Warning: Permanently added '[localhost]:63490' (ED25519) to the list of known hosts.
2024/08/29 00:47:54 ignoring optional flag "sandboxArg"="0"
2024/08/29 00:47:54 parsed 1 programs
[   90.261399][   T39] audit: type=1400 audit(1724892474.678:132): avc:  denied  { getattr } for  pid=5453 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   90.270282][   T39] audit: type=1400 audit(1724892474.678:133): avc:  denied  { read } for  pid=5453 comm="syz-execprog" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   90.294762][   T39] audit: type=1400 audit(1724892474.678:134): avc:  denied  { open } for  pid=5453 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   90.364290][   T39] audit: type=1400 audit(1724892474.788:135): avc:  denied  { unlink } for  pid=5459 comm="syz-executor" name="swap-file" dev="sda1" ino=1931 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   92.077087][ T5459] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
2024/08/29 00:47:56 executed programs: 0
[   92.134993][ T5350] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   92.139203][ T5350] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   92.148576][ T5350] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   92.154427][ T5350] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   92.159179][ T5350] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   92.174896][ T5350] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   92.208721][   T39] audit: type=1400 audit(1724892476.628:136): avc:  denied  { mounton } for  pid=5465 comm="syz-executor.0" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   92.407261][ T5465] chnl_net:caif_netlink_parms(): no params data found
[   92.542900][ T5465] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.545758][ T5465] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.548635][ T5465] bridge_slave_0: entered allmulticast mode
[   92.551959][ T5465] bridge_slave_0: entered promiscuous mode
[   92.556468][ T5465] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.559766][ T5465] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.563472][ T5465] bridge_slave_1: entered allmulticast mode
[   92.567336][ T5465] bridge_slave_1: entered promiscuous mode
[   92.633204][ T5465] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.640264][ T5465] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.713687][ T5465] team0: Port device team_slave_0 added
[   92.723150][ T5465] team0: Port device team_slave_1 added
[   92.798779][ T5465] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.812392][ T5465] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.828532][ T5465] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.834835][ T5465] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.837715][ T5465] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.851365][   T58] cfg80211: failed to load regulatory.db
[   92.851386][ T5465] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.935396][ T5465] hsr_slave_0: entered promiscuous mode
[   92.940927][ T5465] hsr_slave_1: entered promiscuous mode
[   93.891974][ T5465] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   93.906921][ T5465] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   93.917964][ T5465] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   93.927692][ T5465] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   94.059856][ T5465] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.081006][ T5465] 8021q: adding VLAN 0 to HW filter on device team0
[   94.091564][ T1211] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.094869][ T1211] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.116474][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.119865][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.204216][ T5350] Bluetooth: hci0: command tx timeout
[   94.280988][ T5465] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.328890][ T5465] veth0_vlan: entered promiscuous mode
[   94.337384][ T5465] veth1_vlan: entered promiscuous mode
[   94.370262][ T5465] veth0_macvtap: entered promiscuous mode
[   94.377855][ T5465] veth1_macvtap: entered promiscuous mode
[   94.395140][ T5465] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.407112][ T5465] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.418026][ T5465] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.422120][ T5465] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.425621][ T5465] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.429542][ T5465] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.498067][  T484] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.503188][  T484] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.527571][  T484] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.531938][  T484] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.594913][ T5524] netlink: 244 bytes leftover after parsing attributes in process `syz-executor.0'.
[   94.597746][   T39] audit: type=1400 audit(1724892479.018:137): avc:  denied  { create } for  pid=5522 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   94.646600][   T39] audit: type=1400 audit(1724892479.018:138): avc:  denied  { bind } for  pid=5522 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   94.671640][   T39] audit: type=1400 audit(1724892479.068:139): avc:  denied  { create } for  pid=5522 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   94.678907][   T39] audit: type=1400 audit(1724892479.068:140): avc:  denied  { bind } for  pid=5522 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   94.689976][   T39] audit: type=1400 audit(1724892479.068:141): avc:  denied  { name_bind } for  pid=5522 comm="syz-executor.0" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[   95.467486][ T5551] dccp_xmit_packet: Payload too large (65475) for featneg.
[   95.530377][ T5554] dccp_xmit_packet: Payload too large (65475) for featneg.
