[ OK ] Started Getty on tty1. [ OK ] Found device /dev/ttyS0. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Started OpenBSD Secure Shell server. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.107' (ECDSA) to the list of known hosts. 2021/01/13 22:09:14 fuzzer started 2021/01/13 22:09:15 dialing manager at 10.128.0.26:43403 2021/01/13 22:09:15 syscalls: 3495 2021/01/13 22:09:15 code coverage: enabled 2021/01/13 22:09:15 comparison tracing: enabled 2021/01/13 22:09:15 extra coverage: enabled 2021/01/13 22:09:15 setuid sandbox: enabled 2021/01/13 22:09:15 namespace sandbox: enabled 2021/01/13 22:09:15 Android sandbox: /sys/fs/selinux/policy does not exist 2021/01/13 22:09:15 fault injection: enabled 2021/01/13 22:09:15 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2021/01/13 22:09:15 net packet injection: enabled 2021/01/13 22:09:15 net device setup: enabled 2021/01/13 22:09:15 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2021/01/13 22:09:15 devlink PCI setup: PCI device 0000:00:10.0 is not available 2021/01/13 22:09:15 USB emulation: enabled 2021/01/13 22:09:15 hci packet injection: enabled 2021/01/13 22:09:15 wifi device emulation: enabled 2021/01/13 22:09:15 fetching corpus: 0, signal 0/0 (executing program) 2021/01/13 22:09:15 fetching corpus: 1, signal 140/140 (executing program) 2021/01/13 22:09:15 fetching corpus: 1, signal 140/140 (executing program) 2021/01/13 22:09:17 starting 6 fuzzer processes 22:09:17 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000019c0)={0xffffffffffffffff}) recvmsg(r0, &(0x7f0000001f00)={0x0, 0x0, 0x0}, 0x101) 22:09:17 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1, 0x7, 0x46, 0x2a}, 0x40) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000440)={0x0, r0}, 0x10) 22:09:18 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1, 0x7, 0x46, 0x2a}, 0x40) bpf$BPF_MAP_FREEZE(0x16, &(0x7f00000013c0)=r0, 0x4) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000240)={r0, 0x0, 0x0}, 0x20) 22:09:18 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1, 0x7, 0x46, 0x2a}, 0x40) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000015c0)={r0, &(0x7f0000001440), 0x0}, 0x20) 22:09:18 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000040), 0x8d) 22:09:18 executing program 5: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000001740)={0xffffffffffffffff}) sendmsg$tipc(r0, &(0x7f0000001d40)={&(0x7f0000001780)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10, 0x0}, 0x0) syzkaller login: [ 56.330719][ T8482] IPVS: ftp: loaded support on port[0] = 21 [ 56.540491][ T8484] IPVS: ftp: loaded support on port[0] = 21 [ 56.757789][ T8482] chnl_net:caif_netlink_parms(): no params data found [ 56.786351][ T8486] IPVS: ftp: loaded support on port[0] = 21 [ 56.894420][ T8482] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.904385][ T8482] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.912694][ T8482] device bridge_slave_0 entered promiscuous mode [ 56.946593][ T8482] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.955783][ T8482] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.964352][ T8482] device bridge_slave_1 entered promiscuous mode [ 56.972509][ T8484] chnl_net:caif_netlink_parms(): no params data found [ 57.127373][ T8482] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.149945][ T8482] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.170653][ T8488] IPVS: ftp: loaded support on port[0] = 21 [ 57.282574][ T8482] team0: Port device team_slave_0 added [ 57.364223][ T8482] team0: Port device team_slave_1 added [ 57.374806][ T8490] IPVS: ftp: loaded support on port[0] = 21 [ 57.396531][ T8484] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.404095][ T8484] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.413314][ T8484] device bridge_slave_0 entered promiscuous mode [ 57.423893][ T8484] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.431758][ T8484] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.440484][ T8484] device bridge_slave_1 entered promiscuous mode [ 57.466521][ T8486] chnl_net:caif_netlink_parms(): no params data found [ 57.512401][ T8484] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.526383][ T8484] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.536246][ T8482] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.543649][ T8482] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.570789][ T8482] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.606881][ T8482] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.614360][ T8482] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.642703][ T8482] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.694477][ T8484] team0: Port device team_slave_0 added [ 57.703389][ T8484] team0: Port device team_slave_1 added [ 57.747122][ T8484] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.754503][ T8484] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.780630][ T8484] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.880999][ T8484] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.890347][ T8484] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.922961][ T8484] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.946091][ T8602] IPVS: ftp: loaded support on port[0] = 21 [ 57.969869][ T8482] device hsr_slave_0 entered promiscuous mode [ 57.976536][ T8482] device hsr_slave_1 entered promiscuous mode [ 58.003918][ T8484] device hsr_slave_0 entered promiscuous mode [ 58.011536][ T8484] device hsr_slave_1 entered promiscuous mode [ 58.018657][ T8484] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 58.026474][ T8484] Cannot create hsr debugfs directory [ 58.055613][ T8486] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.064829][ T8486] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.074620][ T8486] device bridge_slave_0 entered promiscuous mode [ 58.163853][ T8486] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.172190][ T8486] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.181999][ T8486] device bridge_slave_1 entered promiscuous mode [ 58.260424][ T8488] chnl_net:caif_netlink_parms(): no params data found [ 58.269526][ T2994] Bluetooth: hci0: command 0x0409 tx timeout [ 58.317606][ T8486] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.347382][ T8486] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.476088][ T8486] team0: Port device team_slave_0 added [ 58.507762][ T3152] Bluetooth: hci1: command 0x0409 tx timeout [ 58.520703][ T8486] team0: Port device team_slave_1 added [ 58.535964][ T8490] chnl_net:caif_netlink_parms(): no params data found [ 58.662525][ T8486] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 58.671375][ T8486] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.699224][ T8486] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 58.757817][ T3152] Bluetooth: hci2: command 0x0409 tx timeout [ 58.762985][ T8486] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 58.771480][ T8486] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.798303][ T8486] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 58.845765][ T8488] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.853638][ T8488] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.864060][ T8488] device bridge_slave_0 entered promiscuous mode [ 58.876286][ T8488] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.884218][ T8488] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.893437][ T8488] device bridge_slave_1 entered promiscuous mode [ 58.925863][ T8486] device hsr_slave_0 entered promiscuous mode [ 58.933522][ T8486] device hsr_slave_1 entered promiscuous mode [ 58.941277][ T8486] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 58.949158][ T8486] Cannot create hsr debugfs directory [ 58.960326][ T8602] chnl_net:caif_netlink_parms(): no params data found [ 58.972794][ T8488] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.032787][ T8488] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.079761][ T2994] Bluetooth: hci3: command 0x0409 tx timeout [ 59.086943][ T8490] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.097094][ T8490] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.106718][ T8490] device bridge_slave_0 entered promiscuous mode [ 59.143365][ T8490] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.161016][ T8490] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.172345][ T8490] device bridge_slave_1 entered promiscuous mode [ 59.200248][ T8488] team0: Port device team_slave_0 added [ 59.218621][ T8484] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 59.229948][ T8484] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 59.251922][ T8484] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 59.268498][ T8488] team0: Port device team_slave_1 added [ 59.296829][ T8484] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 59.307891][ T3152] Bluetooth: hci4: command 0x0409 tx timeout [ 59.340035][ T8602] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.347098][ T8602] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.355942][ T8602] device bridge_slave_0 entered promiscuous mode [ 59.385832][ T8488] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.393149][ T8488] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.419242][ T8488] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.433894][ T8490] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.458359][ T8602] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.465430][ T8602] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.473779][ T8602] device bridge_slave_1 entered promiscuous mode [ 59.481874][ T8488] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 59.489140][ T8488] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.515127][ T8488] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.554235][ T8490] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.588901][ T8488] device hsr_slave_0 entered promiscuous mode [ 59.596189][ T8488] device hsr_slave_1 entered promiscuous mode [ 59.605370][ T8488] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 59.613195][ T8488] Cannot create hsr debugfs directory [ 59.689092][ T8482] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 59.715215][ T8490] team0: Port device team_slave_0 added [ 59.723472][ T8602] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.751709][ T8482] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 59.765556][ T8490] team0: Port device team_slave_1 added [ 59.802812][ T8602] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.829705][ T8482] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 59.849665][ T8482] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 59.875449][ T2994] Bluetooth: hci5: command 0x0409 tx timeout [ 59.920339][ T8490] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.927335][ T8490] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.953967][ T8490] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.969093][ T8602] team0: Port device team_slave_0 added [ 59.977307][ T8602] team0: Port device team_slave_1 added [ 60.023012][ T8490] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.030407][ T8490] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.058795][ T8490] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.096496][ T8484] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.113201][ T8602] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.121509][ T8602] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.149318][ T8602] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.162770][ T8602] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.170249][ T8602] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.196792][ T8602] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.267129][ T8490] device hsr_slave_0 entered promiscuous mode [ 60.275082][ T8490] device hsr_slave_1 entered promiscuous mode [ 60.281922][ T8490] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 60.289717][ T8490] Cannot create hsr debugfs directory [ 60.315866][ T8602] device hsr_slave_0 entered promiscuous mode [ 60.323590][ T8602] device hsr_slave_1 entered promiscuous mode [ 60.333742][ T8602] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 60.342353][ T8602] Cannot create hsr debugfs directory [ 60.347789][ T2994] Bluetooth: hci0: command 0x041b tx timeout [ 60.355142][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 60.364407][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 60.388344][ T8484] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.395259][ T8486] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 60.463050][ T8486] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 60.473632][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 60.488219][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 60.496559][ T3152] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.504353][ T3152] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.527672][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 60.535634][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 60.547867][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 60.556312][ T3152] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.563448][ T3152] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.583384][ T8486] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 60.590961][ T5] Bluetooth: hci1: command 0x041b tx timeout [ 60.614177][ T8486] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 60.643662][ T9686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 60.653301][ T9686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 60.663877][ T9686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 60.673844][ T9686] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 60.683193][ T9686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 60.692608][ T9686] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 60.709036][ T9686] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 60.746510][ T8488] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 60.767260][ T8488] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 60.796214][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 60.808144][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 60.827472][ T2994] Bluetooth: hci2: command 0x041b tx timeout [ 60.844311][ T8488] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 60.861736][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 60.875967][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 60.925291][ T8488] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 61.012526][ T8482] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.036578][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 61.046610][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 61.091887][ T8484] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.104010][ T8482] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.114187][ T9686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 61.123294][ T9686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 61.148266][ T9523] Bluetooth: hci3: command 0x041b tx timeout [ 61.165341][ T8486] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.214893][ T8486] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.240980][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 61.252138][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 61.263476][ T31] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.270625][ T31] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.279292][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 61.288481][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 61.296777][ T31] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.303911][ T31] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.312033][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 61.321760][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 61.330674][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 61.338577][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 61.346189][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 61.355302][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 61.368891][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 61.376846][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 61.386257][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 61.396434][ T8490] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 61.409819][ T17] Bluetooth: hci4: command 0x041b tx timeout [ 61.454446][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 61.463038][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 61.473714][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 61.482548][ T3152] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.489681][ T3152] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.497709][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 61.506473][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 61.516305][ T3152] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.523461][ T3152] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.531887][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 61.541657][ T8490] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 61.583137][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 61.593982][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 61.604012][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 61.613304][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 61.627913][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 61.636687][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 61.646911][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 61.655229][ T8490] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 61.674979][ T8484] device veth0_vlan entered promiscuous mode [ 61.703428][ T8490] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 61.715882][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 61.725256][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 61.734728][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 61.743570][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 61.752594][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 