[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   20.453728] random: nonblocking pool is initialized
[   20.716428] cfg80211: Calling CRDA to update world regulatory domain
[   23.876519] cfg80211: Calling CRDA to update world regulatory domain
[   27.036474] cfg80211: Calling CRDA to update world regulatory domain
[   27.474928] IPVS: Creating netns size=2688 id=1
[   27.479664] IPVS: ftp: loaded support on port[0] = 21
[   30.196527] cfg80211: Calling CRDA to update world regulatory domain
[   33.356513] cfg80211: Calling CRDA to update world regulatory domain
Warning: Permanently added '10.128.0.199' (ECDSA) to the list of known hosts.
2019/09/14 03:10:38 parsed 1 programs
2019/09/14 03:10:38 executed programs: 0
[   33.913848] IPv6: ADDRCONF(NETDEV_CHANGE): nr1: link becomes ready
[   33.922105] IPv6: ADDRCONF(NETDEV_CHANGE): nr3: link becomes ready
[   33.922426] IPVS: Creating netns size=2688 id=2
[   33.922434] IPVS: ftp: loaded support on port[0] = 21
[   33.939344] IPv6: ADDRCONF(NETDEV_CHANGE): nr4: link becomes ready
[   33.946054] IPv6: ADDRCONF(NETDEV_CHANGE): nr2: link becomes ready
[   33.954616] IPv6: ADDRCONF(NETDEV_CHANGE): nr5: link becomes ready
[   33.962311] IPVS: Creating netns size=2688 id=3
[   33.963212] IPv6: ADDRCONF(NETDEV_CHANGE): nr0: link becomes ready
[   33.968970] chnl_net:caif_netlink_parms(): no params data found
[   33.974152] device bridge_slave_0 entered promiscuous mode
[   33.974296] device bridge_slave_1 entered promiscuous mode
[   33.975526] IPv6: ADDRCONF(NETDEV_UP): bond_slave_0: link is not ready
[   33.975636] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   34.005974] IPVS: ftp: loaded support on port[0] = 21
[   34.006220] IPv6: ADDRCONF(NETDEV_UP): bond_slave_1: link is not ready
[   34.006297] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   34.013603] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   34.013645] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   34.016058] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   34.016076] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   34.016786] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   34.024637] 8021q: adding VLAN 0 to HW filter on device bond0
[   34.024792] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   34.071572] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   34.081579] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   34.082333] IPVS: Creating netns size=2688 id=4
[   34.082341] IPVS: ftp: loaded support on port[0] = 21
[   34.101078] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   34.101799] IPVS: Creating netns size=2688 id=5
[   34.101807] IPVS: ftp: loaded support on port[0] = 21
[   34.118696] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.125213] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.131903] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   34.139235] bridge0: port 2(bridge_slave_1) entered forwarding state
[   34.145720] bridge0: port 2(bridge_slave_1) entered forwarding state
[   34.152618] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   34.162338] IPVS: Creating netns size=2688 id=6
[   34.168569] IPVS: ftp: loaded support on port[0] = 21
[   34.173861] chnl_net:caif_netlink_parms(): no params data found
[   34.180813] device bridge_slave_0 entered promiscuous mode
[   34.180955] device bridge_slave_1 entered promiscuous mode
[   34.182138] IPv6: ADDRCONF(NETDEV_UP): bond_slave_0: link is not ready
[   34.182203] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   34.182261] IPv6: ADDRCONF(NETDEV_UP): bond_slave_1: link is not ready
[   34.182308] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   34.187782] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   34.187824] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   34.190103] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   34.190121] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   34.190586] bridge0: port 2(bridge_slave_1) entered forwarding state
