last executing test programs: 5.839151858s ago: executing program 1 (id=760): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000e00)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000300)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x0, 0x0, 0x0}) 5.693331066s ago: executing program 1 (id=761): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) listen(0xffffffffffffffff, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_timeval(r1, 0x1, 0x43, &(0x7f0000000380)={0x0, 0xea60}, 0x10) 4.851996493s ago: executing program 1 (id=765): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000005040)=0x14) sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="640000001000370403000000ffffffff00000000", @ANYRES32=r2, @ANYBLOB="0b1b050000000000440012800b00010069703667726500003400028008000100", @ANYRES32=r2, @ANYBLOB="14000600fe8000000000000000000000000000aa1400070000000000000000000000000000bb"], 0x64}, 0x1, 0x0, 0x0, 0x48800}, 0x4000010) sendmmsg$inet(r0, &(0x7f00000000c0)=[{{&(0x7f0000000000)={0x2, 0x4e23, @loopback}, 0x10, &(0x7f0000000600)=[{&(0x7f0000000e80)="96a2b86b21c9293e3a31aff1593b76b96eb1624aa7d1d0daf65841fbc2d345b9bcb9ac78bd08c27c42c28fe30de0807591e9e5811b3999d933410928da55504282daa89b3f5cfa8c79e05775ab679722d696bbad05217f1fe269e118cd61866658d3ad91f87686c2b50563a804de5bab3885acb410de04e060a387e0e0a4a29bfa7ec3715595e0134fd7539bf4bde11f00b41d723a1bf35695219e2ecacfa6628b6e881a0a0f8045cc187ca7162fef1e9255e83d9f68de3620cf9889c4a32400e4d85eca50c89df3ccb7313c2fdc82f040ad19df898f811a0daea1102b8432cec1fec18ba372fcc51dc30d87365a0f4d80ddfa53a44f9b9d569fb06c527fc64e60c95a4256cd57d13b0f4fa50a1649c851e713e3ae8731fc22245ba2802e1997795f78252159a86c13d947947b1ef7504f8a3774d689627029b46fe6d88b1489d14aae92a927286815910fec09013a1ee90c6c8a35a12cd4428e6c95a58312cbbd2a61fa00fa99e7449cd5261d904c5dad0818604d89f31bc7d441f2f4afe0697679816db22c948a33fd4799fa54365ccd140ecee12ff7f00500dffb17a3080bd972049129f55ff90140494588c7582f909952c3a4e0b8f87d678747db870c97d6ed1fe7d7140057ffb503e79bb4543136106605db1e8c032cf57f3b8c59cdd408a90dbe8f6e91dcc682426fff2f9dedfe3e45a99643e694552896adfececf8bda5aafd85e9365776dd53658783e26654645f51cec6003660331ed38737e92a15d2f642c6c8023adf9b1bd8f00d9d23ad572e73958bfbecec0282533953db63687e31d2fabbbeccda32fee3a535efffee8e82ff1e496509b1bcb3e4188b1bfd0c0a1778d535ee06605f180c6d11b3c817c1f7508cbd1d49040859797f9624908165a81d668100635dd57b84ed2752571535bfa9ca64b05c7cc3d2521ee4a97b93675af4e2bdcbb71d05c768b63afc6dfa1942009b3a9144263e35917a60e2eb0033d2b4b392ba26efde0108b253733451d83a22fc5dbf560fb8795e48c3d504faffa81bc9abc31dbdb809073f96e78cd88261c47da82c427fe65b00c3ea692295c875950b81689b3acd2cfadddeeec61e1c3984f403cca8646065ffbfc9d200a3da51046e59a53cf1e346d1c15f56ed24e760feebcee9b315c9ac1e81433a8933996fd8aac5485dc92cdaf5b8ea48b37148236c17e4758436d539b41b91aac5fc7422b86be3b688cab6b704857d27911b7d4852615855a028b609301f4eab2b6e1f5449662743de869881913b5f1b398924ecf5760ca802fe94d3d91dae7fef7bb01eea4c4cfb31a59dc2a2f23296880c6a200e5ef57b1fe003df21b0e757b830a038e20044d9058de380a76a7f26cdcb91c9e79d52d466a433fd3053a06a0aabe9ff0545b5a66285e42219039c3991e63bec963eb92ac36dcba7ca7170279523f8db8453d3a7cc66747aa38d497d522c2af4afd30710f061a3419ab35e986c34f00aa6f634194c93b4aeefab050ce561ba3abeb64719e80c49e70fa75e2c9777c5b359e5c4dca61b39f09c118b221a6d27f3f93ce93e8db04287bae2a5d306691c45a9554e4bec618a4ac1480e07ff3a4bd5f28e6c2a26cbd98a4e3c6e973d6411c01f2a6383354b348f094dac7258728c82f9d562142fe108ebcaf506b283a7cb07d7b124d98245fd88791efdae5e7dfebf2d23a146acfe5971db2e0e3f929223e305443cfbeb6ef8103c4374bf7f8a27f0c5af2d9ddd1dd76cf04d9f1fa82363af20789db6224c1fb8ea67a5f77f305b93b969f60223265836410dad17dd094130cf440a7047c935246df57dde11be75f976bee517cdfaac05f51470247d960eefb8429d3df0de72abf3fe235238773eff325682fa346f12f704b59a19051d12f7a3700a07d519d5f45a7964d79014c126968eeaf529e98a30f212175c8c763ab4867aadb7d2e2bcff8aa584695add4d5589d16bf12292a139b", 0x57b}], 0x1, &(0x7f0000000080)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback}}}], 0x20}}], 0x1, 0x0) 4.703118852s ago: executing program 1 (id=767): bpf$MAP_CREATE(0x0, 0x0, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket(0xa, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000000a00)=@raw={'raw\x00', 0xc08, 0x3, 0x440, 0x310, 0x5002004a, 0xb, 0x310, 0xea13, 0x3a8, 0x3c8, 0x3c8, 0x3a8, 0x3c8, 0x3, 0x0, {[{{@ip={@multicast2, @private=0xa010101, 0xff, 0xffffffff, 'bridge0\x00', 'veth0_macvtap\x00', {}, {0xff}, 0x5c, 0x3, 0x2}, 0x0, 0x2c8, 0x310, 0x0, {}, [@common=@unspec=@bpf1={{0x230}, @bytecode={0x0, 0x2, 0x0, [{}, {0x16}, {0x4}, {}, {}, {0x0, 0x0, 0x5e}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x6}, {0x0, 0x0, 0x4}, {}, {0x4, 0x8}, {}, {}, {0x1}, {0x0, 0x0, 0x0, 0x7f}, {0x0, 0x4}, {}, {}, {}, {0xfffc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {0x0, 0x0, 0x40}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x80}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xfd}]}}, @common=@inet=@socket3={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x4a0) 3.791248198s ago: executing program 0 (id=773): capset(&(0x7f0000000300)={0x20080522}, &(0x7f0000000340)) ioprio_set$pid(0x2, 0x0, 0x0) 3.716074918s ago: executing program 0 (id=774): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x15}}, 0x6}, 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000180)='veth0_macvtap\x00', 0x10) r2 = fcntl$dupfd(r1, 0x0, r1) write$FUSE_ATTR(r2, &(0x7f00000003c0)={0x78, 0x0, 0x0, {0x9, 0x4, 0x0, {0x4, 0xfffffffffffffff9, 0x0, 0x2, 0x9, 0x1, 0x3, 0x9, 0x10001, 0x4000, 0x5921407b, 0x0, 0x0, 0x5f8, 0xffff}}}, 0x78) sendmsg$TIPC_NL_NAME_TABLE_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x4040011) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 1.160566003s ago: executing program 1 (id=775): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_clone(0x1000000, 0x0, 0xfffffd11, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19) r3 = memfd_secret(0x80000) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x13, r3, 0x0) 952.453989ms ago: executing program 0 (id=776): ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000240)={'gretap0\x00', &(0x7f00000001c0)={'tunl0\x00', 0x0, 0x80, 0x8, 0x0, 0x6, {{0x5, 0x4, 0x1, 0x6, 0x14, 0x67, 0x0, 0xd, 0x0, 0x0, @rand_addr=0x64010100, @loopback}}}}) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={0xffffffffffffffff, &(0x7f00000001c0)="bbdf81b405f0ad461eee83b3e1c540661355e14a24d04a", 0x0}, 0x20) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000440)=[{0x20, 0x2, 0x81, 0xfffff034}, {0x48, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'ip6gretap0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb10000a8880008004803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14) 789.32944ms ago: executing program 0 (id=777): readv(0xffffffffffffffff, 0x0, 0x0) accept$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xf}}, 0x10) connect$inet(r0, &(0x7f0000000440)={0x2, 0x4e24, @remote}, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x3d, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @remote, @multicast1=0xac14140f}, {0x4e24, 0x4e20, 0x8}}}}}, 0x0) 639.925899ms ago: executing program 0 (id=778): mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r0 = fsopen(&(0x7f0000000900)='efivarfs\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x82) fchdir(r1) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) r3 = fanotify_init(0xf00, 0x0) fanotify_mark(r3, 0x1, 0x10001011, r2, 0x0) 340.086897ms ago: executing program 0 (id=779): bpf$MAP_CREATE(0x0, 0x0, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket(0xa, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000000a00)=@raw={'raw\x00', 0xc08, 0x3, 0x440, 0x310, 0x5002004a, 0xb, 0x310, 0xea13, 0x3a8, 0x3c8, 0x3c8, 0x3a8, 0x3c8, 0x3, 0x0, {[{{@ip={@multicast2, @private=0xa010101, 0xff, 0xffffffff, 'bridge0\x00', 'veth0_macvtap\x00', {}, {0xff}, 0x5c, 0x3, 0x2}, 0x0, 0x2c8, 0x310, 0x0, {}, [@common=@unspec=@bpf1={{0x230}, @bytecode={0x0, 0x2, 0x0, [{}, {0x16}, {0x4}, {}, {}, {0x0, 0x0, 0x5e}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x6}, {0x0, 0x0, 0x4}, {}, {0x4, 0x8}, {}, {}, {0x1}, {0x0, 0x0, 0x0, 0x7f}, {0x0, 0x4}, {}, {}, {}, {0xfffc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {0x0, 