61.763087][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 61.772400][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 61.781406][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 61.792632][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 61.801248][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 61.818205][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 61.826639][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 61.836158][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 61.845438][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 61.868701][ T8602] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 61.885968][ T8602] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 61.895772][ T8602] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 61.915420][ T8482] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 61.933308][ T8484] device veth1_vlan entered promiscuous mode [ 61.944284][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 61.958128][ T31] Bluetooth: hci5: command 0x041b tx timeout [ 61.964176][ T8602] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 62.017415][ T8488] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.043521][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 62.052376][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 62.061021][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 62.069167][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 62.095549][ T8482] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 62.116436][ T8486] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 62.150325][ T8488] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.178120][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.185936][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.228654][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 62.243334][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 62.251959][ T9523] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.259118][ T9523] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.270752][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 62.279509][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 62.288983][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 62.297617][ T9523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 62.309976][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 62.356334][ T8484] device veth0_macvtap entered promiscuous mode [ 62.377090][ T8484] device veth1_macvtap entered promiscuous mode [ 62.391137][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 62.400115][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 62.409239][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 62.419528][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 62.429661][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.436729][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.444813][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 62.454677][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 62.463980][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 62.473172][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 62.482889][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 62.492666][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 62.517284][ T5] Bluetooth: hci0: command 0x040f tx timeout [ 62.535863][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 62.544615][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 62.553537][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 62.562679][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 62.571594][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 62.580727][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 62.590581][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 62.599527][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 62.608449][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 62.616719][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 62.625317][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 62.633614][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 62.642079][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 62.651600][ T8482] device veth0_vlan entered promiscuous mode [ 62.690987][ T3152] Bluetooth: hci1: command 0x040f tx timeout [ 62.704404][ T8482] device veth1_vlan entered promiscuous mode [ 62.719096][ T8484] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.732048][ T8486] device veth0_vlan entered promiscuous mode [ 62.741084][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 62.751883][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 62.760996][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 62.770464][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 62.779608][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 62.789023][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 62.826773][ T8488] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 62.857014][ T8490] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.869376][ T8484] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.885597][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 62.894992][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 62.906469][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 62.907818][ T5] Bluetooth: hci2: command 0x040f tx timeout [ 62.917843][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 62.937757][ T8486] device veth1_vlan entered promiscuous mode [ 62.951660][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 62.960927][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.971196][ T3152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.992514][ T8602] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.008330][ T8482] device veth0_macvtap entered promiscuous mode [ 63.034662][ T8484] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.046142][ T8484] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.056785][ T8484] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.070658][ T8484] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.086789][ T8490] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.105993][ T8488] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.116427][ T8482] device veth1_macvtap entered promiscuous mode [ 63.141059][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 63.149676][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 63.185302][ T8486] device veth0_macvtap entered promiscuous mode [ 63.214214][ T8602] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.222934][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 63.232621][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 63.241806][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.250021][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.267231][ T5] Bluetooth: hci3: command 0x040f tx timeout [ 63.284666][ T8486] device veth1_macvtap entered promiscuous mode [ 63.333199][ T8482] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 63.344126][ T8482] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.356415][ T8482] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 63.368107][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 63.376601][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 63.385235][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 63.395572][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.405135][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.412281][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.420306][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 63.429161][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.437723][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.444769][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.452462][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 63.461398][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 63.470670][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 63.479512][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 63.488338][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 63.496876][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.505431][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.512564][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.520331][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 63.529450][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.538079][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.545126][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.553102][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 63.562078][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 63.570745][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 63.579511][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 63.592065][ T2994] Bluetooth: hci4: command 0x040f tx timeout [ 63.620265][ T31] ================================================================================ [ 63.629755][ T31] UBSAN: object-size-mismatch in ./include/linux/skbuff.h:2021:28 [ 63.637674][ T31] member access within address 00000000a81227c6 with insufficient space [ 63.646003][ T31] for an object of type 'struct sk_buff' [ 63.651694][ T31] CPU: 1 PID: 31 Comm: kworker/1:1 Not tainted 5.10.0-syzkaller #0 [ 63.659583][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.669657][ T31] Workqueue: ipv6_addrconf addrconf_dad_work [ 63.675639][ T31] Call Trace: [ 63.678943][ T31] dump_stack+0x137/0x1be [ 63.683271][ T31] ? wake_up_klogd+0xb2/0xf0 [ 63.687862][ T31] ubsan_type_mismatch_common+0x1e2/0x390 [ 63.693579][ T31] __ubsan_handle_type_mismatch_v1+0x41/0x50 [ 63.699563][ T31] wg_xmit+0x45d/0xdf0 [ 63.703655][ T31] netdev_start_xmit+0x7b/0x140 [ 63.708518][ T31] dev_hard_start_xmit+0x182/0x2e0 [ 63.713633][ T31] __dev_queue_xmit+0x1229/0x1e60 [ 63.718691][ T31] ip6_finish_output2+0xe8d/0x11e0 [ 63.723809][ T31] ? __ip6_finish_output+0x26b/0x390 [ 63.729112][ T31] ndisc_send_skb+0x85b/0xc70 [ 63.733825][ T31] addrconf_dad_completed+0x5ef/0x990 [ 63.739253][ T31] addrconf_dad_work+0xb92/0x1480 [ 63.744282][ T31] ? rcu_read_lock_sched_held+0x62/0x100 [ 63.749914][ T31] process_one_work+0x471/0x830 [ 63.754784][ T31] worker_thread+0x757/0xb10 [ 63.759384][ T31] ? __kthread_parkme+0x148/0x190 [ 63.764404][ T31] ? pr_cont_work+0x100/0x100 [ 63.769080][ T31] kthread+0x39a/0x3c0 [ 63.773140][ T31] ? pr_cont_work+0x100/0x100 [ 63.777806][ T31] ? __list_add+0xc0/0xc0 [ 63.782134][ T31] ret_from_fork+0x1f/0x30 [ 63.786623][ T31] ================================================================================ [ 63.795939][ T31] Kernel panic - not syncing: panic_on_warn set ... [ 63.802536][ T31] CPU: 1 PID: 31 Comm: kworker/1:1 Not tainted 5.10.0-syzkaller #0 [ 63.810428][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.820490][ T31] Workqueue: ipv6_addrconf addrconf_dad_work [ 63.826470][ T31] Call Trace: [ 63.829763][ T31] dump_stack+0x137/0x1be [ 63.834100][ T31] ? panic+0x226/0x830 [ 63.838218][ T31] panic+0x2e3/0x830 [ 63.842124][ T31] ? ubsan_type_mismatch_common+0x206/0x390 [ 63.848026][ T31] ubsan_type_mismatch_common+0x388/0x390 [ 63.853761][ T31] __ubsan_handle_type_mismatch_v1+0x41/0x50 [ 63.859769][ T31] wg_xmit+0x45d/0xdf0 [ 63.863883][ T31] netdev_start_xmit+0x7b/0x140 [ 63.868739][ T31] dev_hard_start_xmit+0x182/0x2e0 [ 63.873864][ T31] __dev_queue_xmit+0x1229/0x1e60 [ 63.878928][ T31] ip6_finish_output2+0xe8d/0x11e0 [ 63.884051][ T31] ? __ip6_finish_output+0x26b/0x390 [ 63.889341][ T31] ndisc_send_skb+0x85b/0xc70 [ 63.894049][ T31] addrconf_dad_completed+0x5ef/0x990 [ 63.899441][ T31] addrconf_dad_work+0xb92/0x1480 [ 63.904475][ T31] ? rcu_read_lock_sched_held+0x62/0x100 [ 63.910131][ T31] process_one_work+0x471/0x830 [ 63.915021][ T31] worker_thread+0x757/0xb10 [ 63.919647][ T31] ? __kthread_parkme+0x148/0x190 [ 63.924676][ T31] ? pr_cont_work+0x100/0x100 [ 63.929716][ T31] kthread+0x39a/0x3c0 [ 63.933780][ T31] ? pr_cont_work+0x100/0x100 [ 63.938454][ T31] ? __list_add+0xc0/0xc0 [ 63.942791][ T31] ret_from_fork+0x1f/0x30 [ 63.948274][ T31] Kernel Offset: disabled [ 63.952685][ T31] Rebooting in 86400 seconds..