Warning: Permanently added '[localhost]:38560' (ECDSA) to the list of known hosts. 2024/10/17 22:56:57 fuzzer started 2024/10/17 22:56:57 dialing manager at localhost:45639 syzkaller login: [ 62.091039] cgroup: Unknown subsys name 'net' [ 62.419796] cgroup: Unknown subsys name 'cpuset' [ 62.463262] cgroup: Unknown subsys name 'rlimit' 2024/10/17 22:57:17 syscalls: 2217 2024/10/17 22:57:17 code coverage: enabled 2024/10/17 22:57:17 comparison tracing: enabled 2024/10/17 22:57:17 extra coverage: enabled 2024/10/17 22:57:17 setuid sandbox: enabled 2024/10/17 22:57:17 namespace sandbox: enabled 2024/10/17 22:57:17 Android sandbox: enabled 2024/10/17 22:57:17 fault injection: enabled 2024/10/17 22:57:17 leak checking: enabled 2024/10/17 22:57:17 net packet injection: enabled 2024/10/17 22:57:17 net device setup: enabled 2024/10/17 22:57:17 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2024/10/17 22:57:17 devlink PCI setup: PCI device 0000:00:10.0 is not available 2024/10/17 22:57:17 USB emulation: enabled 2024/10/17 22:57:17 hci packet injection: enabled 2024/10/17 22:57:17 wifi device emulation: enabled 2024/10/17 22:57:17 802.15.4 emulation: enabled 2024/10/17 22:57:17 fetching corpus: 0, signal 0/2000 (executing program) 2024/10/17 22:57:17 fetching corpus: 48, signal 24370/27849 (executing program) 2024/10/17 22:57:17 fetching corpus: 97, signal 38251/43029 (executing program) 2024/10/17 22:57:18 fetching corpus: 147, signal 44200/50282 (executing program) 2024/10/17 22:57:18 fetching corpus: 197, signal 48551/55901 (executing program) 2024/10/17 22:57:18 fetching corpus: 247, signal 52577/61119 (executing program) 2024/10/17 22:57:18 fetching corpus: 297, signal 55614/65347 (executing program) 2024/10/17 22:57:18 fetching corpus: 347, signal 60304/71026 (executing program) 2024/10/17 22:57:18 fetching corpus: 397, signal 64049/75764 (executing program) 2024/10/17 22:57:18 fetching corpus: 446, signal 67376/80016 (executing program) 2024/10/17 22:57:18 fetching corpus: 496, signal 70020/83600 (executing program) 2024/10/17 22:57:18 fetching corpus: 546, signal 72285/86805 (executing program) 2024/10/17 22:57:18 fetching corpus: 596, signal 75346/90682 (executing program) 2024/10/17 22:57:18 fetching corpus: 646, signal 77442/93646 (executing program) 2024/10/17 22:57:19 fetching corpus: 696, signal 79101/96201 (executing program) 2024/10/17 22:57:19 fetching corpus: 746, signal 81143/99055 (executing program) 2024/10/17 22:57:19 fetching corpus: 796, signal 83134/101742 (executing program) 2024/10/17 22:57:19 fetching corpus: 846, signal 85280/104575 (executing program) 2024/10/17 22:57:19 fetching corpus: 896, signal 88666/108355 (executing program) 2024/10/17 22:57:19 fetching corpus: 946, signal 89847/110271 (executing program) 2024/10/17 22:57:19 fetching corpus: 996, signal 92254/113123 (executing program) 2024/10/17 22:57:19 fetching corpus: 1046, signal 94471/115815 (executing program) 2024/10/17 22:57:19 fetching corpus: 1096, signal 96113/118039 (executing program) 2024/10/17 22:57:20 fetching corpus: 1146, signal 97549/120065 (executing program) 2024/10/17 22:57:20 fetching corpus: 1196, signal 99697/122547 (executing program) 2024/10/17 22:57:20 fetching corpus: 1246, signal 100466/124011 (executing program) 2024/10/17 22:57:20 fetching corpus: 1296, signal 101676/125789 (executing program) 2024/10/17 22:57:20 fetching corpus: 1346, signal 103361/127835 (executing program) 2024/10/17 22:57:20 fetching corpus: 1396, signal 104597/129563 (executing program) 2024/10/17 22:57:20 fetching corpus: 1446, signal 105385/130954 (executing program) 2024/10/17 22:57:20 fetching corpus: 1496, signal 106202/132323 (executing program) 2024/10/17 22:57:21 fetching corpus: 1546, signal 107651/134056 (executing program) 2024/10/17 22:57:21 fetching corpus: 1596, signal 108697/135529 (executing program) 2024/10/17 22:57:21 fetching corpus: 1646, signal 109997/137189 (executing program) 2024/10/17 22:57:21 fetching corpus: 1696, signal 110934/138604 (executing program) 2024/10/17 22:57:21 fetching corpus: 1746, signal 111979/140032 (executing program) 2024/10/17 22:57:21 fetching corpus: 1796, signal 113227/141581 (executing program) 2024/10/17 22:57:21 fetching corpus: 1846, signal 114327/142990 (executing program) 2024/10/17 22:57:21 fetching corpus: 1896, signal 115112/144178 (executing program) 2024/10/17 22:57:21 fetching corpus: 1946, signal 116563/145728 (executing program) 2024/10/17 22:57:21 fetching corpus: 1996, signal 117368/146887 (executing program) 2024/10/17 22:57:22 fetching corpus: 2046, signal 118442/148171 (executing program) 2024/10/17 22:57:22 fetching corpus: 2096, signal 119287/149361 (executing program) 2024/10/17 22:57:22 fetching corpus: 2146, signal 119884/150387 (executing program) 2024/10/17 22:57:22 fetching corpus: 2196, signal 121363/151871 (executing program) 2024/10/17 22:57:22 fetching corpus: 2246, signal 122500/153117 (executing program) 2024/10/17 22:57:22 fetching corpus: 2296, signal 123363/154279 (executing program) 2024/10/17 22:57:22 fetching corpus: 2346, signal 123835/155148 (executing program) 2024/10/17 22:57:22 fetching corpus: 2396, signal 124559/156179 (executing program) 2024/10/17 22:57:22 fetching corpus: 2446, signal 125166/157103 (executing program) 2024/10/17 22:57:22 fetching corpus: 2496, signal 126437/158312 (executing program) 2024/10/17 22:57:22 fetching corpus: 2546, signal 126957/159170 (executing program) 2024/10/17 22:57:23 fetching corpus: 2596, signal 128051/160271 (executing program) 2024/10/17 22:57:23 fetching corpus: 2646, signal 128556/161095 (executing program) 2024/10/17 22:57:23 fetching corpus: 2696, signal 129160/161947 (executing program) 2024/10/17 22:57:23 fetching corpus: 2746, signal 129820/162781 (executing program) 2024/10/17 22:57:23 fetching corpus: 2796, signal 131649/164081 (executing program) 2024/10/17 22:57:23 fetching corpus: 2846, signal 132159/164848 (executing program) 2024/10/17 22:57:23 fetching corpus: 2896, signal 132956/165672 (executing program) 2024/10/17 22:57:23 fetching corpus: 2946, signal 134141/166654 (executing program) 2024/10/17 22:57:23 fetching corpus: 2996, signal 134765/167401 (executing program) 2024/10/17 22:57:24 fetching corpus: 3046, signal 135288/168127 (executing program) 2024/10/17 22:57:24 fetching corpus: 3096, signal 135817/168813 (executing program) 2024/10/17 22:57:24 fetching corpus: 3146, signal 136230/169472 (executing program) 2024/10/17 22:57:24 fetching corpus: 3196, signal 136855/170196 (executing program) 2024/10/17 22:57:24 fetching corpus: 3246, signal 137685/170933 (executing program) 2024/10/17 22:57:24 fetching corpus: 3296, signal 138211/171625 (executing program) 2024/10/17 22:57:24 fetching corpus: 3346, signal 138737/172304 (executing program) 2024/10/17 22:57:24 fetching corpus: 3396, signal 139397/172943 (executing program) 2024/10/17 22:57:24 fetching corpus: 3446, signal 139711/173506 (executing program) 2024/10/17 22:57:24 fetching corpus: 3496, signal 140282/174092 (executing program) 2024/10/17 22:57:24 fetching corpus: 