[   95.673924][ T5563] dccp_xmit_packet: Payload too large (65475) for featneg.
[   95.748324][ T5566] dccp_xmit_packet: Payload too large (65475) for featneg.
[   95.798320][ T5570] dccp_xmit_packet: Payload too large (65475) for featneg.
[   95.886421][ T5574] dccp_xmit_packet: Payload too large (65475) for featneg.
[   95.947142][ T5577] dccp_xmit_packet: Payload too large (65475) for featneg.
[   96.038105][ T5582] dccp_xmit_packet: Payload too large (65475) for featneg.
[   96.150163][ T5585] dccp_xmit_packet: Payload too large (65475) for featneg.
[   96.286818][ T5350] Bluetooth: hci0: command tx timeout
[   96.293047][ T5594] dccp_xmit_packet: Payload too large (65475) for featneg.
2024/08/29 00:48:01 executed programs: 23
[   98.371200][ T5350] Bluetooth: hci0: command tx timeout
[   98.892638][    C1] Negotiation of local Allow Short Seqnos failed in state CHANGING at net/dccp/feat.c:1534/dccp_feat_activate_values()
[  100.441245][ T5350] Bluetooth: hci0: command tx timeout
[  100.499949][ T5752] net_ratelimit: 59 callbacks suppressed
[  100.499963][ T5752] dccp_xmit_packet: Payload too large (65475) for featneg.
[  100.550642][ T5754] dccp_xmit_packet: Payload too large (65475) for featneg.
[  100.608676][ T5756] dccp_xmit_packet: Payload too large (65475) for featneg.
[  100.660635][ T5758] dccp_xmit_packet: Payload too large (65475) for featneg.
[  100.716260][ T5760] dccp_xmit_packet: Payload too large (65475) for featneg.
[  100.843176][ T5764] dccp_xmit_packet: Payload too large (65475) for featneg.
[  100.889195][ T5766] dccp_xmit_packet: Payload too large (65475) for featneg.
[  100.947798][ T5768] dccp_xmit_packet: Payload too large (65475) for featneg.
[  100.999234][ T5770] dccp_xmit_packet: Payload too large (65475) for featneg.
[  101.048455][ T5772] dccp_xmit_packet: Payload too large (65475) for featneg.
[  101.101866][    C2] BUG: please report to dccp@vger.kernel.org => prev = 0, last = 0 at net/dccp/ccids/lib/packet_history.c:414/tfrc_rx_hist_sample_rtt()
[  101.107477][    C2] CPU: 2 UID: 0 PID: 5774 Comm: syz-executor.0 Not tainted 6.11.0-rc5-syzkaller-g928f79a188aa #0
[  101.118857][    C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  101.123804][    C2] Call Trace:
[  101.125378][    C2]  <IRQ>
[  101.126708][    C2]  dump_stack_lvl+0x16c/0x1f0
[  101.128882][    C2]  tfrc_rx_hist_sample_rtt+0x3e1/0x4a0
[  101.131280][    C2]  ccid3_hc_rx_packet_recv+0x443/0xf50
[  101.133723][    C2]  ? __pfx_ccid3_hc_rx_packet_recv+0x10/0x10
[  101.136303][    C2]  dccp_deliver_input_to_ccids+0xe3/0x270
[  101.138978][    C2]  dccp_rcv_established+0x10a/0x160
[  101.141302][    C2]  dccp_v4_do_rcv+0x171/0x1b0
[  101.143523][    C2]  ? __pfx_dccp_v4_do_rcv+0x10/0x10
[  101.145913][    C2]  __sk_receive_skb+0x7aa/0x890
[  101.148075][    C2]  dccp_v4_rcv+0x1153/0x1d30
[  101.150777][    C2]  ? __pfx_dccp_v4_rcv+0x10/0x10
[  101.153621][    C2]  ip_protocol_deliver_rcu+0x441/0x4c0
[  101.155925][    C2]  ip_local_deliver_finish+0x316/0x570
[  101.158269][    C2]  ip_local_deliver+0x18e/0x1f0
[  101.160274][    C2]  ? __pfx_ip_local_deliver+0x10/0x10
[  101.162413][    C2]  ip_rcv+0x2c5/0x5d0
