Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.230' (ECDSA) to the list of known hosts. 2021/05/03 15:54:07 fuzzer started 2021/05/03 15:54:07 connecting to host at 10.128.0.169:43415 2021/05/03 15:54:07 checking machine... 2021/05/03 15:54:07 checking revisions... 2021/05/03 15:54:07 testing simple program... syzkaller login: [ 79.066674][ T8468] chnl_net:caif_netlink_parms(): no params data found [ 79.128810][ T8468] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.139925][ T8468] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.156224][ T8468] device bridge_slave_0 entered promiscuous mode [ 79.167425][ T8468] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.179562][ T8468] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.191967][ T8468] device bridge_slave_1 entered promiscuous mode [ 79.219171][ T8468] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.236252][ T8468] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.265074][ T8468] team0: Port device team_slave_0 added [ 79.278826][ T8468] team0: Port device team_slave_1 added [ 79.301842][ T8468] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.312331][ T8468] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.354656][ T8468] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.371485][ T8468] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.379755][ T8468] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.416188][ T8468] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.446761][ T8468] device hsr_slave_0 entered promiscuous mode [ 79.455292][ T8468] device hsr_slave_1 entered promiscuous mode [ 79.577782][ T8468] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 79.592744][ T8468] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 79.607808][ T8468] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 79.619850][ T8468] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 79.649540][ T8468] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.657375][ T8468] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.666219][ T8468] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.675069][ T8468] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.730291][ T8468] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.746639][ T4873] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 79.758998][ T4873] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.769558][ T4873] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.780320][ T4873] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 79.797150][ T8468] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.809938][ T3163] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 79.820647][ T3163] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.828565][ T3163] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.840953][ T3163] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 79.850880][ T3163] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.858774][ T3163] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.897143][ T3163] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 79.907346][ T3163] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 79.919715][ T3163] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 79.931012][ T3163] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 79.947087][ T8468] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 79.961044][ T3163] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 79.984350][ T8690] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 79.994551][ T8690] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 80.010390][ T8468] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.032249][ T4873] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 80.061449][ T8690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 80.074971][ T8690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 80.088834][ T8468] device veth0_vlan entered promiscuous mode [ 80.100455][ T3163] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 80.112298][ T3163] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 80.137982][ T8468] device veth1_vlan entered promiscuous mode [ 80.163239][ T4873] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 80.175185][ T4873] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 80.186537][ T4873] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 80.199205][ T4873] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready executing program [ 80.212478][ T8468] device veth0_macvtap entered promiscuous mode [ 80.228607][ T8468] device veth1_macvtap entered promiscuous mode [ 80.251676][ T8468] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.266338][ T3163] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 80.276488][ T3163] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 80.287123][ T3163] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 80.297506][ T3163] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 80.313537][ T8468] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.322684][ T8690] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 80.332791][ T8690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 80.348427][ T8468] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.358483][ T8468] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.374009][ T8468] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.387730][ T8468] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.494557][ T8426] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.525454][ T8426] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.549860][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.552580][ T8690] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 80.574096][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.588059][ T4873] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 2021/05/03 15:54:10 building call list... [ 81.307722][ T49] ------------[ cut here ]------------ [ 81.316364][ T49] hook not found, pf 3 num 0 [ 81.317000][ T49] WARNING: CPU: 1 PID: 49 at net/netfilter/core.c:480 __nf_unregister_net_hook+0x1eb/0x610 [ 81.337201][ T49] Modules linked in: [ 81.341644][ T49] CPU: 1 PID: 49 Comm: kworker/u4:2 Not tainted 5.12.0-next-20210503-syzkaller #0 [ 81.355294][ T49] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 81.368588][ T49] Workqueue: netns cleanup_net [ 81.374958][ T49] RIP: 0010:__nf_unregister_net_hook+0x1eb/0x610 [ 81.383182][ T49] Code: 0f b6 14 02 48 89 c8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 11 04 00 00 8b 53 1c 89 ee 48 c7 c7 c0 4d 6e 8a e8 18 71 8a 01 <0f> 0b e9 e5 00 00 00 e8 c9 d2 2c fa 44 8b 3c 24 4c 89 f8 48 c1 e0 [ 81.411750][ T49] RSP: 0018:ffffc90000f0fbc0 EFLAGS: 00010286 [ 81.421116][ T49] RAX: 0000000000000000 RBX: ffff8881448d3a00 RCX: 0000000000000000 [ 81.431947][ T49] RDX: ffff888012715580 RSI: ffffffff815cc9f5 RDI: fffff520001e1f6a [ 81.443328][ T49] RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000000 [ 81.454970][ T49] R10: ffffffff815c685e R11: 0000000000000000 R12: ffff88801a740f20 [ 81.465083][ T49] R13: 0000000000000000 R14: ffff88801a16d280 R15: 0000000000000001 [ 81.477869][ T49] FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 [ 81.490399][ T49] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.499983][ T49] CR2: 00007fef765c8000 CR3: 000000001e97a000 CR4: 00000000001506e0 [ 81.511803][ T49] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 81.521628][ T49] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 81.532667][ T49] Call Trace: [ 81.537318][ T49] nf_unregister_net_hooks+0x117/0x160 [ 81.543390][ T49] arpt_unregister_table_pre_exit+0x67/0x80 [ 81.552857][ T49] ? arptable_filter_net_exit+0x20/0x20 [ 81.561815][ T49] cleanup_net+0x451/0xb10 [ 81.569252][ T49] ? ops_free_list.part.0+0x3d0/0x3d0 [ 81.576883][ T49] process_one_work+0x98d/0x1600 [ 81.582335][ T49] ? pwq_dec_nr_in_flight+0x320/0x320 [ 81.590777][ T49] ? rwlock_bug.part.0+0x90/0x90 [ 81.599589][ T49] ? _raw_spin_lock_irq+0x41/0x50 [ 81.606586][ T49] worker_thread+0x64c/0x1120 [ 81.612557][ T49] ? __kthread_parkme+0x13f/0x1e0 [ 81.619921][ T49] ? process_one_work+0x1600/0x1600 [ 81.627811][ T49] kthread+0x3b1/0x4a0 [ 81.632742][ T49] ? __kthread_bind_mask+0xc0/0xc0 [ 81.640522][ T49] ret_from_fork+0x1f/0x30 [ 81.646295][ T49] Kernel panic - not syncing: panic_on_warn set ... [ 81.653345][ T49] CPU: 1 PID: 49 Comm: kworker/u4:2 Not tainted 5.12.0-next-20210503-syzkaller #0 [ 81.663849][ T49] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 81.676650][ T49] Workqueue: netns cleanup_net [ 81.681676][ T49] Call Trace: [ 81.685052][ T49] dump_stack+0x141/0x1d7 [ 81.689778][ T49] panic+0x306/0x73d [ 81.694412][ T49] ? __warn_printk+0xf3/0xf3 [ 81.700412][ T49] ? __warn.cold+0x1a/0x44 [ 81.705484][ T49] ? __nf_unregister_net_hook+0x1eb/0x610 [ 81.712009][ T49] __warn.cold+0x35/0x44 [ 81.716427][ T49] ? __nf_unregister_net_hook+0x1eb/0x610 [ 81.722541][ T49] report_bug+0x1bd/0x210 [ 81.727172][ T49] handle_bug+0x3c/0x60 [ 81.731420][ T49] exc_invalid_op+0x14/0x40 [ 81.736225][ T49] asm_exc_invalid_op+0x12/0x20 [ 81.741578][ T49] RIP: 0010:__nf_unregister_net_hook+0x1eb/0x610 [ 81.748177][ T49] Code: 0f b6 14 02 48 89 c8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 11 04 00 00 8b 53 1c 89 ee 48 c7 c7 c0 4d 6e 8a e8 18 71 8a 01 <0f> 0b e9 e5 00 00 00 e8 c9 d2 2c fa 44 8b 3c 24 4c 89 f8 48 c1 e0 [ 81.770390][ T49] RSP: 0018:ffffc90000f0fbc0 EFLAGS: 00010286 [ 81.776727][ T49] RAX: 0000000000000000 RBX: ffff8881448d3a00 RCX: 0000000000000000 [ 81.785608][ T49] RDX: ffff888012715580 RSI: ffffffff815cc9f5 RDI: fffff520001e1f6a [ 81.794333][ T49] RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000000 [ 81.802753][ T49] R10: ffffffff815c685e R11: 0000000000000000 R12: ffff88801a740f20 [ 81.811606][ T49] R13: 0000000000000000 R14: ffff88801a16d280 R15: 0000000000000001 [ 81.820156][ T49] ? wake_up_klogd.part.0+0x8e/0xd0 [ 81.825814][ T49] ? vprintk+0x95/0x260 [ 81.830626][ T49] nf_unregister_net_hooks+0x117/0x160 [ 81.836219][ T49] arpt_unregister_table_pre_exit+0x67/0x80 [ 81.842399][ T49] ? arptable_filter_net_exit+0x20/0x20 [ 81.848274][ T49] cleanup_net+0x451/0xb10 [ 81.853321][ T49] ? ops_free_list.part.0+0x3d0/0x3d0 [ 81.859146][ T49] process_one_work+0x98d/0x1600 [ 81.864285][ T49] ? pwq_dec_nr_in_flight+0x320/0x320 [ 81.870633][ T49] ? rwlock_bug.part.0+0x90/0x90 [ 81.875931][ T49] ? _raw_spin_lock_irq+0x41/0x50 [ 81.881707][ T49] worker_thread+0x64c/0x1120 [ 81.887028][ T49] ? __kthread_parkme+0x13f/0x1e0 [ 81.892673][ T49] ? process_one_work+0x1600/0x1600 [ 81.898584][ T49] kthread+0x3b1/0x4a0 [ 81.903120][ T49] ? __kthread_bind_mask+0xc0/0xc0 [ 81.908822][ T49] ret_from_fork+0x1f/0x30 [ 81.916280][ T49] Kernel Offset: disabled [ 81.921319][ T49] Rebooting in 86400 seconds..