Warning: Permanently added '10.128.0.18' (ECDSA) to the list of known hosts. 2023/02/17 17:06:04 fuzzer started 2023/02/17 17:06:05 dialing manager at 10.128.0.169:40217 2023/02/17 17:06:05 checking machine... 2023/02/17 17:06:05 checking revisions... 2023/02/17 17:06:06 testing simple program... syzkaller login: [ 165.322393][ T4979] cgroup: Unknown subsys name 'net' [ 165.470921][ T4979] cgroup: Unknown subsys name 'rlimit' [ 166.012988][ T45] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 166.021606][ T45] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 166.031239][ T4985] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 166.042190][ T4985] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 166.052496][ T4985] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 166.061213][ T4985] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 166.459539][ T4983] chnl_net:caif_netlink_parms(): no params data found [ 166.841051][ T4983] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.848715][ T4983] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.858644][ T4983] device bridge_slave_0 entered promiscuous mode [ 166.874362][ T4983] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.881897][ T4983] bridge0: port 2(bridge_slave_1) entered disabled state [ 166.892050][ T4983] device bridge_slave_1 entered promiscuous mode [ 166.963588][ T4983] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 166.983547][ T4983] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 167.052019][ T4983] team0: Port device team_slave_0 added [ 167.067995][ T4983] team0: Port device team_slave_1 added [ 167.130182][ T4983] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 167.137786][ T4983] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 167.164289][ T4983] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active executing program [ 167.181324][ T4983] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 167.188729][ T4983] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 167.215388][ T4983] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 167.308147][ T4983] device hsr_slave_0 entered promiscuous mode [ 167.317514][ T4983] device hsr_slave_1 entered promiscuous mode [ 167.635011][ T4983] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 167.653849][ T4983] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 167.674261][ T4983] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 167.693571][ T4983] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 167.993777][ T4983] 8021q: adding VLAN 0 to HW filter on device bond0 [ 168.025138][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 168.035191][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 168.057001][ T4983] 8021q: adding VLAN 0 to HW filter on device team0 [ 168.076045][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 168.092616][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 168.103286][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 168.110770][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 168.119238][ T4985] Bluetooth: hci0: command 0x0409 tx timeout [ 168.121505][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 168.150873][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 168.162002][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 168.173140][ T43] bridge0: port 2(bridge_slave_1) entered blocking state [ 168.180722][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state [ 168.201278][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 168.226409][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 168.251267][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 168.264451][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 168.278605][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 168.298492][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 168.311393][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 168.334201][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 168.344858][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 168.375353][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 168.386504][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 168.402756][ T4983] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 168.836055][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 168.844394][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 168.878848][ T4983] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 168.936816][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 168.948288][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 169.003515][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 169.015509][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 169.030396][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 169.040994][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 169.057201][ T4983] device veth0_vlan entered promiscuous mode [ 169.089547][ T4983] device veth1_vlan entered promiscuous mode [ 169.170600][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 169.181939][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 169.192462][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 