Warning: Permanently added '10.128.0.124' (ECDSA) to the list of known hosts. syzkaller login: [ 66.035206][ T8477] IPVS: ftp: loaded support on port[0] = 21 [ 66.120765][ T8477] chnl_net:caif_netlink_parms(): no params data found [ 66.177326][ T8477] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.187239][ T8477] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.196857][ T8477] device bridge_slave_0 entered promiscuous mode [ 66.206923][ T8477] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.214771][ T8477] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.223496][ T8477] device bridge_slave_1 entered promiscuous mode [ 66.244774][ T8477] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.256007][ T8477] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.279480][ T8477] team0: Port device team_slave_0 added [ 66.287073][ T8477] team0: Port device team_slave_1 added [ 66.304743][ T8477] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 66.311704][ T8477] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.337682][ T8477] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 66.351707][ T8477] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 66.358744][ T8477] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.384700][ T8477] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 66.412937][ T8477] device hsr_slave_0 entered promiscuous mode [ 66.419655][ T8477] device hsr_slave_1 entered promiscuous mode [ 66.520803][ T8477] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 66.531593][ T8477] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 66.542120][ T8477] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 66.552261][ T8477] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 66.577142][ T8477] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.584343][ T8477] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.593350][ T8477] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.600457][ T8477] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.647283][ T8477] 8021q: adding VLAN 0 to HW filter on device bond0 [ 66.661274][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 66.674508][ T5] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.683535][ T5] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.691299][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 66.707489][ T8477] 8021q: adding VLAN 0 to HW filter on device team0 [ 66.720982][ T2998] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 66.730749][ T2998] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.739153][ T2998] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.763748][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 66.773105][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.780139][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.789606][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 66.798643][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 66.814065][ T8477] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 66.825423][ T8477] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 66.838851][ T3189] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 66.847105][ T3189] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 66.856398][ T3189] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 66.867700][ T3189] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 66.885527][ T2998] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 66.893560][ T2998] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 66.909841][ T8477] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.930552][ T3189] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 66.950852][ T2998] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 66.959507][ T2998] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 66.968236][ T2998] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 66.978610][ T8477] device veth0_vlan entered promiscuous mode [ 66.991830][ T8477] device veth1_vlan entered promiscuous mode [ 67.015094][ T3189] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 67.024532][ T3189] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 67.034007][ T3189] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 67.046420][ T8477] device veth0_macvtap entered promiscuous mode [ 67.058555][ T8477] device veth1_macvtap entered promiscuous mode [ 67.078035][ T8477] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.085687][ T3189] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 67.095781][ T3189] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 67.107844][ T8477] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.116171][ T3189] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready executing program [ 67.125061][ T3189] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 67.137557][ T8477] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.147922][ T8477] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.156727][ T8477] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.166020][ T8477] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.208683][ T8477] ------------[ cut here ]------------ [ 67.214406][ T8477] WARNING: CPU: 0 PID: 8477 at net/sched/sch_taprio.c:998 taprio_change+0x1ed0/0x2d40 [ 67.223992][ T8477] Modules linked in: [ 67.227929][ T8477] CPU: 0 PID: 8477 Comm: syz-executor199 Not tainted 5.10.0-rc1-syzkaller #0 [ 67.236770][ T8477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.246964][ T8477] RIP: 0010:taprio_change+0x1ed0/0x2d40 [ 67.252687][ T8477] Code: 8b 44 24 18 41 bf ea ff ff ff 48 c7 00 40 f2 47 8a e8 34 f7 4c fa 48 8b 7c 24 08 e8 7a a0 c3 01 e9 0a eb ff ff e8 20 f7 4c fa <0f> 0b 48 83 7c 24 18 00 74 2e e8 11 f7 4c fa 48 8b 54 24 18 48 b8 [ 67.272386][ T8477] RSP: 0018:ffffc900015df2b8 EFLAGS: 00010293 [ 67.278475][ T8477] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff87230b30 [ 67.286506][ T8477] RDX: ffff888021259a40 RSI: ffffffff87230fe0 RDI: 0000000000000007 [ 67.295522][ T8477] RBP: 164395843bba6b6e R08: 0000000000000001 R09: ffffffff8ebad72f [ 67.303561][ T8477] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 67.311540][ T8477] R13: 0000000000000000 R14: 0000000000000002 R15: 0000000000000000 [ 67.319585][ T8477] FS: 000000000101d880(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000 [ 67.328595][ T8477] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 67.335244][ T8477] CR2: 0000000020000600 CR3: 000000001c9b4000 CR4: 00000000001506f0 [ 67.343403][ T8477] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 67.351383][ T8477] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 67.359452][ T8477] Call Trace: [ 67.363283][ T8477] ? lockdep_init_map_waits+0x26a/0x720 [ 67.368823][ T8477] ? fifo_init+0x342/0x6c0 [ 67.373331][ T8477] ? taprio_peek_soft+0x5e0/0x5e0 [ 67.378496][ T8477] ? fifo_create_dflt+0xe0/0xe0 [ 67.383529][ T8477] ? mutex_is_locked+0xe/0x40 [ 67.388217][ T8477] ? rtnl_is_locked+0x11/0x20 [ 67.392979][ T8477] ? qdisc_hash_add+0x21d/0x330 [ 67.397852][ T8477] taprio_init+0x52e/0x670 [ 67.402357][ T8477] ? taprio_change+0x2d40/0x2d40 [ 67.407297][ T8477] qdisc_create+0x4ba/0x1270 [ 67.411967][ T8477] ? tc_get_qdisc+0xad0/0xad0 [ 67.416650][ T8477] ? __nla_parse+0x3d/0x50 [ 67.421421][ T8477] tc_modify_qdisc+0x4c8/0x1990 [ 67.426347][ T8477] ? rtnetlink_rcv_msg+0x3f9/0xad0 [ 67.431464][ T8477] ? qdisc_create+0x1270/0x1270 [ 67.436425][ T8477] ? qdisc_create+0x1270/0x1270 [ 67.441276][ T8477] rtnetlink_rcv_msg+0x44e/0xad0 [ 67.446277][ T8477] ? rtnetlink_put_metrics+0x510/0x510 [ 67.451740][ T8477] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 67.457102][ T8477] netlink_rcv_skb+0x153/0x420 [ 67.461956][ T8477] ? rtnetlink_put_metrics+0x510/0x510 [ 67.467500][ T8477] ? netlink_ack+0xaa0/0xaa0 [ 67.472149][ T8477] ? netlink_deliver_tap+0x227/0xb70 [ 67.477449][ T8477] netlink_unicast+0x533/0x7d0 [ 67.482283][ T8477] ? netlink_attachskb+0x810/0x810 [ 67.487417][ T8477] ? __phys_addr_symbol+0x2c/0x70 [ 67.492530][ T8477] ? __check_object_size+0x171/0x3f0 [ 67.497866][ T8477] netlink_sendmsg+0x856/0xd90 [ 67.502703][ T8477] ? netlink_unicast+0x7d0/0x7d0 [ 67.507661][ T8477] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 67.513023][ T8477] ? netlink_unicast+0x7d0/0x7d0 [ 67.517958][ T8477] sock_sendmsg+0xcf/0x120 [ 67.522461][ T8477] ____sys_sendmsg+0x6e8/0x810 [ 67.527220][ T8477] ? kernel_sendmsg+0x50/0x50 [ 67.531972][ T8477] ? do_recvmmsg+0x6c0/0x6c0 [ 67.536571][ T8477] ? fs_reclaim_release+0x90/0xd0 [ 67.541594][ T8477] ___sys_sendmsg+0xf3/0x170 [ 67.546245][ T8477] ? sendmsg_copy_msghdr+0x160/0x160 [ 67.551536][ T8477] ? lockdep_init_map_waits+0x26a/0x720 [ 67.557162][ T8477] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 67.563243][ T8477] ? percpu_counter_add_batch+0xbd/0x180 [ 67.568873][ T8477] ? find_held_lock+0x2d/0x110 [ 67.573693][ T8477] ? __fd_install+0x1b4/0x600 [ 67.578373][ T8477] ? lock_downgrade+0x6d0/0x6d0 [ 67.583278][ T8477] ? __fget_light+0x215/0x280 [ 67.587962][ T8477] __sys_sendmsg+0xe5/0x1b0 [ 67.592545][ T8477] ? __sys_sendmsg_sock+0xb0/0xb0 [ 67.597580][ T8477] ? syscall_enter_from_user_mode+0x1d/0x50 [ 67.603534][ T8477] do_syscall_64+0x2d/0x70 [ 67.607955][ T8477] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 67.613901][ T8477] RIP: 0033:0x443999 [ 67.617838][ T8477] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 0d fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 67.637594][ T8477] RSP: 002b:00007ffd2e7df178 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 67.646108][ T8477] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000443999 [ 67.654172][ T8477] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000004 [ 67.662244][ T8477] RBP: 00007ffd2e7df180 R08: 0000000001bbbbbb R09: 0000000001bbbbbb [ 67.670226][ T8477] R10: 0000000001bbbbbb R11: 0000000000000246 R12: 00007ffd2e7df190 [ 67.678252][ T8477] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 67.686324][ T8477] Kernel panic - not syncing: panic_on_warn set ... [ 67.692919][ T8477] CPU: 0 PID: 8477 Comm: syz-executor199 Not tainted 5.10.0-rc1-syzkaller #0 [ 67.701679][ T8477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.711718][ T8477] Call Trace: [ 67.714998][ T8477] dump_stack+0x107/0x163 [ 67.719313][ T8477] panic+0x306/0x73d [ 67.723191][ T8477] ? __warn_printk+0xf3/0xf3 [ 67.727767][ T8477] ? __warn.cold+0x1d/0xbb [ 67.732161][ T8477] ? __warn.cold+0x14/0xbb [ 67.736558][ T8477] ? taprio_change+0x1ed0/0x2d40 [ 67.741515][ T8477] __warn.cold+0x38/0xbb [ 67.745741][ T8477] ? taprio_change+0x1ed0/0x2d40 [ 67.750659][ T8477] report_bug+0x1bd/0x210 [ 67.755057][ T8477] handle_bug+0x3c/0x60 [ 67.759285][ T8477] exc_invalid_op+0x14/0x40 [ 67.763770][ T8477] asm_exc_invalid_op+0x12/0x20 [ 67.768700][ T8477] RIP: 0010:taprio_change+0x1ed0/0x2d40 [ 67.774224][ T8477] Code: 8b 44 24 18 41 bf ea ff ff ff 48 c7 00 40 f2 47 8a e8 34 f7 4c fa 48 8b 7c 24 08 e8 7a a0 c3 01 e9 0a eb ff ff e8 20 f7 4c fa <0f> 0b 48 83 7c 24 18 00 74 2e e8 11 f7 4c fa 48 8b 54 24 18 48 b8 [ 67.794511][ T8477] RSP: 0018:ffffc900015df2b8 EFLAGS: 00010293 [ 67.800560][ T8477] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff87230b30 [ 67.808510][ T8477] RDX: ffff888021259a40 RSI: ffffffff87230fe0 RDI: 0000000000000007 [ 67.817425][ T8477] RBP: 164395843bba6b6e R08: 0000000000000001 R09: ffffffff8ebad72f [ 67.825375][ T8477] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 67.834279][ T8477] R13: 0000000000000000 R14: 0000000000000002 R15: 0000000000000000 [ 67.842415][ T8477] ? taprio_change+0x1a20/0x2d40 [ 67.847344][ T8477] ? taprio_change+0x1ed0/0x2d40 [ 67.852272][ T8477] ? taprio_change+0x1ed0/0x2d40 [ 67.857205][ T8477] ? lockdep_init_map_waits+0x26a/0x720 [ 67.862739][ T8477] ? fifo_init+0x342/0x6c0 [ 67.867416][ T8477] ? taprio_peek_soft+0x5e0/0x5e0 [ 67.872426][ T8477] ? fifo_create_dflt+0xe0/0xe0 [ 67.877303][ T8477] ? mutex_is_locked+0xe/0x40 [ 67.881969][ T8477] ? rtnl_is_locked+0x11/0x20 [ 67.886637][ T8477] ? qdisc_hash_add+0x21d/0x330 [ 67.891482][ T8477] taprio_init+0x52e/0x670 [ 67.895889][ T8477] ? taprio_change+0x2d40/0x2d40 [ 67.900806][ T8477] qdisc_create+0x4ba/0x1270 [ 67.906007][ T8477] ? tc_get_qdisc+0xad0/0xad0 [ 67.910665][ T8477] ? __nla_parse+0x3d/0x50 [ 67.915066][ T8477] tc_modify_qdisc+0x4c8/0x1990 [ 67.919912][ T8477] ? rtnetlink_rcv_msg+0x3f9/0xad0 [ 67.925003][ T8477] ? qdisc_create+0x1270/0x1270 [ 67.929849][ T8477] ? qdisc_create+0x1270/0x1270 [ 67.934697][ T8477] rtnetlink_rcv_msg+0x44e/0xad0 [ 67.939627][ T8477] ? rtnetlink_put_metrics+0x510/0x510 [ 67.945552][ T8477] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 67.950852][ T8477] netlink_rcv_skb+0x153/0x420 [ 67.955610][ T8477] ? rtnetlink_put_metrics+0x510/0x510 [ 67.961056][ T8477] ? netlink_ack+0xaa0/0xaa0 [ 67.965801][ T8477] ? netlink_deliver_tap+0x227/0xb70 [ 67.971129][ T8477] netlink_unicast+0x533/0x7d0 [ 67.975878][ T8477] ? netlink_attachskb+0x810/0x810 [ 67.981019][ T8477] ? __phys_addr_symbol+0x2c/0x70 [ 67.986078][ T8477] ? __check_object_size+0x171/0x3f0 [ 67.991342][ T8477] netlink_sendmsg+0x856/0xd90 [ 67.996089][ T8477] ? netlink_unicast+0x7d0/0x7d0 [ 68.001013][ T8477] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 68.006343][ T8477] ? netlink_unicast+0x7d0/0x7d0 [ 68.011283][ T8477] sock_sendmsg+0xcf/0x120 [ 68.015742][ T8477] ____sys_sendmsg+0x6e8/0x810 [ 68.020499][ T8477] ? kernel_sendmsg+0x50/0x50 [ 68.025153][ T8477] ? do_recvmmsg+0x6c0/0x6c0 [ 68.029722][ T8477] ? fs_reclaim_release+0x90/0xd0 [ 68.034739][ T8477] ___sys_sendmsg+0xf3/0x170 [ 68.039315][ T8477] ? sendmsg_copy_msghdr+0x160/0x160 [ 68.044583][ T8477] ? lockdep_init_map_waits+0x26a/0x720 [ 68.050125][ T8477] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 68.056172][ T8477] ? percpu_counter_add_batch+0xbd/0x180 [ 68.061800][ T8477] ? find_held_lock+0x2d/0x110 [ 68.066546][ T8477] ? __fd_install+0x1b4/0x600 [ 68.071198][ T8477] ? lock_downgrade+0x6d0/0x6d0 [ 68.076026][ T8477] ? __fget_light+0x215/0x280 [ 68.080681][ T8477] __sys_sendmsg+0xe5/0x1b0 [ 68.085163][ T8477] ? __sys_sendmsg_sock+0xb0/0xb0 [ 68.090174][ T8477] ? syscall_enter_from_user_mode+0x1d/0x50 [ 68.096078][ T8477] do_syscall_64+0x2d/0x70 [ 68.100479][ T8477] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 68.106362][ T8477] RIP: 0033:0x443999 [ 68.110248][ T8477] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 0d fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 68.130267][ T8477] RSP: 002b:00007ffd2e7df178 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 68.138765][ T8477] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000443999 [ 68.146736][ T8477] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000004 [ 68.154685][ T8477] RBP: 00007ffd2e7df180 R08: 0000000001bbbbbb R09: 0000000001bbbbbb [ 68.162647][ T8477] R10: 0000000001bbbbbb R11: 0000000000000246 R12: 00007ffd2e7df190 [ 68.170595][ T8477] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 68.179577][ T8477] Kernel Offset: disabled [ 68.183997][ T8477] Rebooting in 86400 seconds..