DUID 00:04:00:d4:51:4e:fe:cb:3a:1f:e7:b4:35:e6:d8:9f:41:1e
forked to background, child pid 3183
[   28.623872][ T3184] 8021q: adding VLAN 0 to HW filter on device bond0
[   28.646525][ T3184] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.0.255' (ECDSA) to the list of known hosts.
2022/08/11 12:09:01 fuzzer started
2022/08/11 12:09:01 connecting to host at 10.128.0.169:43303
2022/08/11 12:09:01 checking machine...
2022/08/11 12:09:01 checking revisions...
2022/08/11 12:09:02 testing simple program...
syzkaller login: [   49.764243][ T3604] cgroup: Unknown subsys name 'net'
[   49.874220][ T3604] cgroup: Unknown subsys name 'rlimit'
[   51.120124][ T3610] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   51.128525][ T3610] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   51.136996][ T3610] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   51.145514][ T3610] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   51.153775][ T3610] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   51.161893][ T3610] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   51.257103][ T3611] chnl_net:caif_netlink_parms(): no params data found
[   51.305376][ T3611] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.312523][ T3611] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.320914][ T3611] device bridge_slave_0 entered promiscuous mode
[   51.332095][ T3611] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.339455][ T3611] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.348320][ T3611] device bridge_slave_1 entered promiscuous mode
[   51.371516][ T3611] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   51.382863][ T3611] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   51.406439][ T3611] team0: Port device team_slave_0 added
[   51.414671][ T3611] team0: Port device team_slave_1 added
[   51.432066][ T3611] batman_adv: batadv0: Adding interface: batadv_slave_0
[   51.439104][ T3611] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   51.465785][ T3611] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   51.479057][ T3611] batman_adv: batadv0: Adding interface: batadv_slave_1
[   51.486202][ T3611] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   51.512492][ T3611] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   51.538288][ T3611] device hsr_slave_0 entered promiscuous mode
[   51.545333][ T3611] device hsr_slave_1 entered promiscuous mode
[   51.628247][ T3611] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   51.639619][ T3611] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   51.649537][ T3611] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   51.659577][ T3611] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   51.681253][ T3611] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.688647][ T3611] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.696719][ T3611] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.704399][ T3611] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.751603][ T3611] 8021q: adding VLAN 0 to HW filter on device bond0
[   51.766513][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   51.777571][   T14] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.787200][   T14] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.796806][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   51.809577][ T3611] 8021q: adding VLAN 0 to HW filter on device team0
[   51.821406][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   51.831389][   T14] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.838565][   T14] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.856241][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   51.865022][   T14] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.872108][   T14] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.892003][ T3611] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   51.904018][ T3611] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   51.918453][  T921] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   51.927742][  T921] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   51.937271][  T921] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   51.946490][  T921] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   51.955360][  T921] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   51.963158][  T921] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   51.982745][ T3611] 8021q: adding VLAN 0 to HW filter on device batadv0
[   51.993477][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   52.001190][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   52.020232][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   52.039544][ T3611] device veth0_vlan entered promiscuous mode
[   52.046720][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   52.056832][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   52.065921][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   52.079190][ T3611] device veth1_vlan entered promiscuous mode
[   52.086840][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   52.107346][  T921] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   52.116335][  T921] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   52.126944][ T3611] device veth0_macvtap entered promiscuous mode
[   52.138411][ T3611] device veth1_macvtap entered promiscuous mode
[   52.155634][ T3611] batman_adv: batadv0: Interface activated: batadv_slave_0
[   52.163229][  T921] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   52.173831][  T921] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   52.186277][ T3611] batman_adv: batadv0: Interface activated: batadv_slave_1
[   52.195169][  T921] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   52.206082][ T3611] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   52.216257][ T3611] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   52.225736][ T3611] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   52.234554][ T3611] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   52.297731][   T55] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   52.315970][   T55] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   52.329604][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
executing program
[   52.343389][    T8] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   52.352592][    T8] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   52.362261][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
2022/08/11 12:09:04 building call list...
