Warning: Permanently added '10.128.0.181' (ECDSA) to the list of known hosts. 2021/02/21 18:47:46 fuzzer started 2021/02/21 18:47:47 dialing manager at 10.128.0.163:34213 2021/02/21 18:47:47 syscalls: 3542 2021/02/21 18:47:47 code coverage: enabled 2021/02/21 18:47:47 comparison tracing: enabled 2021/02/21 18:47:47 extra coverage: enabled 2021/02/21 18:47:47 setuid sandbox: enabled 2021/02/21 18:47:47 namespace sandbox: enabled 2021/02/21 18:47:47 Android sandbox: /sys/fs/selinux/policy does not exist 2021/02/21 18:47:47 fault injection: enabled 2021/02/21 18:47:47 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2021/02/21 18:47:47 net packet injection: enabled 2021/02/21 18:47:47 net device setup: enabled 2021/02/21 18:47:47 concurrency sanitizer: enabled 2021/02/21 18:47:47 devlink PCI setup: PCI device 0000:00:10.0 is not available 2021/02/21 18:47:47 USB emulation: enabled 2021/02/21 18:47:47 hci packet injection: enabled 2021/02/21 18:47:47 wifi device emulation: enabled 2021/02/21 18:47:47 802.15.4 emulation: enabled 2021/02/21 18:47:49 suppressing KCSAN reports in functions: 'xas_clear_mark' 'futex_wait_queue_me' 'blk_mq_sched_dispatch_requests' 'jbd2_journal_dirty_metadata' 'xas_find_marked' 'alloc_pid' 'ext4_mark_iloc_dirty' '__filemap_fdatawrite_range' 'wb_timer_fn' 'n_tty_receive_buf_common' 'ext4_mb_regular_allocator' 'jbd2_journal_commit_transaction' '__xa_clear_mark' 'expire_timers' '_prb_read_valid' 'ext4_fc_commit' 'blk_mq_dispatch_rq_list' 'pcpu_alloc' '__ext4_handle_dirty_metadata' 'blk_mq_rq_ctx_init' 'generic_write_end' 'dd_has_work' '__ext4_new_inode' 2021/02/21 18:47:49 fetching corpus: 0, signal 0/2000 (executing program) 2021/02/21 18:47:49 fetching corpus: 46, signal 19148/22893 (executing program) 2021/02/21 18:47:49 fetching corpus: 95, signal 29176/34572 (executing program) 2021/02/21 18:47:49 fetching corpus: 144, signal 41287/48140 (executing program) 2021/02/21 18:47:49 fetching corpus: 193, signal 48196/56531 (executing program) 2021/02/21 18:47:49 fetching corpus: 243, signal 56496/66176 (executing program) 2021/02/21 18:47:49 fetching corpus: 293, signal 61382/72408 (executing program) 2021/02/21 18:47:49 fetching corpus: 343, signal 67810/80052 (executing program) 2021/02/21 18:47:49 fetching corpus: 393, signal 72161/85656 (executing program) 2021/02/21 18:47:49 fetching corpus: 443, signal 74930/89705 (executing program) 2021/02/21 18:47:49 fetching corpus: 493, signal 81109/96899 (executing program) 2021/02/21 18:47:49 fetching corpus: 542, signal 85494/102321 (executing program) 2021/02/21 18:47:49 fetching corpus: 591, signal 88697/106640 (executing program) 2021/02/21 18:47:50 fetching corpus: 641, signal 93735/112533 (executing program) 2021/02/21 18:47:50 fetching corpus: 691, signal 96599/116508 (executing program) 2021/02/21 18:47:50 fetching corpus: 741, signal 99240/120158 (executing program) 2021/02/21 18:47:50 fetching corpus: 791, signal 102750/124547 (executing program) 2021/02/21 18:47:50 fetching corpus: 841, signal 106270/128906 (executing program) 2021/02/21 18:47:50 fetching corpus: 891, signal 108809/132363 (executing program) 2021/02/21 18:47:50 fetching corpus: 941, signal 111302/135746 (executing program) 2021/02/21 18:47:50 fetching corpus: 990, signal 113712/139015 (executing program) 2021/02/21 18:47:50 fetching corpus: 1040, signal 116343/142451 (executing program) 2021/02/21 18:47:50 fetching corpus: 1090, signal 117837/144958 (executing program) 2021/02/21 18:47:50 fetching corpus: 1139, signal 120871/148621 (executing program) 2021/02/21 18:47:50 fetching corpus: 1189, signal 123190/151657 (executing program) 2021/02/21 18:47:51 fetching corpus: 1239, signal 125417/154636 (executing program) 2021/02/21 18:47:51 fetching corpus: 1289, signal 127388/157363 (executing program) 2021/02/21 18:47:51 fetching corpus: 1339, signal 130399/160910 (executing program) 2021/02/21 18:47:51 fetching corpus: 1389, signal 132362/163568 (executing program) 2021/02/21 18:47:51 fetching corpus: 1439, signal 134477/166295 (executing program) 2021/02/21 18:47:51 fetching corpus: 1489, signal 136719/169111 (executing program) 2021/02/21 18:47:51 fetching corpus: 1539, signal 139073/171988 (executing program) 2021/02/21 18:47:51 fetching corpus: 1589, signal 140575/174172 (executing program) 2021/02/21 18:47:51 fetching corpus: 1639, signal 142347/176534 (executing program) 2021/02/21 18:47:51 fetching corpus: 1689, signal 144217/178985 (executing program) 2021/02/21 18:47:51 fetching corpus: 1739, signal 145755/181161 (executing program) 2021/02/21 18:47:51 fetching corpus: 1789, signal 147131/183168 (executing program) 2021/02/21 18:47:51 fetching corpus: 1839, signal 148645/185222 (executing program) 2021/02/21 18:47:52 fetching corpus: 1889, signal 151665/188408 (executing program) 2021/02/21 18:47:52 fetching corpus: 1939, signal 153930/191047 (executing program) 2021/02/21 18:47:52 fetching corpus: 1989, signal 156100/193553 (executing program) 2021/02/21 18:47:52 fetching corpus: 2039, signal 157581/195540 (executing program) 2021/02/21 18:47:52 fetching corpus: 2089, signal 158819/197295 (executing program) 2021/02/21 18:47:52 fetching corpus: 2139, signal 160749/199452 (executing program) 2021/02/21 18:47:52 fetching corpus: 2189, signal 162450/201554 (executing program) 2021/02/21 18:47:52 fetching corpus: 2238, signal 163617/203233 (executing program) 2021/02/21 18:47:52 fetching corpus: 2288, signal 165013/205004 (executing program) 2021/02/21 18:47:52 fetching corpus: 2337, signal 166208/206638 (executing program) 2021/02/21 18:47:52 fetching corpus: 2386, signal 167847/208590 (executing program) 2021/02/21 18:47:52 fetching corpus: 2436, signal 168887/210122 (executing program) 2021/02/21 18:47:53 fetching corpus: 2484, signal 170810/212200 (executing program) 2021/02/21 18:47:53 fetching corpus: 2534, signal 172407/214033 (executing program) 2021/02/21 18:47:53 fetching corpus: 2584, signal 173354/215425 (executing program) 2021/02/21 18:47:53 fetching corpus: 2634, signal 174902/217166 (executing program) 2021/02/21 18:47:53 fetching corpus: 2684, signal 176666/219020 (executing program) 2021/02/21 18:47:53 fetching corpus: 2734, signal 178140/220660 (executing program) 2021/02/21 18:47:53 fetching corpus: 2784, signal 178880/221913 (executing program) 2021/02/21 18:47:53 fetching corpus: 2834, signal 180020/223367 (executing program) 2021/02/21 18:47:53 fetching corpus: 2884, signal 181167/224756 (executing program) 2021/02/21 18:47:53 fetching corpus: 2934, signal 182138/226091 (executing program) 2021/02/21 18:47:53 fetching corpus: 2984, signal 183161/227382 (executing program) 2021/02/21 18:47:53 fetching corpus: 3034, signal 184903/229075 (executing program) 2021/02/21 18:47:53 fetching corpus: 3084, signal 186041/230411 (executing program) 2021/02/21 18:47:53 fetching corpus: 3134, signal 186903/231575 (executing program) 2021/02/21 18:47:54 fetching corpus: 3182, signal 187838/232781 (executing program) 2021/02/21 18:47:54 fetching corpus: 3232, signal 188710/233997 (executing program) 2021/02/21 18:47:54 fetching corpus: 3282, signal 190065/235384 (executing program) 2021/02/21 18:47:54 fetching corpus: 3332, signal 191260/236737 (executing program) 2021/02/21 18:47:54 fetching corpus: 3381, signal 192331/238009 (executing program) 2021/02/21 18:47:54 fetching corpus: 3431, signal 193480/239269 (executing program) 2021/02/21 18:47:54 fetching corpus: 3481, signal 194486/240453 (executing program) 2021/02/21 18:47:54 fetching corpus: 3531, signal 195343/241490 (executing program) 2021/02/21 18:47:54 fetching corpus: 3580, signal 196723/242830 (executing program) 2021/02/21 18:47:54 fetching corpus: 3630, signal 198031/244116 (executing program) 2021/02/21 18:47:55 fetching corpus: 3680, signal 199819/245579 (executing program) 2021/02/21 18:47:55 fetching corpus: 3729, signal 200653/246558 (executing program) 2021/02/21 18:47:55 fetching corpus: 3779, signal 202174/247891 (executing program) 2021/02/21 18:47:55 fetching corpus: 3829, signal 203304/249022 (executing program) 2021/02/21 18:47:55 fetching corpus: 3879, signal 204192/250012 (executing program) 2021/02/21 18:47:55 fetching corpus: 3929, signal 204906/250897 (executing program) 2021/02/21 18:47:55 fetching corpus: 3979, signal 205588/251778 (executing program) 2021/02/21 18:47:55 fetching corpus: 4029, signal 206493/252785 (executing program) 2021/02/21 18:47:55 fetching corpus: 4078, signal 207361/253734 (executing program) 2021/02/21 18:47:55 fetching corpus: 4127, signal 208195/254652 (executing program) 2021/02/21 18:47:55 fetching corpus: 4176, signal 208865/255483 (executing program) 2021/02/21 18:47:55 fetching corpus: 4226, signal 209652/256350 (executing program) 2021/02/21 18:47:55 fetching corpus: 4276, signal 210430/257165 (executing program) 2021/02/21 18:47:55 fetching corpus: 4326, signal 211084/257948 (executing program) 2021/02/21 18:47:56 fetching corpus: 4376, signal 212403/258995 (executing program) 2021/02/21 18:47:56 fetching corpus: 4426, signal 213083/259808 (executing program) 2021/02/21 18:47:56 fetching corpus: 4476, signal 213826/260570 (executing program) 2021/02/21 18:47:56 fetching corpus: 4526, signal 214524/261350 (executing program) 2021/02/21 18:47:56 fetching corpus: 4575, signal 216301/262466 (executing program) 2021/02/21 18:47:56 fetching corpus: 4625, signal 217683/263436 (executing program) 2021/02/21 18:47:56 fetching corpus: 4675, signal 218409/264191 (executing program) 2021/02/21 18:47:56 fetching corpus: 4725, signal 219398/264999 (executing program) 2021/02/21 18:47:56 fetching corpus: 4772, signal 220300/265787 (executing program) 2021/02/21 18:47:56 fetching corpus: 4820, signal 222096/266808 (executing program) 2021/02/21 18:47:57 fetching corpus: 4869, signal 223150/267584 (executing program) 2021/02/21 18:47:57 fetching corpus: 4916, signal 224148/268368 (executing program) 2021/02/21 18:47:57 fetching corpus: 4966, signal 224932/269027 (executing program) 2021/02/21 18:47:57 fetching corpus: 5016, signal 225559/269651 (executing program) 2021/02/21 18:47:57 fetching corpus: 5066, signal 226582/270368 (executing program) 2021/02/21 18:47:57 fetching corpus: 5115, signal 227646/271098 (executing program) 2021/02/21 18:47:57 fetching corpus: 5165, signal 228289/271676 (executing program) 2021/02/21 18:47:57 fetching corpus: 5215, signal 229280/272347 (executing program) 2021/02/21 18:47:57 fetching corpus: 5265, signal 229789/272921 (executing program) 2021/02/21 18:47:57 fetching corpus: 5315, signal 230909/273611 (executing program) 2021/02/21 18:47:57 fetching corpus: 5364, signal 231458/274125 (executing program) 2021/02/21 18:47:57 fetching corpus: 5414, signal 232378/274753 (executing program) 2021/02/21 18:47:57 fetching corpus: 5464, signal 233146/275283 (executing program) 2021/02/21 18:47:57 fetching corpus: 5514, signal 234074/275888 (executing program) 2021/02/21 18:47:57 fetching corpus: 5564, signal 234644/276389 (executing program) 2021/02/21 18:47:58 fetching corpus: 5614, signal 235598/276969 (executing program) 2021/02/21 18:47:58 fetching corpus: 5664, signal 236407/277519 (executing program) 2021/02/21 18:47:58 fetching corpus: 5714, signal 237297/278061 (executing program) 2021/02/21 18:47:58 fetching corpus: 5764, signal 238046/278548 (executing program) 2021/02/21 18:47:58 fetching corpus: 5814, signal 238753/278996 (executing program) 2021/02/21 18:47:58 fetching corpus: 5864, signal 239582/279478 (executing program) 2021/02/21 18:47:58 fetching corpus: 5913, signal 240234/279949 (executing program) 2021/02/21 18:47:58 fetching corpus: 5963, signal 241125/280491 (executing program) 2021/02/21 18:47:58 fetching corpus: 6013, signal 241903/280932 (executing program) 2021/02/21 18:47:58 fetching corpus: 6063, signal 242478/281313 (executing program) 2021/02/21 18:47:59 fetching corpus: 6113, signal 243122/281727 (executing program) 2021/02/21 18:47:59 fetching corpus: 6161, signal 243717/282136 (executing program) 2021/02/21 18:47:59 fetching corpus: 6210, signal 245638/282694 (executing program) 2021/02/21 18:47:59 fetching corpus: 6260, signal 246618/283105 (executing program) 2021/02/21 18:47:59 fetching corpus: 6310, signal 247514/283525 (executing program) 2021/02/21 18:47:59 fetching corpus: 6359, signal 248135/283883 (executing program) 2021/02/21 18:47:59 fetching corpus: 6409, signal 248868/284208 (executing program) 2021/02/21 18:47:59 fetching corpus: 6459, signal 249214/284478 (executing program) 2021/02/21 18:47:59 fetching corpus: 6509, signal 249952/284831 (executing program) 2021/02/21 18:47:59 fetching corpus: 6559, signal 250714/285180 (executing program) 2021/02/21 18:47:59 fetching corpus: 6609, signal 251486/285501 (executing program) 2021/02/21 18:48:00 fetching corpus: 6659, signal 252511/285821 (executing program) 2021/02/21 18:48:00 fetching corpus: 6709, signal 253190/286114 (executing program) 2021/02/21 18:48:00 fetching corpus: 6759, signal 253949/286391 (executing program) 2021/02/21 18:48:00 fetching corpus: 6808, signal 254481/286659 (executing program) 2021/02/21 18:48:00 fetching corpus: 6858, signal 255223/286917 (executing program) 2021/02/21 18:48:00 fetching corpus: 6908, signal 255960/287167 (executing program) 2021/02/21 18:48:00 fetching corpus: 6957, signal 256734/287424 (executing program) 2021/02/21 18:48:00 fetching corpus: 7007, signal 257512/287651 (executing program) 2021/02/21 18:48:00 fetching corpus: 7057, signal 258061/287851 (executing program) 2021/02/21 18:48:00 fetching corpus: 7107, signal 258606/288086 (executing program) 2021/02/21 18:48:00 fetching corpus: 7157, signal 259091/288091 (executing program) 2021/02/21 18:48:00 fetching corpus: 7206, signal 259737/288091 (executing program) 2021/02/21 18:48:00 fetching corpus: 7256, signal 260251/288091 (executing program) 2021/02/21 18:48:00 fetching corpus: 7306, signal 260640/288091 (executing program) 2021/02/21 18:48:01 fetching corpus: 7356, signal 261379/288091 (executing program) 2021/02/21 18:48:01 fetching corpus: 7404, signal 261994/288092 (executing program) 2021/02/21 18:48:01 fetching corpus: 7454, signal 262505/288092 (executing program) 2021/02/21 18:48:01 fetching corpus: 7504, signal 263323/288092 (executing program) 2021/02/21 18:48:01 fetching corpus: 7554, signal 264045/288092 (executing program) 2021/02/21 18:48:01 fetching corpus: 7604, signal 264514/288092 (executing program) 2021/02/21 18:48:01 fetching corpus: 7654, signal 264955/288143 (executing program) 2021/02/21 18:48:01 fetching corpus: 7704, signal 265435/288145 (executing program) 2021/02/21 18:48:01 fetching corpus: 7754, signal 265981/288145 (executing program) 2021/02/21 18:48:01 fetching corpus: 7803, signal 266527/288145 (executing program) 2021/02/21 18:48:01 fetching corpus: 7852, signal 266993/288145 (executing program) 2021/02/21 18:48:01 fetching corpus: 7902, signal 267487/288145 (executing program) 2021/02/21 18:48:01 fetching corpus: 7952, signal 268191/288160 (executing program) 2021/02/21 18:48:02 fetching corpus: 8002, signal 268828/288160 (executing program) 2021/02/21 18:48:02 fetching corpus: 8052, signal 269436/288160 (executing program) 2021/02/21 18:48:02 fetching corpus: 8102, signal 270123/288160 (executing program) 2021/02/21 18:48:02 fetching corpus: 8152, signal 270865/288160 (executing program) 2021/02/21 18:48:02 fetching corpus: 8202, signal 271291/288160 (executing program) 2021/02/21 18:48:02 fetching corpus: 8252, signal 271945/288160 (executing program) 2021/02/21 18:48:02 fetching corpus: 8302, signal 272612/288184 (executing program) 2021/02/21 18:48:02 fetching corpus: 8352, signal 273062/288184 (executing program) 2021/02/21 18:48:02 fetching corpus: 8402, signal 273613/288184 (executing program) 2021/02/21 18:48:02 fetching corpus: 8451, signal 274018/288188 (executing program) 2021/02/21 18:48:02 fetching corpus: 8501, signal 274707/288198 (executing program) 2021/02/21 18:48:02 fetching corpus: 8550, signal 275477/288201 (executing program) 2021/02/21 18:48:02 fetching corpus: 8598, signal 276375/288206 (executing program) 2021/02/21 18:48:02 fetching corpus: 8648, signal 277033/288206 (executing program) 2021/02/21 18:48:03 fetching corpus: 8698, signal 277534/288209 (executing program) 2021/02/21 18:48:03 fetching corpus: 8747, signal 278063/288230 (executing program) 2021/02/21 18:48:03 fetching corpus: 8796, signal 278584/288230 (executing program) 2021/02/21 18:48:03 fetching corpus: 8844, signal 279010/288237 (executing program) 2021/02/21 18:48:03 fetching corpus: 8893, signal 279626/288237 (executing program) 2021/02/21 18:48:03 fetching corpus: 8943, signal 280234/288237 (executing program) 2021/02/21 18:48:03 fetching corpus: 8993, signal 280749/288237 (executing program) 2021/02/21 18:48:03 fetching corpus: 9043, signal 281497/288242 (executing program) 2021/02/21 18:48:03 fetching corpus: 9090, signal 282024/288242 (executing program) 2021/02/21 18:48:03 fetching corpus: 9139, signal 282273/288242 (executing program) 2021/02/21 18:48:03 fetching corpus: 9189, signal 282792/288242 (executing program) 2021/02/21 18:48:03 fetching corpus: 9239, signal 283341/288242 (executing program) 2021/02/21 18:48:03 fetching corpus: 9289, signal 283779/288249 (executing program) 2021/02/21 18:48:03 fetching corpus: 9338, signal 284636/288249 (executing program) 2021/02/21 18:48:03 fetching corpus: 9388, signal 285151/288270 (executing program) 2021/02/21 18:48:03 fetching corpus: 9412, signal 285310/288270 (executing program) 2021/02/21 18:48:03 fetching corpus: 9412, signal 285310/288270 (executing program) 2021/02/21 18:48:05 starting 6 fuzzer processes 18:48:05 executing program 0: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nvram\x00', 0x0, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, 0x0) ioctl$RTC_SET_TIME(r0, 0x7041, 0xfffffffffffffffe) 18:48:06 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8dd0f0f6300bfc7442402c43a727fc7442406000000000f011424f30f090f013a360f0666b8c0008ec066baa100ed", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, &(0x7f0000000080)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x4cb]}) perf_event_open(&(0x7f00000005c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, 0x0, 0x10, &(0x7f00000000c0)={0x5}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='ns\x00') ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000380)={"01a0e43f7b78288aceb27138251f841b2d07bad22dfa6d0ff0476f0cc9d0d4bba900080000415cbacba7de89ca203a4bb4e1509f20db041424110214e7b5602621e6e0a1e04e6e8a9f44d22945b5e002f9f3c9ff397c588841bf161c3b634808905a8615a1cf2c451dac143266bb4558a1b4e2a44321b14deb4f4670b0e90711569c5f1ad6265ae9d8bfe7bf01efccd4a2df8beb0699b7513bb2c933328e92e63cb0ab62948e5aba142509ed8dedde95b1735dbf671bd50ddce94236dc828b992c905c413a159573de26894c1b9e927e6142fb23731c9522cc0c15797534c69e6292f9bbc77a6d97ee1d77f4f07de17ece7304414ded690e20b1d092c30399b86f878f60294ac9bd72c634b7dfb68b52638608bb4ef448f9a7470cfeddc0b5e5faa8b0c7a392ed99aa70994d596713e4efd5316d80f4008863de66476823c440a98901273ef33614bf6e719ea0053d86024c16fdd4a2e997601112114f1a397485a379a1a48576f990b10c0f862aeb19105fad5376adffa0aba70120e9f329ba61388eeb0f711bb7b558c4c8f598688bd9889d44423eb8495f772638f8b3f0828c81221b558f758136bd6ee4b0a0ba42cb6fb5626f80a7ffe263b72b8867a4a25c0a2b6db21b442ae52b710e0024e62267d30a1662d6089221d72fea9d76b4ebe4be663c71f04d872a9c7db18c99a67f736647e2691570e9cd4f8e96a88e542194fb84255e71a90deee6cc21b2d8286274d7b4224565f9aedc5b676b15e7cbf595c71857f95f97966de0bb7e58c84358e7746e9cd0d0a3a0afb779c8af814b67fe35d0a4fabf698fbe1033da70786d9963efaad98b6cf5d7f8feeae9c62bd4eff83b713681f0cff051333e0c7f5e0b80e4916d49755f2f833d3b184d6c40f693f89929cd8dc162e0f14ac8dd24fd183abd7620444c36920197563912368037ad5e02ce52254437ac125eb1a39080f5b099a8bd85645e1fd0074b5e3d10f5be6757fdd570a7c7215ce287a6d9dc5552f3e8cdbb1475c472e18900029768eafda60a27d5f9e33679e81e0dddc9a2efb166b418f1f5cf582cfe338c310b0b46adcc8961f335c1fec7e3468cb7aa6bb66b3e64cbd706b1f89e3a7a2f20e2b625b74eecc0f353b5c4d73ba900ce830038b4d70a0f3d4d1e98c1298f28a736ebefb661e6db64eb7e4f9f17a5f1046632bda2fd3890f8d33eb22ff11e1f397e802dea33cd1bce6165ddd07cdfb44ddf31c0d21cfbf65832a56edf54c256564be934440629955910dc63f8d9f4d78872b47f25e5682a06aac18e49c5bf57923000e83ec2c4be9e5f38824a517009f5d918730739fa74ffa2f50edb98bd257000bdcaf57a541349620bda57af821305e568fc0ecec604514c1da768cc03e4a790cc0510b42c77b9ca75d72ea76c17379c7f00"}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_bp={&(0x7f00000001c0), 0xc}, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x80000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000100)=0x1) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, 0x0) r3 = getpgrp(0x0) syz_open_procfs(r3, &(0x7f0000000200)='net/tcp\x00') ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:48:06 executing program 2: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/seq\x00', 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) writev(r0, &(0x7f0000000180)=[{&(0x7f0000000100)="390000001300034700bb65e1c3e4ffff06000000010000004500000025", 0x1d}], 0x1) socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) bind$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14) 18:48:06 executing program 3: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) r1 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000}}, r1, 0x0, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0x2007fff) sendfile(r0, r0, 0x0, 0x8080fffffffe) openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) r3 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r4, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f0000000280)={0xa, 0x100000004e22, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x152) setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x303}, '\x00', '\x00', "20040100"}, 0x28) sendfile(r5, r3, 0x0, 0x800100020001) 18:48:06 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3280, &(0x7f0000000040), &(0x7f0000ee4000/0x4000)=nil, &(0x7f00006d7000/0x2000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000180)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000001500)={&(0x7f0000000240)=@x25={0x9, @remote}, 0x80, 0x0, 0x0, &(0x7f00000014c0)=""/43, 0x2b}}, 0x0) io_uring_enter(r0, 0x450c, 0x0, 0x0, 0x0, 0x0) 18:48:06 executing program 5: r0 = socket$inet6(0xa, 0x5, 0x0) getsockopt$bt_hci(r0, 0x84, 0x80, &(0x7f0000000080)=""/4096, &(0x7f0000000000)=0x1000) syzkaller login: [ 50.677885][ T8411] IPVS: ftp: loaded support on port[0] = 21 [ 50.749806][ T8411] chnl_net:caif_netlink_parms(): no params data found [ 50.776628][ T8411] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.783804][ T8411] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.791521][ T8411] device bridge_slave_0 entered promiscuous mode [ 50.799223][ T8411] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.807614][ T8411] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.820331][ T8411] device bridge_slave_1 entered promiscuous mode [ 50.832077][ T8413] IPVS: ftp: loaded support on port[0] = 21 [ 50.849492][ T8411] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 50.859859][ T8411] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 50.877542][ T8411] team0: Port device team_slave_0 added [ 50.889080][ T8411] team0: Port device team_slave_1 added [ 50.916002][ T8411] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 50.922967][ T8411] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 50.949211][ T8411] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 50.980012][ T8411] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 50.990219][ T8411] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.016669][ T8411] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 51.031379][ T8415] IPVS: ftp: loaded support on port[0] = 21 [ 51.059478][ T8413] chnl_net:caif_netlink_parms(): no params data found [ 51.075917][ T8411] device hsr_slave_0 entered promiscuous mode [ 51.082515][ T8411] device hsr_slave_1 entered promiscuous mode [ 51.169835][ T8413] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.177259][ T8413] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.184776][ T8413] device bridge_slave_0 entered promiscuous mode [ 51.196179][ T8417] IPVS: ftp: loaded support on port[0] = 21 [ 51.204117][ T8413] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.212132][ T8413] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.219651][ T8413] device bridge_slave_1 entered promiscuous mode [ 51.257433][ T8415] chnl_net:caif_netlink_parms(): no params data found [ 51.284886][ T8413] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 51.304679][ T8411] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 51.323304][ T8413] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 51.336378][ T8411] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 51.363097][ T8419] IPVS: ftp: loaded support on port[0] = 21 [ 51.371069][ T8411] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 51.380203][ T8411] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 51.408163][ T8413] team0: Port device team_slave_0 added [ 51.416365][ T8413] team0: Port device team_slave_1 added [ 51.430128][ T8415] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.443229][ T8415] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.451493][ T8415] device bridge_slave_0 entered promiscuous mode [ 51.483067][ T8415] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.491724][ T8421] IPVS: ftp: loaded support on port[0] = 21 [ 51.507502][ T8415] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.515073][ T8415] device bridge_slave_1 entered promiscuous mode [ 51.523126][ T8411] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.530212][ T8411] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.537581][ T8411] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.544777][ T8411] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.562583][ T8417] chnl_net:caif_netlink_parms(): no params data found [ 51.587816][ T8413] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 51.599599][ T8413] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.626391][ T8413] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 51.648427][ T8413] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 51.655513][ T8413] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.681728][ T8413] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 51.698612][ T8415] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 51.729851][ T8417] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.737407][ T8417] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.745146][ T8417] device bridge_slave_0 entered promiscuous mode [ 51.753520][ T8417] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.761162][ T8417] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.768702][ T8417] device bridge_slave_1 entered promiscuous mode [ 51.776081][ T8415] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 51.797654][ T4859] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.805824][ T4859] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.832278][ T8413] device hsr_slave_0 entered promiscuous mode [ 51.842129][ T8413] device hsr_slave_1 entered promiscuous mode [ 51.848898][ T8413] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 51.856718][ T8413] Cannot create hsr debugfs directory [ 51.867415][ T8417] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 51.880524][ T8417] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 51.909294][ T8419] chnl_net:caif_netlink_parms(): no params data found [ 51.924272][ T8415] team0: Port device team_slave_0 added [ 51.938444][ T8417] team0: Port device team_slave_0 added [ 51.959226][ T8411] 8021q: adding VLAN 0 to HW filter on device bond0 [ 51.970382][ T8415] team0: Port device team_slave_1 added [ 51.976596][ T8417] team0: Port device team_slave_1 added [ 52.009629][ T8415] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 52.018816][ T8415] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.046814][ T8415] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 52.058321][ T8417] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 52.065294][ T8417] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.091636][ T8417] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 52.104651][ T8417] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 52.111677][ T8417] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.137885][ T8417] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 52.157345][ T8415] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 52.164292][ T8415] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.190476][ T8415] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 52.203841][ T8421] chnl_net:caif_netlink_parms(): no params data found [ 52.215958][ T8411] 8021q: adding VLAN 0 to HW filter on device team0 [ 52.224081][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 52.231633][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 52.258941][ T8417] device hsr_slave_0 entered promiscuous mode [ 52.266098][ T8417] device hsr_slave_1 entered promiscuous mode [ 52.272348][ T8417] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 52.280003][ T8417] Cannot create hsr debugfs directory [ 52.288581][ T8419] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.296349][ T8419] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.303855][ T8419] device bridge_slave_0 entered promiscuous mode [ 52.312642][ T8419] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.320292][ T8419] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.328058][ T8419] device bridge_slave_1 entered promiscuous mode [ 52.346484][ T8419] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.378859][ T3847] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 52.387295][ T3847] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 52.396243][ T3847] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.403362][ T3847] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.411759][ T3847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 52.420592][ T3847] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 52.429076][ T3847] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.436228][ T3847] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.444569][ T8419] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.455892][ T8415] device hsr_slave_0 entered promiscuous mode [ 52.462317][ T8415] device hsr_slave_1 entered promiscuous mode [ 52.468864][ T8415] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 52.476720][ T8415] Cannot create hsr debugfs directory [ 52.501220][ T8421] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.508965][ T8421] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.516554][ T8421] device bridge_slave_0 entered promiscuous mode [ 52.524041][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 52.532788][ T3753] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 52.550978][ T8419] team0: Port device team_slave_0 added [ 52.564473][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 52.574574][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 52.584540][ T8421] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.591679][ T8421] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.599525][ T8421] device bridge_slave_1 entered promiscuous mode [ 52.609175][ T8419] team0: Port device team_slave_1 added [ 52.617442][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 52.625444][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 52.633667][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 52.662988][ T8413] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 52.688183][ T8419] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 52.695251][ T8419] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.721511][ T8419] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 52.721952][ T4859] Bluetooth: hci0: command 0x0409 tx timeout [ 52.737293][ T8411] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 52.749581][ T8411] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 52.761849][ T8421] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.771720][ T8413] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 52.783751][ T8419] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 52.790754][ T8419] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.816783][ T8419] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 52.828197][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 52.836600][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 52.846002][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 52.854795][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 52.863169][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 52.872971][ T8421] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.882726][ T8413] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 52.889577][ T54] Bluetooth: hci1: command 0x0409 tx timeout [ 52.904055][ T8417] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 52.913148][ T8417] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 52.930459][ T8413] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 52.952794][ T8417] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 52.962194][ T8421] team0: Port device team_slave_0 added [ 52.977422][ T8419] device hsr_slave_0 entered promiscuous mode [ 52.983896][ T8419] device hsr_slave_1 entered promiscuous mode [ 52.990422][ T8419] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 52.998033][ T8419] Cannot create hsr debugfs directory [ 53.003573][ T8417] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 53.012613][ T8421] team0: Port device team_slave_1 added [ 53.027425][ T8421] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.034368][ T8421] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.060364][ T8421] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.066746][ T3753] Bluetooth: hci2: command 0x0409 tx timeout [ 53.098060][ T8415] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 53.117845][ T8421] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.124860][ T8421] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.151125][ T8421] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.169944][ T9150] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 53.177418][ T9150] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 53.184992][ T8415] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 53.204550][ T9644] Bluetooth: hci3: command 0x0409 tx timeout [ 53.212493][ T8411] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 53.228585][ T8421] device hsr_slave_0 entered promiscuous mode [ 53.235136][ T8421] device hsr_slave_1 entered promiscuous mode [ 53.241534][ T8421] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 53.249245][ T8421] Cannot create hsr debugfs directory [ 53.266184][ T8415] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 53.278337][ T8415] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 53.309116][ T8419] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 53.343562][ T9150] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 53.352174][ T9150] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 53.361004][ T8419] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 53.367834][ T9150] Bluetooth: hci4: command 0x0409 tx timeout [ 53.378039][ T8419] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 53.390346][ T8411] device veth0_vlan entered promiscuous mode [ 53.413893][ T8417] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.420919][ T3847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 53.430181][ T3847] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 53.438825][ T8419] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 53.461503][ T8413] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.470772][ T8411] device veth1_vlan entered promiscuous mode [ 53.484561][ T8417] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.491875][ T3847] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 53.499893][ T3847] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 53.507993][ T3847] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 53.516106][ T3847] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 53.523904][ T3847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 53.524445][ T9150] Bluetooth: hci5: command 0x0409 tx timeout [ 53.532505][ T3847] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 53.548531][ T8421] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 53.559543][ T8421] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 53.580656][ T8411] device veth0_macvtap entered promiscuous mode [ 53.590532][ T8421] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 