forked to background, child pid 3173
no interfaces have a carrier
[ 26.597477][ T3174] 8021q: adding VLAN 0 to HW filter on device bond0
[ 26.607312][ T3174] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.0.5' (ECDSA) to the list of known hosts.
syzkaller login: [ 58.561438][ T3600] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 58.569253][ T3600] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 58.576788][ T3600] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 58.584802][ T3600] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 58.592440][ T3600] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 58.599903][ T3600] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 58.665750][ T91] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 58.673845][ T91] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 58.682976][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 58.704691][ T1021] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
executing program
[ 58.713354][ T1021] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 58.721472][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 59.012684][ T14] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 59.312954][ T14] usb 1-1: too many configurations: 85, using maximum allowed: 8
[ 60.113107][ T14] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 60.122168][ T14] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 60.130240][ T14] usb 1-1: Product: syz
[ 60.134428][ T14] usb 1-1: Manufacturer: syz
[ 60.139003][ T14] usb 1-1: SerialNumber: syz
[ 60.185757][ T14] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 60.633463][ T2275] Bluetooth: hci0: command 0x0409 tx timeout
[ 60.762808][ T14] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 61.820854][ T2275] usb 1-1: USB disconnect, device number 2
[ 61.829036][ C0] INFO: trying to register non-static key.
[ 61.829044][ C0] The code is fine but needs lockdep annotation, or maybe
[ 61.829048][ C0] you didn't initialize this object before use?
[ 61.829052][ C0] turning off the locking correctness validator.
[ 61.829057][ C0] CPU: 0 PID: 2275 Comm: kworker/0:3 Not tainted 5.17.0-rc6-next-20220303-syzkaller #0
[ 61.829078][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 61.829087][ C0] Workqueue: usb_hub_wq hub_event
[ 61.829121][ C0] Call Trace:
[ 61.829126][ C0]
[ 61.829131][ C0] dump_stack_lvl+0xcd/0x134
[ 61.829147][ C0] register_lock_class+0xf04/0x11b0
[ 61.829168][ C0] ? mark_lock.part.0+0xee/0x1910
[ 61.829185][ C0] ? mark_lock.part.0+0xee/0x1910
[ 61.829203][ C0] ? is_dynamic_key.part.0+0x130/0x130
[ 61.829222][ C0] ? lock_chain_count+0x20/0x20
[ 61.829240][ C0] ? mark_lock.part.0+0xee/0x1910
[ 61.829262][ C0] __lock_acquire+0x10a/0x56c0
[ 61.829279][ C0] ? __stack_depot_save+0x35/0x500
[ 61.829297][ C0] ? __lock_acquire+0x163e/0x56c0
[ 61.829314][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 61.829336][ C0] lock_acquire+0x1ab/0x510
[ 61.829353][ C0] ? skb_queue_tail+0x21/0x140
[ 61.829375][ C0] ? lock_release+0x720/0x720
[ 61.829393][ C0] ? find_held_lock+0x2d/0x110
[ 61.829410][ C0] ? ath9k_htc_txstatus+0x4c0/0x4c0
[ 61.829428][ C0] _raw_spin_lock_irqsave+0x39/0x50
[ 61.829445][ C0] ? skb_queue_tail+0x21/0x140
[ 61.829465][ C0] skb_queue_tail+0x21/0x140
[ 61.829485][ C0] ath9k_htc_txep+0x287/0x400
[ 61.829502][ C0] ath9k_htc_txcompletion_cb+0x1cd/0x2f0
