[ OK ] Started Permit User Sessions. [ OK ] Started System Logging Service. [ OK ] Started getty on tty2-tty6 if dbus and logind are not available. [* ] A start job is running for OpenBSD …Shell server (1min 22s / 2min 42s)[** ] A start job is running for OpenBSD …Shell server (1min 23s / 2min 42s)[*** ] A start job is running for OpenBSD …Shell server (1min 24s / 2min 42s)[ *** ] A start job is running for OpenBSD …Shell server (1min 24s / 2min 42s)[ *** ] A start job is running for OpenBSD …Shell server (1min 25s / 2min 42s)[ ***] A start job is running for OpenBSD …Shell server (1min 26s / 2min 55s)[ OK ] Started OpenBSD Secure Shell server. [ OK ] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. [ OK ] Started Getty on tty6. [ OK ] Started Getty on tty5. [ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.88' (ECDSA) to the list of known hosts. 2021/03/25 17:19:45 fuzzer started 2021/03/25 17:19:46 dialing manager at 10.128.0.169:37339 2021/03/25 17:19:47 syscalls: 3262 2021/03/25 17:19:47 code coverage: enabled 2021/03/25 17:19:47 comparison tracing: enabled 2021/03/25 17:19:47 extra coverage: enabled 2021/03/25 17:19:47 setuid sandbox: enabled 2021/03/25 17:19:47 namespace sandbox: enabled 2021/03/25 17:19:47 Android sandbox: /sys/fs/selinux/policy does not exist 2021/03/25 17:19:47 fault injection: enabled 2021/03/25 17:19:47 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2021/03/25 17:19:47 net packet injection: enabled 2021/03/25 17:19:47 net device setup: enabled 2021/03/25 17:19:47 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2021/03/25 17:19:47 devlink PCI setup: PCI device 0000:00:10.0 is not available 2021/03/25 17:19:47 USB emulation: enabled 2021/03/25 17:19:47 hci packet injection: enabled 2021/03/25 17:19:47 wifi device emulation: enabled 2021/03/25 17:19:47 802.15.4 emulation: enabled 2021/03/25 17:19:47 fetching corpus: 0, signal 0/0 (executing program) 2021/03/25 17:19:47 fetching corpus: 19, signal 7440/7440 (executing program) 2021/03/25 17:19:47 fetching corpus: 19, signal 7440/7440 (executing program) 2021/03/25 17:19:49 starting 6 fuzzer processes 17:19:54 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x3c) r1 = bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xd, 0x9, 0x4, 0x1, 0x0, r0}, 0x40) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000600)={r1, &(0x7f0000000040), 0x0}, 0x20) syzkaller login: [ 150.899579][ T8245] IPVS: ftp: loaded support on port[0] = 21 [ 151.192528][ T8245] chnl_net:caif_netlink_parms(): no params data found [ 151.310172][ T8245] bridge0: port 1(bridge_slave_0) entered blocking state [ 151.317732][ T8245] bridge0: port 1(bridge_slave_0) entered disabled state [ 151.327205][ T8245] device bridge_slave_0 entered promiscuous mode [ 151.339894][ T8245] bridge0: port 2(bridge_slave_1) entered blocking state [ 151.347740][ T8245] bridge0: port 2(bridge_slave_1) entered disabled state [ 151.358020][ T8245] device bridge_slave_1 entered promiscuous mode [ 151.404006][ T8245] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 151.423675][ T8245] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 151.467668][ T8245] team0: Port device team_slave_0 added [ 151.480914][ T8245] team0: Port device team_slave_1 added [ 151.523005][ T8245] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 151.530199][ T8245] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 151.556726][ T8245] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 151.573846][ T8245] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 151.582036][ T8245] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 151.608998][ T8245] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 151.669040][ T8245] device hsr_slave_0 entered promiscuous mode [ 151.678987][ T8245] device hsr_slave_1 entered promiscuous mode [ 151.926363][ T8245] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 151.941740][ T8245] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 151.969036][ T8245] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 151.987327][ T8245] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 152.148701][ T8245] bridge0: port 2(bridge_slave_1) entered blocking state [ 152.156236][ T8245] bridge0: port 2(bridge_slave_1) entered forwarding state [ 152.164121][ T8245] bridge0: port 1(bridge_slave_0) entered blocking state [ 152.171954][ T8245] bridge0: port 1(bridge_slave_0) entered forwarding state [ 152.187176][ T789] bridge0: port 1(bridge_slave_0) entered disabled state [ 152.200028][ T789] bridge0: port 2(bridge_slave_1) entered disabled state [ 152.358925][ T8245] 8021q: adding VLAN 0 to HW filter on device bond0 [ 152.389751][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 152.399418][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 152.420523][ T8245] 8021q: adding VLAN 0 to HW filter on device team0 [ 152.440771][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 152.452224][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 152.463406][ T789] bridge0: port 1(bridge_slave_0) entered blocking state [ 152.470943][ T789] bridge0: port 1(bridge_slave_0) entered forwarding state [ 152.528442][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 152.539975][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 152.549795][ T789] bridge0: port 2(bridge_slave_1) entered blocking state [ 152.558589][ T789] bridge0: port 2(bridge_slave_1) entered forwarding state [ 152.569024][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 152.580423][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 152.591613][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 152.602290][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 152.616648][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 152.651704][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 152.655655][ T1987] Bluetooth: hci0: command 0x0409 tx timeout [ 152.664255][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 152.696647][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 152.706702][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 152.716324][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 152.726239][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 152.747306][ T8245] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 152.799717][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 152.807974][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 152.842851][ T8245] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 152.910838][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 152.921880][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 152.981200][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 152.991730][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 153.014275][ T8245] device veth0_vlan entered promiscuous mode [ 153.024052][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 153.033863][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 153.070642][ T8245] device veth1_vlan entered promiscuous mode [ 153.142715][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 153.152516][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 153.163514][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 153.175120][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 153.201807][ T8245] device veth0_macvtap entered promiscuous mode [ 153.224024][ T8245] device veth1_macvtap entered promiscuous mode [ 153.251562][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 153.261193][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 153.297903][ T8245] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 153.313088][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 153.323296][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 153.353786][ T8245] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 153.363809][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 153.374332][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 153.398928][ T8245] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.408134][ T8245] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.417326][ T8245] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.426414][ T8245] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.786631][ T660] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.794846][ T660] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.806974][ T8455] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 153.906602][ T229] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.914872][ T229] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.923640][ T8455] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 17:19:59 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x3c) r1 = bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xd, 0x9, 0x4, 0x1, 0x0, r0}, 0x40) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000600)={r1, &(0x7f0000000040), 0x0}, 0x20) 17:20:00 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x3c) r1 = bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xd, 0x9, 0x4, 0x1, 0x0, r0}, 0x40) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000600)={r1, &(0x7f0000000040), 0x0}, 0x20) 17:20:00 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x3c) r1 = bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xd, 0x9, 0x4, 0x1, 0x0, r0}, 0x40) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000600)={r1, &(0x7f0000000040), 0x0}, 0x20) [ 154.741812][ T1987] Bluetooth: hci0: command 0x041b tx timeout 17:20:00 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x3c) r1 = bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xd, 0x9, 0x4, 0x1, 0x0, r0}, 0x40) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000600)={r1, &(0x7f0000000040), 0x0}, 0x20) 17:20:00 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x3c) r1 = bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xd, 0x9, 0x4, 0x1, 0x0, r0}, 0x40) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000600)={r1, &(0x7f0000000040), 0x0}, 0x20) 17:20:01 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x3c) r1 = bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xd, 0x9, 0x4, 0x1, 0x0, r0}, 0x40) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000600)={r1, &(0x7f0000000040), 0x0}, 0x20) 17:20:01 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x3c) r1 = bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xd, 0x9, 0x4, 0x1, 0x0, r0}, 0x40) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000600)={r1, &(0x7f0000000040), 0x0}, 0x20) 17:20:01 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x3c) r1 = bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xd, 0x9, 0x4, 0x1, 0x0, r0}, 0x40) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000600)={r1, &(0x7f0000000040), 0x0}, 0x20) 17:20:01 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x3c) r1 = bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xd, 0x9, 0x4, 0x1, 0x0, r0}, 0x40) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000600)={r1, &(0x7f0000000040), 0x0}, 0x20) 17:20:02 executing program 0: r0 = openat$ppp(0xffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100)) ioctl$PPPIOCGDEBUG(r0, 0x80047441, &(0x7f0000002240)) 17:20:02 executing program 0: r0 = openat$ppp(0xffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100)) ioctl$PPPIOCGDEBUG(r0, 0x80047441, &(0x7f0000002240)) [ 156.815986][ T1987] Bluetooth: hci0: command 0x040f tx timeout 17:20:02 executing program 0: r0 = openat$ppp(0xffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100)) ioctl$PPPIOCGDEBUG(r0, 0x80047441, &(0x7f0000002240)) 17:20:03 executing program 0: r0 = openat$ppp(0xffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100)) ioctl$PPPIOCGDEBUG(r0, 0x80047441, &(0x7f0000002240)) 17:20:03 executing program 0: r0 = openat$ppp(0xffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100)) ioctl$PPPIOCGDEBUG(r0, 0x80047441, &(0x7f0000002240)) 17:20:03 executing program 0: r0 = openat$ppp(0xffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100)) ioctl$PPPIOCGDEBUG(r0, 0x80047441, &(0x7f0000002240)) 17:20:03 executing program 0: r0 = openat$ppp(0xffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100)) ioctl$PPPIOCGDEBUG(r0, 0x80047441, &(0x7f0000002240)) 17:20:04 executing program 0: r0 = openat$ppp(0xffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100)) ioctl$PPPIOCGDEBUG(r0, 0x80047441, &(0x7f0000002240)) 17:20:04 executing program 0: r0 = openat$ppp(0xffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100)) ioctl$PPPIOCGDEBUG(r0, 0x80047441, &(0x7f0000002240)) [ 158.895009][ T5] Bluetooth: hci0: command 0x0419 tx timeout 17:20:04 executing program 0: r0 = openat$ppp(0xffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100)) ioctl$PPPIOCGDEBUG(r0, 0x80047441, &(0x7f0000002240)) 17:20:05 executing program 0: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000100)=0x14) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=@newqdisc={0x40, 0x24, 0x51d, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd, 0x1, 'fq_codel\x00'}, {0xc, 0x2, [@TCA_FQ_CODEL_FLOWS={0x8}]}}]}, 0x40}}, 0x0) 17:20:05 executing program 0: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000100)=0x14) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=@newqdisc={0x40, 0x24, 0x51d, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd, 0x1, 'fq_codel\x00'}, {0xc, 0x2, [@TCA_FQ_CODEL_FLOWS={0x8}]}}]}, 0x40}}, 0x0) 17:20:05 executing program 0: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000100)=0x14) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=@newqdisc={0x40, 0x24, 0x51d, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd, 0x1, 'fq_codel\x00'}, {0xc, 0x2, [@TCA_FQ_CODEL_FLOWS={0x8}]}}]}, 0x40}}, 0x0) 17:20:05 executing program 0: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000100)=0x14) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=@newqdisc={0x40, 0x24, 0x51d, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd, 0x1, 'fq_codel\x00'}, {0xc, 0x2, [@TCA_FQ_CODEL_FLOWS={0x8}]}}]}, 0x40}}, 0x0) 17:20:05 executing program 0: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000100)=0x14) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=@newqdisc={0x40, 0x24, 0x51d, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd, 0x1, 'fq_codel\x00'}, {0xc, 0x2, [@TCA_FQ_CODEL_FLOWS={0x8}]}}]}, 0x40}}, 0x0) 17:20:06 executing program 0: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000100)=0x14) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=@newqdisc={0x40, 0x24, 0x51d, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd, 0x1, 'fq_codel\x00'}, {0xc, 0x2, [@TCA_FQ_CODEL_FLOWS={0x8}]}}]}, 0x40}}, 0x0) 17:20:06 executing program 0: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000100)=0x14) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=@newqdisc={0x40, 0x24, 0x51d, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd, 0x1, 'fq_codel\x00'}, {0xc, 0x2, [@TCA_FQ_CODEL_FLOWS={0x8}]}}]}, 0x40}}, 0x0) 17:20:06 executing program 0: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000040)) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000100)=0x1) 17:20:06 executing program 1: write(0xffffffffffffffff, &(0x7f0000000000)="220000002000070700be0000090007010200000000000000002000000500138001", 0x21) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_route(0x10, 0x3, 0x0) splice(r0, 0x0, r2, 0x0, 0x7fffffff, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='\'\x00\x00\x00!', 0x5, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xfffffd88) 17:20:06 executing program 0: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000040)) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000100)=0x1) 17:20:07 executing program 0: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000040)) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000100)=0x1) 17:20:07 executing program 0: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000040)) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000100)=0x1) 17:20:07 executing program 0: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000040)) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000100)=0x1) 17:20:07 executing program 0: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000040)) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000100)=0x1) 17:20:07 executing program 0: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000040)) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000100)=0x1) 17:20:08 executing program 0: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000040)) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000100)=0x1) 17:20:08 executing program 0: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000040)) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000100)=0x1) [ 162.783434][ T8642] IPVS: ftp: loaded support on port[0] = 21 17:20:08 executing program 0: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000040)) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000100)=0x1) 17:20:09 executing program 0: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000040)) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000100)=0x1) [ 163.398432][ T8642] chnl_net:caif_netlink_parms(): no params data found [ 163.555511][ T8642] bridge0: port 1(bridge_slave_0) entered blocking state [ 163.563739][ T8642] bridge0: port 1(bridge_slave_0) entered disabled state [ 163.573634][ T8642] device bridge_slave_0 entered promiscuous mode [ 163.590291][ T8642] bridge0: port 2(bridge_slave_1) entered blocking state [ 163.598632][ T8642] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.608603][ T8642] device bridge_slave_1 entered promiscuous mode 17:20:09 executing program 0: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000040)) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000100)=0x1) [ 163.726473][ T8642] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 163.743116][ T8642] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 163.798303][ T8642] team0: Port device team_slave_0 added [ 163.832919][ T8642] team0: Port device team_slave_1 added [ 163.983849][ T8642] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 163.991399][ T8642] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 164.017764][ T8642] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 164.120575][ T8642] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 164.128254][ T8642] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 164.156400][ T8642] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 164.239642][ T8642] device hsr_slave_0 entered promiscuous mode [ 164.248798][ T8642] device hsr_slave_1 entered promiscuous mode [ 164.259069][ T8642] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 164.267773][ T8642] Cannot create hsr debugfs directory [ 164.657336][ T1987] Bluetooth: hci1: command 0x0409 tx timeout [ 164.691764][ T8642] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 164.744758][ T8642] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 164.773179][ T8642] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 164.811404][ T8642] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 165.094210][ T8642] 8021q: adding VLAN 0 to HW filter on device bond0 [ 165.130672][ T2066] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 165.140034][ T2066] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 165.161673][ T8642] 8021q: adding VLAN 0 to HW filter on device team0 [ 165.186357][ T2066] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 165.197298][ T2066] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 165.206904][ T2066] bridge0: port 1(bridge_slave_0) entered blocking state [ 165.214190][ T2066] bridge0: port 1(bridge_slave_0) entered forwarding state [ 165.268674][ T2066] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 165.278300][ T2066] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 165.288362][ T2066] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 165.298016][ T2066] bridge0: port 2(bridge_slave_1) entered blocking state [ 165.305500][ T2066] bridge0: port 2(bridge_slave_1) entered forwarding state [ 165.314829][ T2066] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 165.325909][ T2066] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 