53.599784][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 53.608563][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 53.617017][ T9696] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.624070][ T9696] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.631661][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 53.640136][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 53.648419][ T9696] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.655518][ T9696] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.663347][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 53.671884][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 53.693923][ T8413] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.700857][ T8421] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 53.713392][ T8415] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.720486][ T9150] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 53.728338][ T9150] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 53.736363][ T9150] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 53.744917][ T9150] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 53.753378][ T9150] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 53.761967][ T9150] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 53.770604][ T9150] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 53.778276][ T9150] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 53.785857][ T9150] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 53.794106][ T9150] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 53.803191][ T9150] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 53.814496][ T8411] device veth1_macvtap entered promiscuous mode [ 53.830912][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 53.839054][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 53.847574][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 53.856382][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 53.865266][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 53.873429][ T9644] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.880458][ T9644] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.888199][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 53.896766][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 53.905096][ T9644] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.912147][ T9644] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.919923][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 53.929493][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 53.946414][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 53.955399][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 53.963842][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 53.972816][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 53.981941][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 53.990705][ T9150] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 54.017546][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 54.027008][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 54.035502][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 54.043717][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 54.053770][ T8417] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 54.066232][ T8415] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.074426][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 54.081999][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.090901][ T8411] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.101659][ T8411] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.116750][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 54.125909][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 54.134788][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 54.143062][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 54.151932][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 54.160535][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 54.173510][ T8411] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.182633][ T8411] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.192833][ T8411] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.202162][ T8411] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.216522][ T8413] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 54.234387][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 54.242720][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 54.251435][ T9644] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.258498][ T9644] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.266406][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 54.274950][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 54.283256][ T9644] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.290324][ T9644] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.298281][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 54.307014][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 54.316082][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 54.339640][ T3847] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 54.348232][ T3847] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 54.360031][ T8419] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.377868][ T8417] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.387128][ T9150] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 54.395516][ T9150] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 54.402862][ T9150] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 54.411945][ T9150] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 54.420903][ T9150] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 54.430002][ T8413] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.442169][ T8419] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.456181][ T8421] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.474326][ T3847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 54.481846][ T3847] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.505836][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 54.514694][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 54.522881][ T9061] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.530026][ T9061] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.537959][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 54.546395][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 54.554845][ T9061] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.561864][ T9061] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.570249][ T9472] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 54.589855][ T9472] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 54.598549][ T9472] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 54.617454][ T24] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.632978][ T8417] device veth0_vlan entered promiscuous mode [ 54.635104][ T24] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.647164][ T8417] device veth1_vlan entered promiscuous mode [ 54.666917][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 54.677269][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 54.687040][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 54.694976][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 54.703346][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 54.713251][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 54.721655][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 54.731236][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 54.739482][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 54.749534][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 54.757286][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.766016][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 54.774816][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 54.783172][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 54.792729][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 54.802818][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 54.810163][ T9644] Bluetooth: hci0: command 0x041b tx timeout [ 54.812164][ T9061] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 54.828994][ T8421] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.839982][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 54.848325][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 54.857490][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 54.866201][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 54.875065][ T9696] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.882151][ T9696] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.890339][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 54.902670][ T8413] device veth0_vlan entered promiscuous mode [ 54.910434][ T8] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.916328][ T8413] device veth1_vlan entered promiscuous mode [ 54.924207][ T8] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.938485][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 54.946425][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 54.956885][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 54.965036][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 54.972594][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 54.982461][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 54.990908][ T9696] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.997955][ T9696] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.006934][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 55.015483][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 55.023982][ T9696] Bluetooth: hci1: command 0x041b tx timeout [ 55.052961][ T8419] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network 18:48:11 executing program 0: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nvram\x00', 0x0, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, 0x0) ioctl$RTC_SET_TIME(r0, 0x7041, 0xfffffffffffffffe) [ 55.068071][ T8419] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 55.089044][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 55.098394][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 55.114218][ T3847] Bluetooth: hci2: command 0x041b tx timeout [ 55.120208][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 55.130684][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 55.138765][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 55.149274][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 18:48:11 executing program 0: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nvram\x00', 0x0, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, 0x0) ioctl$RTC_SET_TIME(r0, 0x7041, 0xfffffffffffffffe) [ 55.165090][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 55.173449][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 55.192705][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 55.202189][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 55.211686][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready 18:48:11 executing program 0: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nvram\x00', 0x0, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, 0x0) ioctl$RTC_SET_TIME(r0, 0x7041, 0xfffffffffffffffe) [ 55.225193][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 55.235631][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 55.243898][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 55.253636][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 55.262853][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready 18:48:11 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x500a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x4000000000001eb, 0x4000884) syz_80211_inject_frame(0x0, 0x0, 0x1c) r1 = getpid() r2 = pidfd_open(r1, 0x0) r3 = getpid() r4 = pidfd_open(r3, 0x0) r5 = pidfd_getfd(r4, r2, 0x0) setns(r5, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)) [ 55.271711][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 55.274162][ T3847] Bluetooth: hci3: command 0x041b tx timeout [ 55.283883][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 