last executing test programs: 6.800801204s ago: executing program 0 (id=208): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/\x00et/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44\x8cm\xa0\x8dN\xd4\xa2\x88\x00\xd1l,'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) fchdir(r0) r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x100) getdents64(r1, &(0x7f00000002c0)=""/169, 0xa9) 6.449497594s ago: executing program 0 (id=210): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000001780)={0x40, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_FRAME={0x22, 0x33, @deauth={{{0x0, 0x0, 0xc, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1}, {0x8}, @broadcast, @device_a, @initial, {0x7, 0x5}, @value=@ver_80211n={0x0, 0x6, 0x1, 0x2, 0x0, 0x2}}, 0x12, @void}}]}, 0x40}, 0x1, 0x0, 0x0, 0x20008001}, 0x2000000) 5.175707188s ago: executing program 0 (id=212): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='reno\x00', 0x5) 4.861004281s ago: executing program 0 (id=214): r0 = socket$netlink(0x10, 0x3, 0x6) sendmsg$NFT_BATCH(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x80) 4.688151286s ago: executing program 0 (id=215): unshare(0x8000480) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r0, 0xe0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x0}}, 0x10) 4.483224336s ago: executing program 0 (id=217): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_opts(r2, 0x29, 0x37, 0x0, 0x0) 1.917314138s ago: executing program 1 (id=222): r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$fscrypt_v1(&(0x7f00000001c0), &(0x7f0000000200)={'fscrypt:', @desc2}, &(0x7f0000000240)={0x0, "2269a6573b085ebfcb37f038a43cddeba4c7c48caa4cc7c4a79399774213e0425b5a7b56b8779f714e08581acd90810966750059c4d44403043022e643d4a199", 0x2f}, 0x48, r0) r2 = add_key$keyring(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x2}, 0x0, 0x0, r0) keyctl$KEYCTL_MOVE(0x1e, r1, r1, r2, 0x0) 1.374691976s ago: executing program 1 (id=223): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000900)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0700030000000000000005000000180001801400020073797a5f74756e00000000000000000005000600"], 0x34}}, 0x20008040) 946.222392ms ago: executing program 1 (id=224): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x2}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x800, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x10, 0x0, &(0x7f0000000800)=[@request_death={0x400c630e, 0x1}], 0x0, 0x0, 0x0}) 638.399193ms ago: executing program 1 (id=225): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@ipv4_delroute={0x2c, 0x19, 0x901, 0x0, 0x25dfdbff, {0x2, 0x18, 0x0, 0x0, 0x0, 0x2, 0xfd, 0x1}, [@RTA_DST={0x8, 0x1, @dev}, @RTA_DST={0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x2c}}, 0x0) 386.238383ms ago: executing program 1 (id=226): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4) ioctl$KVM_CAP_HYPERV_SYNIC(r2, 0x4068aea3, 0x0) 0s ago: executing program 1 (id=227): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000440), 0x10) listen(r0, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000180)={0x5, 0xfffffffe}, 0x8) close_range(r0, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:54290' (ED25519) to the list of known hosts. syzkaller login: [ 160.231340][ T3284] cgroup: Unknown subsys name 'net' [ 160.658931][ T3284] cgroup: Unknown subsys name 'cpuset' [ 160.701607][ T3284] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 161.641606][ T3284] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 173.349817][ T3291] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 173.465258][ T3291] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 173.507837][ T3290] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 173.688198][ T3290] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 174.898963][ T3291] hsr_slave_0: entered promiscuous mode [ 174.917306][ T3291] hsr_slave_1: entered promiscuous mode [ 175.626602][ T3290] hsr_slave_0: entered promiscuous mode [ 175.632535][ T3290] hsr_slave_1: entered promiscuous mode [ 175.638010][ T3290] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 175.639247][ T3290] Cannot create hsr debugfs directory [ 176.573684][ T3291] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 176.621082][ T3291] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 176.660898][ T3291] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 176.698323][ T3291] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 176.961252][ T3290] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 176.995298][ T3290] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 177.013264][ T3290] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 177.030421][ T3290] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 178.361110][ T3290] 8021q: adding VLAN 0 to HW filter on device bond0 [ 178.471562][ T3291] 8021q: adding VLAN 0 to HW filter on device bond0 [ 184.080462][ T3290] veth0_vlan: entered promiscuous mode [ 184.164116][ T3290] veth1_vlan: entered promiscuous mode [ 184.370942][ T3291] veth0_vlan: entered promiscuous mode [ 184.466027][ T3291] veth1_vlan: entered promiscuous mode [ 184.660101][ T3290] veth0_macvtap: entered promiscuous mode [ 184.710094][ T3290] veth1_macvtap: entered promiscuous mode [ 184.931268][ T3291] veth0_macvtap: entered promiscuous mode [ 185.046832][ T3291] veth1_macvtap: entered promiscuous mode [ 185.108930][ T3290] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.110526][ T3290] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.111811][ T3290] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.113064][ T3290] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.563945][ T3291] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.566759][ T3291] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.568009][ T3291] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.569187][ T3291] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.468337][ T3290] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 189.035057][ T3469] netlink: 16 bytes leftover after parsing attributes in process `syz.0.20'. [ 189.258973][ T3473] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 189.261444][ T3473] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 189.923868][ T3479] netlink: 8 bytes leftover after parsing attributes in process `syz.1.25'. [ 190.319039][ T3483] netpci0: tun_chr_ioctl cmd 2147767520 [ 191.309651][ T3487] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 191.312526][ T3487] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 193.585991][ T10] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 194.636057][ T10] usb 1-1: Using ep0 maxpacket: 16 [ 194.726539][ T10] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 255, changing to 7 [ 194.728750][ T10] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 194.799015][ T10] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 194.801401][ T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 194.803622][ T10] usb 1-1: Product: syz [ 194.805234][ T10] usb 1-1: Manufacturer: syz [ 194.806169][ T10] usb 1-1: SerialNumber: syz [ 196.789882][ T10] usb 1-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 197.826637][ T10] usb 1-1: USB disconnect, device number 2 [ 198.912838][ T3429] udevd[3429]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 200.677190][ T10] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 201.148611][ T10] usb 1-1: New USB device found, idVendor=0403, idProduct=0000, bcdDevice= 4.00 [ 201.149892][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 201.295630][ T10] usb 1-1: config 0 descriptor?? [ 201.472067][ T10] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 201.497712][ T10] usb 1-1: Detected FT232B [ 201.932043][ T10] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 201.962324][ T10] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 202.924953][ T10] usb 1-1: USB disconnect, device number 3 [ 202.946714][ T10] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 202.951871][ T10] ftdi_sio 1-1:0.0: device disconnected [ 209.511054][ T3560] netlink: 8 bytes leftover after parsing attributes in process `syz.0.52'. [ 212.810176][ T25] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 213.948464][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 213.950087][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 213.951469][ T25] usb 1-1: New USB device found, idVendor=054c, idProduct=028a, bcdDevice= 0.00 [ 213.952645][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 213.971348][ T25] usb 1-1: config 0 descriptor?? [ 