[  101.164235][    C2]  ? __pfx_ip_rcv+0x10/0x10
[  101.166503][    C2]  __netif_receive_skb_one_core+0x199/0x1e0
[  101.169370][    C2]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  101.172083][    C2]  ? process_backlog+0x3f1/0x15f0
[  101.174020][    C2]  ? __pfx_lock_release+0x10/0x10
[  101.176082][    C2]  ? do_raw_spin_lock+0x12d/0x2c0
[  101.178348][    C2]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  101.181170][    C2]  ? process_backlog+0x3f1/0x15f0
[  101.183526][    C2]  __netif_receive_skb+0x1d/0x160
[  101.186111][    C2]  process_backlog+0x443/0x15f0
[  101.188197][    C2]  __napi_poll.constprop.0+0xb7/0x550
[  101.190656][    C2]  net_rx_action+0xa92/0x1010
[  101.192793][    C2]  ? __pfx_net_rx_action+0x10/0x10
[  101.195157][    C2]  ? find_held_lock+0x20/0x110
[  101.197391][    C2]  ? net_tx_action+0x7dd/0xd00
[  101.199620][    C2]  ? __pfx_xfrm_dev_backlog+0x10/0x10
[  101.201866][    C2]  handle_softirqs+0x216/0x8f0
[  101.203722][    C2]  ? __pfx_handle_softirqs+0x10/0x10
[  101.205567][    C2]  irq_exit_rcu+0xbb/0x120
[  101.207232][    C2]  sysvec_apic_timer_interrupt+0x95/0xb0
[  101.209431][    C2]  </IRQ>
[  101.210605][    C2]  <TASK>
[  101.211759][    C2]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  101.214760][    C2] RIP: 0010:_raw_spin_unlock_irqrestore+0x31/0x80
[  101.218737][    C2] Code: f5 53 48 8b 74 24 10 48 89 fb 48 83 c7 18 e8 b6 8b 54 f6 48 89 df e8 ce 08 55 f6 f7 c5 00 02 00 00 75 23 9c 58 f6 c4 02 75 37 <bf> 01 00 00 00 e8 f5 7b 46 f6 65 8b 05 46 00 f0 74 85 c0 74 16 5b
[  101.228413][    C2] RSP: 0018:ffffc90003a3f438 EFLAGS: 00000246
[  101.231128][    C2] RAX: 0000000000000002 RBX: ffff888017ac6c00 RCX: 1ffffffff20256d1
[  101.234440][    C2] RDX: 0000000000000000 RSI: ffffffff8b4cc500 RDI: ffffffff8bb09c00
[  101.238273][    C2] RBP: 0000000000000286 R08: 0000000000000001 R09: 0000000000000001
[  101.242270][    C2] R10: ffffffff9012fadf R11: 0000000000000000 R12: ffffea0000842710
[  101.245667][    C2] R13: 0000000000000cc0 R14: ffff888017ac6c00 R15: ffffea00008bef00
[  101.249447][    C2]  get_partial_node.part.0+0x1a1/0x350
[  101.251980][    C2]  ___slab_alloc+0x65b/0x1870
[  101.254127][    C2]  ? __alloc_skb+0x2b1/0x380
[  101.256126][    C2]  ? ___slab_alloc+0x68/0x1870
[  101.258291][    C2]  ? __alloc_skb+0x2b1/0x380
[  101.260386][    C2]  ? __slab_alloc.constprop.0+0x56/0xb0
[  101.262974][    C2]  __slab_alloc.constprop.0+0x56/0xb0
[  101.265872][    C2]  kmem_cache_alloc_node_noprof+0xed/0x310
[  101.268654][    C2]  ? __alloc_skb+0x2b1/0x380
[  101.270770][    C2]  __alloc_skb+0x2b1/0x380
[  101.272860][    C2]  ? __pfx___alloc_skb+0x10/0x10
[  101.275105][    C2]  ? __pfx___lock_acquire+0x10/0x10
[  101.277354][    C2]  alloc_skb_with_frags+0xe4/0x710
[  101.279624][    C2]  ? release_sock+0x21/0x220
[  101.281600][    C2]  sock_alloc_send_pskb+0x7f1/0x980
[  101.283799][    C2]  ? find_held_lock+0x59/0x110
[  101.285793][    C2]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  101.288261][    C2]  ? __pfx_lock_release+0x10/0x10
[  101.290732][    C2]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  101.293191][    C2]  ? dccp_sendmsg+0x2de/0xd10
