[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.38' (ECDSA) to the list of known hosts. syzkaller login: [ 56.316153][ T6819] IPVS: ftp: loaded support on port[0] = 21 [ 56.397166][ T6819] chnl_net:caif_netlink_parms(): no params data found [ 56.445284][ T6819] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.453911][ T6819] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.463538][ T6819] device bridge_slave_0 entered promiscuous mode [ 56.473810][ T6819] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.482112][ T6819] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.490205][ T6819] device bridge_slave_1 entered promiscuous mode [ 56.511746][ T6819] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.523399][ T6819] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.546473][ T6819] team0: Port device team_slave_0 added [ 56.555241][ T6819] team0: Port device team_slave_1 added [ 56.573918][ T6819] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.581944][ T6819] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.610329][ T6819] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.624114][ T6819] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.632897][ T6819] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.660499][ T6819] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.724122][ T6819] device hsr_slave_0 entered promiscuous mode [ 56.771389][ T6819] device hsr_slave_1 entered promiscuous mode [ 56.894485][ T6819] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 56.943958][ T6819] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 57.003962][ T6819] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 57.072859][ T6819] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 57.126552][ T6819] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.134566][ T6819] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.142758][ T6819] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.150158][ T6819] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.195100][ T6819] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.209765][ T2709] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.222951][ T2709] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.232361][ T2709] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.241342][ T2709] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 57.254446][ T6819] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.266902][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.277108][ T23] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.286049][ T23] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.299153][ T3660] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.309132][ T3660] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.316457][ T3660] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.342222][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 57.352323][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 57.361661][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.375259][ T6819] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 57.387512][ T6819] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 57.397623][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 57.406046][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.426541][ T3660] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 57.435669][ T3660] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 57.449483][ T6819] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.471499][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 57.480238][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 57.501324][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 57.510024][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 57.520081][ T3898] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 57.529570][ T3898] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 57.538422][ T6819] device veth0_vlan entered promiscuous mode [ 57.552050][ T6819] device veth1_vlan entered promiscuous mode [ 57.573848][ T3660] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 57.584221][ T3660] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 57.593723][ T3660] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 57.603608][ T3660] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 57.616279][ T6819] device veth0_macvtap entered promiscuous mode [ 57.627856][ T6819] device veth1_macvtap entered promiscuous mode [ 57.645501][ T6819] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 57.654211][ T3660] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 57.664569][ T3660] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 57.673163][ T3660] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 57.682639][ T3660] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 57.696205][ T6819] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 57.705933][ T3898] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 57.716220][ T3898] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program executing program executing program [ 58.222876][ T7037] device gretap0 entered promiscuous mode [ 58.263516][ C0] ------------[ cut here ]------------ [ 58.263521][ C0] WARNING: CPU: 0 PID: 7037 at net/core/dev.c:9000 rollback_registered_many+0xbdb/0xf60 [ 58.263524][ C0] Kernel panic - not syncing: panic_on_warn set ... [ 58.263527][ C0] CPU: 0 PID: 7037 Comm: syz-executor476 Not tainted 5.8.0-rc2-next-20200626-syzkaller #0 [ 58.263531][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 58.263532][ C0] Call Trace: [ 58.263534][ C0] dump_stack+0x18f/0x20d [ 58.263536][ C0] panic+0x2e3/0x75c [ 58.263538][ C0] ? __warn_printk+0xf3/0xf3 [ 58.263539][ C0] ? printk+0xba/0xed [ 58.263541][ C0] ? log_store.cold+0x16/0x16 [ 58.263543][ C0] ? __warn.cold+0x5/0x45 [ 58.263544][ C0] ? __warn+0xd6/0x1f2 [ 58.263547][ C0] ? rollback_registered_many+0xbdb/0xf60 [ 58.263548][ C0] __warn.cold+0x20/0x45 [ 58.263551][ C0] ? rollback_registered_many+0xbdb/0xf60 [ 58.263552][ C0] report_bug+0x1bd/0x210 [ 58.263554][ C0] exc_invalid_op+0xb1/0x120 [ 58.263556][ C0] asm_exc_invalid_op+0x12/0x20 [ 58.263558][ C0] RIP: 0010:rollback_registered_many+0xbdb/0xf60 [ 58.263566][ C0] Code: 00 00 31 f6 4c 89 f7 e8 13 d9 fc ff e9 4f fe ff ff 4c 89 e7 e9 48 fd ff ff e8 71 71 3c fb 0f 0b e9 da fd ff ff e8 65 71 3c fb <0f> 0b e9 18 fe ff ff e8 59 71 3c fb 0f b6 2d db 5f 72 04 31 ff 89 [ 58.263568][ C0] RSP: 0018:ffffc90001c46f60 EFLAGS: 00010293 [ 58.263573][ C0] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: ffffffff86377685 [ 58.263576][ C0] RDX: ffff888093fc4140 RSI: ffffffff8637789b RDI: 0000000000000005 [ 58.263579][ C0] RBP: ffff888093a9c0b8 R08: 0000000000000000 R09: ffffffff8a7b7907 [ 58.263582][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880a9069b80 [ 58.263585][ C0] R13: 00000000000349a0 R14: ffff888093a9c000 R15: 0000000000000000 [ 58.263587][ C0] ? rollback_registered_many+0x9c5/0xf60 [ 58.263589][ C0] ? rollback_registered_many+0xbdb/0xf60 [ 58.263591][ C0] ? dev_xdp_uninstall+0x3f0/0x3f0 [ 58.263593][ C0] ? dev_set_mtu_ext+0x590/0x590 [ 58.263596][ C0] unregister_netdevice_queue+0x2dd/0x570 [ 58.263598][ C0] ? unregister_netdevice_many+0x50/0x50 [ 58.263599][ C0] ? is_hsr_master+0x9/0x70 [ 58.263601][ C0] ? hsr_add_port+0x4f3/0x790 [ 58.263603][ C0] hsr_dev_finalize+0x5ce/0x746 [ 58.263605][ C0] hsr_newlink+0x27c/0x520 [ 58.263607][ C0] ? hsr_dellink+0x70/0x70 [ 58.263609][ C0] ? rtnl_create_link+0x184/0xad0 [ 58.263610][ C0] ? hsr_dellink+0x70/0x70 [ 58.263612][ C0] __rtnl_newlink+0x1090/0x1730 [ 58.263614][ C0] ? rtnl_setlink+0x3c0/0x3c0 [ 58.263616][ C0] ? unwind_next_frame+0xe3b/0x1f90 [ 58.263618][ C0] ? is_bpf_text_address+0xcb/0x160 [ 58.263620][ C0] ? kernel_text_address+0xbd/0xf0 [ 58.263622][ C0] ? __kernel_text_address+0x9/0x30 [ 58.263624][ C0] ? unwind_get_return_address+0x51/0x90 [ 58.263626][ C0] ? profile_setup.cold+0xc1/0xc1 [ 58.263628][ C0] ? arch_stack_walk+0x97/0xf0 [ 58.263630][ C0] ? stack_trace_save+0x8c/0xc0 [ 58.263632][ C0] ? stack_trace_consume_entry+0x160/0x160 [ 58.263634][ C0] ? lock_is_held_type+0xb0/0xe0 [ 58.263636][ C0] ? kmem_cache_alloc_trace+0x181/0x480 [ 58.263638][ C0] rtnl_newlink+0x64/0xa0 [ 58.263640][ C0] ? __rtnl_newlink+0x1730/0x1730 [ 58.263642][ C0] rtnetlink_rcv_msg+0x44e/0xad0 [ 58.263644][ C0] ? rtnetlink_put_metrics+0x510/0x510 [ 58.263646][ C0] ? lock_acquire+0x1f1/0xad0 [ 58.263648][ C0] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 58.263650][ C0] netlink_rcv_skb+0x15a/0x430 [ 58.263652][ C0] ? rtnetlink_put_metrics+0x510/0x510 [ 58.263654][ C0] ? netlink_ack+0xa10/0xa10 [ 58.263656][ C0] netlink_unicast+0x533/0x7d0 [ 58.263658][ C0] ? netlink_attachskb+0x810/0x810 [ 58.263660][ C0] ? _copy_from_iter_full+0x247/0x890 [ 58.263662][ C0] ? __phys_addr+0x9a/0x110 [ 58.263664][ C0] ? __phys_addr_symbol+0x2c/0x70 [ 58.263666][ C0] ? __check_object_size+0x171/0x3e4 [ 58.263668][ C0] netlink_sendmsg+0x856/0xd90 [ 58.263669][ C0] ? netlink_unicast+0x7d0/0x7d0 [ 58.263671][ C0] ? netlink_unicast+0x7d0/0x7d0 [ 58.263673][ C0] sock_sendmsg+0xcf/0x120 [ 58.263675][ C0] ____sys_sendmsg+0x6e8/0x810 [ 58.263677][ C0] ? kernel_sendmsg+0x50/0x50 [ 58.263679][ C0] ? do_recvmmsg+0x6d0/0x6d0 [ 58.263681][ C0] ? __wake_up_common_lock+0xb4/0x130 [ 58.263683][ C0] ? find_held_lock+0x2d/0x110 [ 58.263685][ C0] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 58.263687][ C0] ? __wake_up_common_lock+0xde/0x130 [ 58.263689][ C0] ___sys_sendmsg+0xf3/0x170 [ 58.263691][ C0] ? sendmsg_copy_msghdr+0x160/0x160 [ 58.263693][ C0] ? lock_downgrade+0x820/0x820 [ 58.263695][ C0] ? lock_downgrade+0x820/0x820 [ 58.263697][ C0] ? __might_fault+0x190/0x1d0 [ 58.263699][ C0] ? _copy_to_user+0x126/0x160 [ 58.263701][ C0] ? move_addr_to_user+0xb5/0x200 [ 58.263702][ C0] ? __fget_light+0x215/0x280 [ 58.263704][ C0] __sys_sendmsg+0xe5/0x1b0 [ 58.263706][ C0] ? __sys_sendmsg_sock+0xb0/0xb0 [ 58.263708][ C0] ? do_syscall_64+0x1c/0xe0 [ 58.263710][ C0] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 58.263712][ C0] do_syscall_64+0x60/0xe0 [ 58.263714][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 58.263716][ C0] RIP: 0033:0x443ee9 [ 58.263717][ C0] Code: Bad RIP value. [ 58.263720][ C0] RSP: 002b:00007ffd15779988 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 58.263725][ C0] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000443ee9 [ 58.263728][ C0] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 58.263731][ C0] RBP: 00007ffd15779990 R08: 0000000000000000 R09: 0000000000000000 [ 58.263734][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000e2d6 [ 58.263737][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 58.266246][ C0] Kernel Offset: disabled