215.429926][ T25] hid-generic 0003:054C:028A.0001: unknown main item tag 0x0 [ 215.431440][ T25] hid-generic 0003:054C:028A.0001: unknown main item tag 0x0 [ 215.434003][ T25] hid-generic 0003:054C:028A.0001: unknown main item tag 0x0 [ 215.436192][ T25] hid-generic 0003:054C:028A.0001: unknown main item tag 0x0 [ 215.437268][ T25] hid-generic 0003:054C:028A.0001: unknown main item tag 0x0 [ 215.438194][ T25] hid-generic 0003:054C:028A.0001: unknown main item tag 0x0 [ 215.439073][ T25] hid-generic 0003:054C:028A.0001: unknown main item tag 0x0 [ 215.440039][ T25] hid-generic 0003:054C:028A.0001: unknown main item tag 0x0 [ 216.415513][ T25] hid-generic 0003:054C:028A.0001: hidraw0: USB HID v0.00 Device [HID 054c:028a] on usb-dummy_hcd.0-1/input0 [ 216.496374][ T25] usb 1-1: USB disconnect, device number 4 [ 218.865739][ T3379] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 219.156309][ T3379] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 219.157710][ T3379] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 219.329996][ T3379] usb 1-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 219.331395][ T3379] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 219.340358][ T3379] usb 1-1: Product: syz [ 219.341294][ T3379] usb 1-1: Manufacturer: syz [ 219.342128][ T3379] usb 1-1: SerialNumber: syz [ 219.393439][ T3379] usb 1-1: config 0 descriptor?? [ 219.444539][ T3578] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 219.449225][ T3578] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 219.668880][ T3578] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 219.671479][ T3578] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 220.112787][ T3379] dm9601: No valid MAC address in EEPROM, using 00:00:00:00:00:00 [ 220.778614][ T3379] dm9601 1-1:0.0 (unnamed net_device) (uninitialized): Error reading MODE_CTRL [ 220.827994][ T3379] usb 1-1: USB disconnect, device number 5 [ 223.252919][ T3622] input: syz0 as /devices/virtual/input/input1 [ 224.005943][ T3625] Zero length message leads to an empty skb [ 236.733210][ T3708] netlink: 12 bytes leftover after parsing attributes in process `syz.0.109'. [ 236.773624][ T3708] netlink: 12 bytes leftover after parsing attributes in process `syz.0.109'. [ 237.945127][ T3365] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 238.130758][ T3365] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 238.142236][ T3365] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 238.143449][ T3365] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 238.145171][ T3365] usb 1-1: SerialNumber: syz [ 238.931140][ T3365] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 239.598644][ T3722] netlink: 12 bytes leftover after parsing attributes in process `syz.1.114'. [ 246.098563][ T3500] usb 1-1: USB disconnect, device number 6 [ 246.102496][ T3500] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [ 256.549950][ T3828] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 256.552984][ T3828] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 257.846426][ T3836] netlink: 68 bytes leftover after parsing attributes in process `syz.0.151'. [ 260.975795][ T3568] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 261.155820][ T3568] usb 1-1: Using ep0 maxpacket: 16 [ 261.452526][ T3568] usb 1-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=29.82 [ 261.453821][ T3568] usb 1-1: New USB device strings: Mfr=83, Product=5, SerialNumber=10 [ 261.463686][ T3568] usb 1-1: Product: syz [ 261.471808][ T3568] usb 1-1: Manufacturer: syz [ 261.472774][ T3568] usb 1-1: SerialNumber: syz [ 261.508569][ T3568] usb 1-1: config 0 descriptor?? [ 261.712563][ T3568] usb 1-1: selecting invalid altsetting 1 [ 261.951519][ T3568] snd-usb-audio 1-1:0.0: probe with driver snd-usb-audio failed with error -22 [ 262.083140][ T3568] usb 1-1: USB disconnect, device number 7 [ 262.905534][ T3568] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 263.220746][ T3568] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 263.221564][ T3568] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 263.222158][ T3568] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 263.222965][ T3568] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 263.223563][ T3568] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 