Warning: Permanently added '10.128.0.108' (ED25519) to the list of known hosts. 2024/04/06 08:41:40 fuzzer started 2024/04/06 08:41:40 dialing manager at 10.128.0.169:30004 [ 68.985274][ T5056] cgroup: Unknown subsys name 'net' [ 69.127940][ T5056] cgroup: Unknown subsys name 'rlimit' 2024/04/06 08:41:42 syscalls: 3899 2024/04/06 08:41:42 code coverage: enabled 2024/04/06 08:41:42 comparison tracing: enabled 2024/04/06 08:41:42 extra coverage: enabled 2024/04/06 08:41:42 delay kcov mmap: enabled 2024/04/06 08:41:42 setuid sandbox: enabled 2024/04/06 08:41:42 namespace sandbox: enabled 2024/04/06 08:41:42 Android sandbox: /sys/fs/selinux/policy does not exist 2024/04/06 08:41:42 fault injection: enabled 2024/04/06 08:41:42 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2024/04/06 08:41:42 net packet injection: enabled 2024/04/06 08:41:42 net device setup: enabled 2024/04/06 08:41:42 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2024/04/06 08:41:42 devlink PCI setup: PCI device 0000:00:10.0 is not available 2024/04/06 08:41:42 NIC VF setup: PCI device 0000:00:11.0 is not available 2024/04/06 08:41:42 USB emulation: enabled 2024/04/06 08:41:42 hci packet injection: enabled 2024/04/06 08:41:42 wifi device emulation: enabled 2024/04/06 08:41:42 802.15.4 emulation: enabled 2024/04/06 08:41:42 swap file: enabled [ 70.728633][ T5056] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k 2024/04/06 08:41:43 starting 5 executor processes [ 71.640176][ T1242] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.646731][ T1242] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.730930][ T5071] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 71.749311][ T5074] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 71.756767][ T5074] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 71.765025][ T5074] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 71.783934][ T52] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 71.796068][ T5075] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 71.796158][ T52] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 71.815912][ T52] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 71.816272][ T5075] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 71.824019][ T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 71.831039][ T5075] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 71.847630][ T52] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 71.901416][ T5071] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 71.923454][ T5071] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 71.933383][ T4457] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 71.941676][ T4457] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 71.950812][ T4457] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 71.958607][ T4457] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 71.966124][ T4457] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 71.973984][ T4457] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 71.982807][ T5074] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 71.990910][ T5074] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 71.998094][ T4457] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 71.999917][ T5074] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 72.006141][ T4457] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 72.020370][ T4457] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 72.024713][ T5074] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 72.028440][ T4457] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 72.041427][ T52] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 72.049473][ T4457] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 72.370012][ T5069] chnl_net:caif_netlink_parms(): no params data found [ 72.536097][ T5069] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.544766][ T5069] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.552293][ T5069] bridge_slave_0: entered allmulticast mode [ 72.559401][ T5069] bridge_slave_0: entered promiscuous mode [ 72.614709][ T5069] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.623398][ T5069] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.630779][ T5069] bridge_slave_1: entered allmulticast mode [ 72.638098][ T5069] bridge_slave_1: entered promiscuous mode [ 72.754273][ T5069] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 72.782275][ T5072] chnl_net:caif_netlink_parms(): no params data found [ 72.792767][ T5080] chnl_net:caif_netlink_parms(): no params data found [ 72.805606][ T5069] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.870799][ T5069] team0: Port device team_slave_0 added [ 72.887908][ T5069] team0: Port device team_slave_1 added [ 72.905079][ T5076] chnl_net:caif_netlink_parms(): no params data found [ 72.996876][ T5069] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 73.004047][ T5069] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 73.030049][ T5069] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 73.047572][ T5069] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 73.054788][ T5069] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 73.081473][ T5069] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 73.098127][ T5079] chnl_net:caif_netlink_parms(): no params data found [ 73.225943][ T5076] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.233331][ T5076] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.240800][ T5076] bridge_slave_0: entered allmulticast mode [ 73.247717][ T5076] bridge_slave_0: entered promiscuous mode [ 73.267143][ T5072] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.274405][ T5072] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.285265][ T5072] bridge_slave_0: entered allmulticast mode [ 73.292196][ T5072] bridge_slave_0: entered promiscuous mode [ 73.299353][ T5080] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.306482][ T5080] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.314528][ T5080] bridge_slave_0: entered allmulticast mode [ 73.321765][ T5080] bridge_slave_0: entered promiscuous mode [ 73.342140][ T5076] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.349791][ T5076] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.356926][ T5076] bridge_slave_1: entered allmulticast mode [ 73.364964][ T5076] bridge_slave_1: entered promiscuous mode [ 73.389836][ T5069] hsr_slave_0: entered promiscuous mode [ 73.396266][ T5069] hsr_slave_1: entered promiscuous mode [ 73.403608][ T5072] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.410785][ T5072] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.417892][ T5072] bridge_slave_1: entered allmulticast mode [ 73.425375][ T5072] bridge_slave_1: entered promiscuous mode [ 73.435448][ T5080] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.442707][ T5080] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.449862][ T5080] bridge_slave_1: entered allmulticast mode [ 73.456713][ T5080] bridge_slave_1: entered promiscuous mode [ 73.565236][ T5076] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 73.595633][ T5072] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 73.608372][ T5072] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 73.620264][ T5080] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 