[  101.295353][    C2]  ? __local_bh_enable_ip+0xa4/0x120
[  101.297755][    C2]  dccp_sendmsg+0x2fc/0xd10
[  101.299886][    C2]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  101.303239][    C2]  ? __might_fault+0x13b/0x190
[  101.305489][    C2]  ? __pfx_dccp_sendmsg+0x10/0x10
[  101.308600][    C2]  ? __pfx_dccp_sendmsg+0x10/0x10
[  101.311182][    C2]  inet_sendmsg+0x119/0x140
[  101.313220][    C2]  ____sys_sendmsg+0x992/0xc90
[  101.315392][    C2]  ? copy_msghdr_from_user+0x10b/0x160
[  101.317819][    C2]  ? __pfx_____sys_sendmsg+0x10/0x10
[  101.320457][    C2]  ? __lock_acquire+0x1620/0x3cb0
[  101.322710][    C2]  ___sys_sendmsg+0x135/0x1e0
[  101.324864][    C2]  ? __pfx____sys_sendmsg+0x10/0x10
[  101.327281][    C2]  ? handle_mm_fault+0x4c9/0x7b0
[  101.329499][    C2]  ? __pfx___might_resched+0x10/0x10
[  101.331986][    C2]  ? __might_fault+0xe3/0x190
[  101.334210][    C2]  __sys_sendmmsg+0x1a1/0x450
[  101.336355][    C2]  ? __pfx___sys_sendmmsg+0x10/0x10
[  101.338779][    C2]  ? __pfx_lock_release+0x10/0x10
[  101.340945][    C2]  ? xfd_validate_state+0x5d/0x180
[  101.343355][    C2]  __x64_sys_sendmmsg+0x9c/0x100
[  101.345545][    C2]  ? lockdep_hardirqs_on+0x7c/0x110
[  101.347932][    C2]  do_syscall_64+0xcd/0x250
[  101.350137][    C2]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.352860][    C2] RIP: 0033:0x7f073f47cd29
[  101.354942][    C2] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  101.362711][    C2] RSP: 002b:00007f07401ec0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  101.366479][    C2] RAX: ffffffffffffffda RBX: 00007f073f5abf80 RCX: 00007f073f47cd29
[  101.397468][    C2] RDX: 000000000000ffc3 RSI: 0000000020001e80 RDI: 0000000000000006
[  101.400964][    C2] RBP: 00007f073f4c947a R08: 0000000000000000 R09: 0000000000000000
[  101.404290][    C2] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  101.407643][    C2] R13: 000000000000000b R14: 00007f073f5abf80 R15: 00007ffccd5526e8
[  101.410977][    C2]  </TASK>
2024/08/29 00:48:06 executed programs: 103
[  103.382443][    C0] BUG: stored value of X_recv is zero at net/dccp/ccids/ccid3.c:691/ccid3_first_li()
[  103.386619][    C0] CPU: 0 UID: 0 PID: 5843 Comm: syz-executor.0 Not tainted 6.11.0-rc5-syzkaller-g928f79a188aa #0
[  103.390513][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  103.394699][    C0] Call Trace:
[  103.396168][    C0]  <IRQ>
[  103.397500][    C0]  dump_stack_lvl+0x16c/0x1f0
[  103.399593][    C0]  ccid3_first_li+0x2fc/0x500
[  103.401543][    C0]  tfrc_lh_interval_add+0x614/0x8d0
[  103.403561][    C0]  ? __pfx_ccid3_first_li+0x10/0x10
[  103.405581][    C0]  ? ktime_get_with_offset+0x15d/0x240
[  103.407664][    C0]  ? __pfx_ccid3_first_li+0x10/0x10
[  103.409733][    C0]  tfrc_rx_handle_loss+0xe0c/0x20b0
[  103.411712][    C0]  ccid3_hc_rx_packet_recv+0x372/0xf50
[  103.413813][    C0]  ? __pfx_ccid3_hc_rx_packet_recv+0x10/0x10
[  103.416309][    C0]  dccp_deliver_input_to_ccids+0xe3/0x270
[  103.418829][    C0]  dccp_rcv_established+0x10a/0x160
[  103.420828][    C0]  dccp_v4_do_rcv+0x171/0x1b0
