[  OK  ] Reached target Login Prompts.
[  OK  ] Reached target Multi-User System.
[  OK  ] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[  OK  ] Started Update UTMP about System Runlevel Changes.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.195' (ECDSA) to the list of known hosts.
syzkaller login: [   29.196649] IPVS: ftp: loaded support on port[0] = 21
[   29.261390] chnl_net:caif_netlink_parms(): no params data found
[   29.348515] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.355118] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.362038] device bridge_slave_0 entered promiscuous mode
[   29.369842] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.376765] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.383929] device bridge_slave_1 entered promiscuous mode
[   29.399491] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   29.408432] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   29.426388] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   29.433560] team0: Port device team_slave_0 added
[   29.438850] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   29.446084] team0: Port device team_slave_1 added
[   29.461277] batman_adv: batadv0: Adding interface: batadv_slave_0
[   29.467574] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.494148] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   29.505930] batman_adv: batadv0: Adding interface: batadv_slave_1
[   29.512149] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.538375] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   29.549241] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   29.556956] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   29.575064] device hsr_slave_0 entered promiscuous mode
[   29.580643] device hsr_slave_1 entered promiscuous mode
[   29.587123] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   29.595059] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   29.652259] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.658712] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.665616] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.671970] bridge0: port 1(bridge_slave_0) entered forwarding state
[   29.699572] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   29.706634] 8021q: adding VLAN 0 to HW filter on device bond0
[   29.715758] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   29.724144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   29.742331] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.749575] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.759330] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   29.765583] 8021q: adding VLAN 0 to HW filter on device team0
[   29.774154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   29.781673] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.788060] bridge0: port 1(bridge_slave_0) entered forwarding state
[   29.797357] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   29.805227] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.811554] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.829356] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   29.839191] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   29.850606] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[   29.857799] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   29.865566] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   29.873554] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   29.881029] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   29.888818] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   29.895648] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   29.906611] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready
[   29.914958] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   29.921574] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   29.931285] 8021q: adding VLAN 0 to HW filter on device batadv0
[   29.980112] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready
[   29.989290] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   30.017015] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready
[   30.024451] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready
[   30.030817] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready
[   30.039902] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   30.047414] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   30.054644] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   30.063876] device veth0_vlan entered promiscuous mode
[   30.071847] device veth1_vlan entered promiscuous mode
[   30.078262] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready
[   30.086917] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready
[   30.097903] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready
[   30.107056] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   30.114532] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   30.121602] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   30.130608] device veth0_macvtap entered promiscuous mode
[   30.137057] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready
[   30.145684] device veth1_macvtap entered promiscuous mode
[   30.154080] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready
[   30.163818] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready
[   30.173139] batman_adv: batadv0: Interface activated: batadv_slave_0
[   30.179769] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   30.188856] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   30.198687] batman_adv: batadv0: Interface activated: batadv_slave_1
[   30.206501] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program
[   30.252367] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   30.287345] ------------[ cut here ]------------
[   30.292160] kernel BUG at include/linux/skbuff.h:2149!
[   30.297508] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[   30.302858] Modules linked in:
[   30.306028] CPU: 1 PID: 8013 Comm: syz-executor468 Not tainted 4.14.277-syzkaller #0
[   30.313878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   30.323210] task: ffff888097d30180 task.stack: ffff888096a88000
[   30.329247] RIP: 0010:skb_pull+0xe1/0x100
[   30.333378] RSP: 0018:ffff888096a8f5d8 EFLAGS: 00010297
[   30.338724] RAX: ffff888097d30180 RBX: ffff8880b3ecd940 RCX: 00000000000000a0
[   30.346055] RDX: 0000000000000000 RSI: 0000000000000018 RDI: ffff8880b3ecd9c4
[   30.353306] RBP: 0000000000000018 R08: ffffffff85c48e2c R09: 00000000000202b9
[   30.360554] R10: ffff888097d30a08 R11: ffff888097d30180 R12: 00000000000010de
[   30.367920] R13: ffff8880b3ecda18 R14: ffff8880b3ecda10 R15: ffff88809f1680e0
[   30.375166] FS:  0000555555cdc300(0000) GS:ffff8880ba500000(0000) knlGS:0000000000000000
[   30.383362] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   30.389216] CR2: 00000000200001c0 CR3: 0000000099010000 CR4: 00000000003406e0
[   30.396462] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   30.403708] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   30.410949] Call Trace:
[   30.413517]  ipgre_xmit+0x26f/0x780
[   30.417121]  dev_hard_start_xmit+0x188/0x890
[   30.421589]  __dev_queue_xmit+0x1d7f/0x2480
[   30.425884]  ? netdev_pick_tx+0x2e0/0x2e0
[   30.430008]  ? __pskb_pull_tail+0xb54/0x14a0
[   30.434387]  ? skb_copy_datagram_from_iter+0x3c1/0x5f0
[   30.439636]  ? skb_partial_csum_set+0x1e2/0x260
[   30.444283]  packet_snd+0x13aa/0x26f0
[   30.448059]  ? prb_retire_rx_blk_timer_expired+0x630/0x630
[   30.453656]  ? is_bpf_text_address+0xb8/0x150
[   30.458127]  ? kernel_text_address+0xbd/0xf0
[   30.462507]  ? __kernel_text_address+0x9/0x30
[   30.466976]  ? get_user_pages_fast+0x1a0/0x2b0
[   30.471535]  ? lock_acquire+0x170/0x3f0
[   30.475484]  ? lock_downgrade+0x740/0x740
[   30.479619]  packet_sendmsg+0x12ed/0x33a0
[   30.483752]  ? __might_fault+0x177/0x1b0
[   30.487798]  ? rw_copy_check_uvector+0x1dd/0x2b0
[   30.492531]  ? import_iovec+0x1df/0x360
[   30.496482]  ? dup_iter+0x240/0x240
[   30.500089]  ? compat_packet_setsockopt+0x140/0x140
[   30.505086]  ? copy_msghdr_from_user+0x218/0x3b0
[   30.509814]  ? kernel_recvmsg+0x210/0x210
[   30.513936]  ? security_socket_sendmsg+0x83/0xb0
[   30.518665]  ? compat_packet_setsockopt+0x140/0x140
[   30.523744]  sock_sendmsg+0xb5/0x100
[   30.527433]  ___sys_sendmsg+0x6c8/0x800
[   30.531387]  ? copy_msghdr_from_user+0x3b0/0x3b0
[   30.536119]  ? reacquire_held_locks+0xb5/0x3f0
[   30.540688]  ? release_sock+0x1b/0x1b0
[   30.544550]  ? lock_sock_nested+0x98/0x100
[   30.548959]  ? packet_do_bind+0x3ee/0xb30
[   30.553086]  ? lock_downgrade+0x740/0x740
[   30.557209]  ? __local_bh_enable_ip+0xc1/0x170
[   30.561769]  ? trace_hardirqs_on_caller+0x3a8/0x580
[   30.566767]  ? packet_do_bind+0x3ee/0xb30
[   30.570894]  ? __local_bh_enable_ip+0xc1/0x170
[   30.575453]  ? packet_do_bind+0x3ee/0xb30
[   30.579579]  ? __fdget+0x167/0x1f0
[   30.583093]  ? sockfd_lookup_light+0xb2/0x160
[   30.587561]  __sys_sendmsg+0xa3/0x120
[   30.591334]  ? SyS_shutdown+0x160/0x160
[   30.595285]  SyS_sendmsg+0x27/0x40
[   30.598845]  ? __sys_sendmsg+0x120/0x120
[   30.602878]  do_syscall_64+0x1d5/0x640
[   30.606740]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   30.611906] RIP: 0033:0x7f54fb66e3c9
[   30.615587] RSP: 002b:00007ffd7e1c20b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   30.623268] RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 00007f54fb66e3c9
[   30.630514] RDX: 0000000000000000 RSI: 0000000020003d40 RDI: 0000000000000003
[   30.637756] RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000000
[   30.645005] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd7e1c20d0
[   30.652246] R13: 00007ffd7e1c20f0 R14: 0000000000000000 R15: 0000000000000000
[   30.659490] Code: 00 00 4c 89 a3 d8 00 00 00 e8 3c 0d 96 fb 4c 89 e0 5b 5d 41 5c c3 e8 2f 0d 96 fb 45 31 e4 5b 4c 89 e0 5d 41 5c c3 e8 1f 0d 96 fb <0f> 0b e8 c8 c4 bf fb e9 49 ff ff ff e8 be c4 bf fb eb 8e e8 27 
[   30.678554] RIP: skb_pull+0xe1/0x100 RSP: ffff888096a8f5d8
[   30.684220] ---[ end trace abbdea113087fee4 ]---
[   30.688965] Kernel panic - not syncing: Fatal exception in interrupt
[   30.695704] Kernel Offset: disabled
[   30.699311] Rebooting in 86400 seconds..