169.202995][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 169.224216][ T4983] device veth0_macvtap entered promiscuous mode [ 169.247915][ T4983] device veth1_macvtap entered promiscuous mode [ 169.296912][ T4983] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 169.312117][ T4997] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 169.322937][ T4997] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 169.337671][ T4997] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 169.348963][ T4997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 169.375721][ T4983] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 169.384182][ T4997] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 169.397036][ T4997] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 169.424744][ T4983] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.435019][ T4983] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.444260][ T4983] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.453693][ T4983] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 executing program [ 170.183822][ T4329] Bluetooth: hci0: command 0x041b tx timeout [ 171.296925][ T3303] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 171.306682][ T3303] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 171.329423][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 171.376794][ T3303] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 171.385119][ T3303] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 171.395229][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 2023/02/17 17:06:12 building call list... [ 172.269626][ T4985] Bluetooth: hci0: command 0x040f tx timeout executing program [ 174.124692][ T3515] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.250624][ T3515] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.364991][ T3515] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.498710][ T3515] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.055419][ T3515] device hsr_slave_0 left promiscuous mode [ 176.066624][ T3515] device hsr_slave_1 left promiscuous mode [ 176.080650][ T3515] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 176.088457][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 176.102774][ T3515] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 176.111349][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 176.125451][ T3515] device bridge_slave_1 left promiscuous mode [ 176.132517][ T3515] bridge0: port 2(bridge_slave_1) entered disabled state [ 176.150263][ T3515] device bridge_slave_0 left promiscuous mode [ 176.157419][ T3515] bridge0: port 1(bridge_slave_0) entered disabled state [ 176.185334][ T3515] device veth1_macvtap left promiscuous mode [ 176.191627][ T3515] device veth0_macvtap left promiscuous mode [ 176.198299][ T3515] device veth1_vlan left promiscuous mode executing program [ 176.205291][ T3515] device veth0_vlan left promiscuous mode [ 177.370445][ T3515] team0 (unregistering): Port device team_slave_1 removed [ 177.448776][ T3515] team0 (unregistering): Port device team_slave_0 removed [ 177.506938][ T3515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 177.540858][ T3515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 177.921595][ T3515] bond0 (unregistering): Released all slaves executing program executing program executing program [ 186.928011][ T4977] can: request_module (can-proto-0) failed. [ 187.061664][ T4977] can: request_module (can-proto-0) failed. [ 187.197603][ T4977] can: request_module (can-proto-0) failed. executing program executing program 2023/02/17 17:06:46 syscalls: 3744 2023/02/17 17:06:46 code coverage: enabled 2023/02/17 17:06:46 comparison tracing: enabled 2023/02/17 17:06:46 extra coverage: enabled 2023/02/17 17:06:46 delay kcov mmap: enabled 2023/02/17 17:06:46 setuid sandbox: enabled 2023/02/17 17:06:46 namespace sandbox: enabled 2023/02/17 17:06:46 Android sandbox: /sys/fs/selinux/policy does not exist 2023/02/17 17:06:46 fault injection: enabled 2023/02/17 17:06:46 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2023/02/17 17:06:46 net packet injection: enabled 2023/02/17 17:06:46 net device setup: enabled 2023/02/17 17:06:46 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2023/02/17 17:06:46 devlink PCI setup: PCI device 0000:00:10.0 is not available 2023/02/17 17:06:46 NIC VF setup: PCI device 0000:00:11.0 is not available 2023/02/17 17:06:46 USB emulation: enabled 2023/02/17 17:06:46 hci packet injection: enabled 2023/02/17 17:06:46 wifi device emulation: enabled 2023/02/17 17:06:46 802.15.4 emulation: enabled 2023/02/17 17:06:46 fetching corpus: 0, signal 0/0 (executing program) 2023/02/17 17:06:46 fetching corpus: 0, signal 0/0 (executing program) 2023/02/17 17:06:50 starting 6 fuzzer processes 17:06:50 executing program 0: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) io_setup(0x800, &(0x7f0000000040)=0x0) r2 = open(&(0x7f0000000400)='./bus\x00', 0x14113e, 0x0) write$binfmt_elf64(r0, &(0x7f0000000580)=ANY=[], 0x1ab0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, r2, 0x0) ftruncate(r0, 0x7fff) io_submit(0x0, 0x0, 