[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.30' (ECDSA) to the list of known hosts. syzkaller login: [ 35.533155] IPVS: ftp: loaded support on port[0] = 21 [ 36.334340] chnl_net:caif_netlink_parms(): no params data found [ 36.440853] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.447806] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.455986] device bridge_slave_0 entered promiscuous mode [ 36.464630] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.471281] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.479642] device bridge_slave_1 entered promiscuous mode [ 36.496904] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 36.505657] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 36.524689] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 36.531911] team0: Port device team_slave_0 added [ 36.537369] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 36.545018] team0: Port device team_slave_1 added [ 36.561270] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 36.567555] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.593027] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 36.604498] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 36.610879] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.636324] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 36.647040] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 36.654750] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 36.723679] device hsr_slave_0 entered promiscuous mode [ 36.771675] device hsr_slave_1 entered promiscuous mode [ 36.811594] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 36.818682] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 36.888276] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.894727] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.901813] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.908201] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.940039] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 36.947107] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.956196] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 36.966018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 36.984513] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.991758] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.002499] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 37.008579] 8021q: adding VLAN 0 to HW filter on device team0 [ 37.018116] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 37.026363] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.032922] bridge0: port 1(bridge_slave_0) entered forwarding state [ 37.042804] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 37.050533] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.056948] bridge0: port 2(bridge_slave_1) entered forwarding state [ 37.071025] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 37.081203] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 37.088288] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 37.099094] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 37.111259] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 37.120593] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 37.127463] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 37.141916] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 37.143508] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 37.155398] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 37.166372] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 37.219611] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 37.230147] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 37.263699] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 37.271721] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 37.278217] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 37.288354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 37.296280] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 37.303453] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 37.312429] device veth0_vlan entered promiscuous mode [ 37.321515] device veth1_vlan entered promiscuous mode [ 37.327586] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 37.336230] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 37.346174] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 37.359819] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 37.369483] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready [ 37.377038] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 37.385399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 37.395950] device veth0_macvtap entered promiscuous mode [ 37.402331] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 37.411040] device veth1_macvtap entered promiscuous mode [ 37.417136] IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready [ 37.426444] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 37.436433] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 37.445746] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 37.453329] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 37.460204] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 37.468094] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 37.475790] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 37.484018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 37.495141] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 37.502906] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 37.510072] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 37.518756] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 37.660481] Illegal XDP return value 2208975216, expect packet loss! [ 37.667523] ------------[ cut here ]------------ [ 37.672282] WARNING: CPU: 1 PID: 6352 