last executing test programs: 13.089600879s ago: executing program 3 (id=349): syz_open_dev$usbmon(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) clock_adjtime(0x0, &(0x7f00000001c0)) 11.882310606s ago: executing program 3 (id=359): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003090000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000001b00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000000c0)='jbd2_write_superblock\x00', r2}, 0x10) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000000c0)='jbd2_write_superblock\x00', r4}, 0x10) ioctl$TUNSETOFFLOAD(r0, 0x40086607, 0x20001412) 10.199658588s ago: executing program 3 (id=364): ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$UFFDIO_UNREGISTER(0xffffffffffffffff, 0xc018aa06, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket(0x0, 0x0, 0x0) socket(0x0, 0x0, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000000300)=0x20000) keyctl$chown(0x4, 0x0, 0xee01, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) keyctl$setperm(0x5, 0x0, 0x0) openat$cuse(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0) 9.15502603s ago: executing program 3 (id=370): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='ext4_ext_remove_space_done\x00'}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_ext_remove_space_done\x00', r2}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff000000000200000009"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=@acquire={0x130, 0x17, 0x1, 0x0, 0x0, {{@in6=@private0}, @in6=@remote, {@in=@remote, @in6=@private0}, {{@in6=@private2, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee00}}}, [@XFRMA_IF_ID={0x8, 0x1f, 0x2}]}, 0x130}}, 0x0) r3 = socket$kcm(0x10, 0x2, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) 8.494146015s ago: executing program 3 (id=373): bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x10, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x90}, [@func, @call, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70) 8.414009113s ago: executing program 3 (id=374): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000840)=ANY=[@ANYBLOB="6000000010000305030000000000000000cf0000", @ANYRES32=0x0, @ANYBLOB="43000000000000003000128008000100677265002400028008000600ac14140008000700e00000010500130000000000050008002000000008000500"], 0x60}}, 0x0) 7.157034404s ago: executing program 1 (id=382): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYRES32], 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00'}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) flistxattr(r3, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001540)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10) ioctl$KVM_RUN(r4, 0xae80, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r6, &(0x7f0000000200), 0xf000) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r5, 0x0) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x32600) ioctl$VT_RESIZEX(0xffffffffffffffff, 0x4b4b, &(0x7f0000000280)={0x0, 0x1, 0x9, 0x0, 0x6}) ioctl$sock_inet_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000040)={'veth1_to_bridge\x00'}) 6.107418573s ago: executing program 4 (id=385): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat$loop(r0, &(0x7f00000002c0)='./file1\x00', 0x0, 0x0) chdir(&(0x7f00000003c0)='./bus\x00') linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0) mknodat(0xffffffffffffff9c, &(0x7f00000005c0)='./file5\x00', 0x0, 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000a00)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file5\x00', 0x2) 5.93225486s ago: executing program 1 (id=387): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x0, 0x100004, 0x220104, 0xb, 0x1}, 0x48) bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f00000000c0)={r0, &(0x7f0000000380), 0x0}, 0x20) 5.829053056s ago: executing program 4 (id=388): syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x0) r0 = syz_io_uring_setup(0x18b0, &(0x7f0000000280)={0x0, 0x0, 0x10100}, &(0x7f0000000200), &(0x7f0000000340)=0x0) syz_io_uring_setup(0x1868, &(0x7f00000003c0), &(0x7f0000001240)=0x0, &(0x7f0000001200)) syz_io_uring_submit(r2, r1, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r0, 0x184c, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x1868, &(0x7f00000003c0), &(0x7f0000000000)=0x0, &(0x7f0000000280)) syz_io_uring_submit(r3, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(0xffffffffffffffff, 0x184c, 0x0, 0x0, 0x0, 0x0) 5.697565576s ago: executing program 1 (id=389): socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r4, 0x0, 0x7, 0x0) write$P9_RWRITE(r4, &(0x7f0000000040)={0xb}, 0x11000) write(r4, &(0x7f0000000140)='i', 0x1) read(r3, &(0x7f0000019440)=""/102391, 0x18ff7) dup2(r1, r2) 5.416743971s ago: executing program 4 (id=391): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) accept$netrom(0xffffffffffffffff, 0x0, 0x0) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000480)={'filter\x00', 0x1001, 0x4, 0x3e0, 0x0, 0x1f0, 0x0, 0x2f8, 0x2f8, 0x2f8, 0x4, 0x0, {[{{@uncond, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE2={0x28}}, {{@arp={@loopback, @dev, 0x0, 0x0, 0x0, 0x0, {@mac=@local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'bond0\x00', 'ip6tnl0\x00'}, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x430) 4.90037692s ago: executing program 0 (id=394): syz_io_uring_setup(0x0, &(0x7f0000000400), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r1 = socket$inet6_udp(0xa, 0x2, 0x0) syz_usb_connect(0x4, 0x24, 0x0, 0x0) sendto$inet6(r1, 0x0, 0x3e, 0x0, &(0x7f0000000380)={0xa, 0x4e1e, 0x0, @local}, 0x1c) 4.093498318s ago: executing program 1 (id=396): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2) syz_usb_connect(0x0, 0x3f, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000d0918108ac051582188f0000000109022d00010000000009040000030b08000009058d67c8002a000009050502000000000009058b6e", @ANYRESOCT], 0x0) sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x0, 0x0, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x600, 0x0, 0x2}]}) write$nci(0xffffffffffffffff, 0x0, 0x5) 3.904942042s ago: executing program 0 (id=397): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat$loop(r0, &(0x7f00000002c0)='./file1\x00', 0x0, 0x0) chdir(&(0x7f00000003c0)='./bus\x00') linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0) mknodat(0xffffffffffffff9c, &(0x7f00000005c0)='./file5\x00', 0x0, 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000a00)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file5\x00', 0x2) 3.539843628s ago: executing program 0 (id=398): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x0, 0x100004, 0x220104, 0xb, 0x1}, 0x48) bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f00000000c0)={r0, &(0x7f0000000380), 0x0}, 0x20) 3.266122417s ago: executing program 4 (id=399): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001500), r2) sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r2, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001540)={0x14, r3, 0x601, 0x0, 0x0, {0x2b}}, 0x14}}, 0x0) 3.117330998s ago: executing program 0 (id=400): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000fc020000000000000000000000000000ff02000000000000000000000000000100000000000000000a"], 0xb8}}, 0x0) sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="6501000014"], 0x188}}, 0x0) 2.6359356s ago: executing program 2 (id=402): mlockall(0x1) r0 = msgget$private(0x0, 0x0) msgrcv(r0, 0x0, 0x0, 0x0, 0x0) rt_sigreturn() msgctl$IPC_RMID(r0, 0x0) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) openat$cgroup(0xffffffffffffff9c, 0x0, 0x200002, 0x0) 1.989455483s ago: executing program 4 (id=403): syz_open_dev$usbmon(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) clock_adjtime(0x0, &(0x7f00000001c0)) 1.728447082s ago: executing program 0 (id=404): r0 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fff, 0x2) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1}) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x1) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000200)=@overlay={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "12848098"}}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000140)=@multiplanar_mmap={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "a730b801"}, 0x0, 0x1, {0x0}}) 1.336412165s ago: executing program 0 (id=405): socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r4, 0x0, 0x7, 0x0) write$P9_RWRITE(r4, &(0x7f0000000040)={0xb}, 0x11000) write(r4, &(0x7f0000000140)='i', 0x1) read(r3, &(0x7f0000019440)=""/102391, 0x18ff7) dup2(r1, r2) 1.29388586s ago: executing program 1 (id=406): syz_io_uring_setup(0x0, &(0x7f0000000400), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r1 = socket$inet6_udp(0xa, 0x2, 0x0) syz_usb_connect(0x4, 0x24, 0x0, 0x0) sendto$inet6(r1, 0x0, 0x3e, 0x0, &(0x7f0000000380)={0xa, 0x4e1e, 0x0, @local}, 0x1c) 657.610951ms ago: executing program 2 (id=407): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000000)=0x6, 0x4) bind$inet6(r0, &(0x7f0000d84000), 0x23) sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) 572.891693ms ago: executing program 2 (id=408): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat$loop(r0, &(0x7f00000002c0)='./file1\x00', 0x0, 0x0) chdir(&(0x7f00000003c0)='./bus\x00') linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0) mknodat(0xffffffffffffff9c, &(0x7f00000005c0)='./file5\x00', 0x0, 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000a00)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file5\x00', 0x2) 524.278258ms ago: executing program 4 (id=409): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x0, 0x0, 0x9}) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x10, r0, 0x100000000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) syz_open_procfs(0x0, &(0x7f0000000180)='timerslack_ns\x00') syz_usb_connect(0x0, 0x24, &(0x7f0000000700)={{0x12, 0x1, 0x0, 0x9, 0x77, 0x57, 0x40, 0x711, 0x200, 0x36e7, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x92, 0xe8, 0xf8}}]}}]}}, 0x0) 306.264128ms ago: executing program 1 (id=410): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e22, @remote}, 0x10) syz_emit_ethernet(0x32, &(0x7f0000000100)={@link_local, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @remote, @multicast1}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0) r1 = socket$inet6(0xa, 0x3, 0xff) syz_emit_ethernet(0x46, &(0x7f0000000340)=ANY=[@ANYRES32=r1], 0x0) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000040)=0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) getpgrp(r2) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x8d}, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) futex(&(0x7f0000001300)=0x80000001, 0x800000000006, 0x0, 0x0, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000480)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='l%\x86\xce6\xdb\f\xcf\x19|\xc9O\x7f\xce\x8f\x7f\x1c\xeay\x06\x00\x00\x00\a0\r\x13\xaa\x84r\xd7^\xe82\x0f\x1a\xf1\x02\x00\x1e&{\xee2\x95I\xca\xbevl\x12\xb6 \xd4') prctl$PR_SET_SECCOMP(0x10, 0x0, 0x0) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) signalfd(0xffffffffffffffff, 0x0, 0x0) connect$inet6(r1, &(0x7f0000000440)={0xa, 0x0, 0x2b, @ipv4={'\x00', '\xff\xff', @remote}, 0x400}, 0x1c) syz_open_dev$tty1(0xc, 0x4, 0x1) setresuid(0x0, 0xee01, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000100)=@security={'security\x00', 0xe, 0x2, 0x2b0, 0xffffffff, 0x0, 0x1c8, 0xc0, 0xffffffff, 0xffffffff, 0x2a8, 0x2a8, 0x2a8, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@AUDIT={0x28}}, {{@ip={@multicast1, @private, 0x0, 0x0, 'veth1_to_team\x00', 'veth0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}, {{@ip={@local, @private, 0x0, 0x0, 'team0\x00', 'wlan0\x00'}, 0x0, 0x70, 0xb0}, @common=@unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "90617ae6e2ad43980c3bec242f9040a700efba1f7ef6f77096db813f042b"}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x310) getitimer(0xe, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="1800010000000000000000000000000085000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$PTP_CLOCK_GETCAPS(r4, 0x43403d0e, 0x0) 257.644005ms ago: executing program 2 (id=411): r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) capset(&(0x7f0000000000), &(0x7f0000000180)) ioctl$SG_IO(r0, 0x2285, &(0x7f00000005c0)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x3, 0x0}, &(0x7f0000000240)="a88d7acda0b2", 0x0, 0x0, 0x0, 0x0, 0x0}) 127.083768ms ago: executing program 2 (id=412): r0 = socket$inet(0x2, 0x2, 0x1) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'xfrm0\x00'}) sendmsg$inet(r0, 0x0, 0x0) 0s ago: executing program 2 (id=413): prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000fc020000000000000000000000000000ff02000000000000000000000000000100000000000000000a"], 0xb8}}, 0x0) sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="6501000014"], 0x188}}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.55' (ED25519) to the list of known hosts. [ 65.547717][ T5073] cgroup: Unknown subsys name 'net' [ 65.746827][ T5073] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 67.479742][ T5073] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 68.324105][ T5086] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 68.341889][ T5096] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 68.351836][ T5096] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 68.359968][ T5096] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 68.367645][ T5096] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 68.373750][ T5098] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 68.376277][ T5096] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 68.390717][ T5096] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 68.395293][ T5099] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 68.398441][ T5096] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 68.405759][ T5098] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 68.413905][ T5096] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 68.421809][ T5098] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 68.426578][ T5096] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 68.438396][ T5098] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 68.442420][ T5099] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 68.446898][ T5100] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 68.454702][ T5099] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 68.461914][ T5098] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 68.469433][ T5099] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 68.482440][ T5100] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 68.483727][ T5099] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 68.494959][ T5101] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 68.504446][ T5100] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 68.512179][ T5101] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 68.513009][ T5099] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 68.526653][ T5096] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 68.534054][ T5101] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 68.538908][ T5099] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 68.548646][ T5102] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 69.188547][ T5088] chnl_net:caif_netlink_parms(): no params data found [ 69.329229][ T5085] chnl_net:caif_netlink_parms(): no params data found [ 69.340554][ T5082] chnl_net:caif_netlink_parms(): no params data found [ 69.371927][ T5087] chnl_net:caif_netlink_parms(): no params data found [ 69.402755][ T5083] chnl_net:caif_netlink_parms(): no params data found [ 69.432688][ T5088] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.440386][ T5088] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.451636][ T5088] bridge_slave_0: entered allmulticast mode [ 69.458964][ T5088] bridge_slave_0: entered promiscuous mode [ 69.476399][ T5088] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.483550][ T5088] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.490925][ T5088] bridge_slave_1: entered allmulticast mode [ 69.498603][ T5088] bridge_slave_1: entered promiscuous mode [ 69.673547][ T5088] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.727750][ T5088] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.746477][ T5085] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.753810][ T5085] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.761279][ T5085] bridge_slave_0: entered allmulticast mode [ 69.769904][ T5085] bridge_slave_0: entered promiscuous mode [ 69.788521][ T5082] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.795740][ T5082] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.804196][ T5082] bridge_slave_0: entered allmulticast mode [ 69.811872][ T5082] bridge_slave_0: entered promiscuous mode [ 69.864084][ T5085] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.871469][ T5085] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.878948][ T5085] bridge_slave_1: entered allmulticast mode [ 69.886005][ T5085] bridge_slave_1: entered promiscuous mode [ 69.907069][ T5082] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.914255][ T5082] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.921629][ T5082] bridge_slave_1: entered allmulticast mode [ 69.929320][ T5082] bridge_slave_1: entered promiscuous mode [ 69.964952][ T5088] team0: Port device team_slave_0 added [ 69.972128][ T5083] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.979445][ T5083] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.987951][ T5083] bridge_slave_0: entered allmulticast mode [ 69.995016][ T5083] bridge_slave_0: entered promiscuous mode [ 70.015430][ T5087] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.023730][ T5087] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.031877][ T5087] bridge_slave_0: entered allmulticast mode [ 70.039603][ T5087] bridge_slave_0: entered promiscuous mode [ 70.048703][ T5087] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.055977][ T5087] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.063675][ T5087] bridge_slave_1: entered allmulticast mode [ 70.071204][ T5087] bridge_slave_1: entered promiscuous mode [ 70.093658][ T5088] team0: Port device team_slave_1 added [ 70.113809][ T5083] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.121197][ T5083] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.129133][ T5083] bridge_slave_1: entered allmulticast mode [ 70.136945][ T5083] bridge_slave_1: entered promiscuous mode [ 70.175976][ T5082] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.189909][ T5082] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.225978][ T5085] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.262717][ T5088] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.269874][ T5088] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.296230][ T5088] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.321760][ T5085] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.355127][ T5087] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.379255][ T5088] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.386454][ T5088] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.412876][ T5088] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.427114][ T5083] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.451645][ T5087] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.464331][ T5082] team0: Port device team_slave_0 added [ 70.474050][ T5082] team0: Port device team_slave_1 added [ 70.488512][ T5083] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.500898][ T5085] team0: Port device team_slave_0 added [ 70.510107][ T5085] team0: Port device team_slave_1 added [ 70.587084][ T4480] Bluetooth: hci4: command tx timeout [ 70.593114][ T5099] Bluetooth: hci2: command tx timeout [ 70.625222][ T5082] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.632544][ T5082] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.663973][ T5082] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.664028][ T4480] Bluetooth: hci0: command tx timeout [ 70.674797][ T53] Bluetooth: hci3: command tx timeout [ 70.685890][ T5099] Bluetooth: hci1: command tx timeout [ 70.694333][ T5082] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.701926][ T5082] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.728357][ T5082] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.763100][ T5085] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.770334][ T5085] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.796540][ T5085] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.809879][ T5085] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.817064][ T5085] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.843031][ T5085] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.858628][ T5087] team0: Port device team_slave_0 added [ 70.875308][ T5088] hsr_slave_0: entered promiscuous mode [ 70.882989][ T5088] hsr_slave_1: entered promiscuous mode [ 70.894204][ T5083] team0: Port device team_slave_0 added [ 70.923080][ T5087] team0: Port device team_slave_1 added [ 70.957188][ T5087] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.964306][ T5087] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.991958][ T5087] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 71.006805][ T5083] team0: Port device team_slave_1 added [ 71.043329][ T5085] hsr_slave_0: entered promiscuous mode [ 71.050164][ T5085] hsr_slave_1: entered promiscuous mode [ 71.060698][ T5085] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 71.068693][ T5085] Cannot create hsr debugfs directory [ 71.090445][ T5087] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.097625][ T5087] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.124650][ T5087] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 71.210958][ T5083] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 71.218242][ T5083] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.244956][ T5083] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 71.259025][ T5083] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.266357][ T5083] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.292833][ T5083] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 71.329615][ T5082] hsr_slave_0: entered promiscuous mode [ 71.336409][ T5082] hsr_slave_1: entered promiscuous mode [ 71.342790][ T5082] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 71.350950][ T5082] Cannot create hsr debugfs directory [ 71.496618][ T5087] hsr_slave_0: entered promiscuous mode [ 71.503093][ T5087] hsr_slave_1: entered promiscuous mode [ 71.509805][ T5087] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 71.517738][ T5087] Cannot create hsr debugfs directory [ 71.563804][ T5083] hsr_slave_0: entered promiscuous mode [ 71.573856][ T5083] hsr_slave_1: entered promiscuous mode [ 71.580352][ T5083] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 71.588148][ T5083] Cannot create hsr debugfs directory [ 71.707300][ T1250] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.714287][ T1250] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.065338][ T5085] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 72.080063][ T5085] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 72.091344][ T5085] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 72.116828][ T5085] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 72.192166][ T5088] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 72.218423][ T5088] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 72.243707][ T5088] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 72.257424][ T5088] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 72.332977][ T5082] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 72.344480][ T5082] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 72.362867][ T5082] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 72.386365][ T5082] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 72.514989][ T5085] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.536177][ T5083] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 72.559487][ T5083] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 72.584587][ T5083] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 72.599361][ T5083] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 72.658235][ T5099] Bluetooth: hci4: command tx timeout [ 72.663956][ T53] Bluetooth: hci2: command tx timeout [ 72.695938][ T5088] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.736306][ T53] Bluetooth: hci0: command tx timeout [ 72.741783][ T53] Bluetooth: hci3: command tx timeout [ 72.747783][ T53] Bluetooth: hci1: command tx timeout [ 72.759573][ T5085] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.779821][ T5087] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 72.798956][ T5087] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 72.813295][ T5087] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 72.832943][ T5094] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.840468][ T5094] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.862534][ T5087] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 72.881440][ T5094] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.888649][ T5094] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.911633][ T5088] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.970104][ T5094] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.977330][ T5094] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.030422][ T5136] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.037670][ T5136] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.122076][ T5082] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.184602][ T5082] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.261339][ T5136] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.268591][ T5136] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.295923][ T5083] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.351389][ T5094] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.358642][ T5094] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.470099][ T5083] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.533675][ T5085] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.556859][ T5138] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.564222][ T5138] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.582874][ T5087] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.626897][ T5139] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.634075][ T5139] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.750711][ T5087] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.798748][ T5094] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.806006][ T5094] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.850867][ T5138] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.858068][ T5138] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.880849][ T5085] veth0_vlan: entered promiscuous mode [ 73.950851][ T5088] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.969466][ T5085] veth1_vlan: entered promiscuous mode [ 73.998103][ T5082] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.144006][ T5085] veth0_macvtap: entered promiscuous mode [ 74.172053][ T5085] veth1_macvtap: entered promiscuous mode [ 74.241776][ T5088] veth0_vlan: entered promiscuous mode [ 74.304211][ T5085] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.321871][ T5085] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.366962][ T5082] veth0_vlan: entered promiscuous mode [ 74.374019][ T5088] veth1_vlan: entered promiscuous mode [ 74.391137][ T5085] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.401908][ T5085] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.413425][ T5085] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.427780][ T5085] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.469342][ T5082] veth1_vlan: entered promiscuous mode [ 74.523558][ T5083] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.604809][ T5087] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.663058][ T5088] veth0_macvtap: entered promiscuous mode [ 74.700229][ T5082] veth0_macvtap: entered promiscuous mode [ 74.715045][ T5088] veth1_macvtap: entered promiscuous mode [ 74.736306][ T5099] Bluetooth: hci2: command tx timeout [ 74.741776][ T5099] Bluetooth: hci4: command tx timeout [ 74.804839][ T5082] veth1_macvtap: entered promiscuous mode [ 74.817156][ T5099] Bluetooth: hci1: command tx timeout [ 74.822615][ T5099] Bluetooth: hci3: command tx timeout [ 74.827112][ T53] Bluetooth: hci0: command tx timeout [ 74.845862][ T5088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.868079][ T5088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.884514][ T5088] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.922543][ T5087] veth0_vlan: entered promiscuous mode [ 74.928809][ T1105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.937220][ T1105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.992296][ T5088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.004195][ T5088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.018784][ T5088] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.030836][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.042688][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.053345][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.064656][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.078695][ T5082] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.113292][ T5088] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.122320][ T5088] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.131502][ T5088] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.141928][ T5088] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.154152][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.167604][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.178093][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.189592][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.201668][ T5082] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.222051][ T5087] veth1_vlan: entered promiscuous mode [ 75.226442][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.252983][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.259900][ T5082] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.269704][ T5082] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.279055][ T5082] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.291010][ T5082] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.413482][ T5087] veth0_macvtap: entered promiscuous mode [ 75.489093][ T5087] veth1_macvtap: entered promiscuous mode [ 75.552342][ T5083] veth0_vlan: entered promiscuous mode [ 75.640011][ T1105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.649037][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.657333][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.663559][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.675643][ T1105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.682858][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.697095][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.708557][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.719616][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.733693][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.745636][ T5087] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.760547][ T5083] veth1_vlan: entered promiscuous mode [ 75.813313][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.844570][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.859331][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.869990][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.880038][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.890971][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.904618][ T5087] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.964506][ T5087] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.980812][ T5087] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.992216][ T5087] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.002399][ T5087] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.038878][ T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.056708][ T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.058632][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.074758][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.197305][ T5083] veth0_macvtap: entered promiscuous mode [ 76.273156][ T5083] veth1_macvtap: entered promiscuous mode [ 76.357655][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.365531][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.394203][ T5083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.420326][ T5083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.434598][ T5083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.451949][ T5083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.464218][ T5083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.482117][ T5083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.492710][ T5083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.529819][ T5083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.562611][ T5083] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.602638][ T5083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.619124][ T5083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.635268][ T5083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.653094][ T5083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.665670][ T5083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.684214][ T5083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.694567][ T5083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.712049][ T5083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.733197][ T5083] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.754716][ T5189] ip6gretap0 speed is unknown, defaulting to 1000 [ 76.771780][ T5083] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.781714][ T5083] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.792476][ T5083] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.816544][ T4480] Bluetooth: hci4: command tx timeout [ 76.823269][ T53] Bluetooth: hci2: command tx timeout [ 76.849720][ T5083] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.896592][ T4480] Bluetooth: hci3: command tx timeout [ 76.902182][ T53] Bluetooth: hci0: command tx timeout [ 76.908175][ T53] Bluetooth: hci1: command tx timeout [ 76.922748][ T5189] ip6gretap0 speed is unknown, defaulting to 1000 [ 76.926270][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.938565][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.002527][ T5189] ip6gretap0 speed is unknown, defaulting to 1000 [ 77.033303][ T5189] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 77.156903][ T5189] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 77.292930][ T2417] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.331877][ T2417] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.345909][ T5189] ip6gretap0 speed is unknown, defaulting to 1000 [ 77.461897][ T5189] ip6gretap0 speed is unknown, defaulting to 1000 [ 77.493934][ T5189] ip6gretap0 speed is unknown, defaulting to 1000 [ 77.521874][ T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.552317][ T5189] ip6gretap0 speed is unknown, defaulting to 1000 [ 77.555001][ T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.626236][ T5189] ip6gretap0 speed is unknown, defaulting to 1000 [ 78.036926][ T5140] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 78.171164][ T5225] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 78.265278][ T5140] usb 3-1: Using ep0 maxpacket: 32 [ 78.291829][ T5140] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 78.324321][ T5140] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 78.375821][ T5140] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 78.391834][ T5140] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 78.487437][ T5140] hub 3-1:4.0: USB hub found [ 78.555304][ C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 78.786756][ T5140] hub 3-1:4.0: 2 ports detected [ 78.791743][ T5140] usb 3-1: selecting invalid altsetting 1 [ 78.823879][ T5140] hub 3-1:4.0: Using single TT (err -22) [ 78.978438][ T5140] hub 3-1:4.0: hub_hub_status failed (err = -71) [ 79.021825][ T5140] hub 3-1:4.0: config failed, can't get hub status (err -71) [ 79.089370][ T5140] usb 3-1: USB disconnect, device number 2 [ 79.578326][ T5267] workqueue: name exceeds WQ_NAME_LEN. Truncating to: C|+i!‡3§rU&6 bÎOo¸ ' 1© [ 80.110370][ T29] audit: type=1800 audit(1719743572.952:2): pid=5279 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.35" name="bus" dev="sda1" ino=1964 res=0 errno=0 [ 80.156919][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 80.302180][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 80.710351][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 81.106620][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 81.137643][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 81.199499][ T9] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 81.416421][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 81.426753][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 81.443230][ T9] usb 3-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 81.468443][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 81.488315][ T9] usb 3-1: Product: syz [ 81.492712][ T9] usb 3-1: Manufacturer: syz [ 81.503456][ T9] usb 3-1: SerialNumber: syz [ 81.558872][ T9] usb 3-1: config 0 descriptor?? [ 81.590738][ T9] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 81.646153][ T8] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 81.863748][ T8] usb 5-1: config 0 has an invalid interface number: 18 but max is 0 [ 81.880883][ T8] usb 5-1: config 0 has no interface number 0 [ 81.896608][ T8] usb 5-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 81.918869][ T8] usb 5-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 81.976675][ T8] usb 5-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10 [ 82.016884][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 82.069865][ T8] usb 5-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 82.083949][ T8] usb 5-1: Manufacturer: syz [ 82.105974][ T8] usb 5-1: config 0 descriptor?? [ 82.656953][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 82.962495][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 83.088893][ T8] input: syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.18/0003:054C:03D5.0001/input/input5 [ 83.258747][ T9] gspca_stk1135: reg_w 0x200 err -71 [ 83.265159][ T9] gspca_stk1135: serial bus timeout: status=0x00 [ 83.278475][ T8] sony 0003:054C:03D5.0001: input,hidraw0: USB HID v0.00 Joystick [syz] on usb-dummy_hcd.4-1/input18 [ 83.336075][ T9] gspca_stk1135: Sensor write failed [ 83.361872][ T9] gspca_stk1135: serial bus timeout: status=0x00 [ 83.382791][ T9] gspca_stk1135: Sensor write failed [ 83.400295][ T9] gspca_stk1135: serial bus timeout: status=0x00 [ 83.437986][ T9] gspca_stk1135: Sensor read failed [ 83.451671][ T9] gspca_stk1135: serial bus timeout: status=0x00 [ 83.698666][ T9] gspca_stk1135: Sensor read failed [ 83.704080][ T9] gspca_stk1135: Detected sensor type unknown (0x0) [ 83.711495][ T9] gspca_stk1135: serial bus timeout: status=0x00 [ 83.717898][ T9] gspca_stk1135: Sensor read failed [ 83.723158][ T9] gspca_stk1135: serial bus timeout: status=0x00 [ 83.729590][ T9] gspca_stk1135: Sensor read failed [ 83.734840][ T9] gspca_stk1135: serial bus timeout: status=0x00 [ 83.908475][ T25] IPVS: starting estimator thread 0... [ 84.305063][ T9] gspca_stk1135: Sensor write failed [ 84.354605][ T9] gspca_stk1135: serial bus timeout: status=0x00 [ 84.410073][ T9] gspca_stk1135: Sensor write failed [ 84.457224][ T9] stk1135 3-1:0.0: probe with driver stk1135 failed with error -71 [ 84.640026][ T9] usb 3-1: USB disconnect, device number 3 [ 84.756270][ T5326] IPVS: using max 19 ests per chain, 45600 per kthread [ 84.886724][ T25] usb 5-1: reset high-speed USB device number 2 using dummy_hcd [ 85.081384][ T5345] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 85.435040][ T5350] debugfs: Directory 'C|+i!