73.633298][ T5080] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 73.668362][ T5076] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 73.736674][ T5079] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.744056][ T5079] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.751504][ T5079] bridge_slave_0: entered allmulticast mode [ 73.758420][ T5079] bridge_slave_0: entered promiscuous mode [ 73.787212][ T5076] team0: Port device team_slave_0 added [ 73.796878][ T5072] team0: Port device team_slave_0 added [ 73.805484][ T5080] team0: Port device team_slave_0 added [ 73.815873][ T5080] team0: Port device team_slave_1 added [ 73.822075][ T5079] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.829852][ T5079] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.836987][ T5079] bridge_slave_1: entered allmulticast mode [ 73.844070][ T5079] bridge_slave_1: entered promiscuous mode [ 73.869682][ T4457] Bluetooth: hci1: command tx timeout [ 73.870079][ T5075] Bluetooth: hci0: command tx timeout [ 73.876159][ T5076] team0: Port device team_slave_1 added [ 73.902028][ T5072] team0: Port device team_slave_1 added [ 73.945576][ T5079] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 73.978007][ T5076] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 73.985018][ T5076] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.011698][ T5076] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.052934][ T5079] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.092231][ T5076] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.099247][ T5076] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.109612][ T5075] Bluetooth: hci3: command tx timeout [ 74.125855][ T52] Bluetooth: hci2: command tx timeout [ 74.131471][ T5076] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.136835][ T4457] Bluetooth: hci4: command tx timeout [ 74.160908][ T5072] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.167966][ T5072] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.194007][ T5072] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.206142][ T5080] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.216684][ T5080] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.243071][ T5080] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.271888][ T5079] team0: Port device team_slave_0 added [ 74.293422][ T5072] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.300473][ T5072] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.326726][ T5072] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.338535][ T5080] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.346051][ T5080] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.372470][ T5080] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.387472][ T5079] team0: Port device team_slave_1 added [ 74.465854][ T5079] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.472990][ T5079] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.499171][ T5079] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.534483][ T5076] hsr_slave_0: entered promiscuous mode [ 74.541300][ T5076] hsr_slave_1: entered promiscuous mode [ 74.547563][ T5076] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 74.555809][ T5076] Cannot create hsr debugfs directory [ 74.580727][ T5072] hsr_slave_0: entered promiscuous mode [ 74.587147][ T5072] hsr_slave_1: entered promiscuous mode [ 74.593696][ T5072] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 74.601427][ T5072] Cannot create hsr debugfs directory [ 74.618248][ T5079] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.625389][ T5079] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.651704][ T5079] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.776137][ T5080] hsr_slave_0: entered promiscuous mode [ 74.782686][ T5080] hsr_slave_1: entered promiscuous mode [ 74.790525][ T5080] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 74.798103][ T5080] Cannot create hsr debugfs directory [ 74.879861][ T5079] hsr_slave_0: entered promiscuous mode [ 74.886422][ T5079] hsr_slave_1: entered promiscuous mode [ 74.892816][ T5079] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 74.900613][ T5079] Cannot create hsr debugfs directory [ 74.934735][ T5069] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 74.947811][ T5069] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 74.966866][ T5069] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 75.036893][ T5069] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 75.305279][ T5072] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 75.315455][ T5072] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 75.344387][ T5072] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 75.364969][ T5072] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 75.416657][ T5076] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 75.431212][ T5076] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 75.468143][ T5076] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 75.478308][ T5076] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 75.525333][ T5069] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.559207][ T5079] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 75.581783][ T5079] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 75.592763][ T5079] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 75.604523][ T5079] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 75.658928][ T5069] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.707923][ T5080] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 75.731825][ T5117] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.739253][ T5117] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.757444][ T5080] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 75.768662][ T5080] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 75.792461][ T5120] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.799622][ T5120] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.815102][ T5080] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 75.949817][ T52] Bluetooth: hci1: command tx timeout [ 75.955327][ T4457] Bluetooth: hci0: command tx timeout [ 75.988300][ T5072] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.084238][ T5072] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.103877][ T5076] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.140363][ T5079] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.156593][ T5117] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.163791][ T5117] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.189813][ T52] Bluetooth: hci2: command tx timeout [ 76.190542][ T5075] Bluetooth: hci3: command tx timeout [ 76.195350][ T4457] Bluetooth: hci4: command tx timeout [ 76.224461][ T5117] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.231745][ T5117] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.292905][ T5079] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.312661][ T5080] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.324033][ T5076] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.348563][ T783] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.355726][ T783] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.392543][ T5120] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.399733][ T5120] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.425919][ T5069] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.441366][ T5117] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.448491][ T5117] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.460732][ T5117] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.467840][ T5117] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.485272][ T5072] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 76.518512][ T5080] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.601599][ T5118] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.608769][ T5118] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.662886][ T5118] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.670114][ T5118] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.867423][ T5069] veth0_vlan: entered promiscuous mode [ 76.912625][ T5069] veth1_vlan: entered promiscuous mode [ 77.011735][ T5072] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 77.036768][ T5069] veth0_macvtap: entered promiscuous mode [ 77.104112][ T5069] veth1_macvtap: entered promiscuous mode [ 77.185946][ T5072] veth0_vlan: entered promiscuous mode [ 77.207692][ T5076] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 77.225392][ T5069] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.237558][ T5069] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.251545][ T5069] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.260478][ T5069] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.270460][ T5069] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.279866][ T5069] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.297494][ T5072] veth1_vlan: entered promiscuous mode [ 77.340797][ T5079] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 77.398318][ T5080] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 77.441442][ T5072] veth0_macvtap: entered promiscuous mode [ 77.453121][ T5072] veth1_macvtap: entered promiscuous mode [ 77.510802][ T5076] veth0_vlan: entered promiscuous mode [ 77.568952][ T5076] veth1_vlan: entered promiscuous mode [ 77.626406][ T5072] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.646201][ T5072] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.657919][ T5072] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.668445][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.682732][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.720892][ T5118] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.730500][ T5118] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.734537][ T5072] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.754911][ T5072] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.778288][ T5072] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.793404][ T5079] veth0_vlan: entered promiscuous mode [ 77.816347][ T5072] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.828920][ T5072] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.837750][ T5072] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.846903][ T5072] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 08:41:49 executing program 1: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200002, &(0x7f0000000240)={[{@user_xattr}, {@dioread_lock}, {@dioread_lock}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@min_batch_time={'min_batch_time', 0x3d, 0x2}}, {@nombcache}, {@journal_async_commit}, {@noauto_da_alloc}, {@bh}]}, 0x0, 0x54c, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec+9Nzz0593t6Tk5CAhhaE9mPQsSrEfFtEnG47dho5Acn1s5bfXh9NtuSaDQ++yuJJN/XOj/Jfx/MM69ExG9fR5wsbCy3tryyUCqX08U8P1mvXJmsLa+culQpzafz6eXpmZkz78xMv//eu32r65vn//nh07sfnfnm+Or3v9w/cjuJs3EoP9Zejx240Z6ZiIn8ORmLs0+cONWHwgZJstsXwLaM5HE+FlkfcDhG8qgH/v++iogGMKQS8Q9DqjUOaM3t+zQPfmE8+HBtArSx/qNrr43Evubc6MBq8tjMKJvvjveh/KyMX/+8czvbon+vQwBs6cbNiDg9Orqx/0vy/m/7TvdwzpNl6P/g+bmbjX/e6jT+KayPf6LD+Odgh9jdjq3jv3C/D8V0lY3/Pug4/l1ftBofyXMvNcd8Y8nFS+U069tejogTMbY3y2+2nnNm9V6j27H28V+2ZeW3xoL5ddwf3fv4Y+ZK9dJO6tzuwc2I1zqOf5P19k86tH/2fJzvsYxj6Z3Xux3buv7PVuPniDc6tv+jFa1k8/XJyeb9MNm6Kzb6+9ax37uVv9v1z9r/wOb1H0/a12trT1/GT/v+Tbsd2+79vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr/Kz+J45v3v91uv/3R8QXPdb/1tFbXU8dhPafe6r2f/rEvY+//LFb+b21/9vN1Il8Ty/9X68XuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G5XHgAAAAAAAAAAAAAAAAAAAAbEwS6f/8/8MbLbVwc8c77yG4bXlvHfj296AgaS//8wvMQ/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/AMAAAAAAAAAAAAAAAAAAAAAAAAAAEBfnT93Ltsaqw+vz2b5uavLSwvVq6fm0tpCsbI0W5ytLl4pzler8+W0OFutbPX3ytXqlanpWLo2WU9r9cna8sqFSnXpcv3CpUppPr2Qjj2XWgEAAAAAAAAAAAAAAAAAAMCLpba8slAql9NFCYltJUYH4zIk+pzY7Z4JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB75LwAA///MUDi3") [ 77.913002][ T5076] veth0_macvtap: entered promiscuous mode [ 77.923393][ T5076] veth1_macvtap: entered promiscuous mode [ 77.934944][ T5079] veth1_vlan: entered promiscuous mode [ 78.030215][ T4457] Bluetooth: hci0: command tx timeout [ 78.030224][ T5075] Bluetooth: hci1: command tx timeout [ 78.066568][ T5151] loop1: detected capacity change from 0 to 1024 [ 78.086141][ T5076] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.089949][ T5151] EXT4-fs: Ignoring removed bh option [ 78.116707][ T5076] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.126899][ T5076] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.143444][ T5076] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.145602][ T5151] EXT4-fs (loop1): can't mount with journal_async_commit, fs mounted w/o journal [ 78.155932][ T5076] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 78.187018][ T5080] veth0_vlan: entered promiscuous mode [ 78.207551][ T5076] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.219445][ T5076] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! 08:41:50 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000540)={'bond_slave_0\x00', 0x0}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x3, &(0x7f0000000340)=@framed, &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r1}, 0x90) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', r1}, 0x48) [ 78.247100][ T5076] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.260153][ T5076] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.270533][ T5075] Bluetooth: hci4: command tx timeout [ 78.274829][ T4457] Bluetooth: hci2: command tx timeout [ 78.275938][ T5075] Bluetooth: hci3: command tx timeout [ 78.292606][ T5076] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 78.312897][ T5080] veth1_vlan: entered promiscuous mode [ 78.355001][ T5080] veth0_macvtap: entered promiscuous mode [ 78.377781][ T948] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.404423][ T948] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.424229][ T5076] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.434435][ T5076] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.443504][ T5076] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 08:41:50 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x6, 0x2}}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x10}]}}, &(0x7f0000000340)=""/129, 0x42, 0x81, 0x2}, 0x20) [ 78.454508][ T5076] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.472327][ T5080] veth1_macvtap: entered promiscuous mode 08:41:50 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) r1 = memfd_create(&(0x7f0000000340)='D\xa3\xd5Wj\x00\x00x0\xc1\xac\x1a\x1a\vG\xa9~vB\xbc\t\x00\x00\x00VoA\xaa\xbc\xee[\xe1\xa2\xe0\xff\x04\x00\x00\x00\\i\xcf\t\xb0\xa9 +H/\x1a\xe7\x95\xce\"\"\xbd\xf9!