165.336934][ T2066] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 165.347394][ T2066] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 165.369038][ T2066] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 165.379181][ T2066] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 165.389578][ T2066] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 165.413559][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 165.423574][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 165.452851][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 165.462942][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 165.481413][ T8642] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 165.536375][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 165.544740][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 165.579248][ T8642] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 165.643299][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 165.654064][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 165.708744][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 165.720356][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 165.744059][ T8642] device veth0_vlan entered promiscuous mode [ 165.755963][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 165.765256][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 165.795988][ T8642] device veth1_vlan entered promiscuous mode [ 165.869319][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 165.879291][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 165.888955][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 165.899195][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 165.923521][ T8642] device veth0_macvtap entered promiscuous mode [ 165.944110][ T8642] device veth1_macvtap entered promiscuous mode [ 165.997314][ T8642] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 166.008097][ T8642] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 166.022691][ T8642] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 166.031416][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 166.041326][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 166.051031][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 166.061520][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 166.083320][ T8642] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 166.095472][ T8642] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 166.109267][ T8642] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 166.119085][ T1987] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 166.130579][ T1987] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 166.156032][ T8642] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 166.167476][ T8642] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 166.178587][ T8642] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 166.187829][ T8642] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 166.489598][ T23] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 166.497720][ T23] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 166.509652][ T2066] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 166.609286][ T229] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 166.617636][ T229] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 166.625949][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 166.739370][ T8454] Bluetooth: hci1: command 0x041b tx timeout [ 166.939881][ T8884] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.1'. 17:20:13 executing program 1: write(0xffffffffffffffff, &(0x7f0000000000)="220000002000070700be0000090007010200000000000000002000000500138001", 0x21) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_route(0x10, 0x3, 0x0) splice(r0, 0x0, r2, 0x0, 0x7fffffff, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='\'\x00\x00\x00!', 0x5, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xfffffd88) 17:20:13 executing program 0: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000040)) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000100)=0x1) 17:20:13 executing program 0: write(0xffffffffffffffff, &(0x7f0000000000)="220000002000070700be0000090007010200000000000000002000000500138001", 0x21) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_route(0x10, 0x3, 0x0) splice(r0, 0x0, r2, 0x0, 0x7fffffff, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='\'\x00\x00\x00!', 0x5, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xfffffd88) [ 168.007034][ T8891] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.1'. [ 168.291485][ T8896] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.0'. 17:20:14 executing program 1: write(0xffffffffffffffff, &(0x7f0000000000)="220000002000070700be0000090007010200000000000000002000000500138001", 0x21) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_route(0x10, 0x3, 0x0) splice(r0, 0x0, r2, 0x0, 0x7fffffff, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='\'\x00\x00\x00!', 0x5, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xfffffd88) [ 168.815532][ T8454] Bluetooth: hci1: command 0x040f tx timeout [ 169.057958][ T8901] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.1'. 17:20:14 executing program 0: write(0xffffffffffffffff, &(0x7f0000000000)="220000002000070700be0000090007010200000000000000002000000500138001", 0x21) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_route(0x10, 0x3, 0x0) splice(r0, 0x0, r2, 0x0, 0x7fffffff, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='\'\x00\x00\x00!', 0x5, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xfffffd88) [ 169.382422][ T8906] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.0'. 17:20:15 executing program 1: write(0xffffffffffffffff, &(0x7f0000000000)="220000002000070700be0000090007010200000000000000002000000500138001", 0x21) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_route(0x10, 0x3, 0x0) splice(r0, 0x0, r2, 0x0, 0x7fffffff, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='\'\x00\x00\x00!', 0x5, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xfffffd88) [ 170.090787][ T8911] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.1'. 17:20:15 executing program 0: write(0xffffffffffffffff, &(0x7f0000000000)="220000002000070700be0000090007010200000000000000002000000500138001", 0x21) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_route(0x10, 0x3, 0x0) splice(r0, 0x0, r2, 0x0, 0x7fffffff, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='\'\x00\x00\x00!', 0x5, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xfffffd88) [ 170.447730][ T8916] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.0'. 17:20:16 executing program 1: write(0xffffffffffffffff, &(0x7f0000000000)="220000002000070700be0000090007010200000000000000002000000500138001", 0x21) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_route(0x10, 0x3, 0x0) splice(r0, 0x0, r2, 0x0, 0x7fffffff, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='\'\x00\x00\x00!', 0x5, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xfffffd88) [ 170.897087][ T8454] Bluetooth: hci1: command 0x0419 tx timeout [ 171.077237][ T8921] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.1'. 17:20:16 executing program 0: write(0xffffffffffffffff, &(0x7f0000000000)="220000002000070700be0000090007010200000000000000002000000500138001", 0x21) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_route(0x10, 0x3, 0x0) splice(r0, 0x0, r2, 0x0, 0x7fffffff, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='\'\x00\x00\x00!', 0x5, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xfffffd88) [ 171.475275][ T8926] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.0'. 17:20:17 executing program 1: write(0xffffffffffffffff, &(0x7f0000000000)="220000002000070700be0000090007010200000000000000002000000500138001", 0x21) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_route(0x10, 0x3, 0x0) splice(r0, 0x0, r2, 0x0, 0x7fffffff, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='\'\x00\x00\x00!', 0x5, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xfffffd88) [ 172.103564][ T8932] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.1'. 17:20:17 executing program 0: write(0xffffffffffffffff, &(0x7f0000000000)="220000002000070700be0000090007010200000000000000002000000500138001", 0x21) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_route(0x10, 0x3, 0x0) splice(r0, 0x0, r2, 0x0, 0x7fffffff, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='\'\x00\x00\x00!', 0x5, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xfffffd88) [ 172.438212][ T8937] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.0'. 17:20:18 executing program 1: write(0xffffffffffffffff, &(0x7f0000000000)="220000002000070700be0000090007010200000000000000002000000500138001", 0x21) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_route(0x10, 0x3, 0x0) splice(r0, 0x0, r2, 0x0, 0x7fffffff, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='\'\x00\x00\x00!', 0x5, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xfffffd88) [ 173.082692][ T8942] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.1'. 17:20:18 executing program 0: write(0xffffffffffffffff, &(0x7f0000000000)="220000002000070700be0000090007010200000000000000002000000500138001", 0x21) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_route(0x10, 0x3, 0x0) splice(r0, 0x0, r2, 0x0, 0x7fffffff, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='\'\x00\x00\x00!', 0x5, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xfffffd88) [ 173.509042][ T8947] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.0'. 17:20:19 executing program 1: write(0xffffffffffffffff, &(0x7f0000000000)="220000002000070700be0000090007010200000000000000002000000500138001", 0x21) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_route(0x10, 0x3, 0x0) splice(r0, 0x0, r2, 0x0, 0x7fffffff, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='\'\x00\x00\x00!', 0x5, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xfffffd88) [ 174.147029][ T8952] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.1'. 17:20:20 executing program 0: write(0xffffffffffffffff, &(0x7f0000000000)="220000002000070700be0000090007010200000000000000002000000500138001", 0x21) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_route(0x10, 0x3, 0x0) splice(r0, 0x0, r2, 0x0, 0x7fffffff, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='\'\x00\x00\x00!', 0x5, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xfffffd88) 17:20:20 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00', 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000040)={0x28, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0xa}]}]}]}, 0x28}}, 0x0) [ 174.572359][ T8957] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.0'. 17:20:20 executing program 1: write(0xffffffffffffffff, &(0x7f0000000000)="220000002000070700be0000090007010200000000000000002000000500138001", 0x21) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_route(0x10, 0x3, 0x0) splice(r0, 0x0, r2, 0x0, 0x7fffffff, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='\'\x00\x00\x00!', 0x5, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xfffffd88) [ 175.134608][ C1] hrtimer: interrupt took 138784 ns [ 175.185927][ T8963] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.1'. 17:20:21 executing program 0: write(0xffffffffffffffff, &(0x7f0000000000)="220000002000070700be0000090007010200000000000000002000000500138001", 0x21) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_route(0x10, 0x3, 0x0) splice(r0, 0x0, r2, 0x0, 0x7fffffff, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='\'\x00\x00\x00!', 0x5, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xfffffd88) [ 175.644718][ T8968] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.0'. 17:20:21 executing program 1: write(0xffffffffffffffff, &(0x7f0000000000)="220000002000070700be0000090007010200000000000000002000000500138001", 0x21) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_route(0x10, 0x3, 0x0) splice(r0, 0x0, r2, 0x0, 0x7fffffff, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='\'\x00\x00\x00!', 0x5, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xfffffd88) [ 176.218601][ T8973] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.1'. 17:20:22 executing program 0: write(0xffffffffffffffff, &(0x7f0000000000)="220000002000070700be0000090007010200000000000000002000000500138001", 0x21) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_route(0x10, 0x3, 0x0) splice(r0, 0x0, r2, 0x0, 0x7fffffff, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='\'\x00\x00\x00!', 0x5, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xfffffd88) [ 176.655647][ T8978] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.0'. [ 177.220117][ T8989] IPVS: ftp: loaded support on port[0] = 21 17:20:22 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x3ff, 0x80000001, {0x0}, {}, 0x1, 0x3ff}) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={r1, 0xee00, 0xffffffffffffffff}, 0xc) r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vmci\x00', 0x2, 0x0) ioctl$IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(r2, 0x7b0, 0x0) 17:20:23 executing program 0: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed={[], 0x10}}}}, 0x9) syz_usb_connect(0x0, 0x24, &(0x7f0000000f00)={{0x12, 0x1, 0x0, 0x5, 0xee, 0x59, 0x10, 0x6be, 0xa232, 0xa7ab, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x95, 0xec, 0xa5}}]}}]}}, 0x0) [ 177.842655][ T8989] chnl_net:caif_netlink_parms(): no params data found 17:20:23 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x3ff, 0x80000001, {0x0}, {}, 0x1, 0x3ff}) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={r1, 0xee00, 0xffffffffffffffff}, 0xc) r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vmci\x00', 0x2, 0x0) ioctl$IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(r2, 0x7b0, 0x0) [ 178.158258][ T8989] bridge0: port 1(bridge_slave_0) entered blocking state [ 178.166687][ T8989] bridge0: port 1(bridge_slave_0) entered disabled state [ 178.176327][ T8989] device bridge_slave_0 entered promiscuous mode [ 178.231020][ T8989] bridge0: port 2(bridge_slave_1) entered blocking state [ 178.238984][ T8989] bridge0: port 2(bridge_slave_1) entered disabled state [ 178.249040][ T8989] device bridge_slave_1 entered promiscuous mode 17:20:24 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x3ff, 0x80000001, {0x0}, {}, 0x1, 0x3ff}) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={r1, 0xee00, 0xffffffffffffffff}, 0xc) r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vmci\x00', 0x2, 0x0) ioctl$IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(r2, 0x7b0, 0x0) [ 178.356343][ T8989] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 178.372830][ T8454] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 178.437762][ T8989] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 178.555334][ T8989] team0: Port device team_slave_0 added [ 178.583703][ T8989] team0: Port device team_slave_1 added [ 178.614710][ T8454] usb 1-1: Using ep0 maxpacket: 16 17:20:24 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x3ff, 0x80000001, {0x0}, {}, 0x1, 0x3ff}) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={r1, 0xee00, 0xffffffffffffffff}, 0xc) r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vmci\x00', 0x2, 0x0) ioctl$IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(r2, 0x7b0, 0x0) [ 178.673038][ T8989] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 178.680212][ T8989] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 178.707174][ T8989] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 178.736005][ T8454] usb 1-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=a7.ab [ 178.745896][ T8454] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 178.806239][ T8454] usb 1-1: config 0 descriptor?? [ 178.809148][ T8989] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 178.818526][ T8989] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 178.845484][ T8989] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 178.979894][ T1987] Bluetooth: hci2: command 0x0409 tx timeout [ 179.066202][ T8454] dvb_usb_dtv5100: probe of 1-1:0.0 failed with error -71 [ 179.072020][ T8989] device hsr_slave_0 entered promiscuous mode [ 179.091655][ T8454] usb 1-1: USB disconnect, device number 2 17:20:24 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x3ff, 0x80000001, {0x0}, {}, 0x1, 0x3ff}) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={r1, 0xee00, 0xffffffffffffffff}, 0xc) openat$vmci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vmci\x00', 0x2, 0x0) [ 179.151533][ T8989] device hsr_slave_1 entered promiscuous mode [ 179.204731][ T8989] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 179.212417][ T8989] Cannot create hsr debugfs directory 17:20:25 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x3ff, 0x80000001, {0x0}, {}, 0x1, 0x3ff}) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={r1, 0xee00, 0xffffffffffffffff}, 0xc) [ 179.699718][ T8989] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 179.766554][ T8989] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 179.819221][ T8989] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 179.859521][ T8989] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 180.364911][ T8989] 8021q: adding VLAN 0 to HW filter on device bond0 [ 180.396939][ T8453] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 180.405928][ T8453] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 180.429549][ T8989] 8021q: adding VLAN 0 to HW filter on device team0 [ 180.456586][ T8453] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 180.466307][ T8453] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 180.475866][ T8453] bridge0: port 1(bridge_slave_0) entered blocking state [ 180.483116][ T8453] bridge0: port 1(bridge_slave_0) entered forwarding state [ 180.545662][ T8453] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 180.554842][ T8453] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 180.564989][ T8453] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 180.574196][ T8453] bridge0: port 2(bridge_slave_1) entered blocking state [ 180.581765][ T8453] bridge0: port 2(bridge_slave_1) entered forwarding state [ 180.590927][ T8453] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 180.601880][ T8453] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 180.629368][ T8453] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 180.640088][ T8453] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 180.656546][ T8453] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 180.675284][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 180.686765][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 180.710162][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 180.720154][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 180.751465][ T8989] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 180.765087][ T8989] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 180.777939][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 180.787869][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 180.842947][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 180.850794][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 180.879490][ T8989] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 180.940117][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 180.950067][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 181.006095][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 181.015830][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 181.038240][ T8989] device veth0_vlan entered promiscuous mode [ 181.047240][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 181.056224][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 181.088611][ T8454] Bluetooth: hci2: command 0x041b tx timeout [ 181.097451][ T8989] device veth1_vlan entered promiscuous mode [ 181.167868][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 181.177564][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 181.187001][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 181.196949][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 