‡3§rU&6 bÎOo¸ ' 1©|y' with parent 'ieee80211' already present! [ 85.771848][ T5144] usb 5-1: USB disconnect, device number 2 [ 86.606369][ T5138] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 86.989428][ T5138] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 87.021027][ T5138] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 4 [ 87.040414][ T5138] usb 1-1: New USB device found, idVendor=05ac, idProduct=921c, bcdDevice=9d.fb [ 87.144613][ T45] cfg80211: failed to load regulatory.db [ 87.178287][ T5138] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.214735][ T5138] usb 1-1: config 0 descriptor?? [ 87.242827][ T5138] appledisplay 1-1:0.0: Could not find int-in endpoint [ 87.262885][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 87.264881][ T5138] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 87.392117][ T29] audit: type=1326 audit(1719743580.382:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5379 comm="syz.4.70" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f370a975b99 code=0x0 [ 87.575182][ T5138] usb 1-1: USB disconnect, device number 2 [ 87.766357][ T8] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 88.006292][ T8] usb 5-1: Using ep0 maxpacket: 8 [ 88.053198][ T8] usb 5-1: config index 0 descriptor too short (expected 5924, got 36) [ 88.076254][ T8] usb 5-1: config 250 has an invalid interface number: 228 but max is -1 [ 88.095743][ T8] usb 5-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 88.126499][ T8] usb 5-1: config 250 has no interface number 0 [ 88.152149][ T8] usb 5-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 88.206723][ T8] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 88.236135][ T8] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 26 [ 88.265432][ T8] usb 5-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 88.318613][ T8] usb 5-1: config 250 interface 228 has no altsetting 0 [ 88.350991][ T8] usb 5-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 88.378634][ T8] usb 5-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 88.405875][ T8] usb 5-1: Product: syz [ 88.431902][ T8] usb 5-1: SerialNumber: syz [ 88.460076][ T8] hub 5-1:250.228: bad descriptor, ignoring hub [ 88.474526][ T8] hub 5-1:250.228: probe with driver hub failed with error -5 [ 88.687971][ T8] usblp 5-1:250.228: usblp0: USB Bidirectional printer dev 3 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 89.065852][ C1] usblp0: nonzero read bulk status received: -71 [ 89.323002][ T5410] vlan2: entered allmulticast mode [ 89.344453][ T29] audit: type=1800 audit(1719743582.332:4): pid=5412 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.81" name="bus" dev="sda1" ino=1969 res=0 errno=0 [ 89.441737][ T5144] usb 5-1: USB disconnect, device number 3 [ 89.508100][ T8] IPVS: starting estimator thread 0... [ 89.647655][ T5418] IPVS: using max 14 ests per chain, 33600 per kthread [ 90.251346][ T5144] usblp0: removed [ 91.113877][ T5427] sysfs: cannot create duplicate filename '/class/ieee80211/C|+i!‡3§rU&6 bÎOo¸ ' 1©|y' [ 91.126554][ T5427] CPU: 0 PID: 5427 Comm: syz.1.86 Not tainted 6.10.0-rc5-syzkaller-00282-g8282d5af7be8 #0 [ 91.136497][ T5427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 91.146569][ T5427] Call Trace: [ 91.149852][ T5427] [ 91.152784][ T5427] dump_stack_lvl+0x241/0x360 [ 91.157504][ T5427] ? __pfx_dump_stack_lvl+0x10/0x10 [ 91.162728][ T5427] ? __pfx__printk+0x10/0x10 [ 91.167337][ T5427] ? sysfs_warn_dup+0x51/0xa0 [ 91.172016][ T5427] ? kmalloc_trace_noprof+0x19c/0x2c0 [ 91.177401][ T5427] sysfs_warn_dup+0x8e/0xa0 [ 91.181997][ T5427] sysfs_do_create_link_sd+0xbe/0x110 [ 91.187389][ T5427] device_add_class_symlinks+0x1c5/0x250 [ 91.193087][ T5427] device_add+0x553/0xbf0 [ 91.197446][ T5427] wiphy_register+0x1d3f/0x2b30 [ 91.202346][ T5427] ? __pfx_wiphy_register+0x10/0x10 [ 91.207737][ T5427] ? minstrel_ht_alloc+0x72b/0x860 [ 91.212893][ T5427] ? ieee80211_init_rate_ctrl_alg+0x5a2/0x620 [ 91.219091][ T5427] ieee80211_register_hw+0x3098/0x3d80 [ 91.224587][ T5427] ? ieee80211_register_hw+0x1161/0x3d80 [ 91.230700][ T5427] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 91.236629][ T5427] ? kasan_check_range+0x79/0x290 [ 91.241851][ T5427] ? __asan_memset+0x23/0x50 [ 91.246457][ T5427] ? __hrtimer_init+0x170/0x250 [ 91.251338][ T5427] mac80211_hwsim_new_radio+0x2597/0x44c0 [ 91.257132][ T5427] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 91.263244][ T5427] ? kmalloc_node_track_caller_noprof+0x242/0x440 [ 91.269782][ T5427] ? kstrndup+0x5c/0xb0 [ 91.273971][ T5427] ? __asan_memcpy+0x40/0x70 [ 91.278599][ T5427] hwsim_new_radio_nl+0xe4c/0x21d0 [ 91.283737][ T5427] ? __pfx___nla_validate_parse+0x10/0x10 [ 91.289475][ T5427] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 91.295087][ T5427] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 91.301458][ T5427] genl_rcv_msg+0xb14/0xec0 [ 91.305970][ T5427] ? mark_lock+0x9a/0x350 [ 91.310326][ T5427] ? __pfx_genl_rcv_msg+0x10/0x10 [ 91.315382][ T5427] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 91.321296][ T5427] ? __pfx_lock_acquire+0x10/0x10 [ 91.326356][ T5427] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 91.332100][ T5427] ? __pfx___might_resched+0x10/0x10 [ 91.337413][ T5427] netlink_rcv_skb+0x1e3/0x430 [ 91.342198][ T5427] ? __pfx_genl_rcv_msg+0x10/0x10 [ 91.347233][ T5427] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 91.352629][ T5427] ? __netlink_deliver_tap+0x77e/0x7c0 [ 91.358302][ T5427] genl_rcv+0x28/0x40 [ 91.362315][ T5427] netlink_unicast+0x7ea/0x980 [ 91.367103][ T5427] ? __pfx_netlink_unicast+0x10/0x10 [ 91.372395][ T5427] ? __virt_addr_valid+0x183/0x520 [ 91.377613][ T5427] ? __check_object_size+0x49c/0x900 [ 91.382904][ T5427] ? bpf_lsm_netlink_send+0x9/0x10 [ 91.388126][ T5427] netlink_sendmsg+0x8db/0xcb0 [ 91.392944][ T5427] ? __pfx_netlink_sendmsg+0x10/0x10 [ 91.398291][ T5427] ? __import_iovec+0x536/0x820 [ 91.403164][ T5427] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 91.408553][ T5427] ? security_socket_sendmsg+0x87/0xb0 [ 91.414051][ T5427] ? __pfx_netlink_sendmsg+0x10/0x10 [ 91.419350][ T5427] __sock_sendmsg+0x221/0x270 [ 91.424175][ T5427] ____sys_sendmsg+0x525/0x7d0 [ 91.428972][ T5427] ? __pfx_____sys_sendmsg+0x10/0x10 [ 91.434287][ T5427] __sys_sendmsg+0x2b0/0x3a0 [ 91.438907][ T5427] ? __pfx___sys_sendmsg+0x10/0x10 [ 91.444063][ T5427] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 91.450400][ T5427] ? do_syscall_64+0x100/0x230 [ 91.455182][ T5427] ? do_syscall_64+0xb6/0x230 [ 91.459873][ T5427] do_syscall_64+0xf3/0x230 [ 91.464394][ T5427] ? clear_bhb_loop+0x35/0x90 [ 91.469095][ T5427] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.475266][ T5427] RIP: 0033:0x7fd7e1975b99 [ 91.479698][ T5427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 91.499484][ T5427] RSP: 002b:00007fd7e270a048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 91.508004][ T5427] RAX: ffffffffffffffda RBX: 00007fd7e1b04078 RCX: 00007fd7e1975b99 [ 91.516083][ T5427] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000006 [ 91.524055][ T5427] RBP: 00007fd7e19f677e R08: 0000000000000000 R09: 0000000000000000 [ 91.532045][ T5427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 91.540735][ T5427] R13: 000000000000006e R14: 00007fd7e1b04078 R15: 00007fff293f8638 [ 91.548804][ T5427] [ 93.513652][ T5452] xt_NFQUEUE: number of total queues is 0 [ 95.493425][ T5475] netlink: 12 bytes leftover after parsing attributes in process `syz.2.100'. [ 96.036153][ T5484] sysfs: cannot create duplicate filename '/class/ieee80211/C|+i!‡3§rU&6 bÎOo¸ ' 1©|y' [ 96.054717][ T5484] CPU: 0 PID: 5484 Comm: syz.1.105 Not tainted 6.10.0-rc5-syzkaller-00282-g8282d5af7be8 #0 [ 96.064874][ T5484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 96.075396][ T5484] Call Trace: [ 96.078693][ T5484] [ 96.081649][ T5484] dump_stack_lvl+0x241/0x360 [ 96.086385][ T5484] ? __pfx_dump_stack_lvl+0x10/0x10 [ 96.091612][ T5484] ? __pfx__printk+0x10/0x10 [ 96.096236][ T5484] ? sysfs_warn_dup+0x51/0xa0 [ 96.100941][ T5484] ? kmalloc_trace_noprof+0x19c/0x2c0 [ 96.106423][ T5484] sysfs_warn_dup+0x8e/0xa0 [ 96.111115][ T5484] sysfs_do_create_link_sd+0xbe/0x110 [ 96.116506][ T5484] device_add_class_symlinks+0x1c5/0x250 [ 96.122271][ T5484] device_add+0x553/0xbf0 [ 96.126806][ T5484] wiphy_register+0x1d3f/0x2b30 [ 96.131799][ T5484] ? __pfx_wiphy_register+0x10/0x10 [ 96.137015][ T5484] ? minstrel_ht_alloc+0x72b/0x860 [ 96.142186][ T5484] ? ieee80211_init_rate_ctrl_alg+0x5a2/0x620 [ 96.148389][ T5484] ieee80211_register_hw+0x3098/0x3d80 [ 96.153885][ T5484] ? ieee80211_register_hw+0x1161/0x3d80 [ 96.159538][ T5484] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 96.165479][ T5484] ? __asan_memset+0x23/0x50 [ 96.170174][ T5484] ? __hrtimer_init+0x170/0x250 [ 96.175221][ T5484] mac80211_hwsim_new_radio+0x2597/0x44c0 [ 96.181006][ T5484] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 96.187133][ T5484] ? kmalloc_node_track_caller_noprof+0x242/0x440 [ 96.193567][ T5484] ? kstrndup+0x5c/0xb0 [ 96.197746][ T5484] ? __asan_memcpy+0x40/0x70 [ 96.202359][ T5484] hwsim_new_radio_nl+0xe4c/0x21d0 [ 96.207515][ T5484] ? __pfx___nla_validate_parse+0x10/0x10 [ 96.213259][ T5484] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 96.218947][ T5484] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 96.225302][ T5484] genl_rcv_msg+0xb14/0xec0 [ 96.229819][ T5484] ? mark_lock+0x9a/0x350 [ 96.234198][ T5484] ? __pfx_genl_rcv_msg+0x10/0x10 [ 96.239351][ T5484] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 96.245296][ T5484] ? __pfx_lock_acquire+0x10/0x10 [ 96.250365][ T5484] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 96.256061][ T5484] ? __pfx___might_resched+0x10/0x10 [ 96.261492][ T5484] netlink_rcv_skb+0x1e3/0x430 [ 96.266306][ T5484] ? __pfx_genl_rcv_msg+0x10/0x10 [ 96.271347][ T5484] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 96.276779][ T5484] ? __netlink_deliver_tap+0x77e/0x7c0 [ 96.282368][ T5484] ? netlink_deliver_tap+0x5f/0x1b0 [ 96.287863][ T5484] genl_rcv+0x28/0x40 [ 96.291860][ T5484] netlink_unicast+0x7ea/0x980 [ 96.296764][ T5484] ? __pfx_netlink_unicast+0x10/0x10 [ 96.302061][ T5484] ? __virt_addr_valid+0x183/0x520 [ 96.307196][ T5484] ? __check_object_size+0x49c/0x900 [ 96.312497][ T5484] ? bpf_lsm_netlink_send+0x9/0x10 [ 96.317629][ T5484] netlink_sendmsg+0x8db/0xcb0 [ 96.322519][ T5484] ? __pfx_netlink_sendmsg+0x10/0x10 [ 96.327834][ T5484] ? __import_iovec+0x536/0x820 [ 96.332790][ T5484] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 96.338095][ T5484] ? security_socket_sendmsg+0x87/0xb0 [ 96.343676][ T5484] ? __pfx_netlink_sendmsg+0x10/0x10 [ 96.348978][ T5484] __sock_sendmsg+0x221/0x270 [ 96.353668][ T5484] ____sys_sendmsg+0x525/0x7d0 [ 96.358460][ T5484] ? __pfx_____sys_sendmsg+0x10/0x10 [ 96.363779][ T5484] __sys_sendmsg+0x2b0/0x3a0 [ 96.368475][ T5484] ? __pfx___sys_sendmsg+0x10/0x10 [ 96.373643][ T5484] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 96.379985][ T5484] ? do_syscall_64+0x100/0x230 [ 96.384773][ T5484] ? do_syscall_64+0xb6/0x230 [ 96.389652][ T5484] do_syscall_64+0xf3/0x230 [ 96.394376][ T5484] ? clear_bhb_loop+0x35/0x90 [ 96.399079][ T5484] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 96.404991][ T5484] RIP: 0033:0x7fd7e1975b99 [ 96.409601][ T5484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 96.429487][ T5484] RSP: 002b:00007fd7e270a048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 96.438013][ T5484] RAX: ffffffffffffffda RBX: 00007fd7e1b04078 RCX: 00007fd7e1975b99 [ 96.446110][ T5484] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000006 [ 96.454213][ T5484] RBP: 00007fd7e19f677e R08: 0000000000000000 R09: 0000000000000000 [ 96.462281][ T5484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 96.470262][ T5484] R13: 000000000000006e R14: 00007fd7e1b04078 R15: 00007fff293f8638 [ 96.478269][ T5484] [ 97.423280][ T5497] xt_NFQUEUE: number of total queues is 0 [ 97.966274][ T9] usb 5-1: new full-speed USB device number 4 using dummy_hcd [ 98.238958][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 200, setting to 64 [ 98.271061][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 98.312077][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 64 [ 98.366149][ T9] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.18 [ 98.415898][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 98.498032][ T9] usb 5-1: config 0 descriptor?? [ 98.522527][ T5502] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 98.566455][ T5502] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 98.839634][ T5511] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 99.407087][ T5518] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 99.418905][ T29] audit: type=1804 audit(1719743592.382:5): pid=5518 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.1.116" name="/root/syzkaller.pLV5KF/22/bus" dev="sda1" ino=1970 res=1 errno=0 [ 99.418967][ T29] audit: type=1804 audit(1719743592.392:6): pid=5518 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.1.116" name="/root/syzkaller.pLV5KF/22/bus" dev="sda1" ino=1970 res=1 errno=0 [ 99.440254][ C1] vkms_vblank_simulate: vblank timer overrun [ 99.706257][ T4480] Bluetooth: hci5: Opcode 0x0c03 failed: -71 [ 99.708808][ T5140] usb 5-1: USB disconnect, device number 4 [ 99.729801][ T5519] netlink: 14568 bytes leftover after parsing attributes in process `syz.3.113'. [ 100.282120][ T5523] netlink: 12 bytes leftover after parsing attributes in process `syz.0.117'. [ 101.327198][ T8] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 101.339319][ T5534] xt_NFQUEUE: number of total queues is 0 [ 101.624953][ T5542] netlink: 8 bytes leftover after parsing attributes in process `syz.3.125'. [ 101.782338][ T4480] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 101.792233][ T4480] Bluetooth: hci2: Injecting HCI hardware error event [ 101.801852][ T4480] Bluetooth: hci2: hardware error 0x00 [ 101.871067][ T8] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 101.920649][ T8] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 101.974419][ T5548] sysfs: cannot create duplicate filename '/class/ieee80211/C|+i!