[ 82.009940][ T3059] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller syzkaller login: [ 105.363740][ T28] cfg80211: failed to load regulatory.db [ 131.551679][ T3486] can: request_module (can-proto-0) failed. [ 131.597228][ T3486] can: request_module (can-proto-0) failed. [ 131.642481][ T3486] can: request_module (can-proto-0) failed. Warning: Permanently added '10.128.1.112' (ECDSA) to the list of known hosts. 2022/09/18 05:12:22 parsed 1 programs 2022/09/18 05:12:29 executed programs: 0 [ 167.130370][ T3576] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 167.138899][ T3576] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 167.148114][ T3576] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 167.159164][ T3576] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 167.168828][ T3576] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 167.177011][ T3576] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 167.415345][ T3573] chnl_net:caif_netlink_parms(): no params data found [ 167.622317][ T3573] bridge0: port 1(bridge_slave_0) entered blocking state [ 167.629785][ T3573] bridge0: port 1(bridge_slave_0) entered disabled state [ 167.639223][ T3573] device bridge_slave_0 entered promiscuous mode [ 167.652444][ T3573] bridge0: port 2(bridge_slave_1) entered blocking state [ 167.659816][ T3573] bridge0: port 2(bridge_slave_1) entered disabled state [ 167.669561][ T3573] device bridge_slave_1 entered promiscuous mode [ 167.723988][ T3573] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 167.740528][ T3573] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 167.794107][ T3573] team0: Port device team_slave_0 added [ 167.806355][ T3573] team0: Port device team_slave_1 added [ 167.852382][ T3573] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 167.859539][ T3573] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 167.887411][ T3573] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 167.901094][ T3573] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 167.908799][ T3573] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 167.935073][ T3573] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 167.996291][ T3573] device hsr_slave_0 entered promiscuous mode [ 168.004836][ T3573] device hsr_slave_1 entered promiscuous mode [ 168.230343][ T3573] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 168.245787][ T3573] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 168.261270][ T3573] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 168.277410][ T3573] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 168.359037][ T3573] bridge0: port 2(bridge_slave_1) entered blocking state [ 168.366542][ T3573] bridge0: port 2(bridge_slave_1) entered forwarding state [ 168.374836][ T3573] bridge0: port 1(bridge_slave_0) entered blocking state [ 168.382285][ T3573] bridge0: port 1(bridge_slave_0) entered forwarding state [ 168.402844][ T28] bridge0: port 1(bridge_slave_0) entered disabled state [ 168.413278][ T28] bridge0: port 2(bridge_slave_1) entered disabled state [ 168.538792][ T3573] 8021q: adding VLAN 0 to HW filter on device bond0 [ 168.563206][ T2860] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 168.573467][ T2860] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 168.590746][ T3573] 8021q: adding VLAN 0 to HW filter on device team0 [ 168.606277][ T2860] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 168.617617][ T2860] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 168.627867][ T2860] bridge0: port 1(bridge_slave_0) entered blocking state [ 168.635427][ T2860] bridge0: port 1(bridge_slave_0) entered forwarding state [ 168.653319][ T2860] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 168.663883][ T2860] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 168.674232][ T2860] bridge0: port 2(bridge_slave_1) entered blocking state [ 168.681543][ T2860] bridge0: port 2(bridge_slave_1) entered forwarding state [ 168.702537][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 168.721408][ T2860] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 