0x0) write$binfmt_script(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="0a0000000074f75a155f926921653e000000008cf0051aa70dfedcf68b2f04a3b21f2ee92d490b95c686ffffffff000000000000000000409b"], 0xf) ioctl$AUTOFS_IOC_EXPIRE(r2, 0x810c9365, &(0x7f0000001200)={{0x1}, 0x100, './bus\x00'}) io_getevents(r1, 0x6, 0x6, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}], 0x0) io_getevents(r1, 0x40000007f3, 0x8000000000002da, &(0x7f0000000340), 0x0) fcntl$setstatus(r0, 0x4, 0x6800) io_submit(r1, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a00}]) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000004080)=@base={0x2, 0x4, 0x4, 0xbf22, 0x484, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48) r4 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r4, 0x6, 0x1d, &(0x7f0000000080), &(0x7f0000000100)=0x14) mmap(&(0x7f0000fa1000/0x3000)=nil, 0x3000, 0x0, 0x11, r3, 0x300000) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r3) r5 = openat2(0xffffffffffffffff, &(0x7f00000004c0)='./bus\x00', &(0x7f0000000500)={0x1, 0x11, 0x18}, 0x18) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) dup(r7) mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r7]) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r9 = dup(r8) write$FUSE_BMAP(r9, &(0x7f00000002c0)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r9, &(0x7f00000000c0)={0x0, 0x5, 0x0, {0x0, 0x2000000004, 0x0, 0x9}}, 0x30) io_submit(0x0, 0x3, &(0x7f0000000700)=[&(0x7f0000000440)={0x0, 0x0, 0x0, 0x3, 0x200, 0xffffffffffffffff, &(0x7f0000000240)="f82ddc2205bbf0dcc084825f361886c53787a6cf887d6d57441639c239b4dd43829f6dac56fb96b470c0af265f33ca73dcfc4eeba3ed6eb7a8d37a6405161088547a2b6942f75e545d7bd009457a09b3070404ba6f2a5079a358fcc87076bbfa55567552a32f075d9cb4fcf8a1bbf609f7a2cac3c8d1dd7f3c18c8063c6782eca453e511275927efae5a23c74a2e90a583c0dc35cd14c669e7be2056844666ac19088dee36e2af498bcfc5af833d16bb7c42d7d843c28099", 0xb8, 0x5, 0x0, 0x2}, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x3, 0xa0a, 0xffffffffffffffff, &(0x7f0000000480)="b10d5022de8c43a2746bce6e217672c16deb55bf6ed40ca0bf22c7c63b00b6dbadc9db644b779da4b4b2f6895b3659e61cecbda360a9", 0x36, 0x5, 0x0, 0x0, r5}, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x5, 0x800, r6, &(0x7f00000005c0)="7bdac57defccd25da27883a5e0a349dd3927f6bc1e3cc30b5dcbe59e6096fef92e89cc108a7a30a7e85b753203a6f61a023e289a1304bb285bdf3b1095bdd9f11be457cddc3be72c2267818017a6804a515ecdcaf512dc028fcfa6bf30d30fd802fee5978ce8b836a6bd3805b3df0812a66aeddec0af9f094a6cc92ac0f40af74127f646b1993e5b2fdd77b7df830a28692836ec04b3a51f28e8ea3e9375c0bb56a9696084ceebc5221191c8926de3d4d425c562100c28c6ead90d5b960ed6e6b0b06942ee29c4cb38d960aae1ef0cd553f79e9fd1a1da686cf467ea55103f277ecbfd24a9f70773037cc2b034ef3a36cc74dced33e1", 0xf6, 0x100000000, 0x0, 0x0, r9}]) io_destroy(r1) 17:06:50 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) write$binfmt_script(r1, 0x0, 0xfffffe5d) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="3c00000010008506000000ff0100000000000000", @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0) getsockname$packet(r1, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000004c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r2}]}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x48}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="2c0000001000030400"/20, @ANYRES32=r6, @ANYBLOB="00000000000000000a000100aaaaaaaaaabb"], 0x2c}}, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket(0x1, 0x803, 0x0) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000180)=@newlink={0x2c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r9}, [@IFLA_ADDRESS={0xa, 0x1, @remote}]}, 0x2c}}, 0x0) 17:06:50 executing program 2: capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x2, &(0x7f0000000200)=@raw=[@call, @exit], &(0x7f0000000180)='syzkaller\x00', 0x2, 0xe3, &(0x7f0000000240)=""/227, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 17:06:50 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x1c, 0x2, 0x3, 0x301, 0x0, 0x0, {0x0, 0x0, 0x4000}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000000203010300000000000000000000d9d9"], 0x1c}}, 0x0) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, 0x2, 0x3, 0x301, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) 17:06:50 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x3, &(0x7f0000000080)=ANY=[], 0x81, 0x47f, &(0x7f00000004c0)="$eJzs3MtvVNUfAPDvnWl5/IBf++Pni4c6isbGR0vLc+FGowkbExNd4LK2hSAFDK2JkEaqMbg0/AXq0sS/wBVuDLrSuNW4NSbEdAO6MNfcmXvL0M60nc60g8znkwycc++Ze8537j1wHp0G0LMq2R9JxM6I+DkiBmrZuwtUan/dXpib+HNhbiKJNH3jj6Ra7tbC3ERRtHjfjjwzVIoofZzEvgb1zly6fHZ8enrqYp4fmT337sjMpcsvnDk3fnrq9NT5sePHDx/afuzo2JGOxJnFdWvvBxf27znx1rXXJk5ee/u7r7L27szP18dRM9h2nZWoxI3+UsNzT7d99XvLrrp00tfFhtCSckRkt6u/2v8Hohx3bt5AvPpRVxsHbKg0TdOty46Wi8R8CtzHkuh2C4DuKP6jv7WQzYbnJpbPg+9vN1+qTYCyuG/nr/zU9WzmXhmszY0az+LbV4mIk/N/fZa9ouE6BABAZ13Pxj/P18Ydxat2phQP1ZX7b76HMhgR/4uI3RHx/4h4ICIejKiWfTgiHmmx/sqS/PLxz4/b1xXYGmXjvxfzva27x3+LI77Bcp7bVY2/Pzl1ZnrqYP6ZDEX/1iw/ukId37zy06fNztWP/7JXVn8xFszb8XvfkgW6yfHZ8XZirnfzw4i9fY3iTxZ3ArKZwZ6I2LuO62ef2Zlnv9zf7Pzq8a+gA/tM6RcRz9Tu/3wsib+QNN2fHD12dOzIyLaYnjo4UjwVy33/w9XXm9XfVvwdkN3//zR8/hfjH0zq92tnWq/j6i+fNJjT1NaY1/v8b0nerKa35MfeH5+dvTgasSWZX3587M57i3xRPot/6EDj/r874u/P8/fti4jsIX40Ih6LiMfztj8REU9GxIEV4r/x8lPvNDt3L9z/yZbuf+uJ8tlvv25W/9ru/+Fqaig/Mjk+u221uNbawHY+OwAAAPi3KFV/Bj4pDS+mS6Xh4YgdiysoM7PPnbrw3vnJ2s/KD0Z/qVjpGqhbDx3N14aL/NiS/KHqunGapun2an544sL0ri7HDr1uR5P+n/mt3O3WARuupX20ZOPaAWy+9e+jpx1tB7D5fF8bepf+D71rzf2/f2PbAWy+Rv3/SsTtLjQF2GTG/9C79H/oXfo/9C79H3pSO9/rXymx+0Tx1fr5jaqiq4lfSxGduWB50xu/LTpxnSitWqavhV/EsLmJ0r3RjFpia0SstfCVDj11qye6/A8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAh/wTAAD//yG04Ro=") 