Warning: Permanently added '10.128.10.7' (ED25519) to the list of known hosts. 2024/04/08 12:28:00 fuzzer started 2024/04/08 12:28:00 dialing manager at 10.128.0.169:30001 [ 68.528408][ T5071] cgroup: Unknown subsys name 'net' [ 68.653831][ T5071] cgroup: Unknown subsys name 'rlimit' 2024/04/08 12:28:02 syscalls: 3744 2024/04/08 12:28:02 code coverage: enabled 2024/04/08 12:28:02 comparison tracing: enabled 2024/04/08 12:28:02 extra coverage: enabled 2024/04/08 12:28:02 delay kcov mmap: enabled 2024/04/08 12:28:02 setuid sandbox: enabled 2024/04/08 12:28:02 namespace sandbox: enabled 2024/04/08 12:28:02 Android sandbox: /sys/fs/selinux/policy does not exist 2024/04/08 12:28:02 fault injection: enabled 2024/04/08 12:28:02 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2024/04/08 12:28:02 net packet injection: enabled 2024/04/08 12:28:02 net device setup: enabled 2024/04/08 12:28:02 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2024/04/08 12:28:02 devlink PCI setup: PCI device 0000:00:10.0 is not available 2024/04/08 12:28:02 NIC VF setup: PCI device 0000:00:11.0 is not available 2024/04/08 12:28:02 USB emulation: enabled 2024/04/08 12:28:02 hci packet injection: enabled 2024/04/08 12:28:02 wifi device emulation: enabled 2024/04/08 12:28:02 802.15.4 emulation: enabled 2024/04/08 12:28:02 swap file: enabled [ 70.267060][ T5071] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k 2024/04/08 12:28:02 starting 6 executor processes [ 70.959016][ T1240] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.965614][ T1240] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.396099][ T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 71.413796][ T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 71.433215][ T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 71.443448][ T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 71.453081][ T52] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 71.460428][ T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 71.561370][ T4466] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 71.570017][ T4466] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 71.610504][ T5088] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 71.619027][ T5095] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 71.627385][ T5095] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 71.635726][ T5095] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 71.637476][ T5099] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 71.643951][ T5095] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 71.658036][ T5095] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 71.659336][ T5099] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 71.665592][ T5095] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 71.674220][ T5099] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 71.693136][ T5097] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 71.702337][ T5097] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 71.709603][ T5099] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 71.717966][ T5099] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 71.725558][ T5099] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 71.733401][ T5099] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 71.745121][ T5099] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 71.754387][ T52] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 71.762597][ T52] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 71.772112][ T4466] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 71.779876][ T4466] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 71.788449][ T4466] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 71.879130][ T52] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 71.887444][ T52] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 71.895245][ T52] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 71.914509][ T52] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 71.922466][ T52] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 71.930290][ T52] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 72.009478][ T5086] chnl_net:caif_netlink_parms(): no params data found [ 72.295947][ T5086] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.303842][ T5086] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.311205][ T5086] bridge_slave_0: entered allmulticast mode [ 72.318889][ T5086] bridge_slave_0: entered promiscuous mode [ 72.332031][ T5086] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.339473][ T5086] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.346930][ T5086] bridge_slave_1: entered allmulticast mode [ 72.354587][ T5086] bridge_slave_1: entered promiscuous mode [ 72.457980][ T5086] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 72.478468][ T5086] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.562448][ T5086] team0: Port device team_slave_0 added [ 72.620036][ T5086] team0: Port device team_slave_1 added [ 72.706781][ T5086] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.713981][ T5086] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.739954][ T5086] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.818562][ T5086] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.825650][ T5086] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.852197][ T5086] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.928167][ T5105] chnl_net:caif_netlink_parms(): no params data found [ 73.038194][ T5086] hsr_slave_0: entered promiscuous mode [ 73.045347][ T5086] hsr_slave_1: entered promiscuous mode [ 73.163451][ T5090] chnl_net:caif_netlink_parms(): no params data found [ 73.177380][ T5094] chnl_net:caif_netlink_parms(): no params data found [ 73.227857][ T5092] chnl_net:caif_netlink_parms(): no params data found [ 73.282512][ T5105] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.289909][ T5105] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.297399][ T5105] bridge_slave_0: entered allmulticast mode [ 