[  103.422674][    C0]  ? __pfx_dccp_v4_do_rcv+0x10/0x10
[  103.424687][    C0]  __sk_receive_skb+0x7aa/0x890
[  103.426650][    C0]  dccp_v4_rcv+0x1153/0x1d30
[  103.428429][    C0]  ? __pfx_dccp_v4_rcv+0x10/0x10
[  103.430320][    C0]  ip_protocol_deliver_rcu+0x441/0x4c0
[  103.432377][    C0]  ip_local_deliver_finish+0x316/0x570
[  103.434457][    C0]  ip_local_deliver+0x18e/0x1f0
[  103.436276][    C0]  ? __pfx_ip_local_deliver+0x10/0x10
[  103.438457][    C0]  ip_rcv+0x2c5/0x5d0
[  103.440266][    C0]  ? __pfx_ip_rcv+0x10/0x10
[  103.442294][    C0]  __netif_receive_skb_one_core+0x199/0x1e0
[  103.444556][    C0]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  103.446995][    C0]  ? process_backlog+0x3f1/0x15f0
[  103.449146][    C0]  ? __pfx_lock_release+0x10/0x10
[  103.451081][    C0]  ? do_raw_spin_lock+0x12d/0x2c0
[  103.453009][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  103.455098][    C0]  ? process_backlog+0x3f1/0x15f0
[  103.457024][    C0]  __netif_receive_skb+0x1d/0x160
[  103.459366][    C0]  process_backlog+0x443/0x15f0
[  103.461289][    C0]  __napi_poll.constprop.0+0xb7/0x550
[  103.463310][    C0]  net_rx_action+0xa92/0x1010
[  103.464913][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  103.466781][    C0]  ? find_held_lock+0x20/0x110
[  103.468636][    C0]  ? net_tx_action+0x7dd/0xd00
[  103.470444][    C0]  ? __pfx_xfrm_dev_backlog+0x10/0x10
[  103.472483][    C0]  handle_softirqs+0x216/0x8f0
[  103.474154][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  103.475996][    C0]  irq_exit_rcu+0xbb/0x120
[  103.477543][    C0]  sysvec_apic_timer_interrupt+0x95/0xb0
[  103.479478][    C0]  </IRQ>
[  103.480494][    C0]  <TASK>
[  103.481552][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  103.483752][    C0] RIP: 0010:___slab_alloc+0x1da/0x1870
[  103.485884][    C0] Code: 00 00 48 89 df 48 8d 35 00 00 00 00 e8 3f 22 8b ff 48 83 bd 50 ff ff ff 00 0f 85 86 06 00 00 9c 58 f6 c4 02 0f 85 56 08 00 00 <49> 83 7c 24 18 00 0f 84 0a 04 00 00 65 4c 8b 35 c2 96 26 7e 9c 5b
[  103.494340][    C0] RSP: 0018:ffffc900040bf4b0 EFLAGS: 00000246
[  103.496723][    C0] RAX: 0000000000000002 RBX: ffff88806b046f00 RCX: 1ffffffff20256d1
[  103.500342][    C0] RDX: 0000000000000000 RSI: ffffffff8b4cc500 RDI: ffffffff8bb09c00
[  103.503922][    C0] RBP: ffffc900040bf590 R08: 0000000000000001 R09: 0000000000000001
[  103.507573][    C0] R10: ffffffff9012fadf R11: 0000000000000000 R12: ffff88806b046ee0
[  103.511184][    C0] R13: ffff888016ba2780 R14: 0000000000000000 R15: ffff88806b046f00
[  103.514750][    C0]  ? __alloc_skb+0x2b1/0x380
[  103.516806][    C0]  ? ___slab_alloc+0x68/0x1870
[  103.519064][    C0]  ? __alloc_skb+0x2b1/0x380
[  103.521278][    C0]  ? __slab_alloc.constprop.0+0x56/0xb0
[  103.523649][    C0]  __slab_alloc.constprop.0+0x56/0xb0
[  103.526028][    C0]  kmem_cache_alloc_node_noprof+0xed/0x310
[  103.528591][    C0]  ? __alloc_skb+0x2b1/0x380
[  103.530670][    C0]  __alloc_skb+0x2b1/0x380
[  103.532391][    C0]  ? __pfx___alloc_skb+0x10/0x10
[  103.534331][    C0]  ? __pfx___lock_acquire+0x10/0x10
[  103.536355][    C0]  alloc_skb_with_frags+0xe4/0x710