17:06:50 executing program 4: r0 = socket$inet6(0xa, 0x3, 0xff) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) write(r0, &(0x7f0000000300)="0c6717412d322ceedc22ea3ebe4b379ce29df51ca319480c156137ca7594aef42386ef5be66465ee", 0x28) [ 210.345678][ T4329] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 210.437759][ T4329] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 210.446858][ T4329] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 210.459504][ T4329] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 210.470124][ T4329] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 210.482567][ T4329] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 210.544210][ T4985] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 210.553153][ T4985] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 210.562249][ T4985] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 210.588017][ T4985] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 210.601913][ T4985] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 210.615537][ T4985] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 210.791985][ T4985] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 210.872531][ T4985] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 210.884561][ T4985] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 210.902708][ T45] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 210.919901][ T45] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 210.929337][ T45] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 211.142301][ T4329] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 211.165502][ T4329] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 211.174960][ T4985] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 211.187397][ T4329] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 211.201162][ T4329] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 211.212026][ T4329] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 211.336938][ T4329] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 211.372489][ T4329] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 211.382382][ T4329] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 211.396494][ T4329] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 211.407416][ T4329] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 211.417689][ T4329] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 211.662406][ T45] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 211.671294][ T45] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 211.681110][ T45] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 211.702917][ T45] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 211.736943][ T4985] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 211.749677][ T4985] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 211.949718][ T5409] chnl_net:caif_netlink_parms(): no params data found [ 212.408701][ T5415] chnl_net:caif_netlink_parms(): no params data found [ 212.612268][ T4985] Bluetooth: hci0: command 0x0409 tx timeout [ 212.756818][ T4985] Bluetooth: hci1: command 0x0409 tx timeout [ 212.983560][ T4329] Bluetooth: hci2: command 0x0409 tx timeout [ 213.303632][ T4985] Bluetooth: hci3: command 0x0409 tx timeout [ 213.375724][ T5412] chnl_net:caif_netlink_parms(): no params data found [ 213.483739][ T4329] Bluetooth: hci4: command 0x0409 tx timeout [ 213.699960][ T5409] bridge0: port 1(bridge_slave_0) entered blocking state [ 213.707842][ T5409] bridge0: port 1(bridge_slave_0) entered disabled state [ 213.718560][ T5409] device bridge_slave_0 entered promiscuous mode [ 213.739550][ T5409] bridge0: port 2(bridge_slave_1) entered blocking state [ 213.748519][ T5409] bridge0: port 2(bridge_slave_1) entered disabled state [ 213.759310][ T5409] device bridge_slave_1 entered promiscuous mode [ 213.787000][ T5421] chnl_net:caif_netlink_parms(): no params data found [ 213.821351][ T5418] chnl_net:caif_netlink_parms(): no params data found [ 213.948659][ T4329] Bluetooth: hci5: command 0x0409 tx timeout [ 214.126396][ T5409] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 214.294259][ T5425] chnl_net:caif_netlink_parms(): no params data found [ 214.327979][ T5409] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 214.638311][ T5409] team0: Port device team_slave_0 added [ 214.663631][ T4329] Bluetooth: hci0: command 0x041b tx timeout [ 214.744613][ T5409] team0: Port device team_slave_1 added [ 214.824517][ T4329] Bluetooth: hci1: command 0x041b tx timeout [ 215.069432][ T4329] Bluetooth: hci2: command 0x041b tx timeout [ 215.360730][ T5409] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 215.367983][ T5409] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 215.394459][ T5409] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 