181.219766][ T8989] device veth0_macvtap entered promiscuous mode [ 181.239597][ T8989] device veth1_macvtap entered promiscuous mode [ 181.296459][ T8989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 181.307152][ T8989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.317290][ T8989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 181.328120][ T8989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.341904][ T8989] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 181.350262][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 181.359823][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 181.369162][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 181.379134][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 181.406724][ T8989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 181.417997][ T8989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.428138][ T8989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 181.438883][ T8989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.452892][ T8989] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 181.461051][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 181.471033][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 181.499852][ T8989] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.509573][ T8989] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.518663][ T8989] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.527731][ T8989] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.902574][ T23] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 181.910643][ T23] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 181.935450][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 182.058181][ T23] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 182.066796][ T23] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 182.077021][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 17:20:28 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00', 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000040)={0x28, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0xa}]}]}]}, 0x28}}, 0x0) 17:20:28 executing program 0: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed={[], 0x10}}}}, 0x9) syz_usb_connect(0x0, 0x24, &(0x7f0000000f00)={{0x12, 0x1, 0x0, 0x5, 0xee, 0x59, 0x10, 0x6be, 0xa232, 0xa7ab, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x95, 0xec, 0xa5}}]}}]}}, 0x0) 17:20:28 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0, 0xee00, 0xffffffffffffffff}, 0xc) 17:20:28 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0, 0xee00, 0xffffffffffffffff}, 0xc) 17:20:28 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00', 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000040)={0x28, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0xa}]}]}]}, 0x28}}, 0x0) [ 182.905325][ T8454] usb 1-1: new high-speed USB device number 3 using dummy_hcd 17:20:28 executing program 1: setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080)={0x0, 0xee00, 0xffffffffffffffff}, 0xc) 17:20:28 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00', 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000040)={0x28, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0xa}]}]}]}, 0x28}}, 0x0) [ 183.135865][ T1987] Bluetooth: hci2: command 0x040f tx timeout [ 183.154793][ T8454] usb 1-1: Using ep0 maxpacket: 16 [ 183.276137][ T8454] usb 1-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=a7.ab [ 183.286608][ T8454] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 183.363984][ T8454] usb 1-1: config 0 descriptor?? 17:20:29 executing program 1: setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080)={0x0, 0xee00, 0xffffffffffffffff}, 0xc) 17:20:29 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00', 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000040)={0x28, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0xa}]}]}]}, 0x28}}, 0x0) [ 183.625446][ T8454] dvb_usb_dtv5100: probe of 1-1:0.0 failed with error -71 [ 183.656976][ T8454] usb 1-1: USB disconnect, device number 3 17:20:29 executing program 1: setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080)={0x0, 0xee00, 0xffffffffffffffff}, 0xc) 17:20:29 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00', 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000040)={0x28, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0xa}]}]}]}, 0x28}}, 0x0) 17:20:29 executing program 1: r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0, 0xee00, 0xffffffffffffffff}, 0xc) 17:20:29 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00', 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000040)={0x28, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0xa}]}]}]}, 0x28}}, 0x0) 17:20:29 executing program 0: setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080)={0x0, 0xee00, 0xffffffffffffffff}, 0xc) 17:20:30 executing program 1: r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0, 0xee00, 0xffffffffffffffff}, 0xc) 17:20:30 executing program 2: r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0, 0xee00, 0xffffffffffffffff}, 0xc) 17:20:30 executing program 0: setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080)={0x0, 0xee00, 0xffffffffffffffff}, 0xc) 17:20:30 executing program 1: r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0, 0xee00, 0xffffffffffffffff}, 0xc) 17:20:30 executing program 2: r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0, 0xee00, 0xffffffffffffffff}, 0xc) 17:20:30 executing program 0: setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080)={0x0, 0xee00, 0xffffffffffffffff}, 0xc) 17:20:30 executing program 1: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080)={0x0, 0xee00, 0xffffffffffffffff}, 0xc) 17:20:30 executing program 2: r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0, 0xee00, 0xffffffffffffffff}, 0xc) [ 185.214765][ T8454] Bluetooth: hci2: command 0x0419 tx timeout 17:20:31 executing program 0: setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) 17:20:31 executing program 2: openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) 17:20:31 executing program 1: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080)={0x0, 0xee00, 0xffffffffffffffff}, 0xc) 17:20:31 executing program 0: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed={[], 0x10}}}}, 0x9) syz_usb_connect(0x0, 0x24, &(0x7f0000000f00)={{0x12, 0x1, 0x0, 0x5, 0xee, 0x59, 0x10, 0x6be, 0xa232, 0xa7ab, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x95, 0xec, 0xa5}}]}}]}}, 0x0) 17:20:31 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed={[], 0x10}}}}, 0x9) syz_usb_connect(0x0, 0x24, &(0x7f0000000f00)={{0x12, 0x1, 0x0, 0x5, 0xee, 0x59, 0x10, 0x6be, 0xa232, 0xa7ab, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x95, 0xec, 0xa5}}]}}]}}, 0x0) 17:20:31 executing program 1: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080)={0x0, 0xee00, 0xffffffffffffffff}, 0xc) 17:20:32 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) setsockopt$sock_cred(r0, 0x1, 0x11, 0x0, 0x0) [ 186.386919][ T1987] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 186.628263][ T8453] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 186.634830][ T1987] usb 1-1: Using ep0 maxpacket: 16 17:20:32 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x3ff, 0x80000001, {0x0}, {}, 0x1, 0x3ff}) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={r1, 0xee00, 0xffffffffffffffff}, 0xc) openat$vmci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vmci\x00', 0x2, 0x0) [ 186.755962][ T1987] usb 1-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=a7.ab [ 186.766033][ T1987] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 186.838804][ T1987] usb 1-1: config 0 descriptor?? [ 186.885157][ T8453] usb 3-1: Using ep0 maxpacket: 16 [ 187.006134][ T8453] usb 3-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=a7.ab [ 187.015886][ T8453] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 17:20:32 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x3ff, 0x80000001, {0x0}, {}, 0x1, 0x3ff}) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={r1, 0xee00, 0xffffffffffffffff}, 0xc) openat$vmci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vmci\x00', 0x2, 0x0) [ 187.048797][ T8453] usb 3-1: config 0 descriptor?? [ 187.105128][ T1987] dvb_usb_dtv5100: probe of 1-1:0.0 failed with error -71 [ 187.146206][ T1987] usb 1-1: USB disconnect, device number 4 [ 187.342544][ T8453] dvb_usb_dtv5100: probe of 3-1:0.0 failed with error -71 [ 187.374463][ T8453] usb 3-1: USB disconnect, device number 2 17:20:33 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x3ff, 0x80000001, {0x0}, {}, 0x1, 0x3ff}) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={r1, 0xee00, 0xffffffffffffffff}, 0xc) openat$vmci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vmci\x00', 0x2, 0x0) 17:20:33 executing program 0: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x3ff, 0x80000001, {0x0}, {}, 0x1, 0x3ff}) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={r1, 0xee00, 0xffffffffffffffff}, 0xc) r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vmci\x00', 0x2, 0x0) ioctl$IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(r2, 0x7b0, 0x0) 17:20:33 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x3ff, 0x80000001, {}, {}, 0x1, 0x3ff}) openat$vmci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vmci\x00', 0x2, 0x0) 17:20:33 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed={[], 0x10}}}}, 0x9) syz_usb_connect(0x0, 0x24, &(0x7f0000000f00)={{0x12, 0x1, 0x0, 0x5, 0xee, 0x59, 0x10, 0x6be, 0xa232, 0xa7ab, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x95, 0xec, 0xa5}}]}}]}}, 0x0) 17:20:33 executing program 0: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x3ff, 0x80000001, {0x0}, {}, 0x1, 0x3ff}) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={r1, 0xee00, 0xffffffffffffffff}, 0xc) r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vmci\x00', 0x2, 0x0) ioctl$IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(r2, 0x7b0, 0x0) 17:20:33 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) openat$vmci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vmci\x00', 0x2, 0x0) 17:20:34 executing program 1: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) openat$vmci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vmci\x00', 0x2, 0x0) 17:20:34 executing program 0: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x3ff, 0x80000001, {0x0}, {}, 0x1, 0x3ff}) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={r1, 0xee00, 0xffffffffffffffff}, 0xc) r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vmci\x00', 0x2, 0x0) ioctl$IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(r2, 0x7b0, 0x0) [ 188.556533][ T789] usb 3-1: new high-speed USB device number 3 using dummy_hcd 17:20:34 executing program 1: openat$vmci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vmci\x00', 0x2, 0x0) 17:20:34 executing program 0: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x3ff, 0x80000001, {0x0}, {}, 0x1, 0x3ff}) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={r1, 0xee00, 0xffffffffffffffff}, 0xc) openat$vmci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vmci\x00', 0x2, 0x0) [ 188.809530][ T789] usb 3-1: Using ep0 maxpacket: 16 17:20:34 executing program 1: openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0) [ 188.957619][ T789] usb 3-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=a7.ab [ 188.967352][ T789] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 17:20:34 executing program 0: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x3ff, 0x80000001, {0x0}, {}, 0x1, 0x3ff}) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={r1, 0xee00, 0xffffffffffffffff}, 0xc) [ 189.063682][ T789] usb 3-1: config 0 descriptor?? 17:20:34 executing program 1: openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0) 17:20:34 executing program 0: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x3ff, 0x80000001, {}, {}, 0x1, 0x3ff}) [ 189.326287][ T789] dvb_usb_dtv5100: probe of 3-1:0.0 failed with error -71 [ 189.359662][ T789] usb 3-1: USB disconnect, device number 3 17:20:35 executing program 1: openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0) 17:20:35 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed={[], 0x10}}}}, 0x9) syz_usb_connect(0x0, 0x24, &(0x7f0000000f00)={{0x12, 0x1, 0x0, 0x5, 0xee, 0x59, 0x10, 0x6be, 0xa232, 0xa7ab, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x95, 0xec, 0xa5}}]}}]}}, 0x0) 17:20:35 executing program 0: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) 17:20:35 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x3ff, 0x80000001, {0x0}, {}, 0x1, 0x3ff}) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={r1, 0xee00, 0xffffffffffffffff}, 0xc) openat$vmci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vmci\x00', 0x2, 0x0) 17:20:35 executing program 0: preadv(0xffffffffffffffff, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) 17:20:36 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x3ff, 0x80000001, {0x0}, {}, 0x1, 0x3ff}) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={r1, 0xee00, 0xffffffffffffffff}, 0xc) openat$vmci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vmci\x00', 0x2, 0x0) [ 190.584872][ T8466] usb 3-1: new high-speed USB device number 4 using dummy_hcd 17:20:36 executing program 0: preadv(0xffffffffffffffff, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) 17:20:36 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x3ff, 0x80000001, {0x0}, {}, 0x1, 0x3ff}) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={r1, 0xee00, 0xffffffffffffffff}, 0xc) openat$vmci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vmci\x00', 0x2, 0x0) [ 190.825739][ T8466] usb 3-1: Using ep0 maxpacket: 16 [ 190.957050][ T8466] usb 3-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=a7.ab [ 190.966521][ T8466] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 191.032717][ T8466] usb 3-1: config 0 descriptor?? 17:20:36 executing program 0: preadv(0xffffffffffffffff, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) 17:20:36 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x3ff, 0x80000001, {0x0}, {}, 0x1, 0x3ff}) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={r1, 0xee00, 0xffffffffffffffff}, 0xc) openat$vmci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vmci\x00', 0x2, 0x0) [ 191.295898][ T8466] dvb_usb_dtv5100: probe of 3-1:0.0 failed with error -71 [ 191.325462][ T8466] usb 3-1: USB disconnect, device number 4 17:20:37 executing program 0: r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) 17:20:37 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x3ff, 0x80000001, {0x0}, {}, 0x1, 0x3ff}) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={r1, 0xee00, 0xffffffffffffffff}, 0xc) 17:20:37 executing program 0: r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) 17:20:37 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed={[], 0x10}}}}, 0x9) 17:20:37 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x3ff, 0x80000001, {}, {}, 0x1, 0x3ff}) 17:20:37 executing program 0: r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) 17:20:38 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed={[], 0x10}}}}, 0x9) 17:20:38 executing program 3: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed={[], 0x10}}}}, 0x9) 17:20:38 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) 17:20:38 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed={[], 0x10}}}}, 0x9) 17:20:38 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) 17:20:38 executing program 2: syz_emit_vhci(0x0, 0x0) 17:20:38 executing program 1: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) 17:20:38 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) 17:20:39 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) 17:20:39 executing program 2: syz_emit_vhci(0x0, 0x0) 17:20:39 executing program 1: openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) 17:20:39 executing program 0: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, 0x0, 0x0, 0x0, 0x0) 17:20:39 executing program 2: syz_emit_vhci(0x0, 0x0) [ 195.755565][ T9489] IPVS: ftp: loaded support on port[0] = 21 [ 196.175696][ T9489] chnl_net:caif_netlink_parms(): no params data found [ 196.296319][ T9489] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.303632][ T9489] bridge0: port 1(bridge_slave_0) entered disabled state [ 196.313404][ T9489] device bridge_slave_0 entered promiscuous mode [ 196.332061][ T9489] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.339903][ T9489] bridge0: port 2(bridge_slave_1) entered disabled state [ 196.349520][ T9489] device bridge_slave_1 entered promiscuous mode [ 196.394522][ T9489] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 196.412131][ T9489] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 196.461775][ T9489] team0: Port device team_slave_0 added [ 196.474962][ T9489] team0: Port device team_slave_1 added [ 196.514183][ T9489] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 196.521893][ T9489] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 196.549205][ T9489] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 196.571406][ T9489] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 196.578966][ T9489] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 196.605994][ T9489] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 196.668605][ T9489] device hsr_slave_0 entered promiscuous mode [ 196.687187][ T9489] device hsr_slave_1 entered promiscuous mode [ 196.698236][ T9489] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 196.706601][ T9489] Cannot create hsr debugfs directory [ 196.963414][ T9489] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 196.993646][ T9489] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 197.027844][ T9489] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 197.044512][ T9489] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 197.389221][ T9489] 8021q: adding VLAN 0 to HW filter on device bond0 [ 197.426314][ T1987] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 197.435809][ T1987] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 197.456729][ T9489] 8021q: adding VLAN 0 to HW filter on device team0 [ 197.480031][ T1987] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 197.490019][ T1987] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 197.499843][ T1987] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.507263][ T1987] bridge0: port 1(bridge_slave_0) entered forwarding state [ 197.569466][ T1987] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 197.578825][ T1987] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 197.588909][ T1987] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 197.598338][ T1987] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.606029][ T1987] bridge0: port 2(bridge_slave_1) entered forwarding state [ 197.615796][ T1987] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 197.620871][ T8466] Bluetooth: hci3: command 0x0409 tx timeout [ 197.627913][ T1987] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 197.642359][ T1987] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 197.655750][ T1987] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 197.672434][ T1987] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 197.686942][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 197.697824][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 197.724085][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 197.734152][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 197.773786][ T9489] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 197.787575][ T9489] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 197.810196][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 197.820094][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 197.879135][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 197.887269][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 197.926771][ T9489] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 197.989303][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 197.999624][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 