[ 61.829518][ C0] hif_usb_regout_cb+0x115/0x1c0
[ 61.829532][ C0] __usb_hcd_giveback_urb+0x2b0/0x5c0
[ 61.829551][ C0] usb_hcd_giveback_urb+0x367/0x410
[ 61.829570][ C0] dummy_timer+0x11f9/0x32b0
[ 61.829593][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 61.829617][ C0] ? dummy_dequeue+0x500/0x500
[ 61.829650][ C0] ? dummy_dequeue+0x500/0x500
[ 61.829672][ C0] call_timer_fn+0x1a5/0x6b0
[ 61.829689][ C0] ? timer_fixup_activate+0x350/0x350
[ 61.829706][ C0] ? _raw_spin_unlock_irq+0x1f/0x40
[ 61.829723][ C0] ? dummy_dequeue+0x500/0x500
[ 61.829743][ C0] __run_timers.part.0+0x67c/0xa30
[ 61.829761][ C0] ? call_timer_fn+0x6b0/0x6b0
[ 61.829779][ C0] run_timer_softirq+0xb3/0x1d0
[ 61.829794][ C0] __do_softirq+0x29b/0x9c2
[ 61.829816][ C0] __irq_exit_rcu+0x123/0x180
[ 61.829838][ C0] irq_exit_rcu+0x5/0x20
[ 61.829857][ C0] sysvec_apic_timer_interrupt+0x93/0xc0
[ 61.829872][ C0]
[ 61.829876][ C0]
[ 61.829881][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 61.829901][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60
[ 61.829924][ C0] Code: 48 89 ef 5d e9 51 f3 4a 00 5d be 03 00 00 00 e9 96 96 74 02 66 0f 1f 44 00 00 48 8b be b0 01 00 00 e8 b4 ff ff ff 31 c0 c3 90 <65> 8b 05 29 49 89 7e 89 c1 48 8b 34 24 81 e1 00 01 00 00 65 48 8b
[ 61.829938][ C0] RSP: 0018:ffffc9000a7cf5b0 EFLAGS: 00000293
[ 61.829950][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 61.829958][ C0] RDX: ffff8880231bd7c0 RSI: ffffffff815ff018 RDI: 0000000000000003
[ 61.829967][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff90015987
[ 61.829976][ C0] R10: ffffffff815ff00e R11: 0000000000000000 R12: ffffffff84e2e620
[ 61.829984][ C0] R13: 0000000000000200 R14: ffffc9000a7cf610 R15: dffffc0000000000
[ 61.829997][ C0] ? loopback_xmit+0x6d0/0x6d0
[ 61.830014][ C0] ? console_unlock+0x81e/0xdd0
[ 61.830033][ C0] ? console_unlock+0x828/0xdd0
[ 61.830051][ C0] console_unlock+0x82e/0xdd0
[ 61.830070][ C0] ? devkmsg_read+0x730/0x730
[ 61.830088][ C0] ? lock_release+0x720/0x720
[ 61.830107][ C0] ? dev_vprintk_emit+0x36e/0x3b2
[ 61.830124][ C0] ? dev_vprintk_emit+0x36e/0x3b2
[ 61.830142][ C0] vprintk_emit+0x1b4/0x5f0
[ 61.830161][ C0] dev_vprintk_emit+0x36e/0x3b2
[ 61.830178][ C0] ? dev_attr_show.cold+0x3a/0x3a
[ 61.830195][ C0] ? lockdep_unlock+0x11b/0x290
[ 61.830210][ C0] ? __lock_acquire+0x2589/0x56c0
[ 61.830229][ C0] dev_printk_emit+0xba/0xf1
[ 61.830245][ C0] ? dev_vprintk_emit+0x3b2/0x3b2
[ 61.830262][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 61.830281][ C0] ? lock_chain_count+0x20/0x20
[ 61.830300][ C0] __dev_printk+0xcf/0xf5
[ 61.830317][ C0] _dev_info+0xd7/0x109
[ 61.830333][ C0] ? _dev_notice+0x109/0x109
[ 61.830350][ C0] ? mark_held_locks+0x9f/0xe0
[ 61.830368][ C0] ? _raw_spin_unlock_irqrestore+0x50/0x70
[ 61.830386][ C0] usb_disconnect.cold+0x25/0x6ec
[ 61.830406][ C0] hub_event+0x1e74/0x4680
[ 61.830427][ C0] ? hub_port_debounce+0x3c0/0x3c0
[ 61.830445][ C0] ? lock_release+0x720/0x720
[ 61.830461][ C0] ? lock_downgrade+0x6e0/0x6e0
[ 61.830479][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 61.830500][ C0] process_one_work+0x996/0x1610
[ 61.830516][ C0] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 61.830531][ C0] ? rwlock_bug.part.0+0x90/0x90
[ 61.830550][ C0] ? _raw_spin_lock_irq+0x41/0x50
[ 61.830567][ C0] worker_thread+0x665/0x1080
[ 61.830583][ C0] ? __kthread_parkme+0x15f/0x220
[ 61.830602][ C0] ? process_one_work+0x1610/0x1610