[  103.538357][    C0]  ? release_sock+0x21/0x220
[  103.540212][    C0]  sock_alloc_send_pskb+0x7f1/0x980
[  103.542521][    C0]  ? find_held_lock+0x59/0x110
[  103.544675][    C0]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  103.547294][    C0]  ? __pfx_lock_release+0x10/0x10
[  103.549500][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  103.551608][    C0]  ? dccp_sendmsg+0x2de/0xd10
[  103.553464][    C0]  ? __local_bh_enable_ip+0xa4/0x120
[  103.556031][    C0]  dccp_sendmsg+0x2fc/0xd10
[  103.558206][    C0]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  103.561196][    C0]  ? __might_fault+0x13b/0x190
[  103.563192][    C0]  ? __pfx_dccp_sendmsg+0x10/0x10
[  103.565426][    C0]  ? __pfx_dccp_sendmsg+0x10/0x10
[  103.567586][    C0]  inet_sendmsg+0x119/0x140
[  103.569664][    C0]  ____sys_sendmsg+0x992/0xc90
[  103.571843][    C0]  ? copy_msghdr_from_user+0x10b/0x160
[  103.574119][    C0]  ? __pfx_____sys_sendmsg+0x10/0x10
[  103.576255][    C0]  ? __lock_acquire+0x1620/0x3cb0
[  103.578266][    C0]  ___sys_sendmsg+0x135/0x1e0
[  103.580074][    C0]  ? __pfx____sys_sendmsg+0x10/0x10
[  103.581934][    C0]  ? handle_mm_fault+0x4c9/0x7b0
[  103.583631][    C0]  ? __pfx___might_resched+0x10/0x10
[  103.585699][    C0]  ? __might_fault+0xe3/0x190
[  103.587731][    C0]  __sys_sendmmsg+0x1a1/0x450
[  103.589710][    C0]  ? __pfx___sys_sendmmsg+0x10/0x10
[  103.591904][    C0]  ? __pfx_lock_release+0x10/0x10
[  103.594037][    C0]  ? __pfx_mem_cgroup_handle_over_high+0x10/0x10
[  103.596733][    C0]  __x64_sys_sendmmsg+0x9c/0x100
[  103.598948][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[  103.601117][    C0]  do_syscall_64+0xcd/0x250
[  103.602937][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.605312][    C0] RIP: 0033:0x7f073f47cd29
[  103.607120][    C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  103.615004][    C0] RSP: 002b:00007f07401ec0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  103.617895][    C0] RAX: ffffffffffffffda RBX: 00007f073f5abf80 RCX: 00007f073f47cd29
[  103.621375][    C0] RDX: 000000000000ffc3 RSI: 0000000020001e80 RDI: 0000000000000006
[  103.624883][    C0] RBP: 00007f073f4c947a R08: 0000000000000000 R09: 0000000000000000
[  103.628220][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  103.631205][    C0] R13: 000000000000000b R14: 00007f073f5abf80 R15: 00007ffccd5526e8
[  103.634220][    C0]  </TASK>
[  103.920747][    C3] BUG: please report to dccp@vger.kernel.org => prev = 0, last = 0 at net/dccp/ccids/lib/packet_history.c:414/tfrc_rx_hist_sample_rtt()
[  103.926956][    C3] CPU: 3 UID: 0 PID: 5851 Comm: syz-executor.0 Not tainted 6.11.0-rc5-syzkaller-g928f79a188aa #0
[  103.933945][    C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  103.941961][    C3] Call Trace:
[  103.943660][    C3]  <IRQ>
[  103.944957][    C3]  dump_stack_lvl+0x16c/0x1f0
[  103.947023][    C3]  tfrc_rx_hist_sample_rtt+0x3e1/0x4a0
[  103.949516][    C3]  ccid3_hc_rx_packet_recv+0x443/0xf50
[  103.951961][    C3]  ? __pfx_ccid3_hc_rx_packet_recv+0x10/0x10
[  103.954583][    C3]  dccp_deliver_input_to_ccids+0xe3/0x270