\xfd\xa4\xcaN\x84\xadS\x8bqE\x99\x01t\xb1\x1f|\x99PL\x92\x8f\xc2\xf9\xcd\x8cj\x03X\x05\x17mwI\xf0\x01\xe5z\xcdJ)\xc7\xfa)\xaa}\xef\xbb\xf5\xcd\xb1o5\x18\xd6\v\x85q\x98\x9bB\xb9\xea\xe7\xff\x7f\x00\x00T\xc0\xd2\t?\bpBl\xf4*8\xc6\xe5\x06P\xc11\f^\x7f\x8e\xc1\xd1Wra\x19)\xe3\x8f\xd9\x9f\x15\x1e\xf2\x18\r\xad\b\xe0\x96NH\x85\r+\xfc\xb3\xdd\xddhg \x03\xa7\x92\xff\x00+h\xb7@#K\x9cMY\xd3\x9b\b-G\xb1\xdaS\x81\xb2\x93\xb83\x8a\x94*\x8d\\\b\xff/\xa1\xc0\xf9&\xd3M\xf6\n\xff\x83k\xe6\rDa\x16\xbd\x1a\xb2w\b', 0x0) write(r1, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000040)={0x0, 0x1, 0x6, @remote}, 0x10) [ 78.584673][ T5079] veth0_macvtap: entered promiscuous mode [ 78.604374][ T948] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.605978][ T5080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.623471][ T948] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.634412][ T5080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.644601][ T5080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.655260][ T5080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.665207][ T5080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.684432][ T5080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.697233][ T5080] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 78.713175][ T5080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.724354][ T5080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.735260][ T5080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.748752][ T5080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.760860][ T5080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.771636][ T5080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.783134][ T5080] batman_adv: batadv0: Interface activated: batadv_slave_1 08:41:50 executing program 1: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00'}, 0x90) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/sctp\x00') open_tree(r1, &(0x7f0000000640)='\x00', 0x89901) close_range(r0, 0xffffffffffffffff, 0x0) [ 78.811012][ T5080] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.823306][ T5080] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.835904][ T5080] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.844939][ T5080] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 08:41:50 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x13, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000028000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000e50000008500000017000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 08:41:50 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000d00)=ANY=[@ANYBLOB="cd0a000000090000bf0200000000000007000000000000009500000000000a1582f09700007d16095621acf78f149a871a28360f06f5c88073e03907b4c25694726b438145f9d66a9441064d9ad3e7370e10571a663e685724287de97f95aec80cc78c9769a94f0abaaa8707dec3ce237810522c00"/129], &(0x7f0000003ff6)='GPL\x00', 0x4, 0x5, &(0x7f000000cf3d)=""/195}, 0x23) [ 78.902865][ T5079] veth1_macvtap: entered promiscuous mode 08:41:50 executing program 0: r0 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000014da0108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0) syz_usb_connect(0x0, 0xc1, &(0x7f0000000280)={{0x12, 0x1, 0x0, 0x2a, 0x62, 0x28, 0x0, 0x2001, 0x3309, 0x9e3d, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xaf, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x29, 0x5e, 0xbd, 0x0, [], [{{0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [@generic={0xa, 0x0, "cc953ee53f91c61d"}]}}, {{0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [@generic={0x52, 0x0, "2b5f0b5d679aacbc1f7504e87cf4909272756233abefb9e3a75c65ef2c5181ec660fa86af627f9413e7c9fed78fe64ef727a51bff15c9438c018d054dc4ab62b3d65bd1047f0f2dc8b2fb731990847d5"}, @generic={0x2f, 0x0, "ceead6541bc52d0dd0e1679f80b7ff7c85a9cdcd2a7917b2a54c2809d33cf0356aca4e6f65b1bb1c3ff84d55af"}]}}]}}]}}]}}, 0x0) syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x8, &(0x7f0000000340)=ANY=[]) 08:41:50 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r0, 0x7, &(0x7f0000000080)) fcntl$lock(r0, 0x26, &(0x7f00000000c0)) unshare(0x400) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00') read$eventfd(r1, &(0x7f0000000080), 0x8) [ 79.082203][ T5079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 79.121406][ T5079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.151177][ T5079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 79.168306][ T5079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! 08:41:51 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000540)={'bond_slave_0\x00', 0x0}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x3, &(0x7f0000000340)=@framed, &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r1}, 0x90) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', r1}, 0x48) [ 79.199199][ T5079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 79.227813][ T5079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.248550][ T5079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 79.266833][ T5079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.282696][ T5079] batman_adv: batadv0: Interface activated: batadv_slave_0 08:41:51 executing program 1: r0 = userfaultfd(0x80001) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) r1 = userfaultfd(0x80001) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$UFFDIO_ZEROPAGE(r2, 0xc018aa06, &(0x7f0000000100)={{&(0x7f00003ea000/0x400000)=nil, 0x400000}, 0x1}) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) madvise(&(0x7f00005b7000/0x2000)=nil, 0x2000, 0x16) [ 79.294734][ T1099] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.317345][ T1099] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.356379][ T5079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 79.382535][ T5079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.392876][ T5079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 79.404318][ T5079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.409375][ T5118] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 79.415787][ T5079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 79.433453][ T5079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.443633][ T5079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 79.456694][ T5079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.474623][ T5079] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 79.527344][ T5079] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.542238][ T5079] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.554510][ T5079] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.564077][ T5079] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.587513][ T34] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.605257][ T34] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.645084][ T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.675716][ T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.684355][ T5118] usb 1-1: Using ep0 maxpacket: 8 08:41:51 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00') lseek(r0, 0x5, 0x0) getdents(r0, &(0x7f00000002c0)=""/53, 0x35) 08:41:51 executing program 3: r0 = socket$packet(0x11, 0x3, 0x300) r1 = memfd_create(&(0x7f0000000340)='D\xa3\xd5Wj\x00\x00x0\xc1\xac\x1a\x1a\vG\xa9~vB\xbc\t\x00\x00\x00VoA\xaa\xbc\xee[\xe1\xa2\xe0\xff\x04\x00\x00\x00\\i\xcf\t\xb0\xa9 +H/\x1a\xe7\x95\xce\"\"\xbd\xf9!