[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.10.32' (ECDSA) to the list of known hosts. 2020/12/21 14:08:19 parsed 1 programs 2020/12/21 14:08:19 executed programs: 0 syzkaller login: [ 66.241282][ T8502] IPVS: ftp: loaded support on port[0] = 21 [ 66.452401][ T8502] chnl_net:caif_netlink_parms(): no params data found [ 66.507790][ T8502] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.515172][ T8502] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.524723][ T8502] device bridge_slave_0 entered promiscuous mode [ 66.534146][ T8502] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.541867][ T8502] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.550081][ T8502] device bridge_slave_1 entered promiscuous mode [ 66.570812][ T8502] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.581729][ T8502] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.604861][ T8502] team0: Port device team_slave_0 added [ 66.613071][ T8502] team0: Port device team_slave_1 added [ 66.630933][ T8502] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 66.638299][ T8502] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.665063][ T8502] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 66.678843][ T8502] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 66.685790][ T8502] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.711900][ T8502] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 66.739676][ T8502] device hsr_slave_0 entered promiscuous mode [ 66.746383][ T8502] device hsr_slave_1 entered promiscuous mode [ 66.849905][ T8502] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 66.865797][ T8502] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 66.875647][ T8502] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 66.889588][ T8502] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 66.917504][ T8502] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.924742][ T8502] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.932583][ T8502] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.939773][ T8502] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.990002][ T8502] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.004625][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 67.015764][ T34] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.024917][ T34] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.033970][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 67.047546][ T8502] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.059491][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 67.068982][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.076017][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.087746][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 67.096768][ T34] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.103950][ T34] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.128784][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 67.139641][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 67.151524][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 67.160313][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 67.173541][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 67.184882][ T8502] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 67.204367][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 67.212992][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 67.225842][ T8502] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.245394][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 67.272593][ T8721] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 67.281945][ T8721] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 67.291459][ T8721] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 67.303049][ T8502] device veth0_vlan entered promiscuous mode [ 67.322340][ T8502] device veth1_vlan entered promiscuous mode [ 67.358198][ T8721] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 67.366286][ T8721] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 67.376310][ T8721] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 67.388098][ T8502] device veth0_macvtap entered promiscuous mode [ 67.399071][ T8502] device veth1_macvtap entered promiscuous mode [ 67.419746][ T8502] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.427837][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 67.438918][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 