last executing test programs:
2.028758324s ago: executing program 1 (id=2):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES64], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000b00)={0x2c, &(0x7f0000000400)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190880"], 0x0, 0x0, 0x0, 0x0}, 0x0)
1.816141204s ago: executing program 2 (id=3):
r0 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000002640)=""/4096, 0x1000}, {&(0x7f0000000600)=""/235, 0xeb}, {&(0x7f0000000540)=""/167, 0xa7}], 0x3}, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33)
1.61456973s ago: executing program 0 (id=1):
socket$kcm(0x11, 0x200000000000002, 0x300)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x5865, &(0x7f0000000040)="b90103600040f000009e0ff008001fffffe100004000632f77fb080600017f020001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28)
1.351052771s ago: executing program 2 (id=12):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r0, 0x4b45, 0x0)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x300, 0x0, 0x4, 0x300}})
1.230862955s ago: executing program 0 (id=14):
r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x109801, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000080)=0x74000000)
write$dsp(r0, &(0x7f0000002000)='`', 0x88020)
1.120467517s ago: executing program 2 (id=15):
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x84, &(0x7f0000000480)={0x0, @in={{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x90)
1.092953879s ago: executing program 3 (id=16):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
shutdown(r0, 0x1)
967.25966ms ago: executing program 3 (id=17):
r0 = syz_open_dev$vim2m(&(0x7f0000000580), 0x800, 0x2)
ppoll(&(0x7f00000000c0)=[{r0, 0x1007}], 0x1, 0x0, 0x0, 0x0)
ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000000)=0x2)
912.274931ms ago: executing program 2 (id=18):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x20801, 0x0)
write$rfkill(r0, &(0x7f0000000100)={0x0, 0x2, 0x3, 0x1}, 0x8)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x40040, 0x0)
828.989275ms ago: executing program 3 (id=19):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
shmdt(0x0)
660.659213ms ago: executing program 3 (id=21):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
fcntl$setstatus(r0, 0x4, 0xc00)
accept4$bt_l2cap(r0, 0x0, 0x0, 0x0)
574.990887ms ago: executing program 3 (id=23):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace(0x4208, r0)
438.533378ms ago: executing program 3 (id=24):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='comm\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
preadv(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/124, 0x7c}], 0x1, 0x9, 0xc)
293.150093ms ago: executing program 4 (id=27):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r0, &(0x7f0000000580)=ANY=[@ANYBLOB="5300000002"], 0x8)
244.797013ms ago: executing program 4 (id=28):
r0 = shmget(0x1, 0x4000, 0x200, &(0x7f0000ff8000/0x4000)=nil)
shmat(r0, &(0x7f0000ff8000/0x5000)=nil, 0x7000)
shmctl$IPC_RMID(r0, 0x0)
210.476578ms ago: executing program 4 (id=29):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f00000007c0)={0xc, {"a2e3ad21ed0d52f91b5d300887f70e06d038e7ff7fc6e5539b3272298b089b07081b4d020890e0878f0e1ac6e7049b3b6d959bfd9a240d2567f3988f7ef319520100ffe8d178708c523c921b1b9b39070d075d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c9000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c198045651cf4778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdc80c47ee4f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78ff95b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af0000807e0000000002d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b4051db55e0510a6e4114a53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a6d8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
121.631181ms ago: executing program 4 (id=30):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x11, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a603f00000000000500000014000500200100000000000000000100000000001c00090008000000", @ANYRES32=r1], 0x4c}}, 0x0)
58.418623ms ago: executing program 4 (id=31):
r0 = syz_open_dev$cec(&(0x7f00000004c0), 0xffffffffffffffff, 0x0)
ioctl$IOC_PR_PREEMPT(r0, 0x40046109, &(0x7f0000000040)={0xf0, 0x40000})
ioctl$CEC_DQEVENT(r0, 0x40046109, &(0x7f0000000340))
0s ago: executing program 4 (id=32):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010726bd7000fcdbdf2567000000080001003300000008000300", @ANYRES32, @ANYBLOB="0800c300741300200800c4"], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x8000)
kernel console output (not intermixed with test programs):
Warning: Permanently added '10.128.0.121' (ED25519) to the list of known hosts.
