DUID 00:04:1f:3a:56:02:d8:56:c9:ed:da:f3:fa:b7:9a:42:79:f6 forked to background, child pid 3171 [ 11.878721][ T3172] 8021q: adding VLAN 0 to HW filter on device bond0 [ 11.882168][ T3172] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller syzkaller login: [ 69.875406][ T42] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.0.117' (ECDSA) to the list of known hosts. 2022/05/21 16:04:40 parsed 1 programs [ 1116.158943][ T3664] cgroup: Unknown subsys name 'net' [ 1116.287251][ T3664] cgroup: Unknown subsys name 'rlimit' 2022/05/21 16:04:47 executed programs: 0 [ 1123.272871][ T3664] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 1124.356307][ T3672] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1124.363375][ T3674] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1124.370443][ T3674] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1124.377646][ T3674] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1124.384722][ T3674] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1124.391853][ T3674] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1124.420180][ T3671] chnl_net:caif_netlink_parms(): no params data found [ 1124.437031][ T3671] bridge0: port 1(bridge_slave_0) entered blocking state [ 1124.444062][ T3671] bridge0: port 1(bridge_slave_0) entered disabled state [ 1124.451450][ T3671] device bridge_slave_0 entered promiscuous mode [ 1124.458330][ T3671] bridge0: port 2(bridge_slave_1) entered blocking state [ 1124.465389][ T3671] bridge0: port 2(bridge_slave_1) entered disabled state [ 1124.472610][ T3671] device bridge_slave_1 entered promiscuous mode [ 1124.482952][ T3671] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1124.492611][ T3671] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1124.505266][ T3671] team0: Port device team_slave_0 added [ 1124.511288][ T3671] team0: Port device team_slave_1 added [ 1124.520739][ T3671] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1124.527851][ T3671] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1124.553816][ T3671] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1124.564819][ T3671] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1124.571821][ T3671] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1124.597848][ T3671] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1124.612989][ T3671] device hsr_slave_0 entered promiscuous mode [ 1124.619275][ T3671] device hsr_slave_1 entered promiscuous mode [ 1124.644091][ T3671] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1124.651430][ T3671] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1124.658841][ T3671] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1124.666346][ T3671] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1124.676644][ T3671] bridge0: port 2(bridge_slave_1) entered blocking state [ 1124.683656][ T3671] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1124.690882][ T3671] bridge0: port 1(bridge_slave_0) entered blocking state [ 1124.697907][ T3671] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1124.716522][ T3671] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1124.724768][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1124.732790][ T42] bridge0: port 1(bridge_slave_0) entered disabled state [ 1124.740347][ T42] bridge0: port 2(bridge_slave_1) entered disabled state [ 1124.747904][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 1124.756602][ T3671] 8021q: adding VLAN 0 to HW filter on device team0 [ 1124.765845][ T139] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1124.773989][ T139] bridge0: port 1(bridge_slave_0) entered blocking state [ 1124.781019][ T139] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1124.788410][ T139] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1124.796676][ T139] bridge0: port 2(bridge_slave_1) entered blocking state [ 1124.803682][ T139] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1124.814132][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1124.824182][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1124.831727][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1124.839803][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1124.849053][ T3671] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1124.859709][ T3671] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1124.867478][ T139] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1124.878991][ T3671] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1124.886093][ T139] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1124.893396][ T139] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1124.926826][ T3671] device veth0_vlan entered promiscuous mode [ 1124.934140][ T3671] device veth1_vlan entered promiscuous mode [ 1124.940909][ T3684] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1124.949318][ T3684] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1124.957908][ T3684] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1124.965309][ T3684] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1124.972708][ T3684] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1124.984441][ T3671] device veth0_macvtap entered promiscuous mode [ 1124.991194][ T139] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1124.999006][ T139] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1125.007330][ T139] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1125.015891][ T3671] device veth1_macvtap entered promiscuous mode [ 1125.024668][ T3671] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1125.032005][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1125.041480][ T3671] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1125.049130][ T139] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1125.058159][ T3671] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1125.066952][ T3671] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1125.075703][ T3671] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1125.084374][ T3671] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1125.103401][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1125.112812][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1125.116843][ T978] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1125.121216][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1125.128162][ T978] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1125.142602][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1125.425300][ T3684] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 1125.665252][ T3684] usb 1-1: Using ep0 maxpacket: 8 [ 1125.825351][ T3684] usb 1-1: unable to get BOS descriptor or descriptor too short [ 1125.905280][ T3684] usb 1-1: config 7 has an invalid interface number: 144 but max is 3 [ 1125.913450][ T3684] usb 1-1: config 7 contains an unexpected descriptor of type 0x1, skipping [ 1125.922277][ T3684] usb 1-1: config 7 contains an unexpected descriptor of type 0x2, skipping [ 1125.931076][ T3684] usb 1-1: config 7 has an invalid interface number: 242 but max is 3 [ 1125.939292][ T3684] usb 1-1: config 7 has an invalid interface number: 184 but max is 3 [ 1125.947587][ T3684] usb 1-1: config 7 has an invalid interface number: 19 but max is 3 [ 1125.955795][ T3684] usb 1-1: config 7 contains an unexpected descriptor of type 0x2, skipping [ 1125.964465][ T3684] usb 1-1: config 7 has an invalid descriptor of length 1, skipping remainder of the config [ 1125.974617][ T3684] usb 1-1: config 7 has no interface number 0 [ 1125.980733][ T3684] usb 1-1: config 7 has no interface number 1 [ 1125.986849][ T3684] usb 1-1: config 7 has no interface number 2 [ 1125.992898][ T3684] usb 1-1: config 7 has no interface number 3 [ 1125.999041][ T3684] usb 1-1: config 7 interface 144 altsetting 3 has an invalid endpoint with address 0xE9, skipping [ 1126.009765][ T3684] usb 1-1: config 7 interface 144 altsetting 3 has a duplicate endpoint with address 0xE, skipping [ 1126.020542][ T3684] usb 1-1: config 7 interface 144 altsetting 3 has a duplicate endpoint with address 0xE, skipping [ 1126.031274][ T3684] usb 1-1: config 7 interface 144 altsetting 3 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1126.041088][ T3684] usb 1-1: config 7 interface 144 altsetting 3 endpoint 0xB has invalid maxpacket 512, setting to 64 [ 1126.051956][ T3684] usb 1-1: config 7 interface 242 altsetting 105 has a duplicate endpoint with address 0xB, skipping [ 1126.062817][ T3684] usb 1-1: config 7 interface 184 altsetting 