last executing test programs: 7m45.903937041s ago: executing program 1 (id=926): r0 = openat$null(0xffffffffffffff9c, &(0x7f0000001d40), 0x0, 0x0) fcntl$lock(r0, 0x8, &(0x7f0000000000)={0x0, 0x0, 0x5, 0x100000001}) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) flock(r1, 0x3) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) fcntl$lock(r2, 0x9, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x300000003}) 7m44.041368474s ago: executing program 1 (id=928): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={0xffffffffffffffff}, 0x111}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, {0xa, 0x0, 0x0, @mcast2={0xff, 0x5}}, r2}}, 0x48) write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000340)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @mcast2}, {0xa, 0x0, 0x0, @local}, r2}}, 0x48) close_range(r0, 0xffffffffffffffff, 0x0) 7m42.571597746s ago: executing program 1 (id=929): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x8000002}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000000)=0xe03, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x2200c041, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f00000001c0)=ANY=[], 0x10) sendto$inet6(r0, &(0x7f0000000080)='D', 0x1, 0x1, 0x0, 0x0) 7m37.830576293s ago: executing program 1 (id=932): r0 = syz_open_dev$dri(&(0x7f0000000740), 0x1ff, 0x0) r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x9237, 0x0) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r1, 0xc01064bd, &(0x7f0000000100)={&(0x7f0000001cc0)='1', 0x1, 0x0}) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000280)={&(0x7f0000000080)=';', 0x1}) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000400)={&(0x7f0000000300)="b3", 0x1}) ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r0, 0xc00464be, &(0x7f0000000180)={r2}) 7m33.606104295s ago: executing program 1 (id=934): r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) bind$packet(r0, &(0x7f00000000c0)={0x11, 0xf8, r2, 0x1, 0x0, 0x6, @local}, 0x14) bind$packet(r1, &(0x7f0000000380)={0x11, 0x4, r2, 0x1, 0x0, 0x6, @multicast}, 0x14) syz_emit_ethernet(0x16, &(0x7f0000000140)={@local, @link_local, @void, {@llc_tr={0x11, {@snap={0xaa, 0x1, '(', "1d04b6", 0x805}}}}}, 0x0) 7m30.99759217s ago: executing program 1 (id=935): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$int_in(r0, 0x40000000af01, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f00000001c0), 0x12) 6m44.783484952s ago: executing program 32 (id=935): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$int_in(r0, 0x40000000af01, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f00000001c0), 0x12) 33.132569195s ago: executing program 2 (id=1046): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r1, 0x4) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000140)={0x0, 0x6, 0xc, 0x5, 0x9, 0x6}, 0x14) sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000180)='i', 0x1}], 0x1}}], 0x1, 0x0) 31.292017488s ago: executing program 0 (id=1047): sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) setsockopt$inet6_int(r0, 0x29, 0x49, &(0x7f00000000c0)=0x20, 0x4) syz_emit_ethernet(0x4a, &(0x7f0000000040)={@local, @random="c4bc9cac9686", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ddff00", 0x14, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5}}}}}}}, 0x0) 26.350020531s ago: executing program 0 (id=1048): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000380)='hugetlb.1GB.rsvd.max_usage_in_bytes\x00', 0x2, 0x0) r2 = openat$cgroup_procs(r0, &(0x7f00000000c0)='tasks\x00', 0x2, 0x0) sendfile(r2, r1, 0x0, 0xc) sendfile(r1, r2, 0x0, 0x3) 22.922030629s ago: executing program 0 (id=1049): pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RGETLOCK(r1, &(0x7f0000000040)=ANY=[], 0xffffff6a) pipe2(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r0, r3, 0xfffffffffffffc01, 0x0) tee(r0, r3, 0x60000000000, 0x0) read$FUSE(r2, &(0x7f00000014c0)={0x2020}, 0x2020) 22.54898102s ago: executing program 2 (id=1050): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0xd, r0}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, 0x0, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$DMA_BUF_SET_NAME_A(r2, 0x40086200, &(0x7f00000001c0)='\x03\x00\x00\x00\x00\x00\x00\x00-control\x00') 19.7702464s ago: executing program 2 (id=1051): r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000351930404516080036cf000000010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f00000004c0)={0x34, &(0x7f0000000200)={0x20, 0xd}, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) 18.121154728s ago: executing program 0 (id=1052): ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f0000000480)='\xc0\x87:*\x18\xc1k\xa7\x87[\xa0o8\xaaK\xa5\xd3\v\x86\xca<\x7f\xfd6\x8d}\xd8\xf2G\xb8\xeae)\x90\x86\xe3\x96\b\xe0\xfa\xb1\xd8N\xb2W\xcb\x8d}3lm8\xa57\xc9\x00HOA\xc8\x80kR\xfc\xcb%u3\xec\xde%\x00\xb1\x9aF\xe2\xba[\xc7%\x88 \xeeQR\x9f\x81\x8b\xdc\xc7\xdc\xdem\xbe\x7f2\x11)W\xff\x03\x91\x17\xd8\xda@4\x9f\xc5\xe3\x8d.\xd1=\xcf\xbf\x81\xb5\x8d%K\x1d\xe7_\xde\x87\xdd\xc1\xf0\x91\x1a!\x9c\xd3\v\xc9\x95d\xe3*\xa9\xfa\x99\x9d\xb8\x89>\xc9\xf2/\x13{\x1a\x7f\x00\x00\x00\x00+$\xedX\xb7KV\x90\xc3D\x82`\xea\x16\xc6\xcef\xab\x05\x19\x96\xb9_6*-\xf3\x8c\x9a\x15\x9c\xf5\xb4O\x17@d\x81+\xf6\xe6+\xed\r\xd2\xb3\xaa\x9b\x7fC\'\xa2\xf6\x12\xa1\x15Punfo\x7f\x92G\x0e.\xce\xd8h\xb9p2\xccC\xbaH\xc4\xdc\xe2\xa1%)\x85\xc7O]\'9\x92\xad\xfbJ\x02\x1d\x91-\xc99\t&\xbdq\x06`T\xc8\x92\xaf\xad#\xd8b\x90\xeb\x05\x9f\t5\x06\xdd\xaf\x84\xf4\"\x13\xcf\xe5\x93D\xad~F\xe5\x19\xaa\xaa\xb2\xb1\x03m\x82+\x06\x1bF^\xd3n\xc4F\xc1\xc08\x94\xe6\xe5\x1f\xa7\xf6\xcaA\x90T\x1b\xe6\xb9\xe7\xff\xc5H\x04\x8d\xca\xad\x17UlY\x9a}\r4\xac\x93\xac\v2\xc6\xf9\xbe\xfeI\x8b\xd4/`\xab\x1e\xcf\x7f\b\x94 2.{\xc1\xbe\x9bth~\xcb\xb9E\x10W\xed\xed51[\xc5\xeb\xb1ux\x94\x00\x00v\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00]\xbe\x00\x00\x00\x00\x00\x00\xdem\xe3+q:3\xfa*\x98o\'f\xbcY\x8e?\xf9\x84y\x89Y\x1c]\xad$\x7fp\xf1\xa3\x99[\xff\x1f\x94\xc2\xdb\xbaG\xa6UD\x88Y6\x11Y\xd4\xd1\xde\x9a{]\xe2\x98W\xb9\x13\x17<\x8b!?\x8e\xbc\xae\xf9\xcc\b\x90n\x15\x7f\xd5WS\xfbN\xec)B\xe7R\xa5\xd7O\x83\x80}\xcc5\x99\xdb\xd6\xbd\x9c\x05l\xfc.\xf4\xbbeF\xa3\xea}\xf1\x86z\xca\xad\x82\xd9IRV5\xa77\'\x1a\x1c\x89\xef:\xee\x10\xb2\xd6\xc8\xf4\xb5\xdd\xd8c!@JRY\xa3|Pjk\xdc\xa5d\xc2\xecn\xc9X\xfc\xd4D\x13\"\xb2\x06\xbd&\xf86\xddXv\xc9\x1322L\xd6\x99\xf6\t\x9d\xbeZ\x02\xc0\xa41\xf9sNG\x02\x83\xe6Bl\xd2\x02\xfb[\x82\xc0I\xb7\xf6\xe5Z\xa1}\xee}\x8b\x89\x04\x8a\'\xc7J\xca\xdf:\x8ft\xe0\xf8\a', 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) fallocate(r0, 0x0, 0x0, 0x800000b) epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000240), 0x8) 12.190269889s ago: executing program 0 (id=1053): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704"], 0xfdef) 7.767743496s ago: executing program 2 (id=1054): r0 = socket(0x40000000015, 0x5, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) r1 = socket(0x15, 0x5, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0) getsockopt(r1, 0x200000000114, 0x271e, &(0x7f0000000580)=""/102393, &(0x7f0000000040)=0x18ff9) 6.667491278s ago: executing program 0 (id=1055): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000200), 0x802, 0x0) write$UHID_CREATE(r0, &(0x7f0000000480)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000400)=""/32, 0x20, 0x0, 0x4ad}}, 0x120) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="1201000000000040341a02080000000000010902"], 0x0) r1 = syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0) close(0x3) ioctl$FITRIM(r1, 0xc0185879, 0x0) 3.391886793s ago: executing program 2 (id=1056): prctl$PR_SET_SECUREBITS(0x1c, 0x2c) setuid(0xee00) r0 = msgget$private(0x0, 0x214) setreuid(0x0, 0x0) msgsnd(r0, &(0x7f0000000980)=ANY=[@ANYBLOB="03"], 0x401, 0x0) msgctl$IPC_SET(r0, 0x1, &(0x7f0000000040)={{0x2, 0x0, 0xee00, 0xee01, 0x0, 0x2, 0x2}, 0x0, 0x0, 0x1, 0x5, 0x8, 0x0, 0x8, 0xfffe, 0x1b}) 0s ago: executing program 2 (id=1057): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x24020000) syz_clone(0x12000000, 0x0, 0x16, 0x0, 0x0, 0x0) tkill(0x0, 0x0) setpriority(0x1, 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:60806' (ED25519) to the list of known hosts. syzkaller login: [ 384.349125][ T3155] cgroup: Unknown subsys name 'net' [ 384.895715][ T3155] cgroup: Unknown subsys name 'cpuset' [ 385.003162][ T3155] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 444.334346][ T3155] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 520.215698][ T3165] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 520.281739][ T3167] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 520.343846][ T3165] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 520.450314][ T3167] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 532.477643][ T3167] hsr_slave_0: entered promiscuous mode [ 532.517474][ T3167] hsr_slave_1: entered promiscuous mode [ 533.976899][ T3165] hsr_slave_0: entered promiscuous mode [ 534.012171][ T3165] hsr_slave_1: entered promiscuous mode [ 534.047271][ T3165] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 534.053081][ T3165] Cannot create hsr debugfs directory [ 539.910271][ T3167] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 540.069664][ T3167] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 540.246792][ T3167] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 540.493528][ T3167] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 541.436248][ T3165] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 541.694701][ T3165] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 541.956065][ T3165] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 542.057787][ T3165] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 554.938022][ T3165] 8021q: adding VLAN 0 to HW filter on device bond0 [ 556.287016][ T3167] 8021q: adding VLAN 0 to HW filter on device bond0 [ 601.377322][ T3167] veth0_vlan: entered promiscuous mode [ 602.037274][ T3167] veth1_vlan: entered promiscuous mode [ 603.772667][ T3167] veth0_macvtap: entered promiscuous mode [ 604.188511][ T3167] veth1_macvtap: entered promiscuous mode [ 604.474630][ T3165] veth0_vlan: entered promiscuous mode [ 605.348234][ T3165] veth1_vlan: entered promiscuous mode [ 605.896747][ T3167] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 605.900325][ T3167] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 605.917581][ T3167] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 605.919784][ T3167] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 608.226972][ T3165] veth0_macvtap: entered promiscuous mode [ 608.597638][ T3165] veth1_macvtap: entered promiscuous mode [ 609.847403][ T3167] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 610.876679][ T3165] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 610.879259][ T3165] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 610.913143][ T3165] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 610.915428][ T3165] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 622.965187][ T33] audit: type=1326 audit(622.020:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3862 comm="syz.0.4" exe="/syz-executor" sig=31 arch=c00000f3 syscall=98 compat=0 ip=0xdb5ba code=0x0 [ 647.172431][ T3889] syz.1.11 uses obsolete (PF_INET,SOCK_PACKET) [ 667.000284][ T3912] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 701.238099][ T3940] pim6reg1: entered promiscuous mode [ 701.254872][ T3940] pim6reg1: entered allmulticast mode [ 775.955126][ T3760] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 776.078737][ T4051] Zero length message leads to an empty skb [ 776.497371][ T3760] usb 2-1: Using ep0 maxpacket: 16 [ 776.789615][ T3760] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 11 [ 776.803317][ T3760] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0 [ 776.809160][ T3760] usb 2-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0 [ 776.814412][ T3760] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0 [ 776.816670][ T3760] usb 2-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0 [ 776.820062][ T3760] usb 2-1: config 1 interface 0 has no altsetting 0 [ 776.826045][ T3760] usb 2-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77 [ 776.828393][ T3760] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 777.235008][ T3760] ums-sddr09 2-1:1.0: USB Mass Storage device detected [ 777.895195][ T3760] scsi host0: usb-storage 2-1:1.0 [ 778.634651][ T3760] usb 2-1: USB disconnect, device number 2 [ 797.317210][ T4090] Illegal XDP return value 1821050240 on prog (id 6) dev syz_tun, expect packet loss! [ 800.733377][ T4092] vxcan1: tx drop: invalid sa for name 0x0000020000000000 [ 806.316280][ T33] audit: type=1326 audit(805.380:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4093 comm="syz.1.70" exe="/syz-executor" sig=31 arch=c00000f3 syscall=98 compat=0 ip=0xdb5ba code=0x0 [ 822.045253][ T4119] vlan2: entered promiscuous mode [ 822.047860][ T4119] macvlan1: entered promiscuous mode [ 840.805412][ T34] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 841.054077][ T34] usb 2-1: Using ep0 maxpacket: 16 [ 841.557746][ T34] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 841.561748][ T34] usb 2-1: config 0 interface 0 has no altsetting 0 [ 841.564520][ T34] usb 2-1: New USB device found, idVendor=046d, idProduct=c517, bcdDevice= 0.00 [ 841.566982][ T34] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 841.774170][ T34] usb 2-1: config 0 descriptor?? [ 843.684755][ T34] logitech-djreceiver 0003:046D:C517.0001: unbalanced collection at end of report description [ 843.710343][ T34] logitech-djreceiver 0003:046D:C517.0001: logi_dj_probe: parse failed [ 843.717305][ T34] logitech-djreceiver 0003:046D:C517.0001: probe with driver logitech-djreceiver failed with error -22 [ 843.813944][ T34] usb 2-1: USB disconnect, device number 3 [ 844.566813][ T4150] syzkaller1: entered promiscuous mode [ 844.568980][ T4150] syzkaller1: entered allmulticast mode [ 853.977875][ T4169] syzkaller1: entered promiscuous mode [ 853.980306][ T4169] syzkaller1: entered allmulticast mode [ 872.109592][ T4192] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 885.823217][ T4209] netlink: 4 bytes leftover after parsing attributes in process `syz.0.100'. [ 891.673091][ T9] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 891.679339][ C0] raw-gadget.0 gadget.0: ignoring, device is not running [ 903.317225][ T4232] dlm: non-version read from control device 2147479552 [ 939.044612][ T4266] syzkaller1: entered promiscuous mode [ 939.046132][ T4266] syzkaller1: entered allmulticast mode [ 948.983515][ T3854] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 949.324346][ T3854] usb 2-1: Using ep0 maxpacket: 16 [ 949.422244][ T3854] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 949.425072][ T3854] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 949.427616][ T3854] usb 2-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00 [ 949.430078][ T3854] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 949.505028][ T3854] usb 2-1: config 0 descriptor?? [ 951.425928][ T4278] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 951.495231][ T4278] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 952.126027][ T3854] usb 2-1: string descriptor 0 read error: -71 [ 952.163965][ T3854] usb 2-1: Max retries (5) exceeded reading string descriptor 200 [ 952.166790][ T3854] letsketch 0003:6161:4D15.0002: probe with driver letsketch failed with error -32 [ 952.294763][ T3854] usb 2-1: USB disconnect, device number 4 [ 1011.309986][ T4352] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 1026.469579][ T4369] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 1026.776001][ T4370] input input0: cannot allocate more than FF_MAX_EFFECTS effects [ 1037.283912][ T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 1037.674360][ T9] usb 1-1: Using ep0 maxpacket: 8 [ 1037.815466][ T9] usb 1-1: config 2 interface 0 altsetting 8 endpoint 0xC has invalid maxpacket 512, setting to 64 [ 1037.853379][ T9] usb 1-1: config 2 interface 0 has no altsetting 0 [ 1038.104567][ T9] usb 1-1: New USB device found, idVendor=04e2, idProduct=1412, bcdDevice=ca.10 [ 1038.107186][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1038.109312][ T9] usb 1-1: Product: syz [ 1038.132100][ T9] usb 1-1: Manufacturer: syz [ 1038.134176][ T9] usb 1-1: SerialNumber: syz [ 1040.553788][ T4391] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1040.623345][ T4391] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1043.236239][ T34] page_pool_release_retry() stalled pool shutdown: id 20, 1 inflight 60 sec [ 1043.958054][ T9] usb 1-1: USB disconnect, device number 3 [ 1084.697508][ T33] audit: type=1326 audit(1083.710:4): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=4437 comm="syz.1.178" exe="/syz-executor" sig=0 arch=c00000f3 syscall=98 compat=0 ip=0xdb5ba code=0x7fc00000 [ 1091.648569][ T4444] syzkaller1: entered promiscuous