[ 48.204811][ T29] audit: type=1400 audit(1736723747.422:88): avc: denied { mounton } for pid=5800 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[ 48.207902][ T5800] cgroup: Unknown subsys name 'net'
[ 48.227568][ T29] audit: type=1400 audit(1736723747.422:89): avc: denied { mount } for pid=5800 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 48.254972][ T29] audit: type=1400 audit(1736723747.452:90): avc: denied { unmount } for pid=5800 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 48.452923][ T5800] cgroup: Unknown subsys name 'cpuset'
[ 48.460538][ T5800] cgroup: Unknown subsys name 'rlimit'
[ 48.602282][ T29] audit: type=1400 audit(1736723747.822:91): avc: denied { setattr } for pid=5800 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 48.638773][ T29] audit: type=1400 audit(1736723747.822:92): avc: denied { create } for pid=5800 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 48.659337][ T29] audit: type=1400 audit(1736723747.822:93): avc: denied { write } for pid=5800 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 48.679781][ T29] audit: type=1400 audit(1736723747.822:94): avc: denied { read } for pid=5800 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 48.699256][ T5803] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped).
[ 48.700112][ T29] audit: type=1400 audit(1736723747.842:95): avc: denied { mounton } for pid=5800 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[ 48.734061][ T29] audit: type=1400 audit(1736723747.842:96): avc: denied { mount } for pid=5800 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[ 48.757633][ T29] audit: type=1400 audit(1736723747.842:97): avc: denied { read } for pid=5482 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[ 49.557122][ T5800] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 52.975677][ T5815] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 53.011655][ T5826] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 53.013211][ T5819] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 53.019292][ T5826] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 53.027276][ T5819] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 53.042218][ T5826] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 53.042245][ T5819] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 53.049681][ T5826] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 53.057284][ T5819] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 53.064519][ T5826] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 53.078381][ T5826] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 53.078779][ T5819] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 53.094193][ T5819] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 53.094396][ T5826] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 53.101388][ T5819] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 53.116699][ T5819] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 53.124187][ T5826] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 53.125013][ T5819] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 53.135309][ T5823] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 53.138474][ T5819] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 53.152172][ T5826] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 53.153208][ T5819] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 53.166193][ T5826] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 53.167400][ T5819] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 53.178359][ T5823] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 53.200871][ T5823] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 53.216100][ T54] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 53.231676][ T54] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 53.239969][ T54] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 53.247259][ T54] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 53.395778][ T29] kauditd_printk_skb: 12 callbacks suppressed
[ 53.395794][ T29] audit: type=1400 audit(1736723752.612:110): avc: denied { module_request } for pid=5811 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[ 53.483751][ T5810] chnl_net:caif_netlink_parms(): no params data found
[ 53.496094][ T5811] chnl_net:caif_netlink_parms(): no params data found
[ 53.513543][ T5824] chnl_net:caif_netlink_parms(): no params data found
[ 53.605151][ T5817] chnl_net:caif_netlink_parms(): no params data found
[ 53.656773][ T5811] bridge0: port 1(bridge_slave_0) entered blocking state
[ 53.664385][ T5811] bridge0: port 1(bridge_slave_0) entered disabled state
[ 53.672417][ T5811] bridge_slave_0: entered allmulticast mode
[ 53.678839][ T5811] bridge_slave_0: entered promiscuous mode
[ 53.686439][ T5810] bridge0: port 1(bridge_slave_0) entered blocking state
[ 53.693576][ T5810] bridge0: port 1(bridge_slave_0) entered disabled state
[ 53.700711][ T5810] bridge_slave_0: entered allmulticast mode
[ 53.707048][ T5810] bridge_slave_0: entered promiscuous mode
[ 53.715379][ T5810] bridge0: port 2(bridge_slave_1) entered blocking state
[ 53.722486][ T5810] bridge0: port 2(bridge_slave_1) entered disabled state
[ 53.729629][ T5810] bridge_slave_1: entered allmulticast mode
[ 53.739824][ T5810] bridge_slave_1: entered promiscuous mode
[ 53.761141][ T5811] bridge0: port 2(bridge_slave_1) entered blocking state
[ 53.768266][ T5811] bridge0: port 2(bridge_slave_1) entered disabled state
[ 53.775755][ T5811] bridge_slave_1: entered allmulticast mode
[ 53.782377][ T5811] bridge_slave_1: entered promiscuous mode
[ 53.829440][ T5810] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 53.841633][ T5810] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 53.851589][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state
[ 53.858633][ T5824] bridge0: port 1(bridge_slave_0) entered disabled state
[ 53.865881][ T5824] bridge_slave_0: entered allmulticast mode
[ 53.873076][ T5824] bridge_slave_0: entered promiscuous mode
[ 53.879787][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state
[ 53.886943][ T5824] bridge0: port 2(bridge_slave_1) entered disabled state
[ 53.894104][ T5824] bridge_slave_1: entered allmulticast mode
[ 53.900560][ T5824] bridge_slave_1: entered promiscuous mode
[ 53.916505][ T5828] chnl_net:caif_netlink_parms(): no params data found
[ 53.926307][ T5811] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 53.963232][ T5811] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 53.986295][ T5810] team0: Port device team_slave_0 added
