last executing test programs: 3m45.214778804s ago: executing program 1 (id=1291): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0x7000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x1100, 0x0, 0x0, 0x0, 0x0, 0x0) 3m44.822245072s ago: executing program 1 (id=1298): mkdir(&(0x7f0000000000)='./file0\x00', 0x15a) mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f0000000080), 0x0, 0x0) r0 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x1, 0x3}, 0x18, 0x0) landlock_restrict_self(r0, 0x4) umount2(&(0x7f00000001c0)='./file0\x00', 0x0) 3m44.666354431s ago: executing program 1 (id=1302): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r1, &(0x7f00000001c0)={&(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42, 0x80000001}}}, 0x10, 0x0}, 0x0) 3m44.579955246s ago: executing program 1 (id=1303): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x5f, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x2, 0x2, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 3m44.486639779s ago: executing program 1 (id=1305): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xb, 0x7, 0x10000, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) 3m44.287856262s ago: executing program 1 (id=1319): r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x200, 0x102) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2, 0x28011, r0, 0x0) ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000100)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0xffff}, 0x10007, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_emit_ethernet(0x46, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x10, 0x3a, 0xff, @remote={0xfe, 0x7}, @mcast2, {[], @ndisc_ra}}}}}, 0x0) munmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000) 3m29.089666698s ago: executing program 32 (id=1319): r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x200, 0x102) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2, 0x28011, r0, 0x0) ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000100)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0xffff}, 0x10007, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_emit_ethernet(0x46, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x10, 0x3a, 0xff, @remote={0xfe, 0x7}, @mcast2, {[], @ndisc_ra}}}}}, 0x0) munmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000) 2m57.903464992s ago: executing program 3 (id=1905): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0xe, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000180)={0x1d7, @time={0x65757900}}) 2m57.615175361s ago: executing program 3 (id=1910): sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x6, 0x0, 0x0, 0x0, 0x8000000009917, 0x400000000000fffd}, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) ioctl$TCSETS(r0, 0x40204706, &(0x7f0000000040)={0x4000, 0x3, 0x5, 0x0, 0x0, "3eccd8f9d20500005a1a320900"}) 2m57.496606438s ago: executing program 3 (id=1911): socket$inet6_tcp(0xa, 0x1, 0x0) r0 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_DEL_MIF(r0, 0x29, 0xc8, 0x0, 0xc000000) socket(0xa, 0x3, 0x3a) close(0x5) 2m57.320198791s ago: executing program 3 (id=1916): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='dyn']) chdir(&(0x7f00000000c0)='./file0\x00') socket$nl_generic(0x10, 0x3, 0x10) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn']) 2m57.10397898s ago: executing program 3 (id=1918): mkdir(&(0x7f00000000c0)='./file1\x00', 0x154) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000140)='./file1\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, &(0x7f0000000280)={0x8, 0x3, 0x8000000000000000, 0x2, 0x9, 0xfffffffffffffffb, 0x0, 0x0, 0x2}) 2m56.932994323s ago: executing program 3 (id=1922): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x24020000) setreuid(0xee00, 0x0) syz_clone3(&(0x7f00000008c0)={0x148e1080, 0x0, 0x0, 0x0, {0x2a}, 0x0, 0x0, 0x0, 0x0}, 0x58) 2m56.504562197s ago: executing program 33 (id=1922): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x24020000) setreuid(0xee00, 0x0) syz_clone3(&(0x7f00000008c0)={0x148e1080, 0x0, 0x0, 0x0, {0x2a}, 0x0, 0x0, 0x0, 0x0}, 0x58) 38.323581808s ago: executing program 0 (id=3794): socket$kcm(0x2, 0x2, 0x73) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005345c0f63cdc2e82818254950ee03568b8809a1f04c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab66c1aae9314d7381fcfeb970bea672010000000000000043144648a07a975bd89dc398712376610faa54f12495b4659be8673086f6f3543205d4bc4ce05b8b961103673dff7f158052e62bfbdcddde6985f3f1ac5d9a94cc53207899762a07282a1914452d11858e795a3ca30a101af5574f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5ed44039aab46419496362e54cfad05b4004ac71a003d7b85d07191bed4e5a8908263722d4146f7ed569985439baa355cf3d8731f5e7a237bc06d035a8d601f21746d880819f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c5b9f87d988c9fbd2b9d9b4e2d71753b1549fa734f0b2e5fcf9549804cddad721971637f9c9730a9cc384eed30345979db9c93e1c52f42cad0a4d4f9436d3f39b0ed09c395dc6e970366087a8e4daeeb1b017006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f710c490ecd085d2811a7555c53030000007f00000000bfa6478eb96b079c277e2910b7ccdc3d672ed34aa65278c549e2abb549ad954884289130bc71cee2b7de62bf48129ae1af052a2d46a6165eb0954dac7265f1f425735acf6377793946b3229e861d8ea49806b3b533345d36ecef9df700000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c000000aaae37f044bcadeb0f6846582b7653665aa336db9f0384d3c7ddf79c2e0000000000000000000000000000000000000000000000e154aa0d3e41986a668ee1e5ef93a8ceac75f44aae95e26742f895f287111f8ee86f7e3ffb63cfb0e345cf7fc63dd2b0d30977899c6f03640040af4db71f7452bfc79a05118d8bb42b63b195771e42f9942ec626bd4b5461b74324012164e8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000640)=ANY=[@ANYRES32=r1, @ANYRES32=r0, @ANYBLOB="02"], 0x10) socket$kcm(0x2, 0x2, 0x73) 38.19583747s ago: executing program 0 (id=3797): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}], 0x1}], 0x1, 0x0) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x20000253) 38.063353231s ago: executing program 0 (id=3799): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000280)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) listen(r0, 0x2) r1 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x2, @local}, 0x10) close_range(r0, 0xffffffffffffffff, 0x0) 27.082545741s ago: executing program 0 (id=3799): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000280)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) listen(r0, 0x2) r1 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x2, @local}, 0x10) close_range(r0, 0xffffffffffffffff, 0x0) 14.291009959s ago: executing program 0 (id=3799): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000280)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) listen(r0, 0x2) r1 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x2, @local}, 0x10) close_range(r0, 0xffffffffffffffff, 0x0) 4.173772099s ago: executing program 6 (id=4139): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x80800) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0}], 0x1, 0x40800) recvmsg$unix(r1, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000680)=""/219, 0xdb}], 0x1}, 0x10000) 4.038091892s ago: executing program 6 (id=4143): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f00000002c0)='io_uring_register\x00', r1}, 0x18) r2 = io_uring_setup(0x728, &(0x7f0000000300)={0x0, 0x57c0, 0x400, 0x1, 0x117}) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0x19, 0x2000000, 0x0) 3.934085452s ago: executing program 2 (id=4145): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x1e1a00, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x2005, 0x2}) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4048aecb, &(0x7f0000000080)) 3.872254467s ago: executing program 6 (id=4147): r0 = landlock_create_ruleset(&(0x7f0000000040)={0x2, 0x3, 0x3}, 0x18, 0x0) landlock_restrict_self(r0, 0x0) r1 = landlock_create_ruleset(&(0x7f0000000080)={0x220, 0x0, 0x1}, 0x18, 0x0) landlock_restrict_self(r1, 0x0) r2 = socket$inet6(0xa, 0x400000000001, 0x0) bind$inet6(r2, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x7fff, @loopback}, 0x17) 3.820485269s ago: executing program 2 (id=4149): r0 = creat(&(0x7f00000001c0)='./bus\x00', 0x77) r1 = open(&(0x7f0000000100)='./bus\x00', 0x0, 0x10) truncate(&(0x7f00000000c0)='./bus\x00', 0x9471) lsetxattr$security_ima(&(0x7f0000000080)='./bus\x00', &(0x7f0000000780), &(0x7f0000000640)=@md5={0x1, "0f203ea2f4316e67dea60d0a9a960794"}, 0x11, 0x1) dup3(r1, r0, 0x0) finit_module(r1, 0x0, 0x0) 3.742214151s ago: executing program 6 (id=4150): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r0 = socket(0x400000000010, 0x3, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001f80)=@newtfilter={0x50, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x7}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_basic={{0xa}, {0x20, 0x2, [@TCA_BASIC_EMATCHES={0x1c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x7}}, @TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_CONTAINER={0xc, 0x1, 0x0, 0x0, {{0x800, 0x300, 0x4}}}]}]}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x20000800) 3.742093658s ago: executing program 0 (id=3799): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000280)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) listen(r0, 0x2) r1 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x2, @local}, 0x10) close_range(r0, 0xffffffffffffffff, 0x0) 3.741716986s ago: executing program 5 (id=4151): mkdir(&(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}]}) 2.927195679s ago: executing program 5 (id=4152): bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)=ANY=[], 0x20) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000300)="c9", 0x1) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000003c0)=ANY=[@ANYBLOB="1201000000000020ac050f0222000182830109022400010100000009040000020301020009210005000122000009058103", @ANYRESHEX], 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0) syz_usb_disconnect(r0) read(r1, &(0x7f0000000080)=""/48, 0x30) 2.925916943s ago: executing program 2 (id=4153): r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x8000003d) fcntl$setsig(r0, 0xa, 0x21) syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0) syz_clone3(&(0x7f00000004c0)={0x1004000, 0x0, 0x0, 0x0, {0x3c}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58) 1.294522629s ago: executing program 5 (id=4158): r0 = syz_io_uring_setup(0x1714, &(0x7f0000002040)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000080)=0x0) io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x2, r3, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0, 0x40016002}) write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000340)={0x8, {"eb9d8988e81b395b45bd0cba3a8483077474dd3dd0c47bc253e5f8e8b4292aac2796001366e4c71f9f35008b53e42578e610c78571ad7fd714bbf1d6fd513c82063c7b62f80247dae47c5c719fcb141465938af815fb5f2695978afaf02bc89e649ba154d25cd9128fa00c4655085aaa52d42552f2b09df1d9bb0e372396aa8bcb1358797975d0f0609075102a2744764709002ff83c2341d3365f98a022a3adb2984c475f59af4129dbfd9a93d73ebd4e3cb4f1e4ab97495820ac3a2091f1a472e09074da690ef8a1271c19fa97898e3be7b5000d91bbc78a0e2415b557a6ac425159469271188e5adbb631ee32f1c01b8aab308dad8548079f00eb770e058ec6480cb78a47d832ff6f7d23348118d2a8a317c1d0cb05299e4541dd566ca584cbe7508ab24fa6fdd1e5fd301a57f7b01f55543d5289911b1040011acfa9247e9f2b08635fc066b8725bc114c59fdbdd3a35903b19613e3f29ce4457a59c64567f1fea4a17185e7edde0ccc64cf9d0086ef292c318c8a56b28406cdcfd091245a8e0fa721e11aa064b642d9afbcf3dd23c79c466e634e84e0ccf866e8bcc03a6e6ac823fe6056a7aa6aa8622969e263eff3fb74ea46e0bd6a1ce08244e39f59df03e6cdd7fdc2811c4c1719099a56f1c5e07ab0e7d6a07192dcc0d03f6bcbc2323f4606b52950e3ebf54b379a97bb4c0c27db1e0824068a353aa025258f16eec23148997eb0f14ade49c1216cfd2ce324f289ddcf0ff8247984c4567692e9b64c2fbbc1272a3e532122e65f97cec13564ece0b7029c2c34ca9c7a9557d487336d849513afaaaa6c1a0388e72dba891750cebb09747cdadd4228b66ce5972f9c67bc4bd795753bc83fd36897edb29a4d9ca5c5cbb0e92dab163d6c980ef76a5f79f6f05f9a7e0e745a129cbbfc12281f9566f656b1f9de9bec23d3a2bec3852430fb7dcbc692e0fcccb69402639a0e1693a70a5983a462b001131a4774e5e3d8bd9a19389ab7e819a77ae145d2ca8e4477215905e8e1dce02ccd3f8942744313a30b68025844e5a68a9a2dd382a3a32042c232459a776d6e1741eec549b4d2867580fc511393281917f5145952997aebd29d8056d4282586ccd91d633a7c1764012e09d7746fef7246eb56640fef2bdd74b78fbcaa32e6b6f4136431a51229956a8a8149de241511e2760f997886e098fc1847adee880f3ae61a1240581e13758be18a33bde20ffad43a0ae9a4f7144a16993858e445c7c5bc83e13dfeb81ae6fc11be70e0ab490ab976106e3d8e627c44df3ac588239fbf885a2439b69e5a121245fd3c42c86555b198452ffcac7168d789ff3f61da76d389b0fc1e6c39df6608824babcb098c509e0def7f1701e67ab7d6c64ab5150eaaadbe38a11673fee8d286d88ae6f39241966fa6df46464166db4f41d67596d9d67382f1069042ee118b0af630a5e12f07d8cfa4183f2c28b27a6105d69804508235f877693cf1f359ffb95b585496b941c2e3f2170d916ded547beee1ae24e1724f17cb85cfcba15e1cbabe44e60b16c2ac4f4afed9506e25bd35a8897de4ae4a4c929b25289f75b2da34a1b65edfc2dd74b74b8f3d74f1387805cf5933a616798fa890718c9ebd6079c26a5f732298f8e8a2e378fccffd7fc3ecc8b10d1cd013a7340b7842c4b1dff0e9f2ea70329fb9c3013151f43fa5bad0dd5f61a92da5a78e68052ab72c38d915136184a49da2a6b6e248e9d106777c1bde4dfc94f8a4a29dfa95fe7681516061a83650c8b39968bd3a7a34b34e93844fc8ed8a84b59f7e657a025592db7a7252491b18695693a68d178564909e5971b8956479e518a1202af31718fe22f4e65c93a9a08e802e07fd274e5a23cb466a7b48cf344a2176d61ef27d348b40a510e8cc8e372693cb6c1c7cfb4e3972fbe4204f0048bc53793e049b0484b3bbe6d3b6a986bc2c95fdb63f60ebfdbea38b48405a8b85ee84568fb6921a75fb54e9026671ed43b923286d64d60c9060a86c2217f98f049259d99d0c5ce4889b165557fa4536a6d5222eb289a6dd83ff235dbde83897d1627f6d85c3e551997007b5219c5b010d53b92879e19951ba21db665f724d7c45da7c635f3a982047a1ebed638dca4f3e97ee036e18ae68d37cd8fda64fac7dce84587311b2e17420c31d50a5da4d052052ea1b4116aa9a0ef20434420c51887cf2d03a1d578925f19e700451f404413f7371693f2e0a622e1ae49daccd12de5ec59d2acbb635d854ce22a418f143c3a637dc731d45c5d1c38adcb770602a92f3de006a4eef1d838b91178476ff168fa639eb5b420da8a343a0ec6e6144cc802eb08d1833beb6ca18ffa1fd7b019bb2d02c97d62963a8a9180769323d8e45639b68aaa56775306bdc6c020678ecd64e751fb92c85dc474bbde8f94c029d92dea48b837c7b5524dc061374e637e299fef6b1355ce23d0f649f0e61402d375bb444a37a22a812821ade48df3be021ecacff6873654bf21e111d079f5bb140568b5c4b77f1aaa22416ab983eb8fe903286fdf114024622f443686078c8318329aebe5df891a9a91bd5512b3aed59557de62d1a9586e10fa07306f815fc10204200d6282813f729c3f8e8af7c450f55037397125ef5e806306a9ba351a6f3e1dede486bc75ae897581b649ef55f19c97b330c5a61a6f76674722429ea894d1c638074cedb0b863514c19166a5c2baf4ee6d1eaeee85155afd10fdd4361c78b3c0d00d01a37df52be0ed3458bc7a1afa0c8c9a2f3406b1e4607e955f57f626c7ed2efac888e72110e0dc0f79cfdd02bc245f0b3a7939bbdc31229ab99ecd36927e1fdd7b17b5037457856fe3f773b6af24af6d67cbd7978e2f127b86b50153e9b0f13f4942006198d6a6ac335cf7560676fd607e6a3a7b518fa815def5eca1372813f97d6ea9d62b848db37015aa648c8426f26776728332fad5f72c919a6f96d1c3b0a97df4c1892ff814e2e57979da7f7098c42b963ca5929765b1ad2284abd2c1f7ef9570b8c97a513da8f4078130e70f31327708619331571d78d3475b6b41e835dc948f0e809c6610942e4c7d515d9303e6281a3980a742dc85f4528fddc34d22bbd9aa4b4b2351df10884f1dbc877717d984b0b3bafda47801103cda459d006a9a9982f5cf67fc0face3def54d579358e623dae4d9b4248cebd82111cf4c431f8852bcf862a65a124ca709cec2454e4c65514128bc2d6f8cc92624f20c02b008081d334cc7fa0b8e8d9d3dfe2a283600e875c7ecb8e4949f958f6f84f8e52b78e3eae58fa02d85bb8ac52ddf3b262ec52eca50d6d590139c24c042e1c040d8da6c9a2e95055dc91ed65881bc4c43c13c240eb9f6ef9a4cffb44e96c9c055cbbc10b5d63850bc3e2fa46aabb2c732c0c31bf1dba3ad1ce2b1b671259aaaef955d39c420b18d78828248563cacd9417ef2cb63859ebef3936e26803e7ccf5233cb3c0a2f440d898ff258cb03a783415a6f81b1b1a07bb5cef530c78c30ec9adfd2df246d581bc662336d5029f65588995adc3190e97a418c15fa3620eb68cdcc6233f1aa0009ab558b22ae9316003c6af1fe0d7807e583943e48692fcd9fa2525fefe3467d099951c83943312f0e889cef4c1ecf17ad469f5ad683b405eb59230e89df96e8dd94e41e5f62822ba957e065f22d96b1c0c2b83f5a57fbb04d5af399ece3ddd52e5afff783a876e2066fbe30963421acb427c95fd3e7bc6b7d3d731a7e347052cd9636805cab94ad40bdb63a264b3127c7f8d21d25810bd2eadb2c3e31b5c807283ad062d750e5b21ec1e20cc3ac5753ac536faf23e2b5c37e9d021870b0350ecea7187643a00a08ec3ffaf7e6c236c4d694ff41af7b5fbf8a554949f5026a8b2adcf377f94848cd17fbcc0249e796008962d3db16b4bb85483dbe75ef5b301175e052203436b38248fbd1a28a5e2b3ab75c77eb8f853e60e95d5f16cb9858b33b3752b4c69776ec4506ba2bd490a6f17aae1152d8762d86cc0ef32788cf149e8fa9464c3ea588f15d8eb2092254c470acf221cfe680845167fc6778b8af1609681ae4f4e65426ce059b9768eb2e0c89f29de7b91db89a72e4c677c65dd980f9a6bfa656ed01d5e683a33e6b80462139476225cc0fcc309d926c36aa250bdad1454db46cd2536046f909a05b08829cad973bc705231a32a5f2e7ac5e96e2315cb175724607a5af02073fc936272aa724990ba6dcc4ea79da6eb7ec0bbdbd0a878114c493bc4b3e26e24b18553bd0a617981d8ea9e91ed2e3bcbd48f5d67aa913790bf52c31435184d6c73079e964e9ef05194e88b072b372d48cb70dbca99238c4474ed0b6932cc1b233bce0c87d48d478fa3c937c42c8637714e9995041f8b2b7dce17eb2f26c730f5559cf5919b88ee00bbf40726f90e1cf29e0f5fadc64de1bf28d447e8996948dc2fe658620b6fb8cfc592d5e0621b66057eb774c31ab16235456210c5ee7990b71b5b3d51cf13e30361a8cdaa107b13fa6a1c84b172efece3b70753e81e7e9e572d228c7bbcdaba40d8d0eb4de13bda1fca38d3ed667bb0897335aadaa0c3905a1283292c89ef5747ad5462db4011c3f8a4a476aa78d74badf8bf3785997ba9824e21256eed4c2805331fa24c81e28f21e895a0b03e7de52787065faded0f1b59eba1c922dce5576e8ab190ef716c021d8dfa13a1e73b8962d9f9238ba8b9fa2cf84addfe37e78cdb398ee4c0642a716fb8db1e332f873a16c6225ebc51fe05f33273380e64272159bb808336e87b4b0cddb492a992b2e7f423bf37725e1d9dda0dc6b4426172c2a93ee1cc9acea7fe1ece9ba0ddee3e232efb11fc4d4e266cd2a83c017e32315c434b73e9729d5a3a7fe993e72f9bb70d78672493263a2653fe1bfd42d1f97cbf0fffb6705b2e35fe65ceb9ad7ddc525b689027352db9c194939559ebb3b505a58e0404103482ce10f7d67761c13b235b52ad1b25803aa94cf7df5ca8d8bd0d4e6d0ab8bcfb8f72a26cecf071e31c02a1034c0144d850f1732926981dca7a18f0a197da3703d74d3e951ed510ed38a8fcae93eb2bebdf92e0feb0f06dbe1331cb43cfa548ca294ea479ecb325aea7aff8d924745298a3d34f23f40b992995a908130165b44beb8cc9da8390dae2a09cb7e1ac7e95b84f35e7be147b4be04883047cdcaec662aa8b66694ae8914e65edb63696494bff66eacb3aecdb23746a36cec7f832d628d38698ba6b3d4020095eae2a5b36a21039ce50901cdf2582b88ab8c86c6f4a8c345618f10d7aab081edb3ce8e4479e0ac476112d4b261cb8ed952221fb660898491fc7134b091c0565173bebf014caffae12852b5314c930d41e27bcfa7bc536fc4da3b714630e1ac7aaf006755da1da792dcad08f796c2ebdd6427ad3374e25132a103d62f98584462aa164d742b4d7c668a85119480199dd90f0a903f6c76cfca28b84a2279ae6965fdec403072be146d2d1f39b122113fbcfb52cf8c7c1d47a32f437b895bcd7a67ad08f196112a15b07e5b57b4db2b7c7f70a42923d6d0625515375b9281d331bd1e5dd75ff3a6e1ca5b75eb328e6c935f2c8f0c57b0aaf2ad85983160b0e53fca44d95e956ef2726d97acb2da34ca4482bb86aabde6d8b8b85da2e44ae89b8359f7edb88a3e2a9aad23125b8c2bd0c7be0847ac9b1e16db2c395e0c9eb040af710c31d32f7b356bfb6f1704f4d884f37c15b865eda87685ae8926fbf3a4465e7e2968ee18ea1ff5d4f4cbfb55634089687b9f0bce5b9cf10779299893cf64980193fd3a1096507e7a8be", 