mode [ 1091.652310][ T4444] syzkaller1: entered allmulticast mode [ 1108.972615][ T4463] macsec0: entered promiscuous mode [ 1109.375013][ T4463] veth1_macvtap: left promiscuous mode [ 1109.869117][ T4463] macsec0 (unregistering): left promiscuous mode [ 1137.138939][ T4493] netlink: 24 bytes leftover after parsing attributes in process `syz.1.198'. [ 1144.910031][ T4502] capability: warning: `syz.0.203' uses deprecated v2 capabilities in a way that may be insecure [ 1149.537166][ T4511] netlink: 4 bytes leftover after parsing attributes in process `syz.1.205'. [ 1149.548296][ T4511] (unnamed net_device) (uninitialized): Invalid ad_actor_system MAC address. [ 1149.550018][ T4511] (unnamed net_device) (uninitialized): option ad_actor_system: invalid value (65521) [ 1180.583566][ T3796] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 1180.949620][ T3796] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1180.961746][ T3796] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1181.126866][ T3796] usb 2-1: config 0 descriptor?? [ 1181.319839][ T3796] cp210x 2-1:0.0: cp210x converter detected [ 1183.234119][ T3796] cp210x 2-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 1184.025047][ T3796] usb 2-1: cp210x converter now attached to ttyUSB0 [ 1184.316773][ T3796] usb 2-1: USB disconnect, device number 5 [ 1184.919273][ T3796] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1185.399125][ T3796] cp210x 2-1:0.0: device disconnected [ 1229.353875][ T4623] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 1314.197810][ T4702] process 'syz.0.267' launched './file2' with NULL argv: empty string added [ 1317.855354][ T1814] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 1318.140273][ T1814] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1318.149033][ T1814] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1318.162259][ T1814] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 1318.164754][ T1814] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1318.355789][ T1814] usb 2-1: config 0 descriptor?? [ 1323.472618][ T1814] hid (null): bogus close delimiter [ 1323.909053][ T1814] usb 2-1: language id specifier not provided by device, defaulting to English [ 1324.692291][ T1814] uclogic 0003:256C:006D.0003: failed retrieving string descriptor #200: -71 [ 1324.695372][ T1814] uclogic 0003:256C:006D.0003: failed retrieving pen parameters: -71 [ 1324.697398][ T1814] uclogic 0003:256C:006D.0003: failed probing pen v2 parameters: -71 [ 1324.700289][ T1814] uclogic 0003:256C:006D.0003: failed probing parameters: -71 [ 1324.705530][ T1814] uclogic 0003:256C:006D.0003: probe with driver uclogic failed with error -71 [ 1324.794780][ T1814] usb 2-1: USB disconnect, device number 6 [ 1352.954502][ T4750] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:7f00:0001 with DS=0xee [ 1370.163182][ T4717] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 1370.425250][ T4717] usb 1-1: Using ep0 maxpacket: 16 [ 1370.513151][ T4717] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1370.543227][ T4717] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1370.548511][ T4717] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1370.586290][ T4717] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1370.686112][ T4717] usb 1-1: config 0 descriptor?? [ 1376.097357][ T4717] usbhid 1-1:0.0: can't add hid device: -32 [ 1376.109873][ T4717] usbhid 1-1:0.0: probe with driver usbhid failed with error -32 [ 1376.396638][ T4717] usb 1-1: USB disconnect, device number 4 [ 1453.008226][ T3796] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 1453.244777][ T3796] usb 2-1: Using ep0 maxpacket: 16 [ 1453.324999][ T3796] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1453.327348][ T3796] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1453.347103][ T3796] usb 2-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00 [ 1453.349385][ T3796] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1453.472949][ T3796] usb 2-1: config 0 descriptor?? [ 1455.125485][ T3796] hid (null): invalid report_size 29797 [ 1455.130163][ T3796] hid (null): invalid report_size 29797 [ 1455.154012][ T3796] hid (null): invalid report_size 29535 [ 1455.365597][ T3796] cougar 0003:060B:500A.0004: usage count exceeds max: fixing up report descriptor [ 1455.385069][ T3796] cougar 0003:060B:500A.0004: unexpected long global item [ 1455.434745][ T3796] cougar 0003:060B:500A.0004: parse failed [ 1455.437800][ T3796] cougar 0003:060B:500A.0004: probe with driver cougar failed with error -22 [ 1455.674171][ T3796] usb 2-1: USB disconnect, device number 7 [ 1465.763214][ T3857] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 1466.058404][ T3857] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 1466.078653][ T3857] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1466.092542][ T3857] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1466.094880][ T3857] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 1466.097312][ T3857] usb 2-1: New USB device found, idVendor=044f, idProduct=b653, bcdDevice= 0.00 [ 1466.099179][ T3857] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1466.250027][ T3857] usb 2-1: config 0 descriptor?? [ 1468.570363][ T3857] thrustmaster 0003:044F:B653.0005: item fetching failed at offset 5/7 [ 1468.618942][ T3857] thrustmaster 0003:044F:B653.0005: parse failed [ 1468.656181][ T3857] thrustmaster 0003:044F:B653.0005: probe with driver thrustmaster failed with error -22 [ 1470.213864][ T3796] usb 2-1: USB disconnect, device number 8 [ 1514.865877][ T3760] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 1515.143704][ T3760] usb 1-1: Using ep0 maxpacket: 16 [ 1515.286187][ T3760] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1515.288927][ T3760] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1515.305195][ T3760] usb 1-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 1515.307603][ T3760] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1515.444537][ T3760] usb 1-1: config 0 descriptor?? [ 1519.037018][ T3760] appleir 0003:05AC:8241.0006: unknown main item tag 0x0 [ 1519.053864][ T3760] appleir 0003:05AC:8241.0006: unknown main item tag 0x0 [ 1519.056048][ T3760] appleir 0003:05AC:8241.0006: unknown main item tag 0x0 [ 1519.057850][ T3760] appleir 0003:05AC:8241.0006: unknown main item tag 0x0 [ 1519.064682][ T3760] appleir 0003:05AC:8241.0006: unknown main item tag 0x0 [ 1519.098133][ T3760] appleir 0003:05AC:8241.0006: No inputs registered, leaving [ 1519.713681][ T3760] appleir 0003:05AC:8241.0006: hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0 [ 1519.880179][ T3760] usb 1-1: USB disconnect, device number 5 [ 1526.035884][ T4975] netlink: 4 bytes leftover after parsing attributes in process `syz.1.343'. [ 1543.774961][ T4973] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 1544.083236][ T4973] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 34, using maximum allowed: 30 [ 1544.086206][ T4973] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1544.088582][ T4973] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1544.097908][ T4973] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 34 [ 1544.102300][ T4973] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 1544.104386][ T4973] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1544.246479][ T4973] usb 1-1: config 0 descriptor?? [ 1549.289777][ T4973] wacom 0003:056A:0331.0007: hidraw0: USB HID v0.00 Device [HID 056a:0331] on usb-dummy_hcd.0-1/input0 [ 1549.533855][ T4973] usb 1-1: USB disconnect, device number 6 [ 1636.114984][ T5122] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 1639.475624][ T5126] vlan3: entered promiscuous mode [ 1639.477767][ T5126] veth0_to_bridge: entered promiscuous mode [ 1639.495017][ T5126] vlan3: entered allmulticast mode [ 1639.497281][ T5126] veth0_to_bridge: entered allmulticast mode [ 1654.115244][ T1814] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 1654.386869][ T1814] usb 2-1: Using ep0 maxpacket: 8 [ 1654.529428][ T1814] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 1654.557372][ T1814] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1654.944034][ T1814] usb 2-1: config 0 descriptor?? [ 1659.126730][ T1814] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 1659.194782][ T1814] asix 2-1:0.0: probe with driver asix failed with error -71 [ 1659.606775][ T1814] usb 2-1: USB disconnect, device number 9 [ 1692.476018][ T5183] input: syz0 