[ 53.992838][ T5817] bridge0: port 1(bridge_slave_0) entered blocking state
[ 54.000551][ T5817] bridge0: port 1(bridge_slave_0) entered disabled state
[ 54.007746][ T5817] bridge_slave_0: entered allmulticast mode
[ 54.014514][ T5817] bridge_slave_0: entered promiscuous mode
[ 54.022032][ T5817] bridge0: port 2(bridge_slave_1) entered blocking state
[ 54.029079][ T5817] bridge0: port 2(bridge_slave_1) entered disabled state
[ 54.036269][ T5817] bridge_slave_1: entered allmulticast mode
[ 54.042838][ T5817] bridge_slave_1: entered promiscuous mode
[ 54.051997][ T5824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 54.071722][ T5810] team0: Port device team_slave_1 added
[ 54.087729][ T5824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 54.106824][ T5811] team0: Port device team_slave_0 added
[ 54.133118][ T5811] team0: Port device team_slave_1 added
[ 54.144739][ T5810] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 54.152173][ T5810] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 54.178395][ T5810] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 54.192023][ T5817] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 54.204003][ T5824] team0: Port device team_slave_0 added
[ 54.210766][ T5817] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 54.230420][ T5810] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 54.237367][ T5810] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 54.263454][ T5810] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 54.279626][ T5824] team0: Port device team_slave_1 added
[ 54.289489][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state
[ 54.296696][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state
[ 54.304197][ T5828] bridge_slave_0: entered allmulticast mode
[ 54.311189][ T5828] bridge_slave_0: entered promiscuous mode
[ 54.331261][ T5811] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 54.338201][ T5811] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 54.364346][ T5811] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 54.375370][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state
[ 54.383195][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state
[ 54.390894][ T5828] bridge_slave_1: entered allmulticast mode
[ 54.397398][ T5828] bridge_slave_1: entered promiscuous mode
[ 54.410149][ T5817] team0: Port device team_slave_0 added
[ 54.421802][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 54.428760][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 54.454979][ T5824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 54.466343][ T5811] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 54.473867][ T5811] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 54.500224][ T5811] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 54.529038][ T5817] team0: Port device team_slave_1 added
[ 54.535083][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 54.542230][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 54.568709][ T5824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 54.597071][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 54.625421][ T5810] hsr_slave_0: entered promiscuous mode
[ 54.635973][ T5810] hsr_slave_1: entered promiscuous mode
[ 54.643640][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 54.662646][ T5817] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 54.669589][ T5817] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 54.695747][ T5817] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 54.708560][ T5824] hsr_slave_0: entered promiscuous mode
[ 54.716277][ T5824] hsr_slave_1: entered promiscuous mode
[ 54.722354][ T5824] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 54.730178][ T5824] Cannot create hsr debugfs directory
[ 54.744843][ T5817] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 54.752031][ T5817] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 54.778018][ T5817] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 54.797119][ T5828] team0: Port device team_slave_0 added
[ 54.805080][ T5811] hsr_slave_0: entered promiscuous mode
[ 54.811812][ T5811] hsr_slave_1: entered promiscuous mode
[ 54.817615][ T5811] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 54.825221][ T5811] Cannot create hsr debugfs directory
[ 54.848607][ T5828] team0: Port device team_slave_1 added
[ 54.900661][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 54.907612][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 54.935998][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 54.964135][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 54.971375][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 54.997369][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 55.018299][ T5817] hsr_slave_0: entered promiscuous mode
[ 55.024755][ T5817] hsr_slave_1: entered promiscuous mode
[ 55.031372][ T5817] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 55.039270][ T5817] Cannot create hsr debugfs directory
[ 55.129652][ T5828] hsr_slave_0: entered promiscuous mode
[ 55.135751][ T5828] hsr_slave_1: entered promiscuous mode
[ 55.142975][ T5828] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 55.150955][ T5828] Cannot create hsr debugfs directory
[ 55.216120][ T5824] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 55.245151][ T5824] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 55.255569][ T5824] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 55.267700][ T5824] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 55.274936][ T5826] Bluetooth: hci0: command tx timeout
[ 55.275367][ T54] Bluetooth: hci2: command tx timeout
[ 55.280797][ T5826] Bluetooth: hci4: command tx timeout
[ 55.280921][ T5826] Bluetooth: hci1: command tx timeout
[ 55.286475][ T5823] Bluetooth: hci3: command tx timeout
[ 55.329900][ T5810] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 55.339462][ T5810] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 55.358729][ T5810] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 55.367964][ T5810] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 55.423038][ T5811] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 55.433524][ T5811] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 55.454616][ T5811] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 55.468102][ T5817] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 55.487978][ T5811] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 55.499199][ T5817] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 55.508194][ T5817] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 55.524360][ T5817] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 55.578631][ T5828] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 55.609532][ T5828] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 55.625788][ T5828] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 55.635117][ T5828] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 55.651433][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0
