[ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.247' (ECDSA) to the list of known hosts. 2021/01/13 22:28:04 fuzzer started 2021/01/13 22:28:05 dialing manager at 10.128.0.26:43403 2021/01/13 22:28:05 syscalls: 3495 2021/01/13 22:28:05 code coverage: enabled 2021/01/13 22:28:05 comparison tracing: enabled 2021/01/13 22:28:05 extra coverage: enabled 2021/01/13 22:28:05 setuid sandbox: enabled 2021/01/13 22:28:05 namespace sandbox: enabled 2021/01/13 22:28:05 Android sandbox: /sys/fs/selinux/policy does not exist 2021/01/13 22:28:05 fault injection: enabled 2021/01/13 22:28:05 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2021/01/13 22:28:05 net packet injection: enabled 2021/01/13 22:28:05 net device setup: enabled 2021/01/13 22:28:05 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2021/01/13 22:28:05 devlink PCI setup: PCI device 0000:00:10.0 is not available 2021/01/13 22:28:05 USB emulation: enabled 2021/01/13 22:28:05 hci packet injection: enabled 2021/01/13 22:28:05 wifi device emulation: enabled 2021/01/13 22:28:05 fetching corpus: 0, signal 0/0 (executing program) 2021/01/13 22:28:05 fetching corpus: 1, signal 140/140 (executing program) 2021/01/13 22:28:05 fetching corpus: 1, signal 140/140 (executing program) 2021/01/13 22:28:07 starting 6 fuzzer processes 22:28:07 executing program 0: openat$tun(0xffffffffffffff9c, &(0x7f0000000e80)='/dev/net/tun\x00', 0x0, 0x0) 22:28:07 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002580)={&(0x7f0000002780)=ANY=[@ANYBLOB="9feb010018000000000000000000000c"], &(0x7f00000024c0)=""/160, 0xd3, 0xa0, 0x6}, 0x20) 22:28:07 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004b00)={0x11, 0x3, &(0x7f0000004940)=@framed, &(0x7f0000004980)='GPL\x00', 0x5, 0xa8, &(0x7f00000049c0)=""/168, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000004a80), 0x8, 0x10, 0x0}, 0x78) 22:28:08 executing program 3: r0 = socket$kcm(0x2, 0xa, 0x2) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuset.memory_pressure\x00', 0x0, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000000)={'vlan0\x00', @broadcast}) 22:28:08 executing program 4: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x2, [@func_proto={0x0, 0x2, 0x0, 0xd, 0x0, [{}, {}]}]}}, &(0x7f0000000280)=""/187, 0x36, 0xbb, 0x1}, 0x20) 22:28:08 executing program 5: socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000001e80)) syzkaller login: [ 53.892743][ T8487] IPVS: ftp: loaded support on port[0] = 21 [ 54.018279][ T8489] IPVS: ftp: loaded support on port[0] = 21 [ 54.137042][ T8487] chnl_net:caif_netlink_parms(): no params data found [ 54.300972][ T8487] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.305213][ T8491] IPVS: ftp: loaded support on port[0] = 21 [ 54.314244][ T8487] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.328618][ T8487] device bridge_slave_0 entered promiscuous mode [ 54.371387][ T8487] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.378987][ T8487] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.389379][ T8487] device bridge_slave_1 entered promiscuous mode [ 54.415336][ T8489] chnl_net:caif_netlink_parms(): no params data found [ 54.452817][ T8487] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.520564][ T8487] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.550144][ T8493] IPVS: ftp: loaded support on port[0] = 21 [ 54.601392][ T8487] team0: Port device team_slave_0 added [ 54.612686][ T8487] team0: Port device team_slave_1 added [ 54.659313][ T8489] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.667371][ T8489] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.675201][ T8489] device bridge_slave_0 entered promiscuous mode [ 54.726401][ T8487] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.733574][ T8487] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.772989][ T8487] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.791470][ T8487] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.799218][ T8487] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.827005][ T8487] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.855081][ T8489] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.862754][ T8489] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.871663][ T8489] device bridge_slave_1 entered promiscuous mode [ 54.989809][ T8497] IPVS: ftp: loaded support on port[0] = 21 [ 54.992796][ T8495] IPVS: ftp: loaded support on port[0] = 21 [ 55.049443][ T8489] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.061454][ T8489] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.084703][ T8487] device hsr_slave_0 entered promiscuous mode [ 55.092111][ T8487] device hsr_slave_1 entered promiscuous mode [ 55.128460][ T8491] chnl_net:caif_netlink_parms(): no params data found [ 55.160756][ T8489] team0: Port device team_slave_0 added [ 55.181812][ T8489] team0: Port device team_slave_1 added [ 55.326009][ T8489] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.333283][ T8489] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.362457][ T8489] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.379371][ T8489] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.388472][ T8489] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.416910][ T8489] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.542176][ T8493] chnl_net:caif_netlink_parms(): no params data found [ 55.575011][ T8489] device hsr_slave_0 entered promiscuous mode [ 55.583642][ T8489] device hsr_slave_1 entered promiscuous mode [ 55.590844][ T8489] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 55.598864][ T8489] Cannot create hsr debugfs directory [ 55.604529][ T8491] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.612942][ T8491] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.621815][ T8491] device bridge_slave_0 entered promiscuous mode [ 55.638811][ T8491] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.646828][ T8491] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.654592][ T8491] device bridge_slave_1 entered promiscuous mode [ 55.788019][ T8491] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.800207][ T8491] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.866845][ T3074] Bluetooth: hci0: command 0x0409 tx timeout [ 55.940719][ T8493] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.952345][ T8493] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.961992][ T8493] device bridge_slave_0 entered