3546, signal 140723/174686 (executing program) 2024/10/17 22:57:25 fetching corpus: 3596, signal 141195/175255 (executing program) 2024/10/17 22:57:25 fetching corpus: 3646, signal 141612/175797 (executing program) 2024/10/17 22:57:25 fetching corpus: 3696, signal 141908/176319 (executing program) 2024/10/17 22:57:25 fetching corpus: 3746, signal 142174/176840 (executing program) 2024/10/17 22:57:25 fetching corpus: 3795, signal 142538/177376 (executing program) 2024/10/17 22:57:25 fetching corpus: 3844, signal 143008/177907 (executing program) 2024/10/17 22:57:25 fetching corpus: 3894, signal 143358/178391 (executing program) 2024/10/17 22:57:25 fetching corpus: 3943, signal 143814/178920 (executing program) 2024/10/17 22:57:25 fetching corpus: 3993, signal 144315/179460 (executing program) 2024/10/17 22:57:25 fetching corpus: 4043, signal 144692/179938 (executing program) 2024/10/17 22:57:25 fetching corpus: 4093, signal 145096/180399 (executing program) 2024/10/17 22:57:25 fetching corpus: 4143, signal 145387/180845 (executing program) 2024/10/17 22:57:25 fetching corpus: 4193, signal 145815/181316 (executing program) 2024/10/17 22:57:26 fetching corpus: 4243, signal 146272/181767 (executing program) 2024/10/17 22:57:26 fetching corpus: 4293, signal 146687/182177 (executing program) 2024/10/17 22:57:26 fetching corpus: 4343, signal 147031/182607 (executing program) 2024/10/17 22:57:26 fetching corpus: 4393, signal 147411/183002 (executing program) 2024/10/17 22:57:26 fetching corpus: 4443, signal 147914/183447 (executing program) 2024/10/17 22:57:26 fetching corpus: 4493, signal 148587/183853 (executing program) 2024/10/17 22:57:26 fetching corpus: 4543, signal 148811/184254 (executing program) 2024/10/17 22:57:26 fetching corpus: 4593, signal 149275/184318 (executing program) 2024/10/17 22:57:26 fetching corpus: 4643, signal 150040/184320 (executing program) 2024/10/17 22:57:26 fetching corpus: 4692, signal 150434/184320 (executing program) 2024/10/17 22:57:26 fetching corpus: 4742, signal 150759/184320 (executing program) 2024/10/17 22:57:26 fetching corpus: 4792, signal 151312/184320 (executing program) 2024/10/17 22:57:27 fetching corpus: 4842, signal 151922/184320 (executing program) 2024/10/17 22:57:27 fetching corpus: 4892, signal 152405/184320 (executing program) 2024/10/17 22:57:27 fetching corpus: 4942, signal 152805/184320 (executing program) 2024/10/17 22:57:27 fetching corpus: 4992, signal 153295/184320 (executing program) 2024/10/17 22:57:27 fetching corpus: 5041, signal 153616/184320 (executing program) 2024/10/17 22:57:27 fetching corpus: 5091, signal 153916/184320 (executing program) 2024/10/17 22:57:27 fetching corpus: 5141, signal 154547/184320 (executing program) 2024/10/17 22:57:27 fetching corpus: 5191, signal 154811/184320 (executing program) 2024/10/17 22:57:27 fetching corpus: 5241, signal 155115/184320 (executing program) 2024/10/17 22:57:27 fetching corpus: 5291, signal 155412/184320 (executing program) 2024/10/17 22:57:28 fetching corpus: 5341, signal 155758/184320 (executing program) 2024/10/17 22:57:28 fetching corpus: 5391, signal 156361/184320 (executing program) 2024/10/17 22:57:28 fetching corpus: 5441, signal 156657/184320 (executing program) 2024/10/17 22:57:28 fetching corpus: 5491, signal 156970/184320 (executing program) 2024/10/17 22:57:28 fetching corpus: 5541, signal 157405/184320 (executing program) 2024/10/17 22:57:28 fetching corpus: 5591, signal 157774/184320 (executing program) 2024/10/17 22:57:28 fetching corpus: 5641, signal 158196/184320 (executing program) 2024/10/17 22:57:28 fetching corpus: 5691, signal 158697/184320 (executing program) 2024/10/17 22:57:28 fetching corpus: 5741, signal 159021/184320 (executing program) 2024/10/17 22:57:28 fetching corpus: 5791, signal 159363/184323 (executing program) 2024/10/17 22:57:28 fetching corpus: 5841, signal 159644/184324 (executing program) 2024/10/17 22:57:28 fetching corpus: 5891, signal 159925/184324 (executing program) 2024/10/17 22:57:29 fetching corpus: 5941, signal 160263/184324 (executing program) 2024/10/17 22:57:29 fetching corpus: 5991, signal 160604/184324 (executing program) 2024/10/17 22:57:29 fetching corpus: 6041, signal 160766/184324 (executing program) 2024/10/17 22:57:29 fetching corpus: 6091, signal 161072/184324 (executing program) 2024/10/17 22:57:29 fetching corpus: 6141, signal 161513/184324 (executing program) 2024/10/17 22:57:29 fetching corpus: 6191, signal 161756/184324 (executing program) 2024/10/17 22:57:29 fetching corpus: 6241, signal 162111/184326 (executing program) 2024/10/17 22:57:29 fetching corpus: 6291, signal 162947/184334 (executing program) 2024/10/17 22:57:29 fetching corpus: 6341, signal 163214/184334 (executing program) 2024/10/17 22:57:29 fetching corpus: 6391, signal 163543/184334 (executing program) 2024/10/17 22:57:29 fetching corpus: 6441, signal 164349/184687 (executing program) 2024/10/17 22:57:29 fetching corpus: 6491, signal 164725/184687 (executing program) 2024/10/17 22:57:29 fetching corpus: 6541, signal 164987/184687 (executing program) 2024/10/17 22:57:30 fetching corpus: 6591, signal 165511/184687 (executing program) 2024/10/17 22:57:30 fetching corpus: 6641, signal 165965/184687 (executing program) 2024/10/17 22:57:30 fetching corpus: 6691, signal 166254/184687 (executing program) 2024/10/17 22:57:30 fetching corpus: 6741, signal 166583/184687 (executing program) 2024/10/17 22:57:30 fetching corpus: 6791, signal 166776/184687 (executing program) 2024/10/17 22:57:30 fetching corpus: 6841, signal 167137/184687 (executing program) 2024/10/17 22:57:30 fetching corpus: 6891, signal 167552/184687 (executing program) 2024/10/17 22:57:30 fetching corpus: 6941, signal 167971/184687 (executing program) 2024/10/17 22:57:30 fetching corpus: 6991, signal 168286/184687 (executing program) 2024/10/17 22:57:30 fetching corpus: 7041, signal 168551/184687 (executing program) 2024/10/17 22:57:30 fetching corpus: 7091, signal 168725/184687 (executing program) 2024/10/17 22:57:30 fetching corpus: 7141, signal 169064/184687 (executing program) 2024/10/17 22:57:31 fetching corpus: 7191, signal 169280/184690 (executing program) 2024/10/17 22:57:31 fetching corpus: 7241, signal 170489/184690 (executing program) 2024/10/17 22:57:31 fetching corpus: 7291, signal 170702/184690 (executing program) 2024/10/17 22:57:31 fetching corpus: 7341, signal 170970/184690 (executing program) 2024/10/17 22:57:31 fetching corpus: 7391, signal 171325/184690 (executing program) 2024/10/17 22:57:31 fetching corpus: 7441, signal 171489/184690 (executing program) 2024/10/17 22:57:31 fetching corpus: 7491, signal 171799/184690 (executing program) 2024/10/17 22:57:31 fetching corpus: 7541, signal 172177/184690 (executing program) 2024/10/17 22:57:31 fetching corpus: 7591, signal 172747/184690 (executing program) 2024/10/17 22:57:31 fetching corpus: 7641, signal 172948/184690 (executing program) 2024/10/17 22:57:31 fetching corpus: 7691, signal 173167/184690 (executing program) 2024/10/17 22:57:32 fetching corpus: 7741, signal 173345/184690 (executing program) 2024/10/17 