[   52.579540][ T3611] ------------[ cut here ]------------
[   52.585240][ T3611] ODEBUG: assert_init not available (active state 0) object type: timer_list hint: 0x0
[   52.595355][ T3611] WARNING: CPU: 1 PID: 3611 at lib/debugobjects.c:502 debug_print_object+0x16e/0x250
[   52.604966][ T3611] Modules linked in:
[   52.608882][ T3611] CPU: 1 PID: 3611 Comm: syz-executor.0 Not tainted 5.19.0-syzkaller-13666-gffcf9c5700e4 #0
[   52.619059][ T3611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[   52.629160][ T3611] RIP: 0010:debug_print_object+0x16e/0x250
[   52.635180][ T3611] Code: ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 af 00 00 00 48 8b 14 dd 60 f8 48 8a 4c 89 ee 48 c7 c7 00 ec 48 8a e8 c3 98 38 05 <0f> 0b 83 05 45 c6 dd 09 01 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e c3
[   52.654828][ T3611] RSP: 0018:ffffc900039ff6c0 EFLAGS: 00010086
[   52.661021][ T3611] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000000000
[   52.669023][ T3611] RDX: ffff8880211c3b00 RSI: ffffffff8161f148 RDI: fffff5200073feca
[   52.677052][ T3611] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000
[   52.685146][ T3611] R10: 0000000080000000 R11: 0000000000000000 R12: ffffffff89ef0180
[   52.693401][ T3611] R13: ffffffff8a48f2c0 R14: ffffffff816b2310 R15: 1ffff9200073fee3
[   52.701407][ T3611] FS:  0000000000000000(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000
[   52.710478][ T3611] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[   52.717096][ T3611] CR2: 00007f427924b400 CR3: 0000000072f55000 CR4: 00000000003506e0
[   52.725356][ T3611] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   52.733347][ T3611] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   52.741348][ T3611] Call Trace:
[   52.744648][ T3611]  <TASK>
[   52.747611][ T3611]  ? do_raw_spin_unlock+0x171/0x230
[   52.752853][ T3611]  debug_object_assert_init+0x1f4/0x2e0
[   52.758442][ T3611]  ? debug_object_init_on_stack+0x20/0x20
[   52.764197][ T3611]  ? mark_held_locks+0x9f/0xe0
[   52.769066][ T3611]  ? kasan_quarantine_put+0xf5/0x210
[   52.774365][ T3611]  ? kasan_quarantine_put+0xf5/0x210
[   52.779672][ T3611]  del_timer+0x6d/0x110
[   52.783863][ T3611]  ? detach_if_pending+0x480/0x480
[   52.789010][ T3611]  ? try_to_grab_pending+0xbd/0xd0
[   52.794164][ T3611]  ? lockdep_hardirqs_off+0x90/0xd0
[   52.799411][ T3611]  try_to_grab_pending+0x6d/0xd0
[   52.804374][ T3611]  __cancel_work_timer+0xa6/0x570
[   52.809435][ T3611]  ? cancel_delayed_work+0x20/0x20
[   52.814609][ T3611]  ? mgmt_send_event_skb+0x2fe/0x470
[   52.819923][ T3611]  ? mgmt_send_event+0x13c/0x180
[   52.824893][ T3611]  mgmt_index_removed+0x187/0x2e0
[   52.829948][ T3611]  ? mgmt_index_added+0x290/0x290
[   52.834995][ T3611]  hci_unregister_dev+0x34f/0x4e0
[   52.840058][ T3611]  vhci_release+0x7c/0xf0
[   52.844491][ T3611]  __fput+0x277/0x9d0
[   52.848484][ T3611]  ? vhci_close_dev+0x50/0x50
[   52.853202][ T3611]  task_work_run+0xdd/0x1a0
[   52.857718][ T3611]  do_exit+0xad5/0x29b0
[   52.861888][ T3611]  ? find_held_lock+0x2d/0x110
[   52.866737][ T3611]  ? mm_update_next_owner+0x7a0/0x7a0
[   52.872308][ T3611]  ? lock_downgrade+0x6e0/0x6e0
[   52.877178][ T3611]  do_group_exit+0xd2/0x2f0
[   52.881779][ T3611]  get_signal+0x238c/0x2610
[   52.886394][ T3611]  ? debug_object_active_state+0x260/0x350
[   52.892222][ T3611]  ? exit_signals+0x8b0/0x8b0
[   52.896929][ T3611]  ? _raw_spin_unlock_irqrestore+0x50/0x70
[   52.902778][ T3611]  ? lockdep_hardirqs_on+0x79/0x100
[   52.908006][ T3611]  arch_do_signal_or_restart+0x82/0x2300
[   52.913742][ T3611]  ? debug_object_destroy+0x210/0x210
[   52.919122][ T3611]  ? security_file_free+0xa4/0xd0
[   52.924173][ T3611]  ? get_sigframe_size+0x10/0x10
[   52.929213][ T3611]  ? blkcg_maybe_throttle_current+0x566/0xc00
[   52.935319][ T3611]  ? __blkcg_punt_bio_submit+0x1d0/0x1d0
[   52.940971][ T3611]  ? unlock_page_memcg+0x2c0/0x2c0
[   52.946192][ T3611]  ? exit_to_user_mode_prepare+0x137/0x250
[   52.952019][ T3611]  exit_to_user_mode_prepare+0x15f/0x250
[   52.957660][ T3611]  syscall_exit_to_user_mode+0x19/0x50
[   52.963127][ T3611]  __do_fast_syscall_32+0x72/0xf0
[   52.968176][ T3611]  do_fast_syscall_32+0x2f/0x70
[   52.973057][ T3611]  entry_SYSENTER_compat_after_hwframe+0x70/0x82
[   52.979480][ T3611] RIP: 0023:0xf7f04549
[   52.983555][ T3611] Code: Unable to access opcode bytes at RIP 0xf7f0451f.