215.407781][ T4329] Bluetooth: hci3: command 0x041b tx timeout [ 215.410438][ T5415] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.421703][ T5415] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.432006][ T5415] device bridge_slave_0 entered promiscuous mode [ 215.530622][ T5409] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 215.537867][ T5409] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 215.564428][ T5409] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 215.576794][ T4329] Bluetooth: hci4: command 0x041b tx timeout [ 215.587017][ T5412] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.594890][ T5412] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.605404][ T5412] device bridge_slave_0 entered promiscuous mode [ 215.629851][ T5415] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.637665][ T5415] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.648021][ T5415] device bridge_slave_1 entered promiscuous mode [ 215.817042][ T5412] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.824835][ T5412] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.835477][ T5412] device bridge_slave_1 entered promiscuous mode [ 215.929094][ T5409] device hsr_slave_0 entered promiscuous mode [ 215.954682][ T5409] device hsr_slave_1 entered promiscuous mode [ 216.052570][ T4329] Bluetooth: hci5: command 0x041b tx timeout [ 216.205078][ T5415] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 216.274669][ T5412] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 216.372075][ T5415] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 216.475160][ T5412] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 216.485654][ T5425] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.493532][ T5425] bridge0: port 1(bridge_slave_0) entered disabled state [ 216.504324][ T5425] device bridge_slave_0 entered promiscuous mode [ 216.532988][ T5421] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.540848][ T5421] bridge0: port 1(bridge_slave_0) entered disabled state [ 216.551428][ T5421] device bridge_slave_0 entered promiscuous mode [ 216.711616][ T5425] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.719460][ T5425] bridge0: port 2(bridge_slave_1) entered disabled state [ 216.730207][ T5425] device bridge_slave_1 entered promiscuous mode [ 216.744984][ T4329] Bluetooth: hci0: command 0x040f tx timeout [ 216.752905][ T5421] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.760716][ T5421] bridge0: port 2(bridge_slave_1) entered disabled state [ 216.771397][ T5421] device bridge_slave_1 entered promiscuous mode [ 216.825734][ T5418] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.833585][ T5418] bridge0: port 1(bridge_slave_0) entered disabled state [ 216.844610][ T5418] device bridge_slave_0 entered promiscuous mode [ 216.904505][ T4329] Bluetooth: hci1: command 0x040f tx timeout [ 217.040737][ T5418] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.048647][ T5418] bridge0: port 2(bridge_slave_1) entered disabled state [ 217.060541][ T5418] device bridge_slave_1 entered promiscuous mode [ 217.076672][ T5415] team0: Port device team_slave_0 added [ 217.154278][ T4329] Bluetooth: hci2: command 0x040f tx timeout [ 217.184061][ T5412] team0: Port device team_slave_0 added [ 217.200052][ T5418] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 217.306306][ T5415] team0: Port device team_slave_1 added [ 217.332093][ T5418] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 217.367231][ T5412] team0: Port device team_slave_1 added [ 217.384363][ T5421] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 217.449427][ T5425] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 217.474396][ T4329] Bluetooth: hci3: command 0x040f tx timeout [ 217.569701][ T5421] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 217.619933][ T5425] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 217.629975][ T4985] Bluetooth: hci4: command 0x040f tx timeout [ 217.709706][ T5418] team0: Port device team_slave_0 added [ 217.756981][ T5412] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 217.764381][ T5412] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.792516][ T5412] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 217.835435][ T5415] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 217.842586][ T5415] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.868966][ T5415] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 217.916528][ T5418] team0: Port device team_slave_1 added [ 217.956895][ T5412] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 217.964207][ T5412] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.990685][ T5412] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 218.045113][ T5425] team0: Port device team_slave_0 added [ 218.054514][ T5415] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 218.061683][ T5415] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.088499][ T5415] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 218.103757][ T4985] Bluetooth: hci5: command 0x040f tx timeout [ 218.191008][ T5421] team0: Port device team_slave_0 added [ 218.219912][ T5425] team0: Port device team_slave_1 