[ 55.673374][ T5810] 8021q: adding VLAN 0 to HW filter on device bond0
[ 55.721621][ T5810] 8021q: adding VLAN 0 to HW filter on device team0
[ 55.729183][ T5824] 8021q: adding VLAN 0 to HW filter on device team0
[ 55.739836][ T35] bridge0: port 1(bridge_slave_0) entered blocking state
[ 55.747090][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 55.764313][ T5811] 8021q: adding VLAN 0 to HW filter on device bond0
[ 55.784192][ T35] bridge0: port 2(bridge_slave_1) entered blocking state
[ 55.791289][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 55.804512][ T5811] 8021q: adding VLAN 0 to HW filter on device team0
[ 55.817880][ T35] bridge0: port 1(bridge_slave_0) entered blocking state
[ 55.824961][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 55.835510][ T35] bridge0: port 1(bridge_slave_0) entered blocking state
[ 55.842566][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 55.853212][ T81] bridge0: port 2(bridge_slave_1) entered blocking state
[ 55.860818][ T81] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 55.892179][ T53] bridge0: port 2(bridge_slave_1) entered blocking state
[ 55.899244][ T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 55.917866][ T5817] 8021q: adding VLAN 0 to HW filter on device bond0
[ 55.949659][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0
[ 55.967338][ T5817] 8021q: adding VLAN 0 to HW filter on device team0
[ 55.968936][ T29] audit: type=1400 audit(1736723755.182:111): avc: denied { sys_module } for pid=5824 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 55.985453][ T5828] 8021q: adding VLAN 0 to HW filter on device team0
[ 56.025587][ T35] bridge0: port 1(bridge_slave_0) entered blocking state
[ 56.032724][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 56.062148][ T35] bridge0: port 2(bridge_slave_1) entered blocking state
[ 56.069260][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 56.079371][ T35] bridge0: port 1(bridge_slave_0) entered blocking state
[ 56.086494][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 56.097234][ T35] bridge0: port 2(bridge_slave_1) entered blocking state
[ 56.104799][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 56.158668][ T5828] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 56.181138][ T5828] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 56.270180][ T5817] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 56.300391][ T5817] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 56.322966][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 56.365585][ T5811] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 56.383602][ T5810] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 56.448971][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 56.461791][ T5811] veth0_vlan: entered promiscuous mode
[ 56.501223][ T5810] veth0_vlan: entered promiscuous mode
[ 56.514653][ T5811] veth1_vlan: entered promiscuous mode
[ 56.576083][ T5811] veth0_macvtap: entered promiscuous mode
[ 56.592410][ T5828] veth0_vlan: entered promiscuous mode
[ 56.599629][ T5810] veth1_vlan: entered promiscuous mode
[ 56.609876][ T5811] veth1_macvtap: entered promiscuous mode
[ 56.628630][ T5828] veth1_vlan: entered promiscuous mode
[ 56.658605][ T5811] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 56.676140][ T5811] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 56.690450][ T5817] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 56.717840][ T5811] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 56.727031][ T5811] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 56.736517][ T5811] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 56.745484][ T5811] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 56.755773][ T5810] veth0_macvtap: entered promiscuous mode
[ 56.763766][ T5824] veth0_vlan: entered promiscuous mode
[ 56.769588][ T5810] veth1_macvtap: entered promiscuous mode
[ 56.808938][ T5828] veth0_macvtap: entered promiscuous mode
[ 56.816124][ T5810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 56.826875][ T5810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 56.837641][ T5810] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 56.846149][ T5824] veth1_vlan: entered promiscuous mode
[ 56.864434][ T5828] veth1_macvtap: entered promiscuous mode
[ 56.877074][ T5810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 56.889391][ T5810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 56.901273][ T5810] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 56.927327][ T5817] veth0_vlan: entered promiscuous mode
[ 56.947602][ T5810] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 56.956931][ T5810] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 56.966928][ T5810] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 56.975888][ T5810] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 56.995395][ T5817] veth1_vlan: entered promiscuous mode
[ 57.003654][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 57.014979][ T81] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 57.022073][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 57.030259][ T81] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 57.038715][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 57.051142][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 57.061756][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 57.074997][ T5824] veth0_macvtap: entered promiscuous mode
[ 57.083141][ T5824] veth1_macvtap: entered promiscuous mode
