[ OK ] Started Getty on tty2. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Started getty on tty2-tty6 if dbus and logind are not available. [ OK ] Started OpenBSD Secure Shell server. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.15.197' (ECDSA) to the list of known hosts. 2020/08/30 22:02:33 fuzzer started 2020/08/30 22:02:33 dialing manager at 10.128.0.26:41077 2020/08/30 22:02:34 syscalls: 3333 2020/08/30 22:02:34 code coverage: enabled 2020/08/30 22:02:34 comparison tracing: enabled 2020/08/30 22:02:34 extra coverage: enabled 2020/08/30 22:02:34 setuid sandbox: enabled 2020/08/30 22:02:34 namespace sandbox: enabled 2020/08/30 22:02:34 Android sandbox: /sys/fs/selinux/policy does not exist 2020/08/30 22:02:34 fault injection: enabled 2020/08/30 22:02:34 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/08/30 22:02:34 net packet injection: enabled 2020/08/30 22:02:34 net device setup: enabled 2020/08/30 22:02:34 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/08/30 22:02:34 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/08/30 22:02:34 USB emulation: enabled 2020/08/30 22:02:34 hci packet injection: enabled 22:05:58 executing program 0: 22:05:58 executing program 1: 22:05:58 executing program 2: 22:05:58 executing program 3: 22:05:59 executing program 4: 22:05:59 executing program 5: syzkaller login: [ 265.947099][ T6838] IPVS: ftp: loaded support on port[0] = 21 [ 266.109167][ T6838] chnl_net:caif_netlink_parms(): no params data found [ 266.191101][ T6840] IPVS: ftp: loaded support on port[0] = 21 [ 266.294583][ T6838] bridge0: port 1(bridge_slave_0) entered blocking state [ 266.302127][ T6838] bridge0: port 1(bridge_slave_0) entered disabled state [ 266.310660][ T6838] device bridge_slave_0 entered promiscuous mode [ 266.336560][ T6838] bridge0: port 2(bridge_slave_1) entered blocking state [ 266.344548][ T6838] bridge0: port 2(bridge_slave_1) entered disabled state [ 266.352607][ T6838] device bridge_slave_1 entered promiscuous mode [ 266.448663][ T6838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 266.501290][ T6842] IPVS: ftp: loaded support on port[0] = 21 [ 266.534325][ T6838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 266.618681][ T6840] chnl_net:caif_netlink_parms(): no params data found [ 266.690009][ T6838] team0: Port device team_slave_0 added [ 266.715367][ T6844] IPVS: ftp: loaded support on port[0] = 21 [ 266.722658][ T6838] team0: Port device team_slave_1 added [ 266.806245][ T6838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 266.816799][ T6838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 266.861401][ T6838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 266.928685][ T6838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 266.938761][ T6838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 266.969520][ T6838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 267.040509][ T6846] IPVS: ftp: loaded support on port[0] = 21 [ 267.092834][ T6840] bridge0: port 1(bridge_slave_0) entered blocking state [ 267.101815][ T6840] bridge0: port 1(bridge_slave_0) entered disabled state [ 267.111617][ T6840] device bridge_slave_0 entered promiscuous mode [ 267.159101][ T6840] bridge0: port 2(bridge_slave_1) entered blocking state [ 267.170406][ T6840] bridge0: port 2(bridge_slave_1) entered disabled state [ 267.179000][ T6840] device bridge_slave_1 entered promiscuous mode [ 267.214652][ T6838] device hsr_slave_0 entered promiscuous mode [ 267.221392][ T6838] device hsr_slave_1 entered promiscuous mode [ 267.241656][ T6848] IPVS: ftp: loaded support on port[0] = 21 [ 267.258825][ T6842] chnl_net:caif_netlink_parms(): no params data found [ 267.296483][ T6840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 267.314297][ T6840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 267.469981][ T6840] team0: Port device team_slave_0 added [ 267.511179][ T6840] team0: Port device team_slave_1 added [ 267.538461][ T6844] chnl_net:caif_netlink_parms(): no params data found [ 267.633542][ T6842] bridge0: port 1(bridge_slave_0) entered blocking state [ 267.640958][ T6842] bridge0: port 1(bridge_slave_0) entered disabled state [ 267.652140][ T6842] device bridge_slave_0 entered promiscuous mode [ 267.660216][ T6840] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 267.667271][ T6840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 267.693342][ T6840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 267.710311][ T6840] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 267.717931][ T6840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 267.744060][ T6840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 267.800935][ T6842] bridge0: port 2(bridge_slave_1) entered blocking state [ 267.808732][ T6842] bridge0: port 2(bridge_slave_1) entered disabled state [ 267.820398][ T6842] device bridge_slave_1 entered promiscuous mode [ 267.920174][ T6848] chnl_net:caif_netlink_parms(): no params data found [ 267.966503][ T6840] device hsr_slave_0 entered promiscuous mode [ 267.973774][ T2585] Bluetooth: hci0: command 0x0409 tx timeout [ 267.980561][ T6840] device hsr_slave_1 entered promiscuous mode [ 267.990778][ T6840] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 267.998653][ T6840] Cannot create hsr debugfs directory [ 268.011121][ T6842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 268.022375][ T6844] bridge0: port 1(bridge_slave_0) entered blocking state [ 268.029816][ T6844] bridge0: port 1(bridge_slave_0) entered disabled state [ 268.038188][ T6844] device bridge_slave_0 entered promiscuous mode [ 268.075227][ T6842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 268.147512][ T6844] bridge0: port 2(bridge_slave_1) entered blocking state [ 268.157070][ T6844] bridge0: port 2(bridge_slave_1) entered disabled state [ 268.166400][ T6844] device bridge_slave_1 entered promiscuous mode [ 268.209097][ T6838] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 268.213085][ T17] Bluetooth: hci1: command 0x0409 tx timeout [ 268.246377][ T6838] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 268.262240][ T6842] team0: Port device team_slave_0 added [ 268.285015][ T6844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 268.309159][ T6838] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 268.319851][ T6842] team0: Port device team_slave_1 added [ 268.333280][ T6846] chnl_net:caif_netlink_parms(): no params data found [ 268.361014][ T6844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 268.382639][ T6838] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 268.452878][ T2585] Bluetooth: hci2: command 0x0409 tx timeout [ 268.460029][ T6844] team0: Port device team_slave_0 added [ 268.474641][ T6842] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 268.481610][ T6842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 268.512957][ T6842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 268.531181][ T6842] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 268.538946][ T6842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 268.565825][ T6842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 268.590237][ T6844] team0: Port device team_slave_1 added [ 268.612806][ T2585] Bluetooth: hci3: command 0x0409 tx timeout [ 268.638609][ T6848] bridge0: port 1(bridge_slave_0) entered blocking state [ 268.649642][ T6848] bridge0: port 1(bridge_slave_0) entered disabled state [ 268.659915][ T6848] device bridge_slave_0 entered promiscuous mode [ 268.689322][ T6844] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 268.698092][ T6844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 268.724829][ T6844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 268.746025][ T6842] device hsr_slave_0 entered promiscuous mode [ 268.754522][ T6842] device hsr_slave_1 entered promiscuous mode [ 268.761132][ T6842] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 268.769801][ T6842] Cannot create hsr debugfs directory [ 268.776266][ T6848] bridge0: port 2(bridge_slave_1) entered blocking state [ 268.784169][ T6848] bridge0: port 2(bridge_slave_1) entered disabled state [ 268.792275][ T6848] device bridge_slave_1 entered promiscuous mode [ 268.808483][ T6844] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 268.817300][ T6844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 268.844786][ T6844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 268.863977][ T12] Bluetooth: hci4: command 0x0409 tx timeout [ 268.882213][ T6848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 268.895682][ T6848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 269.002061][ T6846] bridge0: port 1(bridge_slave_0) entered blocking state [ 269.010265][ T6846] bridge0: port 1(bridge_slave_0) entered disabled state [ 269.017676][ T2600] Bluetooth: hci5: command 0x0409 tx timeout [ 269.025570][ T6846] device bridge_slave_0 entered promiscuous mode [ 269.036356][ T6848] team0: Port device team_slave_0 added [ 269.042474][ T6846] bridge0: port 2(bridge_slave_1) entered blocking state [ 269.050257][ T6846] bridge0: port 2(bridge_slave_1) entered disabled state [ 269.058544][ T6846] device bridge_slave_1 entered promiscuous mode [ 269.077365][ T6844] device hsr_slave_0 entered promiscuous mode [ 269.088355][ T6844] device hsr_slave_1 entered promiscuous mode [ 269.097433][ T6844] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 269.106504][ T6844] Cannot create hsr debugfs directory [ 269.122442][ T6848] team0: Port device team_slave_1 added [ 269.164677][ T6848] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 269.171665][ T6848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 269.198549][ T6848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 269.231657][ T6840] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 269.249593][ T6848] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 269.257053][ T6848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 269.283940][ T6848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 269.313733][ T6840] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 269.323589][ T6840] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 269.344469][ T6846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 269.397819][ T6840] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 269.409315][ T6846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 269.491415][ T6848] device hsr_slave_0 entered promiscuous mode [ 269.499026][ T6848] device hsr_slave_1 entered promiscuous mode [ 269.506442][ T6848] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 269.514709][ T6848] Cannot create hsr debugfs directory [ 269.617421][ T6846] team0: Port device team_slave_0 added [ 269.634320][ T6846] team0: Port device team_slave_1 added [ 269.659878][ T6846] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 269.671287][ T6846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 269.698282][ T6846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 269.725394][ T6846] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 269.732377][ T6846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 269.760949][ T6846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 269.777937][ T6838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 269.791454][ T6842] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 269.806252][ T6842] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 269.860567][ T6842] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 269.894543][ T6838] 8021q: adding VLAN 0 to HW filter on device team0 [ 269.907219][ T6846] device hsr_slave_0 entered promiscuous mode [ 269.914575][ T6846] device hsr_slave_1 entered promiscuous mode [ 269.921098][ T6846] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 269.930005][ T6846] Cannot create hsr debugfs directory [ 269.938747][ T6842] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 269.957173][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 269.967283][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 270.044957][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 270.052727][ T17] Bluetooth: hci0: command 0x041b tx timeout [ 270.061513][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 270.070890][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 270.078214][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 270.087822][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 270.157547][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 270.167373][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 270.176285][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 270.183452][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 270.197135][ T6844] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 270.210307][ T6844] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 270.231695][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 270.254701][ T6840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 270.283714][ T6844] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 270.298760][ T2585] Bluetooth: hci1: command 0x041b tx timeout [ 270.299969][ T6844] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 270.339061][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 270.347835][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 270.359942][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 270.369382][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 270.424463][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 270.437010][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 270.446307][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 270.458954][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 270.467962][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 270.476212][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 270.484472][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 270.493350][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 270.517415][ T6840] 8021q: adding VLAN 0 to HW filter on device team0 [ 270.532793][ T2585] Bluetooth: hci2: command 0x041b tx timeout [ 270.554280][ T6838] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 270.578733][ T6848] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 270.630466][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 270.640162][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 270.649997][ T2600] bridge0: port 1(bridge_slave_0) entered blocking state [ 270.657148][ T2600] bridge0: port 1(bridge_slave_0) entered forwarding state [ 270.666627][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 270.676527][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 270.685204][ T2600] bridge0: port 2(bridge_slave_1) entered blocking state [ 270.692253][ T2600] bridge0: port 2(bridge_slave_1) entered forwarding state [ 270.692496][ T2585] Bluetooth: hci3: command 0x041b tx timeout [ 270.703741][ T6848] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 270.753330][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 270.766399][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 270.776568][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 270.786875][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 270.795051][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 270.802867][ T6848] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 270.832892][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 270.841796][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 270.855698][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 270.869078][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 270.878299][ T6848] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 270.918623][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 270.929604][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 270.932716][ T17] Bluetooth: hci4: command 0x041b tx timeout [ 270.939647][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 270.958131][ T6846] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 270.977953][ T6840] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 270.994897][ T6840] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 271.006190][ T6838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 271.016432][ T6846] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 271.034086][ T6842] 8021q: adding VLAN 0 to HW filter on device bond0 [ 271.048473][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 271.056976][ T2585] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 271.087695][ T6846] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 271.094711][ T17] Bluetooth: hci5: command 0x041b tx timeout [ 271.138814][ T6846] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 271.156388][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 271.165483][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 271.178035][ T6842] 8021q: adding VLAN 0 to HW filter on device team0 [ 271.192425][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 271.201205][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 271.253501][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 271.268218][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 271.276415][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 271.288398][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 271.297767][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 271.304892][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 271.315074][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 271.338028][ T6844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 271.364512][ T6840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 271.380718][ T6844] 8021q: adding VLAN 0 to HW filter on device team0 [ 271.396872][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 271.406254][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 271.421731][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 271.428871][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 271.437749][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 271.445720][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 271.454537][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 271.462925][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 271.476857][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 271.485410][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 271.516451][ T6838] device veth0_vlan entered promiscuous mode [ 271.534663][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 271.547387][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 271.558168][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 271.568068][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 271.576987][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 271.584148][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 271.593681][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 271.633948][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 271.645540][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 