last executing test programs: 5.864844439s ago: executing program 3 (id=159): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="adcd1a9a3fc36e961ed00fe41b0cd695", 0x20) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) read$alg(r1, &(0x7f00000012c0)=""/4109, 0x100d) sendmsg$alg(r1, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000001200)=[{&(0x7f0000000e00)="7911bf87e318844b7b7ece8fe95693844ba2b4c29049c749521cf970374e19e3e0eb47e456c6b48e9e6cbd7bf0c99099ca842917790c07a3922b2732c0b26c06681e5f6eeb013cae354f9e4cbdb1e2740ed027e6cea3bf48243cf3a4dfea964f056d9750a3845e1afa1cd4746ed1de3dcd86984fcb49e380144defb2648b5d28438225bdb08ba43fde421a07274d5d77389ddda7dbfec5ce2019fb2b85555c3adbf6812125af1e846cf1c0e4b88a751c58dfad1d210fbec40a1b21115f69230ca80b3ed558b27f6c46fe25c01fe4c18c0ba7d1e6861f6eb75b6f4903971921f799a56c12097998d9cfdce430335046f02dd1fef77b36c617b8b676", 0xfb}, {&(0x7f0000002300)="efc738a16cc28c4946440ccbad4a5f1d56d06c415fd74d3f7ae7fede9df25861ac370f6d867d6672f8e7024df494ac35bd04b35f68b11663b146746ef3f58b12cfd7cd648c12a75f123d9cf5f9c10bcb48f942b34db9fbddcea5e0c3999da708bc472cd687c8f27748d1839e219628ad9687678201b445a59e0da96ecd38c0ce8bca1acbc78f9a3335e5db0eb0cd454006b4e3a5988e038b05322dad026df32c378b20fd75460e1205020d105c5115d2893e413b8b80e36946d011863b5a21472f1bd0d48b0c58211aff50a91e31112d632b56886d75ee84f49ffe015e33237150d3a3c4d871d348fa8e16f94c9e9d1e08d37c8b58f05f1a7c7133aae433f4564b8120d926c8ed8945d774620ec50deb1b3de7e66655d52f397f1811a024d870a4be151a15908b871992af52db41a28cb43633e1f9727e5373e318da8155d3e00b5b5eb28da52e8d364ec5de7614d8fd52401a6367e32464752d7379aaee4b08445ab9ca96663e47584d7470acf0312c545ffcee66d1903bc965caf4d66faf0c8e82ce4bd9c769d3440aca255e97c95a9810f33244d3963ec5610d0dcf62394ba8241351909acab1c154d1796ab44f683a08b307cc1905573642f6b2ef46e764d7f6d692de0fdefe6363a586f50d385e14b5b4209fd4efd93668ef020eaa8e3a70e6511438f81a2e6236b90628ac919ba9eeb04a9fd736a2681489427fa2fbd7f9fe559db1070fe3876e3217626fa811af2b2e3efb3587b19460f885c277e81a94277bbd3f19d4427538a4d93185e6647c4b8ffba034fe43e288dbb2eaf46299255aa246eb720a58224fc8490ed19cc40edd59552ec36b4645edc4e72e4c0ec8c48be18626f32c6aa982f821c40a0ba2d9b19c18a2e3a6b82e562c11620551de6364cc836ccd438823cbb2be8883a46d1141e136fdef2b1b19b879bd1be9a9993265758044ec33a87c625607ceda2e8245ebd7610b8c779957a1186a1611bd0caf66de3bcfbe904e28bae0174818f47eec3e79d74624b57d0b0dd173bfb5dbc4292e817bb03a0725bf11769fcf53ea95ef538be9a33c841f618fe4bc731cd8c826caec2691aee93ca57624e693947484163b3ae01d947155b499f56d7283b7d82c8000ba4a5457a1b1e40a17b7d4a54b45ebb0e8322e9dc9e2743a030c54f637381f10676d747cf8d1f982285187126b6da1e6fb374a8d87c956f9ad7c0328e8452fb6801e1c4db11dba4fd3ac3c382a05ab7148dcfb2266eac19399469c7aaf60eecbb1a92d6abf4bdda90752059106149645c6f5ea20b66c3ca634145c64b0c86ff46edc2b7d6269df97efd2f3e6fcda4cc9dc636951a9d6f0dc01f51ae273dcfeb66ec749d3cfe7cb11c45a473e126cab55450c5ffa59b3f3afb686f8258200bb8a529faff7f988d632300b890f73d51c60c64f4679cd86cc1f4602089f93ba03a51c846eed467432084f71c38413d0d9d1b83f9605207e9b28142d7bf94c7aedcd19f0fc93d4b95a1fea7babe2cb8de1a1a08f3a2d8d0aa1e718c1460e15329700e9e14c5cffff9c7a62b09df0a025e96ab03fa316e50d5b3b01ca4c5e0c6ac23f9703462e14f5fb6d5c1c2514d714746db1b5a5cee1111640114a9556cc518168b161b13e989e8f9ac51e2c01f7fbefea6ce6a8714c47279093fbb59fb760b7dd3138004343063485b506b120728d22c422324871c34f2dc7c53ce0bbab87bcd3efcf8fd4fa2bce12a10b00bdbb24791758516d02012613dd74caac26a176392ec11250e81d2566b2373a2b6536c3e2f28742cbca11b201934d19b42241d94a9da5b282eff530ddd3ed20318be47e9264b0a8fb0745e78c9c1f612ed03479ae14a176cfe52edb5eb2712c21fae58bf4c4143da57a9ee28acede9f56700bfa0f5c51da975fec9f8141b76cacdbfe69be80a325666cbd8fe458ed7f8965166b120ffb5e28dfbb5b3141cf963fd07548a4a35d2c749ce3adea69e0e0d4fd4158142fb7050d477fc51b2ef7e6f0e09cb8016a9bdfff7a200cd992a71a156339160b5757e163a14246c94fe11a0e210c5946b3147bc6870c9900e102b82e9a66a243a2e23e7ff98f7d9f017301740ac157f804afebf2f5bebbbf68583d86b01daaf02bc086bc2c4ddecf1a30795cb23a37bcff24ac3307545acc9bc7949edb2ea5b851ceb3bf2d34f049f1664100b0fc8ea326000e032bc5e50cdec80803a468e334002cfa7ccbef11f951f7679f403ce0cff42101702999218a15396952a3faa0154764c4359f037414bad967afca45285bd5ab985364e6b8bec744c00b3f95010eda041112ace0f09833c9b1049c36f03cca4e9264485d5784466e4b908b4b6216bd935abf49553dcdd4e48bc39f8b22f9b4bef1339b5121ad34ef3df4051333b8ea4ce83cff7abc863c43440ab6892281bc96fbf848ae9e82cb1a2d791b8bcf98ddb65baada7c08075dfe27cd06aedb0ff458880d600ba5bdb14c0858415c43c0aa6660298a944d568487853e7dac0c955d1268f70874756f6316e6181313f215ed3724ef760d89df82a178b51169506ada831725827c62b80f2e47fdac38b86192f68fe2fe5794f7adeac9c5bfc9e1fa8d5199fd7df202ee6e1ba38d40b7750f900771ea8e4f00d4c25065cf8867dc929c892f8e4652040862d48e8af1a48fc500882e874995c48cace7754bf0be2765be83001958946c8cb794f8813816e505de401d789223bc0af5739045751640272afb39d45d2be00cac743bfbce9a9a7f4b8f55511f3ad26264a09c19f26ed1b45b0fb254f98e5e1473bbccaa21219b327d1bbedab4a4dfdf516259feef632f72f5092bf78d886772e73ed2250f5ec20ac6fa66cf8c2626d3b5973ce9f4f95ead5c8a65db49966de0fd9e9ce97894b764ec3f75093a4f3ec4507e2507256c59a52969fdabfc100e6ae23acf121bb3acf34d190211b4001b632b10a252be0430bd107ee884a0ba16fc50eb717ae36aba0dbb130dc64b5cc21d1fe87856c8787474333c3a793fe81c9b9b56ee41fd2e1f2d6150495dc3379bf66fa4d53f868047b6c50f8c5a4c2ea2a355b5eb1ab3d3f32791b9ffcb08698dbe841f3338be19e5d927dfb14711b4aed2435fc53340162c878bee30d9d7d2409be614240540f7f5702be3e2ba38d8f999a624acdcaef37dabb86d225f35e92691de25bf68e0115e6680107f07380b28254e9df2e54a5179ed064fc9744dcb553b56720171b0325876c9b82d0120add35ac3f38b41fc28b149f944c66555051ca92341a953739a1674fae837bdb8d8d10adf7ef74092f505375c8414d82805176b680908d5c0f6c2a14bd526631c5abeccaf3469e3ae01c4db2371a77219ee109a83d62aef26efff181f240a163bc0cb253405018b69ba8d62ac582cb186c8c89e3c140bffaa4d99fab17975ccd925efab24b6a181773fe1daac55f18ab1e0264f8d1f7aabe395ce80792bb77cbd0b58fcd928ad74f0342876e098c93f9611887022a92e4d9b1da9c911bb7d762bdcdba36f749e16aad0bcf6f8596b2b50fc65a6811b709d9ad6593c2eb9867af3a276de26d6a6f87ec5173ca79e88122bf5151e98dee268fc8a79a4e83f2427a02ed702b0926ecf0b4bb1a3051f0a4d3cf31038fb600c7eb0cedc0d59ac99bff3b31a9065efecca740fcd948fb9c2eb6197b8226c397de7a4c268fa41877ca1618f77ffa93b2e17348301899bb1a5b389422d7364eb1e5ddd0daf2065894cf10886ce0d3920c0a283de54ec57942d456579851ca3590c26f8c360b7cbaa0328c29532aad80b2627b25641e613b38a2accf5881bbbc7086085a8fcf25895da9244c7dd773bff995e159ea3899487f202d97f2977e4527f75ec64a85cb21b120828b2ac24c711ea2b7cba4b0a195a1840aec7d34a4745b42596f186820584b4b75af29fba5b6d3623718efeebf52e848fe48160fbfd5a0f6511649e3e1c58e599c6d9c7597e5e12227e281204921819fbf9e0c9bd16d598aec601bbdc87e8d94225368cb65da83cbb722d79957a7c0bcea91a45f9b52558ccdcd2754da40fc0fbf78abd06c05f1fc7381eb06e4a0afcca6db7cace72aaacdf498cf9ca42c9b3c6615d9df167ef2d1b868e56a9652beea2f72530f24fe373333d9a524ed48e52e51d3784649a9b9a9f1cfdfabd3cdf832b2dda019bb4e1e1e71e75f88cbc3a16a6848ac2385024abb76249841f630008f3805462604d65eebf4e14b6c2ad9f9e2dc2a5a55d7ce5dde8307ac655b4dfcc99d0f050e838d310957915b4fc838f26f2659d72f801e8c62c6477cc33d7f60e659881422ddad61819b93f0f7817acab429b3c7d3923abce00993ada7fd7e5987cab4f4aea02acabad3f27f223c0108f44d8d5833932b4eb427f83f7b336f214293f8adc0ed2cd45d792cc69a84e01f6fe7020f96cd05c1dd792f30f1dec2c21ec", 0xc46}], 0x2, 0x0, 0x0, 0x8801}, 0x4000001) 5.557837593s ago: executing program 3 (id=161): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='westwood\x00', 0x9) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) 4.740239669s ago: executing program 3 (id=167): epoll_create(0x4) epoll_create1(0x80000) socket$inet_udplite(0x2, 0x2, 0x88) r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000413f5f201d0650c16fce0102030109021b00010000100009043300011870fd00090582020002"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xa8, &(0x7f00000002c0)=ANY=[@ANYBLOB="a200004ef3b11f948ef66b0ee0b3d41b1b", @ANYRES64=r0]) 4.249424829s ago: executing program 0 (id=171): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x40) mount$cgroup(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000340), 0x80, &(0x7f0000002580)={[{@subsystem='cpu'}]}) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file0\x00', 0x1c0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000100)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, 0x0, 0x0) 4.044680155s ago: executing program 0 (id=172): sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000024c0)=[{{&(0x7f0000000240)={0xa, 0x4e21, 0x2, @private0}, 0x1c, 0x0}}], 0x1, 0x40088d4) r0 = open(&(0x7f0000000380)='./bus\x00', 0x40, 0x0) r1 = creat(&(0x7f0000000200)='./bus\x00', 0x84) r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) write$FUSE_NOTIFY_STORE(r1, &(0x7f0000000240)=ANY=[@ANYBLOB='+\x00\x00\x00'], 0x2b) sendfile(r2, r0, 0x0, 0x4000000053d2) 3.656907796s ago: executing program 0 (id=176): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='westwood\x00', 0x9) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) 3.293220325s ago: executing program 2 (id=178): bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0500000004000000080000000c"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r1}, 0x10) 3.078707903s ago: executing program 2 (id=180): unshare(0x6a040000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfec8d000) r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) r2 = pidfd_getfd(r1, r1, 0x0) setns(r2, 0x66020000) 2.74306805s ago: executing program 3 (id=182): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x80800) sendmmsg$alg(r1, &(0x7f0000000740)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0) 2.474467241s ago: executing program 0 (id=184): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='bic\x00', 0x4) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25) 2.474072171s ago: executing program 1 (id=185): syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000780)={[{@noload}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@auto_da_alloc}, {@debug}, {@quota}]}, 0x3, 0x434, &(0x7f00000002c0)="$eJzs289rHFUcAPDv7CataVMTS/3RtGq0isEfSZPW2oMXRcGDgqCHeoxJWmK3jTQRbAkaRepRCt7Fo+Bf4Ekvop4Er3qXQpFcWj2tzO5MsrvZTbPpJlvdzwcmeW/mLe99d+btvjdvJ4CeNZr+SSIGI+L3iBiqZusLjFb/3Vpdnvl7dXkmiXL5rb+SSrmbq8szedH8dfvzTF9E4bMkjjSpd/HylfPTpdLcpSw/sXTh/YnFy1eem78wfW7u3NzFqdOnT56YfOHU1PMdiTON6+bIRwtHD7/2zrU3Zs5ce/fnb5M8/oY4OmR0s4NPlssdrq67DtSkk74uNoS2FKvdNPor/X8oirF+8obi1U+72jhgR5XL5fIDrQ+vlIH/sSS63QKgO/Iv+nT+m2+7NPS4K9x4qToBSuO+lW3VI31RyMr0N8xvO2k0Is6s/PNVusXO3IcAAKjzfTr+ebbZ+K8QtfeF7s3WUIYj4r6IOBgRpyLiUETcH1Ep+2BEPNRm/Y2LJBvHP4Xr2wpsi9Lx34vZ2lb9+C8f/cVwMcsdqMTfn5ydL80dz96Tsejfm+YnN6njh1d++6LVsdrxX7ql9edjwawd1/v21r9mdnpp+k5irnXjk4iRvmbxJ2srAUlEHI6IkW3WMf/0N0dbHbt9/JvowDpT+euIp6rnfyUa4s8lm69PTtwTpbnjE/lVsdEvv159s1X9dxR/B6Tnf1/T638t/uGkdr12sf06rv7xecs5zXav/z3J23X7PpxeWro0GbEneb3a6Nr9Uw3lptbLp/GPHWve/w/G+jtxJCLSi/jhiHgkIh7N2v5YRDweEcc2if+nl594r27H2GAb8e+sNP7Zts7/emJPNO5pniie//G7ukqHo4340/N/spIay/Zs5fNvK+3a3tUMAAAA/z2FiBiMpDC+li4Uxserv+E/FPsKpYXFpWfOLnxwcbb6jMBw9BfyO11DNfdDJ7NpfZ6fasifyO4bf1kcqOTHZxZKs90OHnrc/hb9P/VnsdutA3ac57Wgd+n/0Lv0f+hd+j/0rib9f6Ab7QB2X7Pv/4+70A5g9zX0f8t+0EPM/6F36f/Qu/R/6EmLA3H7h+QlJDYkonBXNENihxLd/mQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADojH8DAAD//ygv5wk=") setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x3, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000003c0], 