[ 57.089502][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 57.100545][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 57.110694][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 57.121417][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 57.132137][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 57.157580][ T5828] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 57.166940][ T5828] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 57.177367][ T5828] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 57.186397][ T5828] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 57.213894][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 57.214808][ T5824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 57.226730][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 57.235464][ T5824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 57.250080][ T5824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 57.260989][ T5824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 57.271282][ T5824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 57.282925][ T5824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 57.294294][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 57.303758][ T5824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 57.314319][ T5824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 57.324539][ T5824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 57.335308][ T5824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 57.345253][ T5824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 57.355883][ T54] Bluetooth: hci4: command tx timeout
[ 57.355946][ T5823] Bluetooth: hci1: command tx timeout
[ 57.360563][ T54] Bluetooth: hci2: command tx timeout
[ 57.361497][ T5824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 57.366672][ T54] Bluetooth: hci0: command tx timeout
[ 57.372185][ T5823] Bluetooth: hci3: command tx timeout
[ 57.383598][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 57.428066][ T5817] veth0_macvtap: entered promiscuous mode
[ 57.437951][ T29] audit: type=1400 audit(1736723756.652:112): avc: denied { mounton } for pid=5811 comm="syz-executor" path="/root/syzkaller.FDkkTd/syz-tmp" dev="sda1" ino=1944 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[ 57.450778][ T5824] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 57.466026][ T29] audit: type=1400 audit(1736723756.652:113): avc: denied { mount } for pid=5811 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 57.480690][ T5824] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 57.497401][ T29] audit: type=1400 audit(1736723756.652:114): avc: denied { mounton } for pid=5811 comm="syz-executor" path="/root/syzkaller.FDkkTd/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 57.502278][ T5824] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 57.536841][ T5824] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 57.540607][ T29] audit: type=1400 audit(1736723756.662:115): avc: denied { mount } for pid=5811 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[ 57.574094][ T29] audit: type=1400 audit(1736723756.662:116): avc: denied { mounton } for pid=5811 comm="syz-executor" path="/root/syzkaller.FDkkTd/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[ 57.575228][ T5811] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 57.609370][ T29] audit: type=1400 audit(1736723756.662:117): avc: denied { mounton } for pid=5811 comm="syz-executor" path="/root/syzkaller.FDkkTd/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=7400 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[ 57.645836][ T81] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 57.646308][ T5817] veth1_macvtap: entered promiscuous mode
[ 57.656983][ T81] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 57.668631][ T29] audit: type=1400 audit(1736723756.662:118): avc: denied { unmount } for pid=5811 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 57.692805][ T29] audit: type=1400 audit(1736723756.692:119): avc: denied { mounton } for pid=5811 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=2724 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[ 57.746031][ T5817] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 57.764604][ T5817] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 57.774516][ T5817] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 57.785164][ T5817] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 57.795177][ T5817] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 57.805823][ T5817] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 57.815796][ T5817] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 57.826463][ T5817] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 57.838154][ T5817] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 57.847758][ T5817] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 57.858308][ T5817] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 57.868280][ T5817] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 57.878983][ T5817] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 57.888919][ T5817] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 57.899358][ T5817] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 57.909231][ T5817] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 57.919790][ T5817] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 57.930660][ T5817] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 57.946156][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 57.958936][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 57.969486][ T5817] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 57.980593][ T5817] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 58.003458][ T5817] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 58.012470][ T5817] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 58.077861][ T3497] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 58.088310][ T3497] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 58.105205][ T3497] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 58.131622][ T3497] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 58.208604][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 58.219098][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 58.261587][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 58.270268][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 58.279044][ T81] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 58.292099][ T81] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 58.400816][ T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 58.421538][ T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 58.456790][ T51] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[ 58.507313][ T5912] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.3'.
[ 58.518061][ T29] kauditd_printk_skb: 10 callbacks suppressed
[ 58.518075][ T29] audit: type=1400 audit(1736723757.732:130): avc: denied { create } for pid=5910 comm="syz.4.5" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[ 58.560448][ T5909] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.3'.