168.743192][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 168.757941][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 168.773612][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 168.796121][ T2860] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 168.807421][ T2860] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 168.818074][ T2860] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 168.827762][ T2860] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 168.850403][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 168.860834][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 168.878493][ T3573] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 168.921571][ T2860] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 168.929542][ T2860] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 168.956036][ T3573] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 169.203759][ T2860] Bluetooth: hci0: command 0x0409 tx timeout [ 169.241471][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 169.252311][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 169.300186][ T2860] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 169.310721][ T2860] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 169.324171][ T2860] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 169.334595][ T2860] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 169.351028][ T3573] device veth0_vlan entered promiscuous mode [ 169.376620][ T3573] device veth1_vlan entered promiscuous mode [ 169.413306][ T2860] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 169.423985][ T2860] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 169.449098][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 169.459868][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 169.477408][ T3573] device veth0_macvtap entered promiscuous mode [ 169.493435][ T3573] device veth1_macvtap entered promiscuous mode [ 169.536448][ T3573] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 169.545638][ T2860] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 169.556589][ T2860] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 169.566872][ T2860] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 169.577596][ T2860] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 169.599582][ T3573] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 169.608250][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 169.619319][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 169.640295][ T3573] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.649912][ T3573] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.659391][ T3573] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.668555][ T3573] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 170.812758][ T2860] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 171.051952][ T2860] usb 1-1: Using ep0 maxpacket: 8 [ 171.172149][ T2860] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 247 [ 171.182612][ T2860] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 52 [ 171.192673][ T2860] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 171.284005][ T28] Bluetooth: hci0: command 0x041b tx timeout [ 171.372531][ T2860] usb 1-1: New USB device found, idVendor=0424, idProduct=9e00, bcdDevice= 0.40 [ 171.381957][ T2860] usb 1-1: New USB device strings: Mfr=1, Product=8, SerialNumber=3 [ 171.390079][ T2860] usb 1-1: Product: syz [ 171.394568][ T2860] usb 1-1: Manufacturer: syz [ 171.399328][ T2860] usb 1-1: SerialNumber: syz [ 171.423102][ T3610] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 171.430575][ T3610] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 171.446821][ T2860] smsc95xx v2.0.0 [ 171.650132][ T3610] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 171.659226][ T3610] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 171.882389][ T2860] smsc95xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 171.893458][ T2860] smsc95xx 1-1:1.0 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 172.152383][ T2860] ===================================================== [ 172.159769][ T2860] BUG: KMSAN: uninit-value in smsc95xx_reset+0x40d/0x2520 [ 172.167162][ T2860] smsc95xx_reset+0x40d/0x2520 [ 172.172179][ T2860] smsc95xx_bind+0x9d6/0x2260 [ 172.176952][ T2860] usbnet_probe+0x10a2/0x3f30 [ 172.181867][ T2860] usb_probe_interface+0xc4b/0x11f0 [ 172.187208][ T2860] really_probe+0x506/0x1000 [ 172.192035][ T2860] __driver_probe_device+0x2fa/0x3d0 [ 172.197485][ T2860] driver_probe_device+0x72/0x7a0 [ 172.202739][ T2860] __device_attach_driver+0x548/0x8e0 [ 172.208247][ T2860] bus_for_each_drv+0x1fc/0x360 [ 172.213368][ T2860] __device_attach+0x42a/0x720 [ 172.218286][ T2860] device_initial_probe+0x2e/0x40 [ 172.223796][ T2860] bus_probe_device+0x13c/0x3b0 [ 172.228973][ T2860] device_add+0x1d4b/0x26c0 [ 172.233834][ T2860] usb_set_configuration+0x30f8/0x37e0 [ 172.239439][ T2860] usb_generic_driver_probe+0x105/0x290 [ 172.246130][ T2860] usb_probe_device+0x288/0x490 [ 172.251070][ T2860] really_probe+0x506/0x1000 [ 172.255880][ T2860] __driver_probe_device+0x2fa/0x3d0 [ 172.261319][ T2860] driver_probe_device+0x72/0x7a0 [ 172.266700][ T2860] __device_attach_driver+0x548/0x8e0 [ 172.272296][ T2860] bus_for_each_drv+0x1fc/0x360 [ 172.277242][ T2860] __device_attach+0x42a/0x720 [ 172.282319][ T2860] device_initial_probe+0x2e/0x40 [ 172.287581][ T2860] bus_probe_device+0x13c/0x3b0 [ 172.292630][ T2860] device_add+0x1d4b/0x26c0 [ 172.297260][ T2860] usb_new_device+0x17ac/0x2370 [ 172.302397][ T2860] hub_event+0x5589/0x8080 [ 172.307103][ T2860] process_one_work+0xb27/0x13e0 [ 172.312280][ T2860] worker_thread+0x1076/0x1d60 [ 172.317176][ T2860] kthread+0x31b/0x430 [ 172.321337][ T2860] ret_from_fork+0x1f/0x30 [ 172.326970][ T2860] [ 172.329370][ T2860] Local variable buf.i225 created at: [ 172.334975][ T2860] smsc95xx_reset+0x20f/0x2520 [ 172.339924][ T2860] smsc95xx_bind+0x9d6/0x2260 [ 172.344915][ T2860] [ 172.347311][ T2860] CPU: 1 PID: 2860 Comm: kworker/1:3 Not tainted 6.0.0-rc5-syzkaller-00050-g8f4ae27df775 #0 [ 172.357621][ T2860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 172.367995][ T2860] Workqueue: usb_hub_wq hub_event [ 172.373303][ T2860] ===================================================== [ 172.380315][ T2860] Disabling lock debugging due to kernel taint [ 172.386708][ T2860] Kernel panic - not syncing: kmsan.panic set ... [ 172.393231][ T2860] CPU: 1 PID: 2860 Comm: kworker/1:3 Tainted: G B 6.0.0-rc5-syzkaller-00050-g8f4ae27df775 #0 [ 172.405112][ T2860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 172.415346][ T2860] Workqueue: usb_hub_wq hub_event [ 172.420459][ T2860] Call Trace: [ 172.423794][ T2860] [ 172.426816][ T2860] dump_stack_lvl+0x1c8/0x256 [ 172.431606][ T2860] dump_stack+0x1a/0x1c [ 172.435939][ T2860] panic+0x4d3/0xc69 [ 172.439931][ T2860] kmsan_report+0x2cc/0x2d0 [ 172.444531][ T2860] ? __msan_warning+0x92/0x110 [ 172.449375][ T2860] ? smsc95xx_reset+0x40d/0x2520 [ 172.454665][ T2860] ? smsc95xx_bind+0x9d6/0x2260 [ 172.459700][ T2860] ? usbnet_probe+0x10a2/0x3f30 [ 172.464634][ T2860] ? usb_probe_interface+0xc4b/0x11f0 [ 172.470094][ T2860] ? really_probe+0x506/0x1000 [ 172.475018][ T2860] ? __driver_probe_device+0x2fa/0x3d0 [ 172.480573][ T2860] ? driver_probe_device+0x72/0x7a0 [ 172.485866][ T2860] ? __device_attach_driver+0x548/0x8e0 [ 172.492042][ T2860] ? bus_for_each_drv+0x1fc/0x360 [ 172.497216][ T2860] ? __device_attach+0x42a/0x720 [ 172.502299][ T2860] ? device_initial_probe+0x2e/0x40 [ 172.507612][ T2860] ? bus_probe_device+0x13c/0x3b0 [ 172.512728][ T2860] ? device_add+0x1d4b/0x26c0 [ 172.517514][ T2860] ? usb_set_configuration+0x30f8/0x37e0 [ 172.523264][ T2860] ? usb_generic_driver_probe+0x105/0x290 [ 172.529118][ T2860] ? usb_probe_device+0x288/0x490 [ 172.534287][ T2860] ? really_probe+0x506/0x1000 [ 172.539131][ T2860] ? __driver_probe_device+0x2fa/0x3d0 [ 172.544722][ T2860] ? driver_probe_device+0x72/0x7a0 [ 172.549994][ T2860] ? __device_attach_driver+0x548/0x8e0 [ 172.555610][ T2860] ? bus_for_each_drv+0x1fc/0x360 [ 172.560810][ T2860] ? __device_attach+0x42a/0x720 [ 