0x1000}}, 0x1006) io_uring_enter(r0, 0x27e2, 0x0, 0x0, 0x0, 0x0) 1.179226282s ago: executing program 5 (id=4159): r0 = socket$inet_sctp(0x2, 0x5, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000000c0)={0x0, 0x6, 0x6, 0xfffffff1, 0x80a6, 0x2}, 0x14) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x5, 0x84) sendto$inet(r1, &(0x7f0000000500)="ab", 0x1, 0x2000c000, &(0x7f000001f480)={0x2, 0x4e22, @loopback}, 0x10) 1.125645152s ago: executing program 6 (id=4160): r0 = gettid() timer_create(0x0, &(0x7f0000000040)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex(&(0x7f0000000180)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc) syz_clone3(&(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) 942.94382ms ago: executing program 4 (id=4162): r0 = socket$packet(0x11, 0x3, 0x300) bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48) socket(0x840000000002, 0x3, 0xff) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x8, r2, 0x15}, 0x80, &(0x7f0000000400)=[{&(0x7f0000000140)="845adc6f382819ad9dc965a4eefcfdc5b7227fa6", 0x14}], 0x1}}], 0x1, 0x10) 824.09556ms ago: executing program 4 (id=4163): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b70300000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000280)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000007000000080001006e00000008000300", @ANYRES32=r3, @ANYBLOB="0c0099000000000000000000050053000100000014000400776c616e310000000000000000000000140006"], 0x60}}, 0x0) 692.235798ms ago: executing program 4 (id=4164): r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000940), 0x10) listen(r0, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f00000000c0)={0x28, 0x0, 0x0, @local}, 0x10) recvmmsg(r1, &(0x7f0000003140)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40010121, 0x0) 423.07556ms ago: executing program 4 (id=4165): mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x10408, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x10}}, 0x50) write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0x30, 0x5, 0x0, {0x0, 0x1, 0x0, 0x1}}, 0x30) 357.782025ms ago: executing program 2 (id=4166): bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0e0000000400000008000000080000000000", @ANYRES32, @ANYBLOB="0000000000000084"], 0x50) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000002100)) ioctl$VHOST_GET_VRING_ENDIAN(r0, 0x4028af11, &(0x7f00000001c0)) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000001980)=0x1) 256.04686ms ago: executing program 5 (id=4167): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$inet_opts(r0, 0x0, 0x6, &(0x7f0000000380)='\a', 0x1) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4) setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f0000000000)=0xb2, 0x4) sendmmsg$inet6(r0, &(0x7f00000002c0)=[{{&(0x7f0000000400)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}], 0x1, 0x0) recvmmsg(r0, &(0x7f0000000800), 0x62, 0x12141, 0x0) 204.593606ms ago: executing program 4 (id=4168): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x0) prlimit64(0x0, 0x7, &(0x7f00000000c0), 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r0, r2}, 0x10) 204.226362ms ago: executing program 2 (id=4169): rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) r0 = getpid() r1 = gettid() rt_tgsigqueueinfo(r0, r1, 0x29, &(0x7f00000000c0)={0x1, 0x80000000, 0xd}) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xffffffffffffffff]}, 0x8, 0x0) read$FUSE(r2, &(0x7f0000006000)={0x2020}, 0x8d) 85.78535ms ago: executing program 6 (id=4170): r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="130100002add1e20ef050a023691010203010902240001000000000904000002ea1998000905a6a70000000000090507", @ANYRES32], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000300)={0x0, 0x5, 0x1, 'O'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000480)={0x24, &(0x7f0000000000)={0x0, 0xb, 0x1, 'N'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 55.800392ms ago: executing program 5 (id=4171): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x400, 0x70bd27, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000001}, 0x20480d4) accept4$rose(r1, &(0x7f0000000140)=@full={0xb, @dev, @bcast, 0x0, [@null, @netrom, @default, @remote, @null, @null]}, 0x0, 0x800) 34.990103ms ago: executing program 2 (id=4172): splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x7fff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc90}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10) mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000) mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000) 0s ago: executing program 4 (id=4173): socket$nl_route(0x10, 0x3, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$packet(0x11, 0x2, 0x300) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x2a) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000001200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2405000005000000000000000c240000e9fffff5ffffffff092403f3", @ANYRES8=r1, @ANYRES64=r0], 0x0) kernel console output (not intermixed with test programs): etting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 304.969784][ T5877] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 304.979749][ T9] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 304.987408][ T5877] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 305.000754][ T5877] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 305.010114][ T5877] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 305.016087][ T977] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 305.025771][ T5877] usb 3-1: config 0 descriptor?? [ 305.166928][ T9] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 305.177482][ T9] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 305.185871][ T977] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 305.186517][ T9] usb 6-1: config 1 has no interface number 0 [ 305.199661][ T977] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 305.201725][ T9] usb 6-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 305.213177][ T977] usb 7-1: config 0 descriptor?? [ 305.220645][ T9] usb 6-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 305.224183][ T9] usb 6-1: New USB device found, idVendor=0525, idProduct=a4c3, bcdDevice= 0.40 [ 305.241667][ T977] cp210x 7-1:0.0: cp210x converter detected [ 305.250740][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 305.259068][ T9] usb 6-1: Product: syz [ 305.263307][ T9] usb 6-1: Manufacturer: syz [ 305.268163][ T9] usb 6-1: SerialNumber: syz [ 305.451734][ T5877] plantronics 0003:047F:FFFF.002E: ignoring exceeding usage max [ 305.469250][ T5877] plantronics 0003:047F:FFFF.002E: No inputs registered, leaving [ 305.499472][ T5877] plantronics 0003:047F:FFFF.002E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 305.528986][T11877] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2584'. [ 305.841108][ T977] cp210x 7-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 305.865518][ T977] cp210x 7-1:0.0: GPIO initialisation failed: -71 [ 305.882259][ T977] usb 7-1: cp210x converter now attached to ttyUSB0 [ 305.895310][ T977] usb 7-1: USB disconnect, device number 6 [ 305.913385][ T977] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 305.933712][ T977] cp210x 7-1:0.0: device disconnected [ 306.123445][ T9] cdc_ncm 6-1:1.1: bind() failure [ 306.417140][ T9] usb 6-1: USB disconnect, device number 10 [ 306.864095][ T977] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 307.034203][ T977] usb 5-1: Using ep0 maxpacket: 16 [ 307.047461][ T977] usb 5-1: config 0 has an invalid interface number: 105 but max is 0 [ 307.059849][ T977] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 307.078116][ T977] usb 5-1: config 0 has no interface number 0 [ 307.087898][ T977] usb 5-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 307.101246][ T977] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 307.109371][ T977] usb 5-1: Product: syz [ 307.113748][ T977] usb 5-1: Manufacturer: syz [ 307.118753][ T977] usb 5-1: SerialNumber: syz [ 307.141037][ T977] usb 5-1: config 0 descriptor?? [ 307.159081][ T977] usb 5-1: Found UVC 0.00 device syz (046d:08f3) [ 307.169577][ T977] usb 5-1: No valid video chain found. [ 307.184049][ T5877] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 307.354177][ T5877] usb 1-1: Using ep0 maxpacket: 32 [ 307.377328][ T5877] usb 1-1: config index 0 descriptor too short (expected 156, got 27) [ 307.380896][ T977] usb 5-1: USB disconnect, device number 31 [ 307.385910][ T5877] usb 1-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 307.402699][ T5877] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 307.414015][ T5877] usb 1-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 307.428169][ T5877] usb 1-1: config 0 interface 0 has no altsetting 0 [ 307.442390][ T5877] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 307.451849][ T5877] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 307.463625][ T5877] usb 1-1: Product: syz [ 307.468641][ T5877] usb 1-1: Manufacturer: syz [ 307.473261][ T5877] usb 1-1: SerialNumber: syz [ 307.486148][ T5877] usb 1-1: config 0 descriptor?? [ 307.496857][ T5877] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 307.511148][ T5877] ldusb 1-1:0.0: LD USB Device #1 now attached to major 180 minor 1 [ 307.527615][ T9] usb 3-1: USB disconnect, device number 30 [ 307.798795][T11959] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2621'. [ 307.899165][T11966] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2622'. [ 307.909514][T11966] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2622'. [ 308.134021][ T9] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 308.294170][ T5877] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 308.306679][ T9] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 308.316948][ T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 308.329834][ T9] usb 7-1: config 0 descriptor?? [ 308.338302][ T9] cp210x 7-1:0.0: cp210x converter detected [ 308.457967][ T5877] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 308.469171][ T5877] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 308.479107][ T5877] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 308.492183][ T5877] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 308.501400][ T5877] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 308.512153][ T5877] usb 6-1: config 0 descriptor?? [ 308.743890][ T9] cp210x 7-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 308.770382][ T9] usb 7-1: cp210x converter now attached to ttyUSB0 [ 308.943616][ T5877] plantronics 0003:047F:FFFF.002F: No inputs registered, leaving [ 308.969938][ T5877] plantronics 0003:047F:FFFF.002F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 308.975089][ T5890] usb 7-1: USB disconnect, device number 7 [ 309.005139][ T5890] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 309.059046][ T5890] cp210x 7-1:0.0: device disconnected [ 309.443904][ T977] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 309.594032][ T977] usb 3-1: Using ep0 maxpacket: 32 [ 309.604464][ T977] usb 3-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 309.617390][ T977] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 309.630952][ T977] usb 3-1: config 0 descriptor?? [ 309.647305][ T977] gspca_main: sunplus-2.14.0 probing 041e:400b [ 309.939175][ T5890] usb 1-1: USB disconnect, device number 28 [ 309.962115][ T5890] ldusb 1-1:0.0: LD USB Device #1 now disconnected [ 310.353989][ T5890] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 310.514057][ T5890] usb 1-1: Using ep0 maxpacket: 32 [ 310.521064][ T5890] usb 1-1: config 0 interface 0 has no altsetting 0 [ 310.530788][ T5890] usb 1-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 310.545307][ T5890] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 310.553381][ T5890] usb 1-1: Product: syz [ 310.557634][ T5890] usb 1-1: Manufacturer: syz [ 310.562268][ T5890] usb 1-1: SerialNumber: syz [ 310.567012][ T5892] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 310.577960][ T5890] usb 1-1: config 0 descriptor?? [ 310.652322][ T977] gspca_sunplus: reg_w_riv err -71 [ 310.659485][ T977] sunplus 3-1:0.0: probe with driver sunplus failed with error -71 [ 310.669359][ T977] usb 3-1: USB disconnect, device number 31 [ 310.736035][ T5892] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 310.749477][ T5892] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 310.761216][ T5892] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 310.778195][ T5892] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 310.800594][ T5892] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 310.809839][ T5892] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 310.822003][ T5892] usb 5-1: config 0 descriptor?? [ 311.001338][ T5890] gs_usb 1-1:0.0: Configuring for 3 interfaces [ 311.011831][ T5877] usb 6-1: USB disconnect, device number 11 [ 311.247841][ T5892] plantronics 0003:047F:FFFF.0030: ignoring exceeding usage max [ 311.291813][ T5892] plantronics 0003:047F:FFFF.0030: No inputs registered, leaving [ 311.344365][ T5892] plantronics 0003:047F:FFFF.0030: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 311.405855][ T5890] gs_usb 1-1:0.0: Couldn't get bit timing const for channel 1 (-EPROTO) [ 311.476733][ T5890] gs_usb 1-1:0.0: probe with driver gs_usb failed with error -71 [ 311.500119][ T5890] usb 1-1: USB disconnect, device number 29 [ 312.647372][ T48] IPVS: starting estimator thread 0... [ 312.648099][T12066] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 312.667431][T12068] binder: 12067:12068 ioctl c018620b 200000000700 returned -14 [ 312.746163][T12070] IPVS: using max 27 ests per chain, 64800 per kthread [ 312.761762][T12072] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2667'. [ 313.084296][ T24] usb 3-1: new high-speed USB device number 32 using dummy_hcd [ 313.255311][ T24] usb 3-1: Using ep0 maxpacket: 32 [ 313.272421][ T24] usb 3-1: config 0 has an invalid interface number: 184 but max is 0 [ 313.289199][ T24] usb 3-1: config 0 has no interface number 0 [ 313.298327][ T24] usb 3-1: config 0 interface 184 has no altsetting 0 [ 313.315155][ T24] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 313.330248][ T5892] usb 5-1: USB disconnect, device number 32 [ 313.339007][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 313.362882][ T24] usb 3-1: Product: syz [ 313.371085][ T24] usb 3-1: Manufacturer: syz [ 313.378573][ T24] usb 3-1: SerialNumber: syz [ 313.388158][ T24] usb 3-1: config 0 descriptor?? [ 313.398145][ T24] smsc75xx v1.0.0 [ 314.008941][ T24] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32 [ 314.026596][ T24] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 314.239860][ T24] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -71 [ 314.266182][ T24] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -71 [ 314.296195][ T24] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 314.304026][ T916] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 314.313529][ T24] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -71 [ 314.340980][ T24] usb 3-1: USB disconnect, device number 32 [ 314.342640][T12127] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2691'. [ 314.371882][T12127] bond_slave_0: entered promiscuous mode [ 314.377943][T12127] bond_slave_1: entered promiscuous mode [ 314.384259][T12127] macvlan2: entered promiscuous mode [ 314.389582][T12127] bond0: entered promiscuous mode [ 314.397787][T12127] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 314.481580][ T916] usb 5-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 314.492578][ T916] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 314.523270][ T916] usb 5-1: Product: syz [ 314.527622][ T916] usb 5-1: Manufacturer: syz [ 314.532257][ T916] usb 5-1: SerialNumber: syz [ 314.537465][ T9] usb 7-1: new full-speed USB device number 8 using dummy_hcd [ 314.549131][ T916] usb 5-1: config 0 descriptor?? [ 314.715057][ T9] usb 7-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 314.725637][ T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 314.737364][ T9] usb 7-1: config 0 descriptor?? [ 314.749631][ T9] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 314.753942][ T5892] usb 1-1: new high-speed USB device number 30 using dummy_hcd [ 314.930442][ T5892] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 314.941708][ T5892] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 314.963893][ T5892] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 314.970172][ T9] gp8psk: usb in 128 operation failed. [ 314.975189][ T5892] usb 1-1: config 0 descriptor?? [ 314.989566][ T916] usb 5-1: