[ OK ] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.255' (ECDSA) to the list of known hosts. 2020/08/02 16:41:53 fuzzer started 2020/08/02 16:41:53 dialing manager at 10.128.0.26:46491 2020/08/02 16:41:54 syscalls: 3273 2020/08/02 16:41:54 code coverage: enabled 2020/08/02 16:41:54 comparison tracing: enabled 2020/08/02 16:41:54 extra coverage: enabled 2020/08/02 16:41:54 setuid sandbox: enabled 2020/08/02 16:41:54 namespace sandbox: enabled 2020/08/02 16:41:54 Android sandbox: /sys/fs/selinux/policy does not exist 2020/08/02 16:41:54 fault injection: enabled 2020/08/02 16:41:54 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/08/02 16:41:54 net packet injection: enabled 2020/08/02 16:41:54 net device setup: enabled 2020/08/02 16:41:54 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/08/02 16:41:54 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/08/02 16:41:54 USB emulation: enabled 2020/08/02 16:41:54 hci packet injection: enabled 16:44:31 executing program 0: syzkaller login: [ 222.993169][ T6853] IPVS: ftp: loaded support on port[0] = 21 16:44:32 executing program 1: [ 223.207813][ T6853] chnl_net:caif_netlink_parms(): no params data found [ 223.315486][ T6954] IPVS: ftp: loaded support on port[0] = 21 [ 223.352525][ T6853] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.376860][ T6853] bridge0: port 1(bridge_slave_0) entered disabled state [ 223.385464][ T6853] device bridge_slave_0 entered promiscuous mode [ 223.400457][ T6853] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.408789][ T6853] bridge0: port 2(bridge_slave_1) entered disabled state [ 223.417736][ T6853] device bridge_slave_1 entered promiscuous mode 16:44:32 executing program 2: [ 223.463750][ T6853] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 223.478697][ T6853] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 223.541924][ T6853] team0: Port device team_slave_0 added [ 223.560676][ T6853] team0: Port device team_slave_1 added [ 223.626474][ T6853] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 223.648246][ T6853] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 223.707922][ T6853] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 223.733999][ T6853] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 223.757679][ T6853] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 223.797873][ T6853] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active 16:44:32 executing program 3: [ 223.900610][ T6853] device hsr_slave_0 entered promiscuous mode [ 223.987150][ T6853] device hsr_slave_1 entered promiscuous mode [ 224.062014][ T7033] IPVS: ftp: loaded support on port[0] = 21 [ 224.080967][ T7049] IPVS: ftp: loaded support on port[0] = 21 [ 224.206488][ T6954] chnl_net:caif_netlink_parms(): no params data found 16:44:33 executing program 4: [ 224.569075][ T6954] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.576234][ T6954] bridge0: port 1(bridge_slave_0) entered disabled state [ 224.588190][ T6954] device bridge_slave_0 entered promiscuous mode [ 224.674072][ T6954] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.681376][ T6954] bridge0: port 2(bridge_slave_1) entered disabled state [ 224.692095][ T6954] device bridge_slave_1 entered promiscuous mode [ 224.728018][ T7223] IPVS: ftp: loaded support on port[0] = 21 [ 224.763940][ T6954] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 224.775398][ T7033] chnl_net:caif_netlink_parms(): no params data found [ 224.788411][ T6853] netdevsim netdevsim0 netdevsim0: renamed from eth0 16:44:33 executing program 5: [ 224.866327][ T6954] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 224.893569][ T6853] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 224.952449][ T6853] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 225.021529][ T6853] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 225.097590][ T7049] chnl_net:caif_netlink_parms(): no params data found [ 225.152657][ T6954] team0: Port device team_slave_0 added [ 225.181967][ T6954] team0: Port device team_slave_1 added [ 225.215802][ T6954] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 225.224199][ T6954] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 225.251059][ T6954] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 225.290638][ T7404] IPVS: ftp: loaded support on port[0] = 21 [ 225.324782][ T6954] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 225.332751][ T6954] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 225.359322][ T6954] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 225.411184][ T7033] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.419967][ T7033] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.429611][ T7033] device bridge_slave_0 entered promiscuous mode [ 225.459090][ T7033] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.466249][ T7033] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.478438][ T7033] device bridge_slave_1 entered promiscuous mode [ 225.524383][ T7049] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.537803][ T7049] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.545653][ T7049] device bridge_slave_0 entered promiscuous mode [ 225.567153][ T7033] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 225.609466][ T6954] device hsr_slave_0 entered promiscuous mode [ 225.647609][ T6954] device hsr_slave_1 entered promiscuous mode [ 225.696905][ T6954] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 225.704798][ T6954] Cannot create hsr debugfs directory [ 225.715146][ T7049] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.723558][ T7049] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.734326][ T7049] device bridge_slave_1 entered promiscuous mode [ 225.752629][ T7033] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 225.825809][ T7049] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 225.840959][ T7049] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 225.877977][ T7033] team0: Port device team_slave_0 added [ 225.917269][ T7033] team0: Port device team_slave_1 added [ 225.950989][ T7049] team0: Port device team_slave_0 added [ 225.993679][ T7033] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 226.001039][ T7033] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 226.027834][ T7033] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 226.065177][ T7049] team0: Port device team_slave_1 added [ 226.092522][ T7033] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 226.099675][ T7033] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 226.129844][ T7033] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 