0x0, 0x40}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x80}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xfd}]}}, @common=@inet=@socket3={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x4a0) 0s ago: executing program 1 (id=780): r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48) close(0x3) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x3, 0x20132, 0xffffffffffffffff, 0xb299f000) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x200000a, 0x13, r1, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xa, &(0x7f0000000080)=@framed={{0x18, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}, @generic={0x66}, @map_val={0x18, 0x7, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x2}, @exit]}, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c}, 0x94) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:62221' (ED25519) to the list of known hosts. syzkaller login: [ 82.839123][ T3314] cgroup: Unknown subsys name 'net' [ 83.050683][ T3314] cgroup: Unknown subsys name 'cpuset' [ 83.075084][ T3314] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 83.546868][ T3314] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 91.890539][ T3320] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.907791][ T3320] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.075105][ T3319] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.092013][ T3319] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.903842][ T3320] hsr_slave_0: entered promiscuous mode [ 92.910425][ T3320] hsr_slave_1: entered promiscuous mode [ 93.119847][ T3319] hsr_slave_0: entered promiscuous mode [ 93.123259][ T3319] hsr_slave_1: entered promiscuous mode [ 93.129597][ T3319] debugfs: 'hsr0' already exists in 'hsr' [ 93.130312][ T3319] Cannot create hsr debugfs directory [ 94.110338][ T3320] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 94.160490][ T3320] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 94.206098][ T3320] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 94.255279][ T3320] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 94.421064][ T3319] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 94.452586][ T3319] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 94.471963][ T3319] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 94.492293][ T3319] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 95.352042][ T3319] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.463111][ T3320] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.782257][ T3319] veth0_vlan: entered promiscuous mode [ 98.844578][ T3319] veth1_vlan: entered promiscuous mode [ 99.023774][ T3319] veth0_macvtap: entered promiscuous mode [ 99.047503][ T3319] veth1_macvtap: entered promiscuous mode [ 99.193296][ T3320] veth0_vlan: entered promiscuous mode [ 99.236999][ T3320] veth1_vlan: entered promiscuous mode [ 99.427211][ T2141] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.427959][ T2141] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.431751][ T2141] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.433655][ T2141] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.533671][ T3320] veth0_macvtap: entered promiscuous mode [ 99.584923][ T3320] veth1_macvtap: entered promiscuous mode [ 99.814420][ T40] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.816244][ T40] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.817752][ T40] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.821222][ T1562] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.024747][ T3319] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 101.762342][ T3487] netlink: 'syz.1.7': attribute type 6 has an invalid length. [ 101.941139][ T3490] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 101.946590][ T3490] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 105.882797][ T3528] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 105.886558][ T3528] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 106.649260][ T3541] netlink: 4 bytes leftover after parsing attributes in process `syz.0.29'. [ 106.812752][ T3542] syzkaller1: entered promiscuous mode [ 106.813380][ T3542] syzkaller1: entered allmulticast mode [ 107.259836][ T39] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 107.457844][ T39] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 107.458645][ T39] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 107.462218][ T39] usb 1-1: Product: syz [ 107.464435][ T39] usb 1-1: Manufacturer: syz [ 107.466373][ T39] usb 1-1: SerialNumber: syz [ 107.951048][ T39] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE [ 107.951898][ T39] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE [ 109.239557][ T39] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE [ 109.940772][ T3560] input: syz0 as /devices/virtual/input/input1 [ 110.316135][ T39] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001030. ret = -EPROTO [ 110.319545][ T39] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO [ 110.319839][ T39] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 110.321302][ T39] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 110.360384][ T39] lan78xx 1-1:1.0: probe with driver lan78xx failed with error -71 [ 110.397160][ T39] usb 1-1: USB disconnect, device number 2 [ 111.632664][ T3577] syzkaller0: entered promiscuous mode [ 111.633104][ T3577] syzkaller0: entered allmulticast mode [ 111.745912][ T3575] faux_driver vgem: [drm] Unknown color mode 181; guessing buffer size. [ 113.388716][ C1] hrtimer: interrupt took 693449 ns [ 115.303267][ T3599] netlink: 28 bytes leftover after parsing attributes in process `syz.0.51'. [ 115.303691][ T3599] netlink: 'syz.0.51': attribute type 7 has an invalid length. [ 115.309381][ T3599] netlink: 'syz.0.51': attribute type 8 has an invalid length. [ 115.311592][ T3599] netlink: 4 bytes leftover after parsing attributes in process `syz.0.51'. [ 119.398606][ T3615] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 119.412174][ T3615] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 121.658924][ T30] audit: type=1326 audit(121.480:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3617 comm="syz.0.58" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab95c3e8 code=0x7ffc0000 [ 121.670763][ T30] audit: type=1326 audit(121.500:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3617 comm="syz.0.58" exe="/syz-executor" sig=0 arch=c00000b7 syscall=453 compat=0 ip=0xffffab95c3e8 code=0x7ffc0000 [ 121.673764][ T30] audit: type=1326 audit(121.500:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3617 comm="syz.0.58" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab95c3e8 code=0x7ffc0000 [ 121.682708][ T30] audit: type=1326 audit(121.500:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3617 comm="syz.0.58" exe="/syz-executor" sig=0 arch=c00000b7 syscall=425 compat=0 ip=0xffffab95c3e8 code=0x7ffc0000 [ 121.689226][ T30] audit: type=1326 audit(121.500:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3617 comm="syz.0.58" exe="/syz-executor" sig=0 arch=c00000b7 syscall=222 compat=0 ip=0xffffab95c41c code=0x7ffc0000 [ 121.694049][ T30] audit: type=1326 audit(121.520:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3617 comm="syz.0.58" exe="/syz-executor" sig=0 arch=c00000b7 syscall=222 compat=0 ip=0xffffab95c41c code=0x7ffc0000 [ 121.696957][ T30] audit: type=1326 audit(121.520:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3617 comm="syz.0.58" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab95c3e8 code=0x7ffc0000 [ 121.704652][ T30] audit: type=1326 audit(121.530:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3617 comm="syz.0.58" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab95c3e8 code=0x7ffc0000 [ 121.710995][ T30] audit: type=1326 audit(121.530:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3617 comm="syz.0.58" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab95c3e8 code=0x7ffc0000 [ 121.716496][ T30] audit: type=1326 audit(121.540:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3617 comm="syz.0.58" exe="/syz-executor" sig=0 arch=c00000b7 syscall=426 compat=0 ip=0xffffab95c3e8 code=0x7ffc0000 [ 136.869100][ T3466] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 137.018931][ T3466] usb 1-1: Using ep0 maxpacket: 16 [ 137.039567][ T3466] usb 1-1: New USB device found, idVendor=0483, idProduct=1234, bcdDevice=ff.76 [ 137.040223][ T3466] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 137.042795][ T3466] usb 1-1: Product: syz [ 137.043161][ T3466] usb 1-1: Manufacturer: syz [ 137.043294][ T3466] usb 1-1: SerialNumber: syz [ 137.054723][ T3466] usb 1-1: config 0 descriptor?? [ 137.282158][ T3466] usb 1-1: ignoring: not an USB2CAN converter [ 137.491894][ T3419] usb 1-1: USB disconnect, device number 3 [ 138.170124][ T3466] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 138.331647][ T3466] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 138.332132][ T3466] usb 1-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00 [ 138.334136][ T3466] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.354773][ T3466] usb 1-1: config 0 descriptor?? [ 139.124059][ T3679] syzkaller0: entered promiscuous mode [ 139.125655][ T3679] syzkaller0: entered allmulticast mode [ 141.340392][ T3694] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 141.349495][ T3694] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 141.653210][ T3694] syz.1.85 uses obsolete (PF_INET,SOCK_PACKET) [ 143.604366][ T3466] usbhid 1-1:0.0: can't add hid device: -32 [ 143.605507][ T3466] usbhid 1-1:0.0: probe with driver usbhid failed with error -32 [ 149.350418][ T3466] usb 1-1: USB disconnect, device number 4 [ 149.861435][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 149.864945][ T30] audit: type=1326 audit(149.690:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3702 comm="syz.0.87" exe="/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffac8b68f8 code=0x7ffc0000 [ 149.871111][ T30] audit: type=1326 audit(149.690:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3702 comm="syz.0.87" exe="/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffac8b68f8 code=0x7ffc0000 [ 149.876267][ T30] audit: type=1326 audit(149.690:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3702 comm="syz.0.87" exe="/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffac8b68f8 code=0x7ffc0000 [ 149.881787][ T30] audit: type=1326 audit(149.690:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3702 comm="syz.0.87" exe="/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffac8b68f8 code=0x7ffc0000 [ 149.886569][ T30] audit: type=1326 audit(149.690:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3702 comm="syz.0.87" exe="/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffac8b68f8 code=0x7ffc0000 [ 149.892520][ T30] audit: type=1326 audit(149.690:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3702 comm="syz.0.87" exe="/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffac8b68f8 code=0x7ffc0000 [ 149.898498][ T30] audit: type=1326 audit(149.690:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3702 comm="syz.0.87" exe="/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffac8b68f8 code=0x7ffc0000 [ 149.903839][ T30] audit: type=1326 audit(149.700:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3702 comm="syz.0.87" exe="/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffac8b68f8 code=0x7ffc0000 [ 149.914785][ T30] audit: type=1326 audit(149.700:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3702 comm="syz.0.87" exe="/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffac8b68f8 code=0x7ffc0000 [ 149.920164][ T30] audit: type=1326 audit(149.700:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3702 comm="syz.0.87" exe="/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffac8b68f8 code=0x7ffc0000 [ 153.577601][ T3720] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 153.588893][ T3720] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 155.825364][ T3739] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 155.841026][ T3739] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 156.492894][ T3743] vlan0: entered promiscuous mode [ 156.773719][ T3747] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 156.776310][ T3747] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 157.370734][ T3755] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 161.024244][ T3773] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 161.031467][ T3773] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 162.766790][ T3787] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 162.785298][ T3787] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 165.738963][ T3548] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 165.899163][ T3548] usb 1-1: Using ep0 maxpacket: 32 [ 165.913016][ T3548] usb 1-1: config index 0 descriptor too short (expected 35577, got 27) [ 165.913367][ T3548] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 165.913536][ T3548] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 165.913692][ T3548] usb 1-1: config 1 has no interface number 0 [ 165.913904][ T3548] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 165.914001][ T3548] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 165.914134][ T3548] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 165.914195][ T3548] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 165.957738][ T3548] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found [ 166.175700][ T3548] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now attached [ 166.660798][ T3548] usb 1-1: USB disconnect, device number 5 [ 166.666884][ T3548] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected [ 168.809396][ T3548] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 169.025711][ T3548] usb 1-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 169.029113][ T3548] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 169.033569][ T3548] usb 1-1: Product: syz [ 169.037543][ T3548] usb 1-1: Manufacturer: syz [ 169.039604][ T3548] usb 1-1: SerialNumber: syz [ 169.070047][ T3548] usb 1-1: config 0 descriptor?? [ 170.510564][ T3841] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 170.513419][ T3841] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 172.282974][ T3848] netlink: 12 bytes leftover after parsing attributes in process `syz.1.143'. [ 172.411729][ T3848] Zero length message leads to an empty skb [ 174.134942][ T3856] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 174.141521][ T3856] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 174.864391][ T3869] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 174.865297][ T3869] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 175.275799][ T3875] capability: warning: `syz.1.153' uses deprecated v2 capabilities in a way that may be insecure [ 175.365322][ T3877] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 175.369344][ T3877] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 179.345232][ T24] usb 1-1: USB disconnect, device number 6 [ 179.759173][ T24] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 179.933726][ T24] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 179.934406][ T24] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 179.951473][ T24] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 179.951756][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 179.952037][ T24] usb 1-1: SerialNumber: syz [ 180.203971][ T24] usb 1-1: 0:2 : does not exist [ 180.205989][ T24] usb 1-1: unit 5: unexpected type 0x09 [ 180.343699][ T24] usb 1-1: USB disconnect, device number 7 [ 180.926420][ T3930] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 180.954366][ T3930] netlink: 20 bytes leftover after parsing attributes in process `syz.1.175'. [ 181.145970][ T3695] udevd[3695]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 181.166276][ T3935] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 181.182511][ T3935] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 182.435537][ T3946] netlink: 72 bytes leftover after parsing attributes in process `syz.1.178'. [ 182.443114][ T3946] netlink: 64 bytes leftover after parsing attributes in process `syz.1.178'. [ 183.681530][ T30] kauditd_printk_skb: 43 callbacks suppressed [ 183.682008][ T30] audit: type=1326 audit(183.360:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3947 