Firmware version (0.0) predates our first public release. [ 315.004438][ T916] usb 5-1: Please update to version 0.2 or newer [ 315.011970][ T916] usb 5-1: Firmware: build [ 315.017477][ T5877] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 315.182247][ T9] gp8psk: usb in 146 operation failed. [ 315.188253][ T9] gp8psk: failed to get FW version [ 315.195857][ T5877] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 315.205524][ T5877] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 315.214261][ T9] gp8psk: FPGA Version = 165 [ 315.223333][ T5877] usb 6-1: config 0 descriptor?? [ 315.233533][ T5877] cp210x 6-1:0.0: cp210x converter detected [ 315.246599][ T916] usb 5-1: USB disconnect, device number 33 [ 315.327153][T12150] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 315.410780][ T30] audit: type=1326 audit(2000000210.562:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12151 comm="syz.2.2702" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb8a8d8e969 code=0x0 [ 315.415257][ T9] gp8psk: usb in 138 operation failed. [ 315.444588][ T5892] keytouch 0003:0926:3333.0031: fixing up Keytouch IEC report descriptor [ 315.446808][ T9] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 315.461262][ T5892] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0031/input/input37 [ 315.466967][ T9] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 315.488845][ T9] usb 7-1: USB disconnect, device number 8 [ 315.550989][ T5892] keytouch 0003:0926:3333.0031: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0 [ 315.678334][ T5877] cp210x 6-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 315.898777][ T5877] usb 6-1: cp210x converter now attached to ttyUSB0 [ 316.026271][ T5877] usb 1-1: USB disconnect, device number 30 [ 316.085634][ T5892] usb 5-1: new high-speed USB device number 34 using dummy_hcd [ 316.102430][ T916] usb 6-1: USB disconnect, device number 12 [ 316.122979][ T916] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 316.145644][ T916] cp210x 6-1:0.0: device disconnected [ 316.246992][ T5892] usb 5-1: Using ep0 maxpacket: 32 [ 316.268394][ T5892] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 316.279895][ T5892] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 316.305021][ T5892] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 316.315695][ T5892] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 316.328132][ T5892] usb 5-1: config 0 descriptor?? [ 316.343950][T12164] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 316.795238][ T5892] savu 0003:1E7D:2D5A.0032: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0 [ 316.920032][T12182] syzkaller1: entered promiscuous mode [ 316.944091][T12182] syzkaller1: entered allmulticast mode [ 317.056167][ T5892] usb 5-1: USB disconnect, device number 34 [ 317.110408][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.117200][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.745323][T12203] binder: 12201:12203 ioctl c0306201 200000000300 returned -22 [ 318.137066][ T30] audit: type=1326 audit(2000000213.292:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12216 comm="syz.5.2731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9d7952ab39 code=0x7ffc0000 [ 318.224737][ T30] audit: type=1326 audit(2000000213.302:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12216 comm="syz.5.2731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9d7952ab39 code=0x7ffc0000 [ 318.313867][ T30] audit: type=1326 audit(2000000213.302:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12216 comm="syz.5.2731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9d7952ab39 code=0x7ffc0000 [ 318.415238][ T30] audit: type=1326 audit(2000000213.302:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12216 comm="syz.5.2731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9d7952ab39 code=0x7ffc0000 [ 318.553949][ T30] audit: type=1326 audit(2000000213.302:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12216 comm="syz.5.2731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9d7952ab39 code=0x7ffc0000 [ 318.633884][ T30] audit: type=1326 audit(2000000213.302:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12216 comm="syz.5.2731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9d7952ab39 code=0x7ffc0000 [ 318.701298][ T30] audit: type=1326 audit(2000000213.302:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12216 comm="syz.5.2731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9d7952ab39 code=0x7ffc0000 [ 318.772274][T12232] overlayfs: invalid origin (0000) [ 318.854199][ T30] audit: type=1326 audit(2000000213.302:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12216 comm="syz.5.2731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9d7952ab39 code=0x7ffc0000 [ 318.967806][ T30] audit: type=1326 audit(2000000213.302:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12216 comm="syz.5.2731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9d7952ab39 code=0x7ffc0000 [ 320.022247][T12275] netlink: 'syz.2.2758': attribute type 1 has an invalid length. [ 320.032329][T12275] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2758'. [ 320.473888][ T916] usb 3-1: new high-speed USB device number 33 using dummy_hcd [ 320.533528][T12300] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2771'. [ 320.594043][ T24] usb 5-1: new high-speed USB device number 35 using dummy_hcd [ 320.633889][ T916] usb 3-1: Using ep0 maxpacket: 32 [ 320.646166][ T916] usb 3-1: config 0 has an invalid interface number: 67 but max is 0 [ 320.669974][ T916] usb 3-1: config 0 has no interface number 0 [ 320.693266][ T916] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 320.723923][ T916] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 320.741741][ T916] usb 3-1: Product: syz [ 320.751381][ T916] usb 3-1: Manufacturer: syz [ 320.762139][ T24] usb 5-1: Using ep0 maxpacket: 16 [ 320.762655][ T916] usb 3-1: SerialNumber: syz [ 320.772266][ T24] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 320.803986][ T24] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 320.807193][ T916] usb 3-1: config 0 descriptor?? [ 320.835076][ T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 320.850963][ T916] smsc95xx v2.0.0 [ 320.860013][ T24] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 320.913841][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 320.921897][ T24] usb 5-1: Product: syz [ 320.939896][ T24] usb 5-1: Manufacturer: syz [ 320.944676][ T24] usb 5-1: SerialNumber: syz [ 321.281486][ T916] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 321.309821][ T916] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 321.369632][ T24] usb 5-1: 0:2 : does not exist [ 321.389203][ T24] usb 5-1: USB disconnect, device number 35 [ 321.723235][ T916] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 321.724132][ T5892] usb 1-1: new high-speed USB device number 31 using dummy_hcd [ 321.739286][ T916] smsc95xx 3-1:0.67: probe with driver smsc95xx failed with error -71 [ 321.753106][ T916] usb 3-1: USB disconnect, device number 33 [ 321.885167][ T5892] usb 1-1: Using ep0 maxpacket: 32 [ 321.892533][ T5892] usb 1-1: config 0 has an invalid interface number: 2 but max is 0 [ 321.901209][ T5892] usb 1-1: config 0 has no interface number 0 [ 321.908342][ T5892] usb 1-1: config 0 interface 2 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 321.919523][ T5892] usb 1-1: config 0 interface 2 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0 [ 321.943895][ T5892] usb 1-1: config 0 interface 2 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 321.963622][ T5892] usb 1-1: config 0 interface 2 has no altsetting 0 [ 321.981846][ T5892] usb 1-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00 [ 321.991730][ T5892] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 322.003091][ T5892] usb 1-1: config 0 descriptor?? [ 322.323887][ T48] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 322.431326][ T5892] uclogic 0003:5543:0781.0033: unknown main item tag 0x0 [ 322.445785][ T5892] uclogic 0003:5543:0781.0033: unknown main item tag 0x0 [ 322.453567][ T5892] uclogic 0003:5543:0781.0033: unknown main item tag 0x0 [ 322.461482][ T5892] uclogic 0003:5543:0781.0033: unknown main item tag 0x0 [ 322.469050][ T5892] uclogic 0003:5543:0781.0033: unknown main item tag 0x0 [ 322.476399][ T5892] uclogic 0003:5543:0781.0033: unknown main item tag 0x0 [ 322.483738][ T5892] uclogic 0003:5543:0781.0033: unknown main item tag 0x0 [ 322.499065][ T48] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 322.513433][ T5892] uclogic 0003:5543:0781.0033: No inputs registered, leaving [ 322.521284][ T48] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 322.536898][ T5892] uclogic 0003:5543:0781.0033: hidraw0: USB HID v0.07 Device [HID 5543:0781] on usb-dummy_hcd.0-1/input2 [ 322.551543][ T48] usb 5-1: config 0 descriptor?? [ 322.560503][ T48] cp210x 5-1:0.0: cp210x converter detected [ 322.620738][ T916] usb 1-1: USB disconnect, device number 31 [ 322.976477][ T48] cp210x 5-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 322.990484][ T48] usb 5-1: cp210x converter now attached to ttyUSB0 [ 323.229992][ T5877] usb 5-1: USB disconnect, device number 36 [ 323.250056][ T5877] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 323.272562][T12384] netlink: 'syz.0.2809': attribute type 4 has an invalid length. [ 323.278550][ T5877] cp210x 5-1:0.0: device disconnected [ 323.395324][T12391] program syz.0.2812 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 324.474250][ T5892] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 324.674181][ T5892] usb 5-1: Using ep0 maxpacket: 8 [ 324.681970][ T5892] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 324.713942][ T5892] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 324.723719][ T5892] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 324.755938][ T5892] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 324.769075][ T5892] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 324.793641][ T5892] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 325.027450][ T5892] usb 5-1: GET_CAPABILITIES returned 0 [ 325.040183][ T5892] usbtmc 5-1:16.0: can't read capabilities [ 325.231682][ T5877] usb 5-1: USB disconnect, device number 37 [ 325.329904][T12451] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2837'. [ 325.883587][T12465] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2844'. [ 326.153985][ T5892] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 326.326456][ T5892] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 326.345829][ T5892] usb 6-1: config 1 has no interface number 0 [ 326.352112][ T5892] usb 6-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 326.385084][ T5892] usb 6-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 326.402201][ T5892] usb 6-1: config 1 interface 1 altsetting 1 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 326.429454][ T5892] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 326.462527][ T5892] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 326.492849][ T5892] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 326.503379][ T5892] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 326.519754][ T5892] usb 6-1: Product: syz [ 326.529458][ T5892] usb 6-1: Manufacturer: syz [ 326.539970][ T5892] usb 6-1: SerialNumber: syz [ 326.742215][ T30] kauditd_printk_skb: 244 callbacks suppressed [ 326.742234][ T30] audit: type=1326 audit(2000000221.892:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12490 comm="syz.2.2855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a8d8e969 code=0x7ffc0000 [ 326.799648][T12467] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 326.823085][ T30] audit: type=1326 audit(2000000221.892:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12490 comm="syz.2.2855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a8d8e969 code=0x7ffc0000 [ 326.891496][ T30] audit: type=1326 audit(2000000221.932:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12490 comm="syz.2.2855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fb8a8d8e969 code=0x7ffc0000 [ 326.957044][ T30] audit: type=1326 audit(2000000221.942:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12490 comm="syz.2.2855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a8d8e969 code=0x7ffc0000 [ 327.013254][ T30] audit: type=1326 audit(2000000221.942:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12490 comm="syz.2.2855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a8d8e969 code=0x7ffc0000 [ 327.085208][ T30] audit: type=1326 audit(2000000221.962:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12490 comm="syz.2.2855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fb8a8d8e969 code=0x7ffc0000 [ 327.164645][ T30] audit: type=1326 audit(2000000221.962:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12490 comm="syz.2.2855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a8d8e969 code=0x7ffc0000 [ 327.243865][ T30] audit: type=1326 audit(2000000221.962:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12490 comm="syz.2.2855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fb8a8d8e969 code=0x7ffc0000 [ 327.307815][ T30] audit: type=1326 audit(2000000221.972:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12490 comm="syz.2.2855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb8a8d2ab39 code=0x7ffc0000 [ 327.404425][ T30] audit: type=1326 audit(2000000222.002:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12490 comm="syz.2.2855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb8a8d2ab39 code=0x7ffc0000 [ 327.484565][T12467] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 327.497833][ T5892] cdc_ncm 6-1:1.1: bind() failure [ 327.713540][ T5892] usb 6-1: USB disconnect, device number 13 [ 328.172313][T12522] vlan2: entered promiscuous mode [ 328.183963][T12522] macvtap0: entered promiscuous mode [ 328.607922][T12535] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2874'. [ 329.860215][ T1168] Bluetooth: Error in BCSP hdr checksum [ 330.367463][T12601] veth0: entered promiscuous mode [ 330.382307][T12601] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2902'. [ 331.405160][T12626] netlink: 172 bytes leftover after parsing attributes in process `syz.5.2912'. [ 331.894551][ T51] Bluetooth: hci3: Opcode 0x1003 failed: -110 [ 332.030583][T12647] netlink: 'syz.0.2919': attribute type 4 has an invalid length. [ 332.082111][T12648] netlink: 'syz.0.2919': attribute type 4 has an invalid length. [ 332.534011][ T9] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 332.703873][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 332.712583][ T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 332.736829][ T9] usb 3-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 332.746092][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 332.765437][ T9] usb 3-1: Product: syz [ 332.783864][ T9] usb 3-1: Manufacturer: syz [ 332.793925][ T9] usb 3-1: SerialNumber: syz [ 332.810066][ T9] usb 3-1: config 0 descriptor?? [ 335.093994][ T5879] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 335.245530][ T5879] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 335.257073][ T5879] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 335.268126][ T5879] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 335.295053][ T5879] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 335.310522][ T5879] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 335.320632][ T9] usb 3-1: USB disconnect, device number 34 [ 335.332888][ T5879] usb 5-1: config 0 descriptor?? [ 335.768059][ T5879] plantronics 0003:047F:FFFF.0034: No inputs registered, leaving [ 335.804235][ T5879] plantronics 0003:047F:FFFF.0034: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 336.065572][T12780] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 336.075005][ T5879] usb 5-1: USB disconnect, device number 38 [ 337.604805][ T48] usb 5-1: new high-speed USB device number 39 using dummy_hcd [ 337.773996][ T48] usb 5-1: Using ep0 maxpacket: 16 [ 337.790179][ T48] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 337.835039][ T48] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 337.861206][ T48] usb 5-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00 [ 337.883934][ T48] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 337.898551][ T48] usb 5-1: config 0 descriptor?? [ 338.731346][ T48] letsketch 0003:6161:4D15.0035: Device info: 豧 [ 338.932167][ T48] letsketch 0003:6161:4D15.0035: Device info: 꿨 [ 338.995686][T12858] syz.6.3006: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 339.038676][T12858] CPU: 0 UID: 0 PID: 12858 Comm: syz.6.3006 Not tainted 6.15.0-syzkaller-02443-g015a99fa7665 #0 PREEMPT(full) [ 339.038708][T12858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 339.038721][T12858] Call Trace: [ 339.038729][T12858] [ 339.038738][T12858] dump_stack_lvl+0x189/0x250 [ 339.038774][T12858] ? __pfx_dump_stack_lvl+0x10/0x10 [ 339.038802][T12858] ? __pfx__printk+0x10/0x10 [ 339.038839][T12858] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 339.038869][T12858] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 339.038901][T12858] ? cpuset_print_current_mems_allowed+0x2ee/0x360 [ 339.038926][T12858] warn_alloc+0x214/0x310 [ 339.038940][T12858] ? stack_depot_save_flags+0x429/0x900 [ 339.038975][T12858] ? __pfx_warn_alloc+0x10/0x10 [ 339.038999][T12858] ? kasan_save_track+0x4f/0x80 [ 339.039024][T12858] ? xskq_create+0x56/0x170 [ 339.039047][T12858] ? xsk_init_queue+0xb0/0x110 [ 339.039062][T12858] ? xsk_setsockopt+0x43f/0x710 [ 339.039075][T12858] ? do_sock_setsockopt+0x25a/0x3e0 [ 339.039093][T12858] ? __x64_sys_setsockopt+0x18b/0x220 [ 339.039116][T12858] ? do_syscall_64+0xfa/0x3b0 [ 339.039154][T12858] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.039184][T12858] __vmalloc_node_range_noprof+0x125/0x1340 [ 339.039242][T12858] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 339.039280][T12858] ? __kasan_kmalloc+0x93/0xb0 [ 339.039314][T12858] vmalloc_user_noprof+0xad/0xf0 [ 339.039346][T12858] ? xskq_create+0xbf/0x170 [ 339.039369][T12858] xskq_create+0xbf/0x170 [ 339.039389][T12858] xsk_init_queue+0xb0/0x110 [ 339.039407][T12858] xsk_setsockopt+0x43f/0x710 [ 339.039432][T12858] ? __pfx_xsk_setsockopt+0x10/0x10 [ 339.039454][T12858] ? __lock_acquire+0xab9/0xd20 [ 339.039490][T12858] ? bpf_lsm_socket_setsockopt+0x9/0x20 [ 339.039507][T12858] ? __pfx_xsk_setsockopt+0x10/0x10 [ 339.039533][T12858] do_sock_setsockopt+0x25a/0x3e0 [ 339.039554][T12858] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 339.039585][T12858] ? __fget_files+0x2a/0x420 [ 339.039628][T12858] __x64_sys_setsockopt+0x18b/0x220 [ 339.039661][T12858] do_syscall_64+0xfa/0x3b0 [ 339.039686][T12858] ? lockdep_hardirqs_on+0x9c/0x150 [ 339.039703][T12858] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.039718][T12858] ? clear_bhb_loop+0x60/0xb0 [ 339.039747][T12858] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.039770][T12858] RIP: 0033:0x7f241778e969 [ 339.039788][T12858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 339.039806][T12858] RSP: 002b:00007f2418560038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 339.039828][T12858] RAX: ffffffffffffffda RBX: 00007f24179b5fa0 RCX: 00007f241778e969 [ 339.039840][T12858] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003 [ 339.039849][T12858] RBP: 00007f2417810ab1 R08: 0000000000000052 R09: 0000000000000000 [ 339.039859][T12858] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 339.039869][T12858] R13: 0000000000000000 R14: 00007f24179b5fa0 R15: 00007ffd25228c18 [ 339.039904][T12858] [ 339.040009][T12858] Mem-Info: [ 339.346265][ T48] usb 5-1: Max retries (5) exceeded reading string descriptor 202 [ 339.370005][ T48] letsketch 0003:6161:4D15.0035: probe with driver letsketch failed with error -71 [ 339.384648][T12858] active_anon:2323 inactive_anon:20336 isolated_anon:0 [ 339.384648][T12858] active_file:20649 inactive_file:35100 isolated_file:0 [ 339.384648][T12858] unevictable:768 dirty:286 writeback:0 [ 339.384648][T12858] slab_reclaimable:10520 slab_unreclaimable:103164 [ 339.384648][T12858] mapped:29069 shmem:20272 pagetables:799 [ 339.384648][T12858] sec_pagetables:0 bounce:0 [ 339.384648][T12858] kernel_misc_reclaimable:0 [ 339.384648][T12858] free:1306988 free_pcp:976 free_cma:0 [ 339.433565][ T48] usb 5-1: USB disconnect, device number 39 [ 339.454267][T12858] Node 0 active_anon:9292kB inactive_anon:81244kB active_file:82396kB inactive_file:140400kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:116276kB dirty:1144kB writeback:0kB shmem:79552kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10804kB pagetables:3096kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 339.488060][ C1] vkms_vblank_simulate: vblank timer overrun [ 339.513968][T12858] Node 1 active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 339.550258][T12858] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 339.583145][T12858] lowmem_reserve[]: 0 2504 2504 2504 2504 [ 339.601331][T12858] Node 0 DMA32 free:1292828kB boost:0kB min:34304kB low:42880kB high:51456kB reserved_highatomic:0KB active_anon:9288kB inactive_anon:81140kB active_file:82304kB inactive_file:140388kB unevictable:1536kB writepending:1144kB present:3129332kB managed:2564144kB mlocked:0kB bounce:0kB free_pcp:3880kB local_pcp:488kB free_cma:0kB [ 339.634238][ C1] vkms_vblank_simulate: vblank timer overrun [ 339.640666][T12858] lowmem_reserve[]: 0 0 0 0 0 [ 339.652361][T12858] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:4kB inactive_anon:4kB active_file:92kB inactive_file:12kB unevictable:0kB writepending:0kB present:1048580kB managed:112kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 339.682431][ C1] vkms_vblank_simulate: vblank timer overrun [ 339.690214][T12858] lowmem_reserve[]: 0 0 0 0 0 [ 339.715858][T12858] Node 1 Normal free:3920896kB boost:0kB min:55592kB low:69488kB high:83384kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 339.753833][T12858] lowmem_reserve[]: 0 0 0 0 0 [ 339.799461][ T9] hid-generic 0000:0000:0000.0036: unknown main item tag 0x0 [ 339.819305][T12858] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 339.849030][ T9] hid-generic 0000:0000:0000.0036: hidraw0: HID v0.00 Device [syz1] on syz0 [ 339.864431][T12858] Node 0 DMA32: 663*4kB (UM) 297*8kB (UME) 180*16kB (UE) 249*32kB (UE) 131*64kB (UE) 86*128kB (UME) 64*256kB (UME) 59*512kB (UME) 23*1024kB (UM) 9*2048kB (UM) 285*4096kB (UM) = 1291204kB [ 339.934110][T12858] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 339.974248][T12858] Node 1 Normal: 148*4kB (UE) 48*8kB (UME) 43*16kB (UME) 198*32kB (UME) 81*64kB (UME) 25*128kB (UME) 12*256kB (UME) 6*512kB (UM) 3*1024kB (UME) 4*2048kB (UE) 949*4096kB (M) = 3920896kB [ 340.014583][T12858] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 340.035334][T12858] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 340.083677][T12858] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 340.124047][T12858] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 340.143900][T12858] 79646 total pagecache pages [ 340.148772][T12858] 0 pages in swap cache [ 340.152935][T12858] Free swap = 124996kB [ 340.166179][T12858] Total swap = 124996kB [ 340.177423][T12858] 2097051 pages RAM [ 340.181530][T12858] 0 pages HighMem/MovableOnly [ 340.189959][T12858] 424356 pages reserved [ 340.194986][T12858] 0 pages cma reserved [ 340.303907][ T48] usb 5-1: new full-speed USB device number 40 using dummy_hcd [ 340.480305][ T48] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 340.494089][ T48] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 340.520244][ T48] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 340.551029][ T48] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 340.563867][ T48] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 340.615376][ T48] usb 5-1: config 0 descriptor?? [ 340.944447][T12892] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3020'. [ 341.042226][ T48] plantronics 0003:047F:FFFF.0037: reserved main item tag 0xd [ 341.053020][ T48] plantronics 0003:047F:FFFF.0037: No inputs registered, leaving [ 341.070321][ T48] plantronics 0003:047F:FFFF.0037: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 341.328488][ T48] usb 5-1: USB disconnect, device number 40 [ 341.399742][T12911] 9pnet: p9_errstr2errno: server reported unknown error @L O!L8iHѡ2m-9Vm [ 342.044068][T12936] vlan2: entered promiscuous mode [ 342.253950][T12936] bond0: entered promiscuous mode [ 342.259049][T12936] bond_slave_0: entered promiscuous mode [ 342.271962][T12936] bond_slave_1: entered promiscuous mode [ 342.388695][ C1] vcan0: j1939_tp_rxtimer: 0xffff88807e812c00: rx timeout, send abort [ 342.399844][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88807e812c00: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session. [ 342.896469][T12942] input: syz1 as /devices/virtual/input/input39 [ 342.968864][T12945] input: syz0 as /devices/virtual/input/input40 [ 343.353918][ T48] usb 1-1: new high-speed USB device number 32 using dummy_hcd [ 343.544253][ T48] usb 1-1: Using ep0 maxpacket: 16 [ 343.553089][ T48] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 343.565652][ T48] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 343.589635][ T48] usb 1-1: New USB device found, idVendor=05ac, idProduct=0274, bcdDevice= 0.00 [ 343.609176][ T48] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 343.618187][T12975] netlink: 'syz.5.3053': attribute type 4 has an invalid length. [ 343.631295][ T48] usb 1-1: config 0 descriptor?? [ 343.647678][T12975] netlink: 'syz.5.3053': attribute type 4 has an invalid length. [ 343.791891][T12979] bond0: (slave syz_tun): Releasing backup interface [ 343.808871][T12979] syz_tun: left allmulticast mode [ 343.842133][T12982] netlink: 'syz.5.3055': attribute type 10 has an invalid length. [ 343.850770][T12979] bridge_slave_0: left allmulticast mode [ 343.850795][T12979] bridge_slave_0: left promiscuous mode [ 343.851034][T12979] bridge0: port 1(bridge_slave_0) entered disabled state [ 343.881758][T12979] bridge_slave_1: left allmulticast mode [ 343.905952][T12979] bridge_slave_1: left promiscuous mode [ 343.920063][T12979] bridge0: port 2(bridge_slave_1) entered disabled state [ 343.966870][T12979] bond0: (slave bond_slave_0): Releasing backup interface [ 343.982988][T12979] bond_slave_0: left allmulticast mode [ 343.995762][T12979] bond_slave_0: left promiscuous mode [ 344.017607][T12979] bond0: (slave bond_slave_1): Releasing backup interface [ 344.031128][T12979] bond_slave_1: left allmulticast mode [ 344.037397][T12979] bond_slave_1: left promiscuous mode [ 344.057739][T12979] team0: Port device team_slave_0 removed [ 344.076265][T12979] team0: Port device team_slave_1 removed [ 344.091638][ T48] apple 0003:05AC:0274.0038: unknown main item tag 0x4 [ 344.099285][ T48] apple 0003:05AC:0274.0038: unexpected long global item [ 344.107367][ T48] apple 0003:05AC:0274.0038: parse failed [ 344.112145][T12979] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 344.113726][ T48] apple 0003:05AC:0274.0038: probe with driver apple failed with error -22 [ 344.136977][T12979] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 344.149745][T12979] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 344.157512][T12979] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 344.201001][T12982] bridge0: entered promiscuous mode [ 344.219894][T12982] bridge0: entered allmulticast mode [ 344.240751][T12982] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 344.337775][ T24] usb 1-1: USB disconnect, device number 32 [ 344.574205][ T48] usb 5-1: new high-speed USB device number 41 using dummy_hcd [ 344.733950][ T48] usb 5-1: Using ep0 maxpacket: 16 [ 344.742043][ T48] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 344.753516][ T48] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 344.765929][ T48] usb 5-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00 [ 344.778828][ T48] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 344.794454][ T48] usb 5-1: config 0 descriptor?? [ 344.892404][ T24] kernel write not supported for file bpf-prog (pid: 24 comm: kworker/1:0) [ 345.006551][T13013] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3067'. [ 345.852918][ T48] letsketch 0003:6161:4D15.0039: Device info: 꿨 [ 346.084770][ T48] usb 5-1: Max retries (5) exceeded reading string descriptor 201 [ 346.144743][ T48] letsketch 0003:6161:4D15.0039: probe with driver letsketch failed with error -71 [ 346.224426][ T48] usb 5-1: USB disconnect, device number 41 [ 347.617915][T13106] netlink: 'syz.0.3105': attribute type 10 has an invalid length. [ 347.626854][T13106] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3105'. [ 347.640345][T13106] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 348.113932][ T5879] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 348.284235][ T5879] usb 6-1: Using ep0 maxpacket: 8 [ 348.297907][ T5879] usb 6-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2 [ 348.315983][ T5879] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 348.331481][ T5879] usb 6-1: Product: syz [ 348.340495][ T5879] usb 6-1: Manufacturer: syz [ 348.355703][ T5879] usb 6-1: SerialNumber: syz [ 348.375729][ T5879] usb 6-1: config 0 descriptor?? [ 348.597235][ T5879] gspca_main: sunplus-2.14.0 probing 04a5:3003 [ 348.671919][T13147] 9pnet: p9_errstr2errno: server reported unknown error @$  [ 348.763245][T13151] bridge0: port 3(macvlan2) entered blocking state [ 348.778132][T13151] bridge0: port 3(macvlan2) entered disabled state [ 348.786177][T13151] macvlan2: entered allmulticast mode [ 348.796776][T13151] macvlan2: entered promiscuous mode [ 349.583967][ T916] usb 5-1: new full-speed USB device number 42 using dummy_hcd [ 349.608083][ T5879] gspca_sunplus: reg_w_riv err -71 [ 349.613386][ T5879] sunplus 6-1:0.0: probe with driver sunplus failed with error -71 [ 349.634407][ T5879] usb 6-1: USB disconnect, device number 14 [ 349.776630][ T916] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 349.787237][ T916] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 349.799621][ T916] usb 5-1: config 0 descriptor?? [ 350.015680][ T916] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00 [ 350.033982][ T916] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 350.069506][ T916] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 2 [ 350.093934][ T916] [drm] Initialized udl on minor 2 [ 350.253090][ T916] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed [ 350.276138][ T916] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 350.318096][T13201] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3147'. [ 350.476538][ T9] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 350.476889][ T48] usb 5-1: USB disconnect, device number 42 [ 350.512888][ T9] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 350.953938][ T24] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 351.126737][ T24] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 351.152741][ T24] usb 1-1: config 0 interface 0 has no altsetting 0 [ 351.171643][ T24] usb 1-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce [ 351.188463][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 351.202254][ T24] usb 1-1: Product: syz [ 351.208562][ T24] usb 1-1: Manufacturer: syz [ 351.226864][ T24] usb 1-1: SerialNumber: syz [ 351.268863][ T24] usb 1-1: config 0 descriptor?? [ 351.282756][ T24] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state. [ 351.307722][ T24] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 351.354827][ T24] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0) [ 351.363621][ T24] usb 1-1: media controller created [ 351.393419][T13250] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 351.443280][ T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 351.680649][ T24] DVB: Unable to find symbol tda10046_attach() [ 351.693841][ T24] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0' [ 351.723029][ T24] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected. [ 351.843119][T13267] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3178'. [ 351.937691][ T1168] Bluetooth: hci3: Frame reassembly failed (-84) [ 352.172289][T13284] mkiss: ax0: crc mode is auto. [ 352.677093][ T24] dvb_usb_m920x 1-1:0.0: probe with driver dvb_usb_m920x failed with error -71 [ 352.692384][ T24] usb 1-1: USB disconnect, device number 33 [ 352.855381][T13313] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3197'. [ 353.100426][ C1] IPv4: Oversized IP packet from 172.20.20.24 [ 353.543926][ T9] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 353.613900][ T24] usb 6-1: new full-speed USB device number 15 using dummy_hcd [ 353.703953][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 353.714769][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 353.726108][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 353.736207][ T9] usb 3-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 353.746593][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 353.758145][ T9] usb 3-1: config 0 descriptor?? [ 353.766172][ T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 353.781528][ T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64 [ 353.797633][ T24] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 353.817680][ T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 353.827377][ T24] usb 6-1: Product: syz [ 353.831642][ T24] usb 6-1: Manufacturer: syz [ 353.838745][ T24] usb 6-1: SerialNumber: syz [ 353.850813][T13339] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 353.900345][T13351] netlink: 44 bytes leftover after parsing attributes in process `syz.6.3213'. [ 353.974927][ T5842] Bluetooth: hci3: command 0x1003 tx timeout [ 353.981399][ T51] Bluetooth: hci3: Opcode 0x1003 failed: -110 [ 354.215378][ T9] ft260 0003:0403:6030.003A: unknown main item tag 0x0 [ 354.417538][ T9] ft260 0003:0403:6030.003A: chip code: 0000 0000 [ 354.618904][ T9] ft260 0003:0403:6030.003A: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.2-1/input0 [ 354.884245][ T24] cdc_ncm 6-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 354.891709][ T24] cdc_ncm 6-1:1.0: setting rx_max = 16384 [ 355.031418][ T9] ft260 0003:0403:6030.003A: failed to retrieve status: -71 [ 355.043857][ T9] ft260 0003:0403:6030.003A: failed to reset I2C controller: -71 [ 355.055696][ T916] usb 5-1: new low-speed USB device number 43 using dummy_hcd [ 355.070815][ T9] usb 3-1: USB disconnect, device number 35 [ 355.092123][ T24] cdc_ncm 6-1:1.0: setting tx_max = 16384 [ 355.109315][ T24] cdc_ncm 6-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.5-1, CDC NCM (NO ZLP), 42:42:42:42:42:42 [ 355.126603][ T24] usb 6-1: USB disconnect, device number 15 [ 355.133704][ T24] cdc_ncm 6-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.5-1, CDC NCM (NO ZLP) [ 355.246565][ T916] usb 5-1: config 0 has no interfaces? [ 355.252239][ T916] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 355.262325][ T916] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 355.272377][ T916] usb 5-1: config 0 descriptor?? [ 355.379061][T13377] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3226'. [ 355.499328][ T916] usb 5-1: USB disconnect, device number 43 [ 355.788105][T13396] netlink: 9 bytes leftover after parsing attributes in process `syz.6.3235'. [ 355.802271][T13396] gretap0: entered promiscuous mode [ 