[   34.190592] bridge0: port 2(bridge_slave_1) entered forwarding state
[   34.190599] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.190603] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.198597] 8021q: adding VLAN 0 to HW filter on device bond0
[   34.198754] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   34.203775] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   34.203885] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   34.231005] chnl_net:caif_netlink_parms(): no params data found
[   34.236186] device bridge_slave_0 entered promiscuous mode
[   34.236326] device bridge_slave_1 entered promiscuous mode
[   34.237516] IPv6: ADDRCONF(NETDEV_UP): bond_slave_0: link is not ready
[   34.237576] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   34.237637] IPv6: ADDRCONF(NETDEV_UP): bond_slave_1: link is not ready
[   34.237687] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   34.243042] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   34.243085] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   34.245314] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   34.245337] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   34.245822] bridge0: port 2(bridge_slave_1) entered forwarding state
[   34.245828] bridge0: port 2(bridge_slave_1) entered forwarding state
[   34.245834] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.245838] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.253499] 8021q: adding VLAN 0 to HW filter on device bond0
[   34.253669] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   34.260944] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   34.261064] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   34.426435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   34.433168] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   34.439912] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   34.447438] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   34.455353] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   34.462647] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   34.470781] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   34.477647] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   34.485344] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   34.493087] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   34.500475] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  172.289440] NMI watchdog: BUG: soft lockup - CPU#0 stuck for 123s! [syz-executor.3:6003]
[  172.297709] Modules linked in:
[  172.301021] irq event stamp: 0
[  172.304194] hardirqs last  enabled at (0): [<          (null)>]           (null)
[  172.311843] hardirqs last disabled at (0): [<ffffffff8116a52f>] copy_process.part.30+0x59f/0x1bc0
[  172.320971] softirqs last  enabled at (0): [<ffffffff8116a52f>] copy_process.part.30+0x59f/0x1bc0
[  172.330106] softirqs last disabled at (0): [<          (null)>]           (null)
[  172.337780] CPU: 0 PID: 6003 Comm: syz-executor.3 Not tainted 4.1.0 #0
[  172.345293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  172.354636] task: ffff88012a4ec290 ti: ffff8800bab0c000 task.ti: ffff8800bab0c000
[  172.362244] RIP: 0010:[<ffffffff82158020>]  [<ffffffff82158020>] hhf_dequeue+0x30/0x190
[  172.370499] RSP: 0018:ffff8800bab0f9a8  EFLAGS: 00000292
[  172.375923] RAX: ffff8800b1e3f250 RBX: ffff8800b1e3f1b8 RCX: dead000000200200
[  172.383170] RDX: ffff8800b1e3f250 RSI: ffff8800b1e3f250 RDI: ffff8800b1e3f1b8
[  172.390517] RBP: ffff8800bab0f9d8 R08: ffff8800b1e3f250 R09: 0000000000000024
[  172.397779] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  172.405028] R13: 0000000000000000 R14: 0000000000000000 R15: ffff8800bab0f998
[  172.412275] FS:  00007f6a66b36700(0000) GS:ffff88012c000000(0000) knlGS:0000000000000000
[  172.420475] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  172.426333] CR2: 0000000020000600 CR3: 000000012adb4000 CR4: 00000000001407f0
