0] = 21
[   75.800897][ T8414] chnl_net:caif_netlink_parms(): no params data found
[   75.850455][ T8414] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.858409][ T8414] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.867047][ T8414] device bridge_slave_0 entered promiscuous mode
[   75.876653][ T8414] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.884482][ T8414] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.892114][ T8414] device bridge_slave_1 entered promiscuous mode
[   75.911851][ T8414] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   75.923464][ T8414] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   75.944778][ T8414] team0: Port device team_slave_0 added
[   75.951840][ T8414] team0: Port device team_slave_1 added
[   75.968011][ T8414] batman_adv: batadv0: Adding interface: batadv_slave_0
[   75.975021][ T8414] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.001081][ T8414] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   76.014348][ T8414] batman_adv: batadv0: Adding interface: batadv_slave_1
[   76.021287][ T8414] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.047277][ T8414] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   76.074009][ T8414] device hsr_slave_0 entered promiscuous mode
[   76.080617][ T8414] device hsr_slave_1 entered promiscuous mode
[   76.179298][ T8414] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   76.189566][ T8414] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   76.201131][ T8414] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   76.209912][ T8414] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   76.235652][ T8414] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.242880][ T8414] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.250438][ T8414] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.257597][ T8414] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.302609][ T8414] 8021q: adding VLAN 0 to HW filter on device bond0
[   76.316982][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   76.327362][   T20] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.336864][   T20] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.345372][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   76.358449][ T8414] 8021q: adding VLAN 0 to HW filter on device team0
[   76.370383][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   76.379482][ T4839] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.386595][ T4839] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.406271][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   76.414672][ T4839] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.421696][ T4839] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.443918][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   76.453407][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   76.461694][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   76.471428][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   76.481729][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   76.490874][ T8414] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   76.514863][ T8414] 8021q: adding VLAN 0 to HW filter on device batadv0
[   76.522958][ T8633] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   76.530393][ T8633] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   76.556055][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   76.571452][ T8414] device veth0_vlan entered promiscuous mode
[   76.579204][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   76.587714][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   76.596080][ T4839] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   76.610823][ T8414] device veth1_vlan entered promiscuous mode
[   76.631560][ T8633] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   76.641393][ T8633] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   76.650287][ T8633] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   76.661361][ T8414] device veth0_macvtap entered promiscuous mode
[   76.671333][ T8414] device veth1_macvtap entered promiscuous mode
[   76.689167][ T8414] batman_adv: batadv0: Interface activated: batadv_slave_0
[   76.696769][ T8633] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   76.706374][ T8633] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   76.717677][ T8414] batman_adv: batadv0: Interface activated: batadv_slave_1
[   76.727721][ T8633] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   76.737916][ T8414] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.747682][ T8414] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.756747][ T8414] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.765812][ T8414] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.864009][  T328] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.872127][  T328] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.901451][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   76.916167][  T328] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.927169][  T328] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.938887][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   76.981937][    C1] hrtimer: interrupt took 35347 ns
[   77.190702][ T8653] 
[   77.193806][ T8653] =============================
[   77.198832][ T8653] WARNING: suspicious RCU usage
[   77.203831][ T8653] 5.12.0-rc4-syzkaller #0 Not tainted
[   77.209430][ T8653] -----------------------------
[   77.214664][ T8653] include/linux/skmsg.h:286 suspicious rcu_dereference_check() usage!
[   77.223169][ T8653] 
[   77.223169][ T8653] other info that might help us debug this:
[   77.223169][ T8653] 
[   77.233669][ T8653] 
[   77.233669][ T8653] rcu_scheduler_active = 2, debug_locks = 1
[   77.241840][ T8653] 1 lock held by syz-executor.0/8653:
[   77.247558][ T8653]  #0: ffff888025b783c8 (clock-AF_INET){++..}-{2:2}, at: sk_psock_drop+0x2c/0x460
[   77.257895][ T8653] 
[   77.257895][ T8653] stack backtrace:
[   77.263924][ T8653] CPU: 0 PID: 8653 Comm: syz-executor.0 Not tainted 5.12.0-rc4-syzkaller #0
[   77.272614][ T8653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   77.282675][ T8653] Call Trace:
[   77.285962][ T8653]  dump_stack+0x141/0x1d7
[   77.290330][ T8653]  tcp_bpf_update_proto+0x530/0x5f0
[   77.295988][ T8653]  ? tcp_bpf_stream_read+0x270/0x270
[   77.301293][ T8653]  sk_psock_drop+0xdf/0x460
[   77.305938][ T8653]  tcp_bpf_recvmsg+0x32f/0x480
[   77.310733][ T8653]  ? tcp_bpf_sendpage+0x8d0/0x8d0
[   77.315776][ T8653]  ? aa_sk_perm+0x31b/0xab0
[   77.320310][ T8653]  inet_recvmsg+0x11b/0x5d0
[   77.324839][ T8653]  ? inet_sendpage+0x140/0x140
[   77.329626][ T8653]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   77.335888][ T8653]  ? security_socket_recvmsg+0x8f/0xc0
[   77.341373][ T8653]  ? inet_sendpage+0x140/0x140
[   77.346163][ T8653]  ____sys_recvmsg+0x2c4/0x600
[   77.350960][ T8653]  ? move_addr_to_kernel.part.0+0x110/0x110
[   77.356883][ T8653]  ? __import_iovec+0x388/0x500
[   77.361755][ T8653]  ? __import_iovec+0x293/0x500
[   77.366629][ T8653]  ? import_iovec+0x10c/0x150
[   77.371326][ T8653]  ___sys_recvmsg+0x127/0x200
[   77.376051][ T8653]  ? __copy_msghdr_from_user+0x4b0/0x4b0
[   77.381696][ T8653]  ? __lock_acquire+0x16b3/0x54c0
[   77.386757][ T8653]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   77.392756][ T8653]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   77.399026][ T8653]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   77.405288][ T8653]  ? __fget_light+0x215/0x280
[   77.409986][ T8653]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   77.416250][ T8653]  __sys_recvmsg+0xe2/0x1a0
[   77.420771][ T8653]  ? __sys_recvmsg_sock+0x40/0x40
[   77.425850][ T8653]  ? syscall_enter_from_user_mode+0x31/0x70
[   77.431763][ T8653]  do_syscall_64+0x2d/0x70
[   77.436202][ T8653]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   77.442118][ T8653] RIP: 0033:0x466459
[   77.446028][ T8653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[   77.465649][ T8653] RSP: 002b:00007ffde6497e38 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[   77.474080][ T8653] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[   77.482065][ T8653] RDX: 0000000000000000 RSI: 0000000020005400 RDI: 0000000000000005
[   77.490046][ T8653] RBP: 00000000004bf9fb R08: 0000000000000000 R09: 0000000000000000
[   77.498025][ T8653] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
[   77.506005][ T8653] R13: 00007ffde6497fd0 R14: 000000000056bf60 R15: 0000000000012cb2
[   77.643582][   T20] Bluetooth: hci0: command 0x0409 tx timeout