355.834852][T13396] netlink: 5 bytes leftover after parsing attributes in process `syz.6.3235'. [ 355.864088][T13396] 0{X: renamed from gretap0 [ 355.878243][T13396] 0{X: left promiscuous mode [ 355.887216][T13396] 0{X: entered allmulticast mode [ 355.896121][T13396] A link change request failed with some changes committed already. Interface 30{X may have been left with an inconsistent configuration, please check. [ 356.984151][ T9] usb 5-1: new full-speed USB device number 44 using dummy_hcd [ 357.150731][ T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 357.162447][ T9] usb 5-1: config 0 has no interfaces? [ 357.176570][ T9] usb 5-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00 [ 357.189302][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 357.204552][ T9] usb 5-1: config 0 descriptor?? [ 357.439411][ T48] usb 5-1: USB disconnect, device number 44 [ 358.192057][ C0] IPv4: Oversized IP packet from 172.20.20.24 [ 358.459002][T13483] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3274'. [ 358.695542][T13495] Invalid ELF header magic: != ELF [ 358.920056][T13503] netlink: 92 bytes leftover after parsing attributes in process `syz.4.3286'. [ 359.039964][T13511] netlink: 104 bytes leftover after parsing attributes in process `syz.2.3289'. [ 359.220746][T13524] vcan0: tx drop: invalid sa for name 0x0000000000000001 [ 360.594091][ T48] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 360.746606][ T48] usb 3-1: Using ep0 maxpacket: 8 [ 360.755023][ T48] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 360.766074][ T48] usb 3-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 360.779198][ T48] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 360.791616][ T48] usb 3-1: config 0 descriptor?? [ 360.815240][ T48] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 361.094017][ T24] usb 5-1: new high-speed USB device number 45 using dummy_hcd [ 361.180708][T13595] Invalid ELF header len 8 [ 361.241512][ T30] kauditd_printk_skb: 223 callbacks suppressed [ 361.241533][ T30] audit: type=1326 audit(2000000256.392:924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13571 comm="syz.6.3314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241778e969 code=0x7fc00000 [ 361.257171][ T24] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 361.295918][T13599] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 361.310170][T13599] iommufd_mock iommufd_mock1: Adding to iommu group 1 [ 361.317469][ T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 361.342847][ T24] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 361.358065][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 361.376611][ T24] usb 5-1: SerialNumber: syz [ 361.620693][ T24] usb 5-1: 0:2 : does not exist [ 361.648107][ T24] usb 5-1: USB disconnect, device number 45 [ 361.659303][T13612] netlink: 44 bytes leftover after parsing attributes in process `syz.5.3332'. [ 361.692658][T13612] netlink: 44 bytes leftover after parsing attributes in process `syz.5.3332'. [ 361.843237][ T30] audit: type=1804 audit(2000000256.992:925): pid=13618 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.6.3335" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="ramfs" ino=46883 res=1 errno=0 [ 362.038022][ T48] gspca_vc032x: reg_w err -71 [ 362.047163][ T48] vc032x 3-1:0.0: probe with driver vc032x failed with error -71 [ 362.069618][ T48] usb 3-1: USB disconnect, device number 36 [ 362.584416][ T30] audit: type=1326 audit(2000000257.732:926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13648 comm="syz.6.3350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241778e969 code=0x7ffc0000 [ 362.674223][ T30] audit: type=1326 audit(2000000257.762:927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13648 comm="syz.6.3350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241778e969 code=0x7ffc0000 [ 362.695815][ C0] vkms_vblank_simulate: vblank timer overrun [ 362.768349][ T30] audit: type=1326 audit(2000000257.762:928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13648 comm="syz.6.3350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f241778d2d0 code=0x7ffc0000 [ 362.799060][T13656] cgroup: Unknown subsys name 'cpuset' [ 362.840908][ T30] audit: type=1326 audit(2000000257.762:929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13648 comm="syz.6.3350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f241778d2d0 code=0x7ffc0000 [ 362.862510][ C0] vkms_vblank_simulate: vblank timer overrun [ 362.890191][ T30] audit: type=1326 audit(2000000257.762:930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13648 comm="syz.6.3350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241778e969 code=0x7ffc0000 [ 362.911927][ C0] vkms_vblank_simulate: vblank timer overrun [ 362.922316][ T30] audit: type=1326 audit(2000000257.762:931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13648 comm="syz.6.3350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241778e969 code=0x7ffc0000 [ 362.943913][ C0] vkms_vblank_simulate: vblank timer overrun [ 362.956423][ T30] audit: type=1326 audit(2000000257.762:932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13648 comm="syz.6.3350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f241778e969 code=0x7ffc0000 [ 362.978002][ C0] vkms_vblank_simulate: vblank timer overrun [ 363.000419][ T30] audit: type=1326 audit(2000000257.772:933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13648 comm="syz.6.3350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241778e969 code=0x7ffc0000 [ 363.120235][T13670] 9pnet_fd: Insufficient options for proto=fd [ 363.176920][ T9] usb 5-1: new high-speed USB device number 46 using dummy_hcd [ 363.342972][T13681] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3365'. [ 363.364283][ T9] usb 5-1: config 0 has an invalid interface number: 241 but max is 0 [ 363.373055][ T9] usb 5-1: config 0 has no interface number 0 [ 363.383614][ T9] usb 5-1: config 0 interface 241 altsetting 0 bulk endpoint 0xA has invalid maxpacket 32 [ 363.407692][ T9] usb 5-1: New USB device found, idVendor=ea6a, idProduct=daa1, bcdDevice=f1.60 [ 363.429385][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 363.453933][ T9] usb 5-1: Product: syz [ 363.463789][ T9] usb 5-1: Manufacturer: syz [ 363.471817][ T9] usb 5-1: SerialNumber: syz [ 363.488549][ T9] usb 5-1: config 0 descriptor?? [ 363.503566][T13662] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 363.523135][ T9] rndis_host 5-1:0.241: skipping garbage [ 363.538207][ T9] usb 5-1: bad CDC descriptors [ 363.718083][ T48] usb 5-1: USB disconnect, device number 46 [ 364.468811][T13711] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3377'. [ 364.509060][T13711] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3377'. [ 364.704338][T13721] sp0: Synchronizing with TNC [ 364.705336][T13720] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3382'. [ 364.726613][T13718] netlink: 'syz.0.3380': attribute type 1 has an invalid length. [ 364.747659][T13718] netlink: 252 bytes leftover after parsing attributes in process `syz.0.3380'. [ 365.168390][T13741] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3391'. [ 365.474873][T13756] bridge_slave_0: left allmulticast mode [ 365.503147][T13756] bridge_slave_0: left promiscuous mode [ 365.510193][T13758] netlink: 'syz.4.3398': attribute type 10 has an invalid length. [ 365.534255][T13756] bridge0: port 1(bridge_slave_0) entered disabled state [ 365.569899][T13756] bridge_slave_1: left allmulticast mode [ 365.589742][T13756] bridge_slave_1: left promiscuous mode [ 365.600103][T13756] bridge0: port 2(bridge_slave_1) entered disabled state [ 365.634623][T13756] bond0: (slave bond_slave_0): Releasing backup interface [ 365.655678][T13756] bond_slave_0: left promiscuous mode [ 365.664786][T13756] bond_slave_0: left allmulticast mode [ 365.679250][T13756] bond0: (slave bond_slave_1): Releasing backup interface [ 365.689434][T13756] bond_slave_1: left promiscuous mode [ 365.698187][T13756] bond_slave_1: left allmulticast mode [ 365.729236][T13756] team0: Port device team_slave_0 removed [ 365.753562][T13756] team0: Port device team_slave_1 removed [ 365.765604][T13756] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 365.773251][T13756] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 365.834340][T13758] bridge0: entered promiscuous mode [ 365.839799][T13758] bridge0: entered allmulticast mode [ 365.870426][T13758] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 365.937642][T13772] syzkaller1: entered promiscuous mode [ 365.943423][T13772] syzkaller1: entered allmulticast mode [ 366.285919][T13787] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3411'. [ 366.444170][ T5892] usb 6-1: new full-speed USB device number 16 using dummy_hcd [ 366.619491][ T5892] usb 6-1: config 0 has no interfaces? [ 366.627492][ T5892] usb 6-1: New USB device found, idVendor=0404, idProduct=0755, bcdDevice= 0.00 [ 366.656988][ T5892] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 366.682755][ T5892] usb 6-1: config 0 descriptor?? [ 366.732400][T13806] relay: one or more items not logged [item size (56) > sub-buffer size (9)] [ 366.877229][T13813] overlayfs: failed to clone upperpath [ 366.918327][ T30] kauditd_printk_skb: 56 callbacks suppressed [ 366.918345][ T30] audit: type=1326 audit(2000000262.072:990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13779 comm="syz.5.3408" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9d7958e969 code=0x0 [ 367.021101][ T24] usb 6-1: USB disconnect, device number 16 [ 367.191094][T13823] tipc: Enabling of bearer rejected, failed to enable media [ 367.203115][T13823] tipc: Enabled bearer , priority 0 [ 367.505025][ T24] usb 1-1: new high-speed USB device number 34 using dummy_hcd [ 367.667502][ T24] usb 1-1: Using ep0 maxpacket: 8 [ 367.689096][ T24] usb 1-1: config 135 has an invalid interface number: 230 but max is 0 [ 367.703799][ T24] usb 1-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 367.724724][ T24] usb 1-1: config 135 has no interface number 0 [ 367.751586][ T24] usb 1-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 367.784917][ T24] usb 1-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 367.804069][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 367.826807][ T24] usb 1-1: Product: syz [ 367.831035][ T24] usb 1-1: Manufacturer: syz [ 367.843438][ T24] usb 1-1: SerialNumber: syz [ 367.855862][ T24] usb 1-1: Found UVC 0.00 device syz (18ec:3288) [ 367.862584][ T24] usb 1-1: No valid video chain found. [ 368.058168][ T9] usb 1-1: USB disconnect, device number 34 [ 368.259456][T13853] Bluetooth: hci0: invalid length 0, exp 2 for type 2 [ 368.362600][T13857] overlayfs: failed to clone lowerpath [ 368.541631][T13863] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 369.054054][ T9] usb 5-1: new high-speed USB device number 47 using dummy_hcd [ 369.219162][ T9] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 369.244094][ T9] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 369.264398][ T9] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 369.273497][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 369.294034][T13880] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 369.306988][ T9] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 369.549282][ T24] usb 5-1: USB disconnect, device number 47 [ 369.674163][T13913] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3467'. [ 370.085394][ T9] usb 3-1: new high-speed USB device number 37 using dummy_hcd [ 370.245763][ T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 370.264181][ T9] usb 3-1: New USB device found, idVendor=1bc7, idProduct=9010, bcdDevice=36.53 [ 370.286628][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 370.297982][ T9] usb 3-1: config 0 descriptor?? [ 370.311669][ T9] option 3-1:0.0: GSM modem (1-port) converter detected [ 370.525995][ T9] usb 3-1: USB disconnect, device number 37 [ 370.533384][ T9] option 3-1:0.0: device disconnected [ 370.590835][T13948] netlink: 17 bytes leftover after parsing attributes in process `syz.6.3483'. [ 370.605345][T13948] netlink: zone id is out of range [ 370.610614][T13948] netlink: zone id is out of range [ 370.616629][T13948] netlink: zone id is out of range [ 370.621786][T13948] netlink: zone id is out of range [ 370.627458][T13948] netlink: zone id is out of range [ 370.632600][T13948] netlink: zone id is out of range [ 370.644025][T13948] netlink: zone id is out of range [ 370.652679][T13948] netlink: zone id is out of range [ 370.659853][T13948] netlink: zone id is out of range [ 370.679992][T13948] netlink: zone id is out of range [ 370.736812][T13950] 8021q: adding VLAN 0 to HW filter on device bond1 [ 370.750508][T13950] bridge0: port 1(bond1) entered blocking state [ 370.767966][T13950] bridge0: port 1(bond1) entered disabled state [ 370.792840][T13950] bond1: entered allmulticast mode [ 370.802382][T13950] bond1: entered promiscuous mode [ 370.849409][T13950] bridge0: port 1(bond1) entered blocking state [ 370.856217][T13950] bridge0: port 1(bond1) entered forwarding state [ 370.891159][ T1100] bridge0: port 1(bond1) entered disabled state [ 370.979907][T13958] netem: change failed [ 371.157807][ T30] audit: type=1326 audit(2000000266.312:991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13963 comm="syz.6.3489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241778e969 code=0x7ffc0000 [ 371.238898][ T30] audit: type=1326 audit(2000000266.312:992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13963 comm="syz.6.3489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241778e969 code=0x7ffc0000 [ 371.298264][ T30] audit: type=1326 audit(2000000266.312:993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13963 comm="syz.6.3489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f241778e969 code=0x7ffc0000 [ 371.350925][ T30] audit: type=1326 audit(2000000266.312:994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13963 comm="syz.6.3489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241778e969 code=0x7ffc0000 [ 371.387687][ T30] audit: type=1326 audit(2000000266.312:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13963 comm="syz.6.3489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241778e969 code=0x7ffc0000 [ 371.421152][ T30] audit: type=1326 audit(2000000266.312:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13963 comm="syz.6.3489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7f241778e969 code=0x7ffc0000 [ 371.453534][ T30] audit: type=1326 audit(2000000266.312:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13963 comm="syz.6.3489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241778e969 code=0x7ffc0000 [ 371.495897][ T30] audit: type=1326 audit(2000000266.312:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13963 comm="syz.6.3489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241778e969 code=0x7ffc0000 [ 371.556545][ T30] audit: type=1326 audit(2000000266.312:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13963 comm="syz.6.3489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f241778e969 code=0x7ffc0000 [ 371.680130][T13972] cgroup: fork rejected by pids controller in /syz6 [ 373.454571][ T24] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 373.624215][ T24] usb 6-1: Using ep0 maxpacket: 16 [ 373.631475][ T24] usb 6-1: config 0 has an invalid interface number: 6 but max is 0 [ 373.640510][ T24] usb 6-1: config 0 has no interface number 0 [ 373.652870][ T24] usb 6-1: config 0 interface 6 has no altsetting 0 [ 373.662114][ T24] usb 6-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice=84.99 [ 373.671647][ T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 373.679914][ T24] usb 6-1: Product: syz [ 373.684574][ T24] usb 6-1: Manufacturer: syz [ 373.689521][ T24] usb 6-1: SerialNumber: syz [ 373.698896][ T24] usb 6-1: config 0 descriptor?? [ 373.712957][ T24] ums-sddr09 6-1:0.6: USB Mass Storage device detected [ 373.732085][ T24] ums-sddr09 6-1:0.6: This device (04e6,0003,8499 S 06 P 2e) has an unneeded SubClass entry in unusual_devs.h (kernel 6.15.0-syzkaller-02443-g015a99fa7665) [ 373.732085][ T24] Please send a copy of this message to and [ 374.027509][ T24] usb 6-1: USB disconnect, device number 17 [ 374.386903][ T30] kauditd_printk_skb: 5 callbacks suppressed [ 374.386921][ T30] audit: type=1326 audit(2000000269.542:1005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14588 comm="syz.2.3534" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb8a8d8e969 code=0x0 [ 374.660531][T14605] netlink: 'syz.0.3541': attribute type 4 has an invalid length. [ 374.691160][T14605] netlink: 'syz.0.3541': attribute type 4 has an invalid length. [ 374.826607][T14614] netlink: 'syz.0.3545': attribute type 1 has an invalid length. [ 374.880474][T14614] 8021q: adding VLAN 0 to HW filter on device bond1 [ 374.924196][T14620] 8021q: adding VLAN 0 to HW filter on device bond1 [ 374.931422][T14620] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address [ 374.980186][T14620] bond1: (slave vxcan3): Error -95 calling set_mac_address [ 375.124340][ T24] usb 5-1: new high-speed USB device number 48 using dummy_hcd [ 375.176540][T14630] netlink: 8 bytes leftover after parsing attributes in process `wޣ'. [ 375.295818][ T24] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 375.313920][ T916] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 375.324509][ T24] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 375.344110][ T24] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 375.364234][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 375.388032][T14619] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 375.402783][ T24] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 375.475929][ T916] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 375.504021][ T916] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 375.523407][ T916] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 375.547125][ T916] usb 6-1: config 0 descriptor?? [ 375.660698][ T9] usb 5-1: USB disconnect, device number 48 [ 375.979831][ T916] keytouch 0003:0926:3333.003B: fixing up Keytouch IEC report descriptor [ 376.021566][ T916] input: HID 0926:3333 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0926:3333.003B/input/input41 [ 376.094013][T14661] netlink: 1 bytes leftover after parsing attributes in process `syz.2.3564'. [ 376.184252][ T916] keytouch 0003:0926:3333.003B: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.5-1/input0 [ 376.820298][T14685] syz_tun: entered promiscuous mode [ 376.845397][T14685] batadv_slave_0: entered promiscuous mode [ 376.871780][T14685] hsr1: entered allmulticast mode [ 376.888357][T14685] syz_tun: entered allmulticast mode [ 376.893724][T14685] batadv_slave_0: entered allmulticast mode [ 377.063290][T14691] netlink: 140 bytes leftover after parsing attributes in process `syz.6.3578'. [ 377.085088][T14691] netlink: 140 bytes leftover after parsing attributes in process `syz.6.3578'. [ 377.512552][T14705] netlink: 'syz.2.3583': attribute type 1 has an invalid length. [ 377.648778][T14705] bond1: entered promiscuous mode [ 377.679814][T14705] 8021q: adding VLAN 0 to HW filter on device bond1 [ 377.756432][T14717] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3585'. [ 377.772448][T14717] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3585'. [ 377.842731][T14711] bond1: (slave bridge1): making interface the new active one [ 377.943893][T14711] bridge1: entered promiscuous mode [ 377.951382][T14711] bond1: (slave bridge1): Enslaving as an active interface with an up link [ 378.545626][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.563900][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.614124][ T24] usb 6-1: USB disconnect, device number 18 [ 378.627118][T14723] kvm: user requested TSC rate below hardware speed [ 378.801746][T14726] vcan0: tx drop: invalid sa for name 0x0000000000000001 [ 379.087341][T14734] netlink: 'syz.2.3592': attribute type 1 has an invalid length. [ 379.103122][T14734] netlink: 'syz.2.3592': attribute type 4 has an invalid length. [ 379.131678][T14734] netlink: 9462 bytes leftover after parsing attributes in process `syz.2.3592'. [ 379.182356][T14738] netlink: 'syz.6.3594': attribute type 1 has an invalid length. [ 379.204476][T14738] netlink: 248 bytes leftover after parsing attributes in process `syz.6.3594'. [ 379.248099][T14738] bridge0: port 1(bridge_slave_0) entered disabled state [ 381.000616][T14812] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 381.087669][ T24] usb 1-1: new high-speed USB device number 35 using dummy_hcd [ 381.222245][T14823] bridge0: port 1(erspan0) entered blocking state [ 381.230695][T14823] bridge0: port 1(erspan0) entered disabled state [ 381.239100][T14823] erspan0: entered allmulticast mode [ 381.250166][T14823] erspan0: entered promiscuous mode [ 381.256016][ T24] usb 1-1: Using ep0 maxpacket: 8 [ 381.268564][ T24] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 381.281712][ T24] usb 1-1: config 179 has no interface number 0 [ 381.290640][T14823] erspan0: left allmulticast mode [ 381.295873][ T24] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 381.307147][T14823] erspan0: left promiscuous mode [ 381.314267][T14823] bridge0: port 1(erspan0) entered disabled state [ 381.321716][ T24] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 381.336473][ T24] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 381.349185][ T24] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 381.363718][ T24] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 381.383525][ T24] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 381.430902][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 381.437490][T14825] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3630'. [ 381.458632][T14806] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 381.728656][ T5892] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input42 [ 381.839728][T14837] sctp: [Deprecated]: syz.2.3635 (pid 14837) Use of struct sctp_assoc_value in delayed_ack socket option. [ 381.839728][T14837] Use struct sctp_sack_info instead [ 381.884161][ T24] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 381.928745][T14806] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 381.938715][T14806] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 382.083995][ T24] usb 6-1: Using ep0 maxpacket: 32 [ 382.092384][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 382.104098][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 382.114307][ T24] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 382.123572][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 382.140217][ T24] usb 6-1: config 0 descriptor?? [ 382.150108][ T24] hub 6-1:0.0: USB hub found [ 382.167726][ T5892] usb 1-1: USB disconnect, device number 35 [ 382.167790][ C1] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 382.182057][ C1] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 382.354536][ T24] hub 6-1:0.0: 1 port detected [ 382.384741][T14846] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3638'. [ 382.431563][T14846] 8021q: adding VLAN 0 to HW filter on device bond2 [ 382.469756][T14849] 8021q: adding VLAN 0 to HW filter on device bond2 [ 382.477602][T14849] bond2: (slave vcan1): The slave device specified does not support setting the MAC address [ 382.490217][T14849] bond2: (slave vcan1): Error -95 calling set_mac_address [ 382.976172][ T5892] hub 6-1:0.0: activate --> -90 [ 383.024167][ T24] usb 1-1: new high-speed USB device number 36 using dummy_hcd [ 383.185238][ T24] usb 1-1: Using ep0 maxpacket: 16 [ 383.195644][ T24] usb 1-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4 [ 383.208996][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 383.222245][ T24] usb 1-1: config 0 descriptor?? [ 383.233173][ T24] gspca_main: sonixj-2.14.0 probing 0471:0327 [ 383.395892][ T9] usb 6-1: USB disconnect, device number 19 [ 383.597385][T14880] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3653'. [ 383.634398][ T48] usb 6-1-port1: config error [ 383.645655][T14880] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 383.657689][T14880] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 383.666898][T14880] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 383.675722][T14880] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 383.689991][T14880] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 383.700839][T14880] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 383.709831][T14880] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 383.718954][T14880] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 383.872868][T14889] netlink: 'syz.2.3658': attribute type 2 has an invalid length. [ 384.492847][ T24] gspca_sonixj: reg_w1 err -71 [ 384.524017][ T24] sonixj 1-1:0.0: probe with driver sonixj failed with error -71 [ 384.562267][ T24] usb 1-1: USB disconnect, device number 36 [ 385.309345][ T30] audit: type=1326 audit(2000000280.452:1006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14929 comm="syz.0.3676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b8a18e969 code=0x7ffc0000 [ 385.310468][T14930] sd 0:0:1:0: device reset [ 385.383895][ T30] audit: type=1326 audit(2000000280.462:1007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14929 comm="syz.0.3676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0b8a18d2d0 code=0x7ffc0000 [ 385.443809][ T30] audit: type=1326 audit(2000000280.462:1008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14929 comm="syz.0.3676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b8a18e969 code=0x7ffc0000 [ 385.515002][ T30] audit: type=1326 audit(2000000280.462:1009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14929 comm="syz.0.3676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0b8a18e969 code=0x7ffc0000 [ 385.571053][T14939] kvm: vcpu 512: requested lapic timer restore with starting count register 0x390=1531215282 (3062430564 ns) > initial count (1473793136 ns). Using initial count to start timer. [ 385.573848][ T30] audit: type=1326 audit(2000000280.502:1010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14929 comm="syz.0.3676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b8a18e969 code=0x7ffc0000 [ 385.673947][ T30] audit: type=1326 audit(2000000280.502:1011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14929 comm="syz.0.3676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b8a18e969 code=0x7ffc0000 [ 385.744041][ T916] usb 5-1: new high-speed USB device number 49 using dummy_hcd [ 385.916885][ T916] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 385.943955][ T916] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 385.976285][ T916] usb 5-1: config 0 descriptor?? [ 386.005438][ T916] cp210x 5-1:0.0: cp210x converter detected [ 386.190629][ T916] usb 5-1: cp210x converter now attached to ttyUSB0 [ 386.424524][ T5879] usb 5-1: USB disconnect, device number 49 [ 386.435001][ T5879] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 386.443062][ T5879] cp210x 5-1:0.0: device disconnected [ 386.511155][ T916] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 386.571516][T14960] macsec1: entered allmulticast mode [ 386.695999][ T916] usb 6-1: Using ep0 maxpacket: 8 [ 386.718157][ T916] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 386.747646][ T916] usb 6-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 386.773967][ T916] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 386.798187][T14962] overlayfs: failed to clone lowerpath [ 386.833476][ T916] usb 6-1: config 0 descriptor?? [ 386.879494][ T916] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 388.094969][ T916] gspca_vc032x: reg_w err -71 [ 388.099905][ T916] vc032x 6-1:0.0: probe with driver vc032x failed with error -71 [ 388.120400][ T916] usb 6-1: USB disconnect, device number 20 [ 388.377153][ T30] audit: type=1326 audit(2000000283.532:1012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15007 comm="syz.2.3708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a8d8e969 code=0x7fc00000 [ 389.023815][ T30] audit: type=1326 audit(2000000284.142:1013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15007 comm="syz.2.3708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb8a8d2ab39 code=0x7fc00000 [ 389.054557][T15035] af_packet: tpacket_rcv: packet too big, clamped from 1 to 4294967272. macoff=96 [ 389.056546][ T30] audit: type=1326 audit(2000000284.152:1014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15007 comm="syz.2.3708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fb8a8d2abff code=0x7fc00000 [ 389.097315][ T30] audit: type=1326 audit(2000000284.152:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15007 comm="syz.2.3708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fb8a8d8e969 code=0x7fc00000 [ 389.393861][ T916] usb 5-1: new high-speed USB device number 50 using dummy_hcd [ 389.560358][ T916] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 389.587987][ T916] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 389.615028][ T916] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 389.643594][ T916] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 389.683925][ T916] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 389.707150][ T916] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 389.731247][ T916] usb 5-1: config 0 descriptor?? [ 390.120380][T15060] ipvlan2: entered promiscuous mode [ 390.128069][T15060] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 390.179574][ T916] plantronics 0003:047F:FFFF.003C: No inputs registered, leaving [ 390.227717][ T916] plantronics 0003:047F:FFFF.003C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 390.271798][T15063] input: syz0 as /devices/virtual/input/input44 [ 390.934098][ T5879] usb 1-1: new high-speed USB device number 37 using dummy_hcd [ 391.018214][ T5877] usb 5-1: USB disconnect, device number 50 [ 391.084786][ T5879] usb 1-1: Using ep0 maxpacket: 16 [ 391.094025][ T916] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 391.101794][ T5879] usb 1-1: too many configurations: 123, using maximum allowed: 8 [ 391.111893][ T5879] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 391.123707][ T5879] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 391.135475][ T5879] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 391.147119][ T5879] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 391.158995][ T5879] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 391.170468][ T5879] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 391.182952][ T5879] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 391.194669][ T5879] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 391.207701][ T5879] usb 1-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 391.217176][ T5879] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=45 [ 391.225333][ T5879] usb 1-1: SerialNumber: syz [ 391.232885][ T5879] usb 1-1: config 0 descriptor?? [ 391.245467][ T5879] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input45 [ 391.257988][ T916] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 391.275921][ T916] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 391.291523][ T916] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 391.299728][ T916] usb 6-1: Product: syz [ 391.304000][ T916] usb 6-1: Manufacturer: syz [ 391.308713][ T916] usb 6-1: SerialNumber: syz [ 391.470272][T15094] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3747'. [ 391.502545][ T5174] bcm5974 1-1:0.0: could not read from device [ 391.509391][ T5879] usb 1-1: USB disconnect, device number 37 [ 391.589400][ T916] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 21 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 391.838970][ T48] usb 6-1: USB disconnect, device number 21 [ 391.861030][ T48] usblp0: removed [ 392.211838][T15113] vxcan1: tx drop: invalid da for name 0x0000000000000001 [ 393.254382][ T48] usb 1-1: new full-speed USB device number 38 using dummy_hcd [ 393.416297][ T48] usb 1-1: config 8 has an invalid interface number: 177 but max is 0 [ 393.428033][ T48] usb 1-1: config 8 has no interface number 0 [ 393.438382][ T48] usb 1-1: config 8 interface 177 altsetting 9 endpoint 0x8 has invalid maxpacket 1023, setting to 64 [ 393.449805][ T48] usb 1-1: config 8 interface 177 altsetting 9 endpoint 0x4 has invalid maxpacket 58398, setting to 64 [ 393.460980][ T48] usb 1-1: config 8 interface 177 has no altsetting 0 [ 393.468256][ T48] usb 1-1: New USB device found, idVendor=04d8, idProduct=fd08, bcdDevice=59.b1 [ 393.477927][ T48] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 393.489718][T15152] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 393.497180][T15152] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 393.711975][ T30] audit: type=1326 audit(2000000288.862:1016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15145 comm="syz.2.3766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a8d8e969 code=0x7fc00000 [ 394.667465][ T48] usb 1-1: string descriptor 0 read error: -71 [ 394.720494][ T48] ir_toy 1-1:8.177: required endpoints not found [ 394.764557][ T48] usb 1-1: USB disconnect, device number 38 [ 396.022858][ T1115] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 396.116818][ T1115] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 396.261182][ T1115] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 396.421830][ T1115] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 396.626923][ T1115] bridge_slave_1: left allmulticast mode [ 396.639410][ T1115] bridge_slave_1: left promiscuous mode [ 396.658354][ T1115] bridge0: port 2(bridge_slave_1) entered disabled state [ 396.692643][ T1115] bridge_slave_0: left allmulticast mode [ 396.699242][ T5842] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 396.709293][ T5842] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 396.719436][ T5842] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 396.734122][ T1115] bridge_slave_0: left promiscuous mode [ 396.743957][ T1115] bridge0: port 1(bridge_slave_0) entered disabled state [ 396.765611][ T5842] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 396.775139][ T5842] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 396.792471][ T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 396.824208][ T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 396.831639][ T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 396.840951][ T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 396.854335][ T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 397.557386][T15284] loop3: detected capacity change from 0 to 1 [ 397.580037][T15284] Dev loop3: unable to read RDB block 1 [ 397.594007][T15284] loop3: unable to read partition table [ 397.602083][T15284] loop3: partition table beyond EOD, truncated [ 397.630810][T15284] loop_reread_partitions: partition scan of loop3 (被x ) failed (rc=-5) [ 397.910683][ T1115] dvmrp1 (unregistering): left allmulticast mode [ 397.921966][T15296] overlayfs: failed to clone upperpath [ 398.453207][ T1115] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 398.477448][ T1115] bond_slave_1: left allmulticast mode [ 398.508783][ T1115] bond0 (unregistering): Released all slaves [ 398.693360][ T1115] bond1 (unregistering): Released all slaves [ 398.718463][T15329] netlink: 96 bytes leftover after parsing attributes in process `syz.5.3841'. [ 398.837959][ T1115] tipc: Disabling bearer [ 398.845136][ T1115] tipc: Disabling bearer [ 398.874965][ T1115] tipc: Left network mode [ 398.933858][ T5842] Bluetooth: hci1: command tx timeout [ 399.072680][T15341] netlink: 104 bytes leftover after parsing attributes in process `syz.2.3845'. [ 399.224039][T15344] 9pnet_fd: Insufficient options for proto=fd [ 399.437872][ T1115] hsr_slave_0: left promiscuous mode [ 399.543514][T15365] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3856'. [ 399.554499][T15365] netlink: 'syz.2.3856': attribute type 7 has an invalid length. [ 399.562294][T15365] netlink: 'syz.2.3856': attribute type 8 has an invalid length. [ 399.570307][T15365] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3856'. [ 399.639726][ T1115] hsr_slave_1: left promiscuous mode [ 399.656104][ T1115] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 399.682968][ T1115] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 399.699844][ T1115] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 399.728940][ T1115] veth1_macvtap: left promiscuous mode [ 399.736282][ T1115] veth0_macvtap: left promiscuous mode [ 399.742082][ T1115] veth1_vlan: left promiscuous mode [ 399.748132][ T1115] veth0_vlan: left promiscuous mode [ 399.975226][ T5877] kernel write not supported for file /vcsa (pid: 5877 comm: kworker/0:3) [ 400.061578][T15376] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 400.919165][T15246] chnl_net:caif_netlink_parms(): no params data found [ 401.024123][ T5842] Bluetooth: hci1: command tx timeout [ 401.178256][T15246] bridge0: port 1(bridge_slave_0) entered blocking state [ 401.199487][T15246] bridge0: port 1(bridge_slave_0) entered disabled state [ 401.222686][T15246] bridge_slave_0: entered allmulticast mode [ 401.243665][T15246] bridge_slave_0: entered promiscuous mode [ 401.262873][T15246] bridge0: port 2(bridge_slave_1) entered blocking state [ 401.283335][T15246] bridge0: port 2(bridge_slave_1) entered disabled state [ 401.302125][T15246] bridge_slave_1: entered allmulticast mode [ 401.320942][T15246] bridge_slave_1: entered promiscuous mode [ 401.371923][ T1115] IPVS: stop unused estimator thread 0... [ 401.480980][T15246] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 401.559010][T15246] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 401.771328][T15421] cgroup: fork rejected by pids controller in /syz5 [ 401.830871][T15246] team0: Port device team_slave_0 added [ 401.852006][T15246] team0: Port device team_slave_1 added [ 401.986871][T15246] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 402.020893][T15246] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 402.096717][T15246] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 402.111842][T15246] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 402.123862][T15246] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 402.182701][T15246] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 402.381733][T15246] hsr_slave_0: entered promiscuous mode [ 402.404920][T15246] hsr_slave_1: entered promiscuous mode [ 402.411373][T15246] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 402.450507][T15246] Cannot create hsr debugfs directory [ 403.104299][ T5842] Bluetooth: hci1: command tx timeout [ 403.787642][T16275] veth1_to_team: entered promiscuous mode [ 403.797658][T15246] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 403.862411][T16278] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 404.008033][T16275] team0: Port device team_slave_1 removed [ 404.024114][T15246] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 404.047786][T15246] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 404.071033][T15246] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 404.253004][T16292] input: syz1 as /devices/virtual/input/input46 [ 404.310912][T15246] 8021q: adding VLAN 0 to HW filter on device bond0 [ 404.346714][T15246] 8021q: adding VLAN 0 to HW filter on device team0 [ 404.382540][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 404.389763][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 404.401477][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 404.408707][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 404.490855][T15246] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 404.964129][T15246] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 405.089217][T16313] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 405.110064][T15246] veth0_vlan: entered promiscuous mode [ 405.164277][T15246] veth1_vlan: entered promiscuous mode [ 405.177841][ T5842] Bluetooth: hci1: command tx timeout [ 405.324393][T15246] veth0_macvtap: entered promiscuous mode [ 405.347006][ T24] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 405.349794][T15246] veth1_macvtap: entered promiscuous mode [ 405.427205][T15246] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 405.475552][T15246] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 405.507859][T15246] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 405.527279][T16321] 9pnet_fd: Insufficient options for proto=fd [ 405.532188][T15246] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 405.542661][ T24] usb 6-1: Using ep0 maxpacket: 16 [ 405.545230][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 405.560523][T15246] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 405.564559][ T24] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 405.595384][T15246] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 405.642828][ T24] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 405.646186][T16325] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3923'. [ 405.662863][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 405.701515][T16325] netlink: 'syz.4.3923': attribute type 7 has an invalid length. [ 405.717403][ T24] usb 6-1: config 0 descriptor?? [ 405.730557][T16325] netlink: 'syz.4.3923': attribute type 8 has an invalid length. [ 405.783520][T16325] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3923'. [ 405.835252][ T1100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 405.843118][ T1100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 405.891826][ T1100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 405.906980][ T1100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 406.126769][ T24] usbhid 6-1:0.0: can't add hid device: -71 [ 406.132949][ T24] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 406.166628][ T24] usb 6-1: USB disconnect, device number 22 [ 406.821202][T16356] 0{X: entered promiscuous mode [ 406.827471][T16356] vlan2: entered promiscuous mode [ 407.112224][ T1168] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 407.991747][ T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 408.004258][ T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 408.012781][ T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 408.038432][ T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 408.048402][ T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 408.450271][T16381] chnl_net:caif_netlink_parms(): no params data found [ 408.588144][T16389] input: syz0 as /devices/virtual/input/input47 [ 409.038199][T16393] xt_CT: No such helper "snmp_trap" [ 409.111538][ T1168] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 409.285897][ T1168] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 409.369787][T16381] bridge0: port 1(bridge_slave_0) entered blocking state [ 409.384025][T16381] bridge0: port 1(bridge_slave_0) entered disabled state [ 409.401112][T16381] bridge_slave_0: entered allmulticast mode [ 409.415018][T16381] bridge_slave_0: entered promiscuous mode [ 409.499875][ T1168] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 409.544590][T16381] bridge0: port 2(bridge_slave_1) entered blocking state [ 409.567772][T16381] bridge0: port 2(bridge_slave_1) entered disabled state [ 409.585559][T16381] bridge_slave_1: entered allmulticast mode [ 409.611977][T16381] bridge_slave_1: entered promiscuous mode [ 409.720066][T16381] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 409.766063][T16381] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 409.904303][T16381] team0: Port device team_slave_0 added [ 409.927824][T16381] team0: Port device team_slave_1 added [ 410.123059][T16381] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 410.137522][ T5842] Bluetooth: hci1: command tx timeout [ 410.146621][T16381] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 410.297010][T16381] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 410.345865][T16381] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 410.352875][T16381] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 410.429207][T16381] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 410.454816][ T1168] bridge_slave_1: left allmulticast mode [ 410.460528][ T1168] bridge_slave_1: left promiscuous mode [ 410.466847][ T1168] bridge0: port 2(bridge_slave_1) entered disabled state [ 410.605904][ T1168] bridge_slave_0: left allmulticast mode [ 410.611617][ T1168] bridge_slave_0: left promiscuous mode [ 410.639615][ T1168] bridge0: port 1(bridge_slave_0) entered disabled state [ 410.714186][ T5890] usb 5-1: new high-speed USB device number 51 using dummy_hcd [ 410.878458][ T5890] usb 5-1: Using ep0 maxpacket: 8 [ 410.916119][ T5890] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 410.943815][ T5890] usb 5-1: config 179 has no interface number 0 [ 410.951494][T16456] overlayfs: failed to clone lowerpath [ 410.960388][ T5890] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 410.994152][ T5890] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 411.000038][T16456] overlayfs: failed to clone lowerpath [ 411.033809][ T5890] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 411.063846][ T5890] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 411.113800][ T5890] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 411.139005][ T5890] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 411.178010][ T5890] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 411.216951][T16444] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 411.546406][ T5890] input: Generic X-Box pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input48 [ 411.749001][T16444] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 411.787317][T16444] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 412.052372][ T5877] usb 5-1: USB disconnect, device number 51 [ 412.052381][ C1] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 412.067123][ C1] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 412.148284][ T30] audit: type=1800 audit(2000000308.297:1017): pid=16477 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.3983" name="nullb0" dev="tmpfs" ino=4194 res=0 errno=0 [ 412.225406][ T5842] Bluetooth: hci1: command tx timeout [ 412.383604][ T1168] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 412.409124][ T1168] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 412.425668][ T1168] bond0 (unregistering): Released all slaves [ 412.460993][T16473] tipc: Started in network mode [ 412.466032][T16473] tipc: Node identity 4, cluster identity 4711 [ 412.472996][T16473] tipc: Node number set to 4 [ 412.799546][T16494] Invalid ELF header magic: != ELF [ 412.849362][T16381] hsr_slave_0: entered promiscuous mode [ 412.875703][T16381] hsr_slave_1: entered promiscuous mode [ 412.882230][T16381] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 412.909177][T16381] Cannot create hsr debugfs directory [ 413.105831][T16504] kvm: vcpu 2: requested 128 ns lapic timer period limited to 200000 ns [ 413.125241][T16504] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 413.254019][ T1168] hsr_slave_0: left promiscuous mode [ 413.271259][ T1168] hsr_slave_1: left promiscuous mode [ 413.285618][ T1168] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 413.293437][ T1168] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 413.321827][ T1168] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 413.339712][ T1168] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 413.421047][ T1168] veth1_macvtap: left promiscuous mode [ 413.432053][ T1168] veth0_macvtap: left promiscuous mode [ 413.439174][ T1168] veth1_vlan: left promiscuous mode [ 413.447669][ T1168] veth0_vlan: left promiscuous mode [ 413.759637][T16524] netlink: 112 bytes leftover after parsing attributes in process `syz.4.4004'. [ 414.304146][ T5842] Bluetooth: hci1: command tx timeout [ 414.310889][ T1168] team0 (unregistering): Port device team_slave_1 removed [ 414.353480][ T1168] team0 (unregistering): Port device team_slave_0 removed [ 414.823708][T16516] bridge0: port 1(bridge_slave_0) entered disabled state [ 415.303923][ T24] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 415.479304][ T24] usb 6-1: Using ep0 maxpacket: 16 [ 415.508105][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 415.537795][ T24] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 415.575124][ T24] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 415.598801][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 415.642688][ T24] usb 6-1: config 0 descriptor?? [ 415.783460][T16549] veth1_to_team: entered promiscuous mode [ 415.823643][ T48] libceph: connect (1)[c::]:6789 error -101 [ 415.847890][ T48] libceph: mon0 (1)[c::]:6789 connect error [ 415.864540][ T48] libceph: connect (1)[c::]:6789 error -101 [ 415.886843][ T916] libceph: connect (1)[b::]:6789 error -101 [ 415.893578][ T48] libceph: mon0 (1)[c::]:6789 connect error [ 415.894349][ T916] libceph: mon0 (1)[b::]:6789 connect error [ 415.918995][T16549] team_slave_1 (unregistering): left promiscuous mode [ 415.930115][T16549] team0: Port device team_slave_1 removed [ 416.031795][T16381] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 416.046927][T16381] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 416.068831][T16381] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 416.098514][ T24] HID 045e:07da: Invalid code 65791 type 1 [ 416.105568][T16381] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 416.118756][ T24] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.003D/input/input49 [ 416.142844][ T24] microsoft 0003:045E:07DA.003D: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0 [ 416.176279][ T5890] libceph: connect (1)[c::]:6789 error -101 [ 416.182472][ T5890] libceph: mon0 (1)[c::]:6789 connect error [ 416.195527][ T5877] libceph: connect (1)[b::]:6789 error -101 [ 416.201677][ T5877] libceph: mon0 (1)[b::]:6789 connect error [ 416.332317][T16381] 8021q: adding VLAN 0 to HW filter on device bond0 [ 416.374550][ T5842] Bluetooth: hci1: command tx timeout [ 416.395374][T16381] 8021q: adding VLAN 0 to HW filter on device team0 [ 416.421136][ T1168] bridge0: port 1(bridge_slave_0) entered blocking state [ 416.428471][ T1168] bridge0: port 1(bridge_slave_0) entered forwarding state [ 416.479576][ T1115] bridge0: port 2(bridge_slave_1) entered blocking state [ 416.486836][ T1115] bridge0: port 2(bridge_slave_1) entered forwarding state [ 416.552062][T16545] ceph: No mds server is up or the cluster is laggy [ 416.560179][T16550] ceph: No mds server is up or the cluster is laggy [ 416.912475][ T5877] usb 6-1: USB disconnect, device number 23 [ 417.162524][T16577] bridge0: port 1(bridge_slave_0) entered blocking state [ 417.169821][T16577] bridge0: port 1(bridge_slave_0) entered forwarding state [ 417.296524][T16381] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 417.412777][T16381] veth0_vlan: entered promiscuous mode [ 417.443195][T16381] veth1_vlan: entered promiscuous mode [ 417.559361][T16381] veth0_macvtap: entered promiscuous mode [ 417.589408][T16381] veth1_macvtap: entered promiscuous mode [ 417.680985][T16381] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 417.772871][T16381] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 417.840249][T16381] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 417.899802][T16381] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 417.919116][T16381] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 417.941839][T16381] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 418.218084][T16601] kvm: Disabled LAPIC found during irq injection [ 418.273437][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 418.291943][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 418.336681][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 418.364565][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 419.832852][ T49] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 420.321042][ T30] audit: type=1326 audit(2000000316.477:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16635 comm="syz.5.4049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d7958e969 code=0x7ffc0000 [ 420.394377][ T30] audit: type=1326 audit(2000000316.507:1019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16635 comm="syz.5.4049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d7958e969 code=0x7ffc0000 [ 420.499359][ T30] audit: type=1326 audit(2000000316.507:1020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16635 comm="syz.5.4049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9d7958e969 code=0x7ffc0000 [ 420.571681][ T30] audit: type=1326 audit(2000000316.507:1021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16635 comm="syz.5.4049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d7958e969 code=0x7ffc0000 [ 420.652034][ T30] audit: type=1326 audit(2000000316.507:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16635 comm="syz.5.4049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d7958e969 code=0x7ffc0000 [ 420.706514][ T30] audit: type=1326 audit(2000000316.507:1023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16635 comm="syz.5.4049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9d7958e969 