DUID 00:04:f2:44:87:71:f8:0d:58:ee:4a:2e:c3:89:cb:7d:08:0c forked to background, child pid 4640 [ 12.390737][ T4641] 8021q: adding VLAN 0 to HW filter on device bond0 [ 12.396732][ T4641] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller syzkaller login: [ 69.882991][ T43] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.0.231' (ECDSA) to the list of known hosts. 2023/03/04 18:21:01 ignoring optional flag "sandboxArg"="0" 2023/03/04 18:21:01 parsed 1 programs [ 435.547545][ T5097] cgroup: Unknown subsys name 'net' [ 435.674273][ T5097] cgroup: Unknown subsys name 'rlimit' 2023/03/04 18:21:08 executed programs: 0 [ 442.789668][ T5096] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5096 'syz-execprog' [ 442.821550][ T5105] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 442.828646][ T5105] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 442.835714][ T5105] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 442.842883][ T5105] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 442.849964][ T5105] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 442.856981][ T5105] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 442.891127][ T5104] chnl_net:caif_netlink_parms(): no params data found [ 442.908029][ T5104] bridge0: port 1(bridge_slave_0) entered blocking state [ 442.915134][ T5104] bridge0: port 1(bridge_slave_0) entered disabled state [ 442.922337][ T5104] bridge_slave_0: entered allmulticast mode [ 442.928424][ T5104] bridge_slave_0: entered promiscuous mode [ 442.934799][ T5104] bridge0: port 2(bridge_slave_1) entered blocking state [ 442.941826][ T5104] bridge0: port 2(bridge_slave_1) entered disabled state [ 442.948887][ T5104] bridge_slave_1: entered allmulticast mode [ 442.954997][ T5104] bridge_slave_1: entered promiscuous mode [ 442.964801][ T5104] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 442.974443][ T5104] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 442.987094][ T5104] team0: Port device team_slave_0 added [ 442.993176][ T5104] team0: Port device team_slave_1 added [ 443.002172][ T5104] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 443.009158][ T5104] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 443.035084][ T5104] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 443.046063][ T5104] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 443.053041][ T5104] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 443.079003][ T5104] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 443.095108][ T5104] hsr_slave_0: entered promiscuous mode [ 443.100778][ T5104] hsr_slave_1: entered promiscuous mode [ 443.126353][ T5104] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 443.133695][ T5104] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 443.140959][ T5104] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 443.148347][ T5104] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 443.158564][ T5104] bridge0: port 2(bridge_slave_1) entered blocking state [ 443.165597][ T5104] bridge0: port 2(bridge_slave_1) entered forwarding state [ 443.172834][ T5104] bridge0: port 1(bridge_slave_0) entered blocking state [ 443.179869][ T5104] bridge0: port 1(bridge_slave_0) entered forwarding state [ 443.197070][ T5104] 8021q: adding VLAN 0 to HW filter on device bond0 [ 443.205165][ T5113] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 443.213071][ T5113] bridge0: port 1(bridge_slave_0) entered disabled state [ 443.220241][ T5113] bridge0: port 2(bridge_slave_1) entered disabled state [ 443.228068][ T5113] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 443.236580][ T5104] 8021q: adding VLAN 0 to HW filter on device team0 [ 443.250521][ T5104] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 443.260871][ T5104] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 443.272315][ T5113] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 443.280450][ T5113] bridge0: port 1(bridge_slave_0) entered blocking state [ 443.287496][ T5113] bridge0: port 1(bridge_slave_0) entered forwarding state [ 443.294981][ T5113] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 443.303149][ T5113] bridge0: port 2(bridge_slave_1) entered blocking state [ 443.310159][ T5113] bridge0: port 2(bridge_slave_1) entered forwarding state [ 443.317802][ T5113] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 443.325866][ T5113] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 443.333933][ T5113] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 443.341827][ T5113] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 443.349922][ T5113] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 443.357284][ T5113] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 443.387779][ T5104] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 443.394713][ T5114] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 443.402010][ T5114] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 443.416266][ T5104] veth0_vlan: entered promiscuous mode [ 443.422684][ T5113] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 443.431013][ T5113] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 443.439005][ T5113] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 443.446413][ T5113] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 443.454481][ T5104] veth1_vlan: entered promiscuous mode [ 443.463743][ T5104] veth0_macvtap: entered promiscuous mode [ 443.470185][ T5104] veth1_macvtap: entered promiscuous mode [ 443.476582][ T5113] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 443.484300][ T5113] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 443.491957][ T5113] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 443.500139][ T5113] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 443.510758][ T5104] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 443.518064][ T5113] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 443.527443][ T5104] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 443.534860][ T1758] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 443.543961][ T5104] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 443.552782][ T5104] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 443.561437][ T5104] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 443.570124][ T5104] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 443.589230][ T25] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 443.597204][ T25] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 443.602288][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 443.604882][ T1758] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 443.612912][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 443.626820][ T5113] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 443.962619][ T1758] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 444.322284][ T1758] usb 1-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x7, skipping [ 444.332871][ T1758] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 444.343548][ T1758] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 444.512298][ T1758] usb 1-1: New USB device found, idVendor=07d1, idProduct=3303, bcdDevice=bf.3b [ 444.521357][ T1758] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 444.529377][ T1758] usb 1-1: Product: syz [ 444.533552][ T1758] usb 1-1: Manufacturer: syz [ 444.538133][ T1758] usb 1-1: SerialNumber: syz [ 444.543345][ T1758] usb 1-1: config 0 descriptor?? [ 444.562384][ T5124] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 444.582929][ T1758] r8712u: register rtl8712_netdev_ops to netdev_ops [ 444.589504][ T1758] usb 1-1: r8712u: USB_SPEED_LOW with 1 endpoints [ 444.922232][ T4384] Bluetooth: hci0: command 0x0409 tx timeout [ 445.132274][ T1758] usb 1-1: r8712u: Boot from EFUSE: Autoload Failed [ 445.138893][ T1758] usb 1-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 445.146476][ T1758] usb 1-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 447.002326][ T4384] Bluetooth: hci0: command 0x041b tx timeout [ 449.082319][ T4384] Bluetooth: hci0: command 0x040f tx timeout [ 451.162236][ T4384] Bluetooth: hci0: command 0x0419 tx timeout [ 499.962667][ T1210] ieee802154 phy0 wpan0: encryption failed: -22 [ 499.968965][ T1210] ieee802154 phy1 wpan1: encryption failed: -22 [ 503.680117][ T5152] kmemleak: 8 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff888113e14c00 (size 192): comm "kworker/1:2", pid 1758, jiffies 4294981727 (age 61.220s) hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 18 4c e1 13 81 88 ff ff .........L...... backtrace: [] __kmalloc+0x4a/0x120 [] usb_alloc_urb+0xa4/0xb0 [] r8712_os_recvbuf_resource_alloc+0x1f/0x80 [] r8712_init_recv_priv+0x9b/0x220 [] _r8712_init_recv_priv+0x11c/0x160 [] r8712_init_drv_sw+0xf2/0x260 [] r871xu_drv_init+0x1f3/0x9d0 [] usb_probe_interface+0x179/0x3c0 [] really_probe+0x12d/0x430 [] __driver_probe_device+0xbf/0x140 [] driver_probe_device+0x2a/0x120 [] __device_attach_driver+0xfb/0x150 [] bus_for_each_drv+0xc1/0x110 [] __device_attach+0x102/0x2a0 [] bus_probe_device+0xca/0xd0 [] device_add+0x991/0xc80 BUG: memory leak unreferenced object 0xffff888113e14b40 (size 192): comm "kworker/1:2", pid 1758, jiffies 4294981727 (age 61.220s) hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 58 4b e1 13 81 88 ff ff ........XK...... backtrace: [] __kmalloc+0x4a/0x120 [] usb_alloc_urb+0xa4/0xb0 [] r8712_os_recvbuf_resource_alloc+0x1f/0x80 [] r8712_init_recv_priv+0x9b/0x220 [] _r8712_init_recv_priv+0x11c/0x160 [] r8712_init_drv_sw+0xf2/0x260 [] r871xu_drv_init+0x1f3/0x9d0 [] usb_probe_interface+0x179/0x3c0 [] really_probe+0x12d/0x430 [] __driver_probe_device+0xbf/0x140 [] driver_probe_device+0x2a/0x120 [] __device_attach_driver+0xfb/0x150 [] bus_for_each_drv+0xc1/0x110 [] __device_attach+0x102/0x2a0 [] bus_probe_device+0xca/0xd0 [] device_add+0x991/0xc80 BUG: memory leak unreferenced object 0xffff888113e14a80 (size 192): comm "kworker/1:2", pid 1758, jiffies 4294981727 (age 61.220s) hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 98 4a e1 13 81 88 ff ff .........J...... backtrace: [] __kmalloc+0x4a/0x120 [] usb_alloc_urb+0xa4/0xb0 [] r8712_os_recvbuf_resource_alloc+0x1f/0x80 [] r8712_init_recv_priv+0x9b/0x220 [] _r8712_init_recv_priv+0x11c/0x160 [] r8712_init_drv_sw+0xf2/0x260 [] r871xu_drv_init+0x1f3/0x9d0 [] usb_probe_interface+0x179/0x3c0 [] really_probe+0x12d/0x430 [] __driver_probe_device+0xbf/0x140 [] driver_probe_device+0x2a/0x120 [] __device_attach_driver+0xfb/0x150 [] bus_for_each_drv+0xc1/0x110 [] __device_attach+0x102/0x2a0 [] bus_probe_device+0xca/0xd0 [] device_add+0x991/0xc80