[   52.990589][ T3611] RSP: 002b:00000000f748fd30 EFLAGS: 00000282 ORIG_RAX: 0000000000000006
[   52.999105][ T3611] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000002
[   53.007096][ T3611] RDX: 0000000000000000 RSI: 00000000f6f37000 RDI: 00000000f6f37000
[   53.015093][ T3611] RBP: 0000000000000bb8 R08: 0000000000000000 R09: 0000000000000000
[   53.023067][ T3611] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   53.031041][ T3611] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   53.039033][ T3611]  </TASK>
[   53.042091][ T3611] Kernel panic - not syncing: panic_on_warn set ...
[   53.048781][ T3611] CPU: 1 PID: 3611 Comm: syz-executor.0 Not tainted 5.19.0-syzkaller-13666-gffcf9c5700e4 #0
[   53.059157][ T3611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[   53.069217][ T3611] Call Trace:
[   53.072498][ T3611]  <TASK>
[   53.075451][ T3611]  dump_stack_lvl+0xcd/0x134
[   53.080059][ T3611]  panic+0x2c8/0x627
[   53.083973][ T3611]  ? panic_print_sys_info.part.0+0x10b/0x10b
[   53.089977][ T3611]  ? __warn.cold+0x248/0x2c4
[   53.094685][ T3611]  ? debug_print_object+0x16e/0x250
[   53.099894][ T3611]  __warn.cold+0x259/0x2c4
[   53.104318][ T3611]  ? __wake_up_klogd.part.0+0x99/0xf0
[   53.109737][ T3611]  ? debug_print_object+0x16e/0x250
[   53.114964][ T3611]  report_bug+0x1bc/0x210
[   53.119318][ T3611]  handle_bug+0x3c/0x60
[   53.123753][ T3611]  exc_invalid_op+0x14/0x40
[   53.128264][ T3611]  asm_exc_invalid_op+0x16/0x20
[   53.133232][ T3611] RIP: 0010:debug_print_object+0x16e/0x250
[   53.139069][ T3611] Code: ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 af 00 00 00 48 8b 14 dd 60 f8 48 8a 4c 89 ee 48 c7 c7 00 ec 48 8a e8 c3 98 38 05 <0f> 0b 83 05 45 c6 dd 09 01 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e c3
[   53.159053][ T3611] RSP: 0018:ffffc900039ff6c0 EFLAGS: 00010086
[   53.165142][ T3611] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000000000
[   53.173135][ T3611] RDX: ffff8880211c3b00 RSI: ffffffff8161f148 RDI: fffff5200073feca
[   53.181113][ T3611] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000
[   53.189198][ T3611] R10: 0000000080000000 R11: 0000000000000000 R12: ffffffff89ef0180
[   53.197185][ T3611] R13: ffffffff8a48f2c0 R14: ffffffff816b2310 R15: 1ffff9200073fee3
[   53.205184][ T3611]  ? calc_wheel_index+0x3d0/0x3d0
[   53.210237][ T3611]  ? vprintk+0x88/0x90
[   53.214411][ T3611]  ? do_raw_spin_unlock+0x171/0x230
[   53.219686][ T3611]  debug_object_assert_init+0x1f4/0x2e0
[   53.225342][ T3611]  ? debug_object_init_on_stack+0x20/0x20
[   53.231432][ T3611]  ? mark_held_locks+0x9f/0xe0
[   53.236303][ T3611]  ? kasan_quarantine_put+0xf5/0x210
[   53.241603][ T3611]  ? kasan_quarantine_put+0xf5/0x210
[   53.246909][ T3611]  del_timer+0x6d/0x110
[   53.251165][ T3611]  ? detach_if_pending+0x480/0x480