198.064313][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 198.074907][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 198.099907][ T9489] device veth0_vlan entered promiscuous mode [ 198.112624][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 198.121910][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 198.156083][ T9489] device veth1_vlan entered promiscuous mode [ 198.197221][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 198.210589][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 198.267041][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 198.278193][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 198.301440][ T9489] device veth0_macvtap entered promiscuous mode [ 198.330859][ T9489] device veth1_macvtap entered promiscuous mode [ 198.382688][ T9489] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 198.396032][ T9489] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 198.406447][ T9489] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 198.417208][ T9489] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 198.427266][ T9489] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 198.437948][ T9489] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 198.452255][ T9489] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 198.460371][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 198.470175][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 198.479763][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 198.490690][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 198.526081][ T9489] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 198.538215][ T9489] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 198.550149][ T9489] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 198.561081][ T9489] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 198.571094][ T9489] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 198.581783][ T9489] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 198.595637][ T9489] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 198.604041][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 198.614165][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 198.646563][ T9489] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.656231][ T9489] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.665320][ T9489] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.674227][ T9489] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 199.013027][ T1465] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 199.021637][ T1465] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 199.030330][ T8453] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 199.180611][ T1465] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 199.189341][ T1465] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 199.202700][ T8454] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 17:20:45 executing program 3: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed={[], 0x10}}}}, 0x9) 17:20:45 executing program 1: openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) 17:20:45 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) 17:20:45 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) [ 199.706740][ T8453] Bluetooth: hci3: command 0x041b tx timeout 17:20:45 executing program 1: openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) 17:20:45 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) 17:20:45 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) 17:20:45 executing program 3: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed={[], 0x10}}}}, 0x9) 17:20:46 executing program 1: syz_emit_vhci(0x0, 0x0) 17:20:46 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) 17:20:46 executing program 2 (fault-call:0 fault-nth:0): syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) 17:20:46 executing program 3: syz_emit_vhci(0x0, 0x0) [ 200.667581][ T9743] FAULT_INJECTION: forcing a failure. [ 200.667581][ T9743] name failslab, interval 1, probability 0, space 0, times 1 [ 200.681118][ T9743] CPU: 0 PID: 9743 Comm: syz-executor.2 Not tainted 5.11.0-rc7-syzkaller #0 [ 200.689956][ T9743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 200.700193][ T9743] Call Trace: [ 200.703577][ T9743] dump_stack+0x21c/0x280 [ 200.708142][ T9743] should_fail+0x8bd/0x9e0 [ 200.712776][ T9743] __should_failslab+0x1f1/0x290 [ 200.718235][ T9743] should_failslab+0x29/0x70 [ 200.723003][ T9743] kmem_cache_alloc_node+0xfc/0x10f0 [ 200.728644][ T9743] ? __alloc_skb+0x223/0xb30 [ 200.733442][ T9743] __alloc_skb+0x223/0xb30 [ 200.739816][ T9743] vhci_write+0x18a/0x880 [ 200.744348][ T9743] ? iov_iter_init+0x196/0x290 [ 200.749292][ T9743] ? kmsan_get_metadata+0x116/0x180 [ 200.755905][ T9743] ? vhci_read+0xbf0/0xbf0 [ 200.760497][ T9743] vfs_write+0x1083/0x1b00 [ 200.765123][ T9743] ksys_write+0x275/0x500 [ 200.769641][ T9743] __se_sys_write+0x92/0xb0 [ 200.774342][ T9743] __x64_sys_write+0x4a/0x70 [ 200.779114][ T9743] do_syscall_64+0x9f/0x140 [ 200.783799][ T9743] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 200.789868][ T9743] RIP: 0033:0x41913f [ 200.793976][ T9743] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 200.813912][ T9743] RSP: 002b:00007f7b88d68150 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 200.822595][ T9743] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 000000000041913f [ 200.830709][ T9743] RDX: 0000000000000009 RSI: 0000000020000000 RDI: 00000000000000f1 [ 200.838819][ T9743] RBP: 00007f7b88d681d0 R08: 0000000000000000 R09: 0000000000000000 [ 200.846998][ T9743] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 200.855107][ T9743] R13: 0000000000a9fb1f R14: 00007f7b88d68300 R15: 0000000000022000 17:20:46 executing program 1: syz_emit_vhci(0x0, 0x0) 17:20:46 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) 17:20:46 executing program 2 (fault-call:0 fault-nth:1): syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) [ 201.407640][ T9753] FAULT_INJECTION: forcing a failure. [ 201.407640][ T9753] name failslab, interval 1, probability 0, space 0, times 0 [ 201.420623][ T9753] CPU: 1 PID: 9753 Comm: syz-executor.2 Not tainted 5.11.0-rc7-syzkaller #0 [ 201.429462][ T9753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 201.439724][ T9753] Call Trace: [ 201.443092][ T9753] dump_stack+0x21c/0x280 [ 201.447627][ T9753] should_fail+0x8bd/0x9e0 [ 201.452238][ T9753] __should_failslab+0x1f1/0x290 [ 201.457343][ T9753] should_failslab+0x29/0x70 [ 201.462093][ T9753] __kmalloc_node_track_caller+0x1d9/0x1430 [ 201.468184][ T9753] ? kmem_cache_alloc_node+0xb93/0x10f0 [ 201.473930][ T9753] ? vhci_write+0x18a/0x880 [ 201.478612][ T9753] ? vhci_write+0x18a/0x880 [ 201.483292][ T9753] __alloc_skb+0x2f8/0xb30 [ 201.487908][ T9753] ? vhci_write+0x18a/0x880 [ 201.492593][ T9753] vhci_write+0x18a/0x880 [ 201.497085][ T9753] ? iov_iter_init+0x196/0x290 [ 201.502111][ T9753] ? kmsan_get_metadata+0x116/0x180 [ 201.507515][ T9753] ? vhci_read+0xbf0/0xbf0 [ 201.512087][ T9753] vfs_write+0x1083/0x1b00 [ 201.516714][ T9753] ksys_write+0x275/0x500 [ 201.521224][ T9753] __se_sys_write+0x92/0xb0 [ 201.525907][ T9753] __x64_sys_write+0x4a/0x70 [ 201.531190][ T9753] do_syscall_64+0x9f/0x140 [ 201.535895][ T9753] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 201.542066][ T9753] RIP: 0033:0x41913f [ 201.546070][ T9753] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 201.566723][ T9753] RSP: 002b:00007f7b88d68150 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 201.576711][ T9753] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 000000000041913f [ 201.584803][ T9753] RDX: 0000000000000009 RSI: 0000000020000000 RDI: 00000000000000f1 [ 201.592970][ T9753] RBP: 00007f7b88d681d0 R08: 0000000000000000 R09: 0000000000000000 17:20:47 executing program 1: syz_emit_vhci(0x0, 0x0) 17:20:47 executing program 0: openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) [ 201.601053][ T9753] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 201.609137][ T9753] R13: 0000000000a9fb1f R14: 00007f7b88d68300 R15: 0000000000022000 17:20:47 executing program 3: syz_emit_vhci(0x0, 0x0) [ 201.774739][ T8453] Bluetooth: hci3: command 0x040f tx timeout 17:20:47 executing program 2 (fault-call:0 fault-nth:2): syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) 17:20:47 executing program 0: openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) 17:20:47 executing program 1 (fault-call:0 fault-nth:0): syz_emit_vhci(0x0, 0x0) 17:20:47 executing program 3: syz_emit_vhci(0x0, 0x0) [ 202.345706][ T9766] FAULT_INJECTION: forcing a failure. [ 202.345706][ T9766] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 202.359302][ T9766] CPU: 1 PID: 9766 Comm: syz-executor.2 Not tainted 5.11.0-rc7-syzkaller #0 [ 202.369202][ T9766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 202.379733][ T9766] Call Trace: [ 202.383199][ T9766] dump_stack+0x21c/0x280 [ 202.387736][ T9766] should_fail+0x8bd/0x9e0 [ 202.392351][ T9766] should_fail_usercopy+0x39/0x40 [ 202.397560][ T9766] _copy_from_iter_full+0x411/0x18f0 [ 202.403055][ T9766] ? kmsan_get_metadata+0x116/0x180 [ 202.408451][ T9766] ? kmsan_get_metadata+0x116/0x180 [ 202.413883][ T9766] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 202.420178][ T9766] ? skb_put+0x21e/0x350 [ 202.424795][ T9766] vhci_write+0x312/0x880 [ 202.429306][ T9766] ? vhci_read+0xbf0/0xbf0 [ 202.433878][ T9766] vfs_write+0x1083/0x1b00 [ 202.438505][ T9766] ksys_write+0x275/0x500 [ 202.443810][ T9766] __se_sys_write+0x92/0xb0 [ 202.449813][ T9766] __x64_sys_write+0x4a/0x70 [ 202.454682][ T9766] do_syscall_64+0x9f/0x140 [ 202.459377][ T9766] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 202.465452][ T9766] RIP: 0033:0x41913f [ 202.469458][ T9766] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 17:20:48 executing program 0: openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) [ 202.489230][ T9766] RSP: 002b:00007f7b88d68150 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 202.497846][ T9766] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 000000000041913f [ 202.506066][ T9766] RDX: 0000000000000009 RSI: 0000000020000000 RDI: 00000000000000f1 [ 202.514156][ T9766] RBP: 00007f7b88d681d0 R08: 0000000000000000 R09: 0000000000000000 [ 202.523377][ T9766] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 202.531474][ T9766] R13: 0000000000a9fb1f R14: 00007f7b88d68300 R15: 0000000000022000 [ 202.617374][ T9769] FAULT_INJECTION: forcing a failure. [ 202.617374][ T9769] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 202.630821][ T9769] CPU: 1 PID: 9769 Comm: syz-executor.1 Not tainted 5.11.0-rc7-syzkaller #0 [ 202.640094][ T9769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 202.650264][ T9769] Call Trace: [ 202.653730][ T9769] dump_stack+0x21c/0x280 [ 202.658264][ T9769] should_fail+0x8bd/0x9e0 [ 202.660946][ T3127] ieee802154 phy0 wpan0: encryption failed: -22 [ 202.662870][ T9769] should_fail_usercopy+0x39/0x40 [ 202.669428][ T3127] ieee802154 phy1 wpan1: encryption failed: -22 [ 202.674325][ T9769] _copy_to_user+0x61/0x270 [ 202.685220][ T9769] ? kmsan_get_metadata+0x116/0x180 [ 202.690807][ T9769] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 202.696994][ T9769] simple_read_from_buffer+0x2ec/0x490 [ 202.702651][ T9769] proc_fail_nth_read+0x323/0x400 [ 202.707872][ T9769] ? proc_fault_inject_write+0x5e0/0x5e0 [ 202.713748][ T9769] vfs_read+0x533/0x15a0 [ 202.718181][ T9769] ? kmsan_internal_set_origin+0x85/0xc0 [ 202.724024][ T9769] ? kmsan_get_metadata+0x116/0x180 [ 202.729421][ T9769] ksys_read+0x275/0x500 [ 202.733853][ T9769] __se_sys_read+0x92/0xb0 [ 202.738797][ T9769] __x64_sys_read+0x4a/0x70 [ 202.743520][ T9769] do_syscall_64+0x9f/0x140 [ 202.748232][ T9769] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 202.754325][ T9769] RIP: 0033:0x4191dc [ 202.758346][ T9769] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 202.778831][ T9769] RSP: 002b:00007f93fdfcc170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 202.787420][ T9769] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00000000004191dc [ 202.795529][ T9769] RDX: 000000000000000f RSI: 00007f93fdfcc1e0 RDI: 0000000000000003 [ 202.803639][ T9769] RBP: 00007f93fdfcc1d0 R08: 0000000000000000 R09: 0000000000000000 [ 202.811748][ T9769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 202.819877][ T9769] R13: 0000000000a9fb1f R14: 00007f93fdfcc300 R15: 0000000000022000 17:20:48 executing program 0 (fault-call:0 fault-nth:0): openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) 17:20:48 executing program 3: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) 17:20:48 executing program 1: syz_emit_vhci(0x0, 0x0) 17:20:48 executing program 2 (fault-call:0 fault-nth:3): syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) [ 203.259252][ T9776] FAULT_INJECTION: forcing a failure. [ 203.259252][ T9776] name failslab, interval 1, probability 0, space 0, times 0 [ 203.273041][ T9776] CPU: 0 PID: 9776 Comm: syz-executor.0 Not tainted 5.11.0-rc7-syzkaller #0 [ 203.281883][ T9776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 203.292502][ T9776] Call Trace: [ 203.295987][ T9776] dump_stack+0x21c/0x280 [ 203.300510][ T9776] should_fail+0x8bd/0x9e0 [ 203.305163][ T9776] __should_failslab+0x1f1/0x290 [ 203.310267][ T9776] should_failslab+0x29/0x70 [ 203.315023][ T9776] kmem_cache_alloc+0xee/0xff0 [ 203.319954][ T9776] ? getname_flags+0x154/0xbe0 [ 203.324938][ T9776] ? kmsan_get_metadata+0x116/0x180 [ 203.330443][ T9776] getname_flags+0x154/0xbe0 [ 203.335214][ T9776] ? build_open_flags+0x9df/0xad0 [ 203.340404][ T9776] getname+0x55/0x60 [ 203.344467][ T9776] do_sys_openat2+0x133/0x830 [ 203.349356][ T9776] __se_sys_openat+0x2b5/0x320 [ 203.354390][ T9776] __x64_sys_openat+0x56/0x70 [ 203.359229][ T9776] do_syscall_64+0x9f/0x140 [ 203.364072][ T9776] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 203.370162][ T9776] RIP: 0033:0x466459 [ 203.374168][ T9776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 203.395409][ T9776] RSP: 002b:00007fe6f719d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 203.404008][ T9776] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459 [ 203.412301][ T9776] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffff9c [ 203.420498][ T9776] RBP: 00007fe6f719d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 203.428620][ T9776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 203.437139][ T9776] R13: 0000000000a9fb1f R14: 00007fe6f719d300 R15: 0000000000022000 [ 203.668114][ T9780] FAULT_INJECTION: forcing a failure. [ 203.668114][ T9780] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 203.681666][ T9780] CPU: 0 PID: 9780 Comm: syz-executor.2 Not tainted 5.11.0-rc7-syzkaller #0 [ 203.690526][ T9780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 203.700907][ T9780] Call Trace: [ 203.704283][ T9780] dump_stack+0x21c/0x280 [ 203.708810][ T9780] should_fail+0x8bd/0x9e0 [ 203.713436][ T9780] should_fail_usercopy+0x39/0x40 [ 203.718659][ T9780] _copy_to_user+0x61/0x270 [ 203.723595][ T9780] ? kmsan_get_metadata+0x116/0x180 [ 203.729780][ T9780] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 203.736239][ T9780] simple_read_from_buffer+0x2ec/0x490 [ 203.741911][ T9780] proc_fail_nth_read+0x323/0x400 [ 203.747124][ T9780] ? proc_fault_inject_write+0x5e0/0x5e0 [ 203.753297][ T9780] vfs_read+0x533/0x15a0 [ 203.757734][ T9780] ? kmsan_internal_set_origin+0x85/0xc0 [ 203.763568][ T9780] ? kmsan_get_metadata+0x116/0x180 [ 203.768974][ T9780] ksys_read+0x275/0x500 [ 203.773493][ T9780] __se_sys_read+0x92/0xb0 [ 203.778109][ T9780] __x64_sys_read+0x4a/0x70 [ 203.782793][ T9780] do_syscall_64+0x9f/0x140 [ 203.787489][ T9780] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 203.793668][ T9780] RIP: 0033:0x4191dc [ 203.797683][ T9780] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 17:20:49 executing program 3 (fault-call:0 fault-nth:0): syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) [ 203.817547][ T9780] RSP: 002b:00007f7b88d68170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 203.827305][ T9780] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000004191dc [ 203.835758][ T9780] RDX: 000000000000000f RSI: 00007f7b88d681e0 RDI: 0000000000000003 [ 203.844657][ T9780] RBP: 00007f7b88d681d0 R08: 0000000000000000 R09: 0000000000000000 [ 203.852780][ T9780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 203.861624][ T9780] R13: 0000000000a9fb1f R14: 00007f7b88d68300 R15: 0000000000022000 [ 203.897757][ T789] Bluetooth: hci3: command 0x0419 tx timeout [ 204.276464][ T9787] FAULT_INJECTION: forcing a failure. [ 204.276464][ T9787] name failslab, interval 1, probability 0, space 0, times 0 [ 204.289563][ T9787] CPU: 0 PID: 9787 Comm: syz-executor.3 Not tainted 5.11.0-rc7-syzkaller #0 [ 204.298420][ T9787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 204.311468][ T9787] Call Trace: [ 204.315808][ T9787] dump_stack+0x21c/0x280 [ 204.320522][ T9787] should_fail+0x8bd/0x9e0 [ 204.325683][ T9787] __should_failslab+0x1f1/0x290 [ 204.331315][ T9787] should_failslab+0x29/0x70 [ 204.336169][ T9787] kmem_cache_alloc_node+0xfc/0x10f0 [ 204.341636][ T9787] ? __alloc_skb+0x223/0xb30 [ 204.346436][ T9787] __alloc_skb+0x223/0xb30 [ 204.351062][ T9787] vhci_write+0x18a/0x880 [ 204.355671][ T9787] ? iov_iter_init+0x196/0x290 [ 204.360628][ T9787] ? kmsan_get_metadata+0x116/0x180 [ 204.366811][ T9787] ? vhci_read+0xbf0/0xbf0 [ 204.371389][ T9787] vfs_write+0x1083/0x1b00 [ 204.376018][ T9787] ksys_write+0x275/0x500 [ 204.380548][ T9787] __se_sys_write+0x92/0xb0 [ 204.385952][ T9787] __x64_sys_write+0x4a/0x70 [ 204.390730][ T9787] do_syscall_64+0x9f/0x140 [ 204.395458][ T9787] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 204.401626][ T9787] RIP: 0033:0x41913f [ 204.405903][ T9787] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 204.432187][ T9787] RSP: 002b:00007fbb99d78150 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 204.440838][ T9787] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 000000000041913f [ 204.448944][ T9787] RDX: 0000000000000009 RSI: 0000000020000000 RDI: 00000000000000f1 [ 204.457044][ T9787] RBP: 00007fbb99d781d0 R08: 0000000000000000 R09: 0000000000000000 [ 204.465152][ T9787] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 204.473268][ T9787] R13: 0000000000a9fb1f R14: 00007fbb99d78300 R15: 0000000000022000 17:20:50 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) 17:20:50 executing program 1: syz_emit_vhci(0x0, 0xf0ff7f) 17:20:50 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) 17:20:50 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x2, 0x0) 17:20:50 executing program 1: syz_emit_vhci(0x0, 0x7ffff000) 17:20:51 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x2, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) 17:20:51 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x3, 0x0) 17:20:51 executing program 3: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) 17:20:51 executing program 1: syz_emit_vhci(0x0, 0x10000000000) [ 205.667407][ T1979] Bluetooth: hci2: ACL packet for unknown connection handle 1559 [ 205.675497][ T1979] Bluetooth: hci2: ACL packet for unknown connection handle 1559 17:20:51 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x3, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) 17:20:51 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x4, 0x0) 17:20:51 executing program 3: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x2, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) 17:20:51 executing program 1: syz_emit_vhci(0x0, 0x7ffffffff000) [ 206.142436][ T1979] Bluetooth: hci2: SCO packet for unknown connection handle 1559 [ 206.152971][ T1979] Bluetooth: hci2: SCO packet for unknown connection handle 1559 17:20:51 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x5, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) [ 206.310192][ T1979] Bluetooth: hci3: ACL packet for unknown connection handle 1559 [ 206.337207][ T1979] Bluetooth: hci3: ACL packet for unknown connection handle 1559 17:20:52 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x5, 0x0) 17:20:52 executing program 