[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.10.28' (ECDSA) to the list of known hosts. 2021/06/25 07:23:35 parsed 1 programs 2021/06/25 07:23:42 executed programs: 0 syzkaller login: [ 1077.509020][ T8458] chnl_net:caif_netlink_parms(): no params data found [ 1077.562812][ T8458] bridge0: port 1(bridge_slave_0) entered blocking state [ 1077.570071][ T8458] bridge0: port 1(bridge_slave_0) entered disabled state [ 1077.577617][ T8458] device bridge_slave_0 entered promiscuous mode [ 1077.586712][ T8458] bridge0: port 2(bridge_slave_1) entered blocking state [ 1077.593963][ T8458] bridge0: port 2(bridge_slave_1) entered disabled state [ 1077.601890][ T8458] device bridge_slave_1 entered promiscuous mode [ 1077.612518][ T8458] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1077.622484][ T8458] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1077.635385][ T8458] team0: Port device team_slave_0 added [ 1077.641481][ T8458] team0: Port device team_slave_1 added [ 1077.650940][ T8458] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1077.657964][ T8458] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1077.683946][ T8458] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1077.695080][ T8458] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1077.702003][ T8458] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1077.728348][ T8458] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1077.743889][ T8458] device hsr_slave_0 entered promiscuous mode [ 1077.750100][ T8458] device hsr_slave_1 entered promiscuous mode [ 1077.779533][ T8458] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1077.787202][ T8458] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1077.799598][ T8458] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1077.808119][ T8458] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1077.820342][ T8458] bridge0: port 2(bridge_slave_1) entered blocking state [ 1077.827488][ T8458] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1077.834756][ T8458] bridge0: port 1(bridge_slave_0) entered blocking state [ 1077.841786][ T8458] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1077.862524][ T8458] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1077.871742][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1077.880176][ T19] bridge0: port 1(bridge_slave_0) entered disabled state [ 1077.887931][ T19] bridge0: port 2(bridge_slave_1) entered disabled state [ 1077.895646][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 1077.904751][ T8458] 8021q: adding VLAN 0 to HW filter on device team0 [ 1077.913724][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1077.921878][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 1077.928930][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1077.943479][ T3219] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1077.952066][ T3219] bridge0: port 2(bridge_slave_1) entered blocking state [ 1077.959125][ T3219] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1077.966881][ T3219] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1077.975191][ T3219] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1077.986216][ T8458] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1077.996580][ T8458] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1078.008040][ T8680] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1078.015588][ T8680] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1078.023822][ T8680] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1078.032553][ T8680] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1078.045038][ T8458] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1078.053141][ T8680] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1078.060681][ T8680] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1078.073273][ T8680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1078.086041][ T8458] device veth0_vlan entered promiscuous mode [ 1078.093481][ T8680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1078.101602][ T8680] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1078.109957][ T8680] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1078.119041][ T8458] device veth1_vlan entered promiscuous mode [ 1078.130791][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1078.138832][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1078.147204][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1078.156932][ T8458] device veth0_macvtap entered promiscuous mode [ 1078.165082][ T8458] device veth1_macvtap entered promiscuous mode [ 1078.176298][ T8458] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1078.184077][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1078.195493][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1078.204960][ T8458] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1078.212281][ T8680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1078.221932][ T8458] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1078.230817][ T8458] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1078.240026][ T8458] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1078.248788][ T8458] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1078.274149][ T8475] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1078.287697][ T8475] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1078.297430][ T8679] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1078.307787][ T8475] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1078.315883][ T8475] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1078.323634][ T8679] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1078.613110][ T8679] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 1078.973187][ T8679] usb 1-1: config 0 has an invalid interface association descriptor of length 2, skipping [ 1078.983196][ T8679] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 1078.994228][ T8679] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 1079.163213][ T8679] usb 1-1: New USB device found, idVendor=1740, idProduct=9603, bcdDevice=ae.4f [ 1079.172253][ T8679] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1079.180592][ T8679] usb 1-1: Product: syz [ 1079.184916][ T8679] usb 1-1: Manufacturer: syz [ 1079.189680][ T8679] usb 1-1: SerialNumber: syz [ 1079.196345][ T8679] usb 1-1: config 0 descriptor?? [ 1079.235549][ T8679] r8712u: register rtl8712_netdev_ops to netdev_ops [ 1079.242164][ T8679] usb 1-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 1079.343136][ T8679] usb 1-1: r8712u: Boot from EEPROM: Autoload OK [ 1079.553596][ T7] Bluetooth: hci0: command 0x0409 tx timeout [ 1081.633265][ T7] Bluetooth: hci0: command 0x041b tx timeout [ 1083.713404][ T8433] Bluetooth: hci0: command 0x040f tx timeout 2021/06/25 07:23:51 executed programs: 1 [ 1085.793174][ T8433] Bluetooth: hci0: command 0x0419 tx timeout [ 1092.440265][ T8727] kmemleak: 8 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff888119c0c780 (size 192): comm "kworker/0:3", pid 8679, jiffies 4295045193 (age 19.460s) hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 98 c7 c0 19 81 88 ff ff ................ backtrace: [] usb_alloc_urb+0x66/0xe0 [] r8712_os_recvbuf_resource_alloc+0x1b/0x80 [] r8712_init_recv_priv+0x96/0x210 [] _r8712_init_recv_priv+0x134/0x150 [] r8712_init_drv_sw+0xa0/0x1d0 [] r871xu_drv_init.cold+0x104/0x7d1 [] usb_probe_interface+0x177/0x370 [] really_probe+0x159/0x500 [] driver_probe_device+0x8b/0x100 [] __device_attach_driver+0xf6/0x120 [] bus_for_each_drv+0xb7/0x100 [] __device_attach+0x122/0x260 [] bus_probe_device+0xc6/0xe0 [] device_add+0x5d5/0xd70 [] usb_set_configuration+0x9d9/0xb90 [] usb_generic_driver_probe+0x8c/0xc0 BUG: memory leak unreferenced object 0xffff888119c0c6c0 (size 192): comm "kworker/0:3", pid 8679, jiffies 4295045193 (age 19.460s) hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 d8 c6 c0 19 81 88 ff ff ................ backtrace: [] usb_alloc_urb+0x66/0xe0 [] r8712_os_recvbuf_resource_alloc+0x1b/0x80 [] r8712_init_recv_priv+0x96/0x210 [] _r8712_init_recv_priv+0x134/0x150 [] r8712_init_drv_sw+0xa0/0x1d0 [] r871xu_drv_init.cold+0x104/0x7d1 [] usb_probe_interface+0x177/0x370 [] really_probe+0x159/0x500 [] driver_probe_device+0x8b/0x100 [] __device_attach_driver+0xf6/0x120 [] bus_for_each_drv+0xb7/0x100 [] __device_attach+0x122/0x260 [] bus_probe_device+0xc6/0xe0 [] device_add+0x5d5/0xd70 [] usb_set_configuration+0x9d9/0xb90 [] usb_generic_driver_probe+0x8c/0xc0 BUG: memory leak unreferenced object 0xffff888119c0c600 (size 192): comm "kworker/0:3", pid 8679, jiffies 4295045193 (age 19.460s) hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 18 c6 c0 19 81 88 ff ff ................ backtrace: [] usb_alloc_urb+0x66/0xe0 [] r8712_os_recvbuf_resource_alloc+0x1b/0x80 [] r8712_init_recv_priv+0x96/0x210 [] _r8712_init_recv_priv+0x134/0x150 [] r8712_init_drv_sw+0xa0/0x1d0 [] r871xu_drv_init.cold+0x104/0x7d1 [] usb_probe_interface+0x177/0x370 [] really_probe+0x159/0x500 [] driver_probe_device+0x8b/0x100 [] __device_attach_driver+0xf6/0x120 [] bus_for_each_drv+0xb7/0x100 [] __device_attach+0x122/0x260 [] bus_probe_device+0xc6/0xe0 [] device_add+0x5d5/0xd70 [] usb_set_configuration+0x9d9/0xb90 [] usb_generic_driver_probe+0x8c/0xc0