DUID 00:04:6d:ca:d3:d4:76:e5:48:e7:d9:66:92:48:7e:5c:97:0d forked to background, child pid 3171 [ 11.871223][ T3172] 8021q: adding VLAN 0 to HW filter on device bond0 [ 11.875447][ T3172] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller syzkaller login: [ 69.876169][ T140] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.0.22' (ECDSA) to the list of known hosts. 2022/04/21 06:51:51 parsed 1 programs [ 1235.570066][ T3670] cgroup: Unknown subsys name 'net' [ 1235.697778][ T3670] cgroup: Unknown subsys name 'rlimit' 2022/04/21 06:51:58 executed programs: 0 [ 1242.795548][ T3670] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 1243.876439][ T3679] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1243.883462][ T3679] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1243.890479][ T3679] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1243.897535][ T3679] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1243.904516][ T3679] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1243.911549][ T3679] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1243.939659][ T3677] chnl_net:caif_netlink_parms(): no params data found [ 1243.956437][ T3677] bridge0: port 1(bridge_slave_0) entered blocking state [ 1243.963491][ T3677] bridge0: port 1(bridge_slave_0) entered disabled state [ 1243.971176][ T3677] device bridge_slave_0 entered promiscuous mode [ 1243.978134][ T3677] bridge0: port 2(bridge_slave_1) entered blocking state [ 1243.985166][ T3677] bridge0: port 2(bridge_slave_1) entered disabled state [ 1243.992590][ T3677] device bridge_slave_1 entered promiscuous mode [ 1244.002862][ T3677] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1244.012500][ T3677] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1244.025137][ T3677] team0: Port device team_slave_0 added [ 1244.031412][ T3677] team0: Port device team_slave_1 added [ 1244.040341][ T3677] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1244.047400][ T3677] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1244.073932][ T3677] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1244.084950][ T3677] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1244.091982][ T3677] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1244.118138][ T3677] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1244.133728][ T3677] device hsr_slave_0 entered promiscuous mode [ 1244.140068][ T3677] device hsr_slave_1 entered promiscuous mode [ 1244.164967][ T3677] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1244.172435][ T3677] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1244.180113][ T3677] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1244.187677][ T3677] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1244.198318][ T3677] bridge0: port 2(bridge_slave_1) entered blocking state [ 1244.205359][ T3677] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1244.212574][ T3677] bridge0: port 1(bridge_slave_0) entered blocking state [ 1244.219649][ T3677] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1244.238374][ T3677] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1244.246949][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1244.254608][ T140] bridge0: port 1(bridge_slave_0) entered disabled state [ 1244.262347][ T140] bridge0: port 2(bridge_slave_1) entered disabled state [ 1244.269926][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 1244.278984][ T3677] 8021q: adding VLAN 0 to HW filter on device team0 [ 1244.287116][ T143] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1244.295288][ T143] bridge0: port 1(bridge_slave_0) entered blocking state [ 1244.302439][ T143] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1244.316491][ T3677] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1244.327094][ T3677] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1244.338700][ T143] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1244.347009][ T143] bridge0: port 2(bridge_slave_1) entered blocking state [ 1244.354029][ T143] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1244.361795][ T143] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1244.369992][ T143] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1244.378257][ T143] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1244.386388][ T143] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1244.394557][ T143] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1244.402073][ T143] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1244.413600][ T3677] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1244.420790][ T143] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1244.428182][ T143] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1244.461908][ T3677] device veth0_vlan entered promiscuous mode [ 1244.468468][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1244.477144][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1244.484999][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1244.492574][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1244.501531][ T3677] device veth1_vlan entered promiscuous mode [ 1244.511107][ T143] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1244.518861][ T143] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1244.526584][ T143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1244.535258][ T3677] device veth0_macvtap entered promiscuous mode [ 1244.542624][ T3677] device veth1_macvtap entered promiscuous mode [ 1244.552119][ T3677] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1244.559442][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1244.568028][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1244.576956][ T3677] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1244.584827][ T3677] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1244.593658][ T3677] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1244.602447][ T3677] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1244.611851][ T3677] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1244.621192][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1244.639337][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1244.647252][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1244.652675][ T3694] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1244.654940][ T143] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1244.663364][ T3694] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1244.677524][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1244.955442][ T143] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 1245.316195][ T143] usb 1-1: config index 0 descriptor too short (expected 1851, got 59) [ 1245.324458][ T143] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 1245.415446][ T143] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1245.424523][ T143] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1245.432917][ T143] usb 1-1: SerialNumber: syz [ 1245.955468][ T3686] Bluetooth: hci0: command 0x0409 tx timeout [ 1246.336437][ T143] cdc_ether 1-1:1.0 wwan0: register 'cdc_ether' at usb-dummy_hcd.0-1, Mobile Broadband Network Device, 42:42:42:42:42:42 [ 1246.955647][ T143] usb 1-1: USB disconnect, device number 2 [ 1258.557307][ T143] cdc_ether 1-1:1.0 wwan0: unregister 'cdc_ether' usb-dummy_hcd.0-1, Mobile Broadband Network Device [ 1258.617383][ T3686] Bluetooth: hci0: command 0x041b tx timeout [ 1260.675338][ T3686] Bluetooth: hci0: command 0x040f tx timeout [ 1262.755336][ T3687] Bluetooth: hci0: command 0x0419 tx timeout 2022/04/21 06:52:19 executed programs: 1 [ 1264.385332][ T143] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 1264.745386][ T143] usb 1-1: config index 0 descriptor too short (expected 1851, got 59) [ 1264.753751][ T143] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 1264.855392][ T143] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1264.864441][ T143] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1264.872566][ T143] usb 1-1: SerialNumber: syz [ 1265.778329][ T143] cdc_ether 1-1:1.0 wwan0: register 'cdc_ether' at usb-dummy_hcd.0-1, Mobile Broadband Network Device, 42:42:42:42:42:42 [ 1266.384126][ T3671] usb 1-1: USB disconnect, device number 3 [ 1276.382038][ C0] ------------[ cut here ]------------ [ 1276.387550][ C0] NETDEV WATCHDOG: wwan0 (cdc_ether): transmit queue 0 timed out [ 1276.395607][ C0] WARNING: CPU: 0 PID: 0 at net/sched/sch_generic.c:529 dev_watchdog+0x398/0x3a0 [ 1276.404754][ C0] Modules linked in: [ 1276.408665][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.18.0-rc3-syzkaller-00016-gb253435746d9 #0 [ 1276.418401][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1276.428481][ C0] RIP: 0010:dev_watchdog+0x398/0x3a0 [ 1276.433781][ C0] Code: 11 aa fd 48 8b 1c 24 c6 05 76 00 5f 02 01 48 89 df e8 3c 50 f5 ff 89 e9 48 89 de 48 c7 c7 f8 7c 78 85 48 89 c2 e8 31 77 a7 00 <0f> 0b e9 c2 fe ff ff 90 41 56 49 89 f6 41 55 41 54 55 48 89 fd 53 [ 1276.453401][ C0] RSP: 0018:ffffc90000003e60 EFLAGS: 00010286 [ 1276.455203][ T3671] cdc_ether 1-1:1.0 wwan0: unregister 'cdc_ether' usb-dummy_hcd.0-1, Mobile Broadband Network Device [ 1276.459473][ C0] RAX: 0000000000000000 RBX: ffff888112b09000 RCX: 0000000000000100 2022/04/21 06:52:32 executed programs: 2 [ 1276.478379][ C0] RDX: ffffffff85a2f940 RSI: ffffffff812c2b48 RDI: 0000000000000003 [ 1276.486376][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001 [ 1276.494952][ C0] R10: ffffffff812bf5f9 R11: 0000000000000000 R12: 0000000000000001 [ 1276.502927][ C0] R13: ffff888112b09488 R14: ffff8881126b0000 R15: ffff888112b093dc [ 1276.510905][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000 [ 1276.519834][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1276.526415][ C0] CR2: 00007fca2ba6aa70 CR3: 0000000005a29000 CR4: 00000000003506f0 [ 1276.534367][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1276.542364][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1276.550336][ C0] Call Trace: [ 1276.553609][ C0] [ 1276.556445][ C0] ? pfifo_fast_init+0x170/0x170 [ 1276.561383][ C0] call_timer_fn+0x38/0x200 [ 1276.565971][ C0] ? pfifo_fast_init+0x170/0x170 [ 1276.570901][ C0] __run_timers.part.0+0x316/0x430 [ 1276.576008][ C0] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1276.582245][ C0] ? clockevents_program_event+0x9f/0x1c0 [ 1276.587964][ C0] run_timer_softirq+0x44/0x90 [ 1276.592730][ C0] __do_softirq+0xe6/0x2ea [ 1276.597153][ C0] irq_exit_rcu+0xc0/0x110 [ 1276.601564][ C0] sysvec_apic_timer_interrupt+0xa2/0xd0 [ 1276.607189][ C0] [ 1276.610112][ C0] [ 1276.613023][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1276.619003][ C0] RIP: 0010:acpi_idle_do_entry+0xc0/0xd0 [ 1276.624638][ C0] Code: eb 03 83 e3 01 89 de e8 fe d0 e2 fc 84 db 75 c0 e8 25 cb e2 fc eb 0c e8 1e cb e2 fc 0f 00 2d df 73 70 00 e8 12 cb e2 fc fb f4 eb a3 cc cc cc cc cc cc cc cc cc cc cc cc cc 41 57 49 89 f7 41 [ 1276.644239][ C0] RSP: 0018:ffffffff85a03dd8 EFLAGS: 00000293 [ 1276.650303][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 1276.658265][ C0] RDX: ffffffff85a2f940 RSI: ffffffff8453708e RDI: 0000000000000003 [ 1276.666234][ C0] RBP: ffff888101c48464 R08: 0000000000000000 R09: 0000000000000000 [ 1276.674184][ C0] R10: ffffffff84537072 R11: 0000000000000000 R12: 0000000000000001 [ 1276.682149][ C0] R13: ffff888101c48400 R14: ffff888101c48464 R15: 0000000000000000 [ 1276.690122][ C0] ? acpi_idle_do_entry+0xa2/0xd0 [ 1276.696195][ C0] ? acpi_idle_do_entry+0xbe/0xd0 [ 1276.701217][ C0] ? acpi_idle_do_entry+0xbe/0xd0 [ 1276.706236][ C0] acpi_idle_enter+0x14d/0x220 [ 1276.711027][ C0] cpuidle_enter_state+0xc9/0x650 [ 1276.716048][ C0] cpuidle_enter+0x29/0x40 [ 1276.720459][ C0] do_idle+0x1b5/0x220 [ 1276.724508][ C0] ? trace_init_perf_perm_irq_work_exit+0xe/0xe [ 1276.730748][ C0] cpu_startup_entry+0x14/0x20 [ 1276.735526][ C0] start_kernel+0x8e1/0x908 [ 1276.740031][ C0] secondary_startup_64_no_verify+0xc3/0xcb [ 1276.745937][ C0] [ 1276.749053][ C0] ---[ end trace 0000000000000000 ]--- [ 1277.175594][ T3671] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 1277.535382][ T3671] usb 1-1: config index 0 descriptor too short (expected 1851, got 59) [ 1277.543772][ T3671] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 1277.635423][ T3671] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1277.644745][ T3671] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1277.652731][ T3671] usb 1-1: SerialNumber: syz [ 1278.558215][ T3671] cdc_ether 1-1:1.0 wwan0: register 'cdc_ether' at usb-dummy_hcd.0-1, Mobile Broadband Network Device, 42:42:42:42:42:42 [ 1279.156257][ T3686] usb 1-1: USB disconnect, device number 4 [ 1286.778040][ T4089] kmemleak: 43 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 1289.728334][ T4089] kmemleak: 84 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff88810ca82940 (size 768): comm "dhcpcd", pid 3172, jiffies 4295059348 (age 68.970s) hex dump (first 32 bytes): 03 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [] sock_alloc_inode+0x23/0xa0 [] alloc_inode+0x29/0x110 [] new_inode_pseudo+0x13/0x70 [] sock_alloc+0x18/0x90 [] __sock_create+0xb8/0x2b0 [] __sys_socketpair+0x115/0x370 [] __x64_sys_socketpair+0x1e/0x30 [] do_syscall_64+0x35/0xb0 [] entry_SYSCALL_64_after_hwframe+0x44/0xae BUG: memory leak unreferenced object 0xffff88810a1cfa60 (size 32): comm "dhcpcd", pid 3172, jiffies 4295059348 (age 68.970s) hex dump (first 32 bytes): f8 2a a8 0c 81 88 ff ff 50 62 1c 82 ff ff ff ff .*......Pb...... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [] security_inode_alloc+0x2a/0xb0 [] inode_init_always+0x114/0x230 [] alloc_inode+0x46/0x110 [] new_inode_pseudo+0x13/0x70 [] sock_alloc+0x18/0x90 [] __sock_create+0xb8/0x2b0 [] __sys_socketpair+0x115/0x370 [] __x64_sys_socketpair+0x1e/0x30 [] do_syscall_64+0x35/0xb0 [] entry_SYSCALL_64_after_hwframe+0x44/0xae BUG: memory leak unreferenced object 0xffff888104586100 (size 256): comm "dhcpcd", pid 3172, jiffies 4295059348 (age 68.970s) hex dump (first 32 bytes): 70 46 7a 15 81 88 ff ff d0 f6 5b 81 ff ff ff ff pFz.......[..... a0 21 f0 40 81 88 ff ff 40 98 a6 0c 81 88 ff ff .!.@....@....... backtrace: [] __alloc_file+0x1f/0xf0 [] alloc_empty_file+0x69/0x120 [] alloc_file+0x33/0x1b0 [] alloc_file_pseudo+0xb2/0x140 [] sock_alloc_file+0x4b/0xf0 [] __sys_socketpair+0x1c6/0x370 [] __x64_sys_socketpair+0x1e/0x30 [] do_syscall_64+0x35/0xb0 [] entry_SYSCALL_64_after_hwframe+0x44/0xae BUG: memory leak unreferenced object 0xffff88810cb16a90 (size 1192): comm "syz-executor.0", pid 3677, jiffies 4295064915 (age 13.300s) hex dump (first 32 bytes): 0a f3 00 00 04 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [] ext4_alloc_inode+0x23/0x1b0 [] alloc_inode+0x29/0x110 [] new_inode+0x23/0x100 [] __ext4_new_inode+0x127/0x25c0 [] ext4_mkdir+0x1ef/0x540 [] vfs_mkdir+0xcd/0x1a0 [] do_mkdirat+0x19e/0x1d0 [] __x64_sys_mkdirat+0x6b/0x90 [] do_syscall_64+0x35/0xb0 [] entry_SYSCALL_64_after_hwframe+0x44/0xae BUG: memory leak unreferenced object 0xffff88811274cec0 (size 32): comm "syz-executor.0", pid 3677, jiffies 4295064915 (age 13.300s) hex dump (first 32 bytes): f0 6c b1 0c 81 88 ff ff 50 62 1c 82 ff ff ff ff .l......Pb...... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [] security_inode_alloc+0x2a/0xb0 [] inode_init_always+0x114/0x230 [] alloc_inode+0x46/0x110 [] new_inode+0x23/0x100 [] __ext4_new_inode+0x127/0x25c0 [] ext4_mkdir+0x1ef/0x540 [] vfs_mkdir+0xcd/0x1a0 [] do_mkdirat+0x19e/0x1d0 [] __x64_sys_mkdirat+0x6b/0x90 [] do_syscall_64+0x35/0xb0 [] entry_SYSCALL_64_after_hwframe+0x44/0xae