[ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.181' (ECDSA) to the list of known hosts. 2020/10/27 00:33:36 parsed 1 programs 2020/10/27 00:33:36 executed programs: 0 syzkaller login: [ 30.101359] IPVS: ftp: loaded support on port[0] = 21 [ 30.181240] chnl_net:caif_netlink_parms(): no params data found [ 30.284471] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.291445] bridge0: port 1(bridge_slave_0) entered disabled state [ 30.299163] device bridge_slave_0 entered promiscuous mode [ 30.306008] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.312781] bridge0: port 2(bridge_slave_1) entered disabled state [ 30.319820] device bridge_slave_1 entered promiscuous mode [ 30.336149] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 30.344924] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 30.363490] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 30.370806] team0: Port device team_slave_0 added [ 30.376174] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 30.383537] team0: Port device team_slave_1 added [ 30.397691] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 30.403945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 30.429215] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 30.440450] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 30.446692] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 30.472071] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 30.482646] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 30.490150] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 30.507889] device hsr_slave_0 entered promiscuous mode [ 30.513476] device hsr_slave_1 entered promiscuous mode [ 30.519578] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 30.526526] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 30.585494] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.592074] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.599002] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.605366] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.632877] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 30.639735] 8021q: adding VLAN 0 to HW filter on device bond0 [ 30.648644] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 30.656500] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 30.676380] bridge0: port 1(bridge_slave_0) entered disabled state [ 30.683775] bridge0: port 2(bridge_slave_1) entered disabled state [ 30.693665] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 30.700081] 8021q: adding VLAN 0 to HW filter on device team0 [ 30.708372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 30.716040] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.722422] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.731207] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 30.739440] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.745782] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.764673] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 30.774539] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 30.785140] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 30.792756] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 30.800833] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 30.808684] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 30.816235] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 30.823896] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 30.830771] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 30.842899] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 30.850732] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 30.858097] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 30.870043] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 30.918025] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 30.927445] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 30.950880] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 30.958322] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 30.964724] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 30.974284] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 30.982087] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 30.989465] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 30.997991] device veth0_vlan entered promiscuous mode [ 31.006819] device veth1_vlan entered promiscuous mode [ 31.013393] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 31.021874] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 31.032891] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 31.042013] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 31.049472] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 31.056644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 31.065842] device veth0_macvtap entered promiscuous mode [ 31.072379] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 31.080830] device veth1_macvtap entered promiscuous mode [ 31.090500] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 31.099360] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 31.109882] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 31.116541] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 31.125334] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 31.135002] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 31.142271] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 31.167175] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 31.239745] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 31.246620] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 31.271436] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 31.284600] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 31.292086] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 31.300699] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 31.308592] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 31.319258] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 31.512056] INFO: trying to register non-static key. [ 31.517331] the code is fine but needs lockdep annotation. [ 31.522979] turning off the locking correctness validator. [ 31.528582] CPU: 0 PID: 8316 Comm: syz-executor.0 Not tainted 4.14.202-syzkaller #0 [ 31.536348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 31.545697] Call Trace: [ 31.548280] dump_stack+0x1b2/0x283 [ 31.551883] register_lock_class+0x32b/0x1320 [ 31.556353] ? account_entity_enqueue+0x2e5/0x440 [ 31.561186] ? static_obj+0x50/0x50 [ 31.564804] ? check_preemption_disabled+0x35/0x240 [ 31.569795] __lock_acquire+0x167/0x3f20 [ 31.573834] ? lock_downgrade+0x740/0x740 [ 31.577960] ? lock_downgrade+0x740/0x740 [ 31.582086] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 31.587210] ? trace_hardirqs_on+0x10/0x10 [ 31.591483] ? __queue_work+0x517/0xf70 [ 31.595495] ? lock_downgrade+0x740/0x740 [ 31.599641] ? do_raw_spin_unlock+0x164/0x220 [ 31.604129] lock_acquire+0x170/0x3f0 [ 31.607914] ? skb_dequeue+0x1c/0x180 [ 31.611709] _raw_spin_lock_irqsave+0x8c/0xc0 [ 31.616197] ? skb_dequeue+0x1c/0x180 [ 31.620002] skb_dequeue+0x1c/0x180 [ 31.623625] skb_queue_purge+0x21/0x30 [ 31.627500] l2cap_chan_del+0x56d/0x950 [ 31.631466] l2cap_chan_close+0x103/0x870 [ 31.635597] ? __set_monitor_timer+0x1d0/0x1d0 [ 31.640155] ? wait_for_completion_io+0x10/0x10 [ 31.644808] ? __local_bh_enable_ip+0xc1/0x170 [ 31.649368] l2cap_sock_shutdown+0x2e7/0xc20 [ 31.653765] ? l2cap_skb_msg_name+0x120/0x120 [ 31.658246] ? l2cap_sock_release+0x6a/0x280 [ 31.662630] ? lock_downgrade+0x740/0x740 [ 31.666752] l2cap_sock_release+0x77/0x280 [ 31.670967] __sock_release+0xcd/0x2b0 [ 31.674845] ? __sock_release+0x2b0/0x2b0 [ 31.678967] sock_close+0x15/0x20 [ 31.682398] __fput+0x25f/0x7a0 [ 31.685654] task_work_run+0x11f/0x190 [ 31.689521] get_signal+0x18a3/0x1ca0 [ 31.693327] ? l2cap_sock_connect+0x30b/0x520 [ 31.697813] do_signal+0x7c/0x1550 [ 31.701330] ? __local_bh_enable_ip+0xc1/0x170 [ 31.705890] ? check_preemption_disabled+0x35/0x240 [ 31.710903] ? setup_sigcontext+0x820/0x820 [ 31.715216] ? kick_process+0xe4/0x170 [ 31.719094] ? task_work_add+0x87/0xe0 [ 31.722956] ? l2cap_sock_accept+0x4d0/0x4d0 [ 31.727338] ? fput+0xaa/0x140 [ 31.730507] ? SyS_connect+0xf6/0x240 [ 31.734293] ? SyS_accept+0x30/0x30 [ 31.737894] ? put_timespec64+0xaa/0xf0 [ 31.741871] ? jiffies64_to_nsecs+0x20/0x20 [ 31.746168] ? exit_to_usermode_loop+0x41/0x200 [ 31.750812] exit_to_usermode_loop+0x160/0x200 [ 31.755368] do_syscall_64+0x4a3/0x640 [ 31.759233] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 31.764399] RIP: 0033:0x45de59 [ 31.767564] RSP: 002b:00007fb118883c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 31.775259] RAX: fffffffffffffffc RBX: 0000000000002200 RCX: 000000000045de59 [ 31.782503] RDX: 000000000000000e RSI: 0000000020000040 RDI: 0000000000000006 [ 31.789768] RBP: 000000000118c008 R08: 0000000000000000 R09: 0000000000000000 [ 31.797016] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118bfd4 [ 31.804354] R13: 00007ffee803abbf R14: 00007fb1188849c0 R15: 000000000118bfd4 [ 32.126272] Bluetooth: hci0 command 0x0409 tx timeout 2020/10/27 00:33:41 executed programs: 174 [ 34.205901] Bluetooth: hci0 command 0x041b tx timeout [ 36.292994] Bluetooth: hci0 command 0x040f tx timeout [ 38.361728] Bluetooth: hci0 command 0x0419 tx timeout 2020/10/27 00:33:46 executed programs: 868 [ 40.440612] Bluetooth: hci0 command 0x0405 tx timeout