[ 61.830616][ C0] kthread+0x2e9/0x3a0
[ 61.830635][ C0] ? kthread_complete_and_exit+0x40/0x40
[ 61.830660][ C0] ret_from_fork+0x1f/0x30
[ 61.830681][ C0]
[ 61.830701][ C0] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[ 61.830714][ C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[ 61.830723][ C0] CPU: 0 PID: 2275 Comm: kworker/0:3 Not tainted 5.17.0-rc6-next-20220303-syzkaller #0
[ 61.830737][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 61.830745][ C0] Workqueue: usb_hub_wq hub_event
[ 61.830760][ C0] RIP: 0010:skb_queue_tail+0x9e/0x140
[ 61.830781][ C0] Code: 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 80 00 00 00 4c 89 e2 4c 89 65 08 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 48 89 6b 08 <80> 3c 02 00 75 4f 48 8d 7b 10 49 89 2c 24 48 b8 00 00 00 00 00 fc
[ 61.830793][ C0] RSP: 0018:ffffc900000079d8 EFLAGS: 00010046
[ 61.830803][ C0] RAX: dffffc0000000000 RBX: ffff88807c303838 RCX: ffffffff815e3600
[ 61.830813][ C0] RDX: 0000000000000000 RSI: 0000000000000046 RDI: ffff8880718d13c8
[ 61.830821][ C0] RBP: ffff8880718d13c0 R08: 0000000000000001 R09: 0000000000000003
[ 61.830830][ C0] R10: fffff52000000f29 R11: 0000000000000000 R12: 0000000000000000
[ 61.830838][ C0] R13: ffff88807c303850 R14: 00000000ffffa267 R15: ffffffff85282440
[ 61.830847][ C0] FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
[ 61.830862][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 61.830871][ C0] CR2: 00007ff40f3a9af8 CR3: 0000000023940000 CR4: 00000000003506f0
[ 61.830880][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 61.830888][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 61.830897][ C0] Call Trace:
[ 61.830900][ C0]
[ 61.830905][ C0] ath9k_htc_txep+0x287/0x400
[ 61.830921][ C0] ath9k_htc_txcompletion_cb+0x1cd/0x2f0
[ 61.830937][ C0] hif_usb_regout_cb+0x115/0x1c0
[ 61.830951][ C0] __usb_hcd_giveback_urb+0x2b0/0x5c0
[ 61.830970][ C0] usb_hcd_giveback_urb+0x367/0x410
[ 61.830988][ C0] dummy_timer+0x11f9/0x32b0
[ 61.831010][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 61.831034][ C0] ? dummy_dequeue+0x500/0x500
[ 61.831056][ C0] ? dummy_dequeue+0x500/0x500
[ 61.831076][ C0] call_timer_fn+0x1a5/0x6b0
[ 61.831091][ C0] ? timer_fixup_activate+0x350/0x350
[ 61.831108][ C0] ? _raw_spin_unlock_irq+0x1f/0x40
[ 61.831125][ C0] ? dummy_dequeue+0x500/0x500
[ 61.831145][ C0] __run_timers.part.0+0x67c/0xa30
[ 61.831162][ C0] ? call_timer_fn+0x6b0/0x6b0
[ 61.831180][ C0] run_timer_softirq+0xb3/0x1d0
[ 61.831195][ C0] __do_softirq+0x29b/0x9c2
[ 61.831216][ C0] __irq_exit_rcu+0x123/0x180
[ 61.831236][ C0] irq_exit_rcu+0x5/0x20
[ 61.831256][ C0] sysvec_apic_timer_interrupt+0x93/0xc0
[ 61.831270][ C0]
[ 61.831274][ C0]
[ 61.831278][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 61.831298][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60
[ 61.831319][ C0] Code: 48 89 ef 5d e9 51 f3 4a 00 5d be 03 00 00 00 e9 96 96 74 02 66 0f 1f 44 00 00 48 8b be b0 01 00 00 e8 b4 ff ff ff 31 c0 c3 90 <65> 8b 05 29 49 89 7e 89 c1 48 8b 34 24 81 e1 00 01 00 00 65 48 8b
[ 61.831331][ C0] RSP: 0018:ffffc9000a7cf5b0 EFLAGS: 00000293
[ 61.831341][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 61.831349][ C0] RDX: ffff8880231bd7c0 RSI: ffffffff815ff018 RDI: 0000000000000003
[ 61.831358][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff90015987
