Warning: Permanently added '10.128.0.177' (ECDSA) to the list of known hosts.
2022/03/08 04:53:05 parsed 1 programs
syzkaller login: [   48.409089][ T3593] cgroup: Unknown subsys name 'net'
[   48.520014][ T3593] cgroup: Unknown subsys name 'rlimit'
2022/03/08 04:53:05 executed programs: 0
[   49.752761][ T3599] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   49.760497][ T3599] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   49.768377][ T3599] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   49.776472][ T3599] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   49.784129][ T3599] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   49.791515][ T3599] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   49.871565][ T3598] chnl_net:caif_netlink_parms(): no params data found
[   49.912729][ T3598] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.920433][ T3598] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.929316][ T3598] device bridge_slave_0 entered promiscuous mode
[   49.938261][ T3598] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.946308][ T3598] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.954420][ T3598] device bridge_slave_1 entered promiscuous mode
[   49.975034][ T3598] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   49.986136][ T3598] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   50.008581][ T3598] team0: Port device team_slave_0 added
[   50.015861][ T3598] team0: Port device team_slave_1 added
[   50.034043][ T3598] batman_adv: batadv0: Adding interface: batadv_slave_0
[   50.041005][ T3598] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   50.066984][ T3598] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   50.079847][ T3598] batman_adv: batadv0: Adding interface: batadv_slave_1
[   50.086835][ T3598] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   50.112785][ T3598] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   50.138375][ T3598] device hsr_slave_0 entered promiscuous mode
[   50.145771][ T3598] device hsr_slave_1 entered promiscuous mode
[   50.222535][ T3598] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   50.232354][ T3598] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   50.241021][ T3598] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   50.250114][ T3598] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   50.269993][ T3598] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.277224][ T3598] bridge0: port 2(bridge_slave_1) entered forwarding state
[   50.284978][ T3598] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.292028][ T3598] bridge0: port 1(bridge_slave_0) entered forwarding state
[   50.335685][ T3598] 8021q: adding VLAN 0 to HW filter on device bond0
[   50.347915][ T3606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   50.359565][ T3606] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.367891][ T3606] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.376682][ T3606] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   50.390438][ T3598] 8021q: adding VLAN 0 to HW filter on device team0
[   50.401173][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   50.409599][   T22] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.416842][   T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[   50.435353][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   50.444102][ T3610] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.451163][ T3610] bridge0: port 2(bridge_slave_1) entered forwarding state
[   50.459979][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   50.473653][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   50.481470][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   50.497957][ T3598] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   50.509305][ T3598] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   50.523404][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   50.532141][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   50.540650][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   50.558145][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   50.565747][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   50.578195][ T3598] 8021q: adding VLAN 0 to HW filter on device batadv0
[   50.685053][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   50.698598][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   50.708030][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   50.716557][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   50.726350][ T3598] device veth0_vlan entered promiscuous mode
[   50.738674][ T3598] device veth1_vlan entered promiscuous mode
[   50.756490][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   50.765085][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   50.773048][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   50.784343][ T3598] device veth0_macvtap entered promiscuous mode
[   50.792770][ T3598] device veth1_macvtap entered promiscuous mode
[   50.808665][ T3598] batman_adv: batadv0: Interface activated: batadv_slave_0
[   50.818269][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   50.827593][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   50.839603][ T3598] batman_adv: batadv0: Interface activated: batadv_slave_1
[   50.847284][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   50.858996][ T3598] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   50.868974][ T3598] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   50.877909][ T3598] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   50.886744][ T3598] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   50.945431][ T1346] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   50.965249][ T1346] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   50.973708][   T54] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   50.975387][ T3607] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   50.981640][   T54] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   50.997655][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   51.313304][   T22] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   51.673841][   T22] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   51.824080][ T3607] Bluetooth: hci0: command 0x0409 tx timeout
[   51.843359][   T22] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   51.852525][   T22] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   51.861556][   T22] usb 1-1: Product: syz
[   51.865958][   T22] usb 1-1: Manufacturer: syz
[   51.870629][   T22] usb 1-1: SerialNumber: syz
[   52.114399][ T3619] UDC core: couldn't find an available UDC or it's busy: -16
[   52.121864][ T3619] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   52.130237][ T3619] UDC core: couldn't find an available UDC or it's busy: -16
[   52.138617][ T3619] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   53.383350][   T22] cdc_ncm 1-1:1.0: MAC-Address: 42:42:42:42:42:42
[   53.389938][   T22] cdc_ncm 1-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[   53.398541][   T22] cdc_ncm 1-1:1.0: setting rx_max = 2048
[   53.593481][   T22] cdc_ncm 1-1:1.0: setting tx_max = 184
[   53.604774][   T22] cdc_ncm 1-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.0-1, CDC NCM, 42:42:42:42:42:42
[   53.903791][ T3607] Bluetooth: hci0: command 0x041b tx timeout
[   54.125893][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): usb0: link becomes ready
[   54.147294][ T3655] UDC core: couldn't find an available UDC or it's busy: -16
[   54.155501][ T3655] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   55.033487][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): usb0: link becomes ready
2022/03/08 04:53:12 executed programs: 1
[   55.507564][ T3608] usb 1-1: USB disconnect, device number 2
[   55.535423][ T3608] cdc_ncm 1-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.0-1, CDC NCM
[   55.550976][ T3608] ==================================================================
[   55.559068][ T3608] BUG: KASAN: use-after-free in __lock_acquire+0x3eb0/0x56c0
[   55.566573][ T3608] Read of size 8 at addr ffff88807a32d8f0 by task kworker/0:5/3608
[   55.574478][ T3608] 
[   55.576822][ T3608] CPU: 0 PID: 3608 Comm: kworker/0:5 Not tainted 5.17.0-rc6-next-20220303-syzkaller #0
[   55.586554][ T3608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   55.596620][ T3608] Workqueue: usb_hub_wq hub_event
[   55.601694][ T3608] Call Trace:
[   55.604983][ T3608]  <TASK>
[