271.656101][ T8081] bridge0: port 2(bridge_slave_1) entered blocking state [ 271.663248][ T8081] bridge0: port 2(bridge_slave_1) entered forwarding state [ 271.671101][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 271.680233][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 271.689263][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 271.697889][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 271.706874][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 271.716246][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 271.728066][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 271.737057][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 271.756970][ T6838] device veth1_vlan entered promiscuous mode [ 271.784322][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 271.793724][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 271.802118][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 271.815589][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 271.824881][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 271.833719][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 271.862372][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 271.870782][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 271.879344][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 271.887810][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 271.896675][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 271.905271][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 271.933876][ T6844] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 271.946499][ T6844] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 271.960373][ T6842] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 271.975903][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 271.984883][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 272.001027][ T6840] device veth0_vlan entered promiscuous mode [ 272.063890][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 272.077664][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 272.088742][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 272.098733][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 272.129756][ T6838] device veth0_macvtap entered promiscuous mode [ 272.136251][ T2585] Bluetooth: hci0: command 0x040f tx timeout [ 272.165135][ T6842] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 272.187961][ T6848] 8021q: adding VLAN 0 to HW filter on device bond0 [ 272.197743][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 272.206550][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 272.215709][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 272.225239][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 272.239074][ T6846] 8021q: adding VLAN 0 to HW filter on device bond0 [ 272.250398][ T6838] device veth1_macvtap entered promiscuous mode [ 272.266559][ T6840] device veth1_vlan entered promiscuous mode [ 272.288091][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 272.298444][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 272.308360][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 272.316720][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 272.325259][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 272.365542][ T6844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 272.374671][ T17] Bluetooth: hci1: command 0x040f tx timeout [ 272.381463][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 272.395463][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 272.403643][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 272.411271][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 272.419767][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 272.427862][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 272.436725][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 272.449875][ T6846] 8021q: adding VLAN 0 to HW filter on device team0 [ 272.471211][ T6838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 272.505549][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 272.515662][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 272.527085][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 272.536800][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 272.546320][ T8081] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.553470][ T8081] bridge0: port 1(bridge_slave_0) entered forwarding state [ 272.561866][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 272.570796][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 272.579507][ T8081] bridge0: port 2(bridge_slave_1) entered blocking state [ 272.586675][ T8081] bridge0: port 2(bridge_slave_1) entered forwarding state [ 272.595545][ T6848] 8021q: adding VLAN 0 to HW filter on device team0 [ 272.612213][ T17] Bluetooth: hci2: command 0x040f tx timeout [ 272.641068][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 272.653397][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 272.667608][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 272.676062][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.683190][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 272.691727][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 272.701204][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 272.710550][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 272.717671][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 272.725579][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 272.734530][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 272.748243][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 272.765030][ T6838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 272.780481][ T17] Bluetooth: hci3: command 0x040f tx timeout [ 272.820516][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 272.829936][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 272.840981][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 272.853079][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 272.861547][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 272.870978][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 272.879961][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 272.888964][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 272.897714][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 