DUID 00:04:63:3c:db:c8:83:d4:2a:b1:e5:3f:fc:31:79:55:3b:bc
forked to background, child pid 3184
[   26.788587][ T3185] 8021q: adding VLAN 0 to HW filter on device bond0
[   26.800212][ T3185] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.1.115' (ECDSA) to the list of known hosts.
2022/08/03 01:24:58 fuzzer started
2022/08/03 01:24:58 connecting to host at 10.128.0.169:39675
2022/08/03 01:24:58 checking machine...
2022/08/03 01:24:58 checking revisions...
2022/08/03 01:24:58 testing simple program...
syzkaller login: [   42.411441][ T3606] cgroup: Unknown subsys name 'net'
[   42.533923][ T3606] cgroup: Unknown subsys name 'rlimit'
[   43.820914][ T3610] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   43.829371][ T3610] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   43.837625][ T3610] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   43.845490][ T3610] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   43.853781][ T3610] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   43.861485][ T3610] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   43.948110][ T3608] chnl_net:caif_netlink_parms(): no params data found
[   43.989905][ T3608] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.997129][ T3608] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.005198][ T3608] device bridge_slave_0 entered promiscuous mode
[   44.015377][ T3608] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.023057][ T3608] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.031240][ T3608] device bridge_slave_1 entered promiscuous mode
[   44.051783][ T3608] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   44.062829][ T3608] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   44.084549][ T3608] team0: Port device team_slave_0 added
[   44.092580][ T3608] team0: Port device team_slave_1 added
[   44.110140][ T3608] batman_adv: batadv0: Adding interface: batadv_slave_0
[   44.117494][ T3608] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   44.143478][ T3608] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   44.157324][ T3608] batman_adv: batadv0: Adding interface: batadv_slave_1
[   44.164280][ T3608] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   44.190202][ T3608] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   44.216904][ T3608] device hsr_slave_0 entered promiscuous mode
[   44.223564][ T3608] device hsr_slave_1 entered promiscuous mode
[   44.302288][ T3608] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   44.312927][ T3608] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   44.321874][ T3608] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   44.331201][ T3608] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   44.352326][ T3608] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.359671][ T3608] bridge0: port 2(bridge_slave_1) entered forwarding state
[   44.368066][ T3608] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.375164][ T3608] bridge0: port 1(bridge_slave_0) entered forwarding state
[   44.421482][ T3608] 8021q: adding VLAN 0 to HW filter on device bond0
[   44.433751][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   44.443989][   T14] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.453020][   T14] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.461475][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   44.474574][ T3608] 8021q: adding VLAN 0 to HW filter on device team0
[   44.484982][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   44.493978][   T14] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.501083][   T14] bridge0: port 1(bridge_slave_0) entered forwarding state
[   44.519453][  T921] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   44.528323][  T921] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.535379][  T921] bridge0: port 2(bridge_slave_1) entered forwarding state
[   44.553559][ T3608] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   44.566201][ T3608] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   44.581248][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   44.590940][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   44.599869][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   44.609087][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   44.630512][ T3608] 8021q: adding VLAN 0 to HW filter on device batadv0
[   44.638089][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   44.645542][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   44.653660][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   44.662208][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   44.768452][  T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   44.787049][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   44.795426][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   44.803868][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   44.815128][ T3608] device veth0_vlan entered promiscuous mode
[   44.825678][ T3608] device veth1_vlan entered promiscuous mode
[   44.845088][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   44.853241][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   44.861876][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   44.873156][ T3608] device veth0_macvtap entered promiscuous mode
[   44.882541][ T3608] device veth1_macvtap entered promiscuous mode
[   44.897603][ T3608] batman_adv: batadv0: Interface activated: batadv_slave_0
[   44.905034][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   44.915735][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   44.928947][ T3608] batman_adv: batadv0: Interface activated: batadv_slave_1
[   44.939491][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   44.950754][ T3608] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   44.959876][ T3608] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   44.968801][ T3608] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   44.977705][ T3608] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   45.042603][   T91] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   45.055041][   T91] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   45.071686][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   45.082895][   T91] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   45.092862][   T91] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   45.103485][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
2022/08/03 01:25:01 building call list...