0x0, 0x0, &(0x7f00000003c0)=ANY=[]}, 0x78) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000002480)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000000040)}, 0x0) sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000880)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x8000) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev}, 0x1c) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='nfs4\x00', 0x0, &(0x7f00000001c0)='\x01') 2.007653008s ago: executing program 3 (id=186): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="1201"], 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @local=@item_4={0x3, 0x2, 0x0, "53743ff6"}, @local=@item_012={0x2, 0x2, 0x2, "9000"}, @global=@item_4={0x3, 0x1, 0x0, "0000071f"}, @main=@item_4={0x3, 0x0, 0x8}, @global=@item_4={0x3, 0x1, 0x5, "a90da1f6"}, @local=@item_4={0x3, 0x2, 0x0, "00000400"}]}}, 0x0}, 0x0) r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0xa0000) ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f0000000100)=""/101) 1.788931086s ago: executing program 1 (id=187): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x11, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc}}, &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000440)='contention_end\x00', r0}, 0x18) r1 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000005c0)={r2, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}}) ioctl$LOOP_CHANGE_FD(r1, 0x4c09, 0xffffffffffffffff) 1.646225158s ago: executing program 2 (id=188): pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, &(0x7f0000000080), 0xfffffe13) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58) r3 = accept4(r2, 0x0, 0x0, 0x80800) splice(r0, 0x0, r3, 0x0, 0x1e8640, 0x0) 1.475141841s ago: executing program 1 (id=189): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f00000000c0)={[{@abort}, {@jqfmt_vfsv0}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=") r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x28) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, 0x0, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0xc0185879, &(0x7f0000000680)={0x4, 0x4000000966a, 0x8001, 0x4, 0xd92, 0x0, 0x2401}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FITRIM(r1, 0xc0185879, &(0x7f0000000080)={0xffa1, 0x2007bb}) 1.044921306s ago: executing program 1 (id=190): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r2, @ANYBLOB="08002600940900000800b70099"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)={0x68, r3, 0x1, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_CSA_C_OFFSETS_TX={0x8, 0xcd, [0x0, 0x5]}, @NL80211_ATTR_FRAME={0x42, 0x33, @assoc_req={{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1}, {0x10}, @device_b, @device_a, @initial, {0xc, 0x9}, @value=@ver_80211n={0x0, 0x62, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x1}}, 0x0, 0x2, {}, @void, @val={0x2d, 0x1a, {0x80, 0x2, 0x2, 0x0, {0xf, 0x9, 0x0, 0x9, 0x0, 0x1, 0x1, 0x0, 0x1}, 0x8, 0x3, 0x5}}}}]}, 0x68}, 0x1, 0x0, 0x0, 0x10d0}, 0x0) 723.596292ms ago: executing program 0 (id=191): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10) munmap(&(0x7f0000001000/0x4000)=nil, 0x4000) sendto$inet(r0, &(0x7f0000000200)="e1", 0xfea8, 0x0, 0x0, 0x0) 715.608092ms ago: executing program 1 (id=192): syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x240002, 0x0, 0x0, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x4092, 0x0, 0x0, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x158) mount$overlay(0x0, &(0x7f0000000400)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]}) mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000040)={[{@lowerdir={'lowerdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './file0/file0'}}]}) 592.791632ms ago: executing program 2 (id=193): r0 = socket$inet_sctp(0x2, 0x5, 0x84) close(r0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000240)=0x8) sendmsg$inet_sctp(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000001c0)='F', 0x1}, {0x0}], 0x2, &(0x7f0000000180)=[@sndinfo={0x20, 0x84, 0x2, {0xa, 0x4, 0x28, 0x200000b, r2}}], 0x20, 0x2400e044}, 0x0) 364.82207ms ago: executing program 0 (id=194): socket$inet_udp(0x2, 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff) r0 = syz_io_uring_setup(0x49b, &(0x7f0000000000)={0x0, 0xf62c, 0x1, 0x3, 0x37d}, &(0x7f0000001e40)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0) 333.304063ms ago: executing program 1 (id=195): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000680)=[@text64={0x40, 0x0}], 0x1, 0x40, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, 0x0}], 0x1, 0x6a, &(0x7f0000000080)=[@cr4={0x1, 0x2009b2}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) 268.903158ms ago: executing program 2 (id=196): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000380)={0x1, 0x0, 0x0, &(0x7f00000009c0)=""/241, 0x0, 0x80a0000}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000780)={0x0, 0x1, 0x0, &(0x7f0000000700)=""/88, 0x0, 0xeeee0000}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001c40)) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x20000) 137.741018ms ago: executing program 2 (id=197): openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) 0s ago: executing program 3 (id=198): setuid(0xee00) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x8001) r2 = getpgid(0x0) fcntl$setownex(r1, 0xf, &(0x7f0000000140)={0x2, r2}) sendmmsg$unix(r0, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="11", 0x1}], 0x1, 0x0, 0x0, 0x4000}}], 0x1, 0x40015) kernel console output (not intermixed with test programs): no interfaces have a carrier [ 57.020222][ T5453] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.030432][ T5453] eql: remember to turn off Van-Jacobson compression on your slave devices Starting crond: OK Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.108' (ED25519) to the list of known hosts. syzkaller login: [ 82.287512][ T5776] cgroup: Unknown subsys name 'net' [ 82.427149][ T5776] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 84.181752][ T5776] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 86.453090][ T5789] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 86.467755][ T5789] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 86.486983][ T5789] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 86.495510][ T5789] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 86.507394][ T5789] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 86.514941][ T5789] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 86.559081][ T5796] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 86.567939][ T5796] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 86.576471][ T5796] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 86.585451][ T5796] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 86.595860][ T5796] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 86.604777][ T5796] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 86.613326][ T5797] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 86.649229][ T5797] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 86.657932][ T5797] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 86.666136][ T5797] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 86.674160][ T5797] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 86.682827][ T5797] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 86.699792][ T5797] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 86.719880][ T5797] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 86.727812][ T5797] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 86.736608][ T5797] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 86.751011][ T5797] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 86.761670][ T5797] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 87.162181][ T5786] chnl_net:caif_netlink_parms(): no params data found [ 87.254651][ T5791] chnl_net:caif_netlink_parms(): no params data found [ 87.313574][ T5792] chnl_net:caif_netlink_parms(): no params data found [ 87.445259][ T5786] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.452721][ T5786] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.464409][ T5786] bridge_slave_0: entered allmulticast mode [ 87.473179][ T5786] bridge_slave_0: entered promiscuous mode [ 87.558133][ T5786] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.565426][ T5786] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.578458][ T5786] bridge_slave_1: entered allmulticast mode [ 87.586098][ T5786] bridge_slave_1: entered promiscuous mode [ 87.649922][ T5790] chnl_net:caif_netlink_parms(): no params data found [ 87.664201][ T5786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.743847][ T5786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.786421][ T5791] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.794040][ T5791] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.801431][ T5791] bridge_slave_0: entered allmulticast mode [ 87.810058][ T5791] bridge_slave_0: entered promiscuous mode [ 87.824937][ T5791] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.832295][ T5791] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.839928][ T5791] bridge_slave_1: entered allmulticast mode [ 87.847419][ T5791] bridge_slave_1: entered promiscuous mode [ 87.875472][ T5792] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.885062][ T5792] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.894906][ T5792] bridge_slave_0: entered allmulticast mode [ 87.905269][ T5792] bridge_slave_0: entered promiscuous mode [ 87.965718][ T5792] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.973278][ T5792] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.981002][ T5792] bridge_slave_1: entered allmulticast mode [ 87.988672][ T5792] bridge_slave_1: entered promiscuous mode [ 88.016860][ T5786] team0: Port device team_slave_0 added [ 88.057530][ T5786] team0: Port device team_slave_1 added [ 88.082881][ T5791] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.096121][ T5792] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.110088][ T5792] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.146366][ T5791] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.182901][ T5790] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.190272][ T5790] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.198016][ T5790] bridge_slave_0: entered allmulticast mode [ 88.205127][ T5790] bridge_slave_0: entered promiscuous mode [ 88.244368][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.251590][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.277762][ T5786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.291111][ T5790] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.298489][ T5790] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.305711][ T5790] bridge_slave_1: entered allmulticast mode [ 88.313673][ T5790] bridge_slave_1: entered promiscuous mode [ 88.335362][ T5792] team0: Port device team_slave_0 added [ 88.344378][ T5792] team0: Port device team_slave_1 added [ 88.351304][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.358473][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.384660][ T5786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.412353][ T5791] team0: Port device team_slave_0 added [ 88.453294][ T5791] team0: Port device team_slave_1 added [ 88.472771][ T5792] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.479942][ T5792] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.507091][ T5792] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.524408][ T5790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.537419][ T5790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.547711][ T5797] Bluetooth: hci0: command tx timeout [ 88.562212][ T5792] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.569552][ T5792] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.595566][ T5792] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.650666][ T5791] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.657786][ T5791] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.685110][ T5791] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.707596][ T5797] Bluetooth: hci1: command tx timeout [ 88.707617][ T5789] Bluetooth: hci3: command tx timeout [ 88.761910][ T5791] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.769204][ T5791] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.795879][ T5791] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.823192][ T5792] hsr_slave_0: entered promiscuous mode [ 88.830259][ T5792] hsr_slave_1: entered promiscuous mode [ 88.842045][ T5786] hsr_slave_0: entered promiscuous mode [ 88.849174][ T5786] hsr_slave_1: entered promiscuous mode [ 88.860634][ T5786] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 88.868899][ T5797] Bluetooth: hci2: command tx timeout [ 88.875347][ T5786] Cannot create hsr debugfs directory [ 88.900972][ T5790] team0: Port device team_slave_0 added [ 88.910300][ T5790] team0: Port device team_slave_1 added [ 89.018239][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.025257][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.051907][ T5790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.068462][ T5791] hsr_slave_0: entered promiscuous mode [ 89.075152][ T5791] hsr_slave_1: entered promiscuous mode [ 89.081597][ T5791] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.089553][ T5791] Cannot create hsr debugfs directory [ 89.121031][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.129179][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.155422][ T5790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.267321][ T5790] hsr_slave_0: entered promiscuous mode [ 89.274302][ T5790] hsr_slave_1: entered promiscuous mode [ 89.281532][ T5790] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.289217][ T5790] Cannot create hsr debugfs directory [ 89.628445][ T5792] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 89.647144][ T5792] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 89.659288][ T5792] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 89.669468][ T5792] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 89.734577][ T5786] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 89.760025][ T5786] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 89.771724][ T5786] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 89.783030][ T5786] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 89.875266][ T5791] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 89.891750][ T5791] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 89.904442][ T5791] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 89.921221][ T5791] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 90.019761][ T5790] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 90.041571][ T5790] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 90.053376][ T5790] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 90.063604][ T5790] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 90.087854][ T5792] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.162853][ T5792] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.206775][ T1102] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.214232][ T1102] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.234628][ T58] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.241955][ T58] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.280607][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.330671][ T5786] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.352840][ T3000] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.360067][ T3000] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.376261][ T1143] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.383480][ T1143] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.465785][ T5790] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.513718][ T5791] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.541501][ T5790] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.567668][ T1143] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.574881][ T1143] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.617665][ T5791] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.635135][ T2982] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.637185][ T5797] Bluetooth: hci0: command tx timeout [ 90.642395][ T2982] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.672183][ T2982] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.679414][ T2982] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.714564][ T2982] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.721882][ T2982] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.786784][ T5797] Bluetooth: hci3: command tx timeout [ 90.797435][ T5797] Bluetooth: hci1: command tx timeout [ 90.946994][ T5797] Bluetooth: hci2: command tx timeout [ 90.991473][ T5792] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.143056][ T5792] veth0_vlan: entered promiscuous mode [ 91.202706][ T5792] veth1_vlan: entered promiscuous mode [ 91.244550][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.335123][ T5792] veth0_macvtap: entered promiscuous mode [ 91.353813][ T5792] veth1_macvtap: entered promiscuous mode [ 91.371578][ T5790] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.410025][ T5792] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.432215][ T5786] veth0_vlan: entered promiscuous mode [ 91.455766][ T5792] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.468587][ T5792] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.478495][ T5792] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.488135][ T5792] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.498158][ T5792] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.516390][ T5786] veth1_vlan: entered promiscuous mode [ 91.542499][ T5791] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.648649][ T5790] veth0_vlan: entered promiscuous mode [ 91.719209][ T5791] veth0_vlan: entered promiscuous mode [ 91.746387][ T5790] veth1_vlan: entered promiscuous mode [ 91.753458][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.770636][ T5786] veth0_macvtap: entered promiscuous mode [ 91.778905][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.807650][ T5791] veth1_vlan: entered promiscuous mode [ 91.826283][ T5786] veth1_macvtap: entered promiscuous mode [ 91.879740][ T2982] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.893659][ T2982] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.926070][ T5790] veth0_macvtap: entered promiscuous mode [ 91.943962][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.955256][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.973131][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.986611][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.003745][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.022396][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.044369][ T5791] veth0_macvtap: entered promiscuous mode [ 92.057699][ T5791] veth1_macvtap: entered promiscuous mode [ 92.071693][ T5786] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.086035][ T5786] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.112263][ T5786] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.140864][ T5786] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.160025][ T5790] veth1_macvtap: entered promiscuous mode [ 92.183970][ T5877] syz.2.3 uses obsolete (PF_INET,SOCK_PACKET) [ 92.260750][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.271709][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.282445][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.293668][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.321321][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.345008][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.358371][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.369792][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.381858][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.403982][ T23] cfg80211: failed to load regulatory.db [ 92.411811][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.425084][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.438937][ T5791] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.470363][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.483287][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.494075][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.504675][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.519747][ T5791] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.534137][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.547631][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.558267][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.569833][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.580499][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.591467][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.604296][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.617796][ T5791] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.626554][ T5791] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.646306][ T5791] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.656034][ T5791] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.693143][ T5790] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.706374][ T5790] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.716138][ T5790] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.717612][ T5797] Bluetooth: hci0: command tx timeout [ 92.733658][ T5790] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.867421][ T5797] Bluetooth: hci1: command tx timeout [ 92.867693][ T5789] Bluetooth: hci3: command tx timeout [ 92.876905][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.903711][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.018061][ T1143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.026096][ T1143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.043502][ T5789] Bluetooth: hci2: command tx timeout [ 93.126612][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.135399][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.215411][ T1129] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.244702][ T1129] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.381725][ T1129] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.382566][ T1102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.400880][ T1102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.411689][ T1129] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.687384][ T5891] "syz.0.1" (5891) uses obsolete ecb(arc4) skcipher [ 93.715380][ T5891] trusted_key: syz.0.1 sent an empty control message without MSG_MORE. [ 93.872131][ T5896] syz.0.9[5896]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 93.914061][ T5896] loop0: detected capacity change from 0 to 256 [ 93.934076][ T5896] ======================================================= [ 93.934076][ T5896] WARNING: The mand mount option has been deprecated and [ 93.934076][ T5896] and is ignored by this kernel. Remove the mand [ 93.934076][ T5896] option from the mount to silence this warning. [ 93.934076][ T5896] ======================================================= [ 93.979734][ T5896] exfat: Bad value for 'uid' [ 94.020573][ T5896] devpts: called with bogus options [ 94.069340][ T5884] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 94.289326][ T5884] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 94.302989][ T5884] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 94.323164][ T5884] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 94.334722][ T5884] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.348467][ T5884] usb 3-1: config 0 descriptor?? [ 94.506962][ T5857] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 94.605258][ T5884] usbhid 3-1:0.0: can't add hid device: -71 [ 94.621989][ T5884] usbhid: probe of 3-1:0.0 failed with error -71 [ 94.659907][ T5884] usb 3-1: USB disconnect, device number 2 [ 94.717421][ T5857] usb 1-1: Using ep0 maxpacket: 32 [ 94.726627][ T5857] usb 1-1: unable to get BOS descriptor or descriptor too short [ 94.740068][ T5857] usb 1-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 94.754397][ T5857] usb 1-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 94.763860][ T5857] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 94.772196][ T5857] usb 1-1: Product: syz [ 94.776379][ T5857] usb 1-1: Manufacturer: syz [ 94.781304][ T5857] usb 1-1: SerialNumber: syz [ 94.797022][ T5789] Bluetooth: hci0: command tx timeout [ 94.947673][ T5789] Bluetooth: hci3: command tx timeout [ 94.947749][ T5797] Bluetooth: hci1: command tx timeout [ 95.011987][ T5857] usb 1-1: Limiting number of CPorts to U8_MAX [ 95.022668][ T5857] usb 1-1: Not enough endpoints found in device, aborting! [ 95.107613][ T5797] Bluetooth: hci2: command tx timeout [ 95.297820][ T23] usb 1-1: USB disconnect, device number 2 [ 95.345318][ T5920] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 95.793880][ T5931] loop3: detected capacity change from 0 to 2048 [ 95.861299][ T5931] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 96.633140][ T5934] loop1: detected capacity change from 0 to 40427 [ 96.669269][ T5934] F2FS-fs (loop1): heap/no_heap options were deprecated [ 96.690627][ T5934] F2FS-fs (loop1): build fault injection attr: rate: 19, type: 0x7ffff [ 96.704262][ T5934] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x77e8c [ 96.717824][ T5815] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 96.749691][ T5934] F2FS-fs (loop1): invalid crc value [ 96.766195][ T5934] F2FS-fs (loop1): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x1d6/0x920 [ 96.804189][ T5934] F2FS-fs (loop1): Found nat_bits in checkpoint [ 96.911737][ T5949] loop2: detected capacity change from 0 to 8192 [ 96.922707][ T5934] F2FS-fs (loop1): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_bio+0x134/0x650 [ 96.926901][ T5815] usb 1-1: config 0 interface 0 has no altsetting 0 [ 96.963896][ T5815] usb 1-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 96.966038][ T5934] F2FS-fs (loop1): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_bio+0x134/0x650 [ 96.974994][ T5815] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.003730][ T5815] usb 1-1: config 0 descriptor?? [ 97.018633][ T5955] netlink: 12 bytes leftover after parsing attributes in process `syz.3.32'. [ 97.058384][ T5955] netlink: 'syz.3.32': attribute type 15 has an invalid length. [ 97.070024][ T5934] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 97.115550][ T5955] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 256 - 0 [ 97.124712][ T5955] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 256 - 0 [ 97.133797][ T5955] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 256 - 0 [ 97.142550][ T5955] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 256 - 0 [ 97.237630][ T5955] vxlan0: entered promiscuous mode [ 97.253928][ T5934] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of f2fs_new_node_page+0x13a/0x910 [ 97.347708][ T5934] F2FS-fs (loop1): inject no more block in inc_valid_node_count of f2fs_new_node_page+0x187/0x910 [ 97.541719][ T5934] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of f2fs_new_node_page+0x13a/0x910 [ 97.616552][ T5786] syz-executor: attempt to access beyond end of device [ 97.616552][ T5786] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 97.642596][ T5786] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 97.651612][ T5786] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 97.959506][ T5966] loop2: detected capacity change from 0 to 512 [ 98.080241][ T5815] radio-keene 1-1:0.0: V4L2 device registered as radio48 [ 98.128034][ T5966] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 98.187410][ T5966] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 98.356997][ T28] usb 1-1: USB disconnect, device number 3 [ 98.396472][ T5966] syz.2.36 (5966) used greatest stack depth: 20976 bytes left [ 98.543817][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 98.647565][ T5980] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 98.686436][ T5978] loop3: detected capacity change from 0 to 4096 [ 98.780222][ T5983] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 99.043976][ T5790] NILFS error (device loop3): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=4096, inode=0, rec_len=0, name_len=0 [ 99.090488][ T5790] Remounting filesystem read-only [ 99.096210][ T5790] NILFS error (device loop3): nilfs_readdir: bad page in #2 [ 99.161002][ T5790] NILFS error (device loop3): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=8192, inode=0, rec_len=0, name_len=0 [ 99.214920][ T5790] NILFS error (device loop3): nilfs_readdir: bad page in #2 [ 99.227659][ T5994] loop2: detected capacity change from 0 to 1024 [ 99.804871][ T5987] use of bytesused == 0 is deprecated and will be removed in the future, [ 99.815744][ T5987] use the actual size instead. [ 99.849433][ T5884] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 100.059286][ T5884] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 100.076623][ T5884] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 100.093826][ T5884] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 100.107536][ T5884] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 100.117249][ T5884] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 100.133118][ T5884] usb 1-1: config 0 descriptor?? [ 100.582305][ T5884] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 100.664460][ T5884] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 100.807283][ T6020] loop2: detected capacity change from 0 to 32768 [ 100.820775][ T6020] XFS: noikeep mount option is deprecated. [ 100.893436][ T6020] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 101.117545][ T6020] XFS (loop2): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 101.165158][ T6020] XFS (loop2): Starting recovery (logdev: internal) [ 101.203771][ T6024] loop1: detected capacity change from 0 to 32768 [ 101.267873][ T6020] XFS (loop2): Ending recovery (logdev: internal) [ 101.384419][ T6024] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 101.776584][ T5792] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 101.792653][ T6024] syz.1.59 (6024) used greatest stack depth: 18992 bytes left [ 102.024688][ T6050] binder: 6048:6050 ioctl c0306201 200000000480 returned -14 [ 102.025786][ T5786] ocfs2: Unmounting device (7,1) on (node local) [ 102.044746][ C0] plantronics 0003:047F:FFFF.0001: usb_submit_urb(ctrl) failed: -1 [ 102.699599][ T6065] loop0: detected capacity change from 0 to 764 [ 102.709299][ T6067] netlink: 'syz.1.69': attribute type 64 has an invalid length. [ 102.739554][ T6067] netlink: 32 bytes leftover after parsing attributes in process `syz.1.69'. [ 102.810948][ T6070] netlink: 'syz.1.69': attribute type 64 has an invalid length. [ 102.834817][ T6070] netlink: 32 bytes leftover after parsing attributes in process `syz.1.69'. [ 102.895092][ T5884] usb 1-1: USB disconnect, device number 4 [ 103.654826][ T6093] warning: `syz.3.80' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 104.062667][ T6088] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 104.293846][ T6103] loop1: detected capacity change from 0 to 64 [ 104.429185][ T6086] loop2: detected capacity change from 0 to 40427 [ 104.459569][ T6086] F2FS-fs (loop2): invalid crc value [ 104.470116][ T6086] F2FS-fs (loop2): invalid crc value [ 104.487089][ T6086] F2FS-fs (loop2): Failed to get valid F2FS checkpoint [ 105.447073][ T23] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 105.476785][ T5884] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 105.566934][ T9] usb 3-1: new full-speed USB device number 3 using dummy_hcd [ 105.626813][ T23] usb 4-1: Using ep0 maxpacket: 32 [ 105.634290][ T23] usb 4-1: config 0 has an invalid interface number: 132 but max is 0 [ 105.643429][ T23] usb 4-1: config 0 has no interface number 0 [ 105.650851][ T23] usb 4-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 105.669214][ T5884] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 105.687565][ T23] usb 4-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5 [ 105.688526][ T5884] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 105.705665][ T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 105.715182][ T23] usb 4-1: Product: syz [ 105.724046][ T23] usb 4-1: Manufacturer: syz [ 105.729031][ T5884] usb 1-1: config 0 descriptor?? [ 105.734216][ T23] usb 4-1: SerialNumber: syz [ 105.741298][ T5884] cp210x 1-1:0.0: cp210x converter detected [ 105.750539][ T23] usb 4-1: config 0 descriptor?? [ 105.775214][ T23] em28xx 4-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132) [ 105.789213][ T23] em28xx 4-1:0.132: Video interface 132 found: [ 105.806965][ T9] usb 3-1: unable to get BOS descriptor set [ 105.813967][ T9] usb 3-1: not running at top speed; connect to a high speed hub [ 105.824563][ T9] usb 3-1: config 1 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 105.850428][ T9] usb 3-1: config 1 interface 0 has no altsetting 0 [ 105.869492][ T9] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 105.884128][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 105.894394][ T9] usb 3-1: Product: syz [ 105.907060][ T9] usb 3-1: Manufacturer: syz [ 105.912010][ T9] usb 3-1: SerialNumber: syz [ 105.951204][ T6118] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 105.972774][ T6118] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 106.028214][ T6130] loop1: detected capacity change from 0 to 40427 [ 106.038285][ T6130] F2FS-fs (loop1): heap/no_heap options were deprecated [ 106.053467][ T6130] F2FS-fs (loop1): invalid crc value [ 106.064917][ T6130] F2FS-fs (loop1): Found nat_bits in checkpoint [ 106.142142][ T6130] F2FS-fs (loop1): Start checkpoint disabled! [ 106.192027][ T23] em28xx 4-1:0.132: unknown em28xx chip ID (0) [ 106.194486][ T5884] cp210x 1-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 106.214487][ T6130] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 106.228487][ T9] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 3 if 0 alt 7 proto 1 vid 0x0525 pid 0xA4A8 [ 106.243881][ T5884] usb 1-1: cp210x converter now attached to ttyUSB0 [ 106.256190][ T9] usb 3-1: USB disconnect, device number 3 [ 106.278754][ T9] usblp0: removed [ 106.458201][ T5884] usb 1-1: USB disconnect, device number 5 [ 106.479155][ T5884] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 106.511493][ T5884] cp210x 1-1:0.0: device disconnected [ 106.573637][ T2982] kworker/u4:9: attempt to access beyond end of device [ 106.573637][ T2982] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 106.591501][ T2982] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 106.599333][ T2982] kworker/u4:9: attempt to access beyond end of device [ 106.599333][ T2982] loop1: rw=2049, sector=40976, nr_sectors = 8 limit=40427 [ 106.615702][ T2982] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 106.939813][ T6134] loop1: detected capacity change from 0 to 1024 [ 107.237355][ T6140] dccp_v6_rcv: dropped packet with invalid checksum [ 107.336820][ T5884] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 107.364220][ T23] em28xx 4-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5) [ 107.385537][ T23] em28xx 4-1:0.132: board has no eeprom [ 107.427745][ T6144] loop1: detected capacity change from 0 to 2048 [ 107.456987][ T23] em28xx 4-1:0.132: Identified as Leadtek Winfast USB II (card=7) [ 107.474169][ T6144] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 107.476846][ T23] em28xx 4-1:0.132: analog set to bulk mode. [ 107.490617][ T28] em28xx 4-1:0.132: Registering V4L2 extension [ 107.519918][ T23] usb 4-1: USB disconnect, device number 2 [ 107.531041][ T5884] usb 3-1: Using ep0 maxpacket: 16 [ 107.540371][ T23] em28xx 4-1:0.132: Disconnecting em28xx [ 107.563544][ T5884] usb 3-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4 [ 107.595470][ T5884] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 107.637929][ T5884] usb 3-1: config 0 descriptor?? [ 107.649875][ T5884] gspca_main: sonixj-2.14.0 probing 0471:0327 [ 107.830245][ T28] em28xx 4-1:0.132: Config register raw data: 0xffffffed [ 107.845071][ T28] em28xx 4-1:0.132: AC97 chip type couldn't be determined [ 107.852835][ T28] em28xx 4-1:0.132: No AC97 audio processor [ 107.877909][ T28] usb 4-1: Decoder not found [ 107.883217][ T28] em28xx 4-1:0.132: failed to create media graph [ 107.890257][ T28] em28xx 4-1:0.132: V4L2 device video103 deregistered [ 107.905252][ T28] em28xx 4-1:0.132: Remote control support is not available for this card. [ 107.922999][ T23] em28xx 4-1:0.132: Closing input extension [ 107.960637][ T23] em28xx 4-1:0.132: Freeing device [ 108.454745][ T6149] loop1: detected capacity change from 0 to 32768 [ 108.464138][ T6149] XFS: noikeep mount option is deprecated. [ 108.517946][ T6149] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 108.720113][ T6149] XFS (loop1): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 108.799880][ T6149] XFS (loop1): Starting recovery (logdev: internal) [ 108.859294][ T6149] XFS (loop1): Ending recovery (logdev: internal) [ 108.894546][ T5884] gspca_sonixj: reg_w1 err -71 [ 108.936829][ T5884] sonixj: probe of 3-1:0.0 failed with error -71 [ 108.964707][ T5884] usb 3-1: USB disconnect, device number 4 [ 109.016965][ T28] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 109.113856][ T5786] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 109.247974][ T28] usb 1-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 109.258177][ T28] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 109.266437][ T28] usb 1-1: Product: syz [ 109.271818][ T28] usb 1-1: Manufacturer: syz [ 109.276965][ T28] usb 1-1: SerialNumber: syz [ 109.287095][ T28] usb 1-1: config 0 descriptor?? [ 110.316438][ T28] usb 1-1: non-Atmel transceiver xxxx0008 [ 110.517412][ T28] usb 1-1: Firmware version (0.0) predates our first public release. [ 110.541459][ T28] usb 1-1: Please update to version 0.2 or newer [ 110.562592][ T28] usb 1-1: atusb_probe: initialization failed, error = -19 [ 110.597545][ T28] usb 1-1: USB disconnect, device number 6 [ 111.010912][ T6211] af_packet: tpacket_rcv: packet too big, clamped from 4252 to 3952. macoff=96 [ 111.144021][ T6205] loop3: detected capacity change from 0 to 32768 [ 111.215140][ T27] audit: type=1326 audit(1754630513.794:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6214 comm="syz.1.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f502a58ebe9 code=0x7ffc0000 [ 111.256559][ T27] audit: type=1326 audit(1754630513.794:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6214 comm="syz.1.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f502a58ebe9 code=0x7ffc0000 [ 111.337991][ T27] audit: type=1326 audit(1754630513.804:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6214 comm="syz.1.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7f502a58ebe9 code=0x7ffc0000 [ 111.366740][ T9] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 111.370158][ T6221] loop1: detected capacity change from 0 to 128 [ 111.447188][ T27] audit: type=1326 audit(1754630513.804:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6214 comm="syz.1.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f502a58ebe9 code=0x7ffc0000 [ 111.499651][ T27] audit: type=1326 audit(1754630513.804:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6214 comm="syz.1.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f502a58ebe9 code=0x7ffc0000 [ 111.533767][ T27] audit: type=1326 audit(1754630513.804:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6214 comm="syz.1.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f502a58ebe9 code=0x7ffc0000 [ 111.566413][ T27] audit: type=1326 audit(1754630513.804:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6214 comm="syz.1.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f502a58ebe9 code=0x7ffc0000 [ 111.579003][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 111.634813][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 111.640073][ T27] audit: type=1326 audit(1754630513.804:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6214 comm="syz.1.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f502a58ebe9 code=0x7ffc0000 [ 111.684929][ T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 111.726356][ T9] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 111.736820][ T27] audit: type=1326 audit(1754630513.804:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6214 comm="syz.1.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f502a58ebe9 code=0x7ffc0000 [ 111.741165][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 111.776475][ T27] audit: type=1326 audit(1754630513.804:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6214 comm="syz.1.