[ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Load/Save RF Kill Switch Status. [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.17' (ECDSA) to the list of known hosts. 2021/01/07 22:21:59 parsed 1 programs 2021/01/07 22:21:59 executed programs: 0 syzkaller login: [ 74.860341][ T8518] IPVS: ftp: loaded support on port[0] = 21 [ 75.074732][ T8518] chnl_net:caif_netlink_parms(): no params data found [ 75.133914][ T8518] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.143023][ T8518] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.152519][ T8518] device bridge_slave_0 entered promiscuous mode [ 75.162306][ T8518] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.171720][ T8518] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.180681][ T8518] device bridge_slave_1 entered promiscuous mode [ 75.202345][ T8518] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 75.214270][ T8518] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 75.239936][ T8518] team0: Port device team_slave_0 added [ 75.248417][ T8518] team0: Port device team_slave_1 added [ 75.267365][ T8518] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 75.275784][ T8518] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.301885][ T8518] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 75.315089][ T8518] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 75.322147][ T8518] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.348140][ T8518] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 75.378164][ T8518] device hsr_slave_0 entered promiscuous mode [ 75.385120][ T8518] device hsr_slave_1 entered promiscuous mode [ 75.495127][ T8518] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 75.507891][ T8518] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 75.518737][ T8518] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 75.528269][ T8518] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 75.559848][ T8518] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.567092][ T8518] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.575059][ T8518] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.582218][ T8518] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.634693][ T8518] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.650046][ T3205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 75.661749][ T3205] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.671497][ T3205] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.680016][ T3205] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 75.693934][ T8518] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.706888][ T3939] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 75.715386][ T3939] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.722554][ T3939] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.747605][ T3939] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 75.756041][ T3939] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.763239][ T3939] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.772922][ T3939] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 75.784576][ T3939] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 75.804942][ T8518] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 75.815999][ T8518] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 75.830393][ T3205] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 75.840854][ T3205] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 75.850644][ T3205] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 75.862612][ T3205] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 75.884734][ T8518] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.895245][ T3939] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 75.902877][ T3939] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 75.923532][ T3939] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 75.946670][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 75.955474][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 75.964640][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 75.976727][ T8518] device veth0_vlan entered promiscuous mode [ 75.989780][ T8518] device veth1_vlan entered promiscuous mode [ 76.013238][ T3205] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 76.021863][ T3205] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 76.032991][ T3205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 76.046818][ T8518] device veth0_macvtap entered promiscuous mode [ 76.058792][ T8518] device veth1_macvtap entered promiscuous mode [ 76.079020][ T8518] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.086587][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 76.095320][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 76.109482][ T8518] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.117457][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 76.126814][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 76.138770][ T8518] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.147697][ T8518] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.165399][ T8518] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.178282][ T8518] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.277813][ T8] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.285849][ T8] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.300108][ T3205] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 76.349015][ T24] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.358697][ T24] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.369040][ T3205] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 76.877929][ T3939] Bluetooth: hci0: command 0x0409 tx timeout 2021/01/07 22:22:04 executed programs: 19 [ 78.957343][ T3205] Bluetooth: hci0: command 0x041b tx timeout [ 81.036235][ T3205] Bluetooth: hci0: command 0x040f tx timeout [ 83.126037][ T3205] Bluetooth: hci0: command 0x0419 tx timeout 2021/01/07 22:22:09 executed programs: 57 2021/01/07 22:22:14 executed programs: 98 [ 91.300261][T10265] general protection fault, probably for non-canonical address 0xe000080fe8bc7325: 0000 [#1] PREEMPT SMP KASAN [ 91.312134][T10265] KASAN: probably user-memory-access in range [0x0000607f45e39928-0x0000607f45e3992f] [ 91.321706][T10265] CPU: 1 PID: 10265 Comm: syz-executor.0 Not tainted 5.11.0-rc2-syzkaller #0 [ 91.330451][T10265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 91.340516][T10265] RIP: 0010:j1939_priv_get_by_ndev_locked+0xff/0x220 [ 91.347235][T10265] Code: a0 05 00 00 48 85 db 0f 84 a8 00 00 00 e8 79 5a 95 f9 48 8d bb 28 60 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 01 01 00 00 4c 8b a3 28 60 00 00 4d 85 e4 74 75 [ 91.367007][T10265] RSP: 0018:ffffc9000a4efc68 EFLAGS: 00010202 [ 91.373078][T10265] RAX: dffffc0000000000 RBX: 0000607f45e33900 RCX: 0000000000000000 [ 91.381050][T10265] RDX: 00000c0fe8bc7325 RSI: ffffffff87dd1b27 RDI: 0000607f45e39928 [ 91.389004][T10265] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000118 [ 91.396970][T10265] R10: ffffffff87dd1adf R11: 0000000000000118 R12: 0000000000000118 [ 91.404947][T10265] R13: ffffffff8cb5a8c0 R14: 0000000000000000 R15: ffffffff8cb23cc0 [ 91.412908][T10265] FS: 00007fe946478700(0000) GS:ffff8880b9f00000(0000) knlGS:0000000000000000 [ 91.421843][T10265] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.428422][T10265] CR2: 0000000000400030 CR3: 0000000011e7c000 CR4: 00000000001506e0 [ 91.436377][T10265] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 91.444335][T10265] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 91.455680][T10265] Call Trace: [ 91.458957][T10265] j1939_netdev_notify+0x41/0x1a0 [ 91.464666][T10265] notifier_call_chain+0xb5/0x200 [ 91.469701][T10265] call_netdevice_notifiers_info+0xb5/0x130 [ 91.475592][T10265] call_netdevice_notifiers+0x79/0xa0 [ 91.480974][T10265] ? call_netdevice_notifiers_info+0x130/0x130 [ 91.487124][T10265] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 91.493016][T10265] __tun_chr_ioctl.isra.0+0x3702/0x4370 [ 91.498559][T10265] ? lock_downgrade+0x6d0/0x6d0 [ 91.503415][T10265] ? tun_chr_read_iter+0x250/0x250 [ 91.508686][T10265] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 91.514944][T10265] ? __tun_chr_ioctl.isra.0+0x4370/0x4370 [ 91.520662][T10265] __x64_sys_ioctl+0x193/0x200 [ 91.525411][T10265] do_syscall_64+0x2d/0x70 [ 91.529821][T10265] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 91.535696][T10265] RIP: 0033:0x45e219 [ 91.539830][T10265] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 91.559420][T10265] RSP: 002b:00007fe946477c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 91.567820][T10265] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045e219 [ 91.575772][T10265] RDX: 0000000000000118 RSI: 00000000400454cd RDI: 0000000000000003 [ 91.583739][T10265] RBP: 000000000119bfc0 R08: 0000000000000000 R09: 0000000000000000 [ 91.591700][T10265] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000119bf8c [ 91.599651][T10265] R13: 00007ffee8445a7f R14: 00007fe9464789c0 R15: 000000000119bf8c [ 91.607610][T10265] Modules linked in: [ 91.612025][T10265] ---[ end trace 55a6ff65801f0067 ]--- [ 91.617515][T10265] RIP: 0010:j1939_priv_get_by_ndev_locked+0xff/0x220 [ 91.624222][T10265] Code: a0 05 00 00 48 85 db 0f 84 a8 00 00 00 e8 79 5a 95 f9 48 8d bb 28 60 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 01 01 00 00 4c 8b a3 28 60 00 00 4d 85 e4 74 75 [ 91.643880][T10265] RSP: 0018:ffffc9000a4efc68 EFLAGS: 00010202 [ 91.650004][T10265] RAX: dffffc0000000000 RBX: 0000607f45e33900 RCX: 0000000000000000 [ 91.658005][T10265] RDX: 00000c0fe8bc7325 RSI: ffffffff87dd1b27 RDI: 0000607f45e39928 [ 91.666013][T10265] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000118 [ 91.673982][T10265] R10: ffffffff87dd1adf R11: 0000000000000118 R12: 0000000000000118 [ 91.681969][T10265] R13: ffffffff8cb5a8c0 R14: 0000000000000000 R15: ffffffff8cb23cc0 [ 91.690005][T10265] FS: 00007fe946478700(0000) GS:ffff8880b9f00000(0000) knlGS:0000000000000000 [ 91.698989][T10265] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.705625][T10265] CR2: 0000000000400030 CR3: 0000000011e7c000 CR4: 00000000001506e0 [ 91.713682][T10265] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 91.721695][T10265] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 91.729734][T10265] Kernel panic - not syncing: Fatal exception [ 91.736351][T10265] Kernel Offset: disabled [ 91.740679][T10265] Rebooting in 86400 seconds..