226.219391][ T7223] chnl_net:caif_netlink_parms(): no params data found [ 226.233197][ T7049] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 226.240614][ T7049] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 226.270072][ T7049] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 226.285348][ T7049] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 226.294178][ T7049] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 226.321222][ T7049] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 226.390410][ T7033] device hsr_slave_0 entered promiscuous mode [ 226.437569][ T7033] device hsr_slave_1 entered promiscuous mode [ 226.496843][ T7033] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 226.504483][ T7033] Cannot create hsr debugfs directory [ 226.694605][ T7404] chnl_net:caif_netlink_parms(): no params data found [ 226.782921][ T7049] device hsr_slave_0 entered promiscuous mode [ 226.827320][ T7049] device hsr_slave_1 entered promiscuous mode [ 226.866919][ T7049] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 226.866982][ T7049] Cannot create hsr debugfs directory [ 226.904407][ T6954] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 226.942585][ T6954] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 226.997308][ T6954] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 227.083944][ T6954] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 227.119397][ T7223] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.127787][ T7223] bridge0: port 1(bridge_slave_0) entered disabled state [ 227.135632][ T7223] device bridge_slave_0 entered promiscuous mode [ 227.187973][ T6853] 8021q: adding VLAN 0 to HW filter on device bond0 [ 227.195171][ T7223] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.203629][ T7223] bridge0: port 2(bridge_slave_1) entered disabled state [ 227.213018][ T7223] device bridge_slave_1 entered promiscuous mode [ 227.306376][ T6853] 8021q: adding VLAN 0 to HW filter on device team0 [ 227.341387][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 227.351953][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 227.390399][ T7223] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 227.407501][ T7223] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 227.466221][ T7033] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 227.540487][ T7404] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.551176][ T7404] bridge0: port 1(bridge_slave_0) entered disabled state [ 227.562604][ T7404] device bridge_slave_0 entered promiscuous mode [ 227.575401][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 227.587293][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 227.597582][ T2675] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.607210][ T2675] bridge0: port 1(bridge_slave_0) entered forwarding state [ 227.624232][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 227.633522][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 227.644319][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 227.656311][ T2675] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.664349][ T2675] bridge0: port 2(bridge_slave_1) entered forwarding state [ 227.679138][ T7033] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 227.730598][ T7404] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.743658][ T7404] bridge0: port 2(bridge_slave_1) entered disabled state [ 227.753759][ T7404] device bridge_slave_1 entered promiscuous mode [ 227.767708][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 227.782980][ T7223] team0: Port device team_slave_0 added [ 227.805700][ T7223] team0: Port device team_slave_1 added [ 227.825161][ T7033] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 227.918019][ T7033] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 227.964804][ T7404] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 227.992370][ T7223] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 228.002200][ T7223] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 228.032552][ T7223] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 228.057536][ T7404] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 228.073421][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 228.099013][ T7223] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 228.110799][ T7223] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 228.143550][ T7223] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 228.211968][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 228.223430][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 228.254715][ T7404] team0: Port device team_slave_0 added [ 228.263093][ T7049] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 228.341392][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 228.356129][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 228.367129][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 228.376355][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 228.390071][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 228.402108][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 228.413238][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 228.432779][ T6853] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 228.445285][ T7404] team0: Port device team_slave_1 added [ 228.454419][ T7049] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 228.560389][ T7223] device hsr_slave_0 entered promiscuous mode [ 228.620680][ T7223] device hsr_slave_1 entered promiscuous mode [ 228.666850][ T7223] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 228.676162][ T7223] Cannot create hsr debugfs directory [ 228.708743][ T7049] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 228.769424][ T7404] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 228.781791][ T7404] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 228.814138][ T7404] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 228.865512][ T7049] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 228.948983][ T6954] 8021q: adding VLAN 0 to HW filter on device bond0 [ 228.961834][ T7404] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 228.971634][ T7404] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 229.003422][ T7404] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 229.152263][ T7404] device hsr_slave_0 entered promiscuous mode [ 229.197459][ T7404] device hsr_slave_1 entered promiscuous mode [ 229.236752][ T7404] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 229.244703][ T7404] Cannot create hsr debugfs directory [ 229.254464][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 