[ 61.831366][ C0] R10: ffffffff815ff00e R11: 0000000000000000 R12: ffffffff84e2e620
[ 61.831375][ C0] R13: 0000000000000200 R14: ffffc9000a7cf610 R15: dffffc0000000000
[ 61.831385][ C0] ? loopback_xmit+0x6d0/0x6d0
[ 61.831400][ C0] ? console_unlock+0x81e/0xdd0
[ 61.831418][ C0] ? console_unlock+0x828/0xdd0
[ 61.831437][ C0] console_unlock+0x82e/0xdd0
[ 61.831455][ C0] ? devkmsg_read+0x730/0x730
[ 61.831473][ C0] ? lock_release+0x720/0x720
[ 61.831492][ C0] ? dev_vprintk_emit+0x36e/0x3b2
[ 61.831509][ C0] ? dev_vprintk_emit+0x36e/0x3b2
[ 61.831526][ C0] vprintk_emit+0x1b4/0x5f0
[ 61.831545][ C0] dev_vprintk_emit+0x36e/0x3b2
[ 61.831561][ C0] ? dev_attr_show.cold+0x3a/0x3a
[ 61.831579][ C0] ? lockdep_unlock+0x11b/0x290
[ 61.831594][ C0] ? __lock_acquire+0x2589/0x56c0
[ 61.831613][ C0] dev_printk_emit+0xba/0xf1
[ 61.831629][ C0] ? dev_vprintk_emit+0x3b2/0x3b2
[ 61.831650][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 61.831669][ C0] ? lock_chain_count+0x20/0x20
[ 61.831688][ C0] __dev_printk+0xcf/0xf5
[ 61.831705][ C0] _dev_info+0xd7/0x109
[ 61.831721][ C0] ? _dev_notice+0x109/0x109
[ 61.831738][ C0] ? mark_held_locks+0x9f/0xe0
[ 61.831755][ C0] ? _raw_spin_unlock_irqrestore+0x50/0x70
[ 61.831774][ C0] usb_disconnect.cold+0x25/0x6ec
[ 61.831792][ C0] hub_event+0x1e74/0x4680
[ 61.831813][ C0] ? hub_port_debounce+0x3c0/0x3c0
[ 61.831830][ C0] ? lock_release+0x720/0x720
[ 61.831847][ C0] ? lock_downgrade+0x6e0/0x6e0
[ 61.831865][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 61.831885][ C0] process_one_work+0x996/0x1610
[ 61.831901][ C0] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 61.831916][ C0] ? rwlock_bug.part.0+0x90/0x90
[ 61.831944][ C0] ? _raw_spin_lock_irq+0x41/0x50
[ 61.831964][ C0] worker_thread+0x665/0x1080
[ 61.831979][ C0] ? __kthread_parkme+0x15f/0x220
[ 61.831998][ C0] ? process_one_work+0x1610/0x1610
[ 61.832012][ C0] kthread+0x2e9/0x3a0
[ 61.832031][ C0] ? kthread_complete_and_exit+0x40/0x40
[ 61.832052][ C0] ret_from_fork+0x1f/0x30
[ 61.832072][ C0]
[ 61.832076][ C0] Modules linked in:
[ 61.832085][ C0] ---[ end trace 0000000000000000 ]---
[ 61.832090][ C0] RIP: 0010:skb_queue_tail+0x9e/0x140
[ 61.832111][ C0] Code: 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 80 00 00 00 4c 89 e2 4c 89 65 08 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 48 89 6b 08 <80> 3c 02 00 75 4f 48 8d 7b 10 49 89 2c 24 48 b8 00 00 00 00 00 fc
[ 61.832123][ C0] RSP: 0018:ffffc900000079d8 EFLAGS: 00010046
[ 61.832133][ C0] RAX: dffffc0000000000 RBX: ffff88807c303838 RCX: ffffffff815e3600
[ 61.832149][ C0] RDX: 0000000000000000 RSI: 0000000000000046 RDI: ffff8880718d13c8
[ 61.832158][ C0] RBP: ffff8880718d13c0 R08: 0000000000000001 R09: 0000000000000003
[ 61.832166][ C0] R10: fffff52000000f29 R11: 0000000000000000 R12: 0000000000000000
[ 61.832175][ C0] R13: ffff88807c303850 R14: 00000000ffffa267 R15: ffffffff85282440
[ 61.832184][ C0] FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
[ 61.832197][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 61.832207][ C0] CR2: 00007ff40f3a9af8 CR3: 0000000023940000 CR4: 00000000003506f0
[ 61.832216][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 61.832224][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 61.832233][ C0] Kernel panic - not syncing: Fatal exception in interrupt
[ 61.832419][ C0] Kernel Offset: disabled
[ 63.013802][ C0] Rebooting in 86400 seconds..