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f502a58ebe9 code=0x7ffc0000 [ 111.810404][ T9] usb 3-1: config 0 descriptor?? [ 112.157017][ T5884] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 112.249641][ T9] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 112.293215][ T9] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 112.346775][ T5884] usb 1-1: Using ep0 maxpacket: 32 [ 112.357615][ T5884] usb 1-1: too many configurations: 29, using maximum allowed: 8 [ 112.377170][ T5884] usb 1-1: config 0 has no interfaces? [ 112.384311][ T5884] usb 1-1: config 0 has no interfaces? [ 112.393021][ T5884] usb 1-1: config 0 has no interfaces? [ 112.403071][ T5884] usb 1-1: config 0 has no interfaces? [ 112.418218][ T5884] usb 1-1: config 0 has no interfaces? [ 112.437577][ T5884] usb 1-1: config 0 has no interfaces? [ 112.458283][ T5884] usb 1-1: config 0 has no interfaces? [ 112.468613][ T5884] usb 1-1: config 0 has no interfaces? [ 112.494717][ T5884] usb 1-1: New USB device found, idVendor=0ac8, idProduct=c301, bcdDevice=82.d5 [ 112.515522][ T5884] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 112.530508][ T5884] usb 1-1: Product: syz [ 112.535852][ T5884] usb 1-1: Manufacturer: syz [ 112.540790][ T5884] usb 1-1: SerialNumber: syz [ 112.558638][ T5884] usb 1-1: config 0 descriptor?? [ 112.600016][ T28] usb 3-1: USB disconnect, device number 5 [ 112.796937][ T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 112.993487][ T28] usb 1-1: USB disconnect, device number 7 [ 112.998271][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 113.022482][ T9] usb 4-1: New USB device found, idVendor=145f, idProduct=0212, bcdDevice= 0.00 [ 113.046919][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 113.062913][ T9] usb 4-1: config 0 descriptor?? [ 113.331102][ T6233] Bluetooth: MGMT ver 1.22 [ 113.336138][ T6233] Bluetooth: hci0: service_discovery: too big uuid_count value 5215 [ 113.365668][ T9] usbhid 4-1:0.0: can't add hid device: -71 [ 113.383396][ T9] usbhid: probe of 4-1:0.0 failed with error -71 [ 113.395748][ T9] usb 4-1: USB disconnect, device number 3 [ 114.568702][ T6256] loop1: detected capacity change from 0 to 32768 [ 114.664798][ T6256] loop1: p1 p3 < > [ 114.976538][ T5788] udevd[5788]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 114.987492][ T6124] udevd[6124]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 115.027692][ T9] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 115.228726][ T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 115.243595][ T9] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 115.262655][ T9] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 115.276090][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 115.289794][ T9] usb 1-1: SerialNumber: syz [ 115.465763][ T6285] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 115.480519][ T6285] netlink: 8 bytes leftover after parsing attributes in process `syz.2.152'. [ 115.508148][ T28] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 115.523943][ T9] usb 1-1: 0:2 : does not exist [ 115.609662][ T9] usb 1-1: USB disconnect, device number 8 [ 115.680817][ T5788] udevd[5788]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 115.707354][ T28] usb 2-1: Using ep0 maxpacket: 32 [ 115.723094][ T28] usb 2-1: config 0 has an invalid interface number: 184 but max is 0 [ 115.734376][ T28] usb 2-1: config 0 has no interface number 0 [ 115.744805][ T28] usb 2-1: config 0 interface 184 has no altsetting 0 [ 115.768255][ T28] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 115.780732][ T28] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 115.792111][ T28] usb 2-1: Product: syz [ 115.796348][ T28] usb 2-1: Manufacturer: syz [ 115.803146][ T28] usb 2-1: SerialNumber: syz [ 115.810416][ T28] usb 2-1: config 0 descriptor?? [ 115.818515][ T28] smsc75xx v1.0.0 [ 115.906867][ T5884] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 116.086971][ T5884] usb 3-1: Using ep0 maxpacket: 32 [ 116.118283][ T5884] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 116.132156][ T5884] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 116.146604][ T5884] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 116.155541][ T5884] usb 3-1: Product: syz [ 116.166379][ T5884] usb 3-1: Manufacturer: syz [ 116.172288][ T5884] usb 3-1: SerialNumber: syz [ 116.187951][ T5884] usb 3-1: config 0 descriptor?? [ 116.193824][ T6288] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 116.444932][ T5884] usb 3-1: USB disconnect, device number 6 [ 117.043920][ T28] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000044: -71 [ 117.070748][ T28] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_DATA [ 117.087452][ T28] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 117.099143][ T28] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 117.117095][ T28] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset [ 117.136733][ T28] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 117.147638][ T28] smsc75xx: probe of 2-1:0.184 failed with error -71 [ 117.170243][ T28] usb 2-1: USB disconnect, device number 2 [ 117.323423][ T6315] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 117.534408][ T6319] loop2: detected capacity change from 0 to 2048 [ 117.612935][ T6319] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 118.196970][ T9] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 118.387488][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 118.398635][ T9] usb 4-1: config 0 has an invalid interface number: 51 but max is 0 [ 118.431835][ T9] usb 4-1: config 0 has no interface number 0 [ 118.446028][ T9] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 118.460385][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 118.468691][ T9] usb 4-1: Product: syz [ 118.473020][ T9] usb 4-1: Manufacturer: syz [ 118.478942][ T9] usb 4-1: SerialNumber: syz [ 118.497811][ T9] usb 4-1: config 0 descriptor?? [ 118.508876][ T9] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 118.721509][ T9] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 118.753439][ T9] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 118.958046][ C0] quatech-serial ttyUSB0: qt2_process_read_urb - unsupported command 6 [ 119.167972][ C0] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 119.169778][ T23] usb 4-1: USB disconnect, device number 4 [ 119.215995][ T23] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 119.250224][ T23] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 119.309817][ T23] quatech2 4-1:0.51: device disconnected [ 120.200513][ T6372] loop1: detected capacity change from 0 to 512 [ 120.237103][ T6372] EXT4-fs: Ignoring removed mblk_io_submit option [ 120.276944][ T6372] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 120.313974][ T6372] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 120.353122][ T6372] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec118, mo2=0002] [ 120.367389][ T6372] System zones: 1-12 [ 120.423166][ T6372] EXT4-fs (loop1): 1 truncate cleaned up [ 120.462702][ T6372] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 120.715672][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.877279][ T5857] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 121.082892][ T5857] usb 4-1: Using ep0 maxpacket: 16 [ 121.092948][ T5857] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 121.119465][ T5857] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 121.140667][ T5857] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 121.153872][ T5857] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 121.174008][ T5857] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 121.194867][ T6392] loop1: detected capacity change from 0 to 512 [ 121.215327][ T6392] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 121.225389][ T5857] usb 4-1: config 0 descriptor?? [ 121.255697][ T6392] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.189: casefold flag without casefold feature [ 121.270597][ T6392] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.189: couldn't read orphan inode 15 (err -117) [ 121.288878][ T6392] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 121.440357][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.657401][ T6384] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 121.679271][ T6384] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 121.695091][ T6395] Unknown status report in ack skb [ 121.720186][ T5857] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0003/input/input5 [ 121.776956][ T5857] microsoft 0003:045E:07DA.0003: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 121.969058][ T28] usb 4-1: USB disconnect, device number 5 [ 122.025650][ T6397] fido_id[6397]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory [ 122.052633][ T6402] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 122.610466][ T6418] [ 122.612875][ T6418] ===================================================== [ 122.619946][ T6418] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 122.627430][ T6418] 6.6.101-syzkaller #0 Not tainted [ 122.632636][ T6418] ----------------------------------------------------- [ 122.639576][ T6418] syz.3.198/6418 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 122.647140][ T6418] ffffffff8ca0a058 (tasklist_lock){.+.+}-{2:2}, at: send_sigurg+0xf0/0x3c0 [ 122.655916][ T6418] [ 122.655916][ T6418] and this task is already holding: [ 122.663295][ T6418] ffff88802ee22898 (&f->f_owner.lock){...-}-{2:2}, at: send_sigurg+0x29/0x3c0 [ 122.672239][ T6418] which would create a new lock dependency: [ 122.678137][ T6418] (&f->f_owner.lock){...-}-{2:2} -> (tasklist_lock){.+.+}-{2:2} [ 122.686019][ T6418] [ 122.686019][ T6418] but this new dependency connects a HARDIRQ-irq-safe lock: [ 122.695485][ T6418] (&dev->event_lock#2){-.-.}-{2:2} [ 122.695525][ T6418] [ 122.695525][ T6418] ... which became HARDIRQ-irq-safe at: [ 122.708478][ T6418] lock_acquire+0x197/0x410 [ 122.713099][ T6418] _raw_spin_lock_irqsave+0xa8/0xf0 [ 122.718495][ T6418] input_event+0x7a/0xc0 [ 122.722841][ T6418] psmouse_report_standard_packet+0x53/0x200 [ 122.728943][ T6418] psmouse_process_byte+0x478/0x670 [ 122.734265][ T6418] psmouse_handle_byte+0x43/0x490 [ 122.739409][ T6418] ps2_interrupt+0x164/0x980 [ 122.744113][ T6418] serio_interrupt+0x8b/0x130 [ 122.748887][ T6418] i8042_interrupt+0x394/0x730 [ 122.753832][ T6418] __handle_irq_event_percpu+0x276/0x930 [ 122.759714][ T6418] handle_irq_event+0x8b/0x1e0 [ 122.764596][ T6418] handle_edge_irq+0x247/0xb30 [ 122.769462][ T6418] __common_interrupt+0x13b/0x230 [ 122.774685][ T6418] common_interrupt+0x5d/0xd0 [ 122.779575][ T6418] asm_common_interrupt+0x26/0x40 [ 122.784715][ T6418] __read_once_word_nocheck+0xc/0x10 [ 122.790111][ T6418] unwind_next_frame+0x15f9/0x2970 [ 122.795345][ T6418] arch_stack_walk+0x144/0x190 [ 122.800209][ T6418] stack_trace_save+0x9c/0xe0 [ 122.804986][ T6418] kasan_set_track+0x4e/0x70 [ 122.809701][ T6418] kasan_save_free_info+0x2e/0x50 [ 122.814830][ T6418] ____kasan_slab_free+0x126/0x1e0 [ 122.820046][ T6418] slab_free_freelist_hook+0x130/0x1b0 [ 122.825613][ T6418] __kmem_cache_free+0xba/0x1f0 [ 122.830612][ T6418] security_task_free+0x9b/0xc0 [ 122.835572][ T6418] __put_task_struct+0xfc/0x460 [ 122.840574][ T6418] delayed_put_task_struct+0x10f/0x2b0 [ 122.846144][ T6418] rcu_core+0xcc4/0x1720 [ 122.850661][ T6418] handle_softirqs+0x280/0x820 [ 122.855531][ T6418] __irq_exit_rcu+0xc7/0x190 [ 122.860224][ T6418] irq_exit_rcu+0x9/0x20 [ 122.864660][ T6418] common_interrupt+0xb9/0xd0 [ 122.869494][ T6418] asm_common_interrupt+0x26/0x40 [ 122.874650][ T6418] strcmp+0x28/0xb0 [ 122.878600][ T6418] kset_find_obj+0x79/0x100 [ 122.883216][ T6418] driver_find+0x128/0x190 [ 122.887769][ T6418] driver_register+0x229/0x310 [ 122.892638][ T6418] usb_register_driver+0x206/0x3d0 [ 122.897858][ T6418] do_one_initcall+0x1fd/0x750 [ 122.902815][ T6418] do_initcall_level+0x137/0x1f0 [ 122.907862][ T6418] do_initcalls+0x69/0xd0 [ 122.912308][ T6418] kernel_init_freeable+0x3d2/0x570 [ 122.917623][ T6418] kernel_init+0x1d/0x1c0 [ 122.922053][ T6418] ret_from_fork+0x48/0x80 [ 122.926576][ T6418] ret_from_fork_asm+0x11/0x20 [ 122.931447][ T6418] [ 122.931447][ T6418] to a HARDIRQ-irq-unsafe lock: [ 122.938512][ T6418] (tasklist_lock){.