[  172.433584] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  172.440831] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  172.448079] Stack:
[  172.450208]  0000000000000002 ffff8800b73a5e00 0000000000000000 0000000000000000
[  172.458228]  ffff8800b73a5e00 ffff8800b1e3f000 ffff8800bab0fa38 ffffffff8212c0a7
[  172.466249]  ffff8800b1e3f0b0 ffff8800b1e3f0b0 ffff8800bab10000 00000040000003fd
[  172.474274] Call Trace:
[  172.476839]  [<ffffffff8212c0a7>] __qdisc_run+0x67/0x1c0
[  172.482271]  [<ffffffff820f9b76>] __dev_queue_xmit+0x406/0x950
[  172.488218]  [<ffffffff820f97bb>] ? __dev_queue_xmit+0x4b/0x950
[  172.494253]  [<ffffffff820fa0ce>] dev_queue_xmit_sk+0xe/0x10
[  172.500026]  [<ffffffff82169e54>] __netlink_deliver_tap+0x104/0x150
[  172.506406]  [<ffffffff8216abd0>] __netlink_sendskb+0x130/0x140
[  172.512451]  [<ffffffff8216aaa0>] ? netlink_hash+0x70/0x70
[  172.518051]  [<ffffffff8216dfc6>] netlink_unicast+0x226/0x2e0
[  172.523915]  [<ffffffff8216e4e8>] netlink_ack+0x98/0x120
[  172.529344]  [<ffffffff821097f0>] ? rtnetlink_rcv+0x40/0x40
[  172.535045]  [<ffffffff8216e60e>] netlink_rcv_skb+0x9e/0xd0
[  172.540732]  [<ffffffff821097d9>] rtnetlink_rcv+0x29/0x40
[  172.546244]  [<ffffffff8216df6a>] netlink_unicast+0x1ca/0x2e0
[  172.552104]  [<ffffffff8216dee8>] ? netlink_unicast+0x148/0x2e0
[  172.558138]  [<ffffffff8216e390>] netlink_sendmsg+0x310/0x3d0
[  172.564008]  [<ffffffff818eefeb>] ? import_iovec+0x2b/0xd0
[  172.569607]  [<ffffffff820d6365>] sock_sendmsg+0x35/0x40
[  172.575043]  [<ffffffff820d6d03>] ___sys_sendmsg+0x2c3/0x2d0
[  172.580819]  [<ffffffff81321620>] ? expand_files+0x270/0x270
[  172.586593]  [<ffffffff8132172b>] ? __fget+0x10b/0x210
[  172.591843]  [<ffffffff81321620>] ? expand_files+0x270/0x270
[  172.597648]  [<ffffffff81321875>] ? __fget_light+0x25/0x90
[  172.603250]  [<ffffffff820d7d5d>] __sys_sendmsg+0x3d/0x80
[  172.608768]  [<ffffffff820d7dad>] SyS_sendmsg+0xd/0x20
[  172.614023]  [<ffffffff8264c772>] system_call_fastpath+0x16/0x7a
[  172.620140] Code: 57 41 56 4c 8d bf 40 02 00 00 41 55 4c 8d b7 80 01 00 00 41 54 4c 8d af 50 02 00 00 49 89 fc 53 48 83 ec 08 0f 1f 80 00 00 00 00 <49> 8b 9c 24 40 02 00 00 4c 89 fa 49 39 df 0f 84 a8 00 00 00 8b 
[  172.647396] sending NMI to other CPUs:
[  172.652259] NMI backtrace for cpu 1
[  172.655947] CPU: 1 PID: 5784 Comm: syz-executor.1 Not tainted 4.1.0 #0
[  172.662587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  172.671917] task: ffff8800b7324490 ti: ffff88012a69c000 task.ti: ffff88012a69c000
[  172.679510] RIP: 0010:[<ffffffff818e8389>]  [<ffffffff818e8389>] delay_tsc+0x39/0xe0
[  172.687371] RSP: 0018:ffff88012a69fbb8  EFLAGS: 00000202
[  172.692795] RAX: 0000005c5d85018f RBX: 0000000000000001 RCX: ffff8800ba680402
[  172.700127] RDX: 0000005c00000000 RSI: ffffffff82ede2e7 RDI: ffffffff82e9a095
[  172.707372] RBP: ffff88012a69fbd8 R08: 0000000000000001 R09: 0000000000000000
[  172.714619] R10: ffff8800b7324490 R11: 0000000000000000 R12: 000000005d85018f
[  172.721868] R13: 0000000000000001 R14: 000000007e1107c1 R15: ffff8800b7149e00
[  172.729114] FS:  0000000001032940(0063) GS:ffff88012c100000(0000) knlGS:0000000000000000
[  172.737315] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  172.743172] CR2: 00007ffdf2be8fe8 CR3: 000000012a8e6000 CR4: 00000000001407e0
[  172.750440] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  172.757686] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  172.764934] Stack:
[  172.767058]  ffff8800b1e3f0b0 ffff8800ba680402 0000000089173700 000000007e1107c1
[  172.774564]  ffff88012a69fbe8 ffffffff818e82ba ffff88012a69fc18 ffffffff811ca74a
[  172.782070]  ffff8800b1e3f0b0 ffff8800ba686000 0000000000000001 ffff8800b73a5e00
[  172.789577] Call Trace:
[  172.792136]  [<ffffffff818e82ba>] __delay+0xa/0x10
[  172.797038]  [<ffffffff811ca74a>] do_raw_spin_lock+0xaa/0x200
[  172.802899]  [<ffffffff8264b7ee>] _raw_spin_lock+0x3e/0x50
[  172.808493]  [<ffffffff820f99d1>] ? __dev_queue_xmit+0x261/0x950
[  172.814609]  [<ffffffff820f99d1>] __dev_queue_xmit+0x261/0x950