added [ 218.372134][ T5421] team0: Port device team_slave_1 added [ 218.382327][ T5418] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 218.389806][ T5418] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.416247][ T5418] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 218.490396][ T5425] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 218.497944][ T5425] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.524544][ T5425] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 218.587684][ T5418] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 218.594995][ T5418] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.621481][ T5418] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 218.687744][ T5425] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 218.695227][ T5425] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.722034][ T5425] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 218.823460][ T4329] Bluetooth: hci0: command 0x0419 tx timeout [ 218.984481][ T4329] Bluetooth: hci1: command 0x0419 tx timeout [ 219.224049][ T4329] Bluetooth: hci2: command 0x0419 tx timeout [ 219.311444][ T5421] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 219.318960][ T5421] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 219.345675][ T5421] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 219.372780][ T5412] device hsr_slave_0 entered promiscuous mode [ 219.411296][ T5412] device hsr_slave_1 entered promiscuous mode [ 219.458910][ T5412] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 219.467823][ T5412] Cannot create hsr debugfs directory [ 219.544663][ T4329] Bluetooth: hci3: command 0x0419 tx timeout [ 219.703501][ T4329] Bluetooth: hci4: command 0x0419 tx timeout [ 219.808680][ T5415] device hsr_slave_0 entered promiscuous mode [ 219.845981][ T5415] device hsr_slave_1 entered promiscuous mode [ 219.883425][ T5415] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 219.891228][ T5415] Cannot create hsr debugfs directory [ 219.981963][ T5421] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 219.989997][ T5421] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 220.016416][ T5421] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 220.183576][ T4329] Bluetooth: hci5: command 0x0419 tx timeout [ 220.895884][ T5418] device hsr_slave_0 entered promiscuous mode [ 220.924603][ T5418] device hsr_slave_1 entered promiscuous mode [ 220.943374][ T5418] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 220.951175][ T5418] Cannot create hsr debugfs directory [ 221.074908][ T5425] device hsr_slave_0 entered promiscuous mode [ 221.094786][ T5425] device hsr_slave_1 entered promiscuous mode [ 221.123428][ T5425] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 221.131300][ T5425] Cannot create hsr debugfs directory [ 221.622439][ T5421] device hsr_slave_0 entered promiscuous mode [ 221.634524][ T5421] device hsr_slave_1 entered promiscuous mode [ 221.645565][ T5421] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 221.653467][ T5421] Cannot create hsr debugfs directory [ 223.156199][ T1190] ieee802154 phy0 wpan0: encryption failed: -22 [ 223.162870][ T1190] ieee802154 phy1 wpan1: encryption failed: -22 [ 276.885550][ T4985] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 276.896459][ T45] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 276.906744][ T45] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 276.924258][ T45] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 276.938301][ T45] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 276.947361][ T45] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 277.496827][ T4329] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 277.505814][ T4329] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 277.515989][ T4329] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 277.538506][ T4985] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 277.551347][ T4985] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 277.561575][ T4985] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 277.746539][ T4985] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 277.760921][ T4985] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 277.772238][ T4985] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 277.805306][ T4329] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 277.816953][ T4329] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 277.825693][ T4329] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 277.880496][ T6163] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 277.890049][ T6163] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 277.908171][ T6163] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 277.929650][ T6163] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 277.946271][ T6163] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 277.958703][ T6163] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 278.028499][ T4985] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 278.038562][ T4985] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 278.049860][ T4985] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 278.067484][ T4985] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 278.081014][ T4985] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 278.091711][ T4985] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 278.153716][ T6163] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 278.164959][ T6163] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 278.175300][ T6163] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 278.189640][ T6163] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 278.200347][ T6163] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 278.210717][ T6163] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 278.983569][ T6163] Bluetooth: hci6: command 0x0409 tx timeout [ 279.623543][ T6163] Bluetooth: hci7: command 0x0409 tx timeout [ 279.863515][ T6163] Bluetooth: hci8: command 0x0409 tx timeout [ 280.023699][ T6163] Bluetooth: hci9: command 0x0409 tx timeout [ 280.183645][ T6163] Bluetooth: hci10: command 0x0409 tx timeout [ 280.263603][ T6163] Bluetooth: hci11: command 0x0409 tx timeout [ 281.063876][ T6163] Bluetooth: hci6: command 0x041b tx timeout [ 281.703594][ T6163] Bluetooth: hci7: command 0x041b tx timeout [ 281.943543][ T6163] Bluetooth: hci8: command 0x041b tx timeout [ 282.103521][ T6163] Bluetooth: hci9: command 0x041b tx timeout [ 282.263640][ T6163] Bluetooth: hci10: command 0x041b tx timeout [ 282.343450][ T6163] Bluetooth: hci11: command 0x041b tx timeout [ 283.143512][ T6163] Bluetooth: hci6: command 0x040f tx timeout [ 283.783541][ T6163] Bluetooth: hci7: command 0x040f tx timeout [ 284.023588][ T6163] Bluetooth: hci8: command 0x040f tx timeout [ 284.183625][ T6163] Bluetooth: hci9: command 0x040f tx timeout [ 284.343475][ T6163] Bluetooth: hci10: command 0x040f tx timeout [ 284.423579][ T6163] Bluetooth: hci11: command 0x040f tx timeout [ 284.592917][ T1190] ieee802154 phy0 wpan0: encryption failed: -22 [ 284.599795][ T1190] ieee802154 phy1 wpan1: encryption failed: -22 [ 285.223665][ T6163] Bluetooth: hci6: command 0x0419 tx timeout [ 285.863757][ T4985] Bluetooth: hci7: command 0x0419 tx timeout [ 286.103521][ T4985] Bluetooth: hci8: command 0x0419 tx timeout [ 286.263668][ T6163] Bluetooth: hci9: command 0x0419 tx timeout [ 286.423546][ T4985] Bluetooth: hci10: command 0x0419 tx timeout [ 286.503990][ T6163] Bluetooth: hci11: command 0x0419 tx timeout [ 318.563573][ T3515] unregister_netdevice: waiting for lo to become free. Usage count = 2 [ 318.572051][ T3515] leaked reference. [ 318.575959][ T3515] ===================================================== [ 318.583060][ T3515] BUG: KMSAN: uninit-value in kallsyms_lookup_buildid+0x1fb/0xca0 [ 318.591003][ T3515] kallsyms_lookup_buildid+0x1fb/0xca0 [ 318.596643][ T3515] __sprint_symbol+0x166/0x650 [ 318.601518][ T3515] sprint_symbol+0x80/0x90 [ 318.606046][ T3515] symbol_string+0x44a/0x6e0 [ 318.610835][ T3515] pointer+0x17af/0x2970 [ 318.615190][ T3515] vsnprintf+0x1d4b/0x3510 [ 318.619722][ T3515] vprintk_store+0x571/0x18e0 [ 318.624534][ T3515] vprintk_emit+0x290/0xab0 [ 318.629237][ T3515] vprintk_default+0x8a/0xa0 [ 318.633982][ T3515] vprintk+0x163/0x180 [ 318.638178][ T3515] _printk+0x191/0x1e0 [ 318.642336][ T3515] stack_trace_print+0x14e/0x1e0 [ 318.647417][ T3515] stack_depot_print+0x59/0x60 [ 318.652390][ T3515] ref_tracker_dir_print+0x1f9/0x390 [ 318.657818][ T3515] netdev_run_todo+0x1138/0x18f0 [ 318.662935][ T3515] rtnl_unlock+0x17/0x20 [ 318.667323][ T3515] default_device_exit_batch+0xc6e/0xd40 [ 318.673141][ T3515] cleanup_net+0xd77/0x1860 [ 318.677754][ T3515] process_one_work+0xe73/0x18d0 [ 318.682820][ T3515] worker_thread+0x10fc/0x2230 [ 318.687738][ T3515] kthread+0x3c7/0x500 [ 318.691987][ T3515] ret_from_fork+0x1f/0x30 [ 318.696516][ T3515] [ 318.698898][ T3515] Uninit was created at: [ 318.703304][ T3515] __alloc_pages+0x926/0x10a0 [ 318.708141][ T3515] alloc_pages+0xb4b/0xec0 [ 318.712730][ T3515] __stack_depot_save+0x440/0x4b0 [ 318.717885][ T3515] stack_depot_save+0x17/0x20 [ 318.722674][ T3515] ref_tracker_alloc+0x31a/0x9a0 [ 318.727769][ T3515] netdev_tracker_alloc+0xe6/0x140 [ 318.733074][ T3515] fib_create_info+0x4689/0x4870 [ 318.738139][ T3515] fib_table_insert+0x3b2/0x3a00 [ 318.743212][ T3515] fib_magic+0x67c/0x880 [ 318.747619][ T3515] fib_add_ifaddr+0x2b6/0xb10 [ 318.752456][ T3515] fib_inetaddr_event+0x24b/0x6c0 [ 318.757586][ T3515] blocking_notifier_call_chain+0x178/0x350 [ 318.763644][ T3515] __inet_insert_ifa+0x134b/0x1450 [ 318.768978][ T3515] inet_rtm_newaddr+0x14be/0x2780 [ 318.774178][ T3515] rtnetlink_rcv_msg+0x162a/0x1ab0 [ 318.779402][ T3515] netlink_rcv_skb+0x6de/0x800 [ 318.784338][ T3515] rtnetlink_rcv+0x54/0x60 [ 318.788926][ T3515] netlink_unicast+0x10a0/0x1370 [ 318.794029][ T3515] netlink_sendmsg+0x13aa/0x1700 [ 318.799171][ T3515] __sys_sendto+0xa10/0xc90 [ 318.803897][ T3515] __se_compat_sys_socketcall+0x10eb/0x1770 [ 318.810067][ T3515] __ia32_compat_sys_socketcall+0x95/0xc0 [ 318.816011][ T3515] __do_fast_syscall_32+0xa2/0x100 [ 318.821350][ T3515] do_fast_syscall_32+0x37/0x80 [ 318.826447][ T3515] do_SYSENTER_32+0x1f/0x30 [ 318.831180][ T3515] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 318.837767][ T3515] [ 318.840145][ T3515] CPU: 0 PID: 