[ 58.591943][ T29] audit: type=1400 audit(1736723757.772:131): avc: denied { accept } for pid=5910 comm="syz.4.5" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[ 58.618924][ T29] audit: type=1400 audit(1736723757.792:132): avc: denied { create } for pid=5913 comm="syz.3.10" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 58.645347][ T29] audit: type=1400 audit(1736723757.802:133): avc: denied { write } for pid=5913 comm="syz.3.10" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 58.659836][ T51] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 58.666243][ T29] audit: type=1400 audit(1736723757.802:134): avc: denied { create } for pid=5914 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 58.677627][ T51] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 58.708236][ T51] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 58.719512][ T51] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 58.732480][ T51] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 58.741601][ T51] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 58.766488][ T29] audit: type=1400 audit(1736723757.812:135): avc: denied { prog_load } for pid=5914 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 58.798509][ T51] usb 2-1: config 0 descriptor??
[ 58.809704][ T29] audit: type=1400 audit(1736723757.812:136): avc: denied { bpf } for pid=5914 comm="syz.0.1" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 58.810159][ T5902] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 58.830774][ T29] audit: type=1400 audit(1736723757.812:137): avc: denied { perfmon } for pid=5914 comm="syz.0.1" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 58.977288][ T29] audit: type=1400 audit(1736723757.812:138): avc: denied { prog_run } for pid=5914 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 59.144718][ T29] audit: type=1400 audit(1736723758.362:139): avc: denied { create } for pid=5928 comm="syz.3.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[ 59.326398][ T51] plantronics 0003:047F:FFFF.0001: unknown main item tag 0xd
[ 59.337516][ T51] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving
[ 59.376870][ T51] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[ 59.430261][ T5823] Bluetooth: hci3: command tx timeout
[ 59.435762][ T5823] Bluetooth: hci2: command tx timeout
[ 59.441684][ T5823] Bluetooth: hci0: command tx timeout
[ 59.447093][ T5823] Bluetooth: hci4: command tx timeout
[ 59.610262][ T5813] usb 2-1: USB disconnect, device number 2
[ 59.879733][ T5958] Bluetooth: MGMT ver 1.23
[ 60.050067][ T5964] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 60.057573][ T5964] IPv6: NLM_F_CREATE should be set when creating new route
[ 60.064822][ T5964] IPv6: NLM_F_CREATE should be set when creating new route
[ 60.119895][ T5935] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 60.126156][ T5936] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 60.133109][ T5935] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[ 60.133213][ T5936] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 60.182236][ T5823] ==================================================================
[ 60.190328][ T5823] BUG: KASAN: slab-use-after-free in mgmt_remove_adv_monitor_sync+0xe2/0xf0
[ 60.199000][ T5823] Read of size 8 at addr ffff8880286a4798 by task kworker/u9:5/5823
[ 60.206956][ T5823]
[ 60.209259][ T5823] CPU: 0 UID: 0 PID: 5823 Comm: kworker/u9:5 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[ 60.220083][ T5823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 60.230119][ T5823] Workqueue: hci0 hci_cmd_sync_work
[ 60.235304][ T5823] Call Trace:
[ 60.238650][ T5823]
[ 60.241564][ T5823] dump_stack_lvl+0x116/0x1f0
[ 60.246231][ T5823] print_report+0xc3/0x620