[  103.957042][    C3]  dccp_rcv_established+0x10a/0x160
[  103.959155][    C3]  dccp_v4_do_rcv+0x171/0x1b0
[  103.960971][    C3]  ? __pfx_dccp_v4_do_rcv+0x10/0x10
[  103.963278][    C3]  __sk_receive_skb+0x7aa/0x890
[  103.965323][    C3]  dccp_v4_rcv+0x1153/0x1d30
[  103.967367][    C3]  ? __pfx_dccp_v4_rcv+0x10/0x10
[  103.969458][    C3]  ip_protocol_deliver_rcu+0x441/0x4c0
[  103.971579][    C3]  ip_local_deliver_finish+0x316/0x570
[  103.973710][    C3]  ip_local_deliver+0x18e/0x1f0
[  103.975594][    C3]  ? __pfx_ip_local_deliver+0x10/0x10
[  103.977792][    C3]  ip_rcv+0x2c5/0x5d0
[  103.979774][    C3]  ? __pfx_ip_rcv+0x10/0x10
[  103.982324][    C3]  __netif_receive_skb_one_core+0x199/0x1e0
[  103.985427][    C3]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  103.988269][    C3]  ? process_backlog+0x3f1/0x15f0
[  103.990372][    C3]  ? __pfx_lock_release+0x10/0x10
[  103.992948][    C3]  ? mark_held_locks+0x9f/0xe0
[  103.995315][    C3]  ? process_backlog+0x3f1/0x15f0
[  103.997496][    C3]  __netif_receive_skb+0x1d/0x160
[  104.000210][    C3]  process_backlog+0x443/0x15f0
[  104.002606][    C3]  __napi_poll.constprop.0+0xb7/0x550
[  104.005150][    C3]  net_rx_action+0xa92/0x1010
[  104.007534][    C3]  ? __pfx_net_rx_action+0x10/0x10
[  104.009740][    C3]  ? __pfx_mark_lock+0x10/0x10
[  104.011658][    C3]  ? find_held_lock+0x20/0x110
[  104.013519][    C3]  ? net_tx_action+0x7dd/0xd00
[  104.015372][    C3]  ? __pfx_xfrm_dev_backlog+0x10/0x10
[  104.017486][    C3]  ? mark_held_locks+0x9f/0xe0
[  104.019344][    C3]  handle_softirqs+0x216/0x8f0
[  104.021191][    C3]  ? __pfx_handle_softirqs+0x10/0x10
[  104.023275][    C3]  irq_exit_rcu+0xbb/0x120
[  104.025043][    C3]  sysvec_apic_timer_interrupt+0x95/0xb0
[  104.028092][    C3]  </IRQ>
[  104.029422][    C3]  <TASK>
[  104.030729][    C3]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  104.033438][    C3] RIP: 0010:__local_bh_disable_ip+0x0/0xd0
[  104.035945][    C3] Code: 00 75 0b 48 83 ec 80 5b 5d c3 cc cc cc cc e8 97 6b c2 09 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 55 53 89 f3 65 8b 05 49 30 b5 7e a9 00 00 0f 00 0f 85
[  104.043985][    C3] RSP: 0018:ffffc90004187880 EFLAGS: 00000246
[  104.046398][    C3] RAX: 0000000000000000 RBX: ffff88801fa9e840 RCX: 0000000000000001
[  104.049678][    C3] RDX: 0000000000000000 RSI: 0000000000000201 RDI: ffffffff88e2065f
[  104.052680][    C3] RBP: ffff88801fa9e880 R08: 0000000000000000 R09: fffffbfff28c5afa
[  104.055754][    C3] R10: ffffffff9462d7d7 R11: 0000000000000000 R12: ffff88801fa9e840
[  104.058836][    C3] R13: 0000000000000000 R14: ffff88801fa9e680 R15: ffffc90004187d48
[  104.062133][    C3]  ? lock_sock_nested+0x5f/0xf0
[  104.064008][    C3]  _raw_spin_lock_bh+0x17/0x40
[  104.065673][    C3]  lock_sock_nested+0x5f/0xf0
[  104.067260][    C3]  ? dccp_sendmsg+0x1a2/0xd10
[  104.068848][    C3]  dccp_sendmsg+0x1a2/0xd10
[  104.071125][    C3]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  104.074333][    C3]  ? __might_fault+0x13b/0x190
[  104.076507][    C3]  ? __pfx_dccp_sendmsg+0x10/0x10
[  104.078686][    C3]  ? __pfx_dccp_sendmsg+0x10/0x10
[  104.080760][    C3]  inet_sendmsg+0x119/0x140