executing program
[   45.305644][ T3608] ------------[ cut here ]------------
[   45.311337][ T3608] ODEBUG: assert_init not available (active state 0) object type: timer_list hint: 0x0
[   45.321438][ T3608] WARNING: CPU: 1 PID: 3608 at lib/debugobjects.c:509 debug_print_object+0x16e/0x250
[   45.330962][ T3608] Modules linked in:
[   45.334872][ T3608] CPU: 1 PID: 3608 Comm: syz-executor.0 Not tainted 5.19.0-next-20220802-syzkaller #0
[   45.344708][ T3608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[   45.354787][ T3608] RIP: 0010:debug_print_object+0x16e/0x250
[   45.360631][ T3608] Code: ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 af 00 00 00 48 8b 14 dd 60 01 49 8a 4c 89 ee 48 c7 c7 00 f5 48 8a e8 63 95 38 05 <0f> 0b 83 05 65 62 dd 09 01 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e c3
[   45.380444][ T3608] RSP: 0018:ffffc9000411f6e8 EFLAGS: 00010082
[   45.386540][ T3608] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000000000
[   45.394547][ T3608] RDX: ffff88802552bb00 RSI: ffffffff8161ee98 RDI: fffff52000823ecf
[   45.402552][ T3608] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000
[   45.410554][ T3608] R10: 0000000080000000 R11: 0000000000000000 R12: ffffffff89eeff60
[   45.418550][ T3608] R13: ffffffff8a48fbc0 R14: ffffffff816b2060 R15: 1ffff92000823ee8
[   45.426884][ T3608] FS:  0000000000000000(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000
[   45.435924][ T3608] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   45.442524][ T3608] CR2: 000000c000693000 CR3: 00000000716c9000 CR4: 00000000003506e0
[   45.450523][ T3608] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   45.458518][ T3608] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   45.466631][ T3608] Call Trace:
[   45.470013][ T3608]  <TASK>
[   45.472954][ T3608]  ? do_raw_spin_unlock+0x171/0x230
[   45.478179][ T3608]  debug_object_assert_init+0x1f4/0x2e0
[   45.483754][ T3608]  ? debug_object_init_on_stack+0x20/0x20
[   45.489593][ T3608]  ? mark_held_locks+0x9f/0xe0
[   45.494468][ T3608]  ? kasan_quarantine_put+0xf5/0x210
[   45.499791][ T3608]  ? kasan_quarantine_put+0xf5/0x210
[   45.505133][ T3608]  del_timer+0x6d/0x110
[   45.509332][ T3608]  ? detach_if_pending+0x480/0x480
[   45.514478][ T3608]  ? try_to_grab_pending+0xbd/0xd0
[   45.519627][ T3608]  ? lockdep_hardirqs_off+0x90/0xd0
[   45.524872][ T3608]  try_to_grab_pending+0x6d/0xd0
[   45.529848][ T3608]  __cancel_work_timer+0xa6/0x570
[   45.534919][ T3608]  ? cancel_delayed_work+0x20/0x20
[   45.540081][ T3608]  ? mgmt_send_event_skb+0x2fe/0x470
[   45.545419][ T3608]  ? mgmt_send_event+0x13c/0x180
[   45.550383][ T3608]  mgmt_index_removed+0x187/0x2e0
[   45.555445][ T3608]  ? mgmt_index_added+0x290/0x290
[   45.560698][ T3608]  hci_unregister_dev+0x34f/0x4e0
[   45.565762][ T3608]  vhci_release+0x7c/0xf0
[   45.570128][ T3608]  __fput+0x277/0x9d0
[   45.574230][ T3608]  ? vhci_close_dev+0x50/0x50
[   45.578939][ T3608]  task_work_run+0xdd/0x1a0
[   45.583470][ T3608]  do_exit+0xc39/0x2b60
[   45.587659][ T3608]  ? get_signal+0x93b/0x2610
[   45.592361][ T3608]  ? mm_update_next_owner+0x7a0/0x7a0
[   45.597802][ T3608]  do_group_exit+0xd0/0x2a0
[   45.602333][ T3608]  get_signal+0x238c/0x2610
[   45.606889][ T3608]  ? slab_free_freelist_hook+0x8b/0x1c0
[   45.612466][ T3608]  ? exit_signals+0x8b0/0x8b0
[   45.617176][ T3608]  ? kmem_cache_free+0xeb/0x5b0
[   45.622055][ T3608]  ? inode_sub_bytes+0x100/0x100
[   45.627016][ T3608]  arch_do_signal_or_restart+0x82/0x2300
[   45.632697][ T3608]  ? vfs_fstatat+0x97/0xb0
[   45.637161][ T3608]  ? __do_sys_newlstat+0xa7/0x110
[   45.642198][ T3608]  ? get_sigframe_size+0x10/0x10
[   45.647168][ T3608]  ? lock_downgrade+0x6e0/0x6e0
[   45.652039][ T3608]  ? putname+0xfe/0x140
[   45.656405][ T3608]  ? exit_to_user_mode_prepare+0x137/0x250
[   45.662273][ T3608]  exit_to_user_mode_prepare+0x15f/0x250
[   45.668022][ T3608]  syscall_exit_to_user_mode+0x19/0x50
[   45.673542][ T3608]  do_syscall_64+0x42/0xb0
[   45.677978][ T3608]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   45.683900][ T3608] RIP: 0033:0x7fc1846882a6
[   45.688328][ T3608] Code: Unable to access opcode bytes at RIP 0x7fc18468827c.
