[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.37' (ECDSA) to the list of known hosts.
2020/08/31 12:19:11 parsed 1 programs
2020/08/31 12:19:11 executed programs: 0
syzkaller login: [  147.997360][ T6860] IPVS: ftp: loaded support on port[0] = 21
[  148.129040][ T6860] chnl_net:caif_netlink_parms(): no params data found
[  148.185712][ T6860] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.194358][ T6860] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.203646][ T6860] device bridge_slave_0 entered promiscuous mode
[  148.212966][ T6860] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.220725][ T6860] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.229342][ T6860] device bridge_slave_1 entered promiscuous mode
[  148.250678][ T6860] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  148.261743][ T6860] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  148.285342][ T6860] team0: Port device team_slave_0 added
[  148.292900][ T6860] team0: Port device team_slave_1 added
[  148.311426][ T6860] batman_adv: batadv0: Adding interface: batadv_slave_0
[  148.318485][ T6860] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  148.346142][ T6860] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  148.359098][ T6860] batman_adv: batadv0: Adding interface: batadv_slave_1
[  148.366077][ T6860] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  148.392959][ T6860] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  148.421431][ T6860] device hsr_slave_0 entered promiscuous mode
[  148.428281][ T6860] device hsr_slave_1 entered promiscuous mode
[  148.529887][ T6860] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  148.540099][ T6860] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  148.550617][ T6860] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  148.560916][ T6860] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  148.586977][ T6860] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.594124][ T6860] bridge0: port 2(bridge_slave_1) entered forwarding state
[  148.602982][ T6860] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.610138][ T6860] bridge0: port 1(bridge_slave_0) entered forwarding state
[  148.658871][ T6860] 8021q: adding VLAN 0 to HW filter on device bond0
[  148.672513][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  148.682854][   T17] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.691694][   T17] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.700963][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  148.714409][ T6860] 8021q: adding VLAN 0 to HW filter on device team0
[  148.727971][ T2465] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  148.739041][ T2465] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.746206][ T2465] bridge0: port 1(bridge_slave_0) entered forwarding state
[  148.768683][ T7070] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  148.778768][ T7070] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.785833][ T7070] bridge0: port 2(bridge_slave_1) entered forwarding state
[  148.794544][ T7070] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  148.815207][ T6860] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  148.826841][ T6860] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  148.841231][ T2465] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  148.849838][ T2465] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  148.858502][ T2465] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  148.867498][ T2465] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  148.887761][ T2465] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  148.895219][ T2465] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  148.902784][ T2465] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  148.916846][ T6860] 8021q: adding VLAN 0 to HW filter on device batadv0
[  148.937158][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  148.957143][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  148.965475][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  148.973960][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  148.985160][ T6860] device veth0_vlan entered promiscuous mode
[  148.997626][ T6860] device veth1_vlan entered promiscuous mode
[  149.020418][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  149.029327][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  149.037991][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  149.048718][ T6860] device veth0_macvtap entered promiscuous mode
[  149.060231][ T6860] device veth1_macvtap entered promiscuous mode
[  149.080126][ T6860] batman_adv: batadv0: Interface activated: batadv_slave_0
[  149.089499][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  149.100205][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  149.114116][ T6860] batman_adv: batadv0: Interface activated: batadv_slave_1
[  149.121611][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  149.131279][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  149.143833][ T6860] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  149.152839][ T6860] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  149.162323][ T6860] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  149.171752][ T6860] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  149.967785][ T2465] Bluetooth: hci0: command 0x0409 tx timeout
2020/08/31 12:19:16 executed programs: 74
[  152.037116][    T5] Bluetooth: hci0: command 0x041b tx timeout
[  154.126839][    T5] Bluetooth: hci0: command 0x040f tx timeout
[  156.196553][    T5] Bluetooth: hci0: command 0x0419 tx timeout
2020/08/31 12:19:21 executed programs: 217
2020/08/31 12:19:26 executed programs: 367
2020/08/31 12:19:31 executed programs: 515
2020/08/31 12:19:36 executed programs: 659
2020/08/31 12:19:41 executed programs: 807
2020/08/31 12:19:46 executed programs: 950
[  184.870817][T10825] list_del corruption, ffff88809e913010->prev is LIST_POISON2 (dead000000000122)
[  184.880517][T10825] ------------[ cut here ]------------
[  184.885963][T10825] kernel BUG at lib/list_debug.c:48!