comm="syz.0.182" exe="/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffab95c3e8 code=0x0 [ 188.798960][ T24] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 188.948894][ T24] usb 1-1: Using ep0 maxpacket: 32 [ 188.954455][ T24] usb 1-1: no configurations [ 188.956792][ T24] usb 1-1: can't read configurations, error -22 [ 189.089510][ T24] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 189.248995][ T24] usb 1-1: Using ep0 maxpacket: 32 [ 189.254455][ T24] usb 1-1: no configurations [ 189.254732][ T24] usb 1-1: can't read configurations, error -22 [ 189.257169][ T24] usb usb1-port1: attempt power cycle [ 189.599182][ T24] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 189.621783][ T24] usb 1-1: Using ep0 maxpacket: 32 [ 189.625114][ T24] usb 1-1: no configurations [ 189.627091][ T24] usb 1-1: can't read configurations, error -22 [ 189.760511][ T24] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 189.782444][ T24] usb 1-1: Using ep0 maxpacket: 32 [ 189.787102][ T24] usb 1-1: no configurations [ 189.789594][ T24] usb 1-1: can't read configurations, error -22 [ 189.792232][ T24] usb usb1-port1: unable to enumerate USB device [ 201.866933][ T4013] syz.0.202 (4013): drop_caches: 2 [ 201.972507][ T4015] netlink: 'syz.0.203': attribute type 7 has an invalid length. [ 201.974195][ T4015] netlink: 'syz.0.203': attribute type 8 has an invalid length. [ 202.449673][ T784] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 202.609084][ T784] usb 1-1: Using ep0 maxpacket: 32 [ 202.621795][ T784] usb 1-1: no configurations [ 202.622552][ T784] usb 1-1: can't read configurations, error -22 [ 202.761381][ T784] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 202.929098][ T784] usb 1-1: Using ep0 maxpacket: 32 [ 202.934325][ T784] usb 1-1: no configurations [ 202.936684][ T784] usb 1-1: can't read configurations, error -22 [ 202.950695][ T784] usb usb1-port1: attempt power cycle [ 203.180835][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 203.200402][ T10] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 203.299082][ T784] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 203.322222][ T784] usb 1-1: Using ep0 maxpacket: 32 [ 203.332779][ T784] usb 1-1: no configurations [ 203.333464][ T784] usb 1-1: can't read configurations, error -22 [ 203.460476][ T784] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 203.483100][ T784] usb 1-1: Using ep0 maxpacket: 32 [ 203.492662][ T784] usb 1-1: no configurations [ 203.499107][ T784] usb 1-1: can't read configurations, error -22 [ 203.501609][ T784] usb usb1-port1: unable to enumerate USB device [ 203.647461][ T4027] fido_id[4027]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 214.005808][ T4066] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 214.020643][ T4066] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 214.299648][ T3419] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 214.478849][ T3419] usb 1-1: Using ep0 maxpacket: 32 [ 214.497280][ T3419] usb 1-1: unable to read config index 0 descriptor/start: -61 [ 214.497663][ T3419] usb 1-1: can't read configurations, error -61 [ 214.639278][ T3419] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 214.789745][ T3419] usb 1-1: Using ep0 maxpacket: 32 [ 214.816780][ T3419] usb 1-1: unable to read config index 0 descriptor/start: -61 [ 214.817221][ T3419] usb 1-1: can't read configurations, error -61 [ 214.820005][ T3419] usb usb1-port1: attempt power cycle [ 215.182632][ T3419] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 215.222504][ T3419] usb 1-1: Using ep0 maxpacket: 32 [ 215.259849][ T3419] usb 1-1: unable to read config index 0 descriptor/start: -61 [ 215.260249][ T3419] usb 1-1: can't read configurations, error -61 [ 215.419250][ T3419] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 215.446457][ T3419] usb 1-1: Using ep0 maxpacket: 32 [ 215.548011][ T3419] usb 1-1: unable to read config index 0 descriptor/start: -61 [ 215.550207][ T3419] usb 1-1: can't read configurations, error -61 [ 215.559813][ T3419] usb usb1-port1: unable to enumerate USB device [ 224.658961][ T3548] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 224.854263][ T3548] usb 1-1: unable to get BOS descriptor or descriptor too short [ 224.874122][ T3548] usb 1-1: config 128 has an invalid interface number: 144 but max is 0 [ 224.882358][ T3548] usb 1-1: config 128 has no interface number 0 [ 224.884035][ T3548] usb 1-1: config 128 interface 144 has no altsetting 0 [ 224.924429][ T3548] usb 1-1: New USB device found, idVendor=05cc, idProduct=3352, bcdDevice=b5.7e [ 224.926795][ T3548] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 224.930812][ T3548] usb 1-1: Product: syz [ 224.934813][ T3548] usb 1-1: Manufacturer: syz [ 224.937591][ T3548] usb 1-1: SerialNumber: syz [ 225.215600][ T3548] usb 1-1: USB disconnect, device number 20 [ 225.519470][ T4106] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 225.522605][ T4106] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 225.741802][ T3548] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 225.911799][ T3548] usb 1-1: unable to get BOS descriptor or descriptor too short [ 225.917211][ T3548] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 225.920750][ T3548] usb 1-1: can't read configurations, error -71 [ 230.035902][ T4122] xt_CT: No such helper "pptp" [ 237.964323][ T4172] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 237.965864][ T4172] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 242.955392][ T4188] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 242.970863][ T4188] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 254.259388][ T784] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 255.639275][ T784] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 255.640555][ T784] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 255.649659][ T784] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 255.659963][ T784] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 255.662786][ T784] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 255.665722][ T784] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 255.704843][ T784] usb 1-1: config 0 descriptor?? [ 256.680049][ T784] hid-generic 0003:047F:FFFF.0002: hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 257.637840][ T4253] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 257.641754][ T4253] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 263.356206][ T4267] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 263.356972][ T4267] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 263.895784][ T4278] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 263.914114][ T4278] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 264.485700][ T4288] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 264.492085][ T4288] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 267.514544][ T4300] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 267.515864][ T4300] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 269.031032][ T9] usb 1-1: USB disconnect, device number 23 [ 269.648905][ T784] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 269.808941][ T784] usb 1-1: Using ep0 maxpacket: 32 [ 269.825349][ T784] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 269.825638][ T784] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 269.844967][ T784] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 269.845307][ T784] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 269.845433][ T784] usb 1-1: Product: syz [ 269.845496][ T784] usb 1-1: Manufacturer: syz [ 269.845552][ T784] usb 1-1: SerialNumber: syz [ 269.863213][ T784] usb 1-1: config 0 descriptor?? [ 270.607689][ T4317] binder: 4316:4317 tried to acquire reference to desc 0, got 1 instead [ 270.610743][ T4317] binder: tried to use weak ref as strong ref [ 270.611127][ T4317] binder: 4316:4317 got transaction to invalid handle, 1 [ 270.613532][ T4317] binder: 4316:4317 cannot find target node [ 270.615384][ T4317] binder: 4316:4317 transaction call to 0:0 failed 5/29201/-22, code 0 size 0-0 line 3232 [ 270.620890][ T3464] binder: undelivered TRANSACTION_ERROR: 29201 [ 