‡3§rU&6 bÎOo¸ ' 1©|y' [ 101.985334][ T5548] CPU: 0 PID: 5548 Comm: syz.3.126 Not tainted 6.10.0-rc5-syzkaller-00282-g8282d5af7be8 #0 [ 101.995377][ T5548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 102.005464][ T5548] Call Trace: [ 102.008772][ T5548] [ 102.011731][ T5548] dump_stack_lvl+0x241/0x360 [ 102.016462][ T5548] ? __pfx_dump_stack_lvl+0x10/0x10 [ 102.021725][ T5548] ? __pfx__printk+0x10/0x10 [ 102.026359][ T5548] ? sysfs_warn_dup+0x51/0xa0 [ 102.031061][ T5548] ? kmalloc_trace_noprof+0x19c/0x2c0 [ 102.036513][ T5548] sysfs_warn_dup+0x8e/0xa0 [ 102.041048][ T5548] sysfs_do_create_link_sd+0xbe/0x110 [ 102.046464][ T5548] device_add_class_symlinks+0x1c5/0x250 [ 102.052196][ T5548] device_add+0x553/0xbf0 [ 102.056562][ T5548] wiphy_register+0x1d3f/0x2b30 [ 102.061457][ T5548] ? __pfx_wiphy_register+0x10/0x10 [ 102.066694][ T5548] ? minstrel_ht_alloc+0x72b/0x860 [ 102.071836][ T5548] ? ieee80211_init_rate_ctrl_alg+0x5a2/0x620 [ 102.078029][ T5548] ieee80211_register_hw+0x3098/0x3d80 [ 102.083520][ T5548] ? ieee80211_register_hw+0x1161/0x3d80 [ 102.089177][ T5548] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 102.095009][ T5548] ? __asan_memset+0x23/0x50 [ 102.099623][ T5548] ? __hrtimer_init+0x170/0x250 [ 102.104493][ T5548] mac80211_hwsim_new_radio+0x2597/0x44c0 [ 102.110262][ T5548] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 102.116370][ T5548] ? kmalloc_node_track_caller_noprof+0x242/0x440 [ 102.122844][ T5548] ? kstrndup+0x5c/0xb0 [ 102.127136][ T5548] ? __asan_memcpy+0x40/0x70 [ 102.131781][ T5548] hwsim_new_radio_nl+0xe4c/0x21d0 [ 102.137021][ T5548] ? __pfx___nla_validate_parse+0x10/0x10 [ 102.142795][ T5548] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 102.148395][ T5548] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 102.154743][ T5548] genl_rcv_msg+0xb14/0xec0 [ 102.159259][ T5548] ? mark_lock+0x9a/0x350 [ 102.163611][ T5548] ? __pfx_genl_rcv_msg+0x10/0x10 [ 102.168672][ T5548] ? __pfx_lock_acquire+0x10/0x10 [ 102.173717][ T5548] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 102.179405][ T5548] ? __pfx___might_resched+0x10/0x10 [ 102.184714][ T5548] netlink_rcv_skb+0x1e3/0x430 [ 102.189789][ T5548] ? __pfx_genl_rcv_msg+0x10/0x10 [ 102.194915][ T5548] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 102.200416][ T5548] ? __netlink_deliver_tap+0x77e/0x7c0 [ 102.205917][ T5548] genl_rcv+0x28/0x40 [ 102.209914][ T5548] netlink_unicast+0x7ea/0x980 [ 102.214712][ T5548] ? __pfx_netlink_unicast+0x10/0x10 [ 102.220103][ T5548] ? __virt_addr_valid+0x183/0x520 [ 102.225240][ T5548] ? __check_object_size+0x49c/0x900 [ 102.230719][ T5548] ? bpf_lsm_netlink_send+0x9/0x10 [ 102.235892][ T5548] netlink_sendmsg+0x8db/0xcb0 [ 102.240736][ T5548] ? __pfx_netlink_sendmsg+0x10/0x10 [ 102.246058][ T5548] ? __pfx_bpf_lsm_socket_sendmsg+0x10/0x10 [ 102.252248][ T5548] ? tomoyo_socket_sendmsg_permission+0x12e/0x420 [ 102.258684][ T5548] ? __pfx_inet6_sendmsg+0x10/0x10 [ 102.263824][ T5548] ? __pfx_netlink_sendmsg+0x10/0x10 [ 102.269130][ T5548] __sock_sendmsg+0x221/0x270 [ 102.273851][ T5548] ____sys_sendmsg+0x525/0x7d0 [ 102.278654][ T5548] ? __pfx_____sys_sendmsg+0x10/0x10 [ 102.283985][ T5548] __sys_sendmsg+0x2b0/0x3a0 [ 102.288690][ T5548] ? __pfx___sys_sendmsg+0x10/0x10 [ 102.293865][ T5548] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 102.300209][ T5548] ? do_syscall_64+0x100/0x230 [ 102.305000][ T5548] ? do_syscall_64+0xb6/0x230 [ 102.309700][ T5548] do_syscall_64+0xf3/0x230 [ 102.314231][ T5548] ? clear_bhb_loop+0x35/0x90 [ 102.318939][ T5548] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.324926][ T5548] RIP: 0033:0x7f4e99575b99 [ 102.329384][ T5548] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 102.349378][ T5548] RSP: 002b:00007f4e9a3e2048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 102.357838][ T5548] RAX: ffffffffffffffda RBX: 00007f4e99704150 RCX: 00007f4e99575b99 [ 102.365858][ T5548] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000006 [ 102.373864][ T5548] RBP: 00007f4e995f677e R08: 0000000000000000 R09: 0000000000000000 [ 102.381937][ T5548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 102.389923][ T5548] R13: 000000000000006e R14: 00007f4e99704150 R15: 00007ffff3e85fa8 [ 102.397922][ T5548] [ 102.551805][ T8] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 102.566759][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 102.601281][ T8] usb 5-1: SerialNumber: syz [ 102.865733][ T8] usb 5-1: 0:2 : does not exist [ 102.872212][ T8] usb 5-1: unit 255 not found! [ 103.026425][ T8] usb 5-1: USB disconnect, device number 5 [ 103.427784][ T5561] binder: transaction release 7 bad handle 1, ret = -22 [ 103.444712][ T5287] udevd[5287]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 103.456350][ T53] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 103.471854][ T53] Bluetooth: hci3: Injecting HCI hardware error event [ 103.481750][ T53] Bluetooth: hci3: hardware error 0x00 [ 103.648866][ T9] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 103.774098][ T5144] IPVS: starting estimator thread 0... [ 103.856186][ T4480] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 103.876177][ T5566] IPVS: using max 18 ests per chain, 43200 per kthread [ 103.878759][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 200, setting to 64 [ 104.026332][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 104.066486][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 64 [ 104.086124][ T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.18 [ 104.105653][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.138537][ T9] usb 1-1: config 0 descriptor?? [ 104.144931][ T5556] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 104.171494][ T5556] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 104.598122][ T5577] netlink: 16 bytes leftover after parsing attributes in process `syz.4.136'. [ 104.630573][ T5577] netlink: 8 bytes leftover after parsing attributes in process `syz.4.136'. [ 104.752053][ T5573] xt_NFQUEUE: number of total queues is 0 [ 104.909428][ T4480] Bluetooth: hci5: Opcode 0x0c03 failed: -71 [ 104.911385][ T8] usb 1-1: USB disconnect, device number 3 [ 105.189505][ T5586] netlink: 14568 bytes leftover after parsing attributes in process `syz.1.132'. [ 105.296211][ T4480] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 105.304965][ T4480] Bluetooth: hci4: Injecting HCI hardware error event [ 105.313230][ T4480] Bluetooth: hci4: hardware error 0x00 [ 105.397631][ T29] audit: type=1804 audit(1719743598.382:7): pid=5582 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.3.137" name="/root/syzkaller.iBYbIp/34/bus" dev="sda1" ino=1966 res=1 errno=0 [ 105.486352][ T29] audit: type=1804 audit(1719743598.382:8): pid=5582 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.3.137" name="/root/syzkaller.iBYbIp/34/bus" dev="sda1" ino=1966 res=1 errno=0 [ 105.506978][ C1] vkms_vblank_simulate: vblank timer overrun [ 105.543538][ T53] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 105.675520][ T5600] binder: transaction release 18 bad handle 1, ret = -22 [ 105.792543][ T5138] IPVS: starting estimator thread 0... [ 105.799209][ T45] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 105.874343][ T5606] debugfs: Directory 'C|+i!‡3§rU&6 bÎOo¸ ' 1©|y' with parent 'ieee80211' already present! [ 105.916205][ T5605] IPVS: using max 24 ests per chain, 57600 per kthread [ 106.008336][ T45] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 106.033845][ T45] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 106.062927][ T45] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 106.085455][ T45] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 106.116489][ T45] usb 5-1: SerialNumber: syz [ 106.369151][ T45] usb 5-1: 0:2 : does not exist [ 106.385609][ T45] usb 5-1: unit 255 not found! [ 106.452801][ T45] usb 5-1: USB disconnect, device number 6 [ 106.742507][ T5287] udevd[5287]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 107.202471][ T5614] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 107.576267][ T4480] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 108.418153][ T5144] IPVS: starting estimator thread 0... [ 108.526319][ T5638] IPVS: using max 15 ests per chain, 36000 per kthread [ 108.680777][ T5094] usb 4-1: new full-speed USB device number 2 using dummy_hcd [ 108.878938][ T5094] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 200, setting to 64 [ 108.906149][ T5094] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 108.936060][ T5094] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 64 [ 108.957420][ T5094] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.18 [ 108.986090][ T5094] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.008754][ T5094] usb 4-1: config 0 descriptor?? [ 109.018880][ T5629] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 109.040311][ T5629] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 109.168595][ T5140] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 109.345768][ T5645] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 109.411935][ T5140] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 109.443293][ T5140] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 109.489438][ T5140] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 109.513434][ T5140] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 109.553214][ T5140] usb 2-1: SerialNumber: syz [ 109.570973][ T4480] Bluetooth: hci5: Opcode 0x0c03 failed: -71 [ 109.582815][ T5138] usb 4-1: USB disconnect, device number 2 [ 109.747424][ T5653] netlink: 14568 bytes leftover after parsing attributes in process `syz.2.156'. [ 109.871428][ T5140] usb 2-1: 0:2 : does not exist [ 109.891128][ T5140] usb 2-1: unit 255 not found! [ 109.943358][ T5140] usb 2-1: USB disconnect, device number 2 [ 110.255018][ T5658] xt_NFQUEUE: number of total queues is 0 [ 110.269837][ T5287] udevd[5287]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 110.786765][ T5661] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 111.614757][ T5671] debugfs: Directory 'C|+i!‡3§rU&6 bÎOo¸ ' 1©|y' with parent 'ieee80211' already present! [ 112.514770][ T5693] netlink: 16126 bytes leftover after parsing attributes in process `syz.3.169'. [ 112.524095][ T5693] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.169'. [ 113.252407][ T5677] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 113.836524][ T5699] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 114.546297][ T5716] xt_NFQUEUE: number of total queues is 0 [ 115.236362][ T5725] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 116.457076][ T5741] netlink: 14568 bytes leftover after parsing attributes in process `syz.3.180'. [ 116.780088][ T5747] netlink: 16126 bytes leftover after parsing attributes in process `syz.1.184'. [ 116.789587][ T5747] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.184'. [ 117.888694][ T5734] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 118.414864][ T5771] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 118.986318][ T5094] usb 1-1: new full-speed USB device number 4 using dummy_hcd [ 119.308896][ T5094] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 200, setting to 64 [ 119.337533][ T5094] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 119.356100][ T5094] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 64 [ 119.367394][ T5094] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.18 [ 119.382272][ T5094] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 119.402997][ T5094] usb 1-1: config 0 descriptor?? [ 119.437134][ T5773] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 119.444629][ T5773] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 120.731945][ T4480] Bluetooth: hci5: Opcode 0x0c03 failed: -71 [ 120.738606][ T5144] usb 1-1: USB disconnect, device number 4 [ 120.906171][ T5094] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 121.113769][ T5094] usb 4-1: New USB device found, idVendor=0711, idProduct=0200, bcdDevice=36.e7 [ 121.133555][ T5094] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 121.165675][ T5094] usb 4-1: Product: syz [ 121.170354][ T5094] usb 4-1: Manufacturer: syz [ 121.175041][ T5094] usb 4-1: SerialNumber: syz [ 121.218446][ T5094] usb 4-1: config 0 descriptor?? [ 121.239422][ T5094] hub 4-1:0.0: bad descriptor, ignoring hub [ 121.245492][ T5094] hub 4-1:0.0: probe with driver hub failed with error -5 [ 121.273960][ T5094] mct_u232 4-1:0.0: MCT U232 converter detected [ 121.287821][ T5094] mct_u232 ttyUSB0: expected endpoint missing [ 121.757873][ T5817] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 122.054567][ T5809] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 122.240527][ T5825] netlink: 24 bytes leftover after parsing attributes in process `syz.4.211'. [ 122.947362][ T5144] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 123.057289][ T9] usb 4-1: USB disconnect, device number 3 [ 123.097087][ T9] mct_u232 4-1:0.0: device disconnected [ 123.376554][ T5144] usb 5-1: Using ep0 maxpacket: 32 [ 123.462024][ T5844] xt_NFQUEUE: number of total queues is 0 [ 124.207434][ T5144] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 124.237154][ T5144] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 124.246206][ T5094] usb 4-1: new full-speed USB device number 4 using dummy_hcd [ 124.256081][ T5144] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 124.279175][ T5144] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 124.309842][ T5144] hub 5-1:4.0: USB hub found [ 124.458582][ T5094] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 200, setting to 64 [ 124.494481][ T5094] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 124.521995][ T5094] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 64 [ 124.542684][ T5094] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.18 [ 124.548443][ T5144] hub 5-1:4.0: 2 ports detected [ 124.553098][ T5094] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 124.574399][ T5094] usb 4-1: config 0 descriptor?? [ 124.580684][ T5847] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 124.580957][ T5144] usb 5-1: selecting invalid altsetting 1 [ 124.607329][ T5847] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 124.616585][ T5144] hub 5-1:4.0: Using single TT (err -22) [ 124.703060][ T5861] netlink: 24 bytes leftover after parsing attributes in process `syz.0.222'. [ 124.736234][ T5144] hub 5-1:4.0: hub_hub_status failed (err = -71) [ 124.763665][ T5144] hub 5-1:4.0: config failed, can't get hub status (err -71) [ 124.838081][ T5144] usb 5-1: USB disconnect, device number 7 [ 124.925366][ T5853] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 125.123858][ T53] Bluetooth: hci5: Opcode 0x0c03 failed: -71 [ 125.131361][ T5094] usb 4-1: USB disconnect, device number 4 [ 125.931616][ T5895] xt_NFQUEUE: number of total queues is 0 [ 126.456598][ T5897] netlink: 24 bytes leftover after parsing attributes in process `syz.0.233'. [ 127.561211][ T5909] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 127.696328][ T5094] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 127.701338][ T5937] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 128.168820][ T5094] usb 1-1: config 0 has an invalid interface number: 18 but max is 0 [ 128.182460][ T5094] usb 1-1: config 0 has no interface number 0 [ 128.188902][ T5094] usb 1-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 128.199986][ T5094] usb 1-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 128.212013][ T5094] usb 1-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10 [ 128.228242][ T5094] usb 1-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 128.249101][ T5094] usb 1-1: Manufacturer: syz [ 128.267032][ T5094] usb 1-1: config 0 descriptor?? [ 128.659674][ T5094] usbhid 1-1:0.18: can't add hid device: -71 [ 128.665834][ T5094] usbhid 1-1:0.18: probe with driver usbhid failed with error -71 [ 128.684852][ T5094] usb 1-1: USB disconnect, device number 5 [ 129.588898][ T5952] binder: BINDER_SET_CONTEXT_MGR already set [ 129.662544][ T5952] binder: 5950:5952 ioctl 4018620d 20000040 returned -16 [ 131.116086][ T29] audit: type=1800 audit(1719743623.022:9): pid=5972 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.263" name="file1" dev="sda1" ino=1969 res=0 errno=0 [ 131.436382][ T45] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 131.642309][ T5975] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 131.656350][ T45] usb 5-1: Using ep0 maxpacket: 8 [ 131.708947][ T45] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0038, bcdDevice=7d.78 [ 131.744695][ T45] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 131.778551][ T45] usb 5-1: Product: syz [ 131.796587][ T45] usb 5-1: Manufacturer: syz [ 131.815227][ T45] usb 5-1: SerialNumber: syz [ 131.816197][ T5984] netlink: 24 bytes leftover after parsing attributes in process `syz.2.266'. [ 131.859064][ T45] usb 5-1: config 0 descriptor?? [ 131.913998][ T45] dvb-usb: found a 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver' in warm state. [ 131.968195][ T45] dvb-usb: bulk message failed: -22 (2/0) [ 131.995968][ T45] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 132.040355][ T45] dvbdev: DVB: registering new adapter (TerraTec/qanu USB2.0 Highspeed DVB-T Receiver) [ 132.076311][ T45] usb 5-1: media controller created [ 132.225696][ T45] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 132.239993][ T29] audit: type=1800 audit(1719743625.212:10): pid=5993 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.269" name="bus" dev="sda1" ino=1975 res=0 errno=0 [ 132.311076][ T29] audit: type=1804 audit(1719743625.262:11): pid=5993 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.1.269" name="/root/syzkaller.pLV5KF/58/bus/bus" dev="sda1" ino=1975 res=1 errno=0 [ 132.414796][ T45] dvb-usb: bulk message failed: -22 (1/0) [ 132.459325][ T45] dvb-usb: no frontend was attached by 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver' [ 132.529848][ T45] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input6 [ 132.580781][ T45] dvb-usb: schedule remote query interval to 50 msecs. [ 132.608162][ T45] dvb-usb: bulk message failed: -22 (2/0) [ 132.624208][ T45] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Receiver successfully initialized and connected. [ 132.669963][ T25] dvb-usb: bulk message failed: -22 (1/0) [ 132.678258][ T25] dvb-usb: error while querying for an remote control event. [ 132.732575][ T45] usb 5-1: USB disconnect, device number 8 [ 132.922894][ T45] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Re successfully deinitialized and disconnected. [ 133.080493][ T6003] binder_alloc: 6002: binder_alloc_buf, no vma [ 133.109298][ T6003] binder_alloc: 6002: binder_alloc_buf, no vma [ 133.140764][ T1250] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.151812][ T1250] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.447081][ T29] audit: type=1800 audit(1719743626.412:12): pid=6014 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.275" name="file1" dev="sda1" ino=1962 res=0 errno=0 [ 134.942068][ T6019] netlink: 24 bytes leftover after parsing attributes in process `syz.1.278'. [ 136.281610][ T6034] capability: warning: `syz.2.284' uses 32-bit capabilities (legacy support in use) [ 136.637025][ T6044] binder_alloc: 6043: binder_alloc_buf, no vma [ 136.697333][ T6044] binder_alloc: 6043: binder_alloc_buf, no vma [ 136.725734][ T6053] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 136.937272][ T6060] process 'syz.2.292' launched '/dev/fd/3/./file1' with NULL argv: empty string added [ 136.972792][ T6062] netlink: 24 bytes leftover after parsing attributes in process `syz.0.293'. [ 137.397327][ T6070] mkiss: ax0: crc mode is auto. [ 137.416209][ T6052] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 137.706355][ T25] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 137.936590][ T25] usb 4-1: Using ep0 maxpacket: 16 [ 137.953111][ T25] usb 4-1: unable to get BOS descriptor or descriptor too short [ 137.976217][ T25] usb 4-1: config 0 has no interfaces? [ 137.992278][ T25] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 138.014266][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 138.028456][ T25] usb 4-1: Product: syz [ 138.032752][ T25] usb 4-1: Manufacturer: syz [ 138.048537][ T25] usb 4-1: SerialNumber: syz [ 138.076301][ T5144] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 138.089358][ T25] usb 4-1: config 0 descriptor?? [ 138.276423][ T5144] usb 1-1: Using ep0 maxpacket: 16 [ 138.301073][ T5144] usb 1-1: unable to get BOS descriptor or descriptor too short [ 138.322227][ T5144] usb 1-1: config 0 has no interfaces? [ 138.338945][ T8] usb 4-1: USB disconnect, device number 5 [ 138.349930][ T5144] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 138.366677][ T5144] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 138.385003][ T5144] usb 1-1: Product: syz [ 138.429397][ T5144] usb 1-1: Manufacturer: syz [ 138.446179][ T5144] usb 1-1: SerialNumber: syz [ 138.499008][ T5144] usb 1-1: config 0 descriptor?? [ 138.714613][ T5144] usb 1-1: USB disconnect, device number 6 [ 138.767451][ T6114] mkiss: ax0: crc mode is auto. [ 138.886119][ T25] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 139.112981][ T25] usb 2-1: Using ep0 maxpacket: 8 [ 139.125967][ T25] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0038, bcdDevice=7d.78 [ 139.161914][ T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 139.185912][ T25] usb 2-1: Product: syz [ 139.192407][ T25] usb 2-1: Manufacturer: syz [ 139.206226][ T25] usb 2-1: SerialNumber: syz [ 139.217371][ T25] usb 2-1: config 0 descriptor?? [ 139.237552][ T25] dvb-usb: found a 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver' in warm state. [ 139.276202][ T25] dvb-usb: bulk message failed: -22 (2/0) [ 139.284627][ T25] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 139.305755][ T25] dvbdev: DVB: registering new adapter (TerraTec/qanu USB2.0 Highspeed DVB-T Receiver) [ 139.329417][ T25] usb 2-1: media controller created [ 139.430637][ T6130] netlink: 14568 bytes leftover after parsing attributes in process `syz.4.317'. [ 139.441062][ T8] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 139.636355][ T8] usb 4-1: Using ep0 maxpacket: 32 [ 139.668065][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 139.724894][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 139.765671][ T8] usb 4-1: New USB device found, idVendor=044f, idProduct=b324, bcdDevice= 0.00 [ 139.813290][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.855279][ T8] usb 4-1: config 0 descriptor?? [ 139.964601][ T25] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 140.052268][ T25] dvb-usb: bulk message failed: -22 (1/0) [ 140.069513][ T25] dvb-usb: no frontend was attached by 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver' [ 140.156686][ T25] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input7 [ 140.400048][ T25] dvb-usb: schedule remote query interval to 50 msecs. [ 140.465777][ T25] dvb-usb: bulk message failed: -22 (2/0) [ 140.567450][ T25] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Receiver successfully initialized and connected. [ 140.579120][ T45] dvb-usb: bulk message failed: -22 (1/0) [ 140.584891][ T45] dvb-usb: error while querying for an remote control event. [ 140.642437][ T25] usb 2-1: USB disconnect, device number 3 [ 140.804995][ T25] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Re successfully deinitialized and disconnected. [ 141.006312][ T5094] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 141.137730][ T45] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 141.167607][ T5094] usb 1-1: device descriptor read/64, error -71 [ 141.339230][ T45] usb 5-1: config 0 has an invalid interface number: 18 but max is 0 [ 141.353330][ T45] usb 5-1: config 0 has no interface number 0 [ 141.361262][ T45] usb 5-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 141.383472][ T45] usb 5-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 141.409178][ T45] usb 5-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10 [ 141.418984][ T25] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 141.427134][ T45] usb 5-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 141.437172][ T45] usb 5-1: Manufacturer: syz [ 141.438083][ T5094] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 141.445835][ T45] usb 5-1: config 0 descriptor?? [ 141.643508][ T25] usb 2-1: Using ep0 maxpacket: 16 [ 141.663113][ T25] usb 2-1: unable to get BOS descriptor or descriptor too short [ 141.675963][ T25] usb 2-1: config 0 has no interfaces? [ 141.690694][ T25] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 141.707397][ T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 141.722471][ T25] usb 2-1: Product: syz [ 141.729101][ T25] usb 2-1: Manufacturer: syz [ 141.733990][ T25] usb 2-1: SerialNumber: syz [ 141.769219][ T25] usb 2-1: config 0 descriptor?? [ 141.943416][ T45] usbhid 5-1:0.18: can't add hid device: -71 [ 141.990962][ T45] usbhid 5-1:0.18: probe with driver usbhid failed with error -71 [ 142.071251][ T45] usb 5-1: USB disconnect, device number 9 [ 142.144453][ T5138] usb 2-1: USB disconnect, device number 4 [ 142.322946][ T5094] usb 1-1: device descriptor read/64, error -71 [ 142.440797][ T8] usbhid 4-1:0.0: can't add hid device: -71 [ 142.467279][ T5094] usb usb1-port1: attempt power cycle [ 142.476428][ T8] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 142.516826][ T8] usb 4-1: USB disconnect, device number 6 [ 142.896192][ T5094] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 142.906127][ T8] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 142.950797][ T5094] usb 1-1: device descriptor read/8, error -71 [ 143.126138][ T8] usb 4-1: Using ep0 maxpacket: 8 [ 143.148881][ T8] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0038, bcdDevice=7d.78 [ 143.165696][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 143.182483][ T8] usb 4-1: Product: syz [ 143.190052][ T8] usb 4-1: Manufacturer: syz [ 143.195010][ T8] usb 4-1: SerialNumber: syz [ 143.222831][ T8] usb 4-1: config 0 descriptor?? [ 143.228244][ T5094] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 143.249518][ T8] dvb-usb: found a 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver' in warm state. [ 143.264023][ T8] dvb-usb: bulk message failed: -22 (2/0) [ 143.282363][ T5094] usb 1-1: device descriptor read/8, error -71 [ 143.293505][ T8] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 143.311322][ T8] dvbdev: DVB: registering new adapter (TerraTec/qanu USB2.0 Highspeed DVB-T Receiver) [ 143.325161][ T8] usb 4-1: media controller created [ 143.389054][ T8] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 143.416865][ T5094] usb usb1-port1: unable to enumerate USB device [ 143.449924][ T8] dvb-usb: bulk message failed: -22 (1/0) [ 143.466210][ T8] dvb-usb: no frontend was attached by 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver' [ 143.493190][ T8] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input8 [ 143.533165][ T8] dvb-usb: schedule remote query interval to 50 msecs. [ 143.551280][ T8] dvb-usb: bulk message failed: -22 (2/0) [ 143.567260][ T8] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Receiver successfully initialized and connected. [ 143.600826][ T8] usb 4-1: USB disconnect, device number 7 [ 143.765251][ T8] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Re successfully deinitialized and disconnected. [ 144.661330][ T25] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 144.946860][ T25] usb 2-1: Using ep0 maxpacket: 32 [ 144.954450][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 145.000586][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 145.067514][ T25] usb 2-1: New USB device found, idVendor=044f, idProduct=b324, bcdDevice= 0.00 [ 145.100142][ T6218] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 145.126105][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 145.212147][ T25] usb 2-1: config 0 descriptor?? [ 146.436297][ T6248] netlink: 12 bytes leftover after parsing attributes in process `syz.0.356'. [ 147.648164][ T6256] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 147.735819][ T25] usbhid 2-1:0.0: can't add hid device: -71 [ 147.743026][ T25] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 147.783690][ T25] usb 2-1: USB disconnect, device number 5 [ 148.665316][ T6288] xt_NFQUEUE: number of total queues is 0 [ 148.676319][ T8] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 148.920655][ T8] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 148.969187][ T8] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 149.016322][ T8] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 149.047133][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 149.076792][ T8] usb 3-1: SerialNumber: syz [ 149.216298][ T6290] netlink: 12 bytes leftover after parsing attributes in process `syz.3.370'. [ 149.283407][ T6290] netlink: 'syz.3.370': attribute type 10 has an invalid length. [ 149.421762][ T8] usb 3-1: 0:2 : does not exist [ 149.441874][ T8] usb 3-1: unit 255 not found! [ 149.448405][ T6290] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 149.513830][ T8] usb 3-1: USB disconnect, device number 4 [ 149.704079][ T6299] netlink: 8 bytes leftover after parsing attributes in process `syz.3.374'. [ 149.746095][ T5138] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 149.748139][ T5287] udevd[5287]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 149.956148][ T5138] usb 5-1: Using ep0 maxpacket: 8 [ 149.966729][ T5138] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0038, bcdDevice=7d.78 [ 149.996390][ T5138] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 150.006493][ T5138] usb 5-1: Product: syz [ 150.010814][ T5138] usb 5-1: Manufacturer: syz [ 150.056155][ T5138] usb 5-1: SerialNumber: syz [ 150.087370][ T5138] usb 5-1: config 0 descriptor?? [ 150.103008][ T5138] dvb-usb: found a 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver' in warm state. [ 150.156358][ T5138] dvb-usb: bulk message failed: -22 (2/0) [ 150.162160][ T5138] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 150.205027][ T5138] dvbdev: DVB: registering new adapter (TerraTec/qanu USB2.0 Highspeed DVB-T Receiver) [ 150.245523][ T5138] usb 5-1: media controller created [ 150.332126][ T5138] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 150.460234][ T5138] dvb-usb: bulk message failed: -22 (1/0) [ 150.490443][ T5138] dvb-usb: no frontend was attached by 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver' [ 150.567255][ T5138] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input9 [ 150.602469][ T5138] dvb-usb: schedule remote query interval to 50 msecs. [ 150.616135][ T5138] dvb-usb: bulk message failed: -22 (2/0) [ 150.635530][ T5138] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Receiver successfully initialized and connected. [ 150.660263][ T5085] syz-executor (5085) used greatest stack depth: 18384 bytes left [ 150.675425][ T5138] usb 5-1: USB disconnect, device number 10 [ 150.806231][ T45] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 150.848726][ T4480] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 150.877621][ T4480] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 150.887318][ T4480] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 150.917264][ T4480] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 150.925160][ T5138] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Re successfully deinitialized and disconnected. [ 150.942654][ T2427] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.954709][ T4480] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 150.966686][ T4480] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 151.031222][ T45] usb 3-1: Using ep0 maxpacket: 32 [ 151.135030][ T45] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 151.223337][ T45] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 151.320805][ T45] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 151.346478][ T45] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 151.358467][ T2427] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.387176][ T45] hub 3-1:4.0: USB hub found [ 151.488339][ T2427] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.522034][ T6315] ip6gretap0 speed is unknown, defaulting to 1000 [ 151.600386][ T45] hub 3-1:4.0: 2 ports detected [ 151.602905][ T2427] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.605329][ T45] usb 3-1: selecting invalid altsetting 1 [ 151.636549][ T45] hub 3-1:4.0: Using single TT (err -22) [ 151.638909][ T6330] netlink: 12 bytes leftover after parsing attributes in process `syz.0.384'. [ 151.722666][ T6330] netlink: 'syz.0.384': attribute type 10 has an invalid length. [ 151.791275][ T6330] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 151.941856][ T45] hub 3-1:4.0: hub_hub_status failed (err = -71) [ 151.951396][ T45] hub 3-1:4.0: config failed, can't get hub status (err -71) [ 151.988310][ T45] usb 3-1: USB disconnect, device number 5 [ 152.072088][ T6334] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 152.296272][ T2427] bridge_slave_1: left allmulticast mode [ 152.306870][ T2427] bridge_slave_1: left promiscuous mode [ 152.319500][ T2427] bridge0: port 2(bridge_slave_1) entered disabled state [ 152.409839][ T2427] bridge_slave_0: left allmulticast mode [ 152.418023][ T2427] bridge_slave_0: left promiscuous mode [ 152.423927][ T2427] bridge0: port 1(bridge_slave_0) entered disabled state [ 153.057625][ T4480] Bluetooth: hci2: command tx timeout [ 153.095087][ T6358] xt_NFQUEUE: number of total queues is 0 [ 153.731657][ T2427] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 153.759866][ T2427] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 153.789606][ T2427] bond0 (unregistering): (slave wlan1): Releasing backup interface [ 153.821166][ T2427] bond0 (unregistering): Released all slaves [ 153.941890][ T6315] chnl_net:caif_netlink_parms(): no params data found [ 154.330918][ T6380] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 154.450739][ T6315] bridge0: port 1(bridge_slave_0) entered blocking state [ 154.466198][ T5144] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 154.486976][ T6315] bridge0: port 1(bridge_slave_0) entered disabled state [ 154.494262][ T6315] bridge_slave_0: entered allmulticast mode [ 154.532702][ T6315] bridge_slave_0: entered promiscuous mode [ 154.616852][ T6315] bridge0: port 2(bridge_slave_1) entered blocking state [ 154.634451][ T6315] bridge0: port 2(bridge_slave_1) entered disabled state [ 154.648188][ T6315] bridge_slave_1: entered allmulticast mode [ 154.666624][ T6315] bridge_slave_1: entered promiscuous mode [ 154.686947][ T5144] usb 2-1: Using ep0 maxpacket: 8 [ 154.706422][ T5144] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 154.728153][ T5144] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 154.762199][ T5144] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 154.804889][ T5144] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 154.853805][ T5144] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 154.900617][ T5144] usb 2-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.18 [ 154.928633][ T5144] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 154.951077][ T5144] usb 2-1: config 0 descriptor?? [ 154.968690][ T6374] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 155.210508][ T53] Bluetooth: hci2: command tx timeout [ 155.297469][ T6315] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 155.351404][ T6315] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 155.546289][ T6407] netlink: 277 bytes leftover after parsing attributes in process `syz.0.400'. [ 156.200512][ T9] usb 2-1: USB disconnect, device number 6 [ 156.225961][ T4480] Bluetooth: hci5: Opcode 0x0c03 failed: -71 [ 156.330072][ T6315] team0: Port device team_slave_0 added [ 156.388575][ T6315] team0: Port device team_slave_1 added [ 156.455374][ T2427] hsr_slave_0: left promiscuous mode [ 156.515356][ T2427] hsr_slave_1: left promiscuous mode [ 156.547756][ T2427] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 156.565587][ T2427] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 156.594106][ T2427] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 156.611928][ T2427] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 156.666174][ T2427] veth1_macvtap: left promiscuous mode [ 156.676717][ T2427] veth0_macvtap: left promiscuous mode [ 156.687737][ T2427] veth1_vlan: left promiscuous mode [ 156.713645][ T2427] veth0_vlan: left promiscuous mode [ 157.296304][ T4480] Bluetooth: hci2: command tx timeout [ 157.977031][ T29] audit: type=1326 audit(1719743650.952:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6435 comm="syz.1.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e1975b99 code=0x7ffc0000 [ 158.101625][ T29] audit: type=1326 audit(1719743650.952:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6435 comm="syz.1.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e1975b99 code=0x7ffc0000 [ 158.148023][ T5138] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 158.276353][ T29] audit: type=1326 audit(1719743650.952:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6435 comm="syz.1.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fd7e1975b99 code=0x7ffc0000 [ 158.298547][ T29] audit: type=1326 audit(1719743650.952:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6435 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e1975b99 code=0x7ffc0000 [ 158.326295][ T29] audit: type=1326 audit(1719743650.952:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6435 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e1975b99 code=0x7ffc0000 [ 158.353500][ T29] audit: type=1326 audit(1719743650.952:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6435 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fd7e1975b99 code=0x7ffc0000 [ 158.378359][ T29] audit: type=1326 audit(1719743650.952:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6435 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e1975b99 code=0x7ffc0000 [ 158.406881][ T29] audit: type=1326 audit(1719743650.952:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6435 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e1975b99 code=0x7ffc0000 [ 158.464299][ T29] audit: type=1326 audit(1719743650.952:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6435 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fd7e1975b99 code=0x7ffc0000 [ 158.502284][ T5138] usb 5-1: New USB device found, idVendor=0711, idProduct=0200, bcdDevice=36.e7 [ 158.514690][ T29] audit: type=1326 audit(1719743650.952:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6435 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e1975b99 code=0x7ffc0000 [ 158.536059][ T5138] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 158.743068][ T5138] usb 5-1: Product: syz [ 263.575987][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 263.583060][ C1] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P1105/1:b..l P6444/1:b..l P2414/1:b..l [ 263.593641][ C1] rcu: (detected by 1, t=10502 jiffies, g=17829, q=337 ncpus=2) [ 263.601391][ C1] task:kworker/u8:8 state:R running task stack:19768 pid:2414 tgid:2414 ppid:2 flags:0x00004000 [ 263.614217][ C1] Workqueue: bat_events batadv_nc_worker [ 263.619900][ C1] Call Trace: [ 263.623180][ C1] [ 263.626116][ C1] __schedule+0x1796/0x49d0 [ 263.630736][ C1] ? __pfx___schedule+0x10/0x10 [ 263.635599][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 263.641617][ C1] ? preempt_schedule_irq+0xf0/0x1c0 [ 263.647009][ C1] preempt_schedule_irq+0xfb/0x1c0 [ 263.652140][ C1] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 263.657881][ C1] irqentry_exit+0x5e/0x90 [ 263.662317][ C1] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 263.667797][ C1] RIP: 0010:lock_acquire+0x264/0x550 [ 263.673116][ C1] Code: 2b 00 74 08 4c 89 f7 e8 0a 2d 86 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25 [ 263.692737][ C1] RSP: 