73.305096][ T5105] bridge_slave_0: entered promiscuous mode [ 73.385634][ T5105] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.392968][ T5105] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.400275][ T5105] bridge_slave_1: entered allmulticast mode [ 73.408072][ T5105] bridge_slave_1: entered promiscuous mode [ 73.415215][ T5098] chnl_net:caif_netlink_parms(): no params data found [ 73.515049][ T52] Bluetooth: hci0: command tx timeout [ 73.553016][ T5105] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 73.619515][ T5105] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 73.759593][ T5094] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.766957][ T5094] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.774749][ T5094] bridge_slave_0: entered allmulticast mode [ 73.782133][ T5094] bridge_slave_0: entered promiscuous mode [ 73.791962][ T5094] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.799188][ T5094] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.806473][ T5094] bridge_slave_1: entered allmulticast mode [ 73.814046][ T5094] bridge_slave_1: entered promiscuous mode [ 73.821147][ T5090] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.829409][ T5090] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.837102][ T52] Bluetooth: hci4: command tx timeout [ 73.837128][ T4466] Bluetooth: hci3: command tx timeout [ 73.837314][ T4466] Bluetooth: hci2: command tx timeout [ 73.842733][ T52] Bluetooth: hci1: command tx timeout [ 73.859769][ T5090] bridge_slave_0: entered allmulticast mode [ 73.867382][ T5090] bridge_slave_0: entered promiscuous mode [ 73.879108][ T5105] team0: Port device team_slave_0 added [ 73.886901][ T5090] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.896622][ T5090] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.907007][ T5090] bridge_slave_1: entered allmulticast mode [ 73.914932][ T5090] bridge_slave_1: entered promiscuous mode [ 73.942037][ T5092] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.949497][ T5092] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.957309][ T5092] bridge_slave_0: entered allmulticast mode [ 73.964581][ T5092] bridge_slave_0: entered promiscuous mode [ 73.993105][ T52] Bluetooth: hci5: command tx timeout [ 73.994736][ T5105] team0: Port device team_slave_1 added [ 74.059989][ T5098] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.067272][ T5098] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.075132][ T5098] bridge_slave_0: entered allmulticast mode [ 74.082548][ T5098] bridge_slave_0: entered promiscuous mode [ 74.090873][ T5092] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.098265][ T5092] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.105592][ T5092] bridge_slave_1: entered allmulticast mode [ 74.112735][ T5092] bridge_slave_1: entered promiscuous mode [ 74.152531][ T5094] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.198169][ T5090] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.219903][ T5098] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.227544][ T5098] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.235098][ T5098] bridge_slave_1: entered allmulticast mode [ 74.242347][ T5098] bridge_slave_1: entered promiscuous mode [ 74.282371][ T5092] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.294733][ T5094] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.331194][ T5090] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.380395][ T5092] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.419870][ T5105] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.428814][ T5105] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.460348][ T5105] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.505126][ T5098] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.542684][ T5105] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.549932][ T5105] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.576310][ T5105] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.599898][ T5090] team0: Port device team_slave_0 added [ 74.608925][ T5098] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.638395][ T5092] team0: Port device team_slave_0 added [ 74.647995][ T5092] team0: Port device team_slave_1 added [ 74.662430][ T5094] team0: Port device team_slave_0 added [ 74.674690][ T5094] team0: Port device team_slave_1 added [ 74.699658][ T5090] team0: Port device team_slave_1 added [ 74.823163][ T5098] team0: Port device team_slave_0 added [ 74.831111][ T5092] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.840030][ T5092] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.866275][ T5092] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.881124][ T5092] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.888363][ T5092] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.914583][ T5092] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.933706][ T5094] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.940678][ T5094] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.966793][ T5094] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.992729][ T5090] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.999889][ T5090] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.026055][ T5090] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 75.040605][ T5098] team0: Port device team_slave_1 added [ 75.076972][ T5094] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 75.084438][ T5094] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.110657][ T5094] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 75.127942][ T5105] hsr_slave_0: entered promiscuous mode [ 75.134617][ T5105] hsr_slave_1: entered promiscuous mode [ 75.140886][ T5105] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 75.148802][ T5105] Cannot create hsr debugfs directory [ 75.171618][ T5090] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 75.182891][ T5090] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.210105][ T5090] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 