+.+}-{2:2} [ 122.938541][ T6418] [ 122.938541][ T6418] ... which became HARDIRQ-irq-unsafe at: [ 122.951292][ T6418] ... [ 122.951301][ T6418] lock_acquire+0x197/0x410 [ 122.958624][ T6418] _raw_read_lock+0x36/0x50 [ 122.963273][ T6418] do_wait+0x294/0xaf0 [ 122.967452][ T6418] kernel_wait+0xac/0x170 [ 122.971887][ T6418] call_usermodehelper_exec_work+0xb9/0x220 [ 122.977910][ T6418] process_scheduled_works+0xa45/0x15b0 [ 122.983575][ T6418] worker_thread+0xa55/0xfc0 [ 122.988274][ T6418] kthread+0x2fa/0x390 [ 122.992443][ T6418] ret_from_fork+0x48/0x80 [ 122.996964][ T6418] ret_from_fork_asm+0x11/0x20 [ 123.001851][ T6418] [ 123.001851][ T6418] other info that might help us debug this: [ 123.001851][ T6418] [ 123.012103][ T6418] Chain exists of: [ 123.012103][ T6418] &dev->event_lock#2 --> &f->f_owner.lock --> tasklist_lock [ 123.012103][ T6418] [ 123.025342][ T6418] Possible interrupt unsafe locking scenario: [ 123.025342][ T6418] [ 123.033704][ T6418] CPU0 CPU1 [ 123.039095][ T6418] ---- ---- [ 123.044477][ T6418] lock(tasklist_lock); [ 123.048763][ T6418] local_irq_disable(); [ 123.055526][ T6418] lock(&dev->event_lock#2); [ 123.062750][ T6418] lock(&f->f_owner.lock); [ 123.069797][ T6418] [ 123.073262][ T6418] lock(&dev->event_lock#2); [ 123.078137][ T6418] [ 123.078137][ T6418] *** DEADLOCK *** [ 123.078137][ T6418] [ 123.086287][ T6418] 2 locks held by syz.3.198/6418: [ 123.091328][ T6418] #0: ffff888078e20e78 (&u->lock){+.+.}-{2:2}, at: queue_oob+0x1cb/0x4e0 [ 123.099892][ T6418] #1: ffff88802ee22898 (&f->f_owner.lock){...-}-{2:2}, at: send_sigurg+0x29/0x3c0 [ 123.109242][ T6418] [ 123.109242][ T6418] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 123.119673][ T6418] -> (&dev->event_lock#2){-.-.}-{2:2} { [ 123.125526][ T6418] IN-HARDIRQ-W at: [ 123.129781][ T6418] lock_acquire+0x197/0x410 [ 123.136478][ T6418] _raw_spin_lock_irqsave+0xa8/0xf0 [ 123.143870][ T6418] input_event+0x7a/0xc0 [ 123.150322][ T6418] psmouse_report_standard_packet+0x53/0x200 [ 123.158507][ T6418] psmouse_process_byte+0x478/0x670 [ 123.165903][ T6418] psmouse_handle_byte+0x43/0x490 [ 123.173211][ T6418] ps2_interrupt+0x164/0x980 [ 123.179999][ T6418] serio_interrupt+0x8b/0x130 [ 123.186863][ T6418] i8042_interrupt+0x394/0x730 [ 123.193812][ T6418] __handle_irq_event_percpu+0x276/0x930 [ 123.201650][ T6418] handle_irq_event+0x8b/0x1e0 [ 123.208621][ T6418] handle_edge_irq+0x247/0xb30 [ 123.215573][ T6418] __common_interrupt+0x13b/0x230 [ 123.222787][ T6418] common_interrupt+0x5d/0xd0 [ 123.229659][ T6418] asm_common_interrupt+0x26/0x40 [ 123.236885][ T6418] __read_once_word_nocheck+0xc/0x10 [ 123.247415][ T6418] unwind_next_frame+0x15f9/0x2970 [ 123.254738][ T6418] arch_stack_walk+0x144/0x190 [ 123.261723][ T6418] stack_trace_save+0x9c/0xe0 [ 123.268602][ T6418] kasan_set_track+0x4e/0x70 [ 123.275387][ T6418] kasan_save_free_info+0x2e/0x50 [ 123.282623][ T6418] ____kasan_slab_free+0x126/0x1e0 [ 123.289927][ T6418] slab_free_freelist_hook+0x130/0x1b0 [ 123.297665][ T6418] __kmem_cache_free+0xba/0x1f0 [ 123.304709][ T6418] security_task_free+0x9b/0xc0 [ 123.311840][ T6418] __put_task_struct+0xfc/0x460 [ 123.318879][ T6418] delayed_put_task_struct+0x10f/0x2b0 [ 123.326556][ T6418] rcu_core+0xcc4/0x1720 [ 123.333072][ T6418] handle_softirqs+0x280/0x820 [ 123.340021][ T6418] __irq_exit_rcu+0xc7/0x190 [ 123.346797][ T6418] irq_exit_rcu+0x9/0x20 [ 123.353318][ T6418] common_interrupt+0xb9/0xd0 [ 123.360184][ T6418] asm_common_interrupt+0x26/0x40 [ 123.367405][ T6418] strcmp+0x28/0xb0 [ 123.373405][ T6418] kset_find_obj+0x79/0x100 [ 123.380096][ T6418] driver_find+0x128/0x190 [ 123.386712][ T6418] driver_register+0x229/0x310 [ 123.393667][ T6418] usb_register_driver+0x206/0x3d0 [ 123.400975][ T6418] do_one_initcall+0x1fd/0x750 [ 123.407951][ T6418] do_initcall_level+0x137/0x1f0 [ 123.415086][ T6418] do_initcalls+0x69/0xd0 [ 123.421616][ T6418] kernel_init_freeable+0x3d2/0x570 [ 123.429030][ T6418] kernel_init+0x1d/0x1c0 [ 123.435555][ T6418] ret_from_fork+0x48/0x80 [ 123.442164][ T6418] ret_from_fork_asm+0x11/0x20 [ 123.449124][ T6418] IN-SOFTIRQ-W at: [ 123.453381][ T6418] lock_acquire+0x197/0x410 [ 123.460073][ T6418] _raw_spin_lock_irqsave+0xa8/0xf0 [ 123.467470][ T6418] input_event+0x7a/0xc0 [ 123.473909][ T6418] psmouse_report_standard_packet+0x53/0x200 [ 123.482087][ T6418] psmouse_process_byte+0x478/0x670 [ 123.489566][ T6418] psmouse_handle_byte+0x43/0x490 [ 123.496793][ T6418] ps2_interrupt+0x164/0x980 [ 123.503756][ T6418] serio_interrupt+0x8b/0x130 [ 123.510688][ T6418] i8042_interrupt+0x394/0x730 [ 123.517752][ T6418] __handle_irq_event_percpu+0x276/0x930 [ 123.525602][ T6418] handle_irq_event+0x8b/0x1e0 [ 123.532561][ T6418] handle_edge_irq+0x247/0xb30 [ 123.539510][ T6418] __common_interrupt+0x13b/0x230 [ 123.546809][ T6418] common_interrupt+0x5d/0xd0 [ 123.554132][ T6418] asm_common_interrupt+0x26/0x40 [ 123.561374][ T6418] __read_once_word_nocheck+0xc/0x10 [ 123.568859][ T6418] unwind_next_frame+0x15f9/0x2970 [ 123.576176][ T6418] arch_stack_walk+0x144/0x190 [ 123.583127][ T6418] stack_trace_save+0x9c/0xe0 [ 123.589995][ T6418] kasan_set_track+0x4e/0x70 [ 123.596771][ T6418] kasan_save_free_info+0x2e/0x50 [ 123.603981][ T6418] ____kasan_slab_free+0x126/0x1e0 [ 123.611305][ T6418] slab_free_freelist_hook+0x130/0x1b0 [ 123.618949][ T6418] __kmem_cache_free+0xba/0x1f0 [ 123.626000][ T6418] security_task_free+0x9b/0xc0 [ 123.633314][ T6418] __put_task_struct+0xfc/0x460 [ 123.640354][ T6418] delayed_put_task_struct+0x10f/0x2b0 [ 123.648010][ T6418] rcu_core+0xcc4/0x1720 [ 123.654535][ T6418] handle_softirqs+0x280/0x820 [ 123.661573][ T6418] __irq_exit_rcu+0xc7/0x190 [ 123.668375][ T6418] irq_exit_rcu+0x9/0x20 [ 123.674806][ T6418] common_interrupt+0xb9/0xd0 [ 123.681699][ T6418] asm_common_interrupt+0x26/0x40 [ 123.688922][ T6418] strcmp+0x28/0xb0 [ 123.694951][ T6418] kset_find_obj+0x79/0x100 [ 123.701654][ T6418] driver_find+0x128/0x190 [ 123.708257][ T6418] driver_register+0x229/0x310 [ 123.715244][ T6418] usb_register_driver+0x206/0x3d0 [ 123.722558][ T6418] do_one_initcall+0x1fd/0x750 [ 123.729515][ T6418] do_initcall_level+0x137/0x1f0 [ 123.736653][ T6418] do_initcalls+0x69/0xd0 [ 123.743204][ T6418] kernel_init_freeable+0x3d2/0x570 [ 123.750610][ T6418] kernel_init+0x1d/0x1c0 [ 123.757173][ T6418] ret_from_fork+0x48/0x80 [ 123.763805][ T6418] ret_from_fork_asm+0x11/0x20 [ 123.770865][ T6418] INITIAL USE at: [ 123.775122][ T6418] lock_acquire+0x197/0x410 [ 123.781902][ T6418] _raw_spin_lock_irqsave+0xa8/0xf0 [ 123.789222][ T6418] input_inject_event+0xab/0x320 [ 123.796279][ T6418] led_trigger_event+0x133/0x210 [ 123.803411][ T6418] kbd_led_trigger_activate+0xbd/0x100 [ 123.811103][ T6418] led_trigger_set+0x524/0x940 [ 123.817971][ T6418] led_trigger_set_default+0x1a0/0x1e0 [ 123.825543][ T6418] led_classdev_register_ext+0x6e9/0x940 [ 123.833286][ T6418] input_leds_connect+0x4eb/0x6b0 [ 123.840503][ T6418] input_register_device+0xcdc/0x1070 [ 123.847981][ T6418] atkbd_connect+0x6fb/0x9a0 [ 123.854673][ T6418] serio_driver_probe+0x7a/0xa0 [ 123.861623][ T6418] really_probe+0x25b/0xb40 [ 123.868234][ T6418] __driver_probe_device+0x18c/0x330 [ 123.875628][ T6418] driver_probe_device+0x4f/0x420 [ 123.882770][ T6418] __driver_attach+0x44e/0x6f0 [ 123.889667][ T6418] bus_for_each_dev+0x22d/0x2a0 [ 123.896718][ T6418] serio_handle_event+0x1a2/0x860 [ 123.903932][ T6418] process_scheduled_works+0xa45/0x15b0 [ 123.911584][ T6418] worker_thread+0xa55/0xfc0 [ 123.918498][ T6418] kthread+0x2fa/0x390 [ 123.924681][ T6418] ret_from_fork+0x48/0x80 [ 123.931219][ T6418] ret_from_fork_asm+0x11/0x20 [ 123.938111][ T6418] } [ 123.940891][ T6418] ... key at: [] input_allocate_device.__key.5+0x0/0x20 [ 123.950198][ T6418] -> (&client->buffer_lock){....}-{2:2} { [ 123.956243][ T6418] INITIAL USE at: [ 123.960333][ T6418] lock_acquire+0x197/0x410 [ 123.966851][ T6418] _raw_spin_lock+0x2e/0x40 [ 123.973295][ T6418] evdev_pass_values+0xcb/0xab0 [ 123.980074][ T6418] evdev_events+0x1d8/0x330 [ 123.986545][ T6418] input_pass_values+0x907/0x1300 [ 123.993507][ T6418] input_event_dispose+0x346/0x6c0 [ 124.000554][ T6418] input_inject_event+0x1f9/0x320 [ 124.007550][ T6418] evdev_write+0x32a/0x470 [ 124.014005][ T6418] vfs_write+0x288/0x940 [ 124.020184][ T6418] ksys_write+0x147/0x250 [ 124.026443][ T6418] do_syscall_64+0x55/0xb0 [ 124.032788][ T6418] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 124.040622][ T6418] } [ 124.043305][ T6418] ... key at: [] evdev_open.__key.28+0x0/0x20 [ 124.051816][ T6418] ... acquired at: [ 124.055805][ T6418] _raw_spin_lock+0x2e/0x40 [ 124.060508][ T6418] evdev_pass_values+0xcb/0xab0 [ 124.065723][ T6418] evdev_events+0x1d8/0x330 [ 124.070509][ T6418] input_pass_values+0x907/0x1300 [ 124.075744][ T6418] input_event_dispose+0x346/0x6c0 [ 124.081047][ T6418] input_inject_event+0x1f9/0x320 [ 124.086350][ T6418] evdev_write+0x32a/0x470 [ 124.090957][ T6418] vfs_write+0x288/0x940 [ 124.095389][ T6418] ksys_write+0x147/0x250 [ 124.099908][ T6418] do_syscall_64+0x55/0xb0 [ 124.104513][ T6418] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 124.110601][ T6418] [ 124.112928][ T6418] -> (&new->fa_lock){....}-{2:2} { [ 124.118160][ T6418] INITIAL USE at: [ 124.122243][ T6418] lock_acquire+0x197/0x410 [ 124.128567][ T6418] _raw_write_lock_irq+0xa3/0xe0 [ 124.135376][ T6418] fasync_remove_entry+0xf4/0x1c0 [ 124.142169][ T6418] __fput+0x7f3/0x970 [ 124.147915][ T6418] task_work_run+0x1ce/0x250 [ 124.154355][ T6418] exit_to_user_mode_loop+0xe6/0x110 [ 124.161397][ T6418] exit_to_user_mode_prepare+0xb1/0x140 [ 124.168789][ T6418] syscall_exit_to_user_mode+0x1a/0x50 [ 124.176012][ T6418] do_syscall_64+0x61/0xb0 [ 124.182208][ T6418] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 124.189873][ T6418] INITIAL READ USE at: [ 124.194330][ T6418] lock_acquire+0x197/0x410 [ 124.201028][ T6418] _raw_read_lock_irqsave+0xb0/0x100 [ 124.208545][ T6418] kill_fasync+0x192/0x4b0 [ 124.215158][ T6418] evdev_pass_values+0x54b/0xab0 [ 124.222374][ T6418] evdev_events+0x1d8/0x330 [ 124.229175][ T6418] input_pass_values+0x907/0x1300 [ 124.236478][ T6418] input_event_dispose+0x346/0x6c0 [ 124.243799][ T6418] input_inject_event+0x1f9/0x320 [ 124.251039][ T6418] evdev_write+0x32a/0x470 [ 124.257658][ T6418] vfs_write+0x288/0x940 [ 124.264102][ T6418] ksys_write+0x147/0x250 [ 124.270623][ T6418] do_syscall_64+0x55/0xb0 [ 124.277230][ T6418] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 124.285325][ T6418] } [ 124.287928][ T6418] ... key at: [] fasync_insert_entry.