\xfd\xa4\xcaN\x84\xadS\x8bqE\x99\x01t\xb1\x1f|\x99PL\x92\x8f\xc2\xf9\xcd\x8cj\x03X\x05\x17mwI\xf0\x01\xe5z\xcdJ)\xc7\xfa)\xaa}\xef\xbb\xf5\xcd\xb1o5\x18\xd6\v\x85q\x98\x9bB\xb9\xea\xe7\xff\x7f\x00\x00T\xc0\xd2\t?\bpBl\xf4*8\xc6\xe5\x06P\xc11\f^\x7f\x8e\xc1\xd1Wra\x19)\xe3\x8f\xd9\x9f\x15\x1e\xf2\x18\r\xad\b\xe0\x96NH\x85\r+\xfc\xb3\xdd\xddhg \x03\xa7\x92\xff\x00+h\xb7@#K\x9cMY\xd3\x9b\b-G\xb1\xdaS\x81\xb2\x93\xb83\x8a\x94*\x8d\\\b\xff/\xa1\xc0\xf9&\xd3M\xf6\n\xff\x83k\xe6\rDa\x16\xbd\x1a\xb2w\b', 0x0) write(r1, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000040)={0x0, 0x1, 0x6, @remote}, 0x10) [ 79.815719][ T5118] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 79.852150][ T5118] usb 1-1: config 179 has no interface number 0 [ 79.865994][ T948] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.892320][ T5118] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 79.919152][ T948] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.939936][ T4836] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.947785][ T4836] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 08:41:51 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'nr0\x00', 0x6132}) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180100002100000000000000952100"/26], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='ext4_allocate_inode\x00', r2}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000240)='signal_deliver\x00', r1}, 0x10) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000000f0000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='signal_deliver\x00', r3}, 0x10) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000001d40)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff9ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca711fcd0cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b24df41dc10d1e8bf076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b318e2ec0e1a00897a74a0091ff110026e6d2ef831ab7ea0c34f17efd36ef3bb622003b538dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0cb82d2789cb132b8667c21476619f28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fbce841f8a97be6148ba532e6ea09c346dfebd31a08b32808b80200000000009dd27080e71113610e1019c12a73748b049604fa72c64ed858e8327ef01fb6c86adac12233f9a1fb9c2aec61ce63a3462fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6e97180aabc18cae2ed4b4390af9a9ceafd07ed00b0000002cab154ad029a119ca3c972780870014601c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f4b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a2a71bc85018e5ff2c910496f19afc91b47683db01a469398685211bbae0e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bde792c88c5b8dcdcc22ee17476d738992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5dc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffffd7917f23837a6b24db0e067345560942fa629fbef2461c96a08707671315c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e48455b588b90dfae158b94f50adab988dd8e12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859ac8e3c177b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2498d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d4a3e1a9e90d76c1993e0799d4894ee7f8249dc1e342892129369ee1b85afa1a5be5f6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10b854b1c8c768c001496fa99ce5b5040be9194123e918914a71ad5a8521fb956dbc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c6775e19f0b7e70803000000b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989172a1bcd1e30280bc586e79a5dd8076c248e7d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fccf363361dcdba10c1547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f5874c24411d415b6b085fb73a2d7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aa0000000000000000532ff181c985f54b7ae20aa5e63055b4d6a36fa98a44e379d2bccf977c3e88538f406b598307c9912fb097601f3f88a2ea6fd1f9320cfe7f09aed4d1e72d26e5c7a93854c8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589ac5d8ad67a65e9a44c576dc24452eaa9d819e2b04bdd1c000000070000000000000000000000005333c6199c12dcd92689192727a7267c47cf897853d160100b39b613faefe16bd91fc105dddd77ab929b95032d3717fa9fbdc2bdc0e98ae2c3f23a6131e2879f0484ee3bfe30b92dd493be66c2242f8184733b80ba28e824910844df31f3d4bb2f89049c5f6d63956995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99040b5d91398e17df85c25ccae973eecc7d187168d5c9cd848d566cc1758763f0000009c927da38d83314480b15e23138c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5a45706bda78ab602000000000000000000113a3065a478d1de98be3a66f6fbf68f2f5693050fa56db62e2f99cf916059ee364dad078fc88d17cbde37a2270f90a60afe8548f4c579b09c333382c6e7a316ac03aa23d379836b96173a5541fa96c27e7fb6d2585d828aa330f3438d8487912bb7742be1502e706644f7a937451beb7a5f6ca3ef21e8cb8f841af6d54334d82a8b816b6daccf0c66162f897623ee325d714f9f10636a7573582ff31c7f9c6f767c806ef4af486cc19a5355bdc814cb5557c6fa6404179c865980b0815b907a7f268e97828c196f5ac033d395a217b4e1e45663023a0292003c36a3b7461fc2c8566e0f3f693bfacae26aa2b7d17962989ccb943633c080aacc9b7d311c251686fc66aa80bf41a5bf6cd72d5aa995820fb318fad61a79a61d0a969fd6018ac9f131fe02fe31d565723cbf9b63841e21417fc29a3e7a03886d80566ae001861799a4aad91c72139e681ced8625b675dfbd6d458d4b2d9e6d565430248172ad942cdb41639f4113896827c8806e049218cd1eef89d6b9b14dd707da40705c07f878263ff9b71ccf28ec50178c7aac83bef7bd10459e2f2e267f82bafd5b4c7b481ea5e4bcb6cfe05e2ac3e17c1f8f12ddf5b6770ce0da8cb3aba3a935a6b737b6d3ebf2c715dcc11c5759bd0acdecf333f2b77c52fb2251336bbd92f73ad1a30bb9162bd9d699c49d824b827f3e7c1096354946e09922db25904c83262c6dcb87457e4abefa0e9dcb17d79c173895b74aae2ed4419662690a16494e7b27d0d2688c69b4be3d21b783195f6a5e5dc5c07c73f0d0f0670db10ac9ef5b8295ff88df734e3c6ab8555c0390f962cbf559bce9c42e1034dba78997b2877b485d9d4ae2fcd3e757b84319879d0337785773c940af6e57d162f4606d101def01199325c8676a32e26303560271b720216d95e0013265a45b02bd2414bebda89b7b5e71e70e0000000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x4c) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0xfe, 0x0, &(0x7f0000000100)="b9ff03006044238cb89e14f088a81bffffff00004000632977fbac141442e934a0a662079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20f42, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000140)={'nr0\x00', 0x6132}) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000140)={'nr0\x00', 0x6132}) ioctl$TUNSETQUEUE(r5, 0x400454d9, &(0x7f00000000c0)={'syz_tun\x00', 0x400}) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x1c, &(0x7f0000000140)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r7}, {}, {0x85, 0x0, 0x0, 0x8}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r8, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x4, 0x8, 0x6}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r9}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[], 0xfe3a) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xe0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000200)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x5, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xb3, &(0x7f00000000c0)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000180), &(0x7f00000001c0), 