229.263331][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 229.285805][ T6954] 8021q: adding VLAN 0 to HW filter on device team0 [ 229.332404][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 229.345155][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 229.396169][ T6853] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 229.417817][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 229.428585][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 229.441067][ T2574] bridge0: port 1(bridge_slave_0) entered blocking state [ 229.451035][ T2574] bridge0: port 1(bridge_slave_0) entered forwarding state [ 229.460051][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 229.469155][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 229.478667][ T2574] bridge0: port 2(bridge_slave_1) entered blocking state [ 229.486653][ T2574] bridge0: port 2(bridge_slave_1) entered forwarding state [ 229.573561][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 229.583881][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 229.618551][ T7223] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 229.673531][ T7223] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 229.719328][ T7223] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 229.789355][ T7223] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 229.840471][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 229.853574][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 229.863861][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 229.875360][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 229.886569][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 229.897281][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 229.908157][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 229.924504][ T6954] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 229.943241][ T6954] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 229.974046][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 229.987623][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 230.001573][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 230.012694][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 230.024809][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 230.139864][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 230.152903][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 230.164891][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 230.177212][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 230.209554][ T6853] device veth0_vlan entered promiscuous mode [ 230.223461][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 230.232819][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 230.249369][ T6954] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 230.279992][ T7033] 8021q: adding VLAN 0 to HW filter on device bond0 [ 230.332418][ T6853] device veth1_vlan entered promiscuous mode [ 230.359415][ T7049] 8021q: adding VLAN 0 to HW filter on device bond0 [ 230.418245][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 230.442476][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 230.458085][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 230.469182][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 230.507554][ T7033] 8021q: adding VLAN 0 to HW filter on device team0 [ 230.526147][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 230.538519][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 230.551308][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 230.561610][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 230.592262][ T7049] 8021q: adding VLAN 0 to HW filter on device team0 [ 230.634842][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 230.651107][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 230.660892][ T7705] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.669999][ T7705] bridge0: port 1(bridge_slave_0) entered forwarding state [ 230.693205][ T7404] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 230.749480][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 230.758240][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 230.769525][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 230.779668][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 230.795968][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 230.814302][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 230.830808][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 230.842647][ T7705] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.850677][ T7705] bridge0: port 2(bridge_slave_1) entered forwarding state [ 230.865761][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 230.875492][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 230.884894][ T7705] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.892828][ T7705] bridge0: port 1(bridge_slave_0) entered forwarding state [ 230.904026][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 230.912882][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 230.924281][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 230.939936][ T6853] device veth0_macvtap entered promiscuous mode [ 230.955319][ T6954] device veth0_vlan entered promiscuous mode [ 230.971762][ T7404] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 231.050284][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 231.062026][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 231.073271][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 231.083515][ T7478] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.091470][ T7478] bridge0: port 2(bridge_slave_1) entered forwarding state [ 231.100834][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 231.111996][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 231.121953][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 231.131883][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 231.143971][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 231.167255][ T7223] 8021q: adding VLAN 0 to HW filter on device bond0 [ 231.175013][ T7404] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 231.213620][ T7404] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 231.272937][ T6853] device veth1_macvtap entered promiscuous mode [ 231.291324][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 231.303473][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 231.313612][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 231.351372][ T6954] device veth1_vlan entered promiscuous mode [ 231.379660][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 