[ 60.250634][ T5823] ? __virt_addr_valid+0x5e/0x590
[ 60.255647][ T5823] ? __phys_addr+0xc6/0x150
[ 60.260149][ T5823] kasan_report+0xd9/0x110
[ 60.264548][ T5823] ? mgmt_remove_adv_monitor_sync+0xe2/0xf0
[ 60.270438][ T5823] ? mgmt_remove_adv_monitor_sync+0xe2/0xf0
[ 60.276312][ T5823] mgmt_remove_adv_monitor_sync+0xe2/0xf0
[ 60.282013][ T5823] hci_cmd_sync_work+0x1a4/0x410
[ 60.286932][ T5823] process_one_work+0x9c5/0x1ba0
[ 60.291872][ T5823] ? __pfx_lock_acquire.part.0+0x10/0x10
[ 60.297491][ T5823] ? __pfx_process_one_work+0x10/0x10
[ 60.302845][ T5823] ? rcu_is_watching+0x12/0xc0
[ 60.307599][ T5823] ? assign_work+0x1a0/0x250
[ 60.312184][ T5823] worker_thread+0x6c8/0xf00
[ 60.316765][ T5823] ? __pfx_worker_thread+0x10/0x10
[ 60.321869][ T5823] kthread+0x2c1/0x3a0
[ 60.325922][ T5823] ? _raw_spin_unlock_irq+0x23/0x50
[ 60.331107][ T5823] ? __pfx_kthread+0x10/0x10
[ 60.335683][ T5823] ret_from_fork+0x45/0x80
[ 60.340095][ T5823] ? __pfx_kthread+0x10/0x10
[ 60.344671][ T5823] ret_from_fork_asm+0x1a/0x30
[ 60.349426][ T5823]
[ 60.352425][ T5823]
[ 60.354728][ T5823] Allocated by task 5958:
[ 60.359051][ T5823] kasan_save_stack+0x33/0x60
[ 60.363741][ T5823] kasan_save_track+0x14/0x30
[ 60.368409][ T5823] __kasan_kmalloc+0xaa/0xb0
[ 60.372981][ T5823] mgmt_pending_new+0x5b/0x290
[ 60.377732][ T5823] mgmt_pending_add+0x36/0x160
[ 60.382493][ T5823] remove_adv_monitor+0x124/0x1b0
[ 60.387505][ T5823] hci_sock_sendmsg+0x1528/0x25e0
[ 60.392520][ T5823] sock_write_iter+0x4fe/0x5b0
[ 60.397295][ T5823] vfs_write+0x5ae/0x1150
[ 60.401606][ T5823] ksys_write+0x207/0x250
[ 60.405914][ T5823] do_syscall_64+0xcd/0x250
[ 60.410403][ T5823] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 60.416283][ T5823]
[ 60.418587][ T5823] Freed by task 5935:
[ 60.422546][ T5823] kasan_save_stack+0x33/0x60
[ 60.427203][ T5823] kasan_save_track+0x14/0x30
[ 60.431870][ T5823] kasan_save_free_info+0x3b/0x60
[ 60.436882][ T5823] __kasan_slab_free+0x51/0x70
[ 60.441626][ T5823] kfree+0x14f/0x4b0
[ 60.445501][ T5823] cmd_complete_rsp+0x16d/0x1e0
[ 60.450335][ T5823] mgmt_pending_foreach+0xdf/0x140
[ 60.455431][ T5823] __mgmt_power_off+0x12a/0x2c0
[ 60.460269][ T5823] hci_dev_close_sync+0xcbb/0x11a0
[ 60.465377][ T5823] hci_dev_do_close+0x2e/0x90
[ 60.470039][ T5823] hci_rfkill_set_block+0x225/0x360
[ 60.475221][ T5823] rfkill_set_block+0x203/0x560
[ 60.480057][ T5823] rfkill_fop_write+0x2ce/0x570
[ 60.484892][ T5823] vfs_write+0x24c/0x1150
[ 60.489199][ T5823] ksys_write+0x207/0x250
[ 60.493508][ T5823] do_syscall_64+0xcd/0x250
[ 60.497997][ T5823] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 60.503878][ T5823]
[ 60.506182][ T5823] The buggy address belongs to the object at ffff8880286a4780
[ 60.506182][ T5823] which belongs to the cache kmalloc-96 of size 96
[ 60.520040][ T5823] The buggy address is located 24 bytes inside of
[ 60.520040][ T5823] freed 96-byte region [ffff8880286a4780, ffff8880286a47e0)
[ 60.533639][ T5823]
[ 60.535941][ T5823] The buggy address belongs to the physical page:
[ 60.542328][ T5823] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x286a4
[ 60.551080][ T5823] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 60.558166][ T5823] page_type: f5(slab)
[ 60.562127][ T5823] raw: 00fff00000000000 ffff88801b041280 dead000000000122 0000000000000000
[ 60.570688][ T5823] raw: 0000000000000000 0000000000200020 00000001f5000000 0000000000000000
[ 60.579245][ T5823] page dumped because: kasan: bad access detected
[ 60.585630][ T5823] page_owner tracks the page as allocated
[ 60.591320][ T5823] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 35, tgid 35 (kworker/u8:2), ts 59839248911, free_ts 59820554048
[ 60.610226][ T5823] post_alloc_hook+0x2d1/0x350