0x8, 0x4c, 0x8, 0xffffffffffffff4b, &(0x7f0000000380)}}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x0, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, '\x00', r10}, 0x48) [ 79.963614][ T5118] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 79.991989][ T5118] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 80.010590][ T5118] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 80.058829][ T5118] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 80.085093][ T5118] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 80.090192][ T5120] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 08:41:51 executing program 4: r0 = socket$kcm(0x21, 0x2, 0x2) sendmsg$inet(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=[@ip_pktinfo={{0x1c, 0x110, 0xd, {0x0, @loopback=0x7f000300, @dev}}}], 0x20}, 0x0) [ 80.102471][ T5118] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.111487][ T52] Bluetooth: hci0: command tx timeout [ 80.125530][ T52] Bluetooth: hci1: command tx timeout [ 80.135765][ T5120] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.180050][ T5166] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 08:41:52 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000d00)=ANY=[@ANYBLOB="cd0a000000090000bf0200000000000007000000000000009500000000000a1582f09700007d16095621acf78f149a871a28360f06f5c88073e03907b4c25694726b438145f9d66a9441064d9ad3e7370e10571a663e685724287de97f95aec80cc78c9769a94f0abaaa8707dec3ce237810522c00"/129], &(0x7f0000003ff6)='GPL\x00', 0x4, 0x5, &(0x7f000000cf3d)=""/195}, 0x23) [ 80.349409][ T52] Bluetooth: hci2: command tx timeout [ 80.354887][ T4457] Bluetooth: hci3: command tx timeout [ 80.354899][ T5075] Bluetooth: hci4: command tx timeout 08:41:52 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x13, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000028000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000e50000008500000017000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 80.491025][ T5166] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 80.502028][ T5166] misc raw-gadget: fail, usb_gadget_register_driver returned -16 08:41:52 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c00000013000500000000000000000007000000", @ANYRES32=r2, @ANYBLOB="00000000000000001c001a8018000580"], 0x3c}}, 0x0) 08:41:52 executing program 4: r0 = userfaultfd(0x80001) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) r1 = userfaultfd(0x80001) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$UFFDIO_ZEROPAGE(r2, 0xc018aa06, &(0x7f0000000100)={{&(0x7f00003ea000/0x400000)=nil, 0x400000}, 0x1}) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) madvise(&(0x7f00005b7000/0x2000)=nil, 0x2000, 0x16) 08:41:52 executing program 2: r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r0}, 0x3a) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2, 0x13, r0, 0x0) [ 80.672504][ T5195] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 80.740828][ T5113] usb 1-1: USB disconnect, device number 2 [ 80.749641][ C0] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 80.758578][ C0] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 80.767396][ C0] ================================================================== [ 80.775487][ C0] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x299/0x370 [ 80.783354][ C0] Read of size 4 at addr ffff88805d2b385c by task udevd/4513 [ 80.790745][ C0] [ 80.793084][ C0] CPU: 0 PID: 4513 Comm: udevd Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0 [ 80.802301][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 80.812382][ C0] Call Trace: [ 80.815676][ C0] [ 80.818557][ C0] dump_stack_lvl+0x241/0x360 [ 80.823275][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 80.828506][ C0] ? __pfx__printk+0x10/0x10 [ 80.833139][ C0] ? _printk+0xd5/0x120 [ 80.837346][ C0] ? __virt_addr_valid+0x183/0x520 [ 80.842498][ C0] ? __virt_addr_valid+0x183/0x520 [ 80.847645][ C0] print_report+0x169/0x550 [ 80.852185][ C0] ? __virt_addr_valid+0x183/0x520 [ 80.857359][ C0] ? __virt_addr_valid+0x183/0x520 [ 80.862508][ C0] ? __virt_addr_valid+0x44e/0x520 [ 80.867655][ C0] ? __phys_addr+0xba/0x170 [ 80.872194][ C0] ? do_raw_spin_lock+0x299/0x370 [ 80.877264][ C0] kasan_report+0x143/0x180 [ 80.881977][ C0] ? do_raw_spin_lock+0x299/0x370 [ 80.887060][ C0] do_raw_spin_lock+0x299/0x370 [ 80.891954][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 80.897372][ C0] ? kcov_remote_stop+0x56a/0x6e0 [ 80.902448][ C0] ? kcov_remote_stop+0x70/0x6e0 [ 80.907447][ C0] ? do_raw_spin_lock+0x14f/0x370 [ 80.912503][ C0] _raw_spin_lock_irqsave+0xe1/0x120 [ 80.917829][ C0] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 80.923762][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 80.929017][ C0] __wake_up_common_lock+0x25/0x1e0 [ 80.934243][ C0] __usb_hcd_giveback_urb+0x3ac/0x530 08:41:52 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00$\x00'/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000a000100636f64656c000000140002000800040000000095"], 0x44}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}}, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$nl_route(0x10, 0x3, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0) [ 80.939658][ C0] dummy_timer+0x8aa/0x3220 [ 80.944199][ C0] ? __pfx_register_lock_class+0x10/0x10 [ 80.949865][ C0] ? mark_lock+0x9a/0x350 [ 80.954232][ C0] ? __lock_acquire+0x1346/0x1fd0 [ 80.959308][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 80.964285][ C0] ? call_timer_fn+0xa8/0x600 [ 80.968994][ C0] call_timer_fn+0x17e/0x600 [ 80.973614][ C0] ? call_timer_fn+0xc0/0x600 [ 80.978313][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 80.983287][ C0] ? __pfx_call_timer_fn+0x10/0x10 [ 80.988426][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 80.993397][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 80.998374][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 81.003363][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 81.008605][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 81.013847][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 81.018817][ C0] __run_timer_base+0x66a/0x8e0 [ 81.023698][ C0] ? __pfx___run_timer_base+0x10/0x10 [ 81.029095][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 81.035459][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 81.040692][ C0] run_timer_softirq+0xb7/0x170 [ 81.045584][ C0] __do_softirq+0x2bc/0x943 [ 81.050111][ C0] ? __irq_exit_rcu+0xf2/0x1c0 [ 81.054912][ C0] ? __pfx___do_softirq+0x10/0x10 [ 81.059969][ C0] ? irqtime_account_irq+0xd4/0x1e0 [ 81.065198][ C0] __irq_exit_rcu+0xf2/0x1c0 [ 81.070530][ C0] ? __pfx___irq_exit_rcu+0x10/0x10 [ 81.076248][ C0] irq_exit_rcu+0x9/0x30 [ 81.080525][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 81.086193][ C0] [ 81.089140][ C0] [ 81.092097][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 81.098117][ C0] RIP: 0010:lock_acquire+0x25b/0x530 [ 81.103435][ C0] Code: 2b 00 74 08 4c 89 f7 e8 b3 5a 83 00 f6 44 24 61 02 0f 85 8e 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25 [ 81.123073][ C0] RSP: 0018:ffffc900031bf680 EFLAGS: 00000206 [ 81.129174][ C0] RAX: 0000000000000001 RBX: 1ffff92000637edc RCX: 0000000000000001 [ 81.137167][ C0] RDX: dffffc0000000000 