75.239251][ T5098] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 75.246389][ T5098] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.272500][ T5098] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 75.381678][ T5098] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 75.388766][ T5098] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.415254][ T5098] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 75.427118][ T5086] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 75.493832][ T5092] hsr_slave_0: entered promiscuous mode [ 75.500619][ T5092] hsr_slave_1: entered promiscuous mode [ 75.507434][ T5092] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 75.515765][ T5092] Cannot create hsr debugfs directory [ 75.527563][ T5086] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 75.545559][ T5094] hsr_slave_0: entered promiscuous mode [ 75.552143][ T5094] hsr_slave_1: entered promiscuous mode [ 75.558685][ T5094] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 75.566411][ T5094] Cannot create hsr debugfs directory [ 75.593051][ T52] Bluetooth: hci0: command tx timeout [ 75.610372][ T5086] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 75.680920][ T5086] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 75.723692][ T5090] hsr_slave_0: entered promiscuous mode [ 75.730127][ T5090] hsr_slave_1: entered promiscuous mode [ 75.742732][ T5090] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 75.750341][ T5090] Cannot create hsr debugfs directory [ 75.794328][ T5098] hsr_slave_0: entered promiscuous mode [ 75.800825][ T5098] hsr_slave_1: entered promiscuous mode [ 75.807536][ T5098] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 75.815194][ T5098] Cannot create hsr debugfs directory [ 75.913034][ T52] Bluetooth: hci1: command tx timeout [ 75.913872][ T4466] Bluetooth: hci2: command tx timeout [ 75.918460][ T52] Bluetooth: hci3: command tx timeout [ 75.924120][ T5095] Bluetooth: hci4: command tx timeout [ 76.073727][ T52] Bluetooth: hci5: command tx timeout [ 76.366444][ T5105] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 76.383802][ T5105] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 76.420332][ T5105] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 76.448830][ T5105] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 76.520512][ T5094] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 76.538904][ T5094] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 76.565626][ T5094] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 76.577575][ T5094] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 76.650050][ T5090] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 76.685203][ T5090] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 76.698017][ T5090] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 76.710670][ T5090] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 76.732026][ T5086] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.790053][ T5086] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.871916][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.879470][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.972221][ T5144] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.979481][ T5144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.996464][ T5092] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 77.016476][ T5092] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 77.084412][ T5092] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 77.108793][ T5092] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 77.261562][ T5098] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 77.310000][ T5098] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 77.324406][ T5098] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 77.350095][ T5105] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.375867][ T5098] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 77.405312][ T5094] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.503946][ T5094] 8021q: adding VLAN 0 to HW filter on device team0 [ 77.530037][ T5105] 8021q: adding VLAN 0 to HW filter on device team0 [ 77.567445][ T5142] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.574596][ T5142] bridge0: port 1(bridge_slave_0) entered forwarding state [ 77.627010][ T24] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.634210][ T24] bridge0: port 1(bridge_slave_0) entered forwarding state [ 77.647632][ T24] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.654778][ T24] bridge0: port 2(bridge_slave_1) entered forwarding state [ 77.673575][ T52] Bluetooth: hci0: command tx timeout [ 77.714187][ T5090] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.731484][ T24] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.738670][ T24] bridge0: port 2(bridge_slave_1) entered forwarding state [ 77.935569][ T5090] 8021q: adding VLAN 0 to HW filter on device team0 [ 77.995222][ T4466] Bluetooth: hci4: command tx timeout [ 78.000808][ T5088] Bluetooth: hci1: command tx timeout [ 78.009847][ T5088] Bluetooth: hci3: command tx timeout [ 78.015963][ T52] Bluetooth: hci2: command tx timeout [ 78.020728][ T5092] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.059875][ T5146] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.067087][ T5146] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.119995][ T5146] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.127862][ T5146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.153245][ T52] Bluetooth: hci5: command tx timeout [ 78.189568][ T5092] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.258098][ T5086] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.286938][ T5146] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.294164][ T5146] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.349477][ T5098] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.401070][ T5146] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.408313][ T5146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.530006][ T5098] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.595824][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.603045][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.617028][ T5105] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.667360][ T5094] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.702501][ T5146] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.709799][ T5146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.776042][ T5086] veth0_vlan: entered promiscuous mode [ 78.791571][ T5092] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 78.984460][ T5086] veth1_vlan: entered promiscuous mode [ 79.085070][ T5105] veth0_vlan: entered promiscuous mode [ 79.177633][ T5086] veth0_macvtap: entered promiscuous mode [ 79.272038][ T5105] veth1_vlan: entered promiscuous mode [ 79.288305][ T5086] veth1_macvtap: entered promiscuous mode [ 79.308661][ T5090] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 79.381274][ T5086] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 79.416764][ T5086] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 79.465608][ T5086] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.478694][ T5086] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.487854][ T5086] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.497335][ T5086] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.552180][ T5094] veth0_vlan: entered promiscuous mode [ 79.580582][ T5092] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 79.606176][ T5105] veth0_macvtap: entered promiscuous mode [ 79.625775][ T5098] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 79.656471][ T5105] veth1_macvtap: entered promiscuous mode [ 79.699440][ T5094] veth1_vlan: entered promiscuous mode [ 79.754463][ T52] Bluetooth: hci0: command tx timeout [ 79.811936][ T5090] veth0_vlan: entered promiscuous mode [ 79.881573][ T5105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 79.893776][ T5105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.907352][ T5105] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 79.919562][ T2786] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.949112][ T2786] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.961408][ T5090] veth1_vlan: entered promiscuous mode [ 79.987754][ T5105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 79.999420][ T5105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.012204][ T5105] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.031267][ T5094] veth0_macvtap: entered promiscuous mode [ 80.083976][ T52] Bluetooth: hci2: command tx timeout [ 80.089449][ T4466] Bluetooth: hci4: command tx timeout [ 80.095281][ T5088] Bluetooth: hci3: command tx timeout [ 80.100711][ T5088] Bluetooth: hci1: command tx timeout [ 80.113534][ T5105] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.122270][ T5105] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.131763][ T5105] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.140542][ T5105] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.163530][ T5092] veth0_vlan: entered promiscuous mode [ 80.177239][ T739] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.191885][ T5092] veth1_vlan: entered promiscuous mode [ 80.197541][ T739] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.201451][ T5094] veth1_macvtap: entered promiscuous mode [ 80.233707][ T5088] Bluetooth: hci5: command tx timeout [ 80.283187][ T5090] veth0_macvtap: entered promiscuous mode 12:28:12 executing program 1: mlockall(0x1) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) setpgid(0x0, 0x0) [ 80.324551][ T5090] veth1_macvtap: entered promiscuous mode [ 80.351831][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.363743][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.376529][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.390652][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.407110][ T5094] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.447163][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.465522][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.485528][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.499956][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.512234][ T5094] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.522429][ T5092] veth0_macvtap: entered promiscuous mode [ 80.568328][ T5092] veth1_macvtap: entered promiscuous mode [ 80.579242][ T5094] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.592907][ T5094] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.601627][ T5094] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.615039][ T5094] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.629585][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.644406][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.654696][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.665531][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.675665][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.686507][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.698749][ T5090] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.790984][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.802154][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.812654][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.823541][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.837139][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.847946][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.862040][ T5090] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.941011][ T5098] veth0_vlan: entered promiscuous mode [ 80.970876][ T2777] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.977587][ T5090] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.990302][ T2777] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.002910][ T5090] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.011640][ T5090] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.038682][ T5090] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.115789][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.145663][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.173038][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.190603][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.201738][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.212537][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.223896][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.234915][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.247106][ T5092] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 81.269414][ T24] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.287160][ T24] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.334171][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.359475][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.382912][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.403077][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.424348][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.436307][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.456395][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.471948][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.487084][ T5092] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 81.496721][ T5098] veth1_vlan: entered promiscuous mode [ 81.561449][ T5092] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.572503][ T5092] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.582070][ T5092] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.591424][ T5092] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.661708][ T739] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 12:28:13 executing program 3: mlockall(0x3) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) syz_read_part_table(0x5ef, &(0x7f0000000600)="$eJzs2zFoG2cUB/Any7JLAs2SKUOpM2QoXVKytaJtgqw0JGCUZgkZEkgoIZpcCChUyBAPjYaEaAgZs4SAltieLGswtNjY0LkYDy4GD15a7MXQxVfsO0Mru6Zu3ULh94PTp3v8v3t66NYv+F/ri1+SJMlFRDJ49N0DURre25aLWxEx9P27k+ldau+pZyOiEBEr6f3g61cnuk82Lxfay9e3zt2ea/Zl+bHsOvmmc+PPuiaNo/9S/h1vi/OnHo+Plp/WiveXyvXPIuLaxEap0rnabE1eKVy6m8YaC1m+P1u/bkQ8igdxJ6pRjXt/+y9d+WP/tZft1fPbZ8rt6SQf0X02+1GWG0mXXP8/mna/nvnXHg49v9mqX2xMnX5xoTazWFnPp7nq7ns/cMzdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4bm+L86cej4+Wn9aK95fK9bVvf/zh2sRGqdK52mxNXilcupvlFrK1Pwayb7V4FA/iTlQj4l6M7n/0p7uf7xzSPMnv6/+yvXp++0y5Pf3VJ78Od5/NfjyeRkeOcebf6+3/cOj5zVb94odTp19cqM0sVtbzaa46eNDuw4YDAAAAAAAAAAAAAAAAAACAv640/MX7I59XvozIxa2I+ODnb/p26kl23j0X8d7OejbLr2T1169OdJ9sXi60l69vnbs91/wpq49l18k3nRu9p+PHvuspHHimnv/SbwEAAP//6maVVg==") [ 81.704815][ T739] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.940428][ T5098] veth0_macvtap: entered promiscuous mode [ 82.045939][ T2786] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.046429][ T5098] veth1_macvtap: entered promiscuous mode [ 82.078386][ T2786] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.144147][ T5087] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.168784][ T5087] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.370835][ T2786] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.395257][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.413546][ T2786] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.430404][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.459607][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.495184][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.511190][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.532948][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.562033][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.589005][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.606318][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.628559][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.659238][ T5098] batman_adv: batadv0: Interface activated: batadv_slave_0 12:28:14 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000500)={0xa, 0x2, 0x0, @empty}, 0x1c) listen(r1, 0x0) r2 = accept$inet6(r1, 0x0, 0x0) connect$inet(r0, &(0x7f00000001c0)={0x2, 0x2, @remote}, 0x10) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0x5450, 0x0) getpeername$packet(0xffffffffffffffff, 0x0, 0x0) getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000040), &(0x7f0000000180)=0x4) setsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0) setsockopt$inet6_mreq(r2, 0x29, 0x0, 0x0, 0x0) [ 82.722266][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.769021][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.797549][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.828228][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.845345][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.866241][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.883971][ C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 82.892910][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.918147][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! 12:28:15 executing program 5: r0 = socket$inet6(0xa, 0x801, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000003940)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup3(r1, r2, 0x0) accept4$packet(r3, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14, 0x80800) r4 = dup3(r0, r0, 0x0) sendto$inet_nvme_pdu(r4, &(0x7f0000005c80), 0x80, 0x0, 0x0, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x5450) r5 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_buf(r5, 0x29, 0x20, &(0x7f0000000080), 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='devices.list\x00', 0x275a, 0x0) r7 = mq_open(&(0x7f0000000000)='cgroup.controllers\x00', 0x40, 0x48, &(0x7f0000000040)={0xffffffff, 0x6, 0x8, 0x10000}) dup3(r6, r7, 0x0) ioctl$FIONCLEX(r6, 0x5450) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000480), &(0x7f00000004c0)={'L+', 0xffffffffffffffe0}, 0x16, 0x0) fsetxattr$trusted_overlay_opaque(r7, 0x0, &(0x7f0000000640), 0x2, 0x0) r8 = syz_clone3(&(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/custom1\x00', 0x0, 0x0) ioctl$FS_IOC_GETFLAGS(r9, 