55.294516][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 55.302004][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 55.312083][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 55.320796][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 55.333158][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 55.343389][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 55.356448][ T8413] device veth0_macvtap entered promiscuous mode [ 55.374158][ T8415] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.390901][ T8421] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 55.406528][ T8421] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 55.423674][ T8413] device veth1_macvtap entered promiscuous mode [ 55.434924][ T3847] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 55.442802][ T3847] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 55.445151][ T9722] Bluetooth: hci4: command 0x041b tx timeout [ 55.464741][ T3847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 55.473013][ T3847] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 55.481875][ T3847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 55.490599][ T3847] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 55.505525][ T8417] device veth0_macvtap entered promiscuous mode [ 55.516005][ T8417] device veth1_macvtap entered promiscuous mode [ 55.554805][ T8419] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.564616][ T8413] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 55.578590][ T8413] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 55.582208][ T9756] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 55.589798][ T8413] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.605851][ T19] Bluetooth: hci5: command 0x041b tx timeout [ 55.612378][ T8417] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 55.623298][ T8417] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 55.633260][ T8417] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 55.645062][ T8417] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 55.656573][ T8417] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.663890][ T9722] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 55.673593][ T9722] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 55.681864][ T9722] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 55.690884][ T9722] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 55.698465][ T9722] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 55.707123][ T9722] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 55.714622][ T9722] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 55.722942][ T9722] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 55.732984][ T9722] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 55.741453][ T9722] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 55.752948][ T8421] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.762461][ T8413] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 55.773423][ T8413] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 55.784780][ T8413] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.800358][ T8417] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 55.812716][ T8417] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 55.822862][ T8417] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 55.833581][ T8417] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 55.844484][ T8417] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.852410][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 55.860962][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 55.870109][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 55.879020][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 55.887730][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 55.896915][ T9644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 55.908430][ T8413] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.920044][ T8413] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.920131][ T9756] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 55.932278][ T8413] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.950981][ T8413] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.976619][ T8415] device veth0_vlan entered promiscuous mode 18:48:12 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x500a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x4000000000001eb, 0x4000884) syz_80211_inject_frame(0x0, 0x0, 0x1c) r1 = getpid() r2 = pidfd_open(r1, 0x0) r3 = getpid() r4 = pidfd_open(r3, 0x0) r5 = pidfd_getfd(r4, r2, 0x0) setns(r5, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)) [ 56.002724][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 56.012867][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 56.027271][ T8417] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.045266][ T8417] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.057777][ T8417] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.071426][ T8417] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.102319][ T8415] device veth1_vlan entered promiscuous mode [ 56.116622][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 56.125482][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 56.133025][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 56.191664][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 56.206056][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 56.220783][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 56.250006][ T8415] device veth0_macvtap entered promiscuous mode [ 56.278857][ T9775] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 56.282902][ T8421] device veth0_vlan entered promiscuous mode [ 56.303099][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 56.311947][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 56.321700][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 56.330837][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 56.339253][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 56.347544][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 56.356013][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 56.364118][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 56.372460][ T8419] device veth0_vlan entered promiscuous mode [ 56.381039][ T8415] device veth1_macvtap entered promiscuous mode [ 56.397028][ T8421] device veth1_vlan entered promiscuous mode [ 56.403998][ T24] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.406436][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 56.411817][ T24] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.429629][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 56.438316][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 56.446466][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 56.454240][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 56.462041][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 56.470267][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 56.478698][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 56.491889][ T8419] device veth1_vlan entered promiscuous mode [ 56.509674][ T24] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.527023][ T24] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.546951][ T8415] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 18:48:12 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x500a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x4000000000001eb, 0x4000884) syz_80211_inject_frame(0x0, 0x0, 0x1c) r1 = getpid() r2 = pidfd_open(r1, 0x0) r3 = getpid() r4 = pidfd_open(r3, 0x0) r5 = pidfd_getfd(r4, r2, 0x0) setns(r5, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)) [ 56.557635][ T8415] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 56.568099][ T8415] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 56.578610][ T8415] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 56.588828][ T8415] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 56.600059][ T8415] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 56.612165][ T8415] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 56.622216][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 56.644884][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 56.664087][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 56.684176][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 56.696265][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 56.717718][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 56.751953][ T8419] device veth0_macvtap entered promiscuous mode [ 56.767925][ T8] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.776459][ T8415] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 56.789929][ T8415] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 56.794002][ T8] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.800901][ T8415] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 56.817743][ T9818] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 56.818388][ T8415] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 56.837483][ T8415] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 56.848265][ T8415] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 56.859633][ T8415] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 56.870035][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 56.878184][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 56.886746][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 56.895264][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 56.904638][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 56.913277][ T4859] Bluetooth: hci0: command 0x040f tx timeout [ 56.915938][ T8419] device veth1_macvtap entered promiscuous mode [ 56.930238][ T3186] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.932145][ T8415] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.948516][ T8415] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.953792][ T3186] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.958346][ T8415] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.974455][ T8415] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.987928][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 56.996047][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 57.004367][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 57.012718][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 57.026478][ T8421] device veth0_macvtap entered promiscuous mode [ 57.086481][ T8421] device veth1_macvtap entered promiscuous mode [ 57.093672][ T9827] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 57.098639][ T8419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 57.123341][ T8419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! 