22:57:32 fetching corpus: 7791, signal 173791/184690 (executing program) 2024/10/17 22:57:32 fetching corpus: 7841, signal 174002/184690 (executing program) 2024/10/17 22:57:32 fetching corpus: 7891, signal 174589/184690 (executing program) 2024/10/17 22:57:32 fetching corpus: 7941, signal 174751/184690 (executing program) 2024/10/17 22:57:32 fetching corpus: 7991, signal 175109/184690 (executing program) 2024/10/17 22:57:32 fetching corpus: 8041, signal 175344/184690 (executing program) 2024/10/17 22:57:32 fetching corpus: 8091, signal 175552/184690 (executing program) 2024/10/17 22:57:32 fetching corpus: 8141, signal 175841/184690 (executing program) 2024/10/17 22:57:32 fetching corpus: 8191, signal 176056/184690 (executing program) 2024/10/17 22:57:32 fetching corpus: 8241, signal 176406/184690 (executing program) 2024/10/17 22:57:32 fetching corpus: 8291, signal 176588/184690 (executing program) 2024/10/17 22:57:33 fetching corpus: 8341, signal 176782/184690 (executing program) 2024/10/17 22:57:33 fetching corpus: 8391, signal 177001/184690 (executing program) 2024/10/17 22:57:33 fetching corpus: 8441, signal 177177/184690 (executing program) 2024/10/17 22:57:33 fetching corpus: 8491, signal 177374/184690 (executing program) 2024/10/17 22:57:33 fetching corpus: 8541, signal 177748/184690 (executing program) 2024/10/17 22:57:33 fetching corpus: 8591, signal 177990/184690 (executing program) 2024/10/17 22:57:33 fetching corpus: 8641, signal 178503/184690 (executing program) 2024/10/17 22:57:33 fetching corpus: 8691, signal 178743/184691 (executing program) 2024/10/17 22:57:33 fetching corpus: 8741, signal 178920/184691 (executing program) 2024/10/17 22:57:33 fetching corpus: 8791, signal 179585/184691 (executing program) 2024/10/17 22:57:33 fetching corpus: 8841, signal 179800/184691 (executing program) 2024/10/17 22:57:34 fetching corpus: 8891, signal 180034/184691 (executing program) 2024/10/17 22:57:34 fetching corpus: 8941, signal 180280/184691 (executing program) 2024/10/17 22:57:34 fetching corpus: 8991, signal 180674/184691 (executing program) 2024/10/17 22:57:34 fetching corpus: 9041, signal 180866/184691 (executing program) 2024/10/17 22:57:34 fetching corpus: 9091, signal 181144/184691 (executing program) 2024/10/17 22:57:34 fetching corpus: 9141, signal 181359/184691 (executing program) 2024/10/17 22:57:34 fetching corpus: 9191, signal 181609/184691 (executing program) 2024/10/17 22:57:34 fetching corpus: 9241, signal 181825/184691 (executing program) 2024/10/17 22:57:34 fetching corpus: 9291, signal 182002/184691 (executing program) 2024/10/17 22:57:34 fetching corpus: 9341, signal 182145/184691 (executing program) 2024/10/17 22:57:34 fetching corpus: 9391, signal 182375/184691 (executing program) 2024/10/17 22:57:35 fetching corpus: 9441, signal 182693/184691 (executing program) 2024/10/17 22:57:35 fetching corpus: 9490, signal 182891/184691 (executing program) 2024/10/17 22:57:35 fetching corpus: 9540, signal 183073/184691 (executing program) 2024/10/17 22:57:35 fetching corpus: 9590, signal 183424/184691 (executing program) 2024/10/17 22:57:35 fetching corpus: 9612, signal 183564/184691 (executing program) 2024/10/17 22:57:35 fetching corpus: 9612, signal 183564/184691 (executing program) 2024/10/17 22:57:38 starting 8 fuzzer processes 22:57:38 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000001a40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001700)=[@pktinfo={{0x24, 0x29, 0x4, {@mcast2}}}], 0x28}}], 0x2, 0x0) 22:57:38 executing program 1: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0xc0189377, &(0x7f0000000040)={{0x1, 0x1, 0x17}, './file0\x00'}) 22:57:38 executing program 2: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x2) 22:57:38 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x11, r0, 0x0) io_getevents(0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)={0x0, 0x989680}) [ 102.352116] audit: type=1400 audit(1729205858.198:7): avc: denied { execmem } for pid=272 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 22:57:38 executing program 5: r0 = openat$random(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)={0xfffffffc}) 22:57:38 executing program 4: r0 = socket$nl_audit(0x10, 0x3, 0x9) setsockopt$sock_int(r0, 0x1, 0x49, &(0x7f0000000000)=0xfffffffa, 0x4) 22:57:38 executing program 6: ioperm(0x0, 0x6d1f, 0x8) ioprio_get$pid(0x3, 0x0) 22:57:38 executing program 7: sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) pipe2(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, 0x0) sendfile(r0, 0xffffffffffffffff, 0x0, 0x0) sendmsg$NL80211_CMD_GET_SURVEY(r0, 0x0, 0x40000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = inotify_init() inotify_add_watch(r1, &(0x7f0000000300)='.\x00', 0x1630009ba) [ 103.820238] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 103.826944] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 103.832466] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 103.835870] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 103.842235] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 103.842443] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 103.845972] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 103.851555] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 103.853907] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 103.857887] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 103.857973] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 103.865166] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 103.895861] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 103.910850] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 103.914086] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 103.925991] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 103.932197] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 103.937192] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 103.939721] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 103.941912] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 103.951325] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 103.974600] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 103.980270] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 103.983822] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 103.993098] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 103.999233] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 104.000014] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 104.002191] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 104.003852] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 104.011577] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 104.011807] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 104.014752] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 104.017347] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 104.019760] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 104.023961] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 104.030426] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 