255 has a duplicate endpoint with address 0xE, skipping [ 1126.073666][ T3684] usb 1-1: config 7 interface 184 altsetting 255 has a duplicate endpoint with address 0xE, skipping [ 1126.084506][ T3684] usb 1-1: config 7 interface 184 altsetting 255 has an invalid endpoint descriptor of length 2, skipping [ 1126.095785][ T3684] usb 1-1: config 7 interface 184 altsetting 255 has an invalid endpoint with address 0x0, skipping [ 1126.106535][ T3684] usb 1-1: config 7 interface 184 altsetting 255 has 5 endpoint descriptors, different from the interface descriptor's value: 4 [ 1126.119733][ T3684] usb 1-1: config 7 interface 19 altsetting 64 has 0 endpoint descriptors, different from the interface descriptor's value: 13 [ 1126.132831][ T3684] usb 1-1: config 7 interface 144 has no altsetting 0 [ 1126.139586][ T3684] usb 1-1: config 7 interface 242 has no altsetting 0 [ 1126.146356][ T3684] usb 1-1: config 7 interface 184 has no altsetting 0 [ 1126.153101][ T3684] usb 1-1: config 7 interface 19 has no altsetting 0 [ 1126.315341][ T3684] usb 1-1: New USB device found, idVendor=14b2, idProduct=3301, bcdDevice=23.c2 [ 1126.324391][ T3684] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1126.332377][ T3684] usb 1-1: Product: syz [ 1126.336537][ T3684] usb 1-1: Manufacturer: syz [ 1126.341105][ T3684] usb 1-1: SerialNumber: syz [ 1126.435479][ T25] Bluetooth: hci0: command 0x0409 tx timeout [ 1126.665896][ T3684] r8712u: register rtl8712_netdev_ops to netdev_ops [ 1126.672487][ T3684] usb 1-1: r8712u: USB_SPEED_HIGH with 4 endpoints [ 1126.715311][ T3684] usb 1-1: r8712u: Boot from EEPROM: Autoload OK [ 1128.515251][ T25] Bluetooth: hci0: command 0x041b tx timeout [ 1130.595427][ T25] Bluetooth: hci0: command 0x040f tx timeout 2022/05/21 16:04:56 executed programs: 1 [ 1132.675231][ T25] Bluetooth: hci0: command 0x0419 tx timeout [ 1139.215417][ T3697] kmemleak: 8 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff88811242a900 (size 192): comm "kworker/1:3", pid 3684, jiffies 4295049936 (age 18.640s) hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 18 a9 42 12 81 88 ff ff ..........B..... backtrace: [] usb_alloc_urb+0xa5/0xb0 [] r8712_os_recvbuf_resource_alloc+0x1b/0x80 [] r8712_init_recv_priv+0x97/0x210 [] _r8712_init_recv_priv+0x134/0x150 [] r8712_init_drv_sw+0xa0/0x1d0 [] r871xu_drv_init.cold+0xbb/0x7a7 [] usb_probe_interface+0x177/0x370 [] really_probe.part.0+0xe7/0x310 [] __driver_probe_device+0x10c/0x1e0 [] driver_probe_device+0x2a/0x120 [] __device_attach_driver+0xf6/0x140 [] bus_for_each_drv+0xb7/0x100 [] __device_attach+0x122/0x260 [] bus_probe_device+0xc6/0xe0 [] device_add+0x5fb/0xdf0 [] usb_set_configuration+0x8f2/0xb80 BUG: memory leak unreferenced object 0xffff88811242a840 (size 192): comm "kworker/1:3", pid 3684, jiffies 4295049936 (age 18.640s) hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 58 a8 42 12 81 88 ff ff ........X.B..... backtrace: [] usb_alloc_urb+0xa5/0xb0 [] r8712_os_recvbuf_resource_alloc+0x1b/0x80 [] r8712_init_recv_priv+0x97/0x210 [] _r8712_init_recv_priv+0x134/0x150 [] r8712_init_drv_sw+0xa0/0x1d0 [] r871xu_drv_init.cold+0xbb/0x7a7 [] usb_probe_interface+0x177/0x370 [] really_probe.part.0+0xe7/0x310 [] __driver_probe_device+0x10c/0x1e0 [] driver_probe_device+0x2a/0x120 [] __device_attach_driver+0xf6/0x140 [] bus_for_each_drv+0xb7/0x100 [] __device_attach+0x122/0x260 [] bus_probe_device+0xc6/0xe0 [] device_add+0x5fb/0xdf0 [] usb_set_configuration+0x8f2/0xb80 BUG: memory leak unreferenced object 0xffff88811242a780 (size 192): comm "kworker/1:3", pid 3684, jiffies 4295049936 (age 18.640s) hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 98 a7 42 12 81 88 ff ff ..........B..... backtrace: [] usb_alloc_urb+0xa5/0xb0 [] r8712_os_recvbuf_resource_alloc+0x1b/0x80 [] r8712_init_recv_priv+0x97/0x210 [] _r8712_init_recv_priv+0x134/0x150 [] r8712_init_drv_sw+0xa0/0x1d0 [] r871xu_drv_init.cold+0xbb/0x7a7 [] usb_probe_interface+0x177/0x370 [] really_probe.part.0+0xe7/0x310 [] __driver_probe_device+0x10c/0x1e0 [] driver_probe_device+0x2a/0x120 [] __device_attach_driver+0xf6/0x140 [] bus_for_each_drv+0xb7/0x100 [] __device_attach+0x122/0x260 [] bus_probe_device+0xc6/0xe0 [] device_add+0x5fb/0xdf0 [] usb_set_configuration+0x8f2/0xb80