[  184.891497][T10825] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  184.897600][T10825] CPU: 0 PID: 10825 Comm: syz-executor.0 Not tainted 5.9.0-rc2-syzkaller #0
[  184.906284][T10825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  184.916341][T10825] RIP: 0010:__list_del_entry_valid.cold+0x37/0x55
[  184.922729][T10825] Code: be fd 0f 0b 4c 89 ea 48 89 ee 48 c7 c7 c0 1b 94 88 e8 d1 94 be fd 0f 0b 4c 89 e2 48 89 ee 48 c7 c7 20 1c 94 88 e8 bd 94 be fd <0f> 0b 48 89 ee 48 c7 c7 e0 1c 94 88 e8 ac 94 be fd 0f 0b cc cc cc
[  184.942311][T10825] RSP: 0018:ffffc90005ab7e10 EFLAGS: 00010286
[  184.948363][T10825] RAX: 000000000000004e RBX: ffff88809b393000 RCX: 0000000000000000
[  184.956309][T10825] RDX: ffff88809e148040 RSI: ffffffff815db9a7 RDI: fffff52000b56fb4
[  184.964255][T10825] RBP: ffff88809e913010 R08: 000000000000004e R09: ffff8880ae6318e7
[  184.972199][T10825] R10: 0000000000000000 R11: 000000000009f588 R12: dead000000000122
[  184.980159][T10825] R13: ffff88809b3930a0 R14: ffff88809e913010 R15: ffff88809e913018
[  184.988430][T10825] FS:  00007f54d5d01700(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000
[  184.997335][T10825] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  185.004151][T10825] CR2: 00005598341f9160 CR3: 0000000097142000 CR4: 00000000001506f0
[  185.012114][T10825] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  185.020081][T10825] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  185.028023][T10825] Call Trace:
[  185.031321][T10825]  mousedev_release+0x7d/0x1f0
[  185.036059][T10825]  __fput+0x285/0x920
[  185.040028][T10825]  ? mousedev_create+0xb20/0xb20
[  185.045814][T10825]  task_work_run+0xdd/0x190
[  185.050299][T10825]  exit_to_user_mode_prepare+0x1e1/0x200
[  185.055924][T10825]  syscall_exit_to_user_mode+0x7e/0x2e0
[  185.061885][T10825]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  185.067749][T10825] RIP: 0033:0x45d5b9
[  185.071619][T10825] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  185.091206][T10825] RSP: 002b:00007f54d5d00c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  185.099638][T10825] RAX: 0000000000000000 RBX: 0000000000002ac0 RCX: 000000000045d5b9
[  185.107592][T10825] RDX: 0000000000000004 RSI: 0000000000000001 RDI: 0000000000000005
[  185.115807][T10825] RBP: 000000000118cf88 R08: 0000000000000000 R09: 0000000000000000
[  185.123764][T10825] R10: 0000000020000040 R11: 0000000000000246 R12: 000000000118cf4c
[  185.131890][T10825] R13: 000000000169fb6f R14: 00007f54d5d019c0 R15: 000000000118cf4c
[  185.139852][T10825] Modules linked in:
[  185.143847][T10825] ---[ end trace fc4d147e5b09d611 ]---
[  185.149496][T10825] RIP: 0010:__list_del_entry_valid.cold+0x37/0x55
[  185.155902][T10825] Code: be fd 0f 0b 4c 89 ea 48 89 ee 48 c7 c7 c0 1b 94 88 e8 d1 94 be fd 0f 0b 4c 89 e2 48 89 ee 48 c7 c7 20 1c 94 88 e8 bd 94 be fd <0f> 0b 48 89 ee 48 c7 c7 e0 1c 94 88 e8 ac 94 be fd 0f 0b cc cc cc
[  185.175556][T10825] RSP: 0018:ffffc90005ab7e10 EFLAGS: 00010286
[  185.181684][T10825] RAX: 000000000000004e RBX: ffff88809b393000 RCX: 0000000000000000
[  185.189704][T10825] RDX: ffff88809e148040 RSI: ffffffff815db9a7 RDI: fffff52000b56fb4
[  185.197734][T10825] RBP: ffff88809e913010 R08: 000000000000004e R09: ffff8880ae6318e7
[  185.205707][T10825] R10: 0000000000000000 R11: 000000000009f588 R12: dead000000000122
[  185.213801][T10825] R13: ffff88809b3930a0 R14: ffff88809e913010 R15: ffff88809e913018
[  185.221834][T10825] FS:  00007f54d5d01700(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000
[  185.230812][T10825] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  185.237433][T10825] CR2: 00005598341f9160 CR3: 0000000097142000 CR4: 00000000001506f0
[  185.245408][T10825] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  185.253455][T10825] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  185.261622][T10825] Kernel panic - not syncing: Fatal exception
[  185.268797][T10825] Kernel Offset: disabled
[  185.273115][T10825] Rebooting in 86400 seconds..