[  172.820555]  [<ffffffff820f97bb>] ? __dev_queue_xmit+0x4b/0x950
[  172.826585]  [<ffffffff820fa0ce>] dev_queue_xmit_sk+0xe/0x10
[  172.832356]  [<ffffffff82169e54>] __netlink_deliver_tap+0x104/0x150
[  172.838745]  [<ffffffff8216e05f>] netlink_unicast+0x2bf/0x2e0
[  172.844605]  [<ffffffff8216dee8>] ? netlink_unicast+0x148/0x2e0
[  172.850637]  [<ffffffff8216e390>] netlink_sendmsg+0x310/0x3d0
[  172.856493]  [<ffffffff812ab387>] ? might_fault+0x57/0xb0
[  172.862017]  [<ffffffff820d6365>] sock_sendmsg+0x35/0x40
[  172.867441]  [<ffffffff820d67e2>] SYSC_sendto+0xf2/0x170
[  172.872864]  [<ffffffff812ff2e9>] ? __fput+0x199/0x250
[  172.878123]  [<ffffffff8119b625>] ? ___might_sleep+0x205/0x270
[  172.884077]  [<ffffffff818e9618>] ? trace_hardirqs_on_thunk+0x17/0x19
[  172.890627]  [<ffffffff820d7aa9>] SyS_sendto+0x9/0x10
[  172.895790]  [<ffffffff8264c772>] system_call_fastpath+0x16/0x7a
[  172.901910] Code: 01 00 00 00 e8 59 38 8b ff e8 34 12 01 00 0f ae e8 48 83 3d 39 d5 94 01 00 74 77 41 89 c5 e8 2f fa 79 ff 66 90 41 89 c4 0f ae e8 <48> 83 3d 1f d5 94 01 00 74 5d e8 18 fa 79 ff 66 90 41 89 c6 44 
[  172.920877] Kernel panic - not syncing: softlockup: hung tasks
[  172.926826] CPU: 0 PID: 6003 Comm: syz-executor.3 Tainted: G             L  4.1.0 #0
[  172.934681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  172.944014]  ffff88012a4ec290 ffff88012c003dd8 ffffffff8263cd0b 0000000000000032
[  172.952025]  ffffffff82e38486 ffff88012c003e58 ffffffff82638b9e ffff88012c003df8
[  172.960042]  ffffffff00000008 ffff88012c003e68 ffff88012c003e08 ffff87ffffffffff
[  172.968069] Call Trace:
[  172.970638]  <IRQ>  [<ffffffff8263cd0b>] dump_stack+0x4f/0x7b
[  172.976638]  [<ffffffff82638b9e>] panic+0xcd/0x211
[  172.981547]  [<ffffffff8123613a>] watchdog_timer_fn+0x26a/0x270
[  172.987585]  [<ffffffff811f07a6>] __run_hrtimer+0xe6/0x760
[  172.993182]  [<ffffffff811f19f8>] ? hrtimer_interrupt+0x88/0x230
[  173.003382]  [<ffffffff81235ed0>] ? watchdog+0x50/0x50
[  173.008638]  [<ffffffff811f1a73>] hrtimer_interrupt+0x103/0x230
[  173.014671]  [<ffffffff810be305>] local_apic_timer_interrupt+0x35/0x60
[  173.021311]  [<ffffffff810be55c>] smp_apic_timer_interrupt+0x3c/0x50
[  173.027777]  [<ffffffff8264d6b3>] apic_timer_interrupt+0x73/0x80
[  173.033906]  <EOI>  [<ffffffff82158020>] ? hhf_dequeue+0x30/0x190
[  173.040251]  [<ffffffff8215815e>] ? hhf_dequeue+0x16e/0x190
[  173.045938]  [<ffffffff8212c0a7>] __qdisc_run+0x67/0x1c0
[  173.051364]  [<ffffffff820f9b76>] __dev_queue_xmit+0x406/0x950
[  173.057314]  [<ffffffff820f97bb>] ? __dev_queue_xmit+0x4b/0x950
[  173.063349]  [<ffffffff820fa0ce>] dev_queue_xmit_sk+0xe/0x10
[  173.069120]  [<ffffffff82169e54>] __netlink_deliver_tap+0x104/0x150
[  173.075499]  [<ffffffff8216abd0>] __netlink_sendskb+0x130/0x140
[  173.081533]  [<ffffffff8216aaa0>] ? netlink_hash+0x70/0x70
[  173.087131]  [<ffffffff8216dfc6>] netlink_unicast+0x226/0x2e0
[  173.092992]  [<ffffffff8216e4e8>] netlink_ack+0x98/0x120
[  173.098417]  [<ffffffff821097f0>] ? rtnetlink_rcv+0x40/0x40
[  173.104102]  [<ffffffff8216e60e>] netlink_rcv_skb+0x9e/0xd0
[  173.109791]  [<ffffffff821097d9>] rtnetlink_rcv+0x29/0x40
[  173.115305]  [<ffffffff8216df6a>] netlink_unicast+0x1ca/0x2e0
[  173.121169]  [<ffffffff8216dee8>] ? netlink_unicast+0x148/0x2e0
[  173.127200]  [<ffffffff8216e390>] netlink_sendmsg+0x310/0x3d0
[  173.133211]  [<ffffffff818eefeb>] ? import_iovec+0x2b/0xd0
[  173.138819]  [<ffffffff820d6365>] sock_sendmsg+0x35/0x40
[  173.144248]  [<ffffffff820d6d03>] ___sys_sendmsg+0x2c3/0x2d0
[  173.150111]  [<ffffffff81321620>] ? expand_files+0x270/0x270
[  173.155883]  [<ffffffff8132172b>] ? __fget+0x10b/0x210
[  173.161157]  [<ffffffff81321620>] ? expand_files+0x270/0x270
[  173.166941]  [<ffffffff81321875>] ? __fget_light+0x25/0x90
[  173.172545]  [<ffffffff820d7d5d>] __sys_sendmsg+0x3d/0x80
[  173.178073]  [<ffffffff820d7dad>] SyS_sendmsg+0xd/0x20
[  173.183348]  [<ffffffff8264c772>] system_call_fastpath+0x16/0x7a
[  173.191137] Kernel Offset: disabled