272.906638][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 272.916792][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 272.925543][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 272.935101][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 272.944188][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 272.953478][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 272.961232][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 272.969520][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 272.980323][ T6838] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 272.994471][ T6838] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.003683][ T6838] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.013281][ T6838] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.013290][ T17] Bluetooth: hci4: command 0x040f tx timeout [ 273.034553][ T6842] device veth0_vlan entered promiscuous mode [ 273.046968][ T6840] device veth0_macvtap entered promiscuous mode [ 273.061322][ T6840] device veth1_macvtap entered promiscuous mode [ 273.073442][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 273.081532][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 273.090637][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 273.100571][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 273.109228][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 273.118609][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 273.127669][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 273.137152][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 273.159561][ T6846] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 273.175950][ T6846] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 273.178677][ T17] Bluetooth: hci5: command 0x040f tx timeout [ 273.197999][ T6844] device veth0_vlan entered promiscuous mode [ 273.205729][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 273.216578][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 273.224756][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 273.232729][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 273.241002][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 273.249636][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 273.259356][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 273.268066][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 273.277003][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 273.303794][ T6848] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 273.315562][ T6848] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 273.328593][ T6842] device veth1_vlan entered promiscuous mode [ 273.337837][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 273.347826][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 273.356680][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 273.387311][ T6840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 273.408197][ T6840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.423362][ T6840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 273.444134][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 273.456071][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 273.464740][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 273.473385][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 273.481899][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 273.500857][ T6846] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 273.509886][ T6844] device veth1_vlan entered promiscuous mode [ 273.523197][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 273.546069][ T6840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 273.560621][ T6840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.573355][ T6840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 273.624196][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 273.634048][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 273.647356][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 273.665934][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 273.678202][ T6840] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.702438][ T6840] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.711221][ T6840] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 22:06:07 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet(0x2, 0x802, 0x0) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000eedffc)=0x7fe, 0x4) setsockopt$inet_int(r2, 0x0, 0x7, &(0x7f0000000040)=0x6b04, 0x4) sendto$inet(r2, 0x0, 0x0, 0x0, &(0x7f0000514ff0)={0x2, 0x4e20}, 0x10) setsockopt$inet_int(r2, 0x0, 0xc, &(0x7f0000000080)=0x5, 0x4) recvfrom$inet(r2, 0x0, 0x0, 0x2000, 0x0, 0x0) recvfrom$inet(r2, 0x0, 0x0, 0x12020, 0x0, 0x0) [ 273.729208][ T6840] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.758230][ T6848] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 273.830590][ T6844] device veth0_macvtap entered promiscuous mode [ 273.861296][ T8143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 273.874282][ T8143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 273.893353][ T8143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 273.905398][ T8154] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 273.912222][ T8143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 273.951146][ T8143] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 273.986839][ T6842] device veth0_macvtap entered promiscuous mode [ 274.007451][ T6844] device veth1_macvtap entered promiscuous mode 22:06:07 executing program 0: r0 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0xc4, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0x23f) [ 274.050207][ T6842] device veth1_macvtap entered promiscuous mode [ 274.139401][ T6844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 274.159964][ T6844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.177641][ T6844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 274.191973][ T6844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.213063][ T8143] Bluetooth: hci0: command 0x0419 tx timeout [ 274.214995][ T6844] batman_adv: batadv0: Interface activated: batadv_slave_0 22:06:07 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semctl$IPC_SET(0x0, 0x0, 