__key+0x0/0x20 [ 124.296709][ T6418] ... acquired at: [ 124.300613][ T6418] _raw_read_lock_irqsave+0xb0/0x100 [ 124.306187][ T6418] kill_fasync+0x192/0x4b0 [ 124.310796][ T6418] evdev_pass_values+0x54b/0xab0 [ 124.315925][ T6418] evdev_events+0x1d8/0x330 [ 124.320614][ T6418] input_pass_values+0x907/0x1300 [ 124.325855][ T6418] input_event_dispose+0x346/0x6c0 [ 124.331249][ T6418] input_inject_event+0x1f9/0x320 [ 124.336469][ T6418] evdev_write+0x32a/0x470 [ 124.341080][ T6418] vfs_write+0x288/0x940 [ 124.345517][ T6418] ksys_write+0x147/0x250 [ 124.350038][ T6418] do_syscall_64+0x55/0xb0 [ 124.354646][ T6418] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 124.360735][ T6418] [ 124.363069][ T6418] -> (&f->f_owner.lock){...-}-{2:2} { [ 124.368472][ T6418] IN-SOFTIRQ-R at: [ 124.372468][ T6418] lock_acquire+0x197/0x410 [ 124.378639][ T6418] _raw_read_lock_irqsave+0xb0/0x100 [ 124.385596][ T6418] send_sigurg+0x29/0x3c0 [ 124.391698][ T6418] sk_send_sigurg+0x6f/0xc0 [ 124.398054][ T6418] tcp_check_urg+0x200/0x750 [ 124.404334][ T6418] tcp_urg+0x161/0x3f0 [ 124.410074][ T6418] tcp_rcv_established+0xa2e/0x1cf0 [ 124.416951][ T6418] tcp_v4_do_rcv+0x4ed/0xb80 [ 124.423228][ T6418] tcp_v4_rcv+0x2334/0x2a50 [ 124.429422][ T6418] ip_protocol_deliver_rcu+0x20e/0x3f0 [ 124.436559][ T6418] ip_local_deliver_finish+0x2ca/0x510 [ 124.443699][ T6418] NF_HOOK+0x303/0x390 [ 124.449433][ T6418] NF_HOOK+0x303/0x390 [ 124.455184][ T6418] __netif_receive_skb+0xcc/0x290 [ 124.461882][ T6418] process_backlog+0x380/0x6e0 [ 124.468315][ T6418] __napi_poll+0xc0/0x460 [ 124.474317][ T6418] net_rx_action+0x5ea/0xbf0 [ 124.480690][ T6418] handle_softirqs+0x280/0x820 [ 124.487120][ T6418] do_softirq+0xed/0x180 [ 124.493025][ T6418] __local_bh_enable_ip+0x178/0x1c0 [ 124.499887][ T6418] batadv_nc_purge_paths+0x311/0x3a0 [ 124.506840][ T6418] batadv_nc_worker+0x328/0x610 [ 124.513444][ T6418] process_scheduled_works+0xa45/0x15b0 [ 124.520662][ T6418] worker_thread+0xa55/0xfc0 [ 124.526919][ T6418] kthread+0x2fa/0x390 [ 124.532649][ T6418] ret_from_fork+0x48/0x80 [ 124.538835][ T6418] ret_from_fork_asm+0x11/0x20 [ 124.545271][ T6418] INITIAL USE at: [ 124.549177][ T6418] lock_acquire+0x197/0x410 [ 124.555262][ T6418] _raw_write_lock_irq+0xa3/0xe0 [ 124.561788][ T6418] __f_setown+0x3b/0x330 [ 124.567608][ T6418] generic_setlease+0xe32/0x1270 [ 124.574129][ T6418] fcntl_setlease+0x268/0x340 [ 124.580446][ T6418] do_fcntl+0x1cb/0x1380 [ 124.586270][ T6418] __se_sys_fcntl+0xc9/0x1a0 [ 124.592449][ T6418] do_syscall_64+0x55/0xb0 [ 124.598463][ T6418] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 124.606065][ T6418] INITIAL READ USE at: [ 124.610465][ T6418] lock_acquire+0x197/0x410 [ 124.616989][ T6418] _raw_read_lock_irqsave+0xb0/0x100 [ 124.624317][ T6418] send_sigio+0x33/0x360 [ 124.630578][ T6418] kill_fasync+0x228/0x4b0 [ 124.637010][ T6418] evdev_pass_values+0x54b/0xab0 [ 124.643957][ T6418] evdev_events+0x1d8/0x330 [ 124.650492][ T6418] input_pass_values+0x907/0x1300 [ 124.657535][ T6418] input_event_dispose+0x346/0x6c0 [ 124.664662][ T6418] input_inject_event+0x1f9/0x320 [ 124.671699][ T6418] evdev_write+0x32a/0x470 [ 124.678164][ T6418] vfs_write+0x288/0x940 [ 124.684427][ T6418] ksys_write+0x147/0x250 [ 124.690876][ T6418] do_syscall_64+0x55/0xb0 [ 124.697321][ T6418] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 124.705331][ T6418] } [ 124.707838][ T6418] ... key at: [] init_file.__key+0x0/0x20 [ 124.715671][ T6418] ... acquired at: [ 124.719491][ T6418] _raw_read_lock_irqsave+0xb0/0x100 [ 124.725061][ T6418] send_sigio+0x33/0x360 [ 124.729496][ T6418] kill_fasync+0x228/0x4b0 [ 124.734106][ T6418] evdev_pass_values+0x54b/0xab0 [ 124.739239][ T6418] evdev_events+0x1d8/0x330 [ 124.743950][ T6418] input_pass_values+0x907/0x1300 [ 124.749427][ T6418] input_event_dispose+0x346/0x6c0 [ 124.754752][ T6418] input_inject_event+0x1f9/0x320 [ 124.759974][ T6418] evdev_write+0x32a/0x470 [ 124.764670][ T6418] vfs_write+0x288/0x940 [ 124.769107][ T6418] ksys_write+0x147/0x250 [ 124.773629][ T6418] do_syscall_64+0x55/0xb0 [ 124.778240][ T6418] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 124.784356][ T6418] [ 124.786696][ T6418] [ 124.786696][ T6418] the dependencies between the lock to be acquired [ 124.786706][ T6418] and HARDIRQ-irq-unsafe lock: [ 124.800289][ T6418] -> (tasklist_lock){.+.+}-{2:2} { [ 124.805435][ T6418] HARDIRQ-ON-R at: [ 124.809435][ T6418] lock_acquire+0x197/0x410 [ 124.815622][ T6418] _raw_read_lock+0x36/0x50 [ 124.821798][ T6418] do_wait+0x294/0xaf0 [ 124.827542][ T6418] kernel_wait+0xac/0x170 [ 124.833543][ T6418] call_usermodehelper_exec_work+0xb9/0x220 [ 124.841237][ T6418] process_scheduled_works+0xa45/0x15b0 [ 124.848454][ T6418] worker_thread+0xa55/0xfc0 [ 124.854714][ T6418] kthread+0x2fa/0x390 [ 124.860447][ T6418] ret_from_fork+0x48/0x80 [ 124.866541][ T6418] ret_from_fork_asm+0x11/0x20 [ 124.872990][ T6418] SOFTIRQ-ON-R at: [ 124.877013][ T6418] lock_acquire+0x197/0x410 [ 124.883183][ T6418] _raw_read_lock+0x36/0x50 [ 124.889448][ T6418] do_wait+0x294/0xaf0 [ 124.895207][ T6418] kernel_wait+0xac/0x170 [ 124.901230][ T6418] call_usermodehelper_exec_work+0xb9/0x220 [ 124.908812][ T6418] process_scheduled_works+0xa45/0x15b0 [ 124.916555][ T6418] worker_thread+0xa55/0xfc0 [ 124.922826][ T6418] kthread+0x2fa/0x390 [ 124.928600][ T6418] ret_from_fork+0x48/0x80 [ 124.934870][ T6418] ret_from_fork_asm+0x11/0x20 [ 124.941333][ T6418] INITIAL USE at: [ 124.945241][ T6418] lock_acquire+0x197/0x410 [ 124.951406][ T6418] _raw_write_lock_irq+0xa3/0xe0 [ 124.957940][ T6418] copy_process+0x225d/0x3d70 [ 124.964368][ T6418] kernel_clone+0x21b/0x840 [ 124.970450][ T6418] user_mode_thread+0xde/0x130 [ 124.976977][ T6418] rest_init+0x27/0x300 [ 124.982718][ T6418] arch_call_rest_init+0xe/0x10 [ 124.989156][ T6418] start_kernel+0x459/0x4e0 [ 124.995246][ T6418] x86_64_start_reservations+0x2a/0x30 [ 125.002295][ T6418] copy_bootdata+0x0/0xe0 [ 125.008247][ T6418] secondary_startup_64_no_verify+0x179/0x17b [ 125.015904][ T6418] INITIAL READ USE at: [ 125.020247][ T6418] lock_acquire+0x197/0x410 [ 125.026785][ T6418] _raw_read_lock+0x36/0x50 [ 125.033331][ T6418] do_wait+0x294/0xaf0 [ 125.039437][ T6418] kernel_wait+0xac/0x170 [ 125.045913][ T6418] call_usermodehelper_exec_work+0xb9/0x220 [ 125.053924][ T6418] process_scheduled_works+0xa45/0x15b0 [ 125.061611][ T6418] worker_thread+0xa55/0xfc0 [ 125.068225][ T6418] kthread+0x2fa/0x390 [ 125.074306][ T6418] ret_from_fork+0x48/0x80 [ 125.080736][ T6418] ret_from_fork_asm+0x11/0x20 [ 125.087531][ T6418] } [ 125.090037][ T6418] ... key at: [] tasklist_lock+0x18/0x40 [ 125.097776][ T6418] ... acquired at: [ 125.101587][ T6418] _raw_read_lock+0x36/0x50 [ 125.106308][ T6418] send_sigurg+0xf0/0x3c0 [ 125.110921][ T6418] sk_send_sigurg+0x6f/0xc0 [ 125.115619][ T6418] queue_oob+0x3d7/0x4e0 [ 125.120084][ T6418] unix_stream_sendmsg+0xaa2/0xba0 [ 125.125389][ T6418] ____sys_sendmsg+0x5bf/0x950 [ 125.130359][ T6418] ___sys_sendmsg+0x220/0x290 [ 125.135378][ T6418] __sys_sendmmsg+0x275/0x4a0 [ 125.140335][ T6418] __x64_sys_sendmmsg+0xa0/0xb0 [ 125.145399][ T6418] do_syscall_64+0x55/0xb0 [ 125.150050][ T6418] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 125.156143][ T6418] [ 125.158485][ T6418] [ 125.158485][ T6418] stack backtrace: [ 125.164401][ T6418] CPU: 1 PID: 6418 Comm: syz.3.198 Not tainted 6.6.101-syzkaller #0 [ 125.172617][ T6418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 125.182699][ T6418] Call Trace: [ 125.186002][ T6418] [ 125.188955][ T6418] dump_stack_lvl+0x16c/0x230 [ 125.193688][ T6418] ? load_image+0x3b0/0x3b0 [ 125.198330][ T6418] ? show_regs_print_info+0x20/0x20 [ 125.203549][ T6418] ? load_image+0x3b0/0x3b0 [ 125.208087][ T6418] ? print_shortest_lock_dependencies+0xf4/0x160 [ 125.214439][ T6418] __lock_acquire+0x678f/0x7c80 [ 125.219324][ T6418] ? verify_lock_unused+0x140/0x140 [ 125.224540][ T6418] ? verify_lock_unused+0x140/0x140 [ 125.229850][ T6418] lock_acquire+0x197/0x410 [ 125.234372][ T6418] ? send_sigurg+0xf0/0x3c0 [ 125.238899][ T6418] ? read_lock_is_recursive+0x20/0x20 [ 125.244381][ T6418] ? do_raw_read_lock+0x3d/0x90 [ 125.249256][ T6418] ? _raw_read_lock_irqsave+0xbc/0x100 [ 125.254746][ T6418] ? _raw_read_lock+0x50/0x50 [ 125.259466][ T6418] ? __lock_acquire+0x7c80/0x7c80 [ 125.264512][ T6418] ? do_raw_spin_lock+0x121/0x2c0 [ 125.269595][ T6418] _raw_read_lock+0x36/0x50 [ 125.274153][ T6418] ? send_sigurg+0xf0/0x3c0 [ 125.278864][ T6418] send_sigurg+0xf0/0x3c0 [ 125.283217][ T6418] sk_send_sigurg+0x6f/0xc0 [ 125.287764][ T6418] queue_oob+0x3d7/0x4e0 [ 125.292028][ T6418] ? scm_stat_add+0xc0/0xc0 [ 125.296548][ T6418] ? __might_sleep+0xe0/0xe0 [ 125.301170][ T6418] ? bpf_lsm_socket_getpeersec_dgram+0x9/0x10 [ 125.307260][ T6418] ? security_socket_getpeersec_dgram+0x83/0xa0 [ 125.313526][ T6418] unix_stream_sendmsg+0xaa2/0xba0 [ 125.318668][ T6418] ? aa_sk_perm+0x7fc/0x930 [ 125.323202][ T6418] ? unix_show_fdinfo+0x270/0x270 [ 125.328244][ T6418] ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0 [ 125.334803][ T6418] ? aa_sock_msg_perm+0x94/0x150 [ 125.339792][ T6418] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 125.345229][ T6418] ? security_socket_sendmsg+0x80/0xa0 [ 125.350811][ T6418] ? unix_show_fdinfo+0x270/0x270 [ 125.355873][ T6418] ____sys_sendmsg+0x5bf/0x950 [ 125.360679][ T6418] ? __asan_memset+0x22/0x40 [ 125.365290][ T6418] ? __sys_sendmsg_sock+0x30/0x30 [ 125.370352][ T6418] ? __import_iovec+0x5f2/0x860 [ 125.375247][ T6418] ? import_iovec+0x73/0xa0 [ 125.379778][ T6418] ___sys_sendmsg+0x220/0x290 [ 125.384493][ T6418] ? __sys_sendmsg+0x270/0x270 [ 125.389305][ T6418] __sys_sendmmsg+0x275/0x4a0 [ 125.394008][ T6418] ? __ia32_sys_sendmsg+0x90/0x90 [ 125.399059][ T6418] ? __ia32_sys_get_robust_list+0x90/0x90 [ 125.404794][ T6418] ? do_fcntl+0x118a/0x1380 [ 125.409319][ T6418] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 125.415324][ T6418] ? lock_chain_count+0x20/0x20 [ 125.420233][ T6418] __x64_sys_sendmmsg+0xa0/0xb0 [ 125.425228][ T6418] do_syscall_64+0x55/0xb0 [ 125.429670][ T6418] ? clear_bhb_loop+0x40/0x90 [ 125.434453][ T6418] ? clear_bhb_loop+0x40/0x90 [ 125.439148][ T6418] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 125.445165][ T6418] RIP: 0033:0x7f668098ebe9 [ 125.449697][ T6418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 125.469753][ T6418] RSP: 002b:00007f6681828038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 125.478183][ T6418] RAX: ffffffffffffffda RBX: 00007f6680bb5fa0 RCX: 00007f668098ebe9 [ 125.486266][ T6418] RDX: 0000000000000001 RSI: 00002000000001c0 RDI: 0000000000000003 [ 125.494342][ T6418] RBP: 00007f6680a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 125.502332][ T6418] R10: 0000000000040015 R11: 0000000000000246 R12: 0000000000000000 [ 125.510316][ T6418] R13: 00007f6680bb6038 R14: 00007f6680bb5fa0 R15: 00007ffc898e2a48 [ 125.518344][ T6418]