231.390460][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 231.401932][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 231.412629][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 231.442773][ T7033] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 231.476124][ T6853] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 231.495793][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 231.508497][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 231.518302][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 231.530065][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 231.540168][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 231.585706][ T6853] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 231.600078][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 231.610335][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 231.621556][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 231.630927][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 231.641971][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 231.654248][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 231.669954][ T7223] 8021q: adding VLAN 0 to HW filter on device team0 [ 231.700980][ T6853] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.713696][ T6853] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.723415][ T6853] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.733532][ T6853] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.756718][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 231.767828][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 231.781559][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 231.791109][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 231.814481][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 231.826862][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 231.836221][ T7478] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.846030][ T7478] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.863212][ T7049] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 231.877425][ T7049] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 231.893948][ T7033] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 231.913307][ T6954] device veth0_macvtap entered promiscuous mode [ 231.928393][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 231.938259][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 231.950791][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 231.961207][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 231.972216][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 231.982154][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 231.993140][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 232.005527][ T2574] bridge0: port 2(bridge_slave_1) entered blocking state [ 232.016290][ T2574] bridge0: port 2(bridge_slave_1) entered forwarding state [ 232.101731][ T6954] device veth1_macvtap entered promiscuous mode [ 232.115780][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 232.125661][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 232.142193][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 232.248792][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 232.262983][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 232.275327][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 232.286417][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 232.296868][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 232.310526][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 232.321635][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 232.333672][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 232.445419][ T7223] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 232.464298][ T7223] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 232.481090][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 232.490638][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 232.505127][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 232.515858][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 232.532050][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 232.552689][ T7033] device veth0_vlan entered promiscuous mode [ 232.579363][ T7049] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 232.593847][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 232.604603][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 232.617531][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 232.627327][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 232.673924][ T6954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 232.689055][ T6954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.704745][ T6954] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 232.738574][ T8065] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 232.752295][ T8065] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 232.764567][ T8065] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 232.774339][ T8065] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 232.785486][ T8065] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 232.796282][ T8065] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 232.820721][ T6954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 232.837504][ T6954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 232.854679][ T6954] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 232.867948][ T7223] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 232.880419][ T7033] device veth1_vlan entered promiscuous mode [ 232.901654][ T8065] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 232.912379][ T8065] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 232.924402][ T8065] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 232.953486][ T6954] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.966960][ T6954] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.975709][ T6954] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.985090][ T6954] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.015301][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 233.029536][ T7404] 8021q: adding VLAN 0 to HW filter on device bond0 [ 233.113609][ T7404] 8021q: adding VLAN 0 to HW filter on device team0 [ 233.123527][ T7049] device veth0_vlan entered promiscuous mode [ 233.133356][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 233.143116][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 233.152685][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 