3515 Comm: kworker/u4:17 Not tainted 6.2.0-rc8-syzkaller-80999-g31b504f219a9 #0 [ 318.850582][ T3515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 318.860737][ T3515] Workqueue: netns cleanup_net [ 318.865643][ T3515] ===================================================== [ 318.872659][ T3515] Disabling lock debugging due to kernel taint [ 318.878874][ T3515] Kernel panic - not syncing: kmsan.panic set ... [ 318.885376][ T3515] CPU: 0 PID: 3515 Comm: kworker/u4:17 Tainted: G B 6.2.0-rc8-syzkaller-80999-g31b504f219a9 #0 [ 318.897425][ T3515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 318.907625][ T3515] Workqueue: netns cleanup_net [ 318.912569][ T3515] Call Trace: [ 318.915929][ T3515] [ 318.918939][ T3515] dump_stack_lvl+0x200/0x290 [ 318.923828][ T3515] dump_stack+0x29/0x30 [ 318.928174][ T3515] panic+0x4fd/0xc70 [ 318.932191][ T3515] ? add_taint+0x185/0x210 [ 318.936711][ T3515] ? preempt_count_sub+0x3b/0xa0 [ 318.941977][ T3515] kmsan_report+0x2d0/0x2d0 [ 318.946839][ T3515] ? __msan_warning+0x96/0x110 [ 318.951821][ T3515] ? kallsyms_lookup_buildid+0x1fb/0xca0 [ 318.957668][ T3515] ? __sprint_symbol+0x166/0x650 [ 318.962793][ T3515] ? sprint_symbol+0x80/0x90 [ 318.967638][ T3515] ? symbol_string+0x44a/0x6e0 [ 318.972601][ T3515] ? pointer+0x17af/0x2970 [ 318.977206][ T3515] ? vsnprintf+0x1d4b/0x3510 [ 318.981989][ T3515] ? vprintk_store+0x571/0x18e0 [ 318.986993][ T3515] ? vprintk_emit+0x290/0xab0 [ 318.991927][ T3515] ? vprintk_default+0x8a/0xa0 [ 318.996810][ T3515] ? vprintk+0x163/0x180 [ 319.001172][ T3515] ? _printk+0x191/0x1e0 [ 319.005537][ T3515] ? stack_trace_print+0x14e/0x1e0 [ 319.010887][ T3515] ? stack_depot_print+0x59/0x60 [ 319.015953][ T3515] ? ref_tracker_dir_print+0x1f9/0x390 [ 319.021534][ T3515] ? netdev_run_todo+0x1138/0x18f0 [ 319.026782][ T3515] ? rtnl_unlock+0x17/0x20 [ 319.031391][ T3515] ? default_device_exit_batch+0xc6e/0xd40 [ 319.037317][ T3515] ? cleanup_net+0xd77/0x1860 [ 319.042088][ T3515] ? process_one_work+0xe73/0x18d0 [ 319.047355][ T3515] ? worker_thread+0x10fc/0x2230 [ 319.052499][ T3515] ? kthread+0x3c7/0x500 [ 319.057202][ T3515] ? ret_from_fork+0x1f/0x30 [ 319.062010][ T3515] ? __update_load_avg_cfs_rq+0xf31/0x13e0 [ 319.067977][ T3515] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 319.074001][ T3515] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 319.080419][ T3515] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 319.086387][ T3515] ? ipv6_add_dev+0x99a/0x2000 [ 319.091419][ T3515] __msan_warning+0x96/0x110 [ 319.096154][ T3515] kallsyms_lookup_buildid+0x1fb/0xca0 [ 319.101730][ T3515] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 319.107698][ T3515] ? ipv6_add_dev+0x99a/0x2000 [ 319.112645][ T3515] ? ipv6_add_dev+0x99a/0x2000 [ 319.117535][ T3515] __sprint_symbol+0x166/0x650 [ 319.122756][ T3515] ? ipv6_add_dev+0x99a/0x2000 [ 319.127657][ T3515] sprint_symbol+0x80/0x90 [ 319.132234][ T3515] ? ipv6_add_dev+0x99a/0x2000 [ 319.137115][ T3515] symbol_string+0x44a/0x6e0 [ 319.141819][ T3515] ? ipv6_add_dev+0x99a/0x2000 [ 319.146729][ T3515] ? filter_irq_stacks+0xb9/0x230 [ 319.151947][ T3515] ? __stack_depot_save+0x25/0x4b0 [ 319.157237][ T3515] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 319.163639][ T3515] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 319.169782][ T3515] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 319.175751][ T3515] ? format_decode+0x61/0x1a00 [ 319.180638][ T3515] ? filter_irq_stacks+0xb9/0x230 [ 319.185843][ T3515] ? __stack_depot_save+0x25/0x4b0 [ 319.191151][ T3515] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 319.197136][ T3515] pointer+0x17af/0x2970 [ 319.201589][ T3515] ? ipv6_add_dev+0x99a/0x2000 [ 319.206511][ T3515] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 319.212671][ T3515] ? ipv6_add_dev+0x99a/0x2000 [ 319.217560][ T3515] vsnprintf+0x1d4b/0x3510 [ 319.222821][ T3515] vprintk_store+0x571/0x18e0 [ 319.227713][ T3515] vprintk_emit+0x290/0xab0 [ 319.232426][ T3515] vprintk_default+0x8a/0xa0 [ 319.237197][ T3515] vprintk+0x163/0x180 [ 319.241413][ T3515] _printk+0x191/0x1e0 [ 319.245626][ T3515] ? ipv6_add_dev+0x99a/0x2000 [ 319.250561][ T3515] ? ref_tracker_dir_print+0x1cf/0x390 [ 319.256163][ T3515] ? ipv6_add_dev+0x99a/0x2000 [ 319.261066][ T3515] stack_trace_print+0x14e/0x1e0 [ 319.266147][ T3515] stack_depot_print+0x59/0x60 [ 319.271093][ T3515] ref_tracker_dir_print+0x1f9/0x390 [ 319.276528][ T3515] netdev_run_todo+0x1138/0x18f0 [ 319.281594][ T3515] rtnl_unlock+0x17/0x20 [ 319.285987][ T3515] default_device_exit_batch+0xc6e/0xd40 [ 319.291808][ T3515] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 319.297768][ T3515] ? netdev_exit+0x160/0x160 [ 319.302478][ T3515] cleanup_net+0xd77/0x1860 [ 319.307117][ T3515] ? ops_init+0x970/0x970 [ 319.311613][ T3515] process_one_work+0xe73/0x18d0 [ 319.316828][ T3515] worker_thread+0x10fc/0x2230 [ 319.321860][ T3515] kthread+0x3c7/0x500 [ 319.326118][ T3515] ? worker_clr_flags+0x3a0/0x3a0 [ 319.331371][ T3515] ? kthread_blkcg+0x120/0x120 [ 319.336277][ T3515] ret_from_fork+0x1f/0x30 [ 319.340847][ T3515] [ 319.344162][ T3515] Kernel Offset: disabled [ 319.348573][ T3515] Rebooting in 86400 seconds..