promiscuous mode [ 55.974784][ T8487] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 55.990141][ T8491] team0: Port device team_slave_0 added [ 55.999659][ T8491] team0: Port device team_slave_1 added [ 56.019484][ T8493] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.026934][ T8493] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.034695][ T8493] device bridge_slave_1 entered promiscuous mode [ 56.041911][ T3074] Bluetooth: hci1: command 0x0409 tx timeout [ 56.054973][ T8487] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 56.098490][ T8497] chnl_net:caif_netlink_parms(): no params data found [ 56.152914][ T8487] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 56.165413][ T8493] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.177519][ T8493] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.191665][ T8491] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.199838][ T8491] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.226955][ T8491] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.243161][ T8491] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.250804][ T8491] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.278167][ T3074] Bluetooth: hci2: command 0x0409 tx timeout [ 56.281712][ T8491] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.315774][ T8487] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 56.353777][ T8493] team0: Port device team_slave_0 added [ 56.396478][ T8493] team0: Port device team_slave_1 added [ 56.426934][ T8491] device hsr_slave_0 entered promiscuous mode [ 56.433709][ T8491] device hsr_slave_1 entered promiscuous mode [ 56.440776][ T8491] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 56.449741][ T8491] Cannot create hsr debugfs directory [ 56.462608][ T8495] chnl_net:caif_netlink_parms(): no params data found [ 56.497473][ T8493] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.504540][ T8493] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.532410][ T5] Bluetooth: hci3: command 0x0409 tx timeout [ 56.538896][ T8493] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.580643][ T8493] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.588082][ T8493] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.617011][ T8493] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.653346][ T8497] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.660821][ T8497] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.670645][ T8497] device bridge_slave_0 entered promiscuous mode [ 56.683284][ T8497] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.693776][ T8497] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.702984][ T8497] device bridge_slave_1 entered promiscuous mode [ 56.726000][ T8497] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.743085][ T8497] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.752352][ T34] Bluetooth: hci4: command 0x0409 tx timeout [ 56.813605][ T8497] team0: Port device team_slave_0 added [ 56.825298][ T8497] team0: Port device team_slave_1 added [ 56.842183][ T8495] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.850556][ T8495] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.859152][ T8495] device bridge_slave_0 entered promiscuous mode [ 56.875055][ T8489] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 56.900834][ T8489] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 56.908777][ T34] Bluetooth: hci5: command 0x0409 tx timeout [ 56.922169][ T8495] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.930273][ T8495] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.938998][ T8495] device bridge_slave_1 entered promiscuous mode [ 56.956607][ T8493] device hsr_slave_0 entered promiscuous mode [ 56.963611][ T8493] device hsr_slave_1 entered promiscuous mode [ 56.971476][ T8493] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 56.980307][ T8493] Cannot create hsr debugfs directory [ 56.993083][ T8489] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 57.008616][ T8489] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 57.028845][ T8497] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.035977][ T8497] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.063160][ T8497] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.081943][ T8497] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.091765][ T8497] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.119216][ T8497] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.184177][ T8495] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.198250][ T8495] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.246996][ T8497] device hsr_slave_0 entered promiscuous mode [ 57.254017][ T8497] device hsr_slave_1 entered promiscuous mode [ 57.262851][ T8497] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.271612][ T8497] Cannot create hsr debugfs directory [ 57.289617][ T8495] team0: Port device team_slave_0 added [ 57.330452][ T8495] team0: Port device team_slave_1 added [ 57.369342][ T8487] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.434638][ T8487] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.443255][ T8495] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.451656][ T8495] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.480521][ T8495] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.502286][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.512430][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.523161][ T8495] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.531694][ T8495] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.558902][ T8495] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.631893][ T8495] device hsr_slave_0 entered promiscuous mode [ 57.640542][ T8495] device hsr_slave_1 entered promiscuous mode [ 57.648417][ T8495] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.656583][ T8495] Cannot create hsr debugfs directory [ 57.662197][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.675609][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.684123][ T2996] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.691389][ T2996] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.734861][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.755050][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.764268][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.780416][ T2996] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.787858][ T2996] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.800849][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 57.839972][ T8491] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 57.858719][ T8489] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.900528][ T8491] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 57.928004][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 57.937093][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 57.946976][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 57.947575][ T3074] Bluetooth: hci0: command 0x041b tx timeout [ 57.955993][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 57.970094][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 57.978723][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 57.989393][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.998680][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 58.007702][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.024180][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 58.036533][ T8491] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 58.052947][ T8487] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 58.091538][ T8491] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 58.100799][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 58.116310][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.132940][ T9333] Bluetooth: hci1: command 0x041b tx timeout [ 58.154696][ T8489] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.166529][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 58.174086][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 58.210398][ T8493] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 58.225098][ T8487] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.259414][ T8493] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 58.271167][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 58.280983][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.289891][ T3074] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.297222][ T3074] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.304772][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 58.314767][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.323791][ T3074] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.330950][ T3074] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.339160][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 58.349704][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.376678][ T8493] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 58.378430][ T3074] Bluetooth: hci2: command 0x041b tx timeout [ 58.408099][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 58.418168][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 58.428924][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 58.439632][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 58.449341][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 58.468702][ T8493] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 58.485535][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 58.493630][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 58.502852][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.512989][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 58.523165][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 58.544401][ T8489] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 58.557945][ T8489] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 58.581544][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 58.590869][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.595887][ T9333] Bluetooth: hci3: command 0x041b tx timeout [ 58.634348][ T8487] device veth0_vlan entered promiscuous mode [ 58.658754][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 58.672862][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 58.683019][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 58.692512][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 58.712148][ T8487] device veth1_vlan entered promiscuous mode [ 58.719559][ T8497] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 58.731841][ T8497] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 58.767968][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 58.777466][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 58.786959][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 58.794828][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 58.803186][ T8497] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 58.813743][ T8497] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 58.837294][ T9333] Bluetooth: hci4: command 0x041b tx timeout [ 58.844212][ T8489] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.857705][ T8491] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.900919][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 58.909468][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.931075][ T8487] device veth0_macvtap entered promiscuous mode [ 58.941203][ T8491] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.963923][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 58.974036][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 58.984270][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 58.997530][ T8487] device veth1_macvtap entered promiscuous mode [ 59.015400][ T9333] Bluetooth: hci5: command 0x041b tx timeout [ 59.022423][ T8493] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.041894][ T8495] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 59.053895][ T8495] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 59.070295][ T8495] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 59.081598][ T8495] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 59.094743][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 59.106965][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 59.116143][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 59.125015][ T2997] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.132305][ T2997] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.140399][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 59.150264][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 59.159280][ T2997] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.166688][ T2997] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.201964][ T8487] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.216538][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 59.224632][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 59.234780][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 59.244343][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 59.254088][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 59.263461][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 59.303143][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 59.312495][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 59.322526][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 59.332537][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.340859][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.349670][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 59.358637][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 59.367418][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 59.376920][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 59.402964][ T8487] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.414097][ T8489] device veth0_vlan entered promiscuous mode [ 59.426067][ T8493] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.433008][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 59.443682][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 59.452515][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 59.460647][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 59.470046][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 59.488176][ T8497] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.499921][ T8487] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.510189][ T8487] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.520198][ T8487] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.530264][ T8487] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.581504][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 59.590145][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 59.600389][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 59.610257][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 59.619412][ T2996] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.626572][ T2996] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.637919][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 59.651641][ T8489] device veth1_vlan entered promiscuous mode [ 59.690318][ T8491] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 59.702263][ T8491] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 59.711961][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 59.724516][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 59.733569][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 59.743463][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 59.752809][ T2996] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.760689][ T2996] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.768984][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 59.779074][ T3074] ================================================================================ [ 59.789337][ T3074] UBSAN: object-size-mismatch in ./include/linux/skbuff.h:2021:28 [ 59.797650][ T3074] member access within address 000000001ec7e3c2 with insufficient space [ 59.806486][ T3074] for an object of type 'struct sk_buff' [ 59.812134][ T3074] CPU: 1 PID: 3074 Comm: kworker/1:2 Not tainted 5.10.0-syzkaller #0 [ 59.820197][ T3074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.831033][ T3074] Workqueue: ipv6_addrconf addrconf_dad_work [ 59.837028][ T3074] Call Trace: [ 59.840878][ T3074] dump_stack+0x137/0x1be [ 59.845241][ T3074] ? wake_up_klogd+0xb2/0xf0 [ 59.850070][ T3074] ubsan_type_mismatch_common+0x1e2/0x390 [ 59.855899][ T3074] __ubsan_handle_type_mismatch_v1+0x41/0x50 [ 59.861987][ T3074] wg_xmit+0x45d/0xdf0 [ 59.866292][ T3074] netdev_start_xmit+0x7b/0x140 [ 59.871130][ T3074] dev_hard_start_xmit+0x182/0x2e0 [ 59.876336][ T3074] __dev_queue_xmit+0x1229/0x1e60 [ 59.881370][ T3074] ip6_finish_output2+0xe8d/0x11e0 [ 59.886494][ T3074] ? __ip6_finish_output+0x26b/0x390 [ 59.891776][ T3074] ndisc_send_skb+0x85b/0xc70 [ 59.896501][ T3074] addrconf_dad_completed+0x5ef/0x990 [ 59.901980][ T3074] addrconf_dad_work+0xb92/0x1480 [ 59.906995][ T3074] ? rcu_read_lock_sched_held+0x62/0x100 [ 59.912719][ T3074] process_one_work+0x471/0x830 [ 59.917866][ T3074] worker_thread+0x757/0xb10 [ 59.922569][ T3074] ? __kthread_parkme+0x148/0x190 [ 59.927712][ T3074] ? pr_cont_work+0x100/0x100 [ 59.932509][ T3074] kthread+0x39a/0x3c0 [ 59.936612][ T3074] ? pr_cont_work+0x100/0x100 [ 59.941402][ T3074] ? __list_add+0xc0/0xc0 [ 59.945767][ T3074] ret_from_fork+0x1f/0x30 [ 59.950427][ T3074] ================================================================================ [ 59.959770][ T3074] Kernel panic - not syncing: panic_on_warn set ... [ 59.966463][ T3074] CPU: 1 PID: 3074 Comm: kworker/1:2 Not tainted 5.10.0-syzkaller #0 [ 59.974546][ T3074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.984897][ T3074] Workqueue: ipv6_addrconf addrconf_dad_work [ 59.990947][ T3074] Call Trace: [ 59.994262][ T3074] dump_stack+0x137/0x1be [ 59.998697][ T3074] ? panic+0x226/0x830 [ 60.002793][ T3074] panic+0x2e3/0x830 [ 60.006717][ T3074] ? ubsan_type_mismatch_common+0x206/0x390 [ 60.012881][ T3074] ubsan_type_mismatch_common+0x388/0x390 [ 60.018618][ T3074] __ubsan_handle_type_mismatch_v1+0x41/0x50 [ 60.024589][ T3074] wg_xmit+0x45d/0xdf0 [ 60.028778][ T3074] netdev_start_xmit+0x7b/0x140 [ 60.033726][ T3074] dev_hard_start_xmit+0x182/0x2e0 [ 60.038840][ T3074] __dev_queue_xmit+0x1229/0x1e60 [ 60.044624][ T3074] ip6_finish_output2+0xe8d/0x11e0 [ 60.049775][ T3074] ? __ip6_finish_output+0x26b/0x390 [ 60.055157][ T3074] ndisc_send_skb+0x85b/0xc70 [ 60.060068][ T3074] addrconf_dad_completed+0x5ef/0x990 [ 60.065734][ T3074] addrconf_dad_work+0xb92/0x1480 [ 60.071124][ T3074] ? rcu_read_lock_sched_held+0x62/0x100 [ 60.076821][ T3074] process_one_work+0x471/0x830 [ 60.081674][ T3074] worker_thread+0x757/0xb10 [ 60.086438][ T3074] ? __kthread_parkme+0x148/0x190 [ 60.091450][ T3074] ? pr_cont_work+0x100/0x100 [ 60.096130][ T3074] kthread+0x39a/0x3c0 [ 60.100306][ T3074] ? pr_cont_work+0x100/0x100 [ 60.105153][ T3074] ? __list_add+0xc0/0xc0 [ 60.109613][ T3074] ret_from_fork+0x1f/0x30 [ 60.115213][ T3074] Kernel Offset: disabled [ 60.119675][ T3074] Rebooting in 86400 seconds..