[  104.082713][    C3]  ____sys_sendmsg+0x992/0xc90
[  104.084604][    C3]  ? copy_msghdr_from_user+0x10b/0x160
[  104.086764][    C3]  ? __pfx_____sys_sendmsg+0x10/0x10
[  104.088804][    C3]  ? __lock_acquire+0x1620/0x3cb0
[  104.090956][    C3]  ___sys_sendmsg+0x135/0x1e0
[  104.092978][    C3]  ? __pfx____sys_sendmsg+0x10/0x10
[  104.095281][    C3]  ? handle_mm_fault+0x4c9/0x7b0
[  104.097377][    C3]  ? __pfx___might_resched+0x10/0x10
[  104.099602][    C3]  ? __might_fault+0xe3/0x190
[  104.101927][    C3]  __sys_sendmmsg+0x1a1/0x450
[  104.104134][    C3]  ? __pfx___sys_sendmmsg+0x10/0x10
[  104.106931][    C3]  ? __pfx_lock_release+0x10/0x10
[  104.109254][    C3]  ? __pfx_mem_cgroup_handle_over_high+0x10/0x10
[  104.111968][    C3]  __x64_sys_sendmmsg+0x9c/0x100
[  104.113897][    C3]  ? lockdep_hardirqs_on+0x7c/0x110
[  104.115894][    C3]  do_syscall_64+0xcd/0x250
[  104.117766][    C3]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.135130][    C3] RIP: 0033:0x7f073f47cd29
[  104.137156][    C3] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  104.144868][    C3] RSP: 002b:00007f07401ec0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  104.148084][    C3] RAX: ffffffffffffffda RBX: 00007f073f5abf80 RCX: 00007f073f47cd29
[  104.167502][    C3] RDX: 000000000000ffc3 RSI: 0000000020001e80 RDI: 0000000000000006
[  104.170801][    C3] RBP: 00007f073f4c947a R08: 0000000000000000 R09: 0000000000000000
[  104.174108][    C3] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  104.177474][    C3] R13: 000000000000000b R14: 00007f073f5abf80 R15: 00007ffccd5526e8
[  104.180916][    C3]  </TASK>
[  105.591452][ T5893] net_ratelimit: 51 callbacks suppressed
[  105.591469][ T5893] dccp_xmit_packet: Payload too large (65475) for featneg.
[  105.690395][ T5896] dccp_xmit_packet: Payload too large (65475) for featneg.
[  105.756463][ T5898] dccp_xmit_packet: Payload too large (65475) for featneg.
[  105.906393][ T5904] dccp_xmit_packet: Payload too large (65475) for featneg.
[  105.959656][ T5906] dccp_xmit_packet: Payload too large (65475) for featneg.
[  106.020571][ T5908] dccp_xmit_packet: Payload too large (65475) for featneg.
[  106.121632][ T5912] dccp_xmit_packet: Payload too large (65475) for featneg.
[  106.187252][ T5914] dccp_xmit_packet: Payload too large (65475) for featneg.
[  106.308135][ T5918] dccp_xmit_packet: Payload too large (65475) for featneg.
[  106.429125][ T5922] dccp_xmit_packet: Payload too large (65475) for featneg.
2024/08/29 00:48:12 executed programs: 171
[  108.253475][    C1] Negotiation of local Allow Short Seqnos failed in state CHANGING at net/dccp/feat.c:1534/dccp_feat_activate_values()
[  110.607072][ T6041] net_ratelimit: 45 callbacks suppressed
[  110.607087][ T6041] dccp_xmit_packet: Payload too large (65475) for featneg.
[  110.716451][ T6045] dccp_xmit_packet: Payload too large (65475) for featneg.
[  110.818519][ T6047] dccp_xmit_packet: Payload too large (65475) for featneg.
[  110.958568][ T6051] dccp_xmit_packet: Payload too large (65475) for featneg.
[  111.087696][ T6055] dccp_xmit_packet: Payload too large (65475) for featneg.