[   45.695698][ T3608] RSP: 002b:00007ffeb2e88448 EFLAGS: 00000246 ORIG_RAX: 0000000000000006
[   45.704137][ T3608] RAX: fffffffffffffffe RBX: 0000000000000003 RCX: 00007fc1846882a6
[   45.712124][ T3608] RDX: 00007ffeb2e88480 RSI: 00007ffeb2e88480 RDI: 00007ffeb2e88510
[   45.720116][ T3608] RBP: 00007ffeb2e88510 R08: 0000000000000001 R09: 00007ffeb2e882e0
[   45.728202][ T3608] R10: 0000555555b98853 R11: 0000000000000246 R12: 00007fc1846e22a6
[   45.736244][ T3608] R13: 00007ffeb2e895d0 R14: 0000555555b98810 R15: 00007ffeb2e89610
[   45.744355][ T3608]  </TASK>
[   45.747395][ T3608] Kernel panic - not syncing: panic_on_warn set ...
[   45.754112][ T3608] CPU: 1 PID: 3608 Comm: syz-executor.0 Not tainted 5.19.0-next-20220802-syzkaller #0
[   45.763785][ T3608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[   45.773976][ T3608] Call Trace:
[   45.777278][ T3608]  <TASK>
[   45.780219][ T3608]  dump_stack_lvl+0xcd/0x134
[   45.784845][ T3608]  panic+0x2c8/0x627
[   45.788774][ T3608]  ? panic_print_sys_info.part.0+0x10b/0x10b
[   45.794940][ T3608]  ? __warn.cold+0x248/0x2c4
[   45.799562][ T3608]  ? debug_print_object+0x16e/0x250
[   45.804893][ T3608]  __warn.cold+0x259/0x2c4
[   45.809440][ T3608]  ? debug_print_object+0x16e/0x250
[   45.815026][ T3608]  report_bug+0x1bc/0x210
[   45.819393][ T3608]  handle_bug+0x3c/0x60
[   45.823763][ T3608]  exc_invalid_op+0x14/0x40
[   45.828403][ T3608]  asm_exc_invalid_op+0x16/0x20
[   45.833272][ T3608] RIP: 0010:debug_print_object+0x16e/0x250
[   45.839208][ T3608] Code: ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 af 00 00 00 48 8b 14 dd 60 01 49 8a 4c 89 ee 48 c7 c7 00 f5 48 8a e8 63 95 38 05 <0f> 0b 83 05 65 62 dd 09 01 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e c3
[   45.860060][ T3608] RSP: 0018:ffffc9000411f6e8 EFLAGS: 00010082
[   45.866332][ T3608] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000000000
[   45.874323][ T3608] RDX: ffff88802552bb00 RSI: ffffffff8161ee98 RDI: fffff52000823ecf
[   45.882331][ T3608] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000
[   45.890416][ T3608] R10: 0000000080000000 R11: 0000000000000000 R12: ffffffff89eeff60
[   45.898507][ T3608] R13: ffffffff8a48fbc0 R14: ffffffff816b2060 R15: 1ffff92000823ee8
[   45.907027][ T3608]  ? calc_wheel_index+0x3d0/0x3d0
[   45.912085][ T3608]  ? vprintk+0x88/0x90
[   45.916634][ T3608]  ? debug_print_object+0x16e/0x250
[   45.921866][ T3608]  ? do_raw_spin_unlock+0x171/0x230
[   45.927091][ T3608]  debug_object_assert_init+0x1f4/0x2e0
[   45.932755][ T3608]  ? debug_object_init_on_stack+0x20/0x20
[   45.938778][ T3608]  ? mark_held_locks+0x9f/0xe0
[   45.943741][ T3608]  ? kasan_quarantine_put+0xf5/0x210
[   45.949067][ T3608]  ? kasan_quarantine_put+0xf5/0x210