271.135276][ T4329] netlink: 28 bytes leftover after parsing attributes in process `syz.1.327'. [ 280.102024][ T3464] usb 1-1: USB disconnect, device number 24 [ 281.312671][ T4365] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 281.317237][ T4365] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 284.449020][ T24] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 284.608863][ T24] usb 1-1: Using ep0 maxpacket: 32 [ 284.669838][ T24] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 284.671433][ T24] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 284.714965][ T24] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 284.717474][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 284.723317][ T24] usb 1-1: Product: syz [ 284.725602][ T24] usb 1-1: Manufacturer: syz [ 284.728385][ T24] usb 1-1: SerialNumber: syz [ 284.750190][ T24] usb 1-1: config 0 descriptor?? [ 285.074798][ T24] usb 1-1: USB disconnect, device number 25 [ 285.630395][ T39] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 285.791331][ T39] usb 1-1: Using ep0 maxpacket: 8 [ 285.802727][ T39] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 285.804609][ T39] usb 1-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 285.806341][ T39] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 285.807655][ T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 286.134946][ T4385] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 286.141275][ T4385] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 286.343338][ T4389] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 286.345414][ T4389] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 289.445372][ T4403] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 289.454307][ T4403] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 289.815748][ T4412] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 289.999377][ T4416] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 290.000212][ T4416] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 290.548930][ T4428] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 290.555075][ T4428] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 297.864242][ T4461] netlink: 32 bytes leftover after parsing attributes in process `syz.1.377'. [ 300.426728][ T784] usb 1-1: USB disconnect, device number 26 [ 300.963341][ T4472] netlink: 36 bytes leftover after parsing attributes in process `syz.1.381'. [ 304.033568][ T4478] netlink: 'syz.1.382': attribute type 1 has an invalid length. [ 309.154164][ T4495] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 309.155612][ T4495] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 309.726778][ T4502] netlink: 'syz.0.389': attribute type 10 has an invalid length. [ 309.762653][ T4502] netlink: 'syz.0.389': attribute type 10 has an invalid length. [ 319.193778][ T4524] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 319.194242][ T4524] IPv6: NLM_F_CREATE should be set when creating new route [ 319.432272][ T4528] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 319.435546][ T4528] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 326.718989][ T4547] misc userio: Invalid payload size [ 326.773229][ T4547] misc userio: Invalid payload size [ 332.273912][ T4571] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 332.294995][ T4571] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 335.809032][ T9] usb 1-1: new full-speed USB device number 27 using dummy_hcd [ 335.993531][ T9] usb 1-1: config 0 has an invalid interface number: 41 but max is 0 [ 335.993772][ T9] usb 1-1: config 0 has no interface number 0 [ 335.995198][ T9] usb 1-1: config 0 interface 41 has no altsetting 0 [ 336.064281][ T9] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 336.064508][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 336.064645][ T9] usb 1-1: Product: syz [ 336.064703][ T9] usb 1-1: Manufacturer: syz [ 336.064797][ T9] usb 1-1: SerialNumber: syz [ 336.073986][ T9] usb 1-1: config 0 descriptor?? [ 336.962410][ T9] CoreChips 1-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0 [ 338.222070][ T9] CoreChips 1-1:0.41 (unnamed net_device) (uninitialized): Failed to send software reset:ffffffb9 [ 338.222347][ T9] CoreChips 1-1:0.41 (unnamed net_device) (uninitialized): Failed to reset PHY: -71 [ 338.223103][ T9] CoreChips 1-1:0.41: probe with driver CoreChips failed with error -71 [ 338.247224][ T9] usb 1-1: USB disconnect, device number 27 [ 359.143542][ T3464] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 359.160621][ T3464] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 360.312868][ T3464] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 360.760180][ T3464] usb 1-1: config 0 has no interfaces? [ 360.764416][ T3464] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 360.766032][ T3464] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 360.767389][ T3464] usb 1-1: SerialNumber: syz [ 360.774673][ T3464] usb 1-1: config 0 descriptor?? [ 361.527322][ T10] usb 1-1: USB disconnect, device number 28 [ 361.904494][ T4697] binder: 4696:4697 tried to acquire reference to desc 0, got 1 instead [ 361.914687][ T4697] binder: 4696:4697 got transaction with invalid fd, -1 [ 361.930399][ T4697] binder: 4697:4696 translate fd failed [ 361.935810][ T4697] binder: 4696:4697 transaction async to 4696:0 failed 10/29201/-9, code 0 size 88-24 line 3574 [ 361.959197][ T10] binder: undelivered TRANSACTION_ERROR: 29201 [ 366.503886][ T30] audit: type=1326 audit(366.330:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 366.504404][ T30] audit: type=1326 audit(366.330:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 366.512715][ T30] audit: type=1326 audit(366.340:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 366.514889][ T30] audit: type=1326 audit(366.340:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 366.516290][ T30] audit: type=1326 audit(366.340:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 366.517765][ T30] audit: type=1326 audit(366.340:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 366.520081][ T30] audit: type=1326 audit(366.340:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 366.524889][ T30] audit: type=1326 audit(366.350:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 366.530796][ T30] audit: type=1326 audit(366.360:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 366.532422][ T30] audit: type=1326 audit(366.360:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 369.590118][ T4720] netlink: 76 bytes leftover after parsing attributes in process `syz.0.457'. [ 371.579895][ T30] kauditd_printk_skb: 3324 callbacks suppressed [ 371.586432][ T30] audit: type=1326 audit(371.370:3402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 372.056185][ T30] audit: type=1326 audit(371.860:3403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 372.137458][ T30] audit: type=1326 audit(371.960:3404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 372.152212][ T30] audit: type=1326 audit(371.980:3405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 372.160598][ T30] audit: type=1326 audit(371.990:3406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 372.173341][ T30] audit: type=1326 audit(372.000:3407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 372.175709][ T30] audit: type=1326 audit(372.000:3408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 372.178561][ T30] audit: type=1326 audit(372.000:3409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 372.180968][ T30] audit: type=1326 audit(372.010:3410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 372.182300][ T30] audit: type=1326 audit(372.010:3411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 376.588684][ T30] kauditd_printk_skb: 3107 callbacks suppressed [ 376.591795][ T30] audit: type=1326 audit(376.410:6519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 376.592146][ T30] audit: type=1326 audit(376.410:6520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 376.594286][ T30] audit: type=1326 audit(376.410:6521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 376.595926][ T30] audit: type=1326 audit(376.410:6522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 376.596202][ T30] audit: type=1326 audit(376.410:6523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 376.596398][ T30] audit: type=1326 audit(376.410:6524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 376.596588][ T30] audit: type=1326 audit(376.410:6525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 376.596773][ T30] audit: type=1326 audit(376.410:6526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 376.611195][ T30] audit: type=1326 audit(376.410:6527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 376.611540][ T30] audit: type=1326 audit(376.430:6528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4711 comm="syz.1.454" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e35c3e8 code=0x7ff00000 [ 378.320044][ T4750] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 378.323298][ T4750] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 378.652721][ T4761] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 378.653488][ T4761] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 379.166674][ T4773] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 379.176231][ T4773] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 379.919216][ T9] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 380.078609][ T9] usb 1-1: Using ep0 maxpacket: 8 [ 380.101407][ T9] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 380.101830][ T9] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 380.101990][ T9] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 380.102171][ T9] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 380.102240][ T9] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 380.102329][ T9] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 380.102481][ T9] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 380.102593][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 380.134341][ T9] usbtmc 1-1:16.0: probe with driver usbtmc failed with error -22 [ 383.470862][ T4799] xt_CT: No such helper "pptp" [ 385.946479][ T4817] x_tables: ip_tables: RATEEST.0 target: invalid size 32 (kernel) != (user) 0 [ 386.076785][ T4821] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 386.083003][ T4821] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 388.772220][ T4828] syzkaller0: entered promiscuous mode [ 388.772487][ T4828] syzkaller0: entered allmulticast mode [ 389.350064][ T4834] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 389.353711][ T4834] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 394.608835][ T4293] usb 1-1: USB disconnect, device number 29 [ 395.041993][ T4293] usb 1-1: new high-speed USB device number 30 using dummy_hcd [ 395.203371][ T4293] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 395.203662][ T4293] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 395.205791][ T4293] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 395.206044][ T4293] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 395.206246][ T4293] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 395.237350][ T4293] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 395.237739][ T4293] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 395.238712][ T4293] usb 1-1: Product: syz [ 395.238780][ T4293] usb 1-1: Manufacturer: syz [ 395.275730][ T4293] cdc_wdm 1-1:1.0: skipping garbage [ 395.276169][ T4293] cdc_wdm 1-1:1.0: skipping garbage [ 395.287093][ T4293] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device [ 399.186180][ C1] cdc_wdm 1-1:1.0: nonzero urb status received: -EPIPE [ 399.195934][ T10] usb 1-1: USB disconnect, device number 30 [ 400.314946][ T4849] xt_CT: No such helper "pptp" [ 403.309228][ T3548] usb 1-1: new high-speed USB device number 31 using dummy_hcd [ 403.708741][ T3548] usb 1-1: Using ep0 maxpacket: 8 [ 403.717194][ T3548] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 403.719253][ T3548] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 403.719360][ T3548] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 403.719435][ T3548] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 403.719506][ T3548] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 403.719653][ T3548] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 403.719722][ T3548] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 403.955962][ T3548] usb 1-1: usb_control_msg returned -32 [ 403.956447][ T3548] usbtmc 1-1:16.0: can't read capabilities [ 404.216189][ T4861] xt_CT: No such helper "pptp" [ 407.480187][ T4873] usbtmc 1-1:16.0: stb usb_control_msg returned -32 [ 407.489465][ T784] usb 1-1: USB disconnect, device number 31 [ 407.709782][ T4875] xt_CT: No such helper "pptp" [ 407.956915][ T4884] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 407.957239][ T4884] IPv6: NLM_F_CREATE should be set when creating new route [ 407.957377][ T4884] IPv6: NLM_F_CREATE should be set when creating new route [ 408.348867][ T10] usb 1-1: new high-speed USB device number 32 using dummy_hcd [ 408.509248][ T10] usb 1-1: Using ep0 maxpacket: 8 [ 408.521577][ T10] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 408.522105][ T10] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 408.522310][ T10] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 408.522401][ T10] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 408.522472][ T10] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 408.522656][ T10] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 408.522859][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 408.751975][ T10] usb 1-1: usb_control_msg returned -32 [ 408.752315][ T10] usbtmc 1-1:16.0: can't read capabilities [ 410.357577][ T4900] xt_CT: No such helper "pptp" [ 412.269925][ T4902] usbtmc 1-1:16.0: stb usb_control_msg returned -32 [ 412.284230][ T10] usb 1-1: USB disconnect, device number 32 [ 412.534876][ T4904] syzkaller0: entered promiscuous mode [ 412.535087][ T4904] syzkaller0: entered allmulticast mode [ 412.957370][ T4920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 412.984909][ T4920] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 413.679399][ T4933] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 413.687374][ T4933] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 414.379944][ T4937] syz.1.537 (4937): drop_caches: 2 [ 414.921561][ T4945] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 414.924849][ T4945] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 417.649158][ T784] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 417.682779][ T4963] netlink: 8 bytes leftover after parsing attributes in process `syz.1.547'. [ 417.774956][ T4965] mmap: syz.1.548 (4965) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 417.808936][ T784] usb 1-1: Using ep0 maxpacket: 8 [ 417.817183][ T784] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 417.817695][ T784] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 417.817822][ T784] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 417.818002][ T784] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 417.818621][ T784] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 417.818784][ T784] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 417.818858][ T784] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 418.064899][ T784] usb 1-1: usb_control_msg returned -32 [ 418.065334][ T784] usbtmc 1-1:16.0: can't read capabilities [ 421.579408][ T4986] usbtmc 1-1:16.0: stb usb_control_msg returned -32 [ 421.584790][ T3466] usb 1-1: USB disconnect, device number 33 [ 422.606732][ T5003] netlink: 8 bytes leftover after parsing attributes in process `syz.0.564'. [ 424.829007][ T784] usb 1-1: new high-speed USB device number 34 using dummy_hcd [ 424.979139][ T784] usb 1-1: Using ep0 maxpacket: 16 [ 424.994520][ T784] usb 1-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0 [ 424.994775][ T784] usb 1-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0 [ 424.999625][ T784] usb 1-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 425.000055][ T784] usb 1-1: config 1 interface 0 has no altsetting 0 [ 425.017660][ T784] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 425.017982][ T784] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 425.021015][ T784] usb 1-1: Product: syz [ 425.021098][ T784] usb 1-1: Manufacturer: syz [ 425.021151][ T784] usb 1-1: SerialNumber: syz [ 425.251561][ T784] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 34 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8 [ 425.456889][ T784] usb 1-1: USB disconnect, device number 34 [ 425.466365][ T784] usblp0: removed [ 432.532133][ T5056] tmpfs: Bad value for 'huge' [ 436.385953][ T5077] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 436.386820][ T5077] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 443.899203][ T3548] usb 1-1: new high-speed USB device number 35 using dummy_hcd [ 444.048849][ T3548] usb 1-1: Using ep0 maxpacket: 8 [ 444.065957][ T3548] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 444.066364][ T3548] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 444.070044][ T3548] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 444.070263][ T3548] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 444.070354][ T3548] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 444.070540][ T3548] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 444.070613][ T3548] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 444.314365][ T3548] usb 1-1: GET_CAPABILITIES returned 0 [ 444.314660][ T3548] usbtmc 1-1:16.0: can't read capabilities [ 444.520441][ T3548] usb 1-1: USB disconnect, device number 35 [ 444.721539][ T5127] netlink: 84 bytes leftover after parsing attributes in process `syz.1.614'. [ 447.965678][ T5158] netlink: 32 bytes leftover after parsing attributes in process `syz.0.628'. [ 448.004723][ T5158] netlink: 32 bytes leftover after parsing attributes in process `syz.0.628'. [ 452.178123][ T5180] xt_CT: No such helper "pptp" [ 452.447698][ T5186] binder: 5185:5186 tried to acquire reference to desc 0, got 1 instead [ 452.477003][ T784] binder: release 5185:5186 transaction 15 out, still active [ 452.477522][ T784] binder: undelivered TRANSACTION_COMPLETE [ 452.531067][ T784] binder: send failed reply for transaction 15, target dead [ 456.991561][ T5220] syzkaller0: entered promiscuous mode [ 456.993515][ T5220] syzkaller0: entered allmulticast mode [ 458.032988][ T5232] xt_CT: No such helper "pptp" [ 461.225923][ T5249] xt_CT: No such helper "pptp" [ 462.473659][ T5260] xt_CT: No such helper "pptp" [ 466.080412][ T5274] xt_CT: No such helper "pptp" [ 468.987386][ T5284] loop2: detected capacity change from 0 to 7 [ 469.010676][ T5284] loop2: [ 469.993379][ T5294] xt_CT: No such helper "pptp" [ 471.042539][ T5299] capability: warning: `syz.1.676' uses 32-bit capabilities (legacy support in use) [ 472.010554][ T5307] xt_CT: No such helper "pptp" [ 475.489106][ T4293] usb 1-1: new high-speed USB device number 36 using dummy_hcd [ 475.678953][ T4293] usb 1-1: too many configurations: 164, using maximum allowed: 8 [ 475.695276][ T4293] usb 1-1: config 0 has no interfaces? [ 475.714697][ T4293] usb 1-1: config 0 has no interfaces? [ 475.734053][ T4293] usb 1-1: config 0 has no interfaces? [ 475.743691][ T4293] usb 1-1: config 0 has no interfaces? [ 475.766292][ T4293] usb 1-1: config 0 has no interfaces? [ 475.793747][ T4293] usb 1-1: config 0 has no interfaces? [ 475.805210][ T4293] usb 1-1: config 0 has no interfaces? [ 475.813316][ T4293] usb 1-1: config 0 has no interfaces? [ 475.813705][ T4293] usb 1-1: New USB device found, idVendor=7de0, idProduct=676e, bcdDevice=77.db [ 475.813823][ T4293] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 475.823908][ T4293] usb 1-1: config 0 descriptor?? [ 476.056828][ T784] usb 1-1: USB disconnect, device number 36 [ 476.814592][ T5326] xt_CT: No such helper "pptp" [ 482.614289][ T5365] xt_CT: No such helper "pptp" [ 484.497843][ T5374] binder: 5373:5374 tried to acquire reference to desc 0, got 1 instead [ 484.501830][ T5374] binder: 5373:5374 got transaction with invalid data ptr [ 484.504175][ T5374] binder: 5373:5374 transaction call to 5373:0 failed 20/29201/-14, code 0 size 0-24 line 3492 [ 484.508762][ T3548] binder: undelivered TRANSACTION_ERROR: 29201 [ 487.670397][ T5384] xt_CT: No such helper "pptp" [ 490.162942][ T5398] trusted_key: syz.1.710 sent an empty control message without MSG_MORE. [ 493.585563][ T5414] loop2: detected capacity change from 0 to 7 [ 493.901787][ T5416] xt_CT: No such helper "pptp" [ 495.182209][ T5429] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 495.185117][ T5429] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 496.139261][ T3466] usb 1-1: new high-speed USB device number 37 using dummy_hcd [ 496.311503][ T3466] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 496.311860][ T3466] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 496.312198][ T3466] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 496.312384][ T3466] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 496.312464][ T3466] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 496.322926][ T3466] usb 1-1: config 0 descriptor?? [ 496.764702][ T3466] hid-generic 0003:047F:FFFF.0004: hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 496.974959][ T39] usb 1-1: USB disconnect, device number 37 [ 499.182469][ T5463] xt_CT: No such helper "pptp" [ 503.196638][ T5489] xt_CT: No such helper "pptp" [ 504.975499][ T5496] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 506.845212][ T5504] xt_CT: No such helper "pptp" [ 508.048015][ T5509] input: syz1 as /devices/virtual/input/input2 [ 510.909218][ T5527] xt_CT: No such helper "pptp" [ 511.828939][ T5530] netlink: 132 bytes leftover after parsing attributes in process `syz.1.758'. [ 512.172636][ T5534] binder: 5533:5534 tried to acquire reference to desc 0, got 1 instead [ 512.174039][ T5534] binder_alloc: 5533: binder_alloc_buf, no vma [ 512.174170][ T5534] binder: cannot allocate buffer: vma cleared, target dead or dying [ 512.174489][ T5534] binder: 5533:5534 transaction async to 5533:0 failed 25/29189/-3, code 0 size 0-0 line 3389 [ 512.182757][ T10] binder: undelivered TRANSACTION_ERROR: 29189 [ 513.161008][ T5545] ip6gre1: entered promiscuous mode [ 513.161363][ T5545] ip6gre1: entered allmulticast mode [ 513.175013][ T2141] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 513.175822][ T2141] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 513.201655][ T39] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 513.430365][ T39] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 513.581951][ T5553] Illegal XDP return value 218589488 on prog (id 14) dev syz_tun, expect packet loss! [ 514.159578][ T39] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 515.600533][ T5566] xt_CT: No such helper "pptp" [ 517.038996][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 518.150355][ T2141] ================================================================== [ 518.154581][ T2141] BUG: KASAN: slab-use-after-free in defer_free+0x3c/0xbc [ 518.156762][ T2141] Write at addr f0f00000068c2fa0 by task kworker/u8:12/2141 [ 518.157249][ T2141] Pointer tag: [f0], memory tag: [fe] [ 518.157339][ T2141] [ 518.158337][ T2141] CPU: 1 UID: 0 PID: 2141 Comm: kworker/u8:12 Not tainted syzkaller #0 PREEMPT [ 518.158728][ T2141] Hardware name: linux,dummy-virt (DT) [ 518.159166][ T2141] Workqueue: events_unbound bpf_map_free_deferred [ 518.160397][ T2141] Call trace: [ 518.160703][ T2141] show_stack+0x18/0x24 (C) [ 518.161020][ T2141] dump_stack_lvl+0x78/0x90 [ 518.161137][ T2141] print_report+0x108/0x61c [ 518.161189][ T2141] kasan_report+0x88/0xac [ 518.161229][ T2141] __do_kernel_fault+0x170/0x1c8 [ 518.161276][ T2141] do_bad_area+0x68/0x78 [ 518.161320][ T2141] do_tag_check_fault+0x34/0x44 [ 518.161377][ T2141] do_mem_abort+0x44/0x94 [ 518.161425][ T2141] el1_abort+0x44/0x68 [ 518.161472][ T2141] el1h_64_sync_handler+0x50/0xac [ 518.161513][ T2141] el1h_64_sync+0x6c/0x70 [ 518.161671][ T2141] defer_free+0x3c/0xbc (P) [ 518.161727][ T2141] kfree_nolock+0x1a0/0x1d4 [ 518.161774][ T2141] range_tree_destroy+0x74/0x90 [ 518.161823][ T2141] arena_map_free+0x64/0x90 [ 518.161875][ T2141] bpf_map_free_deferred+0x70/0x180 [ 518.161965][ T2141] process_one_work+0x178/0x2cc [ 518.162016][ T2141] worker_thread+0x24c/0x354 [ 518.162057][ T2141] kthread+0x130/0x1fc [ 518.162099][ T2141] ret_from_fork+0x10/0x20 [ 518.162352][ T2141] [ 