at net/core/filter.c:3649 bpf_warn_invalid_xdp_action.cold+0x3c/0x43 [ 37.682612] Kernel panic - not syncing: panic_on_warn set ... [ 37.682612] [ 37.689987] CPU: 1 PID: 6352 Comm: sshd Not tainted 4.14.175-syzkaller #0 [ 37.696912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 37.706351] Call Trace: [ 37.708923] [ 37.711069] dump_stack+0x13e/0x194 [ 37.714684] panic+0x1f9/0x42d [ 37.717863] ? add_taint.cold+0x16/0x16 [ 37.721977] ? bpf_warn_invalid_xdp_action.cold+0x3c/0x43 [ 37.727522] ? bpf_warn_invalid_xdp_action.cold+0x3c/0x43 [ 37.733063] __warn.cold+0x2f/0x30 [ 37.736592] ? ist_end_non_atomic+0x10/0x10 [ 37.741044] ? bpf_warn_invalid_xdp_action.cold+0x3c/0x43 [ 37.746733] report_bug+0x20a/0x248 [ 37.750357] do_error_trap+0x195/0x2d0 [ 37.754250] ? math_error+0x2d0/0x2d0 [ 37.758040] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 37.762875] invalid_op+0x1b/0x40 [ 37.766451] RIP: 0010:bpf_warn_invalid_xdp_action.cold+0x3c/0x43 [ 37.772850] RSP: 0018:ffff8880aeb07640 EFLAGS: 00010282 [ 37.778210] RAX: 0000000000000038 RBX: 0000000083aa4970 RCX: 0000000000000000 [ 37.785476] RDX: 0000000000000100 RSI: ffffffff86ac07e0 RDI: ffffed1015d60ebe [ 37.792743] RBP: ffffffff8738d300 R08: 0000000000000038 R09: 0000000000000000 [ 37.800006] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000083aa4970 [ 37.807288] R13: 0000000000000000 R14: ffff8880a82dc606 R15: ffff8880a82dc5c4 [ 37.814660] do_xdp_generic.part.0+0x513/0x9e0 [ 37.819224] ? generic_xdp_tx+0x680/0x680 [ 37.823356] netif_rx_internal+0x330/0x800 [ 37.827571] ? eth_type_trans+0x284/0x5e0 [ 37.831701] ? do_xdp_generic+0x40/0x40 [ 37.835654] ? eth_gro_receive+0x820/0x820 [ 37.839882] ? sock_wfree+0xd0/0x130 [ 37.843589] ? __dev_forward_skb+0x1f9/0x450 [ 37.847978] dev_forward_skb+0x39/0x50 [ 37.851971] veth_xmit+0xf1/0x300 [ 37.855416] dev_hard_start_xmit+0x186/0x890 [ 37.859827] __dev_queue_xmit+0x1d91/0x25c0 [ 37.864141] ? netdev_pick_tx+0x2e0/0x2e0 [ 37.868281] ? ip6_finish_output+0x4d9/0xaf0 [ 37.872690] ? mark_held_locks+0xa6/0xf0 [ 37.876736] ? ip6_finish_output2+0x1085/0x2150 [ 37.881399] ip6_finish_output2+0x1085/0x2150 [ 37.886836] ? ip6_forward_finish+0x470/0x470 [ 37.891421] ? lock_downgrade+0x6e0/0x6e0 [ 37.895567] ? ip6_finish_output+0x4d9/0xaf0 [ 37.899965] ip6_finish_output+0x4d9/0xaf0 [ 37.904198] ip6_output+0x1c9/0x650 [ 37.907811] ? ip6_finish_output+0xaf0/0xaf0 [ 37.912202] ? __local_bh_enable_ip+0x94/0x190 [ 37.916765] ? ip6_fragment+0x3150/0x3150 [ 37.920918] ? icmp6_dst_alloc+0x390/0x580 [ 37.925147] mld_sendpack+0x86d/0xca0 [ 37.928932] ? mld_clear_delrec+0x210/0x210 [ 37.933259] ? __local_bh_enable_ip+0x94/0x190 [ 37.937829] mld_ifc_timer_expire+0x3b0/0x7b0 [ 37.942311] call_timer_fn+0x14a/0x650 [ 37.946190] ? mld_dad_timer_expire+0x160/0x160 [ 37.950843] ? __next_timer_interrupt+0x140/0x140 [ 37.955668] ? _raw_spin_unlock_irq+0x24/0x80 [ 37.960142] ? mld_dad_timer_expire+0x160/0x160 [ 37.964800] ? mld_dad_timer_expire+0x160/0x160 [ 37.969451] run_timer_softirq+0x52a/0x1390 [ 37.973769] ? add_timer+0xa20/0xa20 [ 37.977463] ? __lock_is_held+0xad/0x140 [ 37.981508] __do_softirq+0x254/0x9bf [ 37.985297] do_softirq_own_stack+0x2a/0x40 [ 37.989605] [ 37.991835] ? ip_finish_output2+0x77b/0x14a0 [ 37.996744] do_softirq.part.0+0x103/0x160 [ 38.000986] __local_bh_enable_ip+0x149/0x190 [ 38.005462] ip_finish_output2+0x7ae/0x14a0 [ 38.009773] ? save_trace+0x290/0x290 [ 38.013558] ? ip_copy_metadata+0x980/0x980 [ 38.017864] ? ip_finish_output+0x556/0xc30 [ 38.022267] ip_finish_output+0x556/0xc30 [ 38.026398] ip_output+0x1c2/0x520 [ 38.029935] ? ip_mc_output+0xcb0/0xcb0 [ 38.033896] ? ip_fragment.constprop.0+0x200/0x200 [ 38.039092] ip_local_out+0x93/0x170 [ 38.042796] ip_queue_xmit+0x7b2/0x1b20 [ 38.046758] ? tcp_established_options+0x2bc/0x420 [ 38.051691] __tcp_transmit_skb+0x1654/0x2dd0 [ 38.056187] ? __tcp_select_window+0x6a0/0x6a0 [ 38.060751] ? check_preemption_disabled+0x35/0x240 [ 38.065757] ? sched_clock+0x2a/0x40 [ 38.069714] ? sched_clock_cpu+0x18/0x1b0 [ 38.073854] ? save_trace+0x290/0x290 [ 38.077637] tcp_write_xmit+0x56a/0x4a60 [ 38.081690] ? iov_iter_advance+0x1c0/0xc70 [ 38.085995] __tcp_push_pending_frames+0x9c/0x240 [ 38.090954] tcp_push+0x3fd/0x5f0 [ 38.094421] tcp_sendmsg_locked+0x218c/0x2fd0 [ 38.098926] ? tcp_sendpage+0x60/0x60 [ 38.102735] ? __local_bh_enable_ip+0x94/0x190 [ 38.107312] tcp_sendmsg+0x2b/0x40 [ 38.110842] inet_sendmsg+0x116/0x4d0 [ 38.114724] ? inet_recvmsg+0x4c0/0x4c0 [ 38.118681] sock_sendmsg+0xc5/0x100 [ 38.122376] sock_write_iter+0x22c/0x370 [ 38.126420] ? sock_sendmsg+0x100/0x100 [ 38.130374] ? trace_hardirqs_on+0x10/0x10 [ 38.134610] ? inode_has_perm.isra.0+0x153/0x1d0 [ 38.139347] ? iov_iter_init+0xa6/0x1c0 [ 38.143331] __vfs_write+0x44e/0x630 [ 38.147121] ? kernel_read+0x110/0x110 [ 38.150998] ? selinux_file_permission+0x7a/0x440 [ 38.155827] ? rw_verify_area+0xe1/0x2a0 [ 38.159867] vfs_write+0x192/0x4e0 [ 38.163402] SyS_write+0xf2/0x210 [ 38.166859] ? SyS_read+0x210/0x210 [ 38.170469] ? SyS_clock_settime+0x1a0/0x1a0 [ 38.174861] ? do_syscall_64+0x4c/0x640 [ 38.178813] ? SyS_read+0x210/0x210 [ 38.182421] do_syscall_64+0x1d5/0x640 [ 38.186303] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 38.191494] RIP: 0033:0x7f3a3ad9b970 [ 38.195189] RSP: 002b:00007ffeb59faf58 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 38.202878] RAX: ffffffffffffffda RBX: 0000000000000034 RCX: 00007f3a3ad9b970 [ 38.210137] RDX: 0000000000000034 RSI: 00005603a38bf3ec RDI: 0000000000000003 [ 38.217474] RBP: 00005603a38b1070 R08: 00007ffeb59fb010 R09: 0000000000000100 [ 38.224812] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 38.232161] R13: 00007ffeb59fafef R14: 00005603a1ba5be7 R15: 0000000000000003 [ 38.241317] Kernel Offset: disabled [ 38.245060] Rebooting in 86400 seconds..