3: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x3, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) 17:20:52 executing program 1: syz_emit_vhci(0x0, 0xf0ff7f00000000) 17:20:52 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) [ 206.848949][ T1979] Bluetooth: hci3: SCO packet for unknown connection handle 1559 [ 206.856999][ T1979] Bluetooth: hci3: SCO packet for unknown connection handle 1559 17:20:52 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x6, 0x0) 17:20:52 executing program 3: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x5, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) 17:20:52 executing program 1: syz_emit_vhci(0x0, 0xf0ffffff7f0000) 17:20:52 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed={[], 0x8}}}}, 0x9) 17:20:53 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x7, 0x0) 17:20:53 executing program 3: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) 17:20:53 executing program 1: syz_emit_vhci(0x0, 0xffffffffffffffff) 17:20:53 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed={[], 0xff}}}}, 0x9) 17:20:53 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x8, 0x0) 17:20:53 executing program 1: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x1]}, 0x8, 0x80000) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{0x7f, 0x1, 0x1, 0x81}, 'syz0\x00', 0x4e}) syz_emit_vhci(0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f00000000c0)={0x8, 0x80, {0x0}, {0xee01}, 0x7, 0x4}) ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000100)=r1) 17:20:53 executing program 3: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed={[], 0x8}}}}, 0x9) 17:20:54 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0xfdef) 17:20:54 executing program 1: syz_emit_vhci(0x0, 0x0) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_pkt_type_change={{0x1d, 0x5}, {0x2, 0xc8, 0x108}}}, 0x8) 17:20:54 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x9, 0x0) 17:20:54 executing program 3: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed={[], 0xff}}}}, 0x9) 17:20:54 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x20000009) 17:20:54 executing program 1: syz_emit_vhci(0x0, 0x0) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x6}}}, 0x4) 17:20:54 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0xa, 0x0) 17:20:54 executing program 3: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0xfdef) [ 209.179358][ T1979] Bluetooth: hci1: hardware error 0x06 17:20:54 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x7ffff000) 17:20:55 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0xb, 0x0) 17:20:55 executing program 1: syz_emit_vhci(0x0, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000000)=0x6757) 17:20:55 executing program 3: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x20000009) 17:20:55 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0xc, 0x0) 17:20:55 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0xfffffdef) 17:20:55 executing program 1: ioctl$KDFONTOP_SET_DEF(0xffffffffffffffff, 0x4b72, &(0x7f0000000400)={0x2, 0x1, 0x8, 0x4, 0x18, &(0x7f0000000000)="07cb2bd2e3130442c1a0a3dc7d73e7a4e379203b60fa7adc8f1ed5fa58991cd96a563584eb583e2cd9652a48180f9ef745076a99f93b545d6f1e3e480fe98eba1b4d4199656004f6d772224ea492efa26534394694ec0fa6f3e7e1f79cb65c01e75bfdd57d12bf7d21fe4c0752bb80a66478cfe8f2a34f35732cf64062b39ecf547f3a82f8e5ea6229f1ea9f881e62a3b34d4790ec5075edee9a641e0b6a90cdbee7c11714faefc56307bf5b5f6947914cc825c290176b9e9bfbe4c780313d6712de456acd8ca28cf4050121ab066cddf26feb66f5d0e1d14ed69232cefc0b00f3bb0169f0340eac97888a9362e4cf0373c4761cc6d4b3ad9efaefb9e4b9f2220b8552659706989871a79327033e21a167b11c26e3a7329a64ee6e19efc6515c950fb53a691a4d830ce34a9c884a0873f8d8f805c0614c345cabcbbdc8c7ab5d04b61323184d4df7f80895045673bf010f7fec74f2a0023f21937102a520e9bb3c9e954f35755cb9d3b3aac753c1c912344af78fe04d6326eb713a72d62209dd5f8a80464cc42f883387c9f3bf494e1c39f68ffc6d109338c4c79b1760577a437bf910d020ad04a57d0a937ac02db5c13aff461d91ee4a4503139d6168c91acb8ed96d28051d6d9bc884c390defb3f4d6b89f9784f7b98fc684a27c704787bd406cf030af542cbba820bdfcd6ec248adeff3e5e1de7b1f80e91c5c91dec25f2a6a3b38e56a51a86f6b849a8db3f5ccd12aaff4ff1a01fc0303d67e308781e52af6b0b7caa98f7a03ce5bc430d1023f651dcd7b767f45450b9f15ff36e8e2b7a217fdf2a7249df8e2f22f80ddfccecbc2fe970f19e773a51f4c82c5ae864d9cc7cd3a52cf87f7e3c4e0c46fef768cc5cc355cdaf64ab051ebd8a8ad0260709a346869cfe2e81f7a3d8b15ba528275194fe4ca237981a1219ea772d0d9dd4d036a697a90f45c71066aabe6153faa4ff9e078b53fa5bc3054f88c5e0230301c2e9d1d38d4c330506c6b43501bef1de9707e435dc260cc5552e1c7bec525447dca94cda60cf25d39dec1ee53e9b0e6661c2e224e60f05a6b2fba55e629eb38ff900794b10bfadccd408288a877bbfb2653acf290fec8fdd5f0446a504c1bbef05cdeaf6f19c28cbc8ef10904f82936f35fd89ae217ad9a8b60c8d9618d922cdd0332211e376bab8ef1dc942aa8611bb7e52b678e1ab87bd84a97dde2e96496eff1d74850fca61f7f0c16c6e0a9c8eda7ef0379e9613577ba9148b24ede5eb5c7e85adceb97431097335ecf2244364d69e3930c616f8f433554d6cf9819a73c76274c9d4e12ea55ee83955fb128fd1de8ba60940b357e0e04751a18e927ab372556f2fa2f63e714c8b511947657dd7ec3f11226c6cf08c4a30f24fbdd866890b2846f9399048b5ca27903f072a288896b490761aa9800"}) syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04140609852c20d700"], 0x9) syz_emit_vhci(&(0x7f0000000480)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x24}, "b8f73b30ccfca2b1c866a79dec0cf06646e2d3b92efb55758af326060015e7ca0edaf8f0"}, 0x28) syz_emit_vhci(&(0x7f0000000500)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xb2}, @l2cap_cid_signaling={{0xae}, [@l2cap_move_chan_cfm_rsp={{0x11, 0x7f, 0x2}, {0x6}}, @l2cap_disconn_rsp={{0x7, 0xa4, 0x4}, {0x6, 0x3}}, @l2cap_conn_req={{0x2, 0x40, 0x4}, {0x2, 0x3}}, @l2cap_conf_rsp={{0x5, 0x9, 0x18}, {0x0, 0xfffa, 0x3, [@l2cap_conf_efs={0x6, 0x10, {0x53, 0x1, 0x6, 0x1, 0x5ee, 0x80}}]}}, @l2cap_move_chan_req={{0xe, 0x40, 0x3}, {0x2, 0xfd}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}, {0xaadf}}, @l2cap_conf_req={{0x4, 0x7, 0x3f}, {0x8, 0x1, [@l2cap_conf_rfc={0x4, 0x9, {0x3, 0x3f, 0x7, 0x2, 0xff, 0x8}}, @l2cap_conf_ews={0x7, 0x2, 0xf4d}, @l2cap_conf_efs={0x6, 0x10, {0x1, 0x2, 0x6, 0x1, 0x6, 0x6}}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_flushto={0x2, 0x2}, @l2cap_conf_flushto={0x2, 0x2, 0x6}, @l2cap_conf_ews={0x7, 0x2}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x81, 0x5, 0x20, 0x3f, 0x8001}}]}}, @l2cap_conf_req={{0x4, 0x40, 0x28}, {0xffc0, 0x0, [@l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x2, 0x2, 0x7, 0x0, 0x1f}}, @l2cap_conf_mtu={0x1, 0x2, 0x1}, @l2cap_conf_efs={0x6, 0x10, {0x58, 0x0, 0x2, 0xffffffff, 0x0, 0x4}}]}}]}}, 0xb7) syz_emit_vhci(&(0x7f00000004c0)=@HCI_VENDOR_PKT, 0x2) 17:20:55 executing program 3: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x7ffff000) 17:20:55 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0xfffffffffffffdef) 17:20:55 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0xd, 0x0) 17:20:55 executing program 1: syz_emit_vhci(0x0, 0x4f) 17:20:56 executing program 3: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0xfffffdef) 17:20:56 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0xffffffffffffffff) 17:20:56 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0xe, 0x0) 17:20:56 executing program 1: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nvram\x00', 0x101800, 0x0) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000040)) ioctl$KDGKBENT(0xffffffffffffffff, 0x4b46, &(0x7f0000000080)={0x5, 0x1}) syz_emit_vhci(0x0, 0x0) 17:20:56 executing program 3: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0xfffffffffffffdef) 17:20:56 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_request={{0x31, 0x6}, {@none}}}, 0x9) 17:20:56 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x10, 0x0) 17:20:56 executing program 1: pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x80000) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9, 0x1, 'cake\x00'}, {0x18, 0x2, [@TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x800}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x1}]}}]}, 0x48}}, 0x0) sendmsg$ETHTOOL_MSG_DEBUG_GET(r0, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x68, 0x0, 0x8, 0x70bd2b, 0x25dfdbfb, {}, [@HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x20000000}, 0x2000c080) syz_emit_vhci(0x0, 0x0) 17:20:57 executing program 3: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0xffffffffffffffff) 17:20:57 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x11, 0x0) 17:20:57 executing program 2: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xa9, 0x3, &(0x7f0000000040)=0x1) syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="0417ec00aabaaa0200000000000000e3f20c52bcbe9743a4fba918144bdf353ac2e3e472076bb55faa1163c6539990021ed76d6b044f9c5e3864980326ea640a4133c0e446cae7422e51f53123a6d0958daee002adfe0300000000000078d2e379b62ca117ff7e1c6d90d5f8f8a0511c6d0d56561b78e3ddfd970000"], 0x9) 17:20:57 executing program 3: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{}, {0x0, [{@any, 0x4, 0x20, "2cee9a", 0x6, 0xfa}, {@any, 0x40, 0x4, "41f088", 0x23, 0x3}, {@fixed={[], 0x10}, 0xe, 0x2, "09a733", 0x8000, 0xe0}, {@fixed={[], 0x11}, 0x5, 0x6, "fc4ac9", 0x800, 0x20}, {@any, 0x3, 0x80, '\x00\"\f', 0xfff, 0x9}, {@any, 0x1, 0x1, "e92ef8", 0x20, 0x5e}, {@none, 0x1, 0x9, "838de1", 0x20}]}}}, 0x50) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_keypress_notify={{0x3c, 0x7}, {@fixed={[], 0x12}, 0x4}}}, 0xa) 17:20:57 executing program 1: syz_emit_vhci(0x0, 0x0) syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x87}, "0f6bd1620cfe91b45f1771e42efcaeac6cd59f923cd3247de4195e832d1fc547d19f500ce5c819375b0eb7e498bace7828e87d673d66651907a69c0953c43b5fc73708082c1cbdb8ee32bae435b745643ab710d9a99033470dfacc08e85630a670f6ad3a1dfe24d8ac9dbbed04df9ab5609973bc3e954d0094d0b519255fd499f6f521c4892801"}, 0x8b) syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="04040aff42e6df000000786f0296e4c4a3d7bcbcfcfa71b2ace4f723316f4f4003503f080567ed053cf125c7d0cc66ca4a517143481debabf2e35c1a085aefb04f26c7a520c1367b178737aaeec644bebe2d66d5d61dc0b72b1de72ff87d8004739af7cbe9e50125a5eef452822d8ab431f317396030e518854d0bd30fa077b0"], 0xd) syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xcb}, "199b30fc7b6e88bd1267345801c518de6fefe8e4734e9a995b63e054691d9a2856e4126cef08505e48852d94570a0690e0a35809599be6a19fc12b5cd1b327a5bc6f2f5bf1883ee949f39859f157cead8f9a2eb04ce5b4d3f499f342e385113a8b714282971914251f590ce99009f8ced04912f2b64c875c2bcb41feea95a78eb9f5c8b56e236391a020be5921910f449d41dee82f3dfd518c5e7e284fe9e705bb9f9dd2d99d6f76dce86eb9652476ad1e1763f84de9a1d53701f808caa94824b0518c81f24a0720ea0522"}, 0xcf) 17:20:57 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x12, 0x0) 17:20:57 executing program 2: syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xef}, "562cd11d28bff0cb842fae528706041f8c9ca45935409c70181ace64c2a57b704a667a5b4a79e5996f6f557c34823394321791a5aa59ebb19f9e73a2256e54c159eefa46e894e3482bac25bdeedf785490c082a561a926acf1040f91faa848957c4500aa01bb6130b88d3676f4b1d3b6a8a679d6ef887ef9aa28212a1aabe933b1df8d548be666bd49a0c15c8e02cb9f71c1102809e517d10617d7196c81fb3dea1782762de063a5620a7be00948ee4fe75befcd9b004074df6e3e2b2792ed36e4ddd699d12511e4c02ce3a7dadb086f90284be8e0a987f94459a6d1c4a12e0f134d08516a77236c3a5ba964799c48"}, 0xf3) syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1, 0xc9}, @l2cap_cid_signaling={{0xc5}, [@l2cap_info_rsp={{0xb, 0x7, 0x3a}, {0x6, 0x7fff, "4d4f7b62e5c23886a412827a6382db6f33a205c7d7dd7806f09e09a612a236171f84b6af9d3094054a582f3bf325b6dddd3475721b5a"}}, @l2cap_move_chan_req={{0xe, 0xff, 0x3}, {0x1, 0x1f}}, @l2cap_conf_rsp={{0x5, 0x7, 0x6c}, {0x2, 0x100, 0x7, [@l2cap_conf_efs={0x6, 0x10, {0xc2, 0x2, 0x8, 0x6, 0x3f, 0x7ff}}, @l2cap_conf_mtu={0x1, 0x2, 0x2}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0xc0, 0x1, 0x7, 0x67, 0xffff}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0xa3, 0x45, 0x8, 0xfffd, 0x2}}, @l2cap_conf_ews={0x7, 0x2, 0x5}, @l2cap_conf_efs={0x6, 0x10, {0x1, 0x2, 0x7f, 0xffffffff, 0x0, 0x59}}, @l2cap_conf_efs={0x6, 0x10, {0x5, 0x3, 0x3ff, 0x10000000, 0x0, 0xffff0000}}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x5c, 0xd0, 0x3, 0x6, 0xfe}}, @l2cap_conf_ews={0x7, 0x2, 0x1}]}}, @l2cap_disconn_rsp={{0x7, 0x7f, 0x4}, {0xff, 0x1000}}, @l2cap_conn_req={{0x2, 0x3, 0x4}, {0xa621, 0x8}}]}}, 0xce) 17:20:58 executing program 1: syz_emit_vhci(0x0, 0x0) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_version={{0xc, 0x8}, {0x81, 0xc9, 0x16, 0x1}}}, 0xb) 17:20:58 executing program 3: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_reply={{0x32, 0x9}, {@any, 0x1, 0x1, 0x7}}}, 0xc) syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0x54}, @l2cap_cid_signaling={{0x50}, [@l2cap_conf_req={{0x4, 0x1f, 0x10}, {0xc620, 0x80, [@l2cap_conf_flushto={0x2, 0x2, 0x3}, @l2cap_conf_ews={0x7, 0x2, 0x103}, @l2cap_conf_ews={0x7, 0x2, 0xfff9}]}}, @l2cap_cmd_rej_unk={{0x1, 0x1, 0x2}, {0x8}}, @l2cap_conf_rsp={{0x5, 0x1, 0x2a}, {0x294, 0x6, 0x3, [@l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_flushto={0x2, 0x2, 0x2}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x4, 0x0, 0x8000, 0xffff, 0x6}}, @l2cap_conf_efs={0x6, 0x10, {0x3, 0x1, 0x8, 0x3, 0x80, 0x2d6}}]}}, @l2cap_disconn_req={{0x6, 0xb1, 0x4}, {0x7, 0x401}}]}}, 0x59) 17:20:58 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x18, 0x0) 17:20:58 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) 17:20:58 executing program 1: syz_emit_vhci(0x0, 0x0) syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x0, 0xaf}, @l2cap_cid_signaling={{0xab}, [@l2cap_info_rsp={{0xb, 0x4, 0xa7}, {0x101, 0x0, "fbaeb58b05758393e7319a9a50499831215c06bfae4202f2287a75fe5a876d86040cc9f5404cc9e54ac206845606beba02ccfd0fb72d7ec4d519f50de7fe7bf65d635dfae76e0082cf53ec441ee2a1fb94689ab65fb68b7ead83cbe20c7e999d409dd61d072b9bc6bebec5ed2b5373539d047c2c2836b3b94939be109c0837593f15be567a4cf15ffb0587c394ad95a53760cb75e8fdca54e3b04f7dd9d799e4d068be"}}]}}, 0xb4) syz_emit_vhci(&(0x7f00000000c0)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2) syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x7, 0xc9, 0x7}}}, 0x8) 17:20:58 executing program 3: syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x5b, 0xc9, 0x18}}}, 0x7) 17:20:58 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x25, 0x0) 17:20:58 executing program 2: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9, 0x1, 'cake\x00'}, {0x18, 0x2, [@TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x800}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x1}]}}]}, 0x48}}, 0x0) sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x58, 0x0, 0x4, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x40}, @BATADV_ATTR_ORIG_ADDRESS={0xa}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x2}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x10000}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x20}]}, 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x20000004) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="02c8d80265800a0006000500013f02007f00"], 0xf) syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="04131d09c8000800c9008a0dc800015901030000000400"/32, @ANYRES16], 0x20) 17:20:58 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) write$snddsp(r0, &(0x7f0000000040)="eb278e455d2e5b0585ea0ac433f24481a7931c392a1be6f7bde91e62a8f2927d5edb646417c98271948d17e5c7a0d6e5f319a2f39d3343fe8367dd0b2f7616e92c699ec098d4cf22b11596953a0ca08f289c511ef2d773f3a7a892f6474713fc5f1e", 0x62) syz_emit_vhci(0x0, 0xffffffffffffff59) syz_emit_vhci(&(0x7f00000002c0)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xaa}, "8a8e151beb965f589cbe63a74ee39f1d1b028fa1726b7eabeb542f1278557cf11a67dbb3004f442641d6082d0766feba3ce83234ac4ba27052350b0f1ac8573ec1565eee2d0cd54320dee01c58b7808b1f95a5449c999d49035f433b76925049ce976ac6f038bd37e22072dd585fcc262a52bfb36add18813857de15489a458c7af01c5696e05280932d6146c7142fad17c045461fc03a7e9e0fd7193a7838c10d25d4dd699c7adadd85"}, 0xae) syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0xc, 0x0, &(0x7f00000000c0)=[@free_buffer], 0xcc, 0x0, &(0x7f0000000100)="f5ed8653ff90812a17a1ea3856c3924517855af1b5c8e564e387a3697c0de9e0530f454ea7333f3910341041ef79ffd9c1315b5dde2fc3ba94c65eddd7b5a08835d1e9d9043dafb57423bc9ac864d8562c3195924fd484b9e21cb5ca474e298346c51b20c4d0ac88b9080f3d8253e12fe4416c804d2cddcda99df31b49fb81d0d7c0ac450dc49f3336e0d1f260d9bf0a7264278565ca32c3ed31d291c6babe77d686dd577b38f363261c2a64bf416e71ff78e27d5ee48d7001d6121aa3cef7f42774488062f1207e253bfffa"}) 17:20:58 executing program 3: syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0417ce8617622fb6aa"], 0x9) syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x1000}, "42fac9fe35eec9af085b1e33285380c07af3b6b696aca33eaedc5b58b4cb2bc4a8203ed3ce11da23bdbb952d99f2747049af3ecb9e7e7cdb795f0725ada449130e87eff3e4cbf6115d21b0ab8f5117f71e6bc262a432d3df688d845167e19dc67a8c37cd44e095fc8b42ee3f4d768cd5afd63b12df63b26f0958c2f1304d3419c231a32a721817c1766bed19c9f47fbf519a158b2c6faf453330835d86d1d49eeb6f10ad6327c22565eda6993cae2a895e48e770d618eeaf91d330928f3e5745f67088892932d9865333b5bc3a7a7d1bb8ac25fdd45f9c9f845b1b9131c61530523774784bd79c9bcefb0500b6247bac5ad12f00bc13a3a8e80627588df9a33fa4b90906fdc8604af5194a6d2952a7286d25422372aad34249c6277a2c3276be4e15e8f8428ee81c51509ed94abaf5302f0c0f96de0fca707b26f4e6c2fc208ca06a54c36e061a74ad4b31381489430bcde9212b6a1d2569df11c7269e4eae5c3279ceceb7784603f66310e723fe9a234287cc7a89ed1916c47c2ca50db51541376a46038808a101363d7de6a0caf81cacaf01b27a2a76b8a4d94d23d46e2b791065468df65a1af3d5c74310c942a42d6e0be80b1217c299bf307b71fe6af21333b776318f7ae1c882f246b07d87d11e065008a45522e345f6569c91f2214729883d73c5c016ac914a85d83b4629d5841ef39c2129e6354fde13e8d413943709f32555717320fa2aeda299c685676e144b44b4435526fd7b836b2f74615e5dc41022a17441460dd430bc96e702bde834c943d3dffd8c7f04b2265adb9e8bf4db4a4e90b72a8382f9276a19f3d4319f5c747421fab3b02a11dec911939e90af850596e7571933cd2dc4fe45f07a1f0f2850e92f647a5bb6f5e051bbc4b24fc34244815a9a8b6310d6d15aa9c59881265ef07636e48105e41a603e622b8aeadd07a39ca2e57e713bd4d95484dc75eb6649e4d2c8ebbfc93982805918abf266081fbaa6d82deba7144ddbae70c8e78b40a1ea6fca569542eaea2144e477feb2a09350a97a7abd6ce459b1e36f658572e198c39dc89f346f5ce0c2cde25e0d1bc8c0f32fa1ff48eb0c9a3c85ac24823e1e9551db952b8a61cf8cfe1d352905ddad6584d3cdde752fac51af392869eede7a1670351f75d4dde591304c4dc7ae17ee3a6c3dbb1eb699274d00b82610ff19374ead794e4dcacd2c6bff4ec3a6ed787044167e7a1fc314fb202b29363ae545b91dab48ba5902ed7616f4eb787122f1dd5e3e39e172f2637708467f2b067fa87ff24f541739aa55d48cfdc5406cc2b80dc6c94539a5ea9c799265927677b5cef5abf0c5c70c03a4da1be6a17b232a234898c3b2a1806306cd30e590413caa8c8a4ba68620611a04bdd9ca08547d7efccc770c3172535f364320279f2b8541f6ce4d43525cf4a533248833fe0744d4b1ebf1fe0a2bbef94e6231a706deaba1b14837cbdb3ab3160a85cccbb8f6ab8f7451524dc80d25a66b2a517e44ceb2b0d6fbb3b58d7823015875a3a74bcb1a8b36080254e4fbdf8c806f2f17088893f1839b0c2e085ee404ece90561e88c3aa537232b7402ebc16dc5f8190e9915490e5b8dbc88cbc1d045c08f7f8b5a9d9899430aca3f4cbcfb9f0fc2a6d28bd37b2f0b25a7a11118defe72672a2ea15aca927383c940e00b41bd2c4ffbf616b8159d6215823aea40ec5515ae585b772514086454fb42d71ce13fd0d19f192b91f6423a4c9882f3171cdb1afcad82a155f38b6dcfcecc0121acc52adb8e3373ceecfea45abcee4216f4584351a45f8acbb66f1ffd72eae538da65e108feddb7da7d2f3afacfc4c6f5ea8733d1e38bbfb1d012aad002dda409255a2a58617a3b81dd36cf163cc1181ea26890554c9663bccd64516a4c5d3007358fe5b2268717b1518c6dcecba01c83304fe86032fdf96795aeba448e3bcf07a7d01186258a0e0c0f78c3cc7407092e75233d51f63744c31a26bbc1128f56aa3700f2123fb8b3c48c77135a7b005fc190d885a1f2f3205282931d4591e45c2fcf7825c067e254b25ae3c9c231438f2dd50fe9984f4ababda68d0ea62c00b50903005135d98192b20b5ac181ff43fc311ecfb5e7c68b929db4e720988ad263660a7f5222432caea7d49b0b5f1e22e43bcb029ab7d85474e090a50c6a230227e70190d2d6b737d502808464caee37b1f13c7e40fdeea058db05a077d3be82664659f15463b773ccfc5b5d9cf57789fe06232a18042269cfb8ffd90247226d346b7dd9acb17debc2e8fdc3339fae9fb924ac68b46de5248f5b8502785fccd6cbda7c7fb2190738dca50947f7f10f6a76831db155dd51dd81b99c84c9161a3c142fd4e04e8fd03b06f774f1226e779f0879ab8f7596b98a83ce50c27f16ae5ffb3f4d1048b5b8fb7bb444052e2a7399434134bb612b21506e8f579107f536332e519b9a0703a7e85f03cb021aca2ff8c2854fc490d0c1341e2a4b4e648bc14bfff7d12e915cba515f0eccc00cc8399beb42657ce77c51e5867839481fd5a0ff2e25f8f85295aeef0d897df2bb8ea40e43143d163f2a312e5dea