263.250890][ T3568] usb 1-1: config 0 descriptor?? [ 263.779948][ T3568] hid-generic 0003:047F:FFFF.0002: unbalanced collection at end of report description [ 263.782835][ T3568] hid-generic 0003:047F:FFFF.0002: probe with driver hid-generic failed with error -22 [ 263.888113][ T3429] udevd[3429]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 263.970628][ T3568] usb 1-1: USB disconnect, device number 8 [ 264.113164][ T3846] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 264.118665][ T3846] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 267.159496][ T3861] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 271.193888][ T3884] input: syz0 as /devices/virtual/input/input2 [ 277.692492][ T3915] pimreg: entered allmulticast mode [ 277.710858][ T3915] pimreg: left allmulticast mode [ 281.805133][ T3962] netlink: 8 bytes leftover after parsing attributes in process `syz.0.202'. [ 281.808051][ T3962] bridge_slave_1: entered promiscuous mode [ 281.832708][ T3962] netlink: 8 bytes leftover after parsing attributes in process `syz.0.202'. [ 289.849176][ T4020] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 [ 289.850880][ T4020] Mem abort info: [ 289.851425][ T4020] ESR = 0x0000000096000045 [ 289.852186][ T4020] EC = 0x25: DABT (current EL), IL = 32 bits [ 289.853257][ T4020] SET = 0, FnV = 0 [ 289.854746][ T4020] EA = 0, S1PTW = 0 [ 289.855642][ T4020] FSC = 0x05: level 1 translation fault [ 289.856342][ T4020] Data abort info: [ 289.856762][ T4020] ISV = 0, ISS = 0x00000045, ISS2 = 0x00000000 [ 289.857685][ T4020] CM = 0, WnR = 1, TnD = 0, TagAccess = 0 [ 289.858789][ T4020] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 289.860005][ T4020] user pgtable: 4k pages, 52-bit VAs, pgdp=0000000046323500 [ 289.860810][ T4020] [0000000000000000] pgd=080000004728a403, p4d=080000004a43d403, pud=0000000000000000 [ 289.863775][ T4020] Internal error: Oops: 0000000096000045 [#1] PREEMPT SMP [ 289.865574][ T4020] Modules linked in: [ 289.867195][ T4020] CPU: 0 UID: 0 PID: 4020 Comm: syz.1.227 Not tainted 6.14.0-rc1-syzkaller-00235-g9946eaf552b1 #0 [ 289.868638][ T4020] Hardware name: linux,dummy-virt (DT) [ 289.869832][ T4020] pstate: 004020c9 (nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 289.871043][ T4020] pc : _raw_spin_lock_irqsave+0x34/0x8c [ 289.872178][ T4020] lr : add_wait_queue+0x30/0xcc [ 289.873166][ T4020] sp : ffff80008aefbc40 [ 289.873859][ T4020] x29: ffff80008aefbc40 x28: fcf0000009bb36c0 x27: 0000000000000000 [ 289.875901][ T4020] x26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000 [ 289.877429][ T4020] x23: f5f000000358a100 x22: 0000000000000000 x21: 0000000000000000 [ 289.878868][ T4020] x20: ffff80008aefbcd0 x19: 0000000000000000 x18: 0000000000000000 [ 289.880335][ T4020] x17: fff07ffffd0b3000 x16: ffff800080000000 x15: 000040000012d180 [ 289.881803][ T4020] x14: f7f000000a062600 x13: 0000000000000001 x12: 0000000000000001 [ 289.883279][ T4020] x11: 000000437c533c52 x10: f7f000000a062600 x9 : fff000007f8d4880 [ 289.885081][ T4020] x8 : f0f00000030fa500 x7 : 0000000000000000 x6 : 0000000000000002 [ 289.885841][ T4020] x5 : 0000000000000309 x4 : 0000000000000a89 x3 : ffff80008aefbce8 [ 289.886565][ T4020] x2 : 0000000000000001 x1 : 0000000000000000 x0 : 0000000000000000 [ 289.887510][ T4020] Call trace: [ 289.888522][ T4020] _raw_spin_lock_irqsave+0x34/0x8c (P) [ 289.889323][ T4020] add_wait_queue+0x30/0xcc [ 289.889807][ T4020] virtio_transport_release+0x21c/0x2bc [ 289.890708][ T4020] __vsock_release+0x60/0x260 [ 289.891654][ T4020] vsock_release+0x3c/0x58 [ 289.892442][ T4020] __sock_release+0x40/0xb4 [ 289.892942][ T4020] sock_close+0x18/0x28 [ 289.893365][ T4020] __fput+0xcc/0x2dc [ 289.893783][ T4020] ____fput+0x14/0x20 [ 289.894355][ T4020] task_work_run+0x78/0xd4 [ 289.895003][ T4020] do_notify_resume+0x134/0x164 [ 289.895473][ T4020] el0_svc+0xc0/0xe0 [ 289.895900][ T4020] el0t_64_sync_handler+0x10c/0x138 [ 289.896443][ T4020] el0t_64_sync+0x1a4/0x1a8 [ 289.897456][ T4020] Code: b9000841 d503201f 52800001 52800022 (88e17c02) [ 289.898979][ T4020] ---[ end trace 0000000000000000 ]--- [ 289.900395][ T4020] Kernel panic - not syncing: Oops: Fatal exception [ 289.901818][ T4020] SMP: stopping secondary CPUs [ 289.903832][ T4020] Kernel Offset: disabled [ 289.904918][ T4020] CPU