233.162047][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 233.241306][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! [ 233.301306][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 233.315122][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 233.323780][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 233.333315][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 233.348776][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 233.362682][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 233.372361][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 233.379523][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 233.389002][ T7049] device veth1_vlan entered promiscuous mode [ 233.399547][ T7033] device veth0_macvtap entered promiscuous mode [ 233.431546][ T8065] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 233.440147][ T8065] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 233.449508][ T8065] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 233.458271][ T8065] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 233.467626][ T8065] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 233.476177][ T8065] bridge0: port 2(bridge_slave_1) entered blocking state [ 233.483390][ T8065] bridge0: port 2(bridge_slave_1) entered forwarding state [ 233.500869][ T7033] device veth1_macvtap entered promiscuous mode [ 233.539498][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 233.557640][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 233.587300][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 233.606882][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 233.618726][ T7705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 233.671682][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 16:44:42 executing program 0: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting}}, 0x8) [ 233.870438][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 233.890466][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 233.925480][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 233.948049][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 233.964834][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready 16:44:42 executing program 0: syz_emit_vhci(&(0x7f00000005c0)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0xb}, @hci_ev_le_remote_conn_param_req={{}, {0xc8, 0x8, 0x3ff}}}}, 0xe) [ 233.975537][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 233.991257][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 234.002980][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 234.021064][ T7033] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 16:44:43 executing program 0: syz_emit_vhci(&(0x7f0000001500)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x22}, @hci_rp_read_local_amp_info={{}, {0x2}}}}, 0x25) [ 234.082829][ T7033] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.093684][ T7033] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 234.110518][ T7033] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.126361][ T7033] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 234.149208][ T7223] device veth0_vlan entered promiscuous mode 16:44:43 executing program 0: syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0xa}, @hci_rp_pin_code_neg_reply={{0x4b}}}}, 0xd) [ 234.190478][ T8065] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 234.202831][ T8065] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 234.215407][ T8065] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 234.226221][ T8065] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 234.237476][ T8065] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 234.248392][ T8065] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 234.257819][ T8065] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 234.267970][ T8065] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 234.291434][ T8065] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 234.331553][ T7033] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 16:44:43 executing program 0: syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="0c62a83cd16adf29bbf56452399a59b9850c6ed900000000000000b9f110039ef2bbeb595a262a4fd96161a0424616fc0f6f35a3e78ba9d0ccf97e8634195e8fedf3e9590a595a59e53da73d0b5e9308018f53281fa2c247c0cc01558af2963b6c94f0a7e9da92736567b7972755a61704c8995183b5cbdb8e2163936713433105b2060b02f01222a2d426cefd032f6deff5de330fb27495ee"], 0x4) syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) syz_emit_vhci(&(0x7f0000000400)=ANY=[], 0x28e) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_auth_complete={{0x6, 0x3}, {0x9}}}, 0x6) [ 234.354670][ T7033] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.372589][ T7033] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 234.390592][ T7033] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.405792][ T7033] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 234.444803][ T7049] device veth0_macvtap entered promiscuous mode [ 234.465992][ T7223] device veth1_vlan entered promiscuous mode [ 234.482517][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 234.497781][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 234.511846][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 234.524299][ T7404] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 234.538685][ T7033] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.549123][ T7033] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 16:44:43 executing program 0: syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_page_scan_type}}, 0x8) [ 234.560654][ T7033] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.569911][ T7033] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.590593][ T7049] device veth1_macvtap entered promiscuous mode 16:44:43 executing program 1: syz_emit_vhci(&(0x7f0000000680)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_request={{0x31, 0x6}, {@none}}}, 0x9) 16:44:43 executing program 0: syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x1f}, @hci_ev_le_enh_conn_complete={{}, {0x7, 0xc8, 0x0, 0x0, @any, @fixed, @none}}}}, 0x22) syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_request={{0x31, 0x6}, {@none}}}, 0x9) [ 234.744778][ T7049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 234.779491][ T7049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.795431][ T7049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 234.807604][ T7049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.818225][ T7049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 234.829087][ T7049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.841757][ T7049] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 234.899602][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 234.907425][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 234.915002][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 234.925982][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 234.962907][ T7049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 234.999089][ T7049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.011941][ T7049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 235.023128][ T7049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.033766][ T7049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 235.045310][ T7049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.058170][ T7049] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 235.126111][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 235.137348][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 235.147510][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 235.158720][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 235.171213][ T7404] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 235.200878][ T7049] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.266886][ T7049] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.275660][ T7049] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.313806][ T7049] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.338311][ T7223] device veth0_macvtap entered promiscuous mode [ 235.361557][ T7223] device veth1_macvtap entered promiscuous mode [ 235.518158][ T7223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 235.528846][ T7223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.539686][ T7223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 235.551656][ T7223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.562372][ T7223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 235.573629][ T7223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.584201][ T7223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 235.595698][ T7223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.608949][ T7223] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 235.649776][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 235.659500][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 235.678287][ T7223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 235.690481][ T7223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.701732][ T7223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 235.712910][ T7223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.724031][ T7223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 235.735252][ T7223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.745765][ T7223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 235.757095][ T7223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.769793][ T7223] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 235.784588][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 235.795559][ T2574] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 235.816137][ T7223] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.825431][ T7223] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.834817][ T7223] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.843686][ T7223] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.867316][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 235.881462][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 235.959086][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 235.968462][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 235.981327][ T7404] device veth0_vlan entered promiscuous mode [ 235.989416][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 235.999116][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 236.059999][ T7404] device veth1_vlan entered promiscuous mode 16:44:45 executing program 2: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x0, 0x0, 0x41b}}}, 0x7) [ 236.247039][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 236.255503][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 236.271591][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 236.283165][ T2675] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 236.304505][ T7404] device veth0_macvtap entered promiscuous mode [ 236.319228][ T7404] device veth1_macvtap entered promiscuous mode [ 236.425919][ T7404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 236.439798][ T2574] Bluetooth: hci1: command 0x0409 tx timeout [ 236.451430][ T7404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.463103][ T7404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 236.485576][ T7404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.496299][ T7404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 236.507894][ T7404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.518934][ T7404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 236.530362][ T7404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.541130][ T7404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 236.552537][ T7404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.568476][ T7404] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 236.602097][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 236.610451][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 236.620289][ T7478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 236.643797][ T7404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 236.654565][ T7404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.670533][ T7404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 236.689749][ T7404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.704904][ T7404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 236.717711][ T7404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.730523][ T7404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 16:44:45 executing program 3: syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e13033f"], 0x16) [ 236.796488][ T7404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.834001][ T7404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 236.847556][ T7404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.860215][ T7404] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 236.877172][ T8116] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 236.886184][ T8116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 236.903044][ T7404] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.950708][ T7404] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.978704][ T7404] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.996257][ T7404] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 237.078303][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! 