as /devices/virtual/input/input4 [ 1758.576600][ T33] audit: type=1326 audit(1757.640:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5262 comm="syz.1.433" exe="/syz-executor" sig=31 arch=c00000f3 syscall=98 compat=0 ip=0xdb5ba code=0x0 [ 1761.140403][ T5266] syzkaller1: entered promiscuous mode [ 1761.146370][ T5266] syzkaller1: entered allmulticast mode [ 1777.273282][ T3857] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 1777.525690][ T3857] usb 2-1: Using ep0 maxpacket: 32 [ 1777.584841][ T3857] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1777.587481][ T3857] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1777.589875][ T3857] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1777.607801][ T3857] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1777.808969][ T3857] usb 2-1: config 0 descriptor?? [ 1779.842932][ T3857] savu 0003:1E7D:2D5A.0008: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 1780.722479][ T3857] usb 2-1: USB disconnect, device number 10 [ 1813.848953][ T5337] macsec0: entered promiscuous mode [ 1814.211638][ T5337] veth1_macvtap: left promiscuous mode [ 1814.968075][ T5337] macsec0 (unregistering): left promiscuous mode [ 1822.523457][ T1814] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 1822.793126][ T1814] usb 2-1: Using ep0 maxpacket: 32 [ 1822.902628][ T1814] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1822.905248][ T1814] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1032, setting to 1024 [ 1822.907744][ T1814] usb 2-1: New USB device found, idVendor=172f, idProduct=0034, bcdDevice= 0.00 [ 1822.910184][ T1814] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1823.034538][ T1814] usb 2-1: config 0 descriptor?? [ 1823.103653][ T5349] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1825.582138][ T1814] waltop 0003:172F:0034.0009: unbalanced delimiter at end of report description [ 1825.675848][ T1814] waltop 0003:172F:0034.0009: probe with driver waltop failed with error -22 [ 1826.334159][ T1814] usb 2-1: USB disconnect, device number 11 [ 1834.292650][ T3796] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 1834.598019][ T3796] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1834.603081][ T3796] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1834.729765][ T3796] usb 1-1: config 0 descriptor?? [ 1834.859870][ T3796] cp210x 1-1:0.0: cp210x converter detected [ 1836.049260][ T3796] cp210x 1-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 1836.375758][ T3796] usb 1-1: cp210x converter now attached to ttyUSB0 [ 1837.031300][ T3857] usb 1-1: USB disconnect, device number 7 [ 1837.223767][ T3857] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1837.349794][ T3857] cp210x 1-1:0.0: device disconnected [ 1849.348229][ T5412] ALSA: seq fatal error: cannot create timer (-22) [ 1867.545838][ T9] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 1867.784651][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 1867.939791][ T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1867.965463][ T9] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 22 [ 1868.099965][ T9] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1868.111944][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1868.113843][ T9] usb 2-1: SerialNumber: syz [ 1868.399398][ T9] cdc_acm 2-1:1.0: Control and data interfaces are not separated! [ 1868.405455][ T9] cdc_acm 2-1:1.0: This needs exactly 3 endpoints [ 1868.408227][ T9] cdc_acm 2-1:1.0: probe with driver cdc_acm failed with error -22 [ 1870.039420][ T9] usb 2-1: USB disconnect, device number 12 [ 1879.344664][ T3796] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 1880.148596][ T3796] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1880.165100][ T3796] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1880.167816][ T3796] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1880.194273][ T3796] usb 2-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 1880.197003][ T3796] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1880.489341][ T3796] usb 2-1: config 0 descriptor?? [ 1882.544539][ T3796] acrux 0003:1A34:0802.000A: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.1-1/input0 [ 1882.547782][ T3796] acrux 0003:1A34:0802.000A: no inputs found [ 1882.549802][ T3796] acrux 0003:1A34:0802.000A: Failed to enable force feedback support, error: -19 [ 1883.986004][ T3796] usb 2-1: reset high-speed USB device number 13 using dummy_hcd [ 1885.083654][ T3854] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 1885.439094][ T3760] usb 2-1: USB disconnect, device number 13 [ 1885.473924][ T3854] usb 1-1: Using ep0 maxpacket: 8 [ 1885.563735][ T3854] usb 1-1: config index 0 descriptor too short (expected 6427, got 27) [ 1885.566354][ T3854] usb 1-1: config 0 has an invalid interface number: 21 but max is 0 [ 1885.568571][ T3854] usb 1-1: config 0 has no interface number 0 [ 1885.570083][ T3854] usb 1-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1885.587144][ T3854] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1885.588567][ T3854] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 1885.813203][ T3854] usb 1-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 1885.815651][ T3854] usb 1-1: New USB device strings: Mfr=31, Product=1, SerialNumber=0 [ 1885.817580][ T3854] usb 1-1: Product: syz [ 1885.819077][ T3854] usb 1-1: Manufacturer: syz [ 1886.051780][ T3854] usb 1-1: config 0 descriptor?? [ 1887.519759][ T3854] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.21/input/input5 [ 1887.593672][ T3854] input: failed to attach handler kbd to device input5, error: -5 [ 1888.013586][ T3854] usb 1-1: USB disconnect, device number 8 [ 1905.853571][ T1814] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 1906.329077][ T1814] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1906.341971][ T1814] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1906.344947][ T1814] usb 1-1: New USB device found, idVendor=056a, idProduct=0019, bcdDevice= 0.00 [ 1906.347242][ T1814] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1906.583895][ T1814] usb 1-1: config 0 descriptor?? [ 1908.490066][ T1814] wacom 0003:056A:0019.000B: unknown main item tag 0x0 [ 1908.549989][ T1814] wacom 0003:056A:0019.000B: Unknown device_type for 'HID 056a:0019'. Assuming pen. [ 1908.665182][ T1814] wacom 0003:056A:0019.000B: hidraw0: USB HID v0.00 Device [HID 056a:0019] on usb-dummy_hcd.0-1/input0 [ 1908.768732][ T1814] input: Wacom Bamboo1 Medium Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:056A:0019.000B/input/input6 [ 1909.255914][ T1814] usb 1-1: USB disconnect, device number 9 [ 1923.613882][ T5552] netlink: 'syz.1.488': attribute type 19 has an invalid length. [ 1963.097623][ T33] audit: type=1326 audit(1962.160:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5601 comm="syz.1.506" exe="/syz-executor" sig=31 arch=c00000f3 syscall=98 compat=0 ip=0xdb5ba code=0x0 [ 1994.498172][ T5629] netlink: 168 bytes leftover after parsing attributes in process `syz.0.517'. [ 2017.355093][ T1814] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 2017.703416][ T1814] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2017.706378][ T1814] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2017.709201][ T1814] usb 2-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 2017.716827][ T1814] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2017.836115][ T1814] usb 2-1: config 0 descriptor?? [ 2021.272742][ T1814] hid-thrustmaster 0003:044F:B65D.000C: unknown main item tag 0x0 [ 2021.468625][ T1814] hid-thrustmaster 0003:044F:B65D.000C: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.1-1/input0 [ 2021.488596][ T1814] hid-thrustmaster 0003:044F:B65D.000C: Wrong number of endpoints? [ 2024.381801][ C0] hid-thrustmaster 0003:044F:B65D.000C: URB to get model id failed with error -71 [ 2024.465589][ T5482] usb 2-1: USB disconnect, device number 14 [ 2082.702300][ T5732] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 2109.759592][ T5754] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2112.310013][ T5754] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2113.779216][ T5754] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2115.070077][ T5754] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2117.439409][ T5754] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2117.916603][ T5754] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2118.247461][ T5754] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2118.723515][ T5754] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2135.124776][ T5794] netlink: 32 bytes leftover after parsing attributes in process `syz.1.565'. [ 2173.127318][ T33] audit: type=1326 audit(2172.200:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5840 comm="syz.1.585" exe="/syz-executor" sig=31 arch=c00000f3 syscall=98 compat=0 ip=0xdb5ba code=0x0 [ 2184.208097][ T5853] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2185.837106][ T5853] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2186.013441][ T33] audit: type=1326 audit(2185.060:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5857 comm="syz.1.589" exe="/syz-executor" sig=31 arch=c00000f3 syscall=98 compat=0 ip=0xdb5ba code=0x0 [ 2187.135098][ T5853] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2188.469495][ T5853] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2191.217322][ T5853] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2191.908170][ T5853] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2192.465542][ T5853] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2193.226329][ T5853] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2219.459635][ T5910] syz_tun: entered promiscuous mode [ 2219.595660][ T5910] syz_tun: left promiscuous mode [ 2246.454322][ T3857] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 2246.763214][ T3857] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 2246.766024][ T3857] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2246.865048][ T3857] usb 2-1: config 0 descriptor?? [ 2246.957601][ T3857] cp210x 2-1:0.0: cp210x converter detected [ 2247.723158][ T3857] cp210x 2-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 2247.959737][ T3857] usb 2-1: cp210x converter now attached to ttyUSB0 [ 2248.404949][ T5482] usb 2-1: USB disconnect, device number 15 [ 2248.639692][ T5482] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 2249.127703][ T5482] cp210x 2-1:0.0: device disconnected [ 2265.124855][ T5983] nbd: device at index 1 is going down [ 2304.619770][ T6039] input: syz1 as /devices/virtual/input/input9 [ 2319.524122][ T6061] input: syz1 as /devices/virtual/input/input10 [ 2325.587198][ T6080] netlink: 'syz.1.655': attribute type 1 has an invalid length. [ 2339.054134][ T6098] netlink: 8 bytes leftover after parsing attributes in process `syz.0.664'. [ 2339.244210][ T6098] netlink: 8 bytes leftover after parsing attributes in process `syz.0.664'. [ 2372.075588][ T6148] xt_CT: You must specify a L4 protocol and not use inversions on it [ 2436.617597][ T33] audit: type=1800 audit(2435.690:9): pid=6212 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.703" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 2436.769615][ T33] audit: type=1804 audit(2435.840:10): pid=6212 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.703" name="SYSV00000000" dev="hugetlbfs" ino=0 res=1 errno=0 [ 2436.810006][ T33] audit: type=1804 audit(2435.870:11): pid=6212 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.703" name="SYSV00000000" dev="hugetlbfs" ino=0 res=1 errno=0 [ 2448.358630][ T6230] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 2452.216538][ T6236] syzkaller1: entered promiscuous mode [ 2452.218966][ T6236] syzkaller1: entered allmulticast mode [ 2464.059571][ T6252] input: syz1 as /devices/virtual/input/input11 [ 2467.474614][ T1814] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 2468.734574][ T1814] usb 2-1: Using ep0 maxpacket: 16 [ 2469.183367][ T1814] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2469.187176][ T1814] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2469.189441][ T1814] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 2469.196171][ T1814] usb 2-1: New USB device found, idVendor=045e, idProduct=0001, bcdDevice= 0.00 [ 2469.198540][ T1814] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2469.330291][ T1814] usb 2-1: config 0 descriptor?? [ 2476.397976][ T1814] hid-generic 0003:045E:0001.000D: unknown main item tag 0x0 [ 2476.402075][ T1814] hid-generic 0003:045E:0001.000D: ignoring exceeding usage max [ 2476.428179][ T1814] hid-generic 0003:045E:0001.000D: unknown main item tag 0x0 [ 2476.432720][ T1814] hid-generic 0003:045E:0001.000D: unbalanced collection at end of report description [ 2476.456540][ T1814] hid-generic 0003:045E:0001.000D: probe with driver hid-generic failed with error -22 [ 2477.715088][ T5476] usb 2-1: USB disconnect, device number 16 [ 2494.913396][ T6311] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 2512.138881][ T33] audit: type=1326 audit(2511.170:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6337 comm="syz.1.734" exe="/syz-executor" sig=31 arch=c00000f3 syscall=98 compat=0 ip=0xdb5ba code=0x0 [ 2523.526652][ T6353] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc. [ 2558.557323][ T6402] input: syz1 as /devices/virtual/input/input12 [ 2565.093155][ T6417] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 2568.584983][ T6421] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 2568.770169][ T6421] infiniband Syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 2570.932463][ T6433] input: syz1 as /devices/virtual/input/input13 [ 2581.900193][ T6458] netlink: 9 bytes leftover after parsing attributes in process `syz.1.767'. [ 2582.010136][ T6458] gretap0: entered promiscuous mode [ 2582.330137][ T6458] netlink: 5 bytes leftover after parsing attributes in process `syz.1.767'. [ 2582.338292][ T6458] gretap0: left promiscuous mode [ 2582.339931][ T6458] gretap0: entered allmulticast mode [ 2585.024017][ T3857] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 2585.225606][ T3857] usb 2-1: Using ep0 maxpacket: 16 [ 2585.342441][ T3857] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 2585.349131][ T3857] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 2585.353456][ T3857] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 2585.445771][ T3857] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 2585.448424][ T3857] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2585.456208][ T3857] usb 2-1: Product: syz [ 2585.458089][ T3857] usb 2-1: Manufacturer: syz [ 2585.459713][ T3857] usb 2-1: SerialNumber: syz [ 2588.133429][ T3857] usb 2-1: 2:1 : format type 0 is detected, processed as PCM [ 2589.654792][ T3857] usb 2-1: 2:1: cannot get freq at ep 0x82 [ 2590.665692][ T3857] usb 2-1: USB disconnect, device number 17 [ 2612.295676][ T6499] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 2612.534203][ T6499] usb 2-1: Using ep0 maxpacket: 16 [ 2612.592807][ T6499] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2612.596761][ T6499] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2612.599664][ T6499] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 2612.637163][ T6499] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 2612.639904][ T6499] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2612.723043][ T6499] usb 2-1: config 0 descriptor?? [ 2614.432668][ T6499] microsoft 0003:045E:07DA.000E: unknown main item tag 0x0 [ 2614.437270][ T6499] microsoft 0003:045E:07DA.000E: unknown main item tag 0x0 [ 2614.439529][ T6499] microsoft 0003:045E:07DA.000E: unknown main item tag 0x0 [ 2614.467865][ T6499] microsoft 0003:045E:07DA.000E: unknown main item tag 0x0 [ 2614.470094][ T6499] microsoft 0003:045E:07DA.000E: unknown main item tag 0x0 [ 2614.486286][ T6499] microsoft 0003:045E:07DA.000E: unknown main item tag 0x0 [ 2614.488999][ T6499] microsoft 0003:045E:07DA.000E: unknown main item tag 0x0 [ 2614.512278][ T6499] microsoft 0003:045E:07DA.000E: unknown main item tag 0x0 [ 2614.945969][ T6499] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.000E/input/input14 [ 2615.328533][ T6499] microsoft 0003:045E:07DA.000E: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 2615.518891][ T6499] usb 2-1: USB disconnect, device number 18 [ 2624.398239][ T6547] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 2631.415286][ T5482] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 2631.636386][ T5482] usb 1-1: Using ep0 maxpacket: 16 [ 2631.712260][ T5482] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 2631.719415][ T5482] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 2631.724513][ T5482] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 2631.798521][ T5482] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 2631.807169][ T5482] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2631.809296][ T5482] usb 1-1: Product: syz [ 2631.815148][ T5482] usb 1-1: Manufacturer: syz [ 2631.817189][ T5482] usb 1-1: SerialNumber: syz [ 2632.785400][ T5482] usb 1-1: 2:1 : format type 0 is detected, processed as PCM [ 2634.009737][ T5482] usb 1-1: 2:1: cannot get freq at ep 0x82 [ 2635.434344][ T5482] usb 1-1: USB disconnect, device number 10 [ 2637.305492][ T6590] input: syz1 as /devices/virtual/input/input15 [ 2644.993005][ T33] audit: type=1804 audit(2644.060:13): pid=6600 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.786" name="/" dev="pidfs" ino=6901 res=1 errno=0 [ 2645.232145][ T4973] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 2645.589130][ T4973] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2645.596341][ T4973] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 2645.600149][ T4973] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 2645.614684][ T4973] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2645.800104][ T4973] usb 1-1: config 0 descriptor?? [ 2647.654592][ T4973] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 2647.699410][ T4973] plantronics 0003:047F:FFFF.000F: No inputs registered, leaving [ 2647.866855][ T4973] plantronics 0003:047F:FFFF.000F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 2648.059027][ T4973] usb 1-1: USB disconnect, device number 11 [ 2672.589853][ T6650] netlink: 9 bytes leftover after parsing attributes in process `syz.0.795'. [ 2672.637845][ T6650] gretap0: entered promiscuous mode [ 2672.994501][ T6650] netlink: 5 bytes leftover after parsing attributes in process `syz.0.795'. [ 2672.997283][ T6650] gretap0: left promiscuous mode [ 2672.998724][ T6650] gretap0: entered allmulticast mode [ 2680.423162][ T6663] infiniband Syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 2694.329496][ T6691] xt_CT: You must specify a L4 protocol and not use inversions on it [ 2714.153737][ T6703] netlink: 9 bytes leftover after parsing attributes in process `syz.0.811'. [ 2714.279523][ T6703] gretap0: entered promiscuous mode [ 2714.290059][ T6703] gretap0: left allmulticast mode [ 2715.075323][ T6703] netlink: 5 bytes leftover after parsing attributes in process `syz.0.811'. [ 2715.079872][ T6703] gretap0: left promiscuous mode [ 2715.083106][ T6703] gretap0: entered allmulticast mode [ 2721.723038][ T6707] netlink: 40 bytes leftover after parsing attributes in process `syz.1.812'. [ 2721.727879][ T6707] netlink: 40 bytes leftover after parsing attributes in process `syz.1.812'. [ 2721.859970][ T6707] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check. [ 2728.675534][ T6715] xt_CT: You must specify a L4 protocol and not use inversions on it [ 2753.325154][ T5801] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 2753.464551][ T5801] hid-generic 0000:0000:0000.0010: hidraw0: HID v0.00 Device [syz1] on syz0 [ 2754.003266][ T3857] usb 1-1: new full-speed USB device number 12 using dummy_hcd [ 2754.499930][ T6739] hid-generic 0000:0000:0000.0010: pid 6739 passed too large report [ 2755.038596][ T3857] usb 1-1: unable to get BOS descriptor or descriptor too short [ 2755.052747][ T3857] usb 1-1: no configurations [ 2755.054483][ T3857] usb 1-1: can't read configurations, error -22 [ 2761.135249][ T6761] binder: 6760:6761 ioctl c00c620f 0 returned -14 [ 2761.855981][ T6499] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 2762.764820][ T6499] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD6, changing to 0x86 [ 2762.767712][ T6499] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7 [ 2762.770239][ T6499] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid maxpacket 59391, setting to 1024 [ 2762.969322][ T6499] usb 2-1: New USB device found, idVendor=05f3, idProduct=0240, bcdDevice=1b.24 [ 2762.982275][ T6499] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2762.984635][ T6499] usb 2-1: Product: syz [ 2762.986377][ T6499] usb 2-1: Manufacturer: syz [ 2762.987947][ T6499] usb 2-1: SerialNumber: syz [ 2763.188700][ T6499] usb 2-1: config 0 descriptor?? [ 2763.258007][ T6761] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 2765.448491][ T6499] powermate: unknown product id 0240 [ 2765.478363][ T6499] powermate: Expected payload of 3--6 bytes, found 1024 bytes! [ 2765.704294][ T6499] input: Griffin SoundKnob as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input16 [ 2765.852678][ C1] powermate: config urb returned -71 [ 2765.858226][ C1] powermate: config urb returned -71 [ 2765.872399][ C1] powermate: config urb returned -71 [ 2765.876538][ C1] powermate: config urb returned -71 [ 2766.134194][ T6499] usb 2-1: USB disconnect, device number 19 [ 2766.143392][ C1] powermate 2-1:0.0: powermate_irq - usb_submit_urb failed with result: -19 [ 2779.734397][ T6795] lo speed is unknown, defaulting to 1000 [ 2779.758527][ T6795] lo speed is unknown, defaulting to 1000 [ 2779.866625][ T6795] lo speed is unknown, defaulting to 1000 [ 2780.231439][ T6795] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 2781.272667][ T6795] lo speed is unknown, defaulting to 1000 [ 2781.578555][ T6795] lo speed is unknown, defaulting to 1000 [ 2803.669452][ T6829] input: syz0 as /devices/virtual/input/input17 [ 2814.713697][ T6846] netlink: 128 bytes leftover after parsing attributes in process `syz.1.852'. [ 2814.988106][ T6848] netlink: 'syz.0.853': attribute type 4 has an invalid length. [ 2815.378169][ T1814] lo speed is unknown, defaulting to 1000 [ 2824.678240][ T6860] netlink: 8 bytes leftover after parsing attributes in process `syz.0.859'. [ 2829.556034][ T6868] siw: device registration error -23 [ 2835.543934][ T6499] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 2835.843521][ T6499] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 2835.848920][ T6499] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 2835.885760][ T6499] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 2835.888646][ T6499] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 2835.908614][ T6499] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 2835.915494][ T6499] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2836.110089][ T6499] usb 2-1: config 0 descriptor?? [ 2836.159398][ T6876] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 2837.556181][ T6499] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 2837.567823][ T6499] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 2837.569961][ T6499] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 2837.586358][ T6499] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 2837.588224][ T6499] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 2837.635817][ T6499] plantronics 0003:047F:FFFF.0011: No inputs registered, leaving [ 2837.773479][ T6499] plantronics 0003:047F:FFFF.0011: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 2839.122049][ T3854] usb 2-1: reset high-speed USB device number 20 using dummy_hcd [ 2840.193970][ T5482] usb 2-1: USB disconnect, device number 20 [ 2855.338746][ T6916] siw: device registration error -23 [ 2858.307191][ T6920] netlink: 8 bytes leftover after parsing attributes in process `syz.1.876'. [ 2858.314283][ T6920] netlink: 4 bytes leftover after parsing attributes in process `syz.1.876'. [ 2858.318087][ T6920] netlink: 36 bytes leftover after parsing attributes in process `syz.1.876'. [ 2865.528956][ T6934] netlink: 9 bytes leftover after parsing attributes in process `syz.1.881'. [ 2865.658278][ T6934] gretap0: entered promiscuous mode [ 2865.672952][ T6934] gretap0: left allmulticast mode [ 2866.295072][ T6934] netlink: 5 bytes leftover after parsing attributes in process `syz.1.881'. [ 2866.298577][ T6934] gretap0: left promiscuous mode [ 2866.300221][ T6934] gretap0: entered allmulticast mode [ 2875.904451][ T6947] binder: 6946:6947 ioctl c0306201 20000380 returned -14 [ 2878.142744][ T6949] input: syz0 as /devices/virtual/input/input19 [ 2882.023621][ T1814] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 2882.299086][ T1814] usb 2-1: Using ep0 maxpacket: 16 [ 2882.426068][ T1814] usb 2-1: config 0 has an invalid interface number: 251 but max is 0 [ 2882.428901][ T1814] usb 2-1: config 0 has no interface number 0 [ 2882.448809][ T1814] usb 2-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 2882.456898][ T1814] usb 2-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 2882.589127][ T1814] usb 2-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 2882.599539][ T1814] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2882.606735][ T1814] usb 2-1: Product: syz [ 2882.608384][ T1814] usb 2-1: Manufacturer: syz [ 2882.614827][ T1814] usb 2-1: SerialNumber: syz [ 2882.709446][ T1814] usb 2-1: config 0 descriptor?? [ 2882.746848][ T6959] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 2882.776249][ T6959] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 2884.682183][ T6959] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 2884.692576][ T6959] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 2885.069951][ T1814] asix 2-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 2885.078986][ T1814] asix 2-1:0.251 (unnamed net_device) (uninitialized): Failed to read MAC address: -71 [ 2885.107735][ T1814] asix 2-1:0.251: probe with driver asix failed with error -5 [ 2885.422283][ T1814] usb 2-1: USB disconnect, device number 21 [ 2915.937567][ T6997] input: syz1 as /devices/virtual/input/input20 [ 2923.893424][ T7010] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 2945.732174][ T7045] netlink: 'syz.1.914': attribute type 4 has an invalid length. [ 3035.998193][ T7112] batadv_slave_1: entered promiscuous mode [ 3036.104627][ T7111] batadv_slave_1: left promiscuous mode [ 3042.613534][ T7121] syzkaller0: refused to change device tx_queue_len [ 3044.938497][ T7109] lo speed is unknown, defaulting to 1000 [ 3061.086037][ T7109] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3061.157943][ T7109] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3074.495499][ T7109] hsr_slave_0: entered promiscuous mode [ 3074.549506][ T7109] hsr_slave_1: entered promiscuous mode [ 3074.580306][ T7109] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 3074.585425][ T7109] Cannot create hsr debugfs directory [ 3079.357863][ T7109] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 3079.459756][ T7109] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 3079.564970][ T7109] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 3079.697563][ T7109] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 3092.295799][ T7109] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3121.789846][ T7109] veth0_vlan: entered promiscuous mode [ 3122.308672][ T7109] veth1_vlan: entered promiscuous mode [ 3123.922820][ T7109] veth0_macvtap: entered promiscuous mode [ 3124.108352][ T7109] veth1_macvtap: entered promiscuous mode [ 3125.547404][ T7109] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3125.554580][ T7109] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3125.556976][ T7109] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3125.559281][ T7109] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3172.792009][ T7523] [U] [ 3172.795594][ T7523] [U] [ 3172.797109][ T7523] [U] [ 3172.798564][ T7523] [U] [ 3172.835207][ T7523] [U] [ 3172.837040][ T7523] [U] [ 3172.838409][ T7523] [U] [ 3172.839763][ T7523] [U] [ 3172.889202][ T7523] [U] [ 3172.891099][ T7523] [U] [ 3172.892576][ T7523] [U] [ 3173.137508][ T7520] [U] [ 3198.614086][ T7560] netlink: 28 bytes leftover after parsing attributes in process `syz.2.968'. [ 3198.642823][ T7560] netlink: 'syz.2.968': attribute type 7 has an invalid length. [ 3198.654660][ T7560] netlink: 'syz.2.968': attribute type 8 has an invalid length. [ 3198.742365][ T7560] netlink: 4 bytes leftover after parsing attributes in process `syz.2.968'. [ 3224.441398][ T7588] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 3224.467000][ T7588] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 3233.893770][ T7597] input: syz0 as /devices/virtual/input/input21 [ 3267.215652][ T7636] netlink: 8 bytes leftover after parsing attributes in process `syz.0.997'. [ 3267.748173][ T7636] netlink: 8 bytes leftover after parsing attributes in process `syz.0.997'. [ 3285.803209][ T7656] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 3285.825387][ T7656] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 3288.084406][ T7640] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 3288.304333][ T7640] usb 1-1: Using ep0 maxpacket: 8 [ 3288.389478][ T7640] usb 1-1: config index 0 descriptor too short (expected 6427, got 27) [ 3288.396319][ T7640] usb 1-1: config 0 has an invalid interface number: 21 but max is 0 [ 3288.399613][ T7640] usb 1-1: config 0 has no interface number 0 [ 3288.419136][ T7640] usb 1-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 3288.427524][ T7640] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 3288.429997][ T7640] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 3288.433652][ T7640] usb 1-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 3288.435696][ T7640] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 3288.589297][ T7640] usb 1-1: config 0 descriptor?? [ 3288.648012][ T7660] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 3290.204076][ T7640] input: USB Keyspan Remote 06cd:0202 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.21/input/input22 [ 3291.178015][ T3857] usb 1-1: USB disconnect, device number 14 [ 3291.178381][ C1] keyspan_remote 1-1:0.21: keyspan_irq_recv - usb_submit_urb failed with result: -19 [ 3323.185268][ T7713] mmap: syz.0.1021 (7713) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 3332.907156][ T7721] bond0: entered allmulticast mode [ 3332.914489][ T7721] bond_slave_0: entered allmulticast mode [ 3332.917167][ T7721] bond_slave_1: entered allmulticast mode [ 3333.172194][ T7721] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3357.949593][ T7753] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1032'. [ 3358.126860][ T7753] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1032'. [ 3416.759426][ T7813] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 3416.789411][ T7813] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 3427.297793][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.299352][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.313837][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.315397][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.316709][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.318044][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.319278][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.336457][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.337923][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.339208][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.353861][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.355653][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.357092][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.358273][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.359418][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.381561][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.383005][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.384219][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.385515][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.386733][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.388048][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.389227][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.390333][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.404139][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.405524][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.406742][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.407833][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.409084][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.410138][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.431924][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.433282][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.434447][ T3857] hid-generic 0000:04AD:0000.0012: unknown main item tag 0x0 [ 3427.478616][ T3857] hid-generic 0000:04AD:0000.0012: hidraw0: HID v0.00 Device [syz0] on syz0 [ 3427.782788][ T7480] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 3428.154050][ T7480] usb 1-1: config 0 has no interfaces? [ 3428.157600][ T7480] usb 1-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 3428.162890][ T7480] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 3428.303810][ T7480] usb 1-1: config 0 descriptor?? [ 3429.429397][ T6499] usb 1-1: USB disconnect, device number 15 [ 3435.644329][ T36] INFO: task syz.1.935:7102 blocked for more than 430 seconds. [ 3435.647784][ T36] Not tainted 6.13.0-rc2-syzkaller-g21f1b85c8912 #0 [ 3435.661530][ T36] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 3435.663544][ T36] task:syz.1.935 state:D stack:0 pid:7102 tgid:7102 ppid:3167 flags:0x00000008 [ 3435.666465][ T36] Call Trace: [ 3435.667862][ T36] [] __schedule+0xdaa/0x393a [ 3435.669917][ T36] [] schedule+0xc4/0x324 [ 3435.692173][ T36] [] schedule_timeout+0x1c6/0x28a [ 3435.694331][ T36] [] __wait_for_common+0x1ca/0x4b6 [ 3435.695985][ T36] [] wait_for_completion+0x1a/0x22 [ 3435.716368][ T36] [] __vhost_worker_flush+0x204/0x274 [ 3435.718936][ T36] [] vhost_dev_flush+0xb4/0x114 [ 3435.745306][ T36] [] vhost_net_flush+0x24/0x19e [ 3435.747373][ T36] [] vhost_net_release+0xac/0x256 [ 3435.749197][ T36] [] __fput+0x378/0x9ee [ 3435.776382][ T36] [] ____fput+0x1c/0x26 [ 3435.778483][ T36] [] task_work_run+0x16a/0x25e [ 3435.780140][ T36] [] syscall_exit_to_user_mode+0x302/0x316 [ 3435.802663][ T36] [] do_trap_ecall_u+0x86/0x216 [ 3435.804506][ T36] [] _new_vmalloc_restore_context_a0+0xc2/0xce [ 3435.807620][ T36] [ 3435.807620][ T36] Showing all locks held in the system: [ 3435.809502][ T36] 1 lock held by khungtaskd/36: [ 3435.831342][ T36] #0: ffffffff881d0c40 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x68/0x2e6 [ 3435.836629][ T36] 3 locks held by syslogd/2973: [ 3435.838058][ T36] 2 locks held by getty/3127: [ 3435.839383][ T36] #0: ff6000001d31f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3a/0x46 [ 3435.849266][ T36] #1: ff2000000008b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0xd7c/0x129a [ 3435.870168][ T36] 1 lock held by sshd/3153: [ 3435.882653][ T36] 2 locks held by kworker/u10:3/7307: [ 3435.884035][ T36] 2 locks held by syz.2.1038/7775: [ 3435.885437][ T36] 1 lock held by syz.0.1055/7822: [ 3435.886807][ T36] 1 lock held by syz.2.1057/7845: [ 3435.888130][ T36] #0: ff6000001e7e1c10 (&mm->mmap_lock){++++}-{4:4}, at: lock_mm_and_find_vma+0x174/0x674 [ 3435.927733][ T36] 3 locks held by syz.2.1057/7846: [ 3435.929468][ T36] [ 3435.963040][ T36] ============================================= [ 3435.963040][ T36] [ 3435.965431][ T36] NMI backtrace for cpu 0 [ 3435.966788][ T36] CPU: 0 UID: 0 PID: 36 Comm: khungtaskd Not tainted 6.13.0-rc2-syzkaller-g21f1b85c8912 #0 [ 3435.968406][ T36] Hardware name: riscv-virtio,qemu (DT) [ 3435.969503][ T36] Call Trace: [ 3435.970356][ T36] [] dump_backtrace+0x2e/0x3c [ 3435.971855][ T36] [] show_stack+0x30/0x3c [ 3435.973218][ T36] [] dump_stack_lvl+0x12e/0x1a6 [ 3435.974755][ T36] [] dump_stack+0x1c/0x24 [ 3435.976238][ T36] [] nmi_cpu_backtrace+0x3b0/0x3b2 [ 3435.977822][ T36] [] nmi_trigger_cpumask_backtrace+0x2b6/0x458 [ 3435.979438][ T36] [] arch_trigger_cpumask_backtrace+0x2c/0x3e [ 3435.981935][ T36] [] watchdog+0xcee/0x1170 [ 3435.983367][ T36] [] kthread+0x28c/0x3a4 [ 3435.984832][ T36] [] ret_from_fork+0xe/0x18 [ 3436.000080][ T36] Sending NMI from CPU 0 to CPUs 1: [ 3436.003378][ C1] NMI backtrace for cpu 1 [ 3436.005467][ C1] CPU: 1 UID: 0 PID: 7109 Comm: syz-executor Not tainted 6.13.0-rc2-syzkaller-g21f1b85c8912 #0 [ 3436.007618][ C1] Hardware name: riscv-virtio,qemu (DT) [ 3436.009094][ C1] epc : _raw_spin_unlock_irqrestore+0x36/0xd4 [ 3436.011190][ C1] ra : _raw_spin_unlock_irqrestore+0x86/0xd4 [ 3436.013042][ C1] epc : ffffffff861e4106 ra : ffffffff861e4156 sp : ff2000000ccf7aa0 [ 3436.014656][ C1] gp : ffffffff899f4f80 tp : ff6000001af69a40 t0 : 5262c402f029ff44 [ 3436.016303][ C1] t1 : ffebffff03810bd4 t2 : 000000000000014c s0 : ff2000000ccf7ac0 [ 3436.017956][ C1] s1 : 0000000000000002 a0 : 0000000000000001 a1 : ffffffff8663f920 [ 3436.019602][ C1] a2 : 0000000000000002 a3 : 0000000000000001 a4 : 0000000000000001 [ 3436.022032][ C1] a5 : 0000000000000000 a6 : 0000000000000003 a7 : ff6000001c085ea3 [ 3436.023558][ C1] s2 : ff6000001c085ea0 s3 : ff2000000ccf7c00 s4 : ff6000001c085ee0 [ 3436.025179][ C1] s5 : ff6000001c085ee0 s6 : ff2000000ccf7be8 s7 : ff6000001c085ea0 [ 3436.026784][ C1] s8 : 0000000000000004 s9 : 0000000000003a98 s10: 00000000003464eb [ 3436.028438][ C1] s11: 00000000000003e8 t3 : ff6000001af6a560 t4 : ffebffff03810bd4 [ 3436.030148][ C1] t5 : ffebffff03810bd5 t6 : 0000000000000004 [ 3436.031571][ C1] status: 0000000200000120 badaddr: 0000000000000000 cause: 8000000000000001 [ 3436.033247][ C1] [] _raw_spin_unlock_irqrestore+0x36/0xd4 [ 3436.035045][ C1] [] add_wait_queue+0x150/0x1d8 [ 3436.036653][ C1] [] do_wait+0x16c/0x690 [ 3436.038106][ C1] [] kernel_wait4+0x17e/0x41a [ 3436.039569][ C1] [] __do_sys_wait4+0x156/0x162 [ 3436.041622][ C1] [] __riscv_sys_wait4+0x8a/0xd6 [ 3436.043141][ C1] [] syscall_handler+0x94/0x118 [ 3436.044565][ C1] [] do_trap_ecall_u+0x1aa/0x216 [ 3436.046114][ C1] [] _new_vmalloc_restore_context_a0+0xc2/0xce SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 3436.212425][ T36] Kernel panic - not syncing: hung_task: blocked tasks [ 3436.214841][ T36] CPU: 1 UID: 0 PID: 36 Comm: khungtaskd Not tainted 6.13.0-rc2-syzkaller-g21f1b85c8912 #0 [ 3436.216582][ T36] Hardware name: riscv-virtio,qemu (DT) [ 3436.217695][ T36] Call Trace: [ 3436.218574][ T36] [] dump_backtrace+0x2e/0x3c [ 3436.220070][ T36] [] show_stack+0x30/0x3c [ 3436.221537][ T36] [] dump_stack_lvl+0x110/0x1a6 [ 3436.223093][ T36] [] dump_stack+0x1c/0x24 [ 3436.224579][ T36] [] panic+0x38c/0x86e [ 3436.225912][ T36] [] watchdog+0x772/0x1170 [ 3436.227262][ T36] [] kthread+0x28c/0x3a4 [ 3436.228661][ T36] [] ret_from_fork+0xe/0x18 [ 3436.230701][ T36] SMP: stopping secondary CPUs [ 3436.234223][ T36] Rebooting in 86400 seconds.. VM DIAGNOSIS: 09:32:59 Registers: info registers vcpu 0 CPU#0 V = 0 pc ffffffff81bfd88e mhartid 0000000000000000 mstatus 0000000a000001a0 hstatus 0000000200000000 vsstatus 0000000a00000000 mip 0000000000000000 mie 000000000000022a mideleg 0000000000001666 hideleg 0000000000000444 medeleg 0000000000f0b509 hedeleg 000000000000b109 mtvec 00000000800004f0 stvec ffffffff861e63e4 vstvec 0000000000000000 mepc ffffffff804b66fa sepc ffffffff802d76ac vsepc 0000000000000000 mcause 8000000000000003 scause 8000000000000009 vscause 0000000000000000 mtval 0000000000000000 stval 0000000000000000 htval 0000000000000000 mtval2 0000000000000000 mscratch 000000008004a000 sscratch 0000000000000000 satp a05b9000000b414d x0/zero 0000000000000000 x1/ra ffffffff81bfd870 x2/sp ff20000000007d40 x3/gp ffffffff899f4f80 x4/tp ff600000132b4ec0 x5/t0 9a44cefe340f8718 x6/t1 ffebffff02af7816 x7/t2 0000000000000039 x8/s0 ff20000000007d90 x9/s1 ff2000000005d000 x10/a0 ff600000185f25b0 x11/a1 ff600000185f2000 x12/a2 0000000000000001 x13/a3 ffffffff81bfd870 x14/a4 1fec0000030be4b6 x15/a5 0000000000000000 x16/a6 0000000000ff0100 x17/a7 ff600000157bc0b3 x18/s2 ff600000185f2000 x19/s3 000000000000000d x20/s4 ffffffff89afa7c0 x21/s5 0000000000000000 x22/s6 fffffffef135f4f8 x23/s7 0000000000000000 x24/s8 ff600000157bc000 x25/s9 0000000000000000 x26/s10 1fec0000034ba7e0 x27/s11 ff600000157bc040 x28/t3 ff600000132b59e0 x29/t4 ffebffff02af7816 x30/t5 ffebffff02af7817 x31/t6 000000000000000e f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 CPU#1 V = 0 pc ffffffff802a9a92 mhartid 0000000000000001 mstatus 0000000a000001a0 hstatus 0000000200000000 vsstatus 0000000a00000000 mip 0000000000000000 mie 000000000000022a mideleg 0000000000001666 hideleg 0000000000000444 medeleg 0000000000f0b509 hedeleg 000000000000b109 mtvec 00000000800004f0 stvec ffffffff861e63e4 vstvec 0000000000000000 mepc ffffffff8008378a sepc ffffffff80980452 vsepc 0000000000000000 mcause 0000000000000009 scause 8000000000000005 vscause 0000000000000000 mtval 0000000000000000 stval 0000000000000000 htval 0000000000000000 mtval2 0000000000000000 mscratch 0000000080048000 sscratch 0000000000000000 satp a06820000009bb5d x0/zero 0000000000000000 x1/ra ffffffff861c48b0 x2/sp ff20000000017a30 x3/gp ffffffff899f4f80 x4/tp ff6000002e6c4ec0 x5/t0 28a5115b21b9eb17 x6/t1 ffe3ffff00002f38 x7/t2 0000000000000028 x8/s0 ff20000000017a30 x9/s1 ff6000002e6c4ec0 x10/a0 ffffffff8821be08 x11/a1 ff6000005cdf4a58 x12/a2 0000000000000015 x13/a3 ffffffff803f11d2 x14/a4 0000000000000000 x15/a5 ff6000002e6c4ec0 x16/a6 0000000000ff0100 x17/a7 0000000000000003 x18/s2 ffffffff90da1fc8 x19/s3 0000000000000001 x20/s4 1fe4000000002f58 x21/s5 ff20000000017b00 x22/s6 ff6000005cdf4a58 x23/s7 ffffffff8645a748 x24/s8 ffffffff90da1fc0 x25/s9 0000000000000002 x26/s10 ffffffff90da1fc0 x27/s11 1fe4000000002f6c x28/t3 ff6000002e6c59e0 x29/t4 ffe3ffff00002f38 x30/t5 ffe3ffff00002f39 x31/t6 0000000000000008 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000