RSI: ffffffff8baad360 RDI: ffffffff8bfdff00 [ 81.145161][ C0] RBP: ffffc900031bf7c8 R08: ffffffff92cae50f R09: 1ffffffff2595ca1 [ 81.153158][ C0] R10: dffffc0000000000 R11: fffffbfff2595ca2 R12: 1ffff92000637ed8 [ 81.161155][ C0] R13: dffffc0000000000 R14: ffffc900031bf6e0 R15: 0000000000000246 [ 81.169200][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 81.174260][ C0] ? __pfx___might_resched+0x10/0x10 [ 81.179580][ C0] ? dput+0x37/0x2b0 [ 81.183504][ C0] down_read+0xb1/0xa40 [ 81.187689][ C0] ? kernfs_iop_permission+0xb3/0x4b0 [ 81.193113][ C0] ? _raw_spin_unlock+0x28/0x50 [ 81.197992][ C0] ? step_into+0x4ba/0x1080 [ 81.202538][ C0] ? __pfx_down_read+0x10/0x10 [ 81.207330][ C0] ? step_into+0x4ba/0x1080 [ 81.211862][ C0] ? __pfx___up_read+0x10/0x10 [ 81.216660][ C0] kernfs_iop_permission+0xb3/0x4b0 [ 81.221890][ C0] inode_permission+0x23b/0x460 [ 81.226776][ C0] ? __pfx_kernfs_iop_permission+0x10/0x10 [ 81.232617][ C0] link_path_walk+0x2ef/0xea0 [ 81.237337][ C0] ? __pfx_link_path_walk+0x10/0x10 [ 81.242572][ C0] path_lookupat+0xa9/0x450 [ 81.247123][ C0] filename_lookup+0x256/0x610 [ 81.251922][ C0] ? __pfx_filename_lookup+0x10/0x10 [ 81.257294][ C0] ? strncpy_from_user+0x1a4/0x2f0 [ 81.262453][ C0] ? getname_flags+0x1fe/0x4f0 [ 81.267301][ C0] user_path_at_empty+0x42/0x60 [ 81.272184][ C0] do_readlinkat+0x118/0x3b0 [ 81.276805][ C0] ? __pfx_do_readlinkat+0x10/0x10 [ 81.282061][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 08:41:53 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00'}, 0x90) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/sctp\x00') open_tree(r1, &(0x7f0000000640)='\x00', 0x89901) close_range(r0, 0xffffffffffffffff, 0x0) [ 81.288069][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 81.294437][ C0] ? do_syscall_64+0x10a/0x240 [ 81.299312][ C0] __x64_sys_readlink+0x7f/0x90 [ 81.304240][ C0] do_syscall_64+0xfb/0x240 [ 81.308769][ C0] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 81.314698][ C0] RIP: 0033:0x7efe2d517d47 [ 81.319140][ C0] Code: 73 01 c3 48 8b 0d e1 90 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 59 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b1 90 0d 00 f7 d8 64 89 01 48 [ 81.338782][ C0] RSP: 002b:00007ffd266a1648 EFLAGS: 00000246 ORIG_RAX: 0000000000000059 [ 81.347234][ C0] RAX: ffffffffffffffda RBX: 00007ffd266a1658 RCX: 00007efe2d517d47 [ 81.355325][ C0] RDX: 0000000000000400 RSI: 00007ffd266a1658 RDI: 00007ffd266a1b38 [ 81.363321][ C0] RBP: 0000000000000400 R08: 000055558d130314 R09: 0000000000000000 [ 81.371319][ C0] R10: 0000000000000812 R11: 0000000000000246 R12: 00007ffd266a1b38 [ 81.379313][ C0] R13: 00007ffd266a1aa8 R14: 000055558d124910 R15: 0000000000000000 [ 81.387329][ C0] [ 81.390370][ C0] [ 81.392715][ C0] Allocated by task 5118: [ 81.397064][ C0] kasan_save_track+0x3f/0x80 [ 81.401776][ C0] __kasan_kmalloc+0x98/0xb0 [ 81.406395][ C0] kmalloc_trace+0x1db/0x360 [ 81.411022][ C0] xpad_probe+0x3c8/0x1b90 [ 81.415462][ C0] usb_probe_interface+0x5cb/0xb00 [ 81.420626][ C0] really_probe+0x29e/0xc50 [ 81.425174][ C0] __driver_probe_device+0x1a2/0x3e0 [ 81.430493][ C0] driver_probe_device+0x50/0x430 [ 81.435556][ C0] __device_attach_driver+0x2d6/0x530 [ 81.440960][ C0] bus_for_each_drv+0x24e/0x2e0 [ 81.445835][ C0] __device_attach+0x333/0x520 [ 81.450639][ C0] bus_probe_device+0x189/0x260 [ 81.455527][ C0] device_add+0x8ff/0xca0 [ 81.459904][ C0] usb_set_configuration+0x1976/0x1fb0 [ 81.465402][ C0] usb_generic_driver_probe+0x88/0x140 [ 81.470898][ C0] usb_probe_device+0x13e/0x2d0 [ 81.475779][ C0] really_probe+0x29e/0xc50 [ 81.480314][ C0] __driver_probe_device+0x1a2/0x3e0 [ 81.485661][ C0] driver_probe_device+0x50/0x430 [ 81.490721][ C0] __device_attach_driver+0x2d6/0x530 [ 81.496139][ C0] bus_for_each_drv+0x24e/0x2e0 [ 81.501013][ C0] __device_attach+0x333/0x520 [ 81.505803][ C0] bus_probe_device+0x189/0x260 [ 81.510676][ C0] device_add+0x8ff/0xca0 [ 81.515034][ C0] usb_new_device+0x104a/0x19a0 [ 81.519920][ C0] hub_event+0x2d13/0x50f0 [ 81.524365][ C0] process_scheduled_works+0xa00/0x1770 [ 81.529934][ C0] worker_thread+0x86d/0xd70 [ 81.534551][ C0] kthread+0x2f0/0x390 [ 81.538658][ C0] ret_from_fork+0x4b/0x80 [ 81.543102][ C0] ret_from_fork_asm+0x1a/0x30 [ 81.547898][ C0] [ 81.550230][ C0] Freed by task 5113: [ 81.554222][ C0] kasan_save_track+0x3f/0x80 [ 81.558934][ C0] kasan_save_free_info+0x40/0x50 [ 81.564075][ C0] poison_slab_object+0xa6/0xe0 [ 81.568953][ C0] __kasan_slab_free+0x37/0x60 [ 81.573752][ C0] kfree+0x14a/0x380 [ 81.577674][ C0] xpad_disconnect+0x359/0x490 [ 81.582492][ C0] usb_unbind_interface+0x1d4/0x850 [ 81.587727][ C0] device_release_driver_internal+0x503/0x7c0 [ 81.593899][ C0] bus_remove_device+0x34f/0x420 [ 81.598864][ C0] device_del+0x581/0xa30 [ 81.603216][ C0] usb_disable_device+0x3bf/0x850 [ 81.608264][ C0] usb_disconnect+0x340/0x950 [ 81.612973][ C0] hub_event+0x1e62/0x50f0 [ 81.617410][ C0] process_scheduled_works+0xa00/0x1770 [ 81.622990][ C0] worker_thread+0x86d/0xd70 [ 81.627600][ C0] kthread+0x2f0/0x390 [ 81.631695][ C0] ret_from_fork+0x4b/0x80 [ 81.636140][ C0] ret_from_fork_asm+0x1a/0x30 [ 81.640927][ C0] [ 81.643275][ C0] The buggy address belongs to the object at ffff88805d2b3800 [ 81.643275][ C0] which belongs to the cache kmalloc-1k of size 1024 [ 81.657360][ C0] The buggy address is located 92 bytes inside of [ 81.657360][ C0] freed 1024-byte region [ffff88805d2b3800, ffff88805d2b3c00) [ 81.671181][ C0] [ 81.673516][ C0] The buggy address belongs to the physical page: [ 81.679937][ C0] page:ffffea000174ac00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5d2b0 [ 81.690105][ C0] head:ffffea000174ac00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 81.699056][ C0] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 81.707050][ C0] page_type: 0xffffffff() [ 81.711442][ C0] raw: 00fff00000000840 ffff888014c41dc0 dead000000000122 0000000000000000 [ 81.720059][ C0] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 [ 81.728671][ C0] page dumped because: kasan: bad access detected [ 81.735106][ C0] page_owner tracks the page as allocated [ 81.740836][ C0] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 43, tgid 43 (kworker/u8:3), ts 80046166876, free_ts 20820572350 [ 81.761175][ C0] post_alloc_hook+0x1ea/0x210 [ 81.765962][ C0] get_page_from_freelist+0x33ea/0x3580 [ 81.771541][ C0] __alloc_pages+0x256/0x680 [ 81.776169][ C0] alloc_slab_page+0x5f/0x160 [ 81.780874][ C0] new_slab+0x84/0x2f0 [ 81.784988][ C0] ___slab_alloc+0xc73/0x1260 [ 81.789708][ C0] __kmalloc+0x2e5/0x4a0 [ 81.793996][ C0] ieee802_11_parse_elems_full+0xd5/0x2870 [ 81.799846][ C0] ieee80211_inform_bss+0x15f/0x1080 [ 81.805174][ C0] cfg80211_inform_single_bss_data+0xfe9/0x2250 [ 81.811444][ C0] cfg80211_inform_bss_data+0x3e3/0x57d0 [ 81.817096][ C0] cfg80211_inform_bss_frame_data+0x3ac/0x700 [ 81.823182][ C0] ieee80211_bss_info_update+0x8a5/0xbc0 [ 81.828835][ C0] ieee80211_ibss_rx_queued_mgmt+0x1952/0x2d50 [ 81.835026][ C0] ieee80211_iface_work+0x8a3/0xf10 [ 81.840258][ C0] cfg80211_wiphy_work+0x221/0x260 [ 81.845402][ C0] page last free pid 1 tgid 1 stack trace: [ 81.851222][ C0] free_unref_page_prepare+0x95d/0xa80 [ 81.856732][ C0] free_unref_page+0x37/0x3f0 [ 81.861446][ C0] free_contig_range+0x9e/0x160 [ 81.866327][ C0] destroy_args+0x8a/0x890 [ 81.870769][ C0] debug_vm_pgtable+0x4be/0x550 [ 81.875665][ C0] do_one_initcall+0x238/0x830 [ 81.880464][ C0] do_initcall_level+0x157/0x210 [ 81.885439][ C0] do_initcalls+0x3f/0x80 [ 81.889806][ C0] kernel_init_freeable+0x435/0x5d0 [ 81.895042][ C0] kernel_init+0x1d/0x2a0 [ 81.899414][ C0] ret_from_fork+0x4b/0x80 [ 81.903858][ C0] ret_from_fork_asm+0x1a/0x30 [ 81.908671][ C0] [ 81.911011][ C0] Memory state around the buggy address: [ 81.916651][ C0] ffff88805d2b3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 81.924743][ C0] ffff88805d2b3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 81.932828][ C0] >ffff88805d2b3800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 81.940905][ C0] ^ [ 81.947858][ C0] ffff88805d2b3880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 81.955948][ C0] ffff88805d2b3900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 81.964035][ C0] ================================================================== [ 81.972121][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 81.979335][ C0] CPU: 0 PID: 4513 Comm: udevd Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0 [ 81.988552][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 81.998626][ C0] Call Trace: [ 82.001930][ C0] [ 82.004795][ C0] dump_stack_lvl+0x241/0x360 [ 82.009504][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 82.014730][ C0] ? __pfx__printk+0x10/0x10 [ 82.019351][ C0] ? rcu_is_watching+0x15/0xb0 [ 82.024146][ C0] ? lock_release+0xbf/0x9d0 [ 82.028766][ C0] ? vscnprintf+0x5d/0x90 [ 82.033129][ C0] panic+0x349/0x860 [ 82.037062][ C0] ? check_panic_on_warn+0x21/0xb0 [ 82.042239][ C0] ? __pfx_panic+0x10/0x10 [ 82.046689][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 82.051931][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 82.057855][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 82.064215][ C0] ? print_report+0x502/0x550 [ 82.068927][ C0] check_panic_on_warn+0x86/0xb0 [ 82.073891][ C0] ? do_raw_spin_lock+0x299/0x370 [ 82.078949][ C0] end_report+0x6e/0x140 [ 82.083227][ C0] kasan_report+0x154/0x180 [ 82.087751][ C0] ? do_raw_spin_lock+0x299/0x370 [ 82.092811][ C0] do_raw_spin_lock+0x299/0x370 [ 82.097720][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 82.103124][ C0] ? kcov_remote_stop+0x56a/0x6e0 [ 82.108184][ C0] ? kcov_remote_stop+0x70/0x6e0 [ 82.113147][ C0] ? do_raw_spin_lock+0x14f/0x370 [ 82.118233][ C0] _raw_spin_lock_irqsave+0xe1/0x120 [ 82.123562][ C0] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 82.129490][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 82.134731][ C0] __wake_up_common_lock+0x25/0x1e0 [ 82.139954][ C0] __usb_hcd_giveback_urb+0x3ac/0x530 [ 82.145354][ C0] dummy_timer+0x8aa/0x3220 [ 82.149892][ C0] ? __pfx_register_lock_class+0x10/0x10 [ 82.155552][ C0] ? mark_lock+0x9a/0x350 [ 82.159914][ C0] ? __lock_acquire+0x1346/0x1fd0 [ 82.164987][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 82.169951][ C0] ? call_timer_fn+0xa8/0x600 [ 82.174661][ C0] call_timer_fn+0x17e/0x600 [ 82.179304][ C0] ? call_timer_fn+0xc0/0x600 [ 82.184017][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 82.188997][ C0] ? __pfx_call_timer_fn+0x10/0x10 [ 82.194139][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 82.199107][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 82.204075][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 82.209040][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 82.214270][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 82.219492][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 82.224450][ C0] __run_timer_base+0x66a/0x8e0 [ 82.229333][ C0] ? __pfx___run_timer_base+0x10/0x10 [ 82.234735][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 82.241092][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 82.246335][ C0] run_timer_softirq+0xb7/0x170 [ 82.251217][ C0] __do_softirq+0x2bc/0x943 [ 82.255753][ C0] ? __irq_exit_rcu+0xf2/0x1c0 [ 82.260555][ C0] ? __pfx___do_softirq+0x10/0x10 [ 82.265612][ C0] ? irqtime_account_irq+0xd4/0x1e0 [ 82.270847][ C0] __irq_exit_rcu+0xf2/0x1c0 [ 82.275464][ C0] ? __pfx___irq_exit_rcu+0x10/0x10 [ 82.280698][ C0] irq_exit_rcu+0x9/0x30 [ 82.284962][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 82.290628][ C0] [ 82.293572][ C0] [ 82.296525][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 82.302528][ C0] RIP: 0010:lock_acquire+0x25b/0x530 [ 82.307838][ C0] Code: 2b 00 74 08 4c 89 f7 e8 b3 5a 83 00 f6 44 24 61 02 0f 85 8e 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25 [ 82.327470][ C0] RSP: 0018:ffffc900031bf680 EFLAGS: 00000206 [ 82.333568][ C0] RAX: 0000000000000001 RBX: 1ffff92000637edc RCX: 0000000000000001 [ 82.341562][ C0] RDX: dffffc0000000000 RSI: ffffffff8baad360 RDI: ffffffff8bfdff00 [ 82.349556][ C0] RBP: ffffc900031bf7c8 R08: ffffffff92cae50f R09: 1ffffffff2595ca1 [ 82.357556][ C0] R10: dffffc0000000000 R11: fffffbfff2595ca2 R12: 1ffff92000637ed8 [ 82.365566][ C0] R13: dffffc0000000000 R14: ffffc900031bf6e0 R15: 0000000000000246 [ 82.373580][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 82.378635][ C0] ? __pfx___might_resched+0x10/0x10 [ 82.383960][ C0] ? dput+0x37/0x2b0 [ 82.387884][ C0] down_read+0xb1/0xa40 [ 82.392064][ C0] ? kernfs_iop_permission+0xb3/0x4b0 [ 82.397462][ C0] ? _raw_spin_unlock+0x28/0x50 [ 82.402343][ C0] ? step_into+0x4ba/0x1080 [ 82.406869][ C0] ? __pfx_down_read+0x10/0x10 [ 82.411665][ C0] ? step_into+0x4ba/0x1080 [ 82.416197][ C0] ? __pfx___up_read+0x10/0x10 [ 82.421005][ C0] kernfs_iop_permission+0xb3/0x4b0 [ 82.426240][ C0] inode_permission+0x23b/0x460 [ 82.431118][ C0] ? __pfx_kernfs_iop_permission+0x10/0x10 [ 82.436965][ C0] link_path_walk+0x2ef/0xea0 [ 82.441691][ C0] ? __pfx_link_path_walk+0x10/0x10 [ 82.446925][ C0] path_lookupat+0xa9/0x450 [ 82.451486][ C0] filename_lookup+0x256/0x610 [ 82.456288][ C0] ? __pfx_filename_lookup+0x10/0x10 [ 82.461632][ C0] ? strncpy_from_user+0x1a4/0x2f0 [ 82.466793][ C0] ? getname_flags+0x1fe/0x4f0 [ 82.471593][ C0] user_path_at_empty+0x42/0x60 [ 82.476477][ C0] do_readlinkat+0x118/0x3b0 [ 82.481108][ C0] ? __pfx_do_readlinkat+0x10/0x10 [ 82.486252][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 82.492256][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 82.498613][ C0] ? do_syscall_64+0x10a/0x240 [ 82.503410][ C0] __x64_sys_readlink+0x7f/0x90 [ 82.508300][ C0] do_syscall_64+0xfb/0x240 [ 82.512839][ C0] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 82.518763][ C0] RIP: 0033:0x7efe2d517d47 [ 82.523198][ C0] Code: 73 01 c3 48 8b 0d e1 90 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 59 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b1 90 0d 00 f7 d8 64 89 01 48 [ 82.542834][ C0] RSP: 002b:00007ffd266a1648 EFLAGS: 00000246 ORIG_RAX: 0000000000000059 [ 82.551278][ C0] RAX: ffffffffffffffda RBX: 00007ffd266a1658 RCX: 00007efe2d517d47 [ 82.559276][ C0] RDX: 0000000000000400 RSI: 00007ffd266a1658 RDI: 00007ffd266a1b38 [ 82.567261][ C0] RBP: 0000000000000400 R08: 000055558d130314 R09: 0000000000000000 [ 82.575246][ C0] R10: 0000000000000812 R11: 0000000000000246 R12: 00007ffd266a1b38 [ 82.583242][ C0] R13: 00007ffd266a1aa8 R14: 000055558d124910 R15: 0000000000000000 [ 82.591239][ C0] [ 82.594575][ C0] Kernel Offset: disabled [ 82.598897][ C0] Rebooting in 86400 seconds..