[   45.954548][ T3608]  del_timer+0x6d/0x110
[   45.958735][ T3608]  ? detach_if_pending+0x480/0x480
[   45.964249][ T3608]  ? try_to_grab_pending+0xbd/0xd0
[   45.969397][ T3608]  ? lockdep_hardirqs_off+0x90/0xd0
[   45.974806][ T3608]  try_to_grab_pending+0x6d/0xd0
[   45.979791][ T3608]  __cancel_work_timer+0xa6/0x570
[   45.985022][ T3608]  ? cancel_delayed_work+0x20/0x20
[   45.990180][ T3608]  ? mgmt_send_event_skb+0x2fe/0x470
[   45.995673][ T3608]  ? mgmt_send_event+0x13c/0x180
[   46.000899][ T3608]  mgmt_index_removed+0x187/0x2e0
[   46.005965][ T3608]  ? mgmt_index_added+0x290/0x290
[   46.011663][ T3608]  hci_unregister_dev+0x34f/0x4e0
[   46.016857][ T3608]  vhci_release+0x7c/0xf0
[   46.021407][ T3608]  __fput+0x277/0x9d0
[   46.025605][ T3608]  ? vhci_close_dev+0x50/0x50
[   46.030449][ T3608]  task_work_run+0xdd/0x1a0
[   46.035083][ T3608]  do_exit+0xc39/0x2b60
[   46.039462][ T3608]  ? get_signal+0x93b/0x2610
[   46.044180][ T3608]  ? mm_update_next_owner+0x7a0/0x7a0
[   46.049597][ T3608]  do_group_exit+0xd0/0x2a0
[   46.054130][ T3608]  get_signal+0x238c/0x2610
[   46.058664][ T3608]  ? slab_free_freelist_hook+0x8b/0x1c0
[   46.064243][ T3608]  ? exit_signals+0x8b0/0x8b0
[   46.068961][ T3608]  ? kmem_cache_free+0xeb/0x5b0
[   46.073841][ T3608]  ? inode_sub_bytes+0x100/0x100
[   46.078980][ T3608]  arch_do_signal_or_restart+0x82/0x2300
[   46.084650][ T3608]  ? vfs_fstatat+0x97/0xb0
[   46.089118][ T3608]  ? __do_sys_newlstat+0xa7/0x110
[   46.094252][ T3608]  ? get_sigframe_size+0x10/0x10
[   46.099221][ T3608]  ? lock_downgrade+0x6e0/0x6e0
[   46.104097][ T3608]  ? putname+0xfe/0x140
[   46.108312][ T3608]  ? exit_to_user_mode_prepare+0x137/0x250
[   46.114407][ T3608]  exit_to_user_mode_prepare+0x15f/0x250
[   46.120162][ T3608]  syscall_exit_to_user_mode+0x19/0x50
[   46.125659][ T3608]  do_syscall_64+0x42/0xb0
[   46.130097][ T3608]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   46.136015][ T3608] RIP: 0033:0x7fc1846882a6
[   46.140616][ T3608] Code: Unable to access opcode bytes at RIP 0x7fc18468827c.
[   46.147989][ T3608] RSP: 002b:00007ffeb2e88448 EFLAGS: 00000246 ORIG_RAX: 0000000000000006
[   46.156507][ T3608] RAX: fffffffffffffffe RBX: 0000000000000003 RCX: 00007fc1846882a6
[   46.164497][ T3608] RDX: 00007ffeb2e88480 RSI: 00007ffeb2e88480 RDI: 00007ffeb2e88510
[   46.172504][ T3608] RBP: 00007ffeb2e88510 R08: 0000000000000001 R09: 00007ffeb2e882e0
[   46.180495][ T3608] R10: 0000555555b98853 R11: 0000000000000246 R12: 00007fc1846e22a6
[   46.188658][ T3608] R13: 00007ffeb2e895d0 R14: 0000555555b98810 R15: 00007ffeb2e89610
[   46.196951][ T3608]  </TASK>
[   46.200339][ T3608] Kernel Offset: disabled
[   46.204758][ T3608] Rebooting in 86400 seconds..