18:48:13 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x500a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x4000000000001eb, 0x4000884) syz_80211_inject_frame(0x0, 0x0, 0x1c) r1 = getpid() r2 = pidfd_open(r1, 0x0) r3 = getpid() r4 = pidfd_open(r3, 0x0) r5 = pidfd_getfd(r4, r2, 0x0) setns(r5, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)) [ 57.123964][ T4859] Bluetooth: hci1: command 0x040f tx timeout [ 57.133641][ T8419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 57.176235][ T8419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 57.188685][ T8419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 57.199303][ T4859] Bluetooth: hci2: command 0x040f tx timeout 18:48:13 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8dd0f0f6300bfc7442402c43a727fc7442406000000000f011424f30f090f013a360f0666b8c0008ec066baa100ed", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, &(0x7f0000000080)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x4cb]}) perf_event_open(&(0x7f00000005c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, 0x0, 0x10, &(0x7f00000000c0)={0x5}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='ns\x00') ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000380)={"01a0e43f7b78288aceb27138251f841b2d07bad22dfa6d0ff0476f0cc9d0d4bba900080000415cbacba7de89ca203a4bb4e1509f20db041424110214e7b5602621e6e0a1e04e6e8a9f44d22945b5e002f9f3c9ff397c588841bf161c3b634808905a8615a1cf2c451dac143266bb4558a1b4e2a44321b14deb4f4670b0e90711569c5f1ad6265ae9d8bfe7bf01efccd4a2df8beb0699b7513bb2c933328e92e63cb0ab62948e5aba142509ed8dedde95b1735dbf671bd50ddce94236dc828b992c905c413a159573de26894c1b9e927e6142fb23731c9522cc0c15797534c69e6292f9bbc77a6d97ee1d77f4f07de17ece7304414ded690e20b1d092c30399b86f878f60294ac9bd72c634b7dfb68b52638608bb4ef448f9a7470cfeddc0b5e5faa8b0c7a392ed99aa70994d596713e4efd5316d80f4008863de66476823c440a98901273ef33614bf6e719ea0053d86024c16fdd4a2e997601112114f1a397485a379a1a48576f990b10c0f862aeb19105fad5376adffa0aba70120e9f329ba61388eeb0f711bb7b558c4c8f598688bd9889d44423eb8495f772638f8b3f0828c81221b558f758136bd6ee4b0a0ba42cb6fb5626f80a7ffe263b72b8867a4a25c0a2b6db21b442ae52b710e0024e62267d30a1662d6089221d72fea9d76b4ebe4be663c71f04d872a9c7db18c99a67f736647e2691570e9cd4f8e96a88e542194fb84255e71a90deee6cc21b2d8286274d7b4224565f9aedc5b676b15e7cbf595c71857f95f97966de0bb7e58c84358e7746e9cd0d0a3a0afb779c8af814b67fe35d0a4fabf698fbe1033da70786d9963efaad98b6cf5d7f8feeae9c62bd4eff83b713681f0cff051333e0c7f5e0b80e4916d49755f2f833d3b184d6c40f693f89929cd8dc162e0f14ac8dd24fd183abd7620444c36920197563912368037ad5e02ce52254437ac125eb1a39080f5b099a8bd85645e1fd0074b5e3d10f5be6757fdd570a7c7215ce287a6d9dc5552f3e8cdbb1475c472e18900029768eafda60a27d5f9e33679e81e0dddc9a2efb166b418f1f5cf582cfe338c310b0b46adcc8961f335c1fec7e3468cb7aa6bb66b3e64cbd706b1f89e3a7a2f20e2b625b74eecc0f353b5c4d73ba900ce830038b4d70a0f3d4d1e98c1298f28a736ebefb661e6db64eb7e4f9f17a5f1046632bda2fd3890f8d33eb22ff11e1f397e802dea33cd1bce6165ddd07cdfb44ddf31c0d21cfbf65832a56edf54c256564be934440629955910dc63f8d9f4d78872b47f25e5682a06aac18e49c5bf57923000e83ec2c4be9e5f38824a517009f5d918730739fa74ffa2f50edb98bd257000bdcaf57a541349620bda57af821305e568fc0ecec604514c1da768cc03e4a790cc0510b42c77b9ca75d72ea76c17379c7f00"}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_bp={&(0x7f00000001c0), 0xc}, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x80000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000100)=0x1) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, 0x0) r3 = getpgrp(0x0) syz_open_procfs(r3, &(0x7f0000000200)='net/tcp\x00') ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 57.218299][ T34] audit: type=1804 audit(1613933293.574:2): pid=9837 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir153454755/syzkaller.kZ4ibB/0/bus" dev="sda1" ino=14198 res=1 errno=0 [ 57.247292][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 57.250908][ T8419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 57.270018][ T8419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 57.281657][ T8419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 57.295530][ T8419] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 57.347717][ T9792] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 57.364939][ T9792] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 57.373295][ T9792] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 57.384606][ T9792] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 57.393759][ T9792] Bluetooth: hci3: command 0x040f tx timeout [ 57.407519][ T8419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 57.466721][ T9848] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2852530792 (91280985344 ns) > initial count (8777803040 ns). Using initial count to start timer. [ 57.485459][ T8419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 57.516172][ T19] Bluetooth: hci4: command 0x040f tx timeout [ 57.526406][ T8419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 57.571014][ T8419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 57.583629][ C0] hrtimer: interrupt took 36459 ns [ 57.655371][ T8419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 57.673733][ T9696] Bluetooth: hci5: command 0x040f tx timeout [ 57.702838][ T8419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 57.769682][ T8419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 57.785559][ T8419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 57.796100][ T9844] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 57.800468][ T9862] kvm [9846]: vcpu0, guest rIP: 0x13c Hyper-V unhandled wrmsr: 0x40000024 data 0x56ab [ 57.811045][ T8419] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 57.851653][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 57.868149][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 57.889758][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 57.907731][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 57.919969][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 57.933005][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 57.945391][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 57.958301][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 57.971939][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 57.988905][ T34] audit: type=1804 audit(1613933294.344:3): pid=9837 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir153454755/syzkaller.kZ4ibB/0/bus" dev="sda1" ino=14198 res=1 errno=0 [ 58.011405][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.023713][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 58.034476][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.046090][ T8421] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 58.054724][ T8419] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.063425][ T8419] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.081045][ T8419] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.091625][ T8419] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.113635][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 58.134357][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 58.144752][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 58.163603][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.183229][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 58.194853][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.205097][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 58.215897][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.225971][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 58.237944][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.248209][ T8421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 58.258688][ T8421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.269828][ T8421] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 58.287784][ T110] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 58.299887][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 58.308476][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 58.310311][ T110] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 58.322614][ T8421] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.332909][ T8421] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.342001][ T8421] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.351068][ T8421] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.366441][ T9722] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 58.377696][ T110] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 58.385665][ T110] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 58.400128][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 58.471656][ T110] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 58.489459][ T110] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 58.504878][ T8] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 18:48:14 executing program 2: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/seq\x00', 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) writev(r0, &(0x7f0000000180)=[{&(0x7f0000000100)="390000001300034700bb65e1c3e4ffff06000000010000004500000025", 0x1d}], 0x1) socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) bind$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14) 18:48:14 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8dd0f0f6300bfc7442402c43a727fc7442406000000000f011424f30f090f013a360f0666b8c0008ec066baa100ed", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, &(0x7f0000000080)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x4cb]}) perf_event_open(&(0x7f00000005c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, 0x0, 0x10, &(0x7f00000000c0)={0x5}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='ns\x00') ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000380)={"01a0e43f7b78288aceb27138251f841b2d07bad22dfa6d0ff0476f0cc9d0d4bba900080000415cbacba7de89ca203a4bb4e1509f20db041424110214e7b5602621e6e0a1e04e6e8a9f44d22945b5e002f9f3c9ff397c588841bf161c3b634808905a8615a1cf2c451dac143266bb4558a1b4e2a44321b14deb4f4670b0e90711569c5f1ad6265ae9d8bfe7bf01efccd4a2df8beb0699b7513bb2c933328e92e63cb0ab62948e5aba142509ed8dedde95b1735dbf671bd50ddce94236dc828b992c905c413a159573de26894c1b9e927e6142fb23731c9522cc0c15797534c69e6292f9bbc77a6d97ee1d77f4f07de17ece7304414ded690e20b1d092c30399b86f878f60294ac9bd72c634b7dfb68b52638608bb4ef448f9a7470cfeddc0b5e5faa8b0c7a392ed99aa70994d596713e4efd5316d80f4008863de66476823c440a98901273ef33614bf6e719ea0053d86024c16fdd4a2e997601112114f1a397485a379a1a48576f990b10c0f862aeb19105fad5376adffa0aba70120e9f329ba61388eeb0f711bb7b558c4c8f598688bd9889d44423eb8495f772638f8b3f0828c81221b558f758136bd6ee4b0a0ba42cb6fb5626f80a7ffe263b72b8867a4a25c0a2b6db21b442ae52b710e0024e62267d30a1662d6089221d72fea9d76b4ebe4be663c71f04d872a9c7db18c99a67f736647e2691570e9cd4f8e96a88e542194fb84255e71a90deee6cc21b2d8286274d7b4224565f9aedc5b676b15e7cbf595c71857f95f97966de0bb7e58c84358e7746e9cd0d0a3a0afb779c8af814b67fe35d0a4fabf698fbe1033da70786d9963efaad98b6cf5d7f8feeae9c62bd4eff83b713681f0cff051333e0c7f5e0b80e4916d49755f2f833d3b184d6c40f693f89929cd8dc162e0f14ac8dd24fd183abd7620444c36920197563912368037ad5e02ce52254437ac125eb1a39080f5b099a8bd85645e1fd0074b5e3d10f5be6757fdd570a7c7215ce287a6d9dc5552f3e8cdbb1475c472e18900029768eafda60a27d5f9e33679e81e0dddc9a2efb166b418f1f5cf582cfe338c310b0b46adcc8961f335c1fec7e3468cb7aa6bb66b3e64cbd706b1f89e3a7a2f20e2b625b74eecc0f353b5c4d73ba900ce830038b4d70a0f3d4d1e98c1298f28a736ebefb661e6db64eb7e4f9f17a5f1046632bda2fd3890f8d33eb22ff11e1f397e802dea33cd1bce6165ddd07cdfb44ddf31c0d21cfbf65832a56edf54c256564be934440629955910dc63f8d9f4d78872b47f25e5682a06aac18e49c5bf57923000e83ec2c4be9e5f38824a517009f5d918730739fa74ffa2f50edb98bd257000bdcaf57a541349620bda57af821305e568fc0ecec604514c1da768cc03e4a790cc0510b42c77b9ca75d72ea76c17379c7f00"}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_bp={&(0x7f00000001c0), 0xc}, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x80000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000100)=0x1) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, 0x0) r3 = getpgrp(0x0) syz_open_procfs(r3, &(0x7f0000000200)='net/tcp\x00') ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 58.527227][ T8] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 58.545698][ T3186] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 58.553644][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 58.573625][ T3186] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 58.592469][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 58.614236][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 58.637809][ T9935] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2852530792 (91280985344 ns) > initial count (8777803040 ns). Using initial count to start timer. [ 58.668982][ T8] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 58.680157][ T8] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 58.694754][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 58.716642][ T9942] kvm [9933]: vcpu0, guest rIP: 0x13c Hyper-V unhandled wrmsr: 0x40000024 data 0x56ab 18:48:15 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3280, &(0x7f0000000040), &(0x7f0000ee4000/0x4000)=nil, &(0x7f00006d7000/0x2000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000180)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000001500)={&(0x7f0000000240)=@x25={0x9, @remote}, 0x80, 0x0, 0x0, &(0x7f00000014c0)=""/43, 0x2b}}, 0x0) io_uring_enter(r0, 0x450c, 0x0, 0x0, 0x0, 0x0) 18:48:15 executing program 3: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) r1 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000}}, r1, 0x0, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0x2007fff) sendfile(r0, r0, 