518.162417][ T2141] Allocated by task 5584: [ 518.162692][ T2141] kasan_save_stack+0x3c/0x64 [ 518.162992][ T2141] save_stack_info+0x40/0x158 [ 518.163031][ T2141] kasan_save_alloc_info+0x14/0x20 [ 518.163062][ T2141] __kasan_kmalloc+0xb4/0xb8 [ 518.163098][ T2141] kmalloc_nolock_noprof+0x1dc/0x4fc [ 518.163135][ T2141] range_tree_set+0x644/0x778 [ 518.163167][ T2141] arena_map_alloc+0x11c/0x17c [ 518.163199][ T2141] map_create+0x19c/0xa98 [ 518.163232][ T2141] __sys_bpf+0x348/0x1a88 [ 518.163264][ T2141] __arm64_sys_bpf+0x24/0x34 [ 518.163298][ T2141] invoke_syscall+0x48/0x110 [ 518.163340][ T2141] el0_svc_common.constprop.0+0x40/0xe0 [ 518.163377][ T2141] do_el0_svc+0x1c/0x28 [ 518.163414][ T2141] el0_svc+0x34/0x128 [ 518.163448][ T2141] el0t_64_sync_handler+0xa0/0xe4 [ 518.163482][ T2141] el0t_64_sync+0x1a4/0x1a8 [ 518.163556][ T2141] [ 518.163600][ T2141] Freed by task 2141: [ 518.163647][ T2141] kasan_save_stack+0x3c/0x64 [ 518.163682][ T2141] save_stack_info+0x40/0x158 [ 518.163712][ T2141] kasan_save_free_info+0x18/0x24 [ 518.163745][ T2141] __kasan_slab_free+0x7c/0x8c [ 518.163777][ T2141] kfree_nolock+0xcc/0x1d4 [ 518.163813][ T2141] range_tree_destroy+0x74/0x90 [ 518.163848][ T2141] arena_map_free+0x64/0x90 [ 518.163908][ T2141] bpf_map_free_deferred+0x70/0x180 [ 518.163951][ T2141] process_one_work+0x178/0x2cc [ 518.163984][ T2141] worker_thread+0x24c/0x354 [ 518.164020][ T2141] kthread+0x130/0x1fc [ 518.164110][ T2141] ret_from_fork+0x10/0x20 [ 518.164163][ T2141] [ 518.164204][ T2141] The buggy address belongs to the object at fff00000068c2f80 [ 518.164204][ T2141] which belongs to the cache kmalloc-64 of size 64 [ 518.164307][ T2141] The buggy address is located 32 bytes inside of [ 518.164307][ T2141] 64-byte region [fff00000068c2f80, fff00000068c2fc0) [ 518.164364][ T2141] [ 518.164573][ T2141] The buggy address belongs to the physical page: [ 518.165033][ T2141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xfbf00000068c2d00 pfn:0x468c2 [ 518.165524][ T2141] flags: 0x1ffc00000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x0) [ 518.166083][ T2141] page_type: f5(slab) [ 518.166823][ T2141] raw: 01ffc00000000000 f1f0000003001600 ffffc1ffc0251e80 0000000000000002 [ 518.166912][ T2141] raw: fbf00000068c2d00 000000008040003e 00000000f5000000 0000000000000000 [ 518.167082][ T2141] page dumped because: kasan: bad access detected [ 518.167130][ T2141] [ 518.167169][ T2141] Memory state around the buggy address: [ 518.167457][ T2141] fff00000068c2d00: fe fe fe fe fc fc fc fc f6 f6 f6 f6 f6 f6 f6 f6 [ 518.167555][ T2141] fff00000068c2e00: f4 f4 f4 f4 f0 f0 f0 f0 fe fe fe fe fd fd fd fd [ 518.167613][ T2141] >fff00000068c2f00: f0 f0 f0 fe fe fe fe fe fe fe fe fe f7 f7 f7 fe [ 518.167673][ T2141] ^ [ 518.167786][ T2141] fff00000068c3000: fd fd fd fd fd fd fd fd fd f5 f5 f5 f5 f5 f5 f5 [ 518.167817][ T2141] fff00000068c3100: f5 f5 fd fd fd fd fd fd fd fd fd f9 f9 f9 f9 f9 [ 518.167894][ T2141] ================================================================== [ 518.169169][ T2141] Disabling lock debugging due to kernel taint SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 519.032385][ T1176] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 519.135959][ T1176] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 519.213064][ T1176] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 519.293175][ T1176] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 519.883080][ T1176] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 519.922976][ T1176] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 519.984418][ T1176] bond0 (unregistering): Released all slaves [ 520.122411][ T1176] hsr_slave_0: left promiscuous mode [ 520.126639][ T1176] hsr_slave_1: left promiscuous mode [ 520.140714][ T1176] veth1_macvtap: left promiscuous mode [ 520.141135][ T1176] veth0_macvtap: left promiscuous mode [ 520.141420][ T1176] veth1_vlan: left promiscuous mode VM DIAGNOSIS: 21:48:30 Registers: info registers vcpu 0 CPU#0 PC=ffff800081b86404 X00=ffff800081b86400 X01=f1f000000323b180 X02=0000000000000000 X03=0000000000000065 X04=000000000000b8c7 X05=0000000000498880 X06=00000000000ef94e X07=fcf00000084d9e00 X08=fcf00000084d9e80 X09=0000000000000000 X10=0000000000000249 X11=0000000000000000 X12=0000000000000003 X13=0000000000000000 X14=0000000000000249 X15=ffff800081bd4430 X16=ffff800082de8000 X17=fff07ffffcef4000 X18=00000000ffffffff X19=0000000000000000 X20=ffff800082b11888 X21=ffff800082b11880 X22=0000000000100009 X23=0000000000000004 X24=ffff800082b11888 X25=0000000000000028 X26=0000000000000000 X27=ffff8000829dfa80 X28=ffff800082a04000 X29=ffff800082deb450 X30=ffff800080188b38 SP=ffff800082deb450 PSTATE=804020c9 N--- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000000000000000 P01=0000000000000000 P02=0000000000000000 P03=0000000000000000 P04=0000000000000000 P05=0000000000000000 P06=0000000000000000 P07=0000000000000000 P08=0000000000000000 P09=0000000000000000 P10=0000000000000000 P11=0000000000000000 P12=0000000000000000 P13=0000000000000000 P14=0000000000000000 P15=0000000000000000 FFR=0000000000000000 Z00=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z01=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z02=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z03=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z04=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:00524f5252450040:0000000000000000 Z05=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:00524f5252450040:0000000000000000 Z06=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:6edc4d3a2914b135:d8e9c869e2695c88 Z07=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:b20fae707afde253:388e9c6c4fa85ca0 Z08=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z16=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffe5932b40:0000ffffe5932b40 Z17=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffff80ffffffd0:0000ffffe5932b10 Z18=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 info registers vcpu 1 CPU#1 PC=ffff8000817a92bc X00=f0f00000087491c0 X01=f0f0000008749180 X02=0000000000000000 X03=fffffff0a3da8872 X04=fffffff0a3da8872 X05=00000000003b9aca X06=fffffffffffc6c79 X07=0000000000000000 X08=00051eb851eb851e X09=0000000000000000 X10=0000000000000000 X11=0000000000000001 X12=00000000000f4240 X13=00ffffffffffffff X14=0000000000000000 X15=ffff800081bd4430 X16=ffff800082df0000 X17=fff07ffffcf0d000 X18=0000000000000000 X19=f0f00000087491f8 X20=f0f00000087490d4 X21=f0f0000008749180 X22=f0f0000008749000 X23=0000000000000000 X24=ffff800082ee3cf8 X25=fff000007f8e7a28 X26=fff000007f8e7a68 X27=ffff8000829f8a00 X28=ffff800082ee3cf8 X29=ffff800082ee3c20 X30=ffff8000817a97f0 SP=ffff800082ee3c20 PSTATE=a0402009 N-C- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000000000000000 P01=0000000000000000 P02=0000000000000000 P03=0000000000000000 P04=0000000000000000 P05=0000000000000000 P06=0000000000000000 P07=0000000000000000 P08=0000000000000000 P09=0000000000000000 P10=0000000000000000 P11=0000000000000000 P12=0000000000000000 P13=0000000000000000 P14=0000000000000000 P15=0000000000000000 FFR=0000000000000000 Z00=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000001 Z01=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0103ffffffff0404:800402ac10000601 Z02=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:e804c4000403d080:02041880020804bc Z03=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:06016f9828049c00:0200040a04b00301 Z04=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:04b4000a00040a04:e403f13300397e6a Z05=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:c4000403d0800204:1880020804bc0008 Z06=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0302080009800300:04000408000f8004 Z07=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:09900307e8800400:098c032004000988 Z08=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:000001f40000000a Z09=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z16=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffe29a6b80:0000ffffe29a6b80 Z17=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffff80ffffffd0:0000ffffe29a6b50 Z18=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000