104.032161] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 104.039565] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 104.044951] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 104.068817] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 104.080798] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 104.080928] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 104.099790] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 104.104044] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 104.106299] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 104.118029] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 104.129733] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 104.143586] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 105.911121] Bluetooth: hci0: command tx timeout [ 105.973563] Bluetooth: hci1: command tx timeout [ 106.037517] Bluetooth: hci2: command tx timeout [ 106.101499] Bluetooth: hci3: command tx timeout [ 106.102498] Bluetooth: hci5: command tx timeout [ 106.165487] Bluetooth: hci7: command tx timeout [ 106.166737] Bluetooth: hci6: command tx timeout [ 106.229508] Bluetooth: hci4: command tx timeout [ 107.957581] Bluetooth: hci0: command tx timeout [ 108.024398] Bluetooth: hci1: command tx timeout [ 108.086550] Bluetooth: hci2: command tx timeout [ 108.150822] Bluetooth: hci5: command tx timeout [ 108.151256] Bluetooth: hci3: command tx timeout [ 108.215416] Bluetooth: hci6: command tx timeout [ 108.215845] Bluetooth: hci7: command tx timeout [ 108.277466] Bluetooth: hci4: command tx timeout [ 110.005437] Bluetooth: hci0: command tx timeout [ 110.072424] Bluetooth: hci1: command tx timeout [ 110.133651] Bluetooth: hci2: command tx timeout [ 110.198632] Bluetooth: hci5: command tx timeout [ 110.199082] Bluetooth: hci3: command tx timeout [ 110.261459] Bluetooth: hci7: command tx timeout [ 110.261934] Bluetooth: hci6: command tx timeout [ 110.326461] Bluetooth: hci4: command tx timeout [ 112.054533] Bluetooth: hci0: command tx timeout [ 112.118441] Bluetooth: hci1: command tx timeout [ 112.183507] Bluetooth: hci2: command tx timeout [ 112.246938] Bluetooth: hci3: command tx timeout [ 112.247413] Bluetooth: hci5: command tx timeout [ 112.310444] Bluetooth: hci7: command tx timeout [ 112.310898] Bluetooth: hci6: command tx timeout [ 112.374445] Bluetooth: hci4: command tx timeout [ 161.484852] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 161.486084] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 161.738412] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 161.739055] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 161.979885] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 161.980781] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 162.249951] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 162.250789] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 162.656607] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 162.657256] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 163.563409] syz-executor.0 (280) used greatest stack depth: 23552 bytes left [ 165.962243] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 165.965994] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 165.972152] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 165.980703] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 165.988931] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 165.994151] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 166.087747] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 166.092807] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 166.098216] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 166.106643] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 166.114776] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 166.116939] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 166.153776] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 166.159917] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 166.168318] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 166.181301] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 166.188546] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 166.191913] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 166.260861] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 166.268029] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 166.273875] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 166.285037] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 166.296134] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 166.307786] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 166.383549] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 166.403301] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 166.412566] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 166.453894] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 166.481017] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 166.494635] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 166.776839] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 166.785967] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 166.789794] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 166.795219] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 166.797937] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 166.800102] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 166.803700] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 166.803856] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 166.808218] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 166.817706] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 166.821222] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 166.835095] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 166.836995] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 166.864793] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 166.875737] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 166.904139] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 166.960783] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 167.040271] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 168.054547] Bluetooth: hci0: command tx timeout [ 168.182846] Bluetooth: hci1: command tx timeout [ 168.309554] Bluetooth: hci2: command tx timeout [ 168.437589] Bluetooth: hci3: command tx timeout [ 168.565462] Bluetooth: hci4: command tx timeout [ 169.013481] Bluetooth: hci7: command tx timeout [ 169.014488] Bluetooth: hci6: command tx timeout [ 169.141460] Bluetooth: hci5: command tx timeout [ 170.101522] Bluetooth: hci0: command tx timeout [ 170.229439] Bluetooth: hci1: command tx timeout [ 170.358388] Bluetooth: hci2: command tx timeout [ 170.485466] Bluetooth: hci3: command tx timeout [ 170.613685] Bluetooth: hci4: command tx timeout [ 171.061497] Bluetooth: hci7: command tx timeout [ 171.061975] Bluetooth: hci6: command tx timeout [ 171.189605] Bluetooth: hci5: command tx timeout [ 172.151410] Bluetooth: hci0: command tx timeout [ 172.277616] Bluetooth: hci1: command tx timeout [ 172.405596] Bluetooth: hci2: command tx timeout [ 172.533448] Bluetooth: hci3: command tx timeout [ 172.661450] Bluetooth: hci4: command tx timeout [ 173.109899] Bluetooth: hci6: command tx timeout [ 173.110830] Bluetooth: hci7: command tx timeout [ 173.237425] Bluetooth: hci5: command tx timeout [ 174.198440] Bluetooth: hci0: command tx timeout [ 174.325569] Bluetooth: hci1: command tx timeout [ 174.453457] Bluetooth: hci2: command tx timeout [ 174.581445] Bluetooth: hci3: command tx timeout [ 174.709626] Bluetooth: hci4: command tx timeout [ 175.157446] Bluetooth: hci7: command tx timeout [ 175.157955] Bluetooth: hci6: command tx timeout [ 175.285444] Bluetooth: hci5: command tx timeout [ 223.286417] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 223.287077] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 223.415930] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 223.416610] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 223.609464] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 223.610122] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 223.826256] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 223.827112] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 224.033933] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 224.034592] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 224.229187] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 224.230136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 224.397140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 224.397835] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 224.573201] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 224.574005] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 22:59:40 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r1, r0, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000080)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_sset_info={0x37, 0x0, 0x80000}}) [ 224.771443] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 224.772085] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 22:59:40 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r1, r0, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000080)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_sset_info={0x37, 0x0, 0x80000}}) 22:59:40 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r1, r0, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000080)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_sset_info={0x37, 0x0, 0x80000}}) 22:59:41 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r1, r0, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000080)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_sset_info={0x37, 0x0, 0x80000}}) 22:59:41 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r0, 0x29, 0x48, &(0x7f0000000040)={'filter\x00', 0x2, [{}, {}]}, 0x48) 22:59:41 executing program 4: syz_mount_image$tmpfs(&(0x7f00000006c0), &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x1000001, &(0x7f00000000c0)) mount_setattr(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={0x1, 0x0, 0x40000}, 0x20) 22:59:41 executing program 4: syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @random="2722b090ea1b", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "d138be", 0x0, 0x2f, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty}}}}, 0x0) 22:59:41 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x4d, 0x0, &(0x7f00000001c0)) [ 227.902946] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 227.907085] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 227.909612] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 227.916554] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 227.920085] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 227.923107] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 228.287131] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 228.290055] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 228.292177] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 228.299165] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 228.303667] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 228.305528] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 228.429600] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 228.435748] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 228.451308] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 228.455646] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 228.459968] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 228.472935] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 228.474585] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 228.486506] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 228.493951] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 228.494501] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 228.503595] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 228.505755] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 228.510541] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 228.512739] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 228.525230] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 228.541726] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 228.567296] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 228.570559] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 228.585612] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 228.589183] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 228.595310] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 228.597987] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 228.603105] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 228.604919] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 228.647690] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 228.649994] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 228.655905] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 228.658183] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 228.661722] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 228.665314] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 230.006052] Bluetooth: hci0: command tx timeout [ 230.326441] Bluetooth: hci1: command tx timeout [ 230.581436] Bluetooth: hci2: command tx timeout [ 230.582233] Bluetooth: hci3: command tx timeout [ 230.645554] Bluetooth: hci4: command tx timeout [ 230.709485] Bluetooth: hci7: command tx timeout [ 230.710119] Bluetooth: hci5: command tx timeout [ 232.056383] Bluetooth: hci0: command tx timeout [ 232.375124] Bluetooth: hci1: command tx timeout [ 232.631385] Bluetooth: hci3: command tx timeout [ 232.631863] Bluetooth: hci2: command tx timeout [ 232.693409] Bluetooth: hci4: command tx timeout [ 232.757533] Bluetooth: hci5: command tx timeout [ 232.758015] Bluetooth: hci7: command tx timeout [ 234.102506] Bluetooth: hci0: command tx timeout [ 234.422514] Bluetooth: hci1: command tx timeout [ 234.680498] Bluetooth: hci3: command tx timeout [ 234.681009] Bluetooth: hci2: command tx timeout [ 234.741529] Bluetooth: hci4: command tx timeout [ 234.806444] Bluetooth: hci7: command tx timeout [ 234.806936] Bluetooth: hci5: command tx timeout [ 236.152613] Bluetooth: hci0: command tx timeout [ 236.470533] Bluetooth: hci1: command tx timeout [ 236.725584] Bluetooth: hci2: command tx timeout [ 236.726073] Bluetooth: hci3: command tx timeout [ 236.790403] Bluetooth: hci4: command tx timeout [ 236.854429] Bluetooth: hci5: command tx timeout [ 236.854906] Bluetooth: hci7: command tx timeout [ 277.661450] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 277.662094] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 277.907441] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 277.908116] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 278.574067] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 278.575883] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 278.775474] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 278.776112] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 278.947639] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 278.948253] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 279.068869] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 279.069516] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 279.212693] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 279.213570] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 279.397389] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 279.398022] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 279.575751] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 279.576573] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 279.744993] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 279.745787] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 279.818707] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 279.819392] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 279.881848] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 279.882503] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 280.036184] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 280.037152] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 280.172889] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 280.173675] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 280.558113] audit: type=1400 audit(1729206036.414:8): avc: denied { open } for pid=10638 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 280.560007] audit: type=1400 audit(1729206036.414:9): avc: denied { kernel } for pid=10638 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 280.580344] hrtimer: interrupt took 30117 ns 23:00:36 executing program 0: perf_event_open(&(0x7f0000001840)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_EEE_SET(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)={0x2c, r1, 0x1, 0x0, 0x0, {0x2}, [@ETHTOOL_A_EEE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x2c}}, 0x0) 23:00:36 executing program 2: perf_event_open(&(0x7f0000001840)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_opts(r0, 0x29, 0x18, 0x0, &(0x7f0000000300)) 23:00:36 executing program 6: ioperm(0x0, 0x6d1f, 0x8) ioprio_get$pid(0x3, 0x0) 23:00:36 executing program 4: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x7c01, 0x401a012, r0, 0x0) 23:00:36 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) lseek(r0, 0x1000000000000004, 0x1) 23:00:36 executing program 5: r0 = openat$random(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)={0xfffffffc}) 23:00:37 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2) write$binfmt_aout(r0, 0x0, 0x125) 23:00:37 executing program 7: r0 = syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000180)=0x40) fstat(r0, &(0x7f0000000040)) 23:00:37 executing program 5: r0 = openat$random(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)={0xfffffffc}) 23:00:37 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) recvmsg(r0, &(0x7f0000002a40)={&(0x7f0000002580)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @empty}}}, 0x80, 0x0}, 0x2041) 23:00:37 executing program 6: ioperm(0x0, 0x6d1f, 0x8) ioprio_get$pid(0x3, 0x0) 23:00:37 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x4000920) creat(&(0x7f00000001c0)='./file0/file0\x00', 0x0) inotify_add_watch(r0, &(0x7f00000000c0)='./file0/file0\x00', 0x80000008) creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) 23:00:37 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) lsetxattr(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)=@known='system.posix_acl_access\x00', &(0x7f0000000140)='@\x00', 0x2, 0x0) 23:00:37 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/arp\x00') pread64(r0, &(0x7f0000000040)=""/50, 0x32, 0x234) 23:00:37 executing program 0: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="2211807541b1"], 0x90) open_tree(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file0\x00', 0x80100) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, 0x0, 0xfe82) r1 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000340)=0xeed, 0x4) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={0x0, @l2={0x1f, 0x8, @any, 0x0, 0x2}, @isdn={0x22, 0xff, 0x1}, @ax25={0x3, @default, 0x8}, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x88eb, 0x20}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) creat(&(0x7f0000000100)='./file1\x00', 0x1) sendfile(r2, r3, 0x0, 0x10000027f) 23:00:37 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r0, &(0x7f0000000040)=[{&(0x7f0000000300)="dd", 0x1}], 0x1, 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) 23:00:37 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) accept4$bt_l2cap(r0, 0x0, 0x0, 0x0) 23:00:37 executing program 5: r0 = openat$random(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)={0xfffffffc}) 23:00:37 executing program 4: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000000080)=@ethtool_gstrings={0x1b, 0x5}}) 23:00:37 executing program 6: ioperm(0x0, 0x6d1f, 0x8) ioprio_get$pid(0x3, 0x0) 23:00:37 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/arp\x00') pread64(r0, &(0x7f0000000040)=""/50, 0x32, 0x234) 23:00:37 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) fcntl$lock(r0, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x9, 0x8}) fcntl$lock(r0, 0x6, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) 23:00:37 executing program 4: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000000080)=@ethtool_gstrings={0x1b, 0x5}}) 23:00:37 executing program 1: r0 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000000080)={{}, {0x1, @local}, 0x7a, {0x2, 0x0, @private}, 'wlan0\x00'}) 23:00:37 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x17f}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_config_ext={0x1, 0x40}, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x1, 0x0, @loopback}, 0x1c) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x1c1042, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/diskstats\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x10000027f) socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000007c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000280)={0xa, 