code=0x7ffc0000 [ 420.731496][ T49] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 420.784331][ T30] audit: type=1326 audit(2000000316.517:1024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16635 comm="syz.5.4049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d7958e969 code=0x7ffc0000 [ 420.828653][ T30] audit: type=1326 audit(2000000316.517:1025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16635 comm="syz.5.4049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d7958e969 code=0x7ffc0000 [ 420.863909][ T5890] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 420.885804][ T49] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 420.892883][ T30] audit: type=1326 audit(2000000316.517:1026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16635 comm="syz.5.4049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9d7958e969 code=0x7ffc0000 [ 420.961581][ T30] audit: type=1326 audit(2000000316.517:1027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16635 comm="syz.5.4049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d7958e969 code=0x7ffc0000 [ 420.993707][ T24] usb 5-1: new high-speed USB device number 52 using dummy_hcd [ 421.028021][ T5890] usb 6-1: Using ep0 maxpacket: 8 [ 421.048046][ T5890] usb 6-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77 [ 421.057352][ T5890] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 421.070149][ T5890] usb 6-1: Product: syz [ 421.076140][ T5890] usb 6-1: Manufacturer: syz [ 421.081827][ T5890] usb 6-1: SerialNumber: syz [ 421.092860][ T5890] usb 6-1: config 0 descriptor?? [ 421.111788][ T5890] gspca_main: sq905-2.14.0 probing 2770:9120 [ 421.136806][ T49] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 421.161256][ T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 421.167110][ T24] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 421.185066][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 421.197060][ T24] usb 5-1: config 0 descriptor?? [ 421.198700][ T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 421.206123][ T24] cp210x 5-1:0.0: cp210x converter detected [ 421.216216][ T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 421.235387][ T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 421.243170][ T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 421.440487][ T49] bridge_slave_1: left allmulticast mode [ 421.451821][ T49] bridge_slave_1: left promiscuous mode [ 421.458266][ T49] bridge0: port 2(bridge_slave_1) entered disabled state [ 421.478953][ T49] bridge_slave_0: left allmulticast mode [ 421.490071][ T49] bridge_slave_0: left promiscuous mode [ 421.501899][ T49] bridge0: port 1(bridge_slave_0) entered disabled state [ 421.625702][ T24] cp210x 5-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 421.651283][ T24] usb 5-1: cp210x converter now attached to ttyUSB0 [ 421.900663][ T5878] usb 5-1: USB disconnect, device number 52 [ 421.910340][ T5878] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 421.956062][ T5878] cp210x 5-1:0.0: device disconnected [ 421.988602][T16661] "syz.2.4060" (16661) uses obsolete ecb(arc4) skcipher [ 422.125693][ T5890] gspca_sq905: bulk read fail (-22) len 0/4 [ 422.131824][ T5890] sq905 6-1:0.0: probe with driver sq905 failed with error -5 [ 422.338241][ T5890] usb 6-1: USB disconnect, device number 24 [ 422.445780][ T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 422.473561][ T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 422.486336][ T49] bond0 (unregistering): Released all slaves [ 422.992330][ T49] hsr_slave_0: left promiscuous mode [ 423.001995][T16689] netlink: 104 bytes leftover after parsing attributes in process `syz.5.4070'. [ 423.011658][ T49] hsr_slave_1: left promiscuous mode [ 423.028082][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 423.040429][ T49] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 423.066313][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 423.080102][ T49] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 423.119724][ T49] veth1_macvtap: left promiscuous mode [ 423.125546][ T49] veth0_macvtap: left promiscuous mode [ 423.131481][ T49] veth1_vlan: left promiscuous mode [ 423.137208][ T49] veth0_vlan: left promiscuous mode [ 423.333937][ T5842] Bluetooth: hci1: command tx timeout [ 423.783235][ T49] team0 (unregistering): Port device team_slave_1 removed [ 423.833103][ T49] team0 (unregistering): Port device team_slave_0 removed [ 424.361299][T16651] chnl_net:caif_netlink_parms(): no params data found [ 424.715966][T16651] bridge0: port 1(bridge_slave_0) entered blocking state [ 424.723182][T16651] bridge0: port 1(bridge_slave_0) entered disabled state [ 424.730680][T16651] bridge_slave_0: entered allmulticast mode [ 424.738276][T16651] bridge_slave_0: entered promiscuous mode [ 424.747005][T16651] bridge0: port 2(bridge_slave_1) entered blocking state [ 424.760569][T16651] bridge0: port 2(bridge_slave_1) entered disabled state [ 424.768587][T16651] bridge_slave_1: entered allmulticast mode [ 424.776607][T16651] bridge_slave_1: entered promiscuous mode [ 424.831609][T16651] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 424.848636][T16651] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 424.907795][T16651] team0: Port device team_slave_0 added [ 424.926107][T16651] team0: Port device team_slave_1 added [ 425.003611][T16651] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 425.016417][T16651] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 425.049872][T16651] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 425.064144][T16651] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 425.071283][T16651] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 425.099131][T16651] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 425.306683][T16651] hsr_slave_0: entered promiscuous mode [ 425.329087][T16651] hsr_slave_1: entered promiscuous mode [ 425.347930][T16651] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 425.363380][T16651] Cannot create hsr debugfs directory [ 425.414269][ T5842] Bluetooth: hci1: command tx timeout [ 426.357129][T16748] netlink: 156 bytes leftover after parsing attributes in process `syz.4.4095'. [ 426.865111][T16771] netlink: 'syz.6.4102': attribute type 1 has an invalid length. [ 426.883631][T16651] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 426.929448][T16651] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 426.981481][T16651] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 427.011512][T16651] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 427.213702][T16651] 8021q: adding VLAN 0 to HW filter on device bond0 [ 427.279266][T16651] 8021q: adding VLAN 0 to HW filter on device team0 [ 427.321056][ T1100] bridge0: port 1(bridge_slave_0) entered blocking state [ 427.328330][ T1100] bridge0: port 1(bridge_slave_0) entered forwarding state [ 427.370852][ T3019] bridge0: port 2(bridge_slave_1) entered blocking state [ 427.378068][ T3019] bridge0: port 2(bridge_slave_1) entered forwarding state [ 427.494845][ T5842] Bluetooth: hci1: command tx timeout [ 427.630342][T16651] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 427.750685][ T916] hid-generic FFFC:0003:0000.003E: unknown main item tag 0x0 [ 427.778776][ T916] hid-generic FFFC:0003:0000.003E: unknown main item tag 0x0 [ 427.812870][ T916] hid-generic FFFC:0003:0000.003E: unknown main item tag 0x0 [ 427.839440][ T916] hid-generic FFFC:0003:0000.003E: unknown main item tag 0x0 [ 427.859171][ T916] hid-generic FFFC:0003:0000.003E: unknown main item tag 0x0 [ 427.870192][ T1168] nci: nci_extract_activation_params_iso_dep: unsupported activation_rf_tech_and_mode 0x6 [ 427.886780][ T916] hid-generic FFFC:0003:0000.003E: unknown main item tag 0x0 [ 427.956180][ T916] hid-generic FFFC:0003:0000.003E: hidraw0: HID v0.00 Device [syz1] on syz0 [ 428.073440][T16651] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 428.294688][T16651] veth0_vlan: entered promiscuous mode [ 428.316042][T16651] veth1_vlan: entered promiscuous mode [ 428.380084][T16651] veth0_macvtap: entered promiscuous mode [ 428.407613][T16651] veth1_macvtap: entered promiscuous mode [ 428.483391][T16651] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 428.523332][T16651] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 428.558952][T16651] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 428.582129][T16651] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 428.610143][T16651] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 428.643683][T16651] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 428.861858][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 428.910606][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 429.069019][ T1168] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 429.079014][ T1168] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 429.220167][T16833] netlink: 'syz.6.4125': attribute type 22 has an invalid length. [ 430.243694][T16890] Invalid ELF header magic: != ELF [ 430.296609][ T1168] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 430.346276][T16894] overlay: filesystem on ./bus not supported [ 431.284214][ T24] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 431.450755][ T24] usb 6-1: Using ep0 maxpacket: 32 [ 431.471613][ T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 102, changing to 10 [ 431.497412][ T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024 [ 431.513568][ T24] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 431.533895][ T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 431.556713][ T24] usb 6-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 431.571321][ T24] usb 6-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 431.582347][ T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 431.601182][ T24] usb 6-1: Product: syz [ 431.603868][ T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 431.606082][ T24] usb 6-1: Manufacturer: syz [ 431.615106][ T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 431.628376][ T24] usb 6-1: SerialNumber: syz [ 431.630487][ T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 431.659951][ T24] input: appletouch as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/input/input50 [ 431.883663][ T24] usb 6-1: USB disconnect, device number 25 [ 431.889838][ C1] appletouch 6-1:1.0: atp_complete: usb_submit_urb failed with result -19 [ 431.967706][ T24] appletouch 6-1:1.0: input: appletouch disconnected [ 432.831419][ T1168] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 433.163172][ T1168] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 433.187422][T16930] netlink: 'syz.4.4163': attribute type 11 has an invalid length. [ 433.280255][ T1168] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 433.462508][T16909] chnl_net:caif_netlink_parms(): no params data found [ 433.734577][ T51] Bluetooth: hci1: command tx timeout [ 433.841321][ T1168] bridge_slave_1: left allmulticast mode [ 433.848183][ T1168] bridge_slave_1: left promiscuous mode [ 433.854142][ T1168] bridge0: port 2(bridge_slave_1) entered disabled state [ 433.922190][ T1168] bridge_slave_0: left allmulticast mode [ 433.933905][ T1168] bridge_slave_0: left promiscuous mode [ 433.939762][ T1168] bridge0: port 1(bridge_slave_0) entered disabled state [ 433.984583][T16951] ================================================================== [ 433.992708][T16951] BUG: KASAN: use-after-free in __crypto_shash_import+0x26a/0x2a0 [ 434.000539][T16951] Write of size 1 at addr ffff88816cb15347 by task syz.5.4171/16951 [ 434.008520][T16951] [ 434.010864][T16951] CPU: 1 UID: 0 PID: 16951 Comm: syz.5.4171 Not tainted 6.15.0-syzkaller-02443-g015a99fa7665 #0 PREEMPT(full) [ 434.010889][T16951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 434.010904][T16951] Call Trace: [ 434.010911][T16951] [ 434.010923][T16951] dump_stack_lvl+0x189/0x250 [ 434.010952][T16951] ? __virt_addr_valid+0x1c8/0x5c0 [ 434.010978][T16951] ? rcu_is_watching+0x15/0xb0 [ 434.011000][T16951] ? __kasan_check_byte+0x12/0x40 [ 434.011025][T16951] ? __pfx_dump_stack_lvl+0x10/0x10 [ 434.011049][T16951] ? rcu_is_watching+0x15/0xb0 [ 434.011070][T16951] ? lock_release+0x4b/0x3e0 [ 434.011091][T16951] ? __virt_addr_valid+0x1c8/0x5c0 [ 434.011116][T16951] ? __virt_addr_valid+0x4a5/0x5c0 [ 434.011149][T16951] print_report+0xd2/0x2b0 [ 434.011169][T16951] ? __crypto_shash_import+0x26a/0x2a0 [ 434.011196][T16951] kasan_report+0x118/0x150 [ 434.011217][T16951] ? __local_bh_enable_ip+0x12d/0x1c0 [ 434.011239][T16951] ? __crypto_shash_import+0x26a/0x2a0 [ 434.011258][T16951] __crypto_shash_import+0x26a/0x2a0 [ 434.011276][T16951] crypto_shash_import+0x84/0x230 [ 434.011293][T16951] hash_accept+0x1fb/0x280 [ 434.011315][T16951] do_accept+0x48c/0x680 [ 434.011335][T16951] ? __pfx_do_accept+0x10/0x10 [ 434.011362][T16951] __sys_accept4+0x11c/0x1c0 [ 434.011380][T16951] ? __pfx___sys_accept4+0x10/0x10 [ 434.011399][T16951] ? rcu_is_watching+0x15/0xb0 [ 434.011422][T16951] __x64_sys_accept4+0x9a/0xb0 [ 434.011440][T16951] do_syscall_64+0xfa/0x3b0 [ 434.011459][T16951] ? lockdep_hardirqs_on+0x9c/0x150 [ 434.011476][T16951] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.011492][T16951] ? clear_bhb_loop+0x60/0xb0 [ 434.011510][T16951] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.011526][T16951] RIP: 0033:0x7f9d7958e969 [ 434.011540][T16951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 434.011555][T16951] RSP: 002b:00007f9d7a392038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120 [ 434.011572][T16951] RAX: ffffffffffffffda RBX: 00007f9d797b5fa0 RCX: 00007f9d7958e969 [ 434.011585][T16951] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000004 [ 434.011595][T16951] RBP: 00007f9d79610ab1 R08: 0000000000000000 R09: 0000000000000000 [ 434.011605][T16951] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000000 [ 434.011615][T16951] R13: 0000000000000000 R14: 00007f9d797b5fa0 R15: 00007ffd34f2f9a8 [ 434.011634][T16951] [ 434.011651][T16951] [ 434.255449][T16951] The buggy address belongs to the physical page: [ 434.261867][T16951] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x16cb15 [ 434.270726][T16951] flags: 0x57ff00000000000(node=1|zone=2|lastcpupid=0x7ff) [ 434.277930][T16951] raw: 057ff00000000000 ffffea0005b2c548 ffffea0005b2c548 0000000000000000 [ 434.286515][T16951] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 434.295098][T16951] page dumped because: kasan: bad access detected [ 434.301523][T16951] page_owner info is not present (never set?) [ 434.307588][T16951] [ 434.309910][T16951] Memory state around the buggy address: [ 434.315534][T16951] ffff88816cb15200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 434.323592][T16951] ffff88816cb15280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 434.331646][T16951] >ffff88816cb15300: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 434.339700][T16951] ^ [ 434.345850][T16951] ffff88816cb15380: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 434.353935][T16951] ffff88816cb15400: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 434.362001][T16951] ================================================================== [ 434.395683][T16951] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 434.402941][T16951] CPU: 0 UID: 0 PID: 16951 Comm: syz.5.4171 Not tainted 6.15.0-syzkaller-02443-g015a99fa7665 #0 PREEMPT(full) [ 434.414686][T16951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 434.424761][T16951] Call Trace: [ 434.428050][T16951] [ 434.430985][T16951] dump_stack_lvl+0x99/0x250 [ 434.435592][T16951] ? __asan_memcpy+0x40/0x70 [ 434.440212][T16951] ? __pfx_dump_stack_lvl+0x10/0x10 [ 434.445419][T16951] ? __pfx__printk+0x10/0x10 [ 434.450047][T16951] panic+0x2db/0x790 [ 434.453962][T16951] ? __pfx_panic+0x10/0x10 [ 434.458409][T16951] ? check_panic_on_warn+0x75/0xb0 [ 434.463534][T16951] ? __crypto_shash_import+0x26a/0x2a0 [ 434.468999][T16951] check_panic_on_warn+0x89/0xb0 [ 434.473965][T16951] ? __crypto_shash_import+0x26a/0x2a0 [ 434.479428][T16951] end_report+0x78/0x160 [ 434.483678][T16951] kasan_report+0x129/0x150 [ 434.488194][T16951] ? __local_bh_enable_ip+0x12d/0x1c0 [ 434.493583][T16951] ? __crypto_shash_import+0x26a/0x2a0 [ 434.499053][T16951] __crypto_shash_import+0x26a/0x2a0 [ 434.504356][T16951] crypto_shash_import+0x84/0x230 [ 434.509406][T16951] hash_accept+0x1fb/0x280 [ 434.513856][T16951] do_accept+0x48c/0x680 [ 434.518108][T16951] ? __pfx_do_accept+0x10/0x10 [ 434.522884][T16951] __sys_accept4+0x11c/0x1c0 [ 434.527488][T16951] ? __pfx___sys_accept4+0x10/0x10 [ 434.532608][T16951] ? rcu_is_watching+0x15/0xb0 [ 434.537386][T16951] __x64_sys_accept4+0x9a/0xb0 [ 434.542157][T16951] do_syscall_64+0xfa/0x3b0 [ 434.546670][T16951] ? lockdep_hardirqs_on+0x9c/0x150 [ 434.551870][T16951] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.557951][T16951] ? clear_bhb_loop+0x60/0xb0 [ 434.562642][T16951] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.568595][T16951] RIP: 0033:0x7f9d7958e969 [ 434.573021][T16951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 434.592638][T16951] RSP: 002b:00007f9d7a392038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120 [ 434.601061][T16951] RAX: ffffffffffffffda RBX: 00007f9d797b5fa0 RCX: 00007f9d7958e969 [ 434.609038][T16951] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000004 [ 434.617012][T16951] RBP: 00007f9d79610ab1 R08: 0000000000000000 R09: 0000000000000000 [ 434.624987][T16951] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000000 [ 434.632958][T16951] R13: 0000000000000000 R14: 00007f9d797b5fa0 R15: 00007ffd34f2f9a8 [ 434.640950][T16951] [ 434.644322][T16951] Kernel Offset: disabled [ 434.648654][T16951] Rebooting in 86400 seconds..