16:44:46 executing program 4: syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, '@'}, 0x2) syz_emit_vhci(&(0x7f00000001c0)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_complete={{0x3, 0xb}, {0x0, 0xc8, @any, 0x1}}}, 0xe) syz_emit_vhci(&(0x7f0000000240)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@any, "1af8c4", 0x2}}}, 0xd) [ 237.305045][ T8122] Bluetooth: hci4: SCO packet for unknown connection handle 64 [ 237.315351][ T1545] Bluetooth: hci4: SCO packet for unknown connection handle 64 16:44:47 executing program 5: syz_emit_vhci(&(0x7f0000001480)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x8}, @hci_rp_read_page_scan_activity}}, 0xb) 16:44:47 executing program 1: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0xc}, @hci_rp_read_local_features={{}, {0x0, "000a203f50bcf9da"}}}}, 0xf) 16:44:47 executing program 0: syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e058d122007"], 0x8) 16:44:47 executing program 2: syz_emit_vhci(&(0x7f0000001840)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x0, 0x0, 0x2019}}}, 0x7) 16:44:47 executing program 3: syz_emit_vhci(&(0x7f0000001140)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_features={{0xb, 0xb}, {0xff, 0xc8, "ba1aadfd7e5f1bea"}}}, 0xe) 16:44:47 executing program 4: syz_emit_vhci(&(0x7f00000025c0)=ANY=[@ANYBLOB="043e0b06c82a"], 0xe) 16:44:47 executing program 4: syz_emit_vhci(&(0x7f00000029c0)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_le_read_white_list_size}}, 0x8) 16:44:47 executing program 3: syz_emit_vhci(&(0x7f00000009c0)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_features={{0xb, 0xb}, {0x0, 0xc8, "b445dfc679fdaf72"}}}, 0xe) 16:44:47 executing program 1: syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x2c) 16:44:47 executing program 5: syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x1d}, {0x2, [{@any, 0x0, 0x0, "e76a9e"}, {@fixed, 0x0, 0x0, "d8fff6"}]}}}, 0x20) syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_name={{0x7, 0xff}, {0x0, @none, "127b9370e665594f9acc8dbf466d576cba76bf378e3ea552e1c920fdad546ce2fd7a4d6b5eac8eb269dd6bafb0fcc4500a724f39ba1e106b3d01a31c11d8ae7fed9bdc26bb1100fea5c16899f089b3576710774e4fcc871fe94c032fb86fbdf2c8d6dca065a1e53803c87cfe3cfa9b00fa7c74bc7c2253ff79a61f496cdb92354d3ff97153189ac4a0e42b04d2533541c4cd7871c6f1abcf3a5aea51c7aac7ccbe6cb7c8d9bffa5b20633d97752026c36d0f62051dd7fa6a0a108e730664e04f1a1e4cae8c2995759bfd06fd3a33ebbb23d55dae786f557f284ceb84a0d8273996771de152d0a4cd67b431c37edd2e43c214d46b04b6360d"}}}, 0x102) syz_emit_vhci(&(0x7f0000000500)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x1d}, @hci_evt_le_cis_established={{}, {0x0, 0xc8, "0eefad", "c3e4e7", "3ff54d", "c5a701"}}}}, 0x20) 16:44:47 executing program 0: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0xc9, 0x7f, 0x401}}}, 0x7) 16:44:47 executing program 2: syz_emit_vhci(&(0x7f00000001c0)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_logical_link_complete={{0x46, 0x4}}}, 0x7) 16:44:47 executing program 3: syz_emit_vhci(&(0x7f0000000380)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x1a}, @hci_ev_le_ext_adv_report={{}, {0x1, [{0x15, 0x0, @none, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @none}]}}}}, 0x1d) 16:44:47 executing program 4: syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_disconn_req={{0x6, 0x3, 0x4}}, @l2cap_move_chan_req={{0xe, 0x1, 0x3}}, @l2cap_create_chan_req={{0xc, 0x7, 0x5}}]}}, 0x21) 16:44:47 executing program 1: syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, '@'}, 0x2) syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x1, 0x2c1}, @l2cap_cid_signaling={{0x2bd}, [@l2cap_conf_req={{0x4, 0x38, 0x2b1}, {0x1ff, 0xa2e, [{0x3c, 0xaf, "999a629bd4d3f6d6c4a1e03f8e8d20a9e664d594cf3f14be938957f20be5cd69d8eeb32ed9271ac9c6b36544b178888bfb4cff749e1133d3ae2e855009cb5db8b520d80ccc7653682952916763cb867ff2781fb14980df86c2c09383c275c138c272fc044d2576d7a230a1503133be5a0215c2f9ff1365eeb9a1a8b23d84f80ba761d2dff915a0c4dd8078d3c533c981425c1cbdfea37ce45f0161173938c44a65a8ae50a852df8cc88129451f4cdd"}, {0xf8, 0xf8, "df814d2ec59ddbcf5dffc420e3a957b8e4422449407e41d0cd62dd0848894ad01a3b0b4e0cec3c8113d8b4b1894a134dc0795db18859d3865fdcce332b8c0ef0c4ca649278edcf343a2949944d8892d2002d7dc86d0bc36a70ecfa1bf38acfcf42d14b0844611295a60376876943275af5fc314bcbad7b3d67c7820fddcac3e9122f3fcacd393f8b2b83eba4c4294ee4cd15d348244018f9c350c07fe3eb59585cae2837de91779a4fd283801c2fa8688afa0aa0bd06fa040e1bd3e1b36033ba5cafa69ae93a2085dab7fdc631285c6093e290ebb1510711f51092cf62ab2927c7ed8c487ad1e0cffd308fcf4f4cb035f6556f0cfbc8e077"}, {0x7d, 0xf, "152efd72bfd5e3449e213ef198e1a1"}, {0x3f, 0xb9, "4297dcff09369ff99c6cfa28624188d5f3979fd4693acfc0cd7a5e173067d62d33523aed6788cb8fafd2928efae2eb26fb13a2650a4efb225217da2674170be38c85310489ac65bd5d328ce3d0a09cdf91cb3572dbe29c52ab374101cb92a228a57aec694c1ed7f25814563e7c6feed7b0e680d87959d924929f79e5aede725fb2ee4162a4aec1ec73c59a1a953d5d17a85dea231bb7bf502f214f08776d1f984435375814ec6fbd271d846292c8ecc86de70986108c874e84"}, {0x40, 0x10, "d503fd3bcf398f344110153bba1c65c9"}, {0x8, 0x22, "7d90f13f1db0dd9c674eefa8af8099cc90bcb915038fbe3da1afb81bf0f50a217c72"}]}}, @l2cap_disconn_req={{0x6, 0x9, 0x4}, {0x1f1, 0x7}}]}}, 0x2c6) syz_emit_vhci(&(0x7f00000001c0)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_complete={{0x3, 0xb}, {0x0, 0xc8, @any, 0x1}}}, 0xe) syz_emit_vhci(&(0x7f0000000240)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@any, "1af8c4", 0x2}}}, 0xd) 16:44:47 executing program 0: syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_host_features={{0x3d, 0xe}, {@none, "c5bf3a4c230ab3fb"}}}, 0x11) syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}}}, 0x7) syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @hci_ev_si_device={{0x1, 0x4}}}, 0x7) syz_emit_vhci(&(0x7f0000000700)=@HCI_EVENT_PKT={0x4, @hci_ev_auth_complete={{0x6, 0x3}}}, 0x6) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_phy_link_complete={{0x40, 0x2}}}, 0x5) 16:44:47 executing program 2: syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_le_read_adv_tx_power}}, 0x8) 16:44:47 executing program 5: syz_emit_vhci(&(0x7f0000000700)=@HCI_EVENT_PKT={0x4, @hci_ev_auth_complete={{0x6, 0x3}}}, 0x6) [ 238.756925][ T7705] Bluetooth: hci3: command 0x0409 tx timeout [ 238.839103][ T1545] Bluetooth: Wrong link type (-22) [ 238.844366][ T1545] Bluetooth: Wrong link type (-22) [ 238.849835][ T1545] Bluetooth: Wrong link type (-22) [ 238.855000][ T1545] Bluetooth: Wrong link type (-22) 16:44:47 executing program 3: syz_emit_vhci(&(0x7f00000002c0)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_host_features={{0x3d, 0xe}, {@none, "d84768bf21e4da9c"}}}, 0x11) syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) syz_emit_vhci(&(0x7f0000000980)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x0, 0xc8, 0x9}}}, 0x9) [ 238.883688][ T1545] Bluetooth: hci1: SCO packet for unknown connection handle 64 [ 238.891962][ T1545] Bluetooth: hci1: SCO packet for unknown connection handle 64 [ 238.920745][ T8122] general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] PREEMPT SMP KASAN [ 238.932521][ T8122] KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017] [ 238.949290][ T8122] CPU: 0 PID: 8122 Comm: kworker/u5:2 Not tainted 5.8.0-rc7-next-20200731-syzkaller #0 [ 238.958935][ T8122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 238.969096][ T8122] Workqueue: hci0 hci_rx_work [ 238.973875][ T8122] RIP: 0010:hci_phy_link_complete_evt.isra.0+0x23e/0x790 [ 238.980926][ T8122] Code: 48 c1 ea 03 80 3c 02 00 0f 85 3e 05 00 00 48 8b 9d 30 09 00 00 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 10 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 da 04 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b [ 239.000551][ T8122] RSP: 0018:ffffc90016b2fa38 EFLAGS: 00010202 [ 239.006641][ T8122] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff8722a583 [ 239.014626][ T8122] RDX: 0000000000000002 RSI: ffffffff8722a590 RDI: 0000000000000010 [ 239.022618][ T8122] RBP: ffff8880a1442000 R08: 0000000000000001 R09: ffff88804cc6ad08 [ 239.030611][ T8122] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 239.038605][ T8122] R13: ffff88804d339138 R14: ffff8880a7accc0b R15: 00000000000000c8 [ 239.047468][ T8122] FS: 0000000000000000(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000 [ 239.056415][ T8122] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.063030][ T8122] CR2: 0000000000768000 CR3: 000000009136d000 CR4: 00000000001506f0 [ 239.071048][ T8122] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 239.079823][ T8122] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 239.087800][ T8122] Call Trace: [ 239.091109][ T8122] hci_event_packet+0x4696/0x87a8 [ 239.096141][ T8122] ? lockdep_hardirqs_on_prepare+0x530/0x530 [ 239.102124][ T8122] ? __lock_acquire+0x16cb/0x5640 [ 239.107156][ T8122] ? hci_cmd_complete_evt+0xc6d0/0xc6d0 [ 239.112719][ T8122] ? lock_acquire+0x1f1/0xad0 [ 239.117506][ T8122] ? skb_dequeue+0x1c/0x180 [ 239.122023][ T8122] ? find_held_lock+0x2d/0x110 [ 239.126798][ T8122] ? mark_lock+0xbc/0x1710 [ 239.131267][ T8122] ? mark_held_locks+0x9f/0xe0 [ 239.136118][ T8122] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 239.142559][ T8122] ? lockdep_hardirqs_on_prepare+0x354/0x530 [ 239.148561][ T8122] ? trace_hardirqs_on+0x5f/0x220 [ 239.153684][ T8122] ? lockdep_hardirqs_on+0x76/0xf0 [ 239.158813][ T8122] hci_rx_work+0x22e/0xb50 [ 239.163242][ T8122] process_one_work+0x94c/0x1670 [ 239.168202][ T8122] ? lock_release+0x8e0/0x8e0 [ 239.172905][ T8122] ? pwq_dec_nr_in_flight+0x2d0/0x2d0 [ 239.178387][ T8122] ? rwlock_bug.part.0+0x90/0x90 [ 239.183350][ T8122] ? lockdep_hardirqs_off+0x7e/0xb0 [ 239.188575][ T8122] worker_thread+0x64c/0x1120 [ 239.193278][ T8122] ? __kthread_parkme+0x13f/0x1e0 [ 239.198350][ T8122] ? process_one_work+0x1670/0x1670 [ 239.203567][ T8122] kthread+0x3b5/0x4a0 [ 239.207692][ T8122] ? __kthread_bind_mask+0xc0/0xc0 [ 239.212831][ T8122] ? __kthread_bind_mask+0xc0/0xc0 [ 239.217983][ T8122] ret_from_fork+0x1f/0x30 [ 239.222411][ T8122] Modules linked in: 16:44:48 executing program 4: syz_emit_vhci(&(0x7f00000025c0)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0xb}, @hci_ev_le_remote_conn_param_req={{}, {0xc8, 0x81, 0xfff}}}}, 0xe) 16:44:48 executing program 5: syz_emit_vhci(&(0x7f00000025c0)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0xb}, @hci_ev_le_remote_conn_param_req}}, 0xe) 16:44:48 executing program 2: syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x32, 0x0, 0x428}}}, 0x7) [ 239.255559][ T8122] ---[ end trace 04e4ecef80aee531 ]--- [ 239.261188][ T8122] RIP: 0010:hci_phy_link_complete_evt.isra.0+0x23e/0x790 [ 239.268755][ T8122] Code: 48 c1 ea 03 80 3c 02 00 0f 85 3e 05 00 00 48 8b 9d 30 09 00 00 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 10 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 da 04 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b [ 239.288814][ T8122] RSP: 0018:ffffc90016b2fa38 EFLAGS: 00010202 [ 239.294935][ T8122] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff8722a583 [ 239.305748][ T8122] RDX: 0000000000000002 RSI: ffffffff8722a590 RDI: 0000000000000010 [ 239.313916][ T8122] RBP: ffff8880a1442000 R08: 0000000000000001 R09: ffff88804cc6ad08 [ 239.323041][ T8122] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 239.331192][ T8122] R13: ffff88804d339138 R14: ffff8880a7accc0b R15: 00000000000000c8 [ 239.339376][ T8122] FS: 0000000000000000(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000 [ 239.348427][ T8122] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 16:44:48 executing program 1: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_req={{0x34, 0x6}, {@none}}}, 0x9) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0xe}, @hci_rp_read_local_ext_features={{0x5}, {0x2, 0x5, 0xa9, "ac24c649d5f448db"}}}}, 0x11) syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_notify={{0x18, 0x17}, {@none, "e3fcf31b6d7d6c4f77a4661444db7dbe", 0x6}}}, 0x1a) syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, "4aab17a8304219772a31ccc97f000e219baaf4c02ab3a5e0ca65bfba8bdba22cfc00e3048327bd6231bd44676491996c35e03de11727a93533935a5d2ec244450bbdc33bd79a3976c53763cad663da3903a8a60eb06b836f84c93e7013b5a4d62bbfd8741440226d2b4691e1d40cb1a8fad38bee68b655e429311d077da762219d25b0979786aa6e535e3e13a08a4bde83720916b6fef11dbab1ca30423bf10a59e6a27509c1663f5e5865ff5e37aae9b7430a08d95606152697ca6f"}, 0xbd) syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_delete_stored_link_key={{0xd0}, {0x6, 0x1}}}}, 0x8) [ 239.355028][ T8122] CR2: 000000c0115d62b0 CR3: 0000000091e34000 CR4: 00000000001506f0 [ 239.364890][ T8122] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 239.373421][ T8122] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 239.381542][ T8122] Kernel panic - not syncing: Fatal exception [ 239.388714][ T8122] Kernel Offset: disabled [ 239.393047][ T8122] Rebooting in 86400 seconds..