0ae4d8600cc65493310d50e01719324f1e3fec1055b199822173ee02e658c9bf88c82d6ac279ababcb4e05a7379637bbb6a334bf35658328c4c12a511007b678571dc1a58993d8948a8e71b24b9dff0c8ac0fd482493cbb662b05095a4c7e9adb7b318facfb3739bde4809b6588c5e5eef6c9a05d7325bb69765369a2533f7d35cc55b6fcba7a63d0990429c1dd03cd45bbd904bb6cae22c8e35717ab2b2621162fe49bd6643a0ea11454187b62f5d7e071b5e7cfc4062a475d8ecfe3aebab792986c32c5a85a2f98641d6cf8875f8aaa25fa8df8b200c90d056d08450dba4e1a1ea059dac96cababb8a3c4f5ea697e05c030a50182f2c0335e291a1e068acb3178b99e78f5a1746148e4c18abc4e06844cb66d8a309f77362e7f5176caab6e7363fd876e3b918a4027496312e94009d5b93284c8da6b476ae6505defbac76c761c20d58c25d4c84b99797e188e60936fdbce8b0dd3b851413cb8b5f52a37804ac0293bbca8ad924a7b714070970c4450b53a98f83ceba97c6f64d2b2028455e38f2b3bd730b9ed8904316b386e71bf5978f640a0e85cc53a6bdfe28c1ac2bc2d6d31d5d2181a55fab414f78b28f576b585aef5928dcc6be9b6723936537e9f902d13178b8116f3684c367bc3941e21f6a4cf53acc62ff4d89fcd78f5a0c43486c2276573e875f5aa0180b897fcb8fe8e7cf147936efd8ff751db65ea0cd35ef7163f940844781c79e3ce538893f6c78b53155c8df51e0660ba55e0e4ccaee2cb6a8572723a301c9a2f443af68ccb883a742071212cefb7d21eaf1e716b40c3ae57b68c84bbbccac6f00fbb3cd0935f3ba1c51b26605718a9bf8c1c90fe5d0141bd51cf47631ceb72164aca27884f397449913e96d640dfb9895b9fa60d2304c0d38be6b092f7985e5cc9d85c157e4fc016db1e922f634629aba9427bb3c6073125934ee9de71a56e1176f49c6c0b8b682d31b41f0ed37070ffcd6f33f9c3c0f1f7054bf0d9c78a507a51e7c20c496d9659cd709ab14c8079bbb5e8def31143ee5c6bbc1e2729f08decc98f56096e09f06fd6d2c2120b3ee8f1193be3be2ddf1e6308d7abdd7dae944b7a46d8efd4b3c0bcfdff680e6ebf6a08a3a202435b896ff795eb04e824b66a8e174e7844574918c5f87e2473033d11f7278938a0dad596dace0b3a8dd88b6085e3a508dae95683ef0cb81f878bf018f01a1dc1c7abc4c7e5304e10d7d4c8618e8116d8df04d15e081adc0fd6ea5309e167c184c2f6b29d61c0ff7a285090f6f2ec7e88e60708cdf36844c12bda627ebeaaa9931371f45bf0fc574466e7bedfa329b1d0dc5735d2ffb09122923fb2d226d76c2ed3fc565b9168fe6cbca12dfbf2303e06403e14863c800d88dc7333e9b54d13ea46522cecb195a4a1549ed584bb26ee4750b26abcd4ad0ca46aec645c5ddf45aa28c59b772235a8faec7805e2fdf8a454e934e354cd689b65684957651684b09a477f64e0d3d489807f01d70ba07467461065523e2f4b42b124dd0d4628071cff3c88de1b302b6c669a78ad4ea2bfbf85f19f59429812617a380dcfed3bebcda1ec29d07cc373050c87a405d3e74392b1b88f3727ed41ce332ede4572b77f75e387c1d04be37a9d163fe374724e2c6e5e405b2136bdd2e22c59d022afa6016de9c9a9b560748ffcf07de691528e79e78a2662bd96110c22b79b7f816e6bbfbab03ded98f334cef7f43f7da1d92ce0fef47e0d609fecdfffc4bd9c5aa75791d64b29550ef8021340907064d180a39d992968862233b7d027c4149ac8712e0d92a21d57e390402386eb16105a75d3526ba1b5b42db8b8e644b7ce6cf8f5b06d2cae18aa26ea6a1959652cf299c1b70e56bcd3a505ceae446f4accff8b92b189436a576453aea9db6969db256aea0fb76d265d46793de212fd8e71d961ae67ee937db3c0bdbc5b7fce3ee7d6a21b6782b4ad769ffa8d7ab2db136b370e0e778955e60d41ff2ebdd846a667e538d38a05e7ba3ad0daa64461af10197d057b99d7551f2925e1fbf4c91d7ff4e540a8834b1a48c3203d946d2c9f747c7dff916c9c3baf35fb2aa2d65f2cfa9c53d11fff829899c51f3b911e10cedeee82778340ee75c1eb309ac260ec4a18154e835d93c61acc522212f25046d46c6ad2e3903b5d30acab5ce213201f149ebbc37a6baaefee6ef9432ae340d146191ac8f2814d3f714fae0c0fcf11b7530158fc68eb35ee637cec2d30536a779225e860dc4f0ecae89d1ef091b75442e5b3e9a28446b9afd0941cc211385ba67fd4563f81b8b9556185ebf8cd9b639b0de9f677cc5f970c337ca2a7258b14f6d536883f3bc890181d0c1ceb70ce61f4335a253232be72eedf764b5f701e7a00897b83652b60eaa6f5143318ec0ad1b0c83988b6cbb82b596d56be72787a1e6633458db4c27c9440ecf672a39cf117722917287241e6e50f5df43e6d2317f4a4925bc8e1c6988f6576105ba55b1f1bab270ec25304c5afbf3cc61d1c6758a5430893e847ee295ef1bfe476079287724d3752530c35720a12e7571f68f2f32f52c6a00e4d31d62b65a01c4c92466fa248d58596bca21f624c33ff4d0eabec9f117c009db393b07d0c299cc1eb253276bb08129ab9f18feca7f44123313459978c170a4ea213a2444c41edfc0052616bd28195e4a0b5551b2507173a19a18681b842dc46ef6d7cccc3aa5c26d9818f947e6c02291200f2c6e6d4f0b122aa2f12c13f0059a0c4e447c64936eaaf0e19f9e36a6490fe4f3b2847cd525aac56de2dcf3f3a12ea652396cec711276c3ec3e9dca51b2c3fc039ff58fe63966d3107b3f285944e2670c9703ae55b362d9bd0e04b5afa3101c5509e672fa0e1364baf70babb308bd7de9e9d04ce65ebff086c11b2c2fd7938e07174793a7304b3abffb401c1b3c052ada20e45c21d523a0bc9524c4d6303ef5d2168c3ff652b883354707127b4181e4ff30dd80e1f2fe7d10cd8d929915f2101278687d88bced4dd75795b1772e58e4a3cdd1d44af9e05446468ac1ac2cdb91dce9222bb4b3126f3a342a1fbac5ed72202948c64a52339d8c33de4c9abc8bfda936b30309689673cfc072694446305611fbdbf83e3f152d9fe72088518a2dde78e84186a65f8fbd759c079b7c0a422a7089089cda94b2847ba793bb935a1df49fc3fda4b79c84cf743bacf032d5a67f850521c551b4f173b930bf74cbad"}, 0x1004) 17:20:59 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x2f, 0x0) [ 213.451070][ T8239] Bluetooth: hci2: ACL packet for unknown connection handle 2248 17:20:59 executing program 1: r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCGETD(r0, 0x5420, &(0x7f0000000000)) ioctl$KDGETLED(r0, 0x4b31, &(0x7f0000000080)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x1c989000) setsockopt$inet6_MRT6_ADD_MFC(r1, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x4e20, 0x4, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x3ff}, {0xa, 0x4e24, 0x88, @rand_addr=' \x01\x00'}, 0x0, [0x7fff, 0x6, 0x6, 0x3, 0x2, 0x6, 0x1, 0x10000]}, 0x5c) syz_emit_vhci(0x0, 0x0) [ 213.517342][ T8239] Bluetooth: hci2: ACL packet for unknown connection handle 2248 17:20:59 executing program 2: syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040400000000000000"], 0x9) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x7c, 0xc9}}}, 0x6) syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2) 17:20:59 executing program 3: syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x0, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x1, 0xa}, {0x1f, 0xffff, 0x8f54, 0x7, 0x4}}}}, 0x17) syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2) syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x2, 0x157}, @l2cap_cid_signaling={{0x153}, [@l2cap_info_rsp={{0xb, 0x28, 0x9a}, {0x2, 0xfff9, "8a5f7716710a6eba9cd96b7702e2656323bb8eec9280a3b1653b68fc571562627f9bad81bc1e5bb70f470a08a2a43e3622912def64ab9beced963a970f22f41006194747dbd2ccd0e9a11d1d69e145a5ab0049260186d20f80d13a76a8010dbf72713dc5f90a8f3f47c5ce79b9974cbff410e4b44885083e6df78108bc75f2412fece823ebd4881626b0c519ecc698a151d955bd08ce"}}, @l2cap_create_chan_req={{0xc, 0x40, 0x5}, {0x7fff, 0x8, 0x1f}}, @l2cap_conn_rsp={{0x3, 0x3f, 0x8}, {0x8038, 0xfc01, 0x1, 0x800}}, @l2cap_info_req={{0xa, 0x3f, 0x2}, {0x2}}, @l2cap_move_chan_cfm={{0x10, 0x2, 0x4}, {0x7ff, 0x2}}, @l2cap_info_rsp={{0xb, 0x6, 0x8e}, {0x7fff, 0x8, "af11438d3dfe05ae3320694ca9c78d2d7c122cc140d55eaa55ff2a247f7f5aa93e97ec772366a3c37bbf2974e259aaa3299df194992b2638660edfecf6351efa37b5ffd88ee936aa5b721638131f03e71303910c012a6e2b2ed8a7eaa9ff6af6e6ad4125c4bf004c84f581ad73a8049c7c6e16eb1f1376fdb9ea70df36c7488a64f1a881322e9fb2bd0b"}}]}}, 0x15c) 17:20:59 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x5c, 0x0) 17:20:59 executing program 1: syz_emit_vhci(0x0, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0020000044365c13c5294eb7992a24a9250000000000"], 0xd) [ 214.051616][ T8239] ===================================================== [ 214.058608][ T8239] BUG: KMSAN: uninit-value in hci_event_packet+0xf7bb/0x39e50 [ 214.066104][ T8239] CPU: 0 PID: 8239 Comm: kworker/u5:2 Not tainted 5.11.0-rc7-syzkaller #0 [ 214.074632][ T8239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 214.084699][ T8239] Workqueue: hci2 hci_rx_work [ 214.089413][ T8239] Call Trace: [ 214.092698][ T8239] dump_stack+0x21c/0x280 [ 214.097051][ T8239] kmsan_report+0xfb/0x1e0 [ 214.101490][ T8239] __msan_warning+0x5f/0xa0 [ 214.106016][ T8239] hci_event_packet+0xf7bb/0x39e50 [ 214.111164][ T8239] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 214.116994][ T8239] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 214.123090][ T8239] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 214.128921][ T8239] ? kmsan_get_metadata+0x116/0x180 [ 214.134147][ T8239] ? kmsan_get_metadata+0x116/0x180 [ 214.139390][ T8239] hci_rx_work+0x744/0xcf0 [ 214.143835][ T8239] ? hci_alloc_dev+0x28d0/0x28d0 [ 214.148791][ T8239] process_one_work+0x1219/0x1fe0 [ 214.153860][ T8239] worker_thread+0x10ec/0x2340 [ 214.158663][ T8239] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 214.164511][ T8239] ? kmsan_get_metadata+0x116/0x180 [ 214.169751][ T8239] kthread+0x521/0x560 [ 214.173852][ T8239] ? process_one_work+0x1fe0/0x1fe0 [ 214.179074][ T8239] ? kthread_blkcg+0x110/0x110 [ 214.183862][ T8239] ret_from_fork+0x1f/0x30 [ 214.188322][ T8239] [ 214.190647][ T8239] Uninit was created at: [ 214.194879][ T8239] kmsan_internal_poison_shadow+0x5c/0xf0 [ 214.200626][ T8239] kmsan_slab_alloc+0x8d/0xe0 [ 214.205322][ T8239] __kmalloc_node_track_caller+0xa37/0x1430 [ 214.211231][ T8239] __alloc_skb+0x2f8/0xb30 [ 214.215669][ T8239] vhci_write+0x18a/0x880 [ 214.220014][ T8239] vfs_write+0x1083/0x1b00 [ 214.224460][ T8239] ksys_write+0x275/0x500 [ 214.228899][ T8239] __se_sys_write+0x92/0xb0 [ 214.233419][ T8239] __x64_sys_write+0x4a/0x70 [ 214.238030][ T8239] do_syscall_64+0x9f/0x140 [ 214.242553][ T8239] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 214.248474][ T8239] ===================================================== [ 214.255425][ T8239] Disabling lock debugging due to kernel taint [ 214.266901][ T8239] ===================================================== [ 214.273944][ T8239] BUG: KMSAN: uninit-value in hci_event_packet+0x18669/0x39e50 [ 214.281533][ T8239] CPU: 0 PID: 8239 Comm: kworker/u5:2 Tainted: G B 5.11.0-rc7-syzkaller #0 [ 214.291536][ T8239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 214.301608][ T8239] Workqueue: hci2 hci_rx_work [ 214.306405][ T8239] Call Trace: [ 214.309701][ T8239] dump_stack+0x21c/0x280 [ 214.314061][ T8239] kmsan_report+0xfb/0x1e0 [ 214.318507][ T8239] __msan_warning+0x5f/0xa0 [ 214.323038][ T8239] hci_event_packet+0x18669/0x39e50 [ 214.328279][ T8239] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 214.334146][ T8239] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 214.340259][ T8239] ? kmsan_get_metadata+0x116/0x180 [ 214.345490][ T8239] hci_rx_work+0x744/0xcf0 [ 214.349937][ T8239] ? hci_alloc_dev+0x28d0/0x28d0 [ 214.355169][ T8239] process_one_work+0x1219/0x1fe0 [ 214.360256][ T8239] worker_thread+0x10ec/0x2340 [ 214.365090][ T8239] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 214.370954][ T8239] ? kmsan_get_metadata+0x116/0x180 [ 214.376194][ T8239] kthread+0x521/0x560 [ 214.380296][ T8239] ? process_one_work+0x1fe0/0x1fe0 [ 214.385718][ T8239] ? kthread_blkcg+0x110/0x110 [ 214.390505][ T8239] ret_from_fork+0x1f/0x30 [ 214.394945][ T8239] [ 214.397268][ T8239] Uninit was created at: [ 214.401537][ T8239] kmsan_internal_poison_shadow+0x5c/0xf0 [ 214.407370][ T8239] kmsan_slab_alloc+0x8d/0xe0 [ 214.412067][ T8239] __kmalloc_node_track_caller+0xa37/0x1430 [ 214.418068][ T8239] __alloc_skb+0x2f8/0xb30 [ 214.422510][ T8239] vhci_write+0x18a/0x880 [ 214.426853][ T8239] vfs_write+0x1083/0x1b00 [ 214.431283][ T8239] ksys_write+0x275/0x500 [ 214.435626][ T8239] __se_sys_write+0x92/0xb0 [ 214.440156][ T8239] __x64_sys_write+0x4a/0x70 [ 214.444767][ T8239] do_syscall_64+0x9f/0x140 [ 214.449287][ T8239] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 214.455214][ T8239] ===================================================== [ 214.464362][ T8239] ===================================================== [ 214.471334][ T8239] BUG: KMSAN: uninit-value in hci_event_packet+0x18669/0x39e50 [ 214.479303][ T8239] CPU: 0 PID: 8239 Comm: kworker/u5:2 Tainted: G B 5.11.0-rc7-syzkaller #0 [ 214.489489][ T8239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 214.501120][ T8239] Workqueue: hci2 hci_rx_work [ 214.505837][ T8239] Call Trace: [ 214.509127][ T8239] dump_stack+0x21c/0x280 [ 214.513585][ T8239] kmsan_report+0xfb/0x1e0 [ 214.518040][ T8239] __msan_warning+0x5f/0xa0 [ 214.523184][ T8239] hci_event_packet+0x18669/0x39e50 [ 214.528445][ T8239] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 214.534287][ T8239] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 214.541120][ T8239] ? kmsan_get_metadata+0x116/0x180 [ 214.546372][ T8239] hci_rx_work+0x744/0xcf0 [ 214.550937][ T8239] ? hci_alloc_dev+0x28d0/0x28d0 [ 214.556253][ T8239] process_one_work+0x1219/0x1fe0 [ 214.561332][ T8239] worker_thread+0x10ec/0x2340 [ 214.566126][ T8239] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 214.571990][ T8239] ? kmsan_get_metadata+0x116/0x180 [ 214.577323][ T8239] kthread+0x521/0x560 [ 214.581422][ T8239] ? process_one_work+0x1fe0/0x1fe0 [ 214.586735][ T8239] ? kthread_blkcg+0x110/0x110 [ 214.591541][ T8239] ret_from_fork+0x1f/0x30 [ 214.596177][ T8239] [ 214.598505][ T8239] Uninit was created at: [ 214.602765][ T8239] kmsan_internal_poison_shadow+0x5c/0xf0 [ 214.608541][ T8239] kmsan_slab_alloc+0x8d/0xe0 [ 214.613334][ T8239] __kmalloc_node_track_caller+0xa37/0x1430 [ 214.619255][ T8239] __alloc_skb+0x2f8/0xb30 [ 214.625696][ T8239] vhci_write+0x18a/0x880 [ 214.631406][ T8239] vfs_write+0x1083/0x1b00 [ 214.636742][ T8239] ksys_write+0x275/0x500 [ 214.642657][ T8239] __se_sys_write+0x92/0xb0 [ 214.647274][ T8239] __x64_sys_write+0x4a/0x70 17:21:00 executing program 3: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_pscan_rep_mode={{0x20, 0x7}, {@fixed={[], 0x12}, 0x51}}}, 0xa) [ 214.652058][ T8239] do_syscall_64+0x9f/0x140 [ 214.656612][ T8239] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 214.662534][ T8239] ===================================================== [ 214.669758][ T8239] ===================================================== [ 214.677160][ T8239] BUG: KMSAN: uninit-value in hci_conn_add+0x718/0x1890 [ 214.685084][ T8239] CPU: 0 PID: 8239 Comm: kworker/u5:2 Tainted: G B 5.11.0-rc7-syzkaller #0 17:21:00 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) [ 214.695000][ T8239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 214.705179][ T8239] Workqueue: hci2 hci_rx_work [ 214.709897][ T8239] Call Trace: [ 214.713381][ T8239] dump_stack+0x21c/0x280 [ 214.717872][ T8239] kmsan_report+0xfb/0x1e0 [ 214.722318][ T8239] __msan_warning+0x5f/0xa0 [ 214.726870][ T8239] hci_conn_add+0x718/0x1890 [ 214.731490][ T8239] ? add_taint+0x17c/0x210 [ 214.736049][ T8239] hci_event_packet+0x18851/0x39e50 [ 214.741364][ T8239] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 214.747300][ T8239] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 214.753733][ T8239] ? kmsan_get_metadata+0x116/0x180 [ 214.758970][ T8239] hci_rx_work+0x744/0xcf0 [ 214.763855][ T8239] ? hci_alloc_dev+0x28d0/0x28d0 [ 214.768996][ T8239] process_one_work+0x1219/0x1fe0 [ 214.774073][ T8239] worker_thread+0x10ec/0x2340 [ 214.788505][ T8239] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 214.794355][ T8239] ? kmsan_get_metadata+0x116/0x180 [ 214.799588][ T8239] kthread+0x521/0x560 [ 214.803693][ T8239] ? process_one_work+0x1fe0/0x1fe0 [ 214.809065][ T8239] ? kthread_blkcg+0x110/0x110 [ 214.813865][ T8239] ret_from_fork+0x1f/0x30 [ 214.818426][ T8239] [ 214.820840][ T8239] Uninit was created at: [ 214.825089][ T8239] kmsan_internal_poison_shadow+0x5c/0xf0 [ 214.830926][ T8239] kmsan_slab_alloc+0x8d/0xe0 [ 214.835860][ T8239] __kmalloc_node_track_caller+0xa37/0x1430 [ 214.841805][ T8239] __alloc_skb+0x2f8/0xb30 [ 214.846257][ T8239] vhci_write+0x18a/0x880 [ 214.850702][ T8239] vfs_write+0x1083/0x1b00 [ 214.855227][ T8239] ksys_write+0x275/0x500 [ 214.859831][ T8239] __se_sys_write+0x92/0xb0 [ 214.864357][ T8239] __x64_sys_write+0x4a/0x70 [ 214.868990][ T8239] do_syscall_64+0x9f/0x140 [ 214.873533][ T8239] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 214.879538][ T8239] ===================================================== [ 214.886681][ T8239] ===================================================== [ 214.893641][ T8239] BUG: KMSAN: uninit-value in hci_conn_add+0x1467/0x1890 [ 214.900806][ T8239] CPU: 0 PID: 8239 Comm: kworker/u5:2 Tainted: G B 5.11.0-rc7-syzkaller #0 [ 214.910807][ T8239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 214.920895][ T8239] Workqueue: hci2 hci_rx_work [ 214.925700][ T8239] Call Trace: [ 214.929077][ T8239] dump_stack+0x21c/0x280 [ 214.934448][ T8239] kmsan_report+0xfb/0x1e0 [ 214.939333][ T8239] __msan_warning+0x5f/0xa0 [ 214.943878][ T8239] hci_conn_add+0x1467/0x1890 [ 214.956229][ T8239] hci_event_packet+0x18851/0x39e50 [ 214.961838][ T8239] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 214.967678][ T8239] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 214.974651][ T8239] ? kmsan_get_metadata+0x116/0x180 [ 214.979970][ T8239] hci_rx_work+0x744/0xcf0 [ 214.984417][ T8239] ? hci_alloc_dev+0x28d0/0x28d0 [ 214.989624][ T8239] process_one_work+0x1219/0x1fe0 [ 214.994696][ T8239] worker_thread+0x10ec/0x2340 [ 214.999508][ T8239] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 215.005345][ T8239] ? kmsan_get_metadata+0x116/0x180 [ 215.010578][ T8239] kthread+0x521/0x560 [ 215.014673][ T8239] ? process_one_work+0x1fe0/0x1fe0 [ 215.019908][ T8239] ? kthread_blkcg+0x110/0x110 [ 215.024696][ T8239] ret_from_fork+0x1f/0x30 [ 215.029145][ T8239] [ 215.031490][ T8239] Uninit was stored to memory at: [ 215.036512][ T8239] kmsan_internal_chain_origin+0xad/0x130 [ 215.042294][ T8239] __msan_chain_origin+0x57/0xa0 [ 215.047305][ T8239] hci_conn_add+0x601/0x1890 17:21:00 executing program 1: syz_emit_vhci(0x0, 0x0) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043c07ffefffffffff07"], 0xa) [ 215.051950][ T8239] hci_event_packet+0x18851/0x39e50 [ 215.057171][ T8239] hci_rx_work+0x744/0xcf0 [ 215.061974][ T8239] process_one_work+0x1219/0x1fe0 [ 215.067030][ T8239] worker_thread+0x10ec/0x2340 [ 215.071902][ T8239] kthread+0x521/0x560 [ 215.076014][ T8239] ret_from_fork+0x1f/0x30 [ 215.080636][ T8239] [ 215.082959][ T8239] Uninit was created at: [ 215.087210][ T8239] kmsan_internal_poison_shadow+0x5c/0xf0 [ 215.093041][ T8239] kmsan_slab_alloc+0x8d/0xe0 [ 215.097744][ T8239] __kmalloc_node_track_caller+0xa37/0x1430 [ 215.103659][ T8239] __alloc_skb+0x2f8/0xb30 [ 215.108100][ T8239] vhci_write+0x18a/0x880 [ 215.112473][ T8239] vfs_write+0x1083/0x1b00 [ 215.117009][ T8239] ksys_write+0x275/0x500 [ 215.121456][ T8239] __se_sys_write+0x92/0xb0 [ 215.125986][ T8239] __x64_sys_write+0x4a/0x70 [ 215.130614][ T8239] do_syscall_64+0x9f/0x140 [ 215.135233][ T8239] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 215.141344][ T8239] ===================================================== [ 215.148473][ T8239] ===================================================== [ 215.155428][ T8239] BUG: KMSAN: uninit-value in hci_conn_add+0x17a3/0x1890 [ 215.160802][ T8453] Bluetooth: hci3: command 0x0406 tx timeout [ 215.162790][ T8239] CPU: 0 PID: 8239 Comm: kworker/u5:2 Tainted: G B 5.11.0-rc7-syzkaller #0 [ 215.162822][ T8239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 215.162840][ T8239] Workqueue: hci2 hci_rx_work [ 215.195898][ T8239] Call Trace: [ 215.199197][ T8239] dump_stack+0x21c/0x280 [ 215.203653][ T8239] kmsan_report+0xfb/0x1e0 [ 215.208102][ T8239] __msan_warning+0x5f/0xa0 [ 215.212729][ T8239] hci_conn_add+0x17a3/0x1890 [ 215.218741][ T8239] hci_event_packet+0x18851/0x39e50 [ 215.223971][ T8239] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 215.229930][ T8239] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 215.237373][ T8239] ? kmsan_get_metadata+0x116/0x180 [ 215.242617][ T8239] hci_rx_work+0x744/0xcf0 [ 215.247169][ T8239] ? hci_alloc_dev+0x28d0/0x28d0 [ 215.252132][ T8239] process_one_work+0x1219/0x1fe0 [ 215.257216][ T8239] worker_thread+0x10ec/0x2340 [ 215.262016][ T8239] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 215.267855][ T8239] ? kmsan_get_metadata+0x116/0x180 [ 215.273089][ T8239] kthread+0x521/0x560 [ 215.277243][ T8239] ? process_one_work+0x1fe0/0x1fe0 [ 215.282537][ T8239] ? kthread_blkcg+0x110/0x110 [ 215.287330][ T8239] ret_from_fork+0x1f/0x30 [ 215.291787][ T8239] [ 215.294115][ T8239] Uninit was stored to memory at: [ 215.299149][ T8239] kmsan_internal_chain_origin+0xad/0x130 [ 215.304901][ T8239] __msan_chain_origin+0x57/0xa0 [ 215.309900][ T8239] hci_conn_add+0x601/0x1890 [ 215.314707][ T8239] hci_event_packet+0x18851/0x39e50 [ 215.319938][ T8239] hci_rx_work+0x744/0xcf0 [ 215.324374][ T8239] process_one_work+0x1219/0x1fe0 [ 215.329422][ T8239] worker_thread+0x10ec/0x2340 [ 215.334209][ T8239] kthread+0x521/0x560 [ 215.338301][ T8239] ret_from_fork+0x1f/0x30 [ 215.342737][ T8239] [ 215.345058][ T8239] Uninit was created at: [ 215.349379][ T8239] kmsan_internal_poison_shadow+0x5c/0xf0 [ 215.356214][ T8239] kmsan_slab_alloc+0x8d/0xe0 [ 215.360922][ T8239] __kmalloc_node_track_caller+0xa37/0x1430 [ 215.367275][ T8239] __alloc_skb+0x2f8/0xb30 [ 215.371719][ T8239] vhci_write+0x18a/0x880 [ 215.376175][ T8239] vfs_write+0x1083/0x1b00 [ 215.380790][ T8239] ksys_write+0x275/0x500 [ 215.385136][ T8239] __se_sys_write+0x92/0xb0 [ 215.389683][ T8239] __x64_sys_write+0x4a/0x70 [ 215.394460][ T8239] do_syscall_64+0x9f/0x140 [ 215.399967][ T8239] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 215.405895][ T8239] ===================================================== [ 215.413035][ T8239] ===================================================== [ 215.420507][ T8239] BUG: KMSAN: uninit-value in hci_event_packet+0x18a27/0x39e50 [ 215.428186][ T8239] CPU: 0 PID: 8239 Comm: kworker/u5:2 Tainted: G B 5.11.0-rc7-syzkaller #0 [ 215.438641][ T8239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 215.449623][ T8239] Workqueue: hci2 hci_rx_work [ 215.454690][ T8239] Call Trace: [ 215.457976][ T8239] dump_stack+0x21c/0x280 [ 215.462783][ T8239] kmsan_report+0xfb/0x1e0 [ 215.467236][ T8239] __msan_warning+0x5f/0xa0 [ 215.471764][ T8239] hci_event_packet+0x18a27/0x39e50 [ 215.477532][ T8239] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 215.483370][ T8239] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 215.490177][ T8239] ? kmsan_get_metadata+0x116/0x180 [ 215.495423][ T8239] hci_rx_work+0x744/0xcf0 [ 215.500414][ T8239] ? hci_alloc_dev+0x28d0/0x28d0 [ 215.505402][ T8239] process_one_work+0x1219/0x1fe0 [ 215.511064][ T8239] worker_thread+0x10ec/0x2340 [ 215.515976][ T8239] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 215.521820][ T8239] ? kmsan_get_metadata+0x116/0x180 [ 215.527157][ T8239] kthread+0x521/0x560 [ 215.531888][ T8239] ? process_one_work+0x1fe0/0x1fe0 [ 215.537148][ T8239] ? kthread_blkcg+0x110/0x110 [ 215.541934][ T8239] ret_from_fork+0x1f/0x30 [ 215.547889][ T8239] [ 215.550226][ T8239] Uninit was created at: [ 215.554465][ T8239] kmsan_internal_poison_shadow+0x5c/0xf0 [ 215.560235][ T8239] kmsan_slab_alloc+0x8d/0xe0 [ 215.565038][ T8239] __kmalloc_node_track_caller+0xa37/0x1430 [ 215.571718][ T8239] __alloc_skb+0x2f8/0xb30 [ 215.576619][ T8239] vhci_write+0x18a/0x880 [ 215.580988][ T8239] vfs_write+0x1083/0x1b00 [ 215.585607][ T8239] ksys_write+0x275/0x500 [ 215.590486][ T8239] __se_sys_write+0x92/0xb0 [ 215.595017][ T8239] __x64_sys_write+0x4a/0x70 [ 215.599716][ T8239] do_syscall_64+0x9f/0x140 [ 215.605028][ T8239] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 215.610939][ T8239] ===================================================== [ 215.618538][ T8239] ===================================================== [ 215.625522][ T8239] BUG: KMSAN: uninit-value in hci_event_packet+0xf7bb/0x39e50 [ 215.633018][ T8239] CPU: 0 PID: 8239 Comm: kworker/u5:2 Tainted: G B 5.11.0-rc7-syzkaller #0 [ 215.643021][ T8239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 215.653111][ T8239] Workqueue: hci2 hci_rx_work [ 215.657861][ T8239] Call Trace: [ 215.661152][ T8239] dump_stack+0x21c/0x280 [ 215.665540][ T8239] kmsan_report+0xfb/0x1e0 [ 215.670064][ T8239] __msan_warning+0x5f/0xa0 [ 215.674588][ T8239] hci_event_packet+0xf7bb/0x39e50 [ 215.679726][ T8239] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 215.685552][ T8239] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 215.691644][ T8239] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 215.697472][ T8239] ? kmsan_get_metadata+0x116/0x180 [ 215.702697][ T8239] ? kmsan_get_metadata+0x116/0x180 [ 215.707915][ T8239] hci_rx_work+0x744/0xcf0 [ 215.712736][ T8239] ? hci_alloc_dev+0x28d0/0x28d0 [ 215.717690][ T8239] process_one_work+0x1219/0x1fe0 [ 215.722746][ T8239] worker_thread+0x10ec/0x2340 [ 215.727537][ T8239] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 215.733380][ T8239] ? kmsan_get_metadata+0x116/0x180 [ 215.738865][ T8239] kthread+0x521/0x560 [ 215.742950][ T8239] ? process_one_work+0x1fe0/0x1fe0 [ 215.748175][ T8239] ? kthread_blkcg+0x110/0x110 [ 215.752966][ T8239] ret_from_fork+0x1f/0x30 [ 215.757405][ T8239] [ 215.759824][ T8239] Uninit was created at: [ 215.764060][ T8239] kmsan_internal_poison_shadow+0x5c/0xf0 [ 215.769820][ T8239] kmsan_slab_alloc+0x8d/0xe0 [ 215.774604][ T8239] __kmalloc_node_track_caller+0xa37/0x1430 [ 215.780514][ T8239] __alloc_skb+0x2f8/0xb30 [ 215.784950][ T8239] vhci_write+0x18a/0x880 [ 215.789292][ T8239] vfs_write+0x1083/0x1b00 [ 215.793721][ T8239] ksys_write+0x275/0x500 [ 215.798060][ T8239] __se_sys_write+0x92/0xb0 [ 215.802589][ T8239] __x64_sys_write+0x4a/0x70 [ 215.807199][ T8239] do_syscall_64+0x9f/0x140 [ 215.811720][ T8239] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 215.817632][ T8239] ===================================================== [ 215.824742][ T8239] ===================================================== [ 215.831692][ T8239] BUG: KMSAN: uninit-value in hci_event_packet+0x18669/0x39e50 [ 215.839509][ T8239] CPU: 0 PID: 8239 Comm: kworker/u5:2 Tainted: G B 5.11.0-rc7-syzkaller #0 [ 215.849538][ T8239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 215.859620][ T8239] Workqueue: hci2 hci_rx_work [ 215.864372][ T8239] Call Trace: [ 215.867663][ T8239] dump_stack+0x21c/0x280 [ 215.872021][ T8239] kmsan_report+0xfb/0x1e0 [ 215.876459][ T8239] __msan_warning+0x5f/0xa0 [ 215.881000][ T8239] hci_event_packet+0x18669/0x39e50 [ 215.886220][ T8239] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 215.892080][ T8239] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 215.898187][ T8239] ? kmsan_get_metadata+0x116/0x180 [ 215.903410][ T8239] hci_rx_work+0x744/0xcf0 [ 215.907852][ T8239] ? hci_alloc_dev+0x28d0/0x28d0 [ 215.912805][ T8239] process_one_work+0x1219/0x1fe0 [ 215.918396][ T8239] worker_thread+0x10ec/0x2340 [ 215.923181][ T8239] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 215.929095][ T8239] ? kmsan_get_metadata+0x116/0x180 [ 215.934416][ T8239] kthread+0x521/0x560 [ 215.938524][ T8239] ? process_one_work+0x1fe0/0x1fe0 [ 215.943751][ T8239] ? kthread_blkcg+0x110/0x110 [ 215.948536][ T8239] ret_from_fork+0x1f/0x30 [ 215.952975][ T8239] [ 215.955297][ T8239] Uninit was created at: [ 215.959527][ T8239] kmsan_internal_poison_shadow+0x5c/0xf0 [ 215.965267][ T8239] kmsan_slab_alloc+0x8d/0xe0 [ 215.969962][ T8239] __kmalloc_node_track_caller+0xa37/0x1430 [ 215.975875][ T8239] __alloc_skb+0x2f8/0xb30 [ 215.980325][ T8239] vhci_write+0x18a/0x880 [ 215.984669][ T8239] vfs_write+0x1083/0x1b00 [ 215.989098][ T8239] ksys_write+0x275/0x500 [ 215.993534][ T8239] __se_sys_write+0x92/0xb0 [ 215.998054][ T8239] __x64_sys_write+0x4a/0x70 [ 216.002657][ T8239] do_syscall_64+0x9f/0x140 [ 216.007179][ T8239] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 216.013091][ T8239] ===================================================== [ 216.020311][ T8239] ===================================================== [ 216.027246][ T8239] BUG: KMSAN: uninit-value in hci_event_packet+0x18a27/0x39e50 [ 216.034832][ T8239] CPU: 0 PID: 8239 Comm: kworker/u5:2 Tainted: G B 5.11.0-rc7-syzkaller #0 [ 216.044746][ T8239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 216.054845][ T8239] Workqueue: hci2 hci_rx_work [ 216.059564][ T8239] Call Trace: [ 216.062859][ T8239] dump_stack+0x21c/0x280 [ 216.067218][ T8239] kmsan_report+0xfb/0x1e0 [ 216.071750][ T8239] __msan_warning+0x5f/0xa0 [ 216.076285][ T8239] hci_event_packet+0x18a27/0x39e50 [ 216.081511][ T8239] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 216.087344][ T8239] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 216.093471][ T8239] ? kmsan_get_metadata+0x116/0x180 [ 216.099308][ T8239] hci_rx_work+0x744/0xcf0 [ 216.103758][ T8239] ? hci_alloc_dev+0x28d0/0x28d0 [ 216.108719][ T8239] process_one_work+0x1219/0x1fe0 [ 216.113780][ T8239] worker_thread+0x10ec/0x2340 [ 216.118578][ T8239] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 216.124430][ T8239] ? kmsan_get_metadata+0x116/0x180 [ 216.129656][ T8239] kthread+0x521/0x560 [ 216.133753][ T8239] ? process_one_work+0x1fe0/0x1fe0 [ 216.138972][ T8239] ? kthread_blkcg+0x110/0x110 [ 216.143758][ T8239] ret_from_fork+0x1f/0x30 [ 216.148229][ T8239] [ 216.150550][ T8239] Uninit was created at: [ 216.154781][ T8239] kmsan_internal_poison_shadow+0x5c/0xf0 [ 216.160523][ T8239] kmsan_slab_alloc+0x8d/0xe0 [ 216.165218][ T8239] __kmalloc_node_track_caller+0xa37/0x1430 [ 216.171132][ T8239] __alloc_skb+0x2f8/0xb30 [ 216.175571][ T8239] vhci_write+0x18a/0x880 [ 216.179910][ T8239] vfs_write+0x1083/0x1b00 [ 216.184341][ T8239] ksys_write+0x275/0x500 [ 216.188683][ T8239] __se_sys_write+0x92/0xb0 [ 216.193227][ T8239] __x64_sys_write+0x4a/0x70 [ 216.197836][ T8239] do_syscall_64+0x9f/0x140 [ 216.202377][ T8239] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 216.208285][ T8239] ===================================================== 17:21:02 executing program 3: syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x16) 17:21:02 executing program 1: ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(0xffffffffffffffff, 0x8008ae9d, &(0x7f0000000000)=""/135) syz_emit_vhci(0x0, 0x0) syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x15) 17:21:02 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x300, 0x0) 17:21:02 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r0, 0x0) ioctl$VIDIOC_CROPCAP(r0, 0xc02c563a, &(0x7f0000000040)={0x7, {0x7fff, 0xffffffff, 0x4, 0x3}, {0x744, 0x2, 0x6, 0x81}, {0x3, 0x1}}) r1 = socket(0x6, 0x80000, 0x80) getsockname(r1, &(0x7f0000000080)=@xdp, &(0x7f0000000100)=0x80) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) 17:21:02 executing program 3: finit_module(0xffffffffffffffff, &(0x7f0000000040)='/\'$.:{*.:\x00', 0x0) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) 17:21:02 executing program 1: syz_emit_vhci(0x0, 0xfd09) 17:21:02 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x500, 0x0) 17:21:02 executing program 2: r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCGETD(r0, 0x5420, &(0x7f0000000000)) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000040)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) 17:21:03 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x600, 0x0) 17:21:03 executing program 3: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @HCI_EV_INQUIRY_COMPLETE={{0x1, 0x1}, 0x40}}, 0x4) syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x6b}, "6d018275f599666c2dfd927e58d16efa4a257064c143ebfa46aee40b19a10c6bcb8c32e24107b3819f63e16bc36f308b60e7e8a2f9d45d6d9c6d8f1144eccfc181e1f9afb271ea47c5af0636ea407bc65ed555f5744a2e1f82c27d10716da6c8faa31728622bb752a42a21"}, 0x6f) syz_emit_vhci(&(0x7f00000000c0)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2) 17:21:03 executing program 1: syz_emit_vhci(0x0, 0x0) syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8f}, "4f4797db6225f9a8dfe512219d7d4076f43d8670e7b8784460fbfc3f4c5f31009fa78ab1c45e4d0efaa15db89680b8ae4254948537fdbec21cc4b08431f4ed6910688fffa1626c318cc1bd8e89558dc65fd18485d66b82cb3eb096ee1cf4c8d18bb1feae7eb4fe417f40af5e2cd38e6403921cf357cd1eb9ddf0ecbcee87e25d9923f29074cd5ce2b23bf811c2b15a"}, 0x93) syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) 17:21:03 executing program 2: ioctl$KVM_SET_IDENTITY_MAP_ADDR(0xffffffffffffffff, 0x4008ae48, &(0x7f0000000080)=0x3000) syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYRESHEX=0x0], 0x9) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x10}, {0x1, [{@fixed={[], 0x10}, 0x80, 0x20, 0x1f, '$8\"', 0x1ff, 0x3}]}}}, 0x13) 17:21:03 executing program 1: syz_emit_vhci(0x0, 0x0) syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2) syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x3, 0x45}, @l2cap_cid_signaling={{0x41}, [@l2cap_conf_rsp={{0x5, 0x8, 0x23}, {0x7fff, 0x5, 0x1f, [@l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_efs={0x6, 0x10, {0x71, 0x2, 0x7, 0xc3a1, 0x6232, 0xbdb}}, @l2cap_conf_ews={0x7, 0x2, 0x5}, @l2cap_conf_mtu={0x1, 0x2, 0x3f}]}}, @l2cap_move_chan_rsp={{0xf, 0x5, 0x4}, {0x3ff, 0x7}}, @l2cap_create_chan_req={{0xc, 0x3, 0x5}, {0x767a, 0x614, 0xb1}}, @l2cap_create_chan_req={{0xc, 0xfc, 0x5}, {0x7de4, 0x7ffb, 0x20}}]}}, 0x4a) 17:21:03 executing program 3: syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x3, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_cmd_rej_unk={{0x1, 0x1, 0x2}, {0x5}}}}, 0xf) 17:21:03 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x700, 0x0) [ 218.345631][ T8453] Bluetooth: hci2: command 0x0409 tx timeout 17:21:04 executing program 2: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cachefiles\x00', 0x200000, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) preadv(r1, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) ioctl$NS_GET_OWNER_UID(r1, 0xb704, &(0x7f0000000180)) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r2, 0x0) openat(r2, &(0x7f0000000200)='./file0\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000000c0)={0x0, 0xffffffff}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000140)={r3, 0x7}, &(0x7f00000001c0)=0x8) ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000080)=0x3) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) 17:21:04 executing program 1: ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv0\x00'}) syz_emit_vhci(0x0, 0x0) syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x44}, "4fcda9ab5e7d1295f79d1c161f354f8870da7103076f244ee9831c9c258de057cf2dd234d449cc05d1839e753a6eaee1eed2a32b0dabec4621b2b040ddebc1c1c11a0544"}, 0x48) syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x1b}, @l2cap_cid_signaling={{0x17}, [@l2cap_create_chan_req={{0xc, 0x3, 0x5}, {0x401, 0xbf7, 0x6}}, @l2cap_move_chan_rsp={{0xf, 0x4, 0x4}, {0x470, 0x9}}, @l2cap_move_chan_cfm_rsp={{0x11, 0xff, 0x2}, {0x4}}]}}, 0x20) 17:21:04 executing program 3: syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="0000000000000000009cc9b6ab2c6eb0a3874b1e1e25cd69f661eee094c80f2616f8b5c96e994fc0f89fbcc948ababed9ee33288c46dd8ba8307c979049927badb04795362631c8cb50dd04689345c1bc0345a230e65b1cb1e1d32196cf6fa5d1019af9d2b9eced85170b156501fe83527ee560be045722c8eb302bbe19457f6689de2c97d8cf8909adce8fdf88c7407b3802c3067a1ee88e2452a0f06ccde05959dee48683e03efb5048af964e03870f7f00b6190a6658bf6b920c57b47cfc21588d2b48e2c34ecadd0d46e07220823e0fb076214935d9dbe835d330607319f8deb02b82d3ea26775a10c79b475d64d5728321dff2459313fa9ab7589caa0f240dc"], 0x9) syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3f, 0x8}, {0x6ac, 0x3f, 0x8, 0x5}}}}, 0x15) 17:21:04 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x900, 0x0) [ 219.011516][ T8239] Bluetooth: Unexpected continuation frame (len 16) 17:21:04 executing program 1: r0 = socket$inet_icmp(0x2, 0x2, 0x1) ioctl$BTRFS_IOC_GET_FEATURES(r0, 0x80189439, &(0x7f0000000200)) syz_emit_vhci(0x0, 0x0) syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x5, 0x4}, {0x7ff, 0x80}}}}, 0x11) getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f0000000240)=""/164, &(0x7f0000000080)=0xa4) syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYRESOCT=r0], 0x6e) syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xb1}, "cf3775d2984712b7a224f7f5eb18423bd1a58769df2a91a2bd666816bc95253f0e9ce51336bbdaba787d9a0e2f6f88161d26628af4a64c01896a0103554cd14ed96a288ed5a9611cb44a65692aa1f8a9459b76508de5da4b6d16dfdc95ef2f2bfc05efad8b4c64158787538df5a3ebf40d092d6c171a5fcb5ad83bb75f65ef36c53a41aa729197902b5600457b92369e4c188831f42c6028995367095c507c64a70a954088eef2fa54815a42a60e43833e"}, 0xb5) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0200a00a00060005000101020001044ada86a7de089a0ae795412b8a98e8ecdd9c3c27f0a0342d"], 0xf) syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0xd, 0xa}, {0x9, 0x0, 0x3, 0x5, 0x4b}}}}, 0x17) 17:21:04 executing program 2: syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) 17:21:04 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0xa00, 0x0) 17:21:04 executing program 3: r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCGETD(r0, 0x5420, &(0x7f0000000000)) ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r0, 0x8008f513, &(0x7f0000000040)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) 17:21:05 executing program 1: syz_emit_vhci(0x0, 0x0) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0262d7c81d5e58f56d0a020200ff0f"], 0xf) syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) 17:21:05 executing program 2: fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) 17:21:05 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0xb00, 0x0) 17:21:05 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r0, 0x0) ioctl$SG_SET_TIMEOUT(r0, 0x2201, &(0x7f0000000040)=0x7) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) 17:21:05 executing program 1: syz_emit_vhci(0x0, 0xffffffffffffff2a) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="fe3c0705000000000000"], 0xa) syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xeb}, "f55357ac3602b50131d4c47a8454ea3e88b7be47754a98c9356265910f869a21fee30733d109623c507a06902fe1470d16543871230907152d456c140b9f7b9e056e8855c56df5c4211be0cf1acb443ebdb9dda9deaa0c9ba7a8e787181ac9844fe4defb40685ba7240ac560a7db36479333ce52acbbe75d24d49b73a1eb21fc64bb5ad65f1a49dfd3aae2ca488f99bf3614f700e832f1bc115669ad5ed1417797d1df86537d839057d7ba29420d947803d06604c2d0fab22c5184d57924e6bc91985f7f99a39b64ba12453a57fd10effc811858f59e9bca95d1086e878417ff6a3e9bf58967a409e2468d"}, 0xef) syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x3, 0x4, 0x1, 0x4}}}}, 0x15) 17:21:05 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0xc00, 0x0) 17:21:05 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x2b}, "bfa3821b3f95293566f2880ace6a9bbd59a619cf63b8454d1d4fd4a062e257be619904381c4fa52965eae1"}, 0x2f) syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) 17:21:06 executing program 3: syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_complete={{0x3, 0xb}, {0xff, 0xc9, @any, 0x1, 0x8}}}, 0xe) 17:21:06 executing program 1: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmallocinfo\x00', 0x0, 0x0) pread64(r0, &(0x7f0000000040)=""/97, 0x61, 0x8) syz_emit_vhci(0x0, 0x0) ioctl$KDGKBMETA(r0, 0x4b62, &(0x7f00000000c0)) getsockopt$inet_dccp_int(r0, 0x21, 0x4, &(0x7f0000000100), &(0x7f0000000140)=0x4) ioctl$KDSETLED(r0, 0x4b32, 0x1ff) [ 220.415137][ T789] Bluetooth: hci2: command 0x0406 tx timeout 17:21:06 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0xd00, 0x0) 17:21:06 executing program 2: syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="041706000000000020"], 0x9) syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x3, 0x1d}, @l2cap_cid_signaling={{0x19}, [@l2cap_create_chan_req={{0xc, 0x3, 0x5}, {0x4, 0x3e46, 0x7}}, @l2cap_disconn_rsp={{0x7, 0x3f, 0x4}, {0xcb58, 0x9}}, @l2cap_disconn_req={{0x6, 0x45, 0x4}, {0xf801, 0x2}}]}}, 0x22) 17:21:06 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r0, 0x0) sendmsg$NL80211_CMD_DEL_PMKSA(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x70, 0x0, 0x4, 0x70bd29, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x5, 0x2d}}}}, [@NL80211_ATTR_PMK={0x14, 0xfe, "14fdae701bf6f05e7672f1fab30dfa69"}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x20}, @NL80211_ATTR_PMKID={0x14, 0x55, "623ae1e6d4dd5c9e35b332ae0884b604"}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x100}]}, 0x70}, 0x1, 0x0, 0x0, 0x4000010}, 0x4) syz_emit_vhci(0x0, 0xffffffffffffff86) 17:21:06 executing program 4: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmallocinfo\x00', 0x0, 0x0) pread64(r0, &(0x7f0000000040)=""/97, 0x61, 0x8) syz_emit_vhci(0x0, 0x0) ioctl$KDGKBMETA(r0, 0x4b62, &(0x7f00000000c0)) getsockopt$inet_dccp_int(r0, 0x21, 0x4, &(0x7f0000000100), &(0x7f0000000140)=0x4) ioctl$KDSETLED(r0, 0x4b32, 0x1ff) 17:21:06 executing program 3: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0) openat(r1, &(0x7f0000000080)='./file0\x00', 0x400040, 