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) recvmmsg(r0, &(0x7f0000007ec0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x3, 0x0, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001000010700000000000000000a0000000600010020"], 0x1c}}, 0x0) syz_open_dev$vbi(&(0x7f00000000c0)='/dev/vbi#\x00', 0x1, 0x2) [ 274.249284][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 274.274096][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 274.283264][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 274.291328][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 274.303262][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 274.320649][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 274.335044][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 274.381029][ T6844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 274.401603][ T6844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.442970][ T8171] ------------[ cut here ]------------ [ 274.448866][ T8171] WARNING: CPU: 0 PID: 8171 at lib/nlattr.c:117 nla_get_range_unsigned+0x157/0x530 [ 274.461527][ T2600] Bluetooth: hci1: command 0x0419 tx timeout [ 274.471498][ T6844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 274.487491][ T6844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.498754][ T8171] Modules linked in: [ 274.503797][ T8171] CPU: 0 PID: 8171 Comm: syz-executor.0 Not tainted 5.9.0-rc2-next-20200828-syzkaller #0 [ 274.516611][ T6844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 274.526326][ T8171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 22:06:08 executing program 1: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) setsockopt$inet6_int(r0, 0x29, 0x0, &(0x7f00000000c0)=0xfffffffc, 0x4) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20, 0x0, @empty}, 0x1c) listen(r0, 0x400000001ffffffd) r1 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r2 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg(r2, &(0x7f0000003d40)=[{{0x0, 0xffffffbf, 0x0, 0x0, 0x0, 0x0, 0xe}}], 0x4000000000000d0, 0x0) [ 274.539670][ T8171] RIP: 0010:nla_get_range_unsigned+0x157/0x530 [ 274.554822][ T6842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 274.567059][ T8171] Code: 2a 03 00 00 44 0f b6 3b 48 c7 c6 40 e9 96 88 4c 89 ff e8 6c 93 c2 fd 41 80 ff 0b 77 11 42 ff 24 fd 60 e3 96 88 e8 99 96 c2 fd <0f> 0b eb 8f e8 90 96 c2 fd 0f 0b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 [ 274.600608][ T6842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.623905][ T6842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 274.649592][ T8171] RSP: 0018:ffffc90015d07190 EFLAGS: 00010212 [ 274.650391][ T6842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.669151][ T8171] RAX: 00000000000016b4 RBX: ffffffff8918a7a0 RCX: ffffc9000636a000 [ 274.674203][ T6842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 274.686156][ T8171] RDX: 0000000000040000 RSI: ffffffff83b1e5f7 RDI: 0000000000000003 [ 274.695549][ T6842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.696900][ T8143] Bluetooth: hci2: command 0x0419 tx timeout [ 274.713887][ T8171] RBP: ffffc90015d071b8 R08: 0000000000000000 R09: ffff88804d57c370 [ 274.721453][ T6842] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 274.726159][ T8171] R10: 0000000000000000 R11: 0000000000000000 R12: ffffc90015d07278 [ 274.743277][ T8171] R13: ffffffff8918a7a1 R14: 000000000000877c R15: ffffffff8918a7a0 [ 274.751758][ C0] hrtimer: interrupt took 63625 ns [ 274.761380][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 274.763000][ T8171] FS: 00007fe872a7a700(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000 [ 274.790762][ T8171] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 274.800772][ T8171] CR2: 000056347e65e540 CR3: 0000000094db0000 CR4: 00000000001506e0 [ 274.807897][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 274.819350][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 274.825400][ T8171] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 274.831077][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 274.841501][ T8171] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 274.848747][ T6844] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.863285][ T8143] Bluetooth: hci3: command 0x0419 tx timeout [ 274.874334][ T6844] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.884250][ T8171] Call Trace: [ 274.887915][ T8171] netlink_policy_dump_write+0x2ae/0xea0 [ 274.894212][ T8171] ? netlink_policy_dump_loop+0x170/0x170 22:06:08 executing program 1: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="002222000000962341"], 0x0}, 0x0) openat$ion(0xffffffffffffff9c, 0x0, 0x0, 0x0) [ 274.898635][ T6844] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.900174][ T8171] ? skb_put+0x134/0x180 [ 274.917957][ T8171] ? memset+0x20/0x40 [ 274.918274][ T6844] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.925329][ T8171] ? __nla_reserve+0x9a/0xc0 [ 274.936797][ T8171] ? __nla_put+0x23/0x40 [ 274.945126][ T8171] ? memcpy+0x39/0x60 [ 274.949272][ T8171] ctrl_dumppolicy+0x4a8/0x900 [ 274.954690][ T8171] ? genl_start+0x5d0/0x5d0 [ 274.959336][ T8171] ? __kmalloc_node_track_caller+0x38/0x60 [ 274.965832][ T8171] ? rcu_read_lock_sched_held+0x3a/0xb0 [ 274.982287][ T8171] ? __phys_addr+0x9a/0x110 [ 274.995972][ T6842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 275.006628][ T8171] ? memset+0x20/0x40 [ 275.021174][ T8171] genl_lock_dumpit+0x7f/0xb0 [ 275.021499][ T6842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.032983][ T8171] netlink_dump+0x4cd/0xf60 [ 275.054638][ T6842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 275.065361][ T8171] ? netlink_insert+0x1670/0x1670 [ 275.070750][ T8171] ? __mutex_unlock_slowpath+0xe2/0x610 [ 275.076537][ T6842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.086588][ T8171] ? kmem_cache_alloc_trace+0x188/0x2c0 [ 275.092808][ T8143] Bluetooth: hci4: command 0x0419 tx timeout [ 275.099176][ T8171] ? genl_start+0x3bb/0x5d0 [ 275.103946][ T6842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 275.114589][ T8171] __netlink_dump_start+0x643/0x900 [ 275.119931][ T8171] ? genl_rcv_msg+0x980/0x980 [ 275.125439][ T6842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.141153][ T8171] ? genl_start+0x5d0/0x5d0 [ 275.148153][ T8171] genl_family_rcv_msg_dumpit+0x2ac/0x310 [ 275.163893][ T8171] ? genl_rcv+0x40/0x40 [ 275.168238][ T6842] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 275.176917][ T8171] ? mutex_lock_io_nested+0xf60/0xf60 [ 275.191117][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 275.192628][ T8171] ? genl_rcv_msg+0x980/0x980 [ 275.209613][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 275.210527][ T8171] ? genl_unlock+0x20/0x20 [ 275.222612][ T8171] ? genl_parallel_done+0xf0/0xf0 [ 275.227821][ T8171] ? __radix_tree_lookup+0x1f3/0x290 [ 275.234050][ T8171] genl_rcv_msg+0x75f/0x980 [ 275.237680][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 275.238678][ T8171] ? genl_family_rcv_msg_attrs_parse.isra.0+0x250/0x250 [ 275.254636][ T8143] Bluetooth: hci5: command 0x0419 tx timeout [ 275.261110][ T8171] ? lock_acquire+0x1f1/0xad0 [ 275.266293][ T8171] ? genl_rcv+0x15/0x40 [ 275.270579][ T8171] ? lock_release+0x8e0/0x8e0 [ 275.277682][ T2600] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 275.278381][ T8171] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 275.291859][ T8171] netlink_rcv_skb+0x15a/0x430 [ 275.302103][ T8171] ? genl_family_rcv_msg_attrs_parse.isra.0+0x250/0x250 [ 275.316000][ T6842] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.326607][ T8171] ? netlink_ack+0xa10/0xa10 [ 275.336016][ T6842] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.345482][ T8171] genl_rcv+0x24/0x40 [ 275.349466][ T8171] netlink_unicast+0x533/0x7d0 [ 275.354726][ T6842] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.364534][ T8171] ? netlink_attachskb+0x810/0x810 [ 275.369826][ T8171] ? _copy_from_iter_full+0x247/0x890 [ 275.371877][ T12] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 275.375334][ T6842] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.393298][ T8171] ? __phys_addr+0x9a/0x110 [ 275.397835][ T8171] ? __phys_addr_symbol+0x2c/0x70 [ 275.403584][ T8171] ? __check_object_size+0x171/0x3e4 [ 275.408875][ T8171] netlink_sendmsg+0x856/0xd90 [ 275.420636][ T6848] device veth0_vlan entered promiscuous mode [ 275.428683][ T8171] ? netlink_unicast+0x7d0/0x7d0 [ 275.433933][ T8171] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 275.439273][ T8171] ? netlink_unicast+0x7d0/0x7d0 [ 275.447561][ T8171] sock_sendmsg+0xcf/0x120 [ 275.454361][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 275.463983][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 275.468033][ T8171] ____sys_sendmsg+0x6e8/0x810 [ 275.475675][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 275.476976][ T8171] ? kernel_sendmsg+0x50/0x50 [ 275.486874][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 275.498988][ T8171] ? do_recvmmsg+0x6d0/0x6d0 [ 275.499977][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 275.512675][ T8171] ? lockdep_hardirqs_on_prepare+0x530/0x530 [ 275.513651][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 275.518695][ T8171] ? lockdep_hardirqs_on_prepare+0x530/0x530 [ 275.518712][ T8171] ? mark_lock+0xbc/0x1710 [ 275.518737][ T8171] ___sys_sendmsg+0xf3/0x170 [ 275.530024][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 275.538898][ T8171] ? sendmsg_copy_msghdr+0x160/0x160 [ 275.543361][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 275.548671][ T8171] ? __fget_files+0x272/0x400 [ 275.570442][ T8171] ? lock_downgrade+0x830/0x830 [ 275.578905][ T8171] ? find_held_lock+0x2d/0x110 [ 275.585013][ T8171] ? __might_fault+0x11f/0x1d0 [ 275.589940][ T8171] ? __fget_files+0x294/0x400 [ 275.595809][ T8171] ? __fget_light+0xea/0x280 [ 275.600463][ T8171] __sys_sendmsg+0xe5/0x1b0 [ 275.613514][ T6846] device veth0_vlan entered promiscuous mode [ 275.619782][ T8171] ? __sys_sendmsg_sock+0xb0/0xb0 [ 275.626604][ T8171] ? trace_hardirqs_on+0x5f/0x220 [ 275.635860][ T8171] ? lockdep_hardirqs_on+0x76/0xf0 [ 275.681678][ T12] usb 2-1: Using ep0 maxpacket: 16 [ 275.688311][ T8171] do_syscall_64+0x2d/0x70 [ 275.701314][ T6848] device veth1_vlan entered promiscuous mode [ 275.720772][ T8171] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 275.735035][ T6846] device veth1_vlan entered promiscuous mode [ 275.749202][ T8171] RIP: 0033:0x45d5b9 [ 275.753740][ T8171] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:06:09 executing program 3: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x11200}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0xb, &(0x7f00000000c0)=0xfffffffc, 0x4) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20, 0x0, @empty}, 0x1c) listen(r0, 0x400000001ffffffd) r1 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r2 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg(r2, &(0x7f0000003d40)=[{{0x0, 0xffffffbf, 0x0, 0x0, 0x0, 0x0, 0xe}}], 0x4000000000000d0, 0x0) [ 275.782192][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 275.790470][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 275.800722][ T8171] RSP: 002b:00007fe872a79c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 275.818375][ T8171] RAX: ffffffffffffffda RBX: 000000000002ce00 RCX: 000000000045d5b9 [ 275.827581][ T12] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 275.873089][ T12] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 275.886968][ T8171] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 22:06:09 executing program 2: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x11200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f00000000c0)=0xfffffffc, 0x4) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20, 0x0, @empty}, 0x1c) listen(r0, 0x400000001ffffffd) r1 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r2 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg(r2, &(0x7f0000003d40)=[{{0x0, 0xffffffbf, 0x0, 0x0, 0x0, 0x0, 0xe}}], 0x4000000000000d0, 0x0) [ 275.927981][ T8143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 275.947465][ T8143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 275.951242][ T12] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 275.973669][ T8171] RBP: 000000000118d020 R08: 0000000000000000 R09: 0000000000000000 [ 276.017754][ T6846] device veth0_macvtap entered promiscuous mode [ 276.034091][ T8171] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cfec [ 276.075142][ T6848] device veth0_macvtap entered promiscuous mode [ 276.084318][ T8143] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 276.112689][ T8171] R13: 00007fff45274c7f R14: 00007fe872a7a9c0 R15: 000000000118cfec [ 276.120122][ T12] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 