172.565969][ T2860] ? device_initial_probe+0x2e/0x40 [ 172.571262][ T2860] ? bus_probe_device+0x13c/0x3b0 [ 172.576384][ T2860] ? device_add+0x1d4b/0x26c0 [ 172.581189][ T2860] ? usb_new_device+0x17ac/0x2370 [ 172.586519][ T2860] ? hub_event+0x5589/0x8080 [ 172.591183][ T2860] ? process_one_work+0xb27/0x13e0 [ 172.596401][ T2860] ? worker_thread+0x1076/0x1d60 [ 172.601484][ T2860] ? kthread+0x31b/0x430 [ 172.605866][ T2860] ? ret_from_fork+0x1f/0x30 [ 172.610558][ T2860] ? _raw_spin_unlock_irqrestore+0x34/0x50 [ 172.616479][ T2860] ? __pm_runtime_idle+0x256/0x290 [ 172.621730][ T2860] ? usb_autopm_put_interface+0x99/0xd0 [ 172.627386][ T2860] ? usbnet_read_cmd+0x36f/0x3f0 [ 172.632399][ T2860] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 172.638300][ T2860] __msan_warning+0x92/0x110 [ 172.642987][ T2860] smsc95xx_reset+0x40d/0x2520 [ 172.647905][ T2860] smsc95xx_bind+0x9d6/0x2260 [ 172.652681][ T2860] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 172.658767][ T2860] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 172.664682][ T2860] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 172.670583][ T2860] ? smsc95xx_start_tx_path+0x610/0x610 [ 172.676246][ T2860] usbnet_probe+0x10a2/0x3f30 [ 172.681028][ T2860] ? usbnet_disconnect+0x630/0x630 [ 172.686317][ T2860] usb_probe_interface+0xc4b/0x11f0 [ 172.691652][ T2860] ? usb_register_driver+0x5f0/0x5f0 [ 172.697150][ T2860] really_probe+0x506/0x1000 [ 172.701824][ T2860] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 172.707987][ T2860] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 172.713912][ T2860] __driver_probe_device+0x2fa/0x3d0 [ 172.719323][ T2860] driver_probe_device+0x72/0x7a0 [ 172.724464][ T2860] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 172.730370][ T2860] __device_attach_driver+0x548/0x8e0 [ 172.735830][ T2860] bus_for_each_drv+0x1fc/0x360 [ 172.740820][ T2860] ? coredump_store+0xa0/0xa0 [ 172.745577][ T2860] __device_attach+0x42a/0x720 [ 172.750488][ T2860] device_initial_probe+0x2e/0x40 [ 172.755721][ T2860] bus_probe_device+0x13c/0x3b0 [ 172.760687][ T2860] device_add+0x1d4b/0x26c0 [ 172.765292][ T2860] usb_set_configuration+0x30f8/0x37e0 [ 172.770902][ T2860] usb_generic_driver_probe+0x105/0x290 [ 172.776561][ T2860] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 172.782624][ T2860] ? usb_choose_configuration+0xdc0/0xdc0 [ 172.788525][ T2860] ? usb_choose_configuration+0xdc0/0xdc0 [ 172.794382][ T2860] usb_probe_device+0x288/0x490 [ 172.799631][ T2860] ? usb_register_device_driver+0x440/0x440 [ 172.805610][ T2860] really_probe+0x506/0x1000 [ 172.810326][ T2860] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 172.816507][ T2860] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 172.822473][ T2860] __driver_probe_device+0x2fa/0x3d0 [ 172.827890][ T2860] driver_probe_device+0x72/0x7a0 [ 172.833005][ T2860] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 172.838947][ T2860] __device_attach_driver+0x548/0x8e0 [ 172.844404][ T2860] bus_for_each_drv+0x1fc/0x360 [ 172.849341][ T2860] ? coredump_store+0xa0/0xa0 [ 172.854185][ T2860] __device_attach+0x42a/0x720 [ 172.859054][ T2860] device_initial_probe+0x2e/0x40 [ 172.864211][ T2860] bus_probe_device+0x13c/0x3b0 [ 172.869182][ T2860] device_add+0x1d4b/0x26c0 [ 172.873776][ T2860] usb_new_device+0x17ac/0x2370 [ 172.878762][ T2860] hub_event+0x5589/0x8080 [ 172.883357][ T2860] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 172.889397][ T2860] ? led_work+0x730/0x730 [ 172.893829][ T2860] ? led_work+0x730/0x730 [ 172.898264][ T2860] process_one_work+0xb27/0x13e0 [ 172.903454][ T2860] worker_thread+0x1076/0x1d60 [ 172.908359][ T2860] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 172.914339][ T2860] ? __kthread_parkme+0x110/0x1b0 [ 172.919489][ T2860] kthread+0x31b/0x430 [ 172.923672][ T2860] ? worker_clr_flags+0x2b0/0x2b0 [ 172.928832][ T2860] ? kthread_blkcg+0x120/0x120 [ 172.933813][ T2860] ret_from_fork+0x1f/0x30 [ 172.938368][ T2860] [ 172.941618][ T2860] Kernel Offset: disabled [ 172.946031][ T2860] Rebooting in 86400 seconds..