0x1f1) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) sendmsg$NL80211_CMD_STOP_AP(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000a2dbd7000fcdbdf25100000000c0099000700000061000000d1867d68e343dd95262a1d3b484a49b1c8de30b4d6627c1e05eeda0ecdeb9d807861e2034f74a00967e0ef71c495d712b123e3cdec2209e41ee55109226c72e39cc15e324f5f677f85b16ba6c289d98f17ca245c091dec9695bf39bce74a2c7b22fb37103bdf0ac882aa219c603eed414b465d7a825cc4c9e33916cffb9515bd20a27bb8a5f3"], 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000880) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_pkt_type_change={{0x1d, 0x1e}, {0x1, 0xc9}}}, 0x8) 17:21:07 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x20, 0xc8, 0x0, 0x7}}}, 0x9) 17:21:07 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0xe00, 0x0) 17:21:07 executing program 1: syz_emit_vhci(0x0, 0x0) syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xda}, "1937b138912daa1b513874327619a9f4288b5773de4ccc9adf062b08feb0f3d73aafdb85f3e663f9eb21c559ce6f6557e20c747a8b7e3df310616acaf2560aa756469bdd7d568902addb63339b35c9f108571efbf7e66756fe622dd89c992ae6cb38bd8f079fabca2c367f6f8878d514ffa4e8c11f95884bcfbbc8d48cec59a5598119b6e37c6701f576d92c9246180f00bc8d8fa12ee4dbc52fbc916769945a27d2d7d97e0373a49d948d9d5c2161720e3ac5e97eb8ec5bcfebb8afd3942aba67439d0a94c432448f25826b9cfc9c2244c88cbf70eae79c6f9d"}, 0xde) syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x2e}, @l2cap_cid_signaling={{0x2a}, [@l2cap_cmd_rej_unk={{0x1, 0x3f, 0x2}, {0x7}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x0, 0x2}, {0x800}}, @l2cap_conn_rsp={{0x3, 0xa7, 0x8}, {0x1, 0x2, 0x3, 0x1ff}}, @l2cap_create_chan_rsp={{0xd, 0x8, 0x8}, {0xfff, 0x8, 0x3ff, 0x7fff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x0, 0x2}, {0xd822}}]}}, 0x33) 17:21:07 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/seq\x00', 0x40000) fcntl$notify(r0, 0x402, 0x100000030) syz_emit_vhci(0x0, 0x0) 17:21:08 executing program 2: syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="ec1306aaaaa2aeaa00"], 0x9) 17:21:08 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x1100, 0x0) 17:21:08 executing program 3: syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x20}, "db1f95d5498cbe8ab0a0d931feea0c428243155f26d4b890a5089482d305a38a"}, 0x24) syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xd5}, "c1e6f1069a358c1d50b97bea3ec0ce17730920dec3a5210e82aa52ebc85cc82e7a1ddef25fdbf3982beac9a2e664125fae6451afb3352c815c3fe2370b14b0cbf43c71d6215a4f089b51c2b6d64254028fbfa9cc13cba8a64de089582b0e3d8b9134d8ab5b323e52890d03dc826670fb7885a8f8fe8edac99aff997132620c3b76214344ea1d5bc48e748c829eeb8dc52dd8dd6d41a2eaf44057fa75dbf5b803cc099902f632e2ea6d9c17e4414f6c116176223885bcd60b3d1b3cb89b3e29b334bc47f2fee1999d46a8bab15accad40645b8ccc72"}, 0xd9) syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x52}, "309953f185c638b8a02a20dac54702ac9e2b9fefb2df991e5ce3d7a0bdf75beb31dbe4da3fa26ac63ace580f0fad1d4cbd8c06c31247777fbebaa8fb9f6ef02e23ea5ee3281dcc570d9e15cda9d9b6b8adb6"}, 0x56) syz_emit_vhci(&(0x7f0000000200)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0x203a}, @l2cap_cid_signaling={{0x2036}, [@l2cap_conn_req={{0x2, 0x6, 0x4}, {0x8, 0x2b}}, @l2cap_disconn_req={{0x6, 0x9, 0x4}, {0x5, 0x4}}, @l2cap_info_rsp={{0xb, 0x59, 0x1004}, {0x400, 0x2, "f422dfb3697c2c8c51a742e26cb5f9b15248e2799920e067cbeff3bebc88f3e68e7df9d2986a4b9bdc2e5827b96d7ac241d4975aec909db0c363a6966615d41e7a9f258d185ebb3fe1d1eb4a2106857d2f233dbbee10b568f3ec33396a36572f40c3078c2e998d947ab98b341ce62a609ecc11f34ea5737ddc4941e60b14d8e106288e1b577127190d472122824f00e3e884349cb4d2c252287539b5c8b2bce3cfa796343616bda36d0095a44162ed61d5b390594d87adcdb9369939c867837ff85c784c6c034a3fab0cf0538ef4812fed97c8fb0700d14908c68d2f70279d44ad7967e3e1928f0725b5d647499b1dc60861dc375bd3001ed8b3b39d72dbfeb4875d5b6ee33d7c37acf5f273cde70690697843bad2fe5175190f32f28246e7f89c5f8a64bdaf7f063c848098c6510bc7eb32077848dbefc528607f23c58773131b8da95841de9738e65081f64fe10012df48b69997393d7ee402e06ef573f14edaf752b7d8cd021544e7845e2333d83d935323b5f07f4840caa63be774fe1d35754e970630c07b95d72c52dd38cdcaae235a2a1dda013e3be4b5ed6f020ca82cf12510c5d18d7e1e8466c7c3c3cb8e3f493fa30fbadf0ebb3248c92fa4dbd320c3e1ef077a90cc98ea14fb28ad54e9216b8622a5254a718be1960031ab89695d24a59b9505a002c77beab1facb870cdf941a8bc95a03cb15c4fbc113628654b804311511f4a3c6fe007150fa462d8d5980349ebfca6f09ee08a3a00e533fdd426e33a45fb1dd65ae3c0eb10080b8464313c3b41731b28dbd5dc41373bbeeeb7b76ffa37d943e96d621b8354555d0351bb6ddba6e8beb6475e5cdff8213f580f435befc2015c3c58e2526e54c24ef254496bc71ecd7b834ce0538a540e7171967ba8c25bc203c1b256f22cef555eec05f090da98497ce703ff97dc3b8f30cec454e49e8437b95411f0dd0000f758789d84f2ee1ffd586f5710ab89f31fa1aface0351cbd1a947748975bd7de515ce3c71ecd5d43eacee0da9e12cfa063d8635ef49f9a17a164d637ed302b88380ac6c52e159424f68c8f22a3db5a079ad886adb862b4ec2e017a7391559a0037650e7296c958b6298a2707f3599ab1861c9ac86b6f8810ac314aeb5fbf9f72e02d46ecad9372eab6083266d74c93d21271dfdf4bd7ba695aac1b9b272330c5c0fd9b5f4dd5336ff51945c6e89d555a8215485bc79114b9dab0722116bd740cd691a86e96d7979ce1e6738de9e571968920be7c2a320202e9b57bf715285d06c92f2df059ac2056d9710024385ef46947dc802dcecb366ea622e06568f7a73139af31fcb8e05e27f7cb9142522ed3ff68367d663d0a2e6b9ccd89c3a588e17c365d3588d222607bc50f2873e30b1a5f1e43304b1c083dc05fe2884e5d5340932d40834594a74177b7c54894834c171ba8f28d85e78f21e13dce6e67790047964453bc8b41a293a08a2efd3d981df8844de4a70ab0a5b9d05f3653a5a9431c2596d4beb180cd89ea75434a0904bfb2aa3b76c31937074cd344b624ba15826c409a833fc920e4844019975d67dad33476fe26492b926f3642aa217935ce0dacf9cd5aead06f118d1160db4f62bb50be5940c465cf51c11d92bac831575ec4f589921d94ffb85573852e128141c3665f98c5a7d6e55053d3f99ab2ee623fbbb349b64b3e4b9baa721f1d5c7a4eb238ffc87081ae7548a8a25f8434247394c083a63e6a9ab6d1f418ebd7201a6a172fdcffeda7f3a131a47e227f86c17f761fea6fbe0a5920ebf690873d36e687d6299edfc3fc04d83a232b89311bd74961935d0e7421900288d59f1f39ad257f02f3036737e3f0acb05e6fae45016784897ffc59e131abc5d81df9a49f4010e1c878e38ffdfa23b3412ae52b5f4b8b37393037eaa4f24bf13ecb3c435fc3e8d8857f99f7191130f83bd5d0b241940afecd74e36bebfca8dfe4fb155fccd1297c9f68bf33066823563ff7323952abc6af224ad3ae8697b11362c4bbc39aed2f18a3e2a717fb61ecd0c762cede2139ada865042c209650f724ba83b3d902e089c70f8516356f0ea6f5dcb0545ccf9f8d90fc2645d65a28e0455ce0359435f7c20e5916571cd6fcd6b4f8e407029143172f827436a61f0ba85d5d51fb57a37fbb09ce6a79223c3e3827fc125536aa2d9c5f8f8d6ac87f05e8bdc8884b1344c25e29784582b544e187dd0ca7313bdcc370cb07f47f39b46d7cd2cf10da24bd6d755a8f93df0aad118cc7ce15de5987278e6e45091c10c0814fb85a9292ace0a7e01e73505be0ed2288237060bc6a01ce2b61e8dd05de4ad59c729acf866ad14ec1a30cc609315082f75985aecb74962076d2bfab9e4607c519a413b9d1b77c9cb4db5ed4e50f2559b0e82abfa7f089bf97449b002331ab3b3b0dc55bb2d8658e91888ba98b1a56df7c9983f0d66dfa8c2657d4bc8ed39059df061759d1c5281f0238f1ba8f969acff842066a72e05c775f10d35e9ff92a6bec9f0a7c6935151284ea85e20cfc4df5f108a1314b961a81e1eac581b43f7d6a89c3c26e316293247c5e988f45db4a1d8b21666ad7cf477935f2fa0bebc11fdfa859c11583085bf72d87eae4e45ce1b81eae774d4349bb8edcfb6a6a038d14f63278be5e9d1b807dbf6497d3d8e00cc55979db761bc3b8b7f151a1c06ec0028d3500f90f7fe607373d2e54ec343db24b725cd10a7dcb6c38c34b13091fea72fc48cf678f436ab4a7024f4ba33b9c403b786acef8e5210307d3fe0b96cf9a01614affb356f307b472982cb425073c52dc2366e3a60df46c707d6f0d6f156706ffbf61849950a33f1408b5c093ef953bb3a00efd59832470febe2483c559162e5be35b06c23e0dcd7b9ff2f37a669b6b174ca3f1c95a8a6ec2baf9eeb202934d451abb8c550a5e769458f17fdbc7133e1460568426baf10210b57874ee55a0043a52d8119c0f1dc709779f095118b2bdf684a13dd818145b7316b00c118b03688a056bf07294e6c96688ab55e39c3fcb4d1e3e9b039547392cdd3ef1f29c57e5e58311f22699609616e169972485a3b19a5a31a82a4b5cb977f23512c415f89b3f1e417dab2f3b28e19352eef213bd0c0fb416e545d8da924305574857b3fc1d8ff3c2fd6195c5d8e316474e5787bccc8984cb506fb104c5efd470f9ba035201ff5ece266a00df332e138a25069065ea0e593510501de6c3b5e6c8615ee9f75a5567b3c8df010fc125ca1d0968d47e6fef440e0abeb2c7cd64c03b0326bc01d69615020fa491c019005b36a369cc5972c9deaeac62c2f4eaacfc2dadfebf576d1d2a87b055ebe3100449a7230474f07ffc7c6932848c5b85161a5afd995a331e9a858f2da70d3d26e05dac92090dc9095982a69d3c18af78bb514e2d0a2309aa4510d09ccc76286bb57b65be37dde6756116e98cc9e5e0e9dc09eb7572e5a58369f42b573b32a743d70fdd1a0720f7a0b9dd958eb0f4eab9f5dcfdbce27f28b34e7872757251594841b7ad2b2147c0c176f9cf4919355e8dca34c817bd278a39f18a7dcac055c83c030e395d2df7b59d844c2fc8a4257d180679268334e1136232ddb0b463cad28dd5f5326b9cfb2a22c2b026bcae0004179523d5b3c902d5dfbadef7650db6773a558174601a630eee09fd08b80da90e30866f5895b8c0d349222b6347fd060208e352bcb19d83fb0b0d1c27e1438a5ce1ce38cd7c8c1aa34c6347832b708249d715191dd55434b54a6b4e874878316bffd1ea4c5ea4ac5b0e24051f0b979a9f43c1acd129e42d511e1aab94f757cd7839212df04413e7d210d83928858bd7acea616b133c8e35a39c080b31f37f4f8e1a6a971beea51a8981b615ce1823a7ce51429132d149224a65c17d13760ab98a861580a99fb7892da65488fbf5d289cb656f33cbecad50d924842332a8162d0f402e38210d632692f4bbd5b9daf7df5e6eab59682896f1fd132649b2f69d3e5d25932d4d9a2f9908aa1695bd985273d8f73dec622d3b75cf6f64762f6726028c671ed68b3e636c750e3cc82362c8ecec3c4400845f362ebad192673bb355d3c9b7ffabb41b9b84de4062c0e4f6e2534b72bbeb323650fa8a8290615231ee385fbe97401c4481660b4b6f6d4e3bea384a6c4b188da61afe2f14ecc2a171de8c753c3fff5adfd93b8a7e38a26bfad34aed8c82c840f4b91467ce9d317bad01d76cc304bc58bc86c1543e219728d900ac766e78073914ec6e23e3145ca30a20c31079a280ce4d0442dc9f86a219efec33153ff18b3ee17d9dfe8ecd3e15b5dbc363977f4aa94ed242e43318af8a6ddabd60e65ffb52382e6ad74cc251547acfe299443ba9164a97bfa53b8b98bf3547f686aedd30487ed1f05a7fa3e5ded6cda0f1a32bf6042f54b5afb0f9d240efccee4e8f654823b93628fa094a6c90c7983604f2b57a93b9404980fdbf532baf8e28619fbd22175106c5b7a100997d9306f66ae096819f0b4936da355187d65ff86572b5401ba026a79054054868255bd4e868c0dba3be4676ee474140400aae87d095688eecb0f853c446879a5083bf75302cbbb55044cd1f6c50cb16206cec3f5bbe71dc2281bce14c0bbf7ca8ef910a7c9c5848b455ddc1477c47e833684aa4b016e22673aaa26a6560e74b2ba961ad646c366df1cf52d94fbec6c7e5c3919d88adc5028287377475eeec4e5aa2f9bd58c7cb7d6be9f742b7fc8d62906988228e33dbe57e8a6f7ce22576a89f0ec9eed27cac2f86d00ff7ffa6af089fdbb160891660d6f7e2a1703dea33e43c7a571ccc3e6cc7964596dfd91db5df044798a6e694b04c1d932abb4d5cb7477259b8ddeb5e04bcfabc46ea1f7fde36ce21c006dfed98cd08beca7108963eab70fefc6274cc818bcb5a03931c9e90dd6bdaee48c124acd15ff2e46531cfe9a88c0360724198850443085c7d3214b9587f577602c0a2d896e79695c799eee13c68525b248f0a55c1f8671322ec877b2ccad4c9c954e8e760d66a60dbe05c591a99b536d719fc46d1714383ede4d3a989a7168cac9ae0ff0eaee68867311e5c083392c578fa4bb2816b3f1df8c8b400836733a39623c74fc2a680d665769b00ea159a9a4b4307d66cb3bb8eb24971bc28b27efafd04127e276e784dadf68e63ed1e55b774c41085bb7036b4e4646102d36eaa45047db28e6829ce7401b715d007238f177b403ad05962683aea6078e84006a7a1af548a3b3505799e37449f13c41594ef70f873199ec128038020c98010fc60bbeaa0f431c9af74802c9d15e90d7e3363244db3da276519433df62f8f4cc42b8198e3d155b72b941f1234e32542c6025e6c7da1495a25e2dfcc91cf307902c85ac097444a61722f1eb376f1cfe34226b9b23215b48b1f1ce15f23319ca925383d176c727b338269a758347c6dfa1d569bbcd946964f537bf5e4c80c247c752fd211277c27e51318105a047830b963084e20328c10041884521de1be834452503f5a62252e5a076615e41320ccd7c2242c6f694a706ff6b1418d5cbd4659a0bfe3402299130832b7bb3ad340af5d766857addc493fea5211112bfe34886070aba195af1c204ed3c1d52d1fd711875ec086841c00a9b20505618dddf3a7b39fd6f57887695a017172a8316a54adcc9b437d88191dbbd81f4654594a42f4fd4506da59c8fe0fe7ca8fc4809aad76f1a67cf96ce6e89e5073628e3e821329e37496193e5a167e5208f063d862d07aa1780f2acf8d28c015cb85b23b4207df2bbe306f8ad6eee7048e0382131f1cda18ac85b"}}, @l2cap_info_rsp={{0xb, 0x81, 0x1004}, {0x7f, 0x5, "1dd8de5f9339fd3b9389ccec044612b7d3e105c264b0ce17f94fb9e3cd1930919ece66e8950326a4ac92cf989275946a906afad8b43fab7bcba63ee4ed0b75068592f467f1882abb8c589fc7628ed9be51a7e4750a083fed3d416912a0e8b652c1be67b288687c70f2e9e0b1af6e4ad8588d40a62741e9ecc0fd40659cd9aa68a28083a42a3681c31e0c619574bc9891d14da4836670ca26d381c66e057eb3aa785d5a683480b7f1a5a187c5c822a94a957625ff57a250982fd7d99482c5df7122d93ca0199d2cda5d73f88641701b163a54f8a1c708491f2f1670223e9dbc3cee27f9a5bb24f513b154d6f2154bd3eb1064c1dd1417842ae599e343e1eae5005b8a2625af12bdc92309aefafffd70da90c0370b5b5d55f04224b552980dba575eeb04f6ad9c20ea152e72247ef03b8cda50c035fe8736406e3ee55269093dbc1ec891954e3887725b6c7ca79fbaa0de6a7ac9b4c63d08ec0253aa9ce974059b3da2d9667aaa4fc2f9d371edf4a31078520346acd3678465a4370ee4a655919dbef803a1046974f5ba3c1f832b926d516ea1ec97bd00015529b91760ca77e52ac255781f3613a5d51caae74be9e34346a91e7f6c7bf464ff78adac42df22146b4f82b2425129a0c2b1a4c4e2fdc385e90d422a93b9f67d6756977067ddc9e6b0b7516b2224deae94fbf8cba8fac02f98f9701b5eeb4fc9246285a54498b1dbb4ea8c0dbe251ec25b99ff01b3d9b0586fe562c04f089833ef675a530f8ee49ed7bfb14f3d49e18b5d9b59a4a8fe91df4658baa35f1a62bc9dddd111781c2c5f29fc2231f857307804e1f90741fa5408552802868004e40664c03185b33d65b5bdb749d95dedc4789c76cf3faee2fb2cd97d42653e1648c14912b2b63f062535af46b9ecdcb0fa0b31f774d0a15a3ac02107b8d1b8e1b0e5409cf8210c8fa098f3e46309dd20e8bb8daec88179eea33537d2a6ca82277501e21685bd87349f35040510d008d4f86457e9595e5cb129fb6cf88f28da843b1560bff10961bba72c286a90e754c93aba9c73b72ce524765bb8fe5bd4d193ee048115c167d027ae6ba8f553d950dfa2406fc6ea4b6d6641fb702a0f8c656075b6f13372948378b8227a482103daec357290635fe09480a9fbd92cb75217469301ba730c7ce346bbcdce6d515f5e840f766df2b3c326c4f018708ebeff4510db5a5e9ec53ce92be05463df4e273693c1ae2a6d6e2c84b0ae40467eee5435bb43b4bbc12b21d8bc9c538ac4823913da3633d77884d6353041b110ff06eeea64e73a7a70ddc63aaa97f7deea994e1ff0692241ad19a0c0c72f7f036dae18d01b28d5bee158646aeef43f73daac0c452c7738fab68873b22b441888084bbda46f595d098ef73e04b242c7b965fc312d43f931d09ddf7535f429f89bca5728a555cb90e3558a17f75c0aa01d0d767a0be539c3212cfd0d50b46af514c675bf554443a2b91c722c2a907aac4bf3dd52de8e01376796f8559147fea230bd72b4bcd06a9cc927d3c7be5e675ab22a97da77f5f427fcb33fb476a47553c73f89b04aad4e33d8f397f75cd89fa402fd9c7c2563d237f35e9f781699844f39c6a09e30cec6b01584c07eba694f8600f8cd2c9d1747a1501566d420699ce3ab4568e2537597d411a889fcf3628f6bae3231ff461addeb1c73771ec18eb3ec1fe1711a5204f7cde27232ccde267ced374c470b069493c54b8d200747661acebdb53fea228eeec14aac6cc77ad761f45e41f4286d9e7b8a547d5e99983f7363ce7236b412dd283acec8beec04d68d1cddffd434488d11593eabd604069b924173c3d7f8a281e61bdaa7e98441f0ea6ffa25967e944da99a8b127acfdd548ce6a5da1cb7d719a461f7599f59103874270dc1a5c77ef68a060f8054b9ec34b91f580dff696e66fa753dbd1a10db240f1e491a18d990edeebdfac23e055e9dd410ce128901dd9b1ac46b66f223f1cebcfe985bc97a8b65415713756555fe646429b2b84be572311801145c91491adb376b51fda4c66663ec05c6c56cb0c1e37afffa6c31760f21743b89e1af6049a1e317cc6e09a7ad14b2213b519eb77d8c67c36b25a17dc74a494f8676aef8c3e4b9a5923fef52c459c1c639ce82a2f7bc8971f36530de8c54d9f6fb314499432f36514e68c056a47b0069e7e7697fb33456908a8b18a4507163cf3a970f41f2fada051c1fcf1d2519bae0d1631a9bb08608727746e23beeeeaab22983507e81201b454ba10b4afad14a74fed6cfd54d3a3110f164e94a1d49876d5c9a984b15f6d5d62cce880b4ea7291ba23aca6bc4461a24e4bfda6d1dd490a7d96cef6996d84a1f03ab64678fded3825a63bb846bf071ecbc0a10854bf5020a7fe73d24b366be17544a93c2da665814b5541108ed902ffeaadaaeef74b597c4f85ebcc88960887dfc96e957dae159679a295ac6facef01ddd6d0c397574c5c8a6fbcf5920cd1267bb39513f940eeb9964ec4bcf6260c765eafb2142c85b2ed26ec3cb7604872737a4256476f8693ff56972500528f71c5633bf82135b9b49e3dc1ab447a530218dddd1971e39e437ae5c5b9e57a70dc998bb5b09f2ab14db048c3e2a9473127a67b46c6e4fda6979ff30881de9bef483eab882551e28220b183dbcc2d4abda560e0fc59932d82ea2c619339e9fe7a838489904c72a8d34c204c28bbf0c5baeb514497b3d6fbbc66e1cba533cccbd22bfeffa20633c81343fcadbfabcccbddf177fad61d28e7cd5fc128bd4a02a586c85162453b30128d4dc95d2d064ed2dfdae7819c3b33edc6272918736641b655d71578f8697c6f2f5a6c4cd8d4c4c95b6cc8878a7e7979fb6cbd93e0c50cebd85f6c420071ec470ac1000f6f63665ab9acb18628fc188a6b460f597da738c5a7f8621a4d69c74986ca5c9d719d39aa60b0ee8c43c6630270ebc84347ad231d40df38cb37f4e5e698233be250b54623b60b25bd7aaaece4c6cda14d20fe02250fc846ecde54afaa4b360743174216118f446d15278d9fa99288cf300a63b7608016be19a276ae9a43bfddd5d2974919ac1ad54686921ed4447149467dc27709263202d5a2cb62b5d657998a00bd2bdecd9680b91056a5d0dcca83ea1abcf0a06eeef09e497acefd7044358ad2420b6202e42b1e5ad5f02a852f07ed09d3b283347219338f430d1126c0a4bfe769ffaf4b07d7403f4ee27a4c57700278911b83c06a38893882d328da1c04bc07c3004347b9c4a0fb3c9f82ac9c1c65408fe24f6da9875f3117e363d3d79595354a2fcede2fc83b78d2d7656f1d43ff332dfce689629ec55d175dba4ecd7638004d3f3ffe674afc605bee36d541c98aa70dbb6c202c69d57f9ed77297b3f49d79d85e5aa78332893315b4264e4a9c9e782794958354a7991d58c3496e20b680eb4eee1a62a8e49b33146a3cddbea5a38fb801b9e635968b0725ccc021f4ba1d392719b820ccad599c87c9095d665a920bdf490b270c3208ee723928019e5e5fb647f7ae45dfdfece7eca841d7aca5d8c4bc3075e5977dcb6add7ed376b56b30a8fa996d6e95b6b0f7563eb988188c59f3a425d1db3a0779566306f5be49053fae455cf97548650ea6517aa0889b44c1f61a68970b992c19ec2b4f2cd075e9496b8f52b21a553b238a7505b99b0ce0090b76f085a5e398c094f531f6bfcb6a1cc407e7485351fa2933d69159270c5156fd0d29078f5ab94b6e4c92f907d54138ee1d686508d1b282d1982932c8a70d7234b2adf653199d8fe2fa6f4af0aad80e3ba1c2055671e0fb5f706b34252673fe3e0e6c3ef9ab742c80290af26019a0f668c5dbb7c51bf31135f41a839dc341eb0b3b5c197067a97bae3c32044f54a971d421e0d85f942169967e1bdba0d0de58c36da877c4f3e972638686ec01b57278600dc5ec80baee045d79a1c344c00bd9032ff3cfaf716b697c5a1c051111928d172f82f3685bf317cffc33e3b042231fec9ee5cbd865d6ae89655eeae4ce261703f17c7b8b26b776ffec55c45bd862f32d2e0297343388ba6697862c8a3fccc7730b263b8d7d33c80f777f8e4e3fcde2adef8ba7b28bdb22bc070f6b653bc86929fd5070c1540ba4880dcf4f85243a91b8c05cc61e9030f3aab4fc0d0a6e3c32cc64818c262b451652ca6fce68349a0b3c38984b67f5374e12bd3aba019b6e743b6d4e5a963497d4787e5fd034399447f414320be42ee162b00d76a2378250bbc36995f39cb2f0ec915262805edbf3219978c7643d073d3ec259b77a0c6751b9a7b1881b10b99f1c96cdc364aaa769023071c7bc122745f52a2a39c3b80edd34f01cd8149c5ccb07f14563797b7ba3ae6c502aba0f9a64d19a091445721ea1d967d44d3b9bb852be9b21b726979a96ead334676202f8f212546ebfcc89b7091bedb69b712cfae48010a5510e451699b06ba8dcf17584e68a2b167d2dc7536f7c380ad8f0f0279a718426b78806b9fdbe8382945c19ed7de7dfc72a9fb57e6da6111b82772b49c3cb68a07e8709fa7737b9bcea276fbeebea1b94b11f89d2516e131380eb9d622e7b14a40651c662f25b816474cdb55f8ff6110b6757b5857272655c793aeda6b1b2fad9403f594504957e715ff90d3a32e3d700ad632b26ea3ed36b7e2de61e029caf2d9deca070659fc803e071b694d61f3591c0337e4b9dc1c81c299cc815487be934bdd796f9f9d8705c36588c35d869443359a2de24ed87d04d388a4e2103fb4fb5d4c51640676547105c023f853ac645121db8ec1a0306f8a920f81cf0fd5f9bf622049c85900c4be1863af2985460da2cba621fe793a0effe9c355d68acb6866efa3d7ffa634c1b2dc6b166c6d613e6d3119c563cc0f1b00ffe1f82c1646dd4359b867828618ac423a2c6aab3f42a62eedcf8c6c6b1ea32dff87794a386fb618b130f5f57b50f5d9ecb43677884da82141f7b8d8edc1c58d1e53621b0f40803e04afc7bf0173b42c22287db1e9a6c77f6d64a9d8577c0f9fffd8614525095ae36cf1597c53216676ba6e6131d5c1549d9d79f880ee490fd066e86b64e694e9d9572047d029391e5fa181dcbb977f8796fe6f569f7b5bd42164fc31b8d2279cbb6b3a88ec14686f0a7b165817b6fc655073fe12c780a0f26df2b7ccbce91d1941876b860551c4378b055332f62e62779d5c9ea1369ca901914061297cd9045a64d9625edc39600011aa8abdfb24a36cfaab46c4c11c3db1058595279c98561359e09b926fd2794361762011874e3b8dc83f2153d71345f415fa4dfb18f3414dfb3ed120f60872d831fd17e0c8b3db201dea8da52bec3ed0a269fbb6af1fa090139ac26257b3d5faeed2dff239fa8d3df3e80006ae9963846d5395dd19eea030ce67de03504cd318de4276d35003c6c2a6f5648e7f9334529e8474448418870c9503b9e028a6a760571d413d646447a4a04fd2789ef84f8fe6f34f5c47d7c72c1c99f403a6e8d242ea20f4d0d5e60f97a7919eedf690019e27ec5978394081ef3e2f3e0618207c2130750e20191edd763545be5040e26e45fa24d2d5867dedf6c27ad60d40d423aec5f7c82586036d4790ff0645adb4b665d4994e6dce3bd99eca46fdabca3871aeb7c6a88e7a49fda734346e5c339f4104d571f8ef215c47fbf0e988eaadd8d7030c79aa76805f01e318a260d09a301671c2f552ee6a941b420fc0c28c4c5fadf1ac0e7f6723105d0dc22d60262f67cfd5fad0ca0c087fd8d096ab4f828dc746a6bf99be401d5c94ce1e9ef44b6f6ff0001866bcc00cbfb9de"}}, @l2cap_move_chan_rsp={{0xf, 0x20, 0x4}, {0xa8a1, 0x7}}, @l2cap_cmd_rej_unk={{0x1, 0x7f, 0x2}, {0x3f}}, @l2cap_move_chan_cfm={{0x10, 0x5, 0x4}, {0x4, 0x9}}]}}, 0x203f) [ 222.497462][ T8466] Bluetooth: hci2: command 0x0409 tx timeout 17:21:08 executing program 1: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/icmp6\x00') ioctl$CAPI_GET_MANUFACTURER(r0, 0xc0044306, &(0x7f00000000c0)=0xef8a6b6c) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r0, 0x81785501, &(0x7f0000000040)=""/69) syz_emit_vhci(0x0, 0x0) 17:21:08 executing program 2: syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}, {@fixed}}}, 0x9) 17:21:08 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x1200, 0x0)