276.126771][ T8143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 276.177863][ T8171] Kernel panic - not syncing: panic_on_warn set ... [ 276.184509][ T8171] CPU: 1 PID: 8171 Comm: syz-executor.0 Not tainted 5.9.0-rc2-next-20200828-syzkaller #0 [ 276.194319][ T8171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 276.204413][ T8171] Call Trace: [ 276.207722][ T8171] dump_stack+0x18f/0x20d [ 276.212134][ T8171] panic+0x2e3/0x75c [ 276.216077][ T8171] ? __warn_printk+0xf3/0xf3 [ 276.219698][ T12] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 276.220680][ T8171] ? __warn.cold+0x1d/0xc1 [ 276.233066][ T8171] ? nla_get_range_unsigned+0x157/0x530 [ 276.238647][ T8171] __warn.cold+0x38/0xc1 [ 276.242924][ T8171] ? nla_get_range_unsigned+0x157/0x530 [ 276.248480][ T8171] report_bug+0x1bd/0x210 [ 276.252827][ T8171] handle_bug+0x38/0x90 [ 276.256996][ T8171] ? mark_lock+0xbc/0x1710 [ 276.261434][ T8171] exc_invalid_op+0x14/0x40 [ 276.265950][ T8171] asm_exc_invalid_op+0x12/0x20 [ 276.270825][ T8171] RIP: 0010:nla_get_range_unsigned+0x157/0x530 [ 276.276991][ T8171] Code: 2a 03 00 00 44 0f b6 3b 48 c7 c6 40 e9 96 88 4c 89 ff e8 6c 93 c2 fd 41 80 ff 0b 77 11 42 ff 24 fd 60 e3 96 88 e8 99 96 c2 fd <0f> 0b eb 8f e8 90 96 c2 fd 0f 0b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 [ 276.296784][ T8171] RSP: 0018:ffffc90015d07190 EFLAGS: 00010212 [ 276.302870][ T8171] RAX: 00000000000016b4 RBX: ffffffff8918a7a0 RCX: ffffc9000636a000 [ 276.310878][ T8171] RDX: 0000000000040000 RSI: ffffffff83b1e5f7 RDI: 0000000000000003 [ 276.311333][ T12] usbip-host 2-1: 2-1 is not in match_busid table... skip! [ 276.318871][ T8171] RBP: ffffc90015d071b8 R08: 0000000000000000 R09: ffff88804d57c370 [ 276.318882][ T8171] R10: 0000000000000000 R11: 0000000000000000 R12: ffffc90015d07278 [ 276.318891][ T8171] R13: ffffffff8918a7a1 R14: 000000000000877c R15: ffffffff8918a7a0 [ 276.318922][ T8171] ? nla_get_range_unsigned+0x157/0x530 [ 276.318952][ T8171] netlink_policy_dump_write+0x2ae/0xea0 [ 276.318987][ T8171] ? netlink_policy_dump_loop+0x170/0x170 [ 276.367103][ T8171] ? skb_put+0x134/0x180 [ 276.371364][ T8171] ? memset+0x20/0x40 [ 276.375386][ T8171] ? __nla_reserve+0x9a/0xc0 [ 276.379994][ T8171] ? __nla_put+0x23/0x40 [ 276.384278][ T8171] ? memcpy+0x39/0x60 [ 276.388306][ T8171] ctrl_dumppolicy+0x4a8/0x900 [ 276.393115][ T8171] ? genl_start+0x5d0/0x5d0 [ 276.398421][ T8171] ? __kmalloc_node_track_caller+0x38/0x60 [ 276.404276][ T8171] ? rcu_read_lock_sched_held+0x3a/0xb0 [ 276.409840][ T8171] ? __phys_addr+0x9a/0x110 [ 276.414361][ T8171] ? memset+0x20/0x40 [ 276.418376][ T8171] genl_lock_dumpit+0x7f/0xb0 [ 276.423069][ T8171] netlink_dump+0x4cd/0xf60 [ 276.427589][ T8171] ? netlink_insert+0x1670/0x1670 [ 276.432657][ T8171] ? __mutex_unlock_slowpath+0xe2/0x610 [ 276.438235][ T8171] ? kmem_cache_alloc_trace+0x188/0x2c0 [ 276.443800][ T8171] ? genl_start+0x3bb/0x5d0 [ 276.448322][ T8171] __netlink_dump_start+0x643/0x900 [ 276.453569][ T8171] ? genl_rcv_msg+0x980/0x980 [ 276.458286][ T8171] ? genl_start+0x5d0/0x5d0 [ 276.462797][ T8171] genl_family_rcv_msg_dumpit+0x2ac/0x310 [ 276.468552][ T8171] ? genl_rcv+0x40/0x40 [ 276.472717][ T8171] ? mutex_lock_io_nested+0xf60/0xf60 [ 276.478105][ T8171] ? genl_rcv_msg+0x980/0x980 [ 276.482787][ T8171] ? genl_unlock+0x20/0x20 [ 276.487218][ T8171] ? genl_parallel_done+0xf0/0xf0 [ 276.492262][ T8171] ? __radix_tree_lookup+0x1f3/0x290 [ 276.497566][ T8171] genl_rcv_msg+0x75f/0x980 [ 276.502090][ T8171] ? genl_family_rcv_msg_attrs_parse.isra.0+0x250/0x250 [ 276.509066][ T8171] ? lock_acquire+0x1f1/0xad0 [ 276.513778][ T8171] ? genl_rcv+0x15/0x40 [ 276.517952][ T8171] ? lock_release+0x8e0/0x8e0 [ 276.522665][ T8171] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 276.527968][ T8171] netlink_rcv_skb+0x15a/0x430 [ 276.532770][ T8171] ? genl_family_rcv_msg_attrs_parse.isra.0+0x250/0x250 [ 276.539761][ T8171] ? netlink_ack+0xa10/0xa10 [ 276.544391][ T8171] genl_rcv+0x24/0x40 [ 276.548395][ T8171] netlink_unicast+0x533/0x7d0 [ 276.553196][ T8171] ? netlink_attachskb+0x810/0x810 [ 276.558324][ T8171] ? _copy_from_iter_full+0x247/0x890 [ 276.563721][ T8171] ? __phys_addr+0x9a/0x110 [ 276.568279][ T8171] ? __phys_addr_symbol+0x2c/0x70 [ 276.573341][ T8171] ? __check_object_size+0x171/0x3e4 [ 276.579348][ T8171] netlink_sendmsg+0x856/0xd90 [ 276.584162][ T8171] ? netlink_unicast+0x7d0/0x7d0 [ 276.590010][ T8171] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 276.595402][ T8171] ? netlink_unicast+0x7d0/0x7d0 [ 276.600357][ T8171] sock_sendmsg+0xcf/0x120 [ 276.604801][ T8171] ____sys_sendmsg+0x6e8/0x810 [ 276.609604][ T8171] ? kernel_sendmsg+0x50/0x50 [ 276.614288][ T8171] ? do_recvmmsg+0x6d0/0x6d0 [ 276.618892][ T8171] ? lockdep_hardirqs_on_prepare+0x530/0x530 [ 276.624909][ T8171] ? lockdep_hardirqs_on_prepare+0x530/0x530 [ 276.630902][ T8171] ? mark_lock+0xbc/0x1710 [ 276.635334][ T8171] ___sys_sendmsg+0xf3/0x170 [ 276.639940][ T8171] ? sendmsg_copy_msghdr+0x160/0x160 [ 276.645242][ T8171] ? __fget_files+0x272/0x400 [ 276.649934][ T8171] ? lock_downgrade+0x830/0x830 [ 276.654794][ T8171] ? find_held_lock+0x2d/0x110 [ 276.659592][ T8171] ? __might_fault+0x11f/0x1d0 [ 276.664404][ T8171] ? __fget_files+0x294/0x400 [ 276.669098][ T8171] ? __fget_light+0xea/0x280 [ 276.673723][ T8171] __sys_sendmsg+0xe5/0x1b0 [ 276.678231][ T8171] ? __sys_sendmsg_sock+0xb0/0xb0 [ 276.683289][ T8171] ? trace_hardirqs_on+0x5f/0x220 [ 276.688325][ T8171] ? lockdep_hardirqs_on+0x76/0xf0 [ 276.693451][ T8171] do_syscall_64+0x2d/0x70 [ 276.697879][ T8171] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 276.703806][ T8171] RIP: 0033:0x45d5b9 [ 276.707713][ T8171] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 276.727355][ T8171] RSP: 002b:00007fe872a79c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 276.735799][ T8171] RAX: ffffffffffffffda RBX: 000000000002ce00 RCX: 000000000045d5b9 [ 276.743781][ T8171] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 276.751763][ T8171] RBP: 000000000118d020 R08: 0000000000000000 R09: 0000000000000000 [ 276.759748][ T8171] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cfec [ 276.767734][ T8171] R13: 00007fff45274c7f R14: 00007fe872a7a9c0 R15: 000000000118cfec [ 276.777277][ T8171] Kernel Offset: disabled [ 276.781673][ T8171] Rebooting in 86400 seconds..