0018:ffffc90008f6f9e0 EFLAGS: 00000206 [ 263.698822][ C1] RAX: 0000000000000001 RBX: 1ffff920011edf48 RCX: 0000000000000001 [ 263.706818][ C1] RDX: dffffc0000000000 RSI: ffffffff8bcaccc0 RDI: ffffffff8c1f1780 [ 263.714786][ C1] RBP: ffffc90008f6fb40 R08: ffffffff92f71587 R09: 1ffffffff25ee2b0 [ 263.722854][ C1] R10: dffffc0000000000 R11: fffffbfff25ee2b1 R12: 1ffff920011edf44 [ 263.730827][ C1] R13: dffffc0000000000 R14: ffffc90008f6fa40 R15: 0000000000000246 [ 263.738906][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 263.743959][ C1] ? batadv_nc_worker+0xcb/0x610 [ 263.748920][ C1] ? __pfx_lock_release+0x10/0x10 [ 263.753953][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 263.759943][ C1] batadv_nc_worker+0xec/0x610 [ 263.764729][ C1] ? batadv_nc_worker+0xcb/0x610 [ 263.769682][ C1] ? batadv_nc_worker+0xcb/0x610 [ 263.774642][ C1] ? process_scheduled_works+0x945/0x1830 [ 263.780393][ C1] process_scheduled_works+0xa2c/0x1830 [ 263.785984][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 263.792004][ C1] ? assign_work+0x364/0x3d0 [ 263.796622][ C1] worker_thread+0x86d/0xd50 [ 263.801339][ C1] ? __kthread_parkme+0x169/0x1d0 [ 263.806378][ C1] ? __pfx_worker_thread+0x10/0x10 [ 263.811491][ C1] kthread+0x2f0/0x390 [ 263.815562][ C1] ? __pfx_worker_thread+0x10/0x10 [ 263.820672][ C1] ? __pfx_kthread+0x10/0x10 [ 263.825285][ C1] ret_from_fork+0x4b/0x80 [ 263.829705][ C1] ? __pfx_kthread+0x10/0x10 [ 263.834298][ C1] ret_from_fork_asm+0x1a/0x30 [ 263.839083][ C1] [ 263.842123][ C1] task:syz.2.413 state:R running task stack:24144 pid:6444 tgid:6443 ppid:5087 flags:0x00004002 [ 263.853868][ C1] Call Trace: [ 263.857148][ C1] [ 263.860088][ C1] __schedule+0x1796/0x49d0 [ 263.864612][ C1] ? __pfx___schedule+0x10/0x10 [ 263.869468][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 263.875463][ C1] ? preempt_schedule_irq+0xf0/0x1c0 [ 263.880753][ C1] preempt_schedule_irq+0xfb/0x1c0 [ 263.886048][ C1] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 263.891865][ C1] irqentry_exit+0x5e/0x90 [ 263.896294][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 263.902302][ C1] RIP: 0010:lock_is_held_type+0xd/0x190 [ 263.908007][ C1] Code: ff 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 41 57 41 56 41 55 41 54 <53> 48 83 ec 10 65 48 8b 04 25 28 00 00 00 48 89 44 24 08 bb ff ff [ 263.927632][ C1] RSP: 0018:ffffc900145d6f60 EFLAGS: 00000202 [ 263.933724][ C1] RAX: 1ffffffff1c67101 RBX: ffff8880531aa800 RCX: 0000000080000000 [ 263.941790][ C1] RDX: ffff888027849e00 RSI: 00000000ffffffff RDI: ffffffff8e333f60 [ 263.949772][ C1] RBP: 0000000000000000 R08: ffffffff84904b76 R09: 1ffffffff25ee2b0 [ 263.957758][ C1] R10: dffffc0000000000 R11: fffffbfff25ee2b1 R12: dffffc0000000000 [ 263.965730][ C1] R13: 0000000000000cc0 R14: ffff888027849e2c R15: dffffc0000000000 [ 263.973864][ C1] ? blkcg_css+0x106/0x1d0 [ 263.978310][ C1] blkcg_css+0x110/0x1d0 [ 263.982582][ C1] ? blk_cgroup_congested+0x1d/0x220 [ 263.987887][ C1] blk_cgroup_congested+0xbd/0x220 [ 263.993033][ C1] __folio_throttle_swaprate+0x84/0x1d0 [ 263.998614][ C1] shmem_add_to_page_cache+0x89c/0x1830 [ 264.004198][ C1] ? __pfx_shmem_add_to_page_cache+0x10/0x10 [ 264.010206][ C1] ? percpu_ref_put+0x19/0x180 [ 264.014982][ C1] shmem_alloc_and_add_folio+0x46c/0xdb0 [ 264.020692][ C1] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 264.026869][ C1] ? filemap_map_pages+0x24f/0x1e70 [ 264.032101][ C1] ? __pfx_lock_release+0x10/0x10 [ 264.037133][ C1] shmem_get_folio_gfp+0x82d/0x1f50 [ 264.042358][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 264.047594][ C1] ? filemap_map_pages+0x18e0/0x1e70 [ 264.052903][ C1] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 264.058574][ C1] shmem_fault+0x252/0x6f0 [ 264.063004][ C1] ? __pfx_shmem_fault+0x10/0x10 [ 264.067953][ C1] ? __pfx_lock_release+0x10/0x10 [ 264.072983][ C1] ? pte_offset_map_nolock+0x137/0x1f0 [ 264.078466][ C1] __do_fault+0x135/0x460 [ 264.082802][ C1] ? handle_pte_fault+0x222c/0x7090 [ 264.088026][ C1] handle_pte_fault+0x3d15/0x7090 [ 264.093155][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 264.098210][ C1] ? __pfx_handle_pte_fault+0x10/0x10 [ 264.104286][ C1] ? do_raw_spin_lock+0x14f/0x370 [ 264.109337][ C1] ? follow_page_pte+0x292/0x1d90 [ 264.114383][ C1] ? follow_page_pte+0x859/0x1d90 [ 264.119412][ C1] ? __pfx_lock_release+0x10/0x10 [ 264.124438][ C1] ? count_memcg_event_mm+0x3c2/0x420 [ 264.129910][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 264.135113][ C1] ? folio_mark_accessed+0x6f6/0x11b0 [ 264.140492][ C1] handle_mm_fault+0xfb0/0x19d0 [ 264.145377][ C1] ? __pfx_handle_mm_fault+0x10/0x10 [ 264.150675][ C1] ? __get_user_pages+0x792/0x1590 [ 264.155785][ C1] ? __get_user_pages+0x7a0/0x1590 [ 264.160899][ C1] __get_user_pages+0x6ef/0x1590 [ 264.165848][ C1] ? mt_find+0x62d/0x850 [ 264.170103][ C1] ? __pfx___get_user_pages+0x10/0x10 [ 264.175488][ C1] populate_vma_page_range+0x264/0x330 [ 264.180954][ C1] ? __pfx_populate_vma_page_range+0x10/0x10 [ 264.186936][ C1] ? userfaultfd_unmap_complete+0x30c/0x360 [ 264.192826][ C1] ? do_mmap+0x915/0xfa0 [ 264.197075][ C1] __mm_populate+0x27a/0x460 [ 264.201669][ C1] ? __pfx___mm_populate+0x10/0x10 [ 264.206810][ C1] vm_mmap_pgoff+0x2c3/0x3d0 [ 264.211498][ C1] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 264.216618][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 264.222961][ C1] ? do_syscall_64+0x100/0x230 [ 264.227734][ C1] ? ksys_mmap_pgoff+0xdf/0x720 [ 264.232587][ C1] ? __x64_sys_mmap+0x7f/0x140 [ 264.237374][ C1] do_syscall_64+0xf3/0x230 [ 264.241885][ C1] ? clear_bhb_loop+0x35/0x90 [ 264.246569][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 264.252512][ C1] RIP: 0033:0x7f003c375b99 [ 264.256946][ C1] RSP: 002b:00007f003d1e6048 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 264.265358][ C1] RAX: ffffffffffffffda RBX: 00007f003c503fa0 RCX: 00007f003c375b99 [ 264.273421][ C1] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000 [ 264.281517][ C1] RBP: 00007f003c3f677e R08: ffffffffffffffff R09: 0000000000000000 [ 264.289501][ C1] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000 [ 264.297467][ C1] R13: 000000000000000b R14: 00007f003c503fa0 R15: 00007ffd939279e8 [ 264.305448][ C1] [ 264.308465][ C1] task:kworker/u8:7 state:R running task stack:21560 pid:1105 tgid:1105 ppid:2 flags:0x00004000 [ 264.320318][ C1] Workqueue: events_unbound toggle_allocation_gate [ 264.326915][ C1] Call Trace: [ 264.330237][ C1] [ 264.333169][ C1] __schedule+0x1796/0x49d0 [ 264.337696][ C1] ? __pfx___schedule+0x10/0x10 [ 264.342545][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 264.348532][ C1] ? preempt_schedule_irq+0xf0/0x1c0 [ 264.353816][ C1] preempt_schedule_irq+0xfb/0x1c0 [ 264.358944][ C1] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 264.364672][ C1] irqentry_exit+0x5e/0x90 [ 264.369098][ C1] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 264.374561][ C1] RIP: 0010:__pte_offset_map_lock+0x143/0x300 [ 264.380806][ C1] Code: 24 80 00 00 00 e8 8d ab 11 00 4c 8b b4 24 80 00 00 00 31 ff 4c 89 f6 e8 6b 44 af ff 4d 85 f6 41 0f 95 c5 4c 89 f6 48 83 e6 01 <0f> 94 c3 31 ff e8 53 44 af ff 44 20 eb 44 0f b6 eb 49 f7 dd 4d 31 [ 264.400583][ C1] RSP: 0018:ffffc9000417f640 EFLAGS: 00000202 [ 264.406832][ C1] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: ffff888022463c00 [ 264.415002][ C1] RDX: 000000001507c558 RSI: 0000000000000001 RDI: 0000000000000000 [ 264.423001][ C1] RBP: ffffc9000417f730 R08: ffffffff81e6e9c5 R09: 1ffffffff25ee2b0 [ 264.430979][ C1] R10: dffffc0000000000 R11: fffffbfff25ee2b1 R12: 1ffff9200082fed0 [ 264.438954][ C1] R13: ffff88801507aa01 R14: 000000001507c067 R15: 1ffff9200082fed8 [ 264.446946][ C1] ? __pte_offset_map_lock+0x135/0x300 [ 264.452430][ C1] ? __pfx___pte_offset_map_lock+0x10/0x10 [ 264.458245][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 264.465637][ C1] ? walk_to_pmd+0x19b/0x240 [ 264.470234][ C1] ? kmem_cache_alloc_node_noprof+0x89/0x320 [ 264.476230][ C1] __text_poke+0x2c5/0xd30 [ 264.480651][ C1] ? kmem_cache_alloc_lru_noprof+0x84/0x2b0 [ 264.486548][ C1] ? __pfx_text_poke_memcpy+0x10/0x10 [ 264.491942][ C1] ? __pfx___text_poke+0x10/0x10 [ 264.496966][ C1] ? kmem_cache_alloc_bulk_noprof+0x146/0x770 [ 264.503036][ C1] ? perf_event_text_poke+0x258/0x330 [ 264.508433][ C1] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 264.514771][ C1] ? __pfx_perf_event_text_poke+0x10/0x10 [ 264.520587][ C1] ? __mutex_trylock_common+0x183/0x2e0 [ 264.526148][ C1] ? __pfx___might_resched+0x10/0x10 [ 264.531897][ C1] text_poke_bp_batch+0x8cd/0xb30 [ 264.536929][ C1] ? kmem_cache_alloc_bulk_noprof+0x147/0x770 [ 264.543025][ C1] ? __pfx_text_poke_bp_batch+0x10/0x10 [ 264.548578][ C1] ? arch_jump_label_transform_queue+0x9b/0x100 [ 264.554849][ C1] text_poke_finish+0x30/0x50 [ 264.559526][ C1] arch_jump_label_transform_apply+0x1c/0x30 [ 264.565506][ C1] static_key_disable_cpuslocked+0xce/0x1c0 [ 264.571497][ C1] static_key_disable+0x1a/0x20 [ 264.576353][ C1] toggle_allocation_gate+0x1b8/0x250 [ 264.581724][ C1] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 264.587627][ C1] ? __pfx_autoremove_wake_function+0x10/0x10 [ 264.593789][ C1] ? process_scheduled_works+0x945/0x1830 [ 264.599505][ C1] process_scheduled_works+0xa2c/0x1830 [ 264.605067][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 264.611060][ C1] ? assign_work+0x364/0x3d0 [ 264.615738][ C1] worker_thread+0x86d/0xd50 [ 264.620426][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 264.626330][ C1] ? __kthread_parkme+0x169/0x1d0 [ 264.631379][ C1] ? __pfx_worker_thread+0x10/0x10 [ 264.636510][ C1] kthread+0x2f0/0x390 [ 264.640593][ C1] ? __pfx_worker_thread+0x10/0x10 [ 264.645711][ C1] ? __pfx_kthread+0x10/0x10 [ 264.650407][ C1] ret_from_fork+0x4b/0x80 [ 264.654832][ C1] ? __pfx_kthread+0x10/0x10 [ 264.659425][ C1] ret_from_fork_asm+0x1a/0x30 [ 264.664211][ C1] [ 264.667338][ C1] rcu: rcu_preempt kthread starved for 10589 jiffies! g17829 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 264.678616][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 264.688577][ C1] rcu: RCU grace-period kthread stack dump: [ 264.694652][ C1] task:rcu_preempt state:R running task stack:25328 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 264.706388][ C1] Call Trace: [ 264.709664][ C1] [ 264.712595][ C1] __schedule+0x1796/0x49d0 [ 264.717116][ C1] ? __pfx___schedule+0x10/0x10 [ 264.721978][ C1] ? __pfx_lock_release+0x10/0x10 [ 264.727109][ C1] ? __asan_memset+0x23/0x50 [ 264.731707][ C1] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 264.737514][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 264.743842][ C1] ? schedule+0x90/0x320 [ 264.748086][ C1] schedule+0x14b/0x320 [ 264.752267][ C1] schedule_timeout+0x1be/0x310 [ 264.757124][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 264.762509][ C1] ? __pfx_process_timeout+0x10/0x10 [ 264.767889][ C1] ? prepare_to_swait_event+0x32e/0x350 [ 264.773453][ C1] rcu_gp_fqs_loop+0x2df/0x1330 [ 264.778409][ C1] ? __pfx_rcu_gp_init+0x10/0x10 [ 264.783352][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 264.788555][ C1] ? __pfx_dyntick_save_progress_counter+0x10/0x10 [ 264.795410][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 264.803173][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 264.809082][ C1] ? finish_swait+0xd4/0x1e0 [ 264.813674][ C1] rcu_gp_kthread+0xa7/0x3b0 [ 264.818284][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 264.823477][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 264.829402][ C1] ? __kthread_parkme+0x169/0x1d0 [ 264.834442][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 264.839736][ C1] kthread+0x2f0/0x390 [ 264.843824][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 264.849029][ C1] ? __pfx_kthread+0x10/0x10 [ 264.853630][ C1] ret_from_fork+0x4b/0x80 [ 264.858055][ C1] ? __pfx_kthread+0x10/0x10 [ 264.862851][ C1] ret_from_fork_asm+0x1a/0x30 [ 264.867644][ C1] [ 264.870658][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 264.876988][ C1] Sending NMI from CPU 1 to CPUs 0: [ 264.882224][ C0] NMI backtrace for cpu 0 skipped: idling at acpi_safe_halt+0x21/0x30 [ 264.891712][ C1] sched: RT throttling activated [ 270.826347][ T5138] usb 5-1: Manufacturer: syz [ 270.831020][ T5138] usb 5-1: SerialNumber: syz [ 270.837161][ T1250] ieee802154 phy0 wpan0: encryption failed: -22 [ 270.843584][ T1250] ieee802154 phy1 wpan1: encryption failed: -22 [ 270.850053][ T4480] Bluetooth: hci2: command tx timeout [ 270.860137][ T5138] usb 5-1: config 0 descriptor?? [ 270.868806][ T1250] ieee802154 phy0 wpan0: encryption failed: -22 [ 270.875144][ T1250] ieee802154 phy1 wpan1: encryption failed: -22 [ 270.886216][ T5138] usb 5-1: can't set config #0, error -71 [ 270.962676][ T29] kauditd_printk_skb: 55 callbacks suppressed [ 270.962697][ T29] audit: type=1326 audit(1719743651.562:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6435 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e1975b99 code=0x7ffc0000 [ 271.060621][ T5138] usb 5-1: USB disconnect, device number 11 [ 271.114362][ T29] audit: type=1326 audit(1719743651.562:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6435 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd7e196cbe7 code=0x7ffc0000 SYZFAIL: failed to send rpc fd=3 want=784 sent=0 n=-1 (errno 32: Broken pipe) [ 271.356045][ T29] audit: type=1326 audit(1719743651.562:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6435 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd7e19115b9 code=0x7ffc0000