0x0, 0x8080fffffffe) openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) r3 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r4, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f0000000280)={0xa, 0x100000004e22, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x152) setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x303}, '\x00', '\x00', "20040100"}, 0x28) sendfile(r5, r3, 0x0, 0x800100020001) 18:48:15 executing program 0: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) r1 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000}}, r1, 0x0, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0x2007fff) sendfile(r0, r0, 0x0, 0x8080fffffffe) openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) r3 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r4, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f0000000280)={0xa, 0x100000004e22, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x152) setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x303}, '\x00', '\x00', "20040100"}, 0x28) sendfile(r5, r3, 0x0, 0x800100020001) 18:48:15 executing program 2: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/seq\x00', 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) writev(r0, &(0x7f0000000180)=[{&(0x7f0000000100)="390000001300034700bb65e1c3e4ffff06000000010000004500000025", 0x1d}], 0x1) socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) bind$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14) 18:48:15 executing program 5: r0 = socket$inet6(0xa, 0x5, 0x0) getsockopt$bt_hci(r0, 0x84, 0x80, &(0x7f0000000080)=""/4096, &(0x7f0000000000)=0x1000) 18:48:15 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8dd0f0f6300bfc7442402c43a727fc7442406000000000f011424f30f090f013a360f0666b8c0008ec066baa100ed", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, &(0x7f0000000080)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x4cb]}) perf_event_open(&(0x7f00000005c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, 0x0, 0x10, &(0x7f00000000c0)={0x5}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='ns\x00') ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000380)={"01a0e43f7b78288aceb27138251f841b2d07bad22dfa6d0ff0476f0cc9d0d4bba900080000415cbacba7de89ca203a4bb4e1509f20db041424110214e7b5602621e6e0a1e04e6e8a9f44d22945b5e002f9f3c9ff397c588841bf161c3b634808905a8615a1cf2c451dac143266bb4558a1b4e2a44321b14deb4f4670b0e90711569c5f1ad6265ae9d8bfe7bf01efccd4a2df8beb0699b7513bb2c933328e92e63cb0ab62948e5aba142509ed8dedde95b1735dbf671bd50ddce94236dc828b992c905c413a159573de26894c1b9e927e6142fb23731c9522cc0c15797534c69e6292f9bbc77a6d97ee1d77f4f07de17ece7304414ded690e20b1d092c30399b86f878f60294ac9bd72c634b7dfb68b52638608bb4ef448f9a7470cfeddc0b5e5faa8b0c7a392ed99aa70994d596713e4efd5316d80f4008863de66476823c440a98901273ef33614bf6e719ea0053d86024c16fdd4a2e997601112114f1a397485a379a1a48576f990b10c0f862aeb19105fad5376adffa0aba70120e9f329ba61388eeb0f711bb7b558c4c8f598688bd9889d44423eb8495f772638f8b3f0828c81221b558f758136bd6ee4b0a0ba42cb6fb5626f80a7ffe263b72b8867a4a25c0a2b6db21b442ae52b710e0024e62267d30a1662d6089221d72fea9d76b4ebe4be663c71f04d872a9c7db18c99a67f736647e2691570e9cd4f8e96a88e542194fb84255e71a90deee6cc21b2d8286274d7b4224565f9aedc5b676b15e7cbf595c71857f95f97966de0bb7e58c84358e7746e9cd0d0a3a0afb779c8af814b67fe35d0a4fabf698fbe1033da70786d9963efaad98b6cf5d7f8feeae9c62bd4eff83b713681f0cff051333e0c7f5e0b80e4916d49755f2f833d3b184d6c40f693f89929cd8dc162e0f14ac8dd24fd183abd7620444c36920197563912368037ad5e02ce52254437ac125eb1a39080f5b099a8bd85645e1fd0074b5e3d10f5be6757fdd570a7c7215ce287a6d9dc5552f3e8cdbb1475c472e18900029768eafda60a27d5f9e33679e81e0dddc9a2efb166b418f1f5cf582cfe338c310b0b46adcc8961f335c1fec7e3468cb7aa6bb66b3e64cbd706b1f89e3a7a2f20e2b625b74eecc0f353b5c4d73ba900ce830038b4d70a0f3d4d1e98c1298f28a736ebefb661e6db64eb7e4f9f17a5f1046632bda2fd3890f8d33eb22ff11e1f397e802dea33cd1bce6165ddd07cdfb44ddf31c0d21cfbf65832a56edf54c256564be934440629955910dc63f8d9f4d78872b47f25e5682a06aac18e49c5bf57923000e83ec2c4be9e5f38824a517009f5d918730739fa74ffa2f50edb98bd257000bdcaf57a541349620bda57af821305e568fc0ecec604514c1da768cc03e4a790cc0510b42c77b9ca75d72ea76c17379c7f00"}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_bp={&(0x7f00000001c0), 0xc}, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x80000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000100)=0x1) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, 0x0) r3 = getpgrp(0x0) syz_open_procfs(r3, &(0x7f0000000200)='net/tcp\x00') ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:48:15 executing program 2: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/seq\x00', 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) writev(r0, &(0x7f0000000180)=[{&(0x7f0000000100)="390000001300034700bb65e1c3e4ffff06000000010000004500000025", 0x1d}], 0x1) socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) bind$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14) 18:48:15 executing program 5: r0 = socket$inet6(0xa, 0x5, 0x0) getsockopt$bt_hci(r0, 0x84, 0x80, &(0x7f0000000080)=""/4096, &(0x7f0000000000)=0x1000) [ 58.955916][ T9696] Bluetooth: hci0: command 0x0419 tx timeout 18:48:15 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3280, &(0x7f0000000040), &(0x7f0000ee4000/0x4000)=nil, &(0x7f00006d7000/0x2000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000180)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000001500)={&(0x7f0000000240)=@x25={0x9, @remote}, 0x80, 0x0, 0x0, &(0x7f00000014c0)=""/43, 0x2b}}, 0x0) io_uring_enter(r0, 0x450c, 0x0, 0x0, 0x0, 0x0) [ 59.052228][ T9967] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2852530792 (91280985344 ns) > initial count (8777803040 ns). Using initial count to start timer. [ 59.075948][ T34] audit: type=1804 audit(1613933295.434:4): pid=9982 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir153454755/syzkaller.kZ4ibB/1/bus" dev="sda1" ino=14217 res=1 errno=0 [ 59.097430][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 59.106957][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 59.126074][ T34] audit: type=1804 audit(1613933295.434:5): pid=9981 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir255736876/syzkaller.619zM6/8/bus" dev="sda1" ino=14210 res=1 errno=0 18:48:15 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) r1 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000}}, r1, 0x0, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0x2007fff) sendfile(r0, r0, 0x0, 0x8080fffffffe) openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) r3 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r4, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f0000000280)={0xa, 0x100000004e22, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x152) setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x303}, '\x00', '\x00', "20040100"}, 0x28) sendfile(r5, r3, 0x0, 0x800100020001) [ 59.168551][ T9967] kvm [9964]: vcpu0, guest rIP: 0x13c Hyper-V unhandled wrmsr: 0x40000024 data 0x56ab [ 59.194610][ T9696] Bluetooth: hci1: command 0x0419 tx timeout 18:48:15 executing program 5: r0 = socket$inet6(0xa, 0x5, 0x0) getsockopt$bt_hci(r0, 0x84, 0x80, &(0x7f0000000080)=""/4096, &(0x7f0000000000)=0x1000) 18:48:15 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) r1 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000}}, r1, 0x0, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0x2007fff) sendfile(r0, r0, 0x0, 0x8080fffffffe) openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) r3 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r4, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f0000000280)={0xa, 0x100000004e22, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x152) setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x303}, '\x00', '\x00', "20040100"}, 0x28) sendfile(r5, r3, 0x0, 0x800100020001) [ 59.284070][ T9696] Bluetooth: hci2: command 0x0419 tx timeout 18:48:15 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x500a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x4000000000001eb, 0x4000884) syz_80211_inject_frame(0x0, 0x0, 0x1c) r1 = getpid() r2 = pidfd_open(r1, 0x0) r3 = getpid() r4 = pidfd_open(r3, 0x0) r5 = pidfd_getfd(r4, r2, 0x0) setns(r5, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)) [ 59.433807][ T9696] Bluetooth: hci3: command 0x0419 tx timeout [ 59.458572][ T34] audit: type=1804 audit(1613933295.814:6): pid=10002 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir958848082/syzkaller.ElMi2o/4/bus" dev="sda1" ino=14194 res=1 errno=0 [ 59.493780][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 59.565346][ T34] audit: type=1804 audit(1613933295.924:7): pid=10004 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir542173829/syzkaller.cINDmh/4/bus" dev="sda1" ino=14197 res=1 errno=0 [ 59.593949][ T9792] Bluetooth: hci4: command 0x0419 tx timeout [ 59.612533][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 59.753931][ T9137] Bluetooth: hci5: command 0x0419 tx timeout 18:48:16 executing program 3: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) r1 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000}}, r1, 0x0, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0x2007fff) sendfile(r0, r0, 0x0, 0x8080fffffffe) openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) r3 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r4, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f0000000280)={0xa, 0x100000004e22, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x152) setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x303}, '\x00', '\x00', "20040100"}, 0x28) sendfile(r5, r3, 0x0, 0x800100020001) [ 60.138601][T10005] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 60.390667][ T34] audit: type=1804 audit(1613933296.744:8): pid=10015 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir153454755/syzkaller.kZ4ibB/2/bus" dev="sda1" ino=14215 res=1 errno=0 [ 60.393563][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 18:48:17 executing program 0: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) r1 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000}}, r1, 0x0, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0x2007fff) sendfile(r0, r0, 0x0, 0x8080fffffffe) openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) r3 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r4, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f0000000280)={0xa, 0x100000004e22, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x152) setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x303}, '\x00', '\x00', "20040100"}, 0x28) sendfile(r5, r3, 0x0, 0x800100020001) 18:48:17 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3280, &(0x7f0000000040), &(0x7f0000ee4000/0x4000)=nil, &(0x7f00006d7000/0x2000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000180)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000001500)={&(0x7f0000000240)=@x25={0x9, @remote}, 0x80, 0x0, 0x0, &(0x7f00000014c0)=""/43, 0x2b}}, 0x0) io_uring_enter(r0, 0x450c, 0x0, 0x0, 0x0, 0x0) 18:48:17 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) r1 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000}}, r1, 0x0, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0x2007fff) sendfile(r0, r0, 0x0, 0x8080fffffffe) openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) r3 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r4, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f0000000280)={0xa, 0x100000004e22, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x152) setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x303}, '\x00', '\x00', "20040100"}, 0x28) sendfile(r5, r3, 0x0, 0x800100020001) 18:48:17 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x500a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x4000000000001eb, 0x4000884) syz_80211_inject_frame(0x0, 0x0, 0x1c) r1 = getpid() r2 = pidfd_open(r1, 0x0) r3 = getpid() r4 = pidfd_open(r3, 0x0) r5 = pidfd_getfd(r4, r2, 0x0) setns(r5, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)) [ 61.285614][ T34] audit: type=1804 audit(1613933297.645:9): pid=10031 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir958848082/syzkaller.ElMi2o/5/bus" dev="sda1" ino=14216 res=1 errno=0 [ 