67.451876][ T8502] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.460641][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 67.470886][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 67.484583][ T8502] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.494091][ T8502] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.502877][ T8502] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.511899][ T8502] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.606529][ T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.619227][ T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.642077][ T8721] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 67.671062][ T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.679150][ T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.689830][ T8721] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 68.278193][ T8721] Bluetooth: hci0: command 0x0409 tx timeout [ 68.284565][ T8781] BUG: sleeping function called from invalid context at arch/x86/mm/fault.c:1351 [ 68.304422][ T8781] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 8781, name: syz-executor.0 [ 68.314780][ T8781] 2 locks held by syz-executor.0/8781: [ 68.320818][ T8781] #0: ffffffff8b33a020 (rcu_read_lock){....}-{1:2}, at: bpf_test_run+0x116/0xcc0 [ 68.331666][ T8781] #1: ffff888013428158 (&mm->mmap_lock#2){++++}-{3:3}, at: do_user_addr_fault+0x25f/0xc50 [ 68.342825][ T8781] Preemption disabled at: [ 68.342841][ T8781] [] migrate_disable+0x5e/0x160 [ 68.354899][ T8781] CPU: 0 PID: 8781 Comm: syz-executor.0 Not tainted 5.10.0-syzkaller #0 [ 68.363223][ T8781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.373260][ T8781] Call Trace: [ 68.376535][ T8781] dump_stack+0x107/0x163 [ 68.380861][ T8781] ? migrate_disable+0x5e/0x160 [ 68.385704][ T8781] ___might_sleep.cold+0x1f1/0x237 [ 68.390815][ T8781] do_user_addr_fault+0x29c/0xc50 [ 68.395846][ T8781] ? irqentry_enter+0x26/0x50 [ 68.400511][ T8781] exc_page_fault+0x9e/0x180 [ 68.405084][ T8781] asm_exc_page_fault+0x1e/0x30 [ 68.409918][ T8781] RIP: 0010:bpf_prog_e48ebe87b99394c4+0x11/0xa48 [ 68.416233][ T8781] Code: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 0f 1f 44 00 00 66 90 55 48 89 e5 31 c0 48 8b 47 28 <48> 8b 40 00 8b 80 00 01 00 00 c9 c3 cc cc cc cc cc cc cc cc cc cc [ 68.435819][ T8781] RSP: 0018:ffffc9000165fb30 EFLAGS: 00010246 [ 68.441869][ T8781] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: ffffffff87314b68 [ 68.449834][ T8781] RDX: ffff88802bfeb580 RSI: ffffc90000e8e038 RDI: ffffc9000165fcb0 [ 68.457789][ T8781] RBP: ffffc9000165fb30 R08: 0000000000000001 R09: 0000000000000001 [ 68.465755][ T8781] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 68.473731][ T8781] R13: dffffc0000000000 R14: 0000000000000001 R15: ffffc90000e8e000 [ 68.481700][ T8781] ? bpf_test_run+0x3a8/0xcc0 [ 68.488302][ T8781] bpf_test_run+0x21c/0xcc0 [ 68.492809][ T8781] ? bpf_ctx_init+0x1c0/0x1c0 [ 68.497470][ T8781] ? bpf_dispatcher_change_prog+0x2e6/0x8f0 [ 68.503364][ T8781] bpf_prog_test_run_xdp+0x2ca/0x510 [ 68.508638][ T8781] ? bpf_prog_test_run_skb+0x1c50/0x1c50 [ 68.514271][ T8781] ? __fget_files+0x294/0x400 [ 68.518953][ T8781] ? fput_many+0x2f/0x1a0 [ 68.523286][ T8781] ? bpf_prog_test_run_skb+0x1c50/0x1c50 [ 68.528922][ T8781] __do_sys_bpf+0x2174/0x5130 [ 68.533585][ T8781] ? bpf_link_get_from_fd+0x110/0x110 [ 68.538943][ T8781] ? _copy_to_user+0xdc/0x150 [ 68.543603][ T8781] ? put_timespec64+0xcb/0x120 [ 68.548360][ T8781] ? ns_to_timespec64+0xc0/0xc0 [ 68.553216][ T8781] ? syscall_enter_from_user_mode+0x1d/0x50 [ 68.559094][ T8781] do_syscall_64+0x2d/0x70 [ 68.563491][ T8781] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 68.569380][ T8781] RIP: 0033:0x45e149 [ 68.573294][ T8781] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 68.592890][ T8781] RSP: 002b:00007f7d79602c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 68.601297][ T8781] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045e149 [ 68.609262][ T8781] RDX: 0000000000000028 RSI: 00000000200000c0 RDI: 000000000000000a [ 68.617239][ T8781] RBP: 000000000119bfc0 R08: 0000000000000000 R09: 0000000000000000 [ 68.625204][ T8781] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000119bf8c [ 68.633156][ T8781] R13: 00007ffdea4f396f R14: 00007f7d796039c0 R15: 000000000119bf8c [ 68.655221][ T8781] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 68.663026][ T8781] #PF: supervisor read access in kernel mode [ 68.668976][ T8781] #PF: error_code(0x0000) - not-present page [ 68.674927][ T8781] PGD 1eb8b067 P4D 1eb8b067 PUD 1cd90067 PMD 0 [ 68.681154][ T8781] Oops: 0000 [#1] PREEMPT SMP KASAN [ 68.686328][ T8781] CPU: 0 PID: 8781 Comm: syz-executor.0 Tainted: G W 5.10.0-syzkaller #0 [ 68.696011][ T8781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.706060][ T8781] RIP: 0010:bpf_prog_e48ebe87b99394c4+0x11/0xa48 [ 68.712365][ T8781] Code: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 0f 1f 44 00 00 66 90 55 48 89 e5 31 c0 48 8b 47 28 <48> 8b 40 00 8b 80 00 01 00 00 c9 c3 cc cc cc cc cc cc cc cc cc cc [ 68.732918][ T8781] RSP: 0018:ffffc9000165fb30 EFLAGS: 00010246 [ 68.738960][ T8781] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: ffffffff87314b68 [ 68.746906][ T8781] RDX: ffff88802bfeb580 RSI: ffffc90000e8e038 RDI: ffffc9000165fcb0 [ 68.754852][ T8781] RBP: ffffc9000165fb30 R08: 0000000000000001 R09: 0000000000000001 [ 68.762799][ T8781] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 68.770752][ T8781] R13: dffffc0000000000 R14: 0000000000000001 R15: ffffc90000e8e000 [ 68.778700][ T8781] FS: 00007f7d79603700(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000 [ 68.787609][ T8781] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 68.794183][ T8781] CR2: 00007fb3f42c0018 CR3: 0000000014825000 CR4: 00000000001506f0 [ 68.802138][ T8781] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 68.810089][ T8781] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 68.818035][ T8781] Call Trace: [ 68.821319][ T8781] bpf_test_run+0x21c/0xcc0 [ 68.825818][ T8781] ? bpf_ctx_init+0x1c0/0x1c0 [ 68.830519][ T8781] ? bpf_dispatcher_change_prog+0x2e6/0x8f0 [ 68.836421][ T8781] bpf_prog_test_run_xdp+0x2ca/0x510 [ 68.841720][ T8781] ? bpf_prog_test_run_skb+0x1c50/0x1c50 [ 68.847335][ T8781] ? __fget_files+0x294/0x400 [ 68.852013][ T8781] ? fput_many+0x2f/0x1a0 [ 68.856321][ T8781] ? bpf_prog_test_run_skb+0x1c50/0x1c50 [ 68.861944][ T8781] __do_sys_bpf+0x2174/0x5130 [ 68.866611][ T8781] ? bpf_link_get_from_fd+0x110/0x110 [ 68.871974][ T8781] ? _copy_to_user+0xdc/0x150 [ 68.876642][ T8781] ? put_timespec64+0xcb/0x120 [ 68.881383][ T8781] ? ns_to_timespec64+0xc0/0xc0 [ 68.886230][ T8781] ? syscall_enter_from_user_mode+0x1d/0x50 [ 68.892100][ T8781] do_syscall_64+0x2d/0x70 [ 68.896496][ T8781] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 68.902398][ T8781] RIP: 0033:0x45e149 [ 68.906415][ T8781] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 68.926000][ T8781] RSP: 002b:00007f7d79602c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 68.934393][ T8781] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045e149 [ 68.942371][ T8781] RDX: 0000000000000028 RSI: 00000000200000c0 RDI: 000000000000000a [ 68.950322][ T8781] RBP: 000000000119bfc0 R08: 0000000000000000 R09: 0000000000000000 [ 68.958309][ T8781] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000119bf8c [ 68.966291][ T8781] R13: 00007ffdea4f396f R14: 00007f7d796039c0 R15: 000000000119bf8c [ 68.974253][ T8781] Modules linked in: [ 68.978126][ T8781] CR2: 0000000000000000 [ 68.986054][ T8781] ---[ end trace f373adf0128c937b ]--- [ 68.991589][ T8781] RIP: 0010:bpf_prog_e48ebe87b99394c4+0x11/0xa48 [ 68.999353][ T8781] Code: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 0f 1f 44 00 00 66 90 55 48 89 e5 31 c0 48 8b 47 28 <48> 8b 40 00 8b 80 00 01 00 00 c9 c3 cc cc cc cc cc cc cc cc cc cc [ 69.019128][ T8781] RSP: 0018:ffffc9000165fb30 EFLAGS: 00010246 [ 69.025201][ T8781] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: ffffffff87314b68 [ 69.033197][ T8781] RDX: ffff88802bfeb580 RSI: ffffc90000e8e038 RDI: ffffc9000165fcb0 [ 69.041221][ T8781] RBP: ffffc9000165fb30 R08: 0000000000000001 R09: 0000000000000001 [ 69.049216][ T8781] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 69.057407][ T8781] R13: dffffc0000000000 R14: 0000000000000001 R15: ffffc90000e8e000 [ 69.065370][ T8781] FS: 00007f7d79603700(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000 [ 69.074460][ T8781] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 69.081584][ T8781] CR2: 00007fb3f42c0018 CR3: 0000000014825000 CR4: 00000000001506f0 [ 69.090052][ T8781] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 69.098079][ T8781] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 69.106050][ T8781] Kernel panic - not syncing: Fatal exception [ 69.112595][ T8781] Kernel Offset: disabled [ 69.116952][ T8781] Rebooting in 86400 seconds..