[   53.256397][ T3611]  ? try_to_grab_pending+0xbd/0xd0
[   53.261523][ T3611]  ? lockdep_hardirqs_off+0x90/0xd0
[   53.266738][ T3611]  try_to_grab_pending+0x6d/0xd0
[   53.271693][ T3611]  __cancel_work_timer+0xa6/0x570
[   53.276732][ T3611]  ? cancel_delayed_work+0x20/0x20
[   53.281861][ T3611]  ? mgmt_send_event_skb+0x2fe/0x470
[   53.287335][ T3611]  ? mgmt_send_event+0x13c/0x180
[   53.292441][ T3611]  mgmt_index_removed+0x187/0x2e0
[   53.297570][ T3611]  ? mgmt_index_added+0x290/0x290
[   53.302732][ T3611]  hci_unregister_dev+0x34f/0x4e0
[   53.307807][ T3611]  vhci_release+0x7c/0xf0
[   53.312166][ T3611]  __fput+0x277/0x9d0
[   53.316166][ T3611]  ? vhci_close_dev+0x50/0x50
[   53.320859][ T3611]  task_work_run+0xdd/0x1a0
[   53.325383][ T3611]  do_exit+0xad5/0x29b0
[   53.329548][ T3611]  ? find_held_lock+0x2d/0x110
[   53.334455][ T3611]  ? mm_update_next_owner+0x7a0/0x7a0
[   53.339855][ T3611]  ? lock_downgrade+0x6e0/0x6e0
[   53.344766][ T3611]  do_group_exit+0xd2/0x2f0
[   53.349287][ T3611]  get_signal+0x238c/0x2610
[   53.353838][ T3611]  ? debug_object_active_state+0x260/0x350
[   53.359692][ T3611]  ? exit_signals+0x8b0/0x8b0
[   53.364378][ T3611]  ? _raw_spin_unlock_irqrestore+0x50/0x70
[   53.370286][ T3611]  ? lockdep_hardirqs_on+0x79/0x100
[   53.375502][ T3611]  arch_do_signal_or_restart+0x82/0x2300
[   53.381240][ T3611]  ? debug_object_destroy+0x210/0x210
[   53.386932][ T3611]  ? security_file_free+0xa4/0xd0
[   53.391976][ T3611]  ? get_sigframe_size+0x10/0x10
[   53.396943][ T3611]  ? blkcg_maybe_throttle_current+0x566/0xc00
[   53.403114][ T3611]  ? __blkcg_punt_bio_submit+0x1d0/0x1d0
[   53.408760][ T3611]  ? unlock_page_memcg+0x2c0/0x2c0
[   53.413977][ T3611]  ? exit_to_user_mode_prepare+0x137/0x250
[   53.419807][ T3611]  exit_to_user_mode_prepare+0x15f/0x250
[   53.425449][ T3611]  syscall_exit_to_user_mode+0x19/0x50
[   53.430921][ T3611]  __do_fast_syscall_32+0x72/0xf0
[   53.435972][ T3611]  do_fast_syscall_32+0x2f/0x70
[   53.441035][ T3611]  entry_SYSENTER_compat_after_hwframe+0x70/0x82
[   53.447410][ T3611] RIP: 0023:0xf7f04549
[   53.451496][ T3611] Code: Unable to access opcode bytes at RIP 0xf7f0451f.
[   53.458519][ T3611] RSP: 002b:00000000f748fd30 EFLAGS: 00000282 ORIG_RAX: 0000000000000006
[   53.466939][ T3611] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000002
[   53.475016][ T3611] RDX: 0000000000000000 RSI: 00000000f6f37000 RDI: 00000000f6f37000
[   53.483005][ T3611] RBP: 0000000000000bb8 R08: 0000000000000000 R09: 0000000000000000
[   53.491259][ T3611] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   53.499598][ T3611] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   53.508141][ T3611]  </TASK>
[   53.511393][ T3611] Kernel Offset: disabled
[   53.516186][ T3611] Rebooting in 86400 seconds..