0x5421, &(0x7f0000000000)) tkill(r8, 0x0) write$cgroup_devices(r7, &(0x7f0000000700)=ANY=[], 0x9) [ 82.935596][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.963361][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.011149][ T5098] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.114979][ T5098] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.161707][ T5098] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.189253][ T5098] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.218324][ T5098] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 12:28:15 executing program 5: mlockall(0x1) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) accept$unix(0xffffffffffffffff, 0x0, &(0x7f0000000080)) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 83.335023][ T5143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.363156][ T5143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.469632][ T7] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.492963][ T7] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 12:28:15 executing program 0: r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/class/dmi', 0x0, 0x0) r2 = dup3(r0, r1, 0x0) symlinkat(&(0x7f0000000080)='./file1\x00', r2, &(0x7f00000000c0)='./file0\x00') linkat(r2, &(0x7f0000000000)='./file0\x00', r1, &(0x7f0000000040)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x2100005, 0x0) 12:28:15 executing program 2: truncate(&(0x7f0000003340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) 12:28:15 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000366000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) mlockall(0x1) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) listen(r1, 0x0) connect$unix(r0, &(0x7f0000932000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) [ 83.939508][ T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 12:28:16 executing program 2: syz_open_dev$evdev(0x0, 0x0, 0x0) r0 = syz_open_dev$evdev(0x0, 0x1, 0x0) r1 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004ea19ffff1e0006031a00000804800200090581", @ANYBLOB], 0x0) r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r2, 0x0, 0x0) r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r3, 0x0, 0x0) ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x80104592, 0x0) syz_usb_disconnect(r1) ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f0000000300)={0x0, 0xffffffffffffff36, &(0x7f0000000200)="952bb3e006ae9a4c3a"}) syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000000c0)={0x24, &(0x7f00000001c0)={0x40, 0x0, 0x40, {0x40, 0x0, "319c4a886c0b5303e759cd0e4ceb0396b440a2847af51d0f604f30c4ca04a26020ffbe08e5702db1e77784d6395e849f409420ac07007b05f3c27320fe83"}}, 0x0, 0x0, 0x0}, 0x0) syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[], 0x0) ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, &(0x7f0000000200)=0x1) 12:28:16 executing program 1: r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000980)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x5, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x202, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32) [ 83.994058][ T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.268653][ T5143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.301825][ T5143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 12:28:16 executing program 1: bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x4, &(0x7f0000000040)=@framed={{0x25, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x50}, [@call={0x85, 0x0, 0x0, 0x39}]}, &(0x7f0000000000)='GPL\x00'}, 0x90) 12:28:16 executing program 4: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TCGETS2(r0, 0x5452, &(0x7f00000000c0)) mlockall(0x1) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffff9c, &(0x7f0000000000)='.log\x00', 0x0, 0x0) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) [ 84.563323][ T50] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 84.983801][ T50] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 85.022990][ T50] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 85.065307][ T50] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 85.094141][ T50] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 85.244386][ T50] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 85.284039][ T50] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 85.292071][ T50] usb 3-1: Product: syz [ 85.338183][ T50] usb 3-1: Manufacturer: syz [ 85.442324][ T50] cdc_wdm 3-1:1.0: skipping garbage [ 85.453114][ T50] cdc_wdm 3-1:1.0: skipping garbage [ 85.458764][ T50] cdc_wdm: probe of 3-1:1.0 failed with error -22 12:28:17 executing program 1: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$int_in(r0, 0x40000000af01, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, 0x0) r1 = socket$packet(0x11, 0x0, 0x300) dup(r1) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000080)) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000040)) r2 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$UI_DEV_SETUP(r2, 0x405c5503, 0x0) ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501) r3 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r4, 0x5452, &(0x7f0000000200)=0x3e) ioctl$DRM_IOCTL_SET_UNIQUE(0xffffffffffffffff, 0x40106410, &(0x7f0000000140)={0x1, &(0x7f0000000100)="d8"}) recvmmsg(r4, &(0x7f0000000400)=[{{0x0, 0x0, 0x0}}], 0xf00, 0x0, 0x0) fcntl$setsig(r4, 0xa, 0x12) poll(&(0x7f0000b2c000)=[{r5}], 0x1, 0xfffffffffffffff8) dup2(r4, r5) syz_clone3(&(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) r6 = epoll_create1(0x0) epoll_pwait2(r6, &(0x7f0000000180)=[{}], 0x1, 0x0, 0x0, 0x0) syz_clone3(&(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) fcntl$setown(r5, 0x8, r3) tkill(r3, 0x14) [ 85.612174][ T50] usb 3-1: USB disconnect, device number 2 [ 86.215228][ T50] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 86.325530][ T1785] cfg80211: failed to load regulatory.db 12:28:18 executing program 3: openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x2a101, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00') mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}}) 12:28:18 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x0, @local}, 0x10) write$binfmt_elf64(r0, 0x0, 0x100000530) [ 86.613884][ T50] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 86.622544][ T50] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 86.704915][ T50] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 86.745698][ T50] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 86.759825][ T5228] 9pnet_fd: Insufficient options for proto=fd 12:28:18 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) 12:28:18 executing program 1: r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000002500), 0x0, 0x0) ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000002540)={0x5}) [ 86.934446][ T50] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 12:28:19 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x0, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], 0x0}, 0x90) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[], &(0x7f0000000240)='syzkaller\x00'}, 0x90) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000180)={r1, r0, 0x16, 0x0, @void}, 0x10) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_BT_SECURITY(r2, 0x112, 0xa, &(0x7f0000003000), 0x2) [ 86.979077][ T50] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 87.017732][ T50] usb 3-1: Product: syz [ 87.024740][ T50] usb 3-1: Manufacturer: syz 12:28:19 executing program 1: open(&(0x7f0000000080)='./bus\x00', 0x105042, 0x0) lsetxattr$trusted_overlay_upper(&(0x7f00000002c0)='./bus\x00', &(0x7f0000000300), 0x0, 0x0, 0x0) [ 87.132245][ T50] cdc_wdm 3-1:1.0: skipping garbage [ 87.137573][ T50] cdc_wdm 3-1:1.0: skipping garbage [ 87.161190][ T50] cdc_wdm: probe of 3-1:1.0 failed with error -22 [ 87.207648][ T5235] ================================================================== [ 87.215765][ T5235] BUG: KASAN: slab-out-of-bounds in l2cap_sock_setsockopt+0x2182/0x2930 [ 87.224161][ T5235] Read of size 4 at addr ffff88802b52e3e3 by task syz-executor.3/5235 [ 87.232329][ T5235] [ 87.234667][ T5235] CPU: 1 PID: 5235 Comm: syz-executor.3 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0 [ 87.244667][ T5235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 87.254742][ T5235] Call Trace: [ 87.258046][ T5235] [ 87.260993][ T5235] dump_stack_lvl+0x241/0x360 [ 87.264653][ T28] audit: type=1800 audit(1712579299.245:2): pid=5237 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1972 res=0 errno=0 [ 87.265734][ T5235] ? __pfx_dump_stack_lvl+0x10/0x10 [ 87.291445][ T5235] ? __pfx__printk+0x10/0x10 [ 87.296069][ T5235] ? srso_return_thunk+0x5/0x5f [ 87.300934][ T5235] ? _printk+0xd5/0x120 [ 87.305106][ T5235] ? __virt_addr_valid+0x183/0x520 [ 87.310235][ T5235] ? srso_return_thunk+0x5/0x5f [ 87.315099][ T5235] print_report+0x169/0x550 [ 87.319644][ T5235] ? __virt_addr_valid+0x183/0x520 [ 87.324779][ T5235] ? srso_return_thunk+0x5/0x5f [ 87.329640][ T5235] ? __virt_addr_valid+0x44e/0x520 [ 87.334767][ T5235] ? srso_return_thunk+0x5/0x5f [ 87.339627][ T5235] ? __phys_addr+0xba/0x170 [ 87.344149][ T5235] ? l2cap_sock_setsockopt+0x2182/0x2930 [ 87.349789][ T5235] kasan_report+0x143/0x180 [ 87.354309][ T5235] ? l2cap_sock_setsockopt+0x214/0x2930 [ 87.359864][ T5235] ? l2cap_sock_setsockopt+0x2182/0x2930 [ 87.365508][ T5235] l2cap_sock_setsockopt+0x2182/0x2930 [ 87.370978][ T5235] ? __cgroup_bpf_run_filter_setsockopt+0x4c9/0x1040 [ 87.377666][ T5235] ? __pfx___cgroup_bpf_run_filter_setsockopt+0x10/0x10 [ 87.384616][ T5235] ? __pfx_l2cap_sock_setsockopt+0x10/0x10 [ 87.390429][ T5235] ? __pfx_aa_sk_perm+0x10/0x10 [ 87.395321][ T5235] ? alarm_timer_nsleep_restart+0x90/0x2c0 [ 87.401148][ T5235] ? aa_sock_opt_perm+0x79/0x120 [ 87.406104][ T5235] ? srso_return_thunk+0x5/0x5f [ 87.410963][ T5235] ? srso_return_thunk+0x5/0x5f [ 87.415827][ T5235] ? __pfx_l2cap_sock_setsockopt+0x10/0x10 [ 87.421636][ T5235] do_sock_setsockopt+0x3b1/0x720 [ 87.426716][ T5235] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 87.432278][ T5235] ? __fget_files+0x3f4/0x470 [ 87.436969][ T5235] ? __fget_files+0x28/0x470 [ 87.441579][ T5235] __sys_setsockopt+0x1ae/0x250 [ 87.446452][ T5235] __x64_sys_setsockopt+0xb5/0xd0 [ 87.451496][ T5235] do_syscall_64+0xfd/0x240 [ 87.456006][ T5235] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 87.461912][ T5235] RIP: 0033:0x7fdd15e7de69 [ 87.466332][ T5235] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 87.485967][ T5235] RSP: 002b:00007fdd16b470c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 87.494404][ T5235] RAX: ffffffffffffffda RBX: 00007fdd15fabf80 RCX: 00007fdd15e7de69 [ 87.502387][ T5235] RDX: 000000000000000a RSI: 0000000000000112 RDI: 0000000000000007 [ 87.510376][ T5235] RBP: 00007fdd15eca47a R08: 0000000000000002 R09: 0000000000000000 [ 87.518369][ T5235] R10: 0000000020003000 R11: 0000000000000246 R12: 0000000000000000 [ 87.526365][ T5235] R13: 000000000000000b R14: 00007fdd15fabf80 R15: 00007ffcf0d4d698 [ 87.534375][ T5235] [ 87.537845][ T5235] [ 87.540197][ T5235] Allocated by task 5235: [ 87.544544][ T5235] kasan_save_track+0x3f/0x80 [ 87.549250][ T5235] __kasan_kmalloc+0x98/0xb0 [ 87.553868][ T5235] __kmalloc+0x233/0x4a0 [ 87.558127][ T5235] __cgroup_bpf_run_filter_setsockopt+0xd2f/0x1040 [ 87.564655][ T5235] do_sock_setsockopt+0x6b4/0x720 [ 87.569721][ T5235] __sys_setsockopt+0x1ae/0x250 [ 87.574596][ T5235] __x64_sys_setsockopt+0xb5/0xd0 [ 87.579640][ T5235] do_syscall_64+0xfd/0x240 [ 87.584147][ T5235] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 87.590054][ T5235] [ 87.592373][ T5235] The buggy address belongs to the object at ffff88802b52e3e0 [ 87.592373][ T5235] which belongs to the cache kmalloc-8 of size 8 [ 87.606092][ T5235] The buggy address is located 1 bytes to the right of [ 87.606092][ T5235] allocated 2-byte region [ffff88802b52e3e0, ffff88802b52e3e2) [ 87.620428][ T5235] [ 87.622756][ T5235] The buggy address belongs to the physical page: [ 87.629168][ T5235] page:ffffea0000ad4b80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2b52e [ 87.639347][ T5235] flags: 0xfff00000000800(slab|node=0|zone=1|lastcpupid=0x7ff) [ 87.646906][ T5235] page_type: 0xffffffff() [ 87.651236][ T5235] raw: 00fff00000000800 ffff888014c41280 dead000000000100 dead000000000122 [ 87.659823][ T5235] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 87.668408][ T5235] page dumped because: kasan: bad access detected [ 87.674827][ T5235] page_owner tracks the page as allocated [ 87.680542][ T5235] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 1, tgid 1 (swapper/0), ts 17845456388, free_ts 17836649403 [ 87.698101][ T5235] post_alloc_hook+0x1ea/0x210 [ 87.702911][ T5235] get_page_from_freelist+0x33ea/0x3580 [ 87.708466][ T5235] __alloc_pages+0x256/0x680 [ 87.713061][ T5235] alloc_slab_page+0x5f/0x160 [ 87.717760][ T5235] new_slab+0x84/0x2f0 [ 87.721835][ T5235] ___slab_alloc+0xc73/0x1260 [ 87.726522][ T5235] __kmalloc_node_track_caller+0x2d6/0x4e0 [ 87.732332][ T5235] kstrdup+0x3a/0x80 [ 87.736233][ T5235] __kernfs_new_node+0x9d/0x880 [ 87.741089][ T5235] kernfs_new_node+0x13a/0x240 [ 87.745860][ T5235] kernfs_create_dir_ns+0x43/0x120 [ 87.750974][ T5235] sysfs_create_dir_ns+0x189/0x3a0 [ 87.756096][ T5235] kobject_add_internal+0x435/0x8d0 [ 87.761299][ T5235] kobject_init_and_add+0x124/0x190 [ 87.766513][ T5235] locate_module_kobject+0xdd/0x160 [ 87.771721][ T5235] kernel_add_sysfs_param+0x20/0x130 [ 87.777021][ T5235] page last free pid 925 tgid 925 stack trace: [ 87.783177][ T5235] free_unref_page_prepare+0x968/0xa90 [ 87.788657][ T5235] free_unref_page+0x37/0x3f0 [ 87.793351][ T5235] vfree+0x186/0x2e0 [ 87.797261][ T5235] delayed_vfree_work+0x56/0x80 [ 87.802123][ T5235] process_scheduled_works+0xa02/0x1770 [ 87.807674][ T5235] worker_thread+0x86d/0xd70 [ 87.812271][ T5235] kthread+0x2f2/0x390 [ 87.816349][ T5235] ret_from_fork+0x4d/0x80 [ 87.820778][ T5235] ret_from_fork_asm+0x1a/0x30 [ 87.825558][ T5235] [ 87.827879][ T5235] Memory state around the buggy address: [ 87.833506][ T5235] ffff88802b52e280: 06 fc fc fc 05 fc fc fc fa fc fc fc fa fc fc fc [ 87.841566][ T5235] ffff88802b52e300: 05 fc fc fc 05 fc fc fc 05 fc fc fc 06 fc fc fc [ 87.849625][ T5235] >ffff88802b52e380: 06 fc fc fc 05 fc fc fc fa fc fc fc 02 fc fc fc [ 87.857683][ T5235] ^ [ 87.864878][ T5235] ffff88802b52e400: 05 fc fc fc 05 fc fc fc 05 fc fc fc 00 fc fc fc [ 87.872943][ T5235] ffff88802b52e480: 00 fc fc fc 05 fc fc fc 05 fc fc fc 04 fc fc fc [ 87.881015][ T5235] ================================================================== [ 87.982504][ T5235] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 87.989756][ T5235] CPU: 0 PID: 5235 Comm: syz-executor.3 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0 [ 87.999752][ T5235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 88.009824][ T5235] Call Trace: [ 88.013136][ T5235] [ 88.016081][ T5235] dump_stack_lvl+0x241/0x360 [ 88.020800][ T5235] ? __pfx_dump_stack_lvl+0x10/0x10 [ 88.026041][ T5235] ? __pfx__printk+0x10/0x10 12:28:20 executing program 1: r0 = open(&(0x7f0000000280)='./bus\x00', 0x105042, 0x0) setrlimit(0x1, &(0x7f0000000100)={0xffffffff, 0xffffffffffffffff}) fallocate(r0, 0x0, 0x0, 0x7fffffff) utime(&(0x7f00000002c0)='./bus\x00', 0x0) creat(0x0, 0x0) setxattr$incfs_id(&(0x7f0000001080)='./bus\x00', &(0x7f0000001400), 0x0, 0x0, 0x0) [ 88.030677][ T5235] ? preempt_schedule+0xe1/0xf0 [ 88.035551][ T5235] ? srso_return_thunk+0x5/0x5f [ 88.040425][ T5235] ? vscnprintf+0x5d/0x90 [ 88.044783][ T5235] panic+0x349/0x860 [ 88.048731][ T5235] ? check_panic_on_warn+0x21/0xb0 [ 88.053866][ T5235] ? __pfx_panic+0x10/0x10 [ 88.058312][ T5235] ? srso_return_thunk+0x5/0x5f [ 88.063184][ T5235] ? srso_return_thunk+0x5/0x5f [ 88.068044][ T5235] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 88.074048][ T5235] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 88.080396][ T5235] ? print_report+0x502/0x550 [ 88.085095][ T5235] check_panic_on_warn+0x86/0xb0 [ 88.090053][ T5235] ? l2cap_sock_setsockopt+0x2182/0x2930 [ 88.095691][ T5235] end_report+0x6e/0x140 [ 88.099947][ T5235] kasan_report+0x154/0x180 [ 88.104466][ T5235] ? l2cap_sock_setsockopt+0x214/0x2930 [ 88.110018][ T5235] ? l2cap_sock_setsockopt+0x2182/0x2930 [ 88.115661][ T5235] l2cap_sock_setsockopt+0x2182/0x2930 [ 88.121132][ T5235] ? __cgroup_bpf_run_filter_setsockopt+0x4c9/0x1040 [ 88.127820][ T5235] ? __pfx___cgroup_bpf_run_filter_setsockopt+0x10/0x10 [ 88.134770][ T5235] ? __pfx_l2cap_sock_setsockopt+0x10/0x10 [ 88.140580][ T5235] ? __pfx_aa_sk_perm+0x10/0x10 [ 88.145450][ T5235] ? alarm_timer_nsleep_restart+0x90/0x2c0 [ 88.151274][ T5235] ? aa_sock_opt_perm+0x79/0x120 [ 88.156232][ T5235] ? srso_return_thunk+0x5/0x5f [ 88.161092][ T5235] ? srso_return_thunk+0x5/0x5f [ 88.165955][ T5235] ? __pfx_l2cap_sock_setsockopt+0x10/0x10 [ 88.171770][ T5235] do_sock_setsockopt+0x3b1/0x720 [ 88.176828][ T5235] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 88.182391][ T5235] ? __fget_files+0x3f4/0x470 [ 88.187174][ T5235] ? __fget_files+0x28/0x470 [ 88.191787][ T5235] __sys_setsockopt+0x1ae/0x250 [ 88.196665][ T5235] __x64_sys_setsockopt+0xb5/0xd0 [ 88.201719][ T5235] do_syscall_64+0xfd/0x240 [ 88.206237][ T5235] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 88.212161][ T5235] RIP: 0033:0x7fdd15e7de69 [ 88.216584][ T5235] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 88.236210][ T5235] RSP: 002b:00007fdd16b470c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 88.244646][ T5235] RAX: ffffffffffffffda RBX: 00007fdd15fabf80 RCX: 00007fdd15e7de69 [ 88.252626][ T5235] RDX: 000000000000000a RSI: 0000000000000112 RDI: 0000000000000007 [ 88.260609][ T5235] RBP: 00007fdd15eca47a R08: 0000000000000002 R09: 0000000000000000 [ 88.268590][ T5235] R10: 0000000020003000 R11: 0000000000000246 R12: 0000000000000000 [ 88.276572][ T5235] R13: 000000000000000b R14: 00007fdd15fabf80 R15: 00007ffcf0d4d698 [ 88.284566][ T5235] [ 88.287863][ T5235] Kernel Offset: disabled [ 88.292181][ T5235] Rebooting in 86400 seconds..