[ 60.614988][ T5823] get_page_from_freelist+0xfce/0x2f80
[ 60.620441][ T5823] __alloc_pages_noprof+0x223/0x25b0
[ 60.625722][ T5823] alloc_pages_mpol_noprof+0x2c9/0x610
[ 60.631174][ T5823] new_slab+0x2c9/0x410
[ 60.635311][ T5823] ___slab_alloc+0xd7d/0x17a0
[ 60.639973][ T5823] __slab_alloc.constprop.0+0x56/0xb0
[ 60.645333][ T5823] __kmalloc_cache_noprof+0xfa/0x410
[ 60.650611][ T5823] nsim_fib_event_nb+0x1b6/0xec0
[ 60.655538][ T5823] notifier_call_chain+0xb7/0x410
[ 60.660549][ T5823] atomic_notifier_call_chain+0x71/0x1c0
[ 60.666170][ T5823] call_fib_notifiers+0x33/0x70
[ 60.671013][ T5823] fib6_add+0x25ee/0x4b20
[ 60.675323][ T5823] ip6_ins_rt+0xb6/0x110
[ 60.679549][ T5823] __ipv6_ifa_notify+0xafc/0xe20
[ 60.684473][ T5823] addrconf_dad_completed+0x19d/0x1060
[ 60.689919][ T5823] page last free pid 16 tgid 16 stack trace:
[ 60.695880][ T5823] free_unref_page+0x661/0x1080
[ 60.700712][ T5823] rcu_core+0x79d/0x14d0
[ 60.704941][ T5823] handle_softirqs+0x213/0x8f0
[ 60.709686][ T5823] run_ksoftirqd+0x3a/0x60
[ 60.714083][ T5823] smpboot_thread_fn+0x661/0xa30
[ 60.719005][ T5823] kthread+0x2c1/0x3a0
[ 60.723058][ T5823] ret_from_fork+0x45/0x80
[ 60.727461][ T5823] ret_from_fork_asm+0x1a/0x30
[ 60.732216][ T5823]
[ 60.734522][ T5823] Memory state around the buggy address:
[ 60.740131][ T5823] ffff8880286a4680: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[ 60.748171][ T5823] ffff8880286a4700: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[ 60.756209][ T5823] >ffff8880286a4780: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 60.764244][ T5823] ^
[ 60.769070][ T5823] ffff8880286a4800: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 60.777110][ T5823] ffff8880286a4880: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc
[ 60.785149][ T5823] ==================================================================
[ 60.796609][ T5823] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 60.803822][ T5823] CPU: 0 UID: 0 PID: 5823 Comm: kworker/u9:5 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[ 60.814678][ T5823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 60.824743][ T5823] Workqueue: hci0 hci_cmd_sync_work
[ 60.829949][ T5823] Call Trace:
[ 60.833229][ T5823]
[ 60.836161][ T5823] dump_stack_lvl+0x3d/0x1f0
[ 60.840768][ T5823] panic+0x71d/0x800
[ 60.844669][ T5823] ? __pfx_panic+0x10/0x10
[ 60.849097][ T5823] ? irqentry_exit+0x3b/0x90
[ 60.853697][ T5823] ? lockdep_hardirqs_on+0x7c/0x110
[ 60.858912][ T5823] ? preempt_schedule_thunk+0x1a/0x30
[ 60.864300][ T5823] ? preempt_schedule_common+0x44/0xc0
[ 60.869767][ T5823] ? check_panic_on_warn+0x1f/0xb0
[ 60.874911][ T5823] check_panic_on_warn+0xab/0xb0
[ 60.879860][ T5823] end_report+0x117/0x180
[ 60.884200][ T5823] kasan_report+0xe9/0x110
[ 60.888623][ T5823] ? mgmt_remove_adv_monitor_sync+0xe2/0xf0
[ 60.894506][ T5823] ? mgmt_remove_adv_monitor_sync+0xe2/0xf0
[ 60.900398][ T5823] mgmt_remove_adv_monitor_sync+0xe2/0xf0
[ 60.906102][ T5823] hci_cmd_sync_work+0x1a4/0x410
[ 60.911022][ T5823] process_one_work+0x9c5/0x1ba0
[ 60.915964][ T5823] ? __pfx_lock_acquire.part.0+0x10/0x10
[ 60.921579][ T5823] ? __pfx_process_one_work+0x10/0x10
[ 60.926932][ T5823] ? rcu_is_watching+0x12/0xc0
[ 60.931686][ T5823] ? assign_work+0x1a0/0x250
[ 60.936256][ T5823] worker_thread+0x6c8/0xf00
[ 60.940830][ T5823] ? __pfx_worker_thread+0x10/0x10
[ 60.945923][ T5823] kthread+0x2c1/0x3a0
[ 60.949974][ T5823] ? _raw_spin_unlock_irq+0x23/0x50
[ 60.955152][ T5823] ? __pfx_kthread+0x10/0x10
[ 60.959728][ T5823] ret_from_fork+0x45/0x80
[ 60.964125][ T5823] ? __pfx_kthread+0x10/0x10
[ 60.968699][ T5823] ret_from_fork_asm+0x1a/0x30
[ 60.973453][ T5823]
[ 60.976641][ T5823] Kernel Offset: disabled
[ 60.980939][ T5823] Rebooting in 86400 seconds..