0x4e21, 0x0, @mcast1, 0x1000}, 0x1c, 0x0, 0x0, &(0x7f00000005c0)=[@pktinfo={{0x24, 0x29, 0x32, {@private2}}}], 0x28}}], 0x2, 0x0) 23:00:37 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000000040)=0x2, 0x4) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000000000)=0x6, 0x4) 23:00:37 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/arp\x00') pread64(r0, &(0x7f0000000040)=""/50, 0x32, 0x234) 23:00:37 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)={0x14, 0x1e, 0x1, 0x0, 0x0, "", [@typed={0x5, 0x0, 0x0, 0x0, @binary}]}, 0x14}], 0x1}, 0x0) [ 282.692228] syz-executor.1 uses obsolete (PF_INET,SOCK_PACKET) [ 295.868917] Bluetooth: hci6: command 0x0406 tx timeout [ 308.705201] watchdog: BUG: soft lockup - CPU#0 stuck for 26s! [syz-executor.0:10694] [ 308.705989] Modules linked in: [ 308.706282] irq event stamp: 2899037 [ 308.706605] hardirqs last enabled at (2899036): [] irqentry_exit+0x3b/0x90 [ 308.707374] hardirqs last disabled at (2899037): [] sysvec_apic_timer_interrupt+0xf/0x80 [ 308.709327] softirqs last enabled at (2898070): [] handle_softirqs+0x50c/0x770 [ 308.711070] softirqs last disabled at (2898073): [] irq_exit_rcu+0x94/0xc0 [ 308.713192] CPU: 0 UID: 0 PID: 10694 Comm: syz-executor.0 Not tainted 6.12.0-rc3-next-20241016 #1 [ 308.714907] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 308.716073] RIP: 0010:get_stack_info+0x16/0xa0 [ 308.716505] Code: 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 41 54 49 89 d4 55 48 89 cd 53 65 48 8b 1d 4a ea f9 7e <48> 85 f6 74 03 48 89 f3 48 85 ff 74 62 4c 89 e2 48 89 de e8 e2 2c [ 308.717983] RSP: 0018:ffff88806ce095b8 EFLAGS: 00000246 [ 308.718451] RAX: dffffc0000000000 RBX: ffff88800b6dd280 RCX: ffff88806ce09648 [ 308.719047] RDX: ffff88806ce09628 RSI: ffff88800b6dd280 RDI: ffff88806ce095d8 [ 308.719647] RBP: ffff88806ce09648 R08: 0000000000000001 R09: 0000000000000000 [ 308.720252] R10: ffff88806ce09628 R11: 00000000ffffffff R12: ffff88806ce09628 [ 308.720849] R13: ffff88806ce09650 R14: ffff88806ce09670 R15: ffff88806ce09628 [ 308.721448] FS: 00007fd6f3cda700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 308.722121] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 308.722622] CR2: 00007faea0c91b80 CR3: 00000000159c0000 CR4: 0000000000350ef0 [ 308.723220] Call Trace: [ 308.723456] [ 308.723663] ? watchdog_timer_fn+0x3ee/0x510 [ 308.724078] ? __pfx_watchdog_timer_fn+0x10/0x10 [ 308.724520] ? __hrtimer_run_queues+0x57c/0xa70 [ 308.724965] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 308.725415] ? ktime_get_update_offsets_now+0x260/0x3c0 [ 308.725926] ? hrtimer_interrupt+0x2f2/0x750 [ 308.726358] ? __sysvec_apic_timer_interrupt+0xc2/0x390 [ 308.726838] ? sysvec_apic_timer_interrupt+0x34/0x80 [ 308.727310] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 308.727835] ? get_stack_info+0x16/0xa0 [ 308.728221] ? __asan_memset+0x24/0x50 [ 308.728602] __unwind_start+0x4aa/0x7c0 [ 308.728973] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 308.729479] arch_stack_walk+0x63/0xf0 [ 308.729869] ? __unwind_start+0x592/0x7c0 [ 308.730260] stack_trace_save+0x8f/0xc0 [ 308.730648] ? __pfx_stack_trace_save+0x10/0x10 [ 308.731089] ? srso_return_thunk+0x5/0x5f [ 308.731507] kasan_save_stack+0x24/0x50 [ 308.731910] ? srso_return_thunk+0x5/0x5f [ 308.732310] ? stack_trace_save+0x8f/0xc0 [ 308.732714] ? srso_return_thunk+0x5/0x5f [ 308.733119] ? stack_depot_save_flags+0x2c/0x900 [ 308.733570] ? srso_return_thunk+0x5/0x5f [ 308.733986] ? srso_return_thunk+0x5/0x5f [ 308.734386] ? kasan_save_stack+0x34/0x50 [ 308.734784] ? kasan_save_stack+0x24/0x50 [ 308.735186] ? kasan_save_track+0x14/0x30 [ 308.735583] ? __kasan_slab_alloc+0x59/0x70 [ 308.735978] ? kmem_cache_alloc_node_noprof+0x14c/0x3e0 [ 308.736473] ? kmalloc_reserve+0x189/0x2b0 [ 308.736879] ? __alloc_skb+0x162/0x370 [ 308.737237] ? ndisc_alloc_skb+0x133/0x330 [ 308.737636] ? ndisc_send_rs+0x223/0x540 [ 308.738023] ? addrconf_rs_timer+0x2e7/0x7a0 [ 308.738436] ? call_timer_fn+0x198/0x5c0 [ 308.738823] ? __run_timer_base.part.0+0x688/0x950 [ 308.739281] ? run_timer_softirq+0xf9/0x1d0 [ 308.739692] ? handle_softirqs+0x1b1/0x770 [ 308.740075] ? irq_exit_rcu+0x94/0xc0 [ 308.740418] ? sysvec_apic_timer_interrupt+0x70/0x80 [ 308.740878] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 308.741364] ? mas_next_slot+0x741/0x1ac0 [ 308.741732] ? mas_find+0x2c6/0x550 [ 308.742063] ? acct_collect+0x1db/0x880 [ 308.742441] ? do_exit+0x7b5/0x2a30 [ 308.742785] ? do_group_exit+0xd3/0x2a0 [ 308.743152] ? get_signal+0x219f/0x23d0 [ 308.743506] ? arch_do_signal_or_restart+0x81/0x780 [ 308.743959] ? syscall_exit_to_user_mode+0x123/0x1e0 [ 308.744426] ? do_syscall_64+0xcc/0x1d0 [ 308.744785] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.745274] ? srso_return_thunk+0x5/0x5f [ 308.745669] kasan_save_track+0x14/0x30 [ 308.746048] __kasan_slab_alloc+0x59/0x70 [ 308.746422] kmem_cache_alloc_noprof+0x13d/0x3d0 [ 308.746852] ? srso_return_thunk+0x5/0x5f [ 308.747260] __alloc_object+0x2f/0x270 [ 308.747615] __create_object+0x1d/0x80 [ 308.747979] kmem_cache_alloc_node_noprof+0x311/0x3e0 [ 308.748443] ? __create_object+0x59/0x80 [ 308.748806] ? kmalloc_reserve+0x189/0x2b0 [ 308.749207] kmalloc_reserve+0x189/0x2b0 [ 308.749596] __alloc_skb+0x162/0x370 [ 308.749937] ? __pfx___alloc_skb+0x10/0x10 [ 308.750319] ? srso_return_thunk+0x5/0x5f [ 308.750714] ? mark_held_locks+0x9e/0xe0 [ 308.751113] ndisc_alloc_skb+0x133/0x330 [ 308.751500] ndisc_send_rs+0x223/0x540 [ 308.751885] addrconf_rs_timer+0x2e7/0x7a0 [ 308.752282] ? trace_lock_acquire+0x137/0x1b0 [ 308.752694] ? __pfx_addrconf_rs_timer+0x10/0x10 [ 308.753131] ? srso_return_thunk+0x5/0x5f [ 308.753525] ? lock_acquire+0x32/0xc0 [ 308.753891] ? call_timer_fn+0x124/0x5c0 [ 308.754280] ? __pfx_addrconf_rs_timer+0x10/0x10 [ 308.754711] call_timer_fn+0x198/0x5c0 [ 308.755080] ? lock_release+0x20f/0x6f0 [ 308.755462] ? __pfx_call_timer_fn+0x10/0x10 [ 308.755875] ? __pfx_lock_release+0x10/0x10 [ 308.756288] ? srso_return_thunk+0x5/0x5f [ 308.756682] ? mark_held_locks+0x9e/0xe0 [ 308.757064] ? timer_recalc_next_expiry+0x260/0x2f0 [ 308.757526] ? __pfx_addrconf_rs_timer+0x10/0x10 [ 308.757960] __run_timer_base.part.0+0x688/0x950 [ 308.758420] ? __pfx___run_timer_base.part.0+0x10/0x10 [ 308.758894] ? srso_return_thunk+0x5/0x5f [ 308.759286] ? srso_return_thunk+0x5/0x5f [ 308.759682] ? ktime_get+0x171/0x270 [ 308.760051] ? srso_return_thunk+0x5/0x5f [ 308.760444] ? srso_return_thunk+0x5/0x5f [ 308.760835] ? clockevents_program_event+0x135/0x360 [ 308.761310] ? srso_return_thunk+0x5/0x5f [ 308.761711] run_timer_softirq+0xf9/0x1d0 [ 308.762107] handle_softirqs+0x1b1/0x770 [ 308.762486] irq_exit_rcu+0x94/0xc0 [ 308.762817] sysvec_apic_timer_interrupt+0x70/0x80 [ 308.763268] [ 308.763474] [ 308.763685] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 308.764166] RIP: 0010:mas_next_slot+0x741/0x1ac0 [ 308.764586] Code: ff 89 de e8 71 81 d6 fc 84 db 0f 85 39 0c 00 00 e8 94 7e d6 fc 4c 89 ff e8 bc ef ff ff 31 ff 89 c3 89 c6 e8 b1 81 d6 fc 85 db <0f> 85 ad 0a 00 