features: 0x000,000000d0,60bef2f8,2b7ffebf [ 289.906441][ T4020] Memory Limit: none [ 289.907649][ T4020] Rebooting in 86400 seconds.. VM DIAGNOSIS: 19:33:36 Registers: info registers vcpu 0 CPU#0 PC=ffff80008089d138 X00=0000000000000002 X01=0000000000000018 X02=ffff800082c15018 X03=ffff8000829cf2d0 X04=f8f00000032c9080 X05=0000000000000020 X06=0000000000000030 X07=0000000000000000 X08=7f7f7f7f7f7f7f7f X09=ffff80008aefb4c0 X10=ffff800082922ea0 X11=0000000000000390 X12=0000000000000ab0 X13=ffff80008aefb53d X14=ffff80008aefb548 X15=ffff80008aefb3b0 X16=ffff800080000000 X17=fff07ffffd0b3000 X18=00000000ffffffff X19=ffff800082aef83d X20=ffff80008089d1e8 X21=f8f00000032c9080 X22=ffff800082aef84a X23=0000000000000001 X24=000000000000002a X25=ffff800082840080 X26=00000000000000c0 X27=ffff8000829cf300 X28=fcf0000009bb36c0 X29=ffff80008aefb650 X30=ffff80008089d210 SP=ffff80008aefb650 PSTATE=804020c9 N--- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000000000000000 P01=0000000000000000 P02=0000000000000000 P03=0000000000000000 P04=0000000000000000 P05=0000000000000000 P06=0000000000000000 P07=0000000000000000 P08=0000000000000000 P09=0000000000000000 P10=0000000000000000 P11=0000000000000000 P12=0000000000000000 P13=0000000000000000 P14=0000000000000000 P15=0000000000000000 FFR=0000000000000000 Z00=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z01=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffae346418:0000ffffae346430 Z02=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffae346428:0000ffffae346470 Z03=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffaeeaca20:0000ffffae346410 Z04=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffae346448:0000ffffae346420 Z05=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffae346458:0000ffffae346450 Z06=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffae346458:0000ffffae346450 Z07=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffae346468:0000ffffae346460 Z08=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z16=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffe4d62ee0:0000ffffe4d62ee0 Z17=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffff80ffffffd0:0000ffffe4d62eb0 Z18=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 info registers vcpu 1 CPU#1 PC=ffff800080010040 X00=0000000000000000 X01=ffff8000806f5a70 X02=000000439777514d X03=ffff80008000be90 X04=0000000000800000 X05=00000043504c8180 X06=000000434fb3eb00 X07=7fffffffffffffff X08=000000434fb3eb00 X09=0000000000000400 X10=000000000000007a X11=0000000000000001 X12=0000000000000003 X13=0000000000000001 X14=000000000000007a X15=0000000000000000 X16=ffff800080008000 X17=fff07ffffd0cc000 X18=0000000000000000 X19=f6f0000009bc8000 X20=ffff800082842968 X21=ffff800082c2000c X22=ffff800082c20000 X23=ffff80008281edc0 X24=0000000000000000 X25=0000000000000000 X26=0000000000000000 X27=0000000000000000 X28=f6f0000009bc8000 X29=ffff80008000bfb0 X30=ffff800080010040 SP=ffff80008000bfb0 PSTATE=214020c9 --C- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000000000000000 P01=0000000000000000 P02=0000000000000000 P03=0000000000000000 P04=0000000000000000 P05=0000000000000000 P06=0000000000000000 P07=0000000000000000 P08=0000000000000000 P09=0000000000000000 P10=0000000000000000 P11=0000000000000000 P12=0000000000000000 P13=0000000000000000 P14=0000000000000000 P15=0000000000000000 FFR=0000000000000000 Z00=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:00000031706f6f6c Z01=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:f00ff00ff00ff00f:f00ff00000000000 Z02=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:f00ff00ff00ff00f:f00ff00ff00ff00f Z03=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:fffffffffff00000:fffffffffff00000 Z04=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:3003300330033003:3003300330033003 Z05=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:f00ff00ff00ff00f:f00ff00ff00ff00f Z06=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:000000000c000003:000000000c000003 Z07=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z08=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z16=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z17=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z18=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000