61.290711][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 18:48:17 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) r1 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000}}, r1, 0x0, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0x2007fff) sendfile(r0, r0, 0x0, 0x8080fffffffe) openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) r3 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r4, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f0000000280)={0xa, 0x100000004e22, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x152) setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x303}, '\x00', '\x00', "20040100"}, 0x28) sendfile(r5, r3, 0x0, 0x800100020001) [ 61.365352][T10004] syz-executor.1 (10004) used greatest stack depth: 9288 bytes left [ 61.377759][T10015] syz-executor.3 (10015) used greatest stack depth: 9096 bytes left 18:48:17 executing program 3: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) r1 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000}}, r1, 0x0, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0x2007fff) sendfile(r0, r0, 0x0, 0x8080fffffffe) openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) r3 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r4, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f0000000280)={0xa, 0x100000004e22, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x152) setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x303}, '\x00', '\x00', "20040100"}, 0x28) sendfile(r5, r3, 0x0, 0x800100020001) [ 61.685389][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 61.693159][ T34] audit: type=1804 audit(1613933298.045:10): pid=10040 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir255736876/syzkaller.619zM6/9/bus" dev="sda1" ino=14197 res=1 errno=0 [ 61.802247][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 61.845830][T10024] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 18:48:18 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x500a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x4000000000001eb, 0x4000884) syz_80211_inject_frame(0x0, 0x0, 0x1c) r1 = getpid() r2 = pidfd_open(r1, 0x0) r3 = getpid() r4 = pidfd_open(r3, 0x0) r5 = pidfd_getfd(r4, r2, 0x0) setns(r5, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)) [ 61.899974][ T34] audit: type=1804 audit(1613933298.125:11): pid=10042 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir542173829/syzkaller.cINDmh/5/bus" dev="sda1" ino=14214 res=1 errno=0 18:48:18 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x500a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x4000000000001eb, 0x4000884) syz_80211_inject_frame(0x0, 0x0, 0x1c) r1 = getpid() r2 = pidfd_open(r1, 0x0) r3 = getpid() r4 = pidfd_open(r3, 0x0) r5 = pidfd_getfd(r4, r2, 0x0) setns(r5, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)) [ 62.476130][ T34] audit: type=1804 audit(1613933298.835:12): pid=10054 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir153454755/syzkaller.kZ4ibB/3/bus" dev="sda1" ino=14219 res=1 errno=0 [ 62.494334][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 18:48:19 executing program 0: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) r1 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000}}, r1, 0x0, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0x2007fff) sendfile(r0, r0, 0x0, 0x8080fffffffe) openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) r3 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r4, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f0000000280)={0xa, 0x100000004e22, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x152) setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x303}, '\x00', '\x00', "20040100"}, 0x28) sendfile(r5, r3, 0x0, 0x800100020001) [ 63.075258][T10047] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 63.290714][ T34] audit: type=1804 audit(1613933299.645:13): pid=10059 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir255736876/syzkaller.619zM6/10/bus" dev="sda1" ino=14210 res=1 errno=0 [ 63.292993][T10048] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 63.349689][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 18:48:19 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) r1 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000}}, r1, 0x0, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0x2007fff) sendfile(r0, r0, 0x0, 0x8080fffffffe) openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) r3 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r4, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f0000000280)={0xa, 0x100000004e22, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x152) setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x303}, '\x00', '\x00', "20040100"}, 0x28) sendfile(r5, r3, 0x0, 0x800100020001) 18:48:19 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x500a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x4000000000001eb, 0x4000884) syz_80211_inject_frame(0x0, 0x0, 0x1c) r1 = getpid() r2 = pidfd_open(r1, 0x0) r3 = getpid() r4 = pidfd_open(r3, 0x0) r5 = pidfd_getfd(r4, r2, 0x0) setns(r5, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)) 18:48:19 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0) r1 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000}}, r1, 0x0, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0x2007fff) sendfile(r0, r0, 0x0, 0x8080fffffffe) openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) r3 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r4, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f0000000280)={0xa, 0x100000004e22, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x152) setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x303}, '\x00', '\x00', "20040100"}, 0x28) sendfile(r5, r3, 0x0, 0x800100020001) 18:48:20 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x500a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='wlan1\x00', 0x10) setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x4000000000001eb, 0x4000884) syz_80211_inject_frame(0x0, 0x0, 0x1c) r1 = getpid() r2 = pidfd_open(r1, 0x0) r3 = getpid() r4 = pidfd_open(r3, 0x0) r5 = pidfd_getfd(r4, r2, 0x0) setns(r5, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)) [ 63.833637][T10058] ================================================================== [ 63.841750][T10058] BUG: KCSAN: data-race in start_this_handle / start_this_handle [ 63.849488][T10058] [ 63.851808][T10058] write to 0xffff888106298870 of 8 bytes by task 10044 on cpu 0: [ 63.859521][T10058] start_this_handle+0xceb/0x1010 [ 63.864558][T10058] jbd2__journal_start+0x1fc/0x3f0 [ 63.869673][T10058] __ext4_journal_start_sb+0x154/0x310 [ 63.875129][T10058] ext4_dirty_inode+0x78/0xc0 [ 63.879806][T10058] __mark_inode_dirty+0x72/0x6b0 [ 63.884744][T10058] touch_atime+0x1b1/0x2d0 [ 63.889162][T10058] generic_file_buffered_read+0x945/0x9c0 [ 63.894971][T10058] generic_file_read_iter+0x82/0x3e0 [ 63.900266][T10058] ext4_file_read_iter+0x2e0/0x430 [ 63.905389][T10058] generic_file_splice_read+0x22a/0x310 [ 63.910954][T10058] splice_direct_to_actor+0x2aa/0x650 [ 63.916335][T10058] do_splice_direct+0xf5/0x170 [ 63.921098][T10058] do_sendfile+0x5e0/0xcf0 [ 63.925531][T10058] __x64_sys_sendfile64+0xf2/0x130 [ 63.930641][T10058] do_syscall_64+0x39/0x80 [ 63.935063][T10058] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 63.941052][T10058] [ 63.943378][T10058] read to 0xffff888106298870 of 8 bytes by task 10058 on cpu 1: [ 63.951002][T10058] start_this_handle+0x1c1/0x1010 [ 63.956027][T10058] jbd2__journal_start+0x1fc/0x3f0 [ 63.961141][T10058] __ext4_journal_start_sb+0x154/0x310 [ 63.966601][T10058] ext4_dirty_inode+0x78/0xc0 [ 63.971367][T10058] __mark_inode_dirty+0x72/0x6b0 [ 63.976319][T10058] touch_atime+0x1b1/0x2d0 [ 63.980733][T10058] generic_file_buffered_read+0x945/0x9c0 [ 63.986451][T10058] generic_file_read_iter+0x82/0x3e0 [ 63.991732][T10058] ext4_file_read_iter+0x2e0/0x430 [ 63.996837][T10058] generic_file_splice_read+0x22a/0x310 [ 64.002376][T10058] splice_direct_to_actor+0x2aa/0x650 [ 64.007753][T10058] do_splice_direct+0xf5/0x170 [ 64.012512][T10058] do_sendfile+0x5e0/0xcf0 [ 64.016924][T10058] __x64_sys_sendfile64+0xf2/0x130 [ 64.022029][T10058] do_syscall_64+0x39/0x80 [ 64.026440][T10058] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 64.032326][T10058] [ 64.034649][T10058] Reported by Kernel Concurrency Sanitizer on: [ 64.040791][T10058] CPU: 1 PID: 10058 Comm: syz-executor.0 Not tainted 5.11.0-syzkaller #0 [ 64.049228][T10058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 64.059291][T10058] ================================================================== [ 64.067354][T10058] Kernel panic - not syncing: panic_on_warn set ... [ 64.073925][T10058] CPU: 1 PID: 10058 Comm: syz-executor.0 Not tainted 5.11.0-syzkaller #0 [ 64.082332][T10058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 64.092391][T10058] Call Trace: [ 64.095666][T10058] dump_stack+0x137/0x19d [ 64.099998][T10058] panic+0x1e7/0x5fa [ 64.103901][T10058] ? vprintk_emit+0x2fa/0x3e0 [ 64.108585][T10058] kcsan_report+0x67b/0x680 [ 64.113083][T10058] ? kcsan_setup_watchpoint+0x452/0x4d0 [ 64.118624][T10058] ? start_this_handle+0x1c1/0x1010 [ 64.123821][T10058] ? jbd2__journal_start+0x1fc/0x3f0 [ 64.129112][T10058] ? __ext4_journal_start_sb+0x154/0x310 [ 64.134739][T10058] ? ext4_dirty_inode+0x78/0xc0 [ 64.139596][T10058] ? __mark_inode_dirty+0x72/0x6b0 [ 64.144699][T10058] ? touch_atime+0x1b1/0x2d0 [ 64.149294][T10058] ? generic_file_buffered_read+0x945/0x9c0 [ 64.155180][T10058] ? generic_file_read_iter+0x82/0x3e0 [ 64.160631][T10058] ? ext4_file_read_iter+0x2e0/0x430 [ 64.165910][T10058] ? generic_file_splice_read+0x22a/0x310 [ 64.171626][T10058] ? splice_direct_to_actor+0x2aa/0x650 [ 64.177169][T10058] ? do_splice_direct+0xf5/0x170 [ 64.182117][T10058] ? do_sendfile+0x5e0/0xcf0 [ 64.186710][T10058] ? __x64_sys_sendfile64+0xf2/0x130 [ 64.192011][T10058] ? do_syscall_64+0x39/0x80 [ 64.196596][T10058] ? entry_SYSCALL_64_after_hwframe+0x44/0xae [ 64.202754][T10058] ? blk_finish_plug+0x4c/0x60 [ 64.207515][T10058] kcsan_setup_watchpoint+0x452/0x4d0 [ 64.212887][T10058] start_this_handle+0x1c1/0x1010 [ 64.217915][T10058] ? kmem_cache_alloc+0x18e/0x2f0 [ 64.222933][T10058] ? jbd2__journal_start+0xf7/0x3f0 [ 64.228146][T10058] jbd2__journal_start+0x1fc/0x3f0 [ 64.233254][T10058] __ext4_journal_start_sb+0x154/0x310 [ 64.238720][T10058] ext4_dirty_inode+0x78/0xc0 [ 64.243414][T10058] ? ext4_expand_extra_isize+0x540/0x540 [ 64.249042][T10058] __mark_inode_dirty+0x72/0x6b0 [ 64.253983][T10058] ? current_time+0xdb/0x190 [ 64.258573][T10058] touch_atime+0x1b1/0x2d0 [ 64.262987][T10058] generic_file_buffered_read+0x945/0x9c0 [ 64.268701][T10058] ? _raw_spin_unlock_irq+0x22/0x40 [ 64.273897][T10058] ? ___cache_free+0x3c/0x2f0 [ 64.278569][T10058] ? __kmalloc+0x1c2/0x360 [ 64.282979][T10058] generic_file_read_iter+0x82/0x3e0 [ 64.288274][T10058] ? aa_file_perm+0x132/0xde0 [ 64.292964][T10058] ? iter_file_splice_write+0x6e8/0x770 [ 64.298525][T10058] ext4_file_read_iter+0x2e0/0x430 [ 64.303659][T10058] generic_file_splice_read+0x22a/0x310 [ 64.309217][T10058] ? splice_shrink_spd+0x60/0x60 [ 64.314155][T10058] splice_direct_to_actor+0x2aa/0x650 [ 64.319635][T10058] ? do_splice_direct+0x170/0x170 [ 64.324665][T10058] do_splice_direct+0xf5/0x170 [ 64.329428][T10058] do_sendfile+0x5e0/0xcf0 [ 64.333840][T10058] __x64_sys_sendfile64+0xf2/0x130 [ 64.338961][T10058] do_syscall_64+0x39/0x80 [ 64.343375][T10058] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 64.349263][T10058] RIP: 0033:0x465ef9 [ 64.353148][T10058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 64.372752][T10058] RSP: 002b:00007f4fdaa2d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 64.381167][T10058] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465ef9 [ 64.389134][T10058] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 64.397115][T10058] RBP: 00000000004bcd1c R08: 0000000000000000 R09: 0000000000000000 [ 64.406991][T10058] R10: 00008080fffffffe R11: 0000000000000246 R12: 000000000056bf60 [ 64.414959][T10058] R13: 00007fffefece98f R14: 00007f4fdaa2d300 R15: 0000000000022000 [ 64.423551][T10058] Kernel Offset: disabled [ 64.427877][T10058] Rebooting in 86400 seconds..