00 e8 74 7e d6 fc 48 8b 44 24 68 83 44 24 28 01 80 [ 308.766016] RSP: 0018:ffff88803fd1f9f0 EFLAGS: 00000246 [ 308.766473] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff847afd9f [ 308.767058] RDX: ffff88800b6dd280 RSI: 0000000000000000 RDI: 0000000000000005 [ 308.767644] RBP: ffff888035449c00 R08: 0000000000000001 R09: ffffed1002bc1966 [ 308.768237] R10: 0000000000000000 R11: ffff88800b6dd728 R12: 0000000000000007 [ 308.768822] R13: ffff888035449c00 R14: dffffc0000000000 R15: ffff88803fd1fb28 [ 308.769424] ? mas_next_slot+0x73f/0x1ac0 [ 308.769833] mas_find+0x2c6/0x550 [ 308.770159] acct_collect+0x1db/0x880 [ 308.770526] ? lock_release+0x20f/0x6f0 [ 308.770907] ? __pfx_acct_collect+0x10/0x10 [ 308.771309] ? srso_return_thunk+0x5/0x5f [ 308.771702] ? exit_itimers+0x364/0x460 [ 308.772101] do_exit+0x7b5/0x2a30 [ 308.772440] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 308.772922] ? srso_return_thunk+0x5/0x5f [ 308.773319] ? __pfx_do_exit+0x10/0x10 [ 308.773701] do_group_exit+0xd3/0x2a0 [ 308.774067] get_signal+0x219f/0x23d0 [ 308.774410] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 308.774890] ? srso_return_thunk+0x5/0x5f [ 308.775283] ? __call_rcu_common.constprop.0+0x604/0xaa0 [ 308.775777] ? srso_return_thunk+0x5/0x5f [ 308.776188] ? __pfx_get_signal+0x10/0x10 [ 308.776556] ? srso_return_thunk+0x5/0x5f [ 308.776950] ? __schedule+0xd88/0x2f50 [ 308.777329] arch_do_signal_or_restart+0x81/0x780 [ 308.777769] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 308.778285] syscall_exit_to_user_mode+0x123/0x1e0 [ 308.778744] do_syscall_64+0xcc/0x1d0 [ 308.779095] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.779560] RIP: 0033:0x7fd6f6785b19 [ 308.779896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 308.781324] RSP: 002b:00007fd6f3cda188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 308.781956] RAX: 0000000000000005 RBX: 00007fd6f6899020 RCX: 00007fd6f6785b19 [ 308.782546] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020000280 [ 308.783130] RBP: 00007fd6f67dff6d R08: 0000000000000000 R09: 0000000000000000 [ 308.783717] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 308.784313] R13: 00007ffe9b86c7bf R14: 00007fd6f3cda300 R15: 0000000000022000 [ 308.784929] [ 308.785143] Sending NMI from CPU 0 to CPUs 1: [ 308.785542] NMI backtrace for cpu 1 [ 308.785578] CPU: 1 UID: 0 PID: 822 Comm: kworker/u10:7 Not tainted 6.12.0-rc3-next-20241016 #1 [ 308.785646] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 308.785681] Workqueue: events_unbound cfg80211_wiphy_work [ 308.785742] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x80 [ 308.785832] Code: c0 e9 dc f4 32 03 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 34 24 <65> 48 8b 15 90 2a b2 7e 65 8b 05 91 2a b2 7e a9 00 01 ff 00 74 27 [ 308.785888] RSP: 0018:ffff888015f57980 EFLAGS: 00000297 [ 308.785931] RAX: 0000000000000000 RBX: 0000000000000008 RCX: ffffffff845d1749 [ 308.785969] RDX: ffff888016e73700 RSI: ffffffff845d1757 RDI: 0000000000000006 [ 308.786007] RBP: 0000000000000000 R08: 0000000000000001 R09: ffff888016e74138 [ 308.786045] R10: 000000000000000c R11: 0000000000000116 R12: 0000000000000008 [ 308.786081] R13: 000000000000000c R14: ffff88803ecdb088 R15: 000000000000000a [ 308.786122] FS: 0000000000000000(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 308.786174] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 308.786216] CR2: 00007faea0d3d4c0 CR3: 0000000019776000 CR4: 0000000000350ef0 [ 308.786255] Call Trace: [ 308.786269] [ 308.786288] ? nmi_cpu_backtrace+0x179/0x260 [ 308.786390] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 308.786486] ? nmi_handle+0x1a1/0x550 [ 308.786579] ? __sanitizer_cov_trace_pc+0x8/0x80 [ 308.786661] ? __sanitizer_cov_trace_pc+0x8/0x80 [ 308.786744] ? default_do_nmi+0x64/0x1c0 [ 308.786819] ? exc_nmi+0x188/0x1c0 [ 308.786889] ? end_repeat_nmi+0xf/0x53 [ 308.786988] ? ieee80211_sta_get_rates+0x309/0x5e0 [ 308.787074] ? ieee80211_sta_get_rates+0x317/0x5e0 [ 308.787160] ? __sanitizer_cov_trace_pc+0x8/0x80 [ 308.787244] ? __sanitizer_cov_trace_pc+0x8/0x80 [ 308.787330] ? __sanitizer_cov_trace_pc+0x8/0x80 [ 308.787414] [ 308.787430] [ 308.787447] ieee80211_sta_get_rates+0x317/0x5e0 [ 308.787544] ieee80211_ibss_rx_queued_mgmt+0x1092/0x2f90 [ 308.787626] ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10 [ 308.787693] ? srso_return_thunk+0x5/0x5f [ 308.787788] ? srso_return_thunk+0x5/0x5f [ 308.787894] ? find_held_lock+0x2c/0x110 [ 308.787967] ? kcov_remote_start+0x2bf/0x5b0 [ 308.788052] ? srso_return_thunk+0x5/0x5f [ 308.788146] ? lock_release+0x20f/0x6f0 [ 308.788248] ? srso_return_thunk+0x5/0x5f [ 308.788342] ? mark_held_locks+0x9e/0xe0 [ 308.788437] ? srso_return_thunk+0x5/0x5f [ 308.788531] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 308.788630] ? srso_return_thunk+0x5/0x5f [ 308.788732] ieee80211_iface_work+0xb5f/0xe40 [ 308.788798] ? remove_waiter+0xa90/0xf90 [ 308.788865] cfg80211_wiphy_work+0x38d/0x610 [ 308.788929] process_one_work+0x8ee/0x1a00 [ 308.789021] ? __pfx_process_one_work+0x10/0x10 [ 308.789095] ? srso_return_thunk+0x5/0x5f [ 308.789189] ? move_linked_works+0x172/0x270 [ 308.789286] ? srso_return_thunk+0x5/0x5f [ 308.789380] ? assign_work+0x196/0x240 [ 308.789456] worker_thread+0x674/0xe70 [ 308.789529] ? lockdep_hardirqs_on_prepare+0x262/0x3f0 [ 308.789636] ? __pfx_worker_thread+0x10/0x10 [ 308.789713] kthread+0x2c2/0x3a0 [ 308.789802] ? srso_return_thunk+0x5/0x5f [ 308.789896] ? __pfx_kthread+0x10/0x10 [ 308.789990] ret_from_fork+0x48/0x80 [ 308.790069] ? __pfx_kthread+0x10/0x10 [ 308.790162] ret_from_fork_asm+0x1a/0x30 [ 308.790256] VM DIAGNOSIS: 23:01:04 Registers: info registers vcpu 0 RAX=0000000000000061 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8262d465 RDI=ffffffff886610c0 RBP=ffffffff88661080 RSP=ffff88806ce08e00 R8 =0000000000000000 R9 =ffffed1001d69046 R10=0000000000000061 R11=7371726974666f73 R12=0000000000000061 R13=ffffffff88661080 R14=0000000000000010 R15=ffffffff8262d450 RIP=ffffffff8262d4bd RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fd6f3cda700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007faea0c91b80 CR3=00000000159c0000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=33a4839f839fd3cf1a7f652a15bd79e3 XMM02=672fa93e95e430f3b2e698914b670dfb XMM03=c75d06400b0d7db36bf82130be5413a7 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=0d0c0f0e09080b0a0504070601000302 XMM07=0e0d0c0f0a09080b0605040702010003 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000072861 RBX=0000000000000001 RCX=ffffffff848238d7 RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff812ad1ed RBP=dffffc0000000000 RSP=ffff8880096c7e68 R8 =0000000000000001 R9 =ffffed100d9e6c70 R10=ffff88806cf36383 R11=0000